Timeline



Oct 4, 2016:

11:16 PM Changeset in webkit [206804] by sbarati@apple.com
  • 27 edits
    2 adds in trunk

String.prototype.toLowerCase should be a DFG/FTL intrinsic
https://bugs.webkit.org/show_bug.cgi?id=162887

Reviewed by Filip Pizlo and Yusuke Suzuki.

JSTests:

  • microbenchmarks/to-lower-case.js: Added.

(assert):
(foo):
(bar):

  • stress/to-lower-case.js: Added.

(assert):
(foo):

Source/JavaScriptCore:

This patch makes ToLowerCase an intrinsic in the DFG/FTL. On the fast
path, the intrinsic will loop over an 8-bit string ensuring it's already
lower case, and simply return the string. In the slow path, it'll call
into C code to make a new string.

This is a 7-8% speedup on ES6SampleBench/Basic.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsicCall):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileToLowerCase):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileToLowerCase):

  • jit/JITOperations.h:
  • runtime/Intrinsic.h:
  • runtime/StringPrototype.cpp:

(JSC::StringPrototype::finishCreation):

Source/WTF:

This patch exposes a new StringImpl function called convertToLowercaseWithoutLocaleStartingAtFailingIndex8Bit
which extracts slow path for the 8-bit part of convertToLowercaseWithoutLocale
into a helper function. I decided to extract this into its own function because
it may be the case that JSCs JITs will want to continue the operation
after it has already ensured that part of an 8-bit string is lower case.

  • wtf/text/StringImpl.cpp:

(WTF::StringImpl::convertToLowercaseWithoutLocale):
(WTF::StringImpl::convertToLowercaseWithoutLocaleStartingAtFailingIndex8Bit):

  • wtf/text/StringImpl.h:
  • wtf/text/WTFString.cpp:

(WTF::String::convertToLowercaseWithoutLocaleStartingAtFailingIndex8Bit):

  • wtf/text/WTFString.h:
8:13 PM Changeset in webkit [206803] by Chris Dumez
  • 29 edits
    2 copies
    3 adds in trunk

Implement KeyboardEvent.code from the UI Event spec
https://bugs.webkit.org/show_bug.cgi?id=149584

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/dom/events/Event-subclasses-constructors-expected.txt:

Source/WebCore:

Add support for Keyboard.code attribute:

The feature is only enabled on Mac for now as the implementation is
platform-specific and Mac only.

Test: fast/events/keyboardevent-code.html

  • dom/KeyboardEvent.cpp:

(WebCore::KeyboardEvent::KeyboardEvent):

  • dom/KeyboardEvent.h:
  • dom/KeyboardEvent.idl:
  • platform/PlatformKeyboardEvent.h:

(WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
(WebCore::PlatformKeyboardEvent::code):
(WebCore::PlatformKeyboardEvent::unmodifiedText): Deleted.

  • platform/mac/PlatformEventFactoryMac.h:
  • platform/mac/PlatformEventFactoryMac.mm:

(WebCore::codeForKeyEvent):
(WebCore::keyIdentifierForKeyEvent):

  • replay/SerializationMethods.cpp:

(JSC::EncodingTraits<PlatformKeyboardEvent>::encodeValue):
(JSC::EncodingTraits<PlatformKeyboardEvent>::decodeValue):

Source/WebKit2:

Add support for Keyboard.code attribute:

  • Shared/WebEvent.h:

(WebKit::WebKeyboardEvent::code):

  • Shared/WebEventConversion.cpp:

(WebKit::WebKit2PlatformKeyboardEvent::WebKit2PlatformKeyboardEvent):

  • Shared/WebKeyboardEvent.cpp:

(WebKit::WebKeyboardEvent::WebKeyboardEvent):
(WebKit::WebKeyboardEvent::encode):
(WebKit::WebKeyboardEvent::decode):

  • Shared/mac/WebEventFactory.mm:

(WebKit::WebEventFactory::createWebKeyboardEvent):

Source/WTF:

Add build time flag to toggle support for the code attribute on
KeyboardEvent and only enable it on Mac for now, given that the
implementation is missing on other platforms.

  • wtf/FeatureDefines.h:

LayoutTests:

Extend layout test coverage.

  • fast/events/arrow-keys-on-body-expected.txt:
  • fast/events/arrow-keys-on-body.html:
  • fast/events/constructors/keyboard-event-constructor-expected.txt:
  • fast/events/constructors/keyboard-event-constructor.html:
  • fast/events/key-events-in-input-button-expected.txt:
  • fast/events/key-events-in-input-button.html:
  • fast/events/key-events-in-input-text-expected.txt:
  • fast/events/key-events-in-input-text.html:
  • fast/events/keyboardevent-code-expected.txt: Added.
  • fast/events/keyboardevent-code.html: Added.
  • fast/events/special-key-events-in-input-text-expected.txt:
  • fast/events/special-key-events-in-input-text.html:
6:52 PM Changeset in webkit [206802] by commit-queue@webkit.org
  • 17 edits in trunk/Source

The dragged image should be the current frame only of the animated image
https://bugs.webkit.org/show_bug.cgi?id=162109

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-10-04
Reviewed by Tim Horton.

Source/WebCore:

Instead of creating an NSImage with all the frames for the dragImage,
create an NSImage with the current frame only.

  • dom/DataTransferMac.mm:

(WebCore::DataTransfer::createDragImage): Call snapshotNSImage() to create the dragImage.

  • editing/cocoa/HTMLConverter.mm:

(fileWrapperForElement): Call the Image function with its new name.

  • platform/graphics/BitmapImage.h:
  • platform/graphics/Image.h:

(WebCore::Image::nsImage): Rename getNSImage() to nsImage().
(WebCore::Image::snapshotNSImage): Returns the NSImage of the current frame.
(WebCore::Image::tiffRepresentation): Rename getTIFFRepresentation() to tiffRepresentation().
(WebCore::Image::getNSImage): Deleted.
(WebCore::Image::getTIFFRepresentation): Deleted.

  • platform/graphics/mac/ImageMac.mm:

(WebCore::BitmapImage::tiffRepresentation): Rename getTIFFRepresentation() to tiffRepresentation().
(WebCore::BitmapImage::nsImage): Rename getNSImage() to nsImage().
(WebCore::BitmapImage::snapshotNSImage): Returns the NSImage of the current frame.
(WebCore::BitmapImage::getTIFFRepresentation): Deleted.
(WebCore::BitmapImage::getNSImage): Deleted.

  • platform/mac/CursorMac.mm:

(WebCore::createCustomCursor): Call snapshotNSImage() since the cursor does not animate anyway.

  • platform/mac/DragImageMac.mm:

(WebCore::createDragImageFromImage): Use snapshotNSImage() for the dragImage.

  • platform/mac/PasteboardMac.mm:

(WebCore::Pasteboard::write): Call the Image function with its new name.

Source/WebKit/mac:

  • DOM/DOM.mm:

(-[DOMElement image]): Call the Image function with its new name.
(-[DOMElement _imageTIFFRepresentation]): Ditto.

  • Misc/WebElementDictionary.mm:

(-[WebElementDictionary _image]): Call the Image function with its new name.

  • Misc/WebIconDatabase.mm:

(-[WebIconDatabase defaultIconWithSize:]): Call snapshotNSImage() to create the icon image.
(webGetNSImage): Call the Image function with its new name.

  • WebCoreSupport/WebContextMenuClient.mm:

(WebContextMenuClient::imageForCurrentSharingServicePickerItem): Call snapshotNSImage() instead of nsImage()..
(WebContextMenuClient::contextMenuForEvent): Ditto.

  • WebView/WebHTMLView.mm:

(-[WebHTMLView pasteboard:provideDataForType:]): Call the Image function with its new name.

Source/WebKit2:

  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::provideDataForPasteboard): Call the Image function with its new name.

6:02 PM Changeset in webkit [206801] by aestes@apple.com
  • 4 edits in trunk

[iOS] Crash in WebResourceLoaderQuickLookDelegate when the client cancels the navigation to a QuickLook resource
https://bugs.webkit.org/show_bug.cgi?id=162950
<rdar://problem/23759114>

Reviewed by Brady Eidson.

Source/WebCore:

When we receive data from QLPreviewConverter for the first time, we call
ResourceLoader::didReceiveResponse() with the preview NSURLResponse from QuickLook. If the
client decides to cancel this navigation in decidePolicyForResponse(),
WebResourceLoaderQuickLookDelegate will end up with a null _resourceLoader after
didReceiveResponse() returns. This change adds null checks in the methods that use
_resourceLoader after calling -_sendDidReceiveResponseIfNecessary.

New API test: QuickLook.CancelNavigationAfterResponse

  • platform/network/ios/QuickLook.mm:

(-[WebResourceLoaderQuickLookDelegate connection:didReceiveDataArray:]): Changed to only
call ResourceLoader::didReceiveDataArray() if _resourceLoader is non-null.
(-[WebResourceLoaderQuickLookDelegate connection:didReceiveData:lengthReceived:]): Ditto for
ResourceLoader::didReceiveData().
(-[WebResourceLoaderQuickLookDelegate connection:didFailWithError:]): Ditto for
ResourceLoader::didFail().

Tools:

Added a new API test.

  • TestWebKitAPI/Tests/WebKit2Cocoa/QuickLook.mm: Sorted imports and removed redundant

initialization of static bools.
(runTest): Factored out the common test logic between QuickLook.NavigationDelegate and
QuickLook.CancelNavigationAfterResponse.
(TEST): Added QuickLook.CancelNavigationAfterResponse.
(-[QuickLookDecidePolicyDelegate
webView:decidePolicyForNavigationResponse:decisionHandler:]): Canceled the navigation.
(-[QuickLookDecidePolicyDelegate webView:didFailProvisionalNavigation:withError:]): Set
isDone to true.

5:42 PM Changeset in webkit [206800] by rniwa@webkit.org
  • 2 edits
    2 adds in trunk/Tools

Add the support for running ES6SampleBench to run-benchmark
https://bugs.webkit.org/show_bug.cgi?id=162890

Reviewed by Saam Barati.

Added the support for running ES6SampleBench as "es6bench".
e.g. ./Tools/Scripts/run-benchmark --platform osx --plan es6bench --browser safari

Instead of the default 10 iterations, run the test 4 iterations using 5 instances of browser
for the total of 20 iterations.

  • Scripts/webkitpy/benchmark_runner/data/patches/ES6SampleBench.patch: Added.
  • Scripts/webkitpy/benchmark_runner/data/plans/es6bench.plan: Added.
  • Scripts/webkitpy/benchmark_runner/run_benchmark.py:

(start): Fixed the bug that the linter will complain about the presence of "debugOutput" by
removing it if it's present.

5:40 PM Changeset in webkit [206799] by rniwa@webkit.org
  • 2 edits in trunk/Source/WebKit2

Revert a change erroneously committed in r206795.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

5:23 PM Changeset in webkit [206798] by Simon Fraser
  • 10 edits
    2 adds in trunk

[iOS WK2] Make it possible for a test to describe a user gesture as a stream of events in JSON format
https://bugs.webkit.org/show_bug.cgi?id=162934

Reviewed by Dean Jackson.

Tools:

With this change, a test can describe a user gesture in an "event stream", which is
some JSON describing an array of events with their underlying touches. The added
test describes a single tap.

The implementation fires up an NSThread, and sleeps the thread between events to dispatch
them at close to real time.

In future, HIDEventGenerator could use this internally for all of the "compound" interactions.

  • DumpRenderTree/ios/UIScriptControllerIOS.mm:

(WTR::UIScriptController::sendEventStream):

  • TestRunnerShared/UIScriptContext/Bindings/UIScriptController.idl:
  • TestRunnerShared/UIScriptContext/UIScriptController.cpp:

(WTR::UIScriptController::sendEventStream):

  • TestRunnerShared/UIScriptContext/UIScriptController.h:
  • WebKitTestRunner/ios/HIDEventGenerator.h:
  • WebKitTestRunner/ios/HIDEventGenerator.mm:

(transducerTypeFromString):
(phaseFromString):
(-[HIDEventGenerator eventMaskFromEventInfo:]):
(-[HIDEventGenerator touchFromEventInfo:]):
(-[HIDEventGenerator _createIOHIDEventWithInfo:]):
(-[HIDEventGenerator dispatchEventWithInfo:]):
(-[HIDEventGenerator eventDispatchThreadEntry:]):
(-[HIDEventGenerator sendEventStream:completionBlock:]):

  • WebKitTestRunner/ios/UIScriptControllerIOS.mm:

(WTR::UIScriptController::sendEventStream):

LayoutTests:

  • fast/events/ios/event-stream-single-tap-expected.txt: Added.
  • fast/events/ios/event-stream-single-tap.html: Added.
5:15 PM Changeset in webkit [206797] by Brian Burg
  • 2 edits in trunk/Source/JavaScriptCore

Web Inspector: don't synchronously send a listing message if we might need to query _WKAutomationDelegate
https://bugs.webkit.org/show_bug.cgi?id=162810
<rdar://problem/28571460>

Reviewed by Timothy Hatcher.

We shouldn't ever access the _WKAutomationDelegate through RemoteInspector::Client methods
off of the main thread, because it could cause problems. This happens when we pushListingsNow()
in response to a WIRApplicationGetListingMessage XPC message. In this case, just use
pushListingsSoon() since it dispatches on the correct (main) queue to gather listing information.

This may induce a slight update delay when first connecting to the UIProcess through RemoteInspector,
but this is at most 200ms and will coalesce with other updates that happen when UIProcess gets set up.

There are no other code paths through RemoteInspector (for UIProcess) that could cause a call
to pushListingsNow(), so this only needs to be changed in the XPC message handler.

  • inspector/remote/RemoteInspector.mm:

(Inspector::RemoteInspector::receivedGetListingMessage):

5:02 PM Changeset in webkit [206796] by Chris Dumez
  • 9 edits in trunk

Add support for KeyboardEvent.isComposing attribute
https://bugs.webkit.org/show_bug.cgi?id=162921

Reviewed by Darin Adler.

Source/WebCore:

Add support for KeyboardEvent.isComposing attribute:

Manual test: https://jsfiddle.net/ay92sr08/9/

No new tests, extended existing tests.

  • dom/KeyboardEvent.cpp:

(WebCore::KeyboardEvent::KeyboardEvent):

  • dom/KeyboardEvent.h:
  • dom/KeyboardEvent.idl:

LayoutTests:

Extend layout test coverage to test KeyboardEvent.isComposing.

  • editing/mac/input/kotoeri-enter-to-confirm-and-newline-expected.txt:
  • editing/mac/input/kotoeri-enter-to-confirm-and-newline.html:
  • fast/events/constructors/keyboard-event-constructor-expected.txt:
  • fast/events/constructors/keyboard-event-constructor.html:
4:42 PM Changeset in webkit [206795] by rniwa@webkit.org
  • 13 edits
    3 adds in trunk

ShadowRoot interface should have elementFromPoint
https://bugs.webkit.org/show_bug.cgi?id=162882

Reviewed by Chris Dumez.

Source/WebCore:

Add elementFromPoint to ShadowRoot's prototype as specified at:
https://www.w3.org/TR/shadow-dom/#extensions-to-the-documentorshadowroot-mixin
with changes proposed at https://github.com/w3c/csswg-drafts/issues/556

Added TreeScope::retargetToScope which implements

This patch also factors DocumentOrShadowRoot.idl out of Document and ShadowRoot interfaces to better match
the latest DOM specification: https://dom.spec.whatwg.org/#mixin-documentorshadowroot

Test: fast/shadow-dom/Document-prototype-elementFromPoint.html

  • CMakeLists.txt:
  • DerivedSources.make:
  • WebCore.xcodeproj/project.pbxproj:
  • dom/Document.cpp:

(WebCore::Document::nodeFromPoint): Moved to TreeScope.
(WebCore::Document::elementFromPoint): Moved to TreeScope.

  • dom/Document.h:
  • dom/Document.idl: Moved elementFromPoint and activeElement to DocumentOrShadowRoot.idl.
  • dom/DocumentOrShadowRoot.idl: Added.
  • dom/EventPath.cpp:

(WebCore::RelatedNodeRetargeter::checkConsistency): Use newly added TreeScope::retargetToScope.

  • dom/ShadowRoot.idl: Moved activeElement to DocumentOrShadowRoot.idl.
  • dom/TreeScope.cpp:

(WebCore::TreeScope::retargetToScope): Added. Implements https://dom.spec.whatwg.org/#retarget efficiently.
Instead of checking whether A (node) is a shadow-including inclusive ancestor of B (this scope) at each
parent, find the lowest ancestor which contains both A and B, and return the self-inclusive ancestor of B
in that tree. To find the lowest common ancestor in O(n), traverse all ancestors of A and B separately and
do a top-down traversal. The last tree scope in which A's ancestor and B's ancestor match is the lowest
common ancestor.
(WebCore::TreeScope::nodeFromPoint): Moved from Document.
(WebCore::TreeScope::elementFromPoint): Moved from Document. Use retargetToScope and parentInComposedTree
instead of parentNode and ancestorInThisScope to match the semantics proposed in
https://github.com/w3c/csswg-drafts/issues/556

  • dom/TreeScope.h:

LayoutTests:

Add a W3C style testharness.js test for elementFromPoint on ShadowRoot.

  • fast/shadow-dom/DocumentOrShadowRoot-prototype-elementFromPoint-expected.txt: Added.
  • fast/shadow-dom/DocumentOrShadowRoot-prototype-elementFromPoint.html: Added.
4:25 PM Changeset in webkit [206794] by jfbastien@apple.com
  • 7 edits in trunk

WebAssembly: handle a few corner cases
https://bugs.webkit.org/show_bug.cgi?id=162884

Reviewed by Keith Miller.

JSTests:

  • stress/wasm/generate-wasmops-header.js:

(const.opcodeIterator): max opcode value

Source/JavaScriptCore:

  • wasm/JSWASMModule.cpp: missing include broke cmake build
  • wasm/WASMFunctionParser.h:

(JSC::WASM::FunctionParser<Context>::parseBlock): check op is valid
(JSC::WASM::FunctionParser<Context>::parseExpression): switch covers all cases

  • wasm/WASMOps.h:

(JSC::WASM::isValidOpType): op is valid

  • wasm/WASMParser.h:

(JSC::WASM::Parser::consumeString): avoid str[i] being one-past-the-end
(JSC::WASM::Parser::parseUInt32): shift math around to avoid overflow

4:20 PM Changeset in webkit [206793] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

Add Megan to contributor's list
https://bugs.webkit.org/show_bug.cgi?id=162944

Patch by Megan Gardner <Megan Gardner> on 2016-10-04
Reviewed by Tim Horton.

Add Megan to the contributor's lists so that her e-mail autocompletes for CC

  • Scripts/webkitpy/common/config/contributors.json:
4:13 PM Changeset in webkit [206792] by achristensen@apple.com
  • 2 edits in trunk/Tools

Add tests verifying non-special URL hosts are parsed according to spec
https://bugs.webkit.org/show_bug.cgi?id=162885

Reviewed by Sam Weinig.

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

4:10 PM Changeset in webkit [206791] by mmaxfield@apple.com
  • 3 edits
    2 adds in trunk

font-family: cursive should map to KaiTi in Chinese
https://bugs.webkit.org/show_bug.cgi?id=162889
<rdar://problem/28363547>

Reviewed by Tim Horton.

Source/WebCore:

According to Bobby Tung, this is a better mapping. Previously, we were
relying on the system fallback mechanism. However, an explicit mapping
is more robust.

Test: fast/text/cursive-zh.html

  • page/cocoa/SettingsCocoa.mm:

(WebCore::Settings::initializeDefaultFontFamilies):

LayoutTests:

  • fast/text/cursive-zh-expected.html: Added.
  • fast/text/cursive-zh.html: Added.
3:51 PM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
Remove gardening calendar through October; we'll be experimenting with … (diff)
3:51 PM Changeset in webkit [206790] by Yusuke Suzuki
  • 4 edits in trunk/Source/JavaScriptCore

REGRESSION (r206778): Release JSC test ChakraCore.yaml/ChakraCore/test/Error/validate_line_column.js.default failing
https://bugs.webkit.org/show_bug.cgi?id=162937

Reviewed by Saam Barati.

We dropped expression info accidentally at r206777.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitCallDefineProperty):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::PropertyListNode::emitPutConstantProperty):
(JSC::ClassExprNode::emitBytecode):

3:41 PM Changeset in webkit [206789] by andersca@apple.com
  • 7 edits in trunk

Properly kill web processes in the launching state
https://bugs.webkit.org/show_bug.cgi?id=162938

Reviewed by Tim Horton.

Source/WebKit2:

  • UIProcess/Launcher/ProcessLauncher.h:

Add m_xpcConnection member.

  • UIProcess/Launcher/mac/ProcessLauncherMac.mm:

(WebKit::ProcessLauncher::launchProcess):
Store the XPC connection in the m_xpcConnection member variable.
In the reply handler, handle m_xpcConnection being null.

(WebKit::ProcessLauncher::platformInvalidate):
Cancel and kill the connection.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::terminateProcess):
Get rid of an assertion.

  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::requestTermination):
Handle the launching state.

Tools:

  • TestWebKitAPI/Tests/WebKit2/TerminateTwice.cpp:

Enable this test again.

3:26 PM Changeset in webkit [206788] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking http/tests/cache/disk-cache/disk-cache-media.html as flaky on mac-wk2.
https://bugs.webkit.org/show_bug.cgi?id=162946

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
3:26 PM Changeset in webkit [206787] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking http/tests/cache/disk-cache/disk-cache-request-max-stale.html as flaky on mac-wk2.
https://bugs.webkit.org/show_bug.cgi?id=162945

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
3:11 PM Changeset in webkit [206786] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking http/tests/cache/disk-cache/resource-becomes-uncacheable.html as flaky on mac-wk2.
https://bugs.webkit.org/show_bug.cgi?id=161649

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
2:52 PM Changeset in webkit [206785] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking transitions/background-position-transitions.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=162881

Unreviewed test gardening.

2:22 PM Changeset in webkit [206784] by achristensen@apple.com
  • 4 edits in trunk

URLParser: query-only URLs relative to file URLs should just add a query
https://bugs.webkit.org/show_bug.cgi?id=162888

Reviewed by Tim Horton.

Source/WebCore:

Covered by new API tests.

  • platform/URLParser.cpp:

(WebCore::URLParser::parse):
Like bug 206749 but with queries instead of fragments.

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

2:20 PM Changeset in webkit [206783] by achristensen@apple.com
  • 4 edits in trunk

URLParser should match URL::parse and other browsers when parsing a URL containing only scheme://
https://bugs.webkit.org/show_bug.cgi?id=162909

Reviewed by Tim Horton.

Source/WebCore:

If there's no host in this case we shouldn't fail, but rather make a valid URL with the in the path.
This matches Chrome, Firefox, and Safari's behavior.
Covered by API tests.

  • platform/URLParser.cpp:

(WebCore::URLParser::parse):

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

2:13 PM Changeset in webkit [206782] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebKit2

Fix the build.

  • Shared/WebBackForwardListItem.cpp:

(WebKit::WebBackForwardListItem::WebBackForwardListItem):
(WebKit::WebBackForwardListItem::highestUsedItemID):

2:08 PM Changeset in webkit [206781] by timothy_horton@apple.com
  • 4 edits in trunk/Source/WebKit2

Fix a typo in WebBackForwardListItem (highed->highest)
https://bugs.webkit.org/show_bug.cgi?id=162935

Reviewed by Anders Carlsson.

  • Shared/WebBackForwardListItem.cpp:

(WebKit::WebBackForwardListItem::highestUsedItemID):
(WebKit::WebBackForwardListItem::highedUsedItemID): Deleted.

  • Shared/WebBackForwardListItem.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::creationParameters):

12:37 PM Changeset in webkit [206780] by Brent Fulgham
  • 2 edits in trunk/Source/WebCore

Unreviewed build fix after r206773.

Exclude Direct2D definitions when building for normal CG Windows.

  • platform/graphics/GraphicsContext.h:
12:34 PM Changeset in webkit [206779] by Yusuke Suzuki
  • 23 edits
    5 adds in trunk

[DOMJIT] Introduce DOMJIT::GetterSetter to tell JIT information
https://bugs.webkit.org/show_bug.cgi?id=162916

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

In this patch, we introduce DOMJIT::GetterSetter.
This class maintains information required to emit JIT code in DFG and FTL.
DOMJIT::GetterSetter has 2 virtual functions: checkDOM and callDOM.
These functions can return a DOMJIT::Patchpoint that allows us to inject
appropriate machine code during DFG and FTL phases. DFG and FTL will invoke
these functions to get a patchpoint. And this patchpoint will be used to
emit code corresponding to CheckDOM and CallDOM DFG nodes, which will be added
in subsqeunt patch.

We propagate DOMJIT::GetterSetter through PropertySlot, AccessCase, GetByIdVariant,
and GetByIdStatus along with CustomGetter to teach DFG that this custom access
code has a chance to be inlined with this DOMJIT::GetterSetter information.
Instead of propagating CustomGetterSetter holding DOMJIT::GetterSetter and CustomGetter,
we propagate CustomGetter and DOMJIT::GetterSetter. This is because of the current
CustomGetterSetter design that we reify CustomGetterSetters only when we need to reify
all the properties. This design allows us to avoid frequent CustomGetterSetter allocations
and structure transitions.

Currently, domJIT field is always nullptr since there is no DOMJITAttribute user.
When we add this, we will add code handling this DOMJIT::GetterSetter in DFG::ByteCodeParser.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback):

  • bytecode/GetByIdVariant.cpp:

(JSC::GetByIdVariant::GetByIdVariant):
(JSC::GetByIdVariant::operator=):
(JSC::GetByIdVariant::attemptToMerge):
(JSC::GetByIdVariant::dumpInContext):

  • bytecode/GetByIdVariant.h:

(JSC::GetByIdVariant::domJIT):
(JSC::GetByIdVariant::intrinsic): Deleted.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::get):
(JSC::AccessCase::clone):

  • bytecode/PolymorphicAccess.h:

(JSC::AccessCase::domJIT):
(JSC::AccessCase::RareData::RareData):

  • dfg/DFGNode.h:
  • domjit/DOMJITGetterSetter.h: Added.

(JSC::DOMJIT::GetterSetter::GetterSetter):
(JSC::DOMJIT::GetterSetter::~GetterSetter):
(JSC::DOMJIT::GetterSetter::getter):
(JSC::DOMJIT::GetterSetter::setter):
(JSC::DOMJIT::GetterSetter::thisClassInfo):

  • domjit/DOMJITPatchpoint.h: Added.

(JSC::DOMJIT::Patchpoint::create):
(JSC::DOMJIT::Patchpoint::setGenerator):
(JSC::DOMJIT::Patchpoint::generator):

  • jit/Repatch.cpp:

(JSC::tryCacheGetByID):

  • runtime/CustomGetterSetter.h:
  • runtime/JSObject.h:

(JSC::JSObject::fillCustomGetterPropertySlot):

  • runtime/Lookup.h:

(JSC::HashTableValue::domJIT):
(JSC::getStaticPropertySlotFromTable):
(JSC::putEntry):
(JSC::reifyStaticProperty):

  • runtime/PropertySlot.h:

(JSC::PropertySlot::domJIT):
(JSC::PropertySlot::setCacheableCustom):

Source/WebCore:

  • ForwardingHeaders/domjit/DOMJITGetterSetter.h: Added.
  • PlatformEfl.cmake:
  • PlatformGTK.cmake:
  • PlatformMac.cmake:
  • PlatformWin.cmake:

Source/WebKit2:

  • CMakeLists.txt:

Tools:

  • DumpRenderTree/CMakeLists.txt:
12:31 PM Changeset in webkit [206778] by Yusuke Suzuki
  • 40 edits
    1 add in trunk/Source/JavaScriptCore

[JSC] Add a new byte code op_define_property instead of calling defineProperty
https://bugs.webkit.org/show_bug.cgi?id=162108

Reviewed by Saam Barati.

To construct ES6 class, we emitted bytecode that performs the following operations.

  1. construct a new object
  2. put "configurable", "enumerable" etc. fields
  3. call "defineProperty" function

However, this approach has problems. Every time we define a class method, we need to create
a new object to represent property descriptor. This can be removed if we can introduce
a special bytecode or special function.

This patch introduces new bytecodes, op_define_data_property and op_define_accessor_property.
Instead of taking an object, they takes several registers to avoid object allocations.
We're planning to use this bytecode to implement Object.defineProperty in builtin JS next.
This allows us to leverage object allocation sinking. And it also gives us a chance to use
faster ::get and ::hasProperty in JS.

Originally, I attempted to create one bytecode, op_define_property. However, it takes too many
children in DFG and uses so many registers in DFG. This leads tricky program in 32bit platforms.
Furthermore, it does not fit to the number of x64 argument registers. So instead, we introduce
two bytecodes.

And for op_define_accessor_property, we perform CellUse edge filter to getter and setter children.
This edge filter makes us possible to use SpeculateCellOperand and reduce the number of used registers
in comparison with JSValueOperand. To make children Cells even if we do not specify some accessors (for
example, { get: func, set: null } case), we fill registers with special throwTypeErrorFunction.
The attributes bitset keep information like "This property descriptor only has getter slot".

In these two bytecodes, we take attributes (configurable, enumerable, writable, hasGetter etc.) as
register instead of embedding constant int value because we will use these bytecodes to implement
Object.defineProperty next. In Object.defineProperty case, an attributes are not statically defined
at bytecode compiling time.

Run ES6SampleBench/Air 20 times. The result shows ~2% performance improvement.

Baseline:

firstIteration: 84.05 ms +- 4.37 ms
averageWorstCase: 40.54 ms +- 2.81 ms
steadyState: 3317.49 ms +- 48.25 ms
summary: 223.51 ms +- 5.07 ms

Patched:

firstIteration: 84.46 ms +- 4.22 ms
averageWorstCase: 41.48 ms +- 2.33 ms
steadyState: 3253.48 ms +- 29.31 ms
summary: 224.40 ms +- 4.72 ms

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • bytecode/SpecialPointer.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitMoveLinkTimeConstant):
(JSC::BytecodeGenerator::emitCallDefineProperty):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::PropertyListNode::emitPutConstantProperty):
(JSC::BitwiseNotNode::emitBytecode):
(JSC::ClassExprNode::emitBytecode):
(JSC::ObjectPatternNode::bindValue):

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileDefineDataProperty):
(JSC::DFG::SpeculativeJIT::compileDefineAccessorProperty):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileDefineDataProperty):
(JSC::FTL::DFG::LowerDFGToB3::compileDefineAccessorProperty):
(JSC::FTL::DFG::LowerDFGToB3::compilePutByValWithThis): Deleted.

  • jit/CCallHelpers.cpp:

(JSC::CCallHelpers::setupFourStubArgsGPR): Deleted.

  • jit/CCallHelpers.h:

(JSC::CCallHelpers::setupFourStubArgsGPR):
(JSC::CCallHelpers::setupFiveStubArgsGPR):
(JSC::CCallHelpers::setupArgumentsWithExecState):
(JSC::CCallHelpers::setupStubArgsGPR):
(JSC::CCallHelpers::prepareForTailCallSlow): Deleted.

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):

  • jit/JIT.h:
  • jit/JITOperations.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emit_op_define_data_property):
(JSC::JIT::emit_op_define_accessor_property):

  • llint/LowLevelInterpreter.asm:
  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/CommonSlowPaths.h:
  • runtime/DefinePropertyAttributes.h: Added.

(JSC::DefinePropertyAttributes::DefinePropertyAttributes):
(JSC::DefinePropertyAttributes::rawRepresentation):
(JSC::DefinePropertyAttributes::hasValue):
(JSC::DefinePropertyAttributes::setValue):
(JSC::DefinePropertyAttributes::hasGet):
(JSC::DefinePropertyAttributes::setGet):
(JSC::DefinePropertyAttributes::hasSet):
(JSC::DefinePropertyAttributes::setSet):
(JSC::DefinePropertyAttributes::writable):
(JSC::DefinePropertyAttributes::configurable):
(JSC::DefinePropertyAttributes::enumerable):
(JSC::DefinePropertyAttributes::setWritable):
(JSC::DefinePropertyAttributes::setConfigurable):
(JSC::DefinePropertyAttributes::setEnumerable):
(JSC::DefinePropertyAttributes::fillWithTriState):
(JSC::DefinePropertyAttributes::extractTriState):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::throwTypeErrorFunction):
(JSC::JSGlobalObject::definePropertyFunction): Deleted.

  • runtime/ObjectConstructor.cpp:

(JSC::ObjectConstructor::addDefineProperty): Deleted.

  • runtime/ObjectConstructor.h:
  • runtime/PropertyDescriptor.h:

(JSC::toPropertyDescriptor):

12:00 PM Changeset in webkit [206777] by Chris Dumez
  • 17 edits in trunk

Return null when window.open() is popup blocked
https://bugs.webkit.org/show_bug.cgi?id=162897

Reviewed by Michael Catanzaro.

Source/WebCore:

The return value of window.open() when the popup is blocked should be null:

Firefox / Edge return null.

No new tests, rebaselined existing tests.

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::open):

LayoutTests:

Rebaseline existing tests to reflect behavior change.

  • fast/events/popup-blocked-from-fake-button-click-expected.txt:
  • fast/events/popup-blocked-from-fake-button-click.html:
  • fast/events/popup-blocked-from-fake-focus-expected.txt:
  • fast/events/popup-blocked-from-fake-focus.html:
  • fast/events/popup-blocked-from-fake-user-gesture-expected.txt:
  • fast/events/popup-blocked-from-fake-user-gesture.html:
  • fast/events/popup-blocked-from-untrusted-click-event-on-anchor-expected.txt:
  • fast/events/popup-blocked-from-untrusted-click-event-on-anchor.html:
  • fast/events/popup-blocking-timers3-expected.txt:
  • fast/events/popup-blocking-timers3.html:
  • fast/events/popup-blocking-timers4-expected.txt:
  • fast/events/popup-blocking-timers4.html:
  • fast/events/popup-blocking-timers6-expected.txt:
  • fast/events/popup-blocking-timers6.html:
11:51 AM Changeset in webkit [206776] by Chris Dumez
  • 7 edits in trunk/Source/WebCore

[Web IDL] Add support for dictionary inheritance
https://bugs.webkit.org/show_bug.cgi?id=162907

Reviewed by Sam Weinig.

Add support for dictionary inheritance to our Web IDL parser and
bindings generator. Leverage this new support for EventTarget's
EventListenerOptions / AddEventListenerOptions dictionaries, in
order to match the DOM specification:

Also update the bindings generator to convert the dictionary
members in lexicographical order, as per:

No new tests, rebaselined bindings tests.

  • bindings/scripts/CodeGenerator.pm:

(GetDictionaryByName):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateDictionaryImplementationContent):

  • bindings/scripts/IDLParser.pm:

(parseDictionary):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::convertDictionary<TestObj::Dictionary>):
(WebCore::convertDictionary<TestObj::DictionaryThatShouldNotTolerateNull>):
(WebCore::convertDictionary<TestObj::DictionaryThatShouldTolerateNull>):
(WebCore::convertDictionary<AlternateDictionaryName>):
(WebCore::convertDictionary<TestObj::ParentDictionary>):
(WebCore::convertDictionary<TestObj::ChildDictionary>):

  • bindings/scripts/test/TestObj.idl:
  • dom/EventTarget.idl:
11:45 AM Changeset in webkit [206775] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking http/tests/cache/disk-cache/disk-cache-204-status-code.html as flaky on mac-wk2.
https://bugs.webkit.org/show_bug.cgi?id=162685

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
11:41 AM Changeset in webkit [206774] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Land TestExpectations for rdar://problem/28586837.

Unreviewed test gardening.

  • platform/mac/TestExpectations:
11:31 AM Changeset in webkit [206773] by Brent Fulgham
  • 9 edits
    2 adds in trunk/Source/WebCore

[Win][Direct2D] Add initial D2D GraphicsContext implementation
https://bugs.webkit.org/show_bug.cgi?id=162917

Reviewed by Dean Jackson.

This patch lands a set of new files that implement the GraphicsContext
features on Windows using Direct2D.

No new tests until complete backend lands.

  • platform/graphics/Color.h: Add new casting operator.
  • platform/graphics/FloatSize.h: Ditto.
  • platform/graphics/GraphicsContext.cpp: Update for Direct2D

implementation.

  • platform/graphics/GraphicsContext.h:
  • platform/graphics/win/ColorDirect2D.cpp:

(WebCore::Color::operator D2D1_VECTOR_4F): Added.

  • platform/graphics/win/GraphicsContextCGWin.cpp: Add compiler

guard to avoid building when using Direct2D.

  • platform/graphics/win/GraphicsContextDirect2D.cpp: Added.
  • platform/graphics/win/GraphicsContextPlatformPrivateDirect2D.h: Added.
  • platform/graphics/win/GraphicsContextWin.cpp: Update for Direct2D

includes.

  • platform/graphics/win/TransformationMatrixDirect2D.cpp: Fix comment.
9:53 AM Changeset in webkit [206772] by commit-queue@webkit.org
  • 5 edits in trunk/Source

[SOUP] Remove SSLPolicyFlags from SoupNetworkSession
https://bugs.webkit.org/show_bug.cgi?id=162906

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-10-04
Reviewed by Michael Catanzaro.

Source/WebCore:

All soup based ports are setting SSLUseSystemCAFile flag unconditionally, so we can just use that when creating
the session like we do for all other construct parameters.

  • platform/network/soup/SoupNetworkSession.cpp:

(WebCore::SoupNetworkSession::createTestingSession):
(WebCore::SoupNetworkSession::setupLogger):
(WebCore::SoupNetworkSession::SoupNetworkSession): Deleted.
(WebCore::SoupNetworkSession::clearOldSoupCache): Deleted.
(WebCore::SoupNetworkSession::setHTTPProxy): Deleted.

  • platform/network/soup/SoupNetworkSession.h:

(WebCore::SoupNetworkSession::soupSession): Deleted.

Source/WebKit2:

  • NetworkProcess/soup/NetworkProcessMainSoup.cpp:

(WebKit::NetworkProcessMainUnix):

8:35 AM Changeset in webkit [206771] by wenson_hsieh@apple.com
  • 17 edits in trunk

Media controls are displayed in the incorrect state momentarily after switching between tabs playing media
https://bugs.webkit.org/show_bug.cgi?id=162766
<rdar://problem/28533523>

Reviewed by Jer Noble.

Source/WebCore:

When showing Now Playing controls for a media session, we should first set up the Now Playing info and
playback state before telling MediaRemote to make the session visible. This is WebKit work in ensuring that
when switching Now Playing sessions by switching tabs, we do not first display an invalid Now Playing state
before updating to the expected state.

Adds 2 new WebKit API tests in NowPlayingControlsTests: NowPlayingControlsHideAfterShowingClearsInfo and
NowPlayingControlsClearInfoAfterSessionIsNoLongerValid.

  • platform/audio/PlatformMediaSessionManager.h:

(WebCore::PlatformMediaSessionManager::lastUpdatedNowPlayingTitle):
(WebCore::PlatformMediaSessionManager::lastUpdatedNowPlayingDuration):
(WebCore::PlatformMediaSessionManager::lastUpdatedNowPlayingElapsedTime):
(WebCore::PlatformMediaSessionManager::hasActiveNowPlayingSession): Deleted.

  • platform/audio/mac/MediaSessionManagerMac.h:
  • platform/audio/mac/MediaSessionManagerMac.mm:

(WebCore::MediaSessionManagerMac::updateNowPlayingInfo):

Source/WebKit2:

Plumbs some more Now Playing information from the web process to the UI process for testing purposes. See
WebCore ChangeLog for more details.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _handleActiveNowPlayingSessionInfoResponse:title:duration:elapsedTime:]):
(-[WKWebView _handleActiveNowPlayingSessionInfoResponse:]): Deleted.

  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
  • UIProcess/PageClient.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::handleActiveNowPlayingSessionInfoResponse):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/mac/PageClientImpl.h:
  • UIProcess/mac/PageClientImpl.mm:

(WebKit::PageClientImpl::handleActiveNowPlayingSessionInfoResponse):

  • WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::requestActiveNowPlayingSessionInfo):

Tools:

Adds new tests and tweaks existing tests to verify last updated Now Playing information.

  • TestWebKitAPI/Tests/WebKit2Cocoa/NowPlayingControlsTests.mm:

(-[NowPlayingTestWebView _handleActiveNowPlayingSessionInfoResponse:title:duration:elapsedTime:]):
(TestWebKitAPI::TEST):
(-[NowPlayingTestWebView _handleActiveNowPlayingSessionInfoResponse:]): Deleted.

  • TestWebKitAPI/Tests/WebKit2Cocoa/large-video-test-now-playing.html:
8:17 AM Changeset in webkit [206770] by commit-queue@webkit.org
  • 5 edits
    3 adds in trunk

[Fetch API] ReadableStream should be errored with TypeError values
https://bugs.webkit.org/show_bug.cgi?id=162895

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-04
Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/basic/error-after-response-expected.txt: Added.
  • web-platform-tests/fetch/api/basic/error-after-response.html: Added.
  • web-platform-tests/fetch/api/resources/bad-chunk-encoding.py: Added.

(main):

  • web-platform-tests/fetch/api/response/response-consume-stream-expected.txt:

Source/WebCore:

Test: imported/w3c/web-platform-tests/fetch/api/basic/error-after-response.html

  • Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::BodyLoader::didFail): Removing FIXME.

  • bindings/js/ReadableStreamDefaultController.h:

(WebCore::ReadableStreamDefaultController::error<String>): Erroring with TypeError values.

8:15 AM Changeset in webkit [206769] by commit-queue@webkit.org
  • 4 edits in trunk/LayoutTests

[mac-wk1] LayoutTest http/tests/security/cached-cross-origin-preloading-css-stylesheet.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=162791

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-04
Reviewed by Alex Christensen.

Flackiness was due to one preload sometimes arriving after the test was finished.
This causes the issue of not having the preload actually being checked against CORS and the console error was not displayed.
Making the test wait 1 second after all loads finish to ensure the preload will also finishes.

Cleaning the test and improving it by:

  • making each load to take 1 second (so that preload is not finished when actual load happens
  • adding some comments explaining each subtest
  • printing DONE at the end of all loads.
  • http/tests/security/cached-cross-origin-preloading-css-stylesheet-expected.txt:
  • http/tests/security/cached-cross-origin-preloading-css-stylesheet.html:
  • platform/mac-wk1/TestExpectations: Removed flaky expectation.
6:49 AM Changeset in webkit [206768] by zandobersek@gmail.com
  • 2 edits in trunk/Source/WebKit2

Unreviewed GTK+ build fix.

  • UIProcess/API/C/WKPage.cpp:

(WKPageSetPageNavigationClient): Guard the call to getDefaultWebCryptoMasterKey()
with ENABLE(SUBTLE_CRYPTO), since the same guard is used for the definition. Fixes
GTK+ production builds where the feature is disabled.

2:19 AM Changeset in webkit [206767] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Follow up fix to GetMapBucket and MapHash speculating on child node types.
To fix this, on 32-bit platforms, we do not speculate on the child
type since we just call into C code for these nodes.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

Oct 3, 2016:

11:28 PM Changeset in webkit [206766] by Chris Dumez
  • 5 edits in trunk/Source/WebCore

Bindings do not throw a TypeError if a required dictionary member is missing
https://bugs.webkit.org/show_bug.cgi?id=162734

Reviewed by Geoffrey Garen.

Bindings should throw a TypeError if a required dictionary member is missing.
For example, if there is a "required long id" member in a dictionary that is
missing, our bindings would prevously pass 0 to the implementation instead
of throwing a TypeError.

Relevant specification:

I aligned our bindings generator implementation with the specification,
except for the support for dictionary inheritance that is still missing
and will be addressed in a follow-up patch.

No new tests, I rebaselined the bindings tests and this is already covered
by fast/events/touch/touch-constructor.html on iOS.

  • bindings/js/JSCustomElementRegistryCustom.cpp:

(WebCore::JSCustomElementRegistry::define):

  • bindings/js/JSDOMConvert.h:

(WebCore::convert): Deleted.
(WebCore::Converter<bool>::convert): Deleted.
(WebCore::Converter<String>::convert): Deleted.
(WebCore::Converter<IDLDOMString>::convert): Deleted.
(WebCore::Converter<IDLUSVString>::convert): Deleted.
(WebCore::Converter<JSC::JSValue>::convert): Deleted.
(WebCore::Converter<int8_t>::convert): Deleted.
(WebCore::Converter<uint8_t>::convert): Deleted.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateDictionaryImplementationContent):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::convertDictionary<TestObj::Dictionary>):
(WebCore::convertDictionary<TestObj::DictionaryThatShouldNotTolerateNull>):
(WebCore::convertDictionary<TestObj::DictionaryThatShouldTolerateNull>):
(WebCore::convertDictionary<AlternateDictionaryName>):

8:33 PM Changeset in webkit [206765] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

[ListItems] Render tree should be all clean by the end of FrameView::layout().
https://bugs.webkit.org/show_bug.cgi?id=162832

Reviewed by Simon Fraser.

List item markers are inserted into the tree during layout, right before laying out
the list item (that's a big FIXME). At this point we already know what part of the tree
needs to be laid out. Inserting a list item marker does not expand this dirty area.
However whenever we insert a new renderer into the tree, we call setNeedsLayout on the contining block chain.
In certain cases (floating renderers), it could potentially trigger some unintentional markings
and we return from FrameView::layout() with a dirty subtree.

This patch preemptively marks the list item and its marker dirty so that
when the marker is getting inserted into the tree, we stop the marking at the parent.

Not testable.

  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::insertOrMoveMarkerRendererIfNeeded):

5:36 PM Changeset in webkit [206764] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.3.1

New tag.

5:35 PM Changeset in webkit [206763] by sbarati@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

GetMapBucket node should speculate on the type of its 'key' child
https://bugs.webkit.org/show_bug.cgi?id=161638

Reviewed by Filip Pizlo.

This eliminates type-check branches when we've already
proven the type of the incoming key. Also, it reduces
the branches we emit when type checking the bucket's key.

This is a 2-3% speedup on ES6SampleBench/Basic.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetMapBucket):

5:32 PM Changeset in webkit [206762] by Keith Rollin
  • 6 edits in trunk/Source/WebKit2

More logging to diagnose "WebKit encountered an internal error" messages
https://bugs.webkit.org/show_bug.cgi?id=162754

Reviewed by Antti Koivisto.

Add more logging around calls to internalError, as well as some
low-level logging around SharedMemory, and mach_vm_map in particular.

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::startNetworkLoad):

  • Platform/Logging.h:
  • Platform/mac/SharedMemoryMac.cpp:

(WebKit::SharedMemory::allocate):
(WebKit::makeMemoryEntry):
(WebKit::SharedMemory::map):
(WebKit::SharedMemory::~SharedMemory):

  • WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::WebLoaderStrategy::networkProcessCrashed):
(WebKit::WebLoaderStrategy::loadResourceSynchronously):

  • WebProcess/Network/WebResourceLoader.cpp:

(WebKit::WebResourceLoader::didReceiveResource):

5:06 PM Changeset in webkit [206761] by mmaxfield@apple.com
  • 8 edits
    10 adds in trunk

Implement rendering of font-variation-settings
https://bugs.webkit.org/show_bug.cgi?id=162782

Reviewed by Zalan Bujtas.

Source/WebCore:

(Re-landing after fixing tests.)

Because the heavy lifting for font-variation-settings is done by CoreText,
this patch is fairly minimal. It simply hooks up the CSS property to CoreText.

There is an existing bug in CoreText where variations inside fonts do not
survive the addition of a cascade list. Therefore, FontPlatformData::ctFont()
needs to work around this (conditionally) by resupplying the variation at
the same time as the cascade list. The CoreText bug is <rdar://problem/28449441>.

Tests: fast/text/variations/duplicate.html

fast/text/variations/exist.html
fast/text/variations/inheritance.html
fast/text/variations/order.html
fast/text/variations/outofbounds.html

  • platform/graphics/FontCache.h:
  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::preparePlatformFont):
(WebCore::fontWithFamily):
(WebCore::FontCache::createFontPlatformData):
(WebCore::FontCache::systemFallbackForCharacters):

  • platform/graphics/cocoa/FontPlatformDataCocoa.mm:

(WebCore::cascadeToLastResortAttributesDictionary):
(WebCore::cascadeToLastResortAndVariationsFontDescriptor):
(WebCore::FontPlatformData::ctFont):
(WebCore::cascadeToLastResortFontDescriptor): Deleted.

  • platform/graphics/mac/FontCustomPlatformData.cpp:

(WebCore::FontCustomPlatformData::fontPlatformData):

  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::updateCachedSystemFontDescription):

LayoutTests:

  • fast/text/variations/duplicate-expected.html: Added.
  • fast/text/variations/duplicate.html: Added.
  • fast/text/variations/exist-expected-mismatch.html: Added.
  • fast/text/variations/exist.html: Added.
  • fast/text/variations/getComputedStyle.html:
  • fast/text/variations/inheritance-expected.html: Added.
  • fast/text/variations/inheritance.html: Added.
  • fast/text/variations/order-expected.html: Added.
  • fast/text/variations/order.html: Added.
  • fast/text/variations/outofbounds-expected.html: Added.
  • fast/text/variations/outofbounds.html: Added.
4:26 PM Changeset in webkit [206760] by Ryan Haddad
  • 3 edits in trunk/LayoutTests

Marking svg/custom/animate-initial-pause-unpause.html as flaky on mac and ios-simulator-wk2 debug.
https://bugs.webkit.org/show_bug.cgi?id=127116

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations:
  • platform/mac/TestExpectations:
4:24 PM Changeset in webkit [206759] by commit-queue@webkit.org
  • 4 edits in trunk/Source/JavaScriptCore

Offline asm should not output masm assembly when using a x86_64 asm backend
https://bugs.webkit.org/show_bug.cgi?id=162705

When cross compiling on windows to Clang, masm was being generated simply because
the os was windows. This change adds a command line parameter --assembler=MASM
to set the output assembly to masm.
The functions isGCC and isCompilingToWindows were removed as they are no longer called.

Patch by Christopher Reid <Christopher.Reid@am.sony.com> on 2016-10-03
Reviewed by Mark Lam.

  • CMakeLists.txt:
  • offlineasm/asm.rb:
  • offlineasm/x86.rb:
3:55 PM Changeset in webkit [206758] by achristensen@apple.com
  • 5 edits in trunk

Source/WebCore:
URLParser should strip tabs at all locations
https://bugs.webkit.org/show_bug.cgi?id=162836

Reviewed by Geoffrey Garen.

Covered by adding tabs to each location of each API test
except tests that test the encoding of surrogate pairs,
because inserting a tab between the pairs changes the encoding.

  • platform/URLParser.cpp:

(WebCore::URLParser::takesTwoAdvancesUntilEnd):
(WebCore::URLParser::parse):
(WebCore::URLParser::parseIPv4Number):
(WebCore::URLParser::parseIPv4Host):

  • platform/URLParser.h:

Tools:
URLParser should ignore tabs at all locations
https://bugs.webkit.org/show_bug.cgi?id=162836

Reviewed by Geoffrey Garen.

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::checkURL):
(TestWebKitAPI::checkRelativeURL):
(TestWebKitAPI::checkURLDifferences):
(TestWebKitAPI::checkRelativeURLDifferences):
(TestWebKitAPI::TEST_F):

3:53 PM Changeset in webkit [206757] by Ryan Haddad
  • 6 edits in trunk/Source/WebKit2

Unreviewed, rolling out r206754.

This change broke the El Capitan and Yosemite debug builds.

Reverted changeset:

"More logging to diagnose "WebKit encountered an internal
error" messages"
https://bugs.webkit.org/show_bug.cgi?id=162754
http://trac.webkit.org/changeset/206754

3:43 PM Changeset in webkit [206756] by jfbastien@apple.com
  • 4 edits
    3 adds in trunk

Auto-generate WASMOps.h, share with testing JSON file
https://bugs.webkit.org/show_bug.cgi?id=162870

Reviewed by Keith Miller.

JSTests:

  • stress/wasm/to-c++.js: Added. Generates WASMOps.h, siilar to the current one but with more data.

(const.opcode_iterator):
(opcode_macroizer):

  • stress/wasm/wasm.json: Added. Data from 0xC binary format version.

Source/JavaScriptCore:

Add a few new opcodes, but keep this mostly as-is for now. I want
to generate smarter code but will do so in a later update to
reduce disruption.

  • wasm/WASMOps.h: auto-generated from ./JSTests/stress/wasm/to-c++.js
3:32 PM Changeset in webkit [206755] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking fast/events/tabindex-focus-blur-all.html as a flaky timeout on mac-debug.
https://bugs.webkit.org/show_bug.cgi?id=162830

Unreviewed test gardening.

  • platform/mac/TestExpectations:
3:18 PM Changeset in webkit [206754] by Keith Rollin
  • 6 edits in trunk/Source/WebKit2

More logging to diagnose "WebKit encountered an internal error" messages
https://bugs.webkit.org/show_bug.cgi?id=162754

Reviewed by Antti Koivisto.

Add more logging around calls to internalError, as well as some
low-level logging around SharedMemory, and mach_vm_map in particular.

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::startNetworkLoad):

  • Platform/Logging.h:
  • Platform/mac/SharedMemoryMac.cpp:

(WebKit::SharedMemory::allocate):
(WebKit::makeMemoryEntry):
(WebKit::SharedMemory::map):
(WebKit::SharedMemory::~SharedMemory):

  • WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::WebLoaderStrategy::networkProcessCrashed):
(WebKit::WebLoaderStrategy::loadResourceSynchronously):

  • WebProcess/Network/WebResourceLoader.cpp:

(WebKit::WebResourceLoader::didReceiveResource):

2:52 PM Changeset in webkit [206753] by Antti Koivisto
  • 16 edits in trunk/Source/WebCore

Remove Document::elementSheet()
https://bugs.webkit.org/show_bug.cgi?id=162876

Reviewed by Andreas Kling.

This is a Document owned stylesheet that exists as a context for parsing element inline style.
It never contains any rules and is generally confusing.

This patch removes the requirement for a stylesheet to be present for CSSParser to operate in
the correct context. Inline style is now parsed without stylesheet and a context object is
passed instead.

  • bindings/js/JSCSSStyleDeclarationCustom.cpp:

(WebCore::root):

  • bindings/js/JSCSSStyleDeclarationCustom.h:

(WebCore::root): Deleted.

  • css/PropertySetCSSStyleDeclaration.cpp:

(WebCore::PropertySetCSSStyleDeclaration::setCssText):
(WebCore::PropertySetCSSStyleDeclaration::setProperty):
(WebCore::PropertySetCSSStyleDeclaration::setPropertyInternal):
(WebCore::PropertySetCSSStyleDeclaration::cssParserContext):
(WebCore::StyleRuleCSSStyleDeclaration::parentStyleSheet):
(WebCore::StyleRuleCSSStyleDeclaration::cssParserContext):
(WebCore::InlineCSSStyleDeclaration::parentStyleSheet):
(WebCore::InlineCSSStyleDeclaration::cssParserContext):

  • css/PropertySetCSSStyleDeclaration.h:

(WebCore::PropertySetCSSStyleDeclaration::didMutate): Deleted.

  • css/StyleProperties.cpp:

(WebCore::MutableStyleProperties::setProperty):
(WebCore::MutableStyleProperties::setCustomProperty):
(WebCore::MutableStyleProperties::parseDeclaration):

  • css/parser/CSSParser.cpp:

(WebCore::CSSParser::parseValue):
(WebCore::CSSParser::parseCustomPropertyValue):
(WebCore::CSSParser::parseInlineStyleDeclaration):

  • css/parser/CSSParser.h:
  • css/parser/CSSParserImpl.cpp:

(WebCore::CSSParserImpl::parseInlineStyleDeclaration):

  • dom/Document.cpp:

(WebCore::Document::~Document):
(WebCore::Document::updateBaseURL):
(WebCore::Document::usesStyleBasedEditability):
(WebCore::Document::setHasElementUsingStyleBasedEditability):
(WebCore::Document::elementSheet): Deleted.

  • dom/Document.h:
  • dom/StyledElement.cpp:

(WebCore::StyledElement::setInlineStyleFromString):
(WebCore::StyledElement::invalidateStyleAttribute):

The usesStyleBasedEditability bit used to be set via the elementSheet. Instead check for it after inline style mutations.

(WebCore::StyledElement::setInlineStyleProperty):
(WebCore::StyledElement::addPropertyToPresentationAttributeStyle):

  • dom/StyledElement.h:

(WebCore::StyledElement::invalidateStyleAttribute): Deleted.

  • inspector/InspectorStyleSheet.cpp:

(WebCore::InspectorStyleSheetForInlineStyle::getStyleAttributeRanges):

  • svg/SVGAnimateElementBase.cpp:

(WebCore::applyCSSPropertyToTarget):

2:51 PM Changeset in webkit [206752] by msaboff@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Creating pcToOriginMap in FTL shouldn't insert unnecessary NOPs
https://bugs.webkit.org/show_bug.cgi?id=162879

Reviewed by Filip Pizlo.

If there is a recent watchpoint label, using MacroAssembler::label() will pad
the instruction stream with NOPs to provide space for a jump. This changes
Air::generate() to use labelIgnoringWatchpoints() to create pcToOriginMap
entries to eliminate unneccesary NOPs.

  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::generate):

  • b3/testb3.cpp:

(JSC::B3::testPCOriginMapDoesntInsertNops): New test.
(JSC::B3::run):

2:36 PM Changeset in webkit [206751] by Brent Fulgham
  • 3 edits
    3 adds in trunk

Avoid null dereference when changing focus in design mode.
https://bugs.webkit.org/show_bug.cgi?id=162877
<rdar://problem/28061261>

Reviewed by Chris Dumez.

Source/WebCore:

The bare m_frame pointer in DOMWindow can be cleared when setting focus to a new element. Check
that the m_frame pointer is non-null before using it after calling a routine that could
clear the pointer value.

Test: fast/frames/iframe-focus-crash.html

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::focus): Check that the pointer is still non-null after setting the
current focused element to nullptr.

LayoutTests:

  • fast/frames/iframe-focus-crash-expected.txt: Added.
  • fast/frames/iframe-focus-crash.html: Added.
  • fast/frames/resources/iframe-focus-crash.html: Added.
2:32 PM Changeset in webkit [206750] by Chris Dumez
  • 32 edits
    2 adds in trunk

Add support for KeyboardEvent.key attribute
https://bugs.webkit.org/show_bug.cgi?id=36267

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline because that the tests are failing differently now that we support
the key attribute on KeyboardEvent but are still missing other standard API
on this interface.

  • web-platform-tests/dom/events/Event-init-while-dispatching-expected.txt:
  • web-platform-tests/dom/events/Event-subclasses-constructors-expected.txt:

Source/WebCore:

Add support for KeyboardEvent.key attribute:

This is behind a compile time flag that is only enabled on Mac and
iOS and the implementation is still missing for other platforms.

Test: fast/events/keyboardevent-key.html

  • dom/KeyboardEvent.cpp:

(WebCore::KeyboardEvent::KeyboardEvent):

  • dom/KeyboardEvent.h:
  • dom/KeyboardEvent.idl:
  • platform/PlatformKeyboardEvent.h:

(WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
(WebCore::PlatformKeyboardEvent::key):

  • platform/cocoa/KeyEventCocoa.h:
  • platform/cocoa/KeyEventCocoa.mm:

(WebCore::keyForCharCode):

  • platform/ios/PlatformEventFactoryIOS.h:
  • platform/ios/PlatformEventFactoryIOS.mm:

(WebCore::keyForKeyEvent):
(WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):

  • platform/mac/PlatformEventFactoryMac.h:
  • platform/mac/PlatformEventFactoryMac.mm:

(WebCore::keyForKeyEvent):
(WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
(WebCore::PlatformWheelEventBuilder::PlatformWheelEventBuilder): Deleted.

  • replay/SerializationMethods.cpp:

(JSC::EncodingTraits<PlatformKeyboardEvent>::encodeValue):
(JSC::EncodingTraits<PlatformKeyboardEvent>::decodeValue):

Source/WebKit2:

Add support for KeyboardEvent.key attribute.

  • Shared/WebEvent.h:

(WebKit::WebKeyboardEvent::key):
(WebKit::WebKeyboardEvent::unmodifiedText): Deleted.

  • Shared/WebEventConversion.cpp:

(WebKit::WebKit2PlatformKeyboardEvent::WebKit2PlatformKeyboardEvent):

  • Shared/WebKeyboardEvent.cpp:

(WebKit::WebKeyboardEvent::WebKeyboardEvent):
(WebKit::WebKeyboardEvent::encode):
(WebKit::WebKeyboardEvent::decode):

  • Shared/mac/WebEventFactory.mm:

(WebKit::WebEventFactory::createWebKeyboardEvent):

Source/WTF:

Add compile time flag for the key attribute on KeyboardEvent and enable
it on Cocoa only.

  • wtf/FeatureDefines.h:

LayoutTests:

Extend layout test coverage.

  • fast/events/constructors/keyboard-event-constructor-expected.txt:
  • fast/events/constructors/keyboard-event-constructor.html:
  • fast/events/key-events-in-input-button-expected.txt:
  • fast/events/key-events-in-input-button.html:
  • fast/events/key-events-in-input-text-expected.txt:
  • fast/events/key-events-in-input-text.html:
  • fast/events/keyboardevent-key-expected.txt: Added.
  • fast/events/keyboardevent-key.html: Added.
  • fast/events/special-key-events-in-input-text-expected.txt:
  • fast/events/special-key-events-in-input-text.html:
  • platform/ios-simulator/TestExpectations:
2:31 PM Changeset in webkit [206749] by achristensen@apple.com
  • 4 edits in trunk

URLParser: fragment-only URLs relative to file URLs should just add a fragment
https://bugs.webkit.org/show_bug.cgi?id=162871

Reviewed by Geoffrey Garen.

Source/WebCore:

Covered by new API tests.

  • platform/URLParser.cpp:

(WebCore::URLParser::parse):
Instead of adding /# after copying the base URL to the query, just add an #.

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

2:30 PM Changeset in webkit [206748] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking storage/indexeddb/index-cursor.html as flaky on mac-wk2.
https://bugs.webkit.org/show_bug.cgi?id=161926

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
2:27 PM Changeset in webkit [206747] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking http/tests/security/anchor-download-allow-data.html as flaky on mac-wk2.
https://bugs.webkit.org/show_bug.cgi?id=161745

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
1:49 PM Changeset in webkit [206746] by sbarati@apple.com
  • 7 edits
    1 add in trunk

MapHash should speculate on the type of its child node
https://bugs.webkit.org/show_bug.cgi?id=161922

Reviewed by Filip Pizlo.

JSTests:

  • microbenchmarks/map-key-well-typed.js: Added.

(assert):
(intKey):
(doubleKey):
(objectKey):
(stringKey):
(booleanKey):
(symbolKey):
(cellKey):
(assert.doubleKey):
(assert.booleanKey):

PerformanceTests:

I gave the main generator a name so it's easier to see what
it is when using the sampling profiler.

  • ES6SampleBench/Basic/ast.js:

(Basic.Program):

Source/JavaScriptCore:

This allows us to remove runtime type checks when we've already
proven the type of the incoming value.

This is a 2-3% speedup on ES6SampleBench/Basic.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::wangsInt64Hash):
(JSC::FTL::DFG::LowerDFGToB3::mapHashString):
(JSC::FTL::DFG::LowerDFGToB3::compileMapHash):

1:31 PM Changeset in webkit [206745] by commit-queue@webkit.org
  • 2 edits
    9 adds in trunk

[Modern Media Controls] LayoutItem and Button classes
https://bugs.webkit.org/show_bug.cgi?id=162868
<rdar://problem/28590166>

Patch by Antoine Quint <Antoine Quint> on 2016-10-03
Reviewed by Dean Jackson.

Source/WebCore:

We introduce the new Button class and its parent class LayoutItem. We will subclass Button
a lot in coming patches, as it provides a way to create a button and provide a delegate to
respond to UI events via the uiDelegate property. A Button extends a LayoutItem, another
class that we'll subclass heavily in coming patches, which is simply a LayoutNode with a
layoutDelegate which allows to set the node's layoutTraits, a bit-mask allowing to
specify layout attributes such as the platform and playback styles.

Tests: media/modern-media-controls/button/button.html

media/modern-media-controls/layout-item/layout-item.html

  • Modules/modern-media-controls/controls/button.css: Added.

(button):

  • Modules/modern-media-controls/controls/button.js: Added.

(Button):
(Button.prototype.get enabled):
(Button.prototype.set enabled):
(Button.prototype.handleEvent):
(Button.prototype._handleUIEvent):

  • Modules/modern-media-controls/controls/layout-item.js: Added.

(LayoutItem.prototype.get layoutTraits):
(LayoutItem):

LayoutTests:

Testing all public properties and methods of the LayoutItem and Button classes.

  • media/modern-media-controls/button/button-expected.txt: Added.
  • media/modern-media-controls/button/button.html: Added.
  • media/modern-media-controls/layout-item/layout-item-expected.txt: Added.
  • media/modern-media-controls/layout-item/layout-item.html: Added.
1:27 PM Changeset in webkit [206744] by aestes@apple.com
  • 8 edits
    2 adds in trunk

ASSERTION FAILED: url.containsOnlyASCII() in WebCore::checkEncodedString() when parsing an invalid CSS cursor URL
https://bugs.webkit.org/show_bug.cgi?id=162763
<rdar://problem/28572758>

Reviewed by Youenn Fablet.

Source/WebCore:

CSSCursorImageValue copies the URL of its underlying CSSImageValue by using the
ParsedURLString URL constructor on the String returned by CSSImageValue::url(). While
CSSImageValues were always being constructed from a URL implicitly converted to a String,
nothing ensured that the URL was valid. For invalid URLs, URL::string() returns the string
it was constructed with, which might still represent a relative URL or contain non-ASCII
characters, violating the preconditions of the ParsedURLString URL constructor and causing
an assertion to fail in Debug builds.

Fix this by having CSSImageValue store its image URL using a WebCore::URL rather than a
String. CSSCursorImageValue can then copy this URL instead of attempting to re-parse a
possibly-invalid URL string.

Test: fast/css/cursor-with-invalid-url.html

  • css/CSSCursorImageValue.cpp:

(WebCore::CSSCursorImageValue::CSSCursorImageValue): Copied m_imageValue.url() into
m_originalURL instead of using the ParsedURLString URL constructor, since
CSSImageValue::url() now returns a WebCore::URL.
(WebCore::CSSCursorImageValue::loadImage): Created a URL from cursorElement->href() by
calling Document::completeURL().

  • css/CSSImageValue.cpp:

(WebCore::CSSImageValue::CSSImageValue): Changed to take a URL&& instead of a const String&.
(WebCore::CSSImageValue::loadImage): Stopped calling Document::completeURL(), since m_url is
now a WebCore::URL.

  • css/CSSImageValue.h: Changed url() to return a const URL&, and changed m_url to be a URL.
  • html/HTMLBodyElement.cpp:

(WebCore::HTMLBodyElement::collectStyleForPresentationAttribute): Removed a call to
URL::string().

  • html/HTMLTableElement.cpp:

(WebCore::HTMLTableElement::collectStyleForPresentationAttribute): Ditto.

  • html/HTMLTablePartElement.cpp:

(WebCore::HTMLTablePartElement::collectStyleForPresentationAttribute): Ditto.

LayoutTests:

  • fast/css/cursor-with-invalid-url.html: Added.
  • fast/css/cursor-with-invalid-url-expected.txt: Added.
1:26 PM Changeset in webkit [206743] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

Log an error to stderr when FrameView::layout() fails to clean all the renderers.
https://bugs.webkit.org/show_bug.cgi?id=162835

Reviewed by Simon Fraser.

We've come across multiple layout/painting bugs caused by renderers left dirty
after FrameView::layout(). This patch helps catching such issues early.
Once all the blocking bugs are fixed (webkit.org/b/162835), logging should be replaced with ASSERT().

Not testable.

  • page/FrameView.cpp:

(WebCore::RenderTreeNeedsLayoutChecker::~RenderTreeNeedsLayoutChecker):
(WebCore::FrameView::layout):

1:22 PM Changeset in webkit [206742] by Brent Fulgham
  • 12 edits
    7 adds in trunk/Source/WebCore

[Win][Direct2D] Add D2D Bitmap Image handling code
https://bugs.webkit.org/show_bug.cgi?id=162761

Reviewed by Dean Jackson.

This patch lands a set of new files that implement
Image and BitmapImage features on Windows using
Direct2D.

The desired ID2D1RenderTarget handle is needed by the
image decoder so that it can load the resulting bitmap
into the GPU.

No new tests until complete backend lands.

  • platform/graphics/BitmapImage.cpp:

(WebCore::BitmapImage::draw): Tell the Direct2D image decoder
which render target to use.

  • platform/graphics/BitmapImage.h:
  • platform/graphics/ImageBuffer.cpp:
  • platform/graphics/ImageBuffer.h:
  • platform/graphics/ImageBufferData.h:
  • platform/graphics/ImageFrameCache.cpp:

(WebCore::ImageFrameCache::setRenderTarget): Added.

  • platform/graphics/ImageFrameCache.h:

(WebCore::ImageFrameCache::decoder): Added.

  • platform/graphics/ImageSource.cpp:
  • platform/graphics/ImageSource.h:

(WebCore::ImageSource::setRenderTarget):

  • platform/graphics/win/ImageBufferDataDirect2D.cpp: Added.
  • platform/graphics/win/ImageBufferDataDirect2D.h: Added.
  • platform/graphics/win/ImageBufferDirect2D.cpp: Added.
  • platform/graphics/win/ImageCGWin.cpp:
  • platform/graphics/win/ImageDecoderDirect2D.cpp: Added.
  • platform/graphics/win/ImageDecoderDirect2D.h: Added.
  • platform/graphics/win/ImageDirect2D.cpp: Added.
  • platform/graphics/win/NativeImageDirect2D.cpp: Added.
12:26 PM Changeset in webkit [206741] by pvollan@apple.com
  • 2 edits in trunk/Tools

[Win] DRT temp folder is not used.
https://bugs.webkit.org/show_bug.cgi?id=162863

Reviewed by Alex Christensen.

Convert DRT temp folder to DOS path, which DRT can use.

  • Scripts/webkitpy/port/driver.py:

(Driver._setup_environ_for_driver):

12:13 PM Changeset in webkit [206740] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebCore

[SOUP] Remove unused methods toSoupMessage from ResourceRequest/Response
https://bugs.webkit.org/show_bug.cgi?id=162867

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-10-03
Reviewed by Sergio Villar Senin.

  • platform/network/soup/ResourceRequest.h:
  • platform/network/soup/ResourceRequestSoup.cpp:

(WebCore::ResourceRequest::updateSoupMessage):
(WebCore::ResourceRequest::updateFromSoupMessage): Deleted.

  • platform/network/soup/ResourceResponse.h:
  • platform/network/soup/ResourceResponseSoup.cpp:

(WebCore::ResourceResponse::updateFromSoupMessage): Deleted.

11:36 AM Changeset in webkit [206739] by fpizlo@apple.com
  • 9 edits in trunk

B3 trapping memory accesses should be documented
https://bugs.webkit.org/show_bug.cgi?id=162845

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

While writing some documentation, I found some small holes in the code.

  • b3/B3Effects.cpp:

(JSC::B3::Effects::operator==): Need this to write tests.
(JSC::B3::Effects::operator!=): Need this to write tests.

  • b3/B3Effects.h:
  • b3/B3HeapRange.h:
  • b3/B3MemoryValue.cpp:

(JSC::B3::MemoryValue::dumpMeta): Sometimes the heap range dump won't show you the memory value's actual range. This makes the dump show you the actual range in that case.

  • b3/B3Value.cpp:

(JSC::B3::Value::effects): While documenting this, I remembered that trapping also has to imply reading top. I fixed this.

  • b3/testb3.cpp:

(JSC::B3::testTrappingLoad): Added checks for the effects of trapping loads.
(JSC::B3::testTrappingStore): Added checks for the effects of trapping stores.
(JSC::B3::testMoveConstants): Made this not crash with validation.

Websites/webkit.org:

Added documentation for the Traps flag, and factored out the documentation of the Chill flag
to a new flags section.

  • docs/b3/intermediate-representation.html:
11:36 AM Changeset in webkit [206738] by Yusuke Suzuki
  • 4 edits in trunk

[ES6] GeneratorFunction (a.k.a. GeneratorWrapperFunction)'s prototype object does not have constructor property
https://bugs.webkit.org/show_bug.cgi?id=162849

Reviewed by Geoffrey Garen.

JSTests:

  • test262.yaml:

Source/JavaScriptCore:

Since GeneratorFunction is not constructible, GeneratorFunction.prototype does not have "constructor" property.

function* generatorFunction() { }
generatorFunction.prototype.constructor undefined

  • runtime/JSFunction.cpp:

(JSC::JSFunction::getOwnPropertySlot):

10:57 AM Changeset in webkit [206737] by commit-queue@webkit.org
  • 9 edits in trunk/Source/WebCore

Remove FetchBody::m_isEmpty
https://bugs.webkit.org/show_bug.cgi?id=162857

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-03
Reviewed by Alex Christensen.

No change of behavior.

Moving handling of null bodies in FetchBodyOwner, by having an Optional<FetchBody> in FetchBodyOwner.
Moving storage of m_contentType in FetchBodyOwner.

Moving header storage from FetchResponse/FetchRequest to FetchBodyOwner, as it helps updating m_contentType.

  • Modules/fetch/FetchBody.cpp: removing m_isEmpty and m_contentType.

(WebCore::FetchBody::extract): Computes the default content-type which is stored in FetchBodyOwner.
(WebCore::FetchBody::blob):
(WebCore::FetchBody::consume):
(WebCore::FetchBody::consumeAsStream):
(WebCore::FetchBody::loadingSucceeded):
(WebCore::FetchBody::bodyForInternalRequest):
(WebCore::FetchBody::clone):

  • Modules/fetch/FetchBody.h:

(WebCore::FetchBody::loadingBody):
(WebCore::FetchBody::FetchBody):

  • Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::FetchBodyOwner):
(WebCore::FetchBodyOwner::stop):
(WebCore::FetchBodyOwner::arrayBuffer):
(WebCore::FetchBodyOwner::blob):
(WebCore::FetchBodyOwner::cloneBody): Needs to clone m_contentType as well.
(WebCore::FetchBodyOwner::extractBody):
(WebCore::FetchBodyOwner::updateContentType):
(WebCore::FetchBodyOwner::consumeOnceLoadingFinished):
(WebCore::FetchBodyOwner::formData):
(WebCore::FetchBodyOwner::json):
(WebCore::FetchBodyOwner::text):
(WebCore::FetchBodyOwner::loadBlob):
(WebCore::FetchBodyOwner::blobLoadingSucceeded):
(WebCore::FetchBodyOwner::blobLoadingFailed):
(WebCore::FetchBodyOwner::finishBlobLoading):

  • Modules/fetch/FetchBodyOwner.h:

(WebCore::FetchBodyOwner::body):
(WebCore::FetchBodyOwner::isBodyNull):

  • Modules/fetch/FetchRequest.cpp:

(WebCore::FetchRequest::setBody):
(WebCore::FetchRequest::internalRequest):
(WebCore::FetchRequest::clone):

  • Modules/fetch/FetchRequest.h:

(WebCore::FetchRequest::FetchRequest):

  • Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::initializeWith):
(WebCore::FetchResponse::FetchResponse):
(WebCore::FetchResponse::cloneForJS):
(WebCore::FetchResponse::fetch):
(WebCore::FetchResponse::BodyLoader::didSucceed):
(WebCore::FetchResponse::BodyLoader::didReceiveResponse):
(WebCore::FetchResponse::BodyLoader::start):
(WebCore::FetchResponse::createReadableStreamSource):

  • Modules/fetch/FetchResponse.h:
10:44 AM Changeset in webkit [206736] by aestes@apple.com
  • 5 edits in trunk

ASSERTION FAILED: result in WebCore::CSSParser::parseURI
https://bugs.webkit.org/show_bug.cgi?id=141638
<rdar://problem/27709952>

Reviewed by Andreas Kling.

Source/WebCore:

CSSParser::parseURIInternal() failed to parse unquoted URLs with Unicode escape sequences
greater than 0xFF, even when the destination character type was multi-byte. Fixed by
checking the size of DestCharacterType instead of SrcCharacterType.

Updated fast/css/url-with-multi-byte-unicode-escape.html to test for an unquoted URL.

  • css/parser/CSSParser.cpp:

(WebCore::CSSParser::parseURIInternal): For code points greater than 0xFF, only returned
false if sizeof(DestCharacterType) == 1.

LayoutTests:

  • fast/css/url-with-multi-byte-unicode-escape-expected.txt: Added a test for an unquoted URL.
  • fast/css/url-with-multi-byte-unicode-escape.html:
10:28 AM Changeset in webkit [206735] by achristensen@apple.com
  • 6 edits in trunk

URLParser: empty relative URLs should not copy fragment from the base URL
https://bugs.webkit.org/show_bug.cgi?id=162864

Reviewed by Chris Dumez.

Source/WebCore:

Covered by new API tests.

  • platform/URL.cpp:

(WebCore::URL::removeFragmentIdentifier):
Optimize removing fragments, now that it happens more often. We don't need to reparse,
because the result will always be equal to just a substring when removing the fragment at the end.

  • platform/URLParser.cpp:

(WebCore::URLParser::copyASCIIStringUntil):
(WebCore::URLParser::copyURLPartsUntil):
(WebCore::containsOnlyC0ControlOrSpace):
(WebCore::URLParser::URLParser):
(WebCore::URLParser::parse):

  • platform/URLParser.h:

Because we are not copying the fragment, we can simplify and remove some unreachable code.

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

9:43 AM Changeset in webkit [206734] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

JSStringRef should define JSChar without platform checks
https://bugs.webkit.org/show_bug.cgi?id=162808

Patch by Nicolas Breidinger <Nicolas.Breidinger@sony.com> on 2016-10-03
Reviewed by Mark Lam.

  • API/JSStringRef.h:
9:23 AM Changeset in webkit [206733] by Chris Dumez
  • 7 edits in trunk

td.scope should only return known values
https://bugs.webkit.org/show_bug.cgi?id=162755

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/reflection-tabular-expected.txt:

Source/WebCore:

td.scope should only return known values:

Firefox conforms to the specification.

No new tests, rebaselined existing test.

  • html/HTMLTableCellElement.cpp:

(WebCore::HTMLTableCellElement::scope):

LayoutTests:

Update existing test to reflect behavior change.

  • fast/dom/element-attribute-js-null-expected.txt:
  • fast/dom/element-attribute-js-null.html:
3:42 AM Changeset in webkit [206732] by Carlos Garcia Campos
  • 5 edits in trunk/Source/WebCore

[SOUP] Simplify AuthenticationChallenge
https://bugs.webkit.org/show_bug.cgi?id=162784

Reviewed by Alex Christensen.

We don't really need to keep references to the SoupSession and SoupMessage in AuthenticationChallenge, the
SoupNetworkSession callback already forwards the challenge to the right ResourceHandle.

  • platform/network/soup/AuthenticationChallenge.h:

(WebCore::AuthenticationChallenge::authenticationClient):
(WebCore::AuthenticationChallenge::soupSession): Deleted.
(WebCore::AuthenticationChallenge::soupMessage): Deleted.

  • platform/network/soup/AuthenticationChallengeSoup.cpp:

(WebCore::AuthenticationChallenge::AuthenticationChallenge):
(WebCore::AuthenticationChallenge::platformCompare):

  • platform/network/soup/ResourceHandleSoup.cpp:

(WebCore::ResourceHandle::continueDidReceiveAuthenticationChallenge):
(WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
(WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential):
(WebCore::ResourceHandle::receivedCredential):
(WebCore::ResourceHandle::receivedCancellation):

  • platform/network/soup/SoupNetworkSession.cpp:

(WebCore::authenticateCallback):

3:32 AM Changeset in webkit [206731] by Carlos Garcia Campos
  • 15 edits
    1 delete in trunk

[SOUP] Cleanup persistent credential storage code
https://bugs.webkit.org/show_bug.cgi?id=162777

Reviewed by Alex Christensen.

.:

Remove ENABLE(CREDENTIAL_STORAGE) build flag and replace it by USE(LIBSECRET).

  • Source/cmake/OptionsGTK.cmake:
  • Source/cmake/WebKitFeatures.cmake:

Source/WebCore:

We have this feature behind ENABLE_CREDENTIAL_STORAGE flag, which is confusing, because we use credential
storage unconditionally and this is only about persistent storage. Also the flag assumes libsecret is available,
and since it's only used by GTK sometimes we use GTK ifdefs instead of CREDENTIAL_STORAGE. So, I think we should
use USE(LIBSECRET) instead, and reduce a bit the ifdefs in common soup code. Another problem is that current
implementation is always used, while it should depend on the current network storage session and never used in
ephemeral sessions. This patch moves the code from CredentialBackingStore to NetworkStorageSessionSoup and
modernizes a bit.

  • PlatformGTK.cmake: Remove CredentialBackingStore.cpp.
  • platform/gtk/GRefPtrGtk.cpp: Use USE(LIBSECRET)
  • platform/gtk/GRefPtrGtk.h:
  • platform/network/NetworkStorageSession.h:
  • platform/network/ResourceHandleInternal.h:
  • platform/network/gtk/CredentialBackingStore.cpp: Removed.
  • platform/network/gtk/CredentialBackingStore.h: Removed.
  • platform/network/soup/NetworkStorageSessionSoup.cpp:

(WebCore::NetworkStorageSession::~NetworkStorageSession):
(WebCore::schemeFromProtectionSpaceServerType):
(WebCore::authTypeFromProtectionSpaceAuthenticationScheme):
(WebCore::NetworkStorageSession::getCredentialFromPersistentStorage):
(WebCore::NetworkStorageSession::saveCredentialToPersistentStorage):
(WebCore::NetworkStorageSession::ensurePrivateBrowsingSession): Deleted.
(WebCore::NetworkStorageSession::switchToNewTestingSession): Deleted.

  • platform/network/soup/ResourceHandleSoup.cpp:

(WebCore::gotHeadersCallback):
(WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
(WebCore::ResourceHandle::receivedCredential):
(WebCore::ResourceHandle::continueDidReceiveAuthenticationChallenge): Deleted.
(WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential): Deleted.
(WebCore::ResourceHandle::receivedCancellation): Deleted.

Source/WebKit2:

Use USE(LIBSECRET) instead of ENABLE(CREDENTIAL_STORAGE).

  • UIProcess/API/gtk/WebKitAuthenticationRequest.cpp:

(webkit_authentication_request_can_save_credentials):

Tools:

Use USE(LIBSECRET) instead of ENABLE(CREDENTIAL_STORAGE).

  • TestWebKitAPI/Tests/WebKit2Gtk/TestAuthentication.cpp:

(testWebViewAuthenticationStorage):

2:51 AM Changeset in webkit [206730] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

Unreviewed. Fix the build with coordinated graphics enabled after r206712.

  • page/scrolling/ScrollingStateTree.cpp:

(WebCore::ScrollingStateTree::attachNode):

Oct 2, 2016:

10:45 PM Changeset in webkit [206729] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Clicking twice on the color swatch square should hide the color picker
https://bugs.webkit.org/show_bug.cgi?id=162759

Patch by Devin Rousso <Devin Rousso> on 2016-10-02
Reviewed by Matt Baker.

  • UserInterface/Views/InlineSwatch.js:

(WebInspector.InlineSwatch):
(WebInspector.InlineSwatch.prototype.didDismissPopover):
(WebInspector.InlineSwatch.prototype._swatchElementClicked):
Remove the "click" event listener when a popover is presented to prevent improper
interaction. Add the event listener back when the popover is dismissed.

9:54 PM Changeset in webkit [206728] by bshafiei@apple.com
  • 11 edits in branches/safari-602-branch

Merge r205657. rdar://problem/28216268

9:44 PM Changeset in webkit [206727] by bshafiei@apple.com
  • 5 edits in branches/safari-602-branch/Source

Versioning.

5:36 PM Changeset in webkit [206726] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.2.14.0.5

New tag.

2:49 PM Changeset in webkit [206725] by Chris Dumez
  • 4 edits
    2 adds in trunk

Add support for KeyboardEvent.getModifierState() operation
https://bugs.webkit.org/show_bug.cgi?id=162855

Reviewed by Darin Adler.

Source/WebCore:

Add support for KeyboardEvent.getModifierState() operation:

Test: fast/events/constructors/keyboard-event-getModifierState.html

  • dom/KeyboardEvent.cpp:

(WebCore::KeyboardEvent::getModifierState):

  • dom/KeyboardEvent.idl:

LayoutTests:

Add layout test coverage.

  • fast/events/constructors/keyboard-event-getModifierState-expected.txt: Added.
  • fast/events/constructors/keyboard-event-getModifierState.html: Added.
2:33 PM Changeset in webkit [206724] by Chris Dumez
  • 7 edits in trunk

Add support for KeyboardEvent.repeat attribute
https://bugs.webkit.org/show_bug.cgi?id=162854

Reviewed by Darin Adler.

Source/WebCore:

Add support for KeyboardEvent.repeat attribute:

No new tests, extended existing test.

  • dom/KeyboardEvent.cpp:

(WebCore::KeyboardEvent::KeyboardEvent):

  • dom/KeyboardEvent.h:
  • dom/KeyboardEvent.idl:

LayoutTests:

Extend layout test coverage.

  • fast/events/constructors/keyboard-event-constructor-expected.txt:
  • fast/events/constructors/keyboard-event-constructor.html:
2:28 PM Changeset in webkit [206723] by Darin Adler
  • 208 edits in trunk

Rename ExceptionCode-based exception handling to "legacy"
https://bugs.webkit.org/show_bug.cgi?id=162859

Reviewed by Chris Dumez.

Source/WebCore:

RaisesException is now MayThrowLegacyException.

A follow-up patch soon will add MayThrowException for the new style,
where we use ExceptionOr<> as the return type instead of an ExceptionCode
out argument.

  • bindings/scripts/CodeGeneratorJS.pm:

Removed the quotation marks from the syntax object->{PropertyName} so the
renaming script could handle it. Tweaked various comments and logic for clarity.
Changed to use the perl "x if y" syntax for brevity in many places.
Renamed with the script and by hand. Added code to skip including the same header
in both the implementation file and the header, just to make generated bindings
slightly smaller and faster to compile. Used "using" instead of "typedef".

  • bindings/scripts/IDLAttributes.txt: Updated from old names to new ones.
  • Modules/applepay/ApplePaySession.idl:
  • Modules/encryptedmedia/MediaKeySession.idl:
  • Modules/encryptedmedia/MediaKeys.idl:
  • Modules/fetch/FetchHeaders.idl:
  • Modules/fetch/FetchRequest.idl:
  • Modules/fetch/FetchResponse.idl:
  • Modules/indexeddb/IDBCursor.idl:
  • Modules/indexeddb/IDBDatabase.idl:
  • Modules/indexeddb/IDBFactory.idl:
  • Modules/indexeddb/IDBIndex.idl:
  • Modules/indexeddb/IDBKeyRange.idl:
  • Modules/indexeddb/IDBObjectStore.idl:
  • Modules/indexeddb/IDBRequest.idl:
  • Modules/indexeddb/IDBTransaction.idl:
  • Modules/mediasource/MediaSource.idl:
  • Modules/mediasource/SourceBuffer.idl:
  • Modules/mediastream/MediaDevices.idl:
  • Modules/mediastream/RTCDTMFSender.idl:
  • Modules/mediastream/RTCDataChannel.idl:
  • Modules/mediastream/RTCIceCandidate.idl:
  • Modules/mediastream/RTCPeerConnection.idl:
  • Modules/mediastream/RTCRtpSender.idl:
  • Modules/mediastream/RTCSessionDescription.idl:
  • Modules/navigatorcontentutils/NavigatorContentUtils.idl:
  • Modules/notifications/NotificationCenter.idl:
  • Modules/webaudio/AnalyserNode.idl:
  • Modules/webaudio/AudioBuffer.idl:
  • Modules/webaudio/AudioBufferSourceNode.idl:
  • Modules/webaudio/AudioContext.idl:
  • Modules/webaudio/AudioNode.idl:
  • Modules/webaudio/ConvolverNode.idl:
  • Modules/webaudio/OfflineAudioContext.idl:
  • Modules/webaudio/OscillatorNode.idl:
  • Modules/webdatabase/DOMWindowWebDatabase.idl:
  • Modules/webdatabase/SQLResultSet.idl:
  • Modules/websockets/WebSocket.idl:
  • bindings/scripts/test/TestImplements.idl:
  • bindings/scripts/test/TestInterface.idl:
  • bindings/scripts/test/TestNamedConstructor.idl:
  • bindings/scripts/test/TestNondeterministic.idl:
  • bindings/scripts/test/TestObj.idl:
  • bindings/scripts/test/TestSupplemental.idl:
  • bindings/scripts/test/TestTypedefs.idl:
  • css/CSSCharsetRule.idl:
  • css/CSSMediaRule.idl:
  • css/CSSPrimitiveValue.idl:
  • css/CSSRule.idl:
  • css/CSSStyleDeclaration.idl:
  • css/CSSStyleSheet.idl:
  • css/CSSSupportsRule.idl:
  • css/CSSValue.idl:
  • css/FontFace.idl:
  • css/FontFaceSet.idl:
  • css/MediaList.idl:
  • css/WebKitCSSMatrix.idl:
  • dom/CharacterData.idl:
  • dom/ChildNode.idl:
  • dom/CustomElementRegistry.idl:
  • dom/DataTransferItemList.idl:
  • dom/Document.idl:
  • dom/Element.idl:
  • dom/EventTarget.idl:
  • dom/MessagePort.idl:
  • dom/MutationObserver.idl:
  • dom/NamedNodeMap.idl:
  • dom/Node.idl:
  • dom/ParentNode.idl:
  • dom/Range.idl:
  • dom/ShadowRoot.idl:
  • dom/Text.idl:
  • fileapi/FileReader.idl:
  • fileapi/FileReaderSync.idl:
  • html/DOMTokenList.idl:
  • html/DOMURL.idl:
  • html/HTMLCanvasElement.idl:
  • html/HTMLElement.idl:
  • html/HTMLEmbedElement.idl:
  • html/HTMLFrameElement.idl:
  • html/HTMLIFrameElement.idl:
  • html/HTMLInputElement.idl:
  • html/HTMLMarqueeElement.idl:
  • html/HTMLMediaElement.idl:
  • html/HTMLObjectElement.idl:
  • html/HTMLOptionElement.idl:
  • html/HTMLOptionsCollection.idl:
  • html/HTMLProgressElement.idl:
  • html/HTMLSelectElement.idl:
  • html/HTMLTableElement.idl:
  • html/HTMLTableRowElement.idl:
  • html/HTMLTableSectionElement.idl:
  • html/HTMLTextAreaElement.idl:
  • html/HTMLVideoElement.idl:
  • html/ImageData.idl:
  • html/MediaController.idl:
  • html/TimeRanges.idl:
  • html/URLUtils.idl:
  • html/canvas/CanvasGradient.idl:
  • html/canvas/CanvasPath.idl:
  • html/canvas/CanvasRenderingContext2D.idl:
  • html/canvas/OESVertexArrayObject.idl:
  • html/canvas/WebGLRenderingContextBase.idl:
  • html/track/DataCue.idl:
  • html/track/TextTrack.idl:
  • html/track/TextTrackCue.idl:
  • html/track/VTTCue.idl:
  • html/track/VTTRegion.idl:
  • loader/appcache/DOMApplicationCache.idl:
  • page/Crypto.idl:
  • page/DOMSelection.idl:
  • page/DOMWindow.idl:
  • page/EventSource.idl:
  • page/History.idl:
  • page/Location.idl:
  • page/Performance.idl:
  • page/UserMessageHandler.idl:
  • page/WindowOrWorkerGlobalScope.idl:
  • storage/Storage.idl:
  • svg/SVGAltGlyphElement.idl:
  • svg/SVGAngle.idl:
  • svg/SVGAnimatedBoolean.idl:
  • svg/SVGAnimatedEnumeration.idl:
  • svg/SVGAnimatedInteger.idl:
  • svg/SVGAnimatedNumber.idl:
  • svg/SVGAnimatedString.idl:
  • svg/SVGAnimationElement.idl:
  • svg/SVGColor.idl:
  • svg/SVGGlyphRefElement.idl:
  • svg/SVGGraphicsElement.idl:
  • svg/SVGLength.idl:
  • svg/SVGLengthList.idl:
  • svg/SVGMatrix.idl:
  • svg/SVGNumberList.idl:
  • svg/SVGPaint.idl:
  • svg/SVGPathSegList.idl:
  • svg/SVGPointList.idl:
  • svg/SVGPreserveAspectRatio.idl:
  • svg/SVGStringList.idl:
  • svg/SVGStyleElement.idl:
  • svg/SVGTextContentElement.idl:
  • svg/SVGTransformList.idl:
  • svg/SVGViewSpec.idl:
  • testing/InternalSettings.idl:
  • testing/Internals.idl:
  • workers/DedicatedWorkerGlobalScope.idl:
  • workers/Worker.idl:
  • xml/DOMParser.idl:
  • xml/XMLHttpRequest.idl:
  • xml/XPathEvaluator.idl:
  • xml/XPathExpression.idl:
  • xml/XPathResult.idl:

Allowed the rename script to rename the exception-related extended attributes.

  • bindings/scripts/test/JS/JSInterfaceName.cpp:
  • bindings/scripts/test/JS/JSInterfaceName.h:
  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
  • bindings/scripts/test/JS/JSTestActiveDOMObject.h:
  • bindings/scripts/test/JS/JSTestCallback.cpp:
  • bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
  • bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
  • bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
  • bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
  • bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
  • bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
  • bindings/scripts/test/JS/JSTestEventConstructor.cpp:
  • bindings/scripts/test/JS/JSTestEventConstructor.h:
  • bindings/scripts/test/JS/JSTestEventTarget.cpp:
  • bindings/scripts/test/JS/JSTestEventTarget.h:
  • bindings/scripts/test/JS/JSTestException.cpp:
  • bindings/scripts/test/JS/JSTestException.h:
  • bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
  • bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:
  • bindings/scripts/test/JS/JSTestGlobalObject.h:
  • bindings/scripts/test/JS/JSTestInterface.cpp:
  • bindings/scripts/test/JS/JSTestInterface.h:
  • bindings/scripts/test/JS/JSTestIterable.cpp:
  • bindings/scripts/test/JS/JSTestIterable.h:
  • bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
  • bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
  • bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
  • bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
  • bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
  • bindings/scripts/test/JS/JSTestNamedConstructor.h:
  • bindings/scripts/test/JS/JSTestNode.cpp:
  • bindings/scripts/test/JS/JSTestNode.h:
  • bindings/scripts/test/JS/JSTestNondeterministic.cpp:
  • bindings/scripts/test/JS/JSTestNondeterministic.h:
  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/JS/JSTestObj.h:
  • bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
  • bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
  • bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
  • bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
  • bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
  • bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
  • bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
  • bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
  • bindings/scripts/test/JS/JSTestTypedefs.cpp:
  • bindings/scripts/test/JS/JSTestTypedefs.h:
  • bindings/scripts/test/JS/JSattribute.cpp:
  • bindings/scripts/test/JS/JSattribute.h:
  • bindings/scripts/test/JS/JSreadonly.cpp:
  • bindings/scripts/test/JS/JSreadonly.h:

Regenerated.

Source/WebKit/win:

  • Interfaces/DOMEvents.idl: Let the script rename here (in a comment).

Tools:

  • Scripts/do-webcore-rename: Updated script to do this round of renames.
1:59 PM Changeset in webkit [206722] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Exception thrown when hovering network waterfall graphs during reload
https://bugs.webkit.org/show_bug.cgi?id=162850
<rdar://problem/28579653>

Reviewed by Brian Burg.

  • UserInterface/Views/ResourceTimelineDataGridNode.js:

(WebInspector.ResourceTimelineDataGridNode.prototype._mouseoverRecordBar):
Check that the node's data grid reference is valid before use.
(WebInspector.ResourceTimelineDataGridNode):

12:22 PM Changeset in webkit [206721] by wenson_hsieh@apple.com
  • 9 edits
    1 add in trunk

Media controls for Soundcloud easily falls out of sync with what's actually playing
https://bugs.webkit.org/show_bug.cgi?id=162843
<rdar://problem/28176874>

Reviewed by Beth Dakin.

Source/WebCore:

Currently, audio elements are subject to the same main content restrictions as video elements. This is
problematic on sites where audio elements are really the main content, such as soundcloud. We need a different
heuristic for determining whether audio elements such as these should be allowed to show playback controls.

Furthermore, we currently forbid autoplaying audio from showing controls if it has user gesture restrictions
(i.e. it started playing via script). This is, again, problematic on sites where audio elements are played one
after another (such as on soundcloud). Even though a subsequent audio element may have been triggered via
script, we might want still want to show controls for it if the user has explicitly triggered other elements on
the page to begin playing. However, if the user has not gestured on any media in the page, we still should not
show controls for audio elements that begin playing via script.

Adds two new unit tests to TestWebKitAPI simulating audio playback behavior on soundcloud.

  • html/MediaElementSession.cpp:

(WebCore::MediaElementSession::removeBehaviorRestriction):
(WebCore::MediaElementSession::canShowControlsManager):
(WebCore::MediaElementSession::allowsPlaybackControlsForAutoplayingAudio):

  • html/MediaElementSession.h:
  • page/Page.h:

(WebCore::Page::allowsPlaybackControlsForAutoplayingAudio):
(WebCore::Page::setAllowsPlaybackControlsForAutoplayingAudio):

Tools:

Adds two new tests simulating audio playback behavior on soundcloud. Also tweaks some of the WKWebView test
message handling logic to support having multiple message-handler mappings.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WebKit2Cocoa/play-audio-on-click.html: Added.
  • TestWebKitAPI/mac/TestWKWebViewMac.h:
  • TestWebKitAPI/mac/TestWKWebViewMac.mm:

(-[TestMessageHandler addMessage:withHandler:]):
(-[TestMessageHandler userContentController:didReceiveScriptMessage:]):
(-[TestWKWebView performAfterReceivingMessage:action:]):
(-[TestWKWebView performAfterLoading:]):
(-[TestMessageHandler initWithMessage:handler:]): Deleted.

12:19 PM Changeset in webkit [206720] by Ryan Haddad
  • 17 edits in trunk/Source

Unreviewed, rolling out r206683.

This change caused API test WebKit2.FindMatches to fail on
Mac.

Reverted changeset:

"The dragged image should be the current frame only of the
animated image"
https://bugs.webkit.org/show_bug.cgi?id=162109
http://trac.webkit.org/changeset/206683

11:19 AM Changeset in webkit [206719] by Chris Dumez
  • 8 edits
    10 deletes in trunk

Unreviewed, rolling out r206692 and r206718.

Seems to have caused >200 failures on Sierra

Reverted changesets:

"Implement rendering of font-variation-settings"
https://bugs.webkit.org/show_bug.cgi?id=162782
http://trac.webkit.org/changeset/206692

"Tried to fix the build after r206692."
http://trac.webkit.org/changeset/206718

7:49 AM Changeset in webkit [206718] by mitz@apple.com
  • 2 edits in trunk/Source/WebCore

Tried to fix the build after r206692.

  • platform/graphics/cocoa/FontPlatformDataCocoa.mm:

(WebCore::cascadeToLastResortAndVariationsFontDescriptor):

7:25 AM Changeset in webkit [206717] by commit-queue@webkit.org
  • 9 edits in trunk

Unreviewed, rolling out r206716.
https://bugs.webkit.org/show_bug.cgi?id=162858

It is breaking Mac CMake Debug build (Requested by youenn on
#webkit).

Reverted changeset:

"[Fetch API] Forbid redirection to non-HTTP(s) URL in non-
navigation mode."
https://bugs.webkit.org/show_bug.cgi?id=162785
http://trac.webkit.org/changeset/206716

6:59 AM Changeset in webkit [206716] by commit-queue@webkit.org
  • 9 edits in trunk

[Fetch API] Forbid redirection to non-HTTP(s) URL in non-navigation mode.
https://bugs.webkit.org/show_bug.cgi?id=162785

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-02
Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/redirect/redirect-to-dataurl-expected.txt:
  • web-platform-tests/fetch/api/redirect/redirect-to-dataurl-worker-expected.txt:

Source/WebCore:

Covered by rebased and existing tests.

Ensuring non-HTTP redirection URLs are not followed at DocumentThreadableLoader level for fetch API only.
This should be applied to all clients at some point, but there is still some uncertainty for data URLs.

Did some refactoring to better separate the case of security checks in case of regular request or redirected request.
This allows in particular to handle more clearly the case of data URLs which are allowed in all modes for regular requests.
But they are not allowed for same-origin redirected requests.

  • WebCore.xcodeproj/project.pbxproj:
  • loader/DocumentThreadableLoader.cpp:

(WebCore::reportRedirectionWithBadScheme): Reporting bad scheme redirection error.
(WebCore::DocumentThreadableLoader::redirectReceived): Checking that redirection URLs are HTTP(s) in case of Fetch API.

  • loader/SubresourceLoader.cpp:

(WebCore::SubresourceLoader::willSendRequestInternal):

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestImage):
(WebCore::CachedResourceLoader::checkInsecureContent):
(WebCore::CachedResourceLoader::allowedByContentSecurityPolicy):
(WebCore::isSameOriginDataURL):
(WebCore::CachedResourceLoader::canRequest):
(WebCore::CachedResourceLoader::canRequestAfterRedirection):
(WebCore::CachedResourceLoader::canRequestInContentDispositionAttachmentSandbox):
(WebCore::CachedResourceLoader::requestResource):

  • loader/cache/CachedResourceLoader.h:

Oct 1, 2016:

10:25 PM Changeset in webkit [206715] by bshafiei@apple.com
  • 5 edits in branches/safari-602.2.14.0-branch/Source

Versioning.

7:46 PM Changeset in webkit [206714] by commit-queue@webkit.org
  • 5 edits
    1 add in trunk/Source/WebInspectorUI

Web Inspector: Selection does not show up over execution highlight ranges
https://bugs.webkit.org/show_bug.cgi?id=162844
<rdar://problem/28579121>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-01
Reviewed by Matt Baker.

  • Scripts/update-codemirror-resources.rb:
  • UserInterface/External/CodeMirror/mark-selection.js: Added.
  • UserInterface/Main.html:

New add-on that makes selection a text marker so it can be styled
at the same level as other text markers.

  • UserInterface/Views/TextEditor.css:

(.text-editor > .CodeMirror .execution-range-highlight:not(.CodeMirror-selectedtext)):
Don't use execution-range-highlight styles if the text is selected.

  • UserInterface/Views/TextEditor.js:

(WebInspector.TextEditor):
Enable the text selection as text markers addon.

6:05 PM Changeset in webkit [206713] by Simon Fraser
  • 14 edits
    2 adds in trunk

Support transitions/animations of background-position with right/bottom-relative values
https://bugs.webkit.org/show_bug.cgi?id=162048

Reviewed by Dean Jackson.
Source/WebCore:

Make transitions between "background-position: 10px 20px" and "background-position: right 10px bottom 20px"
work. We do this by by converting "right 10px" to "calc(100% - 10px)" when blending.

Also improve logging of calculated lengths, and better animation logging for FillLayer properties.

Test: transitions/background-position-transitions.html

  • page/animation/CSSPropertyAnimation.cpp:

(WebCore::FillLayerAnimationPropertyWrapperBase::FillLayerAnimationPropertyWrapperBase): Keep the propertyID
around so logging can use it.
(WebCore::FillLayerAnimationPropertyWrapperBase::property):
(WebCore::FillLayerPropertyWrapperGetter::FillLayerPropertyWrapperGetter):
(WebCore::FillLayerPropertyWrapperGetter::value):
(WebCore::FillLayerPropertyWrapper::FillLayerPropertyWrapper):
(WebCore::createCalculatedLength):
(WebCore::FillLayerPositionPropertyWrapper::FillLayerPositionPropertyWrapper):
(WebCore::FillLayerRefCountedPropertyWrapper::FillLayerRefCountedPropertyWrapper):
(WebCore::FillLayerStyleImagePropertyWrapper::FillLayerStyleImagePropertyWrapper):
(WebCore::FillLayersPropertyWrapper::FillLayersPropertyWrapper):
(WebCore::CSSPropertyAnimation::blendProperties): Blend then log, so that the logging
can show the result.

  • platform/CalculationValue.cpp:

(WebCore::CalcExpressionNumber::dump):
(WebCore::CalcExpressionBinaryOperation::dump):
(WebCore::CalcExpressionLength::dump):
(WebCore::CalcExpressionBlendLength::dump):
(WebCore::operator<<):

  • platform/CalculationValue.h:
  • platform/Length.cpp:

(WebCore::operator<<):

LayoutTests:

  • transitions/background-position-transitions-expected.txt: Added.
  • transitions/background-position-transitions.html: Added.
  • transitions/resources/transition-test-helpers.js:
  • transitions/svg-transitions-expected.txt:
6:05 PM Changeset in webkit [206712] by Simon Fraser
  • 4 edits
    2 adds in trunk

Bad cast when CSS position programmatically changed from -webkit-sticky to fixed
https://bugs.webkit.org/show_bug.cgi?id=160826

Reviewed by Zalan Bujtas.
Source/WebCore:

If a scrolling state tree node changed type (e.g. from sticky to fixed), we'd fail
to recreate the node so keep a node with the wrong type.

Fix by destroying the node and making a new one with a new ID in this case. The
new ID is necessary to ensure that the scrolling tree is updated.

Test: fast/scrolling/sticky-to-fixed.html

  • page/scrolling/ScrollingStateTree.cpp:

(WebCore::ScrollingStateTree::nodeTypeAndParentMatch):
(WebCore::ScrollingStateTree::attachNode):
(WebCore::ScrollingStateTree::stateNodeForID):

  • page/scrolling/ScrollingStateTree.h:

LayoutTests:

  • fast/scrolling/sticky-to-fixed-expected.txt: Added.
  • fast/scrolling/sticky-to-fixed.html: Added.
4:36 PM Changeset in webkit [206711] by Yusuke Suzuki
  • 9 edits in trunk

[ES6] Align attributes of Generator related properties to spec
https://bugs.webkit.org/show_bug.cgi?id=162839

Reviewed by Saam Barati.

JSTests:

  • test262.yaml:

Source/JavaScriptCore:

This patch fixes attributes of Generator related properties.
These fixes are covered by test262.

  • runtime/GeneratorFunctionConstructor.cpp:

(JSC::GeneratorFunctionConstructor::finishCreation):

  • runtime/GeneratorFunctionConstructor.h:
  • runtime/GeneratorFunctionPrototype.cpp:

(JSC::GeneratorFunctionPrototype::finishCreation):

  • runtime/GeneratorFunctionPrototype.h:
  • runtime/GeneratorPrototype.h:
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

4:35 PM Changeset in webkit [206710] by Yusuke Suzuki
  • 8 edits
    1 add in trunk

[ES6] GeneratorFunction constructor should instantiate generator function
https://bugs.webkit.org/show_bug.cgi?id=162838

Reviewed by Saam Barati.

JSTests:

  • stress/generator-function-constructor-is-subclassible.js: Added.

(shouldBe):
(GeneratorFunction):
(prototype.hello):

  • stress/generator-function-constructor.js:
  • test262.yaml:

Source/JavaScriptCore:

GeneratorFunction's constructor should return an instance of JSGeneratorFunction
instead of JSFunction. In this patch, we fix the following 2 things.

  1. GeneratorFunction constructor should use JSGeneratorFunction

Previously, we used JSFunction to construct a result. It's wrong. We use JSGeneratorFunction.

  1. Pass newTarget into GeneratorFunction constructor to make it subclassible

We did not leverage newTarget when using GeneratorFunction constructor.
Using it correctly to create the subclass Structure and making GeneratorFunction subclassible.

Test262 test covers (1), but (2) is not covered. We add tests that covers both to stress tests.

  • runtime/FunctionConstructor.cpp:

(JSC::constructFunctionSkippingEvalEnabledCheck):

  • runtime/GeneratorFunctionConstructor.cpp:

(JSC::constructGeneratorFunctionConstructor):

  • runtime/JSGeneratorFunction.cpp:

(JSC::JSGeneratorFunction::JSGeneratorFunction):
(JSC::JSGeneratorFunction::createImpl):
(JSC::JSGeneratorFunction::create):
(JSC::JSGeneratorFunction::createWithInvalidatedReallocationWatchpoint):

  • runtime/JSGeneratorFunction.h:
2:14 PM Changeset in webkit [206709] by fpizlo@apple.com
  • 6 edits in trunk/Source/JavaScriptCore

Get rid of isMarkedOrNewlyAllocated
https://bugs.webkit.org/show_bug.cgi?id=162842

Reviewed by Dan Bernstein.

This function has become dead code. This change removes it.

  • heap/CellContainer.h:
  • heap/CellContainerInlines.h:

(JSC::CellContainer::isMarkedOrNewlyAllocated): Deleted.

  • heap/LargeAllocation.h:

(JSC::LargeAllocation::isLive):
(JSC::LargeAllocation::isMarkedOrNewlyAllocated): Deleted.

  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::Handle::isMarkedOrNewlyAllocated): Deleted.
(JSC::MarkedBlock::isMarkedOrNewlyAllocated): Deleted.

  • heap/MarkedBlock.h:

(JSC::MarkedBlock::Handle::isMarkedOrNewlyAllocated): Deleted.
(JSC::MarkedBlock::isMarkedOrNewlyAllocated): Deleted.

9:31 AM Changeset in webkit [206708] by commit-queue@webkit.org
  • 8 edits in trunk/Source/WebCore

removing FetchBoyd::m_type

Remove FetchBody::m_type
https://bugs.webkit.org/show_bug.cgi?id=162841

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-01
Reviewed by Sam Weinig.

No change of behavior.

Removing FetchBody::m_type and using m_data in lieu.
Introducing temporarily FetchBody::m_isEmpty to handle the case of null bodies.
Null body handling should be moved to FetchBodyOwner in a follow-up patch.

  • Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::FetchBody):
(WebCore::FetchBody::extract):
(WebCore::FetchBody::arrayBuffer):
(WebCore::FetchBody::blob):
(WebCore::FetchBody::json):
(WebCore::FetchBody::text):
(WebCore::FetchBody::consumeOnceLoadingFinished):
(WebCore::FetchBody::consume):
(WebCore::FetchBody::consumeAsStream):
(WebCore::FetchBody::loadingSucceeded):
(WebCore::FetchBody::bodyForInternalRequest):
(WebCore::FetchBody::clone):
(WebCore::FetchBody::consumeText): Deleted.
(WebCore::FetchBody::consumeBlob): Deleted.

  • Modules/fetch/FetchBody.h:

(WebCore::FetchBody::isEmpty):
(WebCore::FetchBody::isBlob):
(WebCore::FetchBody::isFormData):
(WebCore::FetchBody::isArrayBuffer):
(WebCore::FetchBody::isArrayBufferView):
(WebCore::FetchBody::isURLSearchParams):
(WebCore::FetchBody::isText):
(WebCore::FetchBody::FetchBody):
(WebCore::FetchBody::setContentType): Deleted.
(WebCore::FetchBody::urlSearchParamsBody): Deleted.

  • Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::consumeOnceLoadingFinished):
(WebCore::FetchBodyOwner::blobLoadingSucceeded):
(WebCore::FetchBodyOwner::finishBlobLoading): Deleted.

  • Modules/fetch/FetchBodyOwner.h:

(WebCore::FetchBodyOwner::body): Deleted.

  • Modules/fetch/FetchRequest.cpp:

(WebCore::FetchRequest::setBody):

  • Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::fetch):
(WebCore::FetchResponse::BodyLoader::didSucceed):
(WebCore::FetchResponse::consume):
(WebCore::FetchResponse::consumeBodyAsStream):
(WebCore::FetchResponse::createReadableStreamSource):
(WebCore::FetchResponse::finishConsumingStream): Deleted.

  • Modules/fetch/FetchResponse.h:
8:32 AM Changeset in webkit [206707] by commit-queue@webkit.org
  • 8 edits in trunk/Source/JavaScriptCore

Rename DebugHookID to DebugHookType
https://bugs.webkit.org/show_bug.cgi?id=162820

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-01
Reviewed by Alex Christensen.

  • bytecode/CodeBlock.cpp:

(JSC::debugHookName):
(JSC::CodeBlock::dumpBytecode):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitDebugHook):

  • bytecompiler/BytecodeGenerator.h:
  • interpreter/Interpreter.cpp:

(JSC::Interpreter::debug):

  • interpreter/Interpreter.h:
  • jit/JITOperations.cpp:
  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

Sep 30, 2016:

8:59 PM Changeset in webkit [206706] by ddkilzer@apple.com
  • 2 edits in trunk/Source/WebCore

REGRESSION (r203424): WebCore::ImageBuffer::createCompatibleBuffer() in ImageBufferCG.cpp over-releases CGColorSpaceRef objects
<https://webkit.org/b/162823>
<rdar://problem/27723268>

Reviewed by Joseph Pecoraro.

Code is covered by existing tests, but no crashes have been
observed in practice. May require running one test multiple
times to reproduce.

  • platform/graphics/cg/ImageBufferCG.cpp:

(WebCore::ImageBuffer::createCompatibleBuffer): Don't use
adoptCF() when the function doesn't return a +1 retained
CGColorSpaceRef.

8:49 PM Changeset in webkit [206705] by mmaxfield@apple.com
  • 2 edits in trunk/Source/WebKit2

Follow-up patch after r206701
https://bugs.webkit.org/show_bug.cgi?id=162818

Unreviewed.

I missed one place required to enable an experimental feature by default.

  • UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::registerUserDefaultsIfNeeded):

7:48 PM Changeset in webkit [206704] by jh718.park@samsung.com
  • 2 edits in trunk/Source/WebCore

[EFL] Fix build break since r206661. Unreviewed
https://bugs.webkit.org/show_bug.cgi?id=162825

No new tests, no new behaviours.

  • rendering/RenderLayer.cpp:

(WebCore::ClipRects::ClipRects):

6:28 PM Changeset in webkit [206703] by mmaxfield@apple.com
  • 2 edits in trunk/Source/WebCore

Declare that our variation fonts work is in progress
https://bugs.webkit.org/show_bug.cgi?id=162816

Reviewed by Simon Fraser.

  • features.json:
6:27 PM Changeset in webkit [206702] by mitz@apple.com
  • 2 edits in trunk/Source/WebKit2

[iOS] Editing menu omits the Share command if the selected text is longer than 200 characters
https://bugs.webkit.org/show_bug.cgi?id=162821
<rdar://problem/28409828>

Reviewed by Tim Horton.

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView canPerformAction:withSender:]): Changed to return YES for the _share:

action even if the selection is longer than 200 characters. While Define should not have
been available for longer selections, Share does not have such a limitation.

6:26 PM Changeset in webkit [206701] by mmaxfield@apple.com
  • 5 edits in trunk/Source

Turn variation fonts on by default
https://bugs.webkit.org/show_bug.cgi?id=162818

Reviewed by Simon Fraser.

Source/WebCore:

No new tests because there is no behavior change.

  • page/Settings.in:
  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::variationFontsEnabled):

Source/WebKit2:

  • Shared/WebPreferencesDefinitions.h:
5:59 PM Changeset in webkit [206700] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.2.14.1.1

New tag.

5:59 PM Changeset in webkit [206699] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.2.14.0.4

New tag.

5:52 PM Changeset in webkit [206698] by Joseph Pecoraro
  • 3 edits
    2 adds in trunk

Web Inspector: Stepping to a line with an autoContinue breakpoint should still pause
https://bugs.webkit.org/show_bug.cgi?id=161712
<rdar://problem/28193970>

Reviewed by Brian Burg.

Source/JavaScriptCore:

  • debugger/Debugger.cpp:

(JSC::Debugger::pauseIfNeeded):
If we stepped to an auto-continue breakpoint we should continue
stepping, not just continue.

LayoutTests:

  • inspector/debugger/stepping/stepping-through-autoContinue-breakpoint-expected.txt: Added.
  • inspector/debugger/stepping/stepping-through-autoContinue-breakpoint.html: Added.
5:18 PM Changeset in webkit [206697] by bshafiei@apple.com
  • 3 edits in branches/safari-602-branch/Source/WebCore

Merge follow up fix for rdar://problem/28567557.

5:16 PM Changeset in webkit [206696] by bshafiei@apple.com
  • 3 edits in branches/safari-602.2.14.1-branch/Source/WebCore

Merge follow up fix for rdar://problem/28567561.

5:12 PM Changeset in webkit [206695] by andersca@apple.com
  • 3 edits in branches/safari-602.2.14.0-branch/Source/WebCore

Follow up for <rdar://problem/28567561> Add CSS -webkit-appearance property for Apple Pay buttons

Reviewed by Dan Bernstein.

  • css/CSSParser.cpp:

(WebCore::isKeywordPropertyID):
Add CSSPropertyApplePayButtonStyle and CSSPropertyApplePayButtonType.

  • rendering/RenderThemeCocoa.mm:

(WebCore::RenderThemeCocoa::paintApplePayButton):
Make sure to reinitialize the text matrix.

5:08 PM Changeset in webkit [206694] by fpizlo@apple.com
  • 10 edits in trunk/Source/JavaScriptCore

B3 should support trapping memory accesses
https://bugs.webkit.org/show_bug.cgi?id=162689

Reviewed by Geoffrey Garen.

This adds a traps flag to B3::Kind. It also makes B3::Kind work more like Air::Kind, in the
sense that it's a bag of distinct bits - it doesn't need to be a union unless we get enough
things that it would make a difference.

The only analysis that needs to know about traps is effects. It now knows that traps implies
sideExits, which means that this turns off DCE. The only optimization that needs to know
about traps is eliminateCommonSubexpressions(), which needs to pessimize its store
elimination if the store traps.

The hard part of this change is teaching the instruction selector to faithfully carry the
traps flag down to Air. I got this to work by making ArgPromise a non-copyable object that
knows whether you've used it in an instruction. It knows when you call consume(). If you do
this then ArgPromise cannot be destructed without first passing your inst through it. This,
along with a few other hacks, means that all of the load-op and load-op-store fusions
correctly carry the trap bit: if any of the B3 loads or stores involved traps then you get
traps in Air.

This framework also sets us up to do bug 162688, since the ArgPromise::inst() hook is
powerful enough to allow wrapping the instruction with a Patch.

I added some tests to testb3 that verify that optimizations are appropriately inhibited and
that the traps flag survives until the bitter end of Air.

  • b3/B3EliminateCommonSubexpressions.cpp:
  • b3/B3Kind.cpp:

(JSC::B3::Kind::dump):

  • b3/B3Kind.h:

(JSC::B3::Kind::Kind):
(JSC::B3::Kind::hasExtraBits):
(JSC::B3::Kind::isChill):
(JSC::B3::Kind::setIsChill):
(JSC::B3::Kind::hasTraps):
(JSC::B3::Kind::traps):
(JSC::B3::Kind::setTraps):
(JSC::B3::Kind::operator==):
(JSC::B3::Kind::hash):
(JSC::B3::trapping):

  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::ArgPromise::swap):
(JSC::B3::Air::LowerToAir::ArgPromise::ArgPromise):
(JSC::B3::Air::LowerToAir::ArgPromise::operator=):
(JSC::B3::Air::LowerToAir::ArgPromise::~ArgPromise):
(JSC::B3::Air::LowerToAir::ArgPromise::setTraps):
(JSC::B3::Air::LowerToAir::ArgPromise::consume):
(JSC::B3::Air::LowerToAir::ArgPromise::inst):
(JSC::B3::Air::LowerToAir::trappingInst):
(JSC::B3::Air::LowerToAir::loadPromiseAnyOpcode):
(JSC::B3::Air::LowerToAir::appendUnOp):
(JSC::B3::Air::LowerToAir::appendBinOp):
(JSC::B3::Air::LowerToAir::tryAppendStoreUnOp):
(JSC::B3::Air::LowerToAir::tryAppendStoreBinOp):
(JSC::B3::Air::LowerToAir::appendStore):
(JSC::B3::Air::LowerToAir::append):
(JSC::B3::Air::LowerToAir::createGenericCompare):
(JSC::B3::Air::LowerToAir::createBranch):
(JSC::B3::Air::LowerToAir::createCompare):
(JSC::B3::Air::LowerToAir::createSelect):
(JSC::B3::Air::LowerToAir::lower):

  • b3/B3Validate.cpp:
  • b3/B3Value.cpp:

(JSC::B3::Value::effects):

  • b3/B3Value.h:
  • b3/air/AirCode.h:
  • b3/testb3.cpp:

(JSC::B3::testTrappingLoad):
(JSC::B3::testTrappingStore):
(JSC::B3::testTrappingLoadAddStore):
(JSC::B3::testTrappingLoadDCE):
(JSC::B3::testTrappingStoreElimination):
(JSC::B3::run):

4:26 PM Changeset in webkit [206693] by Joseph Pecoraro
  • 4 edits
    2 adds in trunk

Web Inspector: Stepping over/out of a function sometimes resumes instead of taking you to caller
https://bugs.webkit.org/show_bug.cgi?id=162802
<rdar://problem/28569982>

Reviewed by Mark Lam.

Source/JavaScriptCore:

  • debugger/Debugger.cpp:

(JSC::Debugger::stepOverStatement):
(JSC::Debugger::stepOutOfFunction):
Enable stepping mode when we start stepping.

LayoutTests:

  • inspector/debugger/resources/log-pause-location.js:

(TestPage.registerInitializer.createLocation):
(TestPage.registerInitializer.window.setBreakpointsOnLinesWithBreakpointComment):
Helper to set breakpoints everywhere in a file that has a BREAKPOINT comment.

  • inspector/debugger/stepping/stepping-pause-in-inner-step-to-parent-expected.txt: Added.
  • inspector/debugger/stepping/stepping-pause-in-inner-step-to-parent.html: Added.

Test that stepping out and over end up in the parent. Before this change
we would never have made it back into entry and the test failed.

4:12 PM Changeset in webkit [206692] by mmaxfield@apple.com
  • 8 edits
    10 adds in trunk

Implement rendering of font-variation-settings
https://bugs.webkit.org/show_bug.cgi?id=162782

Reviewed by Zalan Bujtas.

Source/WebCore:

Because the heavy lifting for font-variation-settings is done by CoreText,
this patch is fairly minimal. It simply hooks up the CSS property to CoreText.

There is an existing bug in CoreText where variations inside fonts do not
survive the addition of a cascade list. Therefore, FontPlatformData::ctFont()
needs to work around this (conditionally) by resupplying the variation at
the same time as the cascade list. The CoreText bug is <rdar://problem/28449441>.

Tests: fast/text/variations/duplicate.html

fast/text/variations/exist.html
fast/text/variations/inheritance.html
fast/text/variations/order.html
fast/text/variations/outofbounds.html

  • platform/graphics/FontCache.h:
  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::preparePlatformFont):
(WebCore::fontWithFamily):
(WebCore::FontCache::createFontPlatformData):
(WebCore::FontCache::systemFallbackForCharacters):

  • platform/graphics/cocoa/FontPlatformDataCocoa.mm:

(WebCore::cascadeToLastResortAttributesDictionary):
(WebCore::cascadeToLastResortAndVariationsFontDescriptor):
(WebCore::FontPlatformData::ctFont):
(WebCore::cascadeToLastResortFontDescriptor): Deleted.

  • platform/graphics/mac/FontCustomPlatformData.cpp:

(WebCore::FontCustomPlatformData::fontPlatformData):

  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::updateCachedSystemFontDescription):

LayoutTests:

  • fast/text/variations/duplicate-expected.html: Added.
  • fast/text/variations/duplicate.html: Added.
  • fast/text/variations/exist-expected-mismatch.html: Added.
  • fast/text/variations/exist.html: Added.
  • fast/text/variations/getComputedStyle.html:
  • fast/text/variations/inheritance-expected.html: Added.
  • fast/text/variations/inheritance.html: Added.
  • fast/text/variations/order-expected.html: Added.
  • fast/text/variations/order.html: Added.
  • fast/text/variations/outofbounds-expected.html: Added.
  • fast/text/variations/outofbounds.html: Added.
4:10 PM Changeset in webkit [206691] by weinig@apple.com
  • 9 edits
    2 adds in trunk/Source

Add initial support for IDL union conversion
https://bugs.webkit.org/show_bug.cgi?id=161576

Reviewed by Chris Dumez.

Source/WebCore:

  • WebCore.xcodeproj/project.pbxproj:

Add IDLTypes.h

  • bindings/generic/IDLTypes.h: Added.

Add a basic type hierarchy for types defined by WebIDL and their corresponding
WebCore implementation types.

  • bindings/js/JSDOMConvert.h:

(WebCore::Converter<IDLDOMString>::convert):
(WebCore::Converter<IDLUSVString>::convert):
Add Converters for IDLDOMString and IDLUSVString.

(WebCore::ConditionalConverter<typename ReturnType, typename T, bool enabled>)
Add a struct to allow conditional conversion of types based on a compile boolean
value. This allows the union code to work, by ensuring that code for types that don't
exist doesn't get compiled.

(WebCore::Converter<IDLUnion>::convert):
Add template meta programming based version of the WebIDL conversion algorithm. It uses
introspection of the typelist to conditionally execute the parts of the algorithm that
apply and relies on the compiler eliminate the dead code it produces. This initial cut
doesn't implement the full algorithm, just a subset needed to see if this method will work
out.

  • bindings/js/JSDOMWrapper.h:

(WebCore::isJSDOMWrapperType):
Add JSDOMWrapperType to the list of well known types to allow quick checking of wrappers
by the union code.

  • bindings/js/JSNodeOrString.cpp:

(WebCore::toNodeOrStringVector):
Switch to new IDLUnion based converter.

Source/WTF:

  • WTF.xcodeproj/project.pbxproj:
  • wtf/CMakeLists.txt:

Add Brigand.h

  • wtf/Brigand.h: Added.

Import a standalone copy of Edouard Alligand and Joel Falcou's
Brigand library for help with for help with list based meta programming

  • wtf/StdLibExtras.h:

Add a new three new type traits, IsTemplate, IsBaseOfTemplate and RemoveCVAndReference.

  • IsTemplate acts like std::is_class, but works with a generic base.
  • IsBaseOfTemplate acts like std::is_base_of, but works with a generic base.
  • RemoveCVAndReference combines std::remove_cv and std::remove_reference.
4:08 PM Changeset in webkit [206690] by mmaxfield@apple.com
  • 6 edits
    6 adds in trunk

Implement animation of font-variation-settings
https://bugs.webkit.org/show_bug.cgi?id=162783

Reviewed by Simon Fraser.

Source/WebCore:

Modify CSSPropertyAnimation to understand FontVariationSettings objects and how
to interpolate them.

If two FontVariationSettings objects are unlike (meaning they specify different
variation axes), for now the interpolation simply returns an empty object. This
might change in the future, but for now, this is a reasonable place to start.

Because CSSPropertyAnimation interacts with RenderStyles instead of
FontDescriptions, this patch adds a transparent accessor from the RenderStyle
to the inner FontDescription.

Tests: animations/font-variation-settings-order.html

animations/font-variation-settings-unlike.html
animations/font-variation-settings.html

  • page/animation/CSSPropertyAnimation.cpp:

(WebCore::blendFunc):
(WebCore::PropertyWrapperFontVariationSettings::PropertyWrapperFontVariationSettings):
(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

  • rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::setFontVariationSettings):

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::fontVariationSettings):

LayoutTests:

Animation tests need a little infrastructure to be able to tell if two computed
values for font-variation-settings are equivalent.

  • animations/font-variation-settings-expected.html: Added.
  • animations/font-variation-settings-order-expected.html: Added.
  • animations/font-variation-settings-order.html: Added.
  • animations/font-variation-settings-unlike-expected.html: Added.
  • animations/font-variation-settings-unlike.html: Added.
  • animations/font-variation-settings.html: Added.
  • animations/resources/animation-test-helpers.js:

(compareFontVariationSettings):
(getPropertyValue):
(comparePropertyValue):

3:47 PM Changeset in webkit [206689] by bshafiei@apple.com
  • 6 edits in branches/safari-602.2.14.0-branch/Source/WebCore

Merge r206181. rdar://problem/28408526

3:46 PM Changeset in webkit [206688] by bshafiei@apple.com
  • 2 edits in branches/safari-602.2.14.0-branch/Source/WebCore

Merge r205992. rdar://problem/28567557

3:46 PM Changeset in webkit [206687] by bshafiei@apple.com
  • 17 edits
    2 adds in branches/safari-602.2.14.0-branch/Source/WebCore

Merge r205980. rdar://problem/28567557

3:45 PM Changeset in webkit [206686] by commit-queue@webkit.org
  • 2 edits
    30 adds in trunk

[Modern Media Controls] layout nodes
https://bugs.webkit.org/show_bug.cgi?id=162799
<rdar://problem/28569301>

Patch by Antoine Quint <Antoine Quint> on 2016-09-30
Reviewed by Dean Jackson.

Source/WebCore:

Modern media controls will be using a tree of LayoutNode objects that commit to the DOM
in coordinated requestAnimationFrame() calls to ensure all layouts are done in an efficient
and coordinated manner. As a preamble, we introduced the scheduler singleton in
https://webkit.org/b/162726 which is in charge of scheduling callbacks.

A LayoutNode is created by providing an Element to its constructor, or an HTML string. Not
providing a parameter creates a simple <div>.

When we set a property on a LayoutNode, we call markDirtyProperty(propertyName) which keeps
track of dirty properties in the _dirtyProperties set. When this set is non-empty, the node
is marked as dirty and registered in the global dirtyNodes map, asking the shared scheduler
that a layout is needed. When the layout is performed, all nodes in the dirtyNodes map are
processed such that commitProperty(propertyName) is called to commit dirty properties for
a given node to the DOM, and layout() is called to allow subclasses of LayoutNode to conduct
custom layout logic that goes beyond committing a given property.

Another reason why a node may be marked as dirty is when a DOM hierarchy change is needed. A
host of DOM-like methods are exposed to allow flexible manipulations of nodes, with an extra
children property which allows wholesale change of a node's subtree with a single array
property assignment. Changes to the DOM hierarchy are performed in the same scheduler callback
as style properties.

Nodes can be marked for layout explicitly with by setting the needsLayout property.

Tests: media/modern-media-controls/layout-node/addChild.html

media/modern-media-controls/layout-node/children.html
media/modern-media-controls/layout-node/constructor.html
media/modern-media-controls/layout-node/height.html
media/modern-media-controls/layout-node/insertAfter.html
media/modern-media-controls/layout-node/insertBefore.html
media/modern-media-controls/layout-node/parent.html
media/modern-media-controls/layout-node/remove.html
media/modern-media-controls/layout-node/removeChild.html
media/modern-media-controls/layout-node/subclassing.html
media/modern-media-controls/layout-node/visible.html
media/modern-media-controls/layout-node/width.html
media/modern-media-controls/layout-node/x.html
media/modern-media-controls/layout-node/y.html

  • Modules/modern-media-controls/controls/layout-node.js: Added.

(LayoutNode):
(LayoutNode.prototype.get x):
(LayoutNode.prototype.set x):
(LayoutNode.prototype.get y):
(LayoutNode.prototype.set y):
(LayoutNode.prototype.get width):
(LayoutNode.prototype.set width):
(LayoutNode.prototype.get height):
(LayoutNode.prototype.set height):
(LayoutNode.prototype.get visible):
(LayoutNode.prototype.set visible):
(LayoutNode.prototype.get needsLayout):
(LayoutNode.prototype.set needsLayout):
(LayoutNode.prototype.get parent):
(LayoutNode.prototype.get children):
(LayoutNode.prototype.set children):
(LayoutNode.prototype.addChild):
(LayoutNode.prototype.insertBefore):
(LayoutNode.prototype.insertAfter):
(LayoutNode.prototype.removeChild):
(LayoutNode.prototype.remove):
(LayoutNode.prototype.markDirtyProperty):
(LayoutNode.prototype.commitProperty):
(LayoutNode.prototype.layout):
(LayoutNode.prototype._markNodeManipulation):
(LayoutNode.prototype._updateDirtyState):
(LayoutNode.prototype._updateChildren):
(performScheduledLayout):
(elementFromString):

LayoutTests:

Testing all public properties and methods of the LayoutNode class.

  • media/modern-media-controls/layout-node/addChild-expected.txt: Added.
  • media/modern-media-controls/layout-node/addChild.html: Added.
  • media/modern-media-controls/layout-node/children-expected.txt: Added.
  • media/modern-media-controls/layout-node/children.html: Added.
  • media/modern-media-controls/layout-node/constructor-expected.txt: Added.
  • media/modern-media-controls/layout-node/constructor.html: Added.
  • media/modern-media-controls/layout-node/height-expected.txt: Added.
  • media/modern-media-controls/layout-node/height.html: Added.
  • media/modern-media-controls/layout-node/insertAfter-expected.txt: Added.
  • media/modern-media-controls/layout-node/insertAfter.html: Added.
  • media/modern-media-controls/layout-node/insertBefore-expected.txt: Added.
  • media/modern-media-controls/layout-node/insertBefore.html: Added.
  • media/modern-media-controls/layout-node/parent-expected.txt: Added.
  • media/modern-media-controls/layout-node/parent.html: Added.
  • media/modern-media-controls/layout-node/remove-expected.txt: Added.
  • media/modern-media-controls/layout-node/remove.html: Added.
  • media/modern-media-controls/layout-node/removeChild-expected.txt: Added.
  • media/modern-media-controls/layout-node/removeChild.html: Added.
  • media/modern-media-controls/layout-node/subclassing-expected.txt: Added.
  • media/modern-media-controls/layout-node/subclassing.html: Added.
  • media/modern-media-controls/layout-node/visible-expected.txt: Added.
  • media/modern-media-controls/layout-node/visible.html: Added.
  • media/modern-media-controls/layout-node/width-expected.txt: Added.
  • media/modern-media-controls/layout-node/width.html: Added.
  • media/modern-media-controls/layout-node/x-expected.txt: Added.
  • media/modern-media-controls/layout-node/x.html: Added.
  • media/modern-media-controls/layout-node/y-expected.txt: Added.
  • media/modern-media-controls/layout-node/y.html: Added.
3:43 PM Changeset in webkit [206685] by bshafiei@apple.com
  • 5 edits in branches/safari-602.2.14.0-branch/Source

Versioning.

3:38 PM Changeset in webkit [206684] by beidson@apple.com
  • 8 edits in trunk/Source/WebKit2

REGRESSION (Safari 10 combined with WK changes): Unable to store WebCrypto keys in IndexedDB database.
<rdar://problem/28334440> and https://bugs.webkit.org/show_bug.cgi?id=162554

Reviewed by Alexey Proskuryakov.

Safari 10 has a WKPageNavigation client but does not implement the "copyWebCryptoMasterKey" callback.

WebKit just fails in this case, instead of falling back to "getDefaultWebCryptoMasterKey".
It should fall back.

Additionally there's a WKContextClient callback to get the crypto key, also, but it is completely unused.
So it should be pulled.

  • UIProcess/API/APILoaderClient.h:

(API::LoaderClient::webCryptoMasterKey): Deleted.

  • UIProcess/API/C/WKContext.h:
  • UIProcess/API/C/WKPage.cpp:

(WKPageSetPageLoaderClient):
(WKPageSetPageNavigationClient): If the client doesn't implement this method, fallback to getDefaultWebCryptoMasterKey.

  • UIProcess/Cocoa/NavigationState.mm:

(WebKit::NavigationState::NavigationClient::webCryptoMasterKey): If the client doesn't implement this method,

fallback to getDefaultWebCryptoMasterKey.

  • UIProcess/WebContextClient.cpp:

(WebKit::WebContextClient::copyWebCryptoMasterKey): Deleted.

  • UIProcess/WebContextClient.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::wrapCryptoKey): Only ask the NavigationClient before falling back. Don't ask the loader client.
(WebKit::WebPageProxy::unwrapCryptoKey): Ditto.

3:30 PM Changeset in webkit [206683] by commit-queue@webkit.org
  • 17 edits in trunk/Source

The dragged image should be the current frame only of the animated image
https://bugs.webkit.org/show_bug.cgi?id=162109

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-09-30
Reviewed by Tim Horton.

Source/WebCore:

Instead of creating an NSImage with all the frames for the dragImage,
create an NSImage with the current frame only.

  • dom/DataTransferMac.mm:

(WebCore::DataTransfer::createDragImage): Call currentFrameNSImage() to create the dragImage.

  • editing/cocoa/HTMLConverter.mm:

(fileWrapperForElement): Call the Image function with its new name.

  • platform/graphics/BitmapImage.h:
  • platform/graphics/Image.h:

(WebCore::Image::nsImage): Rename getNSImage() to nsImage().
(WebCore::Image::currentFrameNSImage): Returns the NSImage of the current frame.
(WebCore::Image::tiffRepresentation): Rename getTIFFRepresentation() to tiffRepresentation().
(WebCore::Image::getNSImage): Deleted.
(WebCore::Image::getTIFFRepresentation): Deleted.

  • platform/graphics/mac/ImageMac.mm:

(WebCore::BitmapImage::tiffRepresentation): Rename getTIFFRepresentation() to tiffRepresentation().
(WebCore::BitmapImage::nsImage): Rename getNSImage() to nsImage().
(WebCore::BitmapImage::currentFrameNSImage): Returns the NSImage of the current frame.
(WebCore::BitmapImage::getTIFFRepresentation): Deleted.
(WebCore::BitmapImage::getNSImage): Deleted.

  • platform/mac/CursorMac.mm:

(WebCore::createCustomCursor): Call currentFrameNSImage() since the cursor does not animate anyway.

  • platform/mac/DragImageMac.mm:

(WebCore::createDragImageFromImage): Use currentFrameNSImage() for the dragImage.

  • platform/mac/PasteboardMac.mm:

(WebCore::Pasteboard::write): Call the Image function with its new name.

Source/WebKit/mac:

  • DOM/DOM.mm:

(-[DOMElement image]): Call the Image function with its new name.
(-[DOMElement _imageTIFFRepresentation]): Ditto.

  • Misc/WebElementDictionary.mm:

(-[WebElementDictionary _image]): Call the Image function with its new name.

  • Misc/WebIconDatabase.mm:

(-[WebIconDatabase defaultIconWithSize:]): Call currentFrameNSImage() to create the icon image.
(webGetNSImage): Call the Image function with its new name.

  • WebCoreSupport/WebContextMenuClient.mm:

(WebContextMenuClient::imageForCurrentSharingServicePickerItem): Call currentFrameNSImage() instead of nsImage()..
(WebContextMenuClient::contextMenuForEvent): Ditto.

  • WebView/WebHTMLView.mm:

(-[WebHTMLView pasteboard:provideDataForType:]): Call the Image function with its new name.

Source/WebKit2:

  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::provideDataForPasteboard): Call the Image function with its new name.

3:29 PM Changeset in webkit [206682] by fpizlo@apple.com
  • 7 edits in trunk/Source

B3::moveConstants should be able to edit code to minimize the number of constants
https://bugs.webkit.org/show_bug.cgi?id=162764

Reviewed by Saam Barati.

Source/JavaScriptCore:

There are some interesting cases where we can reduce the number of constant materializations if
we teach moveConstants() how to edit code. The two examples that this patch supports are:

  • Loads and stores from a constant pointer. Since loads and stores get an offset for free and the instruction selector is really good at handling it, and since we can query Air to see what kinds of offsets are legal, we can sometimes avoid using a constant pointer that is specific to the absolute address of that load and instead pick some other constant that is within offset distance of ours.


  • Add and Sub by a constant (x + c, x - c). Since x + c = x - -c and x - c = x + -c, we can flip Add to Sub or vice versa if the negated constant is available.


This change makes moveConstants() pick the most dominant constant that works for an value. In
the case of memory accesses, it uses Air::Arg::isValidAddrForm() to work out what other
constants would work. In the case of Add/Sub, it simply looks for the negated constant. This
should result in something like a minimal number of constants since these rules always pick the
most dominant constant that works - so if an Add's constant is already most dominant then
nothing changes, but if the negated one is more dominant then it becomes a Sub.

This is a 0.5% speed-up on LongSpider and neutral elsewhere. It's a speed-up because the
absolute address thing reduces the number of address materializations that we have to do, while
the add/sub thing prevents us from having to materialize 0x1000000000000 to box doubles.
However, this may introduce a pathology, which I've filed a bug for: bug 162796.

  • b3/B3MoveConstants.cpp:
  • b3/B3MoveConstants.h:
  • b3/B3UseCounts.h:
  • b3/air/AirFixObviousSpills.cpp:
  • b3/testb3.cpp:

(JSC::B3::testMoveConstants):
(JSC::B3::run):

Source/WTF:

I thought it would be a good idea to document the fact that dominator traversal happens in a
particular order for a reason.

  • wtf/Dominators.h:
3:21 PM Changeset in webkit [206681] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

[iOS] Allow sequence<Touch> input in TouchEvent constructor
https://bugs.webkit.org/show_bug.cgi?id=162806
<rdar://problem/28566429>

Reviewed by Ryosuke Niwa.

Allow sequence<Touch> input in TouchEvent constructor in addition to
TouchList objects. It is convenient for developers to pass arrays of
Touch objects.

No new tests, already covered by:
imported/w3c/web-platform-tests/touch-events/touch-touchevent-constructor.html

  • bindings/js/JSDOMBinding.h:

(WebCore::toRefNativeArray):
(WebCore::toRefPtrNativeArray):

  • bindings/js/JSDictionary.cpp:

(WebCore::JSDictionary::convertValue):

3:21 PM Changeset in webkit [206680] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking http/tests/media/hls/hls-video-resize.html as flaky on mac-wk1.
https://bugs.webkit.org/show_bug.cgi?id=162507

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
2:59 PM Changeset in webkit [206679] by mmaxfield@apple.com
  • 19 edits
    2 copies
    3 adds in trunk

Parse font-variation-settings
https://bugs.webkit.org/show_bug.cgi?id=162781

Reviewed by Simon Fraser.

Source/WebCore:

CSS Fonts level 4 [1] details the font-variation-settings property which allows variations
to be applied to fonts which accept it. The property accepts a list of key/value
pairs where the keys are four-character Ascii codes and the values are floating
point values. The implementation uses font-feature-settings as a model, but with one
big difference: font-variation-settings can be animated. The set of variation points
are animated individually.

This font variations work is being done behind a run-time switch, which is settable from
the Safari Develop menu.

Now that FontDescription is growing, I'd like to do an investigation into the possibility of
moving some of the rare pieces of it into their own class to reduce memory. However, upon
advice, this investigation will be fairly involved and should be done in its own bug.

Test: fast/text/variations/getComputedStyle.html

  • CMakeLists.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • css/CSSAllInOne.cpp:
  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::propertyValue):

  • css/CSSFontVariationValue.cpp: Copied from Source/WebCore/platform/graphics/FontTaggedSettings.cpp.

(WebCore::CSSFontVariationValue::CSSFontVariationValue):
(WebCore::CSSFontVariationValue::customCSSText):
(WebCore::CSSFontVariationValue::equals):

  • css/CSSFontVariationValue.h: Copied from Source/WebCore/platform/graphics/FontTaggedSettings.cpp.
  • css/CSSPropertyNames.in:
  • css/CSSValue.cpp:

(WebCore::CSSValue::equals):
(WebCore::CSSValue::cssText):
(WebCore::CSSValue::destroy):

  • css/CSSValue.h:

(WebCore::CSSValue::isFontVariationValue):
(WebCore::CSSValue::isFontFeatureValue): Deleted.

  • css/StyleBuilderConverter.h:

(WebCore::StyleBuilderConverter::convertFontVariationSettings):

  • css/StyleBuilderCustom.h:

(WebCore::StyleBuilderCustom::applyInitialFontVariationSettings):
(WebCore::StyleBuilderCustom::applyInheritFontVariationSettings):
(WebCore::StyleBuilderCustom::applyInheritFontFeatureSettings): Deleted.

  • css/parser/CSSParser.cpp:

(WebCore::CSSParserContext::CSSParserContext):
(WebCore::operator==):
(WebCore::CSSParser::parseValue):
(WebCore::CSSParser::parseFontFeatureSettings):
(WebCore::CSSParser::parseFontVariationTag):
(WebCore::CSSParser::parseFontVariationSettings):

  • css/parser/CSSParser.h:
  • css/parser/CSSParserMode.h:
  • platform/graphics/FontCache.h:

(WebCore::FontDescriptionKey::FontDescriptionKey):
(WebCore::FontDescriptionKey::operator==):
(WebCore::FontDescriptionKey::computeHash):

  • platform/graphics/FontDescription.cpp:
  • platform/graphics/FontDescription.h:

(WebCore::FontDescription::variationSettings):
(WebCore::FontDescription::setVariationSettings):
(WebCore::FontDescription::operator==):
(WebCore::FontDescription::featureSettings): Deleted.
(WebCore::FontDescription::setFeatureSettings): Deleted.

  • platform/graphics/FontTaggedSettings.cpp:

(WebCore::FontVariationSettings::hash):
(WebCore::operator<<):

  • platform/graphics/FontTaggedSettings.h:

LayoutTests:

  • fast/text/variations/getComputedStyle-expected.txt: Added.
  • fast/text/variations/getComputedStyle.html: Added.
2:53 PM Changeset in webkit [206678] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark inspector/debugger/breakpoints tests as slow on release, skipped on debug.

Unreviewed test gardening.

2:43 PM Changeset in webkit [206677] by Joseph Pecoraro
  • 2 edits in trunk/LayoutTests

Rebaseline results after r206654.

Better location for unary expressions.

  • js/stack-trace-expected.txt:
2:41 PM Changeset in webkit [206676] by mmaxfield@apple.com
  • 2 edits in trunk/Source/WebCore

Followup patch to r206664
https://bugs.webkit.org/show_bug.cgi?id=162774

Unreviewed.

No new tests because there is no behavior change.

  • platform/graphics/FontTaggedSettings.h:

(WebCore::FourCharacterTagHashTraits::isDeletedValue): Deleted.

2:32 PM Changeset in webkit [206675] by andersca@apple.com
  • 2 edits in trunk/Source/WebKit2

Second time going into fullscreen using silverlight, will hide the menu bar and dock for Safari
https://bugs.webkit.org/show_bug.cgi?id=162805
rdar://problem/28208495

Reviewed by Dan Bernstein.

Turns out that the WindowRef wrappers for full screen NSWindows can end up in the m_windows HashSet,
and never go away.

Fix this by storing the canonical CGWindowIDs in the hash map instead.

  • PluginProcess/mac/PluginProcessMac.mm:

(WebKit::cgWindowID):
(WebKit::windowCoversAnyScreen):
(WebKit::FullscreenWindowTracker::windowShown):
(WebKit::FullscreenWindowTracker::windowHidden):

2:31 PM Changeset in webkit [206674] by bshafiei@apple.com
  • 6 edits in branches/safari-602.2.14.1-branch/Source/WebCore

Merge r206181. rdar://problem/28408503

2:30 PM Changeset in webkit [206673] by bshafiei@apple.com
  • 2 edits in branches/safari-602.2.14.1-branch/Source/WebCore

Merge r205992. rdar://problem/28567561

2:30 PM Changeset in webkit [206672] by bshafiei@apple.com
  • 17 edits
    2 adds in branches/safari-602.2.14.1-branch/Source/WebCore

Merge r205980. rdar://problem/28567561

2:23 PM Changeset in webkit [206671] by Joseph Pecoraro
  • 3 edits in trunk/Source/JavaScriptCore

Fix modules tests after r206653 handle breakpoint locations in import/export statements
https://bugs.webkit.org/show_bug.cgi?id=162807

Reviewed by Mark Lam.

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createExportDefaultDeclaration):
(JSC::ASTBuilder::createExportLocalDeclaration):
Don't record an extra breakpoint location for the statement
within an export statement.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseModuleSourceElements):
Record a pause location for import/export statements.

2:19 PM Changeset in webkit [206670] by bshafiei@apple.com
  • 6 edits in branches/safari-602-branch/Source/WebCore

Merge r206181. rdar://problem/28408526

2:19 PM Changeset in webkit [206669] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r205992. rdar://problem/28567557

2:19 PM Changeset in webkit [206668] by bshafiei@apple.com
  • 17 edits
    2 adds in branches/safari-602-branch/Source/WebCore

Merge r205980. rdar://problem/28567557

2:18 PM Changeset in webkit [206667] by bshafiei@apple.com
  • 5 edits in branches/safari-602.2.14.1-branch/Source

Versioning.

2:17 PM Changeset in webkit [206666] by mmaxfield@apple.com
  • 6 edits
    1 delete in trunk

Fix fast/text/trak-optimizeLegibility.html
https://bugs.webkit.org/show_bug.cgi?id=162779

Reviewed by Simon Fraser.

Source/WebCore:

I accidentally created this test to allow an unnecessary delta
in the width comparison. This covered the fact that the fonts
were not being selected correctly in our testing code. Update the
font selection code to work with system fonts correctly and
update the test to not use a delta when performing width
comparisons.

Test: fast/text/trak-optimizeLegibility.html

  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::isSystemFont):
(WebCore::platformFontLookupWithFamily):

LayoutTests:

  • fast/text/trak-optimizeLegibility.html:
  • platform/ios-simulator/fast/text/trak-optimizeLegibility-expected.txt:
  • platform/mac-elcapitan/fast/text/trak-optimizeLegibility-expected.txt: Removed.
  • platform/mac/fast/text/trak-optimizeLegibility-expected.txt:
2:16 PM Changeset in webkit [206665] by mmaxfield@apple.com
  • 8 edits in trunk/Source

Create runtime flag for variation font work
https://bugs.webkit.org/show_bug.cgi?id=162780

Reviewed by Alex Christensen.

Source/WebCore:

No new tests because there is no behavior change.

Variation font work should be behind a runtime flag.

  • page/Settings.in:
  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::variationFontsEnabled):
(WebCore::InternalSettings::setVariationFontsEnabled):

  • testing/InternalSettings.h:
  • testing/InternalSettings.idl:

Source/WebKit2:

  • Shared/WebPreferencesDefinitions.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

2:11 PM Changeset in webkit [206664] by mmaxfield@apple.com
  • 14 edits
    1 move
    1 add
    1 delete in trunk/Source/WebCore

Templatize internal FontFeatureSettings class for variation font support
https://bugs.webkit.org/show_bug.cgi?id=162774

Reviewed by Alex Christensen.

Font features and font variations are similar in that they are identified
by four-character tags and an associated value. However, the value is an
int for font features and is a float for font variations. In order to
simplify code, we can use the same class for both, and use a template
argument to distinguish between the two. Then, typedefs can be used to
name them.

No new tests because there is no behavior change.

  • WebCore.xcodeproj/project.pbxproj: Rename FontFeatureSettings.{cpp,h}

to FontTaggedSettings.{cpp,h}

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::propertyValue):

  • css/CSSFontFace.h:
  • css/CSSFontFaceSource.h:
  • css/CSSFontFeatureValue.cpp:

(WebCore::CSSFontFeatureValue::CSSFontFeatureValue):

  • css/CSSFontFeatureValue.h:
  • css/FontFace.cpp:

(WebCore::FontFace::featureSettings):

  • css/parser/CSSParser.cpp:

(WebCore::CSSParser::parseFontFeatureTag):

  • loader/cache/CachedFont.h:
  • platform/graphics/FontDescription.h:
  • platform/graphics/FontFeatureSettings.cpp:

(WebCore::FontFeature::FontFeature): Deleted.
(WebCore::FontFeature::operator==): Deleted.
(WebCore::FontFeature::operator<): Deleted.
(WebCore::FontFeatureSettings::insert): Deleted.
(WebCore::FontFeatureSettings::hash): Deleted.

  • platform/graphics/FontFeatureSettings.h: Removed.

(WebCore::fontFeatureTag): Deleted.
(WebCore::FontFeatureTagHash::hash): Deleted.
(WebCore::FontFeatureTagHash::equal): Deleted.
(WebCore::FontFeatureTagHashTraits::constructDeletedValue): Deleted.
(WebCore::FontFeatureTagHashTraits::isDeletedValue): Deleted.
(WebCore::FontFeature::operator!=): Deleted.
(WebCore::FontFeature::tag): Deleted.
(WebCore::FontFeature::value): Deleted.
(WebCore::FontFeature::enabled): Deleted.
(WebCore::FontFeatureSettings::operator==): Deleted.
(WebCore::FontFeatureSettings::operator!=): Deleted.
(WebCore::FontFeatureSettings::size): Deleted.
(WebCore::FontFeatureSettings::operator[]): Deleted.
(WebCore::FontFeatureSettings::at): Deleted.
(WebCore::FontFeatureSettings::begin): Deleted.
(WebCore::FontFeatureSettings::end): Deleted.

  • platform/graphics/FontTaggedSettings.cpp: Renamed from Source/WebCore/platform/graphics/FontFeatureSettings.cpp.

(WebCore::FontFeatureSettings::hash):

  • platform/graphics/FontTaggedSettings.h: Added.

(WebCore::fontFeatureTag):
(WebCore::FourCharacterTagHash::hash):
(WebCore::FourCharacterTagHash::equal):
(WebCore::FourCharacterTagHashTraits::constructDeletedValue):
(WebCore::FourCharacterTagHashTraits::isDeletedValue):
(WebCore::FontTaggedSetting::operator!=):
(WebCore::FontTaggedSetting::tag):
(WebCore::FontTaggedSetting::value):
(WebCore::FontTaggedSetting::enabled):
(WebCore::FontTaggedSetting<T>::FontTaggedSetting):
(WebCore::=):
(WebCore::FontTaggedSetting<T>::operator<):
(WebCore::FontTaggedSettings::operator==):
(WebCore::FontTaggedSettings::operator!=):
(WebCore::FontTaggedSettings::isEmpty):
(WebCore::FontTaggedSettings::size):
(WebCore::FontTaggedSettings::operator[]):
(WebCore::FontTaggedSettings::at):
(WebCore::FontTaggedSettings::begin):
(WebCore::FontTaggedSettings::end):
(WebCore::FontTaggedSettings<T>::insert):

  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::tagEquals):
(WebCore::appendOpenTypeFeature):

  • platform/graphics/mac/FontCustomPlatformData.h:
2:03 PM Changeset in webkit [206663] by Chris Dumez
  • 4 edits in trunk

Fragment serialization should always use 'xml:' prefix for attributes in XML namespace
https://bugs.webkit.org/show_bug.cgi?id=162803

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/syntax/serializing-html-fragments/serializing-expected.txt:

Source/WebCore:

Fragment serialization should always use 'xml:' prefix for attributes in XML namespace:

"""
If the attribute is in the XML namespace
-> The attribute's serialized name is the string "xml:" followed by the attribute's local name.
"""

"""
If ns is the XML namespace, then let qualified name be the concatenation of the string "xml:"
and the value of node's localName.
"""

Firefox complies with the specification.

No new tests, rebaselined existing test.

  • editing/MarkupAccumulator.cpp:

(WebCore::MarkupAccumulator::appendAttribute):

1:58 PM Changeset in webkit [206662] by Alan Bujtas
  • 3 edits
    4 adds in trunk

Unreviewed, rolling out r206611.

Scroll perf did not recover.

Reverted changeset:

"Unreviewed, rolling out r206483."
https://bugs.webkit.org/show_bug.cgi?id=162750
http://trac.webkit.org/changeset/206611

1:52 PM Changeset in webkit [206661] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

Remove ClipRects's custom refcounting.
https://bugs.webkit.org/show_bug.cgi?id=162798

Reviewed by Simon Fraser.

It's safer to use RefCounted<>.

No change in functionality.

  • rendering/RenderLayer.cpp:

(WebCore::ClipRects::ClipRects):
(WebCore::ClipRectsCache::getClipRects):
(WebCore::ClipRectsCache::setClipRects):
(WebCore::ClipRectsCache::getIndex):
(WebCore::RenderLayer::updateClipRects):
(WebCore::ClipRects::ref): Deleted.
(WebCore::ClipRects::deref): Deleted.

1:47 PM Changeset in webkit [206660] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Rebaseline js/dom/stack-trace.html after r206654.

Unreviewed test gardening.

  • js/dom/stack-trace-expected.txt:
1:08 PM Changeset in webkit [206659] by Chris Dumez
  • 8 edits
    2 adds in trunk

FileSaver.js does not work in WebKit
https://bugs.webkit.org/show_bug.cgi?id=162788

Reviewed by Sam Weinig.

Source/WebCore:

FileSaver.js does not work in WebKit:

It works in Firefox and Chrome, but in WebKit, we were getting a
"Synthetic clicks on anchors that have a download attribute are
ignored." warning. We were too strict in restricting synthetic clicks.
We now allow synthetic clicks as long as they are triggered by a user
gesture.

Test: fast/dom/HTMLAnchorElement/anchor-download-user-triggered-synthetic-click.html

  • html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::handleClick):

LayoutTests:

Add layout test coverage.

  • fast/dom/HTMLAnchorElement/anchor-download-synthetic-click-expected.txt:
  • fast/dom/HTMLAnchorElement/anchor-download-user-triggered-synthetic-click-expected.txt: Added.
  • fast/dom/HTMLAnchorElement/anchor-download-user-triggered-synthetic-click.html: Added.
12:47 PM Changeset in webkit [206658] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Remove the dumping of the stack back trace in VM::verifyExceptionCheckNeedIsSatisfied().
https://bugs.webkit.org/show_bug.cgi?id=162797

Reviewed by Geoffrey Garen.

This is because the RELEASE_ASSERT() that follows immediately after will also
dump the stack back trace. Hence, the first dump will be redundant.

Also removed an extra space in the dataLog output.

  • runtime/VM.cpp:

(JSC::VM::verifyExceptionCheckNeedIsSatisfied):

12:45 PM Changeset in webkit [206657] by Ryan Haddad
  • 3 edits in trunk/LayoutTests

Marking fast/images/gif-loop-count.html as flaky on ios-simulator.
https://bugs.webkit.org/show_bug.cgi?id=162739

Unreviewed test gardening.

  • platform/ios-simulator-wk1/TestExpectations:
  • platform/ios-simulator/TestExpectations:
12:43 PM Changeset in webkit [206656] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking http/tests/security/cached-cross-origin-preloading-css-stylesheet.html as flaky on mac-wk1.
https://bugs.webkit.org/show_bug.cgi?id=162791

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
12:24 PM Changeset in webkit [206655] by Joseph Pecoraro
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: Make debugger stepping highlights work in inline <script>s
https://bugs.webkit.org/show_bug.cgi?id=162753
<rdar://problem/28551332>

Reviewed by Brian Burg.

  • UserInterface/Models/TextRange.js:

(WebInspector.TextRange.prototype.contains):
Check if a given line/column falls within this range.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor.prototype._getAssociatedScript):
If we are in a Document resource find the associated script at a given position.

(WebInspector.SourceCodeTextEditor.prototype.textEditorExecutionHighlightRange):
When comparing offsets to SyntaxTree offsets, the SyntaxTree's offset of 0 is the
first character of the Script, which differs from the current SourceCode's offset.
Adjust the offset by the Script's startOffset.

  • UserInterface/Views/TextEditor.js:

(WebInspector.TextEditor.prototype.currentPositionToOriginalPosition):
(WebInspector.TextEditor.prototype._updateExecutionRangeHighlight):
Pass both the original offset and original position to the delegate.

12:24 PM Changeset in webkit [206654] by Joseph Pecoraro
  • 11 edits in trunk

Web Inspector: Stepping through a(); b(); c(); it is unclear where we are and what is about to execute
https://bugs.webkit.org/show_bug.cgi?id=161658
<rdar://problem/28181254>

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseAssignmentExpression):
Updated pause location for unary expressions.

Source/WebInspectorUI:

  • UserInterface/Models/Script.js:

(WebInspector.Script.prototype.requestScriptSyntaxTree):
Fix first calls to requestScriptSyntaxTree. They were getting an uncaught
exception because the content argument was missing.

  • UserInterface/Models/ScriptSyntaxTree.js:

(WebInspector.ScriptSyntaxTree.prototype.containersOfOffset):
Find all AST nodes that contain a particular offset.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor):
(WebInspector.SourceCodeTextEditor.prototype.close):
(WebInspector.SourceCodeTextEditor.prototype._activeCallFrameDidChange):
(WebInspector.SourceCodeTextEditor.prototype._activeCallFrameSourceCodeLocationChanged):
(WebInspector.SourceCodeTextEditor.prototype.textEditorExecutionHighlightRange):
Provide a good highlight range for a given offset. This is normally the start
of a statement/expression, inside a statement/expression, or the closing brace
of a function (leaving a function). Provide good ranges for each of these.

  • UserInterface/Views/TextEditor.js:

(WebInspector.TextEditor):
(WebInspector.TextEditor.set string.update):
(WebInspector.TextEditor.prototype.set string):
(WebInspector.TextEditor.prototype.setExecutionLineAndColumn):
(WebInspector.TextEditor.prototype.revealPosition.revealAndHighlightLine):
(WebInspector.TextEditor.prototype.revealPosition):
(WebInspector.TextEditor.prototype.currentPositionToOriginalOffset):
(WebInspector.TextEditor.prototype._updateAfterFormatting):
(WebInspector.TextEditor.prototype.set executionLineNumber): Deleted.
(WebInspector.TextEditor.prototype.set executionColumnNumber): Deleted.
(WebInspector.TextEditor.prototype._updateExecutionLine.update): Deleted.
Always set the execution line and column together, to simplify how we update highlights.

(WebInspector.TextEditor.prototype._clearMultilineExecutionLineHighlights):
(WebInspector.TextEditor.prototype._updateExecutionLine):
When updating the main highlight clear any multi-line highlights.

(WebInspector.TextEditor.prototype._updateExecutionRangeHighlight):
Ask the delegate for a specific highlight range. If provided use that range,
otherwise just highlight the end of the line. Once we know the range, if it
is multiple lines, give the extra lines the full line highlight as well.
Also make adjustments, such as not highlighting trailing whitespace.

  • UserInterface/Views/TextEditor.css:

(.text-editor > .CodeMirror .execution-line.primary .CodeMirror-linenumber::after):
(.text-editor > .CodeMirror .execution-line):
(.text-editor > .CodeMirror .execution-line .CodeMirror-matchingbracket):
(.text-editor > .CodeMirror .execution-range-highlight):
Styles for execution lines and execution range highlights.

LayoutTests:

  • inspector/debugger/stepping/stepping-loops-expected.txt:
  • inspector/debugger/stepping/stepping-misc-expected.txt:

Updated pause location for unary expressions.

12:22 PM Changeset in webkit [206653] by Joseph Pecoraro
  • 32 edits
    1 copy
    10 adds in trunk

Breakpoints on blank lines or comments don't break
https://bugs.webkit.org/show_bug.cgi?id=9885
<rdar://problem/6134406>

Reviewed by Mark Lam.

Source/JavaScriptCore:

This change introduces a way to perform a Debugger Parse of a script.
This debugger parse gathers a list of breakpoint locations, which
the backend uses to resolve breakpoint locations that came from the
Inspector frontend to the exact location we would actually pause.
We gather this information from the parser so that we can eagerly
get this information without requiring the code to have executed (the
real op_debugs are generated during bytecode generation when code
is actually evaluated).

If an input location was on a line with whitespace or a comment, the
resolved breakpoint location would be before the next statement that
will be executed. That may be the next line, or even later. We also
update our policy when setting breakpoints on and around function
statements to better match user expectations.

For example, when resolving breakpoints in:

  1. Comment
  2. before; 3.
  3. function foo() {
  4. inside;
  5. } 7.
  6. after;

A breakpoint on line 1, a comment, resolves to line 2 the next
statement that will execute.

A breakpoint on line 3 or 7, empty lines, resolves to line 8 the next
statement that will execute. This skips past the definition of foo,
just like stepping would have done. The creation of foo would have
been hoisted, which would have happened before execution of the
other statements.

A breakpoint on line 4, a function signature, resolves to line 5,
inside the function. Users would expect to pause inside of a function
when setting a breakpoint on that function's name or opening brace.

A breakpoint on line 6, a function's closing brace, resolves to
line 6. The debugger will pause whenever execution leaves foo due to
a return and not an exception. This matches stepping behavior. An
explicit or implicit return (the implicit return undefined) will
pause on the closing brace as we leave the function, giving users
an opportunity to inspect the final state before leaving.

--

At this point, op_debug's are still emitted at custom locations during
bytecode generation of other statements / expressions. In order to
ensure the generated op_debugs correspond to locations the Parser
determined were breakpoint locations, the Parser sets a "needs debug
hook" flag on the nodes it will use for breakpoint locations, and
we assert during bytecode generation that op_debugs are only emitted
for nodes that were marked as needing debug hooks.

This still leaves open the possibility that the Parser will mark
some nodes that get missed during bytecode generation, so we might
fail to emit some op_debugs. The next step will be eliminating the
custom emitDebugHooks spread across StatementNode and ExpressionNode
subclasses, and instead always generating op_debugs whenever we
emit a flagged node.

--

New DebuggerParseData files.

  • API/JSScriptRef.cpp:

(OpaqueJSScript::OpaqueJSScript):

  • jsc.cpp:

(functionCheckModuleSyntax):

  • parser/SourceCode.h:

(JSC::makeSource):

  • parser/SourceProvider.cpp:

(JSC::SourceProvider::SourceProvider):

  • parser/SourceProvider.h:

(JSC::SourceProvider::sourceType):
(JSC::StringSourceProvider::create):
(JSC::StringSourceProvider::StringSourceProvider):
(JSC::WebAssemblySourceProvider::WebAssemblySourceProvider):
(JSC::SourceProvider::startPosition): Deleted.
Add a new type on SourceProvider to distinguish if its script was
intended to be a Script, Module, or WebAssembly. This information
will be needed to know how to best parse this file when the
debugger decides to lazily parse.

  • runtime/Executable.cpp:

(JSC::EvalExecutable::EvalExecutable):
(JSC::ProgramExecutable::ProgramExecutable):
(JSC::ModuleProgramExecutable::ModuleProgramExecutable):
(JSC::WebAssemblyExecutable::WebAssemblyExecutable):

  • runtime/ModuleLoaderPrototype.cpp:

(JSC::moduleLoaderPrototypeParseModule):
ASSERT the SourceProvider type matches the executable type we are
creating for it.

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::breakpointLocation):

  • parser/SyntaxChecker.h:

(JSC::SyntaxChecker::operatorStackPop):
When gathering breakpoint positions, get the position from the
current node. In the SyntaxChecker, return an invalid position.

  • parser/Nodes.h:

(JSC::ExpressionNode::needsDebugHook):
(JSC::ExpressionNode::setNeedsDebugHook):
(JSC::StatementNode::needsDebugHook):
(JSC::StatementNode::setNeedsDebugHook):
When gathering breakpoint positions, mark the node as needing
a debug hook. For now we assert op_debugs generated must come
from these nodes. Later we should just generate op_debugs for
these nodes.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::Parser):
(JSC::Parser<LexerType>::parseStatementListItem):
(JSC::Parser<LexerType>::parseDoWhileStatement):
(JSC::Parser<LexerType>::parseWhileStatement):
(JSC::Parser<LexerType>::parseArrowFunctionSingleExpressionBodySourceElements):
(JSC::Parser<LexerType>::parseForStatement):
(JSC::Parser<LexerType>::parseWithStatement):
(JSC::Parser<LexerType>::parseSwitchStatement):
(JSC::Parser<LexerType>::parseStatement):
(JSC::Parser<LexerType>::parseFunctionBody):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::Parser<LexerType>::parseIfStatement):
(JSC::Parser<LexerType>::parseAssignmentExpression):

  • parser/Parser.h:

(JSC::parse):
Add an optional DebuggerParseData struct to the Parser. When available
the Parser will gather debugger data, and parse all functions with the
ASTBuilder instead of SyntaxChecking inner functions.

  • debugger/DebuggerParseData.cpp: Added.

(JSC::DebuggerPausePositions::breakpointLocationForLineColumn):
(JSC::DebuggerPausePositions::sort):
(JSC::gatherDebuggerParseData):
(JSC::gatherDebuggerParseDataForSource):

  • debugger/DebuggerParseData.h: Copied from Source/JavaScriptCore/debugger/DebuggerPrimitives.h.

(JSC::DebuggerPausePositions::DebuggerPausePositions):
(JSC::DebuggerPausePositions::appendPause):
(JSC::DebuggerPausePositions::appendEntry):
(JSC::DebuggerPausePositions::appendLeave):
The DebuggerParseData struct currently only contains a list of pause positions.
Once populated it can resolve an input location to a pause position.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitCallVarargs):
(JSC::BytecodeGenerator::emitDebugHook):
(JSC::BytecodeGenerator::emitEnumeration):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::EmptyStatementNode::emitBytecode):
(JSC::DebuggerStatementNode::emitBytecode):
(JSC::ExprStatementNode::emitBytecode):
(JSC::DeclarationStatement::emitBytecode):
(JSC::IfElseNode::emitBytecode):
(JSC::DoWhileNode::emitBytecode):
(JSC::WhileNode::emitBytecode):
(JSC::ForNode::emitBytecode):
(JSC::ForInNode::emitBytecode):
(JSC::ContinueNode::emitBytecode):
(JSC::BreakNode::emitBytecode):
(JSC::ReturnNode::emitBytecode):
(JSC::WithNode::emitBytecode):
(JSC::SwitchNode::emitBytecode):
(JSC::ThrowNode::emitBytecode):
Emit op_debugs for the nodes themselves. Assert when we do that the
Parser had marked them as needing a debug hook.

  • debugger/Breakpoint.h:

(JSC::Breakpoint::Breakpoint):
A breakpoint may be resolved or unresolved. Debugger::resolveBreakpoint
must be used to resolve the breakpoint. Most methods now require a
resolved breakpoint.

  • debugger/Debugger.h:
  • debugger/Debugger.cpp:

(JSC::Debugger::detach):
(JSC::Debugger::toggleBreakpoint):
(JSC::Debugger::debuggerParseData):
(JSC::Debugger::resolveBreakpoint):
(JSC::Debugger::setBreakpoint):
(JSC::Debugger::clearParsedData):
Provide a public method to resolve a breakpoint location in a script.
This will gather debugger parse data for the script if none is available.
Ensure clients have resolved a breakpoint before attempting to set it.
Currently we allow only a single breakpoint at a location. This may
need to change if multiple breakpoints resolve to the same location
but have different actions.

  • inspector/ScriptDebugListener.h:

ScriptDebugServer::Script is effectively duplicating most of the data from
a SourceProvider. We should eliminate this and just use SourceProvider.

  • inspector/ScriptDebugServer.cpp:

(Inspector::ScriptDebugServer::setBreakpointActions):
(Inspector::ScriptDebugServer::removeBreakpointActions):
(Inspector::ScriptDebugServer::getActionsForBreakpoint):
(Inspector::ScriptDebugServer::clearBreakpointActions):
(Inspector::ScriptDebugServer::evaluateBreakpointAction):
(Inspector::ScriptDebugServer::dispatchDidParseSource):
(Inspector::ScriptDebugServer::handleBreakpointHit):
(Inspector::ScriptDebugServer::setBreakpoint): Deleted.
(Inspector::ScriptDebugServer::removeBreakpoint): Deleted.
(Inspector::ScriptDebugServer::clearBreakpoints): Deleted.

  • inspector/ScriptDebugServer.h:

Reduce ScriptDebugServer's involvement in breakpoints to just handling
breakpoint actions. Eventually we should eliminate it alltogether and
fold breakpoint logic into Debugger or DebugAgent.

  • inspector/agents/InspectorDebuggerAgent.h:
  • inspector/agents/InspectorDebuggerAgent.cpp:

(Inspector::buildDebuggerLocation):
(Inspector::parseLocation):
(Inspector::InspectorDebuggerAgent::setBreakpointByUrl):
(Inspector::InspectorDebuggerAgent::setBreakpoint):
(Inspector::InspectorDebuggerAgent::didSetBreakpoint):
(Inspector::InspectorDebuggerAgent::resolveBreakpoint):
(Inspector::InspectorDebuggerAgent::removeBreakpoint):
(Inspector::InspectorDebuggerAgent::continueToLocation):
(Inspector::InspectorDebuggerAgent::didParseSource):
(Inspector::InspectorDebuggerAgent::clearDebuggerBreakpointState):
The Inspector can set breakpoints in multiple ways.
Ensure that once we have the Script that we always
resolve the breakpoint location before setting the
breakpoint. The different paths are:

  • setBreakpoint(scriptId, location)
    • Here we know the SourceProvider by its SourceID
      • resolve and set
  • setBreakpointByURL(url, location)
    • Search for existing Scripts that match the URL
      • resolve in each and set
    • When new Scripts are parsed that match the URL
      • resolve and set

Source/WebCore:

Tests: inspector/debugger/breakpoints/resolved-dump-all-pause-locations.html

inspector/debugger/breakpoints/resolved-dump-each-line.html

  • bindings/js/CachedScriptSourceProvider.h:

(WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):

LayoutTests:

  • inspector/debugger/breakpoints/resolved-dump-all-pause-locations-expected.txt: Added.
  • inspector/debugger/breakpoints/resolved-dump-all-pause-locations.html: Added.
  • inspector/debugger/breakpoints/resolved-dump-each-line-expected.txt: Added.
  • inspector/debugger/breakpoints/resolved-dump-each-line.html: Added.
  • inspector/debugger/breakpoints/resources/dump-functions.js: Added.
  • inspector/debugger/breakpoints/resources/dump-general.js: Added.

Test for resolved breakpoint locations in all kinds of different source code.

  • inspector/debugger/breakpoints/resources/dump.js: Added.

(TestPage.registerInitializer):
(TestPage.registerInitializer.window.addDumpAllPauseLocationsTestCase):
(TestPage.registerInitializer.window.addDumpEachLinePauseLocationTestCase):
Shared code to run different generalized tests for logging all resolved
breakpoint locations or the resolved breakpoint location if a breakpoint
is set on each individual line.

  • inspector/debugger/resources/log-pause-location.js:

(TestPage.registerInitializer.insertCaretIntoStringAtIndex):
(TestPage.registerInitializer.window.findScript):
(TestPage.registerInitializer.window.loadLinesFromSourceCode):
(TestPage.registerInitializer.window.loadMainPageContent):
(TestPage.registerInitializer.window.logResolvedBreakpointLinesWithContext):
(TestPage.registerInitializer.window.logLinesWithContext):
Make some more code shared and provide a way to log two locations,
used to see where a breakpoint was set and where it resolved to.

  • inspector/debugger/setBreakpoint-expected.txt:

Update error message. Should not include a period.

12:22 PM Changeset in webkit [206652] by Joseph Pecoraro
  • 22 edits
    30 adds in trunk

Web Inspector: Stepping out of a function finishes the line that called it.
https://bugs.webkit.org/show_bug.cgi?id=155325
<rdar://problem/25094578>

Reviewed by Mark Lam.

Source/JavaScriptCore:

Also addresses:
<https://webkit.org/b/161721> Web Inspector: Stepping all the way through program should not cause a pause on the next program that executes
<https://webkit.org/b/161716> Web Inspector: Stepping into a function / program should not require stepping to the first statement

This change introduces a new op_debug hook: WillExecuteExpression.
Currently this new hook is only used for pausing at function calls.
We may decide to add it to other places later where pausing with
finer granularity then statements (or lines) if useful.

This updates the location and behavior of some of the existing debug
hooks, to be more consistent and useful if the exact location of the
pause is displayed. For example, in control flow statements like
if and while, the pause location is the expression itself that
will be evaluated, not the location of the if or while keyword.
For example:

if (|condition)
while (|condition)

Finally, this change gets rid of some unnecessary / useless pause
locations such as on entering a function and on entering a program.
These pauses are not needed because if there is a statement, we
would pause before the statement and it is equivalent. We continue
to pause when leaving a function via stepping by uniformly jumping
to the closing brace of the function. This gives users a chance
to observe state before leaving the function.

  • bytecode/CodeBlock.cpp:

(JSC::debugHookName):

  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::dumpLineColumnEntry):
Logging strings for the new debug hook.

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitCallInTailPosition):
(JSC::BytecodeGenerator::emitCallEval):
(JSC::BytecodeGenerator::emitCallVarargsInTailPosition):
(JSC::BytecodeGenerator::emitConstructVarargs):
(JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition):
(JSC::BytecodeGenerator::emitCallDefineProperty):
(JSC::BytecodeGenerator::emitConstruct):
(JSC::BytecodeGenerator::emitGetTemplateObject):
(JSC::BytecodeGenerator::emitIteratorNext):
(JSC::BytecodeGenerator::emitIteratorNextWithValue):
(JSC::BytecodeGenerator::emitIteratorClose):
(JSC::BytecodeGenerator::emitDelegateYield):
All emitCall variants now take an enum to decide whether or not to
emit the WillExecuteExpression debug hook.

(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitCallVarargs):
In the two real implementations, actually decide to emit the debug
hook or not based on the parameter.

(JSC::BytecodeGenerator::emitEnumeration):
This is shared looping code used by for..of iteration of iterables.
When used by ForOfNode, we want to emit a pause location during
iteration.

(JSC::BytecodeGenerator::emitWillLeaveCallFrameDebugHook):
This is shared call frame leave code to emit a consistent pause
location when leaving a function.

  • bytecompiler/NodesCodegen.cpp:

(JSC::EvalFunctionCallNode::emitBytecode):
(JSC::FunctionCallValueNode::emitBytecode):
(JSC::FunctionCallResolveNode::emitBytecode):
(JSC::BytecodeIntrinsicNode::emit_intrinsic_tailCallForwardArguments):
(JSC::FunctionCallBracketNode::emitBytecode):
(JSC::FunctionCallDotNode::emitBytecode):
(JSC::CallFunctionCallDotNode::emitBytecode):
(JSC::ApplyFunctionCallDotNode::emitBytecode):
(JSC::TaggedTemplateNode::emitBytecode):
(JSC::ArrayPatternNode::bindValue):
All tail position calls are the function calls that we want to emit
debug hooks for. All non-tail call calls appear to be internal
implementation details, and these should not have the debug hook.

(JSC::IfElseNode::emitBytecode):
(JSC::WhileNode::emitBytecode):
(JSC::WithNode::emitBytecode):
(JSC::SwitchNode::emitBytecode):
Make the pause location consistent at the expression.

(JSC::DoWhileNode::emitBytecode):
Make the pause location consistent at the expression.
Remove the errant pause at the do's '}' when entering the do block.

(JSC::ForNode::emitBytecode):
(JSC::ForInNode::emitMultiLoopBytecode):
(JSC::ForOfNode::emitBytecode):
Make the pause location consistent at expressions.
Also allow stepping to the traditional for loop's
update expression, which was previously not possible.

(JSC::ReturnNode::emitBytecode):
(JSC::FunctionNode::emitBytecode):
Make the pause location when leaving a function consistently be the
function's closing brace. The two cases are stepping through a return
statement, or the implicit return undefined at the end of a function.

(JSC::LabelNode::emitBytecode):
(JSC::TryNode::emitBytecode):
Remove unnecessary pauses that add no value, as they contain a
statement and we will then pause at that statement.

  • parser/Nodes.h:

(JSC::StatementNode::isFunctionNode):
(JSC::StatementNode::isForOfNode):
(JSC::EnumerationNode::lexpr):
(JSC::ForOfNode::isForOfNode):
New virtual methods to distinguish different nodes.

  • debugger/Debugger.h:

Rename m_pauseAtNextStatement to m_pauseAtNextOpportunity.
This is the finest granularity of stepping, and it can be
pausing at a location that is not a statement.
Introduce state to properly handle step out and stepping
when there are multiple expressions in a statement.

  • debugger/Debugger.cpp:

(JSC::Debugger::Debugger):
(JSC::Debugger::setPauseOnNextStatement):
(JSC::Debugger::breakProgram):
(JSC::Debugger::continueProgram):
(JSC::Debugger::stepIntoStatement):
(JSC::Debugger::exception):
(JSC::Debugger::didReachBreakpoint):

Use new variable names, and clarify if we should attempt
to pause or not.

(JSC::Debugger::stepOutOfFunction):
Set a new state to indicate a step out action.

(JSC::Debugger::updateCallFrame):
(JSC::Debugger::updateCallFrameAndPauseIfNeeded): Deleted.
(JSC::Debugger::updateCallFrameInternal):
(JSC::Debugger::pauseIfNeeded):
Allow updateCallFrame to either attempt a pause or not.

(JSC::Debugger::atStatement):
Attempt pause and reset the at first expression flag.

(JSC::Debugger::atExpression):
Attempt a pause when not stepping over. Also skip
the first expression pause, since that would be
equivalent to when we paused for the expression.

(JSC::Debugger::callEvent):
Do not pause when entering a function.

(JSC::Debugger::returnEvent):
Attempt pause when leaving a function.
If the user did a step-over and is leaving the
function, then behave like step-out.

(JSC::Debugger::unwindEvent):
Behave like return except don't change any
pausing states. If we needed to pause the
Debugger::exception will have handled it.

(JSC::Debugger::willExecuteProgram):
Do not pause when entering a program.

(JSC::Debugger::didExecuteProgram):
Attempt pause when leaving a program that has a caller.
This can be useful for exiting an eval(...) program.
Otherwise treat this like return, and step-over out
of the program should behave like step-out. We use
pause at next opportunity because there may be extra
callframes we do not know about.
When the program doesn't have a parent, clear all
our state so we don't errantly pause on the next
JavaScript microtask that gets executed.

(JSC::Debugger::clearNextPauseState):
Helper to clear all of the pause states now that
it happens in a couple places.

  • interpreter/Interpreter.cpp:

(JSC::notifyDebuggerOfUnwinding):
Treat unwinding slightly differently from returning.
We will not want to pause when unwinding callframes.

(JSC::Interpreter::debug):

  • interpreter/Interpreter.h:

New debug hook.

  • inspector/agents/InspectorDebuggerAgent.cpp:

(Inspector::InspectorDebuggerAgent::stepInto):
(Inspector::InspectorDebuggerAgent::didPause):

  • inspector/agents/InspectorDebuggerAgent.h:

Remove unnecessary stepInto code notification for listeners.
The listeners are never notified if the debugger resumes,
so whatever state they were setting by this is going to
get out of date.

Source/WebCore:

Tests: inspector/debugger/stepping/stepInto.html

inspector/debugger/stepping/stepOut.html
inspector/debugger/stepping/stepOver.html
inspector/debugger/stepping/stepping-arrow-functions.html
inspector/debugger/stepping/stepping-classes.html
inspector/debugger/stepping/stepping-control-flow.html
inspector/debugger/stepping/stepping-function-calls.html
inspector/debugger/stepping/stepping-function-default-parameters.html
inspector/debugger/stepping/stepping-literal-construction.html
inspector/debugger/stepping/stepping-loops.html
inspector/debugger/stepping/stepping-misc.html
inspector/debugger/stepping/stepping-switch.html
inspector/debugger/stepping/stepping-template-string.html
inspector/debugger/stepping/stepping-try-catch-finally.html

  • inspector/InspectorDOMDebuggerAgent.h:
  • inspector/InspectorDOMDebuggerAgent.cpp:

(WebCore::InspectorDOMDebuggerAgent::stepInto): Deleted.
Setting this state in step-into does not make sense since we do not
know when the debugger resumes and won't know when to clear it.

LayoutTests:

  • inspector/debugger/break-on-exception-throw-in-promise.html:

Drive-by remove debug only code that shouldn't have been checked in.

  • inspector/debugger/resources/log-pause-location.js: Added.

(TestPage.registerInitializer.String.prototype.myPadStart):
(TestPage.registerInitializer.insertCaretIntoStringAtIndex):
(TestPage.registerInitializer.logLinesWithContext):
(TestPage.registerInitializer.window.logPauseLocation):
(TestPage.registerInitializer.window.step):
(TestPage.registerInitializer.window.initializeSteppingTestSuite):
(TestPage.registerInitializer.window.addSteppingTestCase):
(TestPage.registerInitializer.window.loadMainPageContent):
Shared code for stepping tests that runs in the inspected page.

(global):
When the test page is loaded outside of the test runner,
create buttons for each of the different entry test functions.
This makes it very easy to inspect the test page and run
through an individual test.

  • inspector/debugger/stepping/stepInto-expected.txt: Added.
  • inspector/debugger/stepping/stepInto.html: Added.
  • inspector/debugger/stepping/stepOut-expected.txt: Added.
  • inspector/debugger/stepping/stepOut.html: Added.
  • inspector/debugger/stepping/stepOver-expected.txt: Added.
  • inspector/debugger/stepping/stepOver.html: Added.
  • inspector/debugger/stepping/stepping-arrow-functions-expected.txt: Added.
  • inspector/debugger/stepping/stepping-arrow-functions.html: Added.
  • inspector/debugger/stepping/stepping-classes-expected.txt: Added.
  • inspector/debugger/stepping/stepping-classes.html: Added.
  • inspector/debugger/stepping/stepping-control-flow-expected.txt: Added.
  • inspector/debugger/stepping/stepping-control-flow.html: Added.
  • inspector/debugger/stepping/stepping-function-calls-expected.txt: Added.
  • inspector/debugger/stepping/stepping-function-calls.html: Added.
  • inspector/debugger/stepping/stepping-function-default-parameters-expected.txt: Added.
  • inspector/debugger/stepping/stepping-function-default-parameters.html: Added.
  • inspector/debugger/stepping/stepping-literal-construction-expected.txt: Added.
  • inspector/debugger/stepping/stepping-literal-construction.html: Added.
  • inspector/debugger/stepping/stepping-loops-expected.txt: Added.
  • inspector/debugger/stepping/stepping-loops.html: Added.
  • inspector/debugger/stepping/stepping-misc-expected.txt: Added.
  • inspector/debugger/stepping/stepping-misc.html: Added.
  • inspector/debugger/stepping/stepping-switch-expected.txt: Added.
  • inspector/debugger/stepping/stepping-switch.html: Added.
  • inspector/debugger/stepping/stepping-template-string-expected.txt: Added.
  • inspector/debugger/stepping/stepping-template-string.html: Added.
  • inspector/debugger/stepping/stepping-try-catch-finally-expected.txt: Added.
  • inspector/debugger/stepping/stepping-try-catch-finally.html: Added.

Test stepping in different common scenarios.

  • inspector/debugger/regress-133182.html:
  • inspector/debugger/regress-133182-expected.txt:
  • inspector/debugger/tail-deleted-frames-from-vm-entry-expected.txt:
  • inspector/debugger/tail-deleted-frames-from-vm-entry.html:

Rebaseline. No need for a double step. And the second pause doesn't make any sense
in the tail deleted frames test.

12:19 PM Changeset in webkit [206651] by Chris Dumez
  • 8 edits in trunk

[WK2][iOS] Add radiusX / radiusY / rotationAngle to WebPlatformTouchPoint
https://bugs.webkit.org/show_bug.cgi?id=162787
<rdar://problem/28554292>

Reviewed by Benjamin Poulain.

Source/WebKit2:

Add radiusX / radiusY / rotationAngle to WebPlatformTouchPoint.

  • Platform/spi/ios/UIKitSPI.h:
  • Shared/WebEvent.h:

(WebKit::WebPlatformTouchPoint::setRadiusX):
(WebKit::WebPlatformTouchPoint::radiusX):
(WebKit::WebPlatformTouchPoint::setRadiusY):
(WebKit::WebPlatformTouchPoint::radiusY):
(WebKit::WebPlatformTouchPoint::setRotationAngle):
(WebKit::WebPlatformTouchPoint::rotationAngle):

  • Shared/WebEventConversion.cpp:

(WebKit::WebKit2PlatformTouchPoint::WebKit2PlatformTouchPoint):

  • Shared/ios/NativeWebTouchEventIOS.mm:

(WebKit::NativeWebTouchEvent::extractWebTouchPoint):

  • Shared/ios/WebPlatformTouchPointIOS.cpp:

(WebKit::WebPlatformTouchPoint::encode):
(WebKit::WebPlatformTouchPoint::decode):

LayoutTests:

Extend Touch constructor test coverage to cover radiusX / radiusY / rotationAngle
attributes.

  • fast/events/touch/touch-constructor.html:
11:50 AM Changeset in webkit [206650] by achristensen@apple.com
  • 4 edits in trunk

Fix off-by-one error in URLParser::parseIPv4Host
https://bugs.webkit.org/show_bug.cgi?id=162789

Reviewed by Tim Horton.

Source/WebCore:

The spec says "If any but the last item in numbers is greater than 255, return failure."
This means check up to size - 1, not size - 2.

Covered by a new API test.

  • platform/URLParser.cpp:

(WebCore::URLParser::parseIPv4Host):

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

11:48 AM Changeset in webkit [206649] by achristensen@apple.com
  • 4 edits in trunk

URLParser: parsing a URL with an empty host and a colon should fail
https://bugs.webkit.org/show_bug.cgi?id=162795

Reviewed by Tim Horton.

Source/WebCore:

Covered by new API tests.

  • platform/URLParser.cpp:

(WebCore::URLParser::parseHostAndPort):

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

11:46 AM Changeset in webkit [206648] by achristensen@apple.com
  • 5 edits in trunk

URLParser: handle syntax violations in non-UTF-8 encoded queries
https://bugs.webkit.org/show_bug.cgi?id=162770

Reviewed by Tim Horton.

Source/WebCore:

There is a fast path for queries of URLs that use UTF-8 encoding, which are quite common.
For non-UTF-8 encoded queries, which are less common, we put the code points in a Vector<UChar>
and encode them all at once. If there is a syntax violation in the query, we need to copy the
syntax-violation-free string up to the beginning of the query, then encode the query.

Covered by new API tests.

  • platform/URLParser.cpp:

(WebCore::URLParser::percentEncodeByte):
(WebCore::URLParser::encodeQuery):
(WebCore::URLParser::parse):

  • platform/URLParser.h:

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::checkURL):
(TestWebKitAPI::TEST_F):
Tests with emoji change behavior when we insert a tab between the surrogates, so don't do the
insert-tab-at-each-location verification that syntax violations are handled correctly.

11:44 AM Changeset in webkit [206647] by sbarati@apple.com
  • 8 edits in trunk

Arrow functions should not allow duplicate parameter names
https://bugs.webkit.org/show_bug.cgi?id=162741

Reviewed by Filip Pizlo.

JSTests:

  • test262.yaml:

Source/JavaScriptCore:

This patch makes parsing arrow function parameters throw
a syntax error when there are duplicate parameter names.
It also starts to make some syntax errors for arrow functions
better, however, this is trickier than it seems since we need
to choose between two parsing productions when we decide to
throw a syntax error. I'm going to work on this problem
in another patch specifically devoted to making the error
messages better for parsing arrow functions:
https://bugs.webkit.org/show_bug.cgi?id=162794

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::isArrowFunctionParameters):
(JSC::Parser<LexerType>::parseFormalParameters):
(JSC::Parser<LexerType>::parseFunctionParameters):
(JSC::Parser<LexerType>::parseAssignmentExpression):

  • parser/Parser.h:

LayoutTests:

  • js/parser-syntax-check-expected.txt:
  • js/script-tests/parser-syntax-check.js:
11:39 AM Changeset in webkit [206646] by sbarati@apple.com
  • 3 edits in trunk/JSTests

Make some microbenchmarks run for less time.

Rubber stamped by Filip Pizlo.

  • microbenchmarks/bound-function-construction-performance.js:

(foo):

  • microbenchmarks/getter-richards-try-catch.js:
11:39 AM Changeset in webkit [206645] by commit-queue@webkit.org
  • 14 edits
    2 adds in trunk

Make it possible to test web-related user-interface features
https://bugs.webkit.org/show_bug.cgi?id=162657

Patch by Megan Gardner <Megan Gardner> on 2016-09-30
Reviewed by Simon Fraser.

Source/WebKit2:

Added the ability to pull the strings from an Action Sheet and pass them to
test scripts to make sure we are giving the correct available actions for
the item we are interacting with.
Added a test for long press on an image, and used the sheet scraping functionality
to make sure that the correct actions were being displayed.
Test for previous patch, Changeset 205915; Bug 161761

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _contentsOfUserInterfaceItem:]):

  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
  • UIProcess/ios/WKActionSheetAssistant.h:
  • UIProcess/ios/WKActionSheetAssistant.mm:

(-[WKActionSheetAssistant currentAvailableActionStrings]):

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _contentsOfUserInterfaceItem:]):

Tools:

  • DumpRenderTree/ios/UIScriptControllerIOS.mm:

(WTR::UIScriptController::contentsOfUserInterfaceItem):
(WTR::UIScriptController::selectFormAccessoryPickerRow): Deleted.

  • TestRunnerShared/UIScriptContext/Bindings/UIScriptController.idl:
  • TestRunnerShared/UIScriptContext/UIScriptController.cpp:

(WTR::UIScriptController::contentsOfUserInterfaceItem):
(WTR::UIScriptController::selectFormAccessoryPickerRow): Deleted.

  • TestRunnerShared/UIScriptContext/UIScriptController.h:
  • WebKitTestRunner/ios/UIScriptControllerIOS.mm:

(WTR::UIScriptController::contentsOfUserInterfaceItem):
(WTR::UIScriptController::selectFormAccessoryPickerRow): Deleted.

LayoutTests:

  • fast/events/touch/ios/long-press-on-image-expected.txt: Added.
  • fast/events/touch/ios/long-press-on-image.html: Added.
11:29 AM Changeset in webkit [206644] by andersca@apple.com
  • 10 edits in trunk/Source

Remove a couple of unused members from PlatformKeyboardEvent
https://bugs.webkit.org/show_bug.cgi?id=162641

Reviewed by Tim Horton.

Source/WebCore:

  • platform/PlatformKeyboardEvent.h:

(WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
(WebCore::PlatformKeyboardEvent::nativeVirtualKeyCode): Deleted.
(WebCore::PlatformKeyboardEvent::macCharCode): Deleted.

  • platform/mac/PlatformEventFactoryMac.mm:

(WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):

  • replay/SerializationMethods.cpp:

(JSC::EncodingTraits<PlatformKeyboardEvent>::encodeValue):
(JSC::EncodingTraits<PlatformKeyboardEvent>::decodeValue):

Source/WebKit2:

  • Shared/WebEventConversion.cpp:

(WebKit::WebKit2PlatformKeyboardEvent::WebKit2PlatformKeyboardEvent):

11:15 AM Changeset in webkit [206643] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Use topVMEntryFrame to determine whether to skip the re-throw of a simulated throw.
https://bugs.webkit.org/show_bug.cgi?id=162793

Reviewed by Saam Barati.

Change the ThrowScope destructor to use topVMEntryFrame (instead of topCallFrame)
in the determination of whether to skip the re-throw of a simulated throw. This
is needed because the topCallFrame is not updated in operationConstructArityCheck()
(and does not need to be), whereas topVMEntryFrame is always updated properly.
Hence, we should just switch to using the more reliable topVMEntryFrame instead.

This issue was discovered by existing JSC tests when exception check validation
is enabled.

  • runtime/ThrowScope.cpp:

(JSC::ThrowScope::~ThrowScope):

10:05 AM BuildingGtk edited by mario@webkit.org
(diff)
10:02 AM Changeset in webkit [206642] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

64-bit LLInt needs to have a concurrency-aware barrier
https://bugs.webkit.org/show_bug.cgi?id=162790

Reviewed by Mark Lam.

In a concurrent GC the barrier definitely has to be after the store, not before it.

  • llint/LowLevelInterpreter64.asm:
10:00 AM BuildingGtk edited by mario@webkit.org
Added instructions to cross compile WebKit2GTK+ for ARM (diff)
10:00 AM Changeset in webkit [206641] by Antti Koivisto
  • 8 edits in trunk/Source/WebCore

Remove "rem" unit optimization for document element font size changes
https://bugs.webkit.org/show_bug.cgi?id=162778

Reviewed by Alex Christensen.

We awkwardly track from the parser level if any stylesheet in a document uses any rem units. This is only used to minimally
optimize a case where document element's (<html>) font size changes dynamically.

In practice such changes are rare. Browsing around I couldn't find a single case where this optimization got used.
Even if it was used it would be of low value as a full style resolution is likely to happen anyway (as font inherits)
and the only thing really saved is that we don't need to invalidate the matched properties cache.

  • css/CSSGrammar.y.in:
  • css/StyleSheetContents.cpp:

(WebCore::StyleSheetContents::StyleSheetContents):

  • css/StyleSheetContents.h:
  • dom/AuthorStyleSheets.cpp:

(WebCore::AuthorStyleSheets::updateActiveStyleSheets):

  • dom/AuthorStyleSheets.h:

(WebCore::AuthorStyleSheets::usesRemUnits): Deleted.
(WebCore::AuthorStyleSheets::setUsesRemUnit): Deleted.

  • dom/Document.cpp:

(WebCore::Document::recalcStyle):
(WebCore::Document::updateBaseURL):

  • style/StyleTreeResolver.cpp:

(WebCore::Style::TreeResolver::resolveElement):

9:59 AM Changeset in webkit [206640] by fpizlo@apple.com
  • 30 edits
    2 adds in trunk

Air should have a way of expressing additional instruction flags
https://bugs.webkit.org/show_bug.cgi?id=162699

Reviewed by Mark Lam.
Source/JavaScriptCore:


This follows a similar change in B3 (r206595) and replaces Air::Opcode with Air::Kind,
which holds onto the opcode and some additional flags. Because Air is an orthogonal ISA
(the opcode tells you what the operation does but each operand is allowed to also contain
effectively instructions for what to do to read or write that operand), the flags are
meant to be orthogonal to opcode. This allows us to say things like Add32<Trap>, which
makes sense if any of the operands to the Add32 are addresses.

To demonstrate the flags facility this partly adds a trap flag to Air. B3 doesn't use it
yet, but I made sure that Air respects it. Basically that means blocking DCE when the flag
is set, by making it imply hasNonArgNonControlEffects.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • b3/B3CheckSpecial.cpp:

(JSC::B3::Air::numB3Args):
(JSC::B3::CheckSpecial::Key::Key):
(JSC::B3::CheckSpecial::Key::dump):
(JSC::B3::CheckSpecial::CheckSpecial):
(JSC::B3::CheckSpecial::hiddenBranch):
(JSC::B3::CheckSpecial::forEachArg):
(JSC::B3::CheckSpecial::generate):
(JSC::B3::CheckSpecial::dumpImpl):
(JSC::B3::CheckSpecial::deepDumpImpl):

  • b3/B3CheckSpecial.h:

(JSC::B3::CheckSpecial::Key::Key):
(JSC::B3::CheckSpecial::Key::operator==):
(JSC::B3::CheckSpecial::Key::kind):
(JSC::B3::CheckSpecial::Key::hash):
(JSC::B3::CheckSpecial::Key::opcode): Deleted.

  • b3/B3Kind.cpp:

(JSC::B3::Kind::dump):

  • b3/air/AirDumpAsJS.cpp:

(JSC::B3::Air::dumpAsJS):

  • b3/air/AirFixObviousSpills.cpp:
  • b3/air/AirFixPartialRegisterStalls.cpp:
  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::generate):

  • b3/air/AirHandleCalleeSaves.cpp:

(JSC::B3::Air::handleCalleeSaves):

  • b3/air/AirInst.cpp:

(JSC::B3::Air::Inst::jsHash):
(JSC::B3::Air::Inst::dump):

  • b3/air/AirInst.h:

(JSC::B3::Air::Inst::Inst):
(JSC::B3::Air::Inst::kind):
(JSC::B3::Air::Inst::operator bool):
(JSC::B3::Air::Inst::opcode): Deleted.

  • b3/air/AirInstInlines.h:

(JSC::B3::Air::Inst::extraClobberedRegs):
(JSC::B3::Air::Inst::extraEarlyClobberedRegs):
(JSC::B3::Air::Inst::forEachDefWithExtraClobberedRegs):
(JSC::B3::Air::Inst::reportUsedRegisters):
(JSC::B3::Air::Inst::shouldTryAliasingDef):

  • b3/air/AirIteratedRegisterCoalescing.cpp:
  • b3/air/AirKind.cpp: Added.

(JSC::B3::Air::Kind::dump):

  • b3/air/AirKind.h: Added.

(JSC::B3::Air::Kind::Kind):
(JSC::B3::Air::Kind::operator==):
(JSC::B3::Air::Kind::operator!=):
(JSC::B3::Air::Kind::hash):
(JSC::B3::Air::Kind::operator bool):

  • b3/air/AirLowerAfterRegAlloc.cpp:

(JSC::B3::Air::lowerAfterRegAlloc):

  • b3/air/AirLowerEntrySwitch.cpp:

(JSC::B3::Air::lowerEntrySwitch):

  • b3/air/AirLowerMacros.cpp:

(JSC::B3::Air::lowerMacros):

  • b3/air/AirOptimizeBlockOrder.cpp:

(JSC::B3::Air::optimizeBlockOrder):

  • b3/air/AirReportUsedRegisters.cpp:

(JSC::B3::Air::reportUsedRegisters):

  • b3/air/AirSimplifyCFG.cpp:

(JSC::B3::Air::simplifyCFG):

  • b3/air/AirTmpWidth.cpp:

(JSC::B3::Air::TmpWidth::recompute):

  • b3/air/AirUseCounts.h:

(JSC::B3::Air::UseCounts::UseCounts):

  • b3/air/AirValidate.cpp:
  • b3/air/opcode_generator.rb:
  • b3/testb3.cpp:

(JSC::B3::testTernarySubInstructionSelection):
(JSC::B3::testBranchBitAndImmFusion):

Source/WTF:

  • wtf/CommaPrinter.h:

(WTF::CommaPrinter::CommaPrinter):
(WTF::CommaPrinter::dump):
(WTF::CommaPrinter::didPrint):

Websites/webkit.org:

  • docs/b3/assembly-intermediate-representation.html:
9:52 AM Changeset in webkit [206639] by Alan Bujtas
  • 3 edits in trunk/Source/WebCore

RenderLayer::clipRects may return nullptr.
https://bugs.webkit.org/show_bug.cgi?id=162729

Reviewed by Chris Dumez.

This patch refactors RenderLayer::updateClipRects(), parentClipRects() and backgroundClipRect()
so that we don't have to rely on this seemingly unsafe line: clipRects = *parent()->clipRects(clipRectsContext);
Now updateClipRects() returns the computed/cached clip rects as opposed to update and refetch them.
While this patch makes the code look more readable/safer, it also eliminates cached item tripple retrievals.

No change in functionality.

  • rendering/RenderLayer.cpp:

(WebCore::ClipRectsCache::getClipRects):
(WebCore::ClipRectsCache::setClipRects):
(WebCore::RenderLayer::updateClipRects):
(WebCore::RenderLayer::clipRects):
(WebCore::RenderLayer::calculateClipRects):

  • rendering/RenderLayer.h:
9:41 AM Changeset in webkit [206638] by commit-queue@webkit.org
  • 4 edits in trunk/Source

Add a way to go from a RefPtr<T> to Ref<const T>
https://bugs.webkit.org/show_bug.cgi?id=162683

Patch by Youenn Fablet <youenn@apple.com> on 2016-09-30
Reviewed by Alex Christensen.

Source/WebCore:

No change of behavior.

  • Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::extract):

Source/WTF:

  • wtf/RefPtr.h:

(WTF::RefPtr::releaseConstNonNull): Added.

9:18 AM Changeset in webkit [206637] by Said Abou-Hallawa
  • 2 edits in trunk/Source/WebCore

Unreviewed, fix 32-bit build.

  • loader/cache/CachedImage.cpp:

(WebCore::CachedImage::decodedSizeChanged):

9:08 AM Changeset in webkit [206636] by commit-queue@webkit.org
  • 6 edits in trunk

FetchBody should use UTF8Encoding to encode text data
https://bugs.webkit.org/show_bug.cgi?id=162775

Patch by Youenn Fablet <youenn@apple.com> on 2016-09-30
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/basic/text-utf8-expected.txt:
  • web-platform-tests/fetch/api/basic/text-utf8.html:
  • web-platform-tests/fetch/api/resources/utils.js:

(encode_utf8):

Source/WebCore:

Covered by added tests.

Removing unnecesary vector allocation when extracting UTF8 bytes from a Request/Response text/URLSearchParams body.
Making use of UTF8Encoding for consistency with the upload code path.

  • Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::consumeAsStream):
(WebCore::FetchBody::consumeText):
(WebCore::extractBytesFromText): Deleted.

9:01 AM Changeset in webkit [206635] by Said Abou-Hallawa
  • 13 edits in trunk

Change the MemoryCache and CachedResource adjustSize functions to take a long argument
https://bugs.webkit.org/show_bug.cgi?id=162708
<rdar://problem/28555702>

Reviewed by Brent Fulgham.

Source/WebCore:

Because the MemoryCache stores the size of the cached memory in unsigned,
two problems my happen when reporting a change in the size of the memory:

  1. Signed integer overflow -- which can happen because MemoryCache::adjustSize() takes a signed integer argument. If the allocated or the freed memory size is larger than the maximum of a signed integer, an overflow will happen. For the image caching code, this can be seen where the unsigned decodedSize is casted to an integer before passing it to ImageObserver::decodedSizeChanged().
  1. Unsigned integer overflow -- which can happen if the new allocated memory size plus the currentSize exceeds the maximum of unsigned. This can be seen in MemoryCache::adjustSize() where we add delta to m_liveSize or m_deadSize without checking whether this addition will overflow or not. We do not assert for overflow although we assert for underflow.


The fix for these two problems can be the following:

  1. Make all the adjustSize functions all the way till MemoryCache::adjustSize() take a signed long integer argument.


  1. Do not create a NativeImagePtr for an ImageFrame if its frameBytes plus the ImageFrameCache::decodedSize() will exceed the maximum of an unsigned integer.
  • loader/cache/CachedImage.cpp:

(WebCore::CachedImage::decodedSizeChanged): Change the argument to be long. No overflow will happen when casting the argument from unsigned to long.

  • loader/cache/CachedImage.h:
  • loader/cache/CachedResource.cpp:

(WebCore::CachedResource::setDecodedSize): Use long integer casting when calling MemoryCache::adjustSize().
(WebCore::CachedResource::setEncodedSize): Ditto.

  • loader/cache/MemoryCache.cpp:

(WebCore::MemoryCache::MemoryCache): Add as static assert to ensure sizeof(long long) can hold any unsigned or its negation.
(WebCore::MemoryCache::revalidationSucceeded): Use long integer casting when calling MemoryCache::adjustSize().
(WebCore::MemoryCache::remove): Ditto.
(WebCore::MemoryCache::adjustSize): Change the function argument to long integer. No overflow will happen when casting the argument from unsigned to long.

  • loader/cache/MemoryCache.h:
  • platform/graphics/ImageFrameCache.cpp:

(WebCore::ImageFrameCache::destroyIncompleteDecodedData): Call a function with its new name.
(WebCore::ImageFrameCache::decodedSizeChanged): Change the function argument to long integer. No overflow will happen when casting the argument from unsigned to long.
(WebCore::ImageFrameCache::decodedSizeIncreased): Use long integer casting when calling decodedSizeChanged().
(WebCore::ImageFrameCache::decodedSizeDecreased): Ditto.
(WebCore::ImageFrameCache::decodedSizeReset): Ditto.
(WebCore::ImageFrameCache::didDecodeProperties): Ditto.
(WebCore::ImageFrameCache::frameAtIndex): Do not create the NativeImage if adding its frameByes to the MemoryCache will cause numerical overflow.
(WebCore::ImageFrameCache::decodedSizeIncremented): Deleted. This function is renamed decodedSizeIncreased().
(WebCore::ImageFrameCache::decodedSizeDecremented): Deleted. This function is renamed decodedSizeDecreased().

  • platform/graphics/ImageFrameCache.h:
  • platform/graphics/ImageObserver.h:
  • platform/graphics/IntSize.h:

(WebCore::IntSize::unclampedArea): Returns the area of an IntSize in size_t.

  • platform/graphics/cg/PDFDocumentImage.cpp:

(WebCore::PDFDocumentImage::decodedSizeChanged): Use long integer casting when calling ImageObserver::decodedSizeChanged().

LayoutTests:

7:20 AM Changeset in webkit [206634] by Chris Dumez
  • 7 edits in trunk

Add support for ImageData.data attribute
https://bugs.webkit.org/show_bug.cgi?id=162767

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Rebaseline W3C test now that one more check is passing.

  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Add support for ImageData.data attribute:

Firefox already supports it.

No new tests, updated existing tests.

  • html/ImageData.idl:

LayoutTests:

Add layout test coverage.

  • fast/canvas/canvas-imageData-expected.txt:
  • fast/canvas/script-tests/canvas-imageData.js:
1:27 AM Changeset in webkit [206633] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

DumpRenderTree crashed in com.apple.WebCore: WTF::Optional<WebCore::FetchBodyOwner::BlobLoader>::operator bool const + 12
https://bugs.webkit.org/show_bug.cgi?id=162483

Patch by Youenn Fablet <youenn@apple.com> on 2016-09-30
Reviewed by Alex Christensen.

Source/WebCore:

Test: fetch/closing-while-fetching-blob.html
No change of behavior.

  • Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::stop): Asserting m_blobLoader is null (meaning that unsetPendingActivity was done)
only in case FetchBodyOwner has no risk being destroyed.

LayoutTests:

  • fetch/closing-while-fetching-blob-expected.txt: Added.
  • fetch/closing-while-fetching-blob.html: Added.
1:04 AM Changeset in webkit [206632] by commit-queue@webkit.org
  • 19 edits
    6 adds in trunk

[Fetch API] Add support for URLSearchParams body
https://bugs.webkit.org/show_bug.cgi?id=162667

Patch by Youenn Fablet <youennf@gmail.com> on 2016-09-30
Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Adding new tests to consume, stream and upload URLSearchParams bodies.

  • web-platform-tests/fetch/api/basic/request-headers-expected.txt:
  • web-platform-tests/fetch/api/basic/request-headers-worker-expected.txt:
  • web-platform-tests/fetch/api/basic/request-headers.js:

(checkContentType):
(requestHeaders):

  • web-platform-tests/fetch/api/basic/request-upload-expected.txt: Added.
  • web-platform-tests/fetch/api/basic/request-upload-worker-expected.txt: Added.
  • web-platform-tests/fetch/api/basic/request-upload-worker.html: Added.
  • web-platform-tests/fetch/api/basic/request-upload.html: Added.
  • web-platform-tests/fetch/api/basic/request-upload.js: Added.

(testUpload):

  • web-platform-tests/fetch/api/request/request-consume-empty-expected.txt:
  • web-platform-tests/fetch/api/request/request-consume-empty.html:
  • web-platform-tests/fetch/api/request/request-init-002-expected.txt:
  • web-platform-tests/fetch/api/resources/echo-content.py: Added.

(main):

  • web-platform-tests/fetch/api/response/response-consume-empty-expected.txt:
  • web-platform-tests/fetch/api/response/response-consume-empty.html:
  • web-platform-tests/fetch/api/response/response-consume-expected.txt:
  • web-platform-tests/fetch/api/response/response-consume-stream-expected.txt:
  • web-platform-tests/fetch/api/response/response-consume-stream.html:
  • web-platform-tests/fetch/api/response/response-consume.html:
  • web-platform-tests/fetch/api/response/response-init-002-expected.txt:

Source/WebCore:

Tests: imported/w3c/web-platform-tests/fetch/api/basic/request-upload-worker.html

imported/w3c/web-platform-tests/fetch/api/basic/request-upload.html

  • Modules/fetch/FetchBody.cpp:

(WebCore::extractBytesFromText): Moving to a static function that should be moved to a String method.
(WebCore::FetchBody::FetchBody): Adding constructor for URLSearchParams.
(WebCore::FetchBody::extract): Adding URLSearchParams body initialization.
(WebCore::FetchBody::consume): Consuming URLSearchParams bodies.
(WebCore::FetchBody::consumeAsStream): Ditto.
(WebCore::FetchBody::consumeText): Updated to take a parameter to handle both text and URLSearchParams bodies.
(WebCore::FetchBody::bodyForInternalRequest): Add URLSearchParams body upload.
(WebCore::FetchBody::clone): Add URLSearchParams body cloning

  • Modules/fetch/FetchBody.h:

(WebCore::FetchBody::urlSearchParamsBody):

  • html/URLSearchParams.cpp:

(WebCore::URLSearchParams::toString):

  • html/URLSearchParams.h:
Note: See TracTimeline for information about the timeline view.