Timeline



Oct 15, 2016:

6:44 PM Changeset in webkit [207387] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Add a $vm.getpid() method.
https://bugs.webkit.org/show_bug.cgi?id=163493

Reviewed by Saam Barati.

This is especially useful when we need to know the pid of an instance of jsc in
the foreground that we're trying to attach a debugger to while the JSC tests are
running in the background with a gazillion other jsc processes live at the same
time.

Currently, $vm.getpid() is only supported on non-Windows platforms.
According to https://msdn.microsoft.com/en-us/library/ms235372.aspx, getpid() is
deprecated. According to https://msdn.microsoft.com/en-us/library/t2y34y40.aspx,
_getpid() cannot be used in applications that execute in the Windows Runtime.

Since this is only a debugging tool and is not a required feature, I'll defer
the Windows implementation of this function till the time when someone actually
needs it.

  • tools/JSDollarVMPrototype.cpp:

(JSC::functionGetPID):
(JSC::JSDollarVMPrototype::finishCreation):

5:19 PM Changeset in webkit [207386] by commit-queue@webkit.org
  • 8 edits
    3 adds in trunk

Delete the animated image catchup code
https://bugs.webkit.org/show_bug.cgi?id=163410

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-10-15
Reviewed by Simon Fraser.

Source/WebCore:

This patch fixes two issues in the animated image workflow:

1) Setting the animation timer should follow the following rules:

-- Initial case: Which happens before drawing the first frame. We
should set the timer to fire after the current_frame_duration.

-- Late case (Slow animation): This happens if the current_time is
past the next_frame_desired_time. In this case we should fire the
timer immediately.

-- Early case (Fast animation): This happens when there is still time
before the next_frame_desired_time. In this case we should set the
timer to fire after the difference between the next_frame_desired_time
and the current_time.

2) Deleting the code for catching up the current_frame:

This code used to run in the slow animation case. It was never used
on iOS. It was trying to adjust the current_frame according to the
current_time as if there were no delay. It turned out that this might
cause a bigger delay because most likely the decoder decodes the image
frames incrementally; i.e. to decode frame k, it has to have frame
(k - 1) decoded.

Test: fast/images/ordered-animated-image-frames.html

  • platform/graphics/BitmapImage.cpp:

(WebCore::BitmapImage::draw): Remove the iOS specific code.
(WebCore::BitmapImage::startAnimation): Move the animation finishing code from
BitmapImage::internalAdvanceAnimation() to this function. Simplify the timer
duration code as it is described above.

(WebCore::BitmapImage::advanceAnimation): Merge BitmapImage::internalAdvanceAnimation()
into this function.

(WebCore::BitmapImage::resetAnimation):

(WebCore::BitmapImage::internalAdvanceAnimation): Deleted.

  • platform/graphics/BitmapImage.h:
  • platform/graphics/Image.cpp:

(WebCore::Image::drawTiled):

  • platform/graphics/Image.h:

(WebCore::Image::startAnimation):

  • svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::startAnimation):

  • svg/graphics/SVGImage.h:

Remove the catchup code form the Image and SVGImage classes.

LayoutTests:

This animated gif has one red frame, one green frame and two red frames.
The test page renders only two frames from this this image on a canvas. The
test passes if the second frame (the green one) is rendered on the canvas
even if drawImage() is called after the duration of the first frame.

  • fast/images/ordered-animated-image-frames-expected.html: Added.
  • fast/images/ordered-animated-image-frames.html: Added.
  • fast/images/resources/animated-red-green-blue.gif: Added.
4:53 PM Changeset in webkit [207385] by mitz@apple.com
  • 4 edits
    1 add in trunk

REGRESSION (r191699): Contextual menu in Mail compose view doesn’t include any of the standard submenus
https://bugs.webkit.org/show_bug.cgi?id=163492
<rdar://problem/28654799>

Reviewed by Darin Adler.

Source/WebKit/mac:

Test: TestWebKitAPI/Tests/mac/ContextMenuDefaultItemsHaveTags.mm

  • WebView/WebHTMLView.mm:

(createMenuItem): Set the tag for items that have submenus as well.

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/mac/ContextMenuDefaultItemsHaveTags.mm: Added.

(-[ContextMenuDefaultItemsHaveTagsDelegate webView:didFinishLoadForFrame:]):
(TestWebKitAPI::TEST):

4:23 PM Changeset in webkit [207384] by Darin Adler
  • 15 edits in trunk/Source/WebCore

Move Web SQL database and WebSockets off legacy exceptions
https://bugs.webkit.org/show_bug.cgi?id=163284

Reviewed by Chris Dumez.

  • Modules/webdatabase/DOMWindowWebDatabase.cpp:

(WebCore::DOMWindowWebDatabase::openDatabase): Use ExceptionOr.

  • Modules/webdatabase/DOMWindowWebDatabase.h: Update for above.
  • Modules/webdatabase/DOMWindowWebDatabase.idl: Ditto.
  • Modules/webdatabase/SQLResultSet.cpp:

(WebCore::SQLResultSet::SQLResultSet): Move initialization of
many data members into the class definition.
(WebCore::SQLResultSet::insertId): Use ExceptionOr.
(WebCore::SQLResultSet::rowsAffected): Moved into class definition.
(WebCore::SQLResultSet::rows): Ditto.
(WebCore::SQLResultSet::setInsertId): Ditto.
(WebCore::SQLResultSet::setRowsAffected): Ditto.

  • Modules/webdatabase/SQLResultSet.h: Updated for above.
  • Modules/webdatabase/SQLResultSet.idl: Use non-legacy exceptions.

Added a FIXME about the mismatch between long and int64_t.

  • Modules/webdatabase/SQLStatement.cpp:

(WebCore::SQLStatement::execute): Use reference instead of pointer.

  • Modules/websockets/WebSocket.cpp:

(WebCore::isValidProtocolString): Use StringView.
(WebCore::WebSocket::subprotocolSeparator): Fixed capitalization and
spelling error in the name of this function.
(WebCore::WebSocket::WebSocket): Move initialization of many data
members into the class definition.
(WebCore::WebSocket::create): Use ExceptionOr.
(WebCore::WebSocket::connect): Ditto.
(WebCore::WebSocket::send): Ditto.
(WebCore::WebSocket::close): Ditto.
(WebCore::WebSocket::binaryType): Update to use enum class.
(WebCore::WebSocket::setBinaryType): Use ExecptionOr and update to
use enum class.
(WebCore::WebSocket::didReceiveBinaryData): Ditto.

  • Modules/websockets/WebSocket.h: Updated for above. Changed the

BinaryType enum into an enum class.

  • Modules/websockets/WebSocket.idl: Use non-legacy exceptions.
  • Modules/websockets/WebSocketHandshake.cpp:

(WebCore::WebSocketHandshake::checkResponseHeaders):
Updated for name change to subprotocolSeparator.

  • dom/ExceptionOr.h: Added a constructor for scalar types that does not

require an rvalue reference. We can refine this more later, but for now
this is sufficient to obviate the need for WTFMove where it otherwise would
have been needed in the code above.

  • inspector/InspectorDatabaseAgent.cpp: Use reference instead of pointer.
  • page/DOMWindow.idl: Touched this file to work around bugs in the dependency

analysis of the current CMake build system, since otherwise it doesn't process the
change to the partial interface WebSocket. Edited lots of comments, removed many
others, and tweaked formatting.

4:21 PM Changeset in webkit [207383] by mmaxfield@apple.com
  • 1 edit
    2 adds in trunk/LayoutTests

Test that duplicate axis values in font-variation-settings are resolved correctly
https://bugs.webkit.org/show_bug.cgi?id=163489

Reviewed by Darin Adler.

  • fast/text/variations/duplicate-axis-expected.html: Added.
  • fast/text/variations/duplicate-axis.html: Added.
3:04 PM Changeset in webkit [207382] by dbates@webkit.org
  • 3 edits in trunk/Tools

prepare-ChangeLog erroneously said that a python init method was deleted
https://bugs.webkit.org/show_bug.cgi?id=163456

Reviewed by Simon Fraser.

Fixes an issue where prepare-ChangeLog may list as deleted functions that are
immediately above added code.

Currently prepare-ChangeLog makes use of the same overlap detection algorithm
to compute the list of deleted functions as it does to compute added and modified
functions. We consider a function deleted if its entire function body and signature
are removed. It is sufficient to compare the list of functions before the patch
is applied and the list of functions are the patch is applied to identify
these functions.

  • Scripts/prepare-ChangeLog: Fix some style nits, including using Camel Case for

variable names.
(actuallyGenerateFunctionLists): Modified to call computeModifiedFunctions(). Always
compute the list of functions in the file after the patch regardless of whether the
patch only contains deletions. We will compare this list against the list of functions
before the patch was applied to determine the deleted functions.
(computeModifiedFunctions): Renamed; formerly named generateFunctionListsByRanges.
Removed out argument for the seen functions as we no longer make use of when computing
the list of deleted functions.
(diffCommand): Update comment.
(generateFunctionListsByRanges): Deleted.

  • Scripts/webkitperl/prepare-ChangeLog_unittest/generateFunctionLists.pl: Added more unit tests.
2:52 PM Changeset in webkit [207381] by weinig@apple.com
  • 22 edits in trunk

MessageEvent's source property should be a (DOMWindow or MessagePort)? rather than a EventTarget?
https://bugs.webkit.org/show_bug.cgi?id=163475

Reviewed by Simon Fraser.

Source/WebCore:

Start fleshing out union support, starting with MessageEvent.

  • Simplify things a bit for now by requiring interface types to use RefPtr<T> as their type when used in sequences and unions. We should revisit this later, and see if we can use Ref<T> where possible, but it causes complications for dictionaries, since they want a Ref<T> uninitialized.
  • bindings/generic/IDLTypes.h:

Switch IDLInterface to use RefPtr<T> as its implementation type.

  • bindings/js/JSDOMConvert.h:

(WebCore::Detail::VariadicConverterBase::convert):

  • Remove isJSDOMWrapperType() optimization. It was not correct, due to not being able to detect window and window shell, and not always an optimization, e.g. in the case of a single interface.
  • Switch from JSC::jsDynamicCast<WrapperType*>() to WrapperType::toWrapped() which can be faster and handles window and window shell correctly.
  • Also fix an issue where we would wrongly assert that one interface had to match.
  • bindings/js/JSDOMWrapper.h:

(WebCore::isJSDOMWrapperType): Deleted.
Remove unused predicate.

  • bindings/scripts/IDLParser.pm:

(parseType):
Add missing support for nullable unions.

  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/TestObj.idl:

Add new tests for unions (both non-null and nullable) in dictionaries.

  • dom/ContainerNode.cpp:

(WebCore::ContainerNode::append):
(WebCore::ContainerNode::prepend):

  • dom/ContainerNode.h:
  • dom/Node.cpp:

(WebCore::nodeSetPreTransformedFromNodeOrStringVector):
(WebCore::Node::convertNodesOrStringsIntoNode):
(WebCore::Node::before):
(WebCore::Node::after):
(WebCore::Node::replaceWith):

  • dom/Node.h:

Add using declaration for NodeOrString and change it to use RefPtr<Node>.

  • bindings/js/JSMessageEventCustom.cpp:

(WebCore::handleInitMessageEvent):

  • dom/MessageEvent.cpp:

(WebCore::MessageEvent::MessageEvent):
(WebCore::MessageEvent::create):
(WebCore::MessageEvent::initMessageEvent):
(WebCore::MessageEvent::source):
(WebCore::isValidSource): Deleted.

  • dom/MessageEvent.h:
  • dom/MessageEvent.idl:
  • page/DOMWindow.cpp:

(WebCore::PostMessageTimer::event):
Change MessageEvent's source to be a std::experimental::variant<RefPtr<DOMWindow>, RefPtr<MessagePort>>.
For now, we only enforce this on setting, and leave the getter a EventTarget?, but that should not be
observable, and will rectified in subsequent patches.

Source/WTF:

  • wtf/Variant.h:

Add missing return statement that was tripping up some compilers.

LayoutTests:

  • fast/dom/message-port-deleted-by-accessor.html:

Switch source parameter to null to avoid accidental type error.

  • fast/events/constructors/message-event-constructor-expected.txt:
  • fast/events/constructors/message-event-constructor.html:

Update test expect a thrown type error, as is now expected, for non-window or MessagePort EventTargets.

2:31 PM Changeset in webkit [207380] by Chris Dumez
  • 21 edits in trunk

Add support for reportValidity() on form and form control elements
https://bugs.webkit.org/show_bug.cgi?id=163479

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/html/dom/interfaces-expected.txt:
  • web-platform-tests/html/semantics/forms/constraints/form-validation-reportValidity-expected.txt:
  • web-platform-tests/html/semantics/forms/constraints/form-validation-validate-expected.txt:

Source/WebCore:

Add support for reportValidity() on form and form control elements:

Firefox and Chrome already support this.

Demo: https://googlechrome.github.io/samples/report-validity/

No new tests, rebaselined existing tests.

  • html/HTMLButtonElement.idl:
  • html/HTMLFieldSetElement.idl:
  • html/HTMLFormElement.idl:
  • html/HTMLInputElement.idl:
  • html/HTMLKeygenElement.idl:
  • html/HTMLObjectElement.idl:
  • html/HTMLOutputElement.idl:
  • html/HTMLSelectElement.idl:
  • html/HTMLTextAreaElement.idl:

Add reportValidity() operation.

  • html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::checkValidity):

(WebCore::HTMLFormControlElement::reportValidity):
Add implementation for reportValidity() for form control elements.
First, it calls checkValidity() and returns early if there is no
constraint violation. if the JS canceled the 'invalid' event
fired by checkValidity(), then return early as well, as per the
specification. If the element is focusable, we scroll to it,
focus it and show the validation message. Otherwise, we log a
error message to the console. The last part of the behavior
matches what we already did in HTMLFormElement::validateInteractively()
and complies with the behavior in the specification.

(WebCore::HTMLFormControlElement::focusAndShowValidationMessage):
Add utility function to scroll to the form control element, focus
it and show its validation message. This code was moved from
HTMLFormElement::validateInteractively() so that it could be reused
in HTMLFormControlElement::reportValidity().

  • html/HTMLFormControlElement.h:
  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::validateInteractively):
Move the early abort checks to the existing call site (prepareForSubmission)
so that we can reuse this method for reportValidity().

(WebCore::HTMLFormElement::prepareForSubmission):
Only call validateInteractively() if we really should validate. Those checks
used to be in validateInteractively() but I moved them here so we could more
easily reuse validateInteractively().

(WebCore::HTMLFormElement::checkValidity):
(WebCore::HTMLFormElement::checkInvalidControlsAndCollectUnhandled):
Update Vector type to be a Vector of HTMLFormControlElement given that we
only add HTMLFormControlElement objects to it and that it results it simpler
code.

(WebCore::HTMLFormElement::reportValidity):
Add implementation for reportValidity() for form elements. The
implementation calls our already existing validateInteractively()
method, as per the specification.

  • html/HTMLFormElement.h:
  • html/HTMLObjectElement.h:

reportValidity() returns true unconditionally for object elements,
similarly to checkValidity().

2:18 PM Changeset in webkit [207379] by Simon Fraser
  • 4 edits in trunk/Source

Sort the project file.

Source/WebCore:

  • WebCore.xcodeproj/project.pbxproj:

Source/WebKit2:

  • WebKit2.xcodeproj/project.pbxproj:
2:15 PM Changeset in webkit [207378] by Simon Fraser
  • 11 edits
    1 copy
    2 adds
    2 deletes in trunk/Source/WebCore

Implement serializer = { attribute }
https://bugs.webkit.org/show_bug.cgi?id=163466

Reviewed by Darin Adler.

Fix the code generator to generate code for serializer = { attribute }.
In IDLParser, extend domSerializable with flags for the 'inherit', 'getter' and
'attribute' values (the first two are still unsupported). Fix parseSerializationPattern()
to detect these; it needs to create the domSerializable() now. Basic support
for isSerializableAttribute() is added (primitive types only).

GenerateSerializerFunction is fixed to output code for the serializable attributes
in the order specified in "serializer = {}", as specified in WebIDL.

Removed custom serialization for ClientRect and PerformanceTiming.

Other minor cleanup to always get $interfaceName from $interface->name, and to fix
ObjectConstructor.h to be included as <runtime/ObjectConstructor.h>.

  • CMakeLists.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSBindingsAllInOne.cpp:
  • bindings/js/JSClientRectCustom.cpp: Removed.
  • bindings/js/JSPerformanceTimingCustom.cpp: Removed.
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation):
(GenerateSerializerFunction):

  • bindings/scripts/IDLParser.pm:

(parseSerializerRest):
(parseSerializationPattern):
(parseSerializationAttributes):
(isSerializableAttribute):
(applyMemberList):

  • bindings/scripts/test/JS/JSTestNode.cpp:
  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjPrototypeFunctionToJSONCaller):

  • bindings/scripts/test/JS/JSTestSerialization.cpp: Added.
  • bindings/scripts/test/JS/JSTestSerialization.h: Added.
  • bindings/scripts/test/TestObj.idl:
  • bindings/scripts/test/TestSerialization.idl: Copied from Source/WebCore/dom/ClientRect.idl.
  • dom/ClientRect.idl:
  • page/PerformanceTiming.idl:
1:56 PM Changeset in webkit [207377] by sbarati@apple.com
  • 4 edits
    1 add in trunk

Assertion failed under operationToLowerCase with a rope with zero length
https://bugs.webkit.org/show_bug.cgi?id=163314

Reviewed by Mark Lam.

JSTests:

  • stress/to-lower-case-intrinsic-on-empty-rope.js: Added.

(assert):
(returnRope.helper):
(returnRope):
(lower):

Source/JavaScriptCore:

There are some ways to get JSC to create empty rope strings. ToLowerCase
inside the DFG/FTL goes to the slow path when the argument is a rope.
operationToLowerCase was calling into a WTF string function that
assumed we are passing it a this value that has non-zero length.
However, we were calling it with a string that did have zero length.
To fix this, we make operationToLowerCase return the empty JSString
if it is going to make a string with zero length.

  • dfg/DFGOperations.cpp:
  • jsc.cpp:

(GlobalObject::finishCreation):
(functionIsRope):

8:04 AM Changeset in webkit [207376] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore

[GTK] Restore user agent quirk for Yahoo
https://bugs.webkit.org/show_bug.cgi?id=163481

Reviewed by Carlos Garcia Campos.

finance.yahoo.com is sending a mobile version in response to our standard user agent.

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::urlRequiresMacintoshPlatform):

7:53 AM Changeset in webkit [207375] by Chris Dumez
  • 4 edits in trunk

Setting HTMLMediaElement.volume to NaN or Inf should throw a TypeError
https://bugs.webkit.org/show_bug.cgi?id=163472

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Rebaseline w3c test now that more checks are passing.

  • web-platform-tests/html/semantics/embedded-content/media-elements/volume_nonfinite-expected.txt:

Source/WebCore:

Setting HTMLMediaElement.volume to NaN or Inf should throw a TypeError:

This is because the attribute is of type double (not unrestricted double in the IDL).

Chrome and Firefox agree with the specification. WebKit throws an IndexSizeErr instead.

No new tests, rebaselined existing test.

  • html/HTMLMediaElement.idl:
7:24 AM Changeset in webkit [207374] by Alan Bujtas
  • 5 edits in trunk/Source/WebCore

CounterNode::resetRenderers is so inefficient.
https://bugs.webkit.org/show_bug.cgi?id=163480

Reviewed by Simon Fraser.

CounterNode::resetRenderers() removes all the associated renderers from this CounterNode
and sets the dirty bit on them.
This patch does all that in a loop, instead of traversing the linked tree on each removal.

No change in functionality.

  • rendering/CounterNode.cpp:

(WebCore::CounterNode::CounterNode):
(WebCore::CounterNode::~CounterNode):
(WebCore::CounterNode::nextInPreOrderAfterChildren):
(WebCore::CounterNode::lastDescendant):
(WebCore::CounterNode::addRenderer): These assertions do not seem super useful.
(WebCore::CounterNode::removeRenderer):
(WebCore::CounterNode::resetRenderers):
(WebCore::CounterNode::insertAfter):
(WebCore::CounterNode::removeChild):

  • rendering/CounterNode.h:
  • rendering/RenderCounter.cpp:

(WebCore::makeCounterNode):
(WebCore::RenderCounter::RenderCounter):
(WebCore::RenderCounter::~RenderCounter):
(WebCore::RenderCounter::originalText):
(WebCore::updateCounters):
(WebCore::RenderCounter::invalidate): Deleted.

  • rendering/RenderCounter.h:
2:15 AM Changeset in webkit [207373] by commit-queue@webkit.org
  • 2 edits
    23 adds in trunk

[Modern Media Controls] macOS inline controls
https://bugs.webkit.org/show_bug.cgi?id=163444
<rdar://problem/27989473>

Patch by Antoine Quint <Antoine Quint> on 2016-10-15
Reviewed by Dean Jackson.

Source/WebCore:

Introducing the new MacOSMediaControls and MacOSInlineMediaControls classes. MacOSMediaControls is a MediaControls subclass
that adds specific buttons to the macOS platform and sets the layout traits to be macOS. This class has a new subclass,
MacOSInlineMediaControls, which sets the layout traits to also include inline and implements custom layout to drop
controls as necessary as the width of the controls varies. It also shows the volume slider when the mute button is hovered.

Tests: media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-buttons-styles.html

media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-constructor.html
media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-controls-bar-styles.html
media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-layout.html
media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-time-control-styles.html
media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-slider-visibility.html
media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles.html
media/modern-media-controls/macos-inline-media-controls/macos-inline-media-dropping-controls.html
media/modern-media-controls/macos-media-controls/macos-media-controls.html

  • Modules/modern-media-controls/controls/macos-inline-media-controls.css: Added.

(.media-controls.mac.inline > .controls-bar):
(.media-controls.mac.inline > .controls-bar > *):
(.media-controls.mac.inline button):
(.media-controls.mac.inline button:active):
(.media-controls.mac.inline > .controls-bar button):
(.media-controls.mac.inline > .controls-bar,):
(.media-controls.mac.inline button.play-pause):
(.media-controls.mac.inline button.skip-back):
(.media-controls.mac.inline .scrubber.slider):
(.media-controls.mac.inline button.mute):
(.media-controls.mac.inline button.airplay):
(.media-controls.mac.inline button.pip):
(.media-controls.mac.inline button.tracks):
(.media-controls.mac.inline button.fullscreen):
(.media-controls.mac.inline .time-label):
(.media-controls.mac.inline .volume-slider-container):
(.media-controls.mac.inline .volume-slider-container:before):
(.media-controls.mac.inline .volume.slider):

  • Modules/modern-media-controls/controls/macos-inline-media-controls.js: Added.

(MacOSInlineMediaControls.prototype.layout):
(MacOSInlineMediaControls.prototype.handleEvent):

  • Modules/modern-media-controls/controls/macos-media-controls.js: Added.

(MacOSMediaControls):

LayoutTests:

Testing the properties of the new MacOSMediaControls and MacOSInlineMediaControls classes.

  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-buttons-styles-expected.txt: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-buttons-styles.html: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-constructor-expected.txt: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-constructor.html: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-controls-bar-styles-expected.txt: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-controls-bar-styles.html: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-layout-expected.txt: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-layout.html: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-time-control-styles-expected.txt: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-time-control-styles.html: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-slider-visibility-expected.txt: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-slider-visibility.html: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles-expected.txt: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles.html: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-dropping-controls-expected.txt: Added.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-dropping-controls.html: Added.
  • media/modern-media-controls/macos-media-controls/macos-media-controls-expected.txt: Added.
  • media/modern-media-controls/macos-media-controls/macos-media-controls.html: Added.
1:27 AM Changeset in webkit [207372] by Antti Koivisto
  • 9 edits
    2 adds in trunk

100% CPU on homedepot.com page
https://bugs.webkit.org/show_bug.cgi?id=163452
<rdar://problem/28730708>

Reviewed by Simon Fraser.

Source/WebCore:

The site has a keyframe animation on body. Currently this causes the animation to invalidate the
style of the entire document.

Animations use SyntheticStyleChange to invalidate elements when animation progresses and currently
that causes full subtree invalidation. However animation only ever affect individual elements and
the normal style resolution mechanism should be able to deal with things like inheritance as needed.

Test: fast/animation/animation-style-update-size.html

  • dom/Document.cpp:

(WebCore::Document::recalcStyle):

  • dom/Document.h:

(WebCore::Document::lastStyleUpdateSizeForTesting):

Testing support.

  • style/StyleTreeResolver.cpp:

(WebCore::Style::TreeResolver::resolveElement):

Don't force subtree style resolution for SyntheticStyleChange.

  • style/StyleUpdate.h:

(WebCore::Style::Update::size):

  • testing/Internals.cpp:

(WebCore::Internals::lastStyleUpdateSize):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

  • fast/animation/animation-style-update-size-expected.txt: Added.
  • fast/animation/animation-style-update-size.html: Added.
12:22 AM Changeset in webkit [207371] by Joseph Pecoraro
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: Cleanup parts of DebuggerManager
https://bugs.webkit.org/show_bug.cgi?id=163400

Reviewed by Timothy Hatcher.

  • UserInterface/Controllers/DebuggerManager.js:

(WebInspector.DebuggerManager.restoreBreakpointsSoon):

(WebInspector.DebuggerManager.prototype.get paused):
(WebInspector.DebuggerManager.prototype.get pauseReason):
(WebInspector.DebuggerManager.prototype.get pauseData):
(WebInspector.DebuggerManager.prototype.get callFrames):
(WebInspector.DebuggerManager.prototype.get activeCallFrame):
(WebInspector.DebuggerManager.prototype.set activeCallFrame):
Put simple accessors at the top.

(WebInspector.DebuggerManager.prototype.get allExceptionsBreakpoint):
(WebInspector.DebuggerManager.prototype.get allUncaughtExceptionsBreakpoint):
(WebInspector.DebuggerManager.prototype.get breakpoints):
(WebInspector.DebuggerManager.prototype.breakpointForIdentifier):
(WebInspector.DebuggerManager.prototype.breakpointsForSourceCode):
(WebInspector.DebuggerManager.prototype.isBreakpointRemovable):
(WebInspector.DebuggerManager.prototype.isBreakpointEditable):
(WebInspector.DebuggerManager.prototype.get breakpointsDisabledTemporarily):
Group public breakpoint state and access methods.

(WebInspector.DebuggerManager.prototype.scriptForIdentifier):
(WebInspector.DebuggerManager.prototype.scriptsForURL):
(WebInspector.DebuggerManager.prototype.get searchableScripts):
(WebInspector.DebuggerManager.prototype.get knownNonResourceScripts):
Group public script access methods.

(WebInspector.DebuggerManager.prototype.pause):
(WebInspector.DebuggerManager.prototype.resume):
(WebInspector.DebuggerManager.prototype.stepOver):
(WebInspector.DebuggerManager.prototype.stepInto):
(WebInspector.DebuggerManager.prototype.stepOut):
(WebInspector.DebuggerManager.prototype.continueToLocation):
(WebInspector.DebuggerManager.prototype.addBreakpoint):
(WebInspector.DebuggerManager.prototype.removeBreakpoint):
Group and modernize public methods that perform actions.

(WebInspector.DebuggerManager.prototype.nextBreakpointActionIdentifier):
Misc. methods.

(WebInspector.DebuggerManager.prototype.breakpointResolved):
(WebInspector.DebuggerManager.prototype.reset):
(WebInspector.DebuggerManager.prototype.playBreakpointActionSound):
(WebInspector.DebuggerManager.prototype.scriptDidParse):
(WebInspector.DebuggerManager.prototype._setBreakpoint.didSetBreakpoint):
(WebInspector.DebuggerManager.prototype._setBreakpoint):
(WebInspector.DebuggerManager.prototype._breakpointEditablePropertyDidChange):
(WebInspector.DebuggerManager.prototype._updateBreakOnExceptionsState):
(WebInspector.DebuggerManager.prototype._associateBreakpointsWithSourceCode):
Minor cleanup in protected and private methods.

  • UserInterface/Models/BreakpointAction.js:

(WebInspector.BreakpointAction):
Getting the next identifier is an action so it should be a function call.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor.prototype.textEditorBreakpointAdded):
Remove unused parameter.

Oct 14, 2016:

9:18 PM Changeset in webkit [207370] by Simon Fraser
  • 2 edits in trunk/Tools

REGRESSION (r206973): Running "webkit-patch suggest-reviewers" throws an AttributeError: 'NoneType' object has no attribute 'full_name'
https://bugs.webkit.org/show_bug.cgi?id=163478

Reviewed by Daniel Bates.

Handle a None other in Contributor.eq.

  • Scripts/webkitpy/common/config/committers.py:

(Contributor.eq):

7:19 PM Changeset in webkit [207369] by commit-queue@webkit.org
  • 13 edits
    2 adds in trunk

[JSC] op_negate should with any type
https://bugs.webkit.org/show_bug.cgi?id=162587

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-10-14
Reviewed by Saam Barati.

JSTests:

  • stress/arith-abs-to-arith-negate-range-optimizaton.js: Added.

Cover OSR Exits when converting Math.abs() into ArithNegate.

  • stress/arith-negate-on-various-types.js: Added.

Cover ArithNegate with all types.

Source/JavaScriptCore:

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
ArithNegate is quite simple. If the input is double, the output
is double. The other cases are set from the LLInt slow case.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::makeSafe):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGIntegerRangeOptimizationPhase.cpp:

Tweak a bit the IntegerRangeOptimizationPhase when simplifying
ArithAbs to ArithNegate.
We should not do the conversion if the target nodes OSR Exits
on different input than the source node.

In particular, Checked ArithNegate exits on zero while
ArithAbs has not problem with it.
Unchecked ArithAbs() do not OSR Exit on INT_MIN, ArithNeg
should not either.

  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileArithNegate):
(JSC::DFG::SpeculativeJIT::compileMathIC):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileMathIC):
(JSC::FTL::DFG::LowerDFGToB3::compileArithNegate):

  • jit/JITNegGenerator.cpp:

(JSC::JITNegGenerator::generateFastPath):

  • jit/JITOperations.cpp:

Add result profiling in baseline to have types we can use
in DFG and FTL.

6:48 PM Changeset in webkit [207368] by Chris Dumez
  • 4 edits in trunk

Setting HTMLMediaElement.muted to the same value should not fire a volume change event
https://bugs.webkit.org/show_bug.cgi?id=163474

Reviewed by Eric Carlson.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/semantics/embedded-content/media-elements/event_volumechange-expected.txt:

Source/WebCore:

Setting HTMLMediaElement.muted to the same value should not fire a volume
change event:

Chrome and Firefox agree with the specification.

No new tests, rebaselined existing test.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::setMuted):

5:40 PM Changeset in webkit [207367] by andersca@apple.com
  • 2 edits in trunk/Source/WebKit2

Fix Mac build.

  • UIProcess/ApplePay/mac/WebPaymentCoordinatorProxyMac.mm:

(WebKit::WebPaymentCoordinatorProxy::platformShowPaymentUI):

5:37 PM Changeset in webkit [207366] by dino@apple.com
  • 4 edits in trunk/Source/WebCore

Add Display P3 ColorSpace
https://bugs.webkit.org/show_bug.cgi?id=162880
<rdar://problem/28598564>

Reviewed by Sam Weinig.

Add a new ColorSpace for Display P3.

This will be tested once the Color class can create
objects that reference other color spaces.

  • platform/graphics/ColorSpace.h:
  • platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::displayP3ColorSpaceRef):

  • platform/graphics/cg/GraphicsContextCG.h:

(WebCore::cachedCGColorSpace):

5:37 PM Changeset in webkit [207365] by Brent Fulgham
  • 2 edits in trunk/Source/WebCore

[Win][Direct2D] Minor cleanups
https://bugs.webkit.org/show_bug.cgi?id=162953

Reviewed by Dean Jackson.

Code cleanup. No change in behavior.

  • platform/graphics/win/ImageDecoderDirect2D.cpp:

(WebCore::ImageDecoder::frameIsCompleteAtIndex):
(WebCore::ImageDecoder::frameBytesAtIndex):

5:11 PM Changeset in webkit [207364] by achristensen@apple.com
  • 4 edits in trunk/Source

Fix CMake build.

  • PlatformMac.cmake:
5:10 PM Changeset in webkit [207363] by jfbastien@apple.com
  • 4 edits
    1 copy
    22 adds
    1 delete in trunk

Basic WebAssembly testing

Create a small DSL in JavaScript which can build WebAssembly binary modules based on the JSON description of the format as described in:
https://github.com/WebAssembly/design/blob/master/BinaryEncoding.md

This DSL can then be used to write small text description of valid and invalid WebAssembly binaries, making testing the JSC implementation much easier.

Details and example in README.md.

Basic WebAssembly testing
https://bugs.webkit.org/show_bug.cgi?id=163267

Reviewed by Keith Miller.

JSTests:

  • stress/wasm/wasm.json: Removed.
  • wasm.yaml: Added.
  • wasm/Builder.js: Added.

(const._isValidValue):
(const._BuildWebAssemblyBinary):
(export.default.Builder):
(export.default.Builder.prototype.setChecked):
(export.default.Builder.prototype.setPreamble):
(export.default.Builder.prototype._registerSectionBuilders.switch.case.string_appeared_here.this.section):
(export.default.Builder.prototype._registerSectionBuilders.this.Unknown):
(export.default.Builder.prototype._registerSectionBuilders):
(export.default.Builder.prototype._addSection):
(export.default.Builder.prototype.optimize):
(export.default.Builder.prototype.json):
(export.default.Builder.prototype.AsmJS):
(export.default.Builder.prototype.WebAssembly):

  • wasm/LowLevelBinary.js: Added.

(const._getterRangeCheck):
(const._hexdump):
(export.default.LowLevelBinary):
(export.default.LowLevelBinary.prototype.newPatchable):
(export.default.LowLevelBinary.prototype.hexdump):
(export.default.LowLevelBinary.prototype._maybeGrow):
(export.default.LowLevelBinary.prototype._push8):
(export.default.LowLevelBinary.prototype.uint8):
(export.default.LowLevelBinary.prototype.uint16):
(export.default.LowLevelBinary.prototype.uint32):
(export.default.LowLevelBinary.prototype.varuint):
(export.default.LowLevelBinary.prototype.varint):
(export.default.LowLevelBinary.prototype.varuint7):
(export.default.LowLevelBinary.prototype.string):
(export.default.LowLevelBinary.prototype.getSize):
(export.default.LowLevelBinary.prototype.getUint8):
(export.default.LowLevelBinary.prototype.getUint16):
(export.default.LowLevelBinary.prototype.getUint32):
(export.default.LowLevelBinary.prototype.getVaruint):
(export.default.LowLevelBinary.prototype.getVarint):
(export.default.LowLevelBinary.prototype.getVaruint7):
(export.default.LowLevelBinary.prototype.getString):
(PatchableLowLevelBinary):
(PatchableLowLevelBinary.prototype._push8):
(PatchableLowLevelBinary.prototype.apply):

  • wasm/README.md: Added.
  • wasm/WASM.js: Added.
  • wasm/assert.js: Added.

(export.const.notUndef):
(export.const.eq):
(export.const.ge):
(export.const.throwsError):
(export.const.throwsRangeError):

  • wasm/generate-wasmops-header.js: Renamed from JSTests/stress/wasm/generate-wasmops-header.js.
  • wasm/self-test/test_BuilderJSON.js: Added.

(const.assertOpThrows):
(EmptyModule):
(CustomMagicNumber):
(CustomVersion):
(CustomSection):
(CustomSectionAllBytes):
(CustomSectionInvalidByte):
(TwoCustomSections):
(EmptyCodeSection):
(CodeSectionWithEmptyFunction):
(CodeSectionWithEmptyFunctionWithParameters):
(InvalidFunctionParameters):
(SimpleFunction):
(TwoSimpleFunctions):
(TwoBuildersAtTheSameTime):
(CheckedOpcodeArgumentsTooMany):
(CheckedOpcodeArgumentsNotEnough):
(CallNoArguments):
(CallInvalid):
(I32ConstInvalid):
(F32ConstInvalid):
(F64ConstInvalid):
(CallManyFromStack):
(OpcodeAdd):
(OpcodeUnreachable):
(OpcodeUnreachableCombinations):
(OpcodeSelect):

  • wasm/self-test/test_BuilderWebAssembly.js: Added.

(EmptyModule):
(CustomSection):
(Basic):

  • wasm/self-test/test_LowLevelBinary_encode.js: Added.
  • wasm/self-test/test_LowLevelBinary_string.js: Added.
  • wasm/self-test/test_LowLevelBinary_uint16.js: Added.
  • wasm/self-test/test_LowLevelBinary_uint32.js: Added.
  • wasm/self-test/test_LowLevelBinary_uint8.js: Added.
  • wasm/self-test/test_LowLevelBinary_varint.js: Added.
  • wasm/self-test/test_LowLevelBinary_varuint.js: Added.
  • wasm/self-test/test_LowLevelBinary_varuint7.js: Added.
  • wasm/self-test/test_WASM.js: Added.
  • wasm/test.sh: Added.
  • wasm/utilities.js: Added.

(const._read.filename.switch):
(const._load.filename.switch):
(const._json.filename.switch):

  • wasm/wasm.json: Added.

Tools:

  • Scripts/run-javascriptcore-tests:

(runJSCStressTests): run wasm.yaml tests

  • Scripts/run-jsc-stress-tests: add a WebAssembly-specific runner
4:56 PM Changeset in webkit [207362] by andersca@apple.com
  • 6 edits in trunk/Source

Pass on networking settings to the PKPaymentRequest
https://bugs.webkit.org/show_bug.cgi?id=163462
rdar://problem/28567629

Reviewed by Dan Bernstein.

Source/WebCore:

Add new SPI.

  • platform/spi/cocoa/PassKitSPI.h:

Source/WebKit2:

  • UIProcess/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.h:
  • UIProcess/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.mm:

(WebKit::toPKPaymentRequest):

  • UIProcess/ApplePay/ios/WebPaymentCoordinatorProxyIOS.mm:

(WebKit::WebPaymentCoordinatorProxy::platformShowPaymentUI):

4:37 PM Changeset in webkit [207361] by dino@apple.com
  • 22 edits
    1 add in trunk/Source/WebCore

CSS parsing should use Color not RGBA32
https://bugs.webkit.org/show_bug.cgi?id=163423
<rdar://problem/28766903>

Reviewed by Simon Fraser.

Re-landing this after it was rolled out in https://trac.webkit.org/r207342.

In order to allow CSS to use the ExtendedColor variant of
Color, we need to stop using RGBA32. This is a fairly big
change that goes through all the places in the parser
related to colors, and moves them from RGBA32 to Color.

No change in functionality, so covered by existing tests.

  • WebCore.xcodeproj/project.pbxproj: Add the new ColorHash.h file.
  • css/CSSPrimitiveValue.cpp: CSSPrimitiveValue now can hold a Color*

rather than an unsigned int for colors.
(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::cleanup):
(WebCore::CSSPrimitiveValue::getRGBColorValue):
(WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText):
(WebCore::CSSPrimitiveValue::cloneForCSSOM):
(WebCore::CSSPrimitiveValue::equals):

  • css/CSSPrimitiveValue.h: Move to Color* and also use some

nullptrs.

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Add a new inline
constructor.

  • css/CSSValuePool.cpp: Move to Color.

(WebCore::CSSValuePool::CSSValuePool):
(WebCore::CSSValuePool::createColorValue):

  • css/CSSValuePool.h: Change the ColorValueCache to a new type.
  • css/StyleResolver.cpp: Move to Color.

(WebCore::StyleResolver::colorFromPrimitiveValue):

  • css/parser/CSSParser.cpp:

(WebCore::parseColorValue):
(WebCore::CSSParser::parseColor):
(WebCore::CSSParser::parseColorFromString):
(WebCore::CSSParser::parseSystemColor):
(WebCore::fastParseColorInternal):
(WebCore::CSSParser::fastParseColor):
(WebCore::CSSParser::parseColorFromValue):

  • css/parser/CSSParser.h:
  • css/parser/CSSParserFastPaths.cpp:

(WebCore::fastParseColorInternal):
(WebCore::CSSParserFastPaths::parseColor):

  • css/parser/CSSPropertyParserHelpers.cpp:

(WebCore::CSSPropertyParserHelpers::consumeColor):

  • css/parser/SVGCSSParser.cpp:

(WebCore::CSSParser::parseSVGValue):
(WebCore::CSSParser::parseSVGPaint):
(WebCore::CSSParser::parseSVGColor):

  • editing/EditingStyle.cpp:

(WebCore::cssValueToColor):
(WebCore::textColorFromStyle):
(WebCore::backgroundColorFromStyle):
(WebCore::rgbaBackgroundColorInEffect):
(WebCore::EditingStyle::prepareToApplyAt):
(WebCore::isTransparentColorValue):
(WebCore::cssValueToRGBA): Deleted.

  • editing/cocoa/HTMLConverter.mm:

(HTMLConverterCaches::colorPropertyValueForNode):

  • html/HTMLBodyElement.cpp:

(WebCore::HTMLBodyElement::parseAttribute):

  • html/canvas/CanvasGradient.cpp:

(WebCore::CanvasGradient::addColorStop):

  • html/canvas/CanvasRenderingContext2D.cpp: Ditto, but leave a FIXME to

remind myself to come back when colorWithOverrideAlpha has been updated.
(WebCore::CanvasRenderingContext2D::setStrokeStyle):
(WebCore::CanvasRenderingContext2D::setFillStyle):
(WebCore::CanvasRenderingContext2D::setShadowColor):
(WebCore::CanvasRenderingContext2D::setShadow):

  • html/canvas/CanvasStyle.cpp:

(WebCore::isCurrentColorString):
(WebCore::parseColor):
(WebCore::currentColor):
(WebCore::parseColorOrCurrentColor):
(WebCore::CanvasStyle::createFromString):
(WebCore::CanvasStyle::createFromStringWithOverrideAlpha):

  • html/canvas/CanvasStyle.h:
  • svg/SVGColor.cpp:

(WebCore::SVGColor::colorFromRGBColorString):

  • platform/graphics/Color.h: Add new constructors for the special

empty and deleted Color values used in HashTables.
(WebCore::Color::Color):
(WebCore::Color::isHashTableDeletedValue):
(WebCore::Color::asUint64): New accessor to get the raw uint64_t value.

  • platform/graphics/ColorHash.h: Added. Implement the traits for a Color HashTable.

(WTF::ColorHash::hash):
(WTF::ColorHash::equal):
(WTF::HashTraits<WebCore::Color>::emptyValue):
(WTF::HashTraits<WebCore::Color>::constructDeletedValue):
(WTF::HashTraits<WebCore::Color>::isDeletedValue):

4:22 PM Changeset in webkit [207360] by keith_miller@apple.com
  • 11 edits
    2 adds in trunk

B3 needs a special WasmAddress Opcode
https://bugs.webkit.org/show_bug.cgi?id=163394

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

This patch adds support for WasmAddress. WasmAddress will be used by
Wasm to compute the address of a memory operation from the pinned
base pointer. WasmAddress takes an IntPtr so we can avoid emitting
unnecessary Move32s in Air. This could happen in the following case:

@ptr = Trunc(...)
WasmAddress(@ptr, pinnedGPR)
...
PatchPoint(...) Do Wasm call
WasmAddress(@ptr, pinnedGPR)
...

In this case we will not be able to CSE the WasmAddresses since the
call writes to pinnedGPR. Thus if WasmAddress took an Int32 we would need
to emit an extra Move32 at the second WasmAddress to ensure it saw a proper
32-bit value. If Wasm ensures that there there is a leading ZExt32 then
the duplicated moves become unnecessary.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::effectiveAddr):
(JSC::B3::Air::LowerToAir::lower):

  • b3/B3Opcode.cpp:

(WTF::printInternal):

  • b3/B3Opcode.h:
  • b3/B3Validate.cpp:
  • b3/B3Value.cpp:

(JSC::B3::Value::effects):

  • b3/B3WasmAddressValue.cpp: Added.

(JSC::B3::WasmAddressValue::~WasmAddressValue):
(JSC::B3::WasmAddressValue::dumpMeta):
(JSC::B3::WasmAddressValue::cloneImpl):
(JSC::B3::WasmAddressValue::WasmAddressValue):

  • b3/B3WasmAddressValue.h: Added.
  • b3/testb3.cpp:

(JSC::B3::testWasmAddress):
(JSC::B3::run):

Websites/webkit.org:

Update the b3 docs for the new WasmAddress opcode.

  • docs/b3/intermediate-representation.html:
4:10 PM Changeset in webkit [207359] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Dragging to delete a Breakpoint should never trigger a ContentView change
https://bugs.webkit.org/show_bug.cgi?id=163403
<rdar://problem/28762930>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-14
Reviewed by Timothy Hatcher.

  • UserInterface/Views/BreakpointTreeElement.js:

(WebInspector.BreakpointTreeElement.prototype.ondelete):
Signal when a breakpoint tree element will be going away because it was
deleted via the keyboard operation within the TreeOutline. This is a dirty
way to do the signal but we remove BreakpointTreeElements asynchronously
when the Breakpoint actually gets removed from the backend.

  • UserInterface/Views/DebuggerSidebarPanel.js:

(WebInspector.DebuggerSidebarPanel.prototype._removeDebuggerTreeElement):
Deselect a BreakpointTreeElement if it was deleted in a way other then
the delete keyboard shortcut. This ensures another TreeElement selection
doesn't force ContentView changes.

4:04 PM Changeset in webkit [207358] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Improve debugger highlight when inside of getter/setter calls
https://bugs.webkit.org/show_bug.cgi?id=163428
<rdar://problem/28769061>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-14
Reviewed by Timothy Hatcher.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor.prototype.textEditorExecutionHighlightRange):
When in the middle of a member expression at a '.' or '[' get the best member
expression range.

  • UserInterface/Views/TextEditor.js:

(WebInspector.TextEditor.prototype._updateExecutionRangeHighlight):
Include the character at the current position. This is useful since AST Nodes
don't give us token info but we would like to know if we are at particular tokens.

3:42 PM Changeset in webkit [207357] by Brent Fulgham
  • 24 edits in trunk/Source/WebCore

[Win][Direct2D] Implement basic SVG support
https://bugs.webkit.org/show_bug.cgi?id=163349

Reviewed by Brent Fulgham.

Direct2D needs access to the target graphics context when generating bitmap
images so that it can properly match pixel format and other settings.

Add implementations for a number of drawing primitives used in the SVG
test cases. Correct some differences between CG and Direct2D for drawing
different primitives.

No new tests. Tested by existing 'svg' tests.

  • platform/graphics/BitmapImage.cpp:

(WebCore::BitmapImage::frameImageAtIndex): Take optional target graphics
context. Also pass the graphics context to the image decoder.
(WebCore::BitmapImage::nativeImage): Accept an optional target context.
(WebCore::BitmapImage::nativeImageForCurrentFrame): Ditto.
(WebCore::BitmapImage::draw): Pass target graphics context to the
'frameImageAtIndex' method.

  • platform/graphics/BitmapImage.h:
  • platform/graphics/Image.h:
  • platform/graphics/ImageBuffer.cpp:

(WebCore::ImageBuffer::create): Moved from header. Add create function that
takes an optional GraphicsContext argument.

  • platform/graphics/ImageBuffer.h:
  • platform/graphics/ImageFrameCache.cpp: Add missing include needed to build

under Direct2D.

  • platform/graphics/ImageSource.cpp:

(WebCore::ImageSource::setDecoderTargetContext): Added.
(WebCore::ImageSource::setRenderTarget): Deleted.

  • platform/graphics/ImageSource.h:
  • platform/graphics/Pattern.h:
  • platform/graphics/win/GraphicsContextDirect2D.cpp:

(WebCore::GraphicsContextPlatformPrivate::endDraw): Log error state instead of crashing
each time.
(WebCore::GraphicsContext::drawEllipse): Ellipses are defined in D2D as a center, an
X-radius, and a Y-radius.
(WebCore::GraphicsContext::applyStrokePattern):
(WebCore::GraphicsContext::applyFillPattern):
(WebCore::GraphicsContext::clearRect): Use 'Clear' function if possible. Don't clear
anything if the clear rect is outside the drawing area.
(WebCore::GraphicsContext::strokeRect): Provide implementation (needed by SVG).
(WebCore::GraphicsContext::platformFillEllipse): Ellipses are defined in D2D as
a center, an X-radius, and a Y-radius.
(WebCore::GraphicsContext::platformStrokeEllipse): Ditto.

  • platform/graphics/win/ImageBufferDirect2D.cpp:

(WebCore::ImageBuffer::createCompatibleBuffer): Accept optional GraphicsContext argument.
(WebCore::ImageBuffer::ImageBuffer): Ditto.

  • platform/graphics/win/ImageDecoderDirect2D.cpp:

(WebCore::ImageDecoder::setTargetContext): Renamed from 'setRenderTarget'.
(WebCore::ImageDecoder::createFrameImageAtIndex): Take optional GraphicsContext argument.
(WebCore::ImageDecoder::setRenderTarget): Deleted.

  • platform/graphics/win/ImageDecoderDirect2D.h:
  • platform/graphics/win/ImageDirect2D.cpp:

(WebCore::BitmapImage::setRenderTarget): Deleted.

  • platform/graphics/win/NativeImageDirect2D.cpp: Add missing include.
  • platform/graphics/win/PatternDirect2D.cpp:

(WebCore::Pattern::createPlatformPattern): Revise for new signature.

  • rendering/FilterEffectRenderer.cpp:

(WebCore::FilterEffectRenderer::allocateBackingStoreIfNeeded): Pass GraphicsContext
to ImageBuffer constructor.
(WebCore::FilterEffectRendererHelper::beginFilterEffect): Pass target context to
filter when allocating backing store.

  • rendering/FilterEffectRenderer.h: Add GraphicsContext as argument to constructor.
  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::hasFilterThatIsPainting): Supply GraphicsContext argument when
building new FilterEffectRenderer and helper.
(WebCore::RenderLayer::setupFilters): Ditto.

  • svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::nativeImageForCurrentFrame): Revise to take optional GraphicsContext
argument.
(WebCore::SVGImage::nativeImage): Ditto.

  • svg/graphics/SVGImage.h:
  • svg/graphics/SVGImageForContainer.cpp:

(WebCore::SVGImageForContainer::nativeImageForCurrentFrame): Ditto.

  • svg/graphics/SVGImageForContainer.h:
3:25 PM Changeset in webkit [207356] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Unused Breakpoint getter/setter for "id" - should be "identifier"
https://bugs.webkit.org/show_bug.cgi?id=163395

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-14
Reviewed by Timothy Hatcher.

  • UserInterface/Models/Breakpoint.js:

(WebInspector.Breakpoint.prototype.get identifier): Renamed.
(WebInspector.Breakpoint.prototype.set identifier): Renamed.
The only user is DebuggerManager which sets and gets. Previously
it was unexpectedly setting a direct property on the Breakpoint
instead of using these methods to set the member variable.

3:16 PM Changeset in webkit [207355] by Chris Dumez
  • 36 edits
    2 deletes in trunk

Unreviewed, rolling out r207319.

Regressed Dromaeo and may have caused crashes under
GuardMalloc (rdar://problem/28780835)

Reverted changeset:

"[Web IDL] Add support for [SameObject] extended attribute"
https://bugs.webkit.org/show_bug.cgi?id=163414
http://trac.webkit.org/changeset/207319

3:10 PM Changeset in webkit [207354] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Remove uses of delete in SourceCodeTextEditor
https://bugs.webkit.org/show_bug.cgi?id=163379

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-14
Reviewed by Timothy Hatcher.

Remove uses of delete and better group member variables.
One of the deletes was deleting an incorrect property.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor):
(WebInspector.SourceCodeTextEditor.prototype.textEditorBreakpointAdded):
(WebInspector.SourceCodeTextEditor.prototype.textEditorBreakpointRemoved):
(WebInspector.SourceCodeTextEditor.prototype.textEditorBreakpointMoved):
(WebInspector.SourceCodeTextEditor.prototype._tokenTrackingControllerHighlightedMarkedExpression):
(WebInspector.SourceCodeTextEditor.prototype._dismissEditingController):
(WebInspector.SourceCodeTextEditor.prototype.editingControllerDidFinishEditing):

2:52 PM Changeset in webkit [207353] by Ryan Haddad
  • 2 edits in branches/safari-602-branch/LayoutTests

Merge r203602.

11:45 AM Changeset in webkit [207352] by andersca@apple.com
  • 11 edits
    1 delete in trunk/Source

Clean up BackForwardClient
https://bugs.webkit.org/show_bug.cgi?id=163454

Reviewed by Sam Weinig.

Source/WebCore:

Remove iOS specific member functions that are only used from WebKit.

  • history/BackForwardClient.h:
  • loader/EmptyClients.cpp:

Source/WebKit/mac:

  • History/BackForwardList.h:

Remove override keywords.

  • History/BackForwardList.mm:

(BackForwardList::clearAllPageCaches): Deleted.
Remove this, it's no longer used.

  • WebView/WebView.mm:

(-[WebView _clearBackForwardCache]): Deleted.

  • WebView/WebViewPrivate.h:

Remove SPI that's no longer used by anyone.

Source/WebKit2:

Remove empty iOS only stubs.

  • WebKit2.xcodeproj/project.pbxproj:
  • WebProcess/WebPage/WebBackForwardListProxy.h:
  • WebProcess/WebPage/ios/WebBackForwardListProxyIOS.mm: Removed.
11:29 AM Changeset in webkit [207351] by Michael Catanzaro
  • 2 edits in trunk

[CMake] Private/unsupported build options should be marked as advanced
https://bugs.webkit.org/show_bug.cgi?id=163451

Reviewed by Carlos Garcia Campos.

When checking to decide whether to mark an option as advanced, the conditional checks
whether _WEBKIT_AVAILABLE_OPTIONS_IS_PUBLIC_${_name} is defined. It is always defined. We
need to check its value instead.

  • Source/cmake/WebKitFeatures.cmake:
11:26 AM Changeset in webkit [207350] by Simon Fraser
  • 5 edits in trunk

Annotate bots in contributors.json and don't show them on webkit.org/team
https://bugs.webkit.org/show_bug.cgi?id=163317

Reviewed by Daniel Bates.

Tools:

Add "class" : "bot" for non-humans in contributors.json and round-trip it.

  • Scripts/webkitpy/common/config/committers.py:

(Contributor.init):
(Contributor.as_dict):
(Bot):
(Bot.init):
(CommitterList.load_json):

  • Scripts/webkitpy/common/config/contributors.json:

Websites/webkit.org:

Don't show bots.

  • wp-content/themes/webkit/team.php:
11:26 AM Changeset in webkit [207349] by Simon Fraser
  • 2 edits in trunk/Tools

Fix printing in WK2 MiniBrowser
https://bugs.webkit.org/show_bug.cgi?id=163455

Reviewed by Tim Horton.

Call the basic -_printOperationWithPrintInfo: which doens't require a frame argument.

  • MiniBrowser/mac/WK2BrowserWindowController.m:

(-[WK2BrowserWindowController printWebView:]):

11:16 AM Changeset in webkit [207348] by beidson@apple.com
  • 2 edits in trunk/Source/WebKit2

Enable Gamepads by default in WK2.
https://bugs.webkit.org/show_bug.cgi?id=163447

Rubberstamped by Sam Weinig.

  • Shared/WebPreferencesDefinitions.h:
11:14 AM Changeset in webkit [207347] by commit-queue@webkit.org
  • 4 edits
    1 add in trunk

test262: @isConstructor incorrectly thinks Math.cos is a constructor
https://bugs.webkit.org/show_bug.cgi?id=163437

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-14
Reviewed by Saam Barati.

JSTests:

  • stress/is-constructor.js: Added.

(assert):
(prototype.assert):
New test to cover the @isConstructor builtin.

  • test262.yaml:

Test now passes.

Source/JavaScriptCore:

  • runtime/JSFunction.cpp:

(JSC::JSFunction::getConstructData):
By default, Host JSFunctions are not constructable. They get
the default callHostFunctionAsConstructor native constructor.
When getting construct data we can return ConstructType::None
in these cases instead of indicating it might be constructable
and later throwing an exception when construction is attempted.

11:06 AM Changeset in webkit [207346] by barraclough@apple.com
  • 13 edits in trunk/Source/WebKit2

Add API to restrict WebKit processes to background priority
https://bugs.webkit.org/show_bug.cgi?id=163363

Reviewed by Anders Carlson.

Add API on _WKProcessPoolConfiguration to flag a process pool as 'alwaysRunsAtBackgroundPriority'.
WebContent and Networking processes associated with that pool will only run a background priority,
when they otherwise would have run at foreground priority.

  • UIProcess/API/APIProcessPoolConfiguration.h:
    • Add m_alwaysRunsAtBackgroundPriority flag to pool configuration object.
  • UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
  • UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:

(-[_WKProcessPoolConfiguration alwaysRunsAtBackgroundPriority]):
(-[_WKProcessPoolConfiguration setAlwaysRunsAtBackgroundPriority:]):

  • Expose new configuration property through API.
  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::alwaysRunsAtBackgroundPriority):

  • UIProcess/Network/NetworkProcessProxy.h:
    • Support ProcessThrottlerClient interface to check if alwaysRunsAtBackgroundPriority is set.
  • UIProcess/ProcessThrottler.cpp:

(WebKit::ProcessThrottler::assertionState):

  • When determining whether to take a foreground exception check alwaysRunsAtBackgroundPriority.
  • UIProcess/ProcessThrottlerClient.h:
    • Add interface to access alwaysRunsAtBackgroundPriority state of WebProcess of NetworkProcess.
  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::WebProcessPool):

  • UIProcess/WebProcessPool.h:
    • Add m_alwaysRunsAtBackgroundPriority, set by configuration.
  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::alwaysRunsAtBackgroundPriority):

  • UIProcess/WebProcessProxy.h:
    • Support ProcessThrottlerClient interface to check if alwaysRunsAtBackgroundPriority is set.
10:14 AM Changeset in webkit [207345] by andersca@apple.com
  • 16 edits
    2 moves in trunk/Source

Move BackForwardList from WebCore to WebKitLegacy
https://bugs.webkit.org/show_bug.cgi?id=163418

Reviewed by Tim Horton.

Source/WebCore:

  • CMakeLists.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • history/BackForwardController.cpp:

(WebCore::BackForwardController::BackForwardController):

  • history/BackForwardController.h:
  • loader/EmptyClients.cpp:

(WebCore::fillWithEmptyClients):

  • page/Page.cpp:

(WebCore::Page::Page):

Source/WebKit:

  • WebKit.xcodeproj/project.pbxproj:

Source/WebKit/mac:

  • History/BackForwardList.h: Renamed from Source/WebCore/history/BackForwardList.h.

(BackForwardList::create):
(BackForwardList::webView):

  • History/BackForwardList.mm: Renamed from Source/WebCore/history/BackForwardList.cpp.

(BackForwardList::BackForwardList):
(BackForwardList::close):
(BackForwardList::containsItem):

  • History/WebBackForwardList.mm:

(kit):
(-[WebBackForwardList initWithBackForwardList:]):
(-[WebBackForwardList setPageCacheSize:]):
(-[WebBackForwardList pageCacheSize]):

  • History/WebBackForwardListInternal.h:
  • WebCoreSupport/WebFrameLoaderClient.mm:
  • WebView/WebFrameView.mm:
  • WebView/WebView.mm:

(-[WebView _commonInitializationWithFrameName:groupName:]):
(-[WebView initSimpleHTMLDocumentWithStyle:frame:preferences:groupName:]):

9:23 AM Changeset in webkit [207344] by Ryan Haddad
  • 3 edits
    1 delete in trunk

Unreviewed, rolling out r207322.

This change caused JSC test failures

Reverted changeset:

"Fix Array.prototype.splice ES6 compliance."
https://bugs.webkit.org/show_bug.cgi?id=163372
http://trac.webkit.org/changeset/207322

9:23 AM Changeset in webkit [207343] by Manuel Rego Casasnovas
  • 3 edits
    2 adds in trunk

[css-grid] Changing the argument on fit-content() doesn't cause the grid to be relayout
https://bugs.webkit.org/show_bug.cgi?id=163434

Reviewed by Sergio Villar Senin.

Source/WebCore:

When fit-content() was implemented a new attribute
m_fitContentTrackBreadth was added to GridTrackSize.
However we forgot to include it in the == operator implementation,
so we were missing the changes on that value.

Now if you change the argument of a fit-content() track,
the track size is properly recomputed.

Test: fast/css-grid-layout/grid-change-fit-content-argument.html

  • rendering/style/GridTrackSize.h:

(WebCore::GridTrackSize::operator==): Check m_fitContentTrackBreadth.

LayoutTests:

  • fast/css-grid-layout/grid-change-fit-content-argument-expected.txt: Added.
  • fast/css-grid-layout/grid-change-fit-content-argument.html: Added.
9:17 AM Changeset in webkit [207342] by Ryan Haddad
  • 22 edits
    1 delete in trunk/Source/WebCore

Unreviewed, rolling out r207317.
https://bugs.webkit.org/show_bug.cgi?id=163448

This change caused an existing LayoutTest to fail on all
platforms (Requested by ryanhaddad on #webkit).

Reverted changeset:

"CSS parsing should use Color not RGBA32"
https://bugs.webkit.org/show_bug.cgi?id=163423
http://trac.webkit.org/changeset/207317

Patch by Commit Queue <commit-queue@webkit.org> on 2016-10-14

8:58 AM Changeset in webkit [207341] by mark.lam@apple.com
  • 3 edits
    1 add in trunk

JSON.parse should not modify frozen objects.
https://bugs.webkit.org/show_bug.cgi?id=163430

Reviewed by Saam Barati.

JSTests:

  • stress/json-parse-on-frozen-object.js: Added.

Source/JavaScriptCore:

The ES6 spec for JSON.parse (https://tc39.github.io/ecma262/#sec-json.parse and
https://tc39.github.io/ecma262/#sec-internalizejsonproperty) states that it uses
CreateDataProperty() (https://tc39.github.io/ecma262/#sec-createdataproperty) to
set values returned by a reviver. The spec for CreateDataPropertyOrThrow states:

"This abstract operation creates a property whose attributes are set to the same
defaults used for properties created by the ECMAScript language assignment
operator. Normally, the property will not already exist. If it does exist and is
not configurable or if O is not extensible, DefineOwnProperty? will return
false."

Note: CreateDataProperty() will not throw a TypeError.

Since the properties of frozen objects are not extensible, not configurable, and
not writeable, JSON.parse should fail to write to any frozen objects. Similarly,
JSON.parse should fail to delete properties in frozen objects.

In JSON.parse(), we previously write to array elements using the form of
putDirectIndex() that uses mode PutDirectIndexLikePutDirect. This makes it so
that the write (i.e. put) is always successful. We've now fixed this to use
PutDirectIndexShouldNotThrow mode instead, which will fail to put the element if
the array is not writeable.

Also changed Walker::walk() to use the version of methodTable() that takes a VM&
since the VM& is already available.

  • runtime/JSONObject.cpp:

(JSC::Walker::walk):

8:39 AM Changeset in webkit [207340] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

Unreviewed, rolling out r207335.
https://bugs.webkit.org/show_bug.cgi?id=163445

WebKit2.ProvisionalURLAfterWillSendRequestCallback is timing
out on Mac bots (Requested by youenn on #webkit).

Reverted changeset:

"Add ProvisionalURLAfterWillSendRequestCallback.cpp and
ProvisionalURLAfterWillSendRequestCallback_Bundle.cpp to Mac
builds"
https://bugs.webkit.org/show_bug.cgi?id=163440
http://trac.webkit.org/changeset/207335

8:39 AM Changeset in webkit [207339] by Antti Koivisto
  • 8 edits in trunk/Source/WebCore

Share inline stylesheets between shadow trees
https://bugs.webkit.org/show_bug.cgi?id=163353

Reviewed by Ryosuke Niwa and Andreas Kling.

If shadow trees have identical inline stylesheets the data structures can be shared.
In future this will also allow sharing style resolvers.

  • css/CSSStyleSheet.cpp:

(WebCore::CSSStyleSheet::createInline):

Move StyleSheetContents construction to the client.

  • css/parser/CSSParserMode.h:

(WebCore::CSSParserContextHash::hash):
(WebCore::CSSParserContextHash::equal):
(WTF::HashTraits<WebCore::CSSParserContext>::constructDeletedValue):
(WTF::HashTraits<WebCore::CSSParserContext>::isDeletedValue):
(WTF::HashTraits<WebCore::CSSParserContext>::emptyValue):

Make CSSParserContext hashable.

  • dom/ExtensionStyleSheets.cpp:

(WebCore::createExtensionsStyleSheet):
(WebCore::ExtensionStyleSheets::pageUserSheet):
(WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache):

Don't use CSSStyleSheet::createInline, these are not really inline stylesheets.
Code cleanups.

  • dom/InlineStyleSheetOwner.cpp:

(WebCore::parserContextForForElement):
(WebCore::makeInlineStyleSheetCacheKey):
(WebCore::inlineStyleSheetCache):

Implement a simple cache for sharing stylesheets with identical text and context.

(WebCore::InlineStyleSheetOwner::createSheet):
(WebCore::InlineStyleSheetOwner::clearCache):

  • dom/InlineStyleSheetOwner.h:
  • platform/MemoryPressureHandler.cpp:

(WebCore::MemoryPressureHandler::releaseNoncriticalMemory):

7:56 AM Changeset in webkit [207338] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

[Mac] Allow throttling of background tabs that have media elements with no audible audio
https://bugs.webkit.org/show_bug.cgi?id=163402
<rdar://problem/28056151>

Reviewed by Gavin Barraclough.

Allow throttling of background tabs that have media elements with no audible audio.
We were taking an media assertion from the PageThrottler as soon as there was a
media element playing on the page. This prevented throttling of background tabs
even if those media elements had no audible audio, which was unfortunate.

We now have more fine-grained rules for when HTMLMediaElement should take an
assertion. I also added release logging to help debug such issues in the
future.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::setMuted):
(WebCore::HTMLMediaElement::updateVolume):
(WebCore::HTMLMediaElement::updatePlayState):
(WebCore::HTMLMediaElement::updateAudioAssertionState):
(WebCore::HTMLMediaElement::effectiveMuted): Deleted.

  • html/HTMLMediaElement.h:
7:09 AM Changeset in webkit [207337] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebCore

[Readable Streams API] Cleanup patch, fix small inconsistencies
https://bugs.webkit.org/show_bug.cgi?id=163329

Patch by Romain Bellessort <romain.bellessort@crf.canon.fr> on 2016-10-14
Reviewed by Youenn Fablet.

Cleanup patch, fixed 3 small inconsistences between implementation and spec.

No change in behaviour.

  • Modules/streams/ReadableStream.idl: Added optional parameter in getReader.
  • Modules/streams/ReadableStreamDefaultController.js:

(error): Call readableStreamDefaultControllerError instead of readableStreamError.

  • Modules/streams/ReadableStreamInternals.js: Added missing ASSERT in readableStreamDefaultControllerCallPullIfNeeded.
4:47 AM Changeset in webkit [207336] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

http://trac.webkit.org/changeset/207330 broke Mac Windows build
https://bugs.webkit.org/show_bug.cgi?id=163442

Unreviewed.

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-14

  • platform/network/cf/ResourceRequestCFNet.cpp:

(WebCore::toPlatformRequestCachePolicy): Do not explicitly use CFURLRequestCachePolicy enumeration values.

3:23 AM Changeset in webkit [207335] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

Add ProvisionalURLAfterWillSendRequestCallback.cpp and ProvisionalURLAfterWillSendRequestCallback_Bundle.cpp to Mac builds
https://bugs.webkit.org/show_bug.cgi?id=163440

Unreviewed.

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-14

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: Adding new test files introduced in

https://bugs.webkit.org/show_bug.cgi?id=146306 patch.

3:04 AM Changeset in webkit [207334] by commit-queue@webkit.org
  • 7 edits in trunk

test262: Failure with RegExp.prototype.compile when pattern is undefined
https://bugs.webkit.org/show_bug.cgi?id=163431

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-14
Reviewed by Yusuke Suzuki.

JSTests:

  • test262.yaml:

Source/JavaScriptCore:

If pattern is undefined let P be the empty String.
https://tc39.github.io/ecma262/#sec-regexpinitialize

  • runtime/RegExpPrototype.cpp:

(JSC::regExpProtoFuncCompile):

LayoutTests:

  • js/regexp-compile-expected.txt:
  • js/script-tests/regexp-compile.js:
2:49 AM Changeset in webkit [207333] by commit-queue@webkit.org
  • 9 edits in trunk/LayoutTests

REGRESSION (r207299): media/modern-media-controls/pip-button/pip-button.html and media/modern-media-controls/skip-back-button/skip-back-button.html are flaky
https://bugs.webkit.org/show_bug.cgi?id=163411

Patch by Antoine Quint <Antoine Quint> on 2016-10-14
Reviewed by Antoine Quint.

Ensure all buttons have their required images loaded before we check on the mask-image set through CSS.

  • media/modern-media-controls/aspect-ratio-button/aspect-ratio-button.html:
  • media/modern-media-controls/forward-button/forward-button.html:
  • media/modern-media-controls/fullscreen-button/fullscreen-button.html:
  • media/modern-media-controls/mute-button/mute-button.html:
  • media/modern-media-controls/pip-button/pip-button.html:
  • media/modern-media-controls/rewind-button/rewind-button.html:
  • media/modern-media-controls/skip-back-button/skip-back-button.html:
  • media/modern-media-controls/tracks-button/tracks-button.html:
2:17 AM Changeset in webkit [207332] by zandobersek@gmail.com
  • 2 edits in trunk/Source/WebCore

[Cairo] GraphicsContext3D::ImageExtractor fails to extract images
https://bugs.webkit.org/show_bug.cgi?id=163439

Reviewed by Carlos Garcia Campos.

In the Cairo implementation of GraphicsContext3D::ImageExtractor,
don't check for frame completeness at index 0. This information
is now cached only after the frame for that index is decoded and
marked as completed, which is done after this check.

Becuase of this the current check forces extractImage() to return
early and abort WebGL texture uploads from image sources.

This bug was most likely exposed after the refactoring in r206481.
https://trac.webkit.org/changeset/206481

  • platform/graphics/cairo/GraphicsContext3DCairo.cpp:

(WebCore::GraphicsContext3D::ImageExtractor::extractImage):

2:04 AM Changeset in webkit [207331] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

MediaResourceLoader should use CachedResource::ressourceError to do CORS checks
https://bugs.webkit.org/show_bug.cgi?id=163279

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-14
Reviewed by Darin Adler.

Covered by existing tests.

  • loader/MediaResourceLoader.cpp:

(WebCore::MediaResource::responseReceived): Making use of CachedResource::ressourceError to detect CORS failures.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::shouldUpdateCachedResourceWithCurrentRequest): Activating loader options checks
before reusing the resource.
(WebCore::isResourceSuitableForDirectReuse): Disabling direct reuse of MediaResource since reuse of raw
resources does not work yet for media resources.

1:47 AM Changeset in webkit [207330] by commit-queue@webkit.org
  • 16 edits
    20 adds
    2 deletes in trunk

Make NetworkCache aware of fetch cache mode
https://bugs.webkit.org/show_bug.cgi?id=163332

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-14
Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Splitting web-platform-tests/fetch/api/request/request-cache.html in several files so that running the individual test files
is more manageable.

  • web-platform-tests/fetch/api/request/request-cache-default-conditional-expected.txt: Added.
  • web-platform-tests/fetch/api/request/request-cache-default-conditional.html: Added.
  • web-platform-tests/fetch/api/request/request-cache-default-expected.txt: Added.
  • web-platform-tests/fetch/api/request/request-cache-default.html: Added.
  • web-platform-tests/fetch/api/request/request-cache-expected.txt: Removed.
  • web-platform-tests/fetch/api/request/request-cache-force-cache-expected.txt: Added.
  • web-platform-tests/fetch/api/request/request-cache-force-cache.html: Added.
  • web-platform-tests/fetch/api/request/request-cache-no-cache-expected.txt: Added.
  • web-platform-tests/fetch/api/request/request-cache-no-cache.html: Added.
  • web-platform-tests/fetch/api/request/request-cache-no-store-expected.txt: Added.
  • web-platform-tests/fetch/api/request/request-cache-no-store.html: Added.
  • web-platform-tests/fetch/api/request/request-cache-only-if-cached-expected.txt: Added.
  • web-platform-tests/fetch/api/request/request-cache-only-if-cached.html: Added.
  • web-platform-tests/fetch/api/request/request-cache-reload-expected.txt: Added.
  • web-platform-tests/fetch/api/request/request-cache-reload.html: Added.
  • web-platform-tests/fetch/api/request/request-cache.html: Removed.
  • web-platform-tests/fetch/api/request/request-cache.js: Added.

(base_path):
(make_url):
(expected_status):
(expected_response_text):
(server_state):
(run_next_step):
(make_test):

Source/WebCore:

Tests: imported/w3c/web-platform-tests/fetch/api/request/request-cache-default-conditional.html

imported/w3c/web-platform-tests/fetch/api/request/request-cache-default.html
imported/w3c/web-platform-tests/fetch/api/request/request-cache-force-cache.html
imported/w3c/web-platform-tests/fetch/api/request/request-cache-no-cache.html
imported/w3c/web-platform-tests/fetch/api/request/request-cache-no-store.html
imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached.html
imported/w3c/web-platform-tests/fetch/api/request/request-cache-reload.html

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::updateRequestAccordingCacheMode): Setting request cache policy according cache mode.
Basically, these two are about the same.
(WebCore::CachedResourceLoader::determineRevalidationPolicy): Making use of cache policy instead of cache mode.

  • platform/network/ResourceRequestBase.h: Adding new cache policies, aligned with fetch cache modes.
  • platform/network/cf/ResourceRequestCFNet.cpp:

(WebCore::toPlatformRequestCachePolicy): If policy is not supported by CFNetwork, fallback to ReloadIgnoringCacheData.
This is the best approximate we might find.
(WebCore::ResourceRequest::doUpdatePlatformHTTPBody):
(WebCore::ResourceRequest::doUpdateResourceRequest): Only updating cache policy, if cache policy is the default.

  • platform/network/cf/ResourceRequestCFNet.h:
  • platform/network/cocoa/ResourceRequestCocoa.mm: Doing the same modifications as for ResourceRequestCFNet.

(WebCore::ResourceRequest::doUpdateResourceRequest):
(WebCore::toPlatformRequestCachePolicy):
(WebCore::ResourceRequest::doUpdatePlatformRequest):

Source/WebKit2:

Adding explicit serialization of ResourceRequest cachePolicy since it does no longer map to platform request cache policy.

Added support for:

  • Bypassing entirely the network cache in case cache mode is NoStore.
  • requiring revalidation in case of cache hit and cache mode is NoCache.
  • Not using any entry if cache mode is Reload (but cache can still be updated)

Also made sure that the ResourceRequest::cachePolicy remains the same throughout redirections.

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::canUseCache):
(WebKit::NetworkResourceLoader::retrieveCacheEntry):
(WebKit::NetworkResourceLoader::continueWillSendRequest):

  • NetworkProcess/cache/NetworkCache.cpp:

(WebKit::NetworkCache::cachePolicyAllowsExpired):
(WebKit::NetworkCache::makeRetrieveDecision):

  • Shared/mac/WebCoreArgumentCodersMac.mm:

(IPC::ArgumentCoder<ResourceRequest>::encodePlatformData):
(IPC::ArgumentCoder<ResourceRequest>::decodePlatformData):

LayoutTests:

  • platform/ios-simulator/TestExpectations:
  • platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-only-if-cached-expected.txt: Added.
  • platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/request/request-cache-reload-expected.txt: Added.
  • platform/win/TestExpectations:
  • platform/wk2/TestExpectations:
1:04 AM WebKitGTK/2.14.x edited by Manuel Rego Casasnovas
(diff)
12:10 AM Changeset in webkit [207329] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Uncaught Exception: TypeError: this.positionToOffset is not a function - seen hovering expressions with Type Profiler enabled
https://bugs.webkit.org/show_bug.cgi?id=163405
<rdar://problem/28763953>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-14
Reviewed by Matt Baker.

  • UserInterface/Views/SourceCodeTextEditor.js:

Use correct method name, the old one must have gone away.

Oct 13, 2016:

11:58 PM Changeset in webkit [207328] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebCore

Binding generated code for private operations should assert for casted-this checks
https://bugs.webkit.org/show_bug.cgi?id=163326

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-13
Reviewed by Darin Adler.

Covered by existing tests.

Private operations are not exposed to user scripts and are only called by built-in scripts or other WebKit-controlled code.
The call sites already ensure that the caller is of the right type so there is no need to do that work twice.

Introducing a casted-this-error Assert mode for casted-this checks, which may be reused for other binding generated code.
Updated binding generator to use that mode for private operations.

  • bindings/js/JSDOMBinding.h:

(WebCore::BindingCaller::callPromiseOperation):
(WebCore::BindingCaller::callOperation):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation):

  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:

(WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjPrototypeFunctionPrivateMethod):

11:31 PM Changeset in webkit [207327] by Carlos Garcia Campos
  • 2 edits in trunk/Tools

Unreviewed. Removed myself from BindingsScripts watch list.

  • Scripts/webkitpy/common/config/watchlist:
11:31 PM Changeset in webkit [207326] by commit-queue@webkit.org
  • 15 edits in trunk

Exception message for expressions with multiple bracket accesses is inconsistent / incorrect
https://bugs.webkit.org/show_bug.cgi?id=163426

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-13
Reviewed by Geoffrey Garen.

JSTests:

  • ChakraCore/test/Error/CallNonFunction_3.baseline-jsc:
  • ChakraCore/test/Object/null.baseline-jsc:
  • stress/exception-in-to-property-key-should-be-handled-early.js:

Better exception messages.

LayoutTests/imported/w3c:

  • web-platform-tests/html/semantics/embedded-content/media-elements/interfaces/TextTrackCue/endTime-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/media-elements/interfaces/TextTrackCue/id-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/media-elements/interfaces/TextTrackCue/pauseOnExit-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/media-elements/interfaces/TextTrackCue/startTime-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/media-elements/interfaces/TextTrackCue/track-expected.txt:

Better expection messages.

Source/JavaScriptCore:

  • bytecompiler/NodesCodegen.cpp:

(JSC::BracketAccessorNode::emitBytecode):
It matters where emitExpressionInfo is called since it gathers
info about where we are in the instruction stream. We need to
emit it before the bytecode that we want to associate the data
with. In this case, before the getById / getByVal.

LayoutTests:

  • js/exception-expression-offset-expected.txt:
  • js/script-tests/exception-expression-offset.js:

(testException):
Correct existing tests and add new tests for multiple and intermixed
dot / bracket accesses.

11:29 PM Changeset in webkit [207325] by Carlos Garcia Campos
  • 6 edits
    2 adds in trunk

WebView and WebPage URLs not updated after URL is modified by InjectedBundlePageResourceLoadClient::willSendRequestForFrame
https://bugs.webkit.org/show_bug.cgi?id=146306

Reviewed by Darin Adler.

Source/WebCore:

Notify about the provisional URL change when new request set for main resource load in DocumentLoader has a
different URL than the previous one.

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::setRequest):

Tools:

Add unit test to check that the committed URL is updated when changed in willSendRequest callback.

  • TestWebKitAPI/CMakeLists.txt:
  • TestWebKitAPI/PlatformEfl.cmake:
  • TestWebKitAPI/PlatformGTK.cmake:
  • TestWebKitAPI/Tests/WebKit2/ProvisionalURLAfterWillSendRequestCallback.cpp: Added.

(TestWebKitAPI::didCommitLoadForFrame):
(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WebKit2/ProvisionalURLAfterWillSendRequestCallback_Bundle.cpp: Added.

(TestWebKitAPI::ProvisionalURLAfterWillSendRequestCallbackTest::ProvisionalURLAfterWillSendRequestCallbackTest):
(TestWebKitAPI::ProvisionalURLAfterWillSendRequestCallbackTest::willSendRequestForFrame):
(TestWebKitAPI::ProvisionalURLAfterWillSendRequestCallbackTest::didCommitLoadForFrame):

11:19 PM Changeset in webkit [207324] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebCore

Update serializer and iterator binding generated code
https://bugs.webkit.org/show_bug.cgi?id=163325

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-13
Reviewed by Darin Adler.

No change of behavior.
Covered by existing tests and rebased binding generated code.

Making use of BindingCaller::callOperation within serializer and iterator operations.
Refactored serializer code to use direct attribute getters.

  • bindings/js/JSDOMIterator.h:

(WebCore::iteratorCreate):
(WebCore::iteratorForEach):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateSerializerFunction):
(GenerateImplementationIterableFunctions):

  • bindings/scripts/test/JS/JSTestIterable.cpp:

(WebCore::jsTestIterablePrototypeFunctionSymbolIteratorCaller):
(WebCore::jsTestIterablePrototypeFunctionSymbolIterator):
(WebCore::jsTestIterablePrototypeFunctionEntriesCaller):
(WebCore::jsTestIterablePrototypeFunctionEntries):
(WebCore::jsTestIterablePrototypeFunctionKeysCaller):
(WebCore::jsTestIterablePrototypeFunctionKeys):
(WebCore::jsTestIterablePrototypeFunctionValuesCaller):
(WebCore::jsTestIterablePrototypeFunctionValues):
(WebCore::jsTestIterablePrototypeFunctionForEachCaller):
(WebCore::jsTestIterablePrototypeFunctionForEach):

  • bindings/scripts/test/JS/JSTestNode.cpp:

(WebCore::jsTestNodePrototypeFunctionSymbolIteratorCaller):
(WebCore::jsTestNodePrototypeFunctionSymbolIterator):
(WebCore::jsTestNodePrototypeFunctionEntriesCaller):
(WebCore::jsTestNodePrototypeFunctionEntries):
(WebCore::jsTestNodePrototypeFunctionKeysCaller):
(WebCore::jsTestNodePrototypeFunctionKeys):
(WebCore::jsTestNodePrototypeFunctionValuesCaller):
(WebCore::jsTestNodePrototypeFunctionValues):
(WebCore::jsTestNodePrototypeFunctionForEachCaller):
(WebCore::jsTestNodePrototypeFunctionForEach):
(WebCore::jsTestNodePrototypeFunctionToJSON):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjPrototypeFunctionToJSON):

10:39 PM Changeset in webkit [207323] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Fix API test after r207318.
https://bugs.webkit.org/show_bug.cgi?id=162951

This fixes the API test WebKit2.PendingAPIRequestURL which asserted when trying to hash a null String.

  • loader/DocumentLoader.cpp:

(WebCore::isRemoteWebArchive):
If the mimeType is a null String, it is not in the set webArchiveMIMETypes, so return false instead of hashing it.

10:29 PM Changeset in webkit [207322] by mark.lam@apple.com
  • 3 edits
    1 add in trunk

Fix Array.prototype.splice ES6 compliance.
https://bugs.webkit.org/show_bug.cgi?id=163372

Reviewed by Geoffrey Garen and Yusuke Suzuki.

JSTests:

  • stress/array-splice-on-frozen-object.js: Added.

Source/JavaScriptCore:

Our Array.prototype.splice implementation neglected to set length on the result
array (step 12 of https://tc39.github.io/ecma262/#sec-array.prototype.splice) in
a certain code path. This is now fixed.

I'm deferring the implementation of step 8 till later because it requires more
careful consideration and the fix is of a lesser value (and therefore, of less
urgency). See https://bugs.webkit.org/show_bug.cgi?id=163417

Also added some needed exception checks and assertions.

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncSplice):

9:09 PM Changeset in webkit [207321] by achristensen@apple.com
  • 32 edits in trunk

Hosts of URLs with non-special schemes should be case-sensitive, and non-ASCII characters in such hosts should be punycode-encoded
https://bugs.webkit.org/show_bug.cgi?id=163413

Reviewed by Tim Horton.

LayoutTests/imported/w3c:

  • web-platform-tests/url/url-setters-expected.txt:

Update results. Some more tests are failing, but if my proposal in https://github.com/whatwg/url/issues/148 is accepted,
then these web platform tests will need to be changed. These web platform tests were also failing with the old URL::parse.

Source/WebCore:

This retains compatibility with the canonicalization Chrome, Firefox, and Safari with uppercase characters
in the hosts of URLs with unrecognized schemes. Safari treats such characters as the host, while Firefox
and Chrome treat such characters as part of the path, starting with the "" after the ':'
Behavior of non-ASCII characters is inconsistent, and since we need to have a host, we should punycode-encode
the host to be consistent with special schemes because percent-encoding hosts sometimes is inconsistent.

This solution was proposed to the spec in https://github.com/whatwg/url/issues/148

Covered by updated API and layout tests.

  • platform/URLParser.cpp:

(WebCore::URLParser::parse):
(WebCore::URLParser::percentDecode):
(WebCore::URLParser::domainToASCII):
(WebCore::URLParser::hasInvalidDomainCharacter):
(WebCore::URLParser::parseHostAndPort):
(WebCore::URLParser::formURLDecode):
(WebCore::percentDecode): Deleted.
(WebCore::domainToASCII): Deleted.
(WebCore::hasInvalidDomainCharacter): Deleted.
(WebCore::formURLDecode): Deleted.

  • platform/URLParser.h:

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):
Update parsing results. There are now fewer differences between the new URLParser and the old URL::parse.

LayoutTests:

  • contentfiltering/block-after-add-data-then-allow-unblock-expected.txt:
  • contentfiltering/block-after-add-data-then-deny-unblock-expected.txt:
  • contentfiltering/block-after-finished-adding-data-then-allow-unblock-expected.txt:
  • contentfiltering/block-after-finished-adding-data-then-deny-unblock-expected.txt:
  • contentfiltering/block-after-response-then-allow-unblock-expected.txt:
  • contentfiltering/block-after-response-then-deny-unblock-expected.txt:
  • contentfiltering/block-after-will-send-request-then-allow-unblock-expected.txt:
  • contentfiltering/block-after-will-send-request-then-deny-unblock-expected.txt:
  • fast/backgrounds/background-shorthand-after-set-backgroundSize-expected.txt:
  • fast/backgrounds/background-shorthand-after-set-backgroundSize.html:
  • fast/backgrounds/background-shorthand-with-backgroundSize-style-expected.txt:
  • fast/backgrounds/background-shorthand-with-backgroundSize-style.html:
  • fast/css/getComputedStyle/computed-style-border-image-expected.txt:
  • fast/css/getComputedStyle/computed-style-border-image.html:
  • fast/css/getComputedStyle/computed-style-cross-fade-expected.txt:
  • fast/css/getComputedStyle/computed-style-cross-fade.html:
  • fast/css/getComputedStyle/getComputedStyle-background-shorthand-expected.txt:
  • fast/css/getComputedStyle/getComputedStyle-background-shorthand.html:
  • fast/css/getComputedStyle/getComputedStyle-list-style-shorthand-expected.txt:
  • fast/css/getComputedStyle/getComputedStyle-list-style-shorthand.html:
  • fast/loader/url-parse-1-expected.txt:
  • fast/url/host-lowercase-per-scheme-expected.txt:
  • fast/url/safari-extension-expected.txt:
  • http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:

Update test expectations. This is how they were before r207162, showing that this change to the URLParser increases compatibility.

7:58 PM Changeset in webkit [207320] by matthew_hanson@apple.com
  • 5 edits in trunk/Source

Versioning.

7:50 PM Changeset in webkit [207319] by Chris Dumez
  • 36 edits
    2 adds in trunk

[Web IDL] Add support for [SameObject] extended attribute
https://bugs.webkit.org/show_bug.cgi?id=163414

Reviewed by Darin Adler.

Source/WebCore:

Add support for [SameObject] Web IDL extended attribute:

Start using it on DOM / HTML attributes where the specification
mandates it.

Test: js/dom/SameObject-support.html

  • bindings/scripts/CodeGeneratorJS.pm:

(ShouldCacheAttribute):
(GenerateHeader):
(GenerateImplementation):

  • bindings/scripts/IDLAttributes.txt:
  • dom/DataTransfer.idl:
  • dom/Document.idl:
  • dom/Element.idl:
  • dom/MutationRecord.idl:
  • dom/Node.idl:
  • dom/NodeIterator.idl:
  • dom/ParentNode.idl:
  • dom/TreeWalker.idl:
  • html/HTMLAnchorElement.idl:
  • html/HTMLAreaElement.idl:
  • html/HTMLButtonElement.idl:
  • html/HTMLDataListElement.idl:
  • html/HTMLDocument.idl:
  • html/HTMLElement.idl:
  • html/HTMLFieldSetElement.idl:
  • html/HTMLFormElement.idl:
  • html/HTMLIFrameElement.idl:
  • html/HTMLInputElement.idl:
  • html/HTMLKeygenElement.idl:
  • html/HTMLLinkElement.idl:
  • html/HTMLMapElement.idl:
  • html/HTMLMediaElement.idl:
  • html/HTMLMeterElement.idl:
  • html/HTMLOutputElement.idl:
  • html/HTMLProgressElement.idl:
  • html/HTMLSelectElement.idl:
  • html/HTMLTableElement.idl:
  • html/HTMLTableRowElement.idl:
  • html/HTMLTableSectionElement.idl:
  • html/HTMLTextAreaElement.idl:
  • page/Location.idl:
  • page/Navigator.idl:

LayoutTests:

Add layout test coverage.

  • js/dom/SameObject-support-expected.txt: Added.
  • js/dom/SameObject-support.html: Added.
6:14 PM Changeset in webkit [207318] by aestes@apple.com
  • 2 edits in trunk/Source/WebCore

[iOS] Support Web Archive previews generated by QuickLook
https://bugs.webkit.org/show_bug.cgi?id=162951
<rdar://problem/28607920>

Reviewed by Brady Eidson.

QuickLook might generate a Web Archive preview for some resource types, but WebKit would
refuse to load it due to the prohibition on loading remote Web Archives. Even though the
original resource might be from a remote origin, the QuickLook-generated preview is a
trusted local resource, so allow it to be loaded.

No test possible.

  • loader/DocumentLoader.cpp:

(WebCore::isRemoteWebArchive): Added. Moved the remote web archive check from
continueAfterContentPolicy() to here, and added a check for responses containing the
QuickLook preview protocol.
(WebCore::DocumentLoader::continueAfterContentPolicy): Called isRemoteWebArchive().

6:10 PM Changeset in webkit [207317] by dino@apple.com
  • 22 edits
    1 add in trunk/Source/WebCore

CSS parsing should use Color not RGBA32
https://bugs.webkit.org/show_bug.cgi?id=163423
<rdar://problem/28766903>

Reviewed by Simon Fraser.

In order to allow CSS to use the ExtendedColor variant of
Color, we need to stop using RGBA32. This is a fairly big
change that goes through all the places in the parser
related to colors, and moves them from RGBA32 to Color.

No change in functionality, so covered by existing tests.

  • WebCore.xcodeproj/project.pbxproj: Add the new ColorHash.h file.
  • css/CSSPrimitiveValue.cpp: CSSPrimitiveValue now can hold a Color*

rather than an unsigned int for colors.
(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::cleanup):
(WebCore::CSSPrimitiveValue::getRGBColorValue):
(WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText):
(WebCore::CSSPrimitiveValue::cloneForCSSOM):
(WebCore::CSSPrimitiveValue::equals):

  • css/CSSPrimitiveValue.h: Move to Color* and also use some

nullptrs.

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Add a new inline
constructor.

  • css/CSSValuePool.cpp: Move to Color.

(WebCore::CSSValuePool::CSSValuePool):
(WebCore::CSSValuePool::createColorValue):

  • css/CSSValuePool.h: Change the ColorValueCache to a new type.
  • css/StyleResolver.cpp: Move to Color.

(WebCore::StyleResolver::colorFromPrimitiveValue):

  • css/parser/CSSParser.cpp:

(WebCore::parseColorValue):
(WebCore::CSSParser::parseColor):
(WebCore::CSSParser::parseColorFromString):
(WebCore::CSSParser::parseSystemColor):
(WebCore::fastParseColorInternal):
(WebCore::CSSParser::fastParseColor):
(WebCore::CSSParser::parseColorFromValue):

  • css/parser/CSSParser.h:
  • css/parser/CSSParserFastPaths.cpp:

(WebCore::fastParseColorInternal):
(WebCore::CSSParserFastPaths::parseColor):

  • css/parser/CSSPropertyParserHelpers.cpp:

(WebCore::CSSPropertyParserHelpers::consumeColor):

  • css/parser/SVGCSSParser.cpp:

(WebCore::CSSParser::parseSVGValue):
(WebCore::CSSParser::parseSVGPaint):
(WebCore::CSSParser::parseSVGColor):

  • editing/EditingStyle.cpp:

(WebCore::cssValueToColor):
(WebCore::textColorFromStyle):
(WebCore::backgroundColorFromStyle):
(WebCore::rgbaBackgroundColorInEffect):
(WebCore::EditingStyle::prepareToApplyAt):
(WebCore::isTransparentColorValue):
(WebCore::cssValueToRGBA): Deleted.

  • editing/cocoa/HTMLConverter.mm:

(HTMLConverterCaches::colorPropertyValueForNode):

  • html/HTMLBodyElement.cpp:

(WebCore::HTMLBodyElement::parseAttribute):

  • html/canvas/CanvasGradient.cpp:

(WebCore::CanvasGradient::addColorStop):

  • html/canvas/CanvasRenderingContext2D.cpp: Ditto, but leave a FIXME to

remind myself to come back when colorWithOverrideAlpha has been updated.
(WebCore::CanvasRenderingContext2D::setStrokeStyle):
(WebCore::CanvasRenderingContext2D::setFillStyle):
(WebCore::CanvasRenderingContext2D::setShadowColor):
(WebCore::CanvasRenderingContext2D::setShadow):

  • html/canvas/CanvasStyle.cpp:

(WebCore::isCurrentColorString):
(WebCore::parseColor):
(WebCore::currentColor):
(WebCore::parseColorOrCurrentColor):
(WebCore::CanvasStyle::createFromString):
(WebCore::CanvasStyle::createFromStringWithOverrideAlpha):

  • html/canvas/CanvasStyle.h:
  • svg/SVGColor.cpp:

(WebCore::SVGColor::colorFromRGBColorString):

  • platform/graphics/Color.h: Add new constructors for the special

empty and deleted Color values used in HashTables.
(WebCore::Color::Color):
(WebCore::Color::isHashTableDeletedValue):
(WebCore::Color::asUint64): New accessor to get the raw uint64_t value.

  • platform/graphics/ColorHash.h: Added. Implement the traits for a Color HashTable.

(WTF::ColorHash::hash):
(WTF::ColorHash::equal):
(WTF::HashTraits<WebCore::Color>::emptyValue):
(WTF::HashTraits<WebCore::Color>::constructDeletedValue):
(WTF::HashTraits<WebCore::Color>::isDeletedValue):

5:27 PM Changeset in webkit [207316] by Ryan Haddad
  • 2 edits in branches/safari-602-branch/LayoutTests

Merge r204304.

4:38 PM Changeset in webkit [207315] by achristensen@apple.com
  • 4 edits in trunk/Tools

Rebase API tests after r207305.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:

Actually build Tests/mac/LoadInvalidURLRequest.mm so we are running the WebKit1.LoadInvalidURLRequest API test.

  • TestWebKitAPI/Tests/WebKit2Cocoa/LoadInvalidURLRequest.mm:

(-[LoadInvalidURLNavigationActionDelegate webView:didFailProvisionalNavigation:withError:]):

  • TestWebKitAPI/Tests/mac/LoadInvalidURLRequest.mm:

(-[LoadInvalidURLWebFrameLoadDelegate webView:didFailProvisionalLoadWithError:forFrame:]):
Change results back to what they were before r207162, r207167, and r207184.

3:52 PM Changeset in webkit [207314] by n_wang@apple.com
  • 10 edits in trunk

AX: [Mac] better accessibility support for Summary elements
https://bugs.webkit.org/show_bug.cgi?id=163367
<rdar://problem/28745010>

Reviewed by Chris Fleizach.

Source/WebCore:

Exposed summary elements as AXButton and used the text node's content
as AXTitle. Also exposed the details parent's expanded status on the summary
element, so that users would see it as a collapsed/expanded button.

Changes are covered in the modified tests.

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::parentObjectUnignored):
(WebCore::AccessibilityObject::scrollViewAncestor):
(WebCore::AccessibilityObject::headingElementForNode):
(WebCore::AccessibilityObject::matchedParent):
(WebCore::AccessibilityObject::isDescendantOfObject):
(WebCore::AccessibilityObject::isInsideARIALiveRegion):
(WebCore::AccessibilityObject::elementAccessibilityHitTest):
(WebCore::AccessibilityObject::isExpanded):
(WebCore::AccessibilityObject::isARIAHidden):
(WebCore::AccessibilityObject::focusableAncestor):
(WebCore::AccessibilityObject::editableAncestor):

  • accessibility/AccessibilityObject.h:

(WebCore::AccessibilityObject::isSummary):

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper _accessibilityListAncestor]):
(-[WebAccessibilityObjectWrapper _accessibilityLandmarkAncestor]):
(-[WebAccessibilityObjectWrapper _accessibilityTableAncestor]):
(-[WebAccessibilityObjectWrapper _accessibilityFieldsetAncestor]):
(-[WebAccessibilityObjectWrapper tableCellParent]):
(-[WebAccessibilityObjectWrapper tableParent]):
(-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
(-[WebAccessibilityObjectWrapper convertRectToScreenSpace:]):
(-[WebAccessibilityObjectWrapper detailParentForSummaryObject:]):
(-[WebAccessibilityObjectWrapper detailParentForObject:]):
(matchedParent): Deleted.

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
(createAccessibilityRoleMap):
(-[WebAccessibilityObjectWrapper roleDescription]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

LayoutTests:

  • accessibility/mac/details-summary-expected.txt:
  • accessibility/mac/details-summary-role-description-expected.txt:
  • accessibility/mac/details-summary-role-description.html:
  • accessibility/mac/details-summary.html:
3:25 PM Changeset in webkit [207313] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking inspector/debugger/breakpoints/resolved-dump-each-line.html as flaky on mac.
https://bugs.webkit.org/show_bug.cgi?id=161951

Unreviewed test gardening.

  • platform/mac/TestExpectations:
3:20 PM Changeset in webkit [207312] by commit-queue@webkit.org
  • 8 edits in trunk

Web Inspector: Stepping highlight for dot/bracket expressions in if statements highlights subset of the expression
https://bugs.webkit.org/show_bug.cgi?id=163378
<rdar://problem/28749376>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-13
Reviewed by Saam Barati.

Source/JavaScriptCore:

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseAssignmentExpression):
Since each expression builds on the previous, always keep the starting
location the first location.

LayoutTests:

  • inspector/debugger/breakpoints/resolved-dump-all-pause-locations-expected.txt:
  • inspector/debugger/breakpoints/resolved-dump-each-line-expected.txt:
  • inspector/debugger/breakpoints/resources/dump-general.js:
  • inspector/debugger/stepping/stepping-misc-expected.txt:
  • inspector/debugger/stepping/stepping-misc.html:

Add tests for these kinds of special cases.

2:48 PM Changeset in webkit [207311] by Brian Burg
  • 3 edits in trunk

[CMake] Split the definition of CODE_GENERATOR_PREPROCESSOR so it can be used in a custom command
https://bugs.webkit.org/show_bug.cgi?id=163401

Reviewed by Michael Catanzaro.

In another patch, we need to use CODE_GENERATOR_PREPROCESSOR as the COMMAND argument
when defining an add_custom_command. Previously, it has only been used as a quoted argument
to various Perl code generation scripts.

To support both use cases, we need to be able to provide the executable and its arguments as
an unbroken quoted string, and as a CMake list suitable for passing as an argument to COMMAND.

  • Source/cmake/OptionsCommon.cmake:

Split out the executable and argument string into separate variables that can be used elsewhere.
Compute the final unbroken quoted string using the two separate variables to arrive at the same result.

  • Source/cmake/WebKitMacros.cmake:

Drive-by cleanup to add quotes around the use of CODE_GENERATOR_PREPROCESSOR so it matches other uses.

2:41 PM Changeset in webkit [207310] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

[Clean RenderTree] LayoutTests/imported/blink/fast/table/crash-bad-child-table-continuation.html fails.
https://bugs.webkit.org/show_bug.cgi?id=163399

Reviewed by David Hyatt.

When we try to insert a renderer before a child whose direct parent is a (anonymus) RenderTable, continuation logic
should dismiss the RenderTable as the parent and find a more appropriate ancestor.
RenderTables assumes a certain descendant tree structure which might not be available in the continuation.

Will be testable with webkit.org/b/162834

  • rendering/RenderInline.cpp:

(WebCore::canUseAsParentForContinuation):
(WebCore::RenderInline::addChildToContinuation):

2:37 PM Changeset in webkit [207309] by Ryan Haddad
  • 4 edits
    1 copy in branches/safari-602-branch/LayoutTests

Rebaseline failing LayoutTests.

Unreviewed test gardening.

  • http/tests/security/location-cross-origin-expected.txt:
  • platform/mac-elcapitan/fast/text/emoji-expected.txt: Copied from LayoutTests/platform/mac/fast/text/emoji-expected.txt.
  • platform/mac/fast/text/emoji-expected.txt:
  • platform/mac/http/tests/cookies/third-party-cookie-relaxing-expected.txt:
2:36 PM Changeset in webkit [207308] by andersca@apple.com
  • 6 edits
    2 adds in trunk/Source/WebKit

Copy BackForwardList from WebCore to WebKit/win
https://bugs.webkit.org/show_bug.cgi?id=163360

Reviewed by Alex Christensen.

Source/WebKit:

This is the first step towards getting rid of BackForwardList in WebCore.

  • PlatformWin.cmake:

Add new files.

Source/WebKit/win:

Use our local BackForwardList class instead of WebCore::BackForwardList.

  • BackForwardList.cpp: Added.
  • BackForwardList.h: Added.
  • WebBackForwardList.h:
  • WebView.cpp:

(WebView::initWithFrame):
(WebView::backForwardList):

2:08 PM Changeset in webkit [207307] by matthew_hanson@apple.com
  • 9 edits in tags/Safari-603.1.9

Merge r207305. rdar://problem/28756748

2:07 PM Changeset in webkit [207306] by matthew_hanson@apple.com
  • 7 edits in tags/Safari-603.1.9

Merge r207301. rdar://problem/28756748

2:01 PM Changeset in webkit [207305] by achristensen@apple.com
  • 9 edits in trunk

Disable URLParser for non-Safari iOS and Mac apps for now
https://bugs.webkit.org/show_bug.cgi?id=163397

Reviewed by Tim Horton.

Source/WebCore:

r207268 was an awful hack, and it was insufficient.
Disable the URLParser for other apps for now. Hopefully we can enable it everywhere soon.

No change in behavior for testing infrastructure.
Old URLs were well tested before making the switch, and nothing has changed for them.

  • platform/URLParser.cpp:

(WebCore::URLParser::parse):
(WebCore::URLParser::parseHostAndPort):
(WebCore::URLParser::setEnabled):
(WebCore::URLParser::enabled):

  • platform/URLParser.h:

Tools:

  • DumpRenderTree/mac/DumpRenderTree.mm:

(DumpRenderTreeMain):

  • WebKitTestRunner/TestController.cpp:

Enable the URLParser for testing.

  • WebKitTestRunner/Configurations/WebKitTestRunnerApp.xcconfig:

Link with WebCoreTestSupport so we can find setURLParserEnabled.

1:18 PM BuildingGtk edited by mario@webkit.org
(diff)
1:03 PM Changeset in webkit [207304] by matthew_hanson@apple.com
  • 7 edits in tags/Safari-603.1.9

Merge r207297. rdar://problem/28756748

1:03 PM Changeset in webkit [207303] by matthew_hanson@apple.com
  • 3 edits in tags/Safari-603.1.9/Source/WebCore

Merge r207268. rdar://problem/28756748

12:26 PM Changeset in webkit [207302] by Chris Dumez
  • 11 edits in trunk/Source/WebCore

Rename [ConstructorTemplate=*] to [LegacyConstructorTemplate=*]
https://bugs.webkit.org/show_bug.cgi?id=163390

Reviewed by Darin Adler.

Rename [ConstructorTemplate=*] to [LegacyConstructorTemplate=*] as the
modern way of doing this is to use a constructor that takes in a
dictionary. I am working on getting rid of this extended attribute
entirely but the remaining uses require better support for union types.

  • Modules/applepay/ApplePayValidateMerchantEvent.idl:
  • Modules/indexeddb/IDBVersionChangeEvent.idl:
  • Modules/mediastream/RTCTrackEvent.idl:
  • bindings/scripts/CodeGenerator.pm:

(IsConstructorTemplate):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateConstructorDefinition):
(IsConstructable):

  • bindings/scripts/IDLAttributes.txt:
  • dom/Event.idl:
  • dom/ProgressEvent.idl:
  • dom/UIEvent.idl:
  • html/track/TrackEvent.idl:
12:21 PM Changeset in webkit [207301] by Ryan Haddad
  • 7 edits in trunk

Unreviewed, rolling out r207297.

This change broke the iOS build.

Reverted changeset:

"Disable URLParser for non-Safari iOS and Mac apps for now"
https://bugs.webkit.org/show_bug.cgi?id=163397
http://trac.webkit.org/changeset/207297

12:15 PM Changeset in webkit [207300] by andersca@apple.com
  • 12 edits in trunk/Source

Get rid of the HistoryItemVector typedef
https://bugs.webkit.org/show_bug.cgi?id=163398

Reviewed by Beth Dakin.

Expand the HistoryitemVector typedef instead to make it more clear what types we are dealing with.

Source/WebCore:

  • history/BackForwardList.cpp:

(WebCore::BackForwardList::backListWithLimit):
(WebCore::BackForwardList::forwardListWithLimit):
(WebCore::BackForwardList::entries):

  • history/BackForwardList.h:
  • history/HistoryItem.cpp:

(WebCore::HistoryItem::children):

  • history/HistoryItem.h:
  • loader/HistoryController.cpp:

(WebCore::HistoryController::currentFramesMatchItem):

Source/WebKit/mac:

  • History/WebBackForwardList.mm:

(-[WebBackForwardList dictionaryRepresentation]):
(vectorToNSArray):
(-[WebBackForwardList backListWithLimit:]):
(-[WebBackForwardList forwardListWithLimit:]):
(-[WebBackForwardList description]):

  • History/WebHistoryItem.mm:

(-[WebHistoryItem description]):

Source/WebKit/win:

  • WebBackForwardList.cpp:

(WebBackForwardList::backListWithLimit):
(WebBackForwardList::forwardListWithLimit):

  • WebHistoryItem.cpp:

(WebHistoryItem::children):

12:02 PM Changeset in webkit [207299] by commit-queue@webkit.org
  • 2 edits
    9 adds in trunk

[Modern Media Controls] MediaControls base class
https://bugs.webkit.org/show_bug.cgi?id=163387
<rdar://problem/28753955>

Patch by Antoine Quint <Antoine Quint> on 2016-10-13
Reviewed by Dean Jackson.

Source/WebCore:

Introducing the new MediaControls class which will serve as a basis for all media controls.
We will introduce specific MediaControls subclasses for macOS inline, macOS fullscreen and
iOS inline in future patches.

Tests: media/modern-media-controls/media-controls/media-controls-constructor.html

media/modern-media-controls/media-controls/media-controls-placard.html
media/modern-media-controls/media-controls/media-controls-start-button.html

  • Modules/modern-media-controls/controls/media-controls.css: Added.

(.media-controls,):

  • Modules/modern-media-controls/controls/media-controls.js: Added.

(MediaControls.):
(MediaControls.prototype.get showsStartButton):
(MediaControls.prototype.set showsStartButton):
(MediaControls.prototype.get showsPlacard):
(MediaControls.prototype.showPlacard):
(MediaControls.prototype.hidePlacard):

LayoutTests:

Testing the properties of the new MediaControls class.

  • media/modern-media-controls/media-controls/media-controls-constructor-expected.txt: Added.
  • media/modern-media-controls/media-controls/media-controls-constructor.html: Added.
  • media/modern-media-controls/media-controls/media-controls-placard-expected.txt: Added.
  • media/modern-media-controls/media-controls/media-controls-placard.html: Added.
  • media/modern-media-controls/media-controls/media-controls-start-button-expected.txt: Added.
  • media/modern-media-controls/media-controls/media-controls-start-button.html: Added.
12:01 PM Changeset in webkit [207298] by timothy_horton@apple.com
  • 7 edits in trunk/Source/WebKit2

Rename the SPI added in r207292 due to post-landing review comments
https://bugs.webkit.org/show_bug.cgi?id=163364
<rdar://problem/28012494>

Reviewed by Simon Fraser.

  • UIProcess/API/APIPageConfiguration.h:

(API::PageConfiguration::waitsForPaintAfterViewDidMoveToWindow):
(API::PageConfiguration::setWaitsForPaintAfterViewDidMoveToWindow):
(API::PageConfiguration::shouldWaitForPaintAfterViewDidMoveToWindow): Deleted.
(API::PageConfiguration::setShouldWaitForPaintAfterViewDidMoveToWindow): Deleted.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _waitsForPaintAfterViewDidMoveToWindow]):
(-[WKWebViewConfiguration _setWaitsForPaintAfterViewDidMoveToWindow:]):
(-[WKWebViewConfiguration _shouldWaitForPaintAfterViewDidMoveToWindow]): Deleted.
(-[WKWebViewConfiguration _setShouldWaitForPaintAfterViewDidMoveToWindow:]): Deleted.

  • UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::WebPageProxy):
(WebKit::WebPageProxy::dispatchViewStateChange):

  • UIProcess/WebPageProxy.h:
11:57 AM Changeset in webkit [207297] by achristensen@apple.com
  • 7 edits in trunk

Disable URLParser for non-Safari iOS and Mac apps for now
https://bugs.webkit.org/show_bug.cgi?id=163397

Reviewed by Tim Horton.

Source/WebCore:

r207268 was an awful hack, and it was insufficient.
Disable the URLParser for other apps for now. Hopefully we can enable it everywhere soon.

No change in behavior for testing infrastructure.
Old URLs were well tested before making the switch, and nothing has changed for them.

  • platform/URLParser.cpp:

(WebCore::URLParser::parse):
(WebCore::URLParser::parseHostAndPort):
(WebCore::URLParser::setEnabled):
(WebCore::URLParser::enabled):

  • platform/URLParser.h:

Tools:

  • DumpRenderTree/mac/DumpRenderTree.mm:

(DumpRenderTreeMain):

  • WebKitTestRunner/ios/mainIOS.mm:

(main):

  • WebKitTestRunner/mac/main.mm:

(main):

11:53 AM Changeset in webkit [207296] by Jonathan Bedard
  • 3 edits in trunk/Source/WebKit2

GTK and EFL on Mac fail to compile WebTextChecker due to missing definition of WKTextCheckerClientBase
https://bugs.webkit.org/show_bug.cgi?id=163346

Reviewed by Daniel Bates.

  • UIProcess/API/C/WKTextChecker.cpp: Fixed #ifdefs for GTK and EFL builds on Darwin machines.
  • UIProcess/API/C/WKTextChecker.h: Ditto.
11:45 AM Changeset in webkit [207295] by commit-queue@webkit.org
  • 2 edits
    9 adds in trunk

[Modern Media Controls] TimeControl and TimeLabel
https://bugs.webkit.org/show_bug.cgi?id=163356
<rdar://problem/28741376>

Patch by Antoine Quint <Antoine Quint> on 2016-10-13
Reviewed by Dean Jackson.

Source/WebCore:

We introduce the TimeControl and TimeLabel classes. A TimeControl object
provides two TimeLabels, one for the elapsed time, one for the remaining
time, and a Scrubber in between them. Depending on a TimeControl's width,
it will adjust its layout such that the scrubber takes all the available
space between the labels, and can indicate whether it's large enough to
meet the minimal required width to show the scrubber, such that a container
node may decide not to show the TimeControl at all.

TimeLabel nodes simply show an integer time value in miliseconds in a
nicely formatted way.

Tests: media/modern-media-controls/time-control/time-control.html

media/modern-media-controls/time-label/time-label.html

  • Modules/modern-media-controls/controls/time-control.js: Added.

(TimeControl.prototype.get width):
(TimeControl.prototype.set width):
(TimeControl.prototype.get isSufficientlyWide):

  • Modules/modern-media-controls/controls/time-label.css: Added.

(.time-label):

  • Modules/modern-media-controls/controls/time-label.js: Added.

(TimeLabel.prototype.get value):
(TimeLabel.prototype.set value):
(TimeLabel.prototype.commitProperty):
(TimeLabel.prototype._formattedTime):

LayoutTests:

Adding tests for the new TimeControl and TimeLabel classes.

  • media/modern-media-controls/time-control/time-control-expected.txt: Added.
  • media/modern-media-controls/time-control/time-control.html: Added.
  • media/modern-media-controls/time-label/time-label-expected.txt: Added.
  • media/modern-media-controls/time-label/time-label.html: Added.
11:13 AM Changeset in webkit [207294] by jer.noble@apple.com
  • 3 edits
    2 adds in trunk

CRASH at WebCore::SourceBuffer::removeCodedFrames + 37
https://bugs.webkit.org/show_bug.cgi?id=163336

Reviewed by Alex Christensen.

Source/WebCore:

Test: media/media-source/media-source-remove-crash.html

A null-deref crash can occur if a SourceBuffer is removed from a MediaSource after
SourceBuffer.remove() is called, but before the removeTimer is fired.

  • Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::removeTimerFired):

LayoutTests:

  • media/media-source/media-source-remove-crash-expected.txt: Added.
  • media/media-source/media-source-remove-crash.html: Added.
11:11 AM Changeset in webkit [207293] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore

[SOUP] SHOULD NEVER BE REACHED ../../Source/WebCore/platform/URL.cpp(1291) : void WebCore::URL::parse(const WTF::String&)
https://bugs.webkit.org/show_bug.cgi?id=163392

Reviewed by Alex Christensen.

Fix the URL constructor to work with URLParser.

  • platform/soup/URLSoup.cpp:

(WebCore::URL::URL):

10:44 AM Changeset in webkit [207292] by timothy_horton@apple.com
  • 7 edits in trunk/Source/WebKit2

Expose SPI to disable synchronously blocking on painting after parenting a WKWebView
https://bugs.webkit.org/show_bug.cgi?id=163364
<rdar://problem/28012494>

Reviewed by Geoff Garen.

Some clients may not want the default WKWebView behavior where we synchronously
block on the Web process after the first time a WKWebView is re-added to the window,
because they are e.g. parenting re-used WKWebViews while scrolling.

  • UIProcess/API/APIPageConfiguration.h:

(API::PageConfiguration::shouldSynchronizeInitialPaintAfterMovingToWindow):
(API::PageConfiguration::setShouldSynchronizeInitialPaintAfterMovingToWindow):

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _shouldSynchronizeInitialPaintAfterMovingToWindow]):
(-[WKWebViewConfiguration _setShouldSynchronizeInitialPaintAfterMovingToWindow:]):

  • UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::WebPageProxy):
Add and plumb a new WKWebView configuration parameter.

(WebKit::WebPageProxy::dispatchViewStateChange):
If the new configuration parameter is set, don't block the main thread when
a view is reparented.

10:25 AM Changeset in webkit [207291] by Ryan Haddad
  • 5 edits in trunk/Source/WebCore

Unreviewed, rolling out r207286.

Caused LayoutTest http/tests/misc/acid3.html to fail.

Reverted changeset:

"Share inline stylesheets between shadow trees"
https://bugs.webkit.org/show_bug.cgi?id=163353
http://trac.webkit.org/changeset/207286

10:02 AM Changeset in webkit [207290] by svillar@igalia.com
  • 5 edits in trunk

[css-grid] Use min-size instead of min-content contribution for intrinsic maximums resolution
https://bugs.webkit.org/show_bug.cgi?id=163283

Reviewed by Manuel Rego Casasnovas.

Source/WebCore:

This was recently modified in the specs
https://hg.csswg.org/drafts/diff/575fb847e29d/css-grid/Overview.bs. Specifically this is
addressing the last one. It used to be "min-content contribution" but now it says "min-size
contribution".

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::currentItemSizeForTrackSizeComputationPhase):

LayoutTests:

Uncommented a bunch of failing test cases that are working fine now.

  • fast/css-grid-layout/grid-intrinsic-maximums-expected.html:
  • fast/css-grid-layout/grid-intrinsic-maximums.html:
8:36 AM Changeset in webkit [207289] by pvollan@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

[Win64] Compile fix.
https://bugs.webkit.org/show_bug.cgi?id=163384

Reviewed by Brent Fulgham.

Fix use of potentially uninitialized variable.

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

8:25 AM Changeset in webkit [207288] by svillar@igalia.com
  • 4 edits
    2 adds in trunk

[css-grid] Fix intrinsic maximums resolution with fit-content and auto
https://bugs.webkit.org/show_bug.cgi?id=163282

Reviewed by Manuel Rego Casasnovas.

Source/WebCore:

The step 2.5 in section 12.5 https://drafts.csswg.org/css-grid/#algo-content of the specs,
details how to sizes tracks with intrinsic max track sizing functions.

Not so long ago there were only two max track sizing functions min-content and max-content
(auto was always resolved to max-content). However there were some recent changes that force
us to consider 2 new values: auto (which is not internally translated to max-content
although it still works the same) and specially the newly added fit-content.

Some of the new test cases are commented due to bug http://wkb.ug/163283.

Test: fast/css-grid-layout/grid-intrinsic-maximums.html

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::shouldProcessTrackForTrackSizeComputationPhase):

  • rendering/style/GridTrackSize.h:

(WebCore::GridTrackSize::cacheMinMaxTrackBreadthTypes):
(WebCore::GridTrackSize::hasIntrinsicMinTrackBreadth):
(WebCore::GridTrackSize::hasIntrinsicMaxTrackBreadth):
(WebCore::GridTrackSize::hasAutoOrMinContentMinTrackBreadthAndIntrinsicMaxTrackBreadth):

LayoutTests:

New test cases to verify that all tracks with intrinsic max track sizing functions are used
in step 2.5 of the track sizing algorith. Some of the new test cases are commented due to
http://wkb.ug/163283.

  • fast/css-grid-layout/grid-intrinsic-maximums-expected.html: Added.
  • fast/css-grid-layout/grid-intrinsic-maximums.html: Added.
8:00 AM Changeset in webkit [207287] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[GTK] Video playback doesn't work properly with accelerated compositing disabled
https://bugs.webkit.org/show_bug.cgi?id=163386

Patch by Miguel Gomez <magomez@igalia.com> on 2016-10-13
Reviewed by Carlos Garcia Campos.

Trigger a repaint of the player when a new frame arrives and accelerated compositing is disabled.

Covered by existent tests.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):

4:59 AM Changeset in webkit [207286] by Antti Koivisto
  • 5 edits in trunk/Source/WebCore

Share inline stylesheets between shadow trees
https://bugs.webkit.org/show_bug.cgi?id=163353

Reviewed by Ryosuke Niwa and Andreas Kling.

If shadow trees have identical inline stylesheets the data structures can be shared.
In future this will also allow sharing style resolvers.

  • css/parser/CSSParserMode.h:

(WebCore::CSSParserContextHash::hash):
(WebCore::CSSParserContextHash::equal):
(WTF::HashTraits<WebCore::CSSParserContext>::constructDeletedValue):
(WTF::HashTraits<WebCore::CSSParserContext>::isDeletedValue):
(WTF::HashTraits<WebCore::CSSParserContext>::emptyValue):

Make CSSParserContext hashable.

  • dom/InlineStyleSheetOwner.cpp:

(WebCore::makeInlineStyleSheetCacheKey):
(WebCore::inlineStyleSheetCache):

Implement a simple cache for sharing stylesheets with identical text and context.

(WebCore::InlineStyleSheetOwner::createSheet):
(WebCore::InlineStyleSheetOwner::clearCache):

  • dom/InlineStyleSheetOwner.h:
  • platform/MemoryPressureHandler.cpp:

(WebCore::MemoryPressureHandler::releaseNoncriticalMemory):

4:58 AM Changeset in webkit [207285] by Antti Koivisto
  • 5 edits in trunk/Source/WebCore

Revert patch landed with wrong commit message.

4:47 AM Changeset in webkit [207284] by Antti Koivisto
  • 5 edits in trunk/Source/WebCore

[Win] Encode function pointers.
https://bugs.webkit.org/show_bug.cgi?id=163331

Patch by Per Arne Vollan <pvollan@apple.com> on 2016-10-12
Reviewed by Brent Fulgham.

We should encode stored function pointers.

  • platform/win/SoftLinking.h:
4:41 AM Changeset in webkit [207283] by clopez@igalia.com
  • 8 edits
    2 adds in trunk/LayoutTests

[GTK] Rebaseline tests affected by r207280 and report 3 new failures on accesibility tests.
https://bugs.webkit.org/show_bug.cgi?id=163383

Unreviewed gardening.

  • platform/gtk/TestExpectations:
  • platform/gtk/fast/dom/HTMLMeterElement/meter-appearances-capacity-expected.txt:
  • platform/gtk/fast/dom/HTMLMeterElement/meter-appearances-rating-relevancy-expected.txt:
  • platform/gtk/fast/dom/HTMLMeterElement/meter-boundary-values-expected.txt:
  • platform/gtk/fast/dom/HTMLMeterElement/meter-element-expected.txt: Added.
  • platform/gtk/fast/dom/HTMLMeterElement/meter-element-repaint-on-update-value-expected.txt: Added.
  • platform/gtk/fast/dom/HTMLMeterElement/meter-optimums-expected.txt:
  • platform/gtk/fast/dom/HTMLMeterElement/meter-styles-changing-pseudo-expected.txt:
  • platform/gtk/fast/dom/HTMLMeterElement/meter-styles-expected.txt:
4:30 AM Changeset in webkit [207282] by pvollan@apple.com
  • 2 edits in trunk/Source/WebCore

[Win] Encode function pointers.
https://bugs.webkit.org/show_bug.cgi?id=163331

Reviewed by Brent Fulgham.

We should encode stored function pointers.

  • platform/win/SoftLinking.h:
3:34 AM Changeset in webkit [207281] by commit-queue@webkit.org
  • 16 edits in trunk/Source/WebCore

Remove CachedResourceRequest::mutableResourceRequest
https://bugs.webkit.org/show_bug.cgi?id=163277

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-13
Reviewed by Sam Weinig.

No change of behavior.

Removing CachedResourceRequest::mutableResourceRequest requires call sites to either update the ResourceRequest
before creating the CachedResourceRequest or to add methods at CachedResourceRequest.

Adding CachedResourceRequest::releaseResourceRequest for CachedResource constructor.

Most new CachedResourceRequest methods are used by CachedResourceLoader which is passed a CachedResourceRequest.
This allows code in CachedResourceLoader to be easier to read.

  • css/CSSImageSetValue.cpp:

(WebCore::CSSImageSetValue::loadBestFitImage):

  • css/CSSImageValue.cpp:

(WebCore::CSSImageValue::loadImage):

  • dom/ScriptElement.cpp:

(WebCore::ScriptElement::requestScriptWithCache):

  • loader/CrossOriginAccessControl.cpp:

(WebCore::createAccessControlPreflightRequest):

  • loader/CrossOriginAccessControl.h:
  • loader/CrossOriginPreflightChecker.cpp:

(WebCore::CrossOriginPreflightChecker::startPreflight):
(WebCore::CrossOriginPreflightChecker::doPreflight):

  • loader/DocumentThreadableLoader.cpp:

(WebCore::DocumentThreadableLoader::loadRequest):

  • loader/MediaResourceLoader.cpp:

(WebCore::MediaResourceLoader::requestResource):

  • loader/cache/CachedResource.cpp:

(WebCore::CachedResource::CachedResource):

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestImage):
(WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
(WebCore::CachedResourceLoader::prepareFetch):
(WebCore::CachedResourceLoader::updateHTTPRequestHeaders):
(WebCore::CachedResourceLoader::requestResource):
(WebCore::acceptHeaderValueFromType): Deleted.
(WebCore::updateRequestAccordingCacheMode): Deleted.

  • loader/cache/CachedResourceRequest.cpp:

(WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
(WebCore::CachedResourceRequest::updateForAccessControl):
(WebCore::CachedResourceRequest::upgradeInsecureRequestIfNeeded):
(WebCore::CachedResourceRequest::setDomainForCachePartition):
(WebCore::acceptHeaderValueFromType):
(WebCore::CachedResourceRequest::setAcceptHeaderIfNone):
(WebCore::CachedResourceRequest::updateAccordingCacheMode):
(WebCore::CachedResourceRequest::removeFragmentIdentifierIfNeeded):
(WebCore::CachedResourceRequest::applyBlockedStatus):

  • loader/cache/CachedResourceRequest.h:

(WebCore::CachedResourceRequest::releaseResourceRequest):
(WebCore::CachedResourceRequest::setCachingPolicy):
(WebCore::CachedResourceRequest::mutableResourceRequest): Deleted.
(WebCore::CachedResourceRequest::setCacheModeToNoStore): Deleted.

  • loader/icon/IconLoader.cpp:

(WebCore::IconLoader::startLoading):

  • platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:

(WebCore::WebCoreAVCFResourceLoader::startLoading):

  • platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:

(WebCore::WebCoreAVFResourceLoader::startLoading):

2:22 AM Changeset in webkit [207280] by Antti Koivisto
  • 27 edits
    2 adds
    3 deletes in trunk

Support scoped style for user agent shadow trees
https://bugs.webkit.org/show_bug.cgi?id=163212
<rdar://problem/28715318>

Reviewed by Ryosuke Niwa and Andreas Kling.

Source/WebCore:

This patch adds support for user agent shadow trees that have scoped style. This means
that the shadows can be styled via <style> elements contained in the tree instead of
using pseudo elements on the global UA sheet. Since the style is scoped it can use
normal id and class selectors.

Elements in the shadow tree can still be exposed for author styling if needed by giving
them pseudo ids

The patch also uses the new mechanism for the <meter> element.

The mechanism is not optimized yet, each shadow tree gets its own copy of style-related data
structures. This can be improved later.

  • CMakeLists.txt:
  • DerivedSources.make:
  • WebCore.xcodeproj/project.pbxproj:
  • css/ElementRuleCollector.cpp:

(WebCore::MatchRequest::MatchRequest):
(WebCore::ElementRuleCollector::addMatchedRule):
(WebCore::ElementRuleCollector::matchAuthorShadowPseudoElementRules):

Make treeContextOrdinal an int so we can use negative ordinals. This is used to allow author pseudo
elements from earlier tree context to win over the shadow tree (matching CSS scoping spec language).

  • css/ElementRuleCollector.h:
  • css/StyleResolver.cpp:

(WebCore::StyleResolver::MatchResult::addMatchedProperties):
(WebCore::StyleResolver::CascadedProperties::addImportantMatches):

  • css/StyleResolver.h:
  • css/html.css:

(meter::-webkit-meter-inner-element): Deleted.
(meter::-webkit-meter-bar): Deleted.
(meter::-webkit-meter-optimum-value): Deleted.
(meter::-webkit-meter-suboptimum-value): Deleted.
(meter::-webkit-meter-even-less-good-value): Deleted.

Remove meter pseudo elements from the UA sheet.

  • html/HTMLMeterElement.cpp:

(WebCore::HTMLMeterElement::childShouldCreateRenderer):

Don't create shadow renderers when we have appearance (are using RenderMeter).

(WebCore::setValueClass):

Move this logic here from MeterShadowElement.cpp.
Set both class and pseudo id. The latter is needed to keep author styling working.

(WebCore::HTMLMeterElement::didElementStateChange):
(WebCore::HTMLMeterElement::renderMeter):

RenderMeter is now only instantiated when appearance is enabled.

(WebCore::HTMLMeterElement::didAddUserAgentShadowRoot):

Build the shadow tree out of <div>s instead of special shadow elements.

  • html/HTMLMeterElement.h:
  • html/shadow/MeterShadowElement.cpp: Removed.
  • html/shadow/MeterShadowElement.h: Removed.

Not needed anymore.

  • html/shadow/meterElementShadow.css: Added.

(div#inner):
(div#bar):
(div#value):
(div#value.optimum):
(div#value.suboptimum):
(div#value.even-less-good):

Stylesheet for meter element shadow tree using normal id and class selectors.

  • style/StyleScope.cpp:

(WebCore::Style::Scope::shouldUseSharedUserAgentShadowTreeStyleResolver):

Switch to per-scope style resolver for UA shadow trees if there is stylesheets in the tree.

(WebCore::Style::Scope::resolver):
(WebCore::Style::Scope::resolverIfExists):

  • style/StyleScope.h:

LayoutTests:

  • fast/dom/HTMLMeterElement/meter-clone-expected.txt:
  • fast/dom/HTMLMeterElement/meter-clone.html:
  • fast/dom/HTMLMeterElement/meter-element-markup-expected.txt:
  • platform/mac/fast/dom/HTMLMeterElement/meter-element-repaint-on-update-value-expected.txt:
  • platform/mac/fast/dom/HTMLMeterElement/meter-styles-changing-pseudo-expected.txt:
  • platform/mac/fast/dom/HTMLMeterElement/meter-styles-expected.txt:

Oct 12, 2016:

10:23 PM Changeset in webkit [207279] by Chris Dumez
  • 22 edits in trunk

[Web IDL] Drop support for legacy [ConstructorConditional=*]
https://bugs.webkit.org/show_bug.cgi?id=163368

Reviewed by Ryosuke Niwa.

.:

Drop ENABLE_DOM4_EVENTS_CONSTRUCTOR compiler flag.

  • Source/cmake/OptionsEfl.cmake:
  • Source/cmake/OptionsMac.cmake:
  • Source/cmake/OptionsWin.cmake:
  • Source/cmake/WebKitFeatures.cmake:
  • Source/cmake/tools/vsprops/FeatureDefines.props:
  • Source/cmake/tools/vsprops/FeatureDefinesCairo.props:

Source/JavaScriptCore:

Drop ENABLE_DOM4_EVENTS_CONSTRUCTOR compiler flag.

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

Drop support for legacy [ConstructorConditional=*] webkit-specific IDL
extended attribute. This was introduced to disable DOM4 event
constructors at compile time. However, nowadays, those constructors are
enabled everywhere.

  • Configurations/FeatureDefines.xcconfig:
  • bindings/scripts/CodeGenerator.pm:

(GenerateConstructorConditionalString): Deleted.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateConstructorHelperMethods):

  • bindings/scripts/IDLAttributes.txt:
  • bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::JSTestInterfaceConstructor::getConstructData): Deleted.

  • bindings/scripts/test/TestInterface.idl:
  • dom/UIEvent.idl:

Source/WebKit/mac:

Drop ENABLE_DOM4_EVENTS_CONSTRUCTOR compiler flag.

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

Drop ENABLE_DOM4_EVENTS_CONSTRUCTOR compiler flag.

  • Configurations/FeatureDefines.xcconfig:
10:21 PM Changeset in webkit [207278] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

The bindings generator should provide a better error message when it does not find a dictionary definition
https://bugs.webkit.org/show_bug.cgi?id=163377

Reviewed by Ryosuke Niwa.

The bindings generator should provide a better error message when it does
not find a dictionary definition.

  • bindings/scripts/CodeGenerator.pm:

(GetDictionaryByName):

  • bindings/scripts/CodeGeneratorJS.pm:

(assert):
(GenerateDictionaryImplementationContent):
(GenerateHeader):
(GenerateDictionaryHeader):

10:18 PM Changeset in webkit [207277] by Chris Dumez
  • 14 edits
    2 adds in trunk

Update WebKitMediaKeyMessageEvent / WebKitMediaKeyNeededEvent to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163369

Reviewed by Ryosuke Niwa.

Source/WebCore:

Update WebKitMediaKeyMessageEvent / WebKitMediaKeyNeededEvent to stop
using legacy [ConstructorTemplate=Event] and use regular constructors
instead.

This also adds support for having dictionary members that are typed
arrays because this was needed.

Test: fast/events/webkit-media-key-events-constructor.html

  • Modules/encryptedmedia/legacy/WebKitMediaKeyMessageEvent.cpp:

(WebCore::WebKitMediaKeyMessageEvent::WebKitMediaKeyMessageEvent):

  • Modules/encryptedmedia/legacy/WebKitMediaKeyMessageEvent.h:

(WebCore::WebKitMediaKeyMessageEvent::create):
(WebCore::WebKitMediaKeyMessageEvent::createForBindings): Deleted.

  • Modules/encryptedmedia/legacy/WebKitMediaKeyMessageEvent.idl:
  • Modules/encryptedmedia/legacy/WebKitMediaKeyNeededEvent.cpp:

(WebCore::WebKitMediaKeyNeededEvent::WebKitMediaKeyNeededEvent):

  • Modules/encryptedmedia/legacy/WebKitMediaKeyNeededEvent.h:

(WebCore::WebKitMediaKeyNeededEvent::create):
(WebCore::WebKitMediaKeyNeededEvent::createForBindings): Deleted.

  • Modules/encryptedmedia/legacy/WebKitMediaKeyNeededEvent.idl:
  • bindings/js/JSDOMConvert.h:

(WebCore::Converter<IDLInterface<JSC::GenericTypedArrayView<Adaptor>>>::convert):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateDefaultValue):

  • dom/InputEvent.cpp:

(WebCore::InputEvent::InputEvent):

  • dom/InputEvent.h:
  • dom/InputEvent.idl:

LayoutTests:

Add layout test coverage.

  • fast/events/webkit-media-key-events-constructor-expected.txt: Added.
  • fast/events/webkit-media-key-events-constructor.html: Added.
9:13 PM Changeset in webkit [207276] by Chris Dumez
  • 3 edits
    2 adds in trunk

Update HTMLSelectElement::recalcListItems() to ignore nested optgroup elements
https://bugs.webkit.org/show_bug.cgi?id=163358

Reviewed by Kent Tamura.

Source/WebCore:

Update HTMLSelectElement::recalcListItems() to ignore nested optgroup elements.
As per the specification, we only want optgroup elements that are direct
children of the select element. This also matches the behavior of Chrome.

Test: fast/dom/HTMLSelectElement/nested-optgroup.html

  • html/HTMLSelectElement.cpp:

(WebCore::HTMLSelectElement::recalcListItems):

LayoutTests:

Add layout test coverage.

  • fast/dom/HTMLSelectElement/nested-optgroup-expected.txt: Added.
  • fast/dom/HTMLSelectElement/nested-optgroup.html: Added.
8:48 PM Changeset in webkit [207275] by Alan Bujtas
  • 5 edits
    2 adds in trunk

RenderRubyRun should not mark child renderers dirty at the end of layout.
https://bugs.webkit.org/show_bug.cgi?id=163359
<rdar://problem/28711840>

Reviewed by David Hyatt.

Source/WebCore:

The current layout logic does not support marking renderers dirty for subsequent layouts.
Layout needs to exit with a clean tree.
Should relayoutChild be insufficient, we could also mark the base/text dirty for the justified content.

Test: fast/ruby/rubyrun-has-bad-child.html

  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::updateRubyForJustifiedText):

  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::layout):
(WebCore::RenderRubyRun::layoutBlock):

  • rendering/RenderRubyRun.h:

LayoutTests:

  • fast/ruby/rubyrun-has-bad-child-expected.txt: Added.
  • fast/ruby/rubyrun-has-bad-child.html: Added.
8:16 PM Changeset in webkit [207274] by Simon Fraser
  • 3 edits
    2 adds in trunk

Source/WebCore:
Crash when using megaplan.ru
https://bugs.webkit.org/show_bug.cgi?id=163276
rdar://problem/28446672

Reviewed by Sam Weinig.

Make sure we allocate enough space in the vector of CGPoints that we use for path building.

Test: css3/masking/large-clip-path.html

  • platform/graphics/cg/PathCG.cpp:

(WebCore::Path::polygonPathFromPoints):

LayoutTests:
polygonPathFromPoints calls uncheckedAppend, but assertion size() < capacity() fails
https://bugs.webkit.org/show_bug.cgi?id=163276

Reviewed by Sam Weinig.

  • css3/masking/large-clip-path-expected.txt: Added.
  • css3/masking/large-clip-path.html: Added.
7:38 PM Changeset in webkit [207273] by achristensen@apple.com
  • 4 edits in trunk

Fix out-of-bounds reading in URLParser when parsing improperly percent-encoded values
https://bugs.webkit.org/show_bug.cgi?id=163376

Reviewed by Saam Barati.

Source/WebCore:

Covered by new API tests, which used to crash under asan.

  • platform/URLParser.cpp:

(WebCore::percentDecode):
If you subtract 2 from size_t's smaller than 2, you're gonna have a bad time.

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

7:28 PM Changeset in webkit [207272] by matthew_hanson@apple.com
  • 3 edits in branches/safari-602-branch/Source/WebCore

Merge r205163. rdar://problem/28216249

2016-08-29 Brent Fulgham <Brent Fulgham>

Avoid holding GlyphData in MathOperator
https://bugs.webkit.org/show_bug.cgi?id=161256
<rdar://problem/28033400>

Reviewed by Myles C. Maxfield.

Do not cache GlyphData in MathOperator elements, because the fonts referenced in the
GlyphData may be purged during low-memory conditions. Instead, we should store either
the relevant CodePoint, or the fallback Glyph (for the current system font).

Added an initialization function for GlyphAssemblyData, since unions containing structs
do not properly call constructors, resulting in garbage font/glyph content.

No new tests. Changes are covered by existing MathML test suite.

  • rendering/mathml/MathOperator.cpp: (WebCore::MathOperator::GlyphAssemblyData::initialize): Added. (WebCore::MathOperator::MathOperator): Initialize m_assembly/m_variant. (WebCore::MathOperator::setSizeVariant): Only store the glyph, not the font. (WebCore::glyphDataForCodePointOrFallbackGlyph): Added helper function. (WebCore::MathOperator::setGlyphAssembly): Do not rely on stored GlyphData. (WebCore::MathOperator::calculateGlyphAssemblyFallback): Remove unneeded argument. Check if a fallback glyph is being used and remember for later. (WebCore::MathOperator::calculateStretchyData): Do not rely on stored GlyphData. (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Ditto. (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Ditto. (WebCore::MathOperator::paintVerticalGlyphAssembly): Ditto. (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto. (WebCore::MathOperator::paint): Ditto.
  • rendering/mathml/MathOperator.h: (WebCore::MathOperator::GlyphAssemblyData::hasExtension): Added. (WebCore::MathOperator::GlyphAssemblyData::hasMiddle): Added. (WebCore::MathOperator::MathOperator): Deleted.

Patch by Brent Fulgham <Brent Fulgham> on 2016-08-25

7:28 PM Changeset in webkit [207271] by matthew_hanson@apple.com
  • 3 edits in branches/safari-602-branch/Source/WebCore

Merge r205031. rdar://problem/28216249

2016-08-25 Brent Fulgham <Brent Fulgham>

Crash when getting font bounding rect
https://bugs.webkit.org/show_bug.cgi?id=161202
<rdar://problem/27986981>

Reviewed by Myles C. Maxfield.

We should never store GlyphData objects for later use, because they contain raw pointers to Font elements
contained in caches, and those font caches get periodically purged.

Instead, we should hold onto the ‘key’ representing the GlyphData, and simply ask the system for the
GlyphData the next time it is needed.

Tested by existing MathML tests under ASAN and GuardMalloc.

  • rendering/mathml/RenderMathMLToken.cpp: (WebCore::RenderMathMLToken::RenderMathMLToken): Clean up constructors. (WebCore::RenderMathMLToken::computePreferredLogicalWidths): Use keys to get correct GlyphData when needed. (WebCore::RenderMathMLToken::updateMathVariantGlyph): Ditto. (WebCore::RenderMathMLToken::firstLineBaseline): Ditto. (WebCore::RenderMathMLToken::layoutBlock): Ditto. (WebCore::RenderMathMLToken::paint): Ditto. (WebCore::RenderMathMLToken::paintChildren): Ditto.
  • rendering/mathml/RenderMathMLToken.h:

Patch by Brent Fulgham <Brent Fulgham> on 2016-08-25

7:28 PM Changeset in webkit [207270] by matthew_hanson@apple.com
  • 5 edits in branches/safari-602-branch/Source

Versioning.

7:26 PM Changeset in webkit [207269] by matthew_hanson@apple.com
  • 5 edits in branches/safari-602.2.14.0-branch/Source

Versioning.

7:14 PM Changeset in webkit [207268] by achristensen@apple.com
  • 3 edits in trunk/Source/WebCore

Mail needs nonspecial URLs to keep case in host and not have slash after host
https://bugs.webkit.org/show_bug.cgi?id=163373

Reviewed by Saam Barati.

Mail uses urls like scheme://HoSt which were not changed when canonicalized
before enabling the URLParser but now are canonicalized to scheme://host/
I manually verified this fixes the issue.
This should be reverted once Mail will accept modern canonicalized URLs.

  • platform/URLParser.cpp:

(WebCore::URLParser::parse):
(WebCore::URLParser::parseHostAndPort):

  • platform/URLParser.h:

If the application is mail and the scheme is nonspecial, don't make the host lower case and don't add a slash after the host.

7:05 PM Changeset in webkit [207267] by commit-queue@webkit.org
  • 6 edits
    2 adds in trunk

Web Inspector: step-into console.log(o) should not step through inspector javascript
https://bugs.webkit.org/show_bug.cgi?id=161656
<rdar://problem/28181123>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-12
Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

  • debugger/Debugger.h:
  • debugger/Debugger.cpp:

(JSC::Debugger::pauseIfNeeded):
If the Script is blacklisted skip checking if we need to pause.

(JSC::Debugger::isBlacklisted):
(JSC::Debugger::addToBlacklist):
(JSC::Debugger::clearBlacklist):
Add the ability to add a Script to a blacklist. Currently the blacklist
only prevents pausing in the Script.

  • inspector/agents/InspectorDebuggerAgent.cpp:

(Inspector::isWebKitInjectedScript):
(Inspector::InspectorDebuggerAgent::didParseSource):
Always add Internal InjectedScripts to the Debugger's blacklist.

(Inspector::InspectorDebuggerAgent::clearDebuggerBreakpointState):
Clear blacklists when clearing debugger state.

LayoutTests:

  • inspector/debugger/stepping/stepping-internal-scripts-expected.txt: Added.
  • inspector/debugger/stepping/stepping-internal-scripts.html: Added.

Ensure step-into a console.log statement steps past it, and doesn't pause
inside the non-visible internal script.

6:42 PM Changeset in webkit [207266] by keith_miller@apple.com
  • 17 edits
    2 adds in trunk

B3 needs a special WasmBoundsCheck Opcode
https://bugs.webkit.org/show_bug.cgi?id=163246

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

This patch adds a new Opcode, WasmBoundsCheck, as well as a B3::Value subclass for it,
WasmBoundsCheckValue. WasmBoundsCheckValue takes three pieces of information. The first is
the Int32 pointer value used to be used by the Load. Next is the pinned register. The
pinned register must be pinned by calling proc.setPinned() prior to compiling the
Procedure. Lastly, the WasmBoundsCheckValue takes an offset. The WasmBoundsCheckValue is
will then emit code that side-exits if the Int64 sum of the offset and pointer is greater
than or equal to the value in the pinnedRegister. Instead of taking a generator for each
value like Check/Patchpoint, WasmBoundsCheck gets its generator directly off Air::Code. In
Air this patch adds a new Custom opcode, WasmBoundsCheck.

In the future we should add WasmBoundsCheck to CSE so it can eliminate redundant bounds
checks. At the first cut, we can remove any WasmBoundsCheck dominated by another
WasmBoundsCheck with the same pointer and pinnedGPR, and a larger offset.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::imm):
(JSC::B3::Air::LowerToAir::lower):

  • b3/B3Opcode.cpp:

(WTF::printInternal):

  • b3/B3Opcode.h:
  • b3/B3Procedure.cpp:

(JSC::B3::Procedure::setWasmBoundsCheckGenerator):

  • b3/B3Procedure.h:

(JSC::B3::Procedure::setWasmBoundsCheckGenerator):

  • b3/B3Validate.cpp:
  • b3/B3Value.cpp:

(JSC::B3::Value::effects):
(JSC::B3::Value::typeFor):

  • b3/B3WasmBoundsCheckValue.cpp: Added.

(JSC::B3::WasmBoundsCheckValue::~WasmBoundsCheckValue):
(JSC::B3::WasmBoundsCheckValue::WasmBoundsCheckValue):
(JSC::B3::WasmBoundsCheckValue::dumpMeta):

  • b3/B3WasmBoundsCheckValue.h: Added.

(JSC::B3::WasmBoundsCheckValue::accepts):
(JSC::B3::WasmBoundsCheckValue::pinnedGPR):
(JSC::B3::WasmBoundsCheckValue::offset):

  • b3/air/AirCode.h:

(JSC::B3::Air::Code::setWasmBoundsCheckGenerator):
(JSC::B3::Air::Code::wasmBoundsCheckGenerator):

  • b3/air/AirCustom.cpp:

(JSC::B3::Air::WasmBoundsCheckCustom::isValidForm):

  • b3/air/AirCustom.h:

(JSC::B3::Air::WasmBoundsCheckCustom::forEachArg):
(JSC::B3::Air::WasmBoundsCheckCustom::isValidFormStatic):
(JSC::B3::Air::WasmBoundsCheckCustom::admitsStack):
(JSC::B3::Air::WasmBoundsCheckCustom::isTerminal):
(JSC::B3::Air::WasmBoundsCheckCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::WasmBoundsCheckCustom::generate):

  • b3/air/AirOpcode.opcodes:
  • b3/testb3.cpp:

(JSC::B3::testWasmBoundsCheck):
(JSC::B3::run):

Websites/webkit.org:

Update the docs for the new WasmBoundsCheck opcode.

  • docs/b3/intermediate-representation.html:
6:14 PM Changeset in webkit [207265] by dino@apple.com
  • 16 edits
    2 copies in trunk

Add preliminary support for extended colors to WebCore::Color
https://bugs.webkit.org/show_bug.cgi?id=162878
<rdar://problem/28596413>

Reviewed by Darin Adler.

Source/WebCore:

Add an ExtendedColor class that will hold the data necessary
for wider-than-sRGB (and more precise) colors. In order to
avoid increasing the size of Color, implement a tagged
pointer that is either referencing an ExtendedColor, or
is a 64-bit number with the top 32-bits being the RGBA, and
the bottom 2 bits indicating an invalid RGBA or a valid RGBA,
plus the tag.

Add copy constructors and operator= so that the new Color objects
are correctly copied.

There isn't yet a way to create an ExtendedColor. That's coming
in a followup patch (and will require changes to the CSS parser).

Covered by existing tests, and new API tests in Color.

  • CMakeLists.txt:
  • WebCore.xcodeproj/project.pbxproj: Add new files.
  • platform/graphics/Color.cpp: Update everything to use m_rgbaAndFlags

instead of m_color + m_valid.
(WebCore::Color::Color):
(WebCore::Color::~Color):
(WebCore::Color::operator=):
(WebCore::Color::nameForRenderTreeAsText):
(WebCore::Color::setNamedColor):
(WebCore::Color::light):
(WebCore::Color::dark):
(WebCore::Color::setValid):
(WebCore::Color::setExtended):
(WebCore::Color::isExtended):
(WebCore::Color::asExtended):

  • platform/graphics/Color.h: Implement the tagged union.

(WebCore::Color::Color):
(WebCore::Color::isValid):
(WebCore::Color::red):
(WebCore::Color::green):
(WebCore::Color::blue):
(WebCore::Color::alpha):
(WebCore::Color::rgb):
(WebCore::Color::setRGB):
(WebCore::operator==):

  • platform/graphics/ExtendedColor.cpp: New file. Holds floating point

red, green, blue and alpha, plus a color space.
(WebCore::ExtendedColor::create):
(WebCore::ExtendedColor::~ExtendedColor):
(WebCore::ExtendedColor::ref):
(WebCore::ExtendedColor::deref):

  • platform/graphics/ExtendedColor.h:

(WebCore::ExtendedColor::red):
(WebCore::ExtendedColor::green):
(WebCore::ExtendedColor::blue):
(WebCore::ExtendedColor::alpha):
(WebCore::ExtendedColor::colorSpace):
(WebCore::ExtendedColor::ExtendedColor):

  • platform/graphics/cg/ColorCG.cpp: Update the constructors for

the platform specific color classes.
(WebCore::Color::Color):

  • platform/graphics/gtk/ColorGtk.cpp:

(WebCore::Color::Color):

  • platform/graphics/win/ColorDirect2D.cpp:

(WebCore::Color::Color):

  • rendering/RenderEmbeddedObject.cpp: Use NeverDestroyed.

(WebCore::replacementTextRoundedRectPressedColor):
(WebCore::replacementTextRoundedRectColor):
(WebCore::replacementTextColor):
(WebCore::unavailablePluginBorderColor):

  • rendering/RenderFrameSet.cpp: Ditto.

(WebCore::borderStartEdgeColor):
(WebCore::borderEndEdgeColor):
(WebCore::borderFillColor):

  • rendering/RenderTableCell.cpp: This grows in size slightly

because it can no longer pack bits.

Tools:

A new API test for Colors.

  • TestWebKitAPI/Tests/WebCore/Color.cpp:

(TestWebKitAPI::TEST):

5:07 PM Changeset in webkit [207264] by matthew_hanson@apple.com
  • 1 copy in tags/Safari-602.2.14.0.7

New Tag.

4:56 PM Changeset in webkit [207263] by fpizlo@apple.com
  • 10 edits in trunk/Source/JavaScriptCore

The blackening of CellState is a bad way of tracking if the object is being marked for the first time
https://bugs.webkit.org/show_bug.cgi?id=163343

Reviewed by Mark Lam.

When I first added the concept of NewGrey/OldGrey, I had the SlotVisitor store the old cell
state in itself, so that it could use it to decide what to do for reportExtraMemoryVisited().

Then I changed it in a recent commit, because I wanted the freedom to have SlotVisitor visit
multiple objects in tandem. But I never ended up using this capability. Still, I liked the
new way better: instead of the SlotVisitor rembemering the state-before-blackening, we would
make the object's state reflect whether it was black for the first time or not. That seemed
convenient.

Unfortunately it's wrong. After we blacken the object, a concurrent barrier could instantly
grey it. Then we would forget that we are visiting this object for the first time.
Subsequent visits will think that they are not the first. So, we will fail to do the right
thing in reportExtraMemoryVisited().

So, this reverts that change. This is a little more than just a revert, though. I've changed
the terminology a bit. For example, I got tired of reading Black and having to remind myself
that it really means that the object has begun being visited, instead of the more strict
meaning that implies that it has already been visited. We want to say that it's Black or
currently being scanned. I'm going to adopt Siebert's term for this: Anthracite [1]. So, our
black CellState is now called AnthraciteOrBlack.

[1] https://pdfs.semanticscholar.org/7ae4/633265aead1f8835cf7966e179d02c2c8a4b.pdf

  • heap/CellState.h:

(JSC::isBlack): Deleted.
(JSC::blacken): Deleted.

  • heap/Heap.cpp:

(JSC::Heap::addToRememberedSet):
(JSC::Heap::writeBarrierSlowPath):

  • heap/Heap.h:
  • heap/HeapInlines.h:

(JSC::Heap::reportExtraMemoryVisited):
(JSC::Heap::reportExternalMemoryVisited):

  • heap/SlotVisitor.cpp:

(JSC::SlotVisitor::appendToMarkStack):
(JSC::SlotVisitor::visitChildren):

  • heap/SlotVisitor.h:
  • heap/SlotVisitorInlines.h:

(JSC::SlotVisitor::reportExtraMemoryVisited):
(JSC::SlotVisitor::reportExternalMemoryVisited):

  • llint/LLIntData.cpp:

(JSC::LLInt::Data::performAssertions):

  • llint/LowLevelInterpreter.asm:
4:17 PM Changeset in webkit [207262] by matthew_hanson@apple.com
  • 50 edits
    26 deletes in branches/safari-602.2.14.0-branch

Revert changes that should not have landed on the branch.

4:12 PM Changeset in webkit [207261] by Yusuke Suzuki
  • 1 edit
    1 add in trunk/LayoutTests

Unreviewed, add expected file for new test after r207239
https://bugs.webkit.org/show_bug.cgi?id=163245

Add an "expected.txt" file.

  • js/dom/domjit-accessor-node-type-expected.txt: Added.
4:02 PM Changeset in webkit [207260] by matthew_hanson@apple.com
  • 2 edits in branches/safari-602.2.14.0-branch/Source/WebKit/mac

Merge r207246. rdar://problem/28732731

4:02 PM Changeset in webkit [207259] by matthew_hanson@apple.com
  • 5 edits
    1 add in branches/safari-602.2.14.0-branch

Merge r205197. rdar://problem/28481424

4:02 PM Changeset in webkit [207258] by matthew_hanson@apple.com
  • 14 edits in branches/safari-602.2.14.0-branch

Merge r205190. rdar://problem/28545010

4:02 PM Changeset in webkit [207257] by matthew_hanson@apple.com
  • 4 edits in branches/safari-602.2.14.0-branch

Merge r204868. rdar://problem/28216263

4:02 PM Changeset in webkit [207256] by matthew_hanson@apple.com
  • 3 edits in branches/safari-602.2.14.0-branch/Source/WebCore

Merge r204631. rdar://problem/28481427

4:02 PM Changeset in webkit [207255] by matthew_hanson@apple.com
  • 3 edits
    1 add in branches/safari-602.2.14.0-branch

Merge r204612. rdar://problem/28216278

4:01 PM Changeset in webkit [207254] by matthew_hanson@apple.com
  • 2 edits in branches/safari-602.2.14.0-branch/Source/WebInspectorUI

Merge r204428. rdar://problem/28476954

4:01 PM Changeset in webkit [207253] by matthew_hanson@apple.com
  • 3 edits
    4 adds in branches/safari-602.2.14.0-branch

Merge r204266. rdar://problem/28216261

4:01 PM Changeset in webkit [207252] by matthew_hanson@apple.com
  • 4 edits in branches/safari-602.2.14.0-branch/Source/bmalloc

Merge r204091. rdar://problem/28476960

4:01 PM Changeset in webkit [207251] by matthew_hanson@apple.com
  • 2 edits in branches/safari-602.2.14.0-branch/Source/WebCore

Merge r203903. rdar://problem/28476961

4:01 PM Changeset in webkit [207250] by matthew_hanson@apple.com
  • 2 edits in branches/safari-602.2.14.0-branch/Source/WebCore

Merge r203792. rdar://problem/28476951

4:01 PM Changeset in webkit [207249] by matthew_hanson@apple.com
  • 8 edits
    16 adds in branches/safari-602.2.14.0-branch

Merge r203611. rdar://problem/28476958

4:01 PM Changeset in webkit [207248] by matthew_hanson@apple.com
  • 9 edits in branches/safari-602.2.14.0-branch

Merge r203522. rdar://problem/28476959

4:01 PM Changeset in webkit [207247] by matthew_hanson@apple.com
  • 5 edits
    4 adds in branches/safari-602.2.14.0-branch

Merge r203383. rdar://problem/28216264

3:37 PM Changeset in webkit [207246] by Beth Dakin
  • 2 edits in trunk/Source/WebKit/mac

Adobe Contribute CS 6.5 Trial crashes on launch
https://bugs.webkit.org/show_bug.cgi?id=163365
-and corresponding-
<rdar://problem/28732731>

Reviewed by Tim Horton.

  • Carbon/CarbonWindowFrame.m:

(-[CarbonWindowFrame contentFill]):

2:50 PM Changeset in webkit [207245] by commit-queue@webkit.org
  • 3 edits
    23 adds in trunk

[Modern Media Controls] Sliders: scrubber and volume
https://bugs.webkit.org/show_bug.cgi?id=163328
<rdar://problem/28733838>

Patch by Antoine Quint <Antoine Quint> on 2016-10-12
Reviewed by Dean Jackson.

Source/WebCore:

We add a new Slider class that provides a custom slider backed by an
invisible <input type="range"> element and a fill underlay to provide
a custom color between the left edge of the slider and the slider thumb.
As the slider's value changes, a UI delegate receives messages to track
such changes.

Tests: media/modern-media-controls/scrubber/scrubber.html

media/modern-media-controls/slider/slider-constructor.html
media/modern-media-controls/slider/slider-fill.html
media/modern-media-controls/slider/slider-styles.html
media/modern-media-controls/volume-slider/volume-slider-value.html
media/modern-media-controls/volume-slider/volume-slider.html

  • Modules/modern-media-controls/controls/scrubber.css: Added.

(.scrubber.slider > input::-webkit-slider-thumb):

  • Modules/modern-media-controls/controls/scrubber.js: Added.

(Scrubber):

  • Modules/modern-media-controls/controls/slider.css: Added.

(.slider):
(.slider > input,):
(.slider > .fill):
(.slider > input):
(.slider > input::-webkit-slider-thumb):

  • Modules/modern-media-controls/controls/slider.js: Added.

(Slider.prototype.get value):
(Slider.prototype.set value):
(Slider.prototype.get width):
(Slider.prototype.set width):
(Slider.prototype.handleEvent):
(Slider.prototype.commitProperty):
(Slider.prototype._handleInputEvent):
(Slider.prototype._handleChangeEvent):
(Slider.prototype._updateFill):

  • Modules/modern-media-controls/controls/volume-slider.css: Added.

(.volume.slider > input::-webkit-slider-thumb):

  • Modules/modern-media-controls/controls/volume-slider.js: Added.

(VolumeSlider):

LayoutTests:

Testing the properties of the new Slider class and its subclasses.

  • media/modern-media-controls/resources/media-controls-utils.js: Added.

(rgba):
(shouldBeEqualToRGBAColor):

  • media/modern-media-controls/scrubber/scrubber-expected.txt: Added.
  • media/modern-media-controls/scrubber/scrubber.html: Added.
  • media/modern-media-controls/slider/slider-constructor-expected.txt: Added.
  • media/modern-media-controls/slider/slider-constructor.html: Added.
  • media/modern-media-controls/slider/slider-fill-expected.txt: Added.
  • media/modern-media-controls/slider/slider-fill.html: Added.
  • media/modern-media-controls/slider/slider-styles-expected.txt: Added.
  • media/modern-media-controls/slider/slider-styles.html: Added.
  • media/modern-media-controls/volume-slider/volume-slider-expected.txt: Added.
  • media/modern-media-controls/volume-slider/volume-slider-value-expected.txt: Added.
  • media/modern-media-controls/volume-slider/volume-slider-value.html: Added.
  • media/modern-media-controls/volume-slider/volume-slider.html: Added.
  • platform/ios-simulator/TestExpectations:
2:49 PM Changeset in webkit [207244] by wenson_hsieh@apple.com
  • 5 edits
    2 adds in trunk

Add experimental support for the "formatForeColor" inputType
https://bugs.webkit.org/show_bug.cgi?id=163348
<rdar://problem/28739334>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Adds support for the "formatForeColor" attribute. This patch introduces a simple hook in Editor.cpp to extract
data for an input event from an EditingStyle when performing an editing action.

Test: fast/events/input-events-forecolor-data.html

  • editing/EditCommand.cpp:

(WebCore::inputTypeNameForEditingAction):

  • editing/Editor.cpp:

(WebCore::inputEventDataForEditingStyleAndAction):

Added a new static helper to compute the data attribute of an InputEvent when handling a style change.

(WebCore::Editor::computeAndSetTypingStyle):

LayoutTests:

Adds a new test verifying that input events with inputType "formatForeColor" are dispatched when changing
foreground color, and that their data attributes are as expected.

  • fast/events/input-events-forecolor-data-expected.txt: Added.
  • fast/events/input-events-forecolor-data.html: Added.
  • platform/ios-simulator/TestExpectations:
2:09 PM Changeset in webkit [207243] by Chris Dumez
  • 6 edits in trunk/Source/WebCore

[Web IDL] Generated bindings include the wrong header when ImplementedAs is used on a dictionary
https://bugs.webkit.org/show_bug.cgi?id=163352

Reviewed by Ryosuke Niwa.

Generated bindings include the wrong header when ImplementedAs is used
on a dictionary.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateDictionaryHeader):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjPrototypeFunctionOperationWithExternalDictionaryParameterCaller):

  • bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:

(WebCore::convertDictionary<DictionaryImplName>):
(WebCore::convertDictionary<TestStandaloneDictionary>): Deleted.

  • bindings/scripts/test/JS/JSTestStandaloneDictionary.h:
  • bindings/scripts/test/TestStandaloneDictionary.idl:
2:02 PM Changeset in webkit [207242] by mitz@apple.com
  • 8 copies
    1 add in releases/Apple/Safari Technology Preview 15

Added a tag for Safari Technology Preview release 15.

2:01 PM Changeset in webkit [207241] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Rename variables in arrayProtoFuncSplice() to match names in the spec.
https://bugs.webkit.org/show_bug.cgi?id=163354

Reviewed by Saam Barati.

This will make it easier to see whether the code matches the spec or not.
Ref: https://tc39.github.io/ecma262/#sec-array.prototype.splice

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncSplice):

1:58 PM FAQ edited by Simon Fraser
(diff)
1:53 PM Changeset in webkit [207240] by bshafiei@apple.com
  • 1 copy in tags/Safari-603.1.9

New tag.

1:52 PM FAQ edited by Simon Fraser
(diff)
1:47 PM Changeset in webkit [207239] by Yusuke Suzuki
  • 22 edits
    2 copies
    1 add in trunk

[DOMJIT][JSC] Explore the way to embed nodeType into JSC::JSType in WebCore
https://bugs.webkit.org/show_bug.cgi?id=163245

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

We reserve the highest bit of JSC::JSType for extensions outside JSC.
JSC does not use JSType bits so many: only 52 types are defined.

And we extend CallDOM patchpoint to claim that it does not require a global object.
This global object is used to generate a DOM wrapper. However, nodeType does not require
it since it just returns integer. In the future, we will extend CallDOM to claim
its result type. And we can decide this requireGlobalObject condition automatically
according to the result type.

(JSC::DFG::ByteCodeParser::handleDOMJITGetter):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGGraph.h:
  • dfg/DFGNode.h:

(JSC::DFG::Node::hasCheckDOMPatchpoint):
(JSC::DFG::Node::checkDOMPatchpoint):
(JSC::DFG::Node::hasCallDOMPatchpoint):
(JSC::DFG::Node::callDOMPatchpoint):
(JSC::DFG::Node::hasDOMJIT): Deleted.
(JSC::DFG::Node::domJIT): Deleted.

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCallDOM):
(JSC::DFG::SpeculativeJIT::compileCheckDOM):

  • domjit/DOMJITCallDOMPatchpoint.h: Copied from Source/JavaScriptCore/domjit/DOMJITGetterSetter.h.

(JSC::DOMJIT::CallDOMPatchpoint::create):

  • domjit/DOMJITGetterSetter.h:
  • domjit/DOMJITPatchpoint.h:
  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileCheckDOM):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):

  • jsc.cpp:
  • llint/LLIntData.cpp:

(JSC::LLInt::Data::performAssertions):

  • llint/LowLevelInterpreter.asm:
  • runtime/JSType.h:

Source/WebCore:

Node.nodeType accessor is so frequently called. For example, jQuery's $ function uses
this to distinguish DOM objects from the other JS objects. So every time you call $(dom),
nodeType accessor is called. In addition to that, jQuery's prev, next, parent etc. also uses
this nodeType. And Ember.js also uses it. And ... So this function is super critical for DOM
performance.

The challenge is that there is no room for putting NodeType into C++ Node class. Node class
has a 32bit field to store some data. However, these bits are already exhausted. Extending
Node class is unacceptable since it significantly enlarges memory consumption of WebKit (Node
is everywhere!). Unfortunately, current Node::nodeType is implemented as a virtual function
even though this function is frequently called from JS world.

Interestingly, we already store some duplicate data in JSObject, JSC::JSType. WebCore already
extends it with JSElementType, JSNodeType, and JSDocumentWrapperType. And these types are
corresponding to specific NodeTypes. For example, JSElementType should have ELEMENT_NODE type.

This patch further extends this JSC::JSType in WebCore side safely. We embed NodeType bits into
JSC::JSType. This design offers significantly faster nodeType implementation. Furthermore, it
makes DOMJIT easy for nodeType accessor.

Even without the IC change[1], Dromaeo dom-query shows 8 - 10% improvement,
1452.96 runs/s vs 1578.56 runs/s. We can expect that this improvement will be applied to the
other benchmarks / real applications when the IC change is landed.

[1]: https://bugs.webkit.org/show_bug.cgi?id=163226

  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSDOMWrapper.h:
  • bindings/js/JSNodeCustom.h:

(WebCore::JSNode::nodeType):

  • bindings/scripts/CodeGeneratorJS.pm:

(GetJSTypeForNode):
(GenerateHeader):

  • dom/Node.idl:
  • dom/NodeConstants.h: Copied from Source/JavaScriptCore/domjit/DOMJITGetterSetter.h.
  • domjit/JSNodeDOMJIT.cpp:

(WebCore::createCallDOMForOffsetAccess):
(WebCore::NodeFirstChildDOMJIT::callDOM):
(WebCore::NodeLastChildDOMJIT::callDOM):
(WebCore::NodeNextSiblingDOMJIT::callDOM):
(WebCore::NodePreviousSiblingDOMJIT::callDOM):
(WebCore::NodeParentNodeDOMJIT::callDOM):
(WebCore::NodeNodeTypeDOMJIT::checkDOM):
(WebCore::NodeNodeTypeDOMJIT::callDOM):

LayoutTests:

  • js/dom/domjit-accessor-node-type.html: Added.
1:41 PM Changeset in webkit [207238] by Chris Dumez
  • 22 edits in trunk

Update more events to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163339

Reviewed by Ryosuke Niwa.

Source/WebCore:

Update more events to stop using legacy [ConstructorTemplate=Event]
and use regular constructors instead.

No new tests, updated existing tests.

  • bindings/scripts/test/JS/JSTestEventConstructor.cpp:

(WebCore::convertDictionary<TestEventConstructor::Init>):
(WebCore::JSTestEventConstructorConstructor::construct):
(WebCore::JSTestEventConstructorConstructor::prototypeForStructure):
(WebCore::JSTestEventConstructor::JSTestEventConstructor):
(WebCore::JSTestEventConstructor::createPrototype):
(WebCore::JSTestEventConstructorPrototype::create): Deleted.
(WebCore::JSTestEventConstructorPrototype::createStructure): Deleted.
(WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype): Deleted.
(WebCore::setJSTestEventConstructorConstructor): Deleted.
(WebCore::JSTestEventConstructor::getConstructor): Deleted.

  • bindings/scripts/test/JS/JSTestEventConstructor.h:

(WebCore::JSTestEventConstructor::wrapped):
(WebCore::JSTestEventConstructor::create): Deleted.
(WebCore::toJS): Deleted.
(WebCore::toJSNewlyCreated): Deleted.

  • bindings/scripts/test/TestEventConstructor.idl:
  • css/CSSFontFaceLoadEvent.cpp:

(WebCore::CSSFontFaceLoadEvent::CSSFontFaceLoadEvent):

  • css/CSSFontFaceLoadEvent.h:
  • css/CSSFontFaceLoadEvent.idl:
  • html/canvas/WebGLContextEvent.cpp:

(WebCore::WebGLContextEvent::WebGLContextEvent):

  • html/canvas/WebGLContextEvent.h:
  • html/canvas/WebGLContextEvent.idl:
  • storage/StorageEvent.cpp:

(WebCore::StorageEvent::create):
(WebCore::StorageEvent::StorageEvent):

  • storage/StorageEvent.h:
  • storage/StorageEvent.idl:

LayoutTests:

Update existing tests to reflect minor behavior changes.

  • fast/events/constructors/storage-event-constructor-expected.txt:
  • fast/events/constructors/storage-event-constructor.html:
  • fast/events/constructors/webgl-context-event-constructor-expected.txt:
  • fast/events/constructors/webgl-context-event-constructor.html:
1:38 PM Changeset in webkit [207237] by Ryan Haddad
  • 4 edits in trunk

Unreviewed, rolling out r207225.

This change causes debug tests to exit early with crashes.

Reverted changeset:

"Optional's move-constructor and move-assignment operator
don't disengage the value being moved from"
https://bugs.webkit.org/show_bug.cgi?id=163309
http://trac.webkit.org/changeset/207225

1:23 PM Changeset in webkit [207236] by achristensen@apple.com
  • 4 edits in trunk

Fix assertion after switching to URLParser
https://bugs.webkit.org/show_bug.cgi?id=163350
rdar://problem/28739938

Reviewed by Brady Eidson.
Source/WebKit2:


Covered by a new API test.

  • UIProcess/API/Cocoa/_WKUserStyleSheet.mm:

(-[_WKUserStyleSheet initWithSource:forMainFrameOnly:legacyWhitelist:legacyBlacklist:baseURL:userContentWorld:]):
The { } here is not understood by the compiler to mean WebCore::URL(), but rather the empty constructor for the enum ParsedURLStringTag.
We used to be unsafely trusting that the URL was valid and canonicalized, but with URLParser we are canonicalizing it,
and the assertion (url == m_string) in URL.cpp was failing.

Tools:

  • TestWebKitAPI/Tests/WebKit2Cocoa/UserContentController.mm:

(TEST):

12:40 PM Changeset in webkit [207235] by keith_miller@apple.com
  • 4 edits
    1 add in trunk

Handle non-function, non-undefined comparator in Array.prototype.sort
https://bugs.webkit.org/show_bug.cgi?id=163085

Reviewed by Yusuke Suzuki.

JSTests:

  • ChakraCore/test/Array/array_sort.baseline-jsc:
  • stress/array-sort-bad-comparator.js: Added.

(test):

Source/JavaScriptCore:

  • builtins/ArrayPrototype.js:

(sort.comparatorSort):
(sort.stringSort):
(sort):

12:35 PM Changeset in webkit [207234] by akling@apple.com
  • 2 edits in trunk/Source/WebCore

Make Document::existingAXObjectCache() fast with accessibility disabled.
<https://webkit.org/b/163347>

Reviewed by Antti Koivisto.

Instruments says we were spending 2.3% of Dromaeo/dom-modify.html in this function,
traversing ancestors. Track whether we've ever had a cache, and use that knowledge
to return early if possible.

  • dom/Document.cpp:

(WebCore::Document::existingAXObjectCache):
(WebCore::Document::axObjectCache):

12:31 PM Changeset in webkit [207233] by matthew_hanson@apple.com
  • 1 copy in tags/Safari-602.3.2

New tag.

12:18 PM Changeset in webkit [207232] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[SOUP] trunk r207192 fails to compile due to missing std::function being unavailable (missing #include <functional>)
https://bugs.webkit.org/show_bug.cgi?id=163340

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-10-12
Reviewed by Michael Catanzaro.

  • platform/network/soup/SoupNetworkSession.h: Add missing #include <functional>
12:03 PM Changeset in webkit [207231] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit/win

[Win] Unreviewed build fix after r207218.

The CQ-landed patch used the old USE(CFNETWORK) compiler guard.
It should be using USE(CFURLCONNECTION).

  • WebCache.cpp: Missed one!
12:01 PM Changeset in webkit [207230] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

REGRESSION (r207179): ASSERTION FAILED: node.cell != previousCell
https://bugs.webkit.org/show_bug.cgi?id=163337

Reviewed by Mark Lam.

It turns out that HeapSnapshot was not down with revisiting. The concurrent GC is going to be
built around the idea that we can revisit objects many times. This means that any action that
should only take place once per object must check the object's state. This fixes the snapshot
code to do this.

While writing this code, I realized that we're actually doing this check incorrectly, so I
filed bug 163343. That bug requires a race, so we aren't going to see it yet.

  • heap/HeapSnapshot.cpp:

(JSC::HeapSnapshot::finalize):

  • heap/SlotVisitor.cpp:

(JSC::SlotVisitor::appendToMarkStack):
(JSC::SlotVisitor::visitChildren):

11:47 AM Changeset in webkit [207229] by Joseph Pecoraro
  • 14 edits
    2 adds in trunk

Web Inspector: Improve support for logging Proxy objects in console
https://bugs.webkit.org/show_bug.cgi?id=163323
<rdar://problem/28432553>

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

This is based off of similiar patches in Blink for Proxy handling.

  • bindings/ScriptValue.cpp:

(Deprecated::ScriptValue::isEqual):
Use strict equality. This is the intent, and it prevents the possibility of triggering
primitive conversion on objects in previous ConsoleMessage argument lists.

  • inspector/InjectedScriptSource.js:

(InjectedScript.prototype._propertyDescriptors):
Bail if the object is a Proxy.

(InjectedScript.prototype._describe):
Provide a friendlier name, "Proxy" instead of "ProxyObject".

(InjectedScript.RemoteObject):
When generating a preview for a Proxy object, generate it from the final target
and mark it as lossy so that the object can always be expanded to get the internal
target/handler properties.

  • inspector/JSInjectedScriptHost.h:
  • inspector/JSInjectedScriptHost.cpp:

(Inspector::JSInjectedScriptHost::subtype):
New subtype for Proxy objects.

(Inspector::JSInjectedScriptHost::proxyTargetValue):
Resolve the final target value for a Proxy.

  • inspector/JSInjectedScriptHostPrototype.cpp:

(Inspector::JSInjectedScriptHostPrototype::finishCreation):
(Inspector::jsInjectedScriptHostPrototypeFunctionProxyTargetValue):
Add the new method.

  • inspector/ScriptArguments.cpp:

(Inspector::ScriptArguments::getFirstArgumentAsString):
Avoid triggering Proxy traps on a Proxy object when getting a quick
string description for ConsoleMessages.

  • inspector/protocol/Runtime.json:

Add new "proxy" subtype.

Source/WebInspectorUI:

  • UserInterface/Views/ConsoleMessageView.js:

(WebInspector.ConsoleMessageView.prototype._formatParameter):
Treat a Proxy like any other object.

LayoutTests:

  • inspector/console/console-log-proxy-expected.txt: Added.
  • inspector/console/console-log-proxy.html: Added.

Add a test specific to console logs of Proxy objects to ensure the get
trap is not used in different cases.

  • inspector/model/remote-object-expected.txt:
  • inspector/model/remote-object.html:
  • platform/mac/inspector/model/remote-object-expected.txt:

Update results for Proxy objects and include a test for a multi-level
Proxy object, which should preview the target.

11:47 AM Changeset in webkit [207228] by Joseph Pecoraro
  • 15 edits in trunk

Emit DebugHooks uniformly with pause locations instead of having separate pause locations and op_debug emits
https://bugs.webkit.org/show_bug.cgi?id=162809

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

Change how BytecodeGeneration emits debug hooks to be more consistent.
Previously most nodes individually generated their own debug hook
and we asserted that it matched a breakpoint location identified
by the parser. This could get out of sync, or nodes could forget to
emit debug hooks expected by the parser.

With this change, we always check and emit a debug hook for any
node. The default behavior is for BytecodeGenerator::emitNode
to emit the debug hook when emitting the node itself. This covers
the majority of cases (statements).

There are a few exceptions where we continue to need to customize
emitting debug hooks:

  1. Nodes with emitBytecodeInConditionContext
    • non-Expression nodes customize how they emit their children
    • constants conditions may emit nothing, but we had recorded a breakpoint location so emit a debug hook
    • always emit one debug hook in case we recorded a breakpoint location, but avoid emitting multiple in nodes which may call up to the ExpressionNode::emitBytecodeInConditionContext base impl.
  2. Specialized Debug Hooks
    • such as hooks for Program start/end, debugger statements, etc.
  3. Debug Hooks in for..of / for..in that don't correspond to re-emitting nodes
    • such as pausing on the assignment expression inside these loops

The majority of nodes no longer have custom emits.

  • bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::emitNodeInTailPosition):
(JSC::BytecodeGenerator::emitNodeInConditionContext):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitDebugHook):
(JSC::BytecodeGenerator::emitEnumeration):
By default, when emitting a node check if we should also emit an op_debug for it.
This default DebugHook is WillExecuteStatement, which is a normal pause point.

  • bytecompiler/NodesCodegen.cpp:

(JSC::ConstantNode::emitBytecodeInConditionContext):
(JSC::LogicalNotNode::emitBytecodeInConditionContext):
(JSC::BinaryOpNode::emitBytecodeInConditionContext):
(JSC::LogicalOpNode::emitBytecodeInConditionContext):
The parser would have generated a pause location for these conditions
no matter what constant folding and re-writing these nodes may perform.
So, when emitting these nodes in condition context check if they need
emit their own debug hook.

(JSC::EmptyStatementNode::emitBytecode):
(JSC::ExprStatementNode::emitBytecode):
(JSC::DeclarationStatement::emitBytecode):
(JSC::IfElseNode::emitBytecode):
(JSC::DoWhileNode::emitBytecode):
(JSC::WhileNode::emitBytecode):
(JSC::ForNode::emitBytecode):
(JSC::ContinueNode::emitBytecode):
(JSC::BreakNode::emitBytecode):
(JSC::ReturnNode::emitBytecode):
(JSC::WithNode::emitBytecode):
(JSC::SwitchNode::emitBytecode):
(JSC::ThrowNode::emitBytecode):
No longer need to custom emit debug hooks. The default emitNode will handle these.

(JSC::ForInNode::emitBytecode):
Include extra debug hooks the user expects to return back to the assignment
expression in the loop header before starting the body again. The same is done
for for..of with emitEnumeration.

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createExportDefaultDeclaration):
(JSC::ASTBuilder::createExportLocalDeclaration):
These are no longer needed to fake-satisfy assertions. We never wanted to
emit debug hooks for these inner statements because the export statement
will already have the debug hooks.

(JSC::ASTBuilder::createForInLoop):
(JSC::ASTBuilder::createForOfLoop):
Include the correct location where the declaration starts.

(JSC::ASTBuilder::breakpointLocation):
Simplify to a general implementation for Node.

  • parser/SyntaxChecker.h:

(JSC::SyntaxChecker::createForInLoop):
(JSC::SyntaxChecker::createForOfLoop):
Ignore the new extra parameter.

  • parser/Nodes.h:

(JSC::Node::needsDebugHook):
(JSC::Node::setNeedsDebugHook):
(JSC::ExpressionNode::needsDebugHook): Deleted.
(JSC::ExpressionNode::setNeedsDebugHook): Deleted.
(JSC::StatementNode::isEmptyStatement): Deleted.
(JSC::StatementNode::needsDebugHook): Deleted.
(JSC::StatementNode::setNeedsDebugHook): Deleted.
Move debug hook logic into the base Node class.

(JSC::StatementNode::isDebuggerStatement):
Provide a way to distinguish a debugger statement.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseForStatement):
Provide the location before the declaration starts.

Source/WebInspectorUI:

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor.prototype.textEditorExecutionHighlightRange):
When pausing on the variable assignment inside for..of and for..in don't just
highlight "var foo" but include the right hand side "var foo in ..." or
"var foo of ...".

LayoutTests:

  • inspector/debugger/stepping/stepping-control-flow-expected.txt:
  • inspector/debugger/stepping/stepping-control-flow.html:

Add new tests for stepping through conditional expressions with constants,
logical operations, binary operations, and unary negations.

  • inspector/debugger/stepping/stepping-loops-expected.txt:
  • inspector/debugger/stepping/stepping-loops.html:

Update tests for changes in stepping behavior in for loops.

11:43 AM Changeset in webkit [207227] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Whole program sometimes highlighted instead of just first statement
https://bugs.webkit.org/show_bug.cgi?id=163300
<rdar://problem/28723162>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-12
Reviewed by Timothy Hatcher.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor.prototype.textEditorExecutionHighlightRange):
Avoid highlighting the entire program by skipping a Program type Node.

  • UserInterface/Views/TextEditor.js:

(WebInspector.TextEditor.prototype.setExecutionLineAndColumn):
Avoid unnecessary work before content has loaded.

(WebInspector.TextEditor.prototype.currentPositionToOriginalOffset):
Avoid unnecessary indirection to get the CodeMirror editor.

11:27 AM Changeset in webkit [207226] by mark.lam@apple.com
  • 3 edits
    1 add in trunk

Array.prototype.slice should not modify frozen objects.
https://bugs.webkit.org/show_bug.cgi?id=163338

Reviewed by Filip Pizlo.

JSTests:

  • stress/array-slice-on-frozen-object.js: Added.

Source/JavaScriptCore:

  1. The ES6 spec for Array.prototype.slice (https://tc39.github.io/ecma262/#sec-array.prototype.slice) states that it uses the CreateDataPropertyOrThrow() (https://tc39.github.io/ecma262/#sec-createdatapropertyorthrow) to add items to the result array. The spec for CreateDataPropertyOrThrow states:

"This abstract operation creates a property whose attributes are set to the
same defaults used for properties created by the ECMAScript language assignment
operator. Normally, the property will not already exist. If it does exist and
is not configurable or if O is not extensible, DefineOwnProperty? will
return false causing this operation to throw a TypeError exception."

  1. Array.prototype.slice also uses a Set function (https://tc39.github.io/ecma262/#sec-set-o-p-v-throw) to set the "length" property and passes true for the Throw argument. Ultimately, it ends up calling the OrdinarySet function (https://tc39.github.io/ecma262/#sec-ordinaryset) that will fail if the property is not writable. This failure should result in a TypeError being thrown in Set.

Since the properties of frozen objects are not extensible, not configurable,
and not writeable, Array.prototype.slice should fail to write to the result
array if it is frozen.

If the source array being sliced has 1 or more elements, (1) will take effect
when we try to set the element in the non-writeable result obj.
If the source array being sliced has 0 elements, we will not set any elements and
(1) will not trigger. Subsequently, (2) will take effect when we will try to
set the length of the result obj.

  • runtime/ArrayPrototype.cpp:

(JSC::putLength):
(JSC::setLength):
(JSC::arrayProtoFuncSlice):
(JSC::arrayProtoFuncSplice):

10:41 AM Changeset in webkit [207225] by weinig@apple.com
  • 4 edits in trunk

Optional's move-constructor and move-assignment operator don't disengage the value being moved from
https://bugs.webkit.org/show_bug.cgi?id=163309

Reviewed by Anders Carlsson.

Source/WTF:

  • wtf/Optional.h:

(WTF::Optional::Optional):
(WTF::Optional::operator=):
Disengage 'other' on move-construction and move-assignment.

Tools:

  • TestWebKitAPI/Tests/WTF/Optional.cpp:

(TestWebKitAPI::TEST):
Add tests for Optional's move-constructor and move-assignment operator.

10:31 AM Changeset in webkit [207224] by andersca@apple.com
  • 3 edits in trunk/Source/WebKit2

Remove an unused function
https://bugs.webkit.org/show_bug.cgi?id=163341

Reviewed by Dan Bernstein.

  • WebProcess/WebPage/WebBackForwardListProxy.cpp:

(WebKit::WebBackForwardListProxy::isActive): Deleted.

  • WebProcess/WebPage/WebBackForwardListProxy.h:
10:22 AM Changeset in webkit [207223] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit/win

[Win] Unreviewed build fix after r207218.

The CQ-landed patch used the old USE(CFNETWORK) compiler guard.
It should be using USE(CFURLCONNECTION).

  • WebCache.cpp:

(WebCache::cacheFolder):
(WebCache::setCacheFolder):

9:56 AM Changeset in webkit [207222] by fpizlo@apple.com
  • 7 edits
    1 delete in trunk/Source/JavaScriptCore

Remove JITWriteBarrier.h
https://bugs.webkit.org/show_bug.cgi?id=163334

Reviewed by Mark Lam.

I guess that the idea of JITWriteBarrier was to make sure that if you slap some heap pointer
bits into machine code, then you better execute a barrier on the code block. But it's a
complicated piece of code, and I can never remember how it quite works. These days it looks
vestigial, particularly since only the CallLinkInfo patchable callee immediate uses it. It's
not really necessary to have something like this, since our convention is that any pointer
stored in machine code must always be shadowed in the GC heap. I think that convention has
won by overwhelming majority, so we should finally remove JITWriteBarrier.

A practical outcome of this change is that it makes it easier to implement DirectCall ICs,
which will have to store the callee in the CallLinkInfo but not in the machine code.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • assembler/AbstractMacroAssembler.h:
  • bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::setCallee):
(JSC::CallLinkInfo::clearCallee):

  • bytecode/CallLinkInfo.h:

(JSC::CallLinkInfo::setCallee): Deleted.
(JSC::CallLinkInfo::clearCallee): Deleted.

  • heap/SlotVisitor.h:
  • jit/JITWriteBarrier.h: Removed.
9:50 AM Changeset in webkit [207221] by Brent Fulgham
  • 2 edits in trunk/Source/WebCore

[WebGL] Revise vertex array attribute checks to account for lazy memory allocation.
https://bugs.webkit.org/show_bug.cgi?id=163149
<rdar://problem/28629774>

Reviewed by Dean Jackson.

Tested by fast/canvas/webgl/webgl-drawarrays-crash-2.html

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::validateVertexAttributes):

9:48 AM Changeset in webkit [207220] by wenson_hsieh@apple.com
  • 7 edits in trunk

Now playing media sessions are always cleared for the active foreground tab
https://bugs.webkit.org/show_bug.cgi?id=163310
<rdar://problem/28573301>

Reviewed by Jer Noble.

Source/WebCore:

Currently, we clear out Now Playing info whenever we set the visibility of Now Playing controls to Never. This
is incorrect, as the Now Playing session needs to still be active (just not visible) in this state. Instead, we
should not be taking the active/foregrounded-ness of a media session for Now Playing into account in
MediaElementSession::canShowControlsManager so that even if a media session is in the active/foreground tab, we
will update the Now Playing session with the latest info. However, when setting the visibility, we now check
and see if the session allows Now Playing visibility, and set the Now Playing visibility to Always or Never
depending on the answer.

Tweaked existing unit tests in NowPlayingControlsTests.

  • html/MediaElementSession.cpp:

(WebCore::MediaElementSession::canShowControlsManager):
(WebCore::MediaElementSession::allowsNowPlayingControlsVisibility):
(WebCore::MediaElementSession::pageAllowsNowPlayingControls): Deleted.

  • html/MediaElementSession.h:
  • platform/audio/PlatformMediaSession.h:

(WebCore::PlatformMediaSession::allowsNowPlayingControlsVisibility):

  • platform/audio/mac/MediaSessionManagerMac.mm:

(WebCore::MediaSessionManagerMac::updateNowPlayingInfo):

Tools:

Tweaks existing unit tests to verify that media session info persists when backgrounding and foregrounding, but
that media session info is correctly cleared out if the media session itself is no longer eligible for Now
Playing (not accounting for foreground/active state). Previously, these tests were verifying that we would
always clear out the information, but this is incorrect, and is the source of the problem.

  • TestWebKitAPI/Tests/WebKit2Cocoa/NowPlayingControlsTests.mm:

(-[NowPlayingTestWebView waitForNowPlayingInfoToChange]):
(TestWebKitAPI::TEST):

9:45 AM Changeset in webkit [207219] by Alan Bujtas
  • 4 edits in trunk/Source/WebCore

Refactor LineLayoutState's float box handling.
https://bugs.webkit.org/show_bug.cgi?id=163286

Reviewed by David Hyatt.

We keep track of float boxes both per line (RootInlineBox::m_floats) and
per flow block (LineLayoutState::m_floats) during layout.
As we lay out the lines and iterate through RootInlineBox::m_floats, we
increment LineLayoutState::m_floatIndex. This LineLayoutState::m_floatIndex is
later used to find the matching float box in the per-block-flow float list.
This logic works fine as long as the lists and the index manipulation are tightly coded.
However due to the complexity of the line/float layout code, this is no longer the case.

This patch makes float box handling more secure by changing this index based setup
to a list iterator. It helps to eliminate potential vector overflow issues.

LineLayoutState::FloatList (new class) keeps track of all the floats for the block flow.
It groups the float box related functions/members and provides an iterator interface to ensure safer
syncing between this and the line based floats.

No change in functionality.

  • rendering/RenderBlockFlow.h:
  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::appendFloatingObjectToLastLine):
(WebCore::repaintDirtyFloats):
(WebCore::RenderBlockFlow::layoutRunsAndFloats):
(WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange):
(WebCore::RenderBlockFlow::linkToEndLineIfNeeded):
(WebCore::RenderBlockFlow::layoutLineBoxes):
(WebCore::RenderBlockFlow::checkFloatInCleanLine):
(WebCore::RenderBlockFlow::determineStartPosition):
(WebCore::RenderBlockFlow::determineEndPosition):
(WebCore::RenderBlockFlow::repaintDirtyFloats): Deleted.
(WebCore::RenderBlockFlow::checkFloatsInCleanLine): Deleted.

  • rendering/line/LineLayoutState.h:

(WebCore::FloatWithRect::create):
(WebCore::FloatWithRect::renderer):
(WebCore::FloatWithRect::rect):
(WebCore::FloatWithRect::everHadLayout):
(WebCore::FloatWithRect::adjustRect):
(WebCore::FloatWithRect::FloatWithRect):
(WebCore::LineLayoutState::FloatList::append):
(WebCore::LineLayoutState::FloatList::setLastFloat):
(WebCore::LineLayoutState::FloatList::lastFloat):
(WebCore::LineLayoutState::FloatList::setLastCleanFloat):
(WebCore::LineLayoutState::FloatList::lastCleanFloat):
(WebCore::LineLayoutState::FloatList::floatWithRect):
(WebCore::LineLayoutState::FloatList::begin):
(WebCore::LineLayoutState::FloatList::end):
(WebCore::LineLayoutState::FloatList::find):
(WebCore::LineLayoutState::FloatList::isEmpty):
(WebCore::LineLayoutState::LineLayoutState):
(WebCore::LineLayoutState::floatList):
(WebCore::LineLayoutState::lastFloat): Deleted.
(WebCore::LineLayoutState::setLastFloat): Deleted.
(WebCore::LineLayoutState::floats): Deleted.
(WebCore::LineLayoutState::floatIndex): Deleted.
(WebCore::LineLayoutState::setFloatIndex): Deleted.

9:36 AM Changeset in webkit [207218] by pvollan@apple.com
  • 11 edits in trunk

[Win] Parallel DRTs are sharing preferences and cache.
https://bugs.webkit.org/show_bug.cgi?id=163013

Reviewed by Brent Fulgham.

Source/WebKit/win:

Make it possible for a WebKit client to use separate preferences and cache.

  • Interfaces/IWebPreferencesPrivate.idl:
  • WebApplicationCache.cpp:

(applicationCachePath):

  • WebCache.cpp:

(WebCache::cacheFolder):
(WebCache::setCacheFolder):

  • WebDatabaseManager.cpp:

(databasesDirectory):

  • WebPreferences.cpp:

(WebPreferences::applicationId):
(WebPreferences::valueForKey):
(WebPreferences::setValueForKey):
(WebPreferences::save):
(WebPreferences::QueryInterface):
(WebPreferences::modernMediaControlsEnabled):
(WebPreferences::setApplicationId):

  • WebPreferences.h:
  • WebView.cpp:

(WebView::setCacheModel):

Tools:

Use separate cache and preferences for each DRT instance.

  • DumpRenderTree/win/DumpRenderTree.cpp:

(applicationId):
(setApplicationId):
(setCacheFolder):
(setDefaultsToConsistentValuesForTesting):

  • Scripts/webkitpy/port/win.py:

(WinPort.setup_test_run):

9:32 AM Changeset in webkit [207217] by clopez@igalia.com
  • 2 edits
    22 adds in trunk/LayoutTests

[GTK] Tests that fail since the new URLParser has been enabled on r207162.
https://bugs.webkit.org/show_bug.cgi?id=163335

Unreviewed gardening.

Rebaseline 12 tests that don't look like real failures, and report the other 36 that look as such.

  • platform/gtk/TestExpectations:
  • platform/gtk/fast/css-generated-content/malformed-url-expected.txt: Added.
  • platform/gtk/fast/loader/redirect-to-invalid-url-using-javascript-calls-policy-delegate-expected.txt: Added.
  • platform/gtk/fast/loader/redirect-to-invalid-url-using-meta-refresh-calls-policy-delegate-expected.txt: Added.
  • platform/gtk/fast/loader/url-parse-1-expected.txt: Added.
  • platform/gtk/fast/loader/window-open-to-invalid-url-calls-policy-delegate-expected.txt: Added.
  • platform/gtk/fast/url/invalid-idn-expected.txt: Added.
  • platform/gtk/fast/url/segments-userinfo-vs-host-expected.txt: Added.
  • platform/gtk/fast/url/tab-and-newline-stripping-expected.txt: Added.
  • platform/gtk/fast/url/url-credentials-escaping-expected.txt: Added.
  • platform/gtk/http/tests/eventsource/eventsource-cors-non-http-expected.txt: Added.
  • platform/gtk/http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/fetch-src/failure-expected.txt: Added.
9:24 AM Changeset in webkit [207216] by Said Abou-Hallawa
  • 2 edits in trunk/Source/WebCore

Unreviewed, fix Windows build break after r207182.

  • platform/graphics/cg/ImageDecoderCG.cpp:
9:23 AM Changeset in webkit [207215] by Chris Dumez
  • 58 edits in trunk

Update remaining DOM events to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163319

Reviewed by Darin Adler.

Source/WebCore:

Update remaining DOM events to stop using legacy [ConstructorTemplate=Event]
and use regular constructors instead.

No new tests, updated existing tests.

  • dom/AutocompleteErrorEvent.h:
  • dom/AutocompleteErrorEvent.idl:
  • dom/BeforeLoadEvent.h:
  • dom/BeforeLoadEvent.idl:
  • dom/CompositionEvent.cpp:

(WebCore::CompositionEvent::CompositionEvent):

  • dom/CompositionEvent.h:
  • dom/CompositionEvent.idl:
  • dom/ErrorEvent.cpp:

(WebCore::ErrorEvent::ErrorEvent):

  • dom/ErrorEvent.h:
  • dom/ErrorEvent.idl:
  • dom/FocusEvent.cpp:

(WebCore::FocusEvent::FocusEvent):

  • dom/FocusEvent.h:
  • dom/FocusEvent.idl:
  • dom/HashChangeEvent.h:
  • dom/HashChangeEvent.idl:
  • dom/OverflowEvent.cpp:

(WebCore::OverflowEvent::OverflowEvent):

  • dom/OverflowEvent.h:
  • dom/OverflowEvent.idl:
  • dom/PageTransitionEvent.cpp:

(WebCore::PageTransitionEvent::PageTransitionEvent):

  • dom/PageTransitionEvent.h:
  • dom/PageTransitionEvent.idl:
  • dom/PopStateEvent.cpp:

(WebCore::PopStateEvent::PopStateEvent):
(WebCore::PopStateEvent::create):

  • dom/PopStateEvent.h:
  • dom/PopStateEvent.idl:
  • dom/SecurityPolicyViolationEvent.h:
  • dom/SecurityPolicyViolationEvent.idl:
  • dom/TouchEvent.cpp:

(WebCore::TouchEvent::TouchEvent):

  • dom/TouchEvent.h:
  • dom/TouchEvent.idl:
  • dom/TransitionEvent.cpp:

(WebCore::TransitionEvent::TransitionEvent):

  • dom/TransitionEvent.h:
  • dom/TransitionEvent.idl:
  • dom/WebKitAnimationEvent.cpp:

(WebCore::WebKitAnimationEvent::WebKitAnimationEvent):

  • dom/WebKitAnimationEvent.h:
  • dom/WebKitAnimationEvent.idl:
  • dom/WebKitTransitionEvent.cpp:

(WebCore::WebKitTransitionEvent::WebKitTransitionEvent):

  • dom/WebKitTransitionEvent.h:
  • dom/WebKitTransitionEvent.idl:

LayoutTests:

Rebaseline several existing tests to reflect minor behavior changes:

  • We now properly use the default member value when an explicit undefined is passed.
  • We throw more exceptions when bad input is passed.
  • Exception messages are sometimes slightly different.
  • fast/events/constructors/before-load-event-constructor-expected.txt:
  • fast/events/constructors/before-load-event-constructor.html:
  • fast/events/constructors/composition-event-constructor-expected.txt:
  • fast/events/constructors/composition-event-constructor.html:
  • fast/events/constructors/error-event-constructor-expected.txt:
  • fast/events/constructors/error-event-constructor.html:
  • fast/events/constructors/focus-event-constructor-expected.txt:
  • fast/events/constructors/focus-event-constructor.html:
  • fast/events/constructors/hash-change-event-constructor-expected.txt:
  • fast/events/constructors/hash-change-event-constructor.html:
  • fast/events/constructors/pop-state-event-constructor-expected.txt:
  • fast/events/constructors/pop-state-event-constructor.html:
  • fast/events/constructors/transition-event-constructor-expected.txt:
  • fast/events/constructors/transition-event-constructor.html:
  • fast/events/constructors/webkit-animation-event-constructor-expected.txt:
  • fast/events/constructors/webkit-animation-event-constructor.html:
  • fast/events/constructors/webkit-transition-event-constructor-expected.txt:
  • fast/events/constructors/webkit-transition-event-constructor.html:
7:41 AM Changeset in webkit [207214] by Chris Dumez
  • 8 edits in trunk/Source

Stop using PassRefPtr in platform/efl
https://bugs.webkit.org/show_bug.cgi?id=163321

Reviewed by Laszlo Gombos.

Stop using PassRefPtr in platform/efl.

  • platform/efl/BatteryProviderEfl.cpp:

(WebCore::batteryProperties):
(WebCore::BatteryProviderEfl::setBatteryStatus):
(WebCore::BatteryProviderEfl::dispatchEvent):

  • platform/efl/BatteryProviderEfl.h:
  • platform/efl/BatteryProviderEflClient.h:
  • platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:

(WebCore::PlatformSpeechSynthesisProviderEfl::voiceName):
(WebCore::PlatformSpeechSynthesisProviderEfl::speak):

  • platform/efl/PlatformSpeechSynthesisProviderEfl.h:
2:54 AM Changeset in webkit [207213] by Csaba Osztrogonác
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed buildfix for GCC 4.9 after r207186.
https://bugs.webkit.org/show_bug.cgi?id=163255

  • runtime/HasOwnPropertyCache.h:

(JSC::HasOwnPropertyCache::Entry::Entry):

1:41 AM Changeset in webkit [207212] by matthew_hanson@apple.com
  • 5 edits
    2 adds in branches/safari-602-branch

Merge r206975. rdar://problem/28545012

1:41 AM Changeset in webkit [207211] by matthew_hanson@apple.com
  • 2 edits in branches/safari-602-branch/Source/JavaScriptCore

Merge r206955. rdar://problem/28216236

1:41 AM Changeset in webkit [207210] by matthew_hanson@apple.com
  • 3 edits
    1 add in branches/safari-602-branch

Merge r206472. rdar://problem/28545009

1:41 AM Changeset in webkit [207209] by matthew_hanson@apple.com
  • 3 edits
    5 adds in branches/safari-602-branch

Merge r206280. rdar://problem/28476953

1:41 AM Changeset in webkit [207208] by matthew_hanson@apple.com
  • 3 edits
    2 adds in branches/safari-602-branch

Merge r205861. rdar://problem/28409523

1:41 AM Changeset in webkit [207207] by matthew_hanson@apple.com
  • 9 edits
    2 adds in branches/safari-602-branch

Merge r205786. rdar://problem/28476956

1:41 AM Changeset in webkit [207206] by matthew_hanson@apple.com
  • 5 edits
    1 add in branches/safari-602-branch

Merge r205197. rdar://problem/28481424

1:41 AM Changeset in webkit [207205] by matthew_hanson@apple.com
  • 14 edits in branches/safari-602-branch

Merge r205190. rdar://problem/28545010

1:41 AM Changeset in webkit [207204] by matthew_hanson@apple.com
  • 4 edits in branches/safari-602-branch

Merge r204868. rdar://problem/28216263

1:41 AM Changeset in webkit [207203] by matthew_hanson@apple.com
  • 3 edits in branches/safari-602-branch/Source/WebCore

Merge r204631. rdar://problem/28481427

1:41 AM Changeset in webkit [207202] by matthew_hanson@apple.com
  • 3 edits
    1 add in branches/safari-602-branch

Merge r204612. rdar://problem/28216278

1:41 AM Changeset in webkit [207201] by matthew_hanson@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebInspectorUI

Merge r204428. rdar://problem/28476954

1:41 AM Changeset in webkit [207200] by matthew_hanson@apple.com
  • 3 edits
    4 adds in branches/safari-602-branch

Merge r204266. rdar://problem/28216261

1:41 AM Changeset in webkit [207199] by matthew_hanson@apple.com
  • 4 edits in branches/safari-602-branch/Source/bmalloc

Merge r204091. rdar://problem/28476960

1:41 AM Changeset in webkit [207198] by matthew_hanson@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r203903. rdar://problem/28476961

1:41 AM Changeset in webkit [207197] by matthew_hanson@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r203792. rdar://problem/28476951

1:40 AM Changeset in webkit [207196] by matthew_hanson@apple.com
  • 8 edits
    16 adds in branches/safari-602-branch

Merge r203611. rdar://problem/28476958

1:40 AM Changeset in webkit [207195] by matthew_hanson@apple.com
  • 9 edits in branches/safari-602-branch

Merge r203522. rdar://problem/28476959

1:40 AM Changeset in webkit [207194] by matthew_hanson@apple.com
  • 5 edits
    4 adds in branches/safari-602-branch

Merge r203383. rdar://problem/28216264

12:37 AM Changeset in webkit [207193] by commit-queue@webkit.org
  • 13 edits in trunk/Source/WebCore

Attribute setter binding generated code should use more references
https://bugs.webkit.org/show_bug.cgi?id=163275

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-12
Reviewed by Alex Christensen.

No change of behavior.

  • bindings/scripts/CodeGeneratorJS.pm:

(JSValueToNative):

  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:
  • bindings/scripts/test/JS/JSTestInterface.cpp:
  • bindings/scripts/test/JS/JSTestNode.cpp:
  • bindings/scripts/test/JS/JSTestNondeterministic.cpp:
  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
  • bindings/scripts/test/JS/JSTestTypedefs.cpp:

Oct 11, 2016:

11:57 PM Changeset in webkit [207192] by commit-queue@webkit.org
  • 38 edits in trunk/Source/WebCore

Refactor binding generated casted-this checks for methods
https://bugs.webkit.org/show_bug.cgi?id=163198

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-11
Reviewed by Darin Adler.

Covered by existing tests and binding rebased tests..

Introducing BindingCaller::callMethod and callPromiseMethod to encapsulate casted-this checks for methods.
This is supported for all methods except seralizer and iterators methods.

Introduced castForMethod similarly to castForAttribute.
Moved this from static methods of JSClass to static methods of BindingCaller<JSClass>
This allows removing the corresponding declarations from JSClass header file.

Note the difference of handling thisValue between the two in case of CustomProxyToJSObject.
This should be made more consistent.

In case of bad casted this check, CustomProxyToJSObject objects will throw a TypeError with an error message like other methods.
Before the patch, a TypeError without error message was thrown.

EventTarget being different, added a specialization of BindingCaller for it.
This allows also removing some binding generated code dedicated to EventTarget.
A similar approach might also be done for CustomProxyToJSObject objects to further simplify the binding generator.

  • bindings/js/JSDOMBinding.cpp:

(WebCore::rejectPromiseWithThisTypeError):

  • bindings/js/JSDOMBinding.h:

(WebCore::BindingCaller::callPromiseMethod):
(WebCore::BindingCaller::callMethod):

  • bindings/js/JSEventTargetCustom.h:

(WebCore::BindingCaller<JSEventTarget>::callMethod):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader):
(GenerateImplementation):
(GenerateFunctionCastedThis): Deleted.

  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
  • bindings/scripts/test/JS/JSTestActiveDOMObject.h:
  • bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
  • bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
  • bindings/scripts/test/JS/JSTestEventTarget.cpp:
  • bindings/scripts/test/JS/JSTestEventTarget.h:
  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:
  • bindings/scripts/test/JS/JSTestGlobalObject.h:
  • bindings/scripts/test/JS/JSTestInterface.cpp:
  • bindings/scripts/test/JS/JSTestInterface.h:
  • bindings/scripts/test/JS/JSTestIterable.cpp:
  • bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
  • bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
  • bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
  • bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
  • bindings/scripts/test/JS/JSTestNode.cpp:
  • bindings/scripts/test/JS/JSTestNode.h:
  • bindings/scripts/test/JS/JSTestNondeterministic.cpp:
  • bindings/scripts/test/JS/JSTestNondeterministic.h:
  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/JS/JSTestObj.h:
  • bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
  • bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
  • bindings/scripts/test/JS/JSTestTypedefs.cpp:
  • bindings/scripts/test/JS/JSTestTypedefs.h:
11:39 PM Changeset in webkit [207191] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit2

[EFL] Update API tests which are passed or failed
https://bugs.webkit.org/show_bug.cgi?id=163322

Unreviewed, simple on/off API test.

*ewk_favicon_database_clear* has been crashed for a long time, however
*ewk_cookie_manager_permanent_storage* is fine now. So the passing test
is enabled again, and disable the failure tests.

Patch by Gyuyoung Kim <gyuyoung.kim@navercorp.com> on 2016-10-11

  • UIProcess/API/efl/tests/test_ewk2_cookie_manager.cpp:

(TEST_F):

  • UIProcess/API/efl/tests/test_ewk2_favicon_database.cpp:

(TEST_F):

11:26 PM Changeset in webkit [207190] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebCore

MediaResourceLoader::requestResource should take a ResourceRequest&& as input
https://bugs.webkit.org/show_bug.cgi?id=160397

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-11
Reviewed by Alex Christensen.

No change in behavior.

  • loader/MediaResourceLoader.cpp:

(WebCore::MediaResourceLoader::requestResource): Passing a ResourceRequest&& as input parameter.

  • loader/MediaResourceLoader.h:
  • platform/graphics/PlatformMediaResourceLoader.h: Ditto.
  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webKitWebSrcStart): Creating an extra copy since MediaResourceLoader::requestResource expects a Resourcerequest&&.

10:34 PM Changeset in webkit [207189] by Gyuyoung Kim
  • 2 edits in trunk/LayoutTests

[EFL] Mark url tests to failure

Unreviewed EFL gardening on Oct. 12th.

URL tests have been failed since r207162.

  • platform/efl/TestExpectations:
9:48 PM Changeset in webkit [207188] by Chris Dumez
  • 4 edits in trunk/Source/WebCore

Update AnimationEvent to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163312

Reviewed by Ryosuke Niwa.

Update AnimationEvent to stop using legacy [ConstructorTemplate=Event]
and use a regular constructor as in the specification:

  • dom/AnimationEvent.cpp:

(WebCore::AnimationEvent::AnimationEvent):

  • dom/AnimationEvent.h:
  • dom/AnimationEvent.idl:
9:47 PM Changeset in webkit [207187] by Chris Dumez
  • 4 edits in trunk/Source/WebCore

Update DeviceProximityEvent to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163311

Reviewed by Ryosuke Niwa.

Update DeviceProximityEvent to stop using legacy [ConstructorTemplate=Event]
and use a regular constructor instead, as in the specification:

  • Modules/proximity/DeviceProximityEvent.cpp:

(WebCore::DeviceProximityEvent::DeviceProximityEvent):

  • Modules/proximity/DeviceProximityEvent.h:

(WebCore::DeviceProximityEvent::create):
(WebCore::DeviceProximityEventInit::DeviceProximityEventInit): Deleted.

  • Modules/proximity/DeviceProximityEvent.idl:
8:14 PM Changeset in webkit [207186] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

HasOwnPropertyCache needs to ref the UniquedStringImpls it sees
https://bugs.webkit.org/show_bug.cgi?id=163255

Reviewed by Geoffrey Garen.

The cache needs to be responsible for ensuring that things
in the cache stay alive. Before, it wasn't doing this, and
that was wrong.

  • runtime/HasOwnPropertyCache.h:

(JSC::HasOwnPropertyCache::Entry::operator=):
(JSC::HasOwnPropertyCache::operator delete):
(JSC::HasOwnPropertyCache::create):
(JSC::HasOwnPropertyCache::get):
(JSC::HasOwnPropertyCache::tryAdd):
(JSC::HasOwnPropertyCache::clear):
(JSC::HasOwnPropertyCache::zeroBuffer):

7:24 PM Changeset in webkit [207185] by dino@apple.com
  • 2 edits in trunk/LayoutTests

Fix a typo in the test.

  • fast/media/mq-color-gamut.html:
7:06 PM Changeset in webkit [207184] by achristensen@apple.com
  • 2 edits in trunk/Tools

Update API test expectation after r207162.

https://bugs.webkit.org/show_bug.cgi?id=162660

  • TestWebKitAPI/Tests/WebKit2Cocoa/LoadInvalidURLRequest.mm:

(-[LoadInvalidURLNavigationActionDelegate webView:didFailProvisionalNavigation:withError:]):
Like r207167 but with a WebKit2 test.
"https://www.example.com<>/" was an invalid URL with the old URL parser, is now valid with URLParser but not with NSURL's parser.

6:52 PM Changeset in webkit [207183] by Gyuyoung Kim
  • 2 edits in trunk/Source/WebCore

Unreviewed, EFL build fix because of r207173.

  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::forcedPrefersReducedMotionValue):

6:40 PM Changeset in webkit [207182] by commit-queue@webkit.org
  • 12 edits in trunk/Source/WebCore

[CG] Add the option to immediately decode an image frame and control its memory caching
https://bugs.webkit.org/show_bug.cgi?id=163298

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-10-11
Reviewed by Simon Fraser.

This patch fixes two things. (1) An option is added to immediately decode an
image frame. This can be done by adding kCGImageSourceShouldCacheImmediately
to the ImageSource options dictionary. (2) BitmapImage should also control
when the image frame is actually deleted from memory. This can be done by
calling CGImageSourceCreateThumbnailAtIndex(). CG does not keep a reference
to the returned CGImageRef.

  • platform/graphics/ImageFrame.h: Adding the DecodingMode enum class.

Ideally this should be a member of ImageDecoder class. But since we
have three header files for ImageDecoder, this can be added here till
the three files combined in one header file.

  • platform/graphics/ImageFrameCache.cpp:

(WebCore::ImageFrameCache::setRenderTarget): Deleted.

  • platform/graphics/ImageFrameCache.h:
  • platform/graphics/ImageSource.cpp:

(WebCore::ImageSource::setRenderTarget):

  • platform/graphics/ImageSource.h:

(WebCore::ImageSource::setRenderTarget): Deleted.
Unrelated change. The native image decoder is available from the ImageSource.
ImageSource::setTarget() does not need not to get it through ImageFrameCache.

  • platform/graphics/cg/ImageDecoderCG.cpp:

(WebCore::createImageSourceOptions): Clean this function by using CFMutableDictionary.
(WebCore::imageSourceOptions): Cache two default ImageSource options and create new
ones for the non default cases.

(WebCore::ImageDecoder::createFrameImageAtIndex): Use the appropriate ImageSource function

  • platform/graphics/cg/ImageDecoderCG.h:
  • platform/graphics/win/ImageDecoderDirect2D.cpp:

(WebCore::ImageDecoder::createFrameImageAtIndex):

  • platform/graphics/win/ImageDecoderDirect2D.h:
  • platform/image-decoders/ImageDecoder.cpp:

(WebCore::ImageDecoder::createFrameImageAtIndex):

  • platform/image-decoders/ImageDecoder.h: Change functions' signature to include a DecodingMode argument.
5:25 PM Changeset in webkit [207181] by Chris Dumez
  • 3 edits
    31 adds in trunk

select.options may return too many option elements
https://bugs.webkit.org/show_bug.cgi?id=163296

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Import html/infrastructure web-platform-tests from upstream.

  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/contains.json: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/htmlallcollection-expected.txt: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/htmlallcollection.html: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/htmlformcontrolscollection-expected.txt: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/htmlformcontrolscollection.html: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/htmloptionscollection-expected.txt: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/htmloptionscollection.html: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/radionodelist-expected.txt: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/radionodelist.html: Added.
  • web-platform-tests/html/infrastructure/common-dom-interfaces/collections/w3c-import.log: Added.
  • web-platform-tests/html/infrastructure/common-microsyntaxes/dates-and-times/contains.json: Added.
  • web-platform-tests/html/infrastructure/common-microsyntaxes/dates-and-times/w3c-import.log: Added.
  • web-platform-tests/html/infrastructure/common-microsyntaxes/numbers/contains.json: Added.
  • web-platform-tests/html/infrastructure/common-microsyntaxes/numbers/w3c-import.log: Added.
  • web-platform-tests/html/infrastructure/conformance-requirements/extensibility/foreign-expected.txt: Added.
  • web-platform-tests/html/infrastructure/conformance-requirements/extensibility/foreign.html: Added.
  • web-platform-tests/html/infrastructure/conformance-requirements/extensibility/w3c-import.log: Added.
  • web-platform-tests/html/infrastructure/terminology/plugins/sample.txt: Added.
  • web-platform-tests/html/infrastructure/terminology/plugins/text-plain-expected.txt: Added.
  • web-platform-tests/html/infrastructure/terminology/plugins/text-plain.html: Added.
  • web-platform-tests/html/infrastructure/terminology/plugins/w3c-import.log: Added.

Source/WebCore:

select.options may return too many option elements. We're only supposed
to return the option element children of the select element, and the
option element children of all the optgroup element children of the
select element, in tree order:

Firefox and Chrome agrees with the specification. However, WebKit was
returning all the option elements that are descendants of the select
element.

Test: imported/w3c/web-platform-tests/html/infrastructure/common-dom-interfaces/collections/htmloptionscollection.html

  • html/HTMLOptionsCollection.h:
5:17 PM Changeset in webkit [207180] by Ryan Haddad
  • 3 edits in trunk/LayoutTests

Skipping loader/stateobjects tests on mac and ios-simulator debug.
https://bugs.webkit.org/show_bug.cgi?id=163307

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
  • platform/mac/TestExpectations:
4:52 PM Changeset in webkit [207179] by fpizlo@apple.com
  • 20 edits
    1 add in trunk/Source

MarkedBlock should know what objects are live during marking
https://bugs.webkit.org/show_bug.cgi?id=162309

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

It used to be that we would forget which objects are live the moment we started collection.
That's because the flip at the beginning clears all mark bits.

But we already have a facility for tracking objects that are live-but-not-marked. It's called
newlyAllocated. So, instead of clearing mark bits, we want to just transfer them to
newlyAllocated. Then we want to clear all newlyAllocated after GC.

This implements such an approach, along with a versioning optimization for newlyAllocated.
Instead of walking the whole heap to clear newlyAllocated bits at the end of the GC, we bump
the newlyAllocatedVersion, which causes MarkedBlock to treat newlyAllocated as if it was
clear.

We could have even avoided allocating newlyAllocated in most cases, since empirically most
blocks are either completely empty or completely full. An earlier version of this patch did
this, but it was not better than this patch. In fact, it seemed to actually be worse for PLT
and membuster.

To validate this change, we now run the conservative scan after the beginMarking flip. And it
totally works!

This is a huge step towards concurrent GC. It means that we ought to be able to run the
allocator while marking. Since we already separately made it possible to run the barrier
while marking, this means that we're pretty much ready for some serious concurrency action.

This appears to be perf-neutral and space-neutral.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/CodeBlock.cpp:
  • bytecode/CodeBlock.h:

(JSC::CodeBlockSet::mark): Deleted.

  • heap/CodeBlockSet.cpp:

(JSC::CodeBlockSet::writeBarrierCurrentlyExecuting):
(JSC::CodeBlockSet::clearCurrentlyExecuting):
(JSC::CodeBlockSet::writeBarrierCurrentlyExecutingCodeBlocks): Deleted.

  • heap/CodeBlockSet.h:
  • heap/CodeBlockSetInlines.h: Added.

(JSC::CodeBlockSet::mark):

  • heap/ConservativeRoots.cpp:
  • heap/Heap.cpp:

(JSC::Heap::markRoots):
(JSC::Heap::beginMarking):
(JSC::Heap::collectImpl):
(JSC::Heap::writeBarrierCurrentlyExecutingCodeBlocks):
(JSC::Heap::clearCurrentlyExecutingCodeBlocks):

  • heap/Heap.h:
  • heap/HeapUtil.h:

(JSC::HeapUtil::findGCObjectPointersForMarking):

  • heap/MarkedAllocator.cpp:

(JSC::MarkedAllocator::isPagedOut):

  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::Handle::Handle):
(JSC::MarkedBlock::Handle::sweepHelperSelectHasNewlyAllocated):
(JSC::MarkedBlock::Handle::stopAllocating):
(JSC::MarkedBlock::Handle::lastChanceToFinalize):
(JSC::MarkedBlock::Handle::resumeAllocating):
(JSC::MarkedBlock::aboutToMarkSlow):
(JSC::MarkedBlock::Handle::resetAllocated):
(JSC::MarkedBlock::resetMarks):
(JSC::MarkedBlock::setNeedsDestruction):
(JSC::MarkedBlock::Handle::didAddToAllocator):
(JSC::MarkedBlock::Handle::isLive):
(JSC::MarkedBlock::Handle::isLiveCell):
(JSC::MarkedBlock::clearMarks): Deleted.

  • heap/MarkedBlock.h:

(JSC::MarkedBlock::Handle::newlyAllocatedVersion):
(JSC::MarkedBlock::Handle::hasAnyNewlyAllocated): Deleted.
(JSC::MarkedBlock::Handle::clearNewlyAllocated): Deleted.

  • heap/MarkedBlockInlines.h:

(JSC::MarkedBlock::Handle::cellsPerBlock):
(JSC::MarkedBlock::Handle::isLive):
(JSC::MarkedBlock::Handle::isLiveCell):
(JSC::MarkedBlock::Handle::isNewlyAllocatedStale):
(JSC::MarkedBlock::Handle::hasAnyNewlyAllocatedWithSweep):
(JSC::MarkedBlock::Handle::hasAnyNewlyAllocated):
(JSC::MarkedBlock::heap):
(JSC::MarkedBlock::space):
(JSC::MarkedBlock::Handle::space):
(JSC::MarkedBlock::resetMarkingVersion): Deleted.

  • heap/MarkedSpace.cpp:

(JSC::MarkedSpace::beginMarking):
(JSC::MarkedSpace::endMarking):
(JSC::MarkedSpace::clearNewlyAllocated): Deleted.

  • heap/MarkedSpace.h:

(JSC::MarkedSpace::nextVersion):
(JSC::MarkedSpace::newlyAllocatedVersion):
(JSC::MarkedSpace::markingVersion): Deleted.

  • runtime/SamplingProfiler.cpp:

Source/WTF:

This removes the atomicity mode, because it's not really used: it only affects the
concurrentBlah methods, but their only users turn on atomicity. This was useful because
previously, some binary Bitmap methods (like merge(const Bitmap&)) couldn't be used
effectively in the GC because some of the GC's bitmaps set the atomic mode and some didn't.
Removing this useless mode is the best solution.

Also added some new binary Bitmap methods: mergeAndClear(Bitmap& other) and
setAndClear(Bitmap& other). They perform their action on 'this' (either merge or set,
respectively) while also clearing the contents of 'other'. This is great for one of the GC
hot paths.

  • wtf/Bitmap.h:

(WTF::WordType>::Bitmap):
(WTF::WordType>::get):
(WTF::WordType>::set):
(WTF::WordType>::testAndSet):
(WTF::WordType>::testAndClear):
(WTF::WordType>::concurrentTestAndSet):
(WTF::WordType>::concurrentTestAndClear):
(WTF::WordType>::clear):
(WTF::WordType>::clearAll):
(WTF::WordType>::nextPossiblyUnset):
(WTF::WordType>::findRunOfZeros):
(WTF::WordType>::count):
(WTF::WordType>::isEmpty):
(WTF::WordType>::isFull):
(WTF::WordType>::merge):
(WTF::WordType>::filter):
(WTF::WordType>::exclude):
(WTF::WordType>::forEachSetBit):
(WTF::WordType>::mergeAndClear):
(WTF::WordType>::setAndClear):
(WTF::=):
(WTF::WordType>::hash):

4:25 PM Changeset in webkit [207178] by mark.lam@apple.com
  • 4 edits
    1 add in trunk

Array.prototype.concat should not modify frozen objects.
https://bugs.webkit.org/show_bug.cgi?id=163302

Reviewed by Filip Pizlo.

JSTests:

  • stress/array-concat-on-frozen-object.js: Added.

Source/JavaScriptCore:

The ES6 spec for Array.prototype.concat states that it uses the
CreateDataPropertyOrThrow() to add items to the result array. The spec for
CreateDataPropertyOrThrow states:

"This abstract operation creates a property whose attributes are set to the same
defaults used for properties created by the ECMAScript language assignment
operator. Normally, the property will not already exist. If it does exist and is
not configurable or if O is not extensible, DefineOwnProperty? will return
false causing this operation to throw a TypeError exception."

Since the properties of frozen objects are not extensible, not configurable, and
not writable, Array.prototype.concat should fail to write to the result array if
it is frozen.

Ref: https://tc39.github.io/ecma262/#sec-array.prototype.concat,
https://tc39.github.io/ecma262/#sec-createdatapropertyorthrow, and
https://tc39.github.io/ecma262/#sec-createdataproperty.

The fix consists of 2 parts:

  1. moveElement() should use the PutDirectIndexShouldThrow mode when invoking putDirectIndex(), and
  2. SparseArrayValueMap::putDirect() should check for the case where the property is read only.

(2) ensures that we don't write into a non-writable property.
(1) ensures that we throw a TypeError for attempts to write to a non-writeable
property.

  • runtime/ArrayPrototype.cpp:

(JSC::moveElements):

  • runtime/SparseArrayValueMap.cpp:

(JSC::SparseArrayValueMap::putDirect):

4:24 PM Changeset in webkit [207177] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Fix assertion when creating first WebCore::URL from non-main thread after r207162
https://bugs.webkit.org/show_bug.cgi?id=163304

Reviewed by Filip Pizlo.

This fixes assertions when running UserContentWorld.NormalWorld API tests.

  • platform/text/TextEncodingRegistry.cpp:

(WebCore::buildBaseTextCodecMaps):
(WebCore::atomicCanonicalTextEncodingName):
The new URLParser requires a TextEncoding& in its constructor, which defaults to UTF8Encoding.
When creating the first TextEncoding in a process, it calls buildBaseTextCodecMaps which asserts
it's on the main thread because it initializes static variables. Since we are getting a lock right
after this call anyway, just put this function call inside the lock.

4:20 PM Changeset in webkit [207176] by dino@apple.com
  • 5 edits in trunk

color-gamut media query shouldn't ASSERT on invalid values
https://bugs.webkit.org/show_bug.cgi?id=163303
<rdar://problem/28724566>

Reviewed by Simon Fraser.

Source/WebCore:

Remove the ASSERT_NOT_REACHED in the evaluation, since it
can be hit when there is a valid CSS keyword that is not
expected in the query.

Updated fast/media/mq-color-gamut.html

  • css/MediaQueryEvaluator.cpp:

(WebCore::colorGamutEvaluate):

LayoutTests:

Add a 'none' test.

  • fast/media/mq-color-gamut-expected.html:
  • fast/media/mq-color-gamut.html:
4:11 PM Changeset in webkit [207175] by Chris Dumez
  • 20 edits in trunk

Update MediaStream events to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163289

Reviewed by Sam Weinig.

Source/WebCore:

Update MediaStream events to stop using legacy [ConstructorTemplate=Event]
and use regular constructors instead.

  • Modules/mediastream/MediaStreamEvent.cpp:

(WebCore::MediaStreamEvent::create):
(WebCore::MediaStreamEvent::MediaStreamEvent):

  • Modules/mediastream/MediaStreamEvent.h:
  • Modules/mediastream/MediaStreamEvent.idl:
  • Modules/mediastream/MediaStreamTrackEvent.cpp:

(WebCore::MediaStreamTrackEvent::create):
(WebCore::MediaStreamTrackEvent::MediaStreamTrackEvent):

  • Modules/mediastream/MediaStreamTrackEvent.h:
  • Modules/mediastream/MediaStreamTrackEvent.idl:
  • Modules/mediastream/OverconstrainedErrorEvent.h:

(WebCore::OverconstrainedErrorEvent::create):
(WebCore::OverconstrainedErrorEvent::OverconstrainedErrorEvent):
(WebCore::OverconstrainedErrorEvent::~OverconstrainedErrorEvent): Deleted.

  • Modules/mediastream/OverconstrainedErrorEvent.idl:
  • Modules/mediastream/RTCDTMFToneChangeEvent.cpp:

(WebCore::RTCDTMFToneChangeEvent::create):
(WebCore::RTCDTMFToneChangeEvent::RTCDTMFToneChangeEvent):

  • Modules/mediastream/RTCDTMFToneChangeEvent.h:
  • Modules/mediastream/RTCDTMFToneChangeEvent.idl:
  • Modules/mediastream/RTCTrackEvent.cpp:

(WebCore::RTCTrackEvent::create):
(WebCore::RTCTrackEvent::RTCTrackEvent):

  • Modules/mediastream/RTCTrackEvent.h:
  • Modules/mediastream/RTCTrackEvent.idl:

LayoutTests:

Update existing test cases now that we throw more exceptions on bad input.

  • fast/events/constructors/overconstrained-error-event-constructor-expected.txt:
  • fast/events/constructors/overconstrained-error-event-constructor.html:
  • fast/mediastream/MediaStreamTrackEvent-constructor-expected.txt:
  • fast/mediastream/MediaStreamTrackEvent-constructor.html:
4:07 PM Changeset in webkit [207174] by Chris Dumez
  • 4 edits in trunk/Source/WebCore

Update UIRequestEvent to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163288

Reviewed by Darin Adler.

Update UIRequestEvent to stop using legacy [ConstructorTemplate=Event]
and use a constructor as in the specification:

  • Modules/indieui/UIRequestEvent.cpp:

(WebCore::UIRequestEvent::create):
(WebCore::UIRequestEvent::UIRequestEvent):
(WebCore::UIRequestEvent::createForBindings): Deleted.

  • Modules/indieui/UIRequestEvent.h:
  • Modules/indieui/UIRequestEvent.idl:
3:45 PM Changeset in webkit [207173] by dino@apple.com
  • 21 edits
    4 adds in trunk

Implement prefers-reduced-motion media query
https://bugs.webkit.org/show_bug.cgi?id=163250
<rdar://problem/28704129>

Reviewed by Simon Fraser.

Source/WebCore:

Implement the prefers-reduced-motion media query, as
described in https://github.com/w3c/csswg-drafts/issues/442.

Tests: fast/media/mq-prefers-reduced-motion-forced-value.html

fast/media/mq-prefers-reduced-motion.html

  • Configurations/WebCoreTestSupport.xcconfig: Link against AppKit and UIKit.
  • css/CSSValueKeywords.in: New keyword for "reduce".
  • css/MediaFeatureNames.h: Add prefers-reduced-motion.
  • css/MediaQueryEvaluator.cpp:

(WebCore::prefersReducedMotionEvaluate):

  • css/MediaQueryExp.cpp:

(WebCore::featureWithValidIdent):
(WebCore::isFeatureValidWithoutValue):

  • platform/Theme.h: New API to detect the system accessibility settings.

(WebCore::Theme::userPrefersReducedMotion):

  • platform/ios/ThemeIOS.h:
  • platform/ios/ThemeIOS.mm:

(WebCore::ThemeIOS::userPrefersReducedMotion):

  • platform/mac/ThemeMac.h:
  • platform/mac/ThemeMac.mm:

(WebCore::ThemeMac::userPrefersReducedMotion):

  • testing/Internals.cpp: Expose the same API to internals, so that

a test can examine the value too.
(WebCore::Internals::userPrefersReducedMotion):

  • testing/Internals.h:
  • testing/Internals.idl:
  • testing/Internals.mm:

(WebCore::Internals::userPrefersReducedMotion):

  • page/Settings.h: New setting to override the system value...
  • page/Settings.in:
  • testing/InternalSettings.cpp: ... plumbed through internals.

(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::forcedPrefersReducedMotionValue):
(WebCore::InternalSettings::setForcedPrefersReducedMotionValue):

  • testing/InternalSettings.h:
  • testing/InternalSettings.idl:
  • testing/Internals.cpp:

(WebCore::Internals::userPrefersReducedMotion):

  • testing/Internals.h:
  • testing/Internals.idl:
  • testing/Internals.mm:

(WebCore::Internals::userPrefersReducedMotion):

LayoutTests:

One test checks the system value. The other test overrides
the system values to make sure as much as possible is working.

  • fast/media/mq-prefers-reduced-motion-expected.html: Added.
  • fast/media/mq-prefers-reduced-motion-forced-value-expected.html: Added.
  • fast/media/mq-prefers-reduced-motion-forced-value.html: Added.
  • fast/media/mq-prefers-reduced-motion.html: Added.
3:37 PM Changeset in webkit [207172] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skip tests added with r207155 that rely on touch events.

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
3:19 PM Changeset in webkit [207171] by dbates@webkit.org
  • 4 edits in trunk/Source

Attempt to fix the Apple Internal Mac build following r207159
(https://bugs.webkit.org/show_bug.cgi?id=163244)

Source/WebKit/mac:

  • WebView/WebView.mm:

(shouldRequireUserGestureToLoadVideo):

Source/WebKit2:

  • UIProcess/API/Cocoa/WKWebView.mm:

(shouldRequireUserGestureToLoadVideo):

3:07 PM Changeset in webkit [207170] by rniwa@webkit.org
  • 23 edits
    6 adds in trunk

Annotate DOM API with CEReactions
https://bugs.webkit.org/show_bug.cgi?id=163268

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline tests now that more test cases are passing.

  • web-platform-tests/custom-elements/reactions/Attr-expected.txt:
  • web-platform-tests/custom-elements/reactions/ChildNode-expected.txt:
  • web-platform-tests/custom-elements/reactions/DOMTokenList-expected.txt:
  • web-platform-tests/custom-elements/reactions/Document-expected.txt:
  • web-platform-tests/custom-elements/reactions/Element-expected.txt:
  • web-platform-tests/custom-elements/reactions/NamedNodeMap-expected.txt:
  • web-platform-tests/custom-elements/reactions/Node-expected.txt:
  • web-platform-tests/custom-elements/reactions/ParentNode-expected.txt:
  • web-platform-tests/custom-elements/reactions/Range-expected.txt:

Source/WebCore:

Added CEReactions IDL attribute to APIs defined in https://dom.spec.whatwg.org.

No new tests since existing tests cover the code change.
Added a dedicated code generation test: JSTestCEReactions.idl and TestCEReactionsStringifier.idl.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation): Generate CustomElementReactionStack in attribute setters. In the case of PutForwards,
check the extended attributes of the target attribute's stringifier.

  • bindings/scripts/test/JS/JSTestCEReactions.cpp: Added.
  • bindings/scripts/test/JS/JSTestCEReactions.h: Added.
  • bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: Added.
  • bindings/scripts/test/JS/JSTestCEReactionsStringifier.h: Added.
  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjPrototypeFunctionMethodWithNeedsCustomElementReactionStack): Deleted.

  • bindings/scripts/test/TestCEReactions.idl: Added.
  • bindings/scripts/test/TestCEReactionsStringifier.idl: Added.
  • bindings/scripts/test/TestObj.idl:
  • dom/Attr.idl:
  • dom/ChildNode.idl:
  • dom/Document.idl:
  • dom/Element.idl:
  • dom/NamedNodeMap.idl:
  • dom/Node.idl:
  • dom/ParentNode.idl:
  • dom/Range.idl:
  • html/DOMTokenList.idl:
3:03 PM Changeset in webkit [207169] by Chris Dumez
  • 6 edits in trunk

Update CloseEvent to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163293

Reviewed by Darin Adler.

Source/WebCore:

Update CloseEvent to stop using legacy [ConstructorTemplate=Event] and
use a regular constructor as in the specification:

No new tests, updated existing test.

  • Modules/websockets/CloseEvent.h:

(WebCore::CloseEvent::create):
(WebCore::CloseEvent::CloseEvent):

  • Modules/websockets/CloseEvent.idl:

LayoutTests:

Update existing test to reflect a small behavior change. Passing an explicit
undefined as 'reason' members now initializes the attribute to the empty
string (the member's default value) instead of the string "undefined". This
new behavior matches Chrome and Firefox.

  • fast/events/constructors/close-event-constructor-expected.txt:
  • fast/events/constructors/close-event-constructor.html:
3:01 PM Changeset in webkit [207168] by andersca@apple.com
  • 6 edits in trunk/Source/WebKit2

Clean up WebPageGroup somewhat
https://bugs.webkit.org/show_bug.cgi?id=163299

Reviewed by Tim Horton.

  • Shared/API/c/WKDeprecatedFunctions.cpp:

(WKPageGroupCopyIdentifier):
Move this here from WKPageGroup.

(WKPageGroupAddUserContentFilter):
(WKPageGroupRemoveUserContentFilter):
(WKPageGroupRemoveAllUserContentFilters):
Just call directly into the user content controller.

  • UIProcess/API/C/WKPageGroup.cpp:

(WKPageGroupAddUserStyleSheet):
(WKPageGroupRemoveAllUserStyleSheets):
(WKPageGroupAddUserScript):
(WKPageGroupRemoveAllUserScripts):
Just call directly into the user content controller.

  • UIProcess/API/C/WKPageGroup.h:
  • UIProcess/WebPageGroup.cpp:

(WebKit::WebPageGroup::addUserStyleSheet): Deleted.
(WebKit::WebPageGroup::addUserScript): Deleted.
(WebKit::WebPageGroup::removeAllUserStyleSheets): Deleted.
(WebKit::WebPageGroup::removeAllUserScripts): Deleted.
(WebKit::WebPageGroup::removeAllUserContent): Deleted.
(WebKit::WebPageGroup::addUserContentExtension): Deleted.
(WebKit::WebPageGroup::removeUserContentExtension): Deleted.
(WebKit::WebPageGroup::removeAllUserContentExtensions): Deleted.
Get rid of these, all their callers just call into the user content controller now.

  • UIProcess/WebPageGroup.h:

(WebKit::WebPageGroup::identifier): Deleted.
(WebKit::WebPageGroup::sendToAllProcessesInGroup): Deleted.
Remove unused code.

2:58 PM Changeset in webkit [207167] by achristensen@apple.com
  • 2 edits in trunk/Tools

Update API test expectation after r207162.
https://bugs.webkit.org/show_bug.cgi?id=162660

  • TestWebKitAPI/Tests/mac/LoadInvalidURLRequest.mm:

(-[LoadInvalidURLWebFrameLoadDelegate webView:didFailProvisionalLoadWithError:forFrame:]):
"https://www.example.com<>/" was an invalid URL with the old URL parser.
It is now a valid URL, but NSURL still considers it invalid.
This will be looked into more with https://bugs.webkit.org/show_bug.cgi?id=163127

2:33 PM Changeset in webkit [207166] by Yusuke Suzuki
  • 10 edits
    1 copy in trunk/Source

[DOMJIT] DOMJIT::Patchpoint should have a way to receive constant folded arguments
https://bugs.webkit.org/show_bug.cgi?id=163224

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

We use the GetGlobalObject DFG node to retrieve a global object from a DOM node.
This global object is necessary to check whether the world is normal before entering
the fast path of looking up the DOM wrapper cache.
We can sometimes constant-fold this GetGlobalObject. For example, if we performed
CheckStructure, the structure can offer the information about the possible result
of GetGlobalObject. By using this constant-folded global object, we can drop some
checks.

This patch introduces the way to tell the constant-folded values to DOMJIT::Patchpoint.
We pass DOMJIT::Value instead of DOMJIT::Reg as a parameter of DOMJIT::PatchpointParams.
This DOMJIT::Value is a pair of DOMJIT::Reg and JSValue. If the given parameter has a
constant value, this JSValue is filled with it.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • dfg/DFGDOMJITPatchpointParams.h:

(JSC::DFG::DOMJITPatchpointParams::DOMJITPatchpointParams):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCallDOM):
(JSC::DFG::SpeculativeJIT::compileCheckDOM):

  • domjit/DOMJITPatchpointParams.h:

(JSC::DOMJIT::PatchpointParams::at):
(JSC::DOMJIT::PatchpointParams::operator[]):
(JSC::DOMJIT::PatchpointParams::PatchpointParams):

  • domjit/DOMJITValue.h: Copied from Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.h.

(JSC::DOMJIT::Value::Value):
(JSC::DOMJIT::Value::isGPR):
(JSC::DOMJIT::Value::isFPR):
(JSC::DOMJIT::Value::isJSValueRegs):
(JSC::DOMJIT::Value::gpr):
(JSC::DOMJIT::Value::fpr):
(JSC::DOMJIT::Value::jsValueRegs):
(JSC::DOMJIT::Value::reg):
(JSC::DOMJIT::Value::value):

  • ftl/FTLDOMJITPatchpointParams.h:

(JSC::FTL::DOMJITPatchpointParams::DOMJITPatchpointParams):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileCheckDOM):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):

Source/WebCore:

  • domjit/DOMJITHelpers.h:

(WebCore::DOMJITHelpers::toWrapper):

  • domjit/JSNodeDOMJIT.cpp:

(WebCore::createCallDOMForOffsetAccess):

2:24 PM Changeset in webkit [207165] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Remove line highlight on primary execution line while stepping because it is distracting
https://bugs.webkit.org/show_bug.cgi?id=163294
<rdar://problem/28721176>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-11
Reviewed by Timothy Hatcher.

  • UserInterface/Views/TextEditor.js:

(WebInspector.TextEditor.prototype._updateExecutionLine):
When setting the primary execution line, remove default line highlights.

1:51 PM Changeset in webkit [207164] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Air should be able to replace constant materializations with adds
https://bugs.webkit.org/show_bug.cgi?id=162749

Reviewed by Yusuke Suzuki.

We have a lot of defenses against emitting code that materializes huge contants. But if we do
end up with such code in the backend, it's better to convert those materializations into add
instructions by checking if other registers are known to contain nearby constants. That's
what this patch does.

  • b3/air/AirFixObviousSpills.cpp:
  • b3/testb3.cpp:
1:37 PM Changeset in webkit [207163] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

B3->Air lowering needs the same defenses in effectiveAddr() that it has in tryAppendLea()
https://bugs.webkit.org/show_bug.cgi?id=163264

Reviewed by Mark Lam.

When writing the lea patch (r207039), I was very careful about how I convert a Shl into a
BaseIndex scale. But I forgot to check if the older code for creating BaseIndexes for
effectiveAddr() got this right. It turns out that the older code missed the <<32 corner
case.

It's sad that the two paths can't share all of their code, but it's somewhat inevitable due
to how matching an address and matching a lea have to do very different things. Matching a
lea means creating an instruction that is distinct from other instructions to do multiple
math operations at once. Matching an address means making some instruction do extra work
for free. Also, address matching can take advantage of the fact that the offset is already
associated with the memory operation by strength reduction - lea matching can't do this; it
has to figure out Add(@value, $const) on its own. This change makes the situation slightly
more sane by adding a scaleForShl() helper that handles this weird case. It's based on the
new Shl handling from r207039, and exposes it as an API for effectiveAddr() to use.

The testLoadBaseIndexShift32() used to crash. I don't think that this case affects JS
content, since <<32 is such a bizarre outlier. I don't think we even have a path along
which the FTL would emit a 64-bit <<32. It probably won't even affect WebAssembly since
that uses 32-bit pointers, so we won't see 64-bit <<32 in effectiveAddr() there.

  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::scaleForShl):
(JSC::B3::Air::LowerToAir::effectiveAddr):
(JSC::B3::Air::LowerToAir::tryAppendLea):
(JSC::B3::Air::LowerToAir::crossesInterference): Deleted.

  • b3/testb3.cpp:

(JSC::B3::testLoadBaseIndexShift2):
(JSC::B3::testLoadBaseIndexShift32):
(JSC::B3::run):

1:27 PM Changeset in webkit [207162] by achristensen@apple.com
  • 90 edits
    15 adds in trunk

Enable URLParser by default
https://bugs.webkit.org/show_bug.cgi?id=162660
<rdar://28601706>

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

  • web-platform-tests/XMLHttpRequest/send-network-error-sync-events.sub-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/media-elements/interfaces/HTMLElement/HTMLTrackElement/src-expected.txt:
  • web-platform-tests/html/semantics/scripting-1/the-script-element/fetch-src/failure-expected.txt:

These tests need more investigation. See https://bugs.webkit.org/show_bug.cgi?id=163127

  • web-platform-tests/url/a-element-expected.txt:
  • web-platform-tests/url/a-element-xhtml-expected.txt:
  • web-platform-tests/url/url-constructor-expected.txt:
  • web-platform-tests/url/url-setters-expected.txt:

Many more tests pass. Hooray!

Source/WebCore:

Covered by updates to many LayoutTests.

  • platform/URLParser.cpp:

Make the default value true for URLParser::enabled.
This is the most impactful and well-documented one-line change I've ever written.

LayoutTests:

Many failing tests are now passing.

The tests in fast/url look like they are an old test suite, some of which we were failing.
We now pass many more of the tests. Those results are updated.
Some URLs in the suite are invalid, and we now "fail" those tests. Rather than update the
tests, I just changed the expectation to FAIL, which seems to be tolerable in this directory
because there were many tests whose result was FAIL. Each such case is explained below.

  • fast/dom/DOMURL/parsing-expected.txt:
  • fast/dom/DOMURL/parsing.html:

Percent-encoded values in the host are supposed to be decoded according to the spec.
%2f decodes to '/' which is an invalid domain character.

  • fast/dom/DOMURL/set-href-attribute-hash-expected.txt:
  • fast/dom/DOMURL/set-href-attribute-hash.html:

Added a space to the domain (which is an invalid domain character and the others in this
test are not according to the spec) in order to continue to test that setting the hash of
an invalid URL does not change its href.

  • fast/dom/DOMURL/set-href-attribute-protocol-expected.txt:
  • fast/dom/DOMURL/set-href-attribute-protocol.html:
  • fast/dom/HTMLAnchorElement/set-href-attribute-protocol-expected.txt:
  • fast/dom/HTMLAnchorElement/set-href-attribute-protocol.html:

"http:??bar" now canonicalizes to "http://??bar" instead of adding one slash.

  • fast/url/file-expected.txt:
  • fast/url/file-http-base-expected.txt:

Updated results. Many tests that were failing are now passing.

  • fast/url/anchor-expected.txt:

Percent-encoding of non-ASCII characters in fragments now matches Firefox.

  • fast/url/host-expected.txt:

Wide characters in the host such as http://%ef%bc%85%ef%bc%90%ef%bc%90.com/ should fail to parse.
This matches Chrome and the spec.
URLs with an empty host with a port should fail to parse.
This matches Chrome, Firefox, and the spec.

  • fast/url/host-lowercase-per-scheme-expected.txt:

According to spec, hosts of non-special URLs should be parsed the same as special URL hosts.
Different browsers seem to have the existing behavior for different reasons.
See https://github.com/whatwg/url/issues/148 and https://bugs.webkit.org/show_bug.cgi?id=162885

  • fast/url/idna2003-expected.txt:
  • fast/url/invalid-urls-utf8-expected.txt:

Host encoding is now done according to the spec.

  • fast/url/invalid-idn-expected.txt:

Neither Chrome, Firefox, nor the spec change invalid hosts to about:blank.

  • fast/url/ipv4-expected.txt:
  • fast/url/ipv6-expected.txt:

"http://[0:0::0:0:8:]/" should indeed be compressed to "http://[::8]/"
This kind of deterministic compression makes it so that two IPv6 addresses that are equal will
parse to URLs that are also equal, even if they are written differently.

  • fast/url/path-expected.txt:
  • fast/url/relative-expected.txt:
  • fast/url/relative-win-expected.txt:
  • fast/url/safari-extension-expected.txt:

Proper canonicalization of non-special hosts should be scheme://host/ or scheme:/// if there is no host.
safari-extension is not special.
Hosts should always be canonicalized to lowercase.

  • fast/url/segments-expected.txt:
  • fast/url/segments-from-data-url-expected.txt:

The path of "foo://" should be "/" not "".
Extra slashes immediately after scheme:// should be ignored.
URLs with no host but a port like "http:@:80/www.apple.com" are now invalid, matching Chrome, Firefox, and the spec.

  • fast/url/segments-userinfo-vs-host-expected.txt:

'@' can be in the user. If it is, it is percent encoded. This matches Chrome and Firefox.
"foo://" has a path of "/" not ""
Extra slashes after the scheme such as in "foo://///////" are now ignored according to spec.

  • fast/url/standard-url-expected.txt:
  • fast/url/tab-and-newline-stripping-expected.txt:

http://[2001:5::042:44::0370:7334]/ is an invalid IPv6 address, so parsing it should fail.
It passed with URL::parse because we used to only check that the characters inside the []
were valid ipv6 characters, not that they made any sense or were in any kind of bounds.

  • fast/url/url-credentials-escaping-expected.txt:

Credential encoding is now according to spec.

  • http/tests/appcache/resources/x-frame-options-prevents-framing-test.html:

http:/path1/path2 relative to http://host/path3 now canonicalizes to http://host/path1/path2
instead of http://path1/path2 so this test, which I believe was missing the second slash in error,
needs to be fixed.

  • imported/w3c/web-platform-tests/XMLHttpRequest/send-network-error-sync-events.sub-expected.txt:

Having a '}' in the host of a URL used to be invalid and it is now percent-escaped, matching Chrome and the spec.
This test still passes on w3c-test.org. We can look into why it is failing locally later.
See webkit.org/b/163127

  • fast/loader/redirect-to-invalid-url-using-javascript-calls-policy-delegate-expected.txt:
  • fast/loader/redirect-to-invalid-url-using-meta-refresh-calls-policy-delegate-expected.txt:
  • fast/loader/window-open-to-invalid-url-calls-policy-delegate-expected.txt:

http://HoSt is now being correctly interpreted as the host, and it is being punycode encoded if it's
non-ASCII and lowercased if it is.

  • fast/forms/ValidityState-typeMismatch-url.html:
  • fast/forms/ValidityState-typeMismatch-url-expected.txt:

Spaces in the host are invalid. This matches Firefox and the spec.

  • http/tests/inspector/network/copy-as-curl.html:

'{' and '}' are now percent encoded in the URL path. This matches Firefox, Chrome, and the spec.

  • fast/loader/location-port.html:
  • fast/loader/location-port-expected.txt:

parsing or setting ports in URLs with no host is no longer supported. This matches Firefox and Chrome.

  • security/block-test-expected.txt:
  • platform/mac/security/block-test-expected.txt:

out-of-bounds ports now cause parsing failures.

  • imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/fetch-src/failure-expected.txt:

"http://[]/" now fails to parse because it is an invalid IPv6 host.

  • fast/url/ipv6-expected.txt:

IPv4 addresses at the end of IPv6 addresses are now serialized as the equivalent hex value in IPv6 form.
This matches Chrome and the spec, and makes it so that equal IPv6 addresses written in different forms are equal.

  • fast/loader/url-parse-1-expected.txt:

Extra or missing slashes and spaces around scheme:// are now handled according to the spec.

  • http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt:

The non-standard apple logo character is represented here by its non-standard Latin1 representation, 0xF0.
It was encoded as 0xF0 UTF-8 then percent encoded, which is %EF%A3%BF.
It is now encoded as the UTF-8 then percent encoded representation of its unicode value, 0xF8FF which matches other browsers.
This test is still valid, because it still verifies that the URLs in r199590 are rejected, and they still are.
See webkit.org/b/163127

  • http/tests/contentextensions/make-https-expected.txt:
  • contentfiltering/block-after-add-data-then-allow-unblock-expected.txt:
  • contentfiltering/block-after-add-data-then-deny-unblock-expected.txt:
  • contentfiltering/block-after-finished-adding-data-then-allow-unblock-expected.txt:
  • contentfiltering/block-after-finished-adding-data-then-deny-unblock-expected.txt:
  • contentfiltering/block-after-response-then-allow-unblock-expected.txt:
  • contentfiltering/block-after-response-then-deny-unblock-expected.txt:
  • contentfiltering/block-after-will-send-request-then-allow-unblock-expected.txt:
  • contentfiltering/block-after-will-send-request-then-deny-unblock-expected.txt:
  • fast/backgrounds/background-shorthand-after-set-backgroundSize-expected.txt:
  • fast/backgrounds/background-shorthand-after-set-backgroundSize.html:
  • fast/backgrounds/background-shorthand-with-backgroundSize-style-expected.txt:
  • fast/backgrounds/background-shorthand-with-backgroundSize-style.html:
  • fast/css/getComputedStyle/computed-style-border-image-expected.txt:
  • fast/css/getComputedStyle/computed-style-border-image.html:
  • fast/css/getComputedStyle/computed-style-cross-fade-expected.txt:
  • fast/css/getComputedStyle/computed-style-cross-fade.html:
  • fast/css/getComputedStyle/getComputedStyle-background-shorthand-expected.txt:
  • fast/css/getComputedStyle/getComputedStyle-background-shorthand.html:
  • fast/css/getComputedStyle/getComputedStyle-list-style-shorthand-expected.txt:
  • fast/css/getComputedStyle/getComputedStyle-list-style-shorthand.html:

URLs with non-special schemes and no slash after the host now do when canonicalized.

  • fast/css-generated-content/malformed-url.html:

This tested what happens when you have an invalid host. | is now a valid host character.
I changed it to have a % in the host to test the same behavior.

  • fast/loader/window-open-to-invalid-url-disallowed.html:
  • fast/loader/window-open-to-invalid-url-disallowed-expected.txt:
  • fast/loader/redirect-to-invalid-url-using-meta-refresh-disallowed.html:
  • fast/loader/redirect-to-invalid-url-using-meta-refresh-disallowed-expected.txt:
  • fast/loader/redirect-to-invalid-url-using-javascript-disallowed.html:
  • fast/loader/redirect-to-invalid-url-using-javascript-disallowed-expected.txt:

"http://a=a&b=b" is no longer an invalid URL. We used to consider the '&' character to be an invalid domain character
and we don't any more. This matches Chrome, Firefox, and the spec.
To keep this test testing what happens if you have an invalid URL, I changed the '&' to a '%' which is an invalid domain character.

  • fast/loader/file-URL-with-port-number.html:

File URLs with a port but no host are now invalid, matching Chrome and Firefox. File URLs with a port and a host are Ok, though.

  • platform/ios-simulator-wk1/fast/loader: Added.
  • platform/ios-simulator-wk1/fast/loader/redirect-to-invalid-url-using-javascript-disallowed-expected.txt: Added.
  • platform/ios-simulator-wk1/fast/loader/redirect-to-invalid-url-using-meta-refresh-disallowed-expected.txt: Added.
  • platform/ios-simulator-wk1/fast/loader/window-open-to-invalid-url-disallowed-expected.txt: Added.
  • platform/ios-simulator-wk1/imported/w3c/web-platform-tests/XMLHttpRequest: Added.
  • platform/ios-simulator-wk1/imported/w3c/web-platform-tests/XMLHttpRequest/send-network-error-sync-events.sub-expected.txt: Added.
  • platform/mac-wk1/fast/loader: Added.
  • platform/mac-wk1/fast/loader/redirect-to-invalid-url-using-javascript-disallowed-expected.txt: Added.
  • platform/mac-wk1/fast/loader/redirect-to-invalid-url-using-meta-refresh-disallowed-expected.txt: Added.
  • platform/mac-wk1/fast/loader/window-open-to-invalid-url-disallowed-expected.txt: Added.
  • platform/mac-wk1/imported: Added.
  • platform/mac-wk1/imported/w3c: Added.
  • platform/mac-wk1/imported/w3c/web-platform-tests: Added.
  • platform/mac-wk1/imported/w3c/web-platform-tests/XMLHttpRequest: Added.
  • platform/mac-wk1/imported/w3c/web-platform-tests/XMLHttpRequest/send-network-error-sync-events.sub-expected.txt: Added.
  • platform/mac/security/block-test-expected.txt:

Differences between the URLParser and NSURL's parser cause differences in output for WK1 where NSURLRequests are made without serializing WebCore::ResourceRequests.
In particular, '{' in the host is newly accepted as a valid URL by URLParser, but it is percent-encoded by NSURL's parser.
See rdar://problem/28701914

1:23 PM Changeset in webkit [207161] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

Update my name in contributors.json
https://bugs.webkit.org/show_bug.cgi?id=163251

Patch by Edward O'Connor <Theresa O'Connor> on 2016-10-11
Reviewed by Simon Fraser.

  • Scripts/webkitpy/common/config/contributors.json:
1:18 PM Changeset in webkit [207160] by dbates@webkit.org
  • 2 edits in trunk/Source/WebKit/mac

REGRESSION (r198251): -[UIWebView mediaPlaybackRequiresUserAction] defaults to NO
https://bugs.webkit.org/show_bug.cgi?id=163259
<rdar://problem/28680515>

Reviewed by Jer Noble.

In WebKit1 on iOS we want to require user action to load and play videos by default and
allow an embedding app to change this behavior via -[UIWebView setMediaPlaybackRequiresUserAction:].
Following r198251, -[UIWebView mediaPlaybackRequiresUserAction] defaults to NO and videos
can load and play without being initiated by a user action.

  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]): Initialize the default value of the deprecated preference
WebKitRequiresUserGestureForMediaPlaybackPreferenceKey to YES on iOS. The value of this
preference takes precedence over the values of its replacement preferences
WebKitRequiresUserGestureForVideoPlaybackPreferenceKey and WebKitRequiresUserGestureForAudioPlaybackPreferenceKey.

1:17 PM Changeset in webkit [207159] by dbates@webkit.org
  • 19 edits
    4 adds in trunk

[iOS] REGRESSION (r197953): User gesture required to load video in iOS 9-built apps
https://bugs.webkit.org/show_bug.cgi?id=163244
<rdar://problem/27250015>

Reviewed by Jer Noble.

Source/WebCore:

Adds a new setting to toggle requiring a user gesture to load a video (enabled by default).
Disable this setting for apps built against iOS 9 or earlier.

Tests: media/loadedmetadata-fires-without-user-gesture-when-setRequiresUserGestureToLoadVideo-false.html

media/require-user-gesture-to-load-video.html

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::HTMLMediaElement): Only require a user gesture to load a video
when Settings::requiresUserGestureToLoadVideo() is true.

  • page/Settings.cpp: Enable setting requiresUserGestureToLoadVideo by default.
  • page/Settings.in: Add setting, requiresUserGestureToLoadVideo.

Source/WebKit/mac:

Enable or disable the Setting::requiresUserGestureToLoadVideo() in legacy WebKit depending
on the version of iOS SDK that the app was linked against. We require a user gesture to
begin loading a video as of iOS 10.

  • WebView/WebView.mm:

(shouldRequireUserGestureToLoadVideo):
(-[WebView _preferencesChanged:]): Modified to pass the WebKit requiresUserGestureToLoadVideo
preference to WebCore.

Source/WebKit2:

Enable or disable the Setting::requiresUserGestureToLoadVideo() in WebKit depending on the
version of iOS SDK that the app was linked against. We require a user gesture to begin
loading a video as of iOS 10.

  • Shared/WebPreferencesDefinitions.h:
  • UIProcess/API/Cocoa/WKWebView.mm:

(shouldRequireUserGestureToLoadVideo): Added.
(-[WKWebView _initializeWithConfiguration:]): Set the requiresUserGestureToLoadVideo preference.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences): Modified to pass the WebKit requiresUserGestureToLoadVideo
preference to WebCore.

LayoutTests:

Add tests to ensure that Settings::setRequiresUserGestureToLoadVideo() behaves as expected.

  • media/loadedmetadata-fires-without-user-gesture-when-setRequiresUserGestureToLoadVideo-false-expected.txt: Added.
  • media/loadedmetadata-fires-without-user-gesture-when-setRequiresUserGestureToLoadVideo-false.html: Added.
  • media/media-controls.js:

(clickPlayButton): Added.

  • media/require-user-gesture-to-load-video-expected.txt: Added.
  • media/require-user-gesture-to-load-video.html: Added.
  • media/video-controls-transformed.html: Write in terms of clickPlayButton().
  • media/video-controls-visible-audio-only.html: Ditto.
  • media/video-fullscreeen-only-playback.html: Ditto.
  • media/video-play-audio-require-user-gesture.html: Ditto.
  • media/video-play-require-user-gesture.html: Ditto.
  • media/video-test.js:

(passTest): Added.

  • platform/ios-simulator/TestExpectations: Skip test media/require-user-gesture-to-load-video.html as

we need to fix <https://bugs.webkit.org/show_bug.cgi?id=163291> to support tapping the play button on iOS.

12:52 PM Changeset in webkit [207158] by weinig@apple.com
  • 2 edits in trunk/Source/WebCore

Fix the iOS build.

  • bindings/js/JSDOMConvert.h:
12:40 PM Changeset in webkit [207157] by dbates@webkit.org
  • 2 edits in trunk/Source/WebCore

[iOS] Sandbox QuickLook previews
https://bugs.webkit.org/show_bug.cgi?id=163240
<rdar://problem/25961633>

Fix bad merge following r207151.

  • platform/network/cf/ResourceResponse.h: Define m_isQuickLook.
12:35 PM Changeset in webkit [207156] by commit-queue@webkit.org
  • 4 edits
    2 adds in trunk

Add SynchronizedFixedQueue class
https://bugs.webkit.org/show_bug.cgi?id=162478

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-10-11
Reviewed by Geoffrey Garen.

Source/WTF:

This class represents a simple producer/consumer worker. It facilitates
synchronizing enqueuing to and dequeuing from a fixed size-queue. It uses
a single lock and a single condition to synchronize all its members among
the working threads. This means a single thread is active at any time and
and the other threads are blocked waiting for the lock to be released. Or
they are sleeping waiting for the condition to be satisfied.

  • WTF.xcodeproj/project.pbxproj:
  • wtf/SynchronizedFixedQueue.h: Added.

(WTF::SynchronizedFixedQueue::SynchronizedFixedQueue):
(WTF::SynchronizedFixedQueue::open): Restore the queue to its original state.
(WTF::SynchronizedFixedQueue::close): Wake all the sleeping threads with a closing state.
(WTF::SynchronizedFixedQueue::isOpen): Does the queue accept new items?
(WTF::SynchronizedFixedQueue::enqueue): Enqueue an item into the queue.
(WTF::SynchronizedFixedQueue::dequeue): Dequeue an item form the queue.

Tools:

Add a new test for SynchronizedFixedQueue. The test defines a new class
called ToUpperConverter which converts strings from lower case to upper
case. It creates two threads : (1) produce thread and (2) consume thread.
Here is what each thread does:

  1. Main threads: Enqueues lower case strings into m_lowerQueue.
  2. Produce thread: Dequeues lower case strings from m_lowerQueue and enqueue their upper case strings in the m_upperQueue.
  3. Consume thread: Dequeues upper case strings from m_upperQueue.
  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WTF/SynchronizedFixedQueue.cpp: Added.

(TestWebKitAPI::textItem): A helper function which returns a lower case string given an index.
(TestWebKitAPI::toUpper): A helper function which Returns the upper case of a string.
(TestWebKitAPI::ToUpperConverter::ToUpperConverter):
(TestWebKitAPI::ToUpperConverter::produceQueue): Returns a workQueue for the produce thread.
(TestWebKitAPI::ToUpperConverter::consumeQueue): Returns a workQueue for the consume thread.
(TestWebKitAPI::ToUpperConverter::startProducing): Creates a thread for the producer.
(TestWebKitAPI::ToUpperConverter::startConsuming): Creates a thread for the consumer.
(TestWebKitAPI::ToUpperConverter::start): Starts both the producer and the consumer threads.
(TestWebKitAPI::ToUpperConverter::stopProducing): Terminates the producer thread.
(TestWebKitAPI::ToUpperConverter::stopConsuming): Terminates the consumer thread.
(TestWebKitAPI::ToUpperConverter::stop): Terminates both the producer and the consumer threads.
(TestWebKitAPI::ToUpperConverter::enqueueLower): Adds a lower case string to the m_lowerQueue on the main thread.
(TestWebKitAPI::ToUpperConverter::isProducing): Returns whether the producing thread is active.
(TestWebKitAPI::ToUpperConverter::isConsuming): Returns whether the consuming thread is active.
(TestWebKitAPI::ToUpperConverter::produceCount): Returns the number of produced elements.
(TestWebKitAPI::ToUpperConverter::consumeCount): Returns the number of consumed elements.
(TestWebKitAPI::TEST):

12:29 PM Changeset in webkit [207155] by dbates@webkit.org
  • 10 edits
    31 adds in trunk

[iOS] Sandbox QuickLook previews
https://bugs.webkit.org/show_bug.cgi?id=163240
<rdar://problem/25961633>

Reviewed by Brent Fulgham.

Source/WebCore:

Use a unique origin for- and limit the capabilities of- QuickLook previews.

Tests: http/tests/quicklook/at-import-stylesheet-blocked.html

http/tests/quicklook/base-url-blocked.html
http/tests/quicklook/cross-origin-iframe-blocked.html
http/tests/quicklook/csp-header-ignored.html
http/tests/quicklook/document-domain-is-empty-string.html
http/tests/quicklook/external-stylesheet-blocked.html
http/tests/quicklook/hide-referer-on-navigation.html
http/tests/quicklook/submit-form-blocked.html
http/tests/quicklook/top-navigation-blocked.html

  • dom/Document.cpp:

(WebCore::Document::processHttpEquiv): Call ContentSecurityPolicy::didReceiveHeader().
(WebCore::Document::processReferrerPolicy): Do not process referrer policy for QuickLook previews.
(WebCore::Document::initSecurityContext): Apply sandbox for QuickLook previews.
(WebCore::Document::shouldEnforceQuickLookSandbox): Added.
(WebCore::Document::applyQuickLookSandbox): Added.

  • dom/Document.h:
  • page/csp/ContentSecurityPolicy.h: Change accessibility of didReceiveHeader() from private to public.

(WebCore::ContentSecurityPolicy::processHTTPEquiv): Deleted.

  • platform/network/cf/ResourceResponse.h:

(WebCore::ResourceResponse::isQuickLook): Added.
(WebCore::ResourceResponse::setIsQuickLook): Added.

  • platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:

(WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse): Modified to mark
resource response as a QuickLook preview, if appropriate. Also remove the name of the first argument
and the need to use UNUSED_PARAM(connection) as we no longer make use of the first argument
following r207151.

  • platform/network/ios/QuickLook.mm:

(-[WebResourceLoaderQuickLookDelegate _sendDidReceiveResponseIfNecessary]): Ditto.

  • platform/network/mac/WebCoreResourceHandleAsDelegate.mm:

(-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]): Ditto. Fix style nits,
including renaming the function argument "r" to "resource" to better describe its purpose.

LayoutTests:

Add tests to ensure that we sandbox QuickLook previews.

  • http/tests/quicklook/at-import-stylesheet-blocked-expected.txt: Added.
  • http/tests/quicklook/at-import-stylesheet-blocked.html: Added.
  • http/tests/quicklook/base-url-blocked-expected.txt: Added.
  • http/tests/quicklook/base-url-blocked.html: Added.
  • http/tests/quicklook/cross-origin-iframe-blocked-expected.txt: Added.
  • http/tests/quicklook/cross-origin-iframe-blocked.html: Added.
  • http/tests/quicklook/csp-header-ignored-expected.txt: Added.
  • http/tests/quicklook/csp-header-ignored.html: Added.
  • http/tests/quicklook/document-domain-is-empty-string-expected.txt: Added.
  • http/tests/quicklook/document-domain-is-empty-string.html: Added.
  • http/tests/quicklook/external-stylesheet-blocked-expected.txt: Added.
  • http/tests/quicklook/external-stylesheet-blocked.html: Added.
  • http/tests/quicklook/hide-referer-on-navigation-expected.txt: Added.
  • http/tests/quicklook/hide-referer-on-navigation.html: Added.
  • http/tests/quicklook/resources/at-import-stylesheet-blocked.docx: Added.
  • http/tests/quicklook/resources/base-url-blocked.docx: Added.
  • http/tests/quicklook/resources/cross-origin-iframe-blocked.docx: Added.
  • http/tests/quicklook/resources/document-domain-is-empty-string.docx: Added.
  • http/tests/quicklook/resources/external-stylesheet-blocked.docx: Added.
  • http/tests/quicklook/resources/fail.html: Added.
  • http/tests/quicklook/resources/hide-referer-on-navigation.docx: Added.
  • http/tests/quicklook/resources/http-equiv-blocked.docx: Added.
  • http/tests/quicklook/resources/pass.docx: Added.
  • http/tests/quicklook/resources/submit-form-blocked.docx: Added.
  • http/tests/quicklook/resources/tap-at-point-and-notify-done.js: Added.

(tapAtPointAndNotifyDone):
(uiScript):
(tapAtPoint):

  • http/tests/quicklook/resources/top-navigation-blocked.docx: Added.
  • http/tests/quicklook/resources/word-document-with-csp-block-frame-ancestors.php: Added.
  • http/tests/quicklook/submit-form-blocked-expected.txt: Added.
  • http/tests/quicklook/submit-form-blocked.html: Added.
  • http/tests/quicklook/top-navigation-blocked-expected.txt: Added.
  • http/tests/quicklook/top-navigation-blocked.html: Added.
  • platform/ios-simulator-wk1/TestExpectations: Skip tests that cannot run in DumpRenderTree

because uiController.singleTapAtPoint() is not implemented.

12:14 PM Changeset in webkit [207154] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Fix bindings tests after r207150.

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::convertDictionary<TestObj::Dictionary>):

11:38 AM Changeset in webkit [207153] by commit-queue@webkit.org
  • 4 edits
    3 adds in trunk

Extend event stream to include interpolated events and add a force press test that uses that interpolation
https://bugs.webkit.org/show_bug.cgi?id=163161

Patch by Megan Gardner <Megan Gardner> on 2016-10-11
Reviewed by Simon Fraser.

Added functionality to the event stream to allow for interpolated events.
Can now do long press, as well as a better way to do drag and other time-based
events that require a large stream of descrete HID events.
Added a basic force touch test to demostrate this interpolation.
Also updated the script to allow for iPhone 7 specific tests, as force touch
needs to be on a device that had force touch.

  • Scripts/webkitpy/port/ios.py:

(IOSSimulatorPort):

  • TestRunnerShared/UIScriptContext/Bindings/UIScriptController.idl:
  • WebKitTestRunner/ios/HIDEventGenerator.mm:

(linearInterpolation):
(simpleCurveInterpolation):
(calculateNextCurveLocation):
(phaseFromString):
(interpolationFromString):
(-[HIDEventGenerator eventMaskFromEventInfo:]):
(-[HIDEventGenerator _createIOHIDEventWithInfo:]):
(-[HIDEventGenerator moveToPoints:touchCount:duration:]):
(-[HIDEventGenerator interpolatedEvents:]):
(-[HIDEventGenerator processEventsArray:withStartTime:]):
(-[HIDEventGenerator eventDispatchThreadEntry:]):
(simpleDragCurve): Deleted.
(calculateNextLocation): Deleted.

11:28 AM Changeset in webkit [207152] by achristensen@apple.com
  • 5 edits in trunk

URLParser should percent-encode non-ASCII and non-printable characters in fragment
https://bugs.webkit.org/show_bug.cgi?id=163287

Reviewed by Brady Eidson.

Source/WebCore:

Based on discussion in https://github.com/whatwg/url/issues/150
If that discussion decides to keep the spec as-is (which keeps non-ASCII characters in the fragment
to match IE and Edge's behavior, which Chrome has followed for special schemes) then we can revert
this change later after enabling the URL parser. Making this change keeps behavior matching Safari
and Firefox, as well as Chrome's handling of non-special schemes, such as data URLs.

Covered by updated API tests.

  • platform/URLParser.cpp:

(WebCore::URLParser::appendToASCIIBuffer):
(WebCore::URLParser::copyURLPartsUntil):
(WebCore::URLParser::syntaxViolation):
(WebCore::URLParser::currentPosition):
(WebCore::URLParser::parse):
(WebCore::URLParser::fragmentSyntaxViolation): Deleted.

  • platform/URLParser.h:

No more non-ASCII characters in canonicalized URLs.

Tools:

  • TestWebKitAPI/Tests/WebCore/URLParser.cpp:

(TestWebKitAPI::TEST_F):

11:20 AM Changeset in webkit [207151] by achristensen@apple.com
  • 117 edits
    3 deletes in trunk

Remove dead networking code
https://bugs.webkit.org/show_bug.cgi?id=163263

Reviewed by Daniel Bates.

.:

  • Source/cmake/OptionsAppleWin.cmake:

Source/WebCore:

There are no more Cocoa platforms using CFURLConnection.
USE(CFNETWORK) is being replaced by USE(CFURLCONNECTION) and it is only used on the AppleWin port.

No change in behavior.

  • WebCore.xcodeproj/project.pbxproj:
  • WebCorePrefix.h:
  • loader/DocumentLoader.h:
  • loader/EmptyClients.h:
  • loader/FrameLoaderClient.h:
  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::didReceiveAuthenticationChallenge):

  • loader/ResourceLoader.h:
  • loader/SubresourceLoader.h:
  • loader/cf/ResourceLoaderCFNet.cpp:
  • loader/cocoa/SubresourceLoaderCocoa.mm:

(WebCore::SubresourceLoader::willCacheResponse): Deleted.

  • loader/mac/DocumentLoaderMac.cpp:
  • loader/mac/ResourceLoaderMac.mm:

(WebCore::ResourceLoader::willCacheResponse): Deleted.

  • page/mac/PageMac.mm:

(WebCore::Page::platformInitialize):
(WebCore::Page::addSchedulePair):
(WebCore::Page::removeSchedulePair):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForResponseToAuthenticationChallenge):
(WebCore::WebCoreNSURLAuthenticationChallengeClient::create): Deleted.
(WebCore::WebCoreNSURLAuthenticationChallengeClient::WebCoreNSURLAuthenticationChallengeClient): Deleted.

  • platform/mac/WebCoreSystemInterface.h:
  • platform/network/NetworkStorageSession.h:
  • platform/network/ProtectionSpace.h:
  • platform/network/ProtectionSpaceBase.cpp:
  • platform/network/ResourceHandle.cpp:
  • platform/network/ResourceHandle.h:
  • platform/network/ResourceHandleClient.cpp:
  • platform/network/ResourceHandleClient.h:

(WebCore::ResourceHandleClient::willCacheResponse):
(WebCore::ResourceHandleClient::shouldCacheResponse):

  • platform/network/ResourceHandleInternal.h:

(WebCore::ResourceHandleInternal::ResourceHandleInternal):

  • platform/network/ResourceRequestBase.cpp:
  • platform/network/cf/AuthenticationCF.cpp:

(WebCore::AuthenticationChallenge::AuthenticationChallenge):
(WebCore::createCF):
(WebCore::core):

  • platform/network/cf/AuthenticationCF.h:
  • platform/network/cf/AuthenticationChallenge.h:
  • platform/network/cf/CookieJarCFNet.cpp:
  • platform/network/cf/CredentialStorageCFNet.cpp:

(WebCore::CredentialStorage::getFromPersistentStorage):
(WebCore::CredentialStorage::saveToPersistentStorage): Deleted.

  • platform/network/cf/LoaderRunLoopCF.cpp:
  • platform/network/cf/LoaderRunLoopCF.h:
  • platform/network/cf/NetworkStorageSessionCFNet.cpp:

(WebCore::NetworkStorageSession::cookieStorage):

  • platform/network/cf/ProtectionSpaceCFNet.cpp:
  • platform/network/cf/ProtectionSpaceCFNet.h:
  • platform/network/cf/ResourceError.h:
  • platform/network/cf/ResourceErrorCF.cpp:
  • platform/network/cf/ResourceHandleCFNet.cpp:

(WebCore::shouldSniffConnectionProperty):
(WebCore::ResourceHandle::createCFURLConnection):
(WebCore::ResourceHandle::start):
(WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
(WebCore::ResourceHandle::tryHandlePasswordBasedAuthentication):
(WebCore::ResourceHandle::receivedCredential):
(WebCore::ResourceHandle::schedule): Deleted.
(WebCore::ResourceHandle::unschedule): Deleted.

  • platform/network/cf/ResourceHandleCFURLConnectionDelegate.cpp:
  • platform/network/cf/ResourceHandleCFURLConnectionDelegate.h:
  • platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:

(WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::setupRequest):
(WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
(WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace):

  • platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.h:
  • platform/network/cf/ResourceRequest.h:

(WebCore::ResourceRequest::encodingRequiresPlatformData):

  • platform/network/cf/ResourceRequestCFNet.cpp:

(WebCore::findCFURLRequestCopyContentDispositionEncodingFallbackArrayFunction):
(WebCore::ResourceRequest::doUpdatePlatformRequest):
(WebCore::ResourceRequest::doUpdatePlatformHTTPBody):
(WebCore::ResourceRequest::doUpdateResourceRequest):
(WebCore::ResourceRequest::setStorageSession):
(WebCore::findCFURLRequestSetContentDispositionEncodingFallbackArrayFunction): Deleted.

  • platform/network/cf/ResourceRequestCFNet.h:
  • platform/network/cf/ResourceResponse.h:

(WebCore::ResourceResponse::ResourceResponse):

  • platform/network/cf/ResourceResponseCFNet.cpp:

(WebCore::ResourceResponse::cfURLResponse):
(WebCore::ResourceResponse::platformCertificateInfo):

  • platform/network/cf/SynchronousLoaderClientCFNet.cpp:
  • platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:

(WebCore::SynchronousResourceHandleCFURLConnectionDelegate::setupRequest):
(WebCore::SynchronousResourceHandleCFURLConnectionDelegate::setupConnectionScheduling):
(WebCore::adjustMIMETypeIfNecessary):
(WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):
(WebCore::SynchronousResourceHandleCFURLConnectionDelegate::willCacheResponse):
(WebCore::SynchronousResourceHandleCFURLConnectionDelegate::canRespondToProtectionSpace):

  • platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.h:
  • platform/network/cocoa/CredentialCocoa.h:
  • platform/network/cocoa/CredentialCocoa.mm:

(WebCore::Credential::Credential): Deleted.
(WebCore::Credential::cfCredential): Deleted.

  • platform/network/cocoa/ProtectionSpaceCocoa.h:
  • platform/network/cocoa/ProtectionSpaceCocoa.mm:

(WebCore::ProtectionSpace::ProtectionSpace): Deleted.
(WebCore::ProtectionSpace::cfSpace): Deleted.

  • platform/network/cocoa/ResourceRequestCocoa.mm:

(WebCore::ResourceRequest::nsURLRequest):

  • platform/network/cocoa/ResourceResponseCocoa.mm:

(WebCore::ResourceResponse::platformCertificateInfo):
(WebCore::ResourceResponse::nsURLResponse): Deleted.
(WebCore::ResourceResponse::ResourceResponse): Deleted.

  • platform/network/ios/QuickLook.h:
  • platform/network/ios/QuickLook.mm:

(-[WebQuickLookHandleAsDelegate initWithConnectionDelegate:]): Deleted.
(-[WebQuickLookHandleAsDelegate connection:didReceiveDataArray:]): Deleted.
(-[WebQuickLookHandleAsDelegate connection:didReceiveData:lengthReceived:]): Deleted.
(-[WebQuickLookHandleAsDelegate connectionDidFinishLoading:]): Deleted.
(-[WebQuickLookHandleAsDelegate connection:didFailWithError:]): Deleted.
(-[WebQuickLookHandleAsDelegate detachHandle]): Deleted.
(WebCore::QuickLookHandle::create): Deleted.
(WebCore::QuickLookHandle::cfResponse): Deleted.

  • platform/network/ios/ResourceHandleIOS.mm: Removed.
  • platform/network/ios/ResourceRequestIOS.mm: Removed.
  • platform/network/mac/AuthenticationMac.mm:

(-[WebCoreAuthenticationClientAsChallengeSender setCFChallenge:]): Deleted.
(-[WebCoreAuthenticationClientAsChallengeSender cfChallenge]): Deleted.
(WebCore::core): Deleted.
(WebCore::mac): Deleted.

  • platform/network/mac/CookieJarMac.mm:

(WebCore::setCookiesFromDOM):
(WebCore::cookieStorage):
(WebCore::addCookie):

  • platform/network/mac/CredentialStorageMac.mm:
  • platform/network/mac/FormDataStreamMac.h:
  • platform/network/mac/FormDataStreamMac.mm:
  • platform/network/mac/ResourceErrorMac.mm:

(NSErrorFromCFError): Deleted.
(WebCore::ResourceError::ResourceError): Deleted.
(WebCore::ResourceError::nsError): Deleted.
(WebCore::ResourceError::operator NSError *): Deleted.

  • platform/network/mac/ResourceHandleMac.mm:

(WebCore::ResourceHandle::continueWillCacheResponse):
(WebCore::ResourceHandle::getConnectionTimingData): Deleted.

  • platform/network/mac/ResourceRequestMac.mm: Removed.
  • platform/network/mac/SynchronousLoaderClient.mm:

(WebCore::SynchronousLoaderClient::platformBadResponseError):

  • platform/network/mac/WebCoreResourceHandleAsDelegate.h:
  • platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
  • platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
  • platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
  • platform/network/mac/WebCoreURLResponse.mm:

(WebCore::synthesizeRedirectResponseIfNecessary):

  • platform/win/TemporaryLinkStubs.cpp:
  • testing/js/WebCoreTestSupportPrefix.h:

Source/WebKit:

  • WebCoreSupport/WebResourceLoadScheduler.cpp:

(WebResourceLoadScheduler::scheduleLoad):

Source/WebKit/cf:

  • WebCoreSupport/WebInspectorClientCF.cpp:

Source/WebKit/mac:

  • Misc/WebDownload.mm:

(-[WebDownload _initWithLoadingCFURLConnection:request:response:delegate:proxy:]): Deleted.

  • Misc/WebDownloadInternal.h:
  • WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::convertMainResourceLoadToDownload):

  • WebView/WebPreferences.mm:

(+[WebPreferences _setCurrentNetworkLoaderSessionCookieAcceptPolicy:]):

  • WebView/WebView.mm:

(-[WebView scheduleInRunLoop:forMode:]):
(-[WebView unscheduleFromRunLoop:forMode:]):

Source/WebKit/win:

  • DefaultDownloadDelegate.h:
  • WebCoreSupport/WebFrameLoaderClient.cpp:

(WebFrameLoaderClient::savePlatformDataToCachedFrame):

  • WebCoreSupport/WebFrameNetworkingContext.cpp:

(WebFrameNetworkingContext::ensurePrivateBrowsingSession):

  • WebCoreSupport/WebFrameNetworkingContext.h:
  • WebCoreSupport/WebPlatformStrategies.cpp:
  • WebDownload.h:
  • WebError.cpp:

(WebError::localizedDescription):
(WebError::sslPeerCertificate):

  • WebError.h:
  • WebMutableURLRequest.cpp:

(WebMutableURLRequest::mutableCopy):

  • WebURLAuthenticationChallenge.cpp:

(WebURLAuthenticationChallenge::initWithProtectionSpace):
(WebURLAuthenticationChallenge::initWithAuthenticationChallenge):

  • WebURLResponse.cpp:

(WebURLResponse::sslPeerCertificate):

  • WebURLResponse.h:
  • WebView.cpp:

(WebView::setCacheModel):
(WebView::canHandleRequest):
(WebView::notifyPreferencesChanged):
(updateSharedSettingsFromPreferencesIfNeeded):

Source/WebKit2:

  • NetworkProcess/Downloads/Download.h:
  • NetworkProcess/Downloads/ios/DownloadIOS.mm: Removed.
  • NetworkProcess/Downloads/mac/DownloadMac.mm:
  • NetworkProcess/NetworkLoad.h:
  • NetworkProcess/mac/NetworkLoadMac.mm:

(WebKit::NetworkLoad::willCacheResponseAsync): Deleted.

  • Shared/Authentication/cocoa/AuthenticationManagerCocoa.mm:

(WebKit::AuthenticationManager::receivedCredential):
(WebKit::AuthenticationManager::receivedRequestToContinueWithoutCredential):
(WebKit::AuthenticationManager::receivedCancellation):
(WebKit::AuthenticationManager::receivedRequestToPerformDefaultHandling):
(WebKit::AuthenticationManager::receivedChallengeRejection):

  • Shared/WebProcessCreationParameters.cpp:

(WebKit::WebProcessCreationParameters::encode):
(WebKit::WebProcessCreationParameters::decode):

  • Shared/WebProcessCreationParameters.h:
  • Shared/mac/WebCoreArgumentCodersMac.mm:

(IPC::ArgumentCoder<ResourceRequest>::encodePlatformData):
(IPC::ArgumentCoder<ResourceRequest>::decodePlatformData):

  • WebKit2.xcodeproj/project.pbxproj:

Source/WTF:

  • wtf/Platform.h:
  • wtf/SchedulePair.h:
  • wtf/SchedulePairMac.mm:

Tools:

  • DumpRenderTree/DumpRenderTree.h:
  • DumpRenderTree/config.h:
  • DumpRenderTree/win/DumpRenderTree.cpp:

(main):

10:33 AM Changeset in webkit [207150] by weinig@apple.com
  • 26 edits in trunk

Use IDLTypes in more places
https://bugs.webkit.org/show_bug.cgi?id=163247

Reviewed by Darin Adler.

Source/WebCore:

Switch JS -> Native type conversions to use convert<IDLType>(...) rather
than convert<NativeType>(...). This allows us to differentiate things like
conversion from JSValue to DOMString vs. JSValue to USVString which have different
rules.

  • bindings/generic/IDLTypes.h:

Add predicate for integer types.

  • bindings/js/IDBBindingUtilities.cpp:

(WebCore::idbKeyPathFromValue):

  • bindings/js/JSApplePaySessionCustom.cpp:

(WebCore::JSApplePaySession::completeShippingMethodSelection):
(WebCore::JSApplePaySession::completeShippingContactSelection):

  • bindings/js/JSCryptoAlgorithmDictionary.cpp:

(WebCore::createAesKeyGenParams):
(WebCore::createRsaKeyGenParams):

  • bindings/js/JSCustomElementRegistryCustom.cpp:

(WebCore::JSCustomElementRegistry::define):

  • bindings/js/JSDocumentCustom.cpp:

(WebCore::JSDocument::getCSSCanvasContext):

  • bindings/js/JSMockContentFilterSettingsCustom.cpp:

(WebCore::JSMockContentFilterSettings::setDecisionPoint):
(WebCore::toDecision):

  • bindings/js/JSNodeFilterCustom.cpp:

(WebCore::JSNodeFilter::acceptNode):
Switch to new convert<IDLType> style.

  • bindings/js/JSDOMBinding.h:

(WebCore::toRefPtrNativeArray): Deleted.
(WebCore::toNativeArray): Deleted.
These can now be called as convert<IDLSequence<IDLInterface<T>>> and convert<IDLType> respectively.

  • bindings/js/JSDOMConvert.h:

(WebCore::Converter<IDLNullable<T>>::convert):
(WebCore::Converter<IDLBoolean>::convert):
(WebCore::Converter<IDLInterface<T>>::convert):
(WebCore::Converter<IDLByte>::convert):
(WebCore::Converter<IDLOctet>::convert):
(WebCore::Converter<IDLShort>::convert):
(WebCore::Converter<IDLUnsignedShort>::convert):
(WebCore::Converter<IDLLong>::convert):
(WebCore::Converter<IDLUnsignedLong>::convert):
(WebCore::Converter<IDLLongLong>::convert):
(WebCore::Converter<IDLUnsignedLongLong>::convert):
(WebCore::Converter<IDLFloat>::convert):
(WebCore::Converter<IDLUnrestrictedFloat>::convert):
(WebCore::Converter<IDLDouble>::convert):
(WebCore::Converter<IDLUnrestrictedDouble>::convert):
(WebCore::Converter<IDLDOMString>::convert):
(WebCore::Converter<IDLUSVString>::convert):
(WebCore::Detail::ArrayConverter::convert):
(WebCore::Converter<IDLSequence<T>>::convert):
(WebCore::Converter<IDLFrozenArray<T>>::convert):
(WebCore::Converter<IDLDictionary<T>>::convert):
(WebCore::Converter<IDLEnumeration<T>>::convert):
(WebCore::Detail::VariadicConverterBase::convert):
(WebCore::Detail::VariadicConverterBase<IDLInterface<T>>::convert):
(WebCore::convertVariadicArguments):
(WebCore::convertWrapperType): Deleted.
(WebCore::convertWrapperTypeSequence): Deleted.
(WebCore::Converter<bool>::convert): Deleted.
(WebCore::Converter<String>::convert): Deleted.
(WebCore::Converter<Vector<T>>::convert): Deleted.
(WebCore::Converter<int8_t>::convert): Deleted.
(WebCore::Converter<uint8_t>::convert): Deleted.
(WebCore::Converter<int16_t>::convert): Deleted.
(WebCore::Converter<uint16_t>::convert): Deleted.
(WebCore::Converter<int32_t>::convert): Deleted.
(WebCore::Converter<uint32_t>::convert): Deleted.
(WebCore::Converter<int64_t>::convert): Deleted.
(WebCore::Converter<uint64_t>::convert): Deleted.
Switch Converter to be specialized on IDLTypes. Add support for IDLNullable, IDLSequence, and IDLFrozenArray.

  • bindings/scripts/CodeGenerator.pm:

(GetFlattenedMemberTypes): Deleted.
(GetNumberOfNullableMemberTypes): Deleted.
(GetIDLUnionMemberTypes): Deleted.
(GetBaseIDLType): Deleted.
(GetIDLType): Deleted.
Move IDLType conversion logic to CodeGeneratorJS so it can use GetEnumerationClassName and GetDictionaryClassName.

  • bindings/scripts/CodeGeneratorJS.pm:

(AddToImplIncludesForIDLType):
Add support for sequences, FrozenArrays and external dictionaries.

(GenerateEnumerationsImplementationContent):
(GenerateEnumerationsHeaderContent):
Change the name of parse<enum> and convert<enum> to parseEnumeration<enum> and convertEnumeration<enum>
to make them more consistent with dictionary conversion specialization and not interfere with the convert
function specialization.

(GenerateDictionaryImplementationContent):
Simplify by using convert<IDLType>.

(GetFlattenedMemberTypes):
(GetNumberOfNullableMemberTypes):
(GetIDLUnionMemberTypes):
(GetBaseIDLType):
(GetIDLType):
Moved from CodeGenerator.pm

(IsHandledByDOMConvert):
(JSValueToNative):
Start switching JSValueToNative over to using convert<IDLType>. Use IsHandledByDOMConvert as a predicate
for what is supported.

  • bindings/scripts/IDLParser.pm:

(applyTypedefs):
(cloneType):
(applyTypedefsForSignature):
(parseTypedef):
(parseOperationOrIterator):
(parseSpecialOperation):
Make typedefs work with aggregate types (unions, sequences and FrozenArrays).

  • bindings/scripts/test/JS/JSTestEventTarget.cpp:
  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:
  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/JS/JSTestObj.h:
  • bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
  • bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
  • bindings/scripts/test/JS/JSTestTypedefs.cpp:

Update test results.

  • bindings/scripts/test/TestTypedefs.idl:

Add additional tests for typedefs that use unions and sequences.

  • testing/InternalSettings.idl:

Change the name of a parameter to avoid a name collision.

LayoutTests:

  • fast/events/constructors/message-event-constructor-expected.txt:
  • fast/mediastream/MediaStreamConstructor-expected.txt:

Update tests for different error message.

10:05 AM Changeset in webkit [207149] by andersca@apple.com
  • 4 edits in trunk/Source/WebKit2

Move no longer used functions to WKDeprecatedFunctions.cpp
https://bugs.webkit.org/show_bug.cgi?id=163290

Reviewed by Dan Bernstein.

  • Shared/API/c/WKDeprecatedFunctions.cpp:

(WKPageGroupAddUserContentFilter):
(WKPageGroupRemoveUserContentFilter):
(WKPageGroupRemoveAllUserContentFilters):
(WKContextSetProcessModel): Deleted.

  • UIProcess/API/C/WKPageGroup.cpp:

(WKPageGroupRemoveAllUserScripts):
(WKPageGroupAddUserContentFilter): Deleted.
(WKPageGroupRemoveUserContentFilter): Deleted.
(WKPageGroupRemoveAllUserContentFilters): Deleted.

  • UIProcess/API/C/WKPageGroup.h:
9:49 AM Changeset in webkit [207148] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.14.1

WebKitGTK+ 2.14.1

9:49 AM Changeset in webkit [207147] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.14

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.14.1 release.

.:

  • Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit2:

  • gtk/NEWS: Add release notes for 2.14.1.
9:38 AM Changeset in webkit [207146] by wilander@apple.com
  • 3 edits in trunk/Tools

Modify check-webkit-style to prohibit sensitive phrases
https://bugs.webkit.org/show_bug.cgi?id=163048
<rdar://problem/28289755>

Terms considered or found to be too general to flag:
ASSERT_WITH_SECURITY_IMPLICATION, bad cast, bug, bypass, crash,
denial of service, dereference, disclosure, error, exploit,
failure, heap, integer overflow, leak, null dereference,
null pointer dereference, out of bounds, overflow,
race condition, sensitive information, stack, type confusion.

Reviewed by Brent Fulgham.

  • Scripts/webkitpy/style/checkers/changelog.py:

(ChangeLogChecker.check_entry):

Now calls ChangeLogChecker.check_for_unwanted_security_terms().

(ChangeLogChecker):
(ChangeLogChecker.check_for_unwanted_security_terms):

New function to check for sensitive terms.

(ChangeLogChecker.check_for_unwanted_security_terms.FoundUnwantedSecurityTerm):
(ChangeLogChecker.check_for_unwanted_security_terms.FoundUnwantedSecurityTerm.init):

Convenience class.

  • Scripts/webkitpy/style/checkers/changelog_unittest.py:

(ChangeLogCheckerTest.test_unwanted_security_terms):

9:36 AM Changeset in webkit [207145] by Konstantin Tokarev
  • 3 edits in trunk/Source/WebKit2

Use modern for loops for iterating supplement maps
https://bugs.webkit.org/show_bug.cgi?id=163274

Reviewed by Alex Christensen.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::initializeNetworkProcess):
(WebKit::NetworkProcess::initializeConnection):

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::~WebProcessPool):
(WebKit::WebProcessPool::networkProcessCrashed):
(WebKit::WebProcessPool::databaseProcessCrashed): Iterate by values()
like in other places.

9:33 AM Changeset in webkit [207144] by Ryan Haddad
  • 11 edits in trunk

Unreviewed, rolling out r207067.

This change caused webkitpy test failures.

Reverted changeset:

"[Win] Parallel DRTs are sharing preferences and cache."
https://bugs.webkit.org/show_bug.cgi?id=163013
http://trac.webkit.org/changeset/207067

9:28 AM Changeset in webkit [207143] by Konstantin Tokarev
  • 2 edits in trunk/Source/WebCore

Fixed compilation with !ENABLE(SVG_FONTS)
https://bugs.webkit.org/show_bug.cgi?id=163281

Reviewed by Csaba Osztrogonác.

No new tests needed.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::shouldUpdateCachedResourceWithCurrentRequest):

9:20 AM Changeset in webkit [207142] by Brent Fulgham
  • 2 edits in trunk/Source/WebCore

Unreviewed build fix after r207140.

  • PlatformAppleWin.cmake: Add missing compile file.
9:16 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
9:13 AM Changeset in webkit [207141] by Konstantin Tokarev
  • 2 edits in trunk

[cmake] Make INDEXED_DATABASE_IN_WORKERS depending on INDEXED_DATABASE
https://bugs.webkit.org/show_bug.cgi?id=163280

Reviewed by Csaba Osztrogonác.

  • Source/cmake/WebKitFeatures.cmake:
8:57 AM Changeset in webkit [207140] by Brent Fulgham
  • 5 edits
    1 add in trunk/Source/WebCore

[Win][Direct2D] Add initial Pattern handling implementation
https://bugs.webkit.org/show_bug.cgi?id=163270

Reviewed by Simon Fraser.

Provide an implemenation of Patterns for Direct2D.

No new tests. Covered by fast/borders/border-image-01.html and others.

  • platform/graphics/GraphicsContext.h:
  • platform/graphics/Pattern.h: Add D2D definitions.
  • platform/graphics/win/GraphicsContextDirect2D.cpp:

(WebCore::GraphicsContext::solidStrokeBrush): Use a more generic return type.
(WebCore::GraphicsContext::solidFillBrush): Ditto.
(WebCore::GraphicsContext::patternStrokeBrush): Added.
(WebCore::GraphicsContext::patternFillBrush): Added.
(WebCore::GraphicsContext::drawPattern): Provide D2D implementation.
(WebCore::GraphicsContext::applyStrokePattern): Ditto.
(WebCore::GraphicsContext::applyFillPattern): Ditto.
(WebCore::GraphicsContext::drawPath): Use stroke pattern if available.
(WebCore::GraphicsContext::fillPath): Use fill pattern if available.
(WebCore::GraphicsContext::strokePath): Use stroke pattern if available.
(WebCore::GraphicsContext::fillRect): Use fill pattern if available.

  • platform/graphics/win/GraphicsContextPlatformPrivateDirect2D.h:
  • platform/graphics/win/PatternDirect2D.cpp: Added.
8:53 AM Changeset in webkit [207139] by wenson_hsieh@apple.com
  • 2 edits in trunk/Source/WebKit2

The "Input Events" experimental feature runtime flag should not be on by default
https://bugs.webkit.org/show_bug.cgi?id=163278

Reviewed by Zalan Bujtas.

This was intended to be off by default.

  • Shared/WebPreferencesDefinitions.h:
7:57 AM Changeset in webkit [207138] by commit-queue@webkit.org
  • 3 edits in trunk/LayoutTests

[mac] LayoutTest media/modern-media-controls/play-pause-button/play-pause-button.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=163249

Patch by Antoine Quint <Antoine Quint> on 2016-10-11
Reviewed by Antoine Quint.

Wait until all icon images are loaded before running the assertions. We can determine whether
a button's icon image is loaded by checking it's been sized.

  • TestExpectations:
  • media/modern-media-controls/play-pause-button/play-pause-button.html:
7:30 AM Changeset in webkit [207137] by pvollan@apple.com
  • 2 edits in trunk

[Win][Direct2D] Compile fix.
https://bugs.webkit.org/show_bug.cgi?id=163273

Reviewed by Brent Fulgham.

Define USE_DIRECT2D.

  • Source/cmake/OptionsAppleWin.cmake:
7:09 AM Changeset in webkit [207136] by pvollan@apple.com
  • 2 edits in trunk/Source/WebCore

[Win] Compile fix.
https://bugs.webkit.org/show_bug.cgi?id=163272

Reviewed by Brent Fulgham.

When compiling with older SDKs, some CoreText symbols are redefined.
This patch checks if the relevant CoreText header file has been
included before defining the symbol.

  • platform/spi/win/CoreTextSPIWin.h:
7:06 AM Changeset in webkit [207135] by commit-queue@webkit.org
  • 3 edits in trunk/LayoutTests

[mac] LayoutTest media/modern-media-controls/airplay-button/airplay-button.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=163248

Patch by Antoine Quint <Antoine Quint> on 2016-10-11
Reviewed by Antoine Quint.

Wait until all icon images are loaded before running the assertions. We can determine whether
a button's icon image is loaded by checking it's been sized.

  • TestExpectations:
  • media/modern-media-controls/airplay-button/airplay-button.html:
6:58 AM Changeset in webkit [207134] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r206985 - [GTK] UIProcess crashes when using Japanese IM
https://bugs.webkit.org/show_bug.cgi?id=163011

We have to reference the current GdkEventKey before we try process it
as later when the lambda body is reached the event could be already
freed.

Patch by Tomas Popela <tpopela@redhat.com> on 2016-10-10
Reviewed by Carlos Garcia Campos.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseKeyPressEvent):
(webkitWebViewBaseKeyReleaseEvent):

  • UIProcess/gtk/InputMethodFilter.h:

Use non-copyable Function so we can use WTFMove to pass the event to
lambda.

6:56 AM Changeset in webkit [207133] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r206998 - [GTK] 2.14.0 Compile Errors: GTK 3.22.1
https://bugs.webkit.org/show_bug.cgi?id=163190

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-10-10
Reviewed by Alex Christensen.

  • UIProcess/gtk/AcceleratedBackingStoreX11.cpp: Include gtk.h since we are using gtk_widget_queue_draw().
6:54 AM Changeset in webkit [207132] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r206806 - Unreviewed. Fix GTK+ build with USE_REDIRECTED_XCOMPOSITE_WINDOW disabled.

  • UIProcess/AcceleratedDrawingAreaProxy.cpp:

(WebKit::AcceleratedDrawingAreaProxy::setNativeSurfaceHandleForCompositing):

6:52 AM Changeset in webkit [207131] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r206772 - [SOUP] Remove SSLPolicyFlags from SoupNetworkSession
https://bugs.webkit.org/show_bug.cgi?id=162906

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-10-04
Reviewed by Michael Catanzaro.

Source/WebCore:

All soup based ports are setting SSLUseSystemCAFile flag unconditionally, so we can just use that when creating
the session like we do for all other construct parameters.

  • platform/network/soup/SoupNetworkSession.cpp:

(WebCore::SoupNetworkSession::createTestingSession):
(WebCore::SoupNetworkSession::setupLogger):
(WebCore::SoupNetworkSession::SoupNetworkSession): Deleted.
(WebCore::SoupNetworkSession::clearOldSoupCache): Deleted.
(WebCore::SoupNetworkSession::setHTTPProxy): Deleted.

  • platform/network/soup/SoupNetworkSession.h:

(WebCore::SoupNetworkSession::soupSession): Deleted.

Source/WebKit2:

  • NetworkProcess/soup/NetworkProcessMainSoup.cpp:

(WebKit::NetworkProcessMainUnix):

6:50 AM Changeset in webkit [207130] by Carlos Garcia Campos
  • 3 edits
    3 adds in releases/WebKitGTK/webkit-2.14

Avoid null dereference when changing focus in design mode.
https://bugs.webkit.org/show_bug.cgi?id=162877
<rdar://problem/28061261>

Reviewed by Chris Dumez.

Source/WebCore:

The bare m_frame pointer in DOMWindow can be cleared when setting focus to a new element. Check
that the m_frame pointer is non-null before using it after calling a routine that could
clear the pointer value.

Test: fast/frames/iframe-focus-crash.html

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::focus): Check that the pointer is still non-null after setting the
current focused element to nullptr.

LayoutTests:

  • fast/frames/iframe-focus-crash-expected.txt: Added.
  • fast/frames/iframe-focus-crash.html: Added.
  • fast/frames/resources/iframe-focus-crash.html: Added.
6:46 AM Changeset in webkit [207129] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206730 - Unreviewed. Fix the build with coordinated graphics enabled after r206712.

  • page/scrolling/ScrollingStateTree.cpp:

(WebCore::ScrollingStateTree::attachNode):

6:46 AM Changeset in webkit [207128] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r206712 - Bad cast when CSS position programmatically changed from -webkit-sticky to fixed
https://bugs.webkit.org/show_bug.cgi?id=160826

Reviewed by Zalan Bujtas.
Source/WebCore:

If a scrolling state tree node changed type (e.g. from sticky to fixed), we'd fail
to recreate the node so keep a node with the wrong type.

Fix by destroying the node and making a new one with a new ID in this case. The
new ID is necessary to ensure that the scrolling tree is updated.

Test: fast/scrolling/sticky-to-fixed.html

  • page/scrolling/ScrollingStateTree.cpp:

(WebCore::ScrollingStateTree::nodeTypeAndParentMatch):
(WebCore::ScrollingStateTree::attachNode):
(WebCore::ScrollingStateTree::stateNodeForID):

  • page/scrolling/ScrollingStateTree.h:

LayoutTests:

  • fast/scrolling/sticky-to-fixed-expected.txt: Added.
  • fast/scrolling/sticky-to-fixed.html: Added.
6:42 AM Changeset in webkit [207127] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206704 - [EFL] Fix build break since r206661. Unreviewed
https://bugs.webkit.org/show_bug.cgi?id=162825

No new tests, no new behaviours.

  • rendering/RenderLayer.cpp:

(WebCore::ClipRects::ClipRects):

6:42 AM Changeset in webkit [207126] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206661 - Remove ClipRects's custom refcounting.
https://bugs.webkit.org/show_bug.cgi?id=162798

Reviewed by Simon Fraser.

It's safer to use RefCounted<>.

No change in functionality.

  • rendering/RenderLayer.cpp:

(WebCore::ClipRects::ClipRects):
(WebCore::ClipRectsCache::getClipRects):
(WebCore::ClipRectsCache::setClipRects):
(WebCore::ClipRectsCache::getIndex):
(WebCore::RenderLayer::updateClipRects):
(WebCore::ClipRects::ref): Deleted.
(WebCore::ClipRects::deref): Deleted.

6:37 AM Changeset in webkit [207125] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206639 - RenderLayer::clipRects may return nullptr.
https://bugs.webkit.org/show_bug.cgi?id=162729

Reviewed by Chris Dumez.

This patch refactors RenderLayer::updateClipRects(), parentClipRects() and backgroundClipRect()
so that we don't have to rely on this seemingly unsafe line: clipRects = *parent()->clipRects(clipRectsContext);
Now updateClipRects() returns the computed/cached clip rects as opposed to update and refetch them.
While this patch makes the code look more readable/safer, it also eliminates cached item tripple retrievals.

No change in functionality.

  • rendering/RenderLayer.cpp:

(WebCore::ClipRectsCache::getClipRects):
(WebCore::ClipRectsCache::setClipRects):
(WebCore::RenderLayer::updateClipRects):
(WebCore::RenderLayer::clipRects):
(WebCore::RenderLayer::calculateClipRects):

  • rendering/RenderLayer.h:
6:33 AM Changeset in webkit [207124] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r206591 - Fix hit testing on display:block <svg> elements
https://bugs.webkit.org/show_bug.cgi?id=162717
rdar://problem/23261130

Reviewed by Zalan Bujtas.
Source/WebCore:

RenderSVGRoot::nodeAtPoint() needs to test for both the HitTestBlockBackground and
HitTestChildBlockBackground phases, since we only get the HitTestChildBlockBackground
phase when the <svg> is a block. This is similar to code in RenderTable::nodeAtPoint(),
and matches Blink code.

This fixes the point dragging on http://anthonydugois.com/svg-path-builder/.

Test: svg/hittest/block-svg.html

  • rendering/svg/RenderSVGRoot.cpp:

(WebCore::RenderSVGRoot::nodeAtPoint):

LayoutTests:

Test hit testing on inline and block <svg> elements.

  • svg/hittest/block-svg-expected.txt: Added.
  • svg/hittest/block-svg.html: Added.
6:24 AM Changeset in webkit [207123] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206849 - [GTK] Bump Chrome version in Chrome user agent quirk
https://bugs.webkit.org/show_bug.cgi?id=162984

Reviewed by Carlos Garcia Campos.

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::buildUserAgentString):

6:24 AM Changeset in webkit [207122] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206826 - [GTK] Improve OS X UA quirk
https://bugs.webkit.org/show_bug.cgi?id=162613

Reviewed by Carlos Garcia Campos.

Include OS X version number in user agent, like Safari does.

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::buildUserAgentString):

6:24 AM Changeset in webkit [207121] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206825 - [GTK] Improve comment in platformVersionForUAString
https://bugs.webkit.org/show_bug.cgi?id=162612

Reviewed by Carlos Garcia Campos.

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::platformVersionForUAString):

6:24 AM Changeset in webkit [207120] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.14

Merge r206519 - [GTK] Add Chrome UA quirk
https://bugs.webkit.org/show_bug.cgi?id=162617

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Add Chrome UA quirk and use it on typekit.net, typekit.com, youtube.com, slack.com, and
any domain that begins with "google".

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::buildUserAgentString):
(WebCore::urlRequiresChromeBrowser):
(WebCore::standardUserAgentForURL):

Tools:

Update test. This portion of the commit was actually unreviewed.

  • TestWebKitAPI/Tests/WebCore/gtk/UserAgentQuirks.cpp:

(TestWebKitAPI::TEST):

6:24 AM Changeset in webkit [207119] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206517 - [GTK] User agent should always claim to be Intel
https://bugs.webkit.org/show_bug.cgi?id=162610

Reviewed by Carlos Garcia Campos.

We should always claim to be running on Intel regardless of actual CPU type. See discussion
in bug #162548 for details. In particular, we can never advertise ARM because it causes dumb
websites to send mobile pages.

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::platformVersionForUAString):
(WebCore::buildUserAgentString):
(WebCore::cpuDescriptionForUAString): Deleted.

6:23 AM Changeset in webkit [207118] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14

Merge r206515 - [GTK] Adjust OS X UA quirks list
https://bugs.webkit.org/show_bug.cgi?id=162616

Reviewed by Carlos Garcia Campos.

Remove the OS X quirk for yahoo.com as it's no longer needed. Add quirks for taobao.com and
whatsapp.com.

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::urlRequiresMacintoshPlatform):
(WebCore::standardUserAgentForURL):

6:23 AM Changeset in webkit [207117] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206513 - [GTK] Simplify platformForUAString
https://bugs.webkit.org/show_bug.cgi?id=162614

Reviewed by Carlos Garcia Campos.

Note in particular that the previous PLATFORM(MAC) check was wrong here, as that is never
true for GTK; this patch risks changing it to OS(MAC_OS_X), on the hope that advertising Mac
when running on Mac might not break anything. If it does, then we should remove it and just
always pretend to be on X11.

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::platformForUAString):

6:23 AM Changeset in webkit [207116] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206512 - [GTK] Bump fake Safari version in UA
https://bugs.webkit.org/show_bug.cgi?id=162615

Reviewed by Carlos Garcia Campos.

Pretend to be Safari 10.0 to fix sites that don't work when we pretend to be Safari 8.0.

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::buildUserAgentString):

6:23 AM Changeset in webkit [207115] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206510 - [GTK] Add warning comment in UserAgentGtk.cpp
https://bugs.webkit.org/show_bug.cgi?id=162618

Reviewed by Carlos Garcia Campos.

  • platform/gtk/UserAgentGtk.cpp:
6:23 AM Changeset in webkit [207114] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206436 - Unreviewed typo fix

  • platform/gtk/UserAgentGtk.cpp:

(WebCore::standardUserAgent):

6:16 AM Changeset in webkit [207113] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.14

Merge r206434 - [GTK] Install binaries to pkglibexecdir rather than bindir
https://bugs.webkit.org/show_bug.cgi?id=162602

Reviewed by Carlos Garcia Campos.

Source/JavaScriptCore:

Install jsc shell to LIBEXEC_INSTALL_DIR rather than EXEC_INSTALL_DIR.

Note these locations are the same on non-GTK ports.

  • shell/CMakeLists.txt:

Tools:

Install MiniBrowser to LIBEXEC_INSTALL_DIR rather than EXEC_INSTALL_DIR.

  • MiniBrowser/gtk/CMakeLists.txt:
6:16 AM Changeset in webkit [207112] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Tools

Merge r206428 - [GTK] Disable ACCELERATED_2D_CANVAS when using build-webkit
https://bugs.webkit.org/show_bug.cgi?id=162600

Reviewed by Carlos Garcia Campos.

  • Scripts/webkitperl/FeatureList.pm:
5:52 AM Changeset in webkit [207111] by commit-queue@webkit.org
  • 5 edits
    9 adds in trunk

[Modern Media Controls] Buttons container
https://bugs.webkit.org/show_bug.cgi?id=163238
<rdar://problem/28701864>

Patch by Antoine Quint <Antoine Quint> on 2016-10-11
Reviewed by Dean Jackson.

Source/WebCore:

We add a new ButtonsContainer class which contains a group of Button objects
and positions them based on the provided padding and margin between buttons.
Buttons that aren't enabled or marked as dropped are not added to the tree of
LayoutNodes, and thus the DOM.

Additionally, we fix a few issues we found while working on tests for ButtonsContainer
where LayoutNodes would schedule layout callbacks even when they would not do any work
during the layout callback due to not resetting the needsLayout flag to false and
removing any scheduled tasks when a layout was completed.

Finally, we fix a few style issues that had not been caught so far and an unused
size property on IconButton.

Tests: media/modern-media-controls/buttons-container/buttons-container-buttons-property.html

media/modern-media-controls/buttons-container/buttons-container-constructor.html
media/modern-media-controls/buttons-container/buttons-container-layout.html

  • Modules/modern-media-controls/controls/airplay-button.js:

(AirplayButton.prototype.set on):
(AirplayButton):

  • Modules/modern-media-controls/controls/buttons-container.css:

(.buttons-container):

  • Modules/modern-media-controls/controls/buttons-container.js:

(ButtonsContainer.prototype.get buttons):
(ButtonsContainer.prototype.set buttons):
(ButtonsContainer.prototype.layout):

  • Modules/modern-media-controls/controls/icon-button.js:
  • Modules/modern-media-controls/controls/layout-node.js:

(LayoutNode.prototype.set needsLayout):
(LayoutNode.prototype.markDirtyProperty):
(LayoutNode.prototype._markNodeManipulation):
(LayoutNode.prototype._updateDirtyState):
(performScheduledLayout):
(elementFromString):

  • Modules/modern-media-controls/controls/scheduler.js:

(const.scheduler.new.prototype.unscheduleLayout):

LayoutTests:

Adding tests for the new ButtonsContainer class.

  • media/modern-media-controls/buttons-container/buttons-container-buttons-property-expected.txt: Added.
  • media/modern-media-controls/buttons-container/buttons-container-buttons-property.html: Added.
  • media/modern-media-controls/buttons-container/buttons-container-constructor-expected.txt: Added.
  • media/modern-media-controls/buttons-container/buttons-container-constructor.html: Added.
  • media/modern-media-controls/buttons-container/buttons-container-layout-expected.txt: Added.
  • media/modern-media-controls/buttons-container/buttons-container-layout.html: Added.
5:47 AM Changeset in webkit [207110] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r206427 - [GTK] Unreviewed typo fix

  • UIProcess/API/gtk/WebKitWebInspector.cpp:

(webkit_web_inspector_class_init):

5:47 AM Changeset in webkit [207109] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/WebInspectorUI

Merge r206426 - [GTK] Mac defaults are used for key shortcuts on Linux
https://bugs.webkit.org/show_bug.cgi?id=162564

Don't set Mac's default keymap as a fallthrough for CodeMirror when we
are not on Mac.

Patch by Tomas Popela <tpopela@redhat.com> on 2016-09-27
Reviewed by Carlos Garcia Campos.

  • UserInterface/Test.html: Include Platform.js for the

WebInspector.Platform definition.

  • UserInterface/Views/CodeMirrorAdditions.js:
5:44 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
5:40 AM Changeset in webkit [207108] by Carlos Garcia Campos
  • 1 edit
    2 adds in releases/WebKitGTK/webkit-2.14/LayoutTests

Merge r206493 - Toggling display: none on a parent element of a slot which shares style with its parent doesn't update the slot's visibility
https://bugs.webkit.org/show_bug.cgi?id=158421

Reviewed by Darin Adler.

Add a regression test now that the bug has been fixed by r206403.

  • fast/shadow-dom/shadow-layout-after-toggling-display-slot-parent-expected.html: Added.
  • fast/shadow-dom/shadow-layout-after-toggling-display-slot-parent.html: Added.
5:39 AM Changeset in webkit [207107] by Carlos Garcia Campos
  • 5 edits
    4 adds in releases/WebKitGTK/webkit-2.14

Merge r206403 - Input elements don't work inside shadow tree
https://bugs.webkit.org/show_bug.cgi?id=160427

Reviewed by Darin Adler.

Source/WebCore:

There is a bug in ComposedTreeIterator. If the iterator is initialized with an initial state where the root
is inside a shadow tree it won't iterate into slots.

If an input element is in a shadow tree it generates narrowly scoped style updates. When RenderTreeUpdater
applies such an update the update root will be inside the shadow tree and the bug will prevent the render tree
for slotted content from updating.

Added tests for both the iterator behavior and the specific symptom with input elements.

Tests: fast/shadow-dom/composed-tree-shadow-child-subtree.html

fast/shadow-dom/input-element-in-shadow.html

  • dom/ComposedTreeIterator.cpp:

(WebCore::ComposedTreeIterator::ComposedTreeIterator):

Check and cache if the root is inside shadow tree.

(WebCore::ComposedTreeIterator::traverseNextInShadowTree):

  • dom/ComposedTreeIterator.h:

(WebCore::ComposedTreeIterator::traverseNext):

If it is, always use the shadow traversal code path.

LayoutTests:

  • fast/shadow-dom/composed-tree-shadow-child-subtree-expected.txt: Added.
  • fast/shadow-dom/composed-tree-shadow-child-subtree.html: Added.
  • fast/shadow-dom/input-element-in-shadow-expected.html: Added.
  • fast/shadow-dom/input-element-in-shadow.html: Added.
5:35 AM Changeset in webkit [207106] by Carlos Garcia Campos
  • 2 edits
    1 add in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206383 - Add CairoUniquePtr and use it in FontPlatformDataFreetype.cpp
https://bugs.webkit.org/show_bug.cgi?id=162557

Reviewed by Alex Christensen.

  • platform/graphics/cairo/CairoUniquePtr.h: Added.

(WebCore::CairoPtrDeleter<cairo_font_options_t>::operator()):

  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::getDefaultCairoFontOptions): Return a smart pointer.
(WebCore::FontPlatformData::buildScaledFont): Use smart pointer.

5:34 AM Changeset in webkit [207105] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Tools

Merge r206382 - [GTK] TestContextMenu is failing
https://bugs.webkit.org/show_bug.cgi?id=162569

We cannot use the MP3 file in the TestContextMenu, as it will not work
by default on most distributions (that don't have an MP3 codecs
installed). Change the test to use OGG file instead.

Patch by Tomas Popela <tpopela@redhat.com> on 2016-09-26
Reviewed by Michael Catanzaro.

  • TestWebKitAPI/Tests/WebKit2Gtk/TestContextMenu.cpp:

(testContextMenuDefaultMenu):

5:33 AM Changeset in webkit [207104] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/bmalloc

Merge r206380 - Avoid implicit conversion from iterator to pointer
https://bugs.webkit.org/show_bug.cgi?id=162482

Patch by Yoshiaki Jitsukawa <Yoshiaki.Jitsukawa@sony.com> on 2016-09-26
Reviewed by Geoffrey Garen.

Not every STL supporting such conversion, we should get a pointer explicitly.

  • bmalloc/Chunk.h:

(bmalloc::Chunk::lines):
(bmalloc::Chunk::pages):

  • bmalloc/FixedVector.h:

(bmalloc::FixedVector::begin):

5:32 AM Changeset in webkit [207103] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r206377 - std::unique_ptr deleter functions should not check if pointer is null
https://bugs.webkit.org/show_bug.cgi?id=162558

Reviewed by Alex Christensen.

std::unique_ptr already does this before calling the deleter.

Source/WebCore:

  • platform/graphics/x11/XUniquePtr.h:

(WebCore::XPtrDeleter::operator()):
(WebCore::XPtrDeleter<XImage>::operator()):
(WebCore::XPtrDeleter<_XGC>::operator()):
(WebCore::XPtrDeleter<GLXcontextRec>::operator()):

Source/WTF:

  • wtf/efl/UniquePtrEfl.h:
  • wtf/glib/GUniquePtr.h:
5:11 AM Changeset in webkit [207102] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206373 - [GTK] Unnecessary extern functions in FontPlatformDataFreeType.cpp
https://bugs.webkit.org/show_bug.cgi?id=162555

Reviewed by Carlos Garcia Campos.

These functions should be file-static.

  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::convertFontConfigSubpixelOrder):
(WebCore::convertFontConfigHintStyle):
(WebCore::setCairoFontOptionsFromFontConfigPattern):

5:08 AM Changeset in webkit [207101] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore/platform/gtk/po

Merge r206362 - [GTK] German translation update
https://bugs.webkit.org/show_bug.cgi?id=152228

Patch by Benedikt M. Thoma <gnome@thomba.net> on 2016-09-25
Rubber-stamped by Michael Catanzaro.

  • de.po:
5:05 AM Changeset in webkit [207100] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.14
Merge r206343 - ASSERTION FAILED: !newRelayoutRoot.container()
is<RenderView>(newRelayoutRoot.container()) !newRelayoutRoot.container()->needsLayout() while loading sohu.com

https://bugs.webkit.org/show_bug.cgi?id=162466

Reviewed by Simon Fraser.

Source/WebCore:

When we come across a out-of-flow positioned renderer during layout, we add it to a tracker map with
its containing block (calling RenderBlock::insertPositionedObject).
It ensures that a containing block can easily access to the out-of-flow positioned descendants during layout/painting/hittesting.
We do it even when the containing block - positioned renderer pair is already in this tracker map.
RenderBlock::insertPositionedObject() eagerly sets the positioned-child-needs-layout flag on the containing block
assuming it needs to layout this descendant later in the layout phase.
This patch ensure that we only flag the containing block dirty when the descendant needs layout.

Test: fast/block/positioning/subtree-assert-when-positioned-element-dirties-containing-block.html

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::insertPositionedObject):

LayoutTests:

  • fast/block/positioning/subtree-assert-when-positioned-element-dirties-containing-block-expected.txt: Added.
  • fast/block/positioning/subtree-assert-when-positioned-element-dirties-containing-block.html: Added.
5:01 AM Changeset in webkit [207099] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r206305 - [GTK] BadDamage X error in /webkit2/WebKitWebView/preferred-size
https://bugs.webkit.org/show_bug.cgi?id=162489

Reviewed by Michael Catanzaro.

Do a XSync right after creating/destroying the XDamage used by the redirected window in X11.

  • UIProcess/gtk/AcceleratedBackingStoreX11.cpp:

(WebKit::AcceleratedBackingStoreX11::~AcceleratedBackingStoreX11):
(WebKit::AcceleratedBackingStoreX11::update):

5:01 AM Changeset in webkit [207098] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Tools

Merge r206304 - REGRESSION(r204163): [GTK] API test /webkit2/WebKitSecurityManager/file-xhr is failing
https://bugs.webkit.org/show_bug.cgi?id=161607

Reviewed by Michael Catanzaro.

Since r204163, in case of cross origin error when loading the XHR, the load fails and an error message is shown
in the console, but there isn't any js expcetion, which is what we were checking. Now, we check that there
aren't exceptions, and that the error message is sent to the console.

  • Scripts/run-gtk-tests:

(TestRunner):

  • TestWebKitAPI/Tests/WebKit2Gtk/TestWebKitWebContext.cpp:

(consoleMessageReceivedCallback):
(testWebContextSecurityFileXHR):

5:00 AM Changeset in webkit [207097] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.14/Tools

Merge r206302 - [GTK] Make all WebView tests have a WebKitUserContentManager
https://bugs.webkit.org/show_bug.cgi?id=162487

Reviewed by Michael Catanzaro.

It simplifies tests using the user content manager, and allows to use it without having to subclass WebViewTest.

  • TestWebKitAPI/Tests/WebKit2Gtk/TestConsoleMessage.cpp:

(ConsoleMessageTest::ConsoleMessageTest):
(ConsoleMessageTest::~ConsoleMessageTest):

  • TestWebKitAPI/Tests/WebKit2Gtk/TestUIClient.cpp:
  • TestWebKitAPI/Tests/WebKit2Gtk/TestWebKitUserContentManager.cpp:

(testUserContentManagerInjectedStyleSheet):
(testUserContentManagerInjectedScript):
(UserScriptMessageTest::UserScriptMessageTest):
(beforeAll):

  • TestWebKitAPI/Tests/WebKit2Gtk/TestWebKitWebView.cpp:

(testWebViewIsPlayingAudio):

  • TestWebKitAPI/gtk/WebKit2Gtk/WebViewTest.cpp:

(WebViewTest::WebViewTest):

  • TestWebKitAPI/gtk/WebKit2Gtk/WebViewTest.h:
4:58 AM Changeset in webkit [207096] by Carlos Garcia Campos
  • 11 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r206295 - REGRESSION(r194387): Crash on github.com in IntlDateTimeFormat::resolvedOptions in C locale
https://bugs.webkit.org/show_bug.cgi?id=162139

Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

The crash happens in unix ports because the resolved locale is empty when system locale is "C". IntlObject
considers any language tag with a size < 2 to be an invalid language, so "C" is not a valid language to resolve
the locale. We should ensure that WTF::platformUserPreferredLanguages() never returns invalid languages, but
that's not enough, because languages can be overriden from the public API, so we need to handle those cases and
throw exceptions instead of crashing.

  • runtime/IntlCollator.cpp:

(JSC::IntlCollator::initializeCollator): Throw a exception when we fail to resolve the locale.

  • runtime/IntlDateTimeFormat.cpp:

(JSC::IntlDateTimeFormat::initializeDateTimeFormat): Ditto.

  • runtime/IntlNumberFormat.cpp:

(JSC::IntlNumberFormat::initializeNumberFormat): Ditto.

Source/WebKit2:

Handle the case of "C" locale passed by the user using "en-US" as default to match what
WTF::platformUserPreferredLanguages() does.

  • UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_set_preferred_languages): Remove the call to languageDidChange() because
overrideUserPreferredLanguages() already calls it, so we were actually notifying the observers twice.

Source/WTF:

Handle the case of "C" or "POSIX" locale and use "en-US" as default. That matches what ICU and other ports do,
as well as what layout tests expect (some tests like js/intl-collator.html pass in the bots only because we use
en-US as system locale in those bots).

  • wtf/PlatformUserPreferredLanguagesUnix.cpp:

(WTF::platformLanguage):

Tools:

Add test cases to check the behavior when using the C locale and an invalid locale.

  • TestWebKitAPI/Tests/WebKit2Gtk/TestWebKitWebContext.cpp:

(testWebContextLanguages):

LayoutTests:

  • js/intl-invalid-locale-crash-expected.txt: Added.
  • js/intl-invalid-locale-crash.html: Added.
4:52 AM Changeset in webkit [207095] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r206294 - [GTK] Improve performance when resizing a window with multiple web views in X11
https://bugs.webkit.org/show_bug.cgi?id=162413

Reviewed by Michael Catanzaro.

Resizing a window with a single way view performs good enough, but when adding more tabs, the performance
decreases a lot. This is because resize is a sync operation, and the UI process waits for the web process to
have a new update for the new size, while still draws the previous frame. This is needed for the visible web
view, to avoid flickering and artifacts while resizing, but for all other hidden web views, we don't really need
to block the UI process. This doesn't happen in Wayland, because in Wayland we never block the UI process while
waiting for web process update after a resize.

  • UIProcess/AcceleratedDrawingAreaProxy.cpp:

(WebKit::AcceleratedDrawingAreaProxy::waitForAndDispatchDidUpdateBackingStoreState): Return early if the web
view is not visible.

  • UIProcess/gtk/AcceleratedBackingStoreX11.cpp:

(WebKit::AcceleratedBackingStoreX11::update): Only schedule a redraw on a damage event when the view is visible.

  • WebProcess/WebPage/gtk/AcceleratedSurfaceX11.cpp:

(WebKit::AcceleratedSurfaceX11::AcceleratedSurfaceX11): Do a XSync right after creating the new pixmap.
(WebKit::AcceleratedSurfaceX11::resize): Ditto.

4:51 AM Changeset in webkit [207094] by Carlos Garcia Campos
  • 3 edits
    5 adds in releases/WebKitGTK/webkit-2.14

Merge r206280 - IDBIndex.openCursor() matches indices on multiple object stores.
<rdar://problem/28434463> and https://bugs.webkit.org/show_bug.cgi?id=158833

Reviewed by Alex Christensen.

Source/WebCore:

Tests: storage/indexeddb/modern/multiple-objectstore-index-cursor-collision-private.html

storage/indexeddb/modern/multiple-objectstore-index-cursor-collision.html

  • Modules/indexeddb/server/SQLiteIDBCursor.cpp:

(WebCore::IDBServer::buildIndexStatement): Need to include the object store id in the statement for

index cursors, otherwise there will be collisions amongst multiple object stores that happen to
share primary keys.

(WebCore::IDBServer::SQLiteIDBCursor::bindArguments):

LayoutTests:

  • storage/indexeddb/modern/multiple-objectstore-index-cursor-collision-expected.txt: Added.
  • storage/indexeddb/modern/multiple-objectstore-index-cursor-collision-private-expected.txt: Added.
  • storage/indexeddb/modern/multiple-objectstore-index-cursor-collision-private.html: Added.
  • storage/indexeddb/modern/multiple-objectstore-index-cursor-collision.html: Added.
  • storage/indexeddb/modern/resources/multiple-objectstore-index-cursor-collision.js: Added.
4:49 AM Changeset in webkit [207093] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r206277 - [XSS Auditor] HTML5 entities can bypass XSS Auditor
https://bugs.webkit.org/show_bug.cgi?id=161939
<rdar://problem/25819815>

Reviewed by David Kilzer.

Source/WebCore:

Merged from Blink:
<https://chromium.googlesource.com/chromium/src/+/04e44060dccee711842d08652bf1c622a0f43179>

Truncate a src-like URL at the first & character as it may mark the start of an HTML entity.
We will evaluate the effectiveness of this approach and adjust it if necessary if we see an
increase in false positives.

HTML5 defines more named character references, including named character references for common
punctuation characters. Characters following some punctuation characters may come from the page
itself. We truncate src-like strings at punctuation characters to avoid considering such page
content when performing a match.

Test: http/tests/security/xssAuditor/script-tag-with-source-data-url5.html

  • html/parser/XSSAuditor.cpp:

(WebCore::truncateForSrcLikeAttribute):

LayoutTests:

  • http/tests/security/xssAuditor/script-tag-with-source-data-url5-expected.txt: Added.
  • http/tests/security/xssAuditor/script-tag-with-source-data-url5.html: Added.
4:49 AM Changeset in webkit [207092] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r206276 - [XSS Auditor] Truncate data URLs at quotes
https://bugs.webkit.org/show_bug.cgi?id=161937

Reviewed by David Kilzer.

Source/WebCore:

Merged from Blink:
<https://chromium.googlesource.com/chromium/src/+/c6d6331190dd43f09459e2341c3111e796f9de12/>

Truncate a data URL at the first single or double quote character to avoid considering
characters that may come from the page content following an injected data URL.

Test: http/tests/security/xssAuditor/script-tag-with-source-data-url4.html

  • html/parser/XSSAuditor.cpp:

(WebCore::truncateForSrcLikeAttribute):

LayoutTests:

  • http/tests/security/xssAuditor/resources/echo-property.pl:
  • http/tests/security/xssAuditor/script-tag-with-source-data-url4-expected.txt: Added.
  • http/tests/security/xssAuditor/script-tag-with-source-data-url4.html: Added.
4:46 AM Changeset in webkit [207091] by Carlos Garcia Campos
  • 35 edits
    4 moves in releases/WebKitGTK/webkit-2.14/Source

Merge r206256 - [GTK] Rename DataObjectGtk as SelectionData
https://bugs.webkit.org/show_bug.cgi?id=162380

Reviewed by Žan Doberšek.

Source/WebCore:

DataObjectGtk represents the data of a selection, like GtkSelectionData, used for clipboard and drag adn drop
operations. Data object is a very generic name, and the Gtk suffix sounds like if this is the GTK implementation
of a generic DataObject class.

  • PlatformGTK.cmake:
  • editing/gtk/EditorGtk.cpp:

(WebCore::createFragmentFromPasteboardData):

  • page/gtk/DragControllerGtk.cpp:
  • platform/DragData.h:
  • platform/Pasteboard.h:
  • platform/PasteboardStrategy.h:

(WebCore::PasteboardStrategy::~PasteboardStrategy): Deleted.

  • platform/PlatformPasteboard.h:
  • platform/gtk/DragDataGtk.cpp:
  • platform/gtk/PasteboardGtk.cpp:

(WebCore::Pasteboard::createPrivate):
(WebCore::Pasteboard::createForDragAndDrop):
(WebCore::Pasteboard::Pasteboard):
(WebCore::Pasteboard::selectionData):
(WebCore::selectionDataTypeFromHTMLClipboardType):
(WebCore::Pasteboard::writeToClipboard):
(WebCore::Pasteboard::readFromClipboard):
(WebCore::Pasteboard::writeString):
(WebCore::Pasteboard::writePlainText):
(WebCore::Pasteboard::write):
(WebCore::Pasteboard::writePasteboard):
(WebCore::Pasteboard::clear):
(WebCore::Pasteboard::canSmartReplace):
(WebCore::Pasteboard::read):
(WebCore::Pasteboard::hasData):
(WebCore::Pasteboard::types):
(WebCore::Pasteboard::readString):
(WebCore::Pasteboard::readFilenames):

  • platform/gtk/PasteboardHelper.cpp:

(WebCore::PasteboardHelper::getClipboardContents):
(WebCore::PasteboardHelper::targetListForSelectionData):
(WebCore::PasteboardHelper::fillSelectionData):
(WebCore::ClipboardSetData::ClipboardSetData):
(WebCore::getClipboardContentsCallback):
(WebCore::PasteboardHelper::writeClipboardContents):
(WebCore::clearClipboardContentsCallback): Deleted.

  • platform/gtk/PasteboardHelper.h:
  • platform/gtk/PlatformPasteboardGtk.cpp:

(WebCore::PlatformPasteboard::writeToClipboard):
(WebCore::PlatformPasteboard::readFromClipboard):

  • platform/gtk/SelectionData.cpp: Renamed from Source/WebCore/platform/gtk/DataObjectGtk.cpp.

(WebCore::SelectionData::setText):
(WebCore::SelectionData::setURIList):
(WebCore::SelectionData::setURL):
(WebCore::SelectionData::urlLabel):
(WebCore::SelectionData::clearAllExceptFilenames):
(WebCore::SelectionData::clearAll):

  • platform/gtk/SelectionData.h: Renamed from Source/WebCore/platform/gtk/DataObjectGtk.h.

(WebCore::SelectionData::create):
(WebCore::SelectionData::text):
(WebCore::SelectionData::hasText):
(WebCore::SelectionData::clearText):
(WebCore::SelectionData::setMarkup):
(WebCore::SelectionData::markup):
(WebCore::SelectionData::hasMarkup):
(WebCore::SelectionData::clearMarkup):
(WebCore::SelectionData::hasURL):
(WebCore::SelectionData::clearURL):
(WebCore::SelectionData::filenames):
(WebCore::SelectionData::hasURIList):
(WebCore::SelectionData::hasFilenames):
(WebCore::SelectionData::setImage):
(WebCore::SelectionData::image):
(WebCore::SelectionData::hasImage):
(WebCore::SelectionData::unknownTypeData):
(WebCore::SelectionData::unknownTypes):
(WebCore::SelectionData::hasUnknownTypeData):
(WebCore::SelectionData::canSmartReplace):
(WebCore::SelectionData::url): Deleted.
(WebCore::SelectionData::uriList): Deleted.
(WebCore::SelectionData::clearURIList): Deleted.
(WebCore::SelectionData::clearImage): Deleted.
(WebCore::SelectionData::setUnknownTypeData): Deleted.

Source/WebKit2:

  • PlatformGTK.cmake:
  • Shared/gtk/ArgumentCodersGtk.cpp:

(IPC::ArgumentCoder<SelectionData>::encode):
(IPC::ArgumentCoder<SelectionData>::decode):

  • Shared/gtk/ArgumentCodersGtk.h:
  • Shared/gtk/WebSelectionData.cpp: Renamed from Source/WebKit2/Shared/gtk/PasteboardContent.cpp.

(WebKit::WebSelectionData::WebSelectionData):
(WebKit::WebSelectionData::encode):
(WebKit::WebSelectionData::decode):

  • Shared/gtk/WebSelectionData.h: Renamed from Source/WebKit2/Shared/gtk/PasteboardContent.h.
  • UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::startDrag):

  • UIProcess/API/gtk/PageClientImpl.h:
  • UIProcess/PageClient.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::performDragControllerAction):
(WebKit::WebPageProxy::startDrag):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/WebPasteboardProxy.h:
  • UIProcess/WebPasteboardProxy.messages.in:
  • UIProcess/gtk/DragAndDropHandler.cpp:

(WebKit::DragAndDropHandler::DroppingContext::DroppingContext):
(WebKit::DragAndDropHandler::startDrag):
(WebKit::DragAndDropHandler::fillDragData):
(WebKit::DragAndDropHandler::finishDrag):
(WebKit::DragAndDropHandler::dropDataSelection):
(WebKit::DragAndDropHandler::dragEntered):
(WebKit::DragAndDropHandler::dragDataSelection):
(WebKit::DragAndDropHandler::dragMotion):
(WebKit::DragAndDropHandler::dragLeave):
(WebKit::DragAndDropHandler::drop):

  • UIProcess/gtk/DragAndDropHandler.h:
  • UIProcess/gtk/WebPasteboardProxyGtk.cpp:

(WebKit::WebPasteboardProxy::writeToClipboard):
(WebKit::WebPasteboardProxy::readFromClipboard):
(WebKit::WebPasteboardProxy::setPrimarySelectionOwner): Deleted.

  • WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:

(WebKit::WebPlatformStrategies::writeToClipboard):
(WebKit::WebPlatformStrategies::readFromClipboard):

  • WebProcess/WebCoreSupport/WebPlatformStrategies.h:
  • WebProcess/WebCoreSupport/gtk/WebDragClientGtk.cpp:

(WebKit::WebDragClient::startDrag):

  • WebProcess/WebCoreSupport/gtk/WebEditorClientGtk.cpp:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::performDragControllerAction):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:
4:38 AM Changeset in webkit [207090] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206205 - [GTK] Fix build failure of ScrollbarThemeGtk with libc++
https://bugs.webkit.org/show_bug.cgi?id=162302

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-09-21
Reviewed by Carlos Garcia Campos.

  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::paint): Add missing #include <cstdlib>

4:37 AM Changeset in webkit [207089] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206200 - [GTK] Fix build failure in clipboard support
https://bugs.webkit.org/show_bug.cgi?id=162261

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-09-21
Reviewed by Carlos Garcia Campos.

  • platform/PlatformPasteboard.h: Add missing #include <functional>
  • platform/gtk/PasteboardHelper.h: Add missing #include <functional>
4:36 AM Changeset in webkit [207088] by Carlos Garcia Campos
  • 28 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r206197 - [GTK] Clean up DataObjectGtk handling
https://bugs.webkit.org/show_bug.cgi?id=162267

Reviewed by Michael Catanzaro.

Source/WebCore:

  • platform/Pasteboard.h: Use Ref instead of RefPtr for DataObjectGtk member.
  • platform/PasteboardStrategy.h: Pass a const reference to DataObjectGtk in write method and return a Ref from read.
  • platform/PlatformPasteboard.h: Ditto.
  • platform/gtk/DataObjectGtk.h:

(WebCore::DataObjectGtk::image): Use Image instead of GdkPixbuf.
(WebCore::DataObjectGtk::setImage):

  • platform/gtk/PasteboardGtk.cpp:

(WebCore::Pasteboard::createForDragAndDrop): Use a reference instead of a pointer.
(WebCore::Pasteboard::Pasteboard): Receives a reference, so we can also remove the ASSERT.
(WebCore::Pasteboard::dataObject):
(WebCore::Pasteboard::writeToClipboard): Remove the ShouldIncludeSmartPaste parameter, callers should also update
canSmartPaste property of DataObjectGtk before calling this.
(WebCore::Pasteboard::writePlainText):
(WebCore::Pasteboard::write): Do not convert the image the GdkPixbuf, pass the image to the DataObjectGtk instead.

  • platform/gtk/PasteboardHelper.cpp:

(WebCore::PasteboardHelper::fillSelectionData): Convert the DataObjectGtk image to GdkPixbuf right before
passing it to gtk_selection_data_set_pixbuf().
(WebCore::ClipboardSetData::ClipboardSetData): Use reference instead of pointer.
(WebCore::getClipboardContentsCallback):
(WebCore::clearClipboardContentsCallback): Never clear the saved DataObjectGtk, that was only needed when we had
a global DataObjectGtk associated to a GtkClipboard.
(WebCore::PasteboardHelper::writeClipboardContents): Use TemporaryChange to set the settingClipboardDataObject global.

  • platform/gtk/PlatformPasteboardGtk.cpp:

(WebCore::PlatformPasteboard::writeToClipboard):
(WebCore::PlatformPasteboard::readFromClipboard):

Source/WebKit2:

In some cases the ownership of DataObjectGtk instances is not clear enough, and we have hacks to avoid memory
leaks because of that.

  • Shared/gtk/ArgumentCodersGtk.cpp:

(IPC::encodeImage): Use Image instead of GdkPixbuf.
(IPC::decodeImage): Ditto.
(IPC::ArgumentCoder<DataObjectGtk>::encode):
(IPC::ArgumentCoder<DataObjectGtk>::decode):
(IPC::encode): Deleted.
(IPC::decode): Deleted.
(IPC::ArgumentCoder<DragData>::encode): Deleted.
(IPC::ArgumentCoder<DragData>::decode): Deleted.

  • Shared/gtk/ArgumentCodersGtk.h:
  • Shared/gtk/PasteboardContent.cpp:

(WebKit::PasteboardContent::PasteboardContent): Add empty constructor that creates a new DataObjectGtk, a
constructor that receives a const reference and another one that takes the ownership of the given DataObjectGtk.
(WebKit::PasteboardContent::encode):
(WebKit::PasteboardContent::decode):

  • Shared/gtk/PasteboardContent.h: Use Ref instead of RefPtr for the DataObjectGtk member.
  • UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::startDrag): Transfer the DataObjectGtk to the DragAndDropHandler, instead of using DragData.

  • UIProcess/API/gtk/PageClientImpl.h:
  • UIProcess/PageClient.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::performDragControllerAction): Instead of sending a DragData object to the web process,
send the DataObjectGtk and DragData members needed as parameters.
(WebKit::WebPageProxy::startDrag): Transfer the received DataObjectGtk to page client, instead of using
DragData. Also notify the web process that drag started.

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in: Update StartDrag message parameters.
  • UIProcess/gtk/DragAndDropHandler.cpp:

(WebKit::DragAndDropHandler::DragAndDropHandler): Remove unneeded initialization.
(WebKit::DragAndDropHandler::startDrag): Take ownership of the given DataObjectGtk.

  • UIProcess/gtk/DragAndDropHandler.h:
  • UIProcess/gtk/WebPasteboardProxyGtk.cpp:

(WebKit::WebPasteboardProxy::writeToClipboard):
(WebKit::WebPasteboardProxy::readFromClipboard):

  • WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:

(WebKit::WebPlatformStrategies::writeToClipboard):
(WebKit::WebPlatformStrategies::readFromClipboard):

  • WebProcess/WebCoreSupport/WebPlatformStrategies.h:
  • WebProcess/WebCoreSupport/gtk/WebDragClientGtk.cpp:

(WebKit::convertCairoSurfaceToShareableBitmap):
(WebKit::WebDragClient::startDrag): Do not create a DragData and pass the DataObjectGtk directly to the
message. Also notify the WebPage that drag is about to start.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::performDragControllerAction): Remove explicit DataObjectGtk derefs and simply create a
DragData using the DataObjectGtk pointer as platform data.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in: Update PerformDragControllerAction message parameters.
4:09 AM Changeset in webkit [207087] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r206188 - REGRESSION (r204552): Athlete search on Strava gives bad rendering.
https://bugs.webkit.org/show_bug.cgi?id=162250

Reviewed by Simon Fraser.

Source/WebCore:

Test: fast/layers/blank-content-when-child-layer-is-at-negative-big-number.html

  • platform/graphics/LayoutRect.cpp:

(WebCore::LayoutRect::checkedUnite):

  • platform/graphics/LayoutRect.h:

(WebCore::LayoutRect::isMaxXMaxYRepresentable):
(WebCore::LayoutRect::maxXMaxYCorner): Deleted.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects):

LayoutTests:

While computing the size of a particular layer, we unite the content size and the descendant layers' size.
If a descendant layer is positioned far off, the computed rectangle might not fully cover the original rectangles.
This happens when the 2 rectangles' distance is close to the maximum LayoutUnit value.
It's fairly common technic to put some content offscreen (top: -99999999px;). In order to keep the main content
visible, we need to ensure that the parent layer never gets cut off, while uniting it with the descendant layers.

  • fast/layers/blank-content-when-child-layer-is-at-negative-big-number-expected.html: Added.
  • fast/layers/blank-content-when-child-layer-is-at-negative-big-number.html: Added.
3:53 AM Changeset in webkit [207086] by commit-queue@webkit.org
  • 23 edits in trunk

[Fetch API] Support Request cache mode
https://bugs.webkit.org/show_bug.cgi?id=162281

Patch by Youenn Fablet <youenn@apple.com> on 2016-10-11
Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/request/request-cache-expected.txt: Rebasing test now that more tests are passing.
  • web-platform-tests/fetch/api/request/request-error-expected.txt:
  • web-platform-tests/fetch/api/request/request-error.html: Adding test to ensure only-if-cached is used with same-origin fetch mode.

Source/WebCore:

Covered by updated test.

Added support for only-if-cached mode at Request level.

Added support for cache mode at CachedResourceLoader, by setting HTTP headers and ResourceRequest cache policy
based on https://fetch.spec.whatwg.org/#concept-request-cache-mode and https://fetch.spec.whatwg.org/#http-network-or-cache-fetch.

Disabled default cache policy computation (done in FrameLoader) when cache mode is different from the default.
Activated no-store cache mode for EventSource as per https://html.spec.whatwg.org/#the-eventsource-interface.

  • Modules/fetch/FetchRequest.cpp:

(WebCore::setCache): Adding support for only-if-cached.
(WebCore::buildOptions): Throw if only-if-cached and fetch mode is not same-origin.

  • loader/FetchOptions.h: Adding support for only-if-cached.
  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::defaultRequestCachingPolicy): Introduced to ease readability.
(WebCore::FrameLoader::addExtraFieldsToRequest): Updating cache policy only if request has the default cache policy.
This allows bypassing the default behavior for fetch cache mode different from "default".

  • loader/FrameLoader.h:
  • loader/cache/CachedResourceLoader.cpp:

(WebCore::updateRequestAccordingCacheMode): Introduced to set headers and request cache policy according fetch cache mode.
(WebCore::CachedResourceLoader::requestResource):
(WebCore::CachedResourceLoader::loadResource):
(WebCore::CachedResourceLoader::determineRevalidationPolicy): Ensure bypassing the memory cache in no-store and reload cases.
We reload in case of cache mode=reload to refresh the meory cache entry.

  • loader/cache/CachedResourceRequest.h:

(WebCore::CachedResourceRequest::setCacheModeToNoStore):

  • page/EventSource.cpp:

(WebCore::EventSource::connect): Use no-store cache mode as per https://html.spec.whatwg.org/#the-eventsource-interface.

  • platform/network/HTTPHeaderMap.cpp:

(WebCore::HTTPHeaderMap::addIfNotPresent): Helper routine.

  • platform/network/HTTPHeaderMap.h:
  • platform/network/HTTPHeaderValues.cpp:
  • platform/network/HTTPHeaderValues.h:
  • platform/network/ResourceRequestBase.cpp:

(WebCore::ResourceRequestBase::addHTTPHeaderFieldIfNotPresent):
(WebCore::ResourceRequestBase::addHTTPHeaderField):
(WebCore::ResourceRequestBase::hasHTTPHeaderField):

  • platform/network/ResourceRequestBase.h:

LayoutTests:

Activating request-cache.html tests for WK1, but not yet for WK2.

  • TestExpectations:
  • platform/mac/TestExpectations:
  • platform/wk2/TestExpectations:
3:51 AM Changeset in webkit [207085] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r206151 - Undefined behavior: Left shift negative number
https://bugs.webkit.org/show_bug.cgi?id=161866

Reviewed by Keith Miller.

Left shifting a negative number is undefined behavior in C/C++, although most implementations do define it. Explicitly clarifying the intended behavior due to shifting negative number in some cases.

Source/JavaScriptCore:

  • dfg/DFGAbstractHeap.h:

(JSC::DFG::AbstractHeap::encode): Explicitly cast signed integer for left shift.

Source/WTF:

  • wtf/text/Base64.cpp:

(WTF::base64EncodeInternal): Changed signed character to unsigned when shifting.
(WTF::base64Encode): Ditto.
(WTF::base64URLEncode): Ditto.
(WTF::base64DecodeInternal): Ditto.

  • wtf/text/Base64.h: Ditto.

(WTF::SignedOrUnsignedCharVectorAdapter): Rebuilt to stop using union as a bitwise_cast.
(WTF::ConstSignedOrUnsignedCharVectorAdapter): Ditto.

3:49 AM Changeset in webkit [207084] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206122 - Cleanup: Remove an extraneous copy of SecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=162118

Reviewed by Youenn Fablet.

Share one isolated copy of the SecurityOrigin between the ContentSecurityPolicy and
LoaderTaskOptions objects instead of creating two isolated copies of the SecurityOrigin.
This is safe because both ContentSecurityPolicy and LoaderTaskOptions are instantiated
in WorkerThreadableLoader::MainThreadBridge for use on the main thread only.

  • loader/WorkerThreadableLoader.cpp:

(WebCore::LoaderTaskOptions::LoaderTaskOptions):
(WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):

3:45 AM Changeset in webkit [207083] by Carlos Garcia Campos
  • 3 edits
    5 adds in releases/WebKitGTK/webkit-2.14

Merge r206118 - Update XHTMLParser to recognize "-W3CDTD MathML 2.0EN" public identifier
https://bugs.webkit.org/show_bug.cgi?id=162166

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Import test coverage from W3C web-platform-tests.

  • web-platform-tests/html/the-xhtml-syntax/parsing-xhtml-documents/w3c-import.log: Added.
  • web-platform-tests/html/the-xhtml-syntax/parsing-xhtml-documents/xhtml-mathml-dtd-entity-support-expected.txt: Added.
  • web-platform-tests/html/the-xhtml-syntax/parsing-xhtml-documents/xhtml-mathml-dtd-entity-support.htm: Added.

Source/WebCore:

Update XHTMLParser to recognize "-W3CDTD MathML 2.0EN" public identifier as
per the latest HTML specification.

Firefox already recognizes it properly.

Test: imported/w3c/web-platform-tests/html/the-xhtml-syntax/parsing-xhtml-documents/xhtml-mathml-dtd-entity-support.htm

  • xml/parser/XMLDocumentParserLibxml2.cpp:

(WebCore::convertUTF16EntityToUTF8):
Fix assertion that was causing the new test to crash in debug. The input '\u0026'
gets converted to '&' which is only 1 character. However, the assertion wrongly
expected WTF::Unicode::convertUTF16ToUTF8() to generate more than 1 character.

(WebCore::externalSubsetHandler):
Add "-W3CDTD MathML 2.0EN" to the list.

3:42 AM Changeset in webkit [207082] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r206100 - ASSERTION FAILED: clipRectsContext.rootLayer == m_clipRectsCache->m_clipRectsRoot[clipRectsType] while loading guardian.co.uk
https://bugs.webkit.org/show_bug.cgi?id=162129
<rdar://problem/28353350>

Reviewed by Antti Koivisto.

Source/WebCore:

Neither ::localClipRect() nor ::selfClipRect() accounts for paginated context while computing the cliprects (See FIXMEs).
This patch ensures that we don't end up caching these invalid cliprects.

Test: fast/multicol/assert-on-cliprect-caching-when-paginated.html

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects):

LayoutTests:

  • fast/multicol/assert-on-cliprect-caching-when-paginated-expected.txt: Added.
  • fast/multicol/assert-on-cliprect-caching-when-paginated.html: Added.
3:40 AM Changeset in webkit [207081] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206074 - MainThreadBridge needs an isolatedCopy() of SecurityOrigin
<https://webkit.org/b/162116>
<rdar://problem/27525870>

Reviewed by Carlos Garcia Campos.

Covered by existing tests.

  • loader/WorkerThreadableLoader.cpp:

(WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
Make an isolatedCopy() of SecurityOrigin here since that's the
correct idiom to use when the object is passed from a worker
thread back to the main thread. Fix suggested by Daniel Bates.

3:38 AM Changeset in webkit [207080] by Carlos Garcia Campos
  • 4 edits
    6 adds in releases/WebKitGTK/webkit-2.14

Merge r206062 - Cancelling one frame's load cancels load in other frames that have the same URL as well
https://bugs.webkit.org/show_bug.cgi?id=162094

Reviewed by Antti Koivisto.

Source/WebCore:

Cancelling one frame's load cancels load in other frames that have the same URL as well.

So if you have several frames that are loading URL X and you navigate one of the frames
to Y, then the load of X will be cancelled and this frame will navigate to Y. All other
frames will not load URL X even though they should.

The issue is that all the DocumentLoaders share the same CachedResource because of the
memoryCache. When we call DocumentLoader::stopLoading(), it will cancel the
CachedResource's load even though there are several clients for this CachedResource
and other clients still want the load.

The approach chosen in this patch is to not reuse CachedResources that are still
loading when trying to load a main resource. This is not the most efficient approach.
I still chose this approach because:

  • It is very unlikely to introduce new bugs.
  • The change is very simple.
  • This is a corner case (several iframes having the same URL and cancelling the load in one of them).

Test: http/tests/navigation/frames-same-url-cancel-load.html

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::determineRevalidationPolicy):

LayoutTests:

Add layout test coverage.

  • http/tests/cache/iframe-detach-expected.txt: Added.
  • http/tests/cache/iframe-detach.html: Added.
  • http/tests/cache/resources/slow-iframe.php: Added.

Import Alex Christensen's test from Bug 157563.

  • http/tests/navigation/frames-same-url-cancel-load-expected.txt: Added.
  • http/tests/navigation/frames-same-url-cancel-load.html: Added.
  • http/tests/navigation/resources/success.html: Added.
  • http/tests/security/XFrameOptions/x-frame-options-deny-multiple-clients-expected.txt:
3:36 AM Changeset in webkit [207079] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206061 - ASSERTION FAILED: The string being removed is atomic in the string table of an other thread! iterator != atomicStringTable.end() at Source/WTF/wtf/text/AtomicStringImpl.cpp(453)
https://bugs.webkit.org/show_bug.cgi?id=161800

Reviewed by Žan Doberšek.

Speculative fix. These strings are created as static objects on a secondary thread, but all
static objects are destroyed in exit handlers on the main thread, and AtomicStrings must
always be destroyed on the same thread they are created.

  • platform/graphics/texmap/TextureMapperShaderProgram.h:
3:31 AM Changeset in webkit [207078] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r205999 - ASSERTION FAILED: willBeComposited == needsToBeComposited(layer) in WebCore::RenderLayerCompositor::computeCompositingRequirements
https://bugs.webkit.org/show_bug.cgi?id=151097
<rdar://problem/27711678>

Reviewed by Simon Fraser.

Source/WebCore:

This patch ensures that when will-change property triggers stacking context, we make the associated layer a non-normal flow layer.
(This is similar to what any other stacking context-triggering CSS property does.)

Test: compositing/assert-on-will-change-transform-with-composited-descendant.html

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects):

LayoutTests:

  • compositing/assert-on-will-change-transform-with-composited-descendant-expected.txt: Added.
  • compositing/assert-on-will-change-transform-with-composited-descendant.html: Added.
3:24 AM Changeset in webkit [207077] by Antti Koivisto
  • 7 edits in trunk/Source/WebCore

Stop copying author shadow pseudo rules into shadow tree style resolver
https://bugs.webkit.org/show_bug.cgi?id=163232

Reviewed by Darin Adler.

  • css/ElementRuleCollector.cpp:

(WebCore::ElementRuleCollector::collectMatchingRules):
(WebCore::ElementRuleCollector::matchAuthorRules):
(WebCore::ElementRuleCollector::matchAuthorShadowPseudoElementRules):

If we are resolving a user agent shadow tree also look up pseudo element rules from the host scope author sheet.
This is needed to keep web exposed ::-webkit-foo pseudo elements working.

(WebCore::ElementRuleCollector::collectMatchingShadowPseudoElementRules):

Factor to a function.

  • css/ElementRuleCollector.h:
  • css/RuleSet.cpp:

(WebCore::RuleSet::copyShadowPseudoElementRulesFrom): Deleted.

  • css/RuleSet.h:
  • dom/Document.cpp:

(WebCore::Document::userAgentShadowTreeStyleResolver):

  • style/StyleScope.cpp:

(WebCore::Style::Scope::updateStyleResolver):

No need to awkwardly copy these rules anymore.

3:22 AM Changeset in webkit [207076] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.14

Merge r205970 - Cleanup RenderLayer::shouldBeNormalFlowOnly
https://bugs.webkit.org/show_bug.cgi?id=161981

Reviewed by Simon Fraser.

Source/WebCore:

This patch changes the logic of figuring about if a particular layer is normal flow only by simply checking
if the layer creates a stacking context. If it does, we assume that it can't be a normal flow layer anymore.
This patch slightly changes behaviour by making layers with isolation and reflection to be non normal flow layers anymore.

Covered by existing testcases.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects):

LayoutTests:

Rebaselining.

  • fast/table/overflow-table-collapsed-borders-section-self-painting-layer-painting-expected.txt:
3:21 AM Changeset in webkit [207075] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WTF

Merge r205921 - Atomics on ARM don't require full-system fencing, and other minutiae
https://bugs.webkit.org/show_bug.cgi?id=161928

Reviewed by Geoffrey Garen.

Add cmpxchg versions with both success and failure memory
ordering. In some interesting cases we can craft code which needs
barriers which aren't as strong.

weakCompareAndSwap is super dubious, its 3 uses seem
questionable... but for now I'm just adding debug asserts.

Rename armv7_dmb* functions to arm_dmb* because they apply to v7
and v8 (or more precisely; to ARMv7's ARM and Thumb2, as well as
ARMv8's aarch32 A32/T32 and aarch64).

Use inner-shareability domain for ARM barriers instead of
full-system. This is what C++ uses.

The default case for barriers simply used a compiler barrier. This
is generally wrong, e.g. for MIPS.

  • wtf/Atomics.h:

(WTF::Atomic::compareExchangeWeak): offer two-order version
(WTF::Atomic::compareExchangeStrong): offer two-order version
(WTF::weakCompareAndSwap): a few assertions
(WTF::arm_dmb): rename since it applies to ARMv7 and v8; make it innser-shareable
(WTF::arm_dmb_st): rename since it applies to ARMv7 and v8; make it innser-shareable
(WTF::loadLoadFence): incorrect generally
(WTF::loadStoreFence): incorrect generally
(WTF::storeLoadFence): incorrect generally
(WTF::storeStoreFence): incorrect generally
(WTF::memoryBarrierAfterLock): incorrect generally
(WTF::memoryBarrierBeforeUnlock): incorrect generally
(WTF::armV7_dmb): Deleted.
(WTF::armV7_dmb_st): Deleted.

3:21 AM Changeset in webkit [207074] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r205920 - ShowRenderTree should take position offset into account when printing inflow positioned renderers.
https://bugs.webkit.org/show_bug.cgi?id=161978

Reviewed by Simon Fraser.

Adjust (x, y) with the inflow positioned renderer's offset.

Not testable.

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::showRenderObject):

2:53 AM Changeset in webkit [207073] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WTF

Merge r205914 - Alwasys inline atomic operations
https://bugs.webkit.org/show_bug.cgi?id=155371

Reviewed by Geoffrey Garen.

Fixes "build fails with memory model cannot be stronger than
success memory model for ‘atomic_compare_exchange’".

Pre-5 revisions of GCC at Os only generated an error message
related to invalid failure memory ordering. The reason is that
libstdc++ tries to be clever about enforcing the C++ standard's
clause [atomics.types.operations.req] ¶21 which states:

Requires: The failure argument shall not be
memory_order_release nor memory_order_acq_rel. The failure
argument shall be no stronger than the success argument.

It fails at doing this because its inlining heuristics are
modified by Os, and they're not quite as dumb as O0 but not smart
enough to get to the good code at O1. Adding ALWAYS_INLINE fixes
the silliness at Os, leaves O1 great, and makes O0 slightly less
bad but still pretty bad.

The other good news is that I'm going to get this particular
problem fixed in the version of C++ which will come after C++17:

https://github.com/jfbastien/papers/blob/master/source/P0418r1.bs

While we're at it we should always inline all of these wrapped
functions because the generated code is horrendous if the memory
order isn't known at compile time.

  • wtf/Atomics.h:

(WTF::Atomic::load):
(WTF::Atomic::store):
(WTF::Atomic::compareExchangeWeak):
(WTF::Atomic::compareExchangeStrong):
(WTF::Atomic::exchangeAndAdd):
(WTF::Atomic::exchange):

2:25 AM Changeset in webkit [207072] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r205861 - Input type object and the associated render can go out of sync.
https://bugs.webkit.org/show_bug.cgi?id=161871
<rdar://problem/28178094>

Reviewed by Antti Koivisto.

Source/WebCore:

Bail out when we've got a mismatched renderer.

Test: fast/forms/assert-on-input-type-change.html

  • html/ImageInputType.cpp:

(WebCore::ImageInputType::altAttributeChanged):

LayoutTests:

  • fast/forms/assert-on-input-type-change-expected.txt: Added.
  • fast/forms/assert-on-input-type-change.html: Added.
2:23 AM Changeset in webkit [207071] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WTF

Merge r205859 - ParkingLot is going to have a bad time with threads dying
https://bugs.webkit.org/show_bug.cgi?id=161893

Reviewed by Michael Saboff.

If a thread dies right as it falls out of parkConditionally, then unparkOne() and friends
might die because they will dereference a deallocated ThreadData.

The solution is to ref-count ThreadData's. When unparkOne() and friends want to hold onto a
ThreadData past the queue lock, they can use RefPtr<>.

  • wtf/ParkingLot.cpp:

(WTF::ParkingLot::unparkOne):
(WTF::ParkingLot::unparkOneImpl):
(WTF::ParkingLot::unparkAll):

2:18 AM Changeset in webkit [207070] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/WTF

Merge r205836 - [WTF] HashTable's rehash is not compatible to Ref<T> and ASan
https://bugs.webkit.org/show_bug.cgi?id=161763

Reviewed by Darin Adler.

Destructors of HashTable's empty values need to be called while ones of deleted values don't.

  • wtf/HashTable.h:

(WTF::KeyTraits>::deallocateTable):

  • wtf/Ref.h:
1:49 AM Changeset in webkit [207069] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206299 - Replace redundant prepareForDestruction() call with RELEASE_ASSERT in Document::removedLastRef.
https://bugs.webkit.org/show_bug.cgi?id=162467

Reviewed by Chris Dumez.

Since r205786 fixed the root cause of webkit.org/b/159372, we no longer need the workaround.
Replace it with a RELEASE_ASSERT to ensure clean state.

No new tests, covered by existing test.

  • dom/Document.cpp:

(WebCore::Document::removedLastRef):

1:48 AM Changeset in webkit [207068] by Carlos Garcia Campos
  • 9 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r205786 - It is possible for Document::m_frame pointer to become stale
https://bugs.webkit.org/show_bug.cgi?id=161812
<rdar://problem/27745023>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Document::m_frame is supposed to get cleared by Document::prepareForDestruction().
The Frame destructor calls Frame::setView(nullptr) which is supposed to call the
prepareForDestruction() on the Frame's associated document. However,
Frame::setView(nullptr) was calling prepareForDestruction() only if
Document::inPageCache() returned true. This is because, we allow Documents to
stay alive in the PageCache even though they don't have a frame.

The issue is that Document::m_inPageCache flag was set to true right before
firing the pagehide event, so technically before really entering PageCache.
Therefore, we can run into problems if a Frame gets destroyed by a pagehide
EventHandler because ~Frame() will not call Document::prepareForDestruction()
due to Document::m_inPageCache being true. After the frame is destroyed,
Document::m_frame becomes stale and any action on the document will likely
lead to crashes (such as the one in the layout test and the radar which
happens when trying to unregister event listeners from the document).

The solution adopted in this patch is to replace the m_inPageCache boolean
with a m_pageCacheState enumeration that has 3 states:

  • NotInPageCache
  • AboutToEnterPageCache
  • InPageCache

Frame::setView() / Frame::setDocument() were then updated to call
Document::prepareForDestruction() on the associated document whenever
the document's pageCacheState is not InPageCache. This means that we
will now call Document::prepareForDestruction() when the document is
being detached from its frame while firing the pagehide event.

Note that I tried to keep this patch minimal. Therefore, I kept
the Document::inPageCache() getter for now. I plan to switch all its
calls sites to the new Document::pageCacheState() getter in a follow-up
patch so that we can finally drop the confusing Document::inPageCache().

Test: fast/history/pagehide-remove-iframe-crash.html

  • dom/Document.cpp:

(WebCore::Document::Document):
(WebCore::Document::~Document):
(WebCore::Document::createRenderTree):
(WebCore::Document::destroyRenderTree):
(WebCore::Document::setFocusedElement):
(WebCore::Document::setPageCacheState):
(WebCore::Document::topDocument):

  • dom/Document.h:

(WebCore::Document::pageCacheState):
(WebCore::Document::inPageCache):

  • history/CachedFrame.cpp:

(WebCore::CachedFrame::destroy):

  • history/PageCache.cpp:

(WebCore::setPageCacheState):
(WebCore::PageCache::addIfCacheable):

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::stopAllLoaders):
(WebCore::FrameLoader::open):

  • loader/HistoryController.cpp:

(WebCore::HistoryController::invalidateCurrentItemCachedPage):

  • page/Frame.cpp:

(WebCore::Frame::setView):

LayoutTests:

Add layout test that crashes on both Mac and iOS due to using a stale
Document::m_frame pointer.

  • fast/history/pagehide-remove-iframe-crash-expected.txt: Added.
  • fast/history/pagehide-remove-iframe-crash.html: Added.
1:35 AM Changeset in webkit [207067] by pvollan@apple.com
  • 11 edits in trunk

[Win] Parallel DRTs are sharing preferences and cache.
https://bugs.webkit.org/show_bug.cgi?id=163013

Reviewed by Brent Fulgham.

Source/WebKit/win:

Make it possible for a WebKit client to use separate preferences and cache.

  • Interfaces/IWebPreferencesPrivate.idl:
  • WebApplicationCache.cpp:

(applicationCachePath):

  • WebCache.cpp:

(WebCache::cacheFolder):
(WebCache::setCacheFolder):

  • WebDatabaseManager.cpp:

(databasesDirectory):

  • WebPreferences.cpp:

(WebPreferences::applicationId):
(WebPreferences::valueForKey):
(WebPreferences::setValueForKey):
(WebPreferences::save):
(WebPreferences::QueryInterface):
(WebPreferences::modernMediaControlsEnabled):
(WebPreferences::setApplicationId):

  • WebPreferences.h:
  • WebView.cpp:

(WebView::setCacheModel):

Tools:

Use separate cache and preferences for each DRT instance.

  • DumpRenderTree/win/DumpRenderTree.cpp:

(applicationId):
(setApplicationId):
(setCacheFolder):
(setDefaultsToConsistentValuesForTesting):

  • Scripts/webkitpy/port/win.py:

(WinPort.setup_test_run):

1:30 AM Changeset in webkit [207066] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/JavaScriptCore

Merge r205767 - jsc.cpp should call initializeMainThread() to make sure that GC thread assertions work
https://bugs.webkit.org/show_bug.cgi?id=161801

Reviewed by Keith Miller.

The GC has debug assertions that certain things don't happen on GC threads. Those assertions
are no-ops unless initializeGCThreads() is called, and I think the most canonical way to do
that is to call initializeMainThread().

  • jsc.cpp:

(jscmain):

1:29 AM Changeset in webkit [207065] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/JavaScriptCore

Merge r205753 - Make hasOwnProperty ALWAYS_INLINE
https://bugs.webkit.org/show_bug.cgi?id=161775

Reviewed by Ryosuke Niwa.

Speedometer spends around 2.5% of its time in hasOwnProperty.
Let's reduce the overhead of calling that function by marking
it as inline. Also, it's likely that the function will call into
JSObject::getOwnPropertySlot. I added a check to see if that's
the function we're calling, if it is, we do a direct call instead
of an indirect call.

  • runtime/JSObject.cpp:

(JSC::JSObject::hasOwnProperty): Deleted.

  • runtime/JSObjectInlines.h:

(JSC::JSObject::hasOwnProperty):

1:09 AM Changeset in webkit [207064] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WTF

Merge r205740 - Gardening: fixing a few JSC test failures.
https://bugs.webkit.org/show_bug.cgi?id=161760

Not reviewed.

Without this fix, the following tests will crash on a null dereference of isGCThread.

stress/slow-path-generator-updating-current-node-dfg.js.misc-ftl-no-cjit
stress/unshift-array-storage.js.misc-ftl-no-cjit

  • wtf/MainThread.cpp:

(WTF::mayBeGCThread):

1:08 AM Changeset in webkit [207063] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r205701 - v3: WebContent crash due to RELEASE_ASSERT in WebCore: WebCore::StyleResolver::styleForElement
https://bugs.webkit.org/show_bug.cgi?id=161689

Reviewed by Andreas Kling.

These crashes happen because synchronously triggered resource loads generate callbacks that may end up
deleting the resource loader.

Stop triggering resource loads from StyleResolver. Instead trigger them when applying style to render tree.

  • css/StyleResolver.cpp:

(WebCore::StyleResolver::~StyleResolver):

Replace the RELEASE_ASSERT against deletion during resource loads by a general isDeleted assert.

(WebCore::StyleResolver::styleForElement):
(WebCore::StyleResolver::styleForKeyframe):
(WebCore::StyleResolver::pseudoStyleForElement):
(WebCore::StyleResolver::styleForPage):
(WebCore::StyleResolver::applyMatchedProperties):
(WebCore::StyleResolver::loadPendingResources): Deleted.

  • css/StyleResolver.h:
  • page/animation/KeyframeAnimation.cpp:

(WebCore::KeyframeAnimation::KeyframeAnimation):
(WebCore::KeyframeAnimation::resolveKeyframeStyles):

Ensure resource load for all animation frames.

  • page/animation/KeyframeAnimation.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::createFor):
(WebCore::RenderElement::initializeStyle):

Load resources when renderer initializes a style.

(WebCore::RenderElement::setStyle):
(WebCore::RenderElement::getUncachedPseudoStyle):

Load resources for pseudo styles.

  • rendering/RenderImage.cpp:

(WebCore::RenderImage::RenderImage):
(WebCore::RenderImage::styleWillChange):

Shuffle image resource initialization out from constructor so initializeStyle gets called before.

  • rendering/RenderImage.h:
  • rendering/style/StyleCachedImage.cpp:

(WebCore::StyleCachedImage::StyleCachedImage):

Track pending status with a bit instead of implicitly by the existence of CachedResource.
This is useful for asserts.

(WebCore::StyleCachedImage::load):
(WebCore::StyleCachedImage::isPending):
(WebCore::StyleCachedImage::addClient):
(WebCore::StyleCachedImage::removeClient):
(WebCore::StyleCachedImage::image):

  • rendering/style/StyleCachedImage.h:
1:05 AM Changeset in webkit [207062] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.14

Merge r205694 - [WTF] HashTable's rehash is not compatible to Ref<T> and ASan
https://bugs.webkit.org/show_bug.cgi?id=161763

Reviewed by Mark Lam.

Source/WebCore:

Include wtf/text/StringHash.h to avoid linking errors in EFL port.

  • loader/ResourceLoadStatistics.h:

Source/WTF:

If we move an object, the location which the moved object used should not be touched anymore.
HashTable::rehash performs WTFMove for the object that resides in the old table.
However, after moving it, we accidentally touch this location by using !isEmptyOrDeletedBucket(table[i])
in HashTable::deallocateTable. And it causes ASan crashing if we use Ref<> for HashTable's key or value.

In this patch, we call the destructor right after moving the object. And HashTable::rehash just calls
fastFree since all the objects in the old table are already moved and destructed.
And we also change HashTable::deallocate to destruct only live objects. Calling destructors for empty objects
is meaningless. And according to the Ref<>'s comment, empty object is not designed to be destructed.

  • wtf/HashTable.h:

(WTF::KeyTraits>::deallocateTable):

Tools:

Add tests that inserts many Ref<>s. It incurs HashTable::rehash, and we can ensure
that ASan crash does not occur with this patch.

  • TestWebKitAPI/Tests/WTF/HashMap.cpp:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WTF/HashSet.cpp:

(TestWebKitAPI::TEST):

12:38 AM Changeset in webkit [207061] by Carlos Garcia Campos
  • 13 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r205683 - Heap::isMarked() shouldn't pay the price of concurrent lazy flipping
https://bugs.webkit.org/show_bug.cgi?id=161760

Reviewed by Mark Lam.
Source/JavaScriptCore:

To fix a race condition in marking, I made Heap::isMarked() and Heap::isLive() atomic by
using flipIfNecessaryConcurrently() instead of flipIfNecessary().

This introduces three unnecessary overheads:

  • isLive() is not called by marking, so that change was not necessary.
  • isMarked() gets calls many times outside of marking, so it shouldn't always do the concurrent thing. This adds isMarkedConcurrently() for use in marking, and reverts isMarked().
  • isMarked() and isMarkedConcurrently() don't actually have to do the lazy flip. They can return false if the flip is necessary.

I added a bunch of debug assertions to make sure that isLive() and isMarked() are not called
during marking.

If we needed to, we could remove most of the calls to isMarkedConcurrently(). As a kind of
optimization, CodeBlock does an initial fixpoint iteration during marking, and so all of the
code called from CodeBlock's fixpoint iterator needs to use isMarkedConcurrently(). But we
could probably arrange for CodeBlock only do fixpoint iterating during the weak reference
thing.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::visitWeakly):
(JSC::CodeBlock::shouldJettisonDueToOldAge):
(JSC::shouldMarkTransition):
(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::determineLiveness):

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::propagateTransitions):

  • heap/Heap.h:
  • heap/HeapInlines.h:

(JSC::Heap::isLive):
(JSC::Heap::isMarked):
(JSC::Heap::isMarkedConcurrently):

  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::flipIfNecessarySlow):
(JSC::MarkedBlock::flipIfNecessaryConcurrentlySlow):
(JSC::MarkedBlock::needsFlip):

  • heap/MarkedBlock.h:

(JSC::MarkedBlock::needsFlip):
(JSC::MarkedBlock::flipIfNecessary):
(JSC::MarkedBlock::flipIfNecessaryConcurrently):

  • heap/SlotVisitor.cpp:

(JSC::SlotVisitor::appendToMarkStack):
(JSC::SlotVisitor::markAuxiliary):
(JSC::SlotVisitor::visitChildren):

  • runtime/Structure.cpp:

(JSC::Structure::isCheapDuringGC):
(JSC::Structure::markIfCheap):

Source/WTF:

  • wtf/MainThread.cpp:

(WTF::isMainThreadOrGCThread):
(WTF::mayBeGCThread):

  • wtf/MainThread.h:
12:28 AM Changeset in webkit [207060] by sbarati@apple.com
  • 5 edits
    1 add in trunk

ValueAdd should be constant folded if the operands are constant String,Primitive or Primitive,String
https://bugs.webkit.org/show_bug.cgi?id=163182

Reviewed by Filip Pizlo.

JSTests:

  • microbenchmarks/string-add-constant-folding.js: Added.

(assert):
(runTests):
(add):
(test):

Source/JavaScriptCore:

This code pattern shows up in Dromaeo, so it's worth optimizing for.
This might also show up in real world JS code due to inlining and other
types of constant folding.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGLazyJSValue.cpp:

(JSC::DFG::LazyJSValue::getValue):

  • dfg/DFGStrengthReductionPhase.cpp:

(JSC::DFG::StrengthReductionPhase::handleNode):

12:14 AM Changeset in webkit [207059] by Carlos Garcia Campos
  • 13 edits
    1 add in releases/WebKitGTK/webkit-2.14

Merge r205675 - We should inline operationConvertJSValueToBoolean into JIT code
https://bugs.webkit.org/show_bug.cgi?id=161729

Reviewed by Filip Pizlo.

JSTests:

  • stress/value-to-boolean.js: Added.

(assert):
(test1):
(test2):
(test3):

Source/JavaScriptCore:

This patch introduces an AssemblyHelpers emitter function
that replaces operationConvertJSValueToBoolean. This operation
was showing up when I was doing performance analysis for the
speedometer benchmark. I saw that it was spending about 1% of
its time in this function. Hopefully this patch can help us speedup
up speedometer by a little bit.

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):

  • jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::emitConvertValueToBoolean):

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::emitAllocateDestructibleObject): Deleted.

  • jit/JIT.cpp:

(JSC::JIT::privateCompileSlowCases):

  • jit/JIT.h:
  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emitSlow_op_jfalse): Deleted.
(JSC::JIT::emitSlow_op_jtrue): Deleted.

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emitSlow_op_jfalse): Deleted.
(JSC::JIT::emitSlow_op_jtrue): Deleted.

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
12:11 AM Changeset in webkit [207058] by Chris Dumez
  • 11 edits in trunk

Update IDBVersionChangeEvent to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163266

Reviewed by Darin Adler.

Source/WebCore:

Update IDBVersionChangeEvent to stop using legacy [ConstructorTemplate=Event]
and use a regular constructor instead, as in the specification:

This patch also fixes a bug where the IDBVersionChangeEvent was ignoring the
EventInit dictionary members passed by the JavaScript (e.g. bubbles).

No new tests, updated existing test.

  • Modules/indexeddb/IDBVersionChangeEvent.cpp:

(WebCore::IDBVersionChangeEvent::IDBVersionChangeEvent):

  • Modules/indexeddb/IDBVersionChangeEvent.h:
  • Modules/indexeddb/IDBVersionChangeEvent.idl:
  • bindings/js/JSDOMConvert.h:

(WebCore::convertNullable):
(WebCore::convert): Deleted.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateDefaultValue):
(GenerateDictionaryImplementationContent):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::convertDictionary<TestObj::Dictionary>):

  • bindings/scripts/test/TestObj.idl:

LayoutTests:

Update existing layout test covering the IDBVersionChangeEvent constructor
to test to EventInit dictionary members as well.

  • storage/indexeddb/modern/idbversionchangeevent-constructor-expected.txt:
  • storage/indexeddb/modern/idbversionchangeevent-constructor.html:
12:09 AM Changeset in webkit [207057] by Chris Dumez
  • 4 edits in trunk/Source/WebCore

Update WebKitPlaybackTargetAvailabilityEvent to stop using legacy [ConstructorTemplate=Event]
https://bugs.webkit.org/show_bug.cgi?id=163265

Reviewed by Darin Adler.

Update WebKitPlaybackTargetAvailabilityEvent to stop using legacy
[ConstructorTemplate=Event] and use a regular constructor instead.

  • Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.cpp:

(WebCore::WebKitPlaybackTargetAvailabilityEvent::WebKitPlaybackTargetAvailabilityEvent):

  • Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.h:

(WebCore::WebKitPlaybackTargetAvailabilityEvent::createForBindings):
(WebCore::WebKitPlaybackTargetAvailabilityEvent::~WebKitPlaybackTargetAvailabilityEvent): Deleted.

  • Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.idl:
Note: See TracTimeline for information about the timeline view.