Timeline


and

03/02/15: Today

11:32 Changeset [180891] by joepeck@webkit.org
  • 7 edits in trunk/Source

Web Inspector: Add Context Menus to Object Tree properties
https://bugs.webkit.org/show_bug.cgi?id=142125

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

  • inspector/JSInjectedScriptHost.cpp:

(Inspector::JSInjectedScriptHost::functionDetails):
Update to include columnNumber.

Source/WebInspectorUI:

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Views/ObjectPropertiesSection.js:

(WebInspector.ObjectPropertyTreeElement.prototype._functionContextMenuEventFired):
(WebInspector.ObjectPropertyTreeElement.prototype._functionContextMenuEventFired.revealFunction):
Fix legacy implementation.

  • UserInterface/Views/ObjectTreeArrayIndexTreeElement.js:
  • UserInterface/Views/ObjectTreePropertyTreeElement.js:

(WebInspector.ObjectTreePropertyTreeElement.prototype._createTitlePrototype):
Give prototype buttons a tooltip.

(WebInspector.ObjectTreePropertyTreeElement.prototype.oncontextmenu):
(WebInspector.ObjectTreePropertyTreeElement.prototype._contextMenuHandler):
(WebInspector.ObjectTreePropertyTreeElement.prototype._appendMenusItemsForObject):
Context Menus based on the selected object.

11:08 Changeset [180890] by bfulgham@apple.com
  • 2 edits in trunk/LayoutTests

[Win] Document more debug assertions.

  • platform/win/TestExpectations:
10:42 Changeset [180889] by andersca@apple.com
  • 7 edits in trunk/Source/WebKit2

WebsiteDataStore should support getting cookie host names
https://bugs.webkit.org/show_bug.cgi?id=142178

Reviewed by Dan Bernstein.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::fetchWebsiteData):
Assert that we're destroyed from the main thread since we end up copying the website data struct.

  • Shared/WebsiteData/WebsiteData.cpp:

(WebKit::WebsiteData::encode):
(WebKit::WebsiteData::decode):

  • Shared/WebsiteData/WebsiteData.h:

Add a hostnamesWithCookies member.

  • UIProcess/WebsiteData/WebsiteDataRecord.cpp:

(WebKit::WebsiteDataRecord::displayNameForCookieHostName):
Add a new function that will return the display name for a cookie host name.

(WebKit::WebsiteDataRecord::addCookieHostName):

  • UIProcess/WebsiteData/WebsiteDataRecord.h:

Add a hash set of cookie host names.

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::fetchData):
Create data records for each host name with cookies.

10:18 Changeset [180888] by ap@apple.com
  • 2 edits in trunk/LayoutTests

Fix a typo in TestExpectations.

  • platform/mac/TestExpectations: Faiure - > Failure.
09:52 Changeset [180887] by ap@apple.com
  • 2 edits in trunk/LayoutTests

js/promises-tests/promises-tests-2-1-2.html sometimes times out
https://bugs.webkit.org/show_bug.cgi?id=142175

09:39 Changeset [180886] by jer.noble@apple.com
  • 3 edits in trunk/Source/WebKit2

[WK2][Mac] WebPageProxy::supressVisibilityUpdates() should suppress visibility updates.
https://bugs.webkit.org/show_bug.cgi?id=141907

Reviewed by Tim Horton.

At some point, the window/view/page visibility update code was refactored such that setting
WebPageProxy::setSuppressVisibilityUpdate() no longer suppressed visibility updates. This causes
full screen animations to become "flashy" when moving the WebView between the regular and full
screen window, as a HTMLMediaElement in the full screen animation will receive a "!visible"
notification and disconnect its rendering pipeline.

In WebPageProxy::viewStateDidChange(), respect m_suppressVisibilityUpdates and bail out early
if set. In WebPageProxy::setSuppressVisibilityUpdates(), trigger an explicit update after
clearing m_suppressVisibilityUpdates.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::setSuppressVisibilityUpdates):
(WebKit::WebPageProxy::viewStateDidChange):

  • UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::setSuppressVisibilityUpdates): Deleted.

09:37 Changeset [180885] by jer.noble@apple.com
  • 9 edits
    2 adds in trunk

[WK1][WK2][Mac] Fullscreen animation is incorrect when page is scaled.
https://bugs.webkit.org/show_bug.cgi?id=142121

Reviewed by Simon Fraser.

Source/WebKit/mac:

Fullscreening a page with a non-1 scale would result in that scale being applied to the
fullscreen content, breaking fullscreen mode. Set the page scale to 1 when entering
fullscreen and reset it to the original value when exiting fullscreen.

  • WebView/WebFullScreenController.h:
  • WebView/WebFullScreenController.mm:

(-[WebFullScreenController enterFullScreen:]): Set the page scale to 1.
(-[WebFullScreenController finishedExitFullScreenAnimation:]): Reset the page

scale to the original value.

  • WebView/WebView.mm:

(-[WebView _supportsFullScreenForElement:withKeyboard:]): Drive-by fix. Check the

WebView's own preferences to see if fullscreen mode is enabled, rather than
the global object's.

Source/WebKit2:

Change the order of operations when entering or exiting fullscreen. Change the page scale to
1 before entering, so the final screen rect takes that scale into account, and vice-versa on
exiting.

  • UIProcess/mac/WKFullScreenWindowController.mm:

(-[WKFullScreenWindowController enterFullScreen:]):
(-[WKFullScreenWindowController exitFullScreen]):

Tools:

Add a test which changes the WebView's page scale, then enters fullscreen mode, and verifies
that the initial and final screen rects for the web content are as expected.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/mac/FullscreenZoomInitialFrame.html: Added.
  • TestWebKitAPI/Tests/mac/FullscreenZoomInitialFrame.mm: Added.

(-[FullscreenStateDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:]):
(runJavaScriptAlert):
(TestWebKitAPI::FullscreenZoomInitialFrame::initializeView):
(TestWebKitAPI::FullscreenZoomInitialFrame::teardownView):
(TestWebKitAPI::FullscreenZoomInitialFrame::setPageScale):
(TestWebKitAPI::FullscreenZoomInitialFrame::sendMouseDownEvent):
(TestWebKitAPI::FullscreenZoomInitialFrame::runTest):
(TestWebKitAPI::TEST_F):

07:34 Changeset [180884] by commit-queue@webkit.org
  • 2 edits in trunk

REGRESSION(r179409): [GTK] Undefined symbol prevents web extensions from being loaded
https://bugs.webkit.org/show_bug.cgi?id=142165

Patch by Debarshi Ray <debarshir@gnome.org> on 2015-03-02
Reviewed by Carlos Garcia Campos.

  • Source/cmake/gtksymbols.filter:
07:30 Changeset [180883] by ddkilzer@apple.com
  • 2 edits in trunk/Source/WebCore

REGRESSION (r180882): Build failure: Methods not marked override in GraphicsLayerCA.h
<http://webkit.org/b/138684>

Fixes the following build failures:

In file included from WebKit2/WebProcess/WebPage/DrawingArea.cpp:39:
In file included from WebKit2/WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.h:30:
In file included from WebKit2/WebProcess/WebPage/mac/GraphicsLayerCARemote.h:29:
WebCore.framework/PrivateHeaders/GraphicsLayerCA.h:123:33: error: 'setShapeLayerPath' overrides a member function but is not marked 'override' [-Werror,-Winconsistent-missing-override]

WEBCORE_EXPORT virtual void setShapeLayerPath(const Path&);


In file included from WebKit2/WebProcess/WebPage/DrawingArea.cpp:30:
In file included from WebKit2/WebProcess/WebPage/WebPage.h:46:
In file included from WebKit2/WebProcess/Plugins/Plugin.h:31:
WebCore.framework/PrivateHeaders/GraphicsLayer.h:390:18: note: overridden virtual function is here

virtual void setShapeLayerPath(const Path&);


In file included from WebKit2/WebProcess/WebPage/DrawingArea.cpp:39:
In file included from WebKit2/WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.h:30:
In file included from WebKit2/WebProcess/WebPage/mac/GraphicsLayerCARemote.h:29:
WebCore.framework/PrivateHeaders/GraphicsLayerCA.h:124:33: error: 'setShapeLayerWindRule' overrides a member function but is not marked 'override' [-Werror,-Winconsistent-missing-override]

WEBCORE_EXPORT virtual void setShapeLayerWindRule(WindRule);


In file included from WebKit2/WebProcess/WebPage/DrawingArea.cpp:30:
In file included from WebKit2/WebProcess/WebPage/WebPage.h:46:
In file included from WebKit2/WebProcess/Plugins/Plugin.h:31:
WebCore.framework/PrivateHeaders/GraphicsLayer.h:393:18: note: overridden virtual function is here

virtual void setShapeLayerWindRule(WindRule);


2 errors generated.

  • platform/graphics/ca/GraphicsLayerCA.h:

(WebCore::GraphicsLayer::setShapeLayerPath): Mark as override.
(WebCore::GraphicsLayer::setShapeLayerWindRule): Ditto.

03/01/15: Yesterday

22:35 Changeset [180882] by simon.fraser@apple.com
  • 26 edits
    8 adds in trunk

Make clip-path work on <video>, <canvas> etc.
https://bugs.webkit.org/show_bug.cgi?id=138684

Reviewed by Darin Adler.

Source/WebCore:

clip-path only worked in compositing layers on the painted contents of the layer,
and failed to clip children. Fix this by translating the clip path into a Path
which is set on a CA shape layer (for Mac and iOS), or painted into the
RenderLayerBacking's mask layer. There are two code paths:

  1. clip-path which is a <basic-shape> or <geometry-box>, and no mask.

Here we can use the optimal code path of converting the clip into a path
that is put onto a CAShapeLayer, which is then used as a mask. There is no
additional backing store.

  1. clip-path with an SVG reference, or clip-path combined with -webkit-mask:

Here we have to allocate backing store for the mask layer, and paint the
clip path (possibly with the mask).

We add GraphicsLayer::Type::Shape, and add a getter for the layer type.

Tests: compositing/masks/compositing-clip-path-and-mask.html

compositing/masks/compositing-clip-path-mask-change.html
compositing/masks/compositing-clip-path.html
compositing/masks/reference-clip-path-on-composited.html

  • platform/graphics/GraphicsLayer.cpp:

(WebCore::GraphicsLayer::GraphicsLayer): Store the type in the layer so the getter can return it.
(WebCore::GraphicsLayer::shapeLayerPath): Get and set the shape layer path.
(WebCore::GraphicsLayer::setShapeLayerPath): Ditto.
(WebCore::GraphicsLayer::shapeLayerWindRule): Get and set the shape layer wind rule.
(WebCore::GraphicsLayer::setShapeLayerWindRule): Ditto.

  • platform/graphics/GraphicsLayer.h:

(WebCore::GraphicsLayer::type): Expose the type.
(WebCore::GraphicsLayer::supportsLayerType): Allow the cross-platform code to use
shape layers when it knows they are available.
(WebCore::GraphicsLayer::needsClippingMaskLayer): Deleted. This was never used.

  • platform/graphics/GraphicsLayerClient.h: Align the bits (helps avoid typos). Add a

GraphicsLayerPaintClipPath phase.

  • platform/graphics/Path.h: Some exports since WK2 needs to encode Paths now.
  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::initialize): Make shape layers.
(WebCore::GraphicsLayerCA::setShapeLayerPath): Setter for the shape path. Sadly we
can't early return on unchanged paths yet.
(WebCore::GraphicsLayerCA::setShapeLayerWindRule):
(WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Updates for shape path
and wind rule.
(WebCore::GraphicsLayerCA::updateShape):
(WebCore::GraphicsLayerCA::updateWindRule):

  • platform/graphics/ca/GraphicsLayerCA.h: Some new dirty bits for shape path and wind rule.
  • platform/graphics/ca/PlatformCALayer.h:
  • platform/graphics/ca/mac/PlatformCALayerMac.h:
  • platform/graphics/ca/mac/PlatformCALayerMac.mm: Got rid of lots of m_layer.get().

(PlatformCALayerMac::~PlatformCALayerMac):
(PlatformCALayerMac::setNeedsDisplay):
(PlatformCALayerMac::setNeedsDisplayInRect):
(PlatformCALayerMac::removeFromSuperlayer):
(PlatformCALayerMac::setSublayers):
(PlatformCALayerMac::removeAllSublayers):
(PlatformCALayerMac::appendSublayer):
(PlatformCALayerMac::insertSublayer):
(PlatformCALayerMac::replaceSublayer):
(PlatformCALayerMac::adoptSublayers):
(PlatformCALayerMac::addAnimationForKey):
(PlatformCALayerMac::removeAnimationForKey):
(PlatformCALayerMac::animationForKey):
(PlatformCALayerMac::setMask):
(PlatformCALayerMac::isOpaque):
(PlatformCALayerMac::setOpaque):
(PlatformCALayerMac::bounds):
(PlatformCALayerMac::setBounds):
(PlatformCALayerMac::position):
(PlatformCALayerMac::setPosition):
(PlatformCALayerMac::anchorPoint):
(PlatformCALayerMac::setAnchorPoint):
(PlatformCALayerMac::transform):
(PlatformCALayerMac::setTransform):
(PlatformCALayerMac::sublayerTransform):
(PlatformCALayerMac::setSublayerTransform):
(PlatformCALayerMac::setHidden):
(PlatformCALayerMac::setGeometryFlipped):
(PlatformCALayerMac::isDoubleSided):
(PlatformCALayerMac::setDoubleSided):
(PlatformCALayerMac::masksToBounds):
(PlatformCALayerMac::setMasksToBounds):
(PlatformCALayerMac::acceleratesDrawing):
(PlatformCALayerMac::setAcceleratesDrawing):
(PlatformCALayerMac::contents):
(PlatformCALayerMac::setContents):
(PlatformCALayerMac::setContentsRect):
(PlatformCALayerMac::setMinificationFilter):
(PlatformCALayerMac::setMagnificationFilter):
(PlatformCALayerMac::backgroundColor):
(PlatformCALayerMac::setBackgroundColor):
(PlatformCALayerMac::setBorderWidth):
(PlatformCALayerMac::setBorderColor):
(PlatformCALayerMac::opacity):
(PlatformCALayerMac::setOpacity):
(PlatformCALayerMac::copyFiltersFrom):
(PlatformCALayerMac::setName):
(PlatformCALayerMac::setSpeed):
(PlatformCALayerMac::setTimeOffset):
(PlatformCALayerMac::contentsScale):
(PlatformCALayerMac::setContentsScale):
(PlatformCALayerMac::cornerRadius):
(PlatformCALayerMac::setCornerRadius):
(PlatformCALayerMac::setEdgeAntialiasingMask):
(PlatformCALayerMac::shapeWindRule): New function.
(PlatformCALayerMac::setShapeWindRule): Ditto.
(PlatformCALayerMac::shapePath): Ditto.
(PlatformCALayerMac::setShapePath): Ditto.
(PlatformCALayer::isWebLayer):

  • platform/graphics/cg/PathCG.cpp:

(WebCore::Path::Path): nullptr.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::paintsWithClipPath): Return true if the clip path is painted.
(WebCore::RenderLayer::computeClipPath): Factor code that computes the clip path into this
function, so we can call it from RenderLayerBacking too.
(WebCore::RenderLayer::setupClipPath):
(WebCore::RenderLayer::paintLayerContents): We only want to apply the clip path
for painting when we're either painting a non-composited layer, or we're painting the
mask layer of a composited layer. We in the latter case, we just want to fill the clip
path with black, so re-use the paintChildClippingMaskForFragments() which does this.

  • rendering/RenderLayer.h: Align the bits, add PaintLayerPaintingCompositingClipPathPhase.
  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::~RenderLayerBacking):
(WebCore::RenderLayerBacking::updateConfiguration):
(WebCore::RenderLayerBacking::updateGeometry): Move mask updating into its own function.
(WebCore::RenderLayerBacking::updateMaskingLayerGeometry): If we're using the shape layer
code path, compute the Path and set it and the wind rule on the mask layer.
(WebCore::RenderLayerBacking::updateMaskingLayer): This is now more complex, as it has
to deal with combinations of clip-path and mask, some of which allow for the shape layer
mask, and we handle dynamic changes between these and painted masks.
(WebCore::RenderLayerBacking::paintingPhaseForPrimaryLayer): Include the GraphicsLayerPaintClipPath phase.
(WebCore::RenderLayerBacking::paintIntoLayer): Map GraphicsLayerPaintClipPath to PaintLayerPaintingCompositingClipPathPhase.
(WebCore::RenderLayerBacking::updateMaskLayer): Deleted.

  • rendering/RenderLayerBacking.h:

Source/WebKit2:

Support encode/decode for WebCore Path objects, which is done by traversing
the path.

  • Shared/WebCoreArgumentCoders.cpp:

(IPC::pathPointCountApplierFunction):
(IPC::pathEncodeApplierFunction):
(IPC::ArgumentCoder<Path>::encode):
(IPC::ArgumentCoder<Path>::decode):

  • Shared/WebCoreArgumentCoders.h:
  • Shared/mac/RemoteLayerTreePropertyApplier.mm:

(WebKit::applyPropertiesToLayer): Actually apply the path and wind rule to the shape layer.

  • Shared/mac/RemoteLayerTreeTransaction.h: Include path and wind rule in the layer properties.
  • Shared/mac/RemoteLayerTreeTransaction.mm:

(WebKit::RemoteLayerTreeTransaction::LayerProperties::LayerProperties):
(WebKit::RemoteLayerTreeTransaction::LayerProperties::encode): Encode shape and wind rule.
(WebKit::RemoteLayerTreeTransaction::LayerProperties::decode): Decode shape and wind rule.

  • WebProcess/WebPage/mac/PlatformCALayerRemote.cpp:

(WebKit::PlatformCALayerRemote::shapePath):
(WebKit::PlatformCALayerRemote::setShapePath):
(WebKit::PlatformCALayerRemote::shapeWindRule):
(WebKit::PlatformCALayerRemote::setShapeWindRule):

  • WebProcess/WebPage/mac/PlatformCALayerRemote.h:

LayoutTests:

Tests for various combinations of clip-path and mask, and dynamic changes
thereof.

  • compositing/masks/compositing-clip-path-and-mask-expected.html: Added.
  • compositing/masks/compositing-clip-path-and-mask.html: Added.
  • compositing/masks/compositing-clip-path-expected.html: Added.
  • compositing/masks/compositing-clip-path-mask-change-expected.html: Added.
  • compositing/masks/compositing-clip-path-mask-change.html: Added.
  • compositing/masks/compositing-clip-path.html: Added.
  • compositing/masks/reference-clip-path-on-composited-expected.html: Added.
  • compositing/masks/reference-clip-path-on-composited.html: Added.
20:33 Changeset [180881] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[Cairo] Implement Path::addEllipse
https://bugs.webkit.org/show_bug.cgi?id=142144

Patch by Hunseop Jeong <hs85.jeong@samsung.com> on 2015-03-01
Reviewed by Gyuyoung Kim.

Add support for addEllipse method for platforms using cairo.

  • platform/graphics/cairo/PathCairo.cpp:

(WebCore::Path::addEllipse):

19:58 Changeset [180880] by bshafiei@apple.com
  • 5 edits in branches/safari-600.4.10-branch/Source

Versioning.

19:56 Changeset [180879] by gyuyoung.kim@samsung.com
  • 2 edits in trunk/LayoutTests

Unreviewed EFL gardening. Mark crash tests of webgl to CRASH.
WebGL isn't supported by EFL port now.

  • platform/efl/TestExpectations:
19:40 Changeset [180878] by bshafiei@apple.com
  • 1 copy in tags/Safari-600.4.10.6

New tag.

19:26 Changeset [180877] by bshafiei@apple.com
  • 30 edits in branches/safari-600.4.10-branch/Source/WebCore

Merged r180839. rdar://problem/20001723

18:59 Changeset [180876] by mitz@apple.com
  • 2 edits in trunk/Source/WebKit

Silence non-fatal errors about failing to create WebKitPluginHost.app and WebKitPluginAgent symlinks.

Rubber-stamped by Alexey Proskuryakov.

  • WebKit.xcodeproj/project.pbxproj: If a link already exist, don’t try to create it.
18:08 Changeset [180875] by fpizlo@apple.com
  • 5 edits in trunk/Source/JavaScriptCore

BytecodeGenerator shouldn't emit op_resolve_scope as a roundabout way of returning the scopeRegister
https://bugs.webkit.org/show_bug.cgi?id=142153

Reviewed by Michael Saboff.

We don't need a op_resolve_scope if we know that it will simply return the scope register.
This changes the BytecodeGenerator to use the scope register directly in those cases where
we know statically that we would just have returned that from op_resolve_scope.

This doesn't appear to have a significant impact on performance.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::CodeBlock):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitResolveScope):
(JSC::BytecodeGenerator::emitReturn):
(JSC::BytecodeGenerator::emitGetOwnScope): Deleted.

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::ResolveNode::emitBytecode):
(JSC::EvalFunctionCallNode::emitBytecode):
(JSC::FunctionCallResolveNode::emitBytecode):
(JSC::PostfixNode::emitResolve):
(JSC::DeleteResolveNode::emitBytecode):
(JSC::TypeOfResolveNode::emitBytecode):
(JSC::PrefixNode::emitResolve):
(JSC::ReadModifyResolveNode::emitBytecode):
(JSC::AssignResolveNode::emitBytecode):
(JSC::ConstDeclNode::emitCodeSingle):
(JSC::EmptyVarExpression::emitBytecode):
(JSC::ForInNode::emitLoopHeader):
(JSC::ForOfNode::emitBytecode):
(JSC::BindingNode::bindValue):

17:53 Changeset [180874] by gyuyoung.kim@samsung.com
  • 2 edits in trunk/LayoutTests

Unreviewed EFL gardening on 2nd March.

Mark css3 shape tests to flaky. Unskip passing tests and so on.

  • platform/efl/TestExpectations:
17:48 Changeset [180873] by commit-queue@webkit.org
  • 7 edits in trunk/Source/WebCore

Use std::unique_ptr instead of PassOwnPtr|OwnPtr for ScrollAnimator
https://bugs.webkit.org/show_bug.cgi?id=142143

Patch by Joonghun Park <jh718.park@samsung.com> on 2015-03-01
Reviewed by Darin Adler.

No new tests, no behavior changes.

  • platform/ScrollAnimator.cpp:

(WebCore::ScrollAnimator::create):

  • platform/ScrollAnimator.h:
  • platform/ScrollAnimatorNone.cpp:

(WebCore::ScrollAnimator::create):

  • platform/ScrollableArea.h:
  • platform/ios/ScrollAnimatorIOS.mm:

(WebCore::ScrollAnimator::create):

  • platform/mac/ScrollAnimatorMac.mm:

(WebCore::ScrollAnimator::create):

17:46 Changeset [180872] by aestes@apple.com
  • 3 edits in trunk/Source/WebCore

[Content Filtering] Move another declaration to WebFilterEvaluatorSPI.h
https://bugs.webkit.org/show_bug.cgi?id=142066

Reviewed by Andreas Kling.

  • platform/ios/ContentFilterIOS.mm:
  • platform/spi/cocoa/WebFilterEvaluatorSPI.h:
16:08 Changeset [180871] by cdumez@apple.com
  • 21 edits
    4 adds in trunk

Make NotificationCenter / Notification suspendable
https://bugs.webkit.org/show_bug.cgi?id=142117
<rdar://problem/19923085>

Reviewed by Andreas Kling.

Source/WebCore:

Make NotificationCenter / Notification suspendable so that pages using
them can enter the PageCache.

NotificationCenter can safely be suspended if there are no pending
permission requests. This required adding an
"hasPendingPermissionRequests()" callback to the NotificationClient.

Notification can safely be suspended if it is either idle (not showing
yet) or closed.

Tests: fast/history/page-cache-notification-non-suspendable.html

fast/history/page-cache-notification-suspendable.html

  • Modules/notifications/Notification.cpp:

(WebCore::Notification::canSuspend):

  • Modules/notifications/NotificationCenter.cpp:

(WebCore::NotificationCenter::canSuspend):

  • Modules/notifications/NotificationClient.h:

Source/WebKit/mac:

Provide implementation for NotificationClient::hasPendingPermissionRequests().
The implementation is very simplistic. it will only return false if no
request for permission for ever made. This is because there is currently no
easy way to figure out if a permission request is pending or not.

  • WebCoreSupport/WebNotificationClient.h:
  • WebCoreSupport/WebNotificationClient.mm:

(WebNotificationClient::requestPermission):
(WebNotificationClient::hasPendingPermissionRequests):

Source/WebKit/win:

Provide implementation for NotificationClient::hasPendingPermissionRequests().

  • WebCoreSupport/WebDesktopNotificationsDelegate.cpp:

(WebDesktopNotificationsDelegate::requestPermission):
(hasPendingPermissionRequests):

  • WebCoreSupport/WebDesktopNotificationsDelegate.h:

Source/WebKit2:

Provide implementation for NotificationClient::hasPendingPermissionRequests().

  • WebProcess/Notifications/NotificationPermissionRequestManager.cpp:

(WebKit::NotificationPermissionRequestManager::hasPendingPermissionRequests):

  • WebProcess/Notifications/NotificationPermissionRequestManager.h:
  • WebProcess/WebCoreSupport/WebNotificationClient.cpp:

(WebKit::WebNotificationClient::hasPendingPermissionRequests):

  • WebProcess/WebCoreSupport/WebNotificationClient.h:

LayoutTests:

Add layout tests to cover cases where notifications should prevent
entering the PageCache or not.

  • fast/history/page-cache-notification-non-suspendable-expected.txt: Added.
  • fast/history/page-cache-notification-non-suspendable.html: Added.
  • fast/history/page-cache-notification-suspendable-expected.txt: Added.
  • fast/history/page-cache-notification-suspendable.html: Added.
  • platform/efl/TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/ios-simulator/TestExpectations:
  • platform/win/TestExpectations:
  • platform/wincairo/TestExpectations:
14:34 Changeset [180870] by rniwa@webkit.org
  • 11 edits in trunk/LayoutTests

EFL, GTK+, and Windows rebaselines after r180867.

  • platform/efl/TestExpectations:
  • platform/efl/editing/execCommand/5142012-1-expected.txt:
  • platform/efl/editing/execCommand/nsresponder-outdent-expected.txt:
  • platform/efl/editing/inserting/insert-at-end-02-expected.txt:
  • platform/gtk/editing/execCommand/5142012-1-expected.txt:
  • platform/gtk/editing/execCommand/nsresponder-outdent-expected.txt:
  • platform/gtk/editing/inserting/insert-at-end-02-expected.txt:
  • platform/gtk/editing/pasteboard/4989774-expected.txt:
  • platform/win/editing/execCommand/5142012-1-expected.txt:
  • platform/win/editing/execCommand/nsresponder-outdent-expected.txt:
  • platform/win/editing/inserting/insert-at-end-02-expected.txt:
13:56 Changeset [180869] by antti@apple.com
  • 4 edits in trunk/Source/WebKit2

Enable new disk cache on iOS
https://bugs.webkit.org/show_bug.cgi?id=142148

Reviewed by Sam Weinig.

  • NetworkProcess/cache/NetworkCacheStorageCocoa.mm:

iOS build fix.

  • UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::registerUserDefaultsIfNeeded):

Disable the efficacy logging by default for now. It has significant performance impact.

  • config.h:

Enable it.

12:43 Changeset [180868] by ap@apple.com
  • 2 edits in trunk/LayoutTests

media/track/track-in-band-cues-added-once.html flakily fails
https://bugs.webkit.org/show_bug.cgi?id=142152

  • platform/mac/TestExpectations: Marked it as such.
11:52 Changeset [180867] by rniwa@webkit.org
  • 17 edits
    2 adds in trunk

isContentEditable shouldn't trigger synchronous style recalc in most cases
https://bugs.webkit.org/show_bug.cgi?id=129034

Reviewed by Antti Koivisto.

Source/WebCore:

Avoid style recalc inside isContentEditable when the document doesn't contain -webkit-user-modify or
-webkit-user-select: all. Instead, compute the value from contenteditable attributes in ancestors.
However, still compute the editability from the style tree when it's up-to-date in order to avoid
repeatedly walking up the DOM tree in a hot code path inside editing.

Test: fast/dom/HTMLElement/dynamic-editability-change.html

  • css/CSSGrammar.y.in: No need to pass in "true" as we never call this function with false.
  • css/CSSParser.cpp:

(WebCore::isValidKeywordPropertyAndValue): Calls parserSetUsesStyleBasedEditability as needed.
(WebCore::parseKeywordValue): Passes around StyleSheetContents*.
(WebCore::CSSParser::parseValue): Ditto.
(WebCore::CSSParser::parseFont): Ditto.

  • css/StyleSheetContents.cpp:

(WebCore::StyleSheetContents::StyleSheetContents): Initializes and copies m_usesStyleBasedEditability.

  • css/StyleSheetContents.h:

(WebCore::StyleSheetContents::parserSetUsesRemUnits): Removed the argument since it was always true.
(WebCore::StyleSheetContents::parserSetUsesStyleBasedEditability): Added.
(WebCore::StyleSheetContents::usesStyleBasedEditability): Added.

  • dom/Document.cpp:

(WebCore::Document::recalcStyle): Added a FIXME as well as a comment explaining why we don't call
setUsesStyleBasedEditability. Since Node::computeEditability triggers style recalc only when the flag
is set to true, it's too late to update the flag here.
(WebCore::Document::updateStyleIfNeeded): Uses a newly extracted needsStyleRecalc.
(WebCore::Document::updateBaseURL): Preserves m_usesStyleBasedEditability as well as m_usesRemUnit.
(WebCore::Document::usesStyleBasedEditability): Added. Returns true when inline style declarations or
any active stylesheet uses -webkit-user-modify or -webkit-user-select: all. Flushing pending stylesheet
changes here is fine because the alternative is to trigger a full blown style recalc.

  • dom/Document.h:

(WebCore::Document::needsStyleRecalc): Added. Extracted from updateStyleIfNeeded.

  • dom/DocumentStyleSheetCollection.cpp:

(WebCore::DocumentStyleSheetCollection::DocumentStyleSheetCollection):
(WebCore::styleSheetsUseRemUnits): Deleted.
(WebCore::DocumentStyleSheetCollection::updateActiveStyleSheets): Updates m_usesStyleBasedEditability
as well as m_usesRemUnit.

  • dom/DocumentStyleSheetCollection.h:

(WebCore::DocumentStyleSheetCollection::usesStyleBasedEditability): Added.
(WebCore::DocumentStyleSheetCollection::setUsesStyleBasedEditability): Added.

  • dom/Node.cpp:

(WebCore::computeEditabilityFromComputedStyle): Extracted from computeEditability.
(WebCore::Node::computeEditability): When the style recalc is requested and the render tree is dirty,
check if the document uses any CSS property that can affect the editability of elements. If it doesn't,
compute the editability from contenteditable attributes in the anchors via matchesReadWritePseudoClass.
Continue to use the style-based computation when the render tree isn't dirty to avoid the tree walk.

  • html/HTMLElement.cpp:

(WebCore::HTMLElement::editabilityFromContentEditableAttr): Extracted from matchesReadWritePseudoClass
to be called in Node::computeEditability. Also made it return Editability instead of boolean.
(WebCore::HTMLElement::matchesReadWritePseudoClass):

  • html/HTMLElement.h:

LayoutTests:

Added a regression test to update the editability of elements dynamically. Also rebaselined
tests per style recalc timing changes.

  • fast/dom/HTMLElement/dynamic-editability-change-expected.txt: Added.
  • fast/dom/HTMLElement/dynamic-editability-change.html: Added.
  • platform/mac/editing/execCommand/5142012-1-expected.txt: anonymous render block differences.
  • platform/mac/editing/execCommand/nsresponder-outdent-expected.txt: Ditto.
  • platform/mac/editing/inserting/insert-at-end-02-expected.txt: Empty render text differences.
  • platform/mac/editing/pasteboard/4989774-expected.txt: Ditto.
11:48 Changeset [180866] by ddkilzer@apple.com
  • 2 edits in trunk/Tools

LayoutTestRealy: Prepend XPC_ to the key, not the value!

Follow-up fix for:

LayoutTestRelay: App environment variables not set for --guard-malloc or --leaks
<http://webkit.org/b/142145>

  • LayoutTestRelay/LayoutTestRelay/LTRelayController.m:

(-[LTRelayController _environmentVariables]): Fix think-o.

11:12 Changeset [180865] by bfulgham@apple.com
  • 2 edits in trunk/Source/WebCore

[Win] Unreviewed build fix.

  • WebCorePrefix.h: Provide some default definitions to help build on Windows

machines with different application support libraries.

10:57 Changeset [180864] by ddkilzer@apple.com
  • 2 edits in trunk/Tools

LayoutTestRelay: App environment variables not set for --guard-malloc or --leaks
<http://webkit.org/b/142145>

Reviewed by Simon Fraser.

  • LayoutTestRelay/LayoutTestRelay/LTRelayController.m:

(-[LTRelayController _environmentVariables]): Add.
(-[LTRelayController launchApp]): Use -_environmentVariables.

10:28 Changeset [180863] by bfulgham@apple.com
  • 2 edits in trunk/LayoutTests

[Win] Document some more debug assertions.

  • platform/win/TestExpectations:
01:52 Changeset [180862] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180846 - FrameView::layoutTimerFired() should update style if needed before doing layout
https://bugs.webkit.org/show_bug.cgi?id=141688

Reviewed by Andreas Kling.

If the style recalc timer has been scheduled to fire after the layout timer,
when the layout timer fires, we might as well just do the style recalc
too. The call to updateStyleIfNeeded() will cancel the pending style
recalc timer.

This doesn't have much impact on the number of layouts (measured via PLT)
but seems like a reasonable thing to do.

  • page/FrameView.cpp:

(WebCore::FrameView::layoutTimerFired):

01:48 Changeset [180861] by carlosgc@webkit.org
  • 14 edits
    1 copy in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180797 - bmalloc: Pathological madvise churn on the free(malloc(x)) benchmark
https://bugs.webkit.org/show_bug.cgi?id=142058

Reviewed by Andreas Kling.

The churn was caused by repeatedly splitting an object with physical
pages from an object without, and then merging them back together again.
The merge would conservatively forget that we had physical pages, forcing
a new call to madvise on the next allocation.

This patch more strictly segregates objects in the heap from objects in
the VM heap, with these changes:

(1) Objects in the heap are not allowed to merge with objects in the VM
heap, and vice versa -- since that would erase our precise knowledge of
which physical pages had been allocated.

(2) The VM heap is exclusively responsible for allocating and deallocating
physical pages.

(3) The heap free list must consider entries for objects that are in the
VM heap to be invalid, and vice versa. (This condition can arise
because the free list does not eagerly remove items.)

With these changes, we can know that any valid object in the heap's free
list already has physical pages, and does not need to call madvise.

Note that the VM heap -- as before -- might sometimes contain ranges
or pieces of ranges that have physical pages, since we allow splitting
of ranges at granularities smaller than the VM page size. These ranges
can eventually merge with ranges in the heap during scavenging.

  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/BoundaryTag.h:

(bmalloc::BoundaryTag::owner):
(bmalloc::BoundaryTag::setOwner):
(bmalloc::BoundaryTag::initSentinel):
(bmalloc::BoundaryTag::hasPhysicalPages): Deleted.
(bmalloc::BoundaryTag::setHasPhysicalPages): Deleted. Replaced the concept
of "has physical pages" with a bit indicating which heap owns the large
object. This is a more precise concept, since the old bit was really a
Yes / Maybe bit.

  • bmalloc/Deallocator.cpp:
  • bmalloc/FreeList.cpp: Adopt

(bmalloc::FreeList::takeGreedy):
(bmalloc::FreeList::take):
(bmalloc::FreeList::removeInvalidAndDuplicateEntries):

  • bmalloc/FreeList.h:

(bmalloc::FreeList::push): Added API for considering the owner when
deciding if a free list entry is valid.

  • bmalloc/Heap.cpp:

(bmalloc::Heap::Heap): Adopt new API.

(bmalloc::Heap::scavengeLargeRanges): Scavenge all ranges with no minimum,
since some ranges might be able to merge with ranges in the VM heap, and
they won't be allowed to until we scavenge them.

(bmalloc::Heap::allocateSmallPage):
(bmalloc::Heap::allocateMediumPage):
(bmalloc::Heap::allocateLarge): New VM heap API makes this function
simpler, since we always get back physical pages now.

  • bmalloc/Heap.h:
  • bmalloc/LargeObject.h:

(bmalloc::LargeObject::end):
(bmalloc::LargeObject::owner):
(bmalloc::LargeObject::setOwner):
(bmalloc::LargeObject::isValidAndFree):
(bmalloc::LargeObject::merge): Do not merge objects across heaps since
that causes madvise churn.
(bmalloc::LargeObject::validateSelf):
(bmalloc::LargeObject::init):
(bmalloc::LargeObject::hasPhysicalPages): Deleted.
(bmalloc::LargeObject::setHasPhysicalPages): Deleted. Propogate the Owner API.

  • bmalloc/Owner.h: Added.
  • bmalloc/SegregatedFreeList.cpp:

(bmalloc::SegregatedFreeList::SegregatedFreeList):
(bmalloc::SegregatedFreeList::insert):
(bmalloc::SegregatedFreeList::takeGreedy):
(bmalloc::SegregatedFreeList::take):

  • bmalloc/SegregatedFreeList.h: Propogate the owner API.
  • bmalloc/VMAllocate.h:

(bmalloc::vmDeallocatePhysicalPagesSloppy):
(bmalloc::vmAllocatePhysicalPagesSloppy): Clarified these functions and
removed an edge case.

  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::VMHeap):

  • bmalloc/VMHeap.h:

(bmalloc::VMHeap::allocateSmallPage):
(bmalloc::VMHeap::allocateMediumPage):
(bmalloc::VMHeap::allocateLargeObject):
(bmalloc::VMHeap::deallocateLargeObject): Be sure to give each object
a new chance to merge, since it might have been prohibited from merging
before by virtue of not being in the VM heap.

(bmalloc::VMHeap::allocateLargeRange): Deleted.
(bmalloc::VMHeap::deallocateLargeRange): Deleted.

01:43 Changeset [180860] by carlosgc@webkit.org
  • 18 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180772 - Use NeverDestroyed for JS wrapper owners.
<https://webkit.org/b/142090>

Reviewed by Chris Dumez.

Using NeverDestroyed puts these objects in BSS which is preferable
since that prevents them from pinning down entire malloc pages forever.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader): Use NeverDestroyed instead of DEPRECATED_DEFINE_STATIC_LOCAL.

  • bindings/scripts/test/JS/*: Rebaseline bindings tests for this change.
01:21 Changeset [180859] by carlosgc@webkit.org
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180767 - Use after free in WebCore::RenderNamedFlowFragment::restoreRegionObjectsOriginalStyle
https://bugs.webkit.org/show_bug.cgi?id=138366

Reviewed by Dave Hyatt.

This patch ensures that we clean up RenderNamedFlowFragment::m_renderObjectRegionStyle when embedded flow content is getting destroyed.

In m_renderObjectRegionStyle hash map, we store style information about the named flow's descendant children.
When a child is being detached from the tree, it removes itself from this hashmap.
We do it by traversing up on the ancestor chain and call removeFlowChildInfo() on the parent flow.
However in case of embedded flows (for example multicolumn content inside a region), we need to check whether the parent flow
is inside a flow too and continue the cleanup accordingly.

Source/WebCore:

Test: fast/regions/region-with-multicolumn-embedded-crash.html

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::removeFromRenderFlowThreadIncludingDescendants):

LayoutTests:

  • fast/regions/region-with-multicolumn-embedded-crash-expected.txt: Added.
  • fast/regions/region-with-multicolumn-embedded-crash.html: Added.
01:18 Changeset [180858] by carlosgc@webkit.org
  • 3 edits in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180716 - MachineThreads::Thread clean up has a use after free race condition.
<https://webkit.org/b/141990>

Reviewed by Filip Pizlo.

MachineThreads::Thread clean up relies on the clean up mechanism
implemented in _pthread_tsd_cleanup_key(), which looks like this:

void _pthread_tsd_cleanup_key(pthread_t self, pthread_key_t key)
{

void (*destructor)(void *);
if (_pthread_key_get_destructor(key, &destructor)) {

void ptr = &self->tsd[key];
void *value = *ptr;

=== Start of window for the bug to manifest =================

At this point, this thread has cached "destructor" and "value"
(which is a MachineThreads*). If the VM gets destructed (along
with its MachineThreads registry) by another thread, then this
thread will have no way of knowing that the MachineThreads* is
now pointing to freed memory. Calling the destructor below will
therefore result in a use after free scenario when it tries to
access the MachineThreads' data members.

if (value) {

*ptr = NULL;
if (destructor) {

=== End of window for the bug to manifest ==================

destructor(value);

}

}

}

}

The fix is to add each active MachineThreads to an ActiveMachineThreadsManager,
and always check if the manager still contains that MachineThreads object
before we call removeCurrentThread() on it. When MachineThreads is destructed,
it will remove itself from the manager. The add, remove, and checking
operations are all synchronized on the manager's lock, thereby ensuring that
the MachineThreads object, if found in the manager, will remain alive for the
duration of time we call removeCurrentThread() on it.

There's also possible for the MachineThreads object to already be destructed
and another one happened to have been instantiated at the same address.
Hence, we should only remove the exiting thread if it is found in the
MachineThreads object.

There is no test for this issue because this bug requires a race condition
between 2 threads where:

  1. Thread B, which had previously used the VM, exiting and getting to the bug window shown in _pthread_tsd_cleanup_key() above.
  2. Thread A destructing the VM (and its MachineThreads object) within that window of time before Thread B calls the destructor.

It is not possible to get a reliable test case without invasively
instrumenting _pthread_tsd_cleanup_key() or MachineThreads::removeCurrentThread()
to significantly increase that window of opportunity.

  • heap/MachineStackMarker.cpp:

(JSC::ActiveMachineThreadsManager::Locker::Locker):
(JSC::ActiveMachineThreadsManager::add):
(JSC::ActiveMachineThreadsManager::remove):
(JSC::ActiveMachineThreadsManager::contains):
(JSC::ActiveMachineThreadsManager::ActiveMachineThreadsManager):
(JSC::activeMachineThreadsManager):
(JSC::MachineThreads::MachineThreads):
(JSC::MachineThreads::~MachineThreads):
(JSC::MachineThreads::removeThread):
(JSC::MachineThreads::removeThreadIfFound):
(JSC::MachineThreads::removeCurrentThread): Deleted.

  • heap/MachineStackMarker.h:
00:56 Changeset [180857] by carlosgc@webkit.org
  • 6 edits in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180701 - bmalloc: Large object free list can grow infinitely
https://bugs.webkit.org/show_bug.cgi?id=142055

Reviewed by Andreas Kling.

By design, we don't eagerly remove large objects from the free list.
This creates two simple pathologies:

(1) If you free and then allocate the same object repeatedly, it will
duplicate itself in the free list repeatedly. Since it is never
invalid at the time of allocation, it will never be removed.

(2) If you split and then merge the same object repeatedly, it will
duplicate its split sibling in the free list repeatedly. If its
sibling is in a separate free list size class, it will never be
consulted at the time of allocation, so it will never be removed.

So, a simple "while (1) { free(malloc(x)); }" causes infinite memory
use in the free list.

The solution in this patch is a simple helper to remove garbage from the
free list if it grows too large. This pathology is not common, so the
cost is OK.

Long-term, perhaps we should rethink the laziness of these free lists.

  • bmalloc/BoundaryTag.h:

(bmalloc::BoundaryTag::isMarked):
(bmalloc::BoundaryTag::setMarked): New bit, used by free list GC.

  • bmalloc/FreeList.cpp:

(bmalloc::FreeList::removeInvalidAndDuplicateEntries): The GC algorithm.

  • bmalloc/FreeList.h:

(bmalloc::FreeList::FreeList):
(bmalloc::FreeList::push): Invoke the GC if we're getting huge.

  • bmalloc/LargeObject.h:

(bmalloc::LargeObject::isMarked):
(bmalloc::LargeObject::setMarked):
(bmalloc::LargeObject::validateSelf): Expose the new bit.

  • bmalloc/Sizes.h: New constant to control GC frequency.
00:51 Changeset [180856] by carlosgc@webkit.org
  • 8 edits
    1 copy
    1 move in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180693 - bmalloc: Refactored SegregatedFreeList and BoundaryTag::init
https://bugs.webkit.org/show_bug.cgi?id=142049

Reviewed by Anders Carlsson.

Split out a FreeList class from SegregatedFreeList. This will make it
easier to add behaviors on free list insertion and removal -- and it's
probably how I should have designed things at the start.

Moved BoundaryTag::init into LargeObject, since all the related logic
lives in LargeObject now too, and this allows us to remove BoundaryTagInlines.h.

  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/BoundaryTagInlines.h: Removed.
  • bmalloc/FreeList.cpp: Copied from Source/bmalloc/bmalloc/SegregatedFreeList.cpp.

(bmalloc::FreeList::takeGreedy):
(bmalloc::FreeList::take):
(bmalloc::SegregatedFreeList::SegregatedFreeList): Deleted.
(bmalloc::SegregatedFreeList::insert): Deleted.
(bmalloc::SegregatedFreeList::takeGreedy): Deleted.
(bmalloc::SegregatedFreeList::take): Deleted.

  • bmalloc/FreeList.h: Copied from Source/bmalloc/bmalloc/SegregatedFreeList.h.

(bmalloc::FreeList::push):

  • bmalloc/LargeObject.h:

(bmalloc::LargeObject::init):

  • bmalloc/SegregatedFreeList.cpp:

(bmalloc::SegregatedFreeList::SegregatedFreeList):
(bmalloc::SegregatedFreeList::insert):
(bmalloc::SegregatedFreeList::takeGreedy):
(bmalloc::SegregatedFreeList::take):

  • bmalloc/SegregatedFreeList.h:
  • bmalloc/Sizes.h:
  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::grow):

00:45 Changeset [180855] by carlosgc@webkit.org
  • 4 edits in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180688 - bmalloc: free up a bit in BoundaryTag
https://bugs.webkit.org/show_bug.cgi?id=142048

Reviewed by Brady Eidson.

We were wasting a bit by accident, and I need one now.

  • bmalloc/Algorithm.h:

(bmalloc::rightShift): Deleted. Not needed, now that I've simplified
the math.

  • bmalloc/BoundaryTag.h: Since each boundary tag bucket is 1024 bytes

long, the maximum offset into a bucket is 1023.

You need 5 bits to count up to 1024, but only 4 to count up to 1023.

Math is hard.

(bmalloc::BoundaryTag::compactBegin): Switched to division because it
is simpler, and easier to match up with our ASSERT. The compiler will
turn division by constant power of two into a shift for us.

(bmalloc::BoundaryTag::setRange): Added an ASSERT for compactBegin
because we do encode it, so we should ASSERT that encoding did not
lose information.

  • bmalloc/Sizes.h: Shifting is no longer used since we use division

instead.

00:43 Changeset [180854] by carlosgc@webkit.org
  • 6 edits
    6 adds in releases/WebKitGTK/webkit-2.8

Merge r180683 - Setting any of the <object> element plugin controlling attributes does not have any affect.
https://bugs.webkit.org/show_bug.cgi?id=141936.

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2015-02-26
Reviewed by Zalan Bujtas.

Source/WebCore:

When setting any of the <object> element plugin controlling attributes
dynamically we need to mark the the element to be dirty by calling
setNeedsStyleRecalc(), so it has to recreate its renderer when needed.

Test: svg/as-object/svg-in-object-dynamic-attribute-change.html

  • dom/Element.h: Delete unimplemented function.
  • html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::parseAttribute): Dirty the element by calling
setNeedsStyleRecalc() when one of the plugin controlling attributes gets
changed. We have to clear the m_useFallbackContent because the attribute's
new value might fix the object rendering.

  • html/HTMLObjectElement.h: Add a function to clear m_useFallbackContent.
  • html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::willRecalcStyle): We might need to
reconstruct the object renderer in the image case. This can happen if the
image was rendering fallback content and the attribute's new value fixes
the object rendering.

LayoutTests:

  • svg/as-object/resources/lime100x100.html: Added.
  • svg/as-object/resources/lime100x100.png: Added.
  • svg/as-object/resources/lime100x100.svg: Added.
  • svg/as-object/resources/red100x100.svg: Added.
  • svg/as-object/svg-in-object-dynamic-attribute-change-expected.html: Added.
  • svg/as-object/svg-in-object-dynamic-attribute-change.html: Added.

Ensure that changing the 'type' and the 'data' attributes of the <object>
element will have the expected outcome. Also make sure that the <object>
element renderer falls back correctly when setting any of the attributes
to some unexpected value.

00:36 WebKitGTK/2.8.x edited by carlosgc@webkit.org
(diff)
00:28 Changeset [180853] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180667 - Add calleeSaveRegisters() implementation for ARM Traditional
https://bugs.webkit.org/show_bug.cgi?id=141903

Reviewed by Darin Adler.

  • jit/RegisterSet.cpp:

(JSC::RegisterSet::calleeSaveRegisters):

00:24 Changeset [180852] by carlosgc@webkit.org
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180643 - Horizontal and vertical lines are clipped completely if clip-path is included in the tag but the referenced element is defined later.
https://bugs.webkit.org/show_bug.cgi?id=141776.

Reviewed by Dean Jackson.
Source/WebCore:

Tests: svg/clip-path/clip-path-line-use-before-defined-expected.svg

svg/clip-path/clip-path-line-use-before-defined.svg

  • rendering/svg/RenderSVGResourceClipper.cpp:

(WebCore::RenderSVGResourceClipper::applyClippingToContext): Ensure the renderer
is added to m_clipper if it does not exist. The same renderer might have been
added to m_clipper in resourceBoundingBox().

(WebCore::RenderSVGResourceClipper::addRendererToClipper): Add the renderer to
m_clipper if it does not exist. Return the associated ClipperData.

(WebCore::RenderSVGResourceClipper::resourceBoundingBox): If the clipper is
referenced before it is defined, add the renderer to m_clipper. While doing the
layout() for the clipper, we can check if m_clipper has values or not. If it does
have, we are going to mark the clipper for client invalidation which is done by
the SVG root.

  • rendering/svg/RenderSVGResourceClipper.h:
  • rendering/svg/RenderSVGResourceContainer.h:

(WebCore::RenderSVGResourceContainer::selfNeedsClientInvalidation): Define a
new function selfNeedsClientInvalidation() which controls marking the clipper
for client invalidation. In RenderSVGResourceClipper, override it so it checks
m_clipper to force clients validation even if it the first time we do layout
for this clipper.

  • rendering/svg/RenderSVGResourceContainer.cpp:

(WebCore::RenderSVGResourceContainer::layout): Call the virtual function
selfNeedsClientInvalidation() to check whether we need to mark the clipper for
client invalidation.

  • svg/SVGElement.cpp: Delete unneeded header file.

LayoutTests:

New test cases for SVG lines which are clipped to a <clipPath>. The <clipPath>
is referenced before it is defined.

  • svg/clip-path/clip-path-line-use-before-defined-expected.svg: Added.
  • svg/clip-path/clip-path-line-use-before-defined.svg: Added.
00:21 Changeset [180851] by carlosgc@webkit.org
  • 6 edits
    1 add in releases/WebKitGTK/webkit-2.8

Merge r180639 - CodeBlock crashes when dumping op_push_name_scope
https://bugs.webkit.org/show_bug.cgi?id=141953

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-02-25
PerformanceTests/SunSpider:

Reviewed by Filip Pizlo.

  • profiler-test.yaml:

Source/JavaScriptCore:

Reviewed by Filip Pizlo and Csaba Osztrogonác.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • tests/stress/op-push-name-scope-crashes-profiler.js: Added.

Tools:

Reviewed by Filip Pizlo.

  • Scripts/run-jsc-stress-tests:
00:17 Changeset [180850] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180634 - REGRESSION (r180018 ): Holding a rubber-band in place can get stuck
https://bugs.webkit.org/show_bug.cgi?id=142020
-and corresponding-
rdar://problem/19945216

Reviewed by Tom Horton.

It was a mistaken assumption that it was necessary to return false in the zero-
delta case. That is clearly conceptually wrong since false represents the DOM
doing something special with the event, which is clearly not the case if we never
even send the event to the DOM. Returning true will allow the rest of the
scrolling machinery the ability to handle the event.

  • dom/Element.cpp:

(WebCore::Element::dispatchWheelEvent):

00:15 Changeset [180849] by carlosgc@webkit.org
  • 16 edits in releases/WebKitGTK/webkit-2.8

Merge r180621 - AX: Implement support for ARIA 1.1 'searchbox' role
https://bugs.webkit.org/show_bug.cgi?id=142004

Reviewed by Chris Fleizach.

Source/WebCore:

Add a new accessible SearchFieldRole to handle both the ARIA role
and the "search" input type.

No new tests. Instead, added a new test case to roles-exposed.html
for the mapping, and updated roles-computedRoleString.html because
there is now a one-to-one mapping between the "search" input type
and an ARIA role.

  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::determineAccessibilityRole):
(WebCore::AccessibilityNodeObject::isSearchField):

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::isARIATextControl):
(WebCore::AccessibilityObject::isARIAInput):
(WebCore::initializeRoleMap):

  • accessibility/AccessibilityObject.h:
  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::determineAccessibilityRole):

  • accessibility/atk/WebKitAccessibleWrapperAtk.cpp:

(atkRole):

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
(-[WebAccessibilityObjectWrapper accessibilityTraits]):
(-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(createAccessibilityRoleMap):

LayoutTests:

  • accessibility/roles-computedRoleString-expected.txt: Updated for new role.
  • accessibility/roles-computedRoleString.html: Updated for new role.
  • accessibility/roles-exposed.html: New test case added.
  • platform/efl/accessibility/roles-exposed-expected.txt: Updated for new test case.
  • platform/gtk/accessibility/roles-exposed-expected.txt: Updated for new test case.
  • platform/mac-mavericks/accessibility/roles-exposed-expected.txt: Updated for new test case.
  • platform/mac/accessibility/roles-exposed-expected.txt: Updated for new test case.

02/28/15:

20:36 Changeset [180848] by simon.fraser@apple.com
  • 6 edits in trunk/Source

Viewport units should not dirty style just before we do layout
https://bugs.webkit.org/show_bug.cgi?id=141682

Reviewed by Zalan Bujtas.
Source/WebCore:

In documents using viewport units, we dirtied style every time layout changed
the size of the document. This is nonsensical, because viewport units depend on the
viewport size, not the document size.

Move the style dirtying from layout() into availableContentSizeChanged(). Hook
this up for WebKit1 by calling from -[WebFrameView _frameSizeChanged], and,
since that causes availableContentSizeChanged() to be called for WK1 for the first
time, protect the call to updateScrollbars() with a !platformWidget check.

Covered by existing viewport unit tests.

  • page/FrameView.cpp:

(WebCore::FrameView::layout):
(WebCore::FrameView::availableContentSizeChanged):
(WebCore::FrameView::viewportSizeForCSSViewportUnits): Add a FIXME comment. Whether
scrollbars are ignored depends on the value of the overflow property on the root element.

  • page/FrameView.h:
  • platform/ScrollView.cpp:

(WebCore::ScrollView::availableContentSizeChanged):

Source/WebKit/mac:

  • WebView/WebFrameView.mm:

(-[WebFrameView _frameSizeChanged]):

18:31 Changeset [180847] by akling@apple.com
  • 2 edits in trunk/Source/WebCore

[Cocoa] Purge SQLite page cache when under memory pressure.
<https://webkit.org/b/142139>
<rdar://problem/19997739>

Reviewed by Pratik Solanki.

Call out to sqlite3 cache purging SPI on Cocoa platforms when
we need to free up some extra memory.

  • platform/cocoa/MemoryPressureHandlerCocoa.mm:

(WebCore::MemoryPressureHandler::platformReleaseMemory):

17:04 Changeset [180846] by simon.fraser@apple.com
  • 2 edits in trunk/Source/WebCore

FrameView::layoutTimerFired() should update style if needed before doing layout
https://bugs.webkit.org/show_bug.cgi?id=141688

Reviewed by Andreas Kling.

If the style recalc timer has been scheduled to fire after the layout timer,
when the layout timer fires, we might as well just do the style recalc
too. The call to updateStyleIfNeeded() will cancel the pending style
recalc timer.

This doesn't have much impact on the number of layouts (measured via PLT)
but seems like a reasonable thing to do.

  • page/FrameView.cpp:

(WebCore::FrameView::layoutTimerFired):

15:06 Changeset [180845] by ddkilzer@apple.com
  • 2 edits in trunk/Tools

[iOS] Stop running webkit-build-directory on every layout test

This was originally fixed by David Farler for Bug 135409 in
r172602.

  • Scripts/webkitpy/port/ios.py:

(IOSSimulatorPort.relay_path): Mark as @memoized so it doesn't
run webkit-build-directory every time it's called.

14:47 Changeset [180844] by youenn.fablet@crf.canon.fr
  • 2 edits in trunk/Tools

W3C importer should use filesystem instead of shutil/host
https://bugs.webkit.org/show_bug.cgi?id=142012

Reviewed by Bem Jones-Bey.

Removed direct use of python shutil and os, except for os.walk which will require its own fix.

  • Scripts/webkitpy/w3c/test_importer.py:

(main):
(TestImporter.do_import):
(TestImporter.find_importable_tests):
(TestImporter.import_tests):
(TestImporter.remove_deleted_files):
(TestImporter.write_import_log):

14:33 Changeset [180843] by ossy@webkit.org
  • 2 edits in trunk/LayoutTests

REGRESSION(r85798): Lists of crashing/timeouting/stderr tests aren't sorted
https://bugs.webkit.org/show_bug.cgi?id=142081

Reviewed by Ryosuke Niwa.

  • fast/harness/results.html:
14:20 Changeset [180842] by andersca@apple.com
  • 4 edits in trunk/Source/WebKit2

WebsiteDataStore should handle fetching and deleting local storage data
https://bugs.webkit.org/show_bug.cgi?id=142137

Reviewed by Sam Weinig.

  • UIProcess/Storage/StorageManager.cpp:

(WebKit::StorageManager::deleteEntriesForOrigins):
Add a new function that deletes entries from multiple origins.

  • UIProcess/Storage/StorageManager.h:

Add new members.

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::fetchData):
Fetch local storage data as well.

(WebKit::WebsiteDataStore::removeData):
Delete local storage data as well.

13:52 Changeset [180841] by andersca@apple.com
  • 3 edits in trunk/Source/WebKit2

Fetch cache origins from the network process
https://bugs.webkit.org/show_bug.cgi?id=142135

Reviewed by Dan Bernstein.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::cfURLCacheOrigins):
Add a new helper function that returns a vector of CFURL cache origins.

(WebKit::fetchDiskCacheOrigins):
Fetch the disk cache origins and pass them along to the completion handler. Currently we don't handle the new disk cache.

(WebKit::NetworkProcess::fetchWebsiteData):
Create a callback aggregator and fetch disk cache origins if we're asked for it.

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::computeNetworkProcessAccessTypeForDataFetch):
New helper function that computes if we need to launch the network process in order to fetch data.

(WebKit::WebsiteDataStore::fetchData):
Fetch website data from the network process as well.

13:41 Changeset [180840] by youenn.fablet@crf.canon.fr
  • 3 edits in trunk/LayoutTests/imported/w3c/web-platform-tests

Unreviewed - set svn:ignore for generated web-platform-tests files - see bug 142110

12:58 Changeset [180839] by simon.fraser@apple.com
  • 31 edits in trunk/Source/WebCore

Fullscreen video layers are off by one sometimes
https://bugs.webkit.org/show_bug.cgi?id=142122
rdar://problem/19878821

Reviewed by Eric Carlson.

Convert MediaPlayer::naturalSize() to return a FloatSize, since the natural size
isn't always integral (because of preserving pixel aspect ratio etc). Fix all the media
backends to use FloatSizes for natural size. Convert the video image drawing code
paths to FloatSize, since naturalSize is used on the destination rect computation,
and painting should be floating point anyway.

Give the layer created by SourceBufferPrivateAVFObjC a name in debug builds.

  • html/HTMLVideoElement.cpp:

(WebCore::HTMLVideoElement::videoWidth):
(WebCore::HTMLVideoElement::videoHeight):
(WebCore::HTMLVideoElement::paintCurrentFrameInContext):

  • html/HTMLVideoElement.h:
  • html/canvas/CanvasRenderingContext2D.cpp:

(WebCore::size):
(WebCore::CanvasRenderingContext2D::drawImage):

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::videoFrameToImage):

  • platform/graphics/MediaPlayer.cpp:

(WebCore::NullMediaPlayerPrivate::naturalSize):
(WebCore::MediaPlayer::naturalSize):
(WebCore::MediaPlayer::paint):
(WebCore::MediaPlayer::paintCurrentFrameInContext):
(WebCore::NullMediaPlayerPrivate::paint): Deleted.

  • platform/graphics/MediaPlayer.h:
  • platform/graphics/MediaPlayerPrivate.h:

(WebCore::MediaPlayerPrivateInterface::paintCurrentFrameInContext):

  • platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:

(WebCore::MediaPlayerPrivateAVFoundation::naturalSize):
(WebCore::MediaPlayerPrivateAVFoundation::setNaturalSize):

  • platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::paintCurrentFrameInContext):
(WebCore::MediaPlayerPrivateAVFoundationObjC::paint):
(WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithImageGenerator):
(WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect):
(WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged):
(WebCore::MediaPlayerPrivateAVFoundationObjC::sizeChanged):
(WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::naturalSize):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paint):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paintCurrentFrameInContext):

  • platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:

(WebCore::MediaSourcePrivateAVFObjC::naturalSize):

  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:

(WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):
(WebCore::SourceBufferPrivateAVFObjC::naturalSize):

  • platform/graphics/avfoundation/objc/VideoTrackPrivateMediaSourceAVFObjC.h:
  • platform/graphics/avfoundation/objc/VideoTrackPrivateMediaSourceAVFObjC.mm:

(WebCore::VideoTrackPrivateMediaSourceAVFObjC::naturalSize):

  • platform/graphics/mac/MediaPlayerPrivateQTKit.h:
  • platform/graphics/mac/MediaPlayerPrivateQTKit.mm:

(WebCore::MediaPlayerPrivateQTKit::naturalSize):
(WebCore::MediaPlayerPrivateQTKit::paintCurrentFrameInContext):
(WebCore::MediaPlayerPrivateQTKit::paint):

  • platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:

(WebCore::MockMediaPlayerMediaSource::naturalSize):
(WebCore::MockMediaPlayerMediaSource::paint):

  • platform/mock/mediasource/MockMediaPlayerMediaSource.h:
  • rendering/RenderVideo.cpp:

(WebCore::RenderVideo::calculateIntrinsicSize):
(WebCore::RenderVideo::paintReplaced):

12:20 Changeset [180838] by andersca@apple.com
  • 4 edits in trunk/Source/WebKit2

Simplify WebResourceCacheManagerCFNet.mm code
https://bugs.webkit.org/show_bug.cgi?id=142134

Reviewed by Dan Bernstein.

  • ENABLE(CACHE_PARTITIONING) is always true on Mac and iOS, so remove those #ifdefs.
  • Make cfURLCacheHostNamesWithCallback and clearCFURLCacheForHostNames public so they can be used by the new WebsiteDataStore code in an upcoming patch.
  • Change cfURLCacheHostNamesWithCallback to take an std::function instead of a block.
  • WebProcess/ResourceCache/WebResourceCacheManager.cpp:

(WebKit::WebResourceCacheManager::getCacheOrigins):

  • WebProcess/ResourceCache/WebResourceCacheManager.h:
  • WebProcess/ResourceCache/cf/WebResourceCacheManagerCFNet.mm:

(WebKit::partitionName):
(WebKit::WebResourceCacheManager::cfURLCacheHostNamesWithCallback):
(WebKit::WebResourceCacheManager::clearCFURLCacheForHostNames):
(WebKit::WebResourceCacheManager::cfURLCacheHostNames): Deleted.

10:45 Changeset [180837] by commit-queue@webkit.org
  • 10 edits
    1 copy
    1 move
    2 adds in trunk/Source/WebKit2

Unreviewed, rolling out r180804.
https://bugs.webkit.org/show_bug.cgi?id=142131

Broke nightlies (Requested by ap on #webkit).

Reverted changeset:

"[WK2] Drop legacy WKBundlePageDiagnosticLoggingClient API"
https://bugs.webkit.org/show_bug.cgi?id=141176
http://trac.webkit.org/changeset/180804

07:05 Changeset [180836] by gyuyoung.kim@samsung.com
  • 2 edits in trunk/LayoutTests

Unreviewed EFL gardening 1st Mar.

  • platform/efl/TestExpectations:
  • Unskip tests which have been passed since r180672.
  • Skip compositing/webgl.
05:22 WebKitGTK/2.8.x edited by carlosgc@webkit.org
(diff)
05:20 Changeset [180835] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/WTF

Merge r180620 - Enable concurrent JIT on GTK
https://bugs.webkit.org/show_bug.cgi?id=142007

Reviewed by Benjamin Poulain.

Seems weird that GTK keeps it off. No good reason for that as far as I can tell.

  • wtf/Platform.h:
05:20 Changeset [180834] by carlosgc@webkit.org
  • 2 edits
    1 add in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

CMake build of libllvmForJSC.so should limit its export list like the Xcode build does
https://bugs.webkit.org/show_bug.cgi?id=141989

Reviewed by Gyuyoung Kim.

  • CMakeLists.txt:
  • llvm/library/libllvmForJSC.version: Added.
03:59 Changeset [180833] by carlosgc@webkit.org
  • 5 edits in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180604 - Rolling out http://trac.webkit.org/changeset/180430 as it causes the PLT to crash.
<rdar://problem/19948015>

Unreviewed.

  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::grow):

  • bmalloc/VMHeap.h:
  • bmalloc/Zone.cpp:

(bmalloc::Zone::Zone):
(bmalloc::Zone::size): Deleted.

  • bmalloc/Zone.h:
03:55 Changeset [180832] by carlosgc@webkit.org
  • 15 edits
    10 adds in releases/WebKitGTK/webkit-2.8

Merge r180600 - AX: Implement support for ARIA 1.1 'switch' role
https://bugs.webkit.org/show_bug.cgi?id=141986

Reviewed by Chris Fleizach.

Source/WebCore:

Map the role to ATK_ROLE_TOGGLE_BUTTON for Gtk and Efl; on the Mac, to
AXCheckBox with a subrole of AXSwitch. Ensure it looks and acts like a
widget to accessibility APIs (supports and emits notifications when
toggled, doesn't have children, exposes a name and description when
provided).

Tests: accessibility/aria-switch-checked.html

accessibility/aria-switch-sends-notification.html
accessibility/aria-switch-text.html

  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::canHaveChildren):
(WebCore::AccessibilityNodeObject::isChecked):
(WebCore::AccessibilityNodeObject::visibleText):
(WebCore::AccessibilityNodeObject::title):

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::isARIAInput):
(WebCore::AccessibilityObject::actionVerb):
(WebCore::initializeRoleMap):
(WebCore::AccessibilityObject::supportsChecked):
(WebCore::AccessibilityObject::checkboxOrRadioValue):

  • accessibility/AccessibilityObject.h:

(WebCore::AccessibilityObject::isSwitch):

  • accessibility/atk/AXObjectCacheAtk.cpp:

(WebCore::AXObjectCache::postPlatformNotification):

  • accessibility/atk/WebKitAccessibleWrapperAtk.cpp:

(atkRole):

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
(-[WebAccessibilityObjectWrapper accessibilityTraits]):
(-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(createAccessibilityRoleMap):
(-[WebAccessibilityObjectWrapper subrole]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

LayoutTests:

  • accessibility/aria-switch-checked-expected.txt: Added.
  • accessibility/aria-switch-checked.html: Added.
  • accessibility/aria-switch-sends-notification-expected.txt: Added.
  • accessibility/aria-switch-sends-notification.html: Added.
  • accessibility/aria-switch-text.html: Added.
  • accessibility/roles-exposed.html: Added a test case for the new role.
  • platform/efl/accessibility/aria-fallback-roles-expected.txt: Added.
  • platform/efl/accessibility/aria-switch-text-expected.txt: Added.
  • platform/efl/accessibility/roles-exposed-expected.txt: Updated for the new role.
  • platform/gtk/accessibility/aria-fallback-roles-expected.txt: Added.
  • platform/gtk/accessibility/aria-switch-text-expected.txt: Added.
  • platform/gtk/accessibility/roles-exposed-expected.txt: Updated for the new role.
  • platform/mac-mavericks/accessibility/roles-exposed-expected.txt: Updated for the new role.
  • platform/mac/TestExpectations: Skip the 'checked' notifcation as the Mac doesn't have it.
  • platform/mac/accessibility/aria-switch-text-expected.txt: Added.
  • platform/mac/accessibility/roles-exposed-expected.txt: Updated for the new role.
03:52 Changeset [180831] by carlosgc@webkit.org
  • 6 edits in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180591 - Rolling out r179753. The fix was invalid.
<https://webkit.org/b/141990>

Not reviewed.

  • API/tests/testapi.mm:

(threadMain):
(useVMFromOtherThread): Deleted.
(useVMFromOtherThreadAndOutliveVM): Deleted.

  • heap/Heap.cpp:

(JSC::Heap::Heap):
(JSC::Heap::~Heap):
(JSC::Heap::gatherStackRoots):

  • heap/Heap.h:

(JSC::Heap::machineThreads):

  • heap/MachineStackMarker.cpp:

(JSC::MachineThreads::Thread::Thread):
(JSC::MachineThreads::MachineThreads):
(JSC::MachineThreads::~MachineThreads):
(JSC::MachineThreads::addCurrentThread):
(JSC::MachineThreads::removeThread):
(JSC::MachineThreads::removeCurrentThread):

  • heap/MachineStackMarker.h:
03:49 Changeset [180830] by youenn.fablet@crf.canon.fr
  • 2 edits in trunk/Tools

W3C test importer should use filesystem to read and write files
https://bugs.webkit.org/show_bug.cgi?id=142084

Reviewed by Bem Jones-Bey.

Use of FileSystem.write_binary_file, read_text_file and write_text_file in lieu of open().

  • Scripts/webkitpy/w3c/test_importer.py:

(TestImporter.import_tests):
(TestImporter.remove_deleted_files):
(TestImporter.write_import_log):

03:31 Changeset [180829] by carlosgc@webkit.org
  • 13 edits
    1 add in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180576 - bmalloc: Added a little more abstraction for large objects
https://bugs.webkit.org/show_bug.cgi?id=141978

Reviewed by Sam Weinig.

Previously, each client needed to manage the boundary tags of
a large object using free functions. This patch introduces a LargeObject
class that does things a little more automatically.

  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::reallocate): Use the new LargeObject class.

  • bmalloc/BeginTag.h:

(bmalloc::BeginTag::isInFreeList): Deleted. Moved this logic into the
LargeObject class.

  • bmalloc/BoundaryTag.h:

(bmalloc::BoundaryTag::isSentinel):
(bmalloc::BoundaryTag::compactBegin):
(bmalloc::BoundaryTag::setRange):
(bmalloc::BoundaryTag::initSentinel): Added an explicit API for sentinels,
which we used to create and test for implicitly.

  • bmalloc/BoundaryTagInlines.h:

(bmalloc::BoundaryTag::init):
(bmalloc::validate): Deleted.
(bmalloc::validatePrev): Deleted.
(bmalloc::validateNext): Deleted.
(bmalloc::BoundaryTag::mergeLeft): Deleted.
(bmalloc::BoundaryTag::mergeRight): Deleted.
(bmalloc::BoundaryTag::merge): Deleted.
(bmalloc::BoundaryTag::deallocate): Deleted.
(bmalloc::BoundaryTag::split): Deleted.
(bmalloc::BoundaryTag::allocate): Deleted. Moved this logic into the
LargeObject class.

  • bmalloc/EndTag.h:

(bmalloc::EndTag::init):
(bmalloc::EndTag::operator=): Deleted. Re-reading this code, I found
special behavior in the assignment operator to be a surprising API.
So, I replaced the assignment operation with an explicit initializing
function.

  • bmalloc/Heap.cpp:

(bmalloc::Heap::scavengeLargeRanges):
(bmalloc::Heap::allocateXLarge):
(bmalloc::Heap::findXLarge):
(bmalloc::Heap::deallocateXLarge):
(bmalloc::Heap::allocateLarge):
(bmalloc::Heap::deallocateLarge):

  • bmalloc/Heap.h: No behavior changes here -- just adopting the

LargeObject interface.

  • bmalloc/LargeObject.h: Added.

(bmalloc::LargeObject::operator!):
(bmalloc::LargeObject::begin):
(bmalloc::LargeObject::size):
(bmalloc::LargeObject::range):
(bmalloc::LargeObject::LargeObject):
(bmalloc::LargeObject::setFree):
(bmalloc::LargeObject::isFree):
(bmalloc::LargeObject::hasPhysicalPages):
(bmalloc::LargeObject::setHasPhysicalPages):
(bmalloc::LargeObject::isValidAndFree):
(bmalloc::LargeObject::merge):
(bmalloc::LargeObject::split):
(bmalloc::LargeObject::validateSelf):
(bmalloc::LargeObject::validate): Moved this code into a class, out of
BoundaryTag free functions.

New to the class are these features:

(1) Every reference to an object is validated upon creation and use.

(2) There's an explicit API for "This is a reference to an object
that might be stale (the DoNotValidate API)".

(3) The begin and end tags are kept in sync automatically.

  • bmalloc/SegregatedFreeList.cpp:

(bmalloc::SegregatedFreeList::insert):
(bmalloc::SegregatedFreeList::takeGreedy):
(bmalloc::SegregatedFreeList::take):

  • bmalloc/SegregatedFreeList.h: Adopt the LargeObject interface.
  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::grow):

  • bmalloc/VMHeap.h:

(bmalloc::VMHeap::allocateLargeRange):
(bmalloc::VMHeap::deallocateLargeRange): Adopt the LargeObject interface.

03:29 Changeset [180828] by carlosgc@webkit.org
  • 50 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180570 - REGRESSION(r179429): Can't type comments in Facebook
https://bugs.webkit.org/show_bug.cgi?id=141859

Reviewed by Brent Fulgham.

Source/JavaScriptCore:

When window.Symbol is exposed to user-space pages,
Facebook's JavaScript use it (maybe, for immutable-js and React.js's unique key).
However, to work with Symbols completely, it also requires
1) Object.getOwnPropertySymbols (for mixin including Symbols)
2) the latest ES6 Iterator interface that uses Iterator.next and it returns { done: boolean, value: value }.
Since they are not landed yet, comments in Facebook don't work.

This patch introduces RuntimeFlags for JavaScriptCore.
Specifying SymbolEnabled flag under test runner and inspector to continue to work with Symbol.
And drop JavaScriptExperimentsEnabled flag
because it is no longer used and use case of this is duplicated to runtime flags.

(GlobalObject::javaScriptRuntimeFlags):
(GlobalObject::javaScriptExperimentsEnabled): Deleted.

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::JSGlobalObject):
(JSC::JSGlobalObject::init):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::finishCreation):
(JSC::JSGlobalObject::javaScriptRuntimeFlags):
(JSC::JSGlobalObject::javaScriptExperimentsEnabled): Deleted.

  • runtime/RuntimeFlags.h: Added.

(JSC::RuntimeFlags::RuntimeFlags):
(JSC::RuntimeFlags::createAllEnabled):

Source/WebCore:

Enable SymbolEnabled runtime flag in inspector context.

  • ForwardingHeaders/runtime/RuntimeFlags.h: Added.
  • WebCore.order:
  • WebCore.vcxproj/WebCore.vcxproj:
  • WebCore.vcxproj/WebCore.vcxproj.filters:
  • bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::javaScriptRuntimeFlags):
(WebCore::JSDOMWindowBase::javaScriptExperimentsEnabled): Deleted.

  • bindings/js/JSDOMWindowBase.h:
  • bindings/js/JSWorkerGlobalScopeBase.cpp:

(WebCore::JSWorkerGlobalScopeBase::javaScriptRuntimeFlags):
(WebCore::JSWorkerGlobalScopeBase::javaScriptExperimentsEnabled): Deleted.

  • bindings/js/JSWorkerGlobalScopeBase.h:
  • inspector/InspectorFrontendClientLocal.cpp:

(WebCore::InspectorFrontendClientLocal::InspectorFrontendClientLocal):

  • page/Settings.h:
  • page/Settings.in:

Source/WebKit/mac:

Introduce SymbolEnabled and drop javaScriptExperimentsEnabled.
Private API, javaScriptExperimentsEnabled is dropped.

  • Misc/WebNSDictionaryExtras.h:
  • Misc/WebNSDictionaryExtras.m:

(-[NSMutableDictionary _webkit_setUnsignedInt:forKey:]):

  • WebKit.order:
  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences _setUnsignedIntValue:forKey:]):
(-[WebPreferences javaScriptRuntimeFlags]):
(-[WebPreferences setJavaScriptRuntimeFlags:]):
(-[WebPreferences setJavaScriptExperimentsEnabled:]): Deleted.
(-[WebPreferences javaScriptExperimentsEnabled]): Deleted.

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Source/WebKit/win:

Added Windows support.

  • Interfaces/IWebPreferences.idl:
  • Interfaces/IWebPreferencesPrivate.idl:
  • WebPreferenceKeysPrivate.h:
  • WebPreferences.cpp:

(WebPreferences::initializeDefaultSettings):
(WebPreferences::javaScriptRuntimeFlags):
(WebPreferences::setJavaScriptRuntimeFlags):
(WebPreferences::isWebSecurityEnabled):

  • WebPreferences.h:
  • WebView.cpp:

(WebView::notifyPreferencesChanged):

Source/WebKit2:

Enable SymbolEnabled in inspector context.

  • Shared/WebPreferencesDefinitions.h:
  • UIProcess/API/C/WKPreferences.cpp:

(WKPreferencesSetJavaScriptRuntimeFlags):
(WKPreferencesGetJavaScriptRuntimeFlags):
(WKPreferencesSetJavaScriptExperimentsEnabled): Deleted.
(WKPreferencesGetJavaScriptExperimentsEnabled): Deleted.

  • UIProcess/API/C/WKPreferencesRef.h:
  • UIProcess/API/C/WKPreferencesRefPrivate.h:
  • UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences _javaScriptRuntimeFlags]):
(-[WKPreferences _setJavaScriptRuntimeFlags:]):

  • UIProcess/API/Cocoa/WKPreferencesPrivate.h:
  • UIProcess/efl/WebInspectorProxyEfl.cpp:

(WebKit::WebInspectorProxy::platformCreateInspectorPage):

  • UIProcess/gtk/WebInspectorProxyGtk.cpp:

(WebKit::WebInspectorProxy::platformCreateInspectorPage):

  • UIProcess/mac/WebInspectorProxyMac.mm:

(WebKit::WebInspectorProxy::platformCreateInspectorPage):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

  • mac/WebKit2.order:

Tools:

Drop javaScriptExperimentsEnabled and specify JavaScriptRuntimeFlagsAllEnabled as KJavaScriptRuntimeFlags.

  • DumpRenderTree/mac/DumpRenderTree.mm:

(resetWebPreferencesToConsistentValues):

  • DumpRenderTree/win/DumpRenderTree.cpp:

(resetWebPreferencesToConsistentValues):

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetPreferencesToConsistentValues):

03:16 WebKitGTK/2.8.x edited by carlosgc@webkit.org
(diff)
03:14 WebKitGTK/2.8.x edited by carlosgc@webkit.org
(diff)
03:13 WebKitGTK/2.8.x edited by carlosgc@webkit.org
(diff)
03:05 Changeset [180827] by carlosgc@webkit.org
  • 4 edits in releases/WebKitGTK/webkit-2.8

Merge r180566 - [GTK] Layout Test accessibility/roles-exposed.html is failing
https://bugs.webkit.org/show_bug.cgi?id=141960

Reviewed by Martin Robinson.

Source/WebCore:

The test was failing because Gtk now uses GtkColorChooserDialog for the
color input, making the input field a button which results in the color
chooser dialog appearing. As a side effect of this change, the input now
has an accessible role of ColorWell, which is currently mapped to
ATK_ROLE_COLOR_CHOOSER (which is by definition the dialog which results
upon activating the button input field). Changed the Gtk platform mapping
to ATK_ROLE_BUTTON, leaving the Efl mapping as-is.

No new tests. Instead, updated and unskipped failing test.

  • accessibility/atk/WebKitAccessibleWrapperAtk.cpp:

(atkRole):

LayoutTests:

  • platform/gtk/TestExpectations: Unskip the failing test.
  • platform/gtk/accessibility/roles-exposed-expected.txt: Update the expectations.
03:03 Changeset [180826] by carlosgc@webkit.org
  • 5 edits in releases/WebKitGTK/webkit-2.8

Merge r180565 - Crash loading local file with WebPageProxy::loadAlternateHTMLString
https://bugs.webkit.org/show_bug.cgi?id=141867

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2015-02-24
Reviewed by Anders Carlsson.

Source/WebKit2:

WebPageProxy::loadAlternateHTMLString needs to assume read access to unreachableURL as well
as baseURL, because unreachableURL will get added to the back/forward list, causing us to
crash later on when we notice the unexpected URL received in checkURLReceivedFromWebProcess.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::loadAlternateHTMLString):

Tools:

  • TestWebKitAPI/Tests/WebKit2/LoadAlternateHTMLStringWithNonDirectoryURL.cpp:

(TestWebKitAPI::loadAlternateHTMLString): Split most of this test into a function so it can
be shared with the new test.
(TestWebKitAPI::TEST): Add a cross-platform test for this crash.

  • TestWebKitAPI/Tests/WebKit2Gtk/TestLoaderClient.cpp: Add a GTK+ test for this crash.

(testLoadAlternateHTMLForLocalPage):
(beforeAll):

03:00 Changeset [180825] by carlosgc@webkit.org
  • 3 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180563 - [GTK] Fonts loaded via @font-face look bad
https://bugs.webkit.org/show_bug.cgi?id=140994

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2015-02-24
Reviewed by Martin Robinson.

We've had several complaints that woff fonts look bad on some websites. This seems to be a
combination of multiple issues. For one, we don't look at Fontconfig settings at all when
creating a web font. This commit changes FontPlatformData::initializeWithFontFace to instead
use sane default settings from Fontconfig when loading a web font, rather than accepting the
default settings from GTK+, which are normally overridden by Fontconfig when loading system
fonts. However, we will hardcode the hinting setting for web fonts to always force use of
the light autohinter, so that we do not use a font's native hints. This avoids compatibility
issues when fonts with poor native hinting are only tested in browsers that do not use the
native hints. It also allows us to sidestep future security vulnerabilities in FreeType's
bytecode interpreter.

The net result of this is that there should be little noticable difference if you have GTK+
set to use slight hinting (which forces use of the autohinter) unless you have customized
Fontconfig configuration, but a dramatic improvement with particular fonts if you use medium
or full hinting. This should reduce complaints about our font rendering on "fancy sites."

No new tests, since the affected fonts we've found are not freely redistributable.

  • platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:

(WebCore::FontCustomPlatformData::FontCustomPlatformData): Force web fonts to be autohinted.

  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::getDefaultCairoFontOptions): Renamed to disambiguate.
(WebCore::getDefaultFontconfigOptions): Added.
(WebCore::FontPlatformData::initializeWithFontFace): Always call
FontPlatformData::setCairoOptionsFromFontConfigPattern. If the FontPlatformData was not
created with an FcPattern (e.g. because this is a web font), call
getDefaultFontconfigOptions to get a sane default FcPattern.
(WebCore::FontPlatformData::setOrientation): Renamed call to getDefaultCairoFontOptions.
(WebCore::getDefaultFontOptions): Deleted.

02:56 Changeset [180824] by carlosgc@webkit.org
  • 18 edits in releases/WebKitGTK/webkit-2.8

Merge r180558 - Always serialize :lang()'s arguments to strings
https://bugs.webkit.org/show_bug.cgi?id=141944

Reviewed by Benjamin Poulain.

Source/WebCore:

As specified in [1] :lang()'s arguments are always serialized to strings.

[1] http://dev.w3.org/csswg/cssom/#serializing-selectors

Related tests are updated.

  • css/CSSGrammar.y.in:
  • css/CSSParserValues.cpp:

(WebCore::CSSParserSelector::setLangArgumentList):

  • css/CSSParserValues.h:

(WebCore::CSSParserString::init):
(WebCore::CSSParserString::clear):
(WebCore::CSSParserString::tokenType): Deleted.
(WebCore::CSSParserString::setTokenType): Deleted.

  • css/CSSSelector.cpp:

(WebCore::appendLangArgumentList):
(WebCore::CSSSelector::setLangArgumentList):

  • css/CSSSelector.h:

(WebCore::CSSSelector::langArgumentList):

  • css/SelectorCheckerTestFunctions.h:

(WebCore::matchesLangPseudoClass):

  • cssjit/SelectorCompiler.cpp:

(WebCore::SelectorCompiler::addPseudoClassType):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsInLanguage):

LayoutTests:

Some tests results are updated to reflect the always serialize
:lang()'s arguments to strings.

  • fast/css/css-lang-selector-with-string-arguments-text-expected.txt:
  • fast/css/css-lang-selector-with-string-arguments-text.html:
  • fast/css/parsing-css-lang-expected.txt:
  • fast/css/parsing-css-lang.html:
  • fast/css/css-selector-text-expected.txt:
  • fast/css/css-selector-text.html:
  • fast/css/css-set-selector-text-expected.txt:
  • fast/css/css-set-selector-text.html:
  • fast/dom/css-selectorText-expected.txt:
02:51 Changeset [180823] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180554 - Give TemporaryChange for m_inLoadPendingImages assertion a name so it actually does something.

  • css/StyleResolver.cpp:

(WebCore::StyleResolver::loadPendingImages):

01:31 Changeset [180822] by carlosgc@webkit.org
  • 5 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180548 - EventHandler references deleted Scrollbar
https://bugs.webkit.org/show_bug.cgi?id=141931
<rdar://problem/19915210>

Reviewed by Tim Horton.

Tested by scrollbars/overflow-custom-scrollbar-crash.html

Update the EventHandler class to use a WeakPtr to reference the
last used Scrollbar, rather than retaining the Scrollbar and
artificially extending its life. This keeps the EventHandler
state in proper sync with the state of the render tree, and
avoids cases where we have destroyed a ScrollableArea (and
Scrollbar) but are still sending messages to a fake zombie
version of the element.

  • page/EventHandler.cpp:

(WebCore::EventHandler::clear):
(WebCore::EventHandler::handleMousePressEvent):
(WebCore::EventHandler::updateMouseEventTargetNode):
(WebCore::EventHandler::updateLastScrollbarUnderMouse):

  • page/EventHandler.h:
  • platform/Scrollbar.cpp:

(WebCore::Scrollbar::Scrollbar): Initialize WeakPtrFactory.

  • platform/Scrollbar.h:

(WebCore::Scrollbar::createWeakPtr): Added,

01:26 Changeset [180821] by carlosgc@webkit.org
  • 4 edits in releases/WebKitGTK/webkit-2.8

Merge r180535 - WTF::WeakPtr should rename 'forgot' to 'clear' and support nullptr assignment
https://bugs.webkit.org/show_bug.cgi?id=141935

Reviewed by Myles C. Maxfield.

Source/WTF:

  • wtf/WeakPtr.h:

(WTF::WeakPtr::operator=): Added 'nullptr_t' overload.
(WTF::WeakPtr::clear): Renamed from 'forget'
(WTF::WeakPtr::forget): Deleted.

Tools:

  • TestWebKitAPI/Tests/WTF/WeakPtr.cpp:

(TestWebKitAPI::TEST): Updated for 'clear' method rename, and added a few
tests for assigning from nullptr.

01:08 Changeset [180820] by carlosgc@webkit.org
  • 4 edits in releases/WebKitGTK/webkit-2.8

Merge r180528 - Source/WTF:
WTF::WeakPtr should have a 'forget' method
https://bugs.webkit.org/show_bug.cgi?id=141923

Reviewed by Myles C. Maxfield.

  • wtf/WeakPtr.h:

(WTF::WeakPtr::forget): Added.

Tools:
WTF::WeakPtr should have a 'forget' method.
https://bugs.webkit.org/show_bug.cgi?id=141923

Reviewed by Myles C. Maxfield.

  • TestWebKitAPI/Tests/WTF/WeakPtr.cpp:

(TestWebKitAPI::TEST): Added 'Forget' tests case.

00:41 Changeset [180819] by carlosgc@webkit.org
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180530 - Default value of HTMLSelectElement size IDL attribute should be 0.
https://bugs.webkit.org/show_bug.cgi?id=141795

Reviewed by Andreas Kling.

Source/WebCore:

Default value of HTMLSelectElement size IDL attribute should be 0.
As in spec: http://www.w3.org/html/wg/drafts/html/master/forms.html#the-select-element, also this matches the behavior of Chrome, IE and
Gecko.

Test: fast/dom/select-size.html

  • html/HTMLSelectElement.cpp:

(WebCore::HTMLSelectElement::parseAttribute):

LayoutTests:

  • fast/dom/select-size-expected.txt: Added.
  • fast/dom/select-size.html: Added.
00:38 Changeset [180818] by carlosgc@webkit.org
  • 2 edits
    1 add in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180516 - r9 is volatile on ARMv7 for iOS 3 and up.
https://bugs.webkit.org/show_bug.cgi?id=141489
rdar://problem/19432916

Reviewed by Michael Saboff.

  • jit/RegisterSet.cpp:

(JSC::RegisterSet::calleeSaveRegisters): removed r9 from the list of ARMv7 callee save registers.

  • tests/stress/regress-141489.js: Added.

(foo):

02/27/15:

23:26 Changeset [180817] by ossy@webkit.org
  • 4 edits in trunk/Source

Source/WebCore:
[EFL][GTK] Fix build break after r180790,180798
https://bugs.webkit.org/show_bug.cgi?id=142127

Patch by Hunseop Jeong <hs85.jeong@samsung.com> on 2015-02-27
Reviewed by Gyuyoung Kim.

  • platform/graphics/cairo/PathCairo.cpp:

(WebCore::Path::addEllipse):

Source/WebKit2:
[EFL][GTK] Fix build break after r180790,180798
https://bugs.webkit.org/show_bug.cgi?id=142127

Patch by Hunseop Jeong <hs85.jeong@samsung.com> on 2015-02-27
Reviewed by Gyuyoung Kim.

  • CMakeLists.txt:
23:12 Changeset [180816] by bfulgham@apple.com
  • 2 edits in trunk/Source/WebKit

[Win] Unreviewed build fix.

Adjust project dependencies to ensure a consistent build order.

  • WebKit.vcxproj/WebKit.sln:
22:21 Changeset [180815] by zalan@apple.com
  • 18 edits in trunk

Subpixel-layout: width: max-content; property might cause unnecessary scrollbar.
https://bugs.webkit.org/show_bug.cgi?id=142065

Reviewed by Simon Fraser.

Source/WebCore:

We should not pixelsnap (ceil in this case) logical coordinates during layout.
Should this cause content to be partially cut off, we need to
find the broken piece in the computation logic.

Covered by the unskipped test.

  • rendering/RootInlineBox.cpp:

(WebCore::RootInlineBox::paddedLayoutOverflowRect):

LayoutTests:

Rebaseline. Scroll layer shrinks in certain cases.

  • platform/mac-mavericks/editing/input/caret-at-the-edge-of-input-expected.txt:
  • platform/mac-mavericks/fast/css/text-overflow-input-expected.txt:
  • platform/mac-mavericks/fast/forms/basic-inputs-expected.txt:
  • platform/mac-mavericks/fast/forms/control-restrict-line-height-expected.txt:
  • platform/mac-mavericks/fast/forms/input-disabled-color-expected.txt:
  • platform/mac-mavericks/fast/forms/search/search-size-with-decorations-expected.txt:
  • platform/mac-mavericks/http/tests/navigation/javascriptlink-frames-expected.txt:
  • platform/mac/TestExpectations:
  • platform/mac/fast/forms/control-restrict-line-height-expected.txt:
  • platform/mac/fast/forms/input-appearance-selection-expected.txt:
  • platform/mac/fast/forms/input-text-scroll-left-on-blur-expected.txt:
  • platform/mac/fast/forms/input-type-text-min-width-expected.txt:
  • platform/mac/fast/forms/minWidthPercent-expected.txt:
  • platform/mac/fast/forms/search/search-size-with-decorations-expected.txt:
  • platform/mac/tables/mozilla/bugs/bug96334-expected.txt:
22:02 Changeset [180814] by darin@apple.com
  • 6 edits
    1 delete in trunk/Source/WTF

Remove unused PossiblyNull
https://bugs.webkit.org/show_bug.cgi?id=142124

Reviewed by Andreas Kling.

  • WTF.vcxproj/WTF.vcxproj: Removed the file.
  • WTF.vcxproj/WTF.vcxproj.filters: Ditto.
  • WTF.xcodeproj/project.pbxproj: Ditto.
  • wtf/CMakeLists.txt: Ditto.
  • wtf/PossiblyNull.h: Removed.
  • wtf/FastMalloc.h: Moved everything to the left.

Moved member functions out of the TryMallocReturnValue class definition.
(WTF::TryMallocReturnValue::operator PossiblyNull<T>): Deleted.
(WTF::TryMallocReturnValue::getValue): Marked inline, changed to work
only with pointer types, not arbitrary non-pointer types.

19:21 Changeset [180813] by benjamin@webkit.org
  • 23 edits
    2 adds in trunk/Source/JavaScriptCore

[JSC] Use the way number constants are written to help type speculation
https://bugs.webkit.org/show_bug.cgi?id=142072

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-02-27
Reviewed by Filip Pizlo.

This patch changes how we interpret numeric constant based on how they appear
in the source.

Constants that are integers but written with a decimal point now carry that information
to the optimizating tiers. From there, we use that to be more aggressive about typing
math operations toward double operations.

For example, in:

var a = x + 1.0;
var b = y + 1;

The Add for a would be biased toward doubles, the Add for b would speculate
integer as usual.

The gains are tiny but this is a prerequisite to make my next patch useful:
-SunSpider's access-fannkuch: definitely 1.0661x faster
-SunSpider's math-cordic: definitely 1.0266x slower

overal: might be 1.0066x slower.

-Kraken's imaging-darkroom: definitely 1.0333x faster.

  • parser/Lexer.cpp:

(JSC::tokenTypeForIntegerLikeToken):
(JSC::Lexer<T>::lex):
The lexer now create two types of tokens for number: INTEGER and DOUBLE.
Those token types only carry information about how the values were
entered, an INTEGER does not have to be an integer, it is only written like one.
Large integer still end up represented as double in memory.

One trap I fell into was typing numbers like 12e3 as double. This kind of literal
is frequently used in integer-typed code, while 12.e3 would appear in double-typed
code.
Because of that, the only signals for double are: decimal point, negative zero,
and ridiculously large values.

  • parser/NodeConstructors.h:

(JSC::DoubleNode::DoubleNode):
(JSC::IntegerNode::IntegerNode):

  • parser/Nodes.h:

(JSC::NumberNode::value):
(JSC::NumberNode::setValue): Deleted.
Number get specialized in two new kind of nodes in the AST: IntegerNode and DoubleNode.

  • bytecompiler/NodesCodegen.cpp:

(JSC::NumberNode::emitBytecode):

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createDoubleExpr):
(JSC::ASTBuilder::createIntegerExpr):
(JSC::ASTBuilder::createIntegerLikeNumber):
(JSC::ASTBuilder::createDoubleLikeNumber):
(JSC::ASTBuilder::createNumberFromBinaryOperation):
(JSC::ASTBuilder::createNumberFromUnaryOperation):
(JSC::ASTBuilder::makeNegateNode):
(JSC::ASTBuilder::makeBitwiseNotNode):
(JSC::ASTBuilder::makeMultNode):
(JSC::ASTBuilder::makeDivNode):
(JSC::ASTBuilder::makeModNode):
(JSC::ASTBuilder::makeAddNode):
(JSC::ASTBuilder::makeSubNode):
(JSC::ASTBuilder::makeLeftShiftNode):
(JSC::ASTBuilder::makeRightShiftNode):
(JSC::ASTBuilder::makeURightShiftNode):
(JSC::ASTBuilder::makeBitOrNode):
(JSC::ASTBuilder::makeBitAndNode):
(JSC::ASTBuilder::makeBitXOrNode):
(JSC::ASTBuilder::createNumberExpr): Deleted.
(JSC::ASTBuilder::createNumber): Deleted.
The AST has some optimization to resolve constants before emitting bytecode.
In the new code, the intger representation is kept if both operands where
also represented as integers.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseDeconstructionPattern):
(JSC::Parser<LexerType>::parseProperty):
(JSC::Parser<LexerType>::parseGetterSetter):
(JSC::Parser<LexerType>::parsePrimaryExpression):
(JSC::Parser<LexerType>::printUnexpectedTokenText):

  • parser/ParserTokens.h:
  • parser/SyntaxChecker.h:

(JSC::SyntaxChecker::createDoubleExpr):
(JSC::SyntaxChecker::createIntegerExpr):
(JSC::SyntaxChecker::createNumberExpr): Deleted.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::registerName):
(JSC::CodeBlock::constantName):
Change constantName(r, getConstant(r)) -> constantName(r) to simplify
the dump code.

(JSC::CodeBlock::dumpBytecode):
Dump thre soure representation information we have with each constant.

(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::shrinkToFit):
(JSC::constantName): Deleted.

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::constantsSourceCodeRepresentation):
(JSC::CodeBlock::addConstant):
(JSC::CodeBlock::addConstantLazily):
(JSC::CodeBlock::constantSourceCodeRepresentation):
(JSC::CodeBlock::setConstantRegisters):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::addConstant):
(JSC::UnlinkedCodeBlock::constantsSourceCodeRepresentation):
(JSC::UnlinkedCodeBlock::shrinkToFit):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addConstantValue):
(JSC::BytecodeGenerator::emitLoad):

  • bytecompiler/BytecodeGenerator.h:

We have to differentiate between constants that have the same values but are
represented differently in the source. Values like 1.0 and 1 now end up
as different constants.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::get):
(JSC::DFG::ByteCodeParser::addConstantToGraph):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::registerFrozenValues):

  • dfg/DFGGraph.h:

(JSC::DFG::Graph::addSpeculationMode):
(JSC::DFG::Graph::addImmediateShouldSpeculateInt32):
ArithAdd is very aggressive toward using Int52, which is quite useful
in many benchmarks.

Here we need to specialize to make sure we don't force our literals
to Int52 if there were represented as double.

There is one exception to that rule: when the other operand is guaranteed
to come from a NodeResultInt32. This is because there is some weird code
doing stuff like:

var b = a|0;
var c = b*2.0;

  • dfg/DFGNode.h:

(JSC::DFG::Node::Node):
(JSC::DFG::Node::setOpAndDefaultFlags):
(JSC::DFG::Node::sourceCodeRepresentation):

  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • runtime/JSCJSValue.h:

(JSC::EncodedJSValueWithRepresentationHashTraits::emptyValue):
(JSC::EncodedJSValueWithRepresentationHashTraits::constructDeletedValue):
(JSC::EncodedJSValueWithRepresentationHashTraits::isDeletedValue):
(JSC::EncodedJSValueWithRepresentationHash::hash):
(JSC::EncodedJSValueWithRepresentationHash::equal):

  • tests/stress/arith-add-with-constants.js: Added.
  • tests/stress/arith-mul-with-constants.js: Added.
19:16 Changeset [180812] by ddkilzer@apple.com
  • 3 edits
    2 adds in trunk/LayoutTests

[iOS] Gardening: rebaseline fast/attachment results

  • platform/ios-simulator/fast/attachment/attachment-disabled-dom-expected.txt: Add.
  • platform/ios-simulator/fast/attachment/attachment-disabled-rendering-expected.txt: Update.
  • platform/ios-simulator/fast/attachment/attachment-dom-expected.txt: Add.
  • platform/ios-simulator/fast/attachment/attachment-rendering-expected.txt: Update.
18:51 Changeset [180811] by ddkilzer@apple.com
  • 2 edits in trunk/LayoutTests

[iOS] Gardening: Unskip fast/history/page-cache-webdatabase-opened-db.html

  • platform/ios-simulator/TestExpectations: Unskip test. It

passes on iOS WK1 and WK2 because WebSQL != IndexedDB.

18:51 Changeset [180810] by ddkilzer@apple.com
  • 2 edits in trunk/LayoutTests

[iOS] Gardening: Skip some new page-cache tests

  • platform/ios-simulator/TestExpectations:
  • Skip MediaSource tests: fast/history/page-cache-media-source-closed-2.html fast/history/page-cache-media-source-closed.html fast/history/page-cache-media-source-opened.html
  • Skip test that uses drag-and-drop: fast/history/page-cache-createObjectURL.html
18:41 Changeset [180809] by rniwa@webkit.org
  • 14 edits in trunk/Source/WebCore

Node::hasEditableStyle and isEditablePosition have too many options
https://bugs.webkit.org/show_bug.cgi?id=142078

Reviewed by Andreas Kling.

Moved the code that dealt with accessibility to htmlediting.cpp from Node. This patch introduces
new editing helper functions hasEditableStyle and isEditableNode for this purpose.

Also removed UserSelectAllTreatment from isContentEditable's arguments in the favor of using
newly extracted computeEditability in call sites that specify this option since isContentEditable
is a public DOM API.

No new tests since there should be no observable behavior changes.

  • accessibility/AXObjectCache.h: Removed the declaration of an undefined function.
  • dom/Element.cpp:

(WebCore::Element::shouldUseInputMethod): Uses newly added computeEditability.

  • dom/Node.cpp:

(WebCore::Node::isContentEditable): Ditto. No longer takes UserSelectAllTreatment as an argument.
(WebCore::Node::isContentRichlyEditable): Ditto.
(WebCore::Node::computeEditability): Renamed from hasEditableStyle to avoid the confusion with
a helper function of the same name. Added ShouldUpdateStyle as an argument to optionally update
style tree. Also returns tri-state Editability enum instead of returning a boolean based on
the value of EditableLevel argument.
(WebCore::Node::isEditableToAccessibility): Moved to htmlediting.cpp.
(WebCore::Node::willRespondToMouseClickEvents): Uses newly added computeEditability.
(WebCore::Node::rootEditableElement): Moved to htmlediting.cpp.

  • dom/Node.h: No longer includes EditingBoundary.h.

(WebCore::Node::isContentEditable):
(WebCore::Node::hasEditableStyle): No longer takes EditableType as an argument.
(WebCore::Node::hasRichlyEditableStyle): Ditto.

  • editing/ApplyStyleCommand.cpp:

(WebCore::ApplyStyleCommand::removeInlineStyleFromElement): Uses newly added isEditableNode.
(WebCore::ApplyStyleCommand::surroundNodeRangeWithElement): Ditto.

  • editing/DeleteFromTextNodeCommand.cpp:

(WebCore::DeleteFromTextNodeCommand::doApply): Ditto.

  • editing/FrameSelection.cpp:

(WebCore::CaretBase::invalidateCaretRect): Ditto.

  • editing/InsertNodeBeforeCommand.cpp:

(WebCore::InsertNodeBeforeCommand::doApply): Ditto.
(WebCore::InsertNodeBeforeCommand::doUnapply): Ditto.

  • editing/RemoveNodeCommand.cpp:

(WebCore::RemoveNodeCommand::doApply): Ditto.

  • editing/VisibleSelection.cpp:

(WebCore::VisibleSelection::hasEditableStyle): Since this is the only caller of isEditablePosition
which sets DoNotUpdateStyle, directly call hasEditableStyle on the container node instead. This was
not possible prior to r180726 because isEditablePosition had to move out of tables.

  • editing/VisibleUnits.cpp:

(WebCore::previousLeafWithSameEditability): Uses newly added hasEditableStyle.
(WebCore::nextLeafWithSameEditability): Ditto.
(WebCore::rootEditableOrDocumentElement): Extracted from previousLinePosition. Use helper functions
in htmlediting.cpp instead of member functions of Node since they no longer support EditableType.
(WebCore::previousLinePosition):
(WebCore::nextLinePosition):

  • editing/htmlediting.cpp:

(WebCore::highestEditableRoot): Uses newly added hasEditableStyle.
(WebCore::isEditableToAccessibility): Moved from Node.
(WebCore::computeEditability): Extracted from isEditablePosition.
(WebCore::hasEditableStyle): Added.
(WebCore::isEditableNode): Added.
(WebCore::isEditablePosition): Now calls computeEditability.
(WebCore::isRichlyEditablePosition): No longer takes EditableType since that variant was never used.
(WebCore::editableRootForPosition): Moved the code from Node::rootEditableElement.

  • editing/htmlediting.h:
18:14 Changeset [180808] by mmaxfield@apple.com
  • 2 edits in trunk/LayoutTests

Test gardening for Windows after r180796.

Unreviewed.

Patch by Myles C. Maxfield <mmaxfield@apple.com> on 2015-02-27

  • platform/win/TestExpectations:
17:57 Changeset [180807] by dino@apple.com
  • 2 edits in trunk/LayoutTests

https://bugs.webkit.org/show_bug.cgi?id=142119

Unreviewed. Add fast/canvas/canvas-ellipse-zero-lineto.html
to list of failing tests on Windows.

  • platform/win/TestExpectations:
17:52 Changeset [180806] by rniwa@webkit.org
  • 2 edits in trunk/Source/bmalloc

Fixed a typo in the previous commit.

  • bmalloc/BoundaryTag.h:

(bmalloc::BoundaryTag::setOwner):

17:46 Changeset [180805] by rniwa@webkit.org
  • 2 edits in trunk/Source/bmalloc

EFL build fix after r180797.

  • bmalloc/BoundaryTag.h:

(bmalloc::BoundaryTag::owner):
(bmalloc::BoundaryTag::setOwner):

17:43 Changeset [180804] by cdumez@apple.com
  • 10 edits
    1 move
    3 deletes in trunk/Source/WebKit2

[WK2] Drop legacy WKBundlePageDiagnosticLoggingClient API
https://bugs.webkit.org/show_bug.cgi?id=141176

Reviewed by Sam Weinig.

Drop legacy WKBundlePageDiagnosticLoggingClient WK2 API as we are now
exposing this functionality via WKPageDiagnosticLoggingClient.h on
UIProcess side. The client-side has already been ported over.

  • CMakeLists.txt:
  • Shared/API/c/WKSharedAPICast.h:

(WebKit::toAPI): Deleted.
(WebKit::toDiagnosticLoggingResultType): Deleted.

  • UIProcess/API/C/WKAPICast.h:

(WebKit::toAPI):

  • UIProcess/API/C/WKDiagnosticLoggingResultType.h: Renamed from Source/WebKit2/Shared/API/c/WKDiagnosticLoggingResultType.h.
  • WebKit2.xcodeproj/project.pbxproj:
  • WebProcess/InjectedBundle/API/c/WKBundlePage.cpp:

(WKBundlePageSetDiagnosticLoggingClient): Deleted.

  • WebProcess/InjectedBundle/API/c/WKBundlePage.h:
  • WebProcess/InjectedBundle/API/c/WKBundlePageDiagnosticLoggingClient.h: Removed.
  • WebProcess/InjectedBundle/InjectedBundlePageDiagnosticLoggingClient.cpp: Removed.
  • WebProcess/InjectedBundle/InjectedBundlePageDiagnosticLoggingClient.h: Removed.
  • WebProcess/WebCoreSupport/WebDiagnosticLoggingClient.cpp:

(WebKit::WebDiagnosticLoggingClient::logDiagnosticMessage):
(WebKit::WebDiagnosticLoggingClient::logDiagnosticMessageWithResult):
(WebKit::WebDiagnosticLoggingClient::logDiagnosticMessageWithValue):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::WebPage):
(WebKit::WebPage::close):
(WebKit::WebPage::initializeInjectedBundleDiagnosticLoggingClient): Deleted.

  • WebProcess/WebPage/WebPage.h:

(WebKit::WebPage::injectedBundleDiagnosticLoggingClient): Deleted.

17:33 Changeset [180803] by bshafiei@apple.com
  • 5 edits in branches/safari-600.1.4.15-branch/Source

Versioning.

17:19 Changeset [180802] by andersca@apple.com
  • 2 edits
    1 move in trunk/Source/WebKit2

Rename WebResourceCacheManagerCFNet.cpp to WebResourceCacheManagerCFNet.mm

Rubber-stamped by Dan Bernstein.

This will let us use lambda to block conversion in a subsequent patch.

  • WebKit2.xcodeproj/project.pbxproj:
  • WebProcess/ResourceCache/cf/WebResourceCacheManagerCFNet.mm: Renamed from Source/WebKit2/WebProcess/ResourceCache/cf/WebResourceCacheManagerCFNet.cpp.
17:13 March 2015 Meeting edited by dino@apple.com
(diff)
17:05 Changeset [180801] by cdumez@apple.com
  • 63 edits in trunk/Source

Make ActiveDOMObject::canSuspend() pure virtual
https://bugs.webkit.org/show_bug.cgi?id=142096
<rdar://problem/19923085>

Reviewed by Andreas Kling.

Make ActiveDOMObject::canSuspend() pure virtual so that people at least
try to provide an implementation for it. The default implementation was
returning false unconditionally and thus was preventing pages from
entering the PageCache.

16:48 Changeset [180800] by bshafiei@apple.com
  • 1 copy in tags/Safari-600.1.4.15.9

New tag.

16:46 Changeset [180799] by commit-queue@webkit.org
  • 6 edits in trunk/Source

Unreviewed, rolling out r180203 and r180210.
https://bugs.webkit.org/show_bug.cgi?id=142116

broke process suspension and tile map (Requested by thorton on
#webkit).

Reverted changesets:

"Adopt CAMachPort-as-layer-contents"
https://bugs.webkit.org/show_bug.cgi?id=141687
http://trac.webkit.org/changeset/180203

"Fix the !USE(IOSURFACE) build"
http://trac.webkit.org/changeset/180210

16:42 Changeset [180798] by commit-queue@webkit.org
  • 13 edits
    7 adds in trunk

Add WebKit2 SPI to create a DOM File object
https://bugs.webkit.org/show_bug.cgi?id=142109

Patch by Sam Weinig <sam@webkit.org> on 2015-02-27
Reviewed by Tim Horton.

Source/WebCore:

  • WebCore.xcodeproj/project.pbxproj:

Make <WebCore/File.h> (and associated files) available to WebKit2.

Source/WebKit2:

Add a new handle type for exposing a DOM File object to script. Follow
the pattern of WKBundleNodeHandleRef and WKBundleRangeHandleRef with the
new class WKBundleFileHandleRef. It can be created for a specific path,
and then the JS wrapper can be obtained via WKBundleFrameGetJavaScriptWrapperForFileForWorld.

  • Shared/API/APIObject.h:
  • Shared/API/c/WKBase.h:
  • WebKit2.xcodeproj/project.pbxproj:
  • WebProcess/InjectedBundle/API/c/WKBundleAPICast.h:
  • WebProcess/InjectedBundle/API/c/WKBundleFileHandleRef.cpp: Added.

(WKBundleFileHandleGetTypeID):
(WKBundleFileHandleCreateWithPath):

  • WebProcess/InjectedBundle/API/c/WKBundleFileHandleRef.h: Added.
  • WebProcess/InjectedBundle/API/c/WKBundleFrame.cpp:

(WKBundleFrameGetJavaScriptWrapperForFileForWorld):

  • WebProcess/InjectedBundle/API/c/WKBundleFrame.h:
  • WebProcess/InjectedBundle/DOM/InjectedBundleFileHandle.cpp: Added.

(WebKit::domHandleCache):
(WebKit::InjectedBundleFileHandle::create):
(WebKit::InjectedBundleFileHandle::getOrCreate):
(WebKit::InjectedBundleFileHandle::InjectedBundleFileHandle):
(WebKit::InjectedBundleFileHandle::~InjectedBundleFileHandle):
(WebKit::InjectedBundleFileHandle::coreFile):

  • WebProcess/InjectedBundle/DOM/InjectedBundleFileHandle.h: Added.
  • WebProcess/WebPage/WebFrame.cpp:

(WebKit::WebFrame::jsWrapperForWorld):

  • WebProcess/WebPage/WebFrame.h:

Tools:

Add a test for WKBundleFileHandleRef.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit2/WKBundleFileHandle.cpp: Added.

(TestWebKitAPI::didReceiveMessageFromInjectedBundle):
(TestWebKitAPI::didFinishLoadForFrame):
(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WebKit2/WKBundleFileHandle_Bundle.cpp: Added.

(TestWebKitAPI::WKBundleFileHandleTest::WKBundleFileHandleTest):

  • TestWebKitAPI/Tests/WebKit2/bundle-file.html: Added.
16:29 Changeset [180797] by ggaren@apple.com
  • 14 edits
    1 add in trunk/Source/bmalloc

bmalloc: Pathological madvise churn on the free(malloc(x)) benchmark
https://bugs.webkit.org/show_bug.cgi?id=142058

Reviewed by Andreas Kling.

The churn was caused by repeatedly splitting an object with physical
pages from an object without, and then merging them back together again.
The merge would conservatively forget that we had physical pages, forcing
a new call to madvise on the next allocation.

This patch more strictly segregates objects in the heap from objects in
the VM heap, with these changes:

(1) Objects in the heap are not allowed to merge with objects in the VM
heap, and vice versa -- since that would erase our precise knowledge of
which physical pages had been allocated.

(2) The VM heap is exclusively responsible for allocating and deallocating
physical pages.

(3) The heap free list must consider entries for objects that are in the
VM heap to be invalid, and vice versa. (This condition can arise
because the free list does not eagerly remove items.)

With these changes, we can know that any valid object in the heap's free
list already has physical pages, and does not need to call madvise.

Note that the VM heap -- as before -- might sometimes contain ranges
or pieces of ranges that have physical pages, since we allow splitting
of ranges at granularities smaller than the VM page size. These ranges
can eventually merge with ranges in the heap during scavenging.

  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/BoundaryTag.h:

(bmalloc::BoundaryTag::owner):
(bmalloc::BoundaryTag::setOwner):
(bmalloc::BoundaryTag::initSentinel):
(bmalloc::BoundaryTag::hasPhysicalPages): Deleted.
(bmalloc::BoundaryTag::setHasPhysicalPages): Deleted. Replaced the concept
of "has physical pages" with a bit indicating which heap owns the large
object. This is a more precise concept, since the old bit was really a
Yes / Maybe bit.

  • bmalloc/Deallocator.cpp:
  • bmalloc/FreeList.cpp: Adopt

(bmalloc::FreeList::takeGreedy):
(bmalloc::FreeList::take):
(bmalloc::FreeList::removeInvalidAndDuplicateEntries):

  • bmalloc/FreeList.h:

(bmalloc::FreeList::push): Added API for considering the owner when
deciding if a free list entry is valid.

  • bmalloc/Heap.cpp:

(bmalloc::Heap::Heap): Adopt new API.

(bmalloc::Heap::scavengeLargeRanges): Scavenge all ranges with no minimum,
since some ranges might be able to merge with ranges in the VM heap, and
they won't be allowed to until we scavenge them.

(bmalloc::Heap::allocateSmallPage):
(bmalloc::Heap::allocateMediumPage):
(bmalloc::Heap::allocateLarge): New VM heap API makes this function
simpler, since we always get back physical pages now.

  • bmalloc/Heap.h:
  • bmalloc/LargeObject.h:

(bmalloc::LargeObject::end):
(bmalloc::LargeObject::owner):
(bmalloc::LargeObject::setOwner):
(bmalloc::LargeObject::isValidAndFree):
(bmalloc::LargeObject::merge): Do not merge objects across heaps since
that causes madvise churn.
(bmalloc::LargeObject::validateSelf):
(bmalloc::LargeObject::init):
(bmalloc::LargeObject::hasPhysicalPages): Deleted.
(bmalloc::LargeObject::setHasPhysicalPages): Deleted. Propogate the Owner API.

  • bmalloc/Owner.h: Added.
  • bmalloc/SegregatedFreeList.cpp:

(bmalloc::SegregatedFreeList::SegregatedFreeList):
(bmalloc::SegregatedFreeList::insert):
(bmalloc::SegregatedFreeList::takeGreedy):
(bmalloc::SegregatedFreeList::take):

  • bmalloc/SegregatedFreeList.h: Propogate the owner API.
  • bmalloc/VMAllocate.h:

(bmalloc::vmDeallocatePhysicalPagesSloppy):
(bmalloc::vmAllocatePhysicalPagesSloppy): Clarified these functions and
removed an edge case.

  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::VMHeap):

  • bmalloc/VMHeap.h:

(bmalloc::VMHeap::allocateSmallPage):
(bmalloc::VMHeap::allocateMediumPage):
(bmalloc::VMHeap::allocateLargeObject):
(bmalloc::VMHeap::deallocateLargeObject): Be sure to give each object
a new chance to merge, since it might have been prohibited from merging
before by virtue of not being in the VM heap.

(bmalloc::VMHeap::allocateLargeRange): Deleted.
(bmalloc::VMHeap::deallocateLargeRange): Deleted.

16:28 Changeset [180796] by mmaxfield@apple.com
  • 26 edits in trunk/LayoutTests

Updating more tests after r177774

Unreviewed.

Most of these tests simply need to be updated. However, I found two real bugs while
going through these!

  • fast/css-generated-content/after-with-inline-continuation-expected.html:
  • fast/css-generated-content/after-with-inline-continuation.html:
  • fast/inline/hidpi-pixel-gap-between-adjacent-selection-inlines-expected.html:
  • fast/inline/hidpi-select-inline-on-subpixel-position-expected.html:
  • fast/inline/hidpi-select-inline-on-subpixel-position.html:
  • fast/lists/rtl-marker-expected.html:
  • fast/lists/rtl-marker.html:
  • fast/multicol/cell-shrinkback-expected.html:
  • fast/multicol/cell-shrinkback.html:
  • fast/multicol/newmulticol/breaks-3-columns-3-expected.html:
  • fast/multicol/newmulticol/breaks-3-columns-3.html:
  • fast/regions/last-region-border-radius-expected.html:
  • fast/regions/last-region-border-radius.html:
  • fast/regions/overflow/overflow-first-and-last-regions.html:
  • fast/regions/overflow/overflow-in-uniform-regions-dynamic-expected.html:
  • fast/regions/overflow/overflow-in-uniform-regions-dynamic.html:
  • fast/shapes/shape-outside-floats/shape-outside-floats-inset-rounded-large-radius-expected.html:
  • fast/shapes/shape-outside-floats/shape-outside-floats-inset-rounded-large-radius.html:
  • fast/shapes/shape-outside-floats/shape-outside-rounded-inset-expected.html:
  • fast/shapes/shape-outside-floats/shape-outside-rounded-inset.html:
  • fast/table/td-width-fifty-percent-regression-expected.html:
  • fast/table/td-width-fifty-percent-regression.html:
  • fast/text/complex-initial-advance-expected.html:
  • fast/text/complex-initial-advance.html:
  • platform/mac/TestExpectations:
16:23 Changeset [180795] by mmaxfield@apple.com
  • 5 edits in trunk

[Subpixel] Subpixelize RenderListMarker
https://bugs.webkit.org/show_bug.cgi?id=142093

Reviewed by Zalan Bujtas.

Source/WebCore:

Use floats instead of ints.

Test: fast/lists/rtl-marker.html

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::paint):
(WebCore::RenderListMarker::updateContent):
(WebCore::RenderListMarker::getRelativeMarkerRect):

  • rendering/RenderListMarker.h:

LayoutTests:

  • platform/mac/TestExpectations: Unskip fast/lists/rtl-marker.html
16:09 Changeset [180794] by timothy_horton@apple.com
  • 7 edits in trunk/Source/WebCore

<attachment> should be selected immediately upon click, and be drag/copyable upon click
https://bugs.webkit.org/show_bug.cgi?id=142114
<rdar://problem/19982520>

Reviewed by Enrica Casucci.

  • css/html.css:

(attachment):
Make attachment use 'user-select: all' to act as a single click-to-select unit.

  • html/HTMLAttachmentElement.cpp:

(WebCore::HTMLAttachmentElement::setFocus): Deleted.

  • html/HTMLAttachmentElement.h:
  • rendering/RenderAttachment.cpp:

(WebCore::RenderAttachment::isFocused): Deleted.
(WebCore::RenderAttachment::focusChanged): Deleted.

  • rendering/RenderAttachment.h:
  • rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::paintAttachment):
Remove focus-related code; instead of focusing the element upon click,
we get a selection including just the <attachment>, and everything
behaves much more consistently (copy works, drag works, etc.).

16:06 Changeset [180793] by ap@apple.com
  • 4 edits in trunk/LayoutTests

Test gardening, unmark now passing tests.

  • TestExpectations:
  • platform/mac-wk2/TestExpectations:
  • platform/mac/TestExpectations:
16:02 Changeset [180792] by mmaxfield@apple.com
  • 7 edits in trunk

[iOS] Some MathML tests crash in RenderMathMLOperator::advanceForGlyph() or boundsForGlyph()
https://bugs.webkit.org/show_bug.cgi?id=141371

Reviewed by David Kilzer.

Source/WebCore:

Null checks.

Covered by existing mathml tests.

  • rendering/mathml/RenderMathMLOperator.cpp:

(WebCore::RenderMathMLOperator::boundsForGlyph):
(WebCore::RenderMathMLOperator::advanceForGlyph):
(WebCore::RenderMathMLOperator::getDisplayStyleLargeOperator):

LayoutTests:

Updating expected results and TestExpectations

  • platform/ios-simulator-wk2/TestExpectations:
  • platform/ios-simulator/mathml/opentype/horizontal-munderover-expected.txt:
  • platform/ios-simulator/mathml/opentype/large-operators-expected.txt:
  • platform/ios-simulator/mathml/opentype/vertical-expected.txt:
15:46 Changeset [180791] by cdumez@apple.com
  • 8 edits
    2 adds in trunk

Make SourceBuffer ActiveDOMObject suspendable
https://bugs.webkit.org/show_bug.cgi?id=142108
<rdar://problem/19923085>

Reviewed by Jer Noble.

Source/WebCore:

Make SourceBuffer ActiveDOMObject suspendable if it is removed from its
MediaSource and does not have any pending events. This makes it more
likely for pages using SourceBuffer objects to go into the PageCache.

Test: fast/history/page-cache-removed-source-buffer.html

  • Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::canSuspend):

  • Modules/mediasource/SourceBuffer.h:

LayoutTests:

Add a layout tests to check that a SourceBuffer removed from its
MediaSource does not prevent a Page from entering PageCache.

  • fast/history/page-cache-removed-source-buffer-expected.txt: Added.
  • fast/history/page-cache-removed-source-buffer.html: Added.
15:40 Changeset [180790] by dino@apple.com
  • 8 edits
    19 adds in trunk

Add support for canvas ellipse method
https://bugs.webkit.org/show_bug.cgi?id=82791
<rdar://problem/11159172>

Patch by Sam Weinig <sam@webkit.org> on 2015-02-26
Reviewed by Dirk Schulze.

Source/WebCore:

Tests: fast/canvas/canvas-ellipse-360-winding.html

fast/canvas/canvas-ellipse-circumference-fill.html
fast/canvas/canvas-ellipse-circumference.html
fast/canvas/canvas-ellipse-connecting-line.html
fast/canvas/canvas-ellipse-negative-radius.html
fast/canvas/canvas-ellipse-zero-lineto.html
fast/canvas/canvas-ellipse.html

  • html/canvas/CanvasPathMethods.h:
  • html/canvas/CanvasPathMethods.cpp:

(WebCore::CanvasPathMethods::lineTo):
Convenience for passing a FloatPoint instead of two floats.

(WebCore::normalizeAngles):
Normalizes the angles as described in the HTML spec. Ensuring the startAngle
is greater than 0 and less than 2pi, and the the endAngle is at most 2pi
from the start angle.

(WebCore::CanvasPathMethods::arc):

  • Renames some of the parameters to be clearer.
  • Normalizes the angles for consistency with ellipse.
  • Moves hasInvertibleTransform() higher in the function for consistency.

(WebCore::CanvasPathMethods::ellipse): Added.

  • html/canvas/CanvasRenderingContext2D.idl:
  • html/canvas/DOMPath.idl:

Add ellipse(...).

  • platform/graphics/Path.h:
  • platform/graphics/cg/PathCG.cpp:

(WebCore::Path::addArc):
Rename parameters for clarity and use a nullptr.

(WebCore::Path::addEllipse):
Added. Constructs an ellipse via a transformed arc.

LayoutTests:

  • fast/canvas/canvas-ellipse-360-winding-expected.txt: Added.
  • fast/canvas/canvas-ellipse-360-winding.html: Added.
  • fast/canvas/canvas-ellipse-circumference-expected.txt: Added.
  • fast/canvas/canvas-ellipse-circumference-fill-expected.txt: Added.
  • fast/canvas/canvas-ellipse-circumference-fill.html: Added.
  • fast/canvas/canvas-ellipse-circumference.html: Added.
  • fast/canvas/canvas-ellipse-connecting-line-expected.html: Added.
  • fast/canvas/canvas-ellipse-connecting-line.html: Added.
  • fast/canvas/canvas-ellipse-expected.txt: Added.
  • fast/canvas/canvas-ellipse-negative-radius-expected.txt: Added.
  • fast/canvas/canvas-ellipse-negative-radius.html: Added.
  • fast/canvas/canvas-ellipse-zero-lineto-expected.txt: Added.
  • fast/canvas/canvas-ellipse-zero-lineto.html: Added.
  • fast/canvas/canvas-ellipse.html: Added.
  • fast/canvas/script-tests/canvas-ellipse-360-winding.js: Added.
  • fast/canvas/script-tests/canvas-ellipse.js: Added.
  • fast/canvas/script-tests/js-ellipse-implementation.js: Added.
  • platform/mac/fast/canvas/canvas-ellipse-circumference-expected.png: Added.
  • platform/mac/fast/canvas/canvas-ellipse-circumference-fill-expected.png: Added.
15:37 Changeset [180789] by commit-queue@webkit.org
  • 4 edits in trunk/LayoutTests

Test more features of content extensions.
https://bugs.webkit.org/show_bug.cgi?id=142100

Patch by Alex Christensen <achristensen@webkit.org> on 2015-02-27
Reviewed by Brady Eidson.

  • http/tests/usercontentfilter/basic-filter.html:
  • http/tests/usercontentfilter/basic-filter.html.json:
  • platform/mac/http/tests/usercontentfilter/basic-filter-expected.txt:
15:35 Changeset [180788] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Use Maps in ResourceCollection instead of objects
https://bugs.webkit.org/show_bug.cgi?id=142101

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-02-27
Reviewed by Timothy Hatcher.

  • UserInterface/Models/ResourceCollection.js:

(WebInspector.ResourceCollection):
(WebInspector.ResourceCollection.prototype.resourcesWithType):
(WebInspector.ResourceCollection.prototype.removeAllResources):
(WebInspector.ResourceCollection.prototype.resourceForURL):
(WebInspector.ResourceCollection.prototype._associateWithResource):
(WebInspector.ResourceCollection.prototype._disassociateWithResource):
(WebInspector.ResourceCollection.prototype._resourceURLDidChange):
(WebInspector.ResourceCollection.prototype._resourceTypeDidChange):
Use Maps instead of objects.

15:32 Changeset [180787] by msaboff@apple.com
  • 2 edits in trunk/Tools

Add ability for run-jsc-benchmarks to set library path from test binary when run on a build bot
https://bugs.webkit.org/show_bug.cgi?id=142112

Reviewed by Filip Pizlo.

Added check for VMs in the form of <someDir>/{DumpRenderTree,webkitTestRunner,jsc} and use
<someDir> as the library path.

  • Scripts/run-jsc-benchmarks:
15:31 Changeset [180786] by ap@apple.com
  • 2 edits in trunk/LayoutTests

Some WebGL tests fail on ATI hardware
https://bugs.webkit.org/show_bug.cgi?id=93560
rdar://problem/19991477

  • platform/mac/TestExpectations: Updating expectations, as this is not limited to

Mavericks.

15:07 Changeset [180785] by enrica@apple.com
  • 7 edits
    2 adds in trunk

Adding support for serializing HTMLAttachment elements.
https://bugs.webkit.org/show_bug.cgi?id=142026

Reviewed by Tim Horton.

Source/WebCore:

Test: editing/pasteboard/copy-paste-attachment.html

Adding support to serialize the attachment element
and properly handle it when converting a DOM range
to NSAttributedString.

  • editing/cocoa/HTMLConverter.mm:

(HTMLConverter::_processElement):

  • editing/markup.cpp:

(WebCore::StyledMarkupAccumulator::appendCustomAttributes): Create new attribute
for attachment element when serializating.
(WebCore::StyledMarkupAccumulator::appendElement):
(WebCore::createFragmentFromMarkup): Remove the attribute from the attachment element
when creating the fragment.

  • html/HTMLAttachmentElement.cpp:

(WebCore::HTMLAttachmentElement::file): Added const to file() to
use it in appendCustonAttributes where the element is a const reference.

  • html/HTMLAttachmentElement.h:
  • html/HTMLAttributeNames.in:

LayoutTests:

  • editing/pasteboard/copy-paste-attachment-expected.txt: Added.
  • editing/pasteboard/copy-paste-attachment.html: Added.
15:00 Changeset [180784] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebCore

<attachment> should have an inactive style (gray in background)
https://bugs.webkit.org/show_bug.cgi?id=142103
<rdar://problem/19982486>

Reviewed by Dan Bernstein.

  • rendering/RenderThemeMac.mm:

(WebCore::attachmentLabelInactiveBackgroundColor):
(WebCore::attachmentLabelInactiveTextColor):
(WebCore::RenderThemeMac::paintAttachmentLabelBackground):
(WebCore::RenderThemeMac::paintAttachmentLabel):
Use a gray background and gray text when the selection containing the
attachment isn't focused and active.

14:50 Changeset [180783] by beidson@apple.com
  • 9 edits
    7 adds in trunk

Add a "block-cookies" rule to the user content filter.
https://bugs.webkit.org/show_bug.cgi?id=142105

Reviewed by Alex Christensen.

Source/WebCore:

Tests: http/tests/usercontentfilter/block-cookies-basic.html

http/tests/usercontentfilter/block-cookies-send.html

  • contentextensions/ContentExtensionRule.h:
  • contentextensions/ContentExtensionsBackend.cpp:

(WebCore::ContentExtensions::ContentExtensionsBackend::actionForURL):
(WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL): Deleted.

  • contentextensions/ContentExtensionsBackend.h:
  • contentextensions/ContentExtensionsManager.cpp:

(WebCore::ContentExtensions::ExtensionsManager::loadAction):

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestResource):

  • page/UserContentController.cpp:

(WebCore::UserContentController::actionForURL):
(WebCore::UserContentController::contentFilterBlocksURL): Deleted.

  • page/UserContentController.h:

LayoutTests:

  • http/tests/cookies/resources/echo-cookies.php: Added.
  • http/tests/usercontentfilter/block-cookies-basic-expected.txt: Added.
  • http/tests/usercontentfilter/block-cookies-basic.html: Added.
  • http/tests/usercontentfilter/block-cookies-basic.html.json: Added.
  • http/tests/usercontentfilter/block-cookies-send-expected.txt: Added.
  • http/tests/usercontentfilter/block-cookies-send.html: Added.
  • http/tests/usercontentfilter/block-cookies-send.html.json: Added.
14:45 Changeset [180782] by bdakin@apple.com
  • 2 edits in trunk/Source/WebKit2

Lookup panel dismisses when pages are loading in other tabs/windows
https://bugs.webkit.org/show_bug.cgi?id=142104
-and corresponding-
rdar://problem/19882137

Reviewed by Tim Horton.

Until rdar://problem/13875766 is resolved, we should only call into Lookup and
DataDetectors for key windows.

  • UIProcess/API/mac/WKView.mm:

(-[WKView _dismissContentRelativeChildWindows]):

14:17 Changeset [180781] by achristensen@apple.com
  • 5 edits in trunk

[WinCairo] Unreviewed build fix.

Source/WebCore:

  • platform/graphics/BitmapImage.h:
  • platform/win/BitmapInfo.h:

Added WEBCORE_EXPORT.

Tools:

  • TestWebKitAPI/TestWebKitAPI.vcxproj/TestWebKitAPICommonWinCairo.props:

Use TestWebKitAPIPrefix.h like in TestWebKitAPICommon.props.

13:56 Changeset [180780] by timothy_horton@apple.com
  • 6 edits in trunk/Source/WebCore

<attachment>'s label baseline should match that of the surrounding text
https://bugs.webkit.org/show_bug.cgi?id=142099
rdar://problem/19982495

Reviewed by Dan Bernstein.

  • rendering/RenderAttachment.cpp:

(WebCore::RenderAttachment::baselinePosition):

  • rendering/RenderAttachment.h:

Override baselinePosition and retrieve it from RenderTheme.

  • rendering/RenderTheme.h:

(WebCore::RenderTheme::attachmentBaseline):

  • rendering/RenderThemeMac.h:
  • rendering/RenderThemeMac.mm:

(WebCore::AttachmentLayout::AttachmentLayout):
(WebCore::RenderThemeMac::attachmentBaseline):
Plumb the label baseline from AttachmentLayout to RenderAttachment.

13:42 Changeset [180779] by commit-queue@webkit.org
  • 12 edits in trunk/Source/WebCore

Unreviewed, rolling out r180752.
https://bugs.webkit.org/show_bug.cgi?id=142098

Causes 10 SVG test failures on Windows. (Requested by
bfulgham_ on #webkit).

Reverted changeset:

"Cache glyph widths to GlyphPages"
https://bugs.webkit.org/show_bug.cgi?id=142028
http://trac.webkit.org/changeset/180752

13:40 Changeset [180778] by rniwa@webkit.org
  • 4 edits in trunk/LayoutTests

iOS, GTK, and EFL rebaselines after r180726.

  • platform/efl/editing/inserting/5058163-1-expected.txt:
  • platform/gtk/editing/inserting/5058163-1-expected.txt:
  • platform/ios-simulator-wk2/editing/inserting/5058163-1-expected.txt:
13:39 Changeset [180777] by ddkilzer@apple.com
  • 2 edits in trunk/Source/WebCore

[iOS] Fix build by defining EAGL_IOSURFACE macro before including <OpenGLES/EAGLPrivate.h>

  • platform/spi/ios/OpenGLESSPI.h: Define EAGL_IOSURFACE macro

until header refactoring is completed.

13:34 Changeset [180776] by cdumez@apple.com
  • 6 edits in trunk/LayoutTests

Unreviewed, skip tests added in r180771 on platforms that don't support IndexedDB.

  • platform/efl/TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/ios-simulator/TestExpectations:
  • platform/win/TestExpectations:
  • platform/wincairo/TestExpectations:
13:27 Changeset [180775] by bfulgham@apple.com
  • 2 edits in trunk/LayoutTests

[Win] Skip IndexDB tests on Windows since it's not implemented.

  • platform/win/TestExpectations:
13:18 Changeset [180774] by cdumez@apple.com
  • 8 edits
    6 adds in trunk

MediaSource should be suspendable when closed
https://bugs.webkit.org/show_bug.cgi?id=142089
<rdar://problem/19923085>

Reviewed by Jer Noble.

Source/WebCore:

Make MediaSource ActiveDOMObject suspendable when it is in closed state
and it has no pending events. This increases the likelihood of pages
using MediaSource to enter the PageCache.

Tests: fast/history/page-cache-media-source-closed-2.html

fast/history/page-cache-media-source-closed.html
fast/history/page-cache-media-source-opened.html

LayoutTests:

Add layout tests to check that:

  • Pages with an open MediaSource do not enter the PageCache
  • Pages with an initially closed MediaSource enter the PageCache
  • Pages with a MediaSource that changed state from opened to closed enter the PageCache.
12:14 Changeset [180773] by andersca@apple.com
  • 11 edits in trunk

Add infrastructure for handling website data in the network process
https://bugs.webkit.org/show_bug.cgi?id=142092

Reviewed by Andreas Kling.

Source/WebKit2:

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::fetchWebsiteData):
(WebKit::NetworkProcess::deleteWebsiteDataForOrigins):
Send back "Did" messages without actually doing anything for now.

  • NetworkProcess/NetworkProcess.h:

Add new members.

  • NetworkProcess/NetworkProcess.messages.in:

Add FetchWebsiteData and DeleteWebsiteDataForOrigins messages.

  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::~NetworkProcessProxy):
Assert that all maps are empty.

(WebKit::NetworkProcessProxy::fetchWebsiteData):
(WebKit::NetworkProcessProxy::deleteWebsiteDataForOrigins):
Add callbacks and send fetch and delete messages respectively.

(WebKit::NetworkProcessProxy::networkProcessCrashedOrFailedToLaunch):
Make sure to invoke all callbacks.

(WebKit::NetworkProcessProxy::didFetchWebsiteData):
Find the callback and invoke it.

(WebKit::NetworkProcessProxy::didDeleteWebsiteDataForOrigins):
Ditto.

  • UIProcess/Network/NetworkProcessProxy.h:

Add new members.

  • UIProcess/Network/NetworkProcessProxy.messages.in:

Add DidFetchWebsiteData and DidDeleteWebsiteDataForOrigins messages.

  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::connectionDidClose):
Just pass an empty WebsiteData object.

Tools:

Add a menu item that will fetch all website data, delete the returned data records, and
fetch all website data again so we can confirm that it's all empty.

  • MiniBrowser/mac/WK2BrowserWindowController.m:

(-[WK2BrowserWindowController fetchAndClearWebsiteData:]):

11:52 Changeset [180772] by akling@apple.com
  • 18 edits in trunk/Source/WebCore

Use NeverDestroyed for JS wrapper owners.
<https://webkit.org/b/142090>

Reviewed by Chris Dumez.

Using NeverDestroyed puts these objects in BSS which is preferable
since that prevents them from pinning down entire malloc pages forever.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader): Use NeverDestroyed instead of DEPRECATED_DEFINE_STATIC_LOCAL.

  • bindings/scripts/test/JS/*: Rebaseline bindings tests for this change.
11:24 Changeset [180771] by cdumez@apple.com
  • 7 edits
    4 adds in trunk

Make IDBDatabase / IDBRequest suspendable
https://bugs.webkit.org/show_bug.cgi?id=142076
<rdar://problem/19923085>

Reviewed by Andreas Kling.

Source/WebCore:

Make IDBDatabase / IDBRequest suspendable under certain conditions to
make it more likely for pages using indexeddb to enter the PageCache.

IDBDatabase is safely suspendable if the database is closed. IDBRequest
is safely suspendable if the request no longer has any pending activity
(i.e. state is DONE and success / failure handler was called). We may
be able to do better later but this is the bare minimum for now.

Tests: fast/history/page-cache-indexed-closed-db.html

fast/history/page-cache-indexed-opened-db.html

  • Modules/indexeddb/IDBDatabase.cpp:

(WebCore::IDBDatabase::IDBDatabase):
(WebCore::IDBDatabase::closeConnection):
(WebCore::IDBDatabase::enqueueEvent):
(WebCore::IDBDatabase::canSuspend):

  • Modules/indexeddb/IDBDatabase.h:
  • Modules/indexeddb/IDBRequest.cpp:

(WebCore::IDBRequest::canSuspend):

  • Modules/indexeddb/IDBRequest.h:

LayoutTests:

Add layout tests to make sure that:

  • A page with an open indexeddb database is not page-cacheable
  • A page with a closed indexeddb database is page-cacheable
  • fast/history/page-cache-indexed-closed-db-expected.txt: Added.
  • fast/history/page-cache-indexed-closed-db.html: Added.
  • fast/history/page-cache-indexed-opened-db-expected.txt: Added.
  • fast/history/page-cache-indexed-opened-db.html: Added.
11:22 Changeset [180770] by cdumez@apple.com
  • 7 edits
    2 adds in trunk

Drop unnecessary DatabaseManager::hasOpenDatabases() in PageCache::canCachePageContainingThisFrame()
https://bugs.webkit.org/show_bug.cgi?id=142052

Reviewed by Andreas Kling.

Source/WebCore:

Drop WebDatabase special-handling from PageCache::canCachePageContainingThisFrame().
DatabaseContext is already an ActiveDOMObject and DatabaseContext::canSuspend() was
returning false so pages using WebDatabase would never enter the PageCache anyway.

This patch also overrides ActiveDOMObject::canSuspend() in DatabaseContext to only
return false when there are open databases. This check is now equivalent to the one
that was in PageCache.

An issue that remains is that DatabaseContext::m_hasOpenDatabases is never reset
to false so once a page opened a database, it will never be page-cacheable. This
will be taken care of separately though.

Test: fast/history/page-cache-webdatabase-opened-db.html

  • Modules/webdatabase/DatabaseContext.cpp:

(WebCore::DatabaseContext::canSuspend):

  • Modules/webdatabase/DatabaseContext.h:
  • history/PageCache.cpp:

(WebCore::logCanCacheFrameDecision):
(WebCore::PageCache::canCachePageContainingThisFrame):

  • page/DiagnosticLoggingKeys.cpp:

(WebCore::DiagnosticLoggingKeys::hasOpenDatabasesKey): Deleted.

  • page/DiagnosticLoggingKeys.h:

LayoutTests:

Add a layout test to check that a page with an open WebDatabase does
not enter the PageCache.

  • fast/history/page-cache-webdatabase-opened-db-expected.txt: Added.
  • fast/history/page-cache-webdatabase-opened-db.html: Added.
11:20 Changeset [180769] by achristensen@apple.com
  • 6 edits
    5 adds in trunk/Source/WebCore

Compile DFA to bytecode.
https://bugs.webkit.org/show_bug.cgi?id=142031

Reviewed by Benjamin Poulain.

  • WebCore.xcodeproj/project.pbxproj:
  • contentextensions/ContentExtensionsBackend.cpp:

(WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
(WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL):

  • contentextensions/ContentExtensionsBackend.h:
  • contentextensions/DFA.cpp:

(WebCore::ContentExtensions::DFA::nextState): Deleted.
(WebCore::ContentExtensions::DFA::actions): Deleted.

  • contentextensions/DFA.h:

(WebCore::ContentExtensions::DFA::size):
(WebCore::ContentExtensions::DFA::nodeAt):

  • contentextensions/DFABytecode.h: Added.

(WebCore::ContentExtensions::instructionSizeWithArguments):

  • contentextensions/DFABytecodeCompiler.cpp: Added.

(WebCore::ContentExtensions::append):
(WebCore::ContentExtensions::set32Bits):
(WebCore::ContentExtensions::DFABytecodeCompiler::emitAppendAction):
(WebCore::ContentExtensions::DFABytecodeCompiler::emitJump):
(WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValue):
(WebCore::ContentExtensions::DFABytecodeCompiler::emitTerminate):
(WebCore::ContentExtensions::DFABytecodeCompiler::reserveBufferCapacity):
(WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
(WebCore::ContentExtensions::DFABytecodeCompiler::compile):

  • contentextensions/DFABytecodeCompiler.h: Added.

(WebCore::ContentExtensions::DFABytecodeCompiler::DFABytecodeCompiler):

  • contentextensions/DFABytecodeInterpreter.cpp: Added.

(WebCore::ContentExtensions::getBits):
(WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):

  • contentextensions/DFABytecodeInterpreter.h: Added.

(WebCore::ContentExtensions::DFABytecodeInterpreter::DFABytecodeInterpreter):

10:50 Changeset [180768] by enrica@apple.com
  • 10 edits in trunk/Source/WebKit2

[WK2] REGRESSION(r180465): WebKit::WebPage::editorState() triggers a layout.
https://bugs.webkit.org/show_bug.cgi?id=142015

Reviewed by Alexey Proskuryakov.

We no longer compute the font information at selection
when we update the editor state.
Instead, we request the font information only when the selection
changes and the font panel is visible.
I added an observer to be notified of the font panel visibility
changes to update NSFontManager to reflect the font at the
current selection.

  • Shared/EditorState.cpp:

(WebKit::EditorState::encode):
(WebKit::EditorState::decode):

  • Shared/EditorState.h:

(WebKit::EditorState::EditorState):

  • UIProcess/API/mac/WKView.mm:

(-[WKView updateFontPanelIfNeeded]):
(-[WKView _selectionChanged]):
(-[WKView addWindowObserversForWindow:]):
(-[WKView removeWindowObservers]):
(-[WKView observeValueForKeyPath:ofObject:change:context:]):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::fontAtSelection):
(WebKit::WebPageProxy::fontAtSelectionCallback):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:
  • WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::platformEditorState):
(WebKit::WebPage::fontAtSelection):

10:43 Changeset [180767] by zalan@apple.com
  • 3 edits
    2 adds in trunk

Use after free in WebCore::RenderNamedFlowFragment::restoreRegionObjectsOriginalStyle
https://bugs.webkit.org/show_bug.cgi?id=138366

Reviewed by Dave Hyatt.

This patch ensures that we clean up RenderNamedFlowFragment::m_renderObjectRegionStyle when embedded flow content is getting destroyed.

In m_renderObjectRegionStyle hash map, we store style information about the named flow's descendant children.
When a child is being detached from the tree, it removes itself from this hashmap.
We do it by traversing up on the ancestor chain and call removeFlowChildInfo() on the parent flow.
However in case of embedded flows (for example multicolumn content inside a region), we need to check whether the parent flow
is inside a flow too and continue the cleanup accordingly.

Source/WebCore:

Test: fast/regions/region-with-multicolumn-embedded-crash.html

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::removeFromRenderFlowThreadIncludingDescendants):

LayoutTests:

  • fast/regions/region-with-multicolumn-embedded-crash-expected.txt: Added.
  • fast/regions/region-with-multicolumn-embedded-crash.html: Added.
10:33 Changeset [180766] by beidson@apple.com
  • 19 edits in trunk/Source

Add API to remove a single content filter.
<rdar://problem/19977764> and https://bugs.webkit.org/show_bug.cgi?id=142088

Reviewed by Sam Weinig.

Source/WebCore:

  • page/UserContentController.cpp:

(WebCore::UserContentController::removeUserContentFilter):

  • page/UserContentController.h:

Source/WebKit2:

  • Shared/WebPageGroupData.h:
  • UIProcess/API/C/WKPageGroup.cpp:

(WKPageGroupRemoveUserContentFilter):

  • UIProcess/API/C/WKPageGroup.h:
  • UIProcess/API/Cocoa/WKUserContentController.mm:

(-[WKUserContentController _removeUserContentFilter:]):

  • UIProcess/API/Cocoa/WKUserContentControllerPrivate.h:
  • UIProcess/UserContent/WebUserContentControllerProxy.cpp:

(WebKit::WebUserContentControllerProxy::WebUserContentControllerProxy):
(WebKit::WebUserContentControllerProxy::addProcess):
(WebKit::WebUserContentControllerProxy::addUserContentFilter):
(WebKit::WebUserContentControllerProxy::removeUserContentFilter):
(WebKit::WebUserContentControllerProxy::removeAllUserContentFilters):

  • UIProcess/UserContent/WebUserContentControllerProxy.h:
  • UIProcess/WebPageGroup.cpp:

(WebKit::WebPageGroup::addUserContentFilter):
(WebKit::WebPageGroup::removeUserContentFilter):

  • UIProcess/WebPageGroup.h:
  • WebProcess/UserContent/WebUserContentController.cpp:

(WebKit::WebUserContentController::removeUserContentFilter):

  • WebProcess/UserContent/WebUserContentController.h:
  • WebProcess/UserContent/WebUserContentController.messages.in:
  • WebProcess/WebPage/WebPageGroupProxy.cpp:

(WebKit::WebPageGroupProxy::WebPageGroupProxy):
(WebKit::WebPageGroupProxy::removeUserContentFilter):

  • WebProcess/WebPage/WebPageGroupProxy.h:
  • WebProcess/WebPage/WebPageGroupProxy.messages.in:
10:09 Changeset [180765] by bfulgham@apple.com
  • 16 edits in trunk

[Win] Remove remaining SafariTheme cruft
https://bugs.webkit.org/show_bug.cgi?id=142075

Reviewed by Anders Carlsson.

Remove reference to SafariTheme-switching preference.

Source/WebCore:

Tested by existing layout tests.

  • WebCore.vcxproj/WebCore.vcxproj:
  • WebCore.vcxproj/WebCore.vcxproj.filters:
  • config.h:
  • page/Settings.cpp:

(WebCore::Settings::fontRenderingMode):
(WebCore::Settings::setShouldPaintNativeControls): Deleted.

  • page/Settings.h:

(WebCore::Settings::shouldPaintNativeControls): Deleted.

  • platform/win/ScrollbarThemeWin.cpp:

(WebCore::ScrollbarTheme::nativeTheme):

  • rendering/RenderThemeWin.cpp:

(WebCore::RenderTheme::themeForPage):

Source/WebKit/win:

  • Interfaces/IWebPreferencesPrivate.idl:
  • WebKitClassFactory.cpp:

(WebKitClassFactory::WebKitClassFactory):
(WebKitClassFactory::QueryInterface):
(WebKitClassFactory::AddRef):
(WebKitClassFactory::Release):
(WebKitClassFactory::CreateInstance):
(WebKitClassFactory::LockServer):

  • WebPreferences.cpp:

(WebPreferences::shouldPaintNativeControls): Deleted.
(WebPreferences::setShouldPaintNativeControls): Deleted.

  • WebPreferences.h:
  • WebView.cpp:

(WebView::initWithFrame):
(WebView::notifyPreferencesChanged):

Tools:

  • DumpRenderTree/win/DumpRenderTree.cpp:

(resetWebPreferencesToConsistentValues):
(prepareConsistentTestingEnvironment):

09:49 Changeset [180764] by carlosgc@webkit.org
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180511 - Drawing an SVG image into a canvas using drawImage() ignores globalAlpha.
https://bugs.webkit.org/show_bug.cgi?id=141729.

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2015-02-23
Reviewed by Simon Fraser.

Source/WebCore:

When drawing an SVG image and the drawing context is set to be transparent,
make sure this transparency is applied to the compositing layer.

Test: svg/canvas/canvas-global-alpha-svg.html

  • platform/graphics/GraphicsContext.cpp:

(WebCore::GraphicsContext::setAlpha): Make setAlpha() calls the platform
function and sets 'm_state.alpha' to the input value.

(WebCore::GraphicsContext::alpha): Add a new function 'alpha()' which
returns the value of the global alpha.

  • platform/graphics/GraphicsContext.h:

(WebCore::GraphicsContextState::GraphicsContextState): Add a new member
'alpha' to the context state since the getter function CGContextGetAlpha
is defined only in a private header file. Also move single line functions
from the source file to the header file.

  • platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::setPlatformAlpha):
(WebCore::GraphicsContext::setAlpha): Deleted.

  • platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::GraphicsContext::setPlatformAlpha):
(WebCore::GraphicsContext::setAlpha): Deleted.
Rename setAlpha() to setPlatformAlpha() in the platform files. Add setAlpha()
to the core file. setAlpha() will set the value of 'm_state.alpha' and call
setPlatformAlpha().

  • svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::draw): If the drawing context is transparent, apply its
global alpha value to the compositing layer.

LayoutTests:

Add a new test which draws an SVG image on a canvas after setting its
globalAlpha to a value less than 1.

  • svg/canvas/canvas-global-alpha-svg-expected.html: Added.
  • svg/canvas/canvas-global-alpha-svg.html: Added.
09:35 Changeset [180763] by carlosgc@webkit.org
  • 2 edits
    1 add in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180505 - Crash in DFGFrozenValue
https://bugs.webkit.org/show_bug.cgi?id=141883

Reviewed by Benjamin Poulain.

If a value might be a cell, then we have to have Graph freeze it rather than trying to
create the FrozenValue directly. Creating it directly is just an optimization for when you
know for sure that it cannot be a cell.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • tests/stress/regress-141883.js: Added. Hacked the original test to be faster while still crashing before this fix.
09:34 Changeset [180762] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180503 - [GStreamer] Redundant track language notifications
https://bugs.webkit.org/show_bug.cgi?id=141908

Reviewed by Žan Doberšek.

Invoke languageChanged only if the language code actually
changed.

  • platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:

(WebCore::TrackPrivateBaseGStreamer::notifyTrackOfTagsChanged):

09:32 Changeset [180761] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8

Merge r180502 - [GTK] Fails to compile with cmake 3.2.x
https://bugs.webkit.org/show_bug.cgi?id=141796

With cmake 3.2.x we have to explicitly ask for X11 otherwise the
X11_X11_LIB variable won't be set thus the X11 linker flags won't be
added and the build will fail.

Patch by Tomas Popela <tpopela@redhat.com> on 2015-02-23
Reviewed by Martin Robinson.

  • Source/cmake/OptionsGTK.cmake:
09:31 Changeset [180760] by carlosgc@webkit.org
  • 5 edits in releases/WebKitGTK/webkit-2.8

Merge r180492 - Print a console warning when HTMLCanvasElement exceeds the maximum size
https://bugs.webkit.org/show_bug.cgi?id=141861
<rdar://problem/19729145>

Reviewed by Simon Fraser.

Source/WebCore:

Add a warning if we ever try to create a canvas that is
too big.

No test because:

  1. We can't ref-test against console messages.
  2. The output is platform specific.
  • html/HTMLCanvasElement.cpp:

(WebCore::HTMLCanvasElement::createImageBuffer):

LayoutTests:

Add error message to expected results.

  • fast/canvas/canvas-toDataURL-crash-expected.txt:
  • fast/canvas/pattern-too-large-to-create-expected.txt:
09:27 Changeset [180759] by carlosgc@webkit.org
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180464 - Invalid assert in CompositeEditCommand::insertNodeAfter/insertNodeBefore
https://bugs.webkit.org/show_bug.cgi?id=141854

Reviewed by Ryosuke Niwa.

Inserting content before/after the body as the result of editing is a valid operation.
This assert was originally introduced to cover cases where edited content would get moved
out of body. However, asserting such operation properly is not possible atm.

Source/WebCore:

Test: editing/inserting/insert-as-body-sibling.html

  • editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::insertNodeBefore):
(WebCore::CompositeEditCommand::insertNodeAfter):

LayoutTests:

  • editing/inserting/insert-as-body-sibling-expected.txt: Added.
  • editing/inserting/insert-as-body-sibling.html: Added.
09:22 Changeset [180758] by bfulgham@apple.com
  • 2 edits in trunk/LayoutTests

[Win] Add another batch of debug assert failures.

  • platform/win/TestExpectations:
09:21 Changeset [180757] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/WTF

Merge r180434 - RunLoop::dispatch() should drop the mutex before calling wakeUp().
https://bugs.webkit.org/show_bug.cgi?id=141820

Reviewed by Alexey Proskuryakov.

RunLoop::wakeUp() calls into CoreFoundation which could take time,
so scope the mutex just to protect m_functionQueue.

  • wtf/RunLoop.cpp:

(WTF::RunLoop::dispatch):

09:16 Changeset [180756] by carlosgc@webkit.org
  • 9 edits in releases/WebKitGTK/webkit-2.8

Merge r180423 - DFG JIT needs to check for stack overflow at the start of Program and Eval execution
https://bugs.webkit.org/show_bug.cgi?id=141676

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

Added stack check to the beginning of the code the DFG copmiler emits for Program and Eval nodes.
To aid in testing the code, I replaced the EvalCodeCache::maxCacheableSourceLength const
a options in runtime/Options.h. The test script, run-jsc-stress-tests, sets that option
to a huge value when running with the "Eager" options. This allows the updated test to
reliably exercise the code in questions.

  • dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::compile):
Added stack check.

  • bytecode/EvalCodeCache.h:

(JSC::EvalCodeCache::tryGet):
(JSC::EvalCodeCache::getSlow):

  • runtime/Options.h:

Replaced EvalCodeCache::imaxCacheableSourceLength with Options::maximumEvalCacheableSourceLength
so that it can be configured when running the related test.

Tools:

Set the newly added --maximumEvalCacheableSourceLength option for eager test runs. This is needed
to allow the eval out of stack tests to tier up. Without this option, we don't cache the likely
large string expression that we want to eval.

  • Scripts/run-jsc-stress-tests:

LayoutTests:

Updated the check for out of stack at eval entry test from using a fixed number of frame to
back track to now adjust the amount of back tracking up the stack based on where we can run a
simple eval(). At that point in the stack we try to cause an out of stack exception.

Also added a second pass of the test that takes the originally failing eval and tiers that
eval expression up to the DFG when used with the agreessive options of run-jsc-stress-tests.
This was done to reduce the amount of time the test takes to run in debug builds.

  • js/regress-141098-expected.txt:
  • js/script-tests/regress-141098.js:

(testEval):
(probeAndRecurse):

09:02 Changeset [180755] by bfulgham@apple.com
  • 3 edits in trunk/LayoutTests

[Win] Rebaseline test after r180726.

  • platform/win/TestExpectations: Mark a flaky test.
  • platform/win/editing/inserting/5058163-1-expected.txt:
08:59 Changeset [180754] by mmaxfield@apple.com
  • 2 edits in trunk/Source/WebCore

Add comment about CSS value name mangling

Unreviewed

  • css/CSSParser.cpp:

(WebCore::cssValueKeywordID):

08:50 Changeset [180753] by carlosgc@webkit.org
  • 12 edits in releases/WebKitGTK/webkit-2.8

Merge r180413 - Language ranges containing asterisks must be quoted as strings
https://bugs.webkit.org/show_bug.cgi?id=141659

Reviewed by Benjamin Poulain.

Source/WebCore:

As specified in [1], the language ranges containing asterisks must be quoted as strings.

[1] http://dev.w3.org/csswg/selectors-4/#the-lang-pseudo.

  • css/CSSGrammar.y.in:
  • css/CSSParser.cpp:

(WebCore::CSSParser::realLex):

LayoutTests:

Ensure language ranges containing asterisks are quoted as strings.

  • fast/css/css-selector-text-expected.txt:
  • fast/css/css-selector-text.html:
  • fast/css/parsing-css-lang-expected.txt:
  • fast/css/parsing-css-lang.html:
  • fast/selectors/lang-extended-filtering-expected.txt:
  • fast/selectors/lang-extended-filtering.html:
  • fast/selectors/lang-valid-extended-filtering-expected.txt:
  • fast/selectors/lang-valid-extended-filtering.html:
08:12 Changeset [180752] by antti@apple.com
  • 12 edits in trunk/Source/WebCore

Cache glyph widths to GlyphPages
https://bugs.webkit.org/show_bug.cgi?id=142028

Reviewed by Andreas Kling.

Currently we have a separate cache in Font for glyph widths. In practice we always need
the widths so we can just cache them in GlyphPages. This simplifies the code and removes
a per-character hash lookup from WidthIterator.

  • platform/graphics/Font.cpp:

(WebCore::Font::Font):
(WebCore::Font::initCharWidths):
(WebCore::Font::platformGlyphInit):
(WebCore::createAndFillGlyphPage):
(WebCore::Font::computeWidthForGlyph):

Rename to make it clear this doesn't cache.

(WebCore::GlyphPage::setGlyphDataForIndex):

Initialize the width.
This could go to GlyphPage.cpp if we had one.

  • platform/graphics/Font.h:

(WebCore::Font::glyphZeroWidth):
(WebCore::Font::isZeroWidthSpaceGlyph):
(WebCore::Font::zeroGlyph): Deleted.
(WebCore::Font::setZeroGlyph): Deleted.
(WebCore::Font::widthForGlyph): Deleted.

  • platform/graphics/FontCascade.cpp:

(WebCore::offsetToMiddleOfGlyph):

  • platform/graphics/FontCascadeFonts.cpp:

(WebCore::FontCascadeFonts::glyphDataForCharacter):

  • platform/graphics/GlyphPage.h:

(WebCore::GlyphData::GlyphData):

Return width too as part of GlyphData.

(WebCore::GlyphPage::glyphDataForIndex):
(WebCore::GlyphPage::setGlyphDataForCharacter):
(WebCore::GlyphPage::setGlyphDataForIndex):
(WebCore::GlyphPage::GlyphPage):

  • platform/graphics/WidthIterator.cpp:

(WebCore::WidthIterator::advanceInternal):

No need to lookup width separately now.

  • platform/graphics/mac/ComplexTextController.cpp:

(WebCore::ComplexTextController::adjustGlyphsAndAdvances):

  • platform/graphics/mac/ComplexTextControllerCoreText.mm:

(WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun):

  • rendering/mathml/RenderMathMLOperator.cpp:

(WebCore::RenderMathMLOperator::advanceForGlyph):

  • rendering/svg/SVGTextRunRenderingContext.cpp:

(WebCore::missingGlyphForFont):

  • svg/SVGFontData.cpp:

(WebCore::SVGFontData::initializeFont):

06:57 Changeset [180751] by carlosgc@webkit.org
  • 3 edits in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180430 - bmalloc should implement malloc introspection (to stop false-positive leaks when MallocStackLogging is off)
https://bugs.webkit.org/show_bug.cgi?id=141802

Reviewed by Andreas Kling.

Rolling back in with a fix for a crash seen while using GuardMalloc.

  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::grow):

  • bmalloc/VMHeap.h:
  • bmalloc/Zone.cpp: Re-land the old patch.

(bmalloc::Zone::size): Be sure to implement the size() function since
it's accessible indirectly via the malloc_zone_from_ptr public API --
and GuardMalloc calls it all the time.

(bmalloc::Zone::Zone):

  • bmalloc/Zone.h: Re-land the old patch.
06:51 Changeset [180750] by carlosgc@webkit.org
  • 3 edits in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180363 - bmalloc should implement malloc introspection (to stop false-positive leaks when MallocStackLogging is off)
https://bugs.webkit.org/show_bug.cgi?id=141802

Reviewed by Andreas Kling.

Fixed a last-minute type.

The macro is OS, not PLATFORM.

  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::grow):

  • bmalloc/VMHeap.h:
  • bmalloc/Zone.h:
06:48 Changeset [180749] by carlosgc@webkit.org
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180359 - bmalloc should implement malloc introspection (to stop false-positive leaks when MallocStackLogging is off)
https://bugs.webkit.org/show_bug.cgi?id=141802

Reviewed by Andreas Kling.

This patch does the bare minimum to stop false positive leaks from
being reported by the Darwin leaks tool. We register each super chunk
as a single object, and then request that the leaks tool scan it.

  • bmalloc.xcodeproj/project.pbxproj: Added an abstraction for the malloc

zone introspection API.

  • bmalloc/Algorithm.h: Missing #include.
  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::grow):

  • bmalloc/VMHeap.h: Adopt the new abstraction.
  • bmalloc/Zone.cpp: Added.

(bmalloc::remoteRead): Helper for reading an object out of another process.
(bmalloc::Zone::enumerator):
(bmalloc::Zone::Zone): Register a malloc zone so that we will participate
in introspection.

  • bmalloc/Zone.h: Added.

(bmalloc::Zone::superChunks):
(bmalloc::Zone::addSuperChunk): Use a non-dynamically-allocated vector
since our dynamic allocations will not be scanned by leaks since they
will have the malloc VM tag.

06:43 Changeset [180748] by carlosgc@webkit.org
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180337 - REGRESSION(r179347): Clearing the PageCache no longer clears the PageCache.
<https://webkit.org/b/141788>

Reviewed by Anders Carlsson.

Source/WebCore:

Once again we've fallen into the TemporaryChange trap:

TemporaryChange<unsigned>(m_member, temporaryValue);

The code above doesn't actually do anything. Since the TemporaryChange local is not named,
it immediately goes out of scope and restores the original value of m_member.

Unless someone knows a C++ trick to prevent these, we'll need to add a style checker pass
to catch bugs like this. Whatever we do will be done separately from this bug.

Test: fast/history/page-cache-clearing.html

  • history/PageCache.cpp:

(WebCore::PageCache::pruneToSizeNow): Name the local so it lives longer.

  • testing/Internals.cpp:

(WebCore::Internals::clearPageCache):
(WebCore::Internals::pageCacheSize):

  • testing/Internals.h:
  • testing/Internals.idl: Add a way to clear the page cache and query its size from

window.internals to facilitate writing a simple test for this bug.

LayoutTests:

Add a simple test that navigates to a temporary page which immediately does a history.back
navigation. Upon returning to the first page, check that the page cache now has 1 entry,
and that clearing the page cache makes that entry go away.

  • fast/history/page-cache-clearing-expected.txt: Added.
  • fast/history/page-cache-clearing.html: Added.
06:35 Changeset [180747] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180336 - Roll out r180280.

Crashes under IDBDatabase::closeConnection.
https://bugs.webkit.org/show_bug.cgi?id=141745
rdar://problem/19816412

  • Modules/indexeddb/IDBDatabase.cpp: (WebCore::IDBDatabase::closeConnection):
06:31 Changeset [180746] by carlosgc@webkit.org
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180328 - REGRESSION(r174761) Dangling spanner pointer in RenderMultiColumnSpannerPlaceholder.
https://bugs.webkit.org/show_bug.cgi?id=138224

Reviewed by Dave Hyatt.

It's wrong to call flowThreadRelativeWillBeRemoved(child).
RenderMultiColumnFlowThread::removeFlowChildInfo() does not mean that the child is actually about to be removed.
Should this introduce any regressions, we need to deal with those separately.

Source/WebCore:

Test: fast/multicol/crash-when-spanner-gets-moved-around.html

  • rendering/RenderMultiColumnFlowThread.cpp:

(WebCore::RenderMultiColumnFlowThread::removeFlowChildInfo): Deleted.

  • rendering/RenderMultiColumnFlowThread.h:

LayoutTests:

  • fast/multicol/crash-when-spanner-gets-moved-around-expected.txt: Added.
  • fast/multicol/crash-when-spanner-gets-moved-around.html: Added.
06:26 Changeset [180745] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180280 - Crashes under IDBDatabase::closeConnection.
https://bugs.webkit.org/show_bug.cgi?id=141745
rdar://problem/19816412

Reviewed by David Kilzer.

  • Modules/indexeddb/IDBDatabase.cpp: (WebCore::IDBDatabase::closeConnection):

Add a missing protector.

06:25 Changeset [180744] by carlosgc@webkit.org
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.8

Merge r180278 - Justified ruby can cause lines to grow beyond their container
https://bugs.webkit.org/show_bug.cgi?id=141732

Reviewed by David Hyatt.

Source/WebCore:

After we re-layout RenderRubyRuns, this can change the environment upon which
ruby's overhang calculation is sensitive to. Before this patch, we would recalculate
the overhang after the RenderRubyRun gets relaid out. However, doing such causes the
effective width of the RenderRubyRun to change, which causes out subsequent
justification calculations to be off.

Therefore, we have a cycle; the amount of ruby overhang can change the justification
in a line, and the layout of the line affects the ruby overhang calculation. Instead
of performing a layout in a loop until it converges, this patch simply observes that
having a flush right edge is more valuable than having a perfectly correct overhang.
It therefore simply removes the secondary overhang calculation.

Test: fast/text/ruby-justification-flush.html

  • rendering/RenderBlockFlow.h:
  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::updateRubyForJustifiedText):
(WebCore::RenderBlockFlow::computeExpansionForJustifiedText):
(WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):

LayoutTests:

Make sure that the right edge of a justified ruby line matches up with
the same line without ruby.

  • fast/text/ruby-justification-flush-expected.html: Added.
  • fast/text/ruby-justification-flush.html: Added.
06:19 Changeset [180743] by carlosgc@webkit.org
  • 4 edits
    1 copy in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180272 - bmalloc: VMHeap should keep a record of all of its VM ranges (for malloc introspection)
https://bugs.webkit.org/show_bug.cgi?id=141759

Reviewed by Andreas Kling.

  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/SuperChunk.h: Added.

(bmalloc::SuperChunk::create):
(bmalloc::SuperChunk::SuperChunk):
(bmalloc::SuperChunk::smallChunk):
(bmalloc::SuperChunk::mediumChunk):
(bmalloc::SuperChunk::largeChunk): Factored out super chunk creation
into a separate class, for clarity and type safety.

  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::grow):
(bmalloc::VMHeap::allocateSuperChunk): Renamed "allocateSuperChunk" to
"grow" because Andreas found "allocateSuperChunk" to be unclear.

  • bmalloc/VMHeap.h: Track all our VM ranges. We will use this information

for malloc introspection.

(bmalloc::VMHeap::allocateSmallPage):
(bmalloc::VMHeap::allocateMediumPage):
(bmalloc::VMHeap::allocateLargeRange): Updated for renames.

04:20 Changeset [180742] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/bmalloc

Merge r180264 - Build bmalloc through CMake as a static library. It's then linked either
into the WTF library (if built as a shared library) or into the JSC and
WebKit2 libraries. There's no need to build it as a standalone shared library.

Rubber-stamped by Carlos Garcia Campos.

  • CMakeLists.txt:
04:16 Changeset [180741] by carlosgc@webkit.org
  • 9 edits
    2 adds in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180258 - Fix the C-Loop LLInt build
https://bugs.webkit.org/show_bug.cgi?id=141618

Reviewed by Filip Pizlo.

I broke C-Loop when moving the common code of pow()
to JITOperations because that file is #ifdefed out
when the JITs are disabled.

It would be weird to move it back to MathObject since
the function needs to know about the calling conventions.

To avoid making a mess, I just gave the function its own file
that is used by both the runtime and the JIT.

  • CMakeLists.txt:
  • JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
  • JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • dfg/DFGAbstractInterpreterInlines.h:
  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • runtime/MathCommon.cpp: Added.

(JSC::fdlibmScalbn):
(JSC::fdlibmPow):
(JSC::isDenormal):
(JSC::isEdgeCase):
(JSC::mathPowInternal):
(JSC::operationMathPow):

  • runtime/MathCommon.h: Added.
  • runtime/MathObject.cpp:
04:15 BadContent edited by ossy@webkit.org
add one more spammer (diff)
04:13 Changeset [180740] by carlosgc@webkit.org
  • 6 edits in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180257 - Clean up OSRExit's considerAddingAsFrequentExitSite()
https://bugs.webkit.org/show_bug.cgi?id=141690

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-02-17
Reviewed by Anders Carlsson.

Looks like some code was removed from CodeBlock::tallyFrequentExitSites()
and the OSRExit were left untouched.

This patch cleans up the two loops and remove the boolean return
on considerAddingAsFrequentExitSite().

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::tallyFrequentExitSites):

  • dfg/DFGOSRExit.h:

(JSC::DFG::OSRExit::considerAddingAsFrequentExitSite):

  • dfg/DFGOSRExitBase.cpp:

(JSC::DFG::OSRExitBase::considerAddingAsFrequentExitSiteSlow):

  • dfg/DFGOSRExitBase.h:

(JSC::DFG::OSRExitBase::considerAddingAsFrequentExitSite):

  • ftl/FTLOSRExit.h:

(JSC::FTL::OSRExit::considerAddingAsFrequentExitSite):

04:09 Changeset [180739] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180248 - Unreviewed, rolling out r180184.
https://bugs.webkit.org/show_bug.cgi?id=141733

Caused infinite recursion on js/function-apply-aliased.html
(Requested by ap_ on #webkit).

Reverted changeset:

"REGRESSION(r180060): C Loop crashes"
https://bugs.webkit.org/show_bug.cgi?id=141671
http://trac.webkit.org/changeset/180184

Unreviewed, Restoring the C LOOP insta-crash fix in r180184.

Fixed a typo that only affected the C Loop in the prologue() macro in LowLevelInterpreter.asm.
After the stackHeightOKGetCodeBlock label, codeBlockSetter(t1) should be codeBlockGetter(t1).

  • llint/LowLevelInterpreter.asm: Fixed a typo.
04:08 BadContent edited by ossy@webkit.org
add one more spammer (diff)
04:03 Changeset [180738] by carlosgc@webkit.org
  • 3 edits in releases/WebKitGTK/webkit-2.8/Source/WebCore

Merge r180244 - Slight CachedPage class clean up
https://bugs.webkit.org/show_bug.cgi?id=141693

Reviewed by Andreas Kling.

Slight CachedPage class clean up:

  • Drop unnecessary m_timeStamp data member
  • Protect m_needsCaptionPreferencesChanged data member with #if ENABLE(VIDEO_TRACK)
  • Merge destroy() method into the destructor as this is the only caller
  • Update clear() to reset 2 data members that were missing
04:00 Changeset [180737] by carlosgc@webkit.org
  • 3 edits in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180237 - StackLayoutPhase should use CodeBlock::usesArguments rather than FunctionExecutable::usesArguments
https://bugs.webkit.org/show_bug.cgi?id=141721
rdar://problem/17198633

Reviewed by Michael Saboff.

I've seen cases where the two are out of sync. We know we can trust the CodeBlock::usesArguments because
we use it everywhere else.

No test because I could never reproduce the crash.

  • dfg/DFGGraph.h:

(JSC::DFG::Graph::usesArguments):

  • dfg/DFGStackLayoutPhase.cpp:

(JSC::DFG::StackLayoutPhase::run):

03:57 Changeset [180736] by carlosgc@webkit.org
  • 4 edits
    3 adds in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180234 - Throwing from an FTL call IC slow path may result in tag registers being clobbered on 64-bit CPUs
https://bugs.webkit.org/show_bug.cgi?id=141717
rdar://problem/19863382

Reviewed by Geoffrey Garen.

The best solution is to ensure that the engine catching an exception restores tag registers.

Each of these new test cases reliably crashed prior to this patch and they don't crash at all now.

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_catch):

  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter64.asm:
  • tests/stress/throw-from-ftl-call-ic-slow-path-cells.js: Added.
  • tests/stress/throw-from-ftl-call-ic-slow-path-undefined.js: Added.
  • tests/stress/throw-from-ftl-call-ic-slow-path.js: Added.
03:54 Changeset [180735] by carlosgc@webkit.org
  • 2 edits in releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

Merge r180232 - [ARM] Add the necessary setupArgumentsWithExecState after bug141332
https://bugs.webkit.org/show_bug.cgi?id=141714

Reviewed by Michael Saboff.

  • jit/CCallHelpers.h:

(JSC::CCallHelpers::setupArgumentsWithExecState):

03:51 Changeset [180734] by carlosgc@webkit.org
  • 4 edits in releases/WebKitGTK/webkit-2.8

Merge r180649 - ASan does not like JSC::MachineThreads::tryCopyOtherThreadStack.
<https://webkit.org/b/141672>

Reviewed by Alexey Proskuryakov.

ASan does not like the fact that we memcpy the stack for GC scans. So,
we're working around this by using our own memcpy (asanUnsafeMemcpy)
implementation that we can tell ASan to ignore.

Source/JavaScriptCore:

  • heap/MachineStackMarker.cpp:

(JSC::asanUnsafeMemcpy):

Tools:

Also removed the previous added directive to ignore *tryCopyOtherThreadStack*
which isn't effective for working around this issue.

  • asan/webkit-asan-ignore.txt:
00:03 Changeset [180733] by bshafiei@apple.com
  • 6 edits
    2 copies in branches/safari-600.1.4.15-branch

Merged r173806. rdar://problem/19871063

00:00 WebKitGTK/2.6.x edited by sergio@webkit.org
Readded the fonts changes with the regression fix (diff)

02/26/15:

23:26 Changeset [180732] by fpizlo@apple.com
  • 4 edits
    1 delete in trunk/Source/JavaScriptCore

Unreviewed, roll out r180723. It broke a bunch of tests.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::constLocal):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::ConstDeclNode::emitCodeSingle):

  • tests/stress/const-arguments.js: Removed.
23:04 Changeset [180731] by bshafiei@apple.com
  • 5 edits in branches/safari-600.4.10-branch/Source

Versioning.

23:03 Changeset [180730] by bshafiei@apple.com
  • 1 copy in tags/Safari-600.4.10.5

New tag.

22:56 Changeset [180729] by bshafiei@apple.com
  • 6 edits in branches/safari-600.1.4.15-branch

Merge patch for r180129, r180133. rdar://problem/19870998

22:44 Changeset [180728] by bshafiei@apple.com
  • 5 edits in branches/safari-600.1.4.15-branch

Merged r180087. rdar://problem/19871068

22:06 Changeset [180727] by ap@apple.com
  • 2 edits in trunk/Source/WebCore

iOS build fix after r180717.

  • Modules/webdatabase/DatabaseThread.cpp: (WebCore::DatabaseUnpauseTask::doPerformTask):
21:51 Changeset [180726] by rniwa@webkit.org
  • 8 edits in trunk

isEditablePosition and related functions shouldn't move position out of table
https://bugs.webkit.org/show_bug.cgi?id=129200

Reviewed by Darin Adler.

Source/WebCore:

This patch removes the legacy editing position for elements display: table in its computed style.
Previously, we used (table, 0) and (table, !0) to denote positions immediately before and after
such an element for historical reasons. This forced us to update the style tree before computing
the editability of a position because we have to check the editability of the position outside
the element with display: table if the position was using such a legacy editing position.
e.g. if a table was not editable (contenteditable=false), the position before the table (table, 0)
should still be considered editable if the parent node of the table was editable.

This patch replaces such a legacy editing position by using modern position types:
PositionIsBeforeAnchor and PositionIsAfterAnchor.

No new tests since there should be no change in the user perceived editing operations.

  • dom/Position.cpp:

(WebCore::Position::previous): Setup the node and the offset correctly when the original position's
type is PositionIsBeforeAnchor. Also return a position before or after node when the node we found
is "atomic" (e.g. input, img, br, etc...) or it's a table. This avoids creating a legacy editing
position inside a table.
(WebCore::Position::next): Ditto.
(WebCore::Position::atStartOfTree): Use atFirstEditingPositionForNode, which takes care of all types
of positions.
(WebCore::Position::atEndOfTree): Ditto.
(WebCore::Position::downstream): Return a position before a node instead of a legacy editing position
for an atomic element or a table element as done in the equivalent code in Position::upstream.
(WebCore::Position::isCandidate): Don't treat a position inside a table to be a candidate. e.g.
(table, 1) when there are more than two children of the table.

  • dom/PositionIterator.cpp:

(WebCore::PositionIterator::operator Position): PositionIterator internally uses legacy editing
positions. So convert it to a modern position by returning a position before or after a table here.

  • editing/ApplyBlockElementCommand.cpp:

(WebCore::ApplyBlockElementCommand::formatSelection): Check that the unsplittable element we found
is actually empty before executing the simple code path for an empty unsplittable element. Without
this check, block formatting a table element will fail.

  • editing/htmlediting.cpp:

(WebCore::isEditablePosition): Use containerNode instead of deprecatedNode because the editability
of a position before or after an element is determined by its parent, not the element itself.
(WebCore::isAtUnsplittableElement): Ditto.
(WebCore::isRichlyEditablePosition): Ditto. Removed the code that moved the starting node out of
an element with display: table. This is the code removal for which this patch was made.
(WebCore::editableRootForPosition): Ditto.

LayoutTests:

Rebaselined a test. There is no visual difference.

  • platform/mac/editing/inserting/5058163-1-expected.txt:
21:32 Changeset [180725] by nvasilyev@apple.com
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Add a subtle blue background for selected console messages
https://bugs.webkit.org/show_bug.cgi?id=142073

Reviewed by Timothy Hatcher.

  • UserInterface/Views/LogContentView.css:

(.console-item.selected::after):
(.console-messages:focus .console-item.selected):
(.console-messages:focus .console-item.selected + .console-item):
(.console-error-level + .console-item):
(.console-error-level .section .header .title):
(.console-warning-level):
(.console-warning-level + .console-item):

21:27 Changeset [180724] by bfulgham@apple.com
  • 2 edits in trunk/LayoutTests

[Win] More test expectation updates.

  • platform/win/TestExpectations:
21:12 Changeset [180723] by fpizlo@apple.com
  • 4 edits
    1 add in trunk/Source/JavaScriptCore

BytecodeGenerator::constLocal() behaves identically to BytecodeGenerator::local() for the purposes of its one caller
https://bugs.webkit.org/show_bug.cgi?id=142071

Rubber stamped by Benjamin Poulain.

The only behavioral differences between constLocal() and local() are:

  • constLocal() doesn't have a special case for "this" that overrides other checks like the shouldOptimizeLocals() check. But the one user of constLocal() is for the "const x" expression, and "const this" doesn't parse.
  • constLocal() won't createArgumentsIfNecessary() for "arguments". But it's harmless if it does, since its one user assigns to the local.

So, we can remove constLocal() and make its one caller use local() instead.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::constLocal): Deleted.

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::ConstDeclNode::emitCodeSingle):

  • tests/stress/const-arguments.js: Added.

(foo):
(check):

20:11 Changeset [180722] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Colored console messages apply text color to object tree properties
https://bugs.webkit.org/show_bug.cgi?id=142051

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-02-26
Reviewed by Timothy Hatcher.

  • UserInterface/Views/ObjectPreviewView.css:

(.object-preview):

  • UserInterface/Views/ObjectTreeView.css:

(.object-tree):
Default the color to black within Object Tree and Object Preview views.

20:08 Changeset [180721] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Clear Log on Reload clears some logs that were after reload
https://bugs.webkit.org/show_bug.cgi?id=142070

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-02-26
Reviewed by Timothy Hatcher.

  • UserInterface/Views/LogContentView.js:

(WebInspector.LogContentView.prototype._sessionStarted):
We can bail after calling clearLog, since that will already start
a new session for us.

(WebInspector.LogContentView.prototype._clearLog):
Don't trigger a backend clear messages, since that will cause us to
clear messages received between the request and response.

18:07 Changeset [180720] by timothy_horton@apple.com
  • 16 edits
    6 adds in trunk

Implement <attachment> element appearance on Mac
https://bugs.webkit.org/show_bug.cgi?id=142023

Reviewed by Dean Jackson.

  • css/CSSParser.cpp:

(WebCore::isValidKeywordPropertyAndValue):

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):

  • css/CSSValueKeywords.in:
  • css/html.css:

(attachment):

  • platform/ThemeTypes.h:

Add a new -webkit-appearance value, attachment.

  • WebCore.xcodeproj/project.pbxproj:
  • html/HTMLAttachmentElement.cpp:

(WebCore::HTMLAttachmentElement::setFile):
Let the renderer know when the file changes (so it can relayout and repaint).

(WebCore::HTMLAttachmentElement::filePath):
(WebCore::HTMLAttachmentElement::fileName):

  • html/HTMLAttachmentElement.h:

Handy acccessors for the full path and the name of the file.

  • platform/spi/mac/IconServicesSPI.h: Added.
  • platform/spi/mac/LaunchServicesSPI.h: Added.

Add some IconServices and LaunchServices SPI headers.

  • rendering/RenderAttachment.cpp:

(WebCore::RenderAttachment::RenderAttachment):
Don't have a default intrinsic size; we'll adjust in layout().

(WebCore::RenderAttachment::isSelected):
(WebCore::RenderAttachment::isFocused):
(WebCore::RenderAttachment::isSelectedOrFocused):
Factor out from paintReplaced().

(WebCore::RenderAttachment::layout):
Use RenderTheme to compute the intrinsic size of this attachment.

(WebCore::RenderAttachment::paintReplaced):
Use RenderTheme to paint the attachment.

(WebCore::RenderAttachment::representedFileChanged):
When the represented file changes, we need to recompute the intrinsic size and repaint.

  • rendering/RenderTheme.cpp:

(WebCore::RenderTheme::adjustStyle):
(WebCore::RenderTheme::paint):
(WebCore::RenderTheme::adjustAttachmentStyle):
(WebCore::RenderTheme::paintAttachment):
Plumb through the attachment appearance.

  • rendering/RenderAttachment.h:
  • rendering/RenderTheme.h:

(WebCore::RenderTheme::paintAttachment):
(WebCore::RenderTheme::attachmentIntrinsicSize):

  • rendering/RenderThemeMac.h:
  • rendering/RenderThemeMac.mm:

(WebCore::attachmentIconBackgroundColor):
(WebCore::attachmentIconBorderColor):
(WebCore::AttachmentLayout):
AttachmentLayout lays out the innards of the RenderThemeMac attachment
presentation: an icon with an optional bordered background, with a label
underneath it with an optional background.

(WebCore::RenderThemeMac::attachmentIntrinsicSize):
(WebCore::paintAttachmentIconBackground):
(WebCore::paintAttachmentIcon):
(WebCore::RenderThemeMac::paintAttachmentLabelBackground):
(WebCore::RenderThemeMac::paintAttachmentLabel):
(WebCore::RenderThemeMac::paintAttachment):
Paint the attachment element. Paint the optional backgrounds (and swap
out the text color) if the element is selected/focused.

18:07 Changeset [180719] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Assertion fix for r180711: The bool returning form of BytecodeGenerator::addVar() can be removed.
<https://webkit.org/b/142064>

Reviewed by Joseph Pecoraro.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addVar):

17:57 Changeset [180718] by commit-queue@webkit.org
  • 15 edits
    7 adds in trunk

AX: Expose caret browsing preference to accessibility API
https://bugs.webkit.org/show_bug.cgi?id=141862

Patch by Doug Russell <d_russell@apple.com> on 2015-02-26
Reviewed by Chris Fleizach.

Exposing the caret browsing setting on WebCore::Frame via the accessibility API would allow assistive tech apps to enable it contextually (for example, when the assistive tech app is running).
Enabling caret browsing when assistive tech apps are running greatly improves the reliability of keyboard navigation on the web. Most especially in cases where selection would be disrupted by focus events.

Source/WebCore:

Tests: platform/mac/accessibility/caret-browsing-arrow-nav.html

platform/mac/accessibility/caret-browsing-attribute.html
platform/mac/accessibility/caret-browsing-tab-selection.html

  • accessibility/AccessibilityObject.h:
  • accessibility/mac/AccessibilityObjectMac.mm:

(WebCore::AccessibilityObject::caretBrowsingEnabled):
(WebCore::AccessibilityObject::setCaretBrowsingEnabled):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
(-[WebAccessibilityObjectWrapper accessibilityIsAttributeSettable:]):
(-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):
(-[WebAccessibilityObjectWrapper _accessibilitySetTestValue:forAttribute:]):

Tools:

  • DumpRenderTree/AccessibilityUIElement.cpp:

(setBoolAttributeValueCallback):
(selectedTextMarkerRangeCallback):
(resetSelectedTextMarkerRangeCallback):
(AccessibilityUIElement::setBoolAttributeValue):
(AccessibilityUIElement::selectedTextMarkerRange):
(AccessibilityUIElement::resetSelectedTextMarkerRange):
(AccessibilityUIElement::getJSClass):

  • DumpRenderTree/AccessibilityUIElement.h:
  • DumpRenderTree/mac/AccessibilityUIElementMac.mm:

(AccessibilityUIElement::setBoolAttributeValue):
(AccessibilityUIElement::selectedTextMarkerRange):
(AccessibilityUIElement::resetSelectedTextMarkerRange):

  • WebKitTestRunner/InjectedBundle/AccessibilityUIElement.cpp:

(WTR::AccessibilityUIElement::selectedTextMarkerRange):
(WTR::AccessibilityUIElement::resetSelectedTextMarkerRange):
(WTR::AccessibilityUIElement::setBoolAttributeValue):

  • WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
  • WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
  • WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::setBoolAttributeValue):
(WTR::AccessibilityUIElement::selectedTextMarkerRange):
(WTR::AccessibilityUIElement::resetSelectedTextMarkerRange):

LayoutTests:

  • accessibility/parent-delete-expected.txt:
  • platform/mac/accessibility/caret-browsing-arrow-nav-expected.txt: Added.
  • platform/mac/accessibility/caret-browsing-arrow-nav.html: Added.
  • platform/mac/accessibility/caret-browsing-attribute-expected.txt: Added.
  • platform/mac/accessibility/caret-browsing-attribute.html: Added.
  • platform/mac/accessibility/caret-browsing-tab-selection-expected.txt: Added.
  • platform/mac/accessibility/caret-browsing-tab-selection.html: Added.
  • platform/mac/accessibility/document-attributes-expected.txt:
  • platform/mac/accessibility/resources/accessibility-helper.js: Added.

(clearSelectionAndFocusOnWebArea):
(elementAtStartMarkerOfSelectedTextMarkerRange):
(caretBrowsingEnabled):
(setCaretBrowsingEnabled):

17:56 Changeset [180717] by gyuyoung.kim@samsung.com
  • 7 edits in trunk/Source/WebCore

Remove unnecessary create() factory functions
https://bugs.webkit.org/show_bug.cgi?id=142039

Reviewed by Chris Dumez.

Clean up remaining JSCryptoKeySerializationJWK::create, HTMLMediaSession::create,
and DatabaseUnpauseTask::create.

  • Modules/webdatabase/DatabaseThread.cpp:

(WebCore::DatabaseUnpauseTask::DatabaseUnpauseTask):
(WebCore::DatabaseThread::setPaused):
(WebCore::DatabaseUnpauseTask::create): Deleted.

  • bindings/js/JSCryptoKeySerializationJWK.h:
  • bindings/js/JSSubtleCryptoCustom.cpp:

(WebCore::importKey):

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::HTMLMediaElement):

  • html/HTMLMediaSession.cpp:

(WebCore::HTMLMediaSession::create): Deleted.

  • html/HTMLMediaSession.h:
17:25 Changeset [180716] by mark.lam@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

MachineThreads::Thread clean up has a use after free race condition.
<https://webkit.org/b/141990>

Reviewed by Filip Pizlo.

MachineThreads::Thread clean up relies on the clean up mechanism
implemented in _pthread_tsd_cleanup_key(), which looks like this:

void _pthread_tsd_cleanup_key(pthread_t self, pthread_key_t key)
{

void (*destructor)(void *);
if (_pthread_key_get_destructor(key, &destructor)) {

void ptr = &self->tsd[key];
void *value = *ptr;

=== Start of window for the bug to manifest =================

At this point, this thread has cached "destructor" and "value"
(which is a MachineThreads*). If the VM gets destructed (along
with its MachineThreads registry) by another thread, then this
thread will have no way of knowing that the MachineThreads* is
now pointing to freed memory. Calling the destructor below will
therefore result in a use after free scenario when it tries to
access the MachineThreads' data members.

if (value) {

*ptr = NULL;
if (destructor) {

=== End of window for the bug to manifest ==================

destructor(value);

}

}

}

}

The fix is to add each active MachineThreads to an ActiveMachineThreadsManager,
and always check if the manager still contains that MachineThreads object
before we call removeCurrentThread() on it. When MachineThreads is destructed,
it will remove itself from the manager. The add, remove, and checking
operations are all synchronized on the manager's lock, thereby ensuring that
the MachineThreads object, if found in the manager, will remain alive for the
duration of time we call removeCurrentThread() on it.

There's also possible for the MachineThreads object to already be destructed
and another one happened to have been instantiated at the same address.
Hence, we should only remove the exiting thread if it is found in the
MachineThreads object.

There is no test for this issue because this bug requires a race condition
between 2 threads where:

  1. Thread B, which had previously used the VM, exiting and getting to the bug window shown in _pthread_tsd_cleanup_key() above.
  2. Thread A destructing the VM (and its MachineThreads object) within that window of time before Thread B calls the destructor.

It is not possible to get a reliable test case without invasively
instrumenting _pthread_tsd_cleanup_key() or MachineThreads::removeCurrentThread()
to significantly increase that window of opportunity.

  • heap/MachineStackMarker.cpp:

(JSC::ActiveMachineThreadsManager::Locker::Locker):
(JSC::ActiveMachineThreadsManager::add):
(JSC::ActiveMachineThreadsManager::remove):
(JSC::ActiveMachineThreadsManager::contains):
(JSC::ActiveMachineThreadsManager::ActiveMachineThreadsManager):
(JSC::activeMachineThreadsManager):
(JSC::MachineThreads::MachineThreads):
(JSC::MachineThreads::~MachineThreads):
(JSC::MachineThreads::removeThread):
(JSC::MachineThreads::removeThreadIfFound):
(JSC::MachineThreads::removeCurrentThread): Deleted.

  • heap/MachineStackMarker.h:
17:15 Changeset [180715] by joepeck@webkit.org
  • 35 edits in trunk

Web Inspector: Save Console Evaluations into Command Line variables $1-$99 ($n)
https://bugs.webkit.org/show_bug.cgi?id=142061

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

  • inspector/protocol/Debugger.json:
  • inspector/protocol/Runtime.json:

Input flag "saveResult" on whether we should try to save a result.
Output int "savedResultIndex" to tell the frontend the saved state.

  • inspector/InjectedScriptSource.js:

Handle saving and clearing $1-$99 values.
Include in BasicCommandLineAPI for JSContext inspection.

  • inspector/InjectedScriptBase.cpp:

(Inspector::InjectedScriptBase::makeEvalCall):

  • inspector/InjectedScriptBase.h:

Allow an optional "savedResultIndex" out value on evals.

  • inspector/InjectedScript.cpp:

(Inspector::InjectedScript::evaluate):
(Inspector::InjectedScript::evaluateOnCallFrame):

  • inspector/InjectedScript.h:
  • inspector/agents/InspectorDebuggerAgent.cpp:

(Inspector::InspectorDebuggerAgent::evaluateOnCallFrame):

  • inspector/agents/InspectorDebuggerAgent.h:
  • inspector/agents/InspectorRuntimeAgent.cpp:

(Inspector::InspectorRuntimeAgent::evaluate):

  • inspector/agents/InspectorRuntimeAgent.h:

Plumbing for new in and out parameters.

Source/WebCore:

  • inspector/CommandLineAPIModuleSource.js:

Replace $1-$4 "inspected objects" with $1-$99 "saved results".

  • bindings/js/JSCommandLineAPIHostCustom.cpp:

(WebCore::JSCommandLineAPIHost::inspectedObject):

  • inspector/CommandLineAPIHost.cpp:

(WebCore::CommandLineAPIHost::CommandLineAPIHost):
(WebCore::CommandLineAPIHost::InspectableObject::get):
(WebCore::CommandLineAPIHost::addInspectedObject):
(WebCore::CommandLineAPIHost::inspectedObject):
(WebCore::CommandLineAPIHost::clearInspectedObjects): Deleted.

  • inspector/CommandLineAPIHost.h:
  • inspector/CommandLineAPIHost.idl:

Since we now just save the single $0 inspected object, eliminate
keeping track of a list of 5 values.

Source/WebInspectorUI:

  • UserInterface/Controllers/RuntimeManager.js:

(WebInspector.RuntimeManager.prototype.evalCallback):
(WebInspector.RuntimeManager.prototype.evaluateInInspectedWindow):
Add a saveResult parameter for the new protocol command in parameter.

  • UserInterface/Views/ConsoleMessageImpl.js:

(WebInspector.ConsoleMessageImpl.prototype._formatMessage):
(WebInspector.ConsoleMessageImpl.prototype._formatParameterAsObject):
(WebInspector.ConsoleMessageImpl.prototype._formatParameterAsArray):
(WebInspector.ConsoleMessageImpl.prototype._rootPropertyPathForObject):

  • UserInterface/Views/ObjectTreeView.js:

(WebInspector.ObjectTreeView.prototype.appendTitleSuffix):
For console evaluation results, show a "= $n" when the evaluation was
given a saved result index.

  • UserInterface/Views/LogContentView.css:

(.console-saved-variable):

  • UserInterface/Views/ObjectPreviewView.css:

(.object-preview-name):
Make $n and class names in previews always non-italics.

  • UserInterface/Controllers/JavaScriptLogViewController.js:

(WebInspector.JavaScriptLogViewController.prototype.printResult):
(WebInspector.JavaScriptLogViewController.prototype.consolePromptTextCommitted):

  • UserInterface/Controllers/JavaScriptRuntimeCompletionProvider.js:

(get WebInspector.JavaScriptRuntimeCompletionProvider.prototype.):

  • UserInterface/Controllers/LogManager.js:

(WebInspector.LogManager.prototype.messagesCleared):
(WebInspector.LogManager.prototype._mainResourceDidChange):
Try to provide better autocompletion for $n, by populating autocompletion menus
from $1-$n where n is the maximum saved result index seen. Clear the maximum
when we clear the console.

  • UserInterface/Views/ConsoleCommandResult.js:

(WebInspector.ConsoleCommandResult):
(WebInspector.ConsoleCommandResult.clearMaximumSavedResultIndex):
Keep track of the maximum savedResultIndex for console evaluation results.

LayoutTests:

  • inspector/debugger/command-line-api-exception-nested-catch.html:
  • inspector/debugger/command-line-api-exception.html:
  • inspector/model/remote-object-get-properties.html:
  • inspector/model/remote-object-weak-collection.html:
  • inspector/model/remote-object.html:

Update evaluateInInspectedWindow call sites for new parameter.

17:15 Changeset [180714] by joepeck@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Set/Map appear as lossless when they have lossy entries
https://bugs.webkit.org/show_bug.cgi?id=142050

Reviewed by Timothy Hatcher.

  • UserInterface/Views/ObjectPreviewView.js:

(WebInspector.ObjectPreviewView.prototype._appendEntryPreviews):
Take into account the lossless states of entry keys and values.

17:15 Changeset [180713] by joepeck@webkit.org
  • 14 edits
    2 copies
    3 adds
    1 delete in trunk/Source/WebInspectorUI

Web Inspector: New ObjectTree UI for Arrays / Maps / Sets
https://bugs.webkit.org/show_bug.cgi?id=142037

Reviewed by Timothy Hatcher.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Main.html:

Miscellaneous changes.

  • UserInterface/Models/PropertyDescriptor.js:

(WebInspector.PropertyDescriptor.prototype.isIndexProperty):
Useful for quickly checking if this property is numeric and possibly
an array index.

  • UserInterface/Models/PropertyPath.js:

(WebInspector.PropertyPath.prototype.appendMapKey):
(WebInspector.PropertyPath.prototype.appendMapValue):
(WebInspector.PropertyPath.prototype.appendSetIndex):
Be specific about property paths into maps / sets. Note that a map
value may be displayable if the key is simple.

  • UserInterface/Protocol/RemoteObject.js:

(WebInspector.RemoteObject.prototype.hasValue):
A simple value RemoteObject may have the value "undefined". So provide
a falsey proof helper that actually checks if we have a value.

(WebInspector.RemoteObject.prototype.isArray):
(WebInspector.RemoteObject.prototype.backendGetOwnPropertyDescriptor):
(WebInspector.RemoteObject.prototype.wrappedCallback):
(WebInspector.RemoteObject.prototype.getOwnPropertyDescriptor):
Currently backend APIs exist only to get all properties. In the case
of collections, we often want to get only one property (proto).
This is a simple implementation on top of callFunctionOn.

  • UserInterface/Views/ConsoleMessageImpl.js:

(WebInspector.ConsoleMessageImpl.prototype._formatParameterAsObject):
(WebInspector.ConsoleMessageImpl.prototype._formatParameterAsArray):
(WebInspector.ConsoleMessageImpl.prototype.appendUndefined): Deleted.
(WebInspector.ConsoleMessageImpl.prototype._printArray): Deleted.
(WebInspector.ConsoleMessageImpl.prototype._formatAsArrayEntry): Deleted.
Simplify array formatted to just use an ObjectTreeView. Add fixmes
that we should seed the ObjectTreeView with a starting property path.

  • UserInterface/Views/FormattedValue.css:

(.formatted-node > ol):
Sometimes, a node's display was getting overridden by various console styles.
Force a node to always display block. We may be able to remove this later.

  • UserInterface/Views/FormattedValue.js:

(WebInspector.FormattedValue.createObjectTreeOrFormattedValueForRemoteObject):
Helper for formatting a node / object / value more easily. This
is used by all collection types.

  • UserInterface/Views/ObjectPreviewView.js:

(WebInspector.ObjectPreviewView.prototype._appendPropertyPreviews):
We lost the nice sparse array support when switching to the new preview path,
we should add it back.

  • UserInterface/Views/ObjectTreeArrayIndexTreeElement.css:

(.object-tree-array-index):
(.object-tree-array-index > .titles):
(.object-tree-array-index > .icon):
(.object-tree-array-index .index-name):
(.object-tree-array-index .index-value .object-tree):
(.object-tree-array-index .index-value .object-tree .object-tree-outline):
(.object-tree-property + ol .object-tree-array-index):
New styles specific to array index tree elements.

  • UserInterface/Views/ObjectTreeMapEntryTreeElement.css:

(.object-tree-array-index.object-tree-map-entry > .titles > .title > .index-name):
(.object-tree-map-entry.key):
(.object-tree-map-entry.key:first-of-type):
(.object-tree-map-entry):
New styles specific to map key/value tree elements.

  • UserInterface/Views/ObjectTreeCollectionTreeElement.js: Removed.

Remove old collection implementation.

  • UserInterface/Views/ObjectTreeArrayIndexTreeElement.js: Added.

(WebInspector.ObjectTreeArrayIndexTreeElement):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype.get property):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._resolvedValue):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._propertyPathType):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._resolvedValuePropertyPath):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._thisPropertyPath):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._propertyPathString):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._updateTitle):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._titleFragment):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._createInteractiveGetterElement.):
(WebInspector.ObjectTreeArrayIndexTreeElement.prototype._createReadOnlyIconElement):
Index followed by formatted value. Unfortunately a page can hack up an array
with getter properties, so also support getter values in an array. This ends
up copying a lot of ObjectTreePropertyTreeElement as a result.

  • UserInterface/Views/ObjectTreeMapEntryTreeElement.js: Added.

(WebInspector.ObjectTreeMapEntryTreeElement):
(WebInspector.ObjectTreeMapEntryTreeElement.prototype.get object):
(WebInspector.ObjectTreeMapEntryTreeElement.prototype._propertyPathString):
(WebInspector.ObjectTreeMapEntryTreeElement.prototype._titleFragment):
(WebInspector.ObjectTreeMapKeyTreeElement):
(WebInspector.ObjectTreeMapKeyTreeElement.prototype.displayPropertyName):
(WebInspector.ObjectTreeMapKeyTreeElement.prototype.resolvedValuePropertyPath):
(WebInspector.ObjectTreeMapValueTreeElement):
(WebInspector.ObjectTreeMapValueTreeElement.prototype.displayPropertyName):
(WebInspector.ObjectTreeMapValueTreeElement.prototype.resolvedValuePropertyPath):
Key/value followed by formatted value.

  • UserInterface/Views/ObjectTreeSetIndexTreeElement.js: Added.

(WebInspector.ObjectTreeSetIndexTreeElement):
(WebInspector.ObjectTreeSetIndexTreeElement.prototype.get object):
(WebInspector.ObjectTreeSetIndexTreeElement.prototype._resolvedValuePropertyPath):
(WebInspector.ObjectTreeSetIndexTreeElement.prototype._titleFragment):
Dot followed by formatted value.

  • UserInterface/Views/ObjectTreePropertyTreeElement.css:

(.object-tree-property > .titles):
Reformat.

  • UserInterface/Views/ObjectTreeView.css:

(.object-tree-property :matches(.formatted-string, .formatted-regexp)):
Upgrade generic styles.

  • UserInterface/Views/ObjectTreePropertyTreeElement.js:

(WebInspector.ObjectTreePropertyTreeElement.prototype._resolvedValue):
(WebInspector.ObjectTreePropertyTreeElement.prototype._resolvedValuePropertyPath):
(WebInspector.ObjectTreePropertyTreeElement.prototype._updateChildren):
(WebInspector.ObjectTreePropertyTreeElement.prototype._updateChildrenInternal):
(WebInspector.ObjectTreePropertyTreeElement.prototype._updateEntries):
(WebInspector.ObjectTreePropertyTreeElement.prototype._updateProperties):

  • UserInterface/Views/ObjectTreeView.js:

(WebInspector.ObjectTreeView):
(WebInspector.ObjectTreeView.emptyMessageElement):
(WebInspector.ObjectTreeView.prototype.expand):
(WebInspector.ObjectTreeView.prototype.collapse):
(WebInspector.ObjectTreeView.prototype.update):
(WebInspector.ObjectTreeView.prototype._updateChildren):
(WebInspector.ObjectTreeView.prototype._updateEntries):
(WebInspector.ObjectTreeView.prototype._updateProperties):
(WebInspector.ObjectTreeView.prototype._handlePreviewOrTitleElementClick):
Both ObjectTreeView and ObjectTreePropertyTreeElement will fetch only collection
entries or properties depending on the type of the object being expanded.

(WebInspector.ObjectTreeView.prototype._trackWeakEntries):
(WebInspector.ObjectTreeView.prototype._untrackWeakEntries):
Allow WeakMap entries to be Garbage Collected when the ObjectTreeView
collapses or the console is cleared. FIXME for handling sub-tree WeakMaps.

17:04 Changeset [180712] by gyuyoung.kim@samsung.com
  • 10 edits in trunk/Source/WebCore

Remove unnecessary create() factory functions in CDMFoo, NamedNodeMap
https://bugs.webkit.org/show_bug.cgi?id=141902

Reviewed by Darin Adler.

Create instance using std::make_unique<> in CDMFactory directly. To do that,
CDMFactory uses lambdas. Additionally this patch removes NamedNodeMap::create() as well.

No new tests, no behavior changes.

  • Modules/encryptedmedia/CDM.cpp:

(WebCore::installedCDMFactories):

  • Modules/encryptedmedia/CDM.h:
  • Modules/encryptedmedia/CDMPrivateClearKey.h:

(WebCore::CDMPrivateClearKey::CDMPrivateClearKey):
(WebCore::CDMPrivateClearKey::create): Deleted.

  • Modules/encryptedmedia/CDMPrivateMediaPlayer.h:

(WebCore::CDMPrivateMediaPlayer::create): Deleted.

  • dom/Element.cpp:

(WebCore::Element::attributes):

  • dom/NamedNodeMap.h:

(WebCore::NamedNodeMap::NamedNodeMap):
(WebCore::NamedNodeMap::create): Deleted.

  • platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.h:

(WebCore::CDMPrivateMediaSourceAVFObjC::create): Deleted.

16:55 Changeset [180711] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

The bool returning form of BytecodeGenerator::addVar() can be removed
https://bugs.webkit.org/show_bug.cgi?id=142064

Reviewed by Mark Lam.

It's easier to implement addVar() when you don't have to return whether it's a new
variable or not.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addVar):

  • bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::addVar): Deleted.

16:30 Changeset [180710] by bshafiei@apple.com
  • 5 edits in branches/safari-600.5-branch/Source

Versioning.

16:28 Changeset [180709] by bshafiei@apple.com
  • 1 copy in tags/Safari-600.5.8

New tag.

16:09 Changeset [180708] by aestes@apple.com
  • 3 edits
    2 adds in trunk/Source/WebCore

[Content Filtering] Move WebFilterEvaluator and NEFilterSource declarations to SPI headers
https://bugs.webkit.org/show_bug.cgi?id=142062

Reviewed by Daniel Bates.

  • WebCore.xcodeproj/project.pbxproj:
  • platform/mac/ContentFilterMac.mm:
  • platform/spi/cocoa/NEFilterSourceSPI.h: Added.
  • platform/spi/cocoa/WebFilterEvaluatorSPI.h: Added.
15:53 Changeset [180707] by bfulgham@apple.com
  • 2 edits in trunk/LayoutTests

[Win] More Debug assertion updates.

  • platform/win/TestExpectations:
15:34 Changeset [180706] by andersca@apple.com
  • 9 edits in trunk/Source

Add API to remove all website data for the given data records
https://bugs.webkit.org/show_bug.cgi?id=142060

Reviewed by Beth Dakin.

Source/WebCore:

  • loader/cache/MemoryCache.cpp:

(WebCore::MemoryCache::removeResourcesWithOrigins):
New function that removes all resources that match the set of origins in a given session.

Source/WebKit2:

  • UIProcess/API/Cocoa/_WKWebsiteDataStore.h:

Add new method declaration.

  • UIProcess/API/Cocoa/_WKWebsiteDataStore.mm:

(toWebsiteDataRecords):
Add a helper function that converts an NSArray of _WKWebsiteDataRecords to a Vector of WebsiteDataRecords.

(-[_WKWebsiteDataStore removeDataOfTypes:forDataRecords:completionHandler:]):
Call through to the underlying WebsiteDataStore.

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::removeData):
Figure out which processes to call deleteWebsiteDataForOrigins for and do so. Add a callback aggregator so we can
call the completion handler at the right time.

  • UIProcess/WebsiteData/WebsiteDataStore.h:

Add new members.

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::deleteWebsiteDataForOrigins):
Use the newly added MemoryCache member function to delete all resources matching the set of origins.

15:26 Changeset [180705] by bfulgham@apple.com
  • 7 edits
    1 delete in trunk

[Win] Remove WebKitExportGenerator project (and related)
https://bugs.webkit.org/show_bug.cgi?id=142035

Reviewed by Dean Jackson.

Source/WebKit:

  • WebKit.vcxproj/WebKit.sln: Remove references to WebKitExportGenerator
  • WebKit.vcxproj/WebKit.submit.sln: Ditto.
  • WebKit.vcxproj/WebKit/WebKit.vcxproj: Ditto.
  • WebKit.vcxproj/WebKit/WebKit.vcxproj.filters: Ditto.
  • WebKit.vcxproj/WebKitExportGenerator: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGenerator.vcxproj: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGenerator.vcxproj.filters: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorBuildCmd.cmd: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorCommon.props: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorDebug.props: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorDebugWinCairo.props: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorPostBuild.cmd: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorPreBuild.cmd: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorProduction.props: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorRelease.props: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorReleaseWinCairo.props: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/WebKitExports.def.in: Removed.
  • WebKit.vcxproj/WebKitExportGenerator/make-export-file-generator: Removed.

Tools:

  • win/AssembleBuildLogs/AssembleLogs.cmd: Don't look for a

build log from WebKitExportGenerator.

15:22 Changeset [180704] by cdumez@apple.com
  • 23 edits in trunk/Source

Rename DatabaseManager::manager() to DatabaseManager::singleton()
https://bugs.webkit.org/show_bug.cgi?id=142054

Reviewed by Ryosuke Niwa.

Rename DatabaseManager::manager() to DatabaseManager::singleton() as
per coding style and use WTF::NeverDestroyed.

Source/WebCore:

  • Modules/webdatabase/DOMWindowWebDatabase.cpp:

(WebCore::DOMWindowWebDatabase::openDatabase):

  • Modules/webdatabase/DatabaseBackendBase.cpp:

(WebCore::DatabaseBackendBase::DatabaseBackendBase):

  • Modules/webdatabase/DatabaseContext.cpp:

(WebCore::DatabaseContext::DatabaseContext):
(WebCore::DatabaseContext::~DatabaseContext):
(WebCore::DatabaseContext::stopDatabases):
(WebCore::DatabaseContext::databaseExceededQuota):

  • Modules/webdatabase/DatabaseManager.cpp:

(WebCore::DatabaseManager::singleton):
(WebCore::DatabaseManager::manager): Deleted.

  • Modules/webdatabase/DatabaseManager.h:

(WebCore::DatabaseManager::~DatabaseManager): Deleted.

  • Modules/webdatabase/SQLTransactionClient.cpp:

(WebCore::SQLTransactionClient::didExceedQuota):

  • history/PageCache.cpp:

(WebCore::logCanCacheFrameDecision):
(WebCore::PageCache::canCachePageContainingThisFrame):

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::stopLoading):

Source/WebKit/mac:

  • Storage/WebDatabaseManager.mm:

(-[WebDatabaseManager init]):
(-[WebDatabaseManager origins]):
(-[WebDatabaseManager databasesWithOrigin:]):
(-[WebDatabaseManager detailsForDatabase:withOrigin:]):
(-[WebDatabaseManager deleteAllDatabases]):
(-[WebDatabaseManager deleteOrigin:]):
(-[WebDatabaseManager deleteDatabase:withOrigin:]):

  • Storage/WebDatabaseQuotaManager.mm:

(-[WebDatabaseQuotaManager usage]):
(-[WebDatabaseQuotaManager quota]):
(-[WebDatabaseQuotaManager setQuota:]):

  • WebCoreSupport/WebSecurityOrigin.mm:

(-[WebSecurityOrigin usage]):
(-[WebSecurityOrigin quota]):
(-[WebSecurityOrigin setQuota:]):

  • WebView/WebFrame.mm:

(-[WebFrame _cacheabilityDictionary]):

  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Source/WebKit/win:

  • WebDatabaseManager.cpp:

(WebDatabaseManager::sharedWebDatabaseManager):
(WebDatabaseManager::origins):
(WebDatabaseManager::databasesWithOrigin):
(WebDatabaseManager::detailsForDatabase):
(WebDatabaseManager::deleteAllDatabases):
(WebDatabaseManager::deleteOrigin):
(WebDatabaseManager::deleteDatabase):
(WebDatabaseManager::setQuota):
(WebKitInitializeWebDatabasesIfNecessary):

  • WebSecurityOrigin.cpp:

(WebSecurityOrigin::usage):
(WebSecurityOrigin::quota):
(WebSecurityOrigin::setQuota):

  • WebView.cpp:

(WebView::notifyPreferencesChanged):

Source/WebKit2:

  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::exceededDatabaseQuota):

  • WebProcess/WebCoreSupport/WebDatabaseManager.cpp:

(WebKit::WebDatabaseManager::initialize):
(WebKit::WebDatabaseManager::getDatabasesByOrigin):
(WebKit::WebDatabaseManager::getDatabaseOrigins):
(WebKit::WebDatabaseManager::deleteDatabaseWithNameForOrigin):
(WebKit::WebDatabaseManager::deleteDatabasesForOrigin):
(WebKit::WebDatabaseManager::deleteAllDatabases):
(WebKit::WebDatabaseManager::setQuotaForOrigin):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

14:44 Changeset [180703] by fpizlo@apple.com
  • 7 edits
    11 adds in trunk

Various array access corner cases should take OSR exit feedback
https://bugs.webkit.org/show_bug.cgi?id=142056

Reviewed by Geoffrey Garen.
Source/JavaScriptCore:


Two major changes here:

  • Don't keep converting GetById into GetArrayLength if we exited due to any kind of array type check.


  • Use a generic form of GetByVal/PutByVal if we exited due to any kind of exotic checks, like the Arguments safety checks. We use the "ExoticObjectMode" for out-of-bounds on arguments for now, since it's a convenient way of forcing out-of-bounds to be handled by the Generic array mode.
  • bytecode/ExitKind.cpp:

(JSC::exitKindToString):

  • bytecode/ExitKind.h:
  • dfg/DFGArrayMode.cpp:

(JSC::DFG::ArrayMode::refine):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetByValOnArguments):
(JSC::DFG::SpeculativeJIT::compileGetArgumentsLength):

  • tests/stress/array-length-array-storage-plain-object.js: Added.

(foo):

  • tests/stress/array-length-plain-object.js: Added.

(foo):

LayoutTests:

  • js/regress/arguments-out-of-bounds-expected.txt: Added.
  • js/regress/arguments-out-of-bounds.html: Added.
  • js/regress/exit-length-on-plain-object-expected.txt: Added.
  • js/regress/exit-length-on-plain-object.html: Added.
  • js/regress/script-tests/arguments-out-of-bounds.js: Added.

(foo):
(bar):

  • js/regress/script-tests/exit-length-on-plain-object.js: Added.

(foo):

  • js/regress/script-tests/string-out-of-bounds.js: Added.

(bar):

  • js/regress/string-out-of-bounds-expected.txt: Added.
  • js/regress/string-out-of-bounds.html: Added.
14:25 Changeset [180702] by lforschler@apple.com
  • 4 edits
    2 copies in branches/safari-600.1.4.15-branch/Source/JavaScriptCore

Merged r180452. rdar://problem/19966376

14:24 Changeset [180701] by ggaren@apple.com
  • 6 edits in trunk/Source/bmalloc

bmalloc: Large object free list can grow infinitely
https://bugs.webkit.org/show_bug.cgi?id=142055

Reviewed by Andreas Kling.

By design, we don't eagerly remove large objects from the free list.
This creates two simple pathologies:

(1) If you free and then allocate the same object repeatedly, it will
duplicate itself in the free list repeatedly. Since it is never
invalid at the time of allocation, it will never be removed.

(2) If you split and then merge the same object repeatedly, it will
duplicate its split sibling in the free list repeatedly. If its
sibling is in a separate free list size class, it will never be
consulted at the time of allocation, so it will never be removed.

So, a simple "while (1) { free(malloc(x)); }" causes infinite memory
use in the free list.

The solution in this patch is a simple helper to remove garbage from the
free list if it grows too large. This pathology is not common, so the
cost is OK.

Long-term, perhaps we should rethink the laziness of these free lists.

  • bmalloc/BoundaryTag.h:

(bmalloc::BoundaryTag::isMarked):
(bmalloc::BoundaryTag::setMarked): New bit, used by free list GC.

  • bmalloc/FreeList.cpp:

(bmalloc::FreeList::removeInvalidAndDuplicateEntries): The GC algorithm.

  • bmalloc/FreeList.h:

(bmalloc::FreeList::FreeList):
(bmalloc::FreeList::push): Invoke the GC if we're getting huge.

  • bmalloc/LargeObject.h:

(bmalloc::LargeObject::isMarked):
(bmalloc::LargeObject::setMarked):
(bmalloc::LargeObject::validateSelf): Expose the new bit.

  • bmalloc/Sizes.h: New constant to control GC frequency.
14:22 Changeset [180700] by ossy@webkit.org
  • 3 edits in trunk/Source/WebCore

Fix the !ENABLE(GEOLOCATION) build after r180533
https://bugs.webkit.org/show_bug.cgi?id=142053

Reviewed by Chris Dumez.

  • Modules/geolocation/GeoNotifier.cpp:
  • Modules/geolocation/GeoNotifier.h:
14:21 Changeset [180699] by lforschler@apple.com
  • 2 edits in branches/safari-600.1.4.15-branch/Source/WebKit2

Merged r179904. rdar://problem/19966381

14:18 Changeset [180698] by lforschler@apple.com
  • 4 edits
    2 copies in branches/safari-600.1.4.15-branch

Merged r180174. rdar://problem/19966344

14:04 Changeset [180697] by ossy@webkit.org
  • 2 edits in trunk/Tools

[EFL] Bump EFL version to 1.13.0
https://bugs.webkit.org/show_bug.cgi?id=141708

Reviewed by Gyuyoung Kim.

  • efl/jhbuild.modules:
13:42 March 2015 Meeting edited by burg@cs.washington.edu
(diff)
13:04 Changeset [180696] by dino@apple.com
  • 3 edits in trunk/Source/WebCore

[iOS Media] incorrect front padding on time values
https://bugs.webkit.org/show_bug.cgi?id=142027
<rdar://problem/19960790>

Reviewed by Brent Fulgham.

My last commit was updating the OS X file,
not the iOS file.

We don't want to prefix times with a "0".

  • Modules/mediacontrols/mediaControlsApple.js:

(Controller.prototype.formatTime):

  • Modules/mediacontrols/mediaControlsiOS.js:

(ControllerIOS.prototype.formatTime):

12:40 Changeset [180695] by ossy@webkit.org
  • 2 edits in trunk/Source/bmalloc

URTBF after r180693.

  • CMakeLists.txt:
12:20 Changeset [180694] by ggaren@apple.com
  • 2 edits in trunk/Source/bmalloc

2015-02-26 Geoffrey Garen <ggaren@apple.com>

Try to fix the Mac build.

Unreviewed.

  • bmalloc.xcodeproj/project.pbxproj: Make FreeList.h available.
12:05 Changeset [180693] by ggaren@apple.com
  • 7 edits
    2 copies
    1 delete in trunk/Source/bmalloc

bmalloc: Refactored SegregatedFreeList and BoundaryTag::init
https://bugs.webkit.org/show_bug.cgi?id=142049

Reviewed by Anders Carlsson.

Split out a FreeList class from SegregatedFreeList. This will make it
easier to add behaviors on free list insertion and removal -- and it's
probably how I should have designed things at the start.

Moved BoundaryTag::init into LargeObject, since all the related logic
lives in LargeObject now too, and this allows us to remove BoundaryTagInlines.h.

  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/BoundaryTagInlines.h: Removed.
  • bmalloc/FreeList.cpp: Copied from Source/bmalloc/bmalloc/SegregatedFreeList.cpp.

(bmalloc::FreeList::takeGreedy):
(bmalloc::FreeList::take):
(bmalloc::SegregatedFreeList::SegregatedFreeList): Deleted.
(bmalloc::SegregatedFreeList::insert): Deleted.
(bmalloc::SegregatedFreeList::takeGreedy): Deleted.
(bmalloc::SegregatedFreeList::take): Deleted.

  • bmalloc/FreeList.h: Copied from Source/bmalloc/bmalloc/SegregatedFreeList.h.

(bmalloc::FreeList::push):

  • bmalloc/LargeObject.h:

(bmalloc::LargeObject::init):

  • bmalloc/SegregatedFreeList.cpp:

(bmalloc::SegregatedFreeList::SegregatedFreeList):
(bmalloc::SegregatedFreeList::insert):
(bmalloc::SegregatedFreeList::takeGreedy):
(bmalloc::SegregatedFreeList::take):

  • bmalloc/SegregatedFreeList.h:
  • bmalloc/Sizes.h:
  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::grow):

11:56 Changeset [180692] by lforschler@apple.com
  • 10 edits in branches/safari-600.1.4.15-branch/Source

Merged r179480. rdar://problem/19709193

11:51 Changeset [180691] by fpizlo@apple.com
  • 29 edits
    2 moves
    1 add in trunk/Source/JavaScriptCore

DFG SSA stack accesses shouldn't speak of VariableAccessDatas
https://bugs.webkit.org/show_bug.cgi?id=142036

Reviewed by Michael Saboff.

VariableAccessData is a useful thing in LoadStore and ThreadedCPS, but it's purely harmful in
SSA because you can't cook up new VariableAccessDatas. So, if you know that you want to load
or store to the stack, and you know what format to use as well as the location, then prior to
this patch you couldn't do it unless you found some existing VariableAccessData that matched
your requirements. That can be a hard task.

It's better if SSA doesn't speak of VariableAccessDatas but instead just has stack accesses
that speak of the things that a stack access needs: local, machineLocal, and format. This
patch changes the SSA way of accessing the stack to do just that.

Also add more IR validation.

  • CMakeLists.txt:
  • JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGFlushFormat.h:

(JSC::DFG::isConcrete):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::dump):

  • dfg/DFGGraph.h:
  • dfg/DFGMayExit.cpp:

(JSC::DFG::mayExit):

  • dfg/DFGNode.cpp:

(JSC::DFG::Node::hasVariableAccessData):

  • dfg/DFGNode.h:

(JSC::DFG::StackAccessData::StackAccessData):
(JSC::DFG::StackAccessData::flushedAt):
(JSC::DFG::Node::convertToPutStack):
(JSC::DFG::Node::convertToGetStack):
(JSC::DFG::Node::hasUnlinkedLocal):
(JSC::DFG::Node::hasStackAccessData):
(JSC::DFG::Node::stackAccessData):
(JSC::DFG::Node::willHaveCodeGenOrOSR):

  • dfg/DFGNodeType.h:
  • dfg/DFGOSRAvailabilityAnalysisPhase.cpp:

(JSC::DFG::LocalOSRAvailabilityCalculator::executeNode):

  • dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGPutLocalSinkingPhase.cpp: Removed.
  • dfg/DFGPutLocalSinkingPhase.h: Removed.
  • dfg/DFGPutStackSinkingPhase.cpp: Copied from Source/JavaScriptCore/dfg/DFGPutLocalSinkingPhase.cpp.

(JSC::DFG::performPutStackSinking):
(JSC::DFG::performPutLocalSinking): Deleted.

  • dfg/DFGPutStackSinkingPhase.h: Copied from Source/JavaScriptCore/dfg/DFGPutLocalSinkingPhase.h.
  • dfg/DFGSSAConversionPhase.cpp:

(JSC::DFG::SSAConversionPhase::run):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGStackLayoutPhase.cpp:

(JSC::DFG::StackLayoutPhase::run):

  • dfg/DFGValidate.cpp:

(JSC::DFG::Validate::validate):
(JSC::DFG::Validate::validateCPS):
(JSC::DFG::Validate::validateSSA):

  • dfg/DFGVirtualRegisterAllocationPhase.cpp:

(JSC::DFG::VirtualRegisterAllocationPhase::run):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::LowerDFGToLLVM::lower):
(JSC::FTL::LowerDFGToLLVM::compileNode):
(JSC::FTL::LowerDFGToLLVM::compileGetStack):
(JSC::FTL::LowerDFGToLLVM::compilePutStack):
(JSC::FTL::LowerDFGToLLVM::compileGetLocal): Deleted.
(JSC::FTL::LowerDFGToLLVM::compilePutLocal): Deleted.

  • ftl/FTLOSRExit.h:
  • tests/stress/many-sunken-locals.js: Added. This failure mode was caught by some miscellaneous test, so I figured I should write an explicit test for it.

(foo):
(bar):
(baz):
(fuzz):
(buzz):

11:44 Changeset [180690] by mark.lam@apple.com
  • 10 edits in trunk

Rolling out r180602, r180608, r180613, r180617, r180671.
<https://webkit.org/b/141990>

Not reviewed.

The r180602 solution does result in more work for GC when worker
threads are in use. Filip is uncomfortable with that.
The EFL and GTK ports also seem to be unhappy with this change.
Rolling out while we investigate.

Source/JavaScriptCore:

  • heap/Heap.cpp:

(JSC::Heap::Heap):
(JSC::Heap::gatherStackRoots):
(JSC::Heap::machineThreads): Deleted.

  • heap/Heap.h:

(JSC::Heap::machineThreads):

  • heap/MachineStackMarker.cpp:

(JSC::MachineThreads::MachineThreads):
(JSC::MachineThreads::~MachineThreads):
(JSC::MachineThreads::addCurrentThread):

  • heap/MachineStackMarker.h:
  • runtime/JSLock.cpp:

(JSC::JSLock::didAcquireLock):

Source/WebCore:

  • bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::commonVM):

LayoutTests:

  • platform/efl/TestExpectations:
11:39 Changeset [180689] by mmaxfield@apple.com
  • 21 edits
    2 adds in trunk

Source/JavaScriptCore:
[Mac] [iOS] Parsing support for -apple-trailing-word
https://bugs.webkit.org/show_bug.cgi?id=141939

Reviewed by Andreas Kling.

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:
[Mac] [iOS] Parsing support for -apple-trailing-word
https://bugs.webkit.org/show_bug.cgi?id=141939

Reviewed by Andreas Kling.

This patch implements initial parsing support for the -apple-trailing-word CSS property.
This property has two possible (mutually exclusive) values: auto and
-apple-partially-balanced. This property is inherited.

The work for this property is behind the ENABLE(CSS_TRAILING_WORD) preprocessor define.

This is an internal property that will allow us to control line breaking behavior for
short paragraphs.

Note that, because of the implementation of cssValueKeywordID() in CSSParser.cpp,
the new value must be implemented as -webkit-partially-balanced. Using the -apple-
prefix will work, but if you getComputedStyle(), it will return the -webkit- prefixed
version.

Test: platform/mac/fast/text/trailing-word-parse.html

  • Configurations/FeatureDefines.xcconfig:
  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::propertyValue): Turn internal representation into a
CSS value.

  • css/CSSParser.cpp:

(WebCore::isValidKeywordPropertyAndValue): Updated for new keyword property / value
pair.
(WebCore::isKeywordPropertyID): New property is a keyword property.
(WebCore::CSSParser::parseValue): Use the keyword property codepath.

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Convert to and from the internal
representation and CSS values.
(WebCore::CSSPrimitiveValue::operator TrailingWord):

  • css/CSSPropertyNames.in: New property.
  • css/CSSValueKeywords.in: New value.
  • rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::canUseFor): Can't use SimpleLineLayout for this.

  • rendering/style/RenderStyle.h: Getter, setter and initial value.
  • rendering/style/RenderStyleConstants.h: Internal data type.
  • rendering/style/StyleRareInheritedData.h: One bit to control this style property.
  • rendering/style/StyleRareInheritedData.cpp: Update constructors and operators.

Source/WebKit/mac:
[Mac] [iOS] Parsing support for -apple-trailing-word
https://bugs.webkit.org/show_bug.cgi?id=141939

Reviewed by Andreas Kling.

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit2:
[Mac] [iOS] Parsing support for -apple-trailing-word
https://bugs.webkit.org/show_bug.cgi?id=141939

Reviewed by Andreas Kling.

  • Configurations/FeatureDefines.xcconfig:

LayoutTests:
Parsing support for -webkit-trailing-word
https://bugs.webkit.org/show_bug.cgi?id=141939

Reviewed by Andreas Kling.

Test parsing using getComputedStyle().

  • fast/css3-text/css3-text-decoration/text-decoration-skip/text-decoration-skip-roundtrip.html: Updated.
  • fast/css3-text/css3-text-decoration/text-decoration-skip/text-decoration-skip-roundtrip-expected.txt: Updated.
  • platform/mac/fast/text/trailing-word-parse-expected.txt: Added.
  • platform/mac/fast/text/trailing-word-parse.html: Added.
11:30 Changeset [180688] by ggaren@apple.com
  • 4 edits in trunk/Source/bmalloc

bmalloc: free up a bit in BoundaryTag
https://bugs.webkit.org/show_bug.cgi?id=142048

Reviewed by Brady Eidson.

We were wasting a bit by accident, and I need one now.

  • bmalloc/Algorithm.h:

(bmalloc::rightShift): Deleted. Not needed, now that I've simplified
the math.

  • bmalloc/BoundaryTag.h: Since each boundary tag bucket is 1024 bytes

long, the maximum offset into a bucket is 1023.

You need 5 bits to count up to 1024, but only 4 to count up to 1023.

Math is hard.

(bmalloc::BoundaryTag::compactBegin): Switched to division because it
is simpler, and easier to match up with our ASSERT. The compiler will
turn division by constant power of two into a shift for us.

(bmalloc::BoundaryTag::setRange): Added an ASSERT for compactBegin
because we do encode it, so we should ASSERT that encoding did not
lose information.

  • bmalloc/Sizes.h: Shifting is no longer used since we use division

instead.

11:29 Changeset [180687] by beidson@apple.com
  • 4 edits in trunk

Make WKPageGroupRemoveAllUserContentFilters actually remove all user content filters
https://bugs.webkit.org/show_bug.cgi?id=142047

Reviewed by Geoff Garen.

Source/WebKit2:

  • UIProcess/API/C/WKPageGroup.cpp:

(WKPageGroupRemoveAllUserContentFilters): Remove all content filters instead of removing all user scripts.

LayoutTests:

  • platform/mac-wk2/TestExpectations: Renable content filter tests, as they should no longer interfere with others.
11:16 Changeset [180686] by roger_fong@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed. Fix a accidental deletion from r178674.

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::create):
Return the fake WebGL context.

10:37 Changeset [180685] by commit-queue@webkit.org
  • 6 edits in trunk

Cleanup RenderSVGResourceClipper class.
https://bugs.webkit.org/show_bug.cgi?id=142032.

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2015-02-26
Reviewed by Darin Adler.
Source/WebCore:

This is a follow up for r180643: <http://trac.webkit.org/changeset/180643>.
It includes cleanup for RenderSVGResourceClipper class.

  • rendering/svg/RenderSVGResourceClipper.cpp:

(WebCore::RenderSVGResourceClipper::applyClippingToContext):
(WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):

  • rendering/svg/RenderSVGResourceClipper.h: Change ClipperData to be a

typedef instead of a class and rename it to ClipperMaskImage. The purpose
of having it a class even though it includes only one member was because
we wanted it to be WTF_MAKE_FAST_ALLOCATED. We do not need to allocate it
as a separate object on the heap anymore.

(WebCore::RenderSVGResourceClipper::addRendererToClipper): Instead of doing
double hash table lookups by calling HashMap::contains() and then HashMap::get(),
we can use HashMap::add() instead.

LayoutTests:

  • svg/clip-path/clip-path-line-use-before-defined-expected.svg:
  • svg/clip-path/clip-path-line-use-before-defined.svg: Simplify the test

and make separate drawings for different cases.

10:36 Changeset [180684] by msaboff@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

[Win] Debug-only JavaScriptCore failures
https://bugs.webkit.org/show_bug.cgi?id=142045

Rubber stamped by Filip Pizlo.

Reduced loop count to a more reasonable value of 10,000. This still gets us to tier up
to the FTL, but doesn't take too long to run.

  • tests/stress/repeated-arity-check-fail.js:
10:34 Changeset [180683] by commit-queue@webkit.org
  • 6 edits
    6 adds in trunk

Setting any of the <object> element plugin controlling attributes does not have any affect.
https://bugs.webkit.org/show_bug.cgi?id=141936.

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2015-02-26
Reviewed by Zalan Bujtas.

Source/WebCore:

When setting any of the <object> element plugin controlling attributes
dynamically we need to mark the the element to be dirty by calling
setNeedsStyleRecalc(), so it has to recreate its renderer when needed.

Test: svg/as-object/svg-in-object-dynamic-attribute-change.html

  • dom/Element.h: Delete unimplemented function.
  • html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::parseAttribute): Dirty the element by calling
setNeedsStyleRecalc() when one of the plugin controlling attributes gets
changed. We have to clear the m_useFallbackContent because the attribute's
new value might fix the object rendering.

  • html/HTMLObjectElement.h: Add a function to clear m_useFallbackContent.
  • html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::willRecalcStyle): We might need to
reconstruct the object renderer in the image case. This can happen if the
image was rendering fallback content and the attribute's new value fixes
the object rendering.

LayoutTests:

  • svg/as-object/resources/lime100x100.html: Added.
  • svg/as-object/resources/lime100x100.png: Added.
  • svg/as-object/resources/lime100x100.svg: Added.
  • svg/as-object/resources/red100x100.svg: Added.
  • svg/as-object/svg-in-object-dynamic-attribute-change-expected.html: Added.
  • svg/as-object/svg-in-object-dynamic-attribute-change.html: Added.

Ensure that changing the 'type' and the 'data' attributes of the <object>
element will have the expected outcome. Also make sure that the <object>
element renderer falls back correctly when setting any of the attributes
to some unexpected value.

10:33 Changeset [180682] by weinig@apple.com
  • 1 edit
    1 add in trunk/Tools

Check in missing WebEditingTester.xcconfig file.

  • WebEditingTester/Configurations/WebEditingTester.xcconfig: Added.
10:32 Changeset [180681] by ossy@webkit.org
  • 3 edits in trunk/Tools

[webkitpy] Remove skipped file related crufts
https://bugs.webkit.org/show_bug.cgi?id=142046

Reviewed by Ryosuke Niwa.

  • Scripts/webkitpy/port/base.py:

(Port.skipped_layout_tests):
(Port._tests_from_skipped_file_contents): Deleted.
(Port): Deleted.
(Port._expectations_from_skipped_files): Deleted.

  • Scripts/webkitpy/port/mac_unittest.py:

(MacTest.test_default_timeout_ms):
(MacTest): Deleted.
(test_tests_from_skipped_file_contents): Deleted.

10:19 Changeset [180680] by bfulgham@apple.com
  • 2 edits in trunk/WebKitLibraries

[Win] Unreviewed build fix after r180676.

I forgot to checkin one of the more important changes!

  • win/tools/vsprops/common.props:
10:03 Changeset [180679] by bshafiei@apple.com
  • 4 edits in branches/safari-600.5-branch/Source/JavaScriptCore

Merge patch for r180247 and r180249. rdar://problem/19877186

09:30 Changeset [180678] by bfulgham@apple.com
  • 2 edits in trunk/LayoutTests

[Win] Unreviewed test updates for Debug bots.

  • platform/win/TestExpectations:
09:04 Changeset [180677] by bfulgham@apple.com
  • 4 edits
    2 adds in trunk/Tools

[Win] Unreviewed WinCairo build fix after r180653.

TestWebKitAPI should know about proper WEBCORE_EXPORT definitions.

  • TestWebKitAPI/TestWebKitAPI.vcxproj/TestWebKitAPI.vcxproj:
  • TestWebKitAPI/TestWebKitAPI.vcxproj/TestWebKitAPI.vcxproj.filters:
  • TestWebKitAPI/TestWebKitAPI.vcxproj/TestWebKitAPICommon.props:
  • TestWebKitAPI/win/TestWebKitAPIPrefix.cpp: Added.
  • TestWebKitAPI/win/TestWebKitAPIPrefix.h: Added.
08:51 Changeset [180676] by bfulgham@apple.com
  • 31 edits in trunk

[Win] Make build logs more legible by reducing noise
https://bugs.webkit.org/show_bug.cgi?id=142034

Reviewed by Alexey Proskuryakov.

Modify batch files, makefiles, and DOS commands to remove
uninteresting/unhelpful output.

Source/JavaScriptCore:

Source/WebCore:

  • WebCore.vcxproj/WebCoreGenerated.make:
  • WebCore.vcxproj/WebCorePreBuild.cmd:
  • WebCore.vcxproj/copyForwardingHeaders.cmd:
  • WebCore.vcxproj/copyWebCoreResourceFiles.cmd:

Source/WebInspectorUI:

  • WebInspectorUI.vcxproj/WebInspectorUI.make:

Source/WebKit:

  • WebKit.vcxproj/Interfaces/InterfacesPostBuild.cmd:
  • WebKit.vcxproj/Interfaces/InterfacesPreBuild.cmd:
  • WebKit.vcxproj/WebKit/WebKitPostBuild.cmd:
  • WebKit.vcxproj/WebKit/WebKitPreBuild.cmd:
  • WebKit.vcxproj/WebKitGUID/WebKitGUIDPreBuild.cmd:

Source/WTF:

  • WTF.vcxproj/WTFGenerated.make:
  • WTF.vcxproj/WTFPreBuild.cmd:
  • WTF.vcxproj/copy-files.cmd:

WebKitLibraries:

  • win/tools/vsprops/common.props:
08:24 Changeset [180675] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[FreeType] REGRESSION(r180563): Introduced crashes
https://bugs.webkit.org/show_bug.cgi?id=142044

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2015-02-26
Reviewed by Martin Robinson.

No new tests, should be caught by any woff font test.

Use optionsPattern, not m_pattern, when m_pattern may be null.

  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::FontPlatformData::initializeWithFontFace):

07:34 WebKitGTK/2.8.x edited by mcatanzaro@igalia.com
r180563 introduced crashes (diff)
07:33 WebKitGTK/2.6.x edited by mcatanzaro@igalia.com
Remove r180563, it introduced crashes (diff)
07:21 Changeset [180674] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WTF

Revert bug 19975, now that gcc 4.7 is required.
https://bugs.webkit.org/show_bug.cgi?id=129927

Patch by Landry Breuil <landry@openbsd.org> on 2015-02-26
Reviewed by Andreas Kling.

isfinite() and signbit() are provided by gcc's cmath header.

  • wtf/MathExtras.h:
06:55 WebKitGTK/Gardening/Calendar edited by clopez@igalia.com
(diff)
05:53 Changeset [180673] by ossy@webkit.org
  • 2 edits in trunk

[EFL] Remove unnecessary comment after r179110
https://bugs.webkit.org/show_bug.cgi?id=142042

Reviewed by Gyuyoung Kim.

  • Source/cmake/OptionsEfl.cmake:
05:44 Changeset [180672] by ossy@webkit.org
  • 5 edits in trunk/LayoutTests

[WK2] Unreviewed gardening, skip failing tests related to missing
EventSender.beginDragWithFiles implementation in wk2/TestExpectations.

There is no good reason to wait for 30 seconds timeout, let's skip them everywhere.

  • platform/efl/TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/mac-wk2/TestExpectations:
  • platform/wk2/TestExpectations:
03:44 Changeset [180671] by ossy@webkit.org
  • 2 edits in trunk/LayoutTests

[EFL] Unreviewed gardening, skip fast/workers tests to unbreak the buildbot.
https://bugs.webkit.org/show_bug.cgi?id=142041

  • platform/efl/TestExpectations:
03:33 Changeset [180670] by ossy@webkit.org
  • 2 edits in trunk/LayoutTests

[EFL] Unreviewed gardening, comment out old expectations
of WebGL tests to really skip them as we expected.

  • platform/efl/TestExpectations:
02:58 Changeset [180669] by svillar@igalia.com
  • 4 edits
    2 adds in trunk

ASSERTION FAILED: !length.isUndefined() in WebCore::GridLength::GridLength
https://bugs.webkit.org/show_bug.cgi?id=141645

Reviewed by Chris Dumez.

Source/WebCore:

This bug has been here since r110484 but was uncovered by
r180140. The problem r110484 was trying to fix was that
CSSPrimitiveValue::convertToLength<Length> ended up calling
CSSPrimitiveValue::computeLengthDouble() which was apparently
dereferencing conversionData.style() and
conversionData.rootStyle() pointers without checking them. That's
why that fix added this condition to convertToLength():

isFontRelativeLength() && (!conversionData.style()
!conversionData.rootStyle())

which is not correct, because for the 4 possible font relative
length types, 3 of them just use the style() pointer and the other
one just uses rootStyle() which BTW could be NULL. This erroneous
condition makes that function to return Length(Undefined) more
often than it should.

From now on it only returns Length(Undefined) if the style()
pointer is NULL and the font relative length type is one in the
set (CSS_EMS, CSS_EXS, CSS_CHS);

Test: fast/css-grid-layout/grid-with-relative-font-length-crash.html

  • css/CSSPrimitiveValue.h:
  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::convertingToLengthRequiresNonNullStyle):
(WebCore::CSSPrimitiveValue::convertToLength):

LayoutTests:

  • fast/css-grid-layout/grid-with-relative-font-length-crash-expected.txt: Added.
  • fast/css-grid-layout/grid-with-relative-font-length-crash.html: Added.
02:50 Changeset [180668] by ossy@webkit.org
  • 2 edits in trunk/Source/WTF

UNREACHABLE_FOR_PLATFORM() should be release assert
https://bugs.webkit.org/show_bug.cgi?id=141904

Reviewed by Darin Adler.

  • wtf/Assertions.h:

(UNREACHABLE_FOR_PLATFORM):

01:20 Changeset [180667] by ossy@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Add calleeSaveRegisters() implementation for ARM Traditional
https://bugs.webkit.org/show_bug.cgi?id=141903

Reviewed by Darin Adler.

  • jit/RegisterSet.cpp:

(JSC::RegisterSet::calleeSaveRegisters):

00:15 Changeset [180666] by akling@apple.com
  • 2 edits in trunk/Source/WebCore

[Cocoa] Prod libcache to drop caches in memory pressure relief handler.
<https://webkit.org/b/142024>
<rdar://problem/19966096>

Reviewed by Antti Koivisto.

libcache already listens to the OS memory pressure notifications, but we still
need to manually request a cleanup when doing an iOS process suspension, or when
simulating memory pressure.

  • platform/cocoa/MemoryPressureHandlerCocoa.mm:

(WebCore::MemoryPressureHandler::platformReleaseMemory): Call out to libcache's
cache_simulate_memory_warning_event() to make sure that nonessential objects
being kept alive by NSCaches get dropped when we need the memory.

00:00 Changeset [180665] by bshafiei@apple.com
  • 9 edits
    2 copies in branches/safari-600.1.4.15-branch

Merged r180274. rdar://problem/19878981

Note: See TracTimeline for information about the timeline view.