Timeline


and

04/16/14: Today

08:38 April 2014 Meeting edited by dino@apple.com
(diff)
08:37 April 2014 Meeting edited by dino@apple.com
(diff)
08:35 WebGL.pdf attached to April 2014 Meeting by dino@apple.com
WebGL Slides
08:33 April 2014 Meeting edited by dino@apple.com
(diff)
07:24 Changeset [167347] by rgabor@webkit.org

Unreviewed, ARM64 buildfix after r167336.

  • assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::branchAdd32): Add missing function.

05:25 Changeset [167346] by commit-queue@webkit.org

[EFL] Cleanup the build from unused parameters in WebKit-efl.
https://bugs.webkit.org/show_bug.cgi?id=131677.

Patch by Jeongeun Kim <je_julie.kim@samsung.com> on 2014-04-16
Reviewed by Gyuyoung Kim.

Changed ASSERT to ASSERT_UNUSED if it's just used for ASSERT.

  • ewk/ewk_view.cpp:

(ewk_view_scroll):

04:27 WebKitGTK edited by agomez@igalia.com
Updated the introduction text (diff)
04:26 Changeset [167345] by gyuyoung.kim@samsung.com

Unreviewed EFL gardening. Some test modules come to crash since buildbot uses
Ubuntu 13.10. Skip those crash modules for now.

  • platform/efl-wk2/TestExpectations:
04:25 WebKitGTK/StartHacking edited by agomez@igalia.com
Correcting typos (diff)
04:18 WebKitGTK/StartHacking edited by agomez@igalia.com
Removed specific information for stable and unstable branches and replaced … (diff)
03:19 Changeset [167344] by carlosgc@webkit.org

REGRESSION(r166779): [GTK] Printing doesn't work since r166779
https://bugs.webkit.org/show_bug.cgi?id=131725

Reviewed by Philippe Normand.

  • Source/cmake/OptionsGTK.cmake: Check GTK_UNIX_PRINT_FOUND

instead of GTK_UNIX_PRINTING_FOUND and set the macro
HAVE_GTK_UNIX_PRINTING to 1 when found.

04/15/14: Yesterday

22:16 Changeset [167343] by mitz@apple.com

[Cocoa] Add a form delegate method corresponding to willSubmitForm
https://bugs.webkit.org/show_bug.cgi?id=131718

Reviewed by Tim Horton.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setFormDelegate:]): Changed to define and create a FormClient (which derives
from API::FormClient and messages a delegate), and set it as the form client.

  • UIProcess/API/Cocoa/_WKFormDelegate.h: Declared new delegate method.
  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFormDelegatePrivate.h: Added a

variant of willSubmitForm that returs a user object to pass to the delegate in the UI
process, giving it a temporary name with “new”.

  • WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:

(-[WKWebProcessPlugInBrowserContextController _setFormDelegate:]): Changed willSubmitForm()
to check for the new bundle delegate method first and encode the user object as user data.
Moved the encoding of an NSObject <NSSecureCoding> as user data into a helper function.

20:45 Changeset [167342] by commit-queue@webkit.org

[EFL] Fix problems with the pixel dump.
https://bugs.webkit.org/show_bug.cgi?id=131265

Patch by Hyowon Kim <hw1008.kim@samsung.com> on 2014-04-15
Reviewed by Gyuyoung Kim.

Painting and compositing paths of WebKit-EFL were totally modified from r166768.
However pixel dump codes still call deprecated functions like ewk_view_paint(),
which causes that nothing is drawn.

This patch adds new member functions to AcceleratedCompositingContext to support pixel dump.
One of new functions is AcceleratedCompositingContext::extractImageData(),
which replaces deprecated function calls. Besides the extractImageData() is invoked by
ewk_view_screenshot_contents_get() in order to take the visible content displayed on the EFL webview.

Source/WebCore:

  • platform/graphics/cairo/CairoUtilities.cpp:

(WebCore::flipImageSurfaceVertically): Flip pixel data of given cairo_surface_t vertically up/down.
Whereas Cairo uses the top-left corner as being 0,0 of the coordinate system,
OpenGL uses the bottom-left corner being 0,0.
So we need to vertically flip resultant images taken by glReadPixels().

  • platform/graphics/cairo/CairoUtilities.h:

Source/WebKit/efl:

  • WebCoreSupport/AcceleratedCompositingContextEfl.cpp:

(WebCore::AcceleratedCompositingContext::AcceleratedCompositingContext):
Create TextureMapper with a proper backend.
(WebCore::AcceleratedCompositingContext::flushPendingLayerChanges):
Revise a null check for m_rootLayer.
(WebCore::AcceleratedCompositingContext::paintToGraphicsContext):
Remove a creation check for TextureMapperGL.
(WebCore::AcceleratedCompositingContext::paintToCurrentGLContext):
Ditto.
(WebCore::AcceleratedCompositingContext::extractImageData):
Extract image data from the view and copy it to given Evas_Object.
(WebCore::AcceleratedCompositingContext::getImageData):
Get image data from the view and return it as cairo_surface_t on software mode.
(WebCore::AcceleratedCompositingContext::getImageDataGL):
Get image data from the view and return it as cairo_surface_t on GL mode.

  • WebCoreSupport/AcceleratedCompositingContextEfl.h:
  • WebCoreSupport/DumpRenderTreeSupportEfl.cpp:

(DumpRenderTreeSupportEfl::forcePaint): Repaint the entire webview before pixel dump.

  • WebCoreSupport/DumpRenderTreeSupportEfl.h:
  • ewk/ewk_view.cpp:

(ewk_view_mark_for_sync): Remove an unnecessary line.
(ewk_view_force_paint): Call flushAndRenderLayers().
(ewk_view_screenshot_contents_get): Remove 'scale' parameter and replace ewk_view_paint()
with AcceleratedCompositingContext::extractImageData().

  • ewk/ewk_view.h:
  • ewk/ewk_view_private.h:
  • tests/test_ewk_view.cpp:

(TEST_F):

Tools:

  • DumpRenderTree/efl/PixelDumpSupportEfl.cpp:

(createBitmapContextFromWebView): Add to call DumpRenderTreeSupportEfl::forcePaint().

19:42 Changeset [167341] by fpizlo@apple.com

Unreviewed, add the obvious thing that marks MakeRope as exiting since it can exit.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

19:04 Changeset [167340] by commit-queue@webkit.org

Make page overlay functionality working on coordinated graphics.
https://bugs.webkit.org/show_bug.cgi?id=131425

Patch by Hyowon Kim <hw1008.kim@samsung.com> on 2014-04-15
Reviewed by Darin Adler.

Page overlay functionality did not work on coordinated graphics since r166975.
This patch removes deprecated code related to the PageOverlay GraphicsLayer management.
and makes CoordinatedLayerTreeHost use PageOverlayController.

Source/WebCore:

  • platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:

(WebCore::CompositingCoordinator::setRootCompositingLayer):
(WebCore::CompositingCoordinator::flushPendingLayerChanges):

  • platform/graphics/texmap/coordinated/CompositingCoordinator.h:

Source/WebKit2:

  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedDrawingArea.cpp:

(WebKit::CoordinatedDrawingArea::mainFrameContentSizeChanged):
(WebKit::CoordinatedDrawingArea::didInstallPageOverlay): Deleted.
(WebKit::CoordinatedDrawingArea::didUninstallPageOverlay): Deleted.
(WebKit::CoordinatedDrawingArea::setPageOverlayNeedsDisplay): Deleted.
(WebKit::CoordinatedDrawingArea::setPageOverlayOpacity): Deleted.

  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedDrawingArea.h:
  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp:

(WebKit::CoordinatedLayerTreeHost::setRootCompositingLayer):
(WebKit::CoordinatedLayerTreeHost::didFlushRootLayer):
(WebKit::CoordinatedLayerTreeHost::deviceOrPageScaleFactorChanged):
(WebKit::CoordinatedLayerTreeHost::didInstallPageOverlay): Deleted.
(WebKit::CoordinatedLayerTreeHost::didUninstallPageOverlay): Deleted.
(WebKit::CoordinatedLayerTreeHost::setPageOverlayNeedsDisplay): Deleted.
(WebKit::CoordinatedLayerTreeHost::setPageOverlayOpacity): Deleted.
(WebKit::CoordinatedLayerTreeHost::createPageOverlayLayer): Deleted.
(WebKit::CoordinatedLayerTreeHost::destroyPageOverlayLayer): Deleted.

  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.h:
  • WebProcess/WebPage/LayerTreeHost.h:

(WebKit::LayerTreeHost::didInstallPageOverlay):
(WebKit::LayerTreeHost::didUninstallPageOverlay):
(WebKit::LayerTreeHost::setPageOverlayNeedsDisplay):

17:58 More Awesome created by dino@apple.com
17:57 April 2014 Meeting edited by dino@apple.com
(diff)
17:26 Changeset [167339] by roger_fong@apple.com

Snapshotted plugins may need to be restarted if style properties are changed after initial load of plugin.
https://bugs.webkit.org/show_bug.cgi?id=131553.
<rdar://problem/15443375>

Reviewed by Timothy Horton.

Test: plugins/snapshotting/set-plugin-size-to-tiny.html

When updating embedded objects during our post layout checks, check for certain style changes
that may result in the plugin needing to be restarted.

  • html/HTMLPlugInImageElement.h:

Add m_plugInDimensionsSpecified field to keep track of whether or not dimensions on the plugin’s renderer have been specified.

  • html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement):
Initialize m_plugInDimensionsSpecified.
(WebCore::isSmallerThanTinySizingThreshold):
Refactoring, move check for whether or not plugin is smaller than the tiny plugin size threshold to this method.
(WebCore::HTMLPlugInImageElement::isTopLevelFullPage):
Refactoring, move check for whether or not plugin is top level full page to this method.
(WebCore::HTMLPlugInImageElement::checkSnapshotStatus):
Use refactored checks here as well to determine whether or not we need to restart the snapshotted plugin.
(WebCore::HTMLPlugInImageElement::subframeLoaderWillCreatePlugIn): Use refactored checks.
If plugin dimensions were specified, set m_plugInDimensionsSpecified to true.

  • platform/mac-wk2/plugins/snapshotting/set-plugin-size-to-tiny-expected.txt: Added.
  • plugins/snapshotting/set-plugin-size-to-tiny.html: Added.
17:01 Changeset [167338] by akling@apple.com

[iOS WebKit2] Listen for system memory pressure notifications.
<https://webkit.org/b/131653>
<rdar://problem/16208123>

Reviewed by Antti Koivisto.

  • platform/cocoa/MemoryPressureHandlerCocoa.mm:

(WebCore::MemoryPressureHandler::install):

Use the right invocation to summon the memory pressure handler.

(WebCore::MemoryPressureHandler::install):
(WebCore::MemoryPressureHandler::uninstall):
(WebCore::MemoryPressureHandler::holdOff):
(WebCore::MemoryPressureHandler::respondToMemoryPressure):

Make stubbed out functions !PLATFORM(COCOA)

17:01 Changeset [167337] by fpizlo@apple.com

Update LLVM binary drops for Mountain Lion to LLVM r206312.

Rubber stamped by Geoffrey Garen.

  • LLVMIncludesMountainLion.tar.bz2:
  • LLVMLibrariesMountainLion.tar.bz2:
16:33 Changeset [167336] by fpizlo@apple.com

compileMakeRope does not emit necessary bounds checks
https://bugs.webkit.org/show_bug.cgi?id=130684
<rdar://problem/16398388>

Reviewed by Oliver Hunt.

Add string length bounds checks in a bunch of places. We should never allow a string
to have a length greater than 231-1 because it's not clear that the language has
semantics for it and because there is code that assumes that this cannot happen.

Also add a bunch of tests to that effect to cover the various ways in which this was
previously allowed to happen.

  • dfg/DFGOperations.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileMakeRope):

  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::LowerDFGToLLVM::compileMakeRope):

  • runtime/JSString.cpp:

(JSC::JSRopeString::RopeBuilder::expand):

  • runtime/JSString.h:

(JSC::JSString::create):
(JSC::JSRopeString::RopeBuilder::append):
(JSC::JSRopeString::RopeBuilder::release):
(JSC::JSRopeString::append):

  • runtime/Operations.h:

(JSC::jsString):
(JSC::jsStringFromRegisterArray):
(JSC::jsStringFromArguments):

  • runtime/StringPrototype.cpp:

(JSC::stringProtoFuncIndexOf):
(JSC::stringProtoFuncSlice):
(JSC::stringProtoFuncSubstring):
(JSC::stringProtoFuncToLowerCase):

  • tests/stress/make-large-string-jit-strcat.js: Added.

(foo):

  • tests/stress/make-large-string-jit.js: Added.

(foo):

  • tests/stress/make-large-string-strcat.js: Added.
  • tests/stress/make-large-string.js: Added.
16:25 Changeset [167335] by hyatt@apple.com

[New Multicolumn] Add support for column-span:all
https://bugs.webkit.org/show_bug.cgi?id=129330

Patch by Morten Stenshorne <mstensho@opera.com> on 2014-04-14
Reviewed by Dave Hyatt.

Source/WebCore:
Column spanners are implemented as siblings of RenderMultiColumnSet
objects (i.e. the regions for the column rows). This means that they
are pulled out from the flow thread tree where they would otherwise
live. This causes some complexity, most of which is contained within
the multicol code.

A placeholder is put in the flow thread tree where the spanner's
renderer would otherwise live. This is needed in order make sure that
we interrupt line layout before after the spanner. We also need this
to be able to switch from one multicol set to the next.

Some extra logic is required when dynamically inserting and removing
flow thread descendants now, because we need to figure out if the
renderer added should trigger creation of new multi column sets. If
a spanner is inserted in the middle of a multi column set, we need to
detect this, split the set and put the spanner in the middle.

Wrote a bunch of tests. A few of the tests were copied from existing
(old-impl) tests and put in a separate directory. That directory can
be wiped when we turn on the new multicol implementation by default.

Tests: fast/multicol/newmulticol/adjacent-spanners.html

fast/multicol/newmulticol/block-becomes-spanner.html
fast/multicol/newmulticol/change-spanner-display.html
fast/multicol/newmulticol/change-spanner-parent-display.html
fast/multicol/newmulticol/compare-with-old-impl/anonymous-block-split-crash.html
fast/multicol/newmulticol/compare-with-old-impl/before-child-anonymous-column-block.html
fast/multicol/newmulticol/compare-with-old-impl/clone-before-after-content-crash.html
fast/multicol/newmulticol/compare-with-old-impl/clone-block-children-inline-mismatch-crash.html
fast/multicol/newmulticol/compare-with-old-impl/clone-flexbox.html
fast/multicol/newmulticol/compare-with-old-impl/clone-summary.html
fast/multicol/newmulticol/compare-with-old-impl/column-span-inside-multicol-webkit-box.html
fast/multicol/newmulticol/compare-with-old-impl/continuation-crash.html
fast/multicol/newmulticol/compare-with-old-impl/double-merge-anonymous-block-crash.html
fast/multicol/newmulticol/compare-with-old-impl/empty-anonymous-block-split-crash.html
fast/multicol/newmulticol/compare-with-old-impl/float-not-removed-crash.html
fast/multicol/newmulticol/compare-with-old-impl/list-multi-column-crash.html
fast/multicol/newmulticol/compare-with-old-impl/positioned-child-not-removed-crash.html
fast/multicol/newmulticol/compare-with-old-impl/positioned-objects-not-removed-crash.html
fast/multicol/newmulticol/compare-with-old-impl/recursive-split-flow-crash.html
fast/multicol/newmulticol/compare-with-old-impl/removal-of-multicol-span-crash.html
fast/multicol/newmulticol/compare-with-old-impl/remove-child-split-flow-crash.html
fast/multicol/newmulticol/compare-with-old-impl/runin-continuation-crash.html
fast/multicol/newmulticol/compare-with-old-impl/span-as-immediate-child-complex-splitting.html
fast/multicol/newmulticol/compare-with-old-impl/span-as-nested-inline-block-child.html
fast/multicol/newmulticol/compare-with-old-impl/split-flow-anonymous-wrapper-crash.html
fast/multicol/newmulticol/compare-with-old-impl/split-inline-wrong-post-block-crash.html
fast/multicol/newmulticol/compare-with-old-impl/table-multi-column-crash.html
fast/multicol/newmulticol/compare-with-old-impl/textbox-not-removed-crash.html
fast/multicol/newmulticol/compare-with-old-impl/update-after-content-before-child-crash.html
fast/multicol/newmulticol/insert-row-content1.html
fast/multicol/newmulticol/insert-row-content2.html
fast/multicol/newmulticol/insert-row-content3.html
fast/multicol/newmulticol/insert-row-content4.html
fast/multicol/newmulticol/insert-row-content5.html
fast/multicol/newmulticol/insert-row-content6.html
fast/multicol/newmulticol/insert-row-content7.html
fast/multicol/newmulticol/insert-row-content8.html
fast/multicol/newmulticol/insert-row-content9.html
fast/multicol/newmulticol/insert-spanner-child1.html
fast/multicol/newmulticol/insert-spanner-child2.html
fast/multicol/newmulticol/insert-spanner-child3.html
fast/multicol/newmulticol/insert-spanner1.html
fast/multicol/newmulticol/insert-spanner2.html
fast/multicol/newmulticol/insert-spanner3.html
fast/multicol/newmulticol/insert-spanner4.html
fast/multicol/newmulticol/insert-spanner5.html
fast/multicol/newmulticol/insert-spanner6.html
fast/multicol/newmulticol/insert-spanner7.html
fast/multicol/newmulticol/insert-spanner8.html
fast/multicol/newmulticol/multicol-with-spanner-becomes-regular-block.html
fast/multicol/newmulticol/remove-row-content1.html
fast/multicol/newmulticol/remove-row-content2.html
fast/multicol/newmulticol/remove-row-content3.html
fast/multicol/newmulticol/remove-row-content4.html
fast/multicol/newmulticol/remove-row-content5.html
fast/multicol/newmulticol/remove-row-content6.html
fast/multicol/newmulticol/remove-row-content7.html
fast/multicol/newmulticol/remove-row-content8.html
fast/multicol/newmulticol/remove-row-content9.html
fast/multicol/newmulticol/remove-spanner1.html
fast/multicol/newmulticol/remove-spanner2.html
fast/multicol/newmulticol/remove-spanner3.html
fast/multicol/newmulticol/remove-spanner4.html
fast/multicol/newmulticol/remove-spanner5.html
fast/multicol/newmulticol/remove-spanner6.html
fast/multicol/newmulticol/sole-spanner.html
fast/multicol/newmulticol/span-between-text.html
fast/multicol/newmulticol/spanner-becomes-regular-block.html
fast/multicol/newmulticol/spanner-first.html
fast/multicol/newmulticol/spanner-img.html
fast/multicol/newmulticol/spanner-inline-block.html
fast/multicol/newmulticol/spanner-last.html
fast/multicol/newmulticol/spanner-nested-dynamic.html
fast/multicol/newmulticol/spanner-nested.html
fast/multicol/newmulticol/spanner-pseudo-after1.html
fast/multicol/newmulticol/spanner-pseudo-after2.html
fast/multicol/newmulticol/spanner-pseudo-after3.html
fast/multicol/newmulticol/spanner-pseudo-after4.html
fast/multicol/newmulticol/spanner-pseudo-before-after1.html
fast/multicol/newmulticol/spanner-pseudo-before-after2.html
fast/multicol/newmulticol/spanner-pseudo-before-after3.html
fast/multicol/newmulticol/spanner-pseudo-before-after4.html
fast/multicol/newmulticol/spanner-pseudo-before1.html
fast/multicol/newmulticol/spanner-pseudo-before2.html
fast/multicol/newmulticol/spanner-pseudo-before3.html
fast/multicol/newmulticol/spanner-pseudo-before4.html
fast/multicol/newmulticol/spanner-table.html
fast/multicol/newmulticol/spanner-with-margin.html
fast/multicol/newmulticol/spanner1.html
fast/multicol/newmulticol/spanner2.html
fast/multicol/newmulticol/spanner3.html
fast/multicol/newmulticol/spanner4.html
fast/multicol/newmulticol/spanner5.html
fast/multicol/newmulticol/spanner6.html
fast/multicol/newmulticol/spanner7.html
fast/multicol/newmulticol/spanner8.html
fast/multicol/newmulticol/spanner9.html
fast/multicol/newmulticol/trailing-margin-with-spanner.html
fast/multicol/newmulticol/trailing-margin-with-spanner2.html

  • CMakeLists.txt:
  • WebCore.vcxproj/WebCore.vcxproj:
  • WebCore.vcxproj/WebCore.vcxproj.filters:
  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::addChildIgnoringAnonymousColumnBlocks):
Disable the old anonymous multicol container and spanner anonymous
block generation machinery when the new multicol implementation is
enabled.

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::createMultiColumnFlowThread):
(WebCore::RenderBlockFlow::destroyMultiColumnFlowThread):
(WebCore::RenderBlockFlow::layoutBlockChild): Need to notify the
flow thread when a descendant's final position is known. Spanner
placeholders need to know where to terminate the column set that
it follows.
(WebCore::RenderBlockFlow::styleDidChange): Remove old code that
isn't needed anymore. The renderers in question (flow thread and
column sets) set display:block on themselves already. This code
caused problems for spanners, which got all their style wiped.
(WebCore::RenderBlockFlow::setMultiColumnFlowThread): If setting
the flow thread to nullptr, there's no need to create the "rare
data" structure.
(WebCore::RenderBlockFlow::relayoutForPagination):
(WebCore::RenderBlockFlow::layoutSpecialExcludedChild):
(WebCore::RenderBlockFlow::addChild): beforeChild is retrieved via
the DOM. If it is a spanner, we need to locate the placeholder
here, because that's the correct location to insert siblings,
DOM-wise.
(WebCore::RenderBlockFlow::removeChild): The multicol flow thread
needs to know when children disappear.
(WebCore::RenderBlockFlow::checkForPaginationLogicalHeightChange):
Don't modify the height back and forth when calculating the
multicol container's final height, as that messes up balancing.
(WebCore::RenderBlockFlow::insertedIntoTree): Deleted.
(WebCore::RenderBlockFlow::willBeDestroyed): Deleted.
(WebCore::RenderBlockFlow::styleWillChange): Deleted.
(WebCore::RenderBlockFlow::lineAtIndex): Deleted.

  • rendering/RenderBlockFlow.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::insertedIntoTree): Set up an element's
layer before notifying the flow thread. The multicol flow thread
may decide to move the element (if it's a spanner), which may
involve re-insertion of layers. Calling
RenderObject::insertedIntoTree() last instead of first also better
matches the order we used to have prior to the introduction of
RenderElement, FWIW.

  • rendering/RenderFlowThread.cpp:

(WebCore::RenderFlowThread::layout):
(WebCore::RenderFlowThread::removeRegionFromThread): Deleted.
(WebCore::RenderFlowThread::invalidateRegions): Deleted.

  • rendering/RenderFlowThread.h:
  • rendering/RenderMultiColumnFlowThread.cpp:

(WebCore::RenderMultiColumnFlowThread::RenderMultiColumnFlowThread):
(WebCore::RenderMultiColumnFlowThread::removeFlowChildInfo): When
a flow thread descendant is inserted, the multicol flow thread
needs to be notified.
(WebCore::RenderMultiColumnFlowThread::firstMultiColumnSet):
(WebCore::RenderMultiColumnFlowThread::lastMultiColumnSet):
(WebCore::RenderMultiColumnFlowThread::firstColumnSetOrSpanner):
(WebCore::RenderMultiColumnFlowThread::nextColumnSetOrSpannerSiblingOf):
(WebCore::RenderMultiColumnFlowThread::previousColumnSetOrSpannerSiblingOf):
(WebCore::RenderMultiColumnFlowThread::layout):
(WebCore::RenderMultiColumnFlowThread::findSetRendering):
(WebCore::RenderMultiColumnFlowThread::populate):
(WebCore::RenderMultiColumnFlowThread::evacuateAndDestroy):
(WebCore::RenderMultiColumnFlowThread::addRegionToThread):
(WebCore::RenderMultiColumnFlowThread::willBeRemovedFromTree):
Need to detach column sets here, since they have pointers to their
flow thread.
(WebCore::RenderMultiColumnFlowThread::resolveMovedChild):
(WebCore::isValidColumnSpanner):
(WebCore::RenderMultiColumnFlowThread::flowThreadDescendantInserted):
(WebCore::RenderMultiColumnFlowThread::flowThreadRelativeWillBeRemoved):
(WebCore::RenderMultiColumnFlowThread::flowThreadDescendantBoxLaidOut):
(WebCore::RenderMultiColumnFlowThread::autoGenerateRegionsToBlockOffset):
Nothing to be done here for the time being. Column sets are now
created during box creation. We are going to need to add some code
here again once multicol properly supports nested fragmentation
contexts (and you get adjacent column rows because of that).
(WebCore::RenderMultiColumnFlowThread::regionAtBlockOffset):
During layout, don't trust the region interval tree, as that one
depends on the resulting layout.
(WebCore::RenderMultiColumnFlowThread::setRegionRangeForBox): With
a convenience method to get the last column set, and column sets
now being created during normal box creation, this young method
needs an overhaul.
(WebCore::RenderMultiColumnFlowThread::setRegionRangeForBox):
(WebCore::RenderMultiColumnFlowThread::isPageLogicalHeightKnown):

  • rendering/RenderMultiColumnFlowThread.h:
  • rendering/RenderMultiColumnSet.cpp:

(WebCore::RenderMultiColumnSet::nextSiblingMultiColumnSet):
(WebCore::RenderMultiColumnSet::previousSiblingMultiColumnSet):
(WebCore::RenderMultiColumnSet::firstRendererInFlowThread):
(WebCore::RenderMultiColumnSet::lastRendererInFlowThread):
(WebCore::precedesRenderer):
(WebCore::RenderMultiColumnSet::containsRendererInFlowThread):
(WebCore::RenderMultiColumnSet::setLogicalTopInFlowThread):
(WebCore::RenderMultiColumnSet::setLogicalBottomInFlowThread):
(WebCore::RenderMultiColumnSet::pageLogicalTopForOffset):
(WebCore::RenderMultiColumnSet::distributeImplicitBreaks):
(WebCore::RenderMultiColumnSet::calculateBalancedHeight):
(WebCore::RenderMultiColumnSet::addForcedBreak):
(WebCore::RenderMultiColumnSet::recalculateColumnHeight):
Previously only needed if columns were to be balanced, now it's
also needed when not balancing.
(WebCore::RenderMultiColumnSet::recordSpaceShortage): Some layout
elements actually have 0 height. Skip them, since they're not
taking us anywhere.
(WebCore::RenderMultiColumnSet::updateLogicalWidth):
(WebCore::RenderMultiColumnSet::requiresBalancing): Column sets
now have individual balancing needs. If they precede a spanner,
they must always be balanced. For the last column set, see if
height is unspecified or column-fill is 'balance' (like before).
(WebCore::RenderMultiColumnSet::prepareForLayout):
(WebCore::RenderMultiColumnSet::beginFlow):
(WebCore::RenderMultiColumnSet::endFlow):
(WebCore::RenderMultiColumnSet::layout):
(WebCore::RenderMultiColumnSet::calculateMaxColumnHeight):
(WebCore::RenderMultiColumnSet::columnRectAt):
(WebCore::RenderMultiColumnSet::flowThreadPortionOverflowRect):
(WebCore::RenderMultiColumnSet::paintColumnRules):
(WebCore::RenderMultiColumnSet::initialBlockOffsetForPainting):
(WebCore::RenderMultiColumnSet::collectLayerFragments):
(WebCore::RenderMultiColumnSet::columnTranslationForOffset):
(WebCore::RenderMultiColumnSet::setAndConstrainColumnHeight): Deleted.
(WebCore::RenderMultiColumnSet::findRunWithTallestColumns): Deleted.
(WebCore::RenderMultiColumnSet::clearForcedBreaks): Deleted.
(WebCore::RenderMultiColumnSet::repaintFlowThreadContent): Deleted.

  • rendering/RenderMultiColumnSet.h:
  • rendering/RenderMultiColumnSpannerPlaceholder.cpp: Added.

(WebCore::RenderMultiColumnSpannerPlaceholder::createAnonymous):
(WebCore::RenderMultiColumnSpannerPlaceholder::RenderMultiColumnSpannerPlaceholder):
(WebCore::RenderMultiColumnSpannerPlaceholder::renderName):

  • rendering/RenderMultiColumnSpannerPlaceholder.h: Added.
  • rendering/RenderObject.cpp:

(WebCore::RenderObject::insertedIntoTree): Need to notify the
multicol flow thread when descendants are inserted. That may
trigger insertion of column sets, or, in the case of spanners,
they need to be moved out from the flow thread.

  • rendering/RenderObject.h:

(WebCore::RenderObject::isRenderMultiColumnSpannerPlaceholder):
(WebCore::RenderObject::isAnonymousBlock): Exclude column sets
here, so that they don't get involved in anonymous block merging
and other kinds of fun.

  • rendering/RenderRegion.h:
  • rendering/RenderRegionSet.h:

LayoutTests:
Wrote a bunch of tests. A few of the tests were copied from existing
(old-impl) tests and put in a separate directory. That directory can
be wiped when we turn on the new multicol implementation by default.

  • fast/multicol/newmulticol/adjacent-spanners-expected.html: Added.
  • fast/multicol/newmulticol/adjacent-spanners.html: Added.
  • fast/multicol/newmulticol/block-becomes-spanner-expected.html: Added.
  • fast/multicol/newmulticol/block-becomes-spanner.html: Added.
  • fast/multicol/newmulticol/change-spanner-display-expected.html: Added.
  • fast/multicol/newmulticol/change-spanner-display.html: Added.
  • fast/multicol/newmulticol/change-spanner-parent-display-expected.html: Added.
  • fast/multicol/newmulticol/change-spanner-parent-display.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/anonymous-block-split-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/anonymous-block-split-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/before-child-anonymous-column-block-expected.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/before-child-anonymous-column-block.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/clone-before-after-content-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/clone-before-after-content-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/clone-block-children-inline-mismatch-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/clone-block-children-inline-mismatch-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/clone-flexbox-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/clone-flexbox.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/clone-summary-expected.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/clone-summary.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/column-span-inside-multicol-webkit-box-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/column-span-inside-multicol-webkit-box.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/continuation-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/continuation-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/double-merge-anonymous-block-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/double-merge-anonymous-block-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/empty-anonymous-block-split-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/empty-anonymous-block-split-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/float-not-removed-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/float-not-removed-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/list-multi-column-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/list-multi-column-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/positioned-child-not-removed-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/positioned-child-not-removed-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/positioned-objects-not-removed-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/positioned-objects-not-removed-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/recursive-split-flow-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/recursive-split-flow-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/removal-of-multicol-span-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/removal-of-multicol-span-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/remove-child-split-flow-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/remove-child-split-flow-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/runin-continuation-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/runin-continuation-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/span-as-immediate-child-complex-splitting-expected.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/span-as-immediate-child-complex-splitting.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/span-as-nested-inline-block-child-expected.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/span-as-nested-inline-block-child.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/split-flow-anonymous-wrapper-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/split-flow-anonymous-wrapper-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/split-inline-wrong-post-block-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/split-inline-wrong-post-block-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/table-multi-column-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/table-multi-column-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/textbox-not-removed-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/textbox-not-removed-crash.html: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/update-after-content-before-child-crash-expected.txt: Added.
  • fast/multicol/newmulticol/compare-with-old-impl/update-after-content-before-child-crash.html: Added.
  • fast/multicol/newmulticol/insert-row-content1-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content1.html: Added.
  • fast/multicol/newmulticol/insert-row-content2-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content2.html: Added.
  • fast/multicol/newmulticol/insert-row-content3-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content3.html: Added.
  • fast/multicol/newmulticol/insert-row-content4-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content4.html: Added.
  • fast/multicol/newmulticol/insert-row-content5-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content5.html: Added.
  • fast/multicol/newmulticol/insert-row-content6-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content6.html: Added.
  • fast/multicol/newmulticol/insert-row-content7-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content7.html: Added.
  • fast/multicol/newmulticol/insert-row-content8-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content8.html: Added.
  • fast/multicol/newmulticol/insert-row-content9-expected.html: Added.
  • fast/multicol/newmulticol/insert-row-content9.html: Added.
  • fast/multicol/newmulticol/insert-spanner-child1-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner-child1.html: Added.
  • fast/multicol/newmulticol/insert-spanner-child2-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner-child2.html: Added.
  • fast/multicol/newmulticol/insert-spanner-child3-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner-child3.html: Added.
  • fast/multicol/newmulticol/insert-spanner1-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner1.html: Added.
  • fast/multicol/newmulticol/insert-spanner2-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner2.html: Added.
  • fast/multicol/newmulticol/insert-spanner3-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner3.html: Added.
  • fast/multicol/newmulticol/insert-spanner4-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner4.html: Added.
  • fast/multicol/newmulticol/insert-spanner5-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner5.html: Added.
  • fast/multicol/newmulticol/insert-spanner6-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner6.html: Added.
  • fast/multicol/newmulticol/insert-spanner7-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner7.html: Added.
  • fast/multicol/newmulticol/insert-spanner8-expected.html: Added.
  • fast/multicol/newmulticol/insert-spanner8.html: Added.
  • fast/multicol/newmulticol/multicol-with-spanner-becomes-regular-block-expected.html: Added.
  • fast/multicol/newmulticol/multicol-with-spanner-becomes-regular-block.html: Added.
  • fast/multicol/newmulticol/remove-row-content1-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content1.html: Added.
  • fast/multicol/newmulticol/remove-row-content2-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content2.html: Added.
  • fast/multicol/newmulticol/remove-row-content3-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content3.html: Added.
  • fast/multicol/newmulticol/remove-row-content4-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content4.html: Added.
  • fast/multicol/newmulticol/remove-row-content5-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content5.html: Added.
  • fast/multicol/newmulticol/remove-row-content6-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content6.html: Added.
  • fast/multicol/newmulticol/remove-row-content7-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content7.html: Added.
  • fast/multicol/newmulticol/remove-row-content8-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content8.html: Added.
  • fast/multicol/newmulticol/remove-row-content9-expected.html: Added.
  • fast/multicol/newmulticol/remove-row-content9.html: Added.
  • fast/multicol/newmulticol/remove-spanner1-expected.html: Added.
  • fast/multicol/newmulticol/remove-spanner1.html: Added.
  • fast/multicol/newmulticol/remove-spanner2-expected.html: Added.
  • fast/multicol/newmulticol/remove-spanner2.html: Added.
  • fast/multicol/newmulticol/remove-spanner3-expected.html: Added.
  • fast/multicol/newmulticol/remove-spanner3.html: Added.
  • fast/multicol/newmulticol/remove-spanner4-expected.html: Added.
  • fast/multicol/newmulticol/remove-spanner4.html: Added.
  • fast/multicol/newmulticol/remove-spanner5-expected.html: Added.
  • fast/multicol/newmulticol/remove-spanner5.html: Added.
  • fast/multicol/newmulticol/remove-spanner6-expected.html: Added.
  • fast/multicol/newmulticol/remove-spanner6.html: Added.
  • fast/multicol/newmulticol/sole-spanner-expected.html: Added.
  • fast/multicol/newmulticol/sole-spanner.html: Added.
  • fast/multicol/newmulticol/span-between-text-expected.html: Added.
  • fast/multicol/newmulticol/span-between-text.html: Added.
  • fast/multicol/newmulticol/spanner-becomes-regular-block-expected.html: Added.
  • fast/multicol/newmulticol/spanner-becomes-regular-block.html: Added.
  • fast/multicol/newmulticol/spanner-first-expected.html: Added.
  • fast/multicol/newmulticol/spanner-first.html: Added.
  • fast/multicol/newmulticol/spanner-img-expected.html: Added.
  • fast/multicol/newmulticol/spanner-img.html: Added.
  • fast/multicol/newmulticol/spanner-inline-block-expected.html: Added.
  • fast/multicol/newmulticol/spanner-inline-block.html: Added.
  • fast/multicol/newmulticol/spanner-last-expected.html: Added.
  • fast/multicol/newmulticol/spanner-last.html: Added.
  • fast/multicol/newmulticol/spanner-nested-dynamic-expected.html: Added.
  • fast/multicol/newmulticol/spanner-nested-dynamic.html: Added.
  • fast/multicol/newmulticol/spanner-nested-expected.html: Added.
  • fast/multicol/newmulticol/spanner-nested.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-after1-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-after1.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-after2-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-after2.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-after3-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-after3.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-after4-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-after4.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before-after1-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before-after1.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before-after2-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before-after2.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before-after3-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before-after3.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before-after4-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before-after4.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before1-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before1.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before2-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before2.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before3-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before3.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before4-expected.html: Added.
  • fast/multicol/newmulticol/spanner-pseudo-before4.html: Added.
  • fast/multicol/newmulticol/spanner-table-expected.html: Added.
  • fast/multicol/newmulticol/spanner-table.html: Added.
  • fast/multicol/newmulticol/spanner-with-margin-expected.html: Added.
  • fast/multicol/newmulticol/spanner-with-margin.html: Added.
  • fast/multicol/newmulticol/spanner1-expected.html: Added.
  • fast/multicol/newmulticol/spanner1.html: Added.
  • fast/multicol/newmulticol/spanner2-expected.html: Added.
  • fast/multicol/newmulticol/spanner2.html: Added.
  • fast/multicol/newmulticol/spanner3-expected.html: Added.
  • fast/multicol/newmulticol/spanner3.html: Added.
  • fast/multicol/newmulticol/spanner4-expected.html: Added.
  • fast/multicol/newmulticol/spanner4.html: Added.
  • fast/multicol/newmulticol/spanner5-expected.html: Added.
  • fast/multicol/newmulticol/spanner5.html: Added.
  • fast/multicol/newmulticol/spanner6-expected.html: Added.
  • fast/multicol/newmulticol/spanner6.html: Added.
  • fast/multicol/newmulticol/spanner7-expected.html: Added.
  • fast/multicol/newmulticol/spanner7.html: Added.
  • fast/multicol/newmulticol/spanner8-expected.html: Added.
  • fast/multicol/newmulticol/spanner8.html: Added.
  • fast/multicol/newmulticol/spanner9-expected.html: Added.
  • fast/multicol/newmulticol/spanner9.html: Added.
  • fast/multicol/newmulticol/trailing-margin-with-spanner-expected.html: Added.
  • fast/multicol/newmulticol/trailing-margin-with-spanner.html: Added.
  • fast/multicol/newmulticol/trailing-margin-with-spanner2-expected.html: Added.
  • fast/multicol/newmulticol/trailing-margin-with-spanner2.html: Added.
  • platform/gtk/fast/multicol/newmulticol/client-rects-expected.txt: Added.
16:25 Changeset [167334] by fpizlo@apple.com

Tools: Update LLVM export scrpt to handle the build directory being different from the
source directory.

Rubber stamped by Geoffrey Garen.

  • Scripts/export-llvm-build:

WebKitLibraries: Add LLVM binary drops for Mavericks using LLVM r206312.

Rubber stamped by Geoffrey Garen.

  • LLVMIncludesMavericks.tar.bz2: Added.
  • LLVMLibrariesMavericks.tar.bz2: Added.
16:21 Changeset [167333] by ap@apple.com

Update bug number in TestExpectations file.

16:19 Changeset [167332] by ap@apple.com

http/tests/websocket/tests/hybi/workers/close.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=131716

  • platform/mac/TestExpectations: Marking as such.
16:15 Changeset [167331] by ap@apple.com

transitions/cancel-transition.html is very flaky on Mac
https://bugs.webkit.org/show_bug.cgi?id=131715

  • platform/mac/TestExpectations: Marking as such.
16:14 April 2014 Meeting edited by ryuan.choi@samsung.com
Tried to fix broken image (diff)
16:11 April 2014 Meeting edited by ryuan.choi@samsung.com
(diff)
16:10 Apr2014WebKitMeetingGrp-small.jpg attached to April 2014 Meeting by ryuan.choi@samsung.com
16:05 Apr2014WebKitMeetingGrp.jpg attached to April 2014 Meeting by ryuan.choi@samsung.com
Lager image
16:05 Changeset [167330] by mitz@apple.com

Introduce API::FormClient
https://bugs.webkit.org/show_bug.cgi?id=131714

Reviewed by Tim Horton.

  • UIProcess/API/APIFormClient.h: Added.

(API::FormClient::~FormClient):
(API::FormClient::willSubmitForm):

  • UIProcess/API/C/WKPage.cpp:

(WKPageSetPageFormClient): Changed to create a WebFormClient and call
WebPageProxy::setFormClient.

  • UIProcess/WebFormClient.cpp:

(WebKit::WebFormClient::WebFormClient): Added a constructor from WKPageFormClientBase.

  • UIProcess/WebFormClient.h: Added inheritance from API::FormClient, marked overrides as

such.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::WebPageProxy): Initialize m_formClient member.
(WebKit::WebPageProxy::setFormClient): Added. Updates m_formClient.
(WebKit::WebPageProxy::close): Updated code to clear m_formClient.
(WebKit::WebPageProxy::willSubmitForm): Updated for type change.
(WebKit::WebPageProxy::initializeFormClient): Deleted.

  • UIProcess/WebPageProxy.h:
  • WebKit2.xcodeproj/project.pbxproj: Added reference to new file.
15:57 April 2014 Meeting edited by ryuan.choi@samsung.com
Added picture (diff)
15:56 webkit_contributors_meeting_2014.jpg attached to April 2014 Meeting by ryuan.choi@samsung.com
15:36 Changeset [167329] by commit-queue@webkit.org

Remove invalid sh4 specific code in JITInlines header.
https://bugs.webkit.org/show_bug.cgi?id=131692

Patch by Julien Brianceau <jbriance@cisco.com> on 2014-04-15
Reviewed by Geoffrey Garen.

  • jit/JITInlines.h:

(JSC::JIT::callOperation): Prototype is not F_JITOperation_EJJZ
anymore since r160244, so the sh4 specific code is invalid now
and has to be removed.

14:50 Changeset [167328] by mhahnenberg@apple.com

Fix precedence issue in JSCell:setRemembered

Rubber stamped by Filip Pizlo.

  • runtime/JSCell.h:

(JSC::JSCell::setRemembered):

14:37 Changeset [167327] by rniwa@webkit.org

Update the hyperlink to waterfall views of perf bots on build.webkit.org
https://bugs.webkit.org/show_bug.cgi?id=131695

Reviewed by Antti Koivisto.

Updated.

  • BuildSlaveSupport/build.webkit.org-config/templates/root.html:
14:05 Changeset [167326] by mhahnenberg@apple.com

Objective-C API external object graphs don't handle generational collection properly
https://bugs.webkit.org/show_bug.cgi?id=131634

Reviewed by Geoffrey Garen.

If the set of Objective-C objects transitively reachable through an object changes, we
need to update the set of opaque roots accordingly. If we don't, the next EdenCollection
won't rescan the external object graph, which would lead us to consider a newly allocated
JSManagedValue to be dead.

  • API/JSBase.cpp:

(JSSynchronousEdenCollectForDebugging):

  • API/JSVirtualMachine.mm:

(-[JSVirtualMachine initWithContextGroupRef:]):
(-[JSVirtualMachine dealloc]):
(-[JSVirtualMachine isOldExternalObject:]):
(-[JSVirtualMachine addExternalRememberedObject:]):
(-[JSVirtualMachine addManagedReference:withOwner:]):
(-[JSVirtualMachine removeManagedReference:withOwner:]):
(-[JSVirtualMachine externalRememberedSet]):
(scanExternalObjectGraph):
(scanExternalRememberedSet):

  • API/JSVirtualMachineInternal.h:
  • API/tests/testapi.mm:
  • heap/Heap.cpp:

(JSC::Heap::markRoots):

  • heap/Heap.h:

(JSC::Heap::slotVisitor):

  • heap/SlotVisitor.h:
  • heap/SlotVisitorInlines.h:

(JSC::SlotVisitor::containsOpaqueRoot):
(JSC::SlotVisitor::containsOpaqueRootTriState):

13:26 Changeset [167325] by fpizlo@apple.com

DFG IR should keep the data flow of doubles and int52's separate from the data flow of JSValue's
https://bugs.webkit.org/show_bug.cgi?id=131423

Reviewed by Geoffrey Garen.

This introduces more static typing into DFG IR. Previously we just had the notion of
JSValues and Storage. This was weird because doubles weren't always convertible to
JSValues, and Int52s weren't always convertible to either doubles or JSValues. We would
sort of insert explicit conversion nodes just for the places where we knew that an
implicit conversion wouldn't have been possible -- but there was no hard and fast rule so
we'd get bugs from forgetting to do the right conversion.

This patch introduces a hard and fast rule: doubles can never be implicitly converted to
anything but doubles, and likewise Int52's can never be implicitly converted. Conversion
nodes are used for all of the conversions. Int52Rep, DoubleRep, and ValueRep are the
conversions. They are like Identity but return the same value using a different
representation. Likewise, constants may now be represented using either JSConstant,
Int52Constant, or DoubleConstant. UseKinds have been adjusted accordingly, as well.
Int52RepUse and DoubleRepUse are node uses that mean "the node must be of Int52 (or
Double) type". They don't imply checks. There is also DoubleRepRealUse, which means that
we speculate DoubleReal and expect Double representation.

In addition to simplifying a bunch of rules in the IR and making the IR more verifiable,
this also makes it easier to introduce optimizations in the future. It's now possible for
AI to model when/how conversion take place. For example if doing a conversion results in
NaN sanitization, then AI can model this and can allow us to sink sanitizations. That's
what https://bugs.webkit.org/show_bug.cgi?id=131419 will be all about.

This was a big change, so I had to do some interesting things, like finally get rid of
the DFG's weird variadic template macro hacks and use real C++11 variadic templates. Also
the ByteCodeParser no longer emits Identity nodes since that was always pointless.

No performance change because this mostly just rationalizes preexisting behavior.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • assembler/MacroAssemblerX86.h:
  • bytecode/CodeBlock.cpp:
  • bytecode/CodeBlock.h:
  • dfg/DFGAbstractInterpreter.h:

(JSC::DFG::AbstractInterpreter::setBuiltInConstant):
(JSC::DFG::AbstractInterpreter::setConstant):

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGAbstractValue.cpp:

(JSC::DFG::AbstractValue::set):
(JSC::DFG::AbstractValue::fixTypeForRepresentation):
(JSC::DFG::AbstractValue::checkConsistency):

  • dfg/DFGAbstractValue.h:
  • dfg/DFGBackwardsPropagationPhase.cpp:

(JSC::DFG::BackwardsPropagationPhase::propagate):

  • dfg/DFGBasicBlock.h:
  • dfg/DFGBasicBlockInlines.h:

(JSC::DFG::BasicBlock::appendNode):
(JSC::DFG::BasicBlock::appendNonTerminal):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCSEPhase.cpp:

(JSC::DFG::CSEPhase::constantCSE):
(JSC::DFG::CSEPhase::performNodeCSE):
(JSC::DFG::CSEPhase::int32ToDoubleCSE): Deleted.

  • dfg/DFGCapabilities.h:
  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

  • dfg/DFGDCEPhase.cpp:

(JSC::DFG::DCEPhase::fixupBlock):

  • dfg/DFGEdge.h:

(JSC::DFG::Edge::willNotHaveCheck):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::run):
(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::fixupGetAndSetLocalsInBlock):
(JSC::DFG::FixupPhase::observeUseKindOnNode):
(JSC::DFG::FixupPhase::fixIntEdge):
(JSC::DFG::FixupPhase::attemptToMakeIntegerAdd):
(JSC::DFG::FixupPhase::injectTypeConversionsInBlock):
(JSC::DFG::FixupPhase::tryToRelaxRepresentation):
(JSC::DFG::FixupPhase::fixEdgeRepresentation):
(JSC::DFG::FixupPhase::injectTypeConversionsForEdge):
(JSC::DFG::FixupPhase::addRequiredPhantom):
(JSC::DFG::FixupPhase::addPhantomsIfNecessary):
(JSC::DFG::FixupPhase::clearPhantomsAtEnd):
(JSC::DFG::FixupPhase::fixupSetLocalsInBlock): Deleted.

  • dfg/DFGFlushFormat.h:

(JSC::DFG::resultFor):
(JSC::DFG::useKindFor):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::dump):

  • dfg/DFGGraph.h:

(JSC::DFG::Graph::addNode):

  • dfg/DFGInPlaceAbstractState.cpp:

(JSC::DFG::InPlaceAbstractState::initialize):

  • dfg/DFGInsertionSet.h:

(JSC::DFG::InsertionSet::insertNode):
(JSC::DFG::InsertionSet::insertConstant):
(JSC::DFG::InsertionSet::insertConstantForUse):

  • dfg/DFGIntegerCheckCombiningPhase.cpp:

(JSC::DFG::IntegerCheckCombiningPhase::insertAdd):
(JSC::DFG::IntegerCheckCombiningPhase::insertMustAdd):

  • dfg/DFGNode.cpp:

(JSC::DFG::Node::convertToIdentity):
(WTF::printInternal):

  • dfg/DFGNode.h:

(JSC::DFG::Node::Node):
(JSC::DFG::Node::setResult):
(JSC::DFG::Node::result):
(JSC::DFG::Node::isConstant):
(JSC::DFG::Node::hasConstant):
(JSC::DFG::Node::convertToConstant):
(JSC::DFG::Node::valueOfJSConstant):
(JSC::DFG::Node::hasResult):
(JSC::DFG::Node::hasInt32Result):
(JSC::DFG::Node::hasInt52Result):
(JSC::DFG::Node::hasNumberResult):
(JSC::DFG::Node::hasDoubleResult):
(JSC::DFG::Node::hasJSResult):
(JSC::DFG::Node::hasBooleanResult):
(JSC::DFG::Node::hasStorageResult):
(JSC::DFG::Node::defaultUseKind):
(JSC::DFG::Node::defaultEdge):
(JSC::DFG::Node::convertToIdentity): Deleted.

  • dfg/DFGNodeFlags.cpp:

(JSC::DFG::dumpNodeFlags):

  • dfg/DFGNodeFlags.h:

(JSC::DFG::canonicalResultRepresentation):

  • dfg/DFGNodeType.h:
  • dfg/DFGOSRExitCompiler32_64.cpp:

(JSC::DFG::OSRExitCompiler::compileExit):

  • dfg/DFGOSRExitCompiler64.cpp:

(JSC::DFG::OSRExitCompiler::compileExit):

  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGResurrectionForValidationPhase.cpp:

(JSC::DFG::ResurrectionForValidationPhase::run):

  • dfg/DFGSSAConversionPhase.cpp:

(JSC::DFG::SSAConversionPhase::run):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::SafeToExecuteEdge::operator()):
(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::silentSavePlanForGPR):
(JSC::DFG::SpeculativeJIT::silentSavePlanForFPR):
(JSC::DFG::SpeculativeJIT::silentFill):
(JSC::DFG::JSValueRegsTemporary::JSValueRegsTemporary):
(JSC::DFG::JSValueRegsTemporary::~JSValueRegsTemporary):
(JSC::DFG::JSValueRegsTemporary::regs):
(JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
(JSC::DFG::SpeculativeJIT::checkGeneratedTypeForToInt32):
(JSC::DFG::SpeculativeJIT::compileValueToInt32):
(JSC::DFG::SpeculativeJIT::compileDoubleRep):
(JSC::DFG::SpeculativeJIT::compileValueRep):
(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray):
(JSC::DFG::SpeculativeJIT::compileAdd):
(JSC::DFG::SpeculativeJIT::compileArithSub):
(JSC::DFG::SpeculativeJIT::compileArithNegate):
(JSC::DFG::SpeculativeJIT::compileArithMul):
(JSC::DFG::SpeculativeJIT::compileArithDiv):
(JSC::DFG::SpeculativeJIT::compileArithMod):
(JSC::DFG::SpeculativeJIT::compare):
(JSC::DFG::SpeculativeJIT::compileStrictEq):
(JSC::DFG::SpeculativeJIT::speculateNumber):
(JSC::DFG::SpeculativeJIT::speculateDoubleReal):
(JSC::DFG::SpeculativeJIT::speculate):
(JSC::DFG::SpeculativeJIT::compileInt32ToDouble): Deleted.
(JSC::DFG::SpeculativeJIT::speculateMachineInt): Deleted.
(JSC::DFG::SpeculativeJIT::speculateRealNumber): Deleted.

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::allocate):
(JSC::DFG::SpeculativeJIT::use):
(JSC::DFG::SpeculativeJIT::boxDouble):
(JSC::DFG::SpeculativeJIT::spill):
(JSC::DFG::SpeculativeJIT::jsValueResult):
(JSC::DFG::SpeculateInt52Operand::SpeculateInt52Operand):
(JSC::DFG::SpeculateStrictInt52Operand::SpeculateStrictInt52Operand):
(JSC::DFG::SpeculateWhicheverInt52Operand::SpeculateWhicheverInt52Operand):
(JSC::DFG::SpeculateDoubleOperand::SpeculateDoubleOperand):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::fillJSValue):
(JSC::DFG::SpeculativeJIT::fillSpeculateInt32Internal):
(JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
(JSC::DFG::SpeculativeJIT::fillSpeculateCell):
(JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::convertToDouble): Deleted.

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::fillJSValue):
(JSC::DFG::SpeculativeJIT::fillSpeculateInt32Internal):
(JSC::DFG::SpeculativeJIT::fillSpeculateInt52):
(JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
(JSC::DFG::SpeculativeJIT::fillSpeculateCell):
(JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::convertToDouble): Deleted.

  • dfg/DFGStrengthReductionPhase.cpp:

(JSC::DFG::StrengthReductionPhase::handleNode):

  • dfg/DFGUseKind.cpp:

(WTF::printInternal):

  • dfg/DFGUseKind.h:

(JSC::DFG::typeFilterFor):
(JSC::DFG::shouldNotHaveTypeCheck):
(JSC::DFG::mayHaveTypeCheck):
(JSC::DFG::isNumerical):
(JSC::DFG::isDouble):
(JSC::DFG::isCell):
(JSC::DFG::usesStructure):
(JSC::DFG::useKindForResult):

  • dfg/DFGValidate.cpp:

(JSC::DFG::Validate::validate):

  • dfg/DFGVariadicFunction.h: Removed.
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::LowerDFGToLLVM::createPhiVariables):
(JSC::FTL::LowerDFGToLLVM::compileNode):
(JSC::FTL::LowerDFGToLLVM::compileUpsilon):
(JSC::FTL::LowerDFGToLLVM::compilePhi):
(JSC::FTL::LowerDFGToLLVM::compileDoubleConstant):
(JSC::FTL::LowerDFGToLLVM::compileInt52Constant):
(JSC::FTL::LowerDFGToLLVM::compileWeakJSConstant):
(JSC::FTL::LowerDFGToLLVM::compileDoubleRep):
(JSC::FTL::LowerDFGToLLVM::compileValueRep):
(JSC::FTL::LowerDFGToLLVM::compileInt52Rep):
(JSC::FTL::LowerDFGToLLVM::compileValueToInt32):
(JSC::FTL::LowerDFGToLLVM::compileArithAddOrSub):
(JSC::FTL::LowerDFGToLLVM::compileArithMul):
(JSC::FTL::LowerDFGToLLVM::compileArithDiv):
(JSC::FTL::LowerDFGToLLVM::compileArithMod):
(JSC::FTL::LowerDFGToLLVM::compileArithMinOrMax):
(JSC::FTL::LowerDFGToLLVM::compileArithAbs):
(JSC::FTL::LowerDFGToLLVM::compileArithNegate):
(JSC::FTL::LowerDFGToLLVM::compilePutByVal):
(JSC::FTL::LowerDFGToLLVM::compileCompareEq):
(JSC::FTL::LowerDFGToLLVM::compileCompareStrictEq):
(JSC::FTL::LowerDFGToLLVM::compare):
(JSC::FTL::LowerDFGToLLVM::boolify):
(JSC::FTL::LowerDFGToLLVM::lowInt52):
(JSC::FTL::LowerDFGToLLVM::lowStrictInt52):
(JSC::FTL::LowerDFGToLLVM::lowWhicheverInt52):
(JSC::FTL::LowerDFGToLLVM::lowDouble):
(JSC::FTL::LowerDFGToLLVM::lowJSValue):
(JSC::FTL::LowerDFGToLLVM::strictInt52ToDouble):
(JSC::FTL::LowerDFGToLLVM::jsValueToDouble):
(JSC::FTL::LowerDFGToLLVM::speculate):
(JSC::FTL::LowerDFGToLLVM::speculateNumber):
(JSC::FTL::LowerDFGToLLVM::speculateDoubleReal):
(JSC::FTL::LowerDFGToLLVM::compileInt52ToValue): Deleted.
(JSC::FTL::LowerDFGToLLVM::compileInt32ToDouble): Deleted.
(JSC::FTL::LowerDFGToLLVM::setInt52WithStrictValue): Deleted.
(JSC::FTL::LowerDFGToLLVM::speculateRealNumber): Deleted.
(JSC::FTL::LowerDFGToLLVM::speculateMachineInt): Deleted.

  • ftl/FTLValueFormat.cpp:

(JSC::FTL::reboxAccordingToFormat):

  • jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::sanitizeDouble):

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::boxDouble):

13:23 Changeset [167324] by lforschler@apple.com

Merged r167273.

12:58 Changeset [167323] by lforschler@apple.com

Merged r167316.

12:49 Changeset [167322] by commit-queue@webkit.org

Unreviewed gardening.

Patch by Lorenzo Tilve <ltilve@igalia.com> on 2014-04-15

Corrected wrong js/regress/ path for js/slow-stress/emscripten-memops.html

  • platform/gtk/TestExpectations:

Updated expectation for passing on Release plugins/unavailable-plugin-indicator-obscurity.html

12:39 Changeset [167321] by lforschler@apple.com

Merged r167298.

12:35 Changeset [167320] by lforschler@apple.com

Merged r167274.

12:20 WebKitGTK/KeepingTheTreeGreen edited by ltilve@igalia.com
(diff)
11:53 Changeset [167319] by simon.fraser@apple.com

LayerTreeAsTextBehavior should be in the WebCore namespace
https://bugs.webkit.org/show_bug.cgi?id=131683

Reviewed by Andrei Bucur.

Move LayerTreeAsTextBehavior and the bit flags into the WebCore namespace.

  • platform/graphics/GraphicsLayer.cpp:

(showGraphicsLayerTree):

  • platform/graphics/GraphicsLayer.h:
11:51 Cleanroom implement CSS Custom Properties edited by rniwa@webkit.org
(diff)
11:47 Cleanroom implement CSS Custom Properties edited by rniwa@webkit.org
(diff)
11:42 Changeset [167318] by benjamin@webkit.org

ViewportConfiguration handles userZoom incorrectly
https://bugs.webkit.org/show_bug.cgi?id=131657

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-04-15
Reviewed by Darin Adler.

  • page/ViewportConfiguration.cpp:

(WebCore::viewportArgumentUserZoomIsSet):
(WebCore::ViewportConfiguration::updateConfiguration):
The other viewport values must be strictly positive, userZoom is always either zero, one or minus one.
As a result, the value zero was never set.

11:41 Cleanroom implement CSS Custom Properties edited by rniwa@webkit.org
(diff)
11:37 April 2014 Meeting edited by rniwa@webkit.org
Add a hyperlink to custom properties wiki (diff)
11:36 Cleanroom implement CSS Custom Properties edited by rniwa@webkit.org
(diff)
11:34 Cleanroom implement CSS Custom Properties edited by rniwa@webkit.org
(diff)
11:34 Cleanroom implement CSS Custom Properties edited by rniwa@webkit.org
(diff)
11:30 Cleanroom implement CSS Custom Properties created by rniwa@webkit.org
10:54 Changeset [167317] by lforschler@apple.com

Merged r166948.

10:53 Changeset [167316] by simon.fraser@apple.com

[iOS WK2] Pages often blank on first load if page loaded by typing the URL
https://bugs.webkit.org/show_bug.cgi?id=131665

Reviewed by Tim Horton.

The document overlay-related code in RemoteLayerTreeDrawingArea::setRootCompositingLayer()
was triggering a compositing layer flush when called with a null rootLayer, which happens
for pages going into the page cache. This would trigger a layer flush that would clobber
the root layer for the visible page, resulting in missing content.

Also, rebuildCompositingLayerTree() is called recursively and the m_documentOverlayRootLayer
was being added to (and then removed from) every single compositing layers.

Fix both these by changing to a pull model, where RenderLayerCompositor requests
the overlay layer via ChromeClient, and gets it at the end of every flush,
adding to the children of the root layer.

Source/WebCore:

  • WebCore.exp.in:
  • page/ChromeClient.h:

(WebCore::ChromeClient::documentOverlayLayerForFrame):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::RenderLayerCompositor):
(WebCore::RenderLayerCompositor::flushPendingLayerChanges): Put visibleRect
into a variable for ease of debugging.
(WebCore::RenderLayerCompositor::updateCompositingLayers): Asser
that we're not in the page cache (this would have caught the bug).
(WebCore::RenderLayerCompositor::appendOverlayLayers):
(WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
(WebCore::RenderLayerCompositor::setDocumentOverlayRootLayer): Deleted.

  • rendering/RenderLayerCompositor.h:

Source/WebKit2:

  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::documentOverlayLayerForFrame):

  • WebProcess/WebCoreSupport/WebChromeClient.h:
  • WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::setRootCompositingLayer):

10:52 Changeset [167315] by zoltan@webkit.org

[CSS Shapes] Linking stylesheet instead of inline style definition has ruined ShapesRegions test
https://bugs.webkit.org/show_bug.cgi?id=131572

Reviewed by Rob Buis.

In r167022 I moved the common CSS selectors into RegionsShapes.css, then I linked it into the perf test
files, but the measurement results dropped down from about 400ms to 10ms. I realized it's caused by the
linked css rule, so I've put the selectors back into every test case, which fixes the test measurements.

  • Layout/Shapes/resources/RegionsShapes.css: Removed.
  • Layout/Shapes/resources/RegionsShapesContent.html:
  • Layout/Shapes/resources/RegionsShapesContentNoRegionsWidth400.html:
  • Layout/Shapes/resources/RegionsShapesContentNoRegionsWidth600.html:
  • Layout/Shapes/resources/RegionsShapesContentNoRegionsWidth800.html:
  • Layout/Shapes/resources/RegionsShapesContentNoShapes.html:
10:51 Changeset [167314] by lforschler@apple.com

Versioning.

10:46 Changeset [167313] by commit-queue@webkit.org

Unreviewed, rolling out r167199 and r167251.
https://bugs.webkit.org/show_bug.cgi?id=131678

Caused a DYEBench regression and does not seem to improve perf
on relevant websites (Requested by rniwa on #webkit).

Reverted changesets:

"Rewrite Function.bind as a builtin"
https://bugs.webkit.org/show_bug.cgi?id=131083
http://trac.webkit.org/changeset/167199

"Update test result"
http://trac.webkit.org/changeset/167251

10:45 Changeset [167312] by lforschler@apple.com

New Tag.

09:51 WebKitGTK/KeepingTheTreeGreen edited by aperez@igalia.com
(diff)
09:44 April 2014 Meeting edited by sam@webkit.org
(diff)
09:40 Changeset [167311] by ap@apple.com

inspector/dom/content-flow-list.html and inspector/dom/content-flow-content-removal.html
flakily fail and assert
https://bugs.webkit.org/show_bug.cgi?id=131679

09:37 April 2014 Meeting edited by sam@webkit.org
(diff)
09:37 Changeset [167310] by ap@apple.com

inspector/dom/content-flow-list.html is flakily failing and asserting
https://bugs.webkit.org/show_bug.cgi?id=131679

09:29 Changeset [167309] by ap@apple.com

ScriptProcessorNode is garbage collected while still active if unreachable (breaks multiple webaudio test)
https://bugs.webkit.org/show_bug.cgi?id=112521

  • TestExpectations: Updated bug number, added webaudio/audioprocessingevent.html,

and removed a spurious additional webaudio/javascriptaudionode-downmix8-2channel-input.html line.

09:20 April 2014 Meeting edited by ddkilzer@webkit.org
(diff)
09:19 Changeset [167308] by gyuyoung.kim@samsung.com

Remove unnecessary null checking in NavigatorContentUtils
https://bugs.webkit.org/show_bug.cgi?id=131652

Reviewed by Darin Adler.

Some functions have checked if document is null. However, document is always not
null when frame is existed.

No new tests, no behavior changes.

  • Modules/navigatorcontentutils/NavigatorContentUtils.cpp:

(WebCore::NavigatorContentUtils::registerProtocolHandler):
(WebCore::NavigatorContentUtils::isProtocolHandlerRegistered):
(WebCore::NavigatorContentUtils::unregisterProtocolHandler):

09:16 Changeset [167307] by timothy@apple.com

Web Inspector: CodeMirror LICENSE is not properly added to combined files
https://bugs.webkit.org/show_bug.cgi?id=131674

Reviewed by Darin Adler.

  • Scripts/copy-user-interface-resources.pl: Use $CODE_MIRROR_LICENSE instead

for CodeMirror.css and CodeMirror.js.

06:13 Changeset [167306] by carlosgc@webkit.org

[GTK] Reduce the binary size by compressing the text based web inspector resources
https://bugs.webkit.org/show_bug.cgi?id=121545

Reviewed by Gustavo Noronha Silva.

Compress text based files when compiling inspector resources. It
reduces the binary size in 3MB.

  • gtk/generate-inspector-gresource-manifest.py:

(find_all_files_in_directory):
(is_compressible):

06:01 Changeset [167305] by jinwoo7.song@samsung.com

[EFL][WK2] Pass Mouse movement data to WebMouseEvent
https://bugs.webkit.org/show_bug.cgi?id=131663

Reviewed by Gyuyoung Kim.

Currently mouse movement data are not passed to WebMouseEvent. Instead, they are set to 0 as default.
EFL port needs to send the deltaX and deltaY for PointerLock API which will be implemented later.

  • Shared/efl/WebEventFactory.cpp:

(WebKit::WebEventFactory::createWebMouseEvent):

04:00 WebKitGTK/KeepingTheTreeGreen edited by dpino@igalia.com
(diff)
00:40 Changeset [167304] by ap@apple.com

[Mac] compositing/repaint/positioned-movement.html flaky, missing repaint
https://bugs.webkit.org/show_bug.cgi?id=118153

  • platform/mac-wk2/TestExpectations:
  • platform/mac/TestExpectations:

Moved the flaky expectation to also apply to WebKit1.

00:32 Changeset [167303] by commit-queue@webkit.org

Unreviewed, rolling out r167298.
https://bugs.webkit.org/show_bug.cgi?id=131670

Broke CSS filters (17 test crashes) (Requested by ap on
#webkit).

Reverted changeset:

"[iOS WK2] Pages often blank on first load if page loaded by
typing the URL"
https://bugs.webkit.org/show_bug.cgi?id=131665
http://trac.webkit.org/changeset/167298

04/14/14:

23:57 Changeset [167302] by psolanki@apple.com

Unreviewed. Attempt to fix Windows build after r167277.

  • page/FrameView.cpp:

(WebCore::FrameView::willPaintContents):

23:51 Changeset [167301] by ap@apple.com

Remove Gtk WebKit1 tester.

Gtk WebKit1 port no longer exists, and dashboard was trying to load its tester
results over and over as fast as it could.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/WebKitBuildbot.js:

(WebKitBuildbot):

23:40 Changeset [167300] by ap@apple.com

Wrong link for webkitpy tests results in dashboard popover
https://bugs.webkit.org/show_bug.cgi?id=131664

Reviewed by Timothy Hatcher.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotTesterQueueView.js:

(BuildbotTesterQueueView.prototype._presentPopoverForMultipleFailureKinds):
Use a correct link.

23:24 Changeset [167299] by commit-queue@webkit.org

Unreviewed, rolling out r167261.
https://bugs.webkit.org/show_bug.cgi?id=131667

broke many navigation tests (Requested by ap on #webkit).

Reverted changeset:

"Web Replay: memoize fallback time values for
document.lastModified"
https://bugs.webkit.org/show_bug.cgi?id=131318
http://trac.webkit.org/changeset/167261

23:13 Changeset [167298] by simon.fraser@apple.com

[iOS WK2] Pages often blank on first load if page loaded by typing the URL
https://bugs.webkit.org/show_bug.cgi?id=131665

Reviewed by Tim Horton.

The document overlay-related code in RemoteLayerTreeDrawingArea::setRootCompositingLayer()
was triggering a compositing layer flush when called with a null rootLayer, which happens
for pages going into the page cache. This would trigger a layer flush that would clobber
the root layer for the visible page, resulting in missing content.

Also, rebuildCompositingLayerTree() is called recursively and the m_documentOverlayRootLayer
was being added to (and then removed from) every single compositing layers.

Fix both these by changing to a pull model, where RenderLayerCompositor requests
the overlay layer via ChromeClient, and gets it at the end of every flush,
adding to the children of the root layer.

Source/WebCore:

  • WebCore.exp.in:
  • page/ChromeClient.h:

(WebCore::ChromeClient::documentOverlayLayerForFrame):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::RenderLayerCompositor):
(WebCore::RenderLayerCompositor::flushPendingLayerChanges): Put visibleRect
into a variable for ease of debugging.
(WebCore::RenderLayerCompositor::updateCompositingLayers): Asser
that we're not in the page cache (this would have caught the bug).
(WebCore::RenderLayerCompositor::appendOverlayLayers):
(WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
(WebCore::RenderLayerCompositor::setDocumentOverlayRootLayer): Deleted.

  • rendering/RenderLayerCompositor.h:

Source/WebKit2:

  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::documentOverlayLayerForFrame):

  • WebProcess/WebCoreSupport/WebChromeClient.h:
  • WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::setRootCompositingLayer):

23:13 Changeset [167297] by commit-queue@webkit.org

Unreviewed, rolling out r167272.
https://bugs.webkit.org/show_bug.cgi?id=131666

Broke multiple tests (Requested by ap on #webkit).

Reverted changeset:

"Function.bind itself is too slow"
https://bugs.webkit.org/show_bug.cgi?id=131636
http://trac.webkit.org/changeset/167272

22:47 Changeset [167296] by ap@apple.com

Update webkitpy regression test result that started to fail after http://trac.webkit.org/r167243

I'm not sure whether the changes are desirable, but am not suspicious enough to roll out.

  • Scripts/webkitpy/common/checkout/checkout_unittest.py:

(CommitMessageForThisCommitTest):

22:23 Changeset [167295] by jhoneycutt@apple.com

Assertion failure under FEImage::determineAbsolutePaintRect()

<https://bugs.webkit.org/show_bug.cgi?id=131660>
<rdar://problem/15669294>

Source/WebCore:
This patch merges Chromium r149536 (see
<https://chromiumcodereview.appspot.com/14701012>), which moves
m_absoluteTransform out of SVGFilter and into the base Filter class, so
that it isn't necessary to cast a Filter to SVGFilter to get the
absolute transform.

Reviewed by Geoffrey Garen.

Test: svg/filters/feImage-filter-assertion.html

  • platform/graphics/filters/Filter.h:

(WebCore::Filter::Filter):
Changed to take the absolute transform.
(WebCore::Filter::absoluteTransform):
Moved from SVGFilter.
(WebCore::Filter::mapAbsolutePointToLocalPoint):
Ditto.

  • rendering/FilterEffectRenderer.cpp:

(WebCore::FilterEffectRenderer::FilterEffectRenderer):
Pass a default AffineTransform() to the Filter base class.

  • svg/graphics/filters/SVGFEImage.cpp:

(WebCore::FEImage::determineAbsolutePaintRect):
Use the Filter without casting it to SVGFilter.
(WebCore::FEImage::platformApplySoftware):
Ditto.

  • svg/graphics/filters/SVGFilter.cpp:

(WebCore::SVGFilter::SVGFilter):
Pass the transform to the base class, and remove initialization of a
removed member var.

  • svg/graphics/filters/SVGFilter.h:

Member var moved to Filter.h.

LayoutTests:
Reviewed by Geoffrey Garen.

  • svg/filters/feImage-filter-assertion-expected.txt: Added.
  • svg/filters/feImage-filter-assertion.html: Added.
22:01 April 2014 Meeting edited by simon.pena@samsung.com
(diff)
21:31 Changeset [167294] by commit-queue@webkit.org

Update to CodeMirror 4.0.
https://bugs.webkit.org/show_bug.cgi?id=130019

The CodeMirror 4.0 library adds multiple selections and the ability to
undo/redo selections. Selections are made by holding the Command (Cmd) key
and clicking into an editor, or by holding Option (Alt) and making a block
selection followed by entering a character or moving the cursor.

Patch by Jono Wells <jonowells@apple.com> on 2014-04-14
Reviewed by Timothy Hatcher.

  • Scripts/update-codemirror-resources.rb:
  • Scripts/update-pretty-printer.rb:

Update scripts to reflect updated locations for CodeMirror files.
No longer copies LESS mode file as this has been integrated into CSS mode
in CodeMirror 4.0.

  • Tools/PrettyPrinting/codemirror.css:
  • Tools/PrettyPrinting/codemirror.js:
  • Tools/PrettyPrinting/css.js:
  • Tools/PrettyPrinting/javascript.js:
  • UserInterface/External/CodeMirror/clojure.js:
  • UserInterface/External/CodeMirror/closebrackets.js:
  • UserInterface/External/CodeMirror/codemirror.css:
  • UserInterface/External/CodeMirror/codemirror.js:
  • UserInterface/External/CodeMirror/coffeescript.js:
  • UserInterface/External/CodeMirror/comment.js:
  • UserInterface/External/CodeMirror/css.js:
  • UserInterface/External/CodeMirror/htmlmixed.js:
  • UserInterface/External/CodeMirror/javascript.js:
  • UserInterface/External/CodeMirror/livescript.js:
  • UserInterface/External/CodeMirror/matchbrackets.js:
  • UserInterface/External/CodeMirror/overlay.js:
  • UserInterface/External/CodeMirror/placeholder.js:
  • UserInterface/External/CodeMirror/runmode.js:
  • UserInterface/External/CodeMirror/sass.js:
  • UserInterface/External/CodeMirror/searchcursor.js:
  • UserInterface/External/CodeMirror/sql.js:
  • UserInterface/External/CodeMirror/xml.js:

Update to CodeMirror 4.0.

  • UserInterface/Main.html: Remove less.js which is now part of css.js.
  • UserInterface/Views/CSSStyleDeclarationTextEditor.css:
  • UserInterface/Views/CSSStyleDeclarationTextEditor.js:

(WebInspector.CSSStyleDeclarationTextEditor.prototype.):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createColorSwatches):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._updateJumpToSymbolTrackingMode):

  • UserInterface/Views/SyntaxHighlightingDefaultTheme.css:

Update styles to match CodeMirror changes. Update CSSStyleDeclarationTextEditor.js
to match CodeMirror API updates (doc.removeLine() has been removed, so
replaceRange() is used instead). Also the tokenTrackingController is now enabled in the
CSSStyleDeclarationTextEditor and SourceCodeTextEditor when the Option (Alt) key
is pressed instead of the Command (Cmd) key so as not to conflict with multiple
cursor placement in the CodeMirror update.

20:53 Changeset [167293] by ggaren@apple.com

ASSERT when firing low memory warning
https://bugs.webkit.org/show_bug.cgi?id=131659

Reviewed by Mark Hahnenberg.

  • heap/Heap.cpp:

(JSC::Heap::deleteAllCompiledCode): Allow deleteAllCompiledCode to be
called when no GC is happening because that is what we do when a low
memory warning fires, and it is harmless.

20:52 Changeset [167292] by ggaren@apple.com

MallocBench should scavenge explicitly instead of waiting
https://bugs.webkit.org/show_bug.cgi?id=131661

Reviewed by Andreas Kling.

PerformanceTests:

  • MallocBench/MallocBench.xcodeproj/project.pbxproj: Don't build mbmalloc

by default because it will overwrite any other mbmalloc you're working
with in the WebKitBuild directory.

  • MallocBench/MallocBench/Benchmark.cpp:

(Benchmark::run): Scavenge explicitly instead of waiting. This is faster,
and it's the only way to get FastMalloc to scavenge. (That's a bug in
FastMalloc, but we don't want it to interfere with broader testing.)

  • MallocBench/MallocBench/mbmalloc.cpp:
  • MallocBench/MallocBench/mbmalloc.h: Added a scavenge implementation

for system malloc.

Source/bmalloc:
Added explicit scavenge support to bmalloc. This isn't a memory win,
since bmalloc's per-thread cache is so small. But it makes testing
simpler.

  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::~Allocator):
(bmalloc::Allocator::scavenge):

  • bmalloc/Allocator.h:
  • bmalloc/Cache.cpp:

(bmalloc::Cache::operator new):
(bmalloc::Cache::operator delete):
(bmalloc::Cache::Cache):
(bmalloc::Cache::scavenge):

  • bmalloc/Cache.h:
  • bmalloc/Deallocator.cpp:

(bmalloc::Deallocator::~Deallocator):
(bmalloc::Deallocator::scavenge):

  • bmalloc/Deallocator.h: Factored existing scavenging code into helper

functions, for reuse.

  • bmalloc/Heap.cpp:

(bmalloc::sleep):
(bmalloc::Heap::concurrentScavenge):
(bmalloc::Heap::scavenge):
(bmalloc::Heap::scavengeSmallPages):
(bmalloc::Heap::scavengeMediumPages):
(bmalloc::Heap::scavengeLargeRanges):

  • bmalloc/Heap.h: Made scavenge sleep duration a parameter. Forced

scavenging -- in response to a benchmark or a low memory warning --
wants to complete as soon as possible, so its sleep duration is 0.

  • bmalloc/bmalloc.h:

(bmalloc::api::scavenge):

  • bmalloc/mbmalloc.cpp: Exported the scavenge API for MallocBench's use.
20:06 Changeset [167291] by darin@apple.com

REGRESSION (r158617): Find on Page can get stuck in a loop when the search string occurs in an <input> in a <fieldset>
https://bugs.webkit.org/show_bug.cgi?id=126322

Reviewed by Ryosuke Niwa.

One additional tweak to the fix for the bug above.
Fixes crash in editing/editability/ignored-content.html test.

  • html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::canContainRangeEndPoint): Call through to
HTMLElement::canContainRangeEndPoint, bypassing HTMLPlugInElement override
that always returns false. Without this change, this function was always
returning false.

19:54 Changeset [167290] by simon.fraser@apple.com

Crash in TileController::tileRevalidationTimerFired
https://bugs.webkit.org/show_bug.cgi?id=131656
<rdar://problem/16583166>

Reviewed by Sam Weinig.

It's possible for the TileController revalidation timer to fire after
the GraphicsLayer has been destroyed, so the PlatformCALayer no longer
has an owningGraphicsLayer.

Bail from the timer callback if owningGraphicsLayer() is null.

Also some drive-by 0 -> nullptr changes.

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::willBeDestroyed):

  • platform/graphics/ca/PlatformCALayer.cpp:

(WebCore::PlatformCALayer::~PlatformCALayer):

  • platform/graphics/ca/mac/TileController.mm:

(WebCore::TileController::tileRevalidationTimerFired):

19:44 Changeset [167289] by ggaren@apple.com

Use 4kB pages on Mac
https://bugs.webkit.org/show_bug.cgi?id=131658

Reviewed by Sam Weinig.

This reduces memory use a lot on Membuster:

base patch Δ

Execution Time:

reddit_memory_warning 18ms 17ms 1.06x faster
flickr_memory_warning 34ms 36ms ! 1.06x slower
theverge_memory_warning 39ms 41ms ! 1.05x slower

<geometric mean> 29ms 29ms ! 1.02x slower
<arithmetic mean> 30ms 31ms ! 1.03x slower
<harmonic mean> 27ms 27ms 1.0x faster

Peak Memory:

reddit_memory_warning 16,412kB 16,436kB ! 1.0x bigger
flickr_memory_warning 30,120kB 30,184kB ! 1.0x bigger
theverge_memory_warning 33,408kB 33,420kB ! 1.0x bigger

<geometric mean> 25,466kB 25,499kB ! 1.0x bigger
<arithmetic mean> 26,647kB 26,680kB ! 1.0x bigger
<harmonic mean> 24,181kB 24,214kB ! 1.0x bigger

Memory at End:

reddit_memory_warning 2,404kB 1,920kB 1.25x smaller
flickr_memory_warning 3,764kB 3,072kB
1.23x smaller
theverge_memory_warning 3,648kB 3,132kB 1.16x smaller

<geometric mean> 3,208kB 2,644kB 1.21x smaller
<arithmetic mean> 3,272kB 2,708kB
1.21x smaller
<harmonic mean> 3,139kB 2,574kB 1.22x smaller

  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/BPlatform.h: Added.
  • bmalloc/VMAllocate.h: Only use 16kB pages on iOS because the page size

is 4kB on Mac.

19:32 April 2014 Meeting edited by simon.fraser@apple.com
(diff)
19:20 Changeset [167288] by mhahnenberg@apple.com

emit_op_put_by_id should not emit a write barrier that filters on value
https://bugs.webkit.org/show_bug.cgi?id=131654

Reviewed by Filip Pizlo.

The 32-bit implementation does this, and it can cause crashes if we later repatch the
code to allocate and store new Butterflies.

  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitWriteBarrier): We also weren't verifying that the base was a cell on
32-bit if we were passed ShouldFilterBase. I also took the liberty of sinking the tag
load down into the if statement so that we don't do it if we're not filtering on the value.

  • jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::emit_op_put_by_id):

19:03 April 2014 Meeting edited by sam@webkit.org
(diff)
19:02 April 2014 Meeting edited by sam@webkit.org
(diff)
19:00 April 2014 Meeting edited by sam@webkit.org
(diff)
17:55 Changeset [167287] by timothy_horton@apple.com

Fix the 32-bit build.

  • UIProcess/mac/ViewGestureControllerMac.mm:
17:47 Changeset [167286] by simon.fraser@apple.com

REGRESSION (WebKit2): Programmatic scrolls in overflow-scrolling:touch don't work
https://bugs.webkit.org/show_bug.cgi?id=131649

Reviewed by Tim Horton.

Update the UIScrollView's contentOffset when we're told that the scroll position
changed.

Also refactor slightly to have a single exception-protected block.

  • UIProcess/Scrolling/ios/ScrollingTreeOverflowScrollingNodeIOS.mm:

(WebKit::ScrollingTreeOverflowScrollingNodeIOS::updateAfterChildren):

17:47 Changeset [167285] by timothy_horton@apple.com

Fix the 32-bit build.

  • UIProcess/mac/ViewGestureControllerMac.mm:
17:41 Changeset [167284] by timothy_horton@apple.com

Sometimes-crash under handleSwipeGesture after closing a window or quitting
https://bugs.webkit.org/show_bug.cgi?id=131648
<rdar://problem/15966106>

Reviewed by Simon Fraser.

  • UIProcess/mac/ViewGestureController.h:
  • UIProcess/mac/ViewGestureControllerMac.mm:

(WebKit::ViewGestureController::~ViewGestureController):
(WebKit::ViewGestureController::trackSwipeGesture):
Keep a Objective C object with a single boolean property, isCancelled, on
the ViewGestureController, and also retained by the swipe-tracking block.
When the ViewGestureController is destroyed, we set isCancelled to YES,
and the next time the block is invoked, we will cancel the swipe without
touching the destroyed ViewGestureController.

(WebKit::ViewGestureController::handleSwipeGesture):
Don't try to handle a swipe gesture if the drawing area is missing.

(WebKit::ViewGestureController::endSwipeGesture):
Clear the swipe cancellation tracker when the gesture completes.

17:27 Changeset [167283] by bjonesbe@adobe.com

[CSS Shapes] Remove some leftover shape-inside code
https://bugs.webkit.org/show_bug.cgi?id=131641

Reviewed by Dean Jackson.

I discovered that some code had been leftover from the shape-inside
removal. This removes that leftover code.

No new tests, no behavior change.

  • platform/text/BidiResolver.h:
  • rendering/BidiRun.cpp:

(WebCore::BidiRun::BidiRun):

  • rendering/RenderBlockFlow.h:
  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::createLineBoxes):
(WebCore::RenderBlockFlow::constructLine):
(WebCore::computeExpansionForJustifiedText):
(WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):

17:14 Changeset [167282] by jer.noble@apple.com

[MSE][Mac] video.currentTime is sometimes negative.
https://bugs.webkit.org/show_bug.cgi?id=131644

Reviewed by Eric Carlson.

AVSampleBufferRenderSynchronizer will occasionally return slightly negative values
when beginning playback. Clamp the return value to 0.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::currentTimeDouble):

17:07 Changeset [167281] by bjonesbe@adobe.com

[CSSExclusions] Remove FIXME referencing closed bug
https://bugs.webkit.org/show_bug.cgi?id=131645

Reviewed by Dean Jackson.

This is silly, but the comment is really confusing as it's entirely
wrong now.

No new tests, no behavior change.

  • rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::changeRequiresRepaint):

17:06 April 2014 Meeting edited by akling@apple.com
(diff)
16:47 Changeset [167280] by enrica@apple.com

REGRESSION(r166027) Menu is shown and immediately hidden after doubletap gesture.
https://bugs.webkit.org/show_bug.cgi?id=131646
<rdar://problem/16614374>

Reviewed by Benjamin Poulain.

This is a problem with every gesture that changes the selection
We don't need to delay updating the selection if the selection is
being changed with a gesture.

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _didUpdateBlockSelectionWithTouch:withFlags:growThreshold:shrinkThreshold:]):
(-[WKContentView changeSelectionWithGestureAt:withGesture:withState:]):
(-[WKContentView changeSelectionWithTouchAt:withSelectionTouch:baseIsStart:]):
(-[WKContentView changeSelectionWithTouchesFrom:to:withGesture:withState:]):
(-[WKContentView changeBlockSelectionWithTouchAt:withSelectionTouch:forHandle:]):
(-[WKContentView _selectionChanged]):

16:38 April 2014 Meeting edited by abucur@adobe.com
(diff)
16:22 Changeset [167279] by akling@apple.com

Build fixage.

  • page/FrameView.cpp:
16:14 April 2014 Meeting edited by rniwa@webkit.org
(diff)
16:08 Changeset [167278] by jhoneycutt@apple.com
Assertion failure !node
node->isElementNode() in

WebCore::RenderBlock::inlineElementContinuation

https://bugs.webkit.org/show_bug.cgi?id=108829
<rdar://problem/13666405>

I can't reproduce this assertion failure, but there seems to be an
invalid assumption in RenderBlock::inlineElementContinuation() that
anything with the "isInline()" bit set is a RenderInline.

No new test because the test case in the bug does not repro for me.

Reviewed by Brent Fulgham.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::inlineElementContinuation):
Dave Hyatt says that this function should only return RenderInline
objects (not non-RenderInline inline objects), so update the checks
from isInline() to isRenderInline() before casting with
toRenderInline().

  • rendering/RenderInline.cpp:

(WebCore::RenderInline::inlineElementContinuation):
Ditto.

16:08 April 2014 Meeting edited by rniwa@webkit.org
(diff)
16:03 Changeset [167277] by akling@apple.com

Do more things under memory pressure on non-iOS platforms.
<https://webkit.org/b/131625>

Reviewed by Antti Koivisto.

Rename hasReceivedMemoryPressure() to isUnderMemoryPressure() and
make it use std::atomic<bool> instead of OSAtomic primitives.

Unmask most of the PLATFORM(IOS) blocks so all platforms can take
advantage of optimizations done while under pressure. Note that
isUnderMemoryPressure() will still always return false on platforms
other than iOS/WK1, but this will change soon.

  • history/PageCache.cpp:

(WebCore::PageCache::canCache):

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad):

  • page/FrameView.cpp:

(WebCore::FrameView::willPaintContents):
(WebCore::FrameView::didPaintContents):

  • platform/MemoryPressureHandler.cpp:

(WebCore::MemoryPressureHandler::MemoryPressureHandler):

  • platform/MemoryPressureHandler.h:

(WebCore::MemoryPressureHandler::isUnderMemoryPressure):

  • platform/cocoa/MemoryPressureHandlerCocoa.mm:

(WebCore::MemoryPressureHandler::setReceivedMemoryPressure):
(WebCore::MemoryPressureHandler::clearMemoryPressure):
(WebCore::MemoryPressureHandler::respondToMemoryPressureIfNeeded):
(WebCore::MemoryPressureHandler::hasReceivedMemoryPressure): Deleted.

  • platform/graphics/FontCache.cpp:

(WebCore::FontCache::purgeInactiveFontDataIfNeeded):

  • platform/ios/LegacyTileCache.mm:

(WebCore::LegacyTileCache::createTilesInActiveGrid):

  • platform/ios/LegacyTileGrid.mm:

(WebCore::LegacyTileGrid::shouldUseMinimalTileCoverage):

  • platform/ios/LegacyTileLayerPool.mm:

(WebCore::LegacyTileLayerPool::addLayer):

  • platform/ios/TileControllerMemoryHandlerIOS.cpp:

(WebCore::TileControllerMemoryHandler::tileControllerGainedUnparentedTiles):

15:52 April 2014 Meeting edited by simon.fraser@apple.com
(diff)
15:46 Changeset [167276] by mitz@apple.com

Let the bundle form client know whether a change in a text field was initiated by user typing
https://bugs.webkit.org/show_bug.cgi?id=131643

Reviewed by Sam Weinig.

  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFormDelegatePrivate.h: Added

initiatedByUserTyping parameter to the delegate method.

  • WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:

(-[WKWebProcessPlugInBrowserContextController _setFormDelegate:]): Updated overload of
textDidChangeInTextField to take the initiatedByUserTyping parameter and pass it along to
the delegate.

  • WebProcess/InjectedBundle/APIInjectedBundleFormClient.h:

(API::InjectedBundle::FormClient::textDidChangeInTextField): Added initiatedByUserTyping
parameter.

  • WebProcess/InjectedBundle/InjectedBundlePageFormClient.cpp:

(WebKit::InjectedBundlePageFormClient::textDidChangeInTextField): Maintained the existing
behavior of not calling the C SPI client if the change was not initiated by user typing.

  • WebProcess/InjectedBundle/InjectedBundlePageFormClient.h: Updated for added parameter.
  • WebProcess/WebCoreSupport/WebEditorClient.cpp:

(WebKit::WebEditorClient::textDidChangeInTextField): Changed to call the bundle client
function unconditionally, but pass along whether the change was initiated by user typing.

15:44 Changeset [167275] by mitz@apple.com

[Cocoa] Add a WKWebProcessPlugInFormDelegate method corresponding to willSendSubmitEvent
https://bugs.webkit.org/show_bug.cgi?id=131639

Reviewed by Tim Horton.

  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFormDelegatePrivate.h: Declared

new delegate method.

  • WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:

(-[WKWebProcessPlugInBrowserContextController _setFormDelegate:]): Added an override
of API::InjectedBundle::FormClient::willSendSubmitEvent which calls the new delegate
method.

15:39 Changeset [167274] by benjamin@webkit.org

[iOS][WK2] Change the SPI used when starting the rotation animation
https://bugs.webkit.org/show_bug.cgi?id=131638

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-04-14
Reviewed by Tim Horton.

Having an update block where all the properties are changed is more convenient for Safari.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _beginAnimatedResizeWithUpdates:]):
(-[WKWebView _beginAnimatedResizeToSize:obscuredInsets:minimumLayoutSizeOverride:]): Deleted.

  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
15:37 Changeset [167273] by simon.fraser@apple.com

[iOS WK2] Hash table assertion closing a tab
https://bugs.webkit.org/show_bug.cgi?id=131640

Reviewed by Tim Horton.

Have RemoteLayerTreeContext keep track of all PlatformCALayerRemotes,
and clear their context pointer when it is being destroyed to avoid
calling into a deleted object later.

  • WebProcess/WebPage/mac/PlatformCALayerRemote.cpp:

(WebKit::PlatformCALayerRemote::~PlatformCALayerRemote):
(WebKit::PlatformCALayerRemote::addAnimationForKey):

  • WebProcess/WebPage/mac/PlatformCALayerRemote.h:

(WebKit::PlatformCALayerRemote::clearContext):

  • WebProcess/WebPage/mac/RemoteLayerTreeContext.h:
  • WebProcess/WebPage/mac/RemoteLayerTreeContext.mm:

(WebKit::RemoteLayerTreeContext::~RemoteLayerTreeContext):
(WebKit::RemoteLayerTreeContext::layerWasCreated):
(WebKit::RemoteLayerTreeContext::layerWillBeDestroyed):

15:05 Changeset [167272] by oliver@apple.com

Function.bind itself is too slow
https://bugs.webkit.org/show_bug.cgi?id=131636

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:
Rather than forcing creation of an activation, we now store
bound function properties directly on the returned closure.
This is necessary to deal with code that creates many function
bindings, but does not call them very often.

This is a 60% speed up in the included js/regress test.

  • builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::createBuiltinExecutable):

  • builtins/Function.prototype.js:

(bind.bindingFunction):
(bind.else.switch.case.1.bindingFunction.bindingFunction.bindingFunction.boundOversizedCallThunk):
(bind.else.switch.case.1.bindingFunction):
(bind.else.switch.case.2.bindingFunction.bindingFunction.bindingFunction.boundOversizedCallThunk):
(bind.else.switch.case.2.bindingFunction):
(bind.else.switch.case.3.bindingFunction.bindingFunction.bindingFunction.boundOversizedCallThunk):
(bind.else.switch.case.3.bindingFunction):
(bind.else.switch.bindingFunction):
(bind):
(bind.else.switch.case.1.bindingFunction.oversizedCall): Deleted.
(bind.else.switch.case.2.bindingFunction.oversizedCall): Deleted.
(bind.else.switch.case.3.bindingFunction.oversizedCall): Deleted.

  • runtime/CommonIdentifiers.h:

LayoutTests:
New test, and fix bogus log in old one

  • js/regress/function-bind-create-expected.html: Added.
  • js/regress/function-bind-create.html: Added.
  • js/regress/script-tests/function-bind-create.js: Added.

(test):

  • js/regress/script-tests/function-bind.js:
14:51 Changeset [167271] by timothy_horton@apple.com

Allow dynamic changes of WKThumbnailView snapshot scale
https://bugs.webkit.org/show_bug.cgi?id=131628
<rdar://problem/16584156>

Reviewed by Beth Dakin.

  • UIProcess/API/Cocoa/_WKThumbnailView.mm:

(-[_WKThumbnailView _requestSnapshotIfNeeded]):
Don't bail from requesting a snapshot just because we already had one; we want to resnapshot.
Keep track of when we bail from requesting a snapshot because we have one in-flight, so we can request it later.

(-[_WKThumbnailView _didTakeSnapshot:]):
Apply the scale to the bitmap size (whoops!).
Make CA always resize the content to fill the thumbnail view's layer, respecting aspect ratio.
Re-snapshot if we previously deferred a snapshot.

(-[_WKThumbnailView setScale:]):
If we get a scale change, request a new snapshot.

(-[_WKThumbnailView setUsesSnapshot:]):
Never apply thumbnail scale to the page if we're using snapshots. It's unnecessary,
because scale will be applied simply when painting the software snapshot.
Apply the thumbnail scale if we're going from usesSnapshot -> !usesSnapshot.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::snapshotAtSize):
Snapshots should use the greater of the two scales, so as to never leave a portion of the snapshot unpainted.

14:48 Changeset [167270] by bdakin@apple.com

RenderLayerCompositor's m_layerForOverhangAreas should be offset by the
topContentInset
https://bugs.webkit.org/show_bug.cgi?id=131632
-and corresponding-
<rdar://problem/16609602>

Reviewed by Tim Horton.

Offset m_layerForOverhangAreas by the topContentInset.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::updateOverflowControlsLayers):

14:46 Changeset [167269] by julien.brianceau@gmail.com

[sh4] Allow use of SubImmediates in LLINT.
https://bugs.webkit.org/show_bug.cgi?id=131608

Reviewed by Mark Lam.

Allow use of SubImmediates with const pool so the sh4 architecture can
share the arm path for setEntryAddress macro. It reduces architecture
specific code and lead to a more optimal generated code for sh4.

  • llint/LowLevelInterpreter.asm:
  • offlineasm/sh4.rb:
14:38 Changeset [167268] by timothy_horton@apple.com

REGRESSION (WebKit2 View Gestures): Double-tap doesn't work properly when there's no element underneath the cursor
https://bugs.webkit.org/show_bug.cgi?id=131629
<rdar://problem/16192821>

Reviewed by Dan Bernstein.

  • UIProcess/mac/ViewGestureControllerMac.mm:

(WebKit::ViewGestureController::didCollectGeometryForSmartMagnificationGesture):
If there's nothing under the cursor, zoom towards the cursor instead of towards 0,0.

14:24 Changeset [167267] by ap@apple.com

Eliminate CachedFrame::m_mousePressNode
https://bugs.webkit.org/show_bug.cgi?id=131626

Reviewed by Brady Eidson.

I couldn't find any observable effect of this change.

  • history/CachedFrame.cpp:

(WebCore::CachedFrameBase::CachedFrameBase):
(WebCore::CachedFrameBase::restore):
(WebCore::CachedFrame::clear):

  • history/CachedFrame.h:

(WebCore::CachedFrame::documentLoader):
(WebCore::CachedFrame::mousePressNode): Deleted.
Eliminated m_mousePressNode, accessor, and code that reached out to EventHandler.

  • page/EventHandler.cpp:

(WebCore::EventHandler::mousePressNode): Deleted.
(WebCore::EventHandler::setMousePressNode): Deleted.

  • page/EventHandler.h:

(WebCore::EventHandler::setMousePressed): Deleted. This function was already unused.

13:46 Changeset [167266] by simon.fraser@apple.com

Run filter animations in the UI process with UI-side compositing
https://bugs.webkit.org/show_bug.cgi?id=131199
<rdar://problem/16479487>

Source/WebCore:

Reviewed by Sam Weinig.

Add FilterOperation::clone() which is used during decoding.
Export some things.

  • WebCore.exp.in:
  • platform/graphics/filters/FilterOperation.h:

Source/WebKit2:

Reviewed by Sam Weinig.

  • Shared/WebCoreArgumentCoders.cpp: Removed lots of WebCore::

(IPC::ArgumentCoder<SelectionRect>::decode):
(IPC::ArgumentCoder<PasteboardWebContent>::encode):
(IPC::ArgumentCoder<PasteboardWebContent>::decode):
(IPC::ArgumentCoder<PasteboardImage>::encode):
(IPC::ArgumentCoder<PasteboardImage>::decode):
(IPC::ArgumentCoder<URL>::decode):
(IPC::ArgumentCoder<UserStyleSheet>::encode):
(IPC::ArgumentCoder<UserStyleSheet>::decode):
(IPC::ArgumentCoder<UserScript>::encode):
(IPC::ArgumentCoder<UserScript>::decode):
(IPC::ArgumentCoder<ScrollableAreaParameters>::encode):
(IPC::ArgumentCoder<ScrollableAreaParameters>::decode):
(IPC::ArgumentCoder<FixedPositionViewportConstraints>::encode):
(IPC::ArgumentCoder<FixedPositionViewportConstraints>::decode):
(IPC::ArgumentCoder<StickyPositionViewportConstraints>::encode):
(IPC::ArgumentCoder<StickyPositionViewportConstraints>::decode):
(IPC::ArgumentCoder<FilterOperation>::encode):
(IPC::decodeFilterOperation):
(IPC::ArgumentCoder<FilterOperations>::encode):
(IPC::ArgumentCoder<WebCore::UserStyleSheet>::encode): Deleted.
(IPC::ArgumentCoder<WebCore::UserStyleSheet>::decode): Deleted.
(IPC::ArgumentCoder<WebCore::UserScript>::encode): Deleted.
(IPC::ArgumentCoder<WebCore::UserScript>::decode): Deleted.
(IPC::ArgumentCoder<WebCore::ScrollableAreaParameters>::encode): Deleted.
(IPC::ArgumentCoder<WebCore::ScrollableAreaParameters>::decode): Deleted.
(IPC::ArgumentCoder<WebCore::FixedPositionViewportConstraints>::encode): Deleted.
(IPC::ArgumentCoder<WebCore::FixedPositionViewportConstraints>::decode): Deleted.
(IPC::ArgumentCoder<WebCore::StickyPositionViewportConstraints>::encode): Deleted.
(IPC::ArgumentCoder<WebCore::StickyPositionViewportConstraints>::decode): Deleted.
(IPC::encodeFilterOperation): Deleted.
Add encoding/decoding support for FilterOperation.
decodeFilterOperation() has to be a bare function because of the RefPtr
out parameter.
REFERENCE filters should never be encoded, since they have CachedSVGDocumentReferences.

  • Shared/WebCoreArgumentCoders.h:
  • Shared/mac/RemoteLayerTreeTransaction.mm:

(WebKit::RemoteLayerTreeTextStream::operator<<):
Add logging for filter animations to the RemoteLayerTree log output.

  • WebProcess/WebPage/mac/GraphicsLayerCARemote.h:
  • WebProcess/WebPage/mac/GraphicsLayerCARemote.cpp:

(WebKit::GraphicsLayerCARemote::addAnimation): Deleted. We can run
filter animations now.

  • WebProcess/WebPage/mac/PlatformCAAnimationRemote.h:

KeyValues have a RefPtr<WebCore::FilterOperation> now (which can't be part of
the union because we need its constructor to get called).

  • WebProcess/WebPage/mac/PlatformCAAnimationRemote.mm:

(WebKit::PlatformCAAnimationRemote::KeyframeValue::encode): Encode the filter.
(WebKit::PlatformCAAnimationRemote::KeyframeValue::decode): Decode the filter.
(WebKit::PlatformCAAnimationRemote::setFromValue): Implement.
(WebKit::PlatformCAAnimationRemote::setToValue): Implement.
(WebKit::PlatformCAAnimationRemote::setValues): Implement.
(WebKit::animationValueFromKeyframeValue): Handle filters.

13:38 Changeset [167265] by simon.fraser@apple.com

Fix the build.

  • UIProcess/mac/PageClientImpl.h:
13:37 Changeset [167264] by jer.noble@apple.com

Use after free in WebCore::CachedResourceHandleBase::~CachedResourceHandleBase / WebCore::removeDetachedChildrenInContainer
https://bugs.webkit.org/show_bug.cgi?id=131169

Reviewed by Eric Carlson.

Invalidate the WebCoreAVFResourceLoader owned by MediaPlayerPrivateAVFoundationObjC
in its destructor, to prevent a private function being called in response to the
WebCoreAVFResourceLoader being stopped.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::~MediaPlayerPrivateAVFoundationObjC):

  • platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
  • platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:

(WebCore::WebCoreAVFResourceLoader::invalidate):

13:31 Changeset [167263] by mark.lam@apple.com

monotonicallyIncreasingTime() should only initialize its static timebaseInfo once.
<https://webkit.org/b/131630>

Reviewed by Filip Pizlo.

The current initialization of the static field is not thread safe.

  • wtf/CurrentTime.cpp:

(WTF::monotonicallyIncreasingTime):

12:49 Changeset [167262] by simon.fraser@apple.com

[WK2 iOS] Scrolling to anchor links is broken
https://bugs.webkit.org/show_bug.cgi?id=131618
<rdar://problem/16599144>

Source/WebCore:

Reviewed by Tim Horton.

Have ScrollingTreeScrollingNode pass RequestedScrollPosition updates
to the scrolling tree, so that the scrolling tree can have custom behavior
for them if necessary.

  • page/scrolling/ScrollingTree.h:

(WebCore::ScrollingTree::scrollingTreeNodeRequestsScroll):

  • page/scrolling/ScrollingTreeScrollingNode.cpp:

(WebCore::ScrollingTreeScrollingNode::updateAfterChildren):

  • page/scrolling/ScrollingTreeScrollingNode.h:

Source/WebKit2:

Reviewed by Tim Horton.

The RemoteScrollingTree implements scrollingTreeNodeRequestsScroll
to get informed about requested scroll position updates, and passes
them along via the RemoteScrollingCoordinatorProxy, WebPageProxy and PageClient
to the WKWebView, which performs a scroll.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _scrollToContentOffset:WebCore::]): Scroll to content offset,
taking page scale and insets into account.

  • UIProcess/API/Cocoa/WKWebViewInternal.h:
  • UIProcess/CoordinatedGraphics/WebView.cpp:

(WebKit::WebView::requestScroll):

  • UIProcess/CoordinatedGraphics/WebView.h:
  • UIProcess/PageClient.h:
  • UIProcess/Scrolling/RemoteScrollingCoordinatorProxy.cpp:

(WebKit::RemoteScrollingCoordinatorProxy::scrollingTreeNodeRequestsScroll):
Pass scrolls along to the WebPageProxy for the root node. We will also need
to handle programmatic scrolls for overflow soon.

  • UIProcess/Scrolling/RemoteScrollingCoordinatorProxy.h:
  • UIProcess/Scrolling/RemoteScrollingTree.cpp:

(WebKit::RemoteScrollingTree::scrollingTreeNodeRequestsScroll):

  • UIProcess/Scrolling/RemoteScrollingTree.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::requestScroll):

  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/PageClientImplIOS.h:
  • UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::canScrollView):
(WebKit::PageClientImpl::requestScroll):

  • UIProcess/mac/PageClientImpl.mm:

(WebKit::PageClientImpl::requestScroll):

12:45 Changeset [167261] by burg@cs.washington.edu

Web Replay: memoize fallback time values for document.lastModified
https://bugs.webkit.org/show_bug.cgi?id=131318

Reviewed by Joseph Pecoraro.

Source/WebCore:
If a document's Last-Modified header can't be found or used, then
document.lastModified is derived from the current system time or
from filesystem data, which is obviously nondeterministic.

It's better to handle this inside Document::lastModified rather than using
MemoizedDOMResult, because only the fallback case is nondeterministic.

Test: http/tests/inspector/replay/document-last-modified-fallback-value.html

  • dom/Document.cpp:

(WebCore::Document::lastModified): Save or reuse memoized fallback value.

  • replay/WebInputs.json: Add input DocumentLastModifiedDate.

LayoutTests:

  • http/tests/inspector/replay/document-last-modified-fallback-value.html: Added.
12:11 Changeset [167260] by ggaren@apple.com

A few MallocBench record/replay fixes
https://bugs.webkit.org/show_bug.cgi?id=131627

Reviewed by Andreas Kling.

  • MallocBench/MallocBench/Interpreter.cpp:

(Interpreter::run): Accept 0-sized allocations without asserting because
WebKit does that sometimes.

  • MallocBench/MallocBench/flickr.ops:
  • MallocBench/MallocBench/flickr_memory_warning.ops:
  • MallocBench/MallocBench/reddit.ops:
  • MallocBench/MallocBench/reddit_memory_warning.ops:
  • MallocBench/MallocBench/theverge.ops:
  • MallocBench/MallocBench/theverge_memory_warning.ops: Updated these

recordings because a bug in the recording mechanism caused one out of
every few thousand slot values to be bogus.

12:02 Changeset [167259] by commit-queue@webkit.org

[GTK] Unreviewed GTK gardening.

Patch by Eduardo Lima Mitev <elima@igalia.com> on 2014-04-14

  • platform/gtk/TestExpectations: Update test expectations for new failing test 'editing/editability/ignored-content.html'.
  • platform/gtk/inspector-protocol/dom/getAccessibilityPropertiesForNode-expected.txt: Rebaselined.
12:00 Changeset [167258] by bshafiei@apple.com

Versioning.

11:57 Changeset [167257] by bshafiei@apple.com

New tag.

11:40 Changeset [167256] by antti@apple.com

Keep secondary tile grid for zoomed-out scale
https://bugs.webkit.org/show_bug.cgi?id=131586

Reviewed by Darin Adler.

Source/WebCore:

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::updateContentsScale):

Don't repaint tiled backing with setNeedsDisplay, it invalidates itself correctly in setContentsScale.
Update custom child layers when tiled backing scale changes.

  • platform/graphics/ca/mac/TileController.h:
  • platform/graphics/ca/mac/TileController.mm:

(WebCore::TileController::TileController):
(WebCore::TileController::setNeedsDisplay):

Drop the whole zoomed-out grid on full repaint.

(WebCore::TileController::setNeedsDisplayInRect):

Drop changed zoomed-out tiles. A more sophisticated strategy is possible.

(WebCore::TileController::setContentsScale):

Swap the zoomed-out grid in and out as needed.
Repaint the active grid after scale change so the client does not have to.

(WebCore::TileController::contentsScale):

Get the content scale from the tile grid so it is not kept in two places.

(WebCore::TileController::zoomedOutContentsScale):
(WebCore::TileController::setZoomedOutContentsScale):

Drop the zoomed-out grid if it no longer matches the zoomed-out scale.

(WebCore::TileController::tileRevalidationTimerFired):
(WebCore::TileController::retainedTileBackingStoreMemory):
(WebCore::TileController::containerLayers):

Return both zoomed-out tiles and the active tiles. Active tiles are on top.

(WebCore::TileController::numberOfUnparentedTiles):
(WebCore::TileController::removeUnparentedTilesNow):

  • platform/graphics/ca/mac/TileGrid.h:
  • platform/graphics/ca/mac/TileGrid.mm:

(WebCore::TileGrid::dropTilesInRect):

Add a function for dropping tiles.

(WebCore::TileGrid::revalidateTiles):

Source/WebKit2:

  • WebProcess/WebPage/mac/PlatformCALayerRemoteTiledBacking.cpp:

(WebKit::PlatformCALayerRemoteTiledBacking::PlatformCALayerRemoteTiledBacking):
(WebKit::PlatformCALayerRemoteTiledBacking::customSublayers):

Always request new sublayer list from tile controller.

  • WebProcess/WebPage/mac/PlatformCALayerRemoteTiledBacking.h:
11:33 WebKitGTK/KeepingTheTreeGreen edited by elima@igalia.com
(diff)
11:17 WebKitGTK/KeepingTheTreeGreen edited by elima@igalia.com
(diff)
11:05 April 2014 Meeting edited by zoltan@webkit.org
(diff)
11:04 Changeset [167255] by akling@apple.com

Array.prototype.concat should allocate output storage only once.
<https://webkit.org/b/131609>

Do a first pass across 'this' and any arguments to compute the
final size of the resulting array from Array.prototype.concat.
This avoids having to grow the output incrementally as we go.

This also includes two other micro-optimizations:

  • Mark getProperty() with ALWAYS_INLINE.
  • Use JSArray::length() instead of taking the generic property lookup path when we know an argument is an Array.

My MBP says ~3% progression on Dromaeo/jslib-traverse-jquery.

Reviewed by Oliver & Darin.

  • runtime/ArrayPrototype.cpp:

(JSC::getProperty):
(JSC::arrayProtoFuncConcat):

11:02 April 2014 Meeting edited by betravis@adobe.com
(diff)
11:00 April 2014 Meeting edited by bjonesbe@adobe.com
(diff)
10:51 April 2014 Meeting edited by ddkilzer@webkit.org
(diff)
10:49 April 2014 Meeting edited by bjonesbe@adobe.com
(diff)
10:33 Changeset [167254] by ap@apple.com

Fixed svn:ignore on bmalloc.xcodeproj, it had erroneous leading spaces.

  • bmalloc.xcodeproj: Modified property svn:ignore.
10:27 Changeset [167253] by timothy_horton@apple.com

Make WK(Web)View magnification setters actually use view-relative positions
https://bugs.webkit.org/show_bug.cgi?id=131611
<rdar://problem/15965239>

Reviewed by Darin Adler.

  • UIProcess/API/mac/WKView.mm:

(-[WKView setMagnification:centeredAtPoint:]):
(-[WKView setMagnification:]):
Use scalePageInViewCoordinates instead.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::scalePageInViewCoordinates):

  • UIProcess/WebPageProxy.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::scalePageInViewCoordinates):
(WebKit::WebPage::pageScaleFactor):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:

Add scalePageInViewCoordinates, which turns the scale centerpoint within the view
into what scalePage expects: a post-scale scroll offset.

10:26 Changeset [167252] by akling@apple.com

Unreviewed, rolling out r167249.
https://bugs.webkit.org/show_bug.cgi?id=131621

broke 3 tests on cloop (Requested by kling on #webkit).

Reverted changeset:

"Array.prototype.concat should allocate output storage only
once."
https://bugs.webkit.org/show_bug.cgi?id=131609
http://trac.webkit.org/changeset/167249

Patch by Commit Queue <commit-queue@webkit.org> on 2014-04-14

10:20 WebKitGTK/KeepingTheTreeGreen edited by elima@igalia.com
(diff)
10:17 Changeset [167251] by oliver@apple.com

Update test result

09:52 WebKitGTK/KeepingTheTreeGreen edited by elima@igalia.com
(diff)
09:31 Changeset [167250] by commit-queue@webkit.org

Fixed potential integer truncation.
https://bugs.webkit.org/show_bug.cgi?id=131615

Patch by Alex Christensen <achristensen@webkit.org> on 2014-04-14
Reviewed by Darin Adler.

  • assembler/X86Assembler.h:

(JSC::X86Assembler::fillNops):
Truncate the size_t to an unsigned after it is limited to 15 instead of before.

09:19 Changeset [167249] by akling@apple.com

Array.prototype.concat should allocate output storage only once.
<https://webkit.org/b/131609>

Do a first pass across 'this' and any arguments to compute the
final size of the resulting array from Array.prototype.concat.
This avoids having to grow the output incrementally as we go.

This also includes two other micro-optimizations:

  • Mark getProperty() with ALWAYS_INLINE.
  • Use JSArray::length() instead of taking the generic property lookup path when we know an argument is an Array.

My MBP says ~3% progression on Dromaeo/jslib-traverse-jquery.

Reviewed by Darin Adler.

  • runtime/ArrayPrototype.cpp:

(JSC::getProperty):
(JSC::arrayProtoFuncConcat):

09:02 Changeset [167248] by krit@webkit.org

Optimize Canvas fill and drawImage with SourceIn, DestinationIn, SourceOut, and DestinationAtop using transparencyLayer.
https://bugs.webkit.org/show_bug.cgi?id=79659

Reviewed by Darin Adler.

Source/WebCore:
Optimize fill() and fillRect() operations in Canvas on composited contexts by
10 to 20 times on CG.

Replacing the ImageBuffer code by transparency layers allows the
graphics library to optimize the drawing.

Doing the same for drawImage() would give performance regressions.

An inline function will create a transparency layer for CG. Cairo graphics
does not composite correctly when a transparency layer gets created.
The inline function is just a NOOP for Cairo.

This fixes bug 131303 as well.

Added performance tests with r167124 already.

  • html/canvas/CanvasRenderingContext2D.cpp:

(WebCore::CanvasRenderingContext2D::fillInternal):
(WebCore::CanvasRenderingContext2D::strokeInternal):
(WebCore::CanvasRenderingContext2D::beginCompositeLayer):
(WebCore::CanvasRenderingContext2D::endCompositeLayer):
(WebCore::CanvasRenderingContext2D::fillRect):
(WebCore::CanvasRenderingContext2D::strokeRect):
(WebCore::CanvasRenderingContext2D::drawTextInternal):
(WebCore::CanvasRenderingContext2D::fullCanvasCompositedFill): Deleted.

  • html/canvas/CanvasRenderingContext2D.h:

LayoutTests:
Unskip previously failing tests.

  • platform/gtk/TestExpectations:
08:48 Changeset [167247] by carlosgc@webkit.org

Tagging the WebKitGTK+ 2.4.1 release

08:42 Changeset [167246] by timothy_horton@apple.com

Lots of compositing test failures after r167152
https://bugs.webkit.org/show_bug.cgi?id=131574

Reviewed by Darin Adler.

  • platform/graphics/GraphicsLayer.cpp:

(WebCore::dumpChildren):
(WebCore::GraphicsLayer::dumpProperties):
Make child-dumping recursive so that we can easily skip layers up to any depth.

08:35 Changeset [167245] by carlosgc@webkit.org

Unreviewed. Update NEWS and Versions.m4 for 2.4.1 release.

.:

  • Source/autotools/Versions.m4: Bump version numbers.

Source/WebKit/gtk:

  • NEWS: Added release notes for 2.4.1.
05:45 Changeset [167244] by pmolnar.u-szeged@partner.samsung.com

Fix incorrect indentations in CodeGeneratorJS.pm introduced in r165521
https://bugs.webkit.org/show_bug.cgi?id=131613

Reviewed by Csaba Osztrogonác.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation):
Fixed 5-space indentation.

  • bindings/scripts/test/JS/JSTestNondeterministic.cpp:

Updated the tests accordingly.

05:24 Changeset [167243] by commit-queue@webkit.org

Fix commit-log-editor bug revealed by r165447
https://bugs.webkit.org/show_bug.cgi?id=130676

Patch by Jozsef Berta <jberta.u-szeged@partner.samsung.com> on 2014-04-14
Reviewed by Csaba Osztrogonác.

  • Scripts/commit-log-editor:

(createCommitMessage): Omitting empty Source/JavaScriptCore:... blocks.
Add \n before the first block too, because the longest common prefix now ends with only one newline.
(removeLongestCommonPrefixEndingInNewline): The longest common prefix ends with only one newline,
now the last block of the common prefix isn't duplicated below. Changing the function name accordingly.

04:41 WebKitGTK/2.4.x edited by carlosgc@webkit.org
(diff)
04:40 Changeset [167242] by carlosgc@webkit.org

Merge r167193 - [GStreamer] No CORS support for media elements
https://bugs.webkit.org/show_bug.cgi?id=99037

Patch by Youenn Fablet <youenn.fablet@crf.canon.fr> on 2014-04-13
Reviewed by Philippe Normand.

Source/WebCore:

Added CORS access control check to media sources when crossorigin attribute is set.

Added getter to CORS access control check status (used to compute whether the stream is tainted or not).
Related test is http/tests/security/video-cross-origin-readback.html.

Disabled access to cross-origin streams that fail CORS check when crossorigin attribute is set.
Related test is http/tests/security/video-cross-origin-accessfailure.html.

Tests: http/tests/security/video-cross-origin-accessfailure.html

http/tests/security/video-cross-origin-accesssameorigin.html

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::didPassCORSAccessCheck): Return whether media is cross-origin (tainted) or not by querying the gstreamer source layer.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Added MediaPlayerPrivateGStreamer::didPassCORSAccessCheck declaration.
  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webKitWebSrcStart): Passed CORS mode parameter to the streaming client. In case of CORS check failure, stop the resource loading.
(webKitSrcPassedCORSAccessCheck): Return whether CORS access control check was done and successful.
(StreamingClient::handleResponseReceived): Take a parameter to assign the CORS access control check result.
(CachedResourceStreamingClient::CachedResourceStreamingClient): Updated setting of the ResourceLoaderOptions according CORS mode.
(CachedResourceStreamingClient::responseReceived): Check CORS and pass result to handleResponseReceived.
(ResourceHandleStreamingClient::didReceiveResponse): No CORS check.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.h: Added webKitSrcPassedCORSAccessCheck declaration.

LayoutTests:

http/tests/security/video-cross-origin-accessfailure.html verifies that cross-origin streams that fail CORS check
are not played when crossorigin attribute is set.

http/tests/security/video-cross-origin-accesssameorigin.html verifies that access to same-origin streams

are played when crossorigin attribute is set.

  • http/tests/security/video-cross-origin-accessfailure-expected.txt: Added.
  • http/tests/security/video-cross-origin-accessfailure.html: Added.
  • http/tests/security/video-cross-origin-accesssameorigin-expected.txt: Added.
  • http/tests/security/video-cross-origin-accesssameorigin.html: Added.
  • platform/efl/TestExpectations: Enabled http/tests/security/video-cross-origin-readback.html.
  • platform/gtk/TestExpectations: Ditto.
  • platform/mac/TestExpectations: Disabled http/tests/security/video-cross-origin-accessfailure.html.
04:25 Changeset [167241] by carlosgc@webkit.org

Merge r166304 - REGRESSION(r162679): Poster image visible under the video
https://bugs.webkit.org/show_bug.cgi?id=130783

Reviewed by Simon Fraser.

In the listed revision, we started checking for isRenderImage()
instead of isImage(). RenderMedias return 'true' for the first
but 'false' for the second. Change the if() statement to check
for isRenderMedia() in addition to !isRenderImage().

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::isDirectlyCompositedImage):

04:21 Changeset [167240] by rego@igalia.com

[JSC] CSSStyleDeclaration report incorrect descriptor
https://bugs.webkit.org/show_bug.cgi?id=89697

Reviewed by Benjamin Poulain.

Source/WebCore:

Change descriptor of CSSStyleDeclaration properties in order to have
writable and enumerable attributes set to true. Configurable is kept to
false since the property is not deleteable.

Test: fast/dom/CSSStyleDeclaration/cssstyledeclaration-properties-descriptor.html

  • bindings/js/JSCSSStyleDeclarationCustom.cpp:

(WebCore::JSCSSStyleDeclaration::getOwnPropertySlotDelegate): Only set
DontDelete attribute when creating the descriptor for
CSSStyleDeclaration properties.

LayoutTests:

Add new test to check the descriptor of CSSStyleDeclaration properties.

  • fast/dom/CSSStyleDeclaration/cssstyledeclaration-properties-descriptor-expected.txt: Added.
  • fast/dom/CSSStyleDeclaration/cssstyledeclaration-properties-descriptor.html: Added.
04:20 Changeset [167239] by carlosgc@webkit.org

Merge r166090 - Source/WebCore: Fix a crash when assigning an object to document.location
https://bugs.webkit.org/show_bug.cgi?id=130213

Reviewed by Geoffrey Garen.

Convert location to string before we make use the document.
This prevents us from attempting to navigate a frame that
has already been removed.

Test: fast/dom/navigation-with-sideeffects-crash.html

  • bindings/js/JSDocumentCustom.cpp:

(WebCore::JSDocument::location):
(WebCore::JSDocument::setLocation):

LayoutTests: Fix semantics of JS execution when assigning an object to document.location
https://bugs.webkit.org/show_bug.cgi?id=130213

Reviewed by Geoffrey Garen.

  • fast/dom/navigation-with-sideeffects-expected.txt: Added.
  • fast/dom/navigation-with-sideeffects.html: Added.
04:12 Changeset [167238] by carlosgc@webkit.org

Merge r166026 - Generalize WebInspector check in maybeInitializeSandboxExtensionHandle().
https://bugs.webkit.org/show_bug.cgi?id=130079
<rdar://problem/16286683>

Reviewed by Anders Carlsson.

  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):

Perform an early return for all paths that don't need a sandbox extension due to
access being assumed, not only for WebInspector pages.

  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::hasAssumedReadAccessToURL):
(WebKit::WebProcessProxy::checkURLReceivedFromWebProcess):

  • UIProcess/WebProcessProxy.h:

Factored out m_localPathsWithAssumedReadAccess iteration to a public function.

04:04 Changeset [167237] by carlosgc@webkit.org

Merge r165921 - Crash with long selector list
https://bugs.webkit.org/show_bug.cgi?id=123006

Reviewed by Andreas Kling.

Source/WebCore:

Test: fast/css/long-selector-list-crash.html

  • css/CSSSelectorList.cpp:

(WebCore::CSSSelectorList::CSSSelectorList):
(WebCore::CSSSelectorList::adoptSelectorVector):
(WebCore::CSSSelectorList::operator=):

  • css/StyleRule.cpp:

(WebCore::StyleRule::create):

Add a bunch of asserts.

(WebCore::StyleRule::splitIntoMultipleRulesWithMaximumSelectorComponentCount):

This could produce a zero-length selector list.

LayoutTests:

  • fast/css/long-selector-list-crash-expected.txt: Added.
  • fast/css/long-selector-list-crash.html: Added.
03:53 Changeset [167236] by carlosgc@webkit.org

Merge r165902 - Update type of local vars to match the type of String length.
<https://webkit.org/b/130077>

Reviewed by Geoffrey Garen.

  • runtime/JSStringJoiner.cpp:

(JSC::JSStringJoiner::join):

03:47 Changeset [167235] by carlosgc@webkit.org

Merge r165821 - Mutating rules returned by getMatchedCSSRules can result in crash
https://bugs.webkit.org/show_bug.cgi?id=130209

Source/WebCore:

Reviewed by Andreas Kling.

The non-standard getMatchedCSSRules API returns CSSStyleRule objects that don't
have parent stylesheet pointer (as we don't know which sheet the rule originated from).
Mutating the rule via such wrapper can lead to crashes later as we fail to invalidate
the underlying stylesheet.

Fix by disallowing mutation of style rules that don't have parent sheet pointer. CSSStyleRule
has two mutable properties selectorText and style. The latter gives back CSSStyleDeclaration.
This patch disallows mutations in both cases for CSSStyleRules that don't have parent stylesheet
pointer.

While it is technically possible to have CSSRules that are legitimately disconnected
from stylesheet (by removing rule from sheet while holding a reference to it) it never
makes sense to mutate such rule as there is no way to do anything with it afterwards.

Tests: fast/css/getMatchedCSSProperties-rule-mutation.html

fast/css/getMatchedCSSRules-crash.html

  • css/CSSStyleRule.cpp:

(WebCore::CSSStyleRule::setSelectorText):

Bail out if parent stylesheet is null.

  • css/PropertySetCSSStyleDeclaration.cpp:

(WebCore::PropertySetCSSStyleDeclaration::setCssText):
(WebCore::PropertySetCSSStyleDeclaration::setProperty):
(WebCore::PropertySetCSSStyleDeclaration::removeProperty):
(WebCore::PropertySetCSSStyleDeclaration::setPropertyInternal):

Allow StyleRuleCSSStyleDeclaration subclass cancel the mutation via
boolean return value from willMutate.

(WebCore::StyleRuleCSSStyleDeclaration::willMutate):

Disallow mutation if the owning CSSStyleRule is null or has null stylesheet.

(WebCore::StyleRuleCSSStyleDeclaration::didMutate):

We never get here with null rule or stylesheet anymore.

  • css/PropertySetCSSStyleDeclaration.h:

(WebCore::PropertySetCSSStyleDeclaration::willMutate):

LayoutTests:

Reviewed by Andreas Kling.

  • fast/css/getMatchedCSSProperties-rule-mutation-expected.txt: Added.
  • fast/css/getMatchedCSSProperties-rule-mutation.html: Added.
  • fast/css/getMatchedCSSRules-crash-expected.txt: Added.
  • fast/css/getMatchedCSSRules-crash.html: Added.
03:38 Changeset [167234] by carlosgc@webkit.org

Merge r165548 - Don't send synchronous resize events when FrameView has auto-sizing enabled.
<https://webkit.org/b/130198>
<rdar://problem/15991333>

Reviewed by Dan Bernstein.

  • page/FrameView.cpp:

(WebCore::FrameView::sendResizeEventIfNeeded):

03:26 Changeset [167233] by carlosgc@webkit.org

Merge r165425 - Improve WeakPtr operators.
https://bugs.webkit.org/show_bug.cgi?id=130053

Reviewed by Andreas Kling.

Replace the "operator!()" with an explicit bool operator. Add an "operator->()".

  • wtf/WeakPtr.h:

(WTF::WeakPtr::operator bool):
(WTF::WeakPtr::operator->):

03:05 Changeset [167232] by carlosgc@webkit.org

Merge r165339 - SerializedScriptValue may move Identifiers between worlds
https://bugs.webkit.org/show_bug.cgi?id=129979

Reviewed by Andreas Kling.

Source/WebCore:

Test: fast/workers/worker-copy-shared-blob-url.html

Don't use Strings to store blob URLs as String's may be Identifiers
and they can only exist in one world/thread at a time.

  • Modules/indexeddb/IDBObjectStore.cpp:

(WebCore::IDBObjectStore::put):

  • bindings/js/SerializedScriptValue.cpp:

(WebCore::CloneDeserializer::deserializeString):
(WebCore::SerializedScriptValue::addBlobURL):
(WebCore::SerializedScriptValue::SerializedScriptValue):

  • bindings/js/SerializedScriptValue.h:

LayoutTests:

Add test cases

  • fast/workers/resources/worker-copy-shared-blob-url-worker.js: Added.

(count.0.onmessage):

  • fast/workers/worker-copy-shared-blob-url-expected.txt: Added.
  • fast/workers/worker-copy-shared-blob-url.html: Added.
02:47 Changeset [167231] by carlosgc@webkit.org

Merge r165145 - ASSERT(newestManifest) fails in WebCore::ApplicationCacheGroup::didFinishLoadingManifest()
https://bugs.webkit.org/show_bug.cgi?id=129753
<rdar://problem/12069835>

Reviewed by Alexey Proskuryakov.

Fixes an issue where an assertion failure would occur when visiting a web site whose on-disk
app cache doesn't contain a manifest resource.

For some reason an app cache for a web site may be partially written to disk. In particular, the
app cache may only contain a CacheGroups entry. That is, the manifest resource and origin records
may not be persisted to disk. From looking over the code, we're unclear how such a situation can occur
and hence have been unable to create such an app cache. We were able to reproduce this issue using
an app cache database file that was provided by a person that was affected by this issue.

No test included because it's not straightforward to write a test for this change.

  • loader/appcache/ApplicationCacheGroup.cpp:

(WebCore::ApplicationCacheGroup::checkIfLoadIsComplete): Assert that m_cacheBeingUpdated->manifestResource()
is non-null. Currently we only document this assumption in a code comment. Also separated a single assertion
expression into two assertion expressions to make it straightforward to identify the failing sub-expression
on failure.

  • loader/appcache/ApplicationCacheStorage.cpp:

(WebCore::ApplicationCacheStorage::store): Modified to call ApplicationCacheStorage::deleteCacheGroupRecord()
to remove a cache group and associated cache records (if applicable) before inserting a cache group entry.
This replacement approach will ultimately repair incomplete app cache data for people affected by this bug.
(WebCore::ApplicationCacheStorage::loadCache): Log an error and return nullptr if the cache we loaded doesn't
have a manifest resource.
(WebCore::ApplicationCacheStorage::deleteCacheGroupRecord): Added.
(WebCore::ApplicationCacheStorage::deleteCacheGroup): Extracted deletion logic for cache group record into
ApplicationCacheStorage::deleteCacheGroupRecord().

  • loader/appcache/ApplicationCacheStorage.h:
02:43 Changeset [167230] by carlosgc@webkit.org

Merge r165138 - Fix crash in CompositeEditCommand::cloneParagraphUnderNewElement()
<http://webkit.org/b/129751>
<rdar://problem/16237965>

Reviewed by Jon Honeycutt.

Merged from Blink (patch by Yuta Kitamura):
https://src.chromium.org/viewvc/blink?revision=168160&view=revision
http://crbug.com/345005

The root cause is CompositeEditCommand::moveParagraphWithClones() passing
two positions |start| and |end| which do not follow the document order,
i.e. in some situations |start| is located after |end| because of
the difference in affinity.

This patch fixes this crash by normalizing |end| to |start| in such situations.
It also adds an ASSERT that checks the relationship between |start| and |end|.

Source/WebCore:

Test: editing/execCommand/format-block-crash.html

  • editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::cloneParagraphUnderNewElement):
(WebCore::CompositeEditCommand::moveParagraphWithClones):

  • editing/CompositeEditCommand.h:

LayoutTests:

  • editing/execCommand/format-block-crash-expected.txt: Added.
  • editing/execCommand/format-block-crash.html: Added.
  • editing/execCommand/resources/format-block-crash-iframe.html: Added.
02:37 Changeset [167229] by carlosgc@webkit.org

Merge r164933 - Ensure keySplines is valid in SMIL animations
<http://webkit.org/b/129547>
<rdar://problem/15676128>

Reviewed by Darin Adler.

Merged from Blink (patch by Philip Rogers):
https://src.chromium.org/viewvc/blink?revision=156452&view=revision
http://crbug.com/276111

This patch fixes a crash in SMIL animations when keySplines are not
specified. The SMIL spec is clear on this:
http://www.w3.org/TR/2001/REC-smil-animation-20010904/#AnimFuncCalcMode
"If there are any errors in the keyTimes specification (bad values,
too many or too few values), the animation will have no effect."

This patch simply checks that keyTimes is not empty. Previously,
splinesCount was set to be m_keySplines.size() + 1 in
SVGAnimationElement.cpp; this patch changes splinesCount to be equal
to m_keySplines.size() to make the logic easier to follow and to
match other checks in SVGAnimationElement::startedActiveInterval.

Source/WebCore:

Test: svg/animations/animate-keysplines-crash.html

  • svg/SVGAnimationElement.cpp:

(WebCore::SVGAnimationElement::startedActiveInterval):

LayoutTests:

  • svg/animations/animate-keysplines-crash-expected.txt: Added.
  • svg/animations/animate-keysplines-crash.html: Added.
02:34 Changeset [167228] by carlosgc@webkit.org

Merge r164876 - Properly clear m_logicallyLastRun to remove use-after-free possibility
https://bugs.webkit.org/show_bug.cgi?id=129489

Reviewed by David Hyatt.

A use-after-free issue was caught in Blink because m_logicallyLastRun
is not cleared when the item it points to is deleted. Clearing it
turns the use-after-free into a segfault, and prevents any future
use-after-frees from happening.

  • platform/text/BidiRunList.h:

(WebCore::BidiRunList<Run>::deleteRuns):

02:31 Changeset [167227] by carlosgc@webkit.org

Merge r164408 - Crash in WTF::StringBuilder::append()

https://bugs.webkit.org/show_bug.cgi?id=125817
<rdar://problem/15671883>

Reviewed by Oliver Hunt.

  • wtf/text/StringBuilder.cpp:

(WTF::expandedCapacity):
Ensure that we return a new capacity of at least 'requiredLength' in
the case where requiredLength is large. Also, use unsigned rather than
size_t for the parameters and the return value, as callers pass
unsigned arguments and treat the result as an unsigned int.

02:24 Changeset [167226] by carlosgc@webkit.org

Merge r164367 - Do not dispatch change event twice in single step action
https://bugs.webkit.org/show_bug.cgi?id=116936
<rdar://problem/16086828>

Reviewed by Ryosuke Niwa.

Merged from Blink (patch by Kent Tamura):
https://src.chromium.org/viewvc/blink?view=rev&revision=151175

Source/WebCore:

Test: fast/forms/number/number-type-update-by-change-event.html

  • html/InputType.cpp:

(WebCore::InputType::stepUpFromRenderer):

LayoutTests:

  • fast/forms/number/number-type-update-by-change-event-expected.txt: Added.
  • fast/forms/number/number-type-update-by-change-event.html: Added.
02:17 Changeset [167225] by carlosgc@webkit.org

Merge r164249 - AX: Invalid cast in WebCore::AccessibilityTable::isDataTable (CRBug 280352)
<https://webkit.org/b/128925>
<rdar://problem/16087351>

Merged from Blink (patch by Dominic Mazzoni):
https://src.chromium.org/viewvc/blink?revision=159711&view=revision

Reviewed by Oliver Hunt.

Source/WebCore:

Don't cast to a table cell element unless we are sure it is one.

Test: accessibility/display-table-cell-causes-crash.html

  • accessibility/AccessibilityTable.cpp:

(WebCore::AccessibilityTable::isDataTable):

LayoutTests:

  • accessibility/display-table-cell-causes-crash-expected.txt: Added.
  • accessibility/display-table-cell-causes-crash.html: Added.
02:11 Changeset [167224] by carlosgc@webkit.org

Merge r164204 - Ensure that removing an iframe from the DOM tree disconnects its Frame.
<https://webkit.org/b/128889>
<rdar://problem/15671221>

Merged from Blink (patch by Adam Klein):
https://src.chromium.org/viewvc/blink?revision=156174&view=revision

Source/WebCore:

SubframeLoadingDisabler wasn't catching the case when an <iframe> was,
in its unload handler, removed and re-added to the same parent.
Fix this by using a count of SubframeLoadingDisablers that are on the
stack for a given root, rather than a simple boolean.

Test: fast/frames/reattach-in-unload.html

  • html/HTMLFrameOwnerElement.h:

(WebCore::SubframeLoadingDisabler::disabledSubtreeRoots):

LayoutTests:

  • fast/frames/reattach-in-unload-expected.txt: Added.
  • fast/frames/reattach-in-unload.html: Added.
02:00 Changeset [167223] by carlosgc@webkit.org

Merge r164170 - ASSERT_WITH_SECURITY_IMPLICATION in WebCore::toElement
https://bugs.webkit.org/show_bug.cgi?id=128810

Patch by Renata Hodovan <rhodovan.u-szeged@partner.samsung.com> on 2014-02-15
Reviewed by Ryosuke Niwa.

Source/WebCore:

Make CompositeEditCommand::cloneParagraphUnderNewElement() to work when |outerNode|
doesn't contain |start|.

Before this patch, CompositeEditCommand::cloneParagraphUnderNewElement() tried to copy
ancestry nodes from |start| to Document node when |start| position isn't in |outerNode|. This
patch changes CompositeEditCommand::cloneParagraphUnderNewElement() to copy |start| to
|outerNode| only if |outerNode| contains |start| position.

Merged from Blink https://src.chromium.org/viewvc/blink?revision=161762&view=revision by yosin@chromium.org.

Test: editing/execCommand/indent-with-uneditable-crash.html

  • editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::cloneParagraphUnderNewElement):

LayoutTests:

  • editing/execCommand/indent-with-uneditable-crash-expected.txt: Added.
  • editing/execCommand/indent-with-uneditable-crash.html: Added.
01:53 Changeset [167222] by carlosgc@webkit.org

Merge r163599 - loadSubframe can return null in SubframeLoader::loadOrRedirectSubframe
https://bugs.webkit.org/show_bug.cgi?id=128344

Reviewed by Ryosuke Niwa.

Source/WebCore:

  • loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::loadOrRedirectSubframe):

LayoutTests:

01:47 Changeset [167221] by carlosgc@webkit.org

Merge r163579 - Make adoption agency use the task queue
https://bugs.webkit.org/show_bug.cgi?id=109445

Reviewed by Ryosuke Niwa.

Source/WebCore:

Tests: fast/parser/adoption-agency-crash-01.html

fast/parser/adoption-agency-crash-02.html
fast/parser/adoption-agency-crash-03.html

  • html/parser/HTMLConstructionSite.cpp:

(WebCore::insert):
(WebCore::executeInsertTask):
(WebCore::executeReparentTask):
(WebCore::executeInsertAlreadyParsedChildTask):
(WebCore::executeTakeAllChildrenTask):
(WebCore::executeTask):
(WebCore::HTMLConstructionSite::attachLater):
(WebCore::HTMLConstructionSite::executeQueuedTasks):
(WebCore::HTMLConstructionSite::insertTextNode):
(WebCore::HTMLConstructionSite::reparent):
(WebCore::HTMLConstructionSite::insertAlreadyParsedChild):
(WebCore::HTMLConstructionSite::takeAllChildren):
(WebCore::HTMLConstructionSite::fosterParent):

  • html/parser/HTMLConstructionSite.h:

(WebCore::HTMLConstructionSiteTask::HTMLConstructionSiteTask):
(WebCore::HTMLConstructionSiteTask::oldParent):

  • html/parser/HTMLTreeBuilder.cpp:

(WebCore::HTMLTreeBuilder::callTheAdoptionAgency):

LayoutTests:

  • TestExpectations:
  • fast/parser/adoption-agency-crash-01-expected.txt: Added.
  • fast/parser/adoption-agency-crash-01.html: Added.
  • fast/parser/adoption-agency-crash-02-expected.txt: Added.
  • fast/parser/adoption-agency-crash-02.html: Added.
  • fast/parser/adoption-agency-crash-03-expected.txt: Added.
  • fast/parser/adoption-agency-crash-03.html: Added.
01:46 Changeset [167220] by benjamin@webkit.org

[JSC] Improve the call site of string comparison in some hot path
https://bugs.webkit.org/show_bug.cgi?id=131605

Reviewed by Darin Adler.

Source/JavaScriptCore:

When resolved, the String of a JSString is never null. It can be empty but not null.
The null value is reserved for ropes but those would be resolved when getting the value.

Consequently, we should use the equal() operation that do not handle null values.
Using the StringImpl directly is already common in StringPrototype but it was not used here for some reason.

  • jit/JITOperations.cpp:
  • runtime/JSCJSValueInlines.h:

(JSC::JSValue::equalSlowCaseInline):
(JSC::JSValue::strictEqualSlowCaseInline):
(JSC::JSValue::pureStrictEqual):

Source/WebCore:

  • dom/NodeRareData.h:

(WebCore::NodeListsNodeData::NodeListCacheMapEntryHash::equal):
We should use the right comparison operation depending on the Hash Traits.

Source/WTF:

  • wtf/text/StringImpl.cpp:

(WTF::stringImplContentEqual):
Inline that function to reduce the call overhead for JSC.
This is only inlined twice, it is not catastrophic for our binary.

01:45 Changeset [167219] by akling@apple.com

Merge MemoryPressureHandler{Mac,IOS}.mm
<https://webkit.org/b/131603>

Join the iOS and Mac platform implementations of MemoryPressureHandler
under the shared Cocoa banner. Each platform still has its own quirky
behavior, but this puts them in the same file so we can start sharing.

Reviewed by Darin Adler.

  • WebCore.xcodeproj/project.pbxproj:
  • platform/cocoa/MemoryPressureHandlerCocoa.mm: Renamed from Source/WebCore/platform/mac/MemoryPressureHandlerMac.mm.

(WebCore::MemoryPressureHandler::platformReleaseMemory):
(WebCore::MemoryPressureHandler::install):
(WebCore::MemoryPressureHandler::uninstall):
(WebCore::MemoryPressureHandler::holdOff):
(WebCore::MemoryPressureHandler::respondToMemoryPressure):
(WebCore::respondToMemoryPressureCallback):
(WebCore::MemoryPressureHandler::installMemoryReleaseBlock):
(WebCore::MemoryPressureHandler::setReceivedMemoryPressure):
(WebCore::MemoryPressureHandler::hasReceivedMemoryPressure):
(WebCore::MemoryPressureHandler::clearMemoryPressure):
(WebCore::MemoryPressureHandler::shouldWaitForMemoryClearMessage):
(WebCore::MemoryPressureHandler::respondToMemoryPressureIfNeeded):

  • platform/ios/MemoryPressureHandlerIOS.mm: Removed.
01:42 Changeset [167218] by benjamin@webkit.org

CSS JIT: compile the :nth-child() pseudo class
https://bugs.webkit.org/show_bug.cgi?id=131602

Reviewed by Andreas Kling.

Source/WebCore:

Tests: fast/selectors/nth-child-bounds.html

fast/selectors/nth-child-with-backtracking.html

Compile the :nth-child() pseudo class function + some related clean up.

  • css/CSSSelector.cpp:

(WebCore::CSSSelector::nthA):
(WebCore::CSSSelector::nthB):
Expose the parsed value of an+b filters. Those values are used to compile
the selector.

(WebCore::CSSSelector::RareData::parseNth):
While working on the patch, I discovered some severe issues with the parsing of large
values of a and/or b. The problem comes from the way the CSS parser handle the values:
the values are parsed as a double then converted to an AtomicString for CSSSelector.

There are many problems related to large values but we never got bug reports because
they are very uncommon. Fixing those problem would require changing the parser.

Here, CSSSelector::RareData::parseNth() is hardened a little bit to avoid absurd values
of a and b.

  • css/CSSSelector.h:
  • cssjit/RegisterAllocator.h:

It looks like I forgot RDX in the list of register. Add it now since it is required
for SelectorCodeGenerator::modulo().

  • cssjit/SelectorCompiler.cpp:

(WebCore::SelectorCompiler::addPseudoType):
(WebCore::SelectorCompiler::SelectorCodeGenerator::SelectorCodeGenerator):
(WebCore::SelectorCompiler::SelectorCodeGenerator::modulo):
(WebCore::SelectorCompiler::SelectorCodeGenerator::moduloIsZero):
There is no modulo() operation exposed on the macro assemblers. This is a basic
implementation on top of idiv for x86_64.

Since idiv works exclusively with RAX and RDX, most of the code is about getting
those registers efficiently.

(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
(WebCore::SelectorCompiler::setElementChildIndex):
(WebCore::SelectorCompiler::setElementChildIndexAndUpdateStyle):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChild):
This is pretty much a straightforward implementation of :nth-child().
The first part counts the number of previous elements.
The second part updates the tree if this is style resolution.
The last part compares the number of previous siblings to an+b to find if the filter matches.

The only part that diverges from SelectorChecker is how childIndex is used. Instead of testing it
at every iteration, only the first iteration handle the cache.

  • dom/ElementRareData.h:

(WebCore::ElementRareData::childIndexMemoryOffset):

  • dom/Node.h:

(WebCore::Node::rareDataMemoryOffset):
(WebCore::Node::flagHasRareData):

  • rendering/style/RenderStyle.h:

LayoutTests:

Add a couple of test for the new code:
-nth-child-with-backtracking tests the register pressure with backtracking.
-nth-child-bounds tests invalid selectors do not cause problems.

  • fast/selectors/nth-child-bounds-expected.txt: Added.
  • fast/selectors/nth-child-bounds.html: Added.
  • fast/selectors/nth-child-with-backtracking-expected.txt: Added.
  • fast/selectors/nth-child-with-backtracking.html: Added.
  • http/tests/security/video-poster-cross-origin-crash.html:

Now that CSSSelector filters out ridiculously bad values, the pseudo class in this test
was no longer executed.
The particular value of nth-child is irrelevant for this test, all it needs it the tree marking
while not matching.

01:29 Changeset [167217] by carlosgc@webkit.org

Merge r163465 - Move characterAt index checks from InlineIterator to RenderText
https://bugs.webkit.org/show_bug.cgi?id=128224

Source/WebCore:

Reviewed by Simon Fraser.

Move characterAt index checks from InlineIterator to RenderText
so that all RenderText calls are covered. Few safe instances are
now covered with uncheckedCharacterAt.

Merged from Blink:
http://src.chromium.org/viewvc/blink?view=revision&revision=150830

Test: fast/text/character-at-crash.html

  • rendering/InlineIterator.h:

(WebCore::InlineIterator::characterAt):

  • rendering/RenderText.cpp:

(WebCore::RenderText::computePreferredLogicalWidths):

  • rendering/RenderText.h:

(WebCore::RenderText::operator[]):
(WebCore::RenderText::uncheckedCharacterAt):
(WebCore::RenderText::characterAt):

LayoutTests:

Move characterAt index checks from InlineIterator to RenderText
so that all RenderText calls are covered. Few safe instances are
now covered with uncheckedCharacterAt.

Merged from Blink:
http://src.chromium.org/viewvc/blink?view=revision&revision=150830

Reviewed by Simon Fraser.

  • fast/text/character-at-crash-expected.txt: Added.
  • fast/text/character-at-crash.html: Added.
01:10 Changeset [167216] by timothy_horton@apple.com

Support setting a background color on page overlays
https://bugs.webkit.org/show_bug.cgi?id=131600

Reviewed by Darin Adler.

  • WebProcess/WebPage/PageOverlay.cpp:

(WebKit::PageOverlay::PageOverlay):
(WebKit::PageOverlay::bounds):
(WebKit::PageOverlay::startFadeInAnimation):
(WebKit::PageOverlay::startFadeOutAnimation):
(WebKit::PageOverlay::startFadeAnimation):
(WebKit::PageOverlay::fadeAnimationTimerFired):
Minor style adjustments.
Use more references everywhere.

(WebKit::PageOverlay::setBackgroundColor):
(WebKit::PageOverlay::setNeedsDisplay):

  • WebProcess/WebPage/PageOverlay.h:

(WebKit::PageOverlay::backgroundColor):
Keep track of our background color, and push it down to the page overlay controller if we have one.

  • WebProcess/WebPage/PageOverlayController.cpp:

(WebKit::updateOverlayGeometry):
(WebKit::PageOverlayController::clearPageOverlay):
Page overlays will always have the right size, and just use drawsContents to determine
whether or not they should tile/have backing store/etc.

(WebKit::PageOverlayController::installPageOverlay):
(WebKit::PageOverlayController::didChangeOverlayBackgroundColor):
Set the background color of the layer.

  • WebProcess/WebPage/PageOverlayController.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::WebPage):
References!

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::setDocumentOverlayRootLayer):
Mark the compositing tree as needing a rebuild when we get a new document-relative
overlay layer; otherwise we were depending on something else coming along and
requiring a rebuild, which didn't always happen.

00:50 Changeset [167215] by mihnea@adobe.com

[CSS Regions] Hit testing doesn't work in video
https://bugs.webkit.org/show_bug.cgi?id=131485

Reviewed by Andrei Bucur.

Source/WebCore:

When hit testing flow thread layer through the region layer,
we have to pass the depth sorting information and take that
into account for the situation in which an ancestor of the region
has preserve-3d transform style.

Test: fast/regions/hit-test-region-preserve3d-container.html

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::hitTestLayer):
(WebCore::RenderLayer::hitTestFlowThreadIfRegionForFragments):

  • rendering/RenderLayer.h:

LayoutTests:

  • fast/regions/hit-test-region-preserve3d-container-expected.txt: Added.
  • fast/regions/hit-test-region-preserve3d-container.html: Added.
00:28 WebKitGTK/2.4.x edited by carlosgc@webkit.org
(diff)
00:28 Changeset [167214] by carlosgc@webkit.org

Merge r167128 - wk2-gtk does not display anything
https://bugs.webkit.org/show_bug.cgi?id=125558

Reviewed by Martin Robinson.

Remove fcntl call to set access mode flags on the duplicated files
descriptor. Those flags are ignored in Linux and make fcntl to
fail in FreeBSD. We should handle the case where the passed
protection is ReadOnly.
Thanks to Raphael Kubo da Costa who proposed the solution.

  • Platform/unix/SharedMemoryUnix.cpp:

(WebKit::SharedMemory::createHandle):
(WebKit::accessModeFile): Deleted.

00:19 Changeset [167213] by commit-queue@webkit.org

Update html5lib test data to latest version
https://bugs.webkit.org/show_bug.cgi?id=131588

Patch by Koji Ishii <kojishi@gmail.com> on 2014-04-14
Reviewed by Darin Adler.

This patch imports the latest version of the "dat" files from
https://github.com/html5lib/html5lib-tests
Also updated expected files for failures of new tests.

  • html5lib/generated/run-adoption01-data-expected.txt: Passes now as a bug in the test was fixed.
  • html5lib/generated/run-adoption01-write-expected.txt: Supressed new failures.
  • html5lib/generated/run-inbody01-data-expected.txt: Added.
  • html5lib/generated/run-inbody01-data.html: Added.
  • html5lib/generated/run-inbody01-write-expected.txt: Added.
  • html5lib/generated/run-inbody01-write.html: Added.
  • html5lib/generated/run-main-element-data-expected.txt: Added.
  • html5lib/generated/run-main-element-data.html: Added.
  • html5lib/generated/run-main-element-write-expected.txt: Added.
  • html5lib/generated/run-main-element-write.html: Added.
  • html5lib/generated/run-template-data-expected.txt: Supressed new failures.
  • html5lib/generated/run-template-write-expected.txt: Supressed new failures.
  • html5lib/generated/run-tests21-data-expected.txt: Supressed new failures.
  • html5lib/generated/run-tests21-write-expected.txt: Supressed new failures.
  • html5lib/generated/run-tests25-data-expected.txt: Supressed new failures.
  • html5lib/generated/run-tests25-write-expected.txt: Supressed new failures.
  • html5lib/resources/adoption01.dat:
  • html5lib/resources/adoption02.dat:
  • html5lib/resources/comments01.dat:
  • html5lib/resources/doctype01.dat:
  • html5lib/resources/domjs-unsafe.dat:
  • html5lib/resources/entities01.dat:
  • html5lib/resources/entities02.dat:
  • html5lib/resources/html5test-com.dat:
  • html5lib/resources/inbody01.dat:
  • html5lib/resources/isindex.dat:
  • html5lib/resources/main-element.dat: Added.
  • html5lib/resources/pending-spec-changes-plain-text-unsafe.dat:
  • html5lib/resources/pending-spec-changes.dat:
  • html5lib/resources/plain-text-unsafe.dat:
  • html5lib/resources/scriptdata01.dat:
  • html5lib/resources/tables01.dat:
  • html5lib/resources/template.dat:
  • html5lib/resources/tests1.dat:
  • html5lib/resources/tests10.dat:
  • html5lib/resources/tests14.dat:
  • html5lib/resources/tests15.dat:
  • html5lib/resources/tests16.dat:
  • html5lib/resources/tests17.dat:
  • html5lib/resources/tests18.dat:
  • html5lib/resources/tests19.dat:
  • html5lib/resources/tests2.dat:
  • html5lib/resources/tests20.dat:
  • html5lib/resources/tests21.dat:
  • html5lib/resources/tests22.dat:
  • html5lib/resources/tests23.dat:
  • html5lib/resources/tests25.dat:
  • html5lib/resources/tests26.dat:
  • html5lib/resources/tests3.dat:
  • html5lib/resources/tests4.dat:
  • html5lib/resources/tests5.dat:
  • html5lib/resources/tests6.dat:
  • html5lib/resources/tests7.dat:
  • html5lib/resources/tests8.dat:
  • html5lib/resources/tests9.dat:
  • html5lib/resources/tests_innerHTML_1.dat:
  • html5lib/resources/tricky01.dat:
  • html5lib/resources/webkit01.dat:
  • html5lib/resources/webkit02.dat:
00:17 Changeset [167212] by carlosgc@webkit.org

Merge r167185 - [SOUP] Libsoup internal credential setting should be controlled by loader decision
https://bugs.webkit.org/show_bug.cgi?id=130963

Patch by Youenn Fablet <youenn.fablet@crf.canon.fr> on 2014-04-12
Reviewed by Darin Adler.

Source/WebCore:

Disabled libsoup internal authentication manager for messages for which no credential is available and no stored credentials should be used.
Updated synchronous loader to return whether using credentials or not according StoredCredential loader option parameter.
Unskipped test http/tests/xmlhttprequest/cross-origin-no-authorization.html covers the patch.

  • platform/network/ResourceHandleInternal.h:

(WebCore::ResourceHandleInternal::ResourceHandleInternal): Added m_useAuthenticationManager boolean to control whether disable authentication manager or not.

  • platform/network/soup/ResourceHandleSoup.cpp:

(WebCore::WebCoreSynchronousLoader::WebCoreSynchronousLoader): Added m_storedCredentials member.
(WebCore::WebCoreSynchronousLoader::shouldUseCredentialStorage): Return true if stored credentials are allowed.
(WebCore::applyAuthenticationToRequest): Set m_useAuthenticationManager value to disable authentication manager if cannot use stored credentials and ResourceHandleInternal has no username and password.
(WebCore::createSoupMessageForHandleAndRequest): Disable authentication mananger according m_useAuthenticationManager value.
(WebCore::ResourceHandle::platformLoadResourceSynchronously): Added StoredCredentials loader option to the sync loader constructor.

Source/WebKit/efl:

  • WebCoreSupport/FrameLoaderClientEfl.cpp:

(WebCore::FrameLoaderClientEfl::shouldUseCredentialStorage): Similarly to GTK, let soup/loader layer handle when to use credential storage. Return always true

LayoutTests:

  • platform/efl/TestExpectations: Unskipped http/tests/xmlhttprequest/cross-origin-no-authorization.html.
  • platform/gtk/TestExpectations: Ditto.

04/13/14:

23:58 Changeset [167211] by darin@apple.com

userVisibleString should not try to "encode" host names
https://bugs.webkit.org/show_bug.cgi?id=131587
rdar://problem/14686849

Reviewed by Alexey Proskuryakov.

Source/WebCore:

  • WebCore.exp.in: Updated for WebCoreNSURLExtras argument type changes.
  • platform/mac/WebCoreNSURLExtras.h: Removed unneeded code to make this

Objective-C++ header compile in plain C++ files, which we never need to do.
Added missing argument name, baseURL, and changed mysterious CFIndex arguments
to the correct type, CFURLComponentType.

  • platform/mac/WebCoreNSURLExtras.mm:

(WebCore::isLookalikeCharacter): Removed the inline keyword from this, and added
more lookalike characters from the Mozilla list referenced here.
(WebCore::URLByTruncatingOneCharacterBeforeComponent): Updated argument type.
(WebCore::dataForURLComponentType): Ditto.
(WebCore::userVisibleString): Only call mapHostNames if host name decoding is
needed; no encoding here.

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: Added URLExtras.mm.
  • TestWebKitAPI/Tests/mac/URLExtras.mm: Added. A few tests for WebCoreNSURLExtras.

Coverage is tiny at this point; we could add a lot more cases!

23:55 Changeset [167210] by darin@apple.com

REGRESSION (r158617): Find on Page can get stuck in a loop when the search string occurs in an <input> in a <fieldset>
https://bugs.webkit.org/show_bug.cgi?id=126322

Reviewed by Ryosuke Niwa.

Source/WebCore:

  • dom/Element.cpp:

(WebCore::Element::canContainRangeEndPoint): Now returns false when the role of the element
is "img". This is the same rule that's hard-coded in isRenderReplacedElement for the same
reason. Need more test coverage to make sure this role feature works consistently.

  • dom/Element.h: Made canContainRangeEndPoint no longer inline since it's not just a

return statement any more.

  • dom/Position.cpp:

(WebCore::Position::isCandidate): Took out code that calls isRendererReplacedElement
that was added in r158617; not needed now that we updated canContainRangeEndPoint.

  • dom/Range.cpp:

(WebCore::Range::firstNode): Removed code here that called isRendererReplacedElement.
This was the wrong level to be adding editing logic, and there's a FIXME here to that
effect, which we are now deleting. This was the change that broke Find.

  • editing/TextIterator.cpp: Added a comment about the redundancy between the

isRendererReplacedElement and editingIgnoresContent functions.

  • html/HTMLHRElement.cpp:

(WebCore::HTMLHRElement::canContainRangeEndPoint): Call through to base class instead
of just returning true when we have child nodes. Lets Element::canContainRangeEndPoint
do its thing.

  • html/HTMLHRElement.h: Ditto.
  • html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::canContainRangeEndPoint): Call through to base class instead
of just returning true when we have fallback content. Lets Element::canContainRangeEndPoint
do its thing.

  • html/HTMLObjectElement.h: Ditto.
  • testing/Internals.cpp:

(WebCore::Internals::countMatchesForText): Set the limit to 1000 instead of infinite.

LayoutTests:

  • editing/text-iterator/count-matches-in-form-expected.txt: Added.
  • editing/text-iterator/count-matches-in-form.html: Added.
  • fast/text/window-find.html: Tweaked the test a bit, making it a little easier to

see if the test hasn't even run.

23:55 WebKitGTK/2.4.x edited by philn@webkit.org
(diff)
22:35 April 2014 Meeting edited by rniwa@webkit.org
Add my intentions to attend talks/hackathons (diff)
22:29 Changeset [167209] by ljaehun.lim@samsung.com

Use #include instead of #import
https://bugs.webkit.org/show_bug.cgi?id=131604

Reviewed by Darin Adler.

Fix "warning: #import is a deprecated GCC extension [-Wdeprecated]".

  • TestWebKitAPI/Tests/WTF/StringView.cpp:
21:28 Changeset [167208] by darin@apple.com

Use unique_ptr for FillLayer::m_next
https://bugs.webkit.org/show_bug.cgi?id=75222

Reviewed by Dan Bernstein.

  • css/DeprecatedStyleBuilder.cpp:

(WebCore::ApplyPropertyFillLayer::applyInheritValue):
Renamed currChild to just child and prevChild to previousChild.
Changed code to pass ownership of the new FillLayer immediately.
Changed some loops to be for loops.
(WebCore::ApplyPropertyFillLayer::applyInitialValue): Ditto.
(WebCore::ApplyPropertyFillLayer::applyValue): Ditto.

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::backgroundHasOpaqueTopLayer): Use reference
instead of pointer.
(WebCore::RenderBox::paintFillLayers): Ditto.

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::paintFillLayerExtended): Ditto.

  • rendering/style/FillLayer.cpp:

(WebCore::FillLayer::FillLayer): Removed m_next initializer since it is now an
OwnPtr and initializes automatically. In a couple other places, changed m_next
initializer to use make_unique.
(WebCore::FillLayer::~FillLayer): Wrote loop for deletion of m_next.
(WebCore::FillLayer::operator=): Removed unneeded explicit deletion of m_next.
(WebCore::FillLayer::cullEmptyLayers): Ditto.
(WebCore::clipMax): Marked inline.
(WebCore::FillLayer::computeClipMax): Rewrote to use a loop instead of recursion.
(WebCore::FillLayer::containsImage): Ditto.
(WebCore::FillLayer::imagesAreLoaded): Ditto.
(WebCore::FillLayer::hasOpaqueImage): Rewrote to use && instead of multiple if.
(WebCore::FillLayer::hasImage): Rewrote to use a loop instead of recursion.
(WebCore::FillLayer::hasFixedImage): Ditto.

  • rendering/style/FillLayer.h: Changed m_next to be a unique_ptr.
19:57 Changeset [167207] by aestes@apple.com

[QuickLook] Move file system-related code into WebKit
https://bugs.webkit.org/show_bug.cgi?id=131597

Reviewed by Dan Bernstein.

Source/WebCore:

QuickLookHandle should not be responsible for saving a copy of the
original document to disk as it might be running in a process that
either can't write to disk or can only write into a sandboxed
container. To account for this, we need to separate the concern of
quick look conversion from that of original document saving so that
each activity can run in the appropriate process.

Created a new interface between WebCore and WebKit by adding a client
(QuickLookHandleClient) to QuickLookHandle which is notified of incoming
bytes. A new function on FrameLoaderClient tells WebKit when a new
QuickLookHandle is created, giving WebKit the opportunity to register a
handle client. Moved the existing file system-related code as well as
code only needed by WebKit1 in QuickLookHandle into a new WebKit1
QuickLookHandleClient subclass.

  • WebCore.exp.in:
  • WebCore.xcodeproj/project.pbxproj: Made QuickLookHandleClient.h Private.
  • loader/FrameLoaderClient.h:

(WebCore::FrameLoaderClient::didCreateQuickLookHandle): Added.

  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::didCreateQuickLookHandle): Called FrameLoaderClient::didCreateQuickLookHandle().

  • loader/ResourceLoader.h:
  • platform/network/ResourceHandle.h: Made m_quickLook a unique_ptr.

(WebCore::ResourceHandle::setQuickLookHandle): Changed to take a unique_ptr.

  • platform/network/ResourceHandleClient.h:

(WebCore::ResourceHandleClient::didCreateQuickLookHandle): Added.

  • platform/network/ios/QuickLook.h: Added m_client, gave m_converter a stronger type, and made m_nsResponse a RetainPtr.

(WebCore::QuickLookHandle::setClient): Added.
(WebCore::QuickLookHandle::firstRequestURL): Added.
(WebCore::QuickLookHandle::converter): Added.

  • platform/network/ios/QuickLook.mm:

(WebCore::registerQLPreviewConverterIfNeeded):
(WebCore::createTemporaryFileForQuickLook): Made non-static.
(WebCore::emptyClient): Returned a shared empty QuickLookHandleClient.
(WebCore::QuickLookHandle::QuickLookHandle): Removed file system and WebKit1-only code.
(WebCore::QuickLookHandle::create): Changed to return a unique_ptr.
(WebCore::QuickLookHandle::nsResponse):
(WebCore::QuickLookHandle::didReceiveDataArray): Removed file system code and called QuickLookHandleClient::didReceiveDataArray() instead.
(WebCore::QuickLookHandle::didReceiveData): Removed file system code and called QuickLookHandleClient::didReceiveData() instead.
(WebCore::QuickLookHandle::didFinishLoading): Removed file system code and called QuickLookHandleClient::didFinishLoading() instead.
(WebCore::QuickLookHandle::didFail): Removed file system and WebKit1-only code, calling QuickLookHandleClient::didFail() instead.
(WebCore::QuickLookHandle::~QuickLookHandle): Removed file system and WebKit1-only code. Cleared our reference to m_client.
(WebCore::QuickLookHandle::previewFileName): Retrieved from m_converter.
(WebCore::QuickLookHandle::previewRequestURL): Ditto.

  • platform/network/ios/QuickLookHandleClient.h: Added.

(WebCore::QuickLookHandleClient::~QuickLookHandleClient):
(WebCore::QuickLookHandleClient::didReceiveDataArray):
(WebCore::QuickLookHandleClient::didReceiveData):
(WebCore::QuickLookHandleClient::didFinishLoading):
(WebCore::QuickLookHandleClient::didFail):

Source/WebKit/mac:

Moved file system and WebKit1-only code from QuickLookHandle into a new
QuickLookHandleClient subclass.

  • WebCoreSupport/WebFrameLoaderClient.h:
  • WebCoreSupport/WebFrameLoaderClient.mm:

Source/WebKit2:

  • WebProcess/Network/WebResourceLoader.h: Made m_quickLookHandle a unique_ptr.
  • WebProcess/ios/WebResourceLoaderIOS.mm:

(WebKit::WebResourceLoader::setUpQuickLookHandleIfNeeded):

18:35 Changeset [167206] by aestes@apple.com

Relax adoption requirements of RefCounted objects that are NeverDestroyed
https://bugs.webkit.org/show_bug.cgi?id=131593

Reviewed by Dan Bernstein.

RefCounted objects that are created by NeverDestroyed<> won't have a
RefPtr adopting them, so call relaxAdoptionRequirements().

  • wtf/NeverDestroyed.h:

(WTF::NeverDestroyed::NeverDestroyed):
(WTF::NeverDestroyed::MaybeRelax::MaybeRelax):

17:02 Changeset [167205] by ggaren@apple.com

Added some website recordings to MallocBench -- taken from Membuster
https://bugs.webkit.org/show_bug.cgi?id=131601

Reviewed by Ryosuke Niwa.

Added flickr, reddit, and theverge -- each recorded from Membuster's
cache, with and without sending Safari a low memory warning.

  • MallocBench/MallocBench.xcodeproj/project.pbxproj:
  • MallocBench/MallocBench/Benchmark.cpp:
  • MallocBench/MallocBench/flickr.cpp: Added.

(benchmark_flickr):
(benchmark_flickr_memory_warning):

  • MallocBench/MallocBench/flickr.h: Added.
  • MallocBench/MallocBench/flickr.ops: Added.
  • MallocBench/MallocBench/flickr_memory_warning.ops: Added.
  • MallocBench/MallocBench/reddit.cpp: Added.

(benchmark_reddit):
(benchmark_reddit_memory_warning):

  • MallocBench/MallocBench/reddit.h: Added.
  • MallocBench/MallocBench/reddit.ops: Added.
  • MallocBench/MallocBench/reddit_memory_warning.ops: Added.
  • MallocBench/MallocBench/theverge.cpp: Added.

(benchmark_theverge):
(benchmark_theverge_memory_warning):

  • MallocBench/MallocBench/theverge.h: Added.
  • MallocBench/MallocBench/theverge.ops: Added.
  • MallocBench/MallocBench/theverge_memory_warning.ops: Added.
16:28 Changeset [167204] by ggaren@apple.com

Fixed some mbmalloc exports
https://bugs.webkit.org/show_bug.cgi?id=131599

Reviewed by Ryosuke Niwa.

  • bmalloc.xcodeproj/project.pbxproj: Made some headers a private part

of the project, so we can call them from API.

  • bmalloc/mbmalloc.cpp: Marked the mbmalloc functions with default

visibility, so they show up as exported in the .dylib.

16:21 Changeset [167203] by ggaren@apple.com

MallocBench record/replay should support realloc
https://bugs.webkit.org/show_bug.cgi?id=131598

Reviewed by Ryosuke Niwa.

  • MallocBench/MallocBench.xcodeproj/project.pbxproj: Fixed some linkage

issues that caused us not to fully link to system malloc in the default
case. Also marked mbmalloc.dylib as required so the error message will
be clearer if we mess up.

  • MallocBench/MallocBench/Interpreter.cpp:

(Interpreter::run):

  • MallocBench/MallocBench/Interpreter.h: Added the realloc case, and

upgraded one-letter names to full words.

16:03 April 2014 Meeting edited by rniwa@webkit.org
Add a hackathon to import more w3c tests (diff)
13:02 Changeset [167202] by aestes@apple.com

REGRESSION (r167164): -[WKNSURLSessionLocal _getCookieHeadersForTask:completionHandler:] _block_invoke can access a deallocated completionHandler
https://bugs.webkit.org/show_bug.cgi?id=131595

Reviewed by Dan Bernstein.

Make a copy of completionHandler and release it after we're done with it.

  • Shared/mac/CookieStorageShim.mm:

(-[WKNSURLSessionLocal _getCookieHeadersForTask:completionHandler:]):

12:23 Changeset [167201] by psolanki@apple.com

Don't use ImportanceAssertion on iOS
https://bugs.webkit.org/show_bug.cgi?id=131481
<rdar://problem/16575830>

Reviewed by Darin Adler.

We have other API to mark processes as being in use on iOS. No need to use ImportanceAssertion.

  • Platform/IPC/MessageDecoder.cpp:
  • Platform/IPC/MessageDecoder.h:
  • Platform/IPC/mac/ConnectionMac.cpp:

(IPC::Connection::receiveSourceEventHandler):

  • Platform/IPC/mac/ImportanceAssertion.h:
12:20 Changeset [167200] by psolanki@apple.com

Move early return out of dispatch_async() block so we can return from willSendRequest quickly
https://bugs.webkit.org/show_bug.cgi?id=131478
<rdar://problem/16575535>

Reviewed by Alexey Proskuryakov.

Do a quick check to see if we need to synthesize the redirect response on the dispatch queue
and return from willSendRequest callback quickly instead of always doing an effectively synchronous
call to the main thread. We can't call synthesizeRedirectResponseIfNecessary on the dispatch
queue since that accesses the ResourceRequest.

No new tests because no change in functionality.

  • platform/network/cf/ResourceHandleCFURLConnectionDelegate.h:
  • platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:

(WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::setupRequest): Save the
request scheme to use later for early return from willSendRequest.
(WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):

11:01 Changeset [167199] by oliver@apple.com

Rewrite Function.bind as a builtin
https://bugs.webkit.org/show_bug.cgi?id=131083

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

This change removes the existing function.bind implementation
entirely so JSBoundFunction is no more.

Instead we just return a regular JS closure with a few
private properties hanging off it that allow us to perform
the necessary bound function fakery. While most of this is
simple, a couple of key changes:

  • The parser and lexer now directly track whether they're parsing code for call or construct and convert the private name @IsConstructor into TRUETOK or FALSETOK as appropriate. This automatically gives us the ability to vary behaviour from within the builtin. It also leaves a lot of headroom for trivial future improvements.
  • The instanceof operator now uses the prototypeForHasInstance private name, and we have a helper function to ensure that all objects that need to can update their magical 'prototype' property pair correctly.
  • API/JSScriptRef.cpp:

(parseScript):

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::createBuiltinExecutable):

  • builtins/Function.prototype.js:

(bind.bindingFunction):
(bind.else.bindingFunction):
(bind):

  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::generateFunctionCodeBlock):

  • bytecompiler/NodesCodegen.cpp:

(JSC::InstanceOfNode::emitBytecode):

  • interpreter/Interpreter.cpp:
  • parser/Lexer.cpp:

(JSC::Lexer<T>::Lexer):
(JSC::Lexer<LChar>::parseIdentifier):
(JSC::Lexer<UChar>::parseIdentifier):

  • parser/Lexer.h:
  • parser/Parser.cpp:

(JSC::Parser<LexerType>::Parser):
(JSC::Parser<LexerType>::parseInner):

  • parser/Parser.h:

(JSC::parse):

  • parser/ParserModes.h:
  • runtime/CodeCache.cpp:

(JSC::CodeCache::getGlobalCodeBlock):
(JSC::CodeCache::getFunctionExecutableFromGlobalCode):

  • runtime/CommonIdentifiers.h:
  • runtime/Completion.cpp:

(JSC::checkSyntax):

  • runtime/Executable.cpp:

(JSC::ProgramExecutable::checkSyntax):

  • runtime/FunctionPrototype.cpp:

(JSC::FunctionPrototype::addFunctionProperties):
(JSC::functionProtoFuncBind): Deleted.

  • runtime/JSBoundFunction.cpp: Removed.
  • runtime/JSBoundFunction.h: Removed.
  • runtime/JSFunction.cpp:

(JSC::RetrieveCallerFunctionFunctor::RetrieveCallerFunctionFunctor):
(JSC::RetrieveCallerFunctionFunctor::operator()):
(JSC::retrieveCallerFunction):
(JSC::JSFunction::getOwnPropertySlot):
(JSC::JSFunction::defineOwnProperty):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::reset):

  • runtime/JSGlobalObjectFunctions.cpp:

(JSC::globalFuncSetTypeErrorAccessor):

  • runtime/JSGlobalObjectFunctions.h:
  • runtime/JSObject.h:

(JSC::JSObject::inlineGetOwnPropertySlot):

Source/WebCore:

Switch WebCore to use the helper functions when defining the
prototype properties on DOM constructors, and update bindings
tests accordingly.

  • bindings/js/JSImageConstructor.cpp:

(WebCore::JSImageConstructor::finishCreation):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateConstructorHelperMethods):

  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:

(WebCore::JSTestActiveDOMObjectConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:

(WebCore::JSTestCustomNamedGetterConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestEventConstructor.cpp:

(WebCore::JSTestEventConstructorConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestEventTarget.cpp:

(WebCore::JSTestEventTargetConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestException.cpp:

(WebCore::JSTestExceptionConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:

(WebCore::JSTestGenerateIsReachableConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::JSTestInterfaceConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:

(WebCore::JSTestMediaQueryListListenerConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedConstructor.cpp:

(WebCore::JSTestNamedConstructorConstructor::finishCreation):
(WebCore::JSTestNamedConstructorNamedConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestNode.cpp:

(WebCore::JSTestNodeConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::JSTestObjConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:

(WebCore::JSTestOverloadedConstructorsConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:

(WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation):

  • bindings/scripts/test/JS/JSTestTypedefs.cpp:

(WebCore::JSTestTypedefsConstructor::finishCreation):

  • bindings/scripts/test/JS/JSattribute.cpp:

(WebCore::JSattributeConstructor::finishCreation):

  • bindings/scripts/test/JS/JSreadonly.cpp:

(WebCore::JSreadonlyConstructor::finishCreation):

LayoutTests:

Testing.

  • js/dom/function-bind-expected.txt:
  • js/regress/function-bind-expected.txt: Added.
  • js/regress/function-bind.html: Added.
  • js/regress/script-tests/function-bind.js: Added.

(foo):

09:41 Changeset [167198] by simon.fraser@apple.com

[iOS WK2] Hook up scrolling tree nodes when coming out of the page cache
https://bugs.webkit.org/show_bug.cgi?id=131577

Reviewed by Tim Horton.

The call to scrollingCoordinator->frameViewRootLayerDidChange() was inside
a #if !PLATFORM(IOS) block, but now that we use the ScrollingCoordinator
for WK2 we want to call this.

  • loader/HistoryController.cpp:

(WebCore::HistoryController::restoreScrollPositionAndViewState):

07:59 Changeset [167197] by zandobersek@gmail.com

Unreviewed build fix after r167196.

  • platform/RemoteCommandListener.cpp:

(WebCore::RemoteCommandListener::create): Fall back to using the new operator
for allocating RemoteCommandListener object. Using std::make_unique() requires
for the operator to be public, which doesn't work well with the static create()
method.

07:18 Changeset [167196] by zandobersek@gmail.com

Remove unnecessary uses of std::move() in return statements
https://bugs.webkit.org/show_bug.cgi?id=131457

Reviewed by Darin Adler.

Don't use std::move() in return statements unless necessary as it inhibits
named return value optimizations as performed by compilers.

  • Modules/battery/BatteryManager.cpp:

(WebCore::BatteryManager::create):

  • html/FormController.cpp:

(WebCore::FormController::createSavedFormStateMap):

  • html/canvas/WebGLRenderingContext.cpp:

(WebCore::WebGLRenderingContext::create):

  • platform/RemoteCommandListener.cpp:

(WebCore::RemoteCommandListener::create):

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayer::create):

  • platform/ios/RemoteCommandListenerIOS.mm:

(WebCore::RemoteCommandListener::create):

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::GridIterator::nextEmptyGridArea):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::setupFilters):

  • rendering/style/CounterDirectives.cpp:

(WebCore::clone):

04:23 Changeset [167195] by commit-queue@webkit.org

Unreviewed, rolling out r167168 and r167194.
https://bugs.webkit.org/show_bug.cgi?id=131589

Caused massive ASSERTION failures on the GTK Debug bot
(Requested by philn on #webkit).

Reverted changesets:

"[GTK] Add HighDPI support for non-accelerated compositing
contents"
https://bugs.webkit.org/show_bug.cgi?id=131562
http://trac.webkit.org/changeset/167168

Source/WebCore:

"Unreviewed. Fix GTK+ build with recent cairo and GTK+ after
r167168."
http://trac.webkit.org/changeset/167194

Source/WebKit2:

"Unreviewed. Fix GTK+ build with recent cairo and GTK+ after
r167168."
http://trac.webkit.org/changeset/167194

02:46 Changeset [167194] by carlosgc@webkit.org

Unreviewed. Fix GTK+ build with recent cairo and GTK+ after r167168.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseCreateWebPage):

02:33 Changeset [167193] by commit-queue@webkit.org

[GStreamer] No CORS support for media elements
https://bugs.webkit.org/show_bug.cgi?id=99037

Patch by Youenn Fablet <youenn.fablet@crf.canon.fr> on 2014-04-13
Reviewed by Philippe Normand.

Source/WebCore:

Added CORS access control check to media sources when crossorigin attribute is set.

Added getter to CORS access control check status (used to compute whether the stream is tainted or not).
Related test is http/tests/security/video-cross-origin-readback.html.

Disabled access to cross-origin streams that fail CORS check when crossorigin attribute is set.
Related test is http/tests/security/video-cross-origin-accessfailure.html.

Tests: http/tests/security/video-cross-origin-accessfailure.html

http/tests/security/video-cross-origin-accesssameorigin.html

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::didPassCORSAccessCheck): Return whether media is cross-origin (tainted) or not by querying the gstreamer source layer.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Added MediaPlayerPrivateGStreamer::didPassCORSAccessCheck declaration.
  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webKitWebSrcStart): Passed CORS mode parameter to the streaming client. In case of CORS check failure, stop the resource loading.
(webKitSrcPassedCORSAccessCheck): Return whether CORS access control check was done and successful.
(StreamingClient::handleResponseReceived): Take a parameter to assign the CORS access control check result.
(CachedResourceStreamingClient::CachedResourceStreamingClient): Updated setting of the ResourceLoaderOptions according CORS mode.
(CachedResourceStreamingClient::responseReceived): Check CORS and pass result to handleResponseReceived.
(ResourceHandleStreamingClient::didReceiveResponse): No CORS check.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.h: Added webKitSrcPassedCORSAccessCheck declaration.

LayoutTests:

http/tests/security/video-cross-origin-accessfailure.html verifies that cross-origin streams that fail CORS check
are not played when crossorigin attribute is set.

http/tests/security/video-cross-origin-accesssameorigin.html verifies that access to same-origin streams

are played when crossorigin attribute is set.

  • http/tests/security/video-cross-origin-accessfailure-expected.txt: Added.
  • http/tests/security/video-cross-origin-accessfailure.html: Added.
  • http/tests/security/video-cross-origin-accesssameorigin-expected.txt: Added.
  • http/tests/security/video-cross-origin-accesssameorigin.html: Added.
  • platform/efl/TestExpectations: Enabled http/tests/security/video-cross-origin-readback.html.
  • platform/gtk/TestExpectations: Ditto.
  • platform/mac/TestExpectations: Disabled http/tests/security/video-cross-origin-accessfailure.html.
01:05 Changeset [167192] by darin@apple.com

REGRESSION (r166860): ASSERTION FAILED: !isCalculated() on fast/css/image-set-value-not-removed-crash.html
https://bugs.webkit.org/show_bug.cgi?id=131480

Reviewed by Andreas Kling.

Source/WebCore:

Fixes intermittent assertion failure in fast/css/image-set-value-not-removed-crash.html.

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::valueForImageSliceSide): Added. Helper used below in valueForNinePieceImageSlice.
Handles calculated values by returning 0; incorrect but predictable.
(WebCore::valueForNinePieceImageSlice): Updated to call valueForImageSliceSide.
(WebCore::positionOffsetValue): Use nullptr.
(WebCore::ComputedStyleExtractor::propertyValue): Updated to call positionOffsetValue
by its new name. Removed "get" from the name.
(WebCore::positionOffsetValue): Renamed from getPositionOffsetValue.

  • platform/Length.h: Made isCalculated public.

LayoutTests:

  • platform/mac/TestExpectations: Unskip the test now that the assertion is fixed.

04/12/14:

18:50 Changeset [167191] by fpizlo@apple.com

Make slow-stress tests run faster by running fewer VM variants.

Rubber stamped by Geoffrey Garen.

Tools:

  • Scripts/run-javascriptcore-tests:
  • Scripts/run-jsc-stress-tests:

LayoutTests:

  • jsc-layout-tests.yaml:
16:59 Changeset [167190] by aestes@apple.com

Fix the iOS build after r167183.

  • platform/network/ResourceHandle.h:
  • platform/network/cf/ResourceHandleCFNet.cpp:

(WebCore::ResourceHandle::schedule):
(WebCore::ResourceHandle::unschedule):

16:01 Changeset [167189] by fpizlo@apple.com

Math.fround() should be an intrinsic
https://bugs.webkit.org/show_bug.cgi?id=131583

Source/JavaScriptCore:

Reviewed by Geoffrey Garen.

Makes programs that use Math.fround() run up to 6x faster.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsic):

  • dfg/DFGCSEPhase.cpp:

(JSC::DFG::CSEPhase::performNodeCSE):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::LowerDFGToLLVM::compileNode):
(JSC::FTL::LowerDFGToLLVM::compileArithFRound):

  • runtime/Intrinsic.h:
  • runtime/MathObject.cpp:

(JSC::MathObject::finishCreation):

LayoutTests:

Reviewed by Geoffrey Garen.

This test runs 4.4635x faster with the intrinsic.

  • js/regress/fround-expected.txt: Added.
  • js/regress/fround.html: Added.
  • js/regress/script-tests/fround.js: Added.
14:06 Changeset [167188] by aestes@apple.com

[iOS] Move QuickLookHandle from ResourceLoader to WebResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=131580

Reviewed by Darin Adler.

There's no need to bloat WebKit1's ResourceLoader with a pointer that
only WebKit2's WebResourceLoader cares about.

Source/WebCore:

  • loader/ResourceLoader.h:

(WebCore::ResourceLoader::quickLookHandle): Deleted.
(WebCore::ResourceLoader::setQuickLookHandle): Deleted.

Source/WebKit2:

  • WebProcess/Network/WebResourceLoader.cpp:

(WebKit::WebResourceLoader::didReceiveResponseWithCertificateInfo):
(WebKit::WebResourceLoader::didReceiveData):
(WebKit::WebResourceLoader::didFinishResourceLoad):
(WebKit::WebResourceLoader::didFailResourceLoad):

  • WebProcess/Network/WebResourceLoader.h:
  • WebProcess/ios/WebResourceLoaderIOS.mm:

(WebKit::WebResourceLoader::setUpQuickLookHandleIfNeeded):

13:41 Changeset [167187] by fpizlo@apple.com

FTL should use stackmap register liveness
https://bugs.webkit.org/show_bug.cgi?id=130791

Reviewed by Goeffrey Garen.

Enable the stackmap register liveness support by fixing the two last bugs:

  • If everything is dead after the patchpoint - a good possibility for a put_by_id - then we shouldn't crash due to a null scratch buffer.


  • Always consider callee-saves as if they were live. More precisely, we should consider those callee-saves that are not saved by the enclosing function to be live. For now we do the much simpler thing and consider callee-saves to be always live since it has minimal impact on the scratch register allocator. It will know not to preserve those for calls, anyway.


I tried writing a test for the null scratch buffer thing, but failed. I will land the
test anyway since it seems useful.

  • ftl/FTLCompile.cpp:

(JSC::FTL::usedRegistersFor):

  • jit/ScratchRegisterAllocator.cpp:

(JSC::ScratchRegisterAllocator::preserveUsedRegistersToScratchBufferForCall):
(JSC::ScratchRegisterAllocator::restoreUsedRegistersFromScratchBufferForCall):

  • runtime/Options.h:
  • tests/stress/repeated-put-by-id-reallocating-transition.js: Added.

(foo):

13:06 Changeset [167186] by cfleizach@apple.com

AX: Cleanup AccessibilityObject::getAttribute
https://bugs.webkit.org/show_bug.cgi?id=131555

Reviewed by Darin Adler.

No new functionality.

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::getAttribute):

13:01 Changeset [167185] by commit-queue@webkit.org

[SOUP] Libsoup internal credential setting should be controlled by loader decision
https://bugs.webkit.org/show_bug.cgi?id=130963

Patch by Youenn Fablet <youenn.fablet@crf.canon.fr> on 2014-04-12
Reviewed by Darin Adler.

Source/WebCore:

Disabled libsoup internal authentication manager for messages for which no credential is available and no stored credentials should be used.
Updated synchronous loader to return whether using credentials or not according StoredCredential loader option parameter.
Unskipped test http/tests/xmlhttprequest/cross-origin-no-authorization.html covers the patch.

  • platform/network/ResourceHandleInternal.h:

(WebCore::ResourceHandleInternal::ResourceHandleInternal): Added m_useAuthenticationManager boolean to control whether disable authentication manager or not.

  • platform/network/soup/ResourceHandleSoup.cpp:

(WebCore::WebCoreSynchronousLoader::WebCoreSynchronousLoader): Added m_storedCredentials member.
(WebCore::WebCoreSynchronousLoader::shouldUseCredentialStorage): Return true if stored credentials are allowed.
(WebCore::applyAuthenticationToRequest): Set m_useAuthenticationManager value to disable authentication manager if cannot use stored credentials and ResourceHandleInternal has no username and password.
(WebCore::createSoupMessageForHandleAndRequest): Disable authentication mananger according m_useAuthenticationManager value.
(WebCore::ResourceHandle::platformLoadResourceSynchronously): Added StoredCredentials loader option to the sync loader constructor.

Source/WebKit/efl:

  • WebCoreSupport/FrameLoaderClientEfl.cpp:

(WebCore::FrameLoaderClientEfl::shouldUseCredentialStorage): Similarly to GTK, let soup/loader layer handle when to use credential storage. Return always true

LayoutTests:

  • platform/efl/TestExpectations: Unskipped http/tests/xmlhttprequest/cross-origin-no-authorization.html.
  • platform/gtk/TestExpectations: Ditto.
12:34 Changeset [167184] by commit-queue@webkit.org

(before-mar-1-1000) In correct date creation prior to 1 Mar 1000
https://bugs.webkit.org/show_bug.cgi?id=129308

Patch by Tibor Meszaros <tmeszaros.u-szeged@partner.samsung.com> on 2014-04-12
Reviewed by Darin Adler.

  • js/date-constructor-expected.txt:
  • js/script-tests/date-constructor.js:
12:10 Changeset [167183] by darin@apple.com

Some small loader refinements and refactoring
https://bugs.webkit.org/show_bug.cgi?id=131541

Reviewed by Alexey Proskuryakov.

Cut down on use of ResourceLoader::handle, which always returns null when
using a network process. Also streamlined conditionals and did some other
small refactoring.

  • loader/DocumentLoader.h: Use references rather than pointers for SchedulePair.
  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::didChangePriority): Use m_handle instead of handle(),
since we'd like to delete handle() entirely soon.
(WebCore::ResourceLoader::didReceiveAuthenticationChallenge): Ditto.
(WebCore::ResourceLoader::schedule): Added.
(WebCore::ResourceLoader::unschedule): Ditto.

  • loader/ResourceLoader.h: Rearranged header to eliminate nested conditionals.

Added schedule and unschedule functions for Mac.

  • loader/mac/DocumentLoaderMac.cpp:

(WebCore::scheduleAll): Changed to take a reference and call ResourceLoader::schedule.
(WebCore::unscheduleAll): Ditto.
(WebCore::DocumentLoader::schedule): Ditto.
(WebCore::DocumentLoader::unschedule): Ditto.

  • page/mac/PageMac.cpp:

(WebCore::Page::addSchedulePair): Pass a reference rather than a pointer to schedule.
(WebCore::Page::removeSchedulePair): Ditto.

  • platform/network/ResourceHandle.h: Did a bit of reformatting and reorganizing of

conditionals.

  • platform/network/ResourceHandleInternal.h: Removed a tiny bit of unneeded declaration.
  • platform/network/mac/ResourceHandleMac.mm:

(WebCore::ResourceHandle::schedule): Updated to take a reference rather than a pointer.
(WebCore::ResourceHandle::unschedule): Ditto.

11:22 Changeset [167182] by fpizlo@apple.com

DFG::FixupPhase should insert conversion nodes after the rest of fixup so that we know how the types settled
https://bugs.webkit.org/show_bug.cgi?id=131424

Reviewed by Geoffrey Garen.

This defers type conversion injection until we've decided on types. This makes the
process of deciding types a bit more flexible - for example we can naturally fixpoint
and change our minds. Only when things are settled do we actually insert conversions.

This is a necessary prerequisite for keeping double, int52, and JSValue data flow
separate. A SetLocal/GetLocal will appear to be JSValue until we fixpoint and realize
that there are typed uses. If we were eagerly inserting type conversions then we would
first insert a to/from-JSValue conversion in some cases only to then replace it by
the other conversions. It's probably trivial to remove those redundant conversions later
but I think it's better if we don't insert them to begin with.

  • bytecode/CodeOrigin.h:

(JSC::CodeOrigin::operator!):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::run):
(JSC::DFG::FixupPhase::fixupBlock):
(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::fixupSetLocalsInBlock):
(JSC::DFG::FixupPhase::fixEdge):
(JSC::DFG::FixupPhase::fixIntEdge):
(JSC::DFG::FixupPhase::injectTypeConversionsInBlock):
(JSC::DFG::FixupPhase::injectTypeConversionsForEdge):
(JSC::DFG::FixupPhase::addRequiredPhantom):
(JSC::DFG::FixupPhase::addPhantomsIfNecessary):
(JSC::DFG::FixupPhase::clearPhantomsAtEnd):
(JSC::DFG::FixupPhase::observeUntypedEdge): Deleted.
(JSC::DFG::FixupPhase::fixupUntypedSetLocalsInBlock): Deleted.
(JSC::DFG::FixupPhase::injectInt32ToDoubleNode): Deleted.

Note: See TracTimeline for information about the timeline view.