Context Navigation

← Previous Period
Next Period →

Timeline

Oct 17, 2015:

5:25 PM Changeset in webkit [191254] by mark.lam@apple.com

2 edits in trunk/Source/WTF

Add CPU(X86) to the supported MASM_PROBE CPUs. This was accidentally left out in r191197.

Not reviewed.

wtf/Platform.h:

5:00 PM Changeset in webkit [191253] by mmaxfield@apple.com

2 edits in trunk/Source/WebKit/mac

Build fix after r191250

Unreviewed.

WebView/WebView.mm:

(+[WebView initialize]):

4:13 PM Changeset in webkit [191252] by hyatt@apple.com

15 edits
16 adds in trunk

Implement the CSS4 'revert' keyword.
https://bugs.webkit.org/show_bug.cgi?id=149702

Reviewed by Simon Fraser.

Source/WebCore:

Added new tests in fast/css and fast/css/variables.

CMakeLists.txt:
WebCore.xcodeproj/project.pbxproj:

Add CSSRevertValue to the project and makefiles.

css/CSSParser.cpp:

(WebCore::parseKeywordValue):
Make sure to handle "revert" in the keyword parsing path (along with inherit/initial/unset).

(WebCore::CSSParser::parseValue):
(WebCore::CSSParser::parseCustomPropertyDeclaration):
At the parser level, "revert" is just like inherit/initial/unset and gets its own special
singleton value, CSSRevertValue.

css/CSSRevertValue.cpp: Added.

(WebCore::CSSRevertValue::customCSSText):

css/CSSRevertValue.h: Added.

(WebCore::CSSRevertValue::create):
(WebCore::CSSRevertValue::equals):
(WebCore::CSSRevertValue::CSSRevertValue):
This value is identical to the inherit/initial/unset values, i.e., its own special value
that can be used to indicate a revert when doing style resolution.

css/CSSValue.cpp:

(WebCore::CSSValue::cssValueType):
(WebCore::CSSValue::equals):
(WebCore::CSSValue::cssText):
(WebCore::CSSValue::destroy):

css/CSSValue.h:

(WebCore::CSSValue::isInheritedValue):
(WebCore::CSSValue::isInitialValue):
(WebCore::CSSValue::isUnsetValue):
(WebCore::CSSValue::isRevertValue):
Add the RevertClass to CSSValue and make sure it is handled in all the appropriate methods.

css/CSSValueKeywords.in:

Add the "revert" keyword to the list of allowed CSS keywords.

css/CSSValuePool.cpp:

(WebCore::CSSValuePool::CSSValuePool):

css/CSSValuePool.h:

(WebCore::CSSValuePool::createRevertValue):
Add support for a CSSRevertValue singleton, just like inherit/unset/initial.

css/FontLoader.cpp:

(WebCore::FontLoader::resolveFontStyle):
Add "unset" and "revert" as special keywords to be ignored. This code seems to be turned off,
but patching it anyway.

css/SelectorChecker.h:

Add a MatchDefault value of 0 to the LinkMatchMask. This enables it to be used as an index
to the correct value in Property (in the style resolution code).

css/StyleResolver.cpp:

(WebCore::StyleResolver::State::initForStyleResolve):
Delete any lingering old CascadedProperty rollbacks for UA/user rules.

(WebCore::StyleResolver::styleForKeyframe):
(WebCore::StyleResolver::styleForPage):
(WebCore::StyleResolver::applyMatchedProperties):
Pass along the MatchResult as an additional parameter, since we need it to lazily compute
the cascade rollbacks if the "revert" keyword is encountered.

(WebCore::StyleResolver::cascadedPropertiesForRollback):
This method will lazily create and return a new CascadedProperties pointer that is cached
in the StyleResolver's state. This will contain only UA rules (for user reverts) and UA/user
rules (for author reverts). These will only be computed at most once for a given element
when doing a reversion, and they will be computed lazily, i.e., only if a revert is
requested.

(WebCore::StyleResolver::applyProperty):
Pass along the LinkMatchMask and the MatchResult to applyProperty. This way we know specifically
which link type we were computing if we have to revert (so that we roll back and look at the
same index in the reverted version). The MatchResult is passed along because it is needed
to build the CascadedProperties rollbacks.

The basic idea is that if a revert is encountered, the level that the rule came from is
checked. If it is UA level, just treat as "unset." If it is author or user level, get
the correct CascadedProperties rollback and repeat the applyProperty using the property
found in the rollback. If the property is not present in the cascade rollback, then the
revert becomes an unset.

(WebCore::StyleResolver::CascadedProperties::hasCustomProperty):
(WebCore::StyleResolver::CascadedProperties::customProperty):
Helpers used by applyProperty to check on custom properties, since they can revert too
just like a regular property can.

(WebCore::StyleResolver::CascadedProperties::setPropertyInternal):
(WebCore::StyleResolver::CascadedProperties::set):
(WebCore::StyleResolver::CascadedProperties::setDeferred):
Passing along the CascadeLevel (UA, User, Author) so that it can be stored in the Property.
This way when we do property application, we always know where the rule came from so
that the reversion can be handled properly.

(WebCore::StyleResolver::CascadedProperties::addStyleProperties):
(WebCore::cascadeLevelForIndex):
(WebCore::StyleResolver::CascadedProperties::addMatches):
When style properties are added, also figure out the CascadeLevel and pass it along to be
stored in the Property. We use the MatchResult's ranges to know where a property comes from.

(WebCore::StyleResolver::CascadedProperties::applyDeferredProperties):
(WebCore::StyleResolver::CascadedProperties::Property::apply):
(WebCore::StyleResolver::applyCascadedProperties):
Pass along the MatchResult so we know how to build the rollback.

css/StyleResolver.h:

(WebCore::StyleResolver::State::cascadeLevel):
(WebCore::StyleResolver::State::setCascadeLevel):
(WebCore::StyleResolver::State::authorRollback):
(WebCore::StyleResolver::State::userRollback):
(WebCore::StyleResolver::State::setAuthorRollback):
(WebCore::StyleResolver::State::setUserRollback):
(WebCore::StyleResolver::state):
(WebCore::StyleResolver::cascadeLevel):
(WebCore::StyleResolver::setCascadeLevel):
Move CascadedProperties into the header. Add CascadeLevel to Property. Add the level and
rollbacks to the resolver's state.

LayoutTests:

fast/css/all-keyword-revert-expected.html: Added.
fast/css/all-keyword-revert.html: Added.
fast/css/revert-color-expected.html: Added.
fast/css/revert-color.html: Added.
fast/css/revert-margins-expected.html: Added.
fast/css/revert-margins.html: Added.
fast/css/variables/all-keyword-revert-expected.html: Added.
fast/css/variables/all-keyword-revert.html: Added.
fast/css/variables/revert-inheritance-expected.html: Added.
fast/css/variables/revert-inheritance.html: Added.
fast/css/variables/revert-no-inheritance-expected.html: Added.
fast/css/variables/revert-no-inheritance.html: Added.
fast/css/variables/revert-variable-reference-expected.html: Added.
fast/css/variables/revert-variable-reference.html: Added.

3:40 PM Changeset in webkit [191251] by mmaxfield@apple.com

5 edits
2 adds in trunk

Delete FontPlatformData::allowsLigatures()
https://bugs.webkit.org/show_bug.cgi?id=150286

Reviewed by Dan Bernstein.

Source/WebCore:

This function is only used to force ligatures on for complex fonts (where "complex"
means "does not support the letter 'a'"). However, ligatures are turned on for all
fonts by default, which means that this function is unnecessary.

Required ligatures, such as those which make these complex scripts legible, are always
enabled, no matter what.

Test: fast/text/required-ligatures.html

platform/graphics/FontPlatformData.h:
platform/graphics/cocoa/FontPlatformDataCocoa.mm:

(WebCore::FontPlatformData::allowsLigatures): Deleted.

platform/graphics/mac/SimpleFontDataCoreText.cpp:

(WebCore::Font::getCFStringAttributes):

LayoutTests:

Make sure it's impossible to turn off required ligatures with CSS.

fast/text/required-ligatures-expected.html: Added.
fast/text/required-ligatures.html: Added.

3:31 PM Changeset in webkit [191250] by mmaxfield@apple.com

10 edits in trunk/Source

Stop honoring the user default "WebKitKerningAndLigaturesEnabledByDefault"
https://bugs.webkit.org/show_bug.cgi?id=150287

Reviewed by Simon Fraser.

Source/WebCore:

This user default is currently on by default. Therefore, by setting the user default,
users can only disable kerning / ligatures (rather than enable it).

There are a few reasons why we should stop honoring it:

In the brave new world of font-feature-settings and font-variant-ligatures, there

are many different kinds of ligatures which may be enabled at will. The simplistic
statement of "turn on ligatures" no longer has any meaning.

If a user wants to disable kerning / ligatures, he/she can do it with a user

stylesheet.

The default isn't able to be tested with DumpRenderTree or WebKitTestRunner.

I have never heard of anyone actually using this user default.

platform/graphics/FontCascade.cpp:

(WebCore::FontCascade::setDefaultKerning): Deleted.
(WebCore::FontCascade::setDefaultLigatures): Deleted.

platform/graphics/FontCascade.h:

(WebCore::FontCascade::advancedTextRenderingMode):

Source/WebKit/mac:

WebView/WebView.mm:

(+[WebView initialize]): Deleted.

Source/WebKit2:

Shared/WebProcessCreationParameters.cpp:

(WebKit::WebProcessCreationParameters::WebProcessCreationParameters): Deleted.
(WebKit::WebProcessCreationParameters::encode): Deleted.
(WebKit::WebProcessCreationParameters::decode): Deleted.

Shared/WebProcessCreationParameters.h:
UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::registerUserDefaultsIfNeeded): Deleted.
(WebKit::WebProcessPool::platformInitializeWebProcess): Deleted.

WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess): Deleted.

2:32 PM Changeset in webkit [191249] by mitz@apple.com

5 edits
2 adds in trunk/Source

[Cocoa] Stop using WKAXRegisterRemoteApp
https://bugs.webkit.org/show_bug.cgi?id=150283

Reviewed by Alexey Proskuryakov.

Source/WebCore:

platform/spi/ios/GraphicsServicesSPI.h: Added declaration of GSSystemRootDirectory.

Source/WebKit2:

Platform/spi/mac: Added.
Platform/spi/mac/AppKitSPI.h: Added. Includes declaration of +[NSAccessibilityRemoteUIElement setRemoteUIApp:].

WebKit2.xcodeproj/project.pbxproj: Added reference to new header. Also changed the path of the Platform/spi/Cocoa group to the corresponding path in the source tree.

WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::registerWithAccessibility): Added.
(WebKit::WebProcess::platformInitializeProcess): Use new registerWithAccessibility instead

of WKAXRegisterRemoteApp.

1:27 PM Changeset in webkit [191248] by fpizlo@apple.com

9 edits
1 add in trunk/Source/JavaScriptCore

Fix some generational heap growth pathologies
https://bugs.webkit.org/show_bug.cgi?id=150270

Reviewed by Andreas Kling.

When doing generational copying, we would pretend that the size of old space was increased
just by the amount of bytes we copied. In reality, it would be increased by the number of
bytes used by the copied blocks we created. This is a larger number, and in some simple
pathological programs, the difference can be huge.

Fixing this bug was relatively easy, and the only really meaningful change here is in
Heap::updateAllocationLimits(). But to convince myself that the change was valid, I had to
add some debugging code and I had to refactor some stuff so that it made more sense.

This change does obviate the need for m_totalBytesCopied, because we no longer use it in
release builds to decide how much heap we are using at the end of collection. But I added a
FIXME about how we could restore our use of m_totalBytesCopied. So, I kept the logic, for
now. The FIXME references https://bugs.webkit.org/show_bug.cgi?id=150268.

Relanding with build fix.

CMakeLists.txt:
JavaScriptCore.xcodeproj/project.pbxproj:
heap/CopiedBlock.cpp: Added.

(JSC::CopiedBlock::createNoZeroFill):
(JSC::CopiedBlock::destroy):
(JSC::CopiedBlock::create):
(JSC::CopiedBlock::zeroFillWilderness):
(JSC::CopiedBlock::CopiedBlock):

heap/CopiedBlock.h:

(JSC::CopiedBlock::didSurviveGC):
(JSC::CopiedBlock::createNoZeroFill): Deleted.
(JSC::CopiedBlock::destroy): Deleted.
(JSC::CopiedBlock::create): Deleted.
(JSC::CopiedBlock::zeroFillWilderness): Deleted.
(JSC::CopiedBlock::CopiedBlock): Deleted.

heap/CopiedSpaceInlines.h:

(JSC::CopiedSpace::startedCopying):

heap/Heap.cpp:

(JSC::Heap::updateObjectCounts):
(JSC::Heap::resetVisitors):
(JSC::Heap::capacity):
(JSC::Heap::protectedGlobalObjectCount):
(JSC::Heap::collectImpl):
(JSC::Heap::willStartCollection):
(JSC::Heap::updateAllocationLimits):
(JSC::Heap::didFinishCollection):
(JSC::Heap::sizeAfterCollect): Deleted.

heap/Heap.h:
heap/HeapInlines.h:

(JSC::Heap::shouldCollect):
(JSC::Heap::isBusy):
(JSC::Heap::collectIfNecessaryOrDefer):

heap/MarkedBlock.cpp:

(JSC::MarkedBlock::create):
(JSC::MarkedBlock::destroy):

12:38 PM Changeset in webkit [191247] by Chris Dumez

25 edits
4 adds in trunk

td and th should use HTMLTableDataCellElement and HTMLTableHeaderCellElement interfaces
https://bugs.webkit.org/show_bug.cgi?id=148859
<rdar://problem/22588664>

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

web-platform-tests/html/dom/interfaces-expected.txt:
web-platform-tests/html/semantics/interfaces-expected.txt:

Source/WebCore:

td and th should use HTMLTableDataCellElement and HTMLTableHeaderCellElement interfaces
as per the latest HTML specification:
https://html.spec.whatwg.org/multipage/tables.html#htmltabledatacellelement
https://html.spec.whatwg.org/multipage/tables.html#htmltableheadercellelement

This patch aligns our behavior with the specification and IE. Firefox and Chrome do not
seem to expose HTMLTableDataCellElement / HTMLTableHeaderCellElement at this time.

The compatibility risk is low, given that the API stays the same and those new
interfaces inherit the pre-existing HTMLTableCellElement interface.

No new tests, already covered by existing tests.

CMakeLists.txt:
DerivedSources.cpp:
DerivedSources.make:
WebCore.vcxproj/WebCore.vcxproj:
WebCore.vcxproj/WebCore.vcxproj.filters:
WebCore.xcodeproj/project.pbxproj:
html/HTMLTableCellElement.cpp:

(WebCore::HTMLTableCellElement::HTMLTableCellElement):
(WebCore::HTMLTableCellElement::colSpan): Deleted.

html/HTMLTableCellElement.h:
html/HTMLTableCellElement.idl:
html/HTMLTableDataCellElement.h: Added.
html/HTMLTableDataCellElement.idl: Added.
html/HTMLTableHeaderCellElement.h: Added.
html/HTMLTableHeaderCellElement.idl: Added.
html/HTMLTableRowElement.cpp:

(WebCore::HTMLTableRowElement::insertCell):

html/HTMLTagNames.in:

LayoutTests:

Rebaseline existing tests now that new HTMLTableDataCellElement / HTMLTableHeaderCellElement
types are exposed.

fast/dom/wrapper-classes-expected.txt:
fast/dom/wrapper-classes.html:
js/dom/global-constructors-attributes-expected.txt:
platform/efl/js/dom/global-constructors-attributes-expected.txt:
platform/gtk/js/dom/global-constructors-attributes-expected.txt:
platform/mac-mavericks/js/dom/global-constructors-attributes-expected.txt:
platform/mac-yosemite/js/dom/global-constructors-attributes-expected.txt:
platform/mac/js/dom/global-constructors-attributes-expected.txt:
platform/win/js/dom/global-constructors-attributes-expected.txt:

12:14 PM Changeset in webkit [191246] by Alan Bujtas

3 edits in trunk/Source/WebCore

RenderBlockFlow::xPositionForFloatIncludingMargin/yPositionForFloatIncludingMargin/flipFloatForWritingModeForChild
should all take FloatingObject reference.
https://bugs.webkit.org/show_bug.cgi?id=150267

Reviewed by Simon Fraser.

No change in behaviour.

rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::addOverflowFromFloats):
(WebCore::RenderBlockFlow::paintFloats):
(WebCore::RenderBlockFlow::clipOutFloatingObjects):
(WebCore::RenderBlockFlow::addOverhangingFloats):
(WebCore::RenderBlockFlow::flipFloatForWritingModeForChild):
(WebCore::RenderBlockFlow::hitTestFloats):
(WebCore::RenderBlockFlow::adjustForBorderFit):

rendering/RenderBlockFlow.h:

(WebCore::RenderBlockFlow::xPositionForFloatIncludingMargin):
(WebCore::RenderBlockFlow::yPositionForFloatIncludingMargin):

11:49 AM Changeset in webkit [191245] by Simon Fraser

2 edits in trunk/Source/WebCore

Sort the project file.

WebCore.xcodeproj/project.pbxproj:

11:42 AM Changeset in webkit [191244] by commit-queue@webkit.org

9 edits
1 delete in trunk/Source/JavaScriptCore

Unreviewed, rolling out r191240.
https://bugs.webkit.org/show_bug.cgi?id=150281

Broke 32-bit builds (Requested by smfr on #webkit).

Reverted changeset:

"Fix some generational heap growth pathologies"
https://bugs.webkit.org/show_bug.cgi?id=150270
http://trac.webkit.org/changeset/191240

11:34 AM Changeset in webkit [191243] by Simon Fraser

44 edits
2 adds in trunk/Source

Enhance TextStream for logging, remove subclasses, log more things
https://bugs.webkit.org/show_bug.cgi?id=150269

Reviewed by Zalan Bujtas.

Remove the various TextStream subclasses that only existed to support indenting,
and output additional types. Add output for more WebCore and WebKit2 types, and
just use TextStream everywhere.

TextStream is enhance to support grouping (open paren and intent), with a
stack-based class to open/end a group.

Remove some SVG-specific duplicate output functions.

Outdent namespace contents of GraphicsTypes.h.
Source/WebCore:

CMakeLists.txt:
WebCore.xcodeproj/project.pbxproj:
dom/ViewportArguments.cpp:

(WebCore::operator<<):

dom/ViewportArguments.h:
page/ViewportConfiguration.cpp:

(WebCore::operator<<):
(WebCore::ViewportConfiguration::description):
(WebCore::ViewportConfigurationTextStream::ViewportConfigurationTextStream): Deleted.
(WebCore::ViewportConfigurationTextStream::increaseIndent): Deleted.
(WebCore::ViewportConfigurationTextStream::decreaseIndent): Deleted.
(WebCore::dumpProperty): Deleted.
(WebCore::ViewportConfigurationTextStream::writeIndent): Deleted.
(WebCore::ViewportConfigurationTextStream::operator<<): Deleted.

page/ViewportConfiguration.h:
page/scrolling/ScrollingConstraints.cpp:

(WebCore::operator<<):

page/scrolling/ScrollingConstraints.h:
page/scrolling/ScrollingCoordinator.cpp:

(WebCore::operator<<):

page/scrolling/ScrollingCoordinator.h:
platform/animation/TimingFunction.cpp: Added.

(WebCore::operator<<):

platform/animation/TimingFunction.h:
platform/graphics/Color.cpp:

(WebCore::operator<<):

platform/graphics/Color.h:
platform/graphics/FloatPoint3D.cpp:

(WebCore::operator<<):

platform/graphics/FloatPoint3D.h:
platform/graphics/FloatRoundedRect.cpp:

(WebCore::operator<<):

platform/graphics/FloatRoundedRect.h:
platform/graphics/GraphicsLayer.cpp:

(WebCore::operator<<):

platform/graphics/GraphicsLayer.h:
platform/graphics/GraphicsTypes.cpp:

(WebCore::operator<<):

platform/graphics/GraphicsTypes.h:
platform/graphics/ca/PlatformCAAnimation.cpp: Added.

(WebCore::operator<<):

platform/graphics/ca/PlatformCAAnimation.h:
platform/graphics/ca/PlatformCALayer.cpp:

(WebCore::operator<<):

platform/graphics/ca/PlatformCALayer.h:
platform/graphics/filters/FilterOperation.cpp:

(WebCore::operator<<):

platform/graphics/filters/FilterOperation.h:
platform/graphics/filters/FilterOperations.cpp:

(WebCore::operator<<):

platform/graphics/filters/FilterOperations.h:
platform/graphics/filters/PointLightSource.cpp:

(WebCore::operator<<): Deleted.

platform/graphics/filters/SpotLightSource.cpp:

(WebCore::operator<<): Deleted.

platform/graphics/transforms/AffineTransform.cpp:

(WebCore::operator<<):

platform/graphics/transforms/AffineTransform.h:
platform/graphics/transforms/TransformationMatrix.cpp:

(WebCore::operator<<):

platform/graphics/transforms/TransformationMatrix.h:
platform/text/TextStream.cpp:

(WebCore::TextStream::startGroup):
(WebCore::TextStream::endGroup):
(WebCore::TextStream::nextLine):
(WebCore::TextStream::writeIndent):

platform/text/TextStream.h:

(WebCore::TextStream::operator<<):
(WebCore::TextStream::dumpProperty):
(WebCore::TextStream::increaseIndent):
(WebCore::TextStream::decreaseIndent):
(WebCore::TextStream::GroupScope::GroupScope):
(WebCore::TextStream::GroupScope::~GroupScope):

rendering/svg/SVGRenderTreeAsText.cpp:

(WebCore::operator<<): Deleted.

rendering/svg/SVGRenderTreeAsText.h:

Source/WebKit2:

Shared/Scrolling/RemoteScrollingCoordinatorTransaction.cpp:

(WebKit::dump):
(WebKit::recursiveDumpNodes):
(WebKit::RemoteScrollingCoordinatorTransaction::description):
(WebKit::RemoteScrollingTreeTextStream::RemoteScrollingTreeTextStream): Deleted.
(WebKit::RemoteScrollingTreeTextStream::increaseIndent): Deleted.
(WebKit::RemoteScrollingTreeTextStream::decreaseIndent): Deleted.
(WebKit::RemoteScrollingTreeTextStream::writeIndent): Deleted.
(WebKit::dumpProperty): Deleted.
(WebKit::RemoteScrollingTreeTextStream::operator<<): Deleted.
(WebKit::RemoteScrollingTreeTextStream::dump): Deleted.
(WebKit::RemoteScrollingTreeTextStream::recursiveDumpNodes): Deleted.

Shared/mac/RemoteLayerTreeTransaction.mm:

(WebKit::operator<<):
(WebKit::dumpChangedLayers):
(WebKit::RemoteLayerTreeTransaction::description):
(WebKit::RemoteLayerTreeTextStream::RemoteLayerTreeTextStream): Deleted.
(WebKit::RemoteLayerTreeTextStream::increaseIndent): Deleted.
(WebKit::RemoteLayerTreeTextStream::decreaseIndent): Deleted.
(WebKit::dumpProperty): Deleted.
(WebKit::RemoteLayerTreeTextStream::operator<<): Deleted.
(WebKit::RemoteLayerTreeTextStream::writeIndent): Deleted.

WebProcess/WebPage/mac/PlatformCAAnimationRemote.h:
WebProcess/WebPage/mac/PlatformCAAnimationRemote.mm:

(WebKit::operator<<):

11:04 AM Changeset in webkit [191242] by commit-queue@webkit.org

3 edits in trunk/Source/JavaScriptCore

[Win] Fix the Windows build.
https://bugs.webkit.org/show_bug.cgi?id=150278

Patch by Sungmann Cho <sungmann.cho@navercorp.com> on 2015-10-17
Reviewed by Brent Fulgham.

JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:

10:52 AM Changeset in webkit [191241] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Fixed typos from r191224.

Not reviewed.

jit/JITSubGenerator.h:

(JSC::JITSubGenerator::generateFastPath):

10:26 AM Changeset in webkit [191240] by fpizlo@apple.com

9 edits
1 add in trunk/Source/JavaScriptCore

Fix some generational heap growth pathologies
https://bugs.webkit.org/show_bug.cgi?id=150270

Reviewed by Andreas Kling.

CMakeLists.txt:
JavaScriptCore.xcodeproj/project.pbxproj:
heap/CopiedBlock.cpp: Added.

(JSC::CopiedBlock::createNoZeroFill):
(JSC::CopiedBlock::destroy):
(JSC::CopiedBlock::create):
(JSC::CopiedBlock::zeroFillWilderness):
(JSC::CopiedBlock::CopiedBlock):

heap/CopiedBlock.h:

heap/CopiedSpaceInlines.h:

(JSC::CopiedSpace::startedCopying):

heap/Heap.cpp:

heap/Heap.h:
heap/HeapInlines.h:

(JSC::Heap::shouldCollect):
(JSC::Heap::isBusy):
(JSC::Heap::collectIfNecessaryOrDefer):

heap/MarkedBlock.cpp:

(JSC::MarkedBlock::create):
(JSC::MarkedBlock::destroy):

1:23 AM Changeset in webkit [191239] by Csaba Osztrogonác

3 edits in trunk/Source/WebKit2

URTBF after r191194 to fix EFL build.
https://bugs.webkit.org/show_bug.cgi?id=150272

Patch by Hunseop Jeong <Hunseop Jeong> on 2015-10-17
Reviewed by Csaba Osztrogonác.

UIProcess/efl/WebContextMenuProxyEfl.cpp:

(WebKit::WebContextMenuProxyEfl::showContextMenu):

UIProcess/efl/WebContextMenuProxyEfl.h:

12:10 AM Changeset in webkit [191238] by youenn.fablet@crf.canon.fr

2 edits in trunk/Source/WebCore

Finalize bug 149952 patch
https://bugs.webkit.org/show_bug.cgi?id=150238

Reviewed by Darin Adler.

No change in behavior.

bindings/js/JSDOMConstructor.h:

(WebCore::JSDOMConstructor<JSClass>::finishCreation): Marked as inline.
(WebCore::JSDOMConstructor<JSClass>::getConstructData): Marked as inline.

Oct 16, 2015:

10:20 PM Changeset in webkit [191237] by ap@apple.com

2 edits in trunk/LayoutTests

Remove [ Debug ] qualifiers from expectations for some imported Blink test,
as they sometimes fail in release too.

platform/mac-wk2/TestExpectations:

9:48 PM Changeset in webkit [191236] by akling@apple.com

2 edits in trunk/Tools

[EFL, AppleWin] WTF.ConcatenateCharacterArrayAndEmptyString API test failed
<https://webkit.org/b/150153>

Unreviewed.

Just use simple arrays of LChar and UChar for this test instead of creating String
objects and then getting the characters8()/characters16() from them, since that
doesn't guarantee null-termination (the bug.)

TestWebKitAPI/Tests/WTF/StringOperators.cpp:

(TestWebKitAPI::TEST):
(TestWebKitAPI::build): Deleted.

9:37 PM Changeset in webkit [191235] by Yusuke Suzuki

6 edits
1 add in trunk

[ES6] Implement String.prototype.normalize
https://bugs.webkit.org/show_bug.cgi?id=150094

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

This patch implements String.prototype.normalize leveraging ICU.
It can provide the feature applying {NFC, NFD, NFKC, NFKD} normalization to a given string.

runtime/StringPrototype.cpp:

(JSC::StringPrototype::finishCreation):
(JSC::normalize):
(JSC::stringProtoFuncNormalize):

tests/es6.yaml:
tests/stress/string-normalize.js: Added.

(unicode):
(shouldBe):
(shouldThrow):
(normalizeTest):

LayoutTests:

js/Object-getOwnPropertyNames-expected.txt:
js/script-tests/Object-getOwnPropertyNames.js:

8:36 PM Changeset in webkit [191234] by Alan Bujtas

10 edits in trunk/Source/WebCore

RenderBlockFlow::*logical*ForFloat should take FloatingObject reference.
https://bugs.webkit.org/show_bug.cgi?id=150266

Reviewed by Simon Fraser.

No change in behaviour.

rendering/FloatingObjects.cpp:

(WebCore::FindNextFloatLogicalBottomAdapter::collectIfNeeded):
(WebCore::ComputeFloatOffsetForFloatLayoutAdapter<FloatingObject::FloatLeft>::updateOffsetIfNeeded):
(WebCore::ComputeFloatOffsetForFloatLayoutAdapter<FloatingObject::FloatRight>::updateOffsetIfNeeded):
(WebCore::ComputeFloatOffsetForFloatLayoutAdapter<FloatTypeValue>::heightRemaining):
(WebCore::ComputeFloatOffsetAdapter<FloatTypeValue>::collectIfNeeded):
(WebCore::ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatLeft>::updateOffsetIfNeeded):
(WebCore::ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatRight>::updateOffsetIfNeeded):

rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::rebuildFloatingObjectSetFromIntrudingFloats):
(WebCore::RenderBlockFlow::repaintOverhangingFloats):
(WebCore::RenderBlockFlow::insertFloatingObject):
(WebCore::RenderBlockFlow::removeFloatingObject):
(WebCore::RenderBlockFlow::removeFloatingObjectsBelow):
(WebCore::RenderBlockFlow::computeLogicalLocationForFloat):
(WebCore::RenderBlockFlow::positionNewFloats):
(WebCore::RenderBlockFlow::lowestFloatLogicalBottom):
(WebCore::RenderBlockFlow::lowestInitialLetterLogicalBottom):
(WebCore::RenderBlockFlow::addOverhangingFloats):
(WebCore::RenderBlockFlow::hasOverhangingFloat):
(WebCore::RenderBlockFlow::addIntrudingFloats):

rendering/RenderBlockFlow.h:

(WebCore::RenderBlockFlow::logicalTopForFloat):
(WebCore::RenderBlockFlow::logicalBottomForFloat):
(WebCore::RenderBlockFlow::logicalLeftForFloat):
(WebCore::RenderBlockFlow::logicalRightForFloat):
(WebCore::RenderBlockFlow::logicalWidthForFloat):
(WebCore::RenderBlockFlow::logicalHeightForFloat):
(WebCore::RenderBlockFlow::setLogicalTopForFloat):
(WebCore::RenderBlockFlow::setLogicalLeftForFloat):
(WebCore::RenderBlockFlow::setLogicalHeightForFloat):
(WebCore::RenderBlockFlow::setLogicalWidthForFloat):
(WebCore::RenderBlockFlow::logicalSizeForFloat): Deleted.

rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange):
(WebCore::RenderBlockFlow::checkPaginationAndFloatsAtEndLine):
(WebCore::RenderBlockFlow::positionNewFloatOnLine):

rendering/RenderBox.cpp:

(WebCore::RenderBox::addOverflowFromChild):

rendering/RenderBox.h:

(WebCore::RenderBox::addOverflowFromChild):

rendering/line/BreakingContext.h:

(WebCore::BreakingContext::handleFloat):

rendering/line/LineWidth.cpp:

(WebCore::newFloatShrinksLine):
(WebCore::LineWidth::shrinkAvailableWidthForNewFloatIfNeeded):

rendering/shapes/ShapeOutsideInfo.cpp:

(WebCore::ShapeOutsideInfo::computeDeltasForContainingBlockLine):

7:15 PM Changeset in webkit [191233] by commit-queue@webkit.org

3 edits
2 adds in trunk

Avoid to insert TAB before HTML element.
https://bugs.webkit.org/show_bug.cgi?id=149295
<rdar://problem/22746706>

Patch by Jiewen Tan <jiewen_tan@apple.com> on 2015-10-16
Reviewed by Ryosuke Niwa.

Source/WebCore:

This is a merge of Blink r175047:
https://codereview.chromium.org/306583005

This patch avoids InsertTextCommand::insertTab before HTML element because
we can't set Text node as document element.

Test: editing/execCommand/insert-tab-to-html-element-crash.html

editing/InsertTextCommand.cpp:

(WebCore::InsertTextCommand::insertTab):

LayoutTests:

editing/execCommand/insert-tab-to-html-element-crash-expected.txt: Added.
editing/execCommand/insert-tab-to-html-element-crash.html: Added.

5:51 PM Changeset in webkit [191232] by matthew_hanson@apple.com

5 edits in branches/safari-601.1.46-branch/Source

Versioning.

5:46 PM Changeset in webkit [191231] by matthew_hanson@apple.com

5 edits in branches/safari-601-branch/Source

Versioning.

4:57 PM Changeset in webkit [191230] by ggaren@apple.com

5 edits in trunk/Source/JavaScriptCore

Update JavaScriptCore API docs
https://bugs.webkit.org/show_bug.cgi?id=150262

Reviewed by Mark Lam.

Apply some edits for clarity. These came out of a docs review.

API/JSContext.h:
API/JSExport.h:
API/JSManagedValue.h:
API/JSValue.h:

4:48 PM Changeset in webkit [191229] by commit-queue@webkit.org

10 edits
2 deletes in trunk

Unreviewed, rolling out r191204.
https://bugs.webkit.org/show_bug.cgi?id=150263

This change is causing existing tests to fail (Requested by
ryanhaddad on #webkit).

Reverted changeset:

"Computed style should work correctly with slotted elements
that have display:none"
https://bugs.webkit.org/show_bug.cgi?id=150237
http://trac.webkit.org/changeset/191204

4:47 PM Changeset in webkit [191228] by Wenson Hsieh

10 edits
1 copy
1 add in trunk/Source/WebKit2

Add a WKWebView input delegate SPI
https://bugs.webkit.org/show_bug.cgi?id=149646

Reviewed by Dan Bernstein.

Renames the existing _WKFormDelegate to _WKInputDelegate and adds a new delegate SPI method
-[_WKInputDelegate _webView:focusShouldStartInputSession:] that allows clients to allow or
disallow showing up the keyboard. To make this decision, clients are given a
_WKFocusedElementInfo, which contains information about the focused element prior to the
keyboard showing up so the client will be able to override default assistance behavior.

While the information contained in a _WKFocusedElementInfo currently seems like overkill for
_webView:focusShouldStartInputSession, our intentions are to give WebKit clients control over more
details of how node assistance works, such as being able to use a custom editor for certain
types of nodes.

Shared/API/Cocoa/WebKitPrivate.h: Added new header _WKFocusedElementInfo.h.
UIProcess/API/Cocoa/WKWebView.h:
UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _inputDelegate]):
(-[WKWebView _formDelegate]):
(-[WKWebView _setInputDelegate:]):
(-[WKWebView _setFormDelegate:]):
(-[WKWebView initWithFrame:configuration:]): Deleted canAssistOnProgrammaticFocus flag.
(-[WKWebView canAssistOnProgrammaticFocus]): Ditto.
(-[WKWebView setCanAssistOnProgrammaticFocus:]): Ditto.

UIProcess/API/Cocoa/WKWebViewConfiguration.h:
UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]): Deleted.
(-[WKWebViewConfiguration _canAssistOnProgrammaticFocus]): Deleted canAssistOnProgrammaticFocus flag.
(-[WKWebViewConfiguration _setCanAssistOnProgrammaticFocus:]): Ditto.

UIProcess/API/Cocoa/WKWebViewPrivate.h:
UIProcess/API/Cocoa/_WKFocusedElementInfo.h: Added.
UIProcess/API/Cocoa/_WKFormDelegate.h:
UIProcess/API/Cocoa/_WKInputDelegate.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/_WKFormDelegate.h.
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKFocusedElementInfo initWithAssistedNodeInformation:isInteracting:]):
(-[WKFocusedElementInfo type]):
(-[WKFocusedElementInfo value]):
(-[WKFocusedElementInfo isUserInitiated]):
(-[WKContentView accessoryAutoFill]):
(-[WKContentView _startAssistingNode:userIsInteracting:blurPreviousNode:userObject:]): If the input delegate responds to

shouldStartInputSession, consult it to see if we should bring up the keyboard; otherwise, use our default behavior.

WebKit2.xcodeproj/project.pbxproj:

4:46 PM Changeset in webkit [191227] by matthew_hanson@apple.com

1 copy in tags/Safari-601.1.46.42

New Tag.

4:45 PM Changeset in webkit [191226] by matthew_hanson@apple.com

1 copy in tags/Safari-601.3.4

New Tag.

4:40 PM Changeset in webkit [191225] by keith_miller@apple.com

2 edits in trunk/Source/JavaScriptCore

Unreviewed. Fix typo in TypeError messages in TypedArray.prototype.forEach/filter.

builtins/TypedArray.prototype.js:

(forEach):
(filter):

4:26 PM Changeset in webkit [191224] by mark.lam@apple.com

16 edits
1 add in trunk/Source/JavaScriptCore

Use JITSubGenerator to support UntypedUse operands for op_sub in the DFG.
https://bugs.webkit.org/show_bug.cgi?id=150038

Reviewed by Geoffrey Garen.

bytecode/SpeculatedType.h:

(JSC::isUntypedSpeculationForArithmetic): Added

Also fixed some comments.

dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGAbstractValue.cpp:

(JSC::DFG::AbstractValue::resultType):

dfg/DFGAbstractValue.h:
Added function to compute the ResultType of an operand from its SpeculatedType.

dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

Fix up ArithSub to speculate its operands to be numbers. But if an OSR exit due to a BadType was seen at this node, we'll fix it up to expect UntypedUse operands. This gives the generated code a change to run fast if it only receives numeric operands.

dfg/DFGNode.h:

(JSC::DFG::Node::shouldSpeculateUntypedForArithmetic):

dfg/DFGOperations.cpp:
dfg/DFGOperations.h:
Add the C++ runtime function to implement op_sub when we really encounter the hard types in the operands.

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileArithSub):

Added support for UntypedUse operands using the JITSubGenerator.

dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::silentSpillAllRegisters):
(JSC::DFG::SpeculativeJIT::pickCanTrample):
(JSC::DFG::SpeculativeJIT::callOperation):

ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

Just refuse to FTL compile functions with UntypedUse op_sub operands for now.

jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::boxDouble):
(JSC::AssemblyHelpers::unboxDoubleNonDestructive):
(JSC::AssemblyHelpers::unboxDouble):
(JSC::AssemblyHelpers::boxBooleanPayload):

jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_sub):

jit/JITSubGenerator.h:

(JSC::JITSubGenerator::generateFastPath):
(JSC::JITSubGenerator::endJumpList):

Added some asserts to document the contract that this generator expects in terms of its incoming registers.

Also fixed the generated code to not be destructive with regards to incoming
registers. The DFG expects this.

Also added an endJumpList so that we don't have to jump twice for the fast
path where both operands are ints.

parser/ResultType.h:

(JSC::ResultType::ResultType):

Make the internal Type bits and the constructor private. Clients should only create ResultType values using one of the provided factory methods.

tests/stress/op_sub.js: Added.

(o1.valueOf):
(stringify):
(generateScenarios):
(printScenarios):
(testCases.func):
(func):
(initializeTestCases):
(runTest):

test op_sub results by comparing one LLINT result against the output of multiple LLINT, and JIT runs. This test assume that we'll at least get the right result some of the time (if not all the time), and confirms that the various engines produce consistent results for all the various value pairs being tested.

4:21 PM Changeset in webkit [191223] by achristensen@apple.com

2 edits in trunk/Source/WebCore

Disabled content blockers should not block any loads
https://bugs.webkit.org/show_bug.cgi?id=150261

Reviewed by Brady Eidson.

This fix was tested manually by reloading without content blockers
on websites with iframes and content blockers that block the contents of the iframes.

page/UserContentController.cpp:

(WebCore::UserContentController::removeAllUserContentExtensions):
(WebCore::contentExtensionsEnabled):
(WebCore::UserContentController::processContentExtensionRulesForLoad):
(WebCore::UserContentController::actionsForResourceLoad):
Check the DocumentLoader of the main frame when checking if content extensions are disabled,
because that is the DocumentLoader that has the flag from reloading without content blockers.

4:15 PM Changeset in webkit [191222] by beidson@apple.com

3 edits in trunk/LayoutTests

Fix flakey test that was added for:
Modern IDB: Add versionchange events.
https://bugs.webkit.org/show_bug.cgi?id=150149

Test flakes because two events come in different orders.

The event order actually does not matter.
The test just needs to handle either order.

storage/indexeddb/modern/versionchange-event-expected.txt:
storage/indexeddb/modern/versionchange-event.html:

3:53 PM Changeset in webkit [191221] by fpizlo@apple.com

12 edits
3 adds in trunk/Source/JavaScriptCore

CopyBarrier must be avoided for slow TypedArrays
https://bugs.webkit.org/show_bug.cgi?id=150217
rdar://problem/23128791

Reviewed by Michael Saboff.

Change how we access array buffer views so that we don't fire the barrier slow path, and
don't mask off the spaceBits, if the view is not FastTypedArray. That's because in that case
m_vector could be misaligned and so have meaningful non-space data in the spaceBits. Also in
that case, m_vector does not point into copied space.

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset):

ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::DFG::LowerDFGToLLVM::loadVectorWithBarrier):
(JSC::FTL::DFG::LowerDFGToLLVM::copyBarrier):
(JSC::FTL::DFG::LowerDFGToLLVM::isInToSpace):
(JSC::FTL::DFG::LowerDFGToLLVM::loadButterflyReadOnly):
(JSC::FTL::DFG::LowerDFGToLLVM::loadVectorReadOnly):
(JSC::FTL::DFG::LowerDFGToLLVM::removeSpaceBits):
(JSC::FTL::DFG::LowerDFGToLLVM::isFastTypedArray):
(JSC::FTL::DFG::LowerDFGToLLVM::baseIndex):

heap/CopyBarrier.h:

(JSC::CopyBarrierBase::getWithoutBarrier):
(JSC::CopyBarrierBase::getPredicated):
(JSC::CopyBarrierBase::get):
(JSC::CopyBarrierBase::copyState):
(JSC::CopyBarrier::get):
(JSC::CopyBarrier::getPredicated):
(JSC::CopyBarrier::set):

heap/Heap.cpp:

(JSC::Heap::copyBarrier):

jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::branchIfNotType):
(JSC::AssemblyHelpers::branchIfFastTypedArray):
(JSC::AssemblyHelpers::branchIfNotFastTypedArray):
(JSC::AssemblyHelpers::loadTypedArrayVector):
(JSC::AssemblyHelpers::purifyNaN):

jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::branchStructure):
(JSC::AssemblyHelpers::branchIfToSpace):
(JSC::AssemblyHelpers::branchIfNotToSpace):
(JSC::AssemblyHelpers::removeSpaceBits):
(JSC::AssemblyHelpers::addressForByteOffset):

jit/JITPropertyAccess.cpp:

(JSC::JIT::emitIntTypedArrayGetByVal):
(JSC::JIT::emitFloatTypedArrayGetByVal):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

runtime/JSArrayBufferView.h:

(JSC::JSArrayBufferView::vector):
(JSC::JSArrayBufferView::length):

runtime/JSArrayBufferViewInlines.h:

(JSC::JSArrayBufferView::byteOffset):

runtime/JSGenericTypedArrayView.h:

(JSC::JSGenericTypedArrayView::typedVector):

runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::copyBackingStore):
(JSC::JSGenericTypedArrayView<Adaptor>::slowDownAndWasteMemory):

tests/stress/misaligned-int8-view-byte-offset.js: Added.
tests/stress/misaligned-int8-view-read.js: Added.
tests/stress/misaligned-int8-view-write.js: Added.

3:51 PM Changeset in webkit [191220] by keith_miller@apple.com

2 edits in trunk/Source/JavaScriptCore

Unreviewed. Build fix for 191215.

jit/IntrinsicEmitter.cpp:

3:44 PM Changeset in webkit [191219] by Brent Fulgham

2 edits in trunk/LayoutTests

Test fix after r191211

Tell the 'Plug-ins.html' test to allow enumeration of all plugins.

fast/dom/Window/Plug-ins.html:

3:41 PM Changeset in webkit [191218] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Removing non-existent test from test expectations file
https://bugs.webkit.org/show_bug.cgi?id=150250

Patch by Ryan Haddad <Ryan Haddad> on 2015-10-16
Reviewed by Simon Fraser.

platform/mac/TestExpectations:

3:37 PM Changeset in webkit [191217] by Alan Bujtas

2 edits in trunk/LayoutTests

[Win] Update initial-letter test expectation for Win port.

Unreviewed gardening.

platform/win/TestExpectations:

3:31 PM Changeset in webkit [191216] by Simon Fraser

26 edits
2 copies in trunk/Source

Make TextStream the canonical way to log classes in WebCore
https://bugs.webkit.org/show_bug.cgi?id=150256

Reviewed by Sam Weinig.

We vacillated between PrintStream and TextStream as being the canonical way
to stringify WebCore data structures. This patch solidifies TextStream
as the solution, since it has convenient stream syntax, and is what we
use for render tree dumps.

Remove TextStream member functions that output non-simple structs
(sizes, points and rects), replacing them with free operator<< functions
in the .cpp file for the relevant class. Formatting is currently consistent
with RenderTreeAsText output, to avoid breaking tests.

Remove custom FloatRect outputting in SVG and RemoteLayerTreeTransaction.

Source/WebCore:

CMakeLists.txt:
WebCore.xcodeproj/project.pbxproj:
platform/graphics/FloatPoint.cpp:

(WebCore::operator<<):
(WebCore::FloatPoint::dump): Deleted.

platform/graphics/FloatPoint.h:
platform/graphics/FloatRect.cpp:

(WebCore::operator<<):
(WebCore::FloatRect::dump): Deleted.

platform/graphics/FloatRect.h:
platform/graphics/FloatSize.cpp:

(WebCore::FloatSize::FloatSize):
(WebCore::operator<<):
(WebCore::FloatSize::dump): Deleted.

platform/graphics/FloatSize.h:
platform/graphics/IntPoint.cpp:

(WebCore::operator<<):
(WebCore::IntPoint::dump): Deleted.

platform/graphics/IntPoint.h:
platform/graphics/IntRect.cpp:

(WebCore::operator<<):
(WebCore::IntRect::dump): Deleted.

platform/graphics/IntRect.h:
platform/graphics/IntSize.cpp:

(WebCore::operator<<):
(WebCore::IntSize::dump): Deleted.

platform/graphics/IntSize.h:
platform/graphics/LayoutPoint.cpp: Copied from Source/WebCore/platform/graphics/IntPoint.cpp.

(WebCore::operator<<):

platform/graphics/LayoutPoint.h:
platform/graphics/LayoutRect.cpp:

(WebCore::operator<<):

platform/graphics/LayoutRect.h:
platform/graphics/LayoutSize.cpp: Copied from Source/WebCore/platform/graphics/IntPoint.cpp.

(WebCore::operator<<):

platform/graphics/LayoutSize.h:
platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:

(WebCore::MediaSampleAVFObjC::dump):

platform/text/TextStream.cpp:

(WebCore::TextStream::operator<<):

platform/text/TextStream.h:
rendering/svg/SVGRenderTreeAsText.cpp:

(WebCore::operator<<): Deleted.

Source/WebKit2:

Shared/Scrolling/RemoteScrollingCoordinatorTransaction.cpp:

(WebKit::RemoteScrollingTreeTextStream::operator<<): Deleted.

Shared/mac/RemoteLayerTreeTransaction.mm:

(WebKit::RemoteLayerTreeTextStream::operator<<): Deleted.

3:18 PM Changeset in webkit [191215] by keith_miller@apple.com

35 edits
5 adds in trunk

Add Intrinsic Getters and use them to fix performance on the getters of TypedArray properties.
https://bugs.webkit.org/show_bug.cgi?id=149687

Patch by Keith Miller <keith@Keiths-MacBook-Pro-5.local> on 2015-10-16
Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

Add the ability to create intrinsic getters in both the inline cache and the DFG/FTL. When the
getter fetched by a GetById has an intrinsic we know about we add a new intrinsic access case.
Once we get to the DFG, we observe that the access case was an intrinsic and add an appropriate
GetByIdVariant. We then parse the intrinsic into an appropriate DFG node.

The first intrinsics are the new TypedArray prototype getters length, byteLength, and byteOffset.

CMakeLists.txt:
JavaScriptCore.xcodeproj/project.pbxproj:
bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback):
(JSC::GetByIdStatus::computeFor):

bytecode/GetByIdVariant.cpp:

(JSC::GetByIdVariant::GetByIdVariant):
(JSC::GetByIdVariant::operator=):
(JSC::GetByIdVariant::canMergeIntrinsicStructures):
(JSC::GetByIdVariant::attemptToMerge):
(JSC::GetByIdVariant::dumpInContext):

bytecode/GetByIdVariant.h:

(JSC::GetByIdVariant::intrinsicFunction):
(JSC::GetByIdVariant::intrinsic):
(JSC::GetByIdVariant::callLinkStatus): Deleted.

bytecode/PolymorphicAccess.cpp:

(JSC::AccessGenerationState::addWatchpoint):
(JSC::AccessGenerationState::restoreScratch):
(JSC::AccessGenerationState::succeed):
(JSC::AccessGenerationState::calculateLiveRegistersForCallAndExceptionHandling):
(JSC::AccessGenerationState::preserveLiveRegistersToStackForCall):
(JSC::AccessGenerationState::restoreLiveRegistersFromStackForCall):
(JSC::AccessGenerationState::restoreLiveRegistersFromStackForCallWithThrownException):
(JSC::AccessGenerationState::callSiteIndexForExceptionHandlingOrOriginal):
(JSC::AccessGenerationState::originalExceptionHandler):
(JSC::AccessGenerationState::originalCallSiteIndex):
(JSC::AccessCase::getIntrinsic):
(JSC::AccessCase::clone):
(JSC::AccessCase::visitWeak):
(JSC::AccessCase::generate):
(WTF::printInternal):
(JSC::AccessCase::AccessCase): Deleted.
(JSC::AccessCase::get): Deleted.
(JSC::AccessCase::replace): Deleted.
(JSC::AccessCase::transition): Deleted.

bytecode/PolymorphicAccess.h:

(JSC::AccessCase::isGet):
(JSC::AccessCase::isPut):
(JSC::AccessCase::isIn):
(JSC::AccessCase::intrinsicFunction):
(JSC::AccessCase::intrinsic):
(JSC::AccessGenerationState::AccessGenerationState):
(JSC::AccessGenerationState::liveRegistersForCall):
(JSC::AccessGenerationState::callSiteIndexForExceptionHandling):
(JSC::AccessGenerationState::numberOfStackBytesUsedForRegisterPreservation):
(JSC::AccessGenerationState::needsToRestoreRegistersIfException):
(JSC::AccessGenerationState::liveRegistersToPreserveAtExceptionHandlingCallSite):

bytecode/PutByIdVariant.h:

(JSC::PutByIdVariant::intrinsic):

dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGArrayMode.cpp:

(JSC::DFG::ArrayMode::alreadyChecked):
(JSC::DFG::arrayTypeToString):
(JSC::DFG::toTypedArrayType):
(JSC::DFG::refineTypedArrayType):
(JSC::DFG::permitsBoundsCheckLowering):

dfg/DFGArrayMode.h:

(JSC::DFG::ArrayMode::supportsLength):
(JSC::DFG::ArrayMode::isSomeTypedArrayView):

dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::attemptToInlineCall):
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
(JSC::DFG::ByteCodeParser::handleIntrinsicGetter):
(JSC::DFG::ByteCodeParser::load):
(JSC::DFG::ByteCodeParser::handleGetById):
(JSC::DFG::ByteCodeParser::presenceLike): Deleted.
(JSC::DFG::ByteCodeParser::store): Deleted.

dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::convertToGetArrayLength): Deleted.
(JSC::DFG::FixupPhase::prependGetArrayLength): Deleted.
(JSC::DFG::FixupPhase::fixupChecksInBlock): Deleted.

dfg/DFGGraph.cpp:

(JSC::DFG::Graph::tryGetFoldableView):

dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::checkArray):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):

ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::DFG::LowerDFGToLLVM::compileGetArrayLength):

jit/IntrinsicEmitter.cpp: Added.

(JSC::AccessCase::canEmitIntrinsicGetter):
(JSC::AccessCase::emitIntrinsicGetter):

jit/Repatch.cpp:

(JSC::tryCacheGetByID):

runtime/Intrinsic.h:
runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::put):
(JSC::JSArrayBufferView::defineOwnProperty):
(JSC::JSArrayBufferView::deleteProperty):
(JSC::JSArrayBufferView::getOwnNonIndexPropertyNames):
(JSC::JSArrayBufferView::getOwnPropertySlot): Deleted.
(JSC::JSArrayBufferView::finalize): Deleted.

runtime/JSDataView.cpp:

(JSC::JSDataView::getOwnPropertySlot):
(JSC::JSDataView::put):
(JSC::JSDataView::defineOwnProperty):
(JSC::JSDataView::deleteProperty):
(JSC::JSDataView::getOwnNonIndexPropertyNames):

runtime/JSDataView.h:
runtime/JSFunction.h:
runtime/JSFunctionInlines.h:

(JSC::JSFunction::intrinsic):

runtime/JSGenericTypedArrayView.h:
runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlot):
(JSC::JSGenericTypedArrayView<Adaptor>::defineOwnProperty):
(JSC::JSGenericTypedArrayView<Adaptor>::deleteProperty):
(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlotByIndex): Deleted.
(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren): Deleted.

runtime/JSObject.cpp:

(JSC::JSObject::putDirectNativeIntrinsicGetter):

runtime/JSObject.h:
runtime/JSTypedArrayViewPrototype.cpp:

(JSC::JSTypedArrayViewPrototype::finishCreation):

tests/stress/typedarray-add-property-to-base-object.js: Added.

(body.foo):
(body):

tests/stress/typedarray-bad-getter.js: Added.

(body.foo):
(body.get Bar):
(body):

tests/stress/typedarray-getter-on-self.js: Added.

(body.foo):
(body.bar):
(body.baz):
(body.get for):
(body):

tests/stress/typedarray-intrinsic-getters-change-prototype.js: Added.

(body.foo):
(body.bar):
(body.baz):
(body):

LayoutTests:

Fix test since typedarrays no longer have length as a own property.

js/dom/getOwnPropertyDescriptor-expected.txt:
js/resources/getOwnPropertyDescriptor.js:

3:09 PM Changeset in webkit [191214] by timothy_horton@apple.com

3 edits in trunk/Tools

WebKit2.AutoLayoutIntegration API test is failing on some of the bots
https://bugs.webkit.org/show_bug.cgi?id=150255

Reviewed by Simon Fraser.

Scripts/run-api-tests:

(runTest):

TestWebKitAPI/Tests/WebKit2Cocoa/AutoLayoutIntegration.mm:

(-[AutoLayoutWKWebView load:withWidth:expectingContentSize:]):
(-[AutoLayoutWKWebView layoutAtMinimumWidth:andExpectContentSizeChange:]):
(-[AutoLayoutWKWebView load:expectingContentSize:]): Deleted.
(-[AutoLayoutWKWebView expectContentSizeChange:]): Deleted.
Don't set the layout size until after the load finishes and we're waiting
for the reply, so that there is no race between the new size coming in
and us waiting for it.

2:58 PM Changeset in webkit [191213] by andersca@apple.com

5 edits in trunk

WebEditingDelegate should be a formal protocol
https://bugs.webkit.org/show_bug.cgi?id=150254
<rdar://problem/23149847>

Reviewed by Dan Bernstein.

Source/WebKit/mac:

WebView/WebEditingDelegate.h:

Move all the delegate methods inside the protocol declaration. Also make the header self-contained.

WebView/WebView.h:

Change the type of the editing delegate and make it assign.

Tools:

DumpRenderTree/mac/EditingDelegate.h:

Conform to the WebEditingDelegate protocol.

2:40 PM Changeset in webkit [191212] by keith_miller@apple.com

4 edits
1 add in trunk/Source/JavaScriptCore

Fix some issues with TypedArrays
https://bugs.webkit.org/show_bug.cgi?id=150216

Reviewed by Geoffrey Garen.

This fixes a couple of issues:
1) The DFG had a separate case for creating new typedarrays in the dfg when the first argument is an object.

Since the code for creating a Typedarray in the dfg is almost the same as the code in Baseline/LLInt
the two cases have been merged.

2) If the length property on an object was unset then the construction could crash.
3) The TypedArray.prototype.set function and the TypedArray constructor should not call Get for the

length of the source object when the source object is a TypedArray.

4) The conditions that were used to decide if the iterator could be skipped were incorrect.

Instead of checking for have a bad time we should have checked the Indexing type did not allow for
indexed accessors.

dfg/DFGOperations.cpp:
runtime/JSGenericTypedArrayViewConstructorInlines.h:

(JSC::constructGenericTypedArrayViewWithArguments):
(JSC::constructGenericTypedArrayView):
(JSC::constructGenericTypedArrayViewWithFirstArgument): Deleted.

2:25 PM Changeset in webkit [191211] by Brent Fulgham

11 edits in trunk

Hide all plugin names except Flash, Java, and QuickTime
https://bugs.webkit.org/show_bug.cgi?id=149014

Reviewed by Darin Adler.

Source/WebCore:

Revise plugin interface so that sites cannot iterate over all plugins to obtain
a list of installed plugins for fingerprinting purposes. Sites need to ask for
specific plugins by name, rather than iterating and comparing to avoid making
this information accessible for fingerprinting purposes.

plugins/DOMPluginArray.cpp:

(WebCore::DOMPluginArray::length): Only return length of the plugins we are
allowing to be seen.
(WebCore::DOMPluginArray::item): Only iterate through the plugins we are
allowing to be seen.

plugins/PluginData.cpp:

(WebCore::PluginData::publiclyVisiblePlugins): Added.

plugins/PluginData.h:

LayoutTests:

Update tests to notify internals that all plugins should be shown, not
just the publicly available ones.

plugins/plugin-javascript-access.html:
plugins/script-tests/navigator-mimeTypes-length.js:

2:10 PM Changeset in webkit [191210] by beidson@apple.com

9 edits in trunk/Source/WebCore

"enum class" some IDB enums.
https://bugs.webkit.org/show_bug.cgi?id=150246

Reviewed by Alex Christensen.

No new tests (No change in behavior).

Modules/indexeddb/IDBKeyPath.cpp:

(WebCore::IDBIsValidKeyPath):
(WebCore::IDBParseKeyPath):
(WebCore::IDBKeyPath::IDBKeyPath):
(WebCore::IDBKeyPath::isValid):
(WebCore::IDBKeyPath::operator==):
(WebCore::IDBKeyPath::encode):
(WebCore::IDBKeyPath::decode):

Modules/indexeddb/IDBKeyPath.h:

(WebCore::IDBKeyPath::IDBKeyPath):
(WebCore::IDBKeyPath::type):
(WebCore::IDBKeyPath::array):
(WebCore::IDBKeyPath::string):
(WebCore::IDBKeyPath::isNull):
(WebCore::IDBKeyPath::encode):
(WebCore::IDBKeyPath::decode):

Modules/indexeddb/IndexedDB.h:
Modules/indexeddb/legacy/LegacyDatabase.cpp:

(WebCore::LegacyDatabase::createObjectStore):

Modules/indexeddb/legacy/LegacyObjectStore.cpp:

(WebCore::LegacyObjectStore::createIndex):

bindings/js/IDBBindingUtilities.cpp:

(WebCore::internalCreateIDBKeyFromScriptValueAndKeyPath):
(WebCore::injectIDBKeyIntoScriptValue):
(WebCore::createIDBKeyFromScriptValueAndKeyPath):
(WebCore::canInjectIDBKeyIntoScriptValue):

bindings/js/JSIDBAnyCustom.cpp:

(WebCore::toJS):

inspector/InspectorIndexedDBAgent.cpp:

2:10 PM Changeset in webkit [191209] by matthew_hanson@apple.com

2 edits in branches/safari-601-branch/Source/WebInspectorUI

Follow-up fix for r190246. rdar://problem/22939682

Unreviewed.

In merging r190246, I neglected to change two consts to vars, as per Joe's merge instructions.

UserInterface/Views/ResourceSidebarPanel.js:

(WebInspector.ResourceSidebarPanel.prototype._scriptsCleared):
const -> var

2:08 PM Changeset in webkit [191208] by andersca@apple.com

2 edits in trunk/Source/WebCore

Add indexeddb/shared to the include paths.

WebCore.vcxproj/WebCoreIncludeCommon.props:

2:06 PM Changeset in webkit [191207] by andersca@apple.com

3 edits in trunk/Source/JavaScriptCore

Fix Windows build.

JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:

2:06 PM Changeset in webkit [191206] by msaboff@apple.com

11 edits in trunk

REGRESSION (r191175): Still crashing when clicking back button on netflix.com
https://bugs.webkit.org/show_bug.cgi?id=150251

Rubber stamped by Filip Pizlo.

Turning off Tail Calls and disabling tests until the crash is fixed.

Source/JavaScriptCore:

runtime/Options.h:
tests/es6.yaml:
tests/stress/dfg-tail-calls.js:

(nonInlinedTailCall.callee):

tests/stress/mutual-tail-call-no-stack-overflow.js:

(shouldThrow):

tests/stress/tail-call-in-inline-cache.js:

(tail):

tests/stress/tail-call-no-stack-overflow.js:

(shouldThrow):

tests/stress/tail-call-recognize.js:

(callerMustBeRun):

tests/stress/tail-call-varargs-no-stack-overflow.js:

(shouldThrow):

LayoutTests:

js/caller-property-expected.txt:

2:02 PM Changeset in webkit [191205] by andersca@apple.com

4 edits in trunk/Source/WebKit2

Remove some dead menu code
https://bugs.webkit.org/show_bug.cgi?id=150247

Reviewed by Andreas Kling.

Shared/WebContextMenuItemData.cpp:

(WebKit::WebContextMenuItemData::WebContextMenuItemData):
(WebKit::WebContextMenuItemData::encode): Deleted.

Shared/WebContextMenuItemData.h:

(WebKit::WebContextMenuItemData::selectionHandler): Deleted.

UIProcess/mac/WebContextMenuProxyMac.mm:

(WebKit::nsMenuItem):

1:50 PM Changeset in webkit [191204] by Antti Koivisto

10 edits
2 adds in trunk

Computed style should work correctly with slotted elements that have display:none
https://bugs.webkit.org/show_bug.cgi?id=150237

Reviewed by Andreas Kling.

Source/WebCore:

If an element has display:none we don't normally retain or even compute its style (as it is not rendered).
If getComputedStyle is invoked for such element we resolve the style (along with any ancestors) and cache
it separately to rare data. This path needs to work with slotted elements in shadow trees.

This patch also make computedStyle() iterative rather than recursive.

Test: fast/shadow-dom/computed-style-display-none.html

dom/Document.cpp:

(WebCore::Document::styleForElementIgnoringPendingStylesheets):

Pass in the parent style instead of invoking computedStyle() recursively.

dom/Document.h:
dom/Element.cpp:

(WebCore::beforeOrAfterPseudoElement):
(WebCore::Element::existingComputedStyle):
(WebCore::Element::resolveComputedStyle):

Iterative resolve function that uses composed tree iterator.

(WebCore::Element::computedStyle):

Factor into helpers.

dom/Element.h:
dom/Node.cpp:

(WebCore::Node::computedStyle):

Use the composed tree iterator.

LayoutTests:

editing/style/apply-style-atomic-expected.txt:

Rebase.

fast/css/getComputedStyle/getComputedStyle-with-pseudo-element-expected.txt:
fast/css/getComputedStyle/getComputedStyle-with-pseudo-element.html:

We now also compute style of display:none pseudo elements correctly.
This is a progression and matches other browsers.

fast/shadow-dom/computed-style-display-none-expected.txt: Added.
fast/shadow-dom/computed-style-display-none.html: Added.

1:46 PM Changeset in webkit [191203] by Alan Bujtas

3 edits in trunk/LayoutTests

[iOS] Update initial-letter results for iOS port.

Unreviewed gardening.

platform/ios-simulator/fast/css-generated-content/initial-letter-basic-expected.txt:
platform/ios-simulator/fast/css-generated-content/initial-letter-sunken-expected.txt:

1:36 PM Changeset in webkit [191202] by mark.lam@apple.com

4 edits in trunk/Source/JavaScriptCore

Add MacroAssembler::callProbe() for supporting lambda JIT probes.
https://bugs.webkit.org/show_bug.cgi?id=150186

Reviewed by Geoffrey Garen.

With callProbe(), we can now make probes that are lambdas. For example, we can
now conveniently add probes like so:

When you know exactly which register you want to inspect:
jit.callProbe([] (MacroAssembler::ProbeContext* context) {

intptr_t value = reinterpret_cast<intptr_t>(context->cpu.eax);
dataLogF("eax %p\n", context->cpu.eax); Inspect the register.
ASSERT(value > 10); Add test code for debugging.

});

When you want to inspect whichever register the JIT allocated:
auto reg = op1.gpr();
jit.callProbe([reg] (MacroAssembler::ProbeContext* context) {

intptr_t value = reinterpret_cast<intptr_t>(context->gpr(reg));
dataLogF("reg %s: %ld\n", context->gprName(reg), value);
ASSERT(value > 10);

});

callProbe() is only meant to be used for debugging sessions. It is not
appropriate to use it in permanent code (even for debug builds).
This is because:

The probe mechanism saves and restores all (and I really mean "all") registers, and is inherently slow.
callProbe() currently works by allocating (via new) a std::function to guarantee that it is persisted for the duration that the JIT generated code is live. We don't currently delete it ever i.e. it leaks a bit of memory each time the JIT generates code that contains such a lambda probe.

These limitations are acceptable for a debugging session (assuming you're not
debugging a memory leak), but not for deployment code. If there's a need, we can
plug that leak in another patch.

assembler/AbstractMacroAssembler.h:

(JSC::AbstractMacroAssembler::CPUState::fpr):

Removed an unnecessary empty line.

(JSC::AbstractMacroAssembler::ProbeContext::gpr):
(JSC::AbstractMacroAssembler::ProbeContext::fpr):
(JSC::AbstractMacroAssembler::ProbeContext::gprName):
(JSC::AbstractMacroAssembler::ProbeContext::fprName):

Added some convenience functions that will make using the probe mechanism easier.

assembler/MacroAssembler.cpp:

(JSC::StdFunctionData::StdFunctionData):
(JSC::stdFunctionCallback):
(JSC::MacroAssembler::callProbe):

assembler/MacroAssembler.h:

1:29 PM Changeset in webkit [191201] by hyatt@apple.com

2 edits in trunk/Source/WebCore

ASSERT in imported/blink/fast/block/float/overhanging-float-crashes-when-sibling-becomes-formatting-context.html
https://bugs.webkit.org/show_bug.cgi?id=150249

Reviewed by Myles Maxfield.

Covered by existing tests.

css/CSSValue.cpp:

(WebCore::CSSValue::equals):
Make sure the "unset" value has an equals implementation.

1:27 PM Changeset in webkit [191200] by akling@apple.com

3 edits in trunk/Source/JavaScriptCore

Remove unused StructureRareData::m_cachedGenericPropertyNameEnumerator.
<https://webkit.org/b/150244>

Reviewed by Geoffrey Garen.

Remove an unused field from StructureRareData.

runtime/StructureRareData.cpp:

(JSC::StructureRareData::visitChildren): Deleted.

runtime/StructureRareData.h:

1:05 PM Changeset in webkit [191199] by matthew_hanson@apple.com

12 edits
2 adds in branches/safari-601.1.46-branch

Merge r190752. rdar://problem/23110932

1:04 PM Changeset in webkit [191198] by beidson@apple.com

8 edits
2 adds in trunk

Source/WebCore:
Modern IDB: Handle versionchange events.
https://bugs.webkit.org/show_bug.cgi?id=150149

Reviewed by Alex Christensen.

Test: storage/indexeddb/modern/versionchange-event.html

IDBVersionChangeEvents are now dispatched to open connections when a version upgrade request comes in.
Once all of those open connections have closed, the version upgrade request is handled.

Modules/indexeddb/client/IDBConnectionToServer.cpp:

(WebCore::IDBClient::IDBConnectionToServer::fireVersionChangeEvent):
(WebCore::IDBClient::IDBConnectionToServer::registerDatabaseConnection):
(WebCore::IDBClient::IDBConnectionToServer::unregisterDatabaseConnection):

Modules/indexeddb/client/IDBConnectionToServer.h:

Modules/indexeddb/client/IDBDatabaseImpl.cpp:

(WebCore::IDBClient::IDBDatabase::fireVersionChangeEvent):

Modules/indexeddb/client/IDBDatabaseImpl.h:

Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::UniqueIDBDatabase):
(WebCore::IDBServer::UniqueIDBDatabase::connectionClosedFromClient):
(WebCore::IDBServer::UniqueIDBDatabase::invokeTransactionScheduler):
(WebCore::IDBServer::UniqueIDBDatabase::transactionSchedulingTimerFired):

Modules/indexeddb/server/UniqueIDBDatabase.h:

LayoutTests:
Modern IDB: Add versionchange events.
https://bugs.webkit.org/show_bug.cgi?id=150149

Reviewed by Alex Christensen.

storage/indexeddb/modern/versionchange-event-expected.txt: Added.
storage/indexeddb/modern/versionchange-event.html: Added.

1:02 PM Changeset in webkit [191197] by mark.lam@apple.com

2 edits in trunk/Source/WTF

Always enable MASM_PROBE for debug builds.
https://bugs.webkit.org/show_bug.cgi?id=150190

Reviewed by Geoffrey Garen.

wtf/Platform.h:

12:59 PM Changeset in webkit [191196] by ggaren@apple.com

6 edits in trunk/Source/bmalloc

bmalloc: per-thread cache data structure should be smaller
https://bugs.webkit.org/show_bug.cgi?id=150218

Reviewed by Andreas Kling.

Reduce the number of entries in the range cache because it's really
big, and the bigness only helps in cases of serious fragmentation, and
it only saves us a little bit of lock acquisition time.

bmalloc/Allocator.cpp:

(bmalloc::Allocator::scavenge):
(bmalloc::Allocator::refillAllocatorSlowCase):
(bmalloc::Allocator::refillAllocator):
(bmalloc::Allocator::allocateLarge):
(bmalloc::Allocator::allocateSlowCase):
(bmalloc::Allocator::allocateBumpRangeSlowCase): Deleted.
(bmalloc::Allocator::allocateBumpRange): Deleted.

bmalloc/Allocator.h: Pass through the empty allocator and the range

cache when refilling, and refill both. Otherwise, we always immediately
pop the last item in the range cache, wasting that slot of capacity.

bmalloc/Heap.cpp:

(bmalloc::Heap::allocateSmallBumpRanges):
(bmalloc::Heap::allocateMediumBumpRanges): Account for the fact that
the range cache is no longer big enough to guarantee that it can hold
all the ranges in a page.

(bmalloc::Heap::refillSmallBumpRangeCache): Deleted.
(bmalloc::Heap::refillMediumBumpRangeCache): Deleted.

bmalloc/Heap.h: Move VMHeap to the end of the object because it

contains a lot of unused / wasted space, and we want to pack our data
together in memory.

bmalloc/Sizes.h: Make the range cache smaller.

12:53 PM Changeset in webkit [191195] by Alan Bujtas

10 edits
2 adds in trunk

First line box in paragraph using initial-letter overflows.
https://bugs.webkit.org/show_bug.cgi?id=147977
<rdar://problem/22901553>

Reviewed by David Hyatt.

When initial-letter float is present, we should shrink the first
line even if it's not intersected with the block's current height.
This is because of the sunken behaviour of initial-letter.

Source/WebCore:

Test: fast/css-generated-content/initial-letter-first-line-wrapping.html

rendering/RenderBlockFlow.h:
rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::positionNewFloatOnLine):

rendering/line/BreakingContext.h:

(WebCore::BreakingContext::handleFloat):

rendering/line/LineBreaker.cpp:

(WebCore::LineBreaker::skipLeadingWhitespace):

rendering/line/LineBreaker.h:

(WebCore::LineBreaker::positionNewFloatOnLine):

rendering/line/LineWidth.cpp:

(WebCore::newFloatShrinksLine):
(WebCore::LineWidth::shrinkAvailableWidthForNewFloatIfNeeded):

rendering/line/LineWidth.h:

LayoutTests:

fast/css-generated-content/initial-letter-first-line-wrapping-expected.html: Added.
fast/css-generated-content/initial-letter-first-line-wrapping.html: Added.
platform/mac/fast/css-generated-content/initial-letter-basic-expected.txt: progression.

12:52 PM Changeset in webkit [191194] by andersca@apple.com

7 edits in trunk/Source/WebKit2

Move more code to WebContextMenuProxyMac
https://bugs.webkit.org/show_bug.cgi?id=150240

Reviewed by Tim Horton.

UIProcess/WebContextMenuProxy.h:
UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::internalShowContextMenu):

UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::contextMenuClient):

UIProcess/mac/WebContextMenuProxyMac.h:
UIProcess/mac/WebContextMenuProxyMac.mm:

(WebKit::WebContextMenuProxyMac::initializeShareMenuItem):
(WebKit::WebContextMenuProxyMac::showContextMenu):

UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::platformInitializeShareMenuItem): Deleted.

12:47 PM Changeset in webkit [191193] by keith_miller@apple.com

4 edits
1 delete in trunk/Source/JavaScriptCore

Unreviewed, rolling out r191190.

Patch needs some design changes.

Reverted changeset:

"Fix some issues with TypedArrays"
https://bugs.webkit.org/show_bug.cgi?id=150216
http://trac.webkit.org/changeset/191190

12:26 PM Changeset in webkit [191192] by youenn.fablet@crf.canon.fr

10 edits in trunk/LayoutTests

Update testharness.js to web-platform-tests version
https://bugs.webkit.org/show_bug.cgi?id=150234

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

resources/web-platform-tests-modules.json: updated testharness module version.
web-platform-tests/dom/interfaces-expected.txt: Rebased test expectation.
web-platform-tests/dom/nodes/Document-contentType/contentType/contenttype_datauri_01-expected.txt: Ditto.
web-platform-tests/dom/nodes/Document-contentType/contentType/contenttype_datauri_02-expected.txt: Ditto.
web-platform-tests/dom/nodes/Node-isEqualNode-expected.txt: Ditto.
web-platform-tests/html/dom/interfaces-expected.txt: Ditto.
web-platform-tests/html/dom/interfaces.html: Removed a method from Window as this is timing out the test otherwise.

LayoutTests:

resources/testharness.js:

(WindowTestEnvironment):
(WindowTestEnvironment.prototype._dispatch):
(WindowTestEnvironment.prototype._forEach_windows):
(WindowTestEnvironment.prototype.on_tests_ready):
(WindowTestEnvironment.prototype.setup_messages):
(WindowTestEnvironment.prototype.next_default_test_name):
(WindowTestEnvironment.prototype.on_new_harness_properties):
(WindowTestEnvironment.prototype.add_on_loaded_callback):
(WindowTestEnvironment.prototype.test_timeout):
(WindowTestEnvironment.prototype.global_scope):
(WorkerTestEnvironment):
(WorkerTestEnvironment.prototype._dispatch):
(WorkerTestEnvironment.prototype._add_message_port):
(WorkerTestEnvironment.prototype.next_default_test_name):
(WorkerTestEnvironment.prototype.on_new_harness_properties):
(WorkerTestEnvironment.prototype.on_tests_ready):
(WorkerTestEnvironment.prototype.add_on_loaded_callback):
(WorkerTestEnvironment.prototype.test_timeout):
(WorkerTestEnvironment.prototype.global_scope):
(DedicatedWorkerTestEnvironment):
(DedicatedWorkerTestEnvironment.prototype.on_tests_ready):
(SharedWorkerTestEnvironment):
(SharedWorkerTestEnvironment.prototype.on_tests_ready):
(ServiceWorkerTestEnvironment):
(ServiceWorkerTestEnvironment.prototype.add_on_loaded_callback):
(create_test_environment):
(is_shared_worker):
(is_service_worker):
(test):
(async_test):
(promise_test):
(this.wait_for):
(EventWatcher):
(setup):
(step_timeout):
(format_value): Deleted.

12:10 PM Changeset in webkit [191191] by mark.lam@apple.com

19 edits
8 deletes in trunk/Source/JavaScriptCore

Move all the probe trampolines into their respective MacroAssembler files.
https://bugs.webkit.org/show_bug.cgi?id=150239

Reviewed by Saam Barati.

This patch does not introduce any behavior changes. It only moves the
ctiMasmProbeTrampoline implementations from the respective JITStubs<CPU>.h
files to the corresponding MacroAssembler<CPU>.cpp files.

I also had to make some minor changes to get the code to build after this move:

Added #include <wtf/InlineASM.h> in the MacroAssembler<CPU>.cpp files because the ctiMasmProbeTrampoline is an inline assembly blob.
In the moved code, convert MacroAssembler:: qualifiers to the CPU specific MacroAssembler equivalent. The referenced entities were always defined in the CPU specific MacroAssembler anyway, and indirectly referenced through the generic MacroAssembler.

With this, we can get rid of all the JITStubs<CPU>.cpp files. There is one
exception: JITStubsMSVC64.asm. However, that one is unrelated to the probe
mechanism. So, I'll leave it as is.

We can also remove JITStubs.cpp and JITStubs.h which are now empty except for
some stale unused code.

This patch has been build tested for x86, x86_64, armv7, and arm64.

CMakeLists.txt:
JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
JavaScriptCore.xcodeproj/project.pbxproj:
assembler/MacroAssemblerARM.cpp:

(JSC::MacroAssemblerARM::probe):

assembler/MacroAssemblerARM64.cpp:

(JSC::arm64ProbeTrampoline):
(JSC::MacroAssemblerARM64::probe):

assembler/MacroAssemblerARMv7.cpp:

(JSC::MacroAssemblerARMv7::probe):

assembler/MacroAssemblerX86Common.cpp:
bytecode/CodeBlock.cpp:
ftl/FTLCompile.cpp:
ftl/FTLLink.cpp:
jit/JITArithmetic.cpp:
jit/JITArithmetic32_64.cpp:
jit/JITCode.h:
jit/JITExceptions.cpp:
jit/JITStubs.cpp: Removed.
jit/JITStubs.h: Removed.
jit/JITStubsARM.h: Removed.
jit/JITStubsARM64.h: Removed.
jit/JITStubsARMv7.h: Removed.
jit/JITStubsX86.h: Removed.
jit/JITStubsX86Common.h: Removed.
jit/JITStubsX86_64.h: Removed.
jit/JSInterfaceJIT.h:
llint/LLIntOffsetsExtractor.cpp:
runtime/CommonSlowPaths.cpp:

11:37 AM Changeset in webkit [191190] by keith_miller@apple.com

4 edits
1 add in trunk/Source/JavaScriptCore

Fix some issues with TypedArrays
https://bugs.webkit.org/show_bug.cgi?id=150216

Reviewed by Michael Saboff.

This fixes a couple of issues:
1) The DFG had a separate case for creating new typedarrays in the dfg when the first argument is an object.

Since the code for creating a Typedarray in the dfg is almost the same as the code in Baseline/LLInt
the two cases have been merged.

2) If the length property on an object was unset then the construction could crash.
3) The TypedArray.prototype.set function and the TypedArray constructor should not call Get for the

length of the source object when the source object is a TypedArray.

4) The conditions that were used to decide if the iterator could be skipped were incorrect.

Instead of checking for have a bad time we should have checked the Indexing type did not allow for
indexed accessors.

dfg/DFGOperations.cpp:

(JSC::DFG::newTypedArrayWithOneArgument): Deleted.

runtime/JSGenericTypedArrayViewConstructorInlines.h:

(JSC::constructGenericTypedArrayViewFromIterator):
(JSC::constructGenericTypedArrayViewWithFirstArgument):
(JSC::constructGenericTypedArrayView):

runtime/JSGenericTypedArrayViewPrototypeFunctions.h:

(JSC::genericTypedArrayViewProtoFuncSet):

tests/stress/typedarray-construct-iterator.js: Added.

(iterator.return.next):
(iterator):
(body):

11:30 AM Changeset in webkit [191189] by Chris Dumez

2 edits in trunk/LayoutTests

Unreviewed, skip imported/w3c/web-platform-tests/dom/interfaces.html on Debug builds.

This test is slow and sometimes times out.

TestExpectations:

11:24 AM Changeset in webkit [191188] by commit-queue@webkit.org

7 edits in trunk

The value sanitization algorithm for input[type=url] should strip whitespaces
https://bugs.webkit.org/show_bug.cgi?id=148864
rdar://problem/22589358

Patch by Keith Rollin <Keith Rollin> on 2015-10-16
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

Rebaseline two W3C HTML tests given changes in input[type=url].value
sanitization.

web-platform-tests/html/semantics/forms/the-input-element/type-change-state-expected.txt:
web-platform-tests/html/semantics/forms/the-input-element/url-expected.txt:

Source/WebCore:

Follow the sanitization algorithm specified in:
https://html.spec.whatwg.org/multipage/forms.html#url-state-(type=url)

Chrome also has the same issue with url.html. Firefox passes. All
three browsers have multiple issues with type-change-state.html, with
each browser having a different set of failures. Addressing this in
WebKit is another issue outside the scope of bz=148864. For now, I'm
updating that test to capture current WebKit behavior.

No new tests (covered by existing tests):

web-platform-tests/html/semantics/forms/the-input-element/type-change-state.html
web-platform-tests/html/semantics/forms/the-input-element/url.html

html/TextFieldInputType.h:
html/URLInputType.cpp:

(WebCore::URLInputType::sanitizeValue):

html/URLInputType.h:

11:20 AM Changeset in webkit [191187] by commit-queue@webkit.org

4 edits in trunk/Source/WebInspectorUI

Web Inspector: Add "unset" to CSS value autocompletion
https://bugs.webkit.org/show_bug.cgi?id=127616

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2015-10-16
Reviewed by Brian Burg.

UserInterface/Models/CSSCompletions.js:
UserInterface/Models/CSSKeywordCompletions.js:

(WebInspector.CSSKeywordCompletions.forProperty):
Treat "unset" similiar to "initial". Also, no need for "initial"
in an individual property's list. We always include it.

UserInterface/Views/VisualStyleDetailsPanel.js:

(WebInspector.VisualStyleDetailsPanel):
(WebInspector.VisualStyleDetailsPanel.prototype._populateDisplaySection):
(WebInspector.VisualStyleDetailsPanel.prototype._populateAlignmentSection):
Add "Unset" alongside "Initial".

11:01 AM Changeset in webkit [191186] by Antti Koivisto

5 edits
2 deletes in trunk/Source/WebCore

Remove NodeRenderingTraversal
https://bugs.webkit.org/show_bug.cgi?id=150226

Reviewed by Chris Dumez.

It has been reduced to an implementation detail of FocusController. Move the remaining
functions there as they have no general utility (and are wrong for focus navigation too).

CMakeLists.txt:
WebCore.xcodeproj/project.pbxproj:
dom/DOMAllInOne.cpp:
dom/NodeRenderingTraversal.cpp: Removed.
dom/NodeRenderingTraversal.h: Removed.
page/FocusController.cpp:

(WebCore::firstChildInScope):
(WebCore::lastChildInScope):
(WebCore::parentInScope):
(WebCore::nextInScope):
(WebCore::previousInScope):
(WebCore::FocusNavigationScope::FocusNavigationScope):
(WebCore::FocusNavigationScope::focusNavigationScopeOf):
(WebCore::FocusController::findElementWithExactTabIndex):
(WebCore::nextElementWithGreaterTabIndex):
(WebCore::previousElementWithLowerTabIndex):
(WebCore::FocusController::nextFocusableElement):
(WebCore::FocusController::previousFocusableElement):

10:56 AM Changeset in webkit [191185] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Fixing test expectations for css2.1/tables/table-anonymous-objects-045.xht on win
https://bugs.webkit.org/show_bug.cgi?id=150125

Patch by Ryan Haddad <Ryan Haddad> on 2015-10-16
Reviewed by Zalan Bujtas.

platform/win/css2.1/tables/table-anonymous-objects-045-expected.txt:

10:44 AM Changeset in webkit [191184] by hyatt@apple.com

2 edits in trunk/Source/WebCore

Build fix. "all" keyword introduction exposed a typo bug in the grid-area property definition.

css/CSSPropertyNames.in:

10:30 AM Changeset in webkit [191183] by timothy_horton@apple.com

10 edits
1 add in trunk

Hook up autolayout intrinsic sizing for WKWebView
https://bugs.webkit.org/show_bug.cgi?id=150219
<rdar://problem/20016905>

Reviewed by Simon Fraser.

New API test: WebKit2.AutoLayoutIntegration.

page/FrameView.cpp:

(WebCore::FrameView::autoSizeIfEnabled):
When autosizing a document in which the body expands to the size of
the view (a feature of quirks mode), the first (width-determining)
autosizing will resize the view to the document height (which is at
least the body height), and the second time around, the height will
not decrease (because it was expanded to the size of the view).

Instead, the first time around, we should use the computed width,
but shrink the height back down to the minimum, and then expand
only as much as needed to fit the content.

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView initWithFrame:configuration:]):
(-[WKWebView intrinsicContentSize]):
(-[WKWebView _setIntrinsicContentSize:]):
(-[WKWebView _minimumLayoutWidth]):
(-[WKWebView _setMinimumLayoutWidth:]):

UIProcess/API/Cocoa/WKWebViewInternal.h:
UIProcess/API/Cocoa/WKWebViewPrivate.h:

Add a simple SPI to specify the minimum width that a WKWebView will attempt
to lay out to, similar to WKView except just a width, not a size, and
with no option to force the height to the view size. Similar behavior can
be achieved by clients by setting custom autolayout constraints on the view.

UIProcess/mac/PageClientImpl.mm:

(WebKit::PageClientImpl::intrinsicContentSizeDidChange):
Forward intrinsic content size changes to the WKWebView, not its inner WKView,
if we have one.

WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::transitionToCommittedForNewPage):
Only set the autosizing fixed minimum height if we're using that behavior;
otherwise, setting it to the view's height will end up accidentally
turning on that behavior (which involves an extra layout per resize!).

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKit2Cocoa/AutoLayoutIntegration.mm: Added.

(-[AutoLayoutNavigationDelegate webView:didFinishNavigation:]):
(-[AutoLayoutWKWebView load:expectingContentSize:]):
(-[AutoLayoutWKWebView expectContentSizeChange:]):
(-[AutoLayoutWKWebView invalidateIntrinsicContentSize]):
(TEST):
Add a variety of tests, including one which catches the bug that
the WebCore part of this patch fixes.

10:18 AM Changeset in webkit [191182] by beidson@apple.com

21 edits in trunk

Modern IDB: Support IDBDatabase.close().
https://bugs.webkit.org/show_bug.cgi?id=150150

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (Covered by changes to storage/indexeddb/modern/opendatabase-versions.html).

Modules/indexeddb/client/IDBConnectionToServer.cpp:

(WebCore::IDBClient::IDBConnectionToServer::databaseConnectionClosed):

Modules/indexeddb/client/IDBConnectionToServer.h:
Modules/indexeddb/client/IDBConnectionToServerDelegate.h:

Modules/indexeddb/client/IDBDatabaseImpl.cpp:

(WebCore::IDBClient::IDBDatabase::IDBDatabase):
(WebCore::IDBClient::IDBDatabase::~IDBDatabase):
(WebCore::IDBClient::IDBDatabase::close):
(WebCore::IDBClient::IDBDatabase::maybeCloseInServer):
(WebCore::IDBClient::IDBDatabase::commitTransaction):

Modules/indexeddb/client/IDBDatabaseImpl.h:

(WebCore::IDBClient::IDBDatabase::databaseConnectionIdentifier):

Modules/indexeddb/client/IDBRequestImpl.cpp:

(WebCore::IDBClient::IDBRequest::result):

Modules/indexeddb/server/IDBServer.cpp:

(WebCore::IDBServer::IDBServer::databaseConnectionClosed):

Modules/indexeddb/server/IDBServer.h:

Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::connectionClosedFromClient):
(WebCore::IDBServer::UniqueIDBDatabase::handleOpenDatabaseOperations): Deleted.

Modules/indexeddb/server/UniqueIDBDatabase.h:

Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:

(WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection):
(WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection):
(WebCore::IDBServer::UniqueIDBDatabaseConnection::hasNonFinishedTransactions):
(WebCore::IDBServer::UniqueIDBDatabaseConnection::connectionClosedFromClient):

Modules/indexeddb/server/UniqueIDBDatabaseConnection.h:

Modules/indexeddb/shared/InProcessIDBServer.cpp:

(WebCore::InProcessIDBServer::databaseConnectionClosed):

Modules/indexeddb/shared/InProcessIDBServer.h:

LayoutTests:

storage/indexeddb/modern/opendatabase-versions-expected.txt:
storage/indexeddb/modern/opendatabase-versions.html:

10:08 AM Changeset in webkit [191181] by andersca@apple.com

9 edits in trunk/Source/WebKit2

Use the ShowContextMenu message for service menus as well
https://bugs.webkit.org/show_bug.cgi?id=150206

Reviewed by Tim Horton.

Shared/ContextMenuContextData.cpp:

(WebKit::ContextMenuContextData::ContextMenuContextData):
(WebKit::ContextMenuContextData::encode):
(WebKit::ContextMenuContextData::decode):

Shared/ContextMenuContextData.h:

(WebKit::ContextMenuContextData::type):
(WebKit::ContextMenuContextData::ContextMenuContextData):
(WebKit::ContextMenuContextData::isServicesMenu):
(WebKit::ContextMenuContextData::needsServicesMenu): Deleted.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::showContextMenu):
(WebKit::WebPageProxy::internalShowContextMenu):

UIProcess/WebPageProxy.h:
UIProcess/WebPageProxy.messages.in:
UIProcess/mac/WebContextMenuProxyMac.mm:

(WebKit::WebContextMenuProxyMac::populate):
(WebKit::WebContextMenuProxyMac::showContextMenu):

UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::showSelectionServiceMenu): Deleted.

WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::handleSelectionServiceClick):

10:06 AM Changeset in webkit [191180] by Chris Dumez

4 edits
5 adds in trunk

HTMLPreloadScanner should preload iframes
https://bugs.webkit.org/show_bug.cgi?id=150097
<rdar://problem/23094475>

Reviewed by Antti Koivisto.

Source/WebCore:

HTMLPreloadScanner should preload iframes to decrease page load time.

Tests:

fast/preloader/frame-src.html
http/tests/loading/preload-no-store-frame-src.html

html/parser/HTMLPreloadScanner.cpp:

(WebCore::TokenPreloadScanner::tagIdFor):
(WebCore::TokenPreloadScanner::initiatorFor):
(WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest):
(WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
(WebCore::TokenPreloadScanner::StartTagScanner::resourceType):
(WebCore::TokenPreloadScanner::StartTagScanner::setUrlToLoad): Deleted.
(WebCore::TokenPreloadScanner::StartTagScanner::charset): Deleted.

html/parser/HTMLPreloadScanner.h:

LayoutTests:

Add layout test to check that iframes are indeed preloaded.

fast/preloader/frame-src-expected.txt: Added.
fast/preloader/frame-src.html: Added.
fast/preloader/resources/testFrame.html: Added.
http/tests/loading/preload-no-store-frame-src-expected.txt: Added.
http/tests/loading/preload-no-store-frame-src.html: Added.

9:30 AM Changeset in webkit [191179] by Csaba Osztrogonác

1 edit
1 add in trunk/LayoutTests

Unreviewed fix after r191175.

js/regress-150220-expected.txt: Added.

9:12 AM Changeset in webkit [191178] by hyatt@apple.com

7 edits
10 adds in trunk

Implement the "all" CSS property.
https://bugs.webkit.org/show_bug.cgi?id=116966

Reviewed by Zalan Bujtas.

Source/WebCore:

Added new tests in fast/css.

css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::propertyValue):
Don't support "all" from computed style for now.

css/CSSParser.cpp:

(WebCore::CSSParser::parseValue):
Make sure to bail after checking inherit/unset/initial for all, since you can't actually
accept longhand values in the shorthand declarations.

(WebCore::CSSParser::parseAnimationProperty):
"all" for animations is a special value and should not be confused with the property. It
animates everything and does not omit unicode-bidi/direction the way the "all" property does.

css/CSSPropertyNames.in:

Add the "all" property to the list and use a special keyword in the Longhands value, "all",
that makeprop.pl will look for. This way we don't have to dump every single CSS property
into the Longhands expression, since that would be nuts.

css/StyleProperties.cpp:

(WebCore::StyleProperties::getPropertyValue):
Look for a common value across all properties supported by "all". That way you can get
back inherit/initial/unset from it.

css/makeprop.pl:

Make the perl script look for "all" in the longhand list, and if it sees it, put every
single CSS property into the list for the all shorthand.

LayoutTests:

Added tests for the "all property, including a variables test!

fast/css/all-keyword-direction-expected.html: Added.
fast/css/all-keyword-direction.html: Added.
fast/css/all-keyword-inherit-expected.html: Added.
fast/css/all-keyword-inherit.html: Added.
fast/css/all-keyword-initial-expected.html: Added.
fast/css/all-keyword-initial.html: Added.
fast/css/all-keyword-unset-expected.html: Added.
fast/css/all-keyword-unset.html: Added.
fast/css/variables/all-keyword-unset-expected.html: Added.
fast/css/variables/all-keyword-unset.html: Added.

8:57 AM Changeset in webkit [191177] by ap@apple.com

2 edits in branches/safari-601-branch/LayoutTests

Land accurate Yosemite/Mavericks results for http/tests/multipart/multipart-replace-non-html-content.html

platform/mac-yosemite/http/tests/multipart/multipart-replace-non-html-content-expected.txt:

8:56 AM Changeset in webkit [191176] by youenn.fablet@crf.canon.fr

28 edits in trunk/Source/WebCore

Binding generator should use templated JSXXConstructor
https://bugs.webkit.org/show_bug.cgi?id=149952

Reviewed by Darin Adler.

Adding constructor templates:

JSDOMConstructor: usual JS constructors
JSDOMNamedConstructor: for named constructors
JSDOMConstructorNotConstructable: for objects that cannot be constructed directly from JS.

Binding generator is using these 3 templates and is generating specializations for construct, initializeProperties and s_info.
These templates may also be used for private or custom constructors as examplified by JSImageConstructor
and JSReadableStream reader and controller private constructors.

Updated binding generator to use those templates.
Updated JSImageConstructor.cpp to use JSDOMNamedConstructor.
Updated default template implementation of JSBuiltinConstructor::createObject.
Updated generated helper routines of binding generator to fit with the templates.

A further patch should remove DOMConstructorWithDocument and DOMConstructorJSBuiltinObject.

Covered by binding tests.

bindings/js/JSDOMConstructor.h:

(WebCore::JSDOMConstructorNotConstructable::create):
(WebCore::JSDOMConstructorNotConstructable::createStructure):
(WebCore::JSDOMConstructorNotConstructable::JSDOMConstructorNotConstructable):
(WebCore::JSDOMConstructorNotConstructable::initializeProperties):
(WebCore::JSDOMConstructorNotConstructable<JSClass>::finishCreation):
(WebCore::JSDOMConstructor::create):
(WebCore::JSDOMConstructor::createStructure):
(WebCore::JSDOMConstructor::JSDOMConstructor):
(WebCore::JSDOMConstructor::initializeProperties):
(WebCore::JSDOMConstructor<JSClass>::finishCreation):
(WebCore::JSDOMConstructor<JSClass>::getConstructData):
(WebCore::JSDOMNamedConstructor::create):
(WebCore::JSDOMNamedConstructor::createStructure):
(WebCore::JSDOMNamedConstructor::JSDOMNamedConstructor):
(WebCore::JSDOMNamedConstructor::initializeProperties):
(WebCore::JSDOMNamedConstructor<JSClass>::finishCreation):
(WebCore::JSDOMNamedConstructor<JSClass>::getConstructData):

bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::image):

bindings/js/JSImageConstructor.cpp:

(WebCore::JSImageConstructor::initializeProperties):
(WebCore::JSImageConstructor::construct):
(WebCore::createImageConstructor):

bindings/js/JSImageConstructor.h:
bindings/scripts/CodeGeneratorJS.pm:

(GetConstructorTemplateClassName):
(GenerateConstructorDeclaration):
(GenerateOverloadedConstructorDefinition):
(GenerateConstructorDefinition):
(GenerateConstructorHelperMethods):
(GenerateImplementation): Deleted.
(GenerateConstructorDefinitions): Deleted.
(HasCustomSetter): Deleted.
(HasCustomMethod): Deleted.
(NeedsConstructorProperty): Deleted.
(ComputeFunctionSpecial): Deleted.
(AddJSBuiltinIncludesIfNeeded): Deleted.

bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:

(WebCore::JSTestActiveDOMObjectConstructor::initializeProperties):
(WebCore::JSTestActiveDOMObjectPrototype::finishCreation): Deleted.
(WebCore::JSTestActiveDOMObject::JSTestActiveDOMObject): Deleted.

bindings/scripts/test/JS/JSTestCallback.cpp:

(WebCore::JSTestCallbackConstructor::initializeProperties):
(WebCore::JSTestCallback::callbackWithNoParam): Deleted.

bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:

(WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::construct):
(WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::initializeProperties):
(WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation): Deleted.
(WebCore::JSTestCustomConstructorWithNoInterfaceObject::JSTestCustomConstructorWithNoInterfaceObject): Deleted.
(WebCore::JSTestCustomConstructorWithNoInterfaceObject::createPrototype): Deleted.
(WebCore::JSTestCustomConstructorWithNoInterfaceObject::getPrototype): Deleted.
(WebCore::JSTestCustomConstructorWithNoInterfaceObject::destroy): Deleted.

bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:

(WebCore::JSTestCustomNamedGetterConstructor::initializeProperties):
(WebCore::JSTestCustomNamedGetterPrototype::finishCreation): Deleted.
(WebCore::JSTestCustomNamedGetter::JSTestCustomNamedGetter): Deleted.

bindings/scripts/test/JS/JSTestEventConstructor.cpp:

(WebCore::JSTestEventConstructorConstructor::construct):
(WebCore::JSTestEventConstructorConstructor::initializeProperties):
(WebCore::JSTestEventConstructorPrototype::finishCreation): Deleted.
(WebCore::JSTestEventConstructor::JSTestEventConstructor): Deleted.
(WebCore::JSTestEventConstructor::getPrototype): Deleted.

bindings/scripts/test/JS/JSTestEventTarget.cpp:

(WebCore::JSTestEventTargetConstructor::initializeProperties):
(WebCore::JSTestEventTargetPrototype::finishCreation): Deleted.

bindings/scripts/test/JS/JSTestException.cpp:

(WebCore::JSTestExceptionConstructor::initializeProperties):
(WebCore::JSTestExceptionPrototype::finishCreation): Deleted.
(WebCore::JSTestException::JSTestException): Deleted.

bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:

(WebCore::JSTestGenerateIsReachableConstructor::initializeProperties):
(WebCore::JSTestGenerateIsReachablePrototype::finishCreation): Deleted.
(WebCore::JSTestGenerateIsReachable::JSTestGenerateIsReachable): Deleted.

bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::JSTestInterfaceConstructor::construct):
(WebCore::JSTestInterfaceConstructor::initializeProperties):
(WebCore::JSTestInterfaceConstructor::getConstructData):

bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:

(WebCore::JSTestJSBuiltinConstructorConstructor::createJSObject):
(WebCore::JSTestJSBuiltinConstructorConstructor::initializeProperties):
(WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation): Deleted.
(WebCore::JSTestJSBuiltinConstructor::JSTestJSBuiltinConstructor): Deleted.
(WebCore::JSTestJSBuiltinConstructor::createPrototype): Deleted.
(WebCore::JSTestJSBuiltinConstructor::getPrototype): Deleted.
(WebCore::JSTestJSBuiltinConstructor::destroy): Deleted.

bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:

(WebCore::JSTestMediaQueryListListenerConstructor::initializeProperties):
(WebCore::JSTestMediaQueryListListenerPrototype::finishCreation): Deleted.
(WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener): Deleted.

bindings/scripts/test/JS/JSTestNamedConstructor.cpp:

(WebCore::JSTestNamedConstructorConstructor::initializeProperties):
(WebCore::JSTestNamedConstructorNamedConstructor::construct):
(WebCore::JSTestNamedConstructorNamedConstructor::initializeProperties):
(WebCore::JSTestNamedConstructorPrototype::finishCreation): Deleted.
(WebCore::JSTestNamedConstructor::JSTestNamedConstructor): Deleted.
(WebCore::jsTestNamedConstructorConstructor): Deleted.
(WebCore::JSTestNamedConstructor::getConstructor): Deleted.
(WebCore::JSTestNamedConstructorOwner::isReachableFromOpaqueRoots): Deleted.

bindings/scripts/test/JS/JSTestNode.cpp:

(WebCore::JSTestNodeConstructor::construct):
(WebCore::JSTestNodeConstructor::initializeProperties):
(WebCore::JSTestNodePrototype::finishCreation): Deleted.
(WebCore::JSTestNode::JSTestNode): Deleted.
(WebCore::JSTestNode::getPrototype): Deleted.

bindings/scripts/test/JS/JSTestNondeterministic.cpp:

(WebCore::JSTestNondeterministicConstructor::initializeProperties):
(WebCore::JSTestNondeterministicPrototype::finishCreation): Deleted.

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::JSTestObjConstructor::construct):
(WebCore::JSTestObjConstructor::initializeProperties):

bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:

(WebCore::JSTestOverloadedConstructorsConstructor::construct):
(WebCore::JSTestOverloadedConstructorsConstructor::initializeProperties):
(WebCore::constructJSTestOverloadedConstructors1): Deleted.
(WebCore::constructJSTestOverloadedConstructors2): Deleted.
(WebCore::JSTestOverloadedConstructorsPrototype::finishCreation): Deleted.
(WebCore::JSTestOverloadedConstructors::JSTestOverloadedConstructors): Deleted.
(WebCore::JSTestOverloadedConstructors::createPrototype): Deleted.
(WebCore::JSTestOverloadedConstructors::getPrototype): Deleted.
(WebCore::JSTestOverloadedConstructors::destroy): Deleted.

bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:

(WebCore::JSTestOverrideBuiltinsConstructor::initializeProperties):
(WebCore::JSTestOverrideBuiltinsPrototype::finishCreation): Deleted.
(WebCore::JSTestOverrideBuiltins::JSTestOverrideBuiltins): Deleted.

bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:

(WebCore::JSTestSerializedScriptValueInterfaceConstructor::initializeProperties):
(WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation): Deleted.

bindings/scripts/test/JS/JSTestTypedefs.cpp:

(WebCore::JSTestTypedefsConstructor::construct):
(WebCore::JSTestTypedefsConstructor::initializeProperties):
(WebCore::JSTestTypedefsPrototype::finishCreation): Deleted.

bindings/scripts/test/JS/JSattribute.cpp:

(WebCore::JSattributeConstructor::initializeProperties):
(WebCore::JSattributePrototype::finishCreation): Deleted.
(WebCore::JSattribute::JSattribute): Deleted.

bindings/scripts/test/JS/JSreadonly.cpp:

(WebCore::JSreadonlyConstructor::initializeProperties):
(WebCore::JSreadonlyPrototype::finishCreation): Deleted.
(WebCore::JSreadonly::JSreadonly): Deleted.

7:43 AM Changeset in webkit [191175] by msaboff@apple.com

14 edits
2 adds in trunk

REGRESSION (r190289): Repro crash clicking back button on netflix.com
https://bugs.webkit.org/show_bug.cgi?id=150220

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

Since constructors check for a valid new "this" object and return it, we can't make
a tail call to another function from within a constructor.

Re-enabled the tail calls and the related tail call tests.

Did some other miscellaneous clean up in the tail call code as part of the debugging.

bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):

ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::DFG::LowerDFGToLLVM::callPreflight):

interpreter/Interpreter.h:

(JSC::calleeFrameForVarargs):

runtime/Options.h:
tests/es6.yaml:
tests/stress/dfg-tail-calls.js:

(nonInlinedTailCall.callee):

tests/stress/mutual-tail-call-no-stack-overflow.js:

(shouldThrow):

tests/stress/tail-call-in-inline-cache.js:

(tail):

tests/stress/tail-call-no-stack-overflow.js:

(shouldThrow):

tests/stress/tail-call-recognize.js:

(callerMustBeRun):

tests/stress/tail-call-varargs-no-stack-overflow.js:

(shouldThrow):

LayoutTests:

Added a new regression test. Changed the expected output of caller-property
to correspond with tail calls enabled.

js/caller-property-expected.txt:
js/regress-150220-expected.tx: Added.
js/regress-150220.html: Added.
js/script-tests/regress-150220.js: Added.

(Obj):
(SubObj):

3:47 AM Changeset in webkit [191174] by Carlos Garcia Campos

4 edits in trunk/Source/WebCore

[GStreamer] ASSERTION FAILED: !m_adoptionIsRequired in MediaSourceGStreamer::addSourceBuffer
https://bugs.webkit.org/show_bug.cgi?id=150229

Reviewed by Philippe Normand.

This happens in the debug bot in all media source tests that run
that code. The problem is that we are creating a RefPtr without
adopting the reference.

platform/graphics/gstreamer/MediaSourceGStreamer.cpp:

(WebCore::MediaSourceGStreamer::addSourceBuffer): Use
SourceBufferPrivateGStreamer::create().

platform/graphics/gstreamer/SourceBufferPrivateGStreamer.cpp:

(WebCore::SourceBufferPrivateGStreamer::create): Added to make
sure you can't create a SourceBufferPrivateGStreamer without
adopting the reference.
(WebCore::SourceBufferPrivateGStreamer::SourceBufferPrivateGStreamer):
Takes a reference to the client instead of a PassRefPtr.

platform/graphics/gstreamer/SourceBufferPrivateGStreamer.h:

12:29 AM Changeset in webkit [191173] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Unreviewed EFL Gardening on 15th Oct.
https://bugs.webkit.org/show_bug.cgi?id=150223

Patch by Hunseop Jeong <Hunseop Jeong> on 2015-10-16

platform/efl/TestExpectations:

12:14 AM Changeset in webkit [191172] by commit-queue@webkit.org

7 edits in trunk/Source/WebKit2

[GTK] Try to fix the build after r191137
https://bugs.webkit.org/show_bug.cgi?id=150222

Patch by Hunseop Jeong <Hunseop Jeong> on 2015-10-16
Reviewed by Carlos Garcia Campos.

UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::doneWithKeyEvent):
(WebKit::PageClientImpl::createPopupMenuProxy):
(WebKit::PageClientImpl::createContextMenuProxy):
(WebKit::PageClientImpl::createColorPicker):

UIProcess/API/gtk/PageClientImpl.h:
UIProcess/gtk/WebContextMenuProxyGtk.cpp:

(WebKit::WebContextMenuProxyGtk::populate):
(WebKit::WebContextMenuProxyGtk::showContextMenu):
(WebKit::WebContextMenuProxyGtk::hideContextMenu):
(WebKit::WebContextMenuProxyGtk::WebContextMenuProxyGtk):

UIProcess/gtk/WebContextMenuProxyGtk.h:

(WebKit::WebContextMenuProxyGtk::create):
(WebKit::WebContextMenuProxyGtk::gtkMenu):

UIProcess/gtk/WebPopupMenuProxyGtk.cpp:

(WebKit::WebPopupMenuProxyGtk::WebPopupMenuProxyGtk):

UIProcess/gtk/WebPopupMenuProxyGtk.h:

(WebKit::WebPopupMenuProxyGtk::create):
(WebKit::WebPopupMenuProxyGtk::setCurrentlySelectedMenuItem):

Note: See TracTimeline for information about the timeline view.

Download in other formats:

RSS Feed