Timeline
Jul 22, 2016:
- 11:15 PM Changeset in webkit [203635] by
-
- 5 edits in trunk/Source/WebKit2
Web Automation: All key events should be processed before sending response
https://bugs.webkit.org/show_bug.cgi?id=160114
<rdar://problem/27505943>
Reviewed by Darin Adler.
When evaluating performKeyboardInteractions, we were sending all
NSEvents synchronously, but because WebPageProxy was doing its
own queueing and asynchronous processing of those key events, we
would receive and respond to the next Automation command before
having completed all of the key events.
This change makes performKeyboardInteractions asynchronous. It
will be notified only after WebPageProxy has exhausted its queue
of key events.
- UIProcess/Automation/Automation.json:
- UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::keyboardEventsFlushedForPage):
(WebKit::WebAutomationSession::evaluateJavaScriptFunction):
(WebKit::WebAutomationSession::performKeyboardInteractions):
- UIProcess/Automation/WebAutomationSession.h:
- UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didReceiveEvent):
- 11:15 PM Changeset in webkit [203634] by
-
- 4 edits in trunk/Source/WebKit2
Web Automation: WebAutomationSession::deleteAllCookies never calls callback, hangs automation session
https://bugs.webkit.org/show_bug.cgi?id=160113
<rdar://problem/27308124>
Reviewed by Darin Adler.
Delete all cookies appears to be a straightforward action
where we don't need to wait for a callback. So drop the
async altogether and implicitly complete the action.
- UIProcess/Automation/Automation.json:
- UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::deleteAllCookies):
- UIProcess/Automation/WebAutomationSession.h:
- 11:11 PM Changeset in webkit [203633] by
-
- 5 edits in trunk/Websites/perf.webkit.org
REGRESSION(r203035): Marking points as an outlier no longer updates charts
https://bugs.webkit.org/show_bug.cgi?id=160106
Reviewed by Darin Adler.
The bug was caused by MeasurementSet's fetchBetween clearing previously registered callbacks when noCache
option is specified.
- public/v3/components/time-series-chart.js:
(TimeSeriesChart.prototype.setSourceList): Clear this._fetchedTimeSeries when changing chart options.
e.g. need to start including or excluding outliers.
(TimeSeriesChart.prototype.fetchMeasurementSets): Don't skip the fetching when noCache is true.
- public/v3/models/measurement-set.js:
(MeasurementSet): Added this._callbackMap as an instance variable to keep track of all callbacks on every
cluster since we may need to call each callback multiple times per cluster when noCache option is used.
(MeasurementSet.prototype.fetchBetween): Moved the code to add _primaryClusterPromise to _allFetches here
so that now this function and _ensureClusterPromise are only functions that touch _allFetches.
(MeasurementSet.prototype._ensureClusterPromise): Extracted out of fetchBetween. Queue up all callbacks
for each cluster when creating a new promise.
(MeasurementSet.prototype._fetchPrimaryCluster): Removed the code to add _primaryClusterPromise now that
it's done in fetchBetween.
- public/v3/remote.js:
(RemoteAPI.postJSONWithStatus): Removed superfluous call to console.log.
- unit-tests/measurement-set-tests.js: Updated the test case for noCache. The callback registered before
fetchBetween is called with noCache=true is now invoked so callCount must be 3 instead of 2.
- 11:01 PM Changeset in webkit [203632] by
-
- 8 edits1 delete in trunk/Source/WebCore
Use a private property to implement FetchResponse.body getter
https://bugs.webkit.org/show_bug.cgi?id=159808
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-22
Reviewed by Sam Weinig.
Covered by existing test sets.
Previously, body was handled as a CachedAttribute.
Using a private property will allow direct use of this property from JS built-ins which will allow easier
handling of ReadableStream cloning in Response.clone.
Also, this allows removing some binding custom code.
Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
Ditto for createReadableStreamSource.
- CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
- Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
Making body getter a JSBuiltin.
- Modules/fetch/FetchResponse.js:
(body): Adding getter which will call createReadableStreamSource if needed.
- WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
- bindings/js/JSFetchResponseCustom.cpp: Removed.
- bindings/js/ReadableStreamController.cpp:
(WebCore::createReadableStream): Deleted.
(WebCore::getReadableStreamReader): Deleted.
- bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
handled within JS built-in code.
- bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed and @Response identifiers.
- 6:56 PM Changeset in webkit [203631] by
-
- 7 edits in trunk/Source
Handle cases when IOSurface initialization fails.
https://bugs.webkit.org/show_bug.cgi?id=160006
<rdar://problem/27495102>
Reviewed by Tim Horton and Simon Fraser.
This is an additional fix to r203514 to check if IOSurface initialization was successful.
Unable to test.
Source/WebCore:
- platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::ImageBuffer::ImageBuffer):
- platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
- platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.
(WebCore::IOSurface::create):
(WebCore::IOSurface::createFromImage):
(WebCore::IOSurface::IOSurface):
(WebCore::IOSurface::convertToFormat):
Source/WebKit2:
- Shared/mac/RemoteLayerBackingStore.mm:
(WebKit::RemoteLayerBackingStore::encode):
(WebKit::RemoteLayerBackingStore::display):
(WebKit::RemoteLayerBackingStore::applyBackingStoreToLayer):
- UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _takeViewSnapshot]):
(-[WKWebView _snapshotRect:intoImageOfWidth:completionHandler:]):
- 6:19 PM Changeset in webkit [203630] by
-
- 3 edits in trunk/Source/WebKit2
[iOS] Clients should be able to decide if they want secure text entry in a form field
https://bugs.webkit.org/show_bug.cgi?id=160109
rdar://problem/27504958
Patch by Chelsea Pugh <cpugh@apple.com> on 2016-07-22
Reviewed by Dan Bernstein.
- UIProcess/API/Cocoa/_WKFormInputSession.h:
- UIProcess/ios/WKContentViewInteraction.mm:
(-[WKFormInputSession forceSecureTextEntry]): Getter.
(-[WKFormInputSession setForceSecureTextEntry:]): Setter.
(-[WKContentView textInputTraits]): If the form input session has specified that secure text
entry is desired, we should use secure text entry.
- 5:47 PM Changeset in webkit [203629] by
-
- 4 edits in trunk
Media controls should be displayed for media in media documents
https://bugs.webkit.org/show_bug.cgi?id=160104
<rdar://problem/27438936>
Reviewed by Myles C. Maxfield.
Source/WebCore:
Make videos that would otherwise not have been large enough or have the right
aspect ratio cause media controls to appear. This is because media elements in
a media document are implied to be main content.
Added a new API test.
- html/MediaElementSession.cpp:
(WebCore::MediaElementSession::canControlControlsManager):
Tools:
Verifies that even a small video with audio in a media document gets media controls.
- TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:
(TestWebKitAPI::TEST):
- 4:48 PM Changeset in webkit [203628] by
-
- 1 copy in tags/Safari-602.1.43
New tag.
- 4:48 PM Changeset in webkit [203627] by
-
- 11 edits in branches/safari-602-branch
Merge r203626. rdar://problem/27453479
- 4:45 PM Changeset in webkit [203626] by
-
- 11 edits in trunk
All dancers with bunny ears are female
https://bugs.webkit.org/show_bug.cgi?id=160102
<rdar://problem/27453479>
Reviewed by Simon Fraser.
Source/WebCore:
In r203330 I added support for new emoji group candidates. I accidentally
missed one of the new emoji code points.
Tests: editing/deleting/delete-emoji.html:
fast/text/emoji-gender-2-9.html:
fast/text/emoji-gender-9.html:
fast/text/emoji-gender-fe0f-9.html:
- platform/text/CharacterProperties.h:
(WebCore::isEmojiGroupCandidate):
LayoutTests:
- editing/deleting/delete-emoji.html:
- platform/mac/editing/deleting/delete-emoji-expected.txt:
- fast/text/emoji-gender-2-9-expected.html:
- fast/text/emoji-gender-2-9.html:
- fast/text/emoji-gender-9-expected.html:
- fast/text/emoji-gender-9.html:
- fast/text/emoji-gender-fe0f-9-expected.html:
- fast/text/emoji-gender-fe0f-9.html:
- 4:17 PM Changeset in webkit [203625] by
-
- 2 edits in trunk/Tools
REGRESSION(203616): no FTL testing was inadvertently removed
https://bugs.webkit.org/show_bug.cgi?id=160100
Rubber-stamped by Filip Pizlo.
Added runNoFTL back into the set of tests we run on FTL enabled platforms.
Renamed runLayoutTestNoFTL to runLayoutTestDefault. Restructured the test
logic for the runLayout and runNoisy variants to match the run test logic,
that is we always invoke runXXXDefault and invoke runXXXNoFTL for FTL
enabled platforms.
- Scripts/run-jsc-stress-tests:
- 4:13 PM Changeset in webkit [203624] by
-
- 11 edits in trunk
Parameter to HTMLCollection.item() / namedItem() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160099
Reviewed by Sam Weinig.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Parameter to HTMLCollection.item() / namedItem() should be mandatory:
- https://dom.spec.whatwg.org/#interface-htmlcollection
- https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
- https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
Firefox and Chrome agree with the specification.
No new tests, rebaselined existing tests.
- bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
(WebCore::JSHTMLFormControlsCollection::namedItem):
- html/HTMLCollection.idl:
- html/HTMLFormControlsCollection.idl:
- html/HTMLOptionsCollection.idl:
LayoutTests:
Update existing test to reflect behavior change.
- fast/dom/non-numeric-values-numeric-parameters-expected.txt:
- fast/dom/script-tests/non-numeric-values-numeric-parameters.js:
- 3:56 PM Changeset in webkit [203623] by
-
- 12 edits2 adds in trunk
First parameter to Window.getComputedStyle() should be mandatory and non-nullable
https://bugs.webkit.org/show_bug.cgi?id=160097
Reviewed by Ryosuke Niwa.
Source/WebCore:
First parameter to Window.getComputedStyle() should be mandatory and
non-nullable:
Firefox and Chrome agree with the specification.
Test: fast/dom/Window/getComputedStyle-missing-parameter.html
- css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
(WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
(WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
(WebCore::CSSComputedStyleDeclaration::copyProperties):
(WebCore::CSSComputedStyleDeclaration::length):
(WebCore::CSSComputedStyleDeclaration::item):
(WebCore::CSSComputedStyleDeclaration::getPropertyValue):
- css/CSSComputedStyleDeclaration.h:
- dom/Document.idl:
- inspector/InspectorCSSAgent.cpp:
(WebCore::InspectorCSSAgent::getComputedStyleForNode):
- page/DOMWindow.cpp:
(WebCore::DOMWindow::getComputedStyle):
- page/DOMWindow.h:
- page/DOMWindow.idl:
- testing/Internals.cpp:
(WebCore::Internals::computedStyleIncludingVisitedInfo):
- testing/Internals.h:
- testing/Internals.idl:
LayoutTests:
Add test coverage.
- fast/dom/Window/getComputedStyle-missing-parameter-expected.txt: Added.
- fast/dom/Window/getComputedStyle-missing-parameter.html: Added.
- 3:32 PM Changeset in webkit [203622] by
-
- 4 edits2 adds in trunk
Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
https://bugs.webkit.org/show_bug.cgi?id=160089
Reviewed by Darin Adler.
Source/WebCore:
Tested by API test IndexedDB.StoreBlobThenDelete.
Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
That is, one or more digits, followed by ".blob".
So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
- Modules/indexeddb/server/IDBServer.cpp:
(WebCore::IDBServer::removeAllDatabasesForOriginPath):
Tools:
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/WebKit2Cocoa/StoreBlobThenDelete.mm: Added.
- TestWebKitAPI/Tests/WebKit2Cocoa/StoreBlobToBeDeleted.html: Added.
- 3:14 PM Changeset in webkit [203621] by
-
- 10 edits4 adds in trunk/Source/JavaScriptCore
Teach MarkedSpace how to allocate auxiliary storage
https://bugs.webkit.org/show_bug.cgi?id=160053
Reviewed by Sam Weinig.
Previously, we had two kinds of subspaces in MarkedSpace: destructor and non-destructor. This
was described using "bool needsDestruction" that would get passed around. We'd iterate over
these spaces using duplicated code - one loop for destructors and one for non-destructors, or
a single loop that does one thing for destructors and one for non-destructors.
But now we want a third subspace: non-destructor non-JSCell, aka Auxiliary.
So, this changes all of the reflection and iteration over subspaces to use functors, so that
the looping is written once and reused. Most places don't even have to know that there is a
third subspace; they just know that they must do things for each subspace, for each
allocator, or for each block - and the functor magic handles it for you.
To make this somewhat nice, this change also fixes how we describe subspaces. Instead of a
bool, we now have AllocatorAttributes, which is a struct. If we ever add more subspaces, we
can add fields to AllocatorAttributes to describe how those subspaces differ. For now it just
contains two properties: a DestructionMode and a HeapCell::Kind. The DesctructionMode
replaces bool needsDestruction. I deliberately used a non-class enum to avoid tautologies.
DestructionMode has two members: NeedsDestruction and DoesNotNeedDestruction. I almost went
with DestructionMode::Needed and DestructionMode::NotNeeded, but I felt like that involves
more typing and doesn't actually avoid any kind of namespace issues.
This is intended to have no behavior change other than the addition of a totally unused
space, which should always be empty. So hopefully it doesn't cost anything.
- CMakeLists.txt:
- JavaScriptCore.xcodeproj/project.pbxproj:
- heap/AllocatorAttributes.cpp: Added.
(JSC::AllocatorAttributes::dump):
- heap/AllocatorAttributes.h: Added.
(JSC::AllocatorAttributes::AllocatorAttributes):
- heap/DestructionMode.cpp: Added.
(WTF::printInternal):
- heap/DestructionMode.h: Added.
- heap/Heap.h:
- heap/MarkedAllocator.cpp:
(JSC::MarkedAllocator::allocateBlock):
(JSC::MarkedAllocator::addBlock):
- heap/MarkedAllocator.h:
(JSC::MarkedAllocator::cellSize):
(JSC::MarkedAllocator::attributes):
(JSC::MarkedAllocator::needsDestruction):
(JSC::MarkedAllocator::destruction):
(JSC::MarkedAllocator::cellKind):
(JSC::MarkedAllocator::heap):
(JSC::MarkedAllocator::takeLastActiveBlock):
(JSC::MarkedAllocator::MarkedAllocator):
(JSC::MarkedAllocator::init):
(JSC::MarkedAllocator::allocate):
- heap/MarkedBlock.cpp:
(JSC::MarkedBlock::create):
(JSC::MarkedBlock::destroy):
(JSC::MarkedBlock::MarkedBlock):
(JSC::MarkedBlock::callDestructor):
(JSC::MarkedBlock::sweep):
(JSC::MarkedBlock::stopAllocating):
(JSC::MarkedBlock::didRetireBlock):
- heap/MarkedBlock.h:
(JSC::MarkedBlock::cellSize):
(JSC::MarkedBlock::attributes):
(JSC::MarkedBlock::needsDestruction):
(JSC::MarkedBlock::destruction):
(JSC::MarkedBlock::cellKind):
(JSC::MarkedBlock::size):
(JSC::MarkedBlock::forEachCell):
(JSC::MarkedBlock::forEachLiveCell):
(JSC::MarkedBlock::forEachDeadCell):
- heap/MarkedSpace.cpp:
(JSC::MarkedSpace::MarkedSpace):
(JSC::MarkedSpace::~MarkedSpace):
(JSC::MarkedSpace::lastChanceToFinalize):
(JSC::MarkedSpace::resetAllocators):
(JSC::MarkedSpace::forEachAllocator):
(JSC::MarkedSpace::stopAllocating):
(JSC::MarkedSpace::resumeAllocating):
(JSC::MarkedSpace::isPagedOut):
(JSC::MarkedSpace::freeBlock):
(JSC::MarkedSpace::shrink):
(JSC::MarkedSpace::clearNewlyAllocated):
(JSC::clearNewlyAllocatedInBlock): Deleted.
- heap/MarkedSpace.h:
(JSC::MarkedSpace::subspaceForObjectsWithDestructor):
(JSC::MarkedSpace::subspaceForObjectsWithoutDestructor):
(JSC::MarkedSpace::subspaceForAuxiliaryData):
(JSC::MarkedSpace::allocatorFor):
(JSC::MarkedSpace::destructorAllocatorFor):
(JSC::MarkedSpace::auxiliaryAllocatorFor):
(JSC::MarkedSpace::allocateWithoutDestructor):
(JSC::MarkedSpace::allocateWithDestructor):
(JSC::MarkedSpace::allocateAuxiliary):
(JSC::MarkedSpace::forEachBlock):
(JSC::MarkedSpace::didAddBlock):
(JSC::MarkedSpace::capacity):
(JSC::MarkedSpace::forEachSubspace):
- 3:14 PM Changeset in webkit [203620] by
-
- 2 edits in trunk/Tools
[GTK] Improved exclusion patterns in make-dist.py manifest.
https://bugs.webkit.org/show_bug.cgi?id=160094
Reviewed by Michael Catanzaro.
- gtk/manifest.txt.in:
Exclude Platform*.cmake files for more ports.
Removed obsolete .gyp and .pro.user patterns.
Exclude 'Configurations' and 'spi' directories.
Exclude CMakeLists.txt.user (Qt Creator IDE).
- 3:07 PM Changeset in webkit [203619] by
-
- 2 edits in trunk/LayoutTests
Marking webaudio/audionode-connect-order.html as a flaky crash on mac-wk1 debug
https://bugs.webkit.org/show_bug.cgi?id=105870
Unreviewed test gardening.
- platform/mac-wk1/TestExpectations:
- 3:06 PM Changeset in webkit [203618] by
-
- 2 edits in trunk/Source/WebKit2
Get rid of an unused API typedef
https://bugs.webkit.org/show_bug.cgi?id=160103
Reviewed by Sam Weinig.
- Shared/API/c/WKSharedAPICast.h:
- 2:58 PM Changeset in webkit [203617] by
-
- 2 edits in trunk/LayoutTests
Marking userscripts/window-onerror-for-isolated-world-3.html as a flaky failure on mac-wk1
https://bugs.webkit.org/show_bug.cgi?id=160101
Unreviewed test gardening.
- platform/mac-wk1/TestExpectations:
- 1:53 PM Changeset in webkit [203616] by
-
- 2 edits in trunk/Tools
Don't run FTL related JSC stress tests on non-FTL platforms
https://bugs.webkit.org/show_bug.cgi?id=160033
Reviewed by Mark Lam.
Added check for running tests on platforms that don't enable FTL to not run FTL tests.
Refactored several of the runXXX test methods to always runXXXDefault and made those
runXXXDefault to pass FTL_OPTIONS. For platforms that don't enable the FTL, FTL_OPTIONS
doesn't cause a problem.
- Scripts/run-jsc-stress-tests:
- 1:38 PM Changeset in webkit [203615] by
-
- 2 edits in trunk/Source/JavaScriptCore
REGRESSION(r203537): It made many tests crash on ARMv7 Linux platforms
https://bugs.webkit.org/show_bug.cgi?id=160082
Reviewed by Keith Miller.
We were improperly linking the Jump in the link buffer.
It caused us to be linking against the executable address
which always has bit 0 set. We shouldn't be doing that.
This patch fixes this, by using the same idiom that
PolymorphicAccess uses to link a jump to out of line code.
- jit/JITMathIC.h:
(JSC::JITMathIC::generateOutOfLine):
- 1:36 PM Changeset in webkit [203614] by
-
- 3 edits in trunk/LayoutTests
Web Inspector: Remove unused code from Debounce layout test
https://bugs.webkit.org/show_bug.cgi?id=160049
<rdar://problem/27479713>
Reviewed by Joseph Pecoraro.
- inspector/unit-tests/debounce-expected.txt:
Updated with new delay times.
- inspector/unit-tests/debounce.html:
Remove unused code that was copy-pasted from other tests, and reduced
delay times from 100ms to 10ms to speed up test.
- 1:35 PM Changeset in webkit [203613] by
-
- 2 edits in trunk/Source/JavaScriptCore
Unreviewed, rolling out r203603.
https://bugs.webkit.org/show_bug.cgi?id=160096
Caused CLoop tests to fail with assertions (Requested by
perarne on #webkit).
Reverted changeset:
"[Win] jsc.exe sometimes never exits."
https://bugs.webkit.org/show_bug.cgi?id=158073
http://trac.webkit.org/changeset/203603
- 1:34 PM Changeset in webkit [203612] by
-
- 6 edits in trunk
Fix default parameter values for window.alert() / prompt() / confirm()
https://bugs.webkit.org/show_bug.cgi?id=160085
Reviewed by Ryosuke Niwa.
Source/WebCore:
Fix default parameter values for window.alert() / prompt() / confirm() to
match the specification:
They should default to the empty string, not the string "undefined".
Firefox and chrome agree with the specification.
No new tests, updated existing test.
- page/DOMWindow.h:
- page/DOMWindow.idl:
LayoutTests:
Update existing test to reflect behavior change.
- fast/dom/Window/alert-undefined-expected.txt:
- fast/dom/Window/alert-undefined.html:
- 1:33 PM Changeset in webkit [203611] by
-
- 8 edits16 adds in trunk
CSP: object-src and plugin-types directives are not respected for plugin replacements
https://bugs.webkit.org/show_bug.cgi?id=159761
<rdar://problem/27365724>
Reviewed by Brent Fulgham.
Source/WebCore:
Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
load with a plugin replacement.
Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
- html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
(WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
are allowed to load such content.
- html/HTMLPlugInImageElement.h:
- loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
earlier in HTMLPlugInImageElement::requestObject().
(WebCore::SubframeLoader::requestPlugin): Ditto.
(WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
to HTMLPlugInImageElement::allowedToLoadPluginContent().
(WebCore::SubframeLoader::requestObject): Deleted.
- loader/SubframeLoader.h:
- page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
function to a const function since these functions do not modify |this|.
- page/csp/ContentSecurityPolicy.h:
LayoutTests:
Add layout tests to ensure that we apply the CSP object-src and plugin-types directives to content
that loads with either the QuickTime plugin replacement or YouTube plugin replacement.
- security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement-expected.txt: Added.
- security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html: Added.
- security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement-expected.txt: Added.
- security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html: Added.
- security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement-expected.txt: Added.
- security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html: Added.
- security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement-expected.txt: Added.
- security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html: Added.
- security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-expected.txt: Added.
- security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type-expected.txt: Added.
- security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html: Added.
- security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html: Added.
- security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-expected.txt: Added.
- security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type-expected.txt: Added.
- security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html: Added.
- security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html: Added.
- 12:54 PM Changeset in webkit [203610] by
-
- 11 edits in trunk
Parameters to Node.replaceChild() / insertBefore() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160091
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Parameters to Node.replaceChild() / insertBefore() should be mandatory:
The compatibility risk should be low since Firefox and Chrome both agree
with the specification and because it does not make much sense to omit
parameters when using this API.
No new tests, rebaselined existing tests.
- bindings/js/JSNodeCustom.cpp:
(WebCore::JSNode::insertBefore):
(WebCore::JSNode::replaceChild):
LayoutTests:
Update existing tests due to the behavior change.
- fast/block/basic/empty-anonymous-block-remove-crash.html:
- fast/html/details-summary-document-child.html:
- fast/repaint/focus-ring-with-negative-offset-repaint.html:
- svg/animations/mpath-remove-from-dependents-on-delete-crash.html:
- 12:34 PM Changeset in webkit [203609] by
-
- 5 edits in trunk
Parameter to Node.contains() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160084
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Parameter to Node.contains() should be mandatory as per the
specification:
The compatibility risk should be low because both Firefox and Chrome
both agree with the specification. Also, it does not make much sense
to call this API without parameter.
No new tests, rebaselined existing tests.
- dom/Node.idl:
- 11:58 AM Changeset in webkit [203608] by
-
- 2 edits in branches/safari-602-branch/Source/WebCore
Merge r203606. rdar://problem/27430450
- 11:58 AM Changeset in webkit [203607] by
-
- 10 edits2 adds in branches/safari-602-branch
Merge r203378. rdar://problem/25876032
- 11:45 AM Changeset in webkit [203606] by
-
- 2 edits in trunk/Source/WebCore
[iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
https://bugs.webkit.org/show_bug.cgi?id=159933
Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-07-22
Reviewed by Simon Fraser.
We need to use the scaled size when deciding whether to cache the PDF image
or not. This is because ImageBuffer takes the display resolution into account
which gives higher resolution for the image when zooming.
- platform/graphics/cg/PDFDocumentImage.cpp:
(WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
- 11:39 AM Changeset in webkit [203605] by
-
- 7 edits2 adds in trunk
First parameter to getElementById() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160087
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
First parameter to getElementById() should be mandatory:
- https://dom.spec.whatwg.org/#nonelementparentnode
- https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
Both Firefox and Chrome agree with the specification.
Test: svg/dom/SVGSVGElement-getElementById.html
- dom/NonElementParentNode.idl:
- svg/SVGSVGElement.idl:
LayoutTests:
Add layout test coverage for SVGSVGElement.getElementById().
- svg/dom/SVGSVGElement-getElementById-expected.txt: Added.
- svg/dom/SVGSVGElement-getElementById.html: Added.
- 11:34 AM Changeset in webkit [203604] by
-
- 5 edits in trunk
Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160086
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
should be mandatory:
Firefox and Chrome both agree with the specification.
No new tests, rebaselined existing tests.
- dom/Node.idl:
- 11:26 AM Changeset in webkit [203603] by
-
- 2 edits in trunk/Source/JavaScriptCore
[Win] jsc.exe sometimes never exits.
https://bugs.webkit.org/show_bug.cgi?id=158073
Reviewed by Mark Lam.
Make sure the VM is deleted after the test has finished. This will gracefully stop the sampling profiler thread,
and give the thread the opportunity to release the machine thread lock aquired in SamplingProfiler::takeSample.
If the sampling profiler thread was terminated while holding the machine thread lock, the machine thread will
not be able to grab the lock afterwards.
- jsc.cpp:
(jscmain):
- 9:57 AM Changeset in webkit [203602] by
-
- 2 edits in trunk/LayoutTests
Correct a TestExpectation by changing it from Failure to ImageOnlyFailure
Unreviewed test gardening.
- platform/mac/TestExpectations:
- 9:01 AM Changeset in webkit [203601] by
-
- 12 edits in trunk
Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
https://bugs.webkit.org/show_bug.cgi?id=160071
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Parameter to Node.compareDocumentPosition() should be mandatory and
non-nullable:
Firefox and Chrome agree with the specification so the compatibility
risk should be low. Also, it does not make much sense to call this
operation without parameter.
No new tests, rebaselined existing tests.
- accessibility/AccessibilityObject.cpp:
(WebCore::rangeClosestToRange):
- dom/AuthorStyleSheets.cpp:
(WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
- dom/Node.cpp:
(WebCore::compareDetachedElementsPosition):
(WebCore::Node::compareDocumentPosition):
- dom/Node.h:
- dom/Node.idl:
- dom/Position.h:
(WebCore::operator<):
- html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
(WebCore::HTMLFormElement::formElementIndex):
- rendering/RenderNamedFlowThread.cpp:
(WebCore::RenderNamedFlowThread::nextRendererForElement):
(WebCore::compareRenderNamedFlowFragments):
(WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
- 8:55 AM Changeset in webkit [203600] by
-
- 2 edits in trunk/Source/JavaScriptCore
Fix the Windows 64-bit build after r203537
https://bugs.webkit.org/show_bug.cgi?id=160080
Reviewed by Csaba Osztrogonác.
Added new version of setupArgumentsWithExecState method.
- jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):
- 8:52 AM Changeset in webkit [203599] by
-
- 2 edits in trunk/Source/WebCore
[cmake] Removed obsolete plugins/win directory
https://bugs.webkit.org/show_bug.cgi?id=160081
Reviewed by Per Arne Vollan.
It was removed in r178219.
No new tests needed.
- PlatformWin.cmake:
- 8:11 AM Changeset in webkit [203598] by
-
- 5 edits in trunk/Source/WebKit2
run-safari doesn't work with Safari 10 on 10.11
https://bugs.webkit.org/show_bug.cgi?id=159958
<rdar://problem/27422805>
Reviewed by Alexey Proskuryakov.
Safari’s injected bundle may depend on the newer versions of frameworks installed in a
staging location. Have the engineering builds of the Web Content service look for newer
versions in that location.
- Configurations/BaseTarget.xcconfig: Shortened a linker flag.
- Configurations/BaseXPCService.xcconfig: Increased Mach-O header padding in production builds to allow for more dyld environment commands to be added after the fact.
- Configurations/DebugRelease.xcconfig: Have the new WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG set to YES for macOS engineering builds.
- Configurations/WebContentService.xcconfig: Include the versioned frameworks whenever WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG is set to YES. Have the value of WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG default to the value of USE_STAGING_INSTALL_PATH, while letting DebugRelease.xcconfig override it.
- 5:40 AM Changeset in webkit [203597] by
-
- 4 edits in trunk
IWebView::mainFrame crashes if called after IWebView::close
https://bugs.webkit.org/show_bug.cgi?id=32868
Reviewed by Brent Fulgham.
Source/WebKit/win:
After deleting the page in WebView::close the mainframe object may be deleted.
Test: Tools/TestWebKitAPI/Tests/WebKit/win/WebViewDestruction.cpp (CloseThenGetMainFrame).
- WebView.cpp:
(WebView::close): set mainframe pointer member to null.
Tools:
- TestWebKitAPI/Tests/WebKit/win/WebViewDestruction.cpp:
(TestWebKitAPI::TEST_F): Added test.
- 3:24 AM Changeset in webkit [203596] by
-
- 4 edits in trunk
[GTK] Enable threaded compositor by default
https://bugs.webkit.org/show_bug.cgi?id=160079
Reviewed by Žan Doberšek.
.:
- Source/cmake/OptionsGTK.cmake:
Tools:
- Scripts/webkitperl/FeatureList.pm:
- 3:00 AM Changeset in webkit [203595] by
-
- 2 edits in trunk/Source/JavaScriptCore
[ARM] Unreviewed EABI buildfix after r203537.
- jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState): Added.
- 2:50 AM Changeset in webkit [203594] by
-
- 2 edits in branches/safari-602-branch/Source/WebCore
Merge r203548. rdar://problem/27474031
- 2:50 AM Changeset in webkit [203593] by
-
- 3 edits in branches/safari-602-branch
Merge r203511. rdar://problem/27474031
- 2:38 AM Changeset in webkit [203592] by
-
- 24 edits in branches/safari-602-branch
Merge r203545. rdar://problem/26964090
- 2:38 AM Changeset in webkit [203591] by
-
- 3 edits in branches/safari-602-branch/Tools
Merge r203540. rdar://problem/26964090
- 2:38 AM Changeset in webkit [203590] by
-
- 26 edits2 deletes in branches/safari-602-branch
Merge r203520. rdar://problem/26964090
- 2:26 AM Changeset in webkit [203589] by
-
- 1 edit1 move1 add in branches/safari-602-branch/LayoutTests
Merge r203536. rdar://problem/27430111
- 2:26 AM Changeset in webkit [203588] by
-
- 3 edits2 copies1 move1 add in branches/safari-602-branch
Merge r203533. rdar://problem/27430111
- 2:26 AM Changeset in webkit [203587] by
-
- 2 edits in branches/safari-602-branch/Source/WebCore
Merge r203473. rdar://problem/27180657
- 2:26 AM Changeset in webkit [203586] by
-
- 2 edits in branches/safari-602-branch/Tools
Merge r203468. rdar://problem/27180657
- 2:26 AM Changeset in webkit [203585] by
-
- 5 edits1 add in branches/safari-602-branch
Merge r203464. rdar://problem/27180657
- 2:26 AM Changeset in webkit [203584] by
-
- 2 edits in branches/safari-602-branch/Source/WebKit2
Merge r203483. rdar://problem/27455589
- 2:26 AM Changeset in webkit [203583] by
-
- 2 edits in branches/safari-602-branch/Source/WebKit2
Merge r203462. rdar://problem/27453189
- 2:26 AM Changeset in webkit [203582] by
-
- 2 edits in branches/safari-602-branch/Tools
Merge r203447. rdar://problem/27056844
- 2:26 AM Changeset in webkit [203581] by
-
- 2 edits in branches/safari-602-branch/Tools
Merge r203436. rdar://problem/27056844
- 2:26 AM Changeset in webkit [203580] by
-
- 2 edits in branches/safari-602-branch/Tools
Merge r203429. rdar://problem/27056844
- 2:26 AM Changeset in webkit [203579] by
-
- 3 edits2 moves3 adds in branches/safari-602-branch/Tools
Merge r203426. rdar://problem/27056844
- 2:26 AM Changeset in webkit [203578] by
-
- 5 edits in branches/safari-602-branch/Source
Merge r203392. rdar://problem/27056844
- 2:26 AM Changeset in webkit [203577] by
-
- 3 edits3 adds in branches/safari-602-branch
Merge r203543. rdar://problem/27429465
- 2:26 AM Changeset in webkit [203576] by
-
- 4 edits1 add in branches/safari-602-branch
Merge r203541. rdar://problem/27450825
- 2:25 AM Changeset in webkit [203575] by
-
- 3 edits2 adds in branches/safari-602-branch
Merge r203538. rdar://problem/27462960
- 2:25 AM Changeset in webkit [203574] by
-
- 2 edits in branches/safari-602-branch/Source/WebCore
Merge r203518. rdar://problem/21400186
- 2:25 AM Changeset in webkit [203573] by
-
- 2 edits in branches/safari-602-branch/Source/WebCore
Merge r203514. rdar://problem/27208636
- 2:25 AM Changeset in webkit [203572] by
-
- 9 edits1 add in branches/safari-602-branch/Source/JavaScriptCore
Merge r203488. rdar://problem/27439330
- 2:25 AM Changeset in webkit [203571] by
-
- 3 edits in branches/safari-602-branch/Source/WebCore
Merge r203482. rdar://problem/27442806
- 2:25 AM Changeset in webkit [203570] by
-
- 2 edits2 adds in branches/safari-602-branch/Tools
Merge r203478. rdar://problem/27411085
- 2:25 AM Changeset in webkit [203569] by
-
- 4 edits in branches/safari-602-branch/Source/WebCore
Merge r203450. rdar://problem/21439264
- 2:25 AM Changeset in webkit [203568] by
-
- 2 edits in branches/safari-602-branch/Source/WebKit2
Merge r203442. rdar://problem/27376446
- 2:25 AM Changeset in webkit [203567] by
-
- 6 edits in branches/safari-602-branch
Merge r203435. rdar://problem/27438734
- 2:25 AM Changeset in webkit [203566] by
-
- 2 edits in branches/safari-602-branch/Source/WebCore
Merge r203425. rdar://problem/27488703
- 2:25 AM Changeset in webkit [203565] by
-
- 3 edits in branches/safari-602-branch/Source/WebCore
Merge r203424. rdar://problem/27391012
- 2:25 AM Changeset in webkit [203564] by
-
- 3 edits2 adds in branches/safari-602-branch
Merge r203415. rdar://problem/27409483
- 2:25 AM Changeset in webkit [203563] by
-
- 7 edits in branches/safari-602-branch/Source
Merge r203414. rdar://problem/26756701
- 2:25 AM Changeset in webkit [203562] by
-
- 4 edits2 adds in branches/safari-602-branch
Merge r203412. rdar://problem/26898984
- 2:25 AM Changeset in webkit [203561] by
-
- 3 edits6 adds in branches/safari-602-branch
Merge r203409. rdar://problem/27182267
- 2:25 AM Changeset in webkit [203560] by
-
- 6 edits2 adds in branches/safari-602-branch
Merge r203388. rdar://problem/25740804
- 2:25 AM Changeset in webkit [203559] by
-
- 2 edits in branches/safari-602-branch/Source/WebKit2
Merge r203387. rdar://problem/27018065
- 2:25 AM Changeset in webkit [203558] by
-
- 2 edits in branches/safari-602-branch/Source/WebKit2
Merge r203385. rdar://problem/27192350
- 2:25 AM Changeset in webkit [203557] by
-
- 15 edits in branches/safari-602-branch
Merge r203380. rdar://problem/27391725
- 2:25 AM Changeset in webkit [203556] by
-
- 5 edits in branches/safari-602-branch/Source/WebKit2
Merge r203371. rdar://problem/26973202
- 2:24 AM Changeset in webkit [203555] by
-
- 3 edits in branches/safari-602-branch/Source/WebCore
Merge r203362. rdar://problem/27371624
- 1:32 AM Changeset in webkit [203554] by
-
- 12 edits1 copy2 adds in trunk
run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
https://bugs.webkit.org/show_bug.cgi?id=159921
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-22
Reviewed by Brian Burg.
Source/JavaScriptCore:
Updated built-in generator to generate only wrapper files when passed the --wrappers-only option.
When this option is used, wrapper files are generated but no individual file is generated.
When this option is not used, individual files are generated but not wrapper file is generated.
This allows the builtin generator test runner to generate a single WebCore-Wrappers.h-result generated for all
WebCore test files, like used for real in WebCore.
Previously wrapper code was generated individually for each WebCore test file.
Added new built-in test file to cover the case of concatenating several guards in generated WebCore wrapper files.
- Scripts/generate-js-builtins.py:
(concatenated_output_filename): Compute a decent name for wrapper files in case of test mode.
(generate_bindings_for_builtins_files): When --wrappers-only is activated, this generates only the wrapper files, not the individual files.
- Scripts/tests/builtins/WebCore-AnotherGuardedInternalBuiltin-Separate.js: Added.
- Scripts/tests/builtins/expected/WebCore-AnotherGuardedInternalBuiltin-Separate.js-result: Added.
- Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result: Removed wrapper code.
- Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result: Ditto.
- Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result: Ditto.
- Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result: Ditto.
- Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result: Removed wrapper code.
- Scripts/tests/builtins/expected/WebCoreJSBuiltins.h-result: Added, contains wrapper code for all WebCore valid test cases.
Source/WebCore:
Covered by existing and added built-ins tests.
Updating built system according ---wrappers-only new meaning.
builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
WebCore wrapper files allow handling things like conditionally guarded features.
They also remove the need to use built-ins macros outside generated code.
- CMakeLists.txt:
- DerivedSources.make:
Tools:
Updated builtin generator test runner to generate WebCore wrapper files based on all WebCore valid separate files.
- Scripts/webkitpy/codegen/main.py:
(BuiltinsGeneratorTests.generate_from_js_builtins): Passing a list of builtin files to the script.
(BuiltinsGeneratorTests):
(BuiltinsGeneratorTests.single_builtin_test): Added to handle the case of single builtin generation.
(BuiltinsGeneratorTests.wrappers_builtin_test): Added to handle the case of WebCore wrappers builtin generation.
(BuiltinsGeneratorTests.run_test): Helper routine to run a test in reset mode or normal check mode.
(BuiltinsGeneratorTests.run_tests): Updated to add WebCore wrappers builtin generation test.
Jul 21, 2016:
- 10:36 PM MathML/Early_2016_Refactoring edited by
- (diff)
- 10:33 PM Changeset in webkit [203553] by
-
- 19 edits2 copies in trunk/Source/WebCore
Move parsing of accentunder and accent attributes from renderer to element classes
https://bugs.webkit.org/show_bug.cgi?id=159625
Patch by Frederic Wang <fwang@igalia.com> on 2016-07-21
Reviewed by Brent Fulgham.
We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
accent and accentunder attributes. This is one more step toward moving MathML attribute
parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
and constructors can take a more accurate element type.
No new tests, already covered by existing test.
- CMakeLists.txt: Add MathMLUnderOverElement files.
- WebCore.xcodeproj/project.pbxproj: Ditto.
- mathml/MathMLAllInOne.cpp: Ditto.
- mathml/MathMLElement.cpp:
(WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
- mathml/MathMLElement.h: New type and helper functions for boolean attributes.
- mathml/MathMLInlineContainerElement.cpp:
(WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
under/over/underover elements.
- mathml/MathMLScriptsElement.cpp:
(WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
errors now that MathMLUnderOverElement overrides that class.
- mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
- mathml/MathMLUnderOverElement.cpp:
(WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
(WebCore::MathMLUnderOverElement::create):
(WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
(WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
(WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
(WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
- mathml/MathMLUnderOverElement.h:
- mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
- rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
take a MathMLFractionElement.
(WebCore::RenderMathMLFraction::RenderMathMLFraction):
- rendering/mathml/RenderMathMLFraction.h:
- rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
take a MathMLPaddedElement.
(WebCore::RenderMathMLPadded::RenderMathMLPadded):
- rendering/mathml/RenderMathMLPadded.h:
- rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
take a MathMLScriptsElement. Also rename scriptsElement() to element().
(WebCore::RenderMathMLScripts::RenderMathMLScripts):
(WebCore::RenderMathMLScripts::element):
(WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
(WebCore::RenderMathMLScripts::scriptsElement): Deleted.
- rendering/mathml/RenderMathMLScripts.h:
- rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
take a RenderMathMLUnderOver.
(WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
(WebCore::RenderMathMLUnderOver::element):
(WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
- rendering/mathml/RenderMathMLUnderOver.h:
- 9:51 PM Changeset in webkit [203552] by
-
- 5 edits in trunk
Parameter to Node.isSameNode() / isEqualNode() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160070
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
per the specification:
Chrome and Firefox agree with the specification (although Firefox does
not support isSameNode()).
No new tests, rebaselined existing tests.
- dom/Node.idl:
- 9:45 PM Changeset in webkit [203551] by
-
- 2 edits in trunk/Tools
[Mac] webkitdirs.pm contains unused code to support outdated OS X and Xcode versions
https://bugs.webkit.org/show_bug.cgi?id=160072
Reviewed by Andy Estes.
- Scripts/webkitdirs.pm:
(readXcodeUserDefault): Changed to take a defaults key rather than a suffix. Removed support
for old Xcode versions.
(determineBaseProductDir): Removed support for old Xcode versions. Updated for the change
to readXcodeUserDefault.
(debugger): Deleted. This was only used for Darwin, where LLDB is now the only supported
debugger.
(determineDebugger): Ditto.
(checkRequiredSystemConfig): Updated to require at least OS X Yosemite v10.10.5 and Xcode
7.0.
(printHelpAndExitForRunAndDebugWebKitAppIfNeeded): Removed --use-gdb and --use-lldb
switches.
(execMacWebKitAppForDebugging): Removed support for GDB.
- 8:29 PM Changeset in webkit [203550] by
-
- 5 edits in trunk
Parameter to Document.createEvent() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160065
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Parameter to Document.createEvent() should be mandatory as per the
specification:
We already throw anyway when the parameter is omitted because we use
"undefined" as event type, which is invalid. However, we throw the
wrong exception.
Firefox and Chrome agree with the specification here.
No new tests, rebaselined existing tests.
- dom/Document.idl:
- 8:00 PM Changeset in webkit [203549] by
-
- 2 edits in trunk/Source/WebCore
REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
https://bugs.webkit.org/show_bug.cgi?id=160031
Reviewed by Darin Adler.
This bug was caused by a refactoring 6 years ago. Not all uses of a variable
were renamed, so the ObjC bindings target pattern was not specifying any
build scripts as target dependencies.
- DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
- 7:43 PM Changeset in webkit [203548] by
-
- 2 edits in trunk/Source/WebCore
Remove unneeded content attribute name "playsinline"
https://bugs.webkit.org/show_bug.cgi?id=160069
Reviewed by Chris Dumez.
- html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
attribute since it is the same as the name that the code generator will generate.
- 7:42 PM Changeset in webkit [203547] by
-
- 6 edits in trunk
Make parameters to Element.getElementsBy*() operations mandatory
https://bugs.webkit.org/show_bug.cgi?id=160060
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Make parameters to Element.getElementsBy*() operations mandatory to
match the specification:
Firefox and Chrome agree with the specification so the compatibility
risk should be low.
It makes very little sense to call these operations without parameter,
especially considering WebKit uses the string "undefined" if the
parameter is omitted.
No new tests, rebaselined existing tests.
- dom/Element.idl:
LayoutTests:
Drop cases that were calling the operation without parameter.
- fast/dom/getElementsByClassName/dumpHTMLCollection-expected.txt:
- fast/dom/getElementsByClassName/dumpHTMLCollection.html:
- 7:21 PM Changeset in webkit [203546] by
-
- 16 edits in trunk
Make parameters mandatory for attribute-related API on Element
https://bugs.webkit.org/show_bug.cgi?id=160059
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Make parameters mandatory for attribute-related API on Element to match
the specification:
Firefox and Chrome agree with the specification. Calling this API
without the parameters does not make much sense, especially considering
WebKit uses the string "undefined" when the parameter is omitted.
No new tests, rebaselined existing tests.
- dom/Element.idl:
LayoutTests:
Update existing layout tests to reflect the behavior change.
- fast/dom/Element/script-tests/setAttributeNS-namespace-err.js:
- fast/dom/Element/setAttributeNS-namespace-err-expected.txt:
- fast/dom/HTMLHrElement/hr-color-noshade-attribute.html:
- fast/dom/attribute-downcast-right.html:
- fast/images/style-access-during-imageChanged-style-freeze.html:
- fast/selectors/read-only-read-write-input-basics.html:
- fast/selectors/read-only-read-write-textarea-basics.html:
- media/video-playsinline-expected.txt:
- media/video-playsinline.html:
- 6:40 PM Changeset in webkit [203545] by
-
- 24 edits in trunk
Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
https://bugs.webkit.org/show_bug.cgi?id=160066
Reviewed by Dean Jackson.
Source/WebCore:
r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
allowsInlineMediaPlaybackWithPlaysInlineAttribute and
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
to the public. Therefore, it can be removed safely.
No new tests because there is no behavior change.
- page/Settings.cpp:
- page/Settings.in:
- testing/InternalSettings.cpp:
(WebCore::InternalSettings::Backup::Backup): Deleted.
(WebCore::InternalSettings::Backup::restoreTo): Deleted.
(WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
- testing/InternalSettings.h:
- testing/InternalSettings.idl:
Source/WebKit/mac:
- WebView/WebPreferenceKeysPrivate.h:
- WebView/WebPreferences.mm:
(+[WebPreferences initialize]): Deleted.
(-[WebPreferences inlineMediaPlaybackRequiresPlaysInlineAttribute]): Deleted.
(-[WebPreferences setInlineMediaPlaybackRequiresPlaysInlineAttribute:]): Deleted.
- WebView/WebPreferencesPrivate.h:
- WebView/WebView.mm:
(-[WebView _preferencesChanged:]): Deleted.
Source/WebKit2:
- Shared/WebPreferencesDefinitions.h:
- UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
(WKPreferencesGetInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
- UIProcess/API/C/WKPreferencesRefPrivate.h:
- UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]): Deleted.
- UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]): Deleted.
(-[WKWebViewConfiguration copyWithZone:]): Deleted.
(-[WKWebViewConfiguration _inlineMediaPlaybackRequiresPlaysInlineAttribute]): Deleted.
(-[WKWebViewConfiguration _setInlineMediaPlaybackRequiresPlaysInlineAttribute:]): Deleted.
- UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences): Deleted.
Tools:
- DumpRenderTree/mac/DumpRenderTree.mm:
(setDefaultsToConsistentValuesForTesting): Deleted.
- TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:
(RequiresUserActionForPlaybackTest::SetUp): Deleted.
- WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetPreferencesToConsistentValues): Deleted.
- WebKitTestRunner/cocoa/TestControllerCocoa.mm:
(WTR::initializeWebViewConfiguration): Deleted.
- 6:01 PM Changeset in webkit [203544] by
-
- 4 edits in trunk/Source/JavaScriptCore
callOperation(.) variants in the DFG that explicitly take a tag/payload register should take a JSValueRegs instead
https://bugs.webkit.org/show_bug.cgi?id=160007
Reviewed by Filip Pizlo.
This patch is the first step in my plan to remove all callOperation(.) variants
in the various JITs and to unify them using a couple template variations.
The steps are as follows:
- Replace all explicit tag/payload pairs with JSValueRegs in the DFG
- Replace all explicit tag/payload pairs with JSValueRegs in the baseline
- remove callOperation(.) variants and teach setupArgumentsWithExecState about JSValueRegs.
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
(JSC::DFG::SpeculativeJIT::compileValueAdd):
(JSC::DFG::SpeculativeJIT::compileGetDynamicVar):
(JSC::DFG::SpeculativeJIT::compilePutDynamicVar):
(JSC::DFG::SpeculativeJIT::compilePutAccessorByVal):
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
(JSC::DFG::CompareAndBoxBooleanSlowPathGenerator::generateInternal):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompare):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
(JSC::DFG::SpeculativeJIT::compile):
- 5:48 PM Changeset in webkit [203543] by
-
- 3 edits3 adds in trunk
REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
https://bugs.webkit.org/show_bug.cgi?id=159981
<rdar://problem/27429465>
Reviewed by Myles Maxfield.
Source/WebCore:
The change to propagate color spaces through ImageBuffers created an
alternate version of createCompatibleBuffer. This version accidentally
attempted to take the display resolution (i.e. hidpi) into account
when creating the buffer, which meant it was being applied twice.
The fix is simply to remove that logic. The caller of the method
will take the resolution into account, the same way they did
with the old createCompatibleBuffer method.
Test: fast/hidpi/pdf-image-scaled.html
- platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
a resolution - just use the value of 1.0.
LayoutTests:
- fast/hidpi/pdf-image-scaled-expected.html: Added.
- fast/hidpi/pdf-image-scaled.html: Added.
- fast/hidpi/resources/circle.pdf: Added.
- 5:44 PM Changeset in webkit [203542] by
-
- 3 edits3 adds in trunk
Block mixed content synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=105462
<rdar://problem/13666424>
Reviewed by Brent Fulgham.
Source/WebCore:
Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
- loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::loadRequest):
LayoutTests:
- http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame-expected.txt: Added.
- http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html: Added.
- http/tests/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html: Added.
- 5:11 PM Changeset in webkit [203541] by
-
- 4 edits1 add in trunk
[iOS] Apps using WKWebView will crash if they set the scroll view's delegate and don't nil it out later
https://bugs.webkit.org/show_bug.cgi?id=159980
rdar://problem/27450825
Patch by Chelsea Pugh <cpugh@apple.com> on 2016-07-21
Reviewed by Dan Bernstein.
Source/WebKit2:
The root cause of this crash is that we are not abiding the UIScrollView API that the scroll view
delegate property should be weak. If setters of this delegate do not know that, since the WKWebView
exposes the scroll view as a UIScrollView, they may forget to nil out the delegate they set and will
then crash.
- UIProcess/ios/WKScrollView.mm:
(-[WKScrollViewDelegateForwarder methodSignatureForSelector:]): Get a RetainPtr holding the
external delegate and use where needed.
(-[WKScrollViewDelegateForwarder respondsToSelector:]): Ditto.
(-[WKScrollViewDelegateForwarder forwardInvocation:]): Ditto.
(-[WKScrollViewDelegateForwarder forwardingTargetForSelector:]): Ditto. When returning a reference
to the external delegate, get a retained and autoreleased reference so the caller needn't release
the object when done.
(-[WKScrollView delegate]): Ditto.
(-[WKScrollView _updateDelegate]): Get a RetainPtr holding the external delegate that can be
used throughout this method. Use the RetainPtr to get the external delegate for setting super's
delegate as well as creating the delegate forwarder.
(-[WKScrollView setDelegate:]): Get a RetainPtr holding the external delegate and use its value for
comparison to the object we are setting the external delegate to.
Tools:
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/ios/WKScrollViewDelegateCrash.mm: Added.
(-[TestDelegateForScrollView dealloc]): Update delegateIsDeallocated to true so that we can tell
when our delegate has hit -dealloc.
(TestWebKitAPI::TEST): Ensure that after an object has been set as the scroll view's delegate,
and has then been deallocated, that the scroll view's delegate is nil and the deallocated delegate
will not be messaged.
- 4:55 PM Changeset in webkit [203540] by
-
- 3 edits in trunk/Tools
Follow-up patch to r203520
https://bugs.webkit.org/show_bug.cgi?id=159967
<rdar://problem/26964090>
Unreviewed.
- DumpRenderTree/mac/DumpRenderTree.mm:
(setDefaultsToConsistentValuesForTesting):
- WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetPreferencesToConsistentValues):
- 4:52 PM Changeset in webkit [203539] by
-
- 8 edits in trunk
Make parameters to Document.getElementsBy*() operations mandatory
https://bugs.webkit.org/show_bug.cgi?id=160050
Reviewed by Daniel Bates.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Make parameters to Document.getElementsBy*() operations mandatory to
match the specification:
Firefox and Chrome agree with the specification so the compatibility
risk should be low.
It makes very little sense to call these operations without parameter,
especially considering WebKit uses the string "undefined" if the
parameter is omitted.
No new tests, rebaselined existing tests.
- dom/Document.idl:
LayoutTests:
Drop cases that were calling the operation without parameter.
- fast/dom/getElementsByClassName/dumpHTMLCollection-expected.txt:
- fast/dom/getElementsByClassName/dumpHTMLCollection.html:
- 4:47 PM Changeset in webkit [203538] by
-
- 3 edits2 adds in trunk
AX: aria-label not being used correctly in accessible name calculation of heading
https://bugs.webkit.org/show_bug.cgi?id=160009
Reviewed by Chris Fleizach.
Source/WebCore:
Actually we are exposing the correct information for heading objects. On macOS,
VoiceOver should handle the logic that picks the right information to speak.
On iOS, VoiceOver is speaking the static text child instead of the heading object.
So we should set the accessibilityLabel of the static text based on the parent's
alternate label.
Test: accessibility/ios-simulator/heading-with-aria-label.html
- accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
LayoutTests:
- accessibility/ios-simulator/heading-with-aria-label-expected.txt: Added.
- accessibility/ios-simulator/heading-with-aria-label.html: Added.
- 4:41 PM Changeset in webkit [203537] by
-
- 40 edits7 adds in trunk/Source
op_add/ValueAdd should be an IC in all JIT tiers
https://bugs.webkit.org/show_bug.cgi?id=159649
Reviewed by Benjamin Poulain.
Source/JavaScriptCore:
This patch makes Add an IC inside all JIT tiers. It does so in a
simple, but effective, way. We will try to generate an int+int add
that will repatch itself if its type checks fail. Sometimes though,
we have runtime type data saying that the add won't be int+int.
In those cases, we will just generate a full snippet that doesn't patch itself.
Other times, we may generate no inline code and defer to making a C call. A lot
of this patch is just refactoring ResultProfile into what we're now calling ArithProfile.
ArithProfile does everything ResultProfile used to do, and more. It records simple type
data about the LHS/RHS operands it sees. This allows us to determine if an op_add
has only seen int+int operands, etc. ArithProfile will also contain the ResultType
for the LHS/RHS that the parser feeds into op_add. ArithProfile now fits into 32-bits.
This means instead of having a side table like we did for ResultProfile, we just
inject the ArithProfile into the bytecode instruction stream. This makes asking
for ArithProfile faster; we no longer need to lock around this operation.
The size of an Add has gone down on average, but we can still do better.
We still generate a lot of code because we generate calls to the slow path.
I think we can make this better by moving the slow path to a shared thunk
system. This patch mostly lays the foundation for future improvements to Add,
and a framework to move all other arithmetic operations to be typed-based ICs.
Here is some data I took on the average op_add/ValueAdd size on various benchmarks:
| JetStream | Speedometer | Unity 3D |
------| ------------- Old | 189 bytes | 169 bytes | 192 bytes |
------| ------------- New | 148 bytes | 124 bytes | 143 bytes |
---------------------------------------------------
Making an arithmetic IC is now easy. The JITMathIC class will hold a snippet
generator as a member variable. To make a snippet an IC, you need to implement
a generateInline(.) method, which generates the inline IC. Then, you need to
generate the IC where you used to generate the snippet. When generating the
IC, we need to inform JITMathIC of various data like we do with StructureStubInfo.
We need to tell it about where the slow path starts, where the slow path call is, etc.
When generating a JITMathIC, it may tell you that it didn't generate any code inline.
This is a request to the user of JITMathIC to just generate a C call along the
fast path. JITMathIC may also have the snippet tell it to just generate the full
snippet instead of the int+int path along the fast path.
In subsequent patches, we can improve upon how we decide to generate int+int or
the full snippet. I tried to get clever by having double+double, double+int, int+double,
fast paths, but they didn't work out nearly as well as the int+int fast path. I ended up
generating a lot of code when I did this and ended up using more memory than just generating
the full snippet. There is probably some way we can be clever and generate specialized fast
paths that are more successful than what I tried implementing, but I think that's worth deferring
this to follow up patches once the JITMathIC foundation has landed.
This patch also fixes a bug inside the slow path lambdas in the DFG.
Before, it was not legal to emit an exception check inside them. Now,
it is. So it's now easy to define arbitrary late paths using the DFG
slow path lambda API.
- CMakeLists.txt:
- JavaScriptCore.xcodeproj/project.pbxproj:
- bytecode/ArithProfile.cpp: Added.
(JSC::ArithProfile::emitObserveResult):
(JSC::ArithProfile::shouldEmitSetDouble):
(JSC::ArithProfile::emitSetDouble):
(JSC::ArithProfile::shouldEmitSetNonNumber):
(JSC::ArithProfile::emitSetNonNumber):
(WTF::printInternal):
- bytecode/ArithProfile.h: Added.
(JSC::ObservedType::ObservedType):
(JSC::ObservedType::sawInt32):
(JSC::ObservedType::isOnlyInt32):
(JSC::ObservedType::sawNumber):
(JSC::ObservedType::isOnlyNumber):
(JSC::ObservedType::sawNonNumber):
(JSC::ObservedType::isOnlyNonNumber):
(JSC::ObservedType::isEmpty):
(JSC::ObservedType::bits):
(JSC::ObservedType::withInt32):
(JSC::ObservedType::withNumber):
(JSC::ObservedType::withNonNumber):
(JSC::ObservedType::withoutNonNumber):
(JSC::ObservedType::operator==):
(JSC::ArithProfile::ArithProfile):
(JSC::ArithProfile::fromInt):
(JSC::ArithProfile::lhsResultType):
(JSC::ArithProfile::rhsResultType):
(JSC::ArithProfile::lhsObservedType):
(JSC::ArithProfile::rhsObservedType):
(JSC::ArithProfile::setLhsObservedType):
(JSC::ArithProfile::setRhsObservedType):
(JSC::ArithProfile::tookSpecialFastPath):
(JSC::ArithProfile::didObserveNonInt32):
(JSC::ArithProfile::didObserveDouble):
(JSC::ArithProfile::didObserveNonNegZeroDouble):
(JSC::ArithProfile::didObserveNegZeroDouble):
(JSC::ArithProfile::didObserveNonNumber):
(JSC::ArithProfile::didObserveInt32Overflow):
(JSC::ArithProfile::didObserveInt52Overflow):
(JSC::ArithProfile::setObservedNonNegZeroDouble):
(JSC::ArithProfile::setObservedNegZeroDouble):
(JSC::ArithProfile::setObservedNonNumber):
(JSC::ArithProfile::setObservedInt32Overflow):
(JSC::ArithProfile::setObservedInt52Overflow):
(JSC::ArithProfile::addressOfBits):
(JSC::ArithProfile::observeResult):
(JSC::ArithProfile::lhsSawInt32):
(JSC::ArithProfile::lhsSawNumber):
(JSC::ArithProfile::lhsSawNonNumber):
(JSC::ArithProfile::rhsSawInt32):
(JSC::ArithProfile::rhsSawNumber):
(JSC::ArithProfile::rhsSawNonNumber):
(JSC::ArithProfile::observeLHSAndRHS):
(JSC::ArithProfile::bits):
(JSC::ArithProfile::hasBits):
(JSC::ArithProfile::setBit):
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpRareCaseProfile):
(JSC::CodeBlock::dumpArithProfile):
(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::addStubInfo):
(JSC::CodeBlock::addJITAddIC):
(JSC::CodeBlock::findStubInfo):
(JSC::CodeBlock::resetJITData):
(JSC::CodeBlock::shrinkToFit):
(JSC::CodeBlock::dumpValueProfiles):
(JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset):
(JSC::CodeBlock::arithProfileForBytecodeOffset):
(JSC::CodeBlock::arithProfileForPC):
(JSC::CodeBlock::couldTakeSpecialFastCase):
(JSC::CodeBlock::dumpResultProfile): Deleted.
(JSC::CodeBlock::resultProfileForBytecodeOffset): Deleted.
(JSC::CodeBlock::specialFastCaseProfileCountForBytecodeOffset): Deleted.
(JSC::CodeBlock::ensureResultProfile): Deleted.
- bytecode/CodeBlock.h:
(JSC::CodeBlock::stubInfoBegin):
(JSC::CodeBlock::stubInfoEnd):
(JSC::CodeBlock::couldTakeSlowCase):
(JSC::CodeBlock::numberOfResultProfiles): Deleted.
- bytecode/MethodOfGettingAValueProfile.cpp:
(JSC::MethodOfGettingAValueProfile::emitReportValue):
- bytecode/MethodOfGettingAValueProfile.h:
(JSC::MethodOfGettingAValueProfile::MethodOfGettingAValueProfile):
- bytecode/ValueProfile.cpp:
(JSC::ResultProfile::emitDetectNumericness): Deleted.
(JSC::ResultProfile::emitSetDouble): Deleted.
(JSC::ResultProfile::emitSetNonNumber): Deleted.
(WTF::printInternal): Deleted.
- bytecode/ValueProfile.h:
(JSC::getRareCaseProfileBytecodeOffset):
(JSC::ResultProfile::ResultProfile): Deleted.
(JSC::ResultProfile::bytecodeOffset): Deleted.
(JSC::ResultProfile::specialFastPathCount): Deleted.
(JSC::ResultProfile::didObserveNonInt32): Deleted.
(JSC::ResultProfile::didObserveDouble): Deleted.
(JSC::ResultProfile::didObserveNonNegZeroDouble): Deleted.
(JSC::ResultProfile::didObserveNegZeroDouble): Deleted.
(JSC::ResultProfile::didObserveNonNumber): Deleted.
(JSC::ResultProfile::didObserveInt32Overflow): Deleted.
(JSC::ResultProfile::didObserveInt52Overflow): Deleted.
(JSC::ResultProfile::setObservedNonNegZeroDouble): Deleted.
(JSC::ResultProfile::setObservedNegZeroDouble): Deleted.
(JSC::ResultProfile::setObservedNonNumber): Deleted.
(JSC::ResultProfile::setObservedInt32Overflow): Deleted.
(JSC::ResultProfile::setObservedInt52Overflow): Deleted.
(JSC::ResultProfile::addressOfFlags): Deleted.
(JSC::ResultProfile::addressOfSpecialFastPathCount): Deleted.
(JSC::ResultProfile::detectNumericness): Deleted.
(JSC::ResultProfile::hasBits): Deleted.
(JSC::ResultProfile::setBit): Deleted.
(JSC::getResultProfileBytecodeOffset): Deleted.
- bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitBinaryOp):
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::makeSafe):
- dfg/DFGGraph.cpp:
(JSC::DFG::Graph::methodOfGettingAValueProfileFor):
- dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::exceptionCheck):
- dfg/DFGSlowPathGenerator.h:
(JSC::DFG::SlowPathGenerator::generate):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::addSlowPathGenerator):
(JSC::DFG::SpeculativeJIT::runSlowPathGenerators):
(JSC::DFG::SpeculativeJIT::compileValueAdd):
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::silentSpillAllRegistersImpl):
(JSC::DFG::SpeculativeJIT::silentSpillAllRegisters):
(JSC::DFG::SpeculativeJIT::callOperation):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileValueAdd):
(JSC::FTL::DFG::LowerDFGToB3::compileStrCat):
- jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):
(JSC::CCallHelpers::setupArguments):
- jit/JIT.h:
- jit/JITAddGenerator.cpp:
(JSC::JITAddGenerator::generateInline):
(JSC::JITAddGenerator::generateFastPath):
- jit/JITAddGenerator.h:
(JSC::JITAddGenerator::JITAddGenerator):
(JSC::JITAddGenerator::didEmitFastPath): Deleted.
(JSC::JITAddGenerator::endJumpList): Deleted.
(JSC::JITAddGenerator::slowPathJumpList): Deleted.
- jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jless):
(JSC::JIT::emitSlow_op_urshift):
(JSC::getOperandTypes):
(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emit_op_div):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSlow_op_sub):
- jit/JITDivGenerator.cpp:
(JSC::JITDivGenerator::generateFastPath):
- jit/JITDivGenerator.h:
(JSC::JITDivGenerator::JITDivGenerator):
- jit/JITInlines.h:
(JSC::JIT::callOperation):
- jit/JITMathIC.h: Added.
(JSC::JITMathIC::doneLocation):
(JSC::JITMathIC::slowPathStartLocation):
(JSC::JITMathIC::slowPathCallLocation):
(JSC::JITMathIC::generateInline):
(JSC::JITMathIC::generateOutOfLine):
(JSC::JITMathIC::finalizeInlineCode):
- jit/JITMathICForwards.h: Added.
- jit/JITMathICInlineResult.h: Added.
- jit/JITMulGenerator.cpp:
(JSC::JITMulGenerator::generateFastPath):
- jit/JITMulGenerator.h:
(JSC::JITMulGenerator::JITMulGenerator):
- jit/JITOperations.cpp:
- jit/JITOperations.h:
- jit/JITSubGenerator.cpp:
(JSC::JITSubGenerator::generateFastPath):
- jit/JITSubGenerator.h:
(JSC::JITSubGenerator::JITSubGenerator):
- jit/Repatch.cpp:
(JSC::readCallTarget):
(JSC::ftlThunkAwareRepatchCall):
(JSC::tryCacheGetByID):
(JSC::repatchGetByID):
(JSC::appropriateGenericPutByIdFunction):
(JSC::tryCachePutByID):
(JSC::repatchPutByID):
(JSC::tryRepatchIn):
(JSC::repatchIn):
(JSC::linkSlowFor):
(JSC::resetGetByID):
(JSC::resetPutByID):
(JSC::repatchCall): Deleted.
- jit/Repatch.h:
- llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
- llint/LowLevelInterpreter.asm:
- llint/LowLevelInterpreter32_64.asm:
- llint/LowLevelInterpreter64.asm:
- parser/ResultType.h:
(JSC::ResultType::ResultType):
(JSC::ResultType::isInt32):
(JSC::ResultType::definitelyIsNumber):
(JSC::ResultType::definitelyIsString):
(JSC::ResultType::definitelyIsBoolean):
(JSC::ResultType::mightBeNumber):
(JSC::ResultType::isNotNumber):
(JSC::ResultType::forBitOp):
(JSC::ResultType::bits):
(JSC::OperandTypes::OperandTypes):
- runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
(JSC::updateArithProfileForBinaryArithOp):
(JSC::updateResultProfileForBinaryArithOp): Deleted.
- tests/stress/op-add-exceptions.js: Added.
(assert):
(f1):
(f2):
(f3):
(let.oException.valueOf):
(foo):
(ident):
(bar):
Source/WebCore:
- ForwardingHeaders/jit/JITMathICForwards.h: Added.
- 4:32 PM Changeset in webkit [203536] by
-
- 1 edit1 copy1 add1 delete in trunk/LayoutTests
Move expected.txt file for editing/deleting/delete-emoji.html from mac-elcapitan to mac-yosemite
Unreviewed test gardening.
- platform/mac-yosemite/editing/deleting/delete-emoji-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/editing/deleting/delete-emoji-expected.txt.
- 3:56 PM Changeset in webkit [203535] by
-
- 18 edits in trunk
Make parameters mandatory for Document.create*() operations
https://bugs.webkit.org/show_bug.cgi?id=160047
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Make parameters mandatory for Document.create*() operations:
createTextNode(), createComment(), createCDataSection(),
createAttribute() and createProcessingInstruction().
This matches the specification:
Firefox and Chrome both agree with the specification so the
compatibility risk should be low. Also WebKit uses the string
"undefined" when the parameter is omitted, which is not very
helpful.
No new tests, rebaselined existing tests.
- dom/Document.idl:
LayoutTests:
Update existing tests to reflect the behavior change.
- compositing/geometry/assert-marquee-timer.html:
- editing/style/bold-with-dom-changes.html:
- fast/dom/MutationObserver/observe-characterdata.html:
- fast/dom/normalize-attributes-mutation-event-crash.html:
- fast/dom/null-chardata-crash.html:
- fast/dom/wrapper-classes-expected.txt:
- fast/dom/wrapper-classes.html:
- fast/forms/basic-textareas.html:
- fast/inspector-support/uncaught-dom1-exception-expected.txt:
- fast/inspector-support/uncaught-dom1-exception.html:
- 3:49 PM Changeset in webkit [203534] by
-
- 2 edits in trunk/LayoutTests
Marking imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight.html as flaky on mac
https://bugs.webkit.org/show_bug.cgi?id=160056
Unreviewed test gardening.
- platform/mac/TestExpectations:
- 3:34 PM Changeset in webkit [203533] by
-
- 3 edits2 copies1 move1 add in trunk
[macOS] Caret placement occurs in the middle of new emoji group candidates
https://bugs.webkit.org/show_bug.cgi?id=160008
<rdar://problem/27430111>
Reviewed by Simon Fraser.
Source/WTF:
r203330 added support for new emoji group candidates. This patch updates the rules
governing caret placement around these new emoji groups.
- wtf/text/TextBreakIterator.cpp:
(WTF::cursorMovementIterator):
LayoutTests:
Update expected results.
The new emoji support is behind the ADDITIONAL_EMOJI_SUPPORT guard, which
means it only occurs on El Capitan and higher. Similarly, these new rules
are not used for iOS.
- editing/deleting/delete-emoji-expected.txt: Deleted.
- platform/mac/editing/deleting/delete-emoji-expected.txt: Added.
- platform/mac-elcapitan/editing/deleting/delete-emoji-expected.txt: Added.
- platform/ios-simulator/editing/deleting/delete-emoji-expected.txt: Added.
- 3:16 PM Changeset in webkit [203532] by
-
- 2 edits in trunk/LayoutTests
Land test expectations for rdar://problem/27475162.
- platform/mac/TestExpectations:
- 2:31 PM Changeset in webkit [203531] by
-
- 6 edits2 adds in trunk
Fix null handling of SVGAngle/SVGLength.valueAsString attribute
https://bugs.webkit.org/show_bug.cgi?id=160025
Reviewed by Ryosuke Niwa.
Source/WebCore:
Fix null handling of SVGAngle/SVGLength.valueAsString attribute
to match the specification:
- https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
- https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
In particular, this patch drops [TreatNullAs=EmptyString] IDL
extended attribute from this attribute. This is not supposed
to change behavior given that both "" and "null" are invalid
numbers and the specification says to throw a SYNTAX_ERR in
this case.
However, WebKit currently ignores assignments to "" instead
of throwing. As a result, assigning to null will now throw
instead of being ignored. The compatibility risk should be
low because both Firefox and Chrome throw when assigning
null.
I did not change the behavior when assigning to "" because
it is a bit out of scope for this patch and browsers to not
seem to agree:
- Firefox throws
- Chrome set value to "0"
- WebKit ignores the assignment
The specification seems to agree with Firefox as far as I
can tell given that "" is not a valid number as per:
Test: svg/dom/valueAsString-null.html
- svg/SVGAngle.idl:
- svg/SVGLength.idl:
LayoutTests:
Add test coverage.
- svg/dom/svg-element-attribute-js-null-expected.txt:
- svg/dom/svg-element-attribute-js-null.xhtml:
- svg/dom/valueAsString-null-expected.txt: Added.
- svg/dom/valueAsString-null.html: Added.
There are a couple of failures in this test because WebKit ignores
assignments to "" instead of throwing. Firefox passes all the checks.
- 2:25 PM Changeset in webkit [203530] by
-
- 7 edits in trunk
Fix null handling of HTMLFontElement.color
https://bugs.webkit.org/show_bug.cgi?id=160036
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline W3C test now that more checks are passing.
- web-platform-tests/html/dom/reflection-obsolete-expected.txt:
Source/WebCore:
Fix null handling of HTMLFontElement.color to match the specification:
We are supposed to treat null as the empty string. Both Firefox and
Chrome agree with the specification.
No new tests, rebaselined existing tests.
- html/HTMLFontElement.idl:
LayoutTests:
Update existing test to reflect behavior change.
- fast/dom/element-attribute-js-null-expected.txt:
- fast/dom/element-attribute-js-null.html:
- 2:25 PM Changeset in webkit [203529] by
-
- 7 edits in trunk
Fix null handling for several HTMLTableElement attributes
https://bugs.webkit.org/show_bug.cgi?id=160041
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline W3C test now that more checks are passing.
- web-platform-tests/html/dom/reflection-tabular-expected.txt:
Source/WebCore:
Fix null handling for several HTMLTableElement attributes to match the
specification:
The attributes in question are 'bicolor', 'cellSpacing' and
'cellPadding'. We are supposed to treat null as the empty string for
these attributes.
Firefox and Chrome both agree with the specification.
No new tests, rebaselined existing tests.
- html/HTMLTableElement.idl:
LayoutTests:
Update existing test to reflect the behavior change.
- fast/dom/element-attribute-js-null-expected.txt:
- fast/dom/element-attribute-js-null.html:
- 2:23 PM Changeset in webkit [203528] by
-
- 8 edits in trunk
Fix null handling for HTMLObjectElement.border
https://bugs.webkit.org/show_bug.cgi?id=160040
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline W3C test now that more checks are passing.
- web-platform-tests/html/dom/reflection-embedded-expected.txt:
Source/WebCore:
Fix null handling for HTMLObjectElement.border to match the specification:
We are supposed to treat null as the empty string.
Both Firefox and Chrome agree with the specification.
No new tests, rebaselined existing tests.
- html/HTMLObjectElement.idl:
LayoutTests:
Update existing test to reflect the behavior change.
- fast/dom/element-attribute-js-null-expected.txt:
- fast/dom/element-attribute-js-null.html:
- 2:22 PM Changeset in webkit [203527] by
-
- 8 edits in trunk
Fix null handling for td.bgColor / tr.bgColor
https://bugs.webkit.org/show_bug.cgi?id=160043
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline W3C test now that more checks are passing.
- web-platform-tests/html/dom/reflection-tabular-expected.txt:
Source/WebCore:
Fix null handling for td.bgColor / tr.bgColor to match the
specification:
- https://html.spec.whatwg.org/#HTMLTableCellElement-partial
- https://html.spec.whatwg.org/#HTMLTableRowElement-partial
We are supposed to treat null as the empty string.
Firefox and Chrome both agree with the specification.
No new tests, rebaselined existing tests.
- html/HTMLTableCellElement.idl:
- html/HTMLTableRowElement.idl:
LayoutTests:
Update existing test to reflect the behavior change.
- fast/dom/element-attribute-js-null-expected.txt:
- fast/dom/element-attribute-js-null.html:
- 2:19 PM Changeset in webkit [203526] by
-
- 3 edits in trunk/LayoutTests
Test platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=160002
Reviewed by Alexey Proskuryakov.
The file platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe.html tests loading
plugin content from the main frame and from a subframe. Depending on timing the plugin
content loaded in the subframe may complete before plugin content loaded in the main frame.
We should test loading plugin content in a subframe after perform all main frame sub-tests
so as to ensure a well-defined sub-test order.
Add logic to ensure that an embedded YouTube flash video loaded in a subframe actually creates
a shadow DOM. Additionally, simplify the test logic by making use window.jsTestIsAsync/finishJSTest()
to mark the test as asynchronous and notify test completion instead of calling
window.testRunner.{waitUntilDone, notifyDone}(), remove the call to
testRunner.dumpAsText() (js-test-pre.js calls this for us), remove all of the DOM elements
used in the test to avoid noise in the expected results, and fix some style nits.
- platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe-expected.txt:
- platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe.html:
- 2:11 PM Changeset in webkit [203525] by
-
- 7 edits in trunk
Fix null handling for several HTMLBodyElement attributes
https://bugs.webkit.org/show_bug.cgi?id=160044
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline W3C test now that more checks are passing.
- web-platform-tests/html/dom/reflection-sections-expected.txt:
Source/WebCore:
Fix null handling for several HTMLBodyElement attributes to match the
specification:
The attributes in question are: 'text', 'link', 'vlink', 'alink' and
'bgcolor'.
We are supposed to treat null as the empty string for these attributes.
Firefox and Chrome both agree with the specification.
No new tests, rebaselined existing tests.
- html/HTMLBodyElement.idl:
LayoutTests:
Update existing test to reflect the behavior change.
- fast/dom/element-attribute-js-null-expected.txt:
- fast/dom/element-attribute-js-null.html:
- 2:10 PM Changeset in webkit [203524] by
-
- 8 edits in trunk
Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
https://bugs.webkit.org/show_bug.cgi?id=160037
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline W3C test now that more checks are passing.
- web-platform-tests/html/dom/reflection-embedded-expected.txt:
Source/WebCore:
Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
match the specification:
We are supposed to treat null as the empty string. Both Firefox and
Chrome agree with the specification.
No new tests, rebaselined existing tests.
- html/HTMLIFrameElement.idl:
LayoutTests:
Update existing test to reflect the behavior change.
- fast/dom/element-attribute-js-null-expected.txt:
- fast/dom/element-attribute-js-null.html:
- 2:09 PM Changeset in webkit [203523] by
-
- 8 edits in trunk
Fix null handling for HTMLImageElement.border
https://bugs.webkit.org/show_bug.cgi?id=160039
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline W3C test now that more checks are passing.
- web-platform-tests/html/dom/reflection-embedded-expected.txt:
Source/WebCore:
Fix null handling for HTMLImageElement.border to match the specification:
We are supposed to treat null as the empty string.
Both Firefox and Chrome agree with the specification.
No new tests, rebaselined existing tests.
- html/HTMLImageElement.idl:
LayoutTests:
Update existing test to reflect the behavior change.
- fast/dom/element-attribute-js-null-expected.txt:
- fast/dom/element-attribute-js-null.html:
- 2:06 PM Changeset in webkit [203522] by
-
- 9 edits in trunk
REGRESSION: Plugin replaced YouTube Flash videos always have the same width
https://bugs.webkit.org/show_bug.cgi?id=159998
<rdar://problem/27462285>
Reviewed by Simon Fraser.
Source/WebCore:
Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
element would always have the same width regardless of value of the width attribute.
For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
for the default renderer of an HTML embed element. The root of this shadow DOM subtree
is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
In particular, we set inline display and position to "inline-block" and "relative", respectively,
and set an invalid height and width (we specify a font weight value instead of a CSS length value
- this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
in a debug build). These styles never worked as intended and we ultimately created an inline
renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
single element.
- html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
header RenderBlockFlow.h. Also update copyright in license block.
(WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
never worked as intended.
(WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
renderer for us so that we layout as a block, non-replaced element.
- html/shadow/YouTubeEmbedShadowElement.h:
LayoutTests:
Unskip existing iOS layout tests, update tests and expected results.
- platform/ios-simulator/TestExpectations:
- platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe-expected.txt: Updated expected result based on the
changes to test youtube-flash-plugin-iframe.html.
- platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe-no-height-or-width-expected.txt: Updated expected result
based on the changes to test youtube-flash-plugin-iframe-no-height-or-width.html.
- platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe-no-height-or-width.html: Modified to check the
width of each embedded YouTube video to ensure that we respect it (if specified).
- platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe.html: Substitute pseudo id -webkit-plugin-replacement
for -apple-youtube-shadow-iframe as the later was renamed to the former in <https://trac.webkit.org/changeset/168442>.
Fix misspelling of the word "embed" in a comment.
- 2:05 PM Changeset in webkit [203521] by
-
- 2 edits in trunk/LayoutTests
Marking inspector/codemirror/prettyprinting-javascript.html as a flaky timeout on mac debug.
https://bugs.webkit.org/show_bug.cgi?id=160048
Unreviewed test gardening.
Added TestExpectation and reordered alphabetically.
- platform/mac/TestExpectations:
- 1:19 PM Changeset in webkit [203520] by
-
- 26 edits2 deletes in trunk
[iPhone] Playing a video on tudou.com plays only sound, no video
https://bugs.webkit.org/show_bug.cgi?id=159967
<rdar://problem/26964090>
Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
Source/WebCore:
WebKit recently starting honoring the playsinline and webkit-playsinline
attribute on iPhones. However, because these attributes previously did
nothing, some sites (such as Todou) were setting them on their content
and expecting that they are not honored. In this specific case, the
video is absolutely positioned to be 1 pixel x 1 pixel.
Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
property on their WKWebView, which would honor the webkit-playsinline
attribute. Safari on iPhones didn't do this.
In order to not break these existing apps, it's important that the
allowsInlineMediaPlayback preference still allows webkit-playsinline
videos to play inline in apps using WKWebView. However, in Safari, these
videos should play fullscreen. (Todou videos have webkit-playsinline
but not playsinline.)
Therefore, in Safari, videos with playsinline should be inline, but
videos with webkit-playsinline should be fullscreen. In apps using
WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
playsinline should be inline, and videos with webkit-playsinline should
also be inline. Videos on iPad and Mac should all be inline by default.
We can create some truth tables for the cases which need to be covered:
All apps on Mac / iPad:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Inline
Present | Not present | Inline
Not Present | Present | Inline
Present | Present | Inline
Safari on iPhone:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Fullscreen
Present | Not present | Inline
Not Present | Present | Fullscreen
Present | Present | Inline
App on iPhone which sets allowsInlineMediaPlayback:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Fullscreen
Present | Not present | Inline
Not Present | Present | Inline
Present | Present | Inline
The way to distinguish Safari from another app is to create an SPI
boolean preference which Safari can set. This is already how the
iPhone and iPad are differentiated using the requiresPlayInlineAttribute
which Safari sets but other apps don't. However, this preference is
no longer sufficient because Safari should now be discriminating
between the playsinline and webkit-playsinline attributes. Therefore,
this preference should be extended to two boolean preferences, which
this patch adds:
allowsInlineMediaPlaybackWithPlaysInlineAttribute
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
Safari on iPhone will set
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
false. Other apps on iPhone will get their defaults values (because they
are SPI) which means they will both be true. On iPad and Mac, apps will
use the defaults values where both are false.
This patch adds support for these two preferences, but does not remove
the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
I will remove the exising preference as soon as I update Safari to migrate
off of it.
Test: media/video-playsinline.html
- html/MediaElementSession.cpp:
(WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
- page/Settings.cpp:
- page/Settings.in:
- testing/InternalSettings.cpp:
(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
- testing/InternalSettings.h:
- testing/InternalSettings.idl:
Source/WebKit/mac:
Add the two preferences to WebPreferences.
- WebView/WebPreferenceKeysPrivate.h:
- WebView/WebPreferences.mm:
(+[WebPreferences initialize]):
(-[WebPreferences allowsInlineMediaPlaybackWithPlaysInlineAttribute]):
(-[WebPreferences setAllowsInlineMediaPlaybackWithPlaysInlineAttribute:]):
(-[WebPreferences allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute]):
(-[WebPreferences setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute:]):
- WebView/WebPreferencesPrivate.h:
- WebView/WebView.mm:
(-[WebView _preferencesChanged:]):
Source/WebKit2:
Add the two preferences to WKWebViewConfiguration and WKPreferences to cover both
the Obj-C API and the C SPI.
- Shared/WebPreferencesDefinitions.h:
- UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WKPreferencesGetAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WKPreferencesSetAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
(WKPreferencesGetAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
- UIProcess/API/C/WKPreferencesRefPrivate.h:
- UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]):
- UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _allowsInlineMediaPlaybackWithPlaysInlineAttribute]):
(-[WKWebViewConfiguration _setAllowsInlineMediaPlaybackWithPlaysInlineAttribute:]):
(-[WKWebViewConfiguration _allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute]):
(-[WKWebViewConfiguration _setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute:]):
- UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):
Tools:
Migrate tests to use new SPI.
- TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:
(RequiresUserActionForPlaybackTest::SetUp):
- WebKitTestRunner/cocoa/TestControllerCocoa.mm:
(WTR::initializeWebViewConfiguration):
LayoutTests:
- media/video-playsinline.html: Updated.
- media/video-webkit-playsinline-expected.txt: Removed.
- media/video-webkit-playsinline.html: Removed.
- 1:04 PM Changeset in webkit [203519] by
-
- 2 edits in trunk/LayoutTests
Marking accessibility/mac/value-change/value-change-user-info-contenteditable.html as flaky on El Capitan WK2
https://bugs.webkit.org/show_bug.cgi?id=160042
Unreviewed test gardening.
- platform/mac-wk2/TestExpectations:
- 12:41 PM Changeset in webkit [203518] by
-
- 2 edits in trunk/Source/WebCore
Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
https://bugs.webkit.org/show_bug.cgi?id=160011
Reviewed by Chris Dumez.
Add a null pointer check for renderer() call.
Unfortunately no new tests since we don't have a reproduction.
- editing/DeleteSelectionCommand.cpp:
(WebCore::DeleteSelectionCommand::doApply):
- 12:04 PM Changeset in webkit [203517] by
-
- 13 edits in trunk
The 2 first parameters to DOMImplementation.createDocument() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160030
Reviewed by Sam Weinig.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/dom/nodes/DOMImplementation-createDocument-expected.txt:
Source/WebCore:
The 2 first parameters to DOMImplementation.createDocument() should be mandatory
as per the specification:
Firefox and Chrome both agree with the specification. However, those
parameters were marked as optional in WebKit. Calling this function
without parameters would create a document element whose tag is the
string "undefined", which does not seem helpful. This patch thus
aligns our behavior with the specification and other browsers.
No new tests, rebaselined existing tests.
- dom/DOMImplementation.idl:
LayoutTests:
Rebaseline / update existing test to reflect the behavior change.
- fast/css/zoom-on-unattached.html:
- fast/dom/DOMImplementation/createDocument-namespace-err-expected.txt:
- fast/dom/DOMImplementation/script-tests/createDocument-namespace-err.js:
- fast/dom/HTMLLinkElement/prefetch-detached.html:
- fast/dom/node-move-to-new-document-crash-main.html:
- fast/forms/change-form-element-document-crash.html:
- 11:40 AM Changeset in webkit [203516] by
-
- 5 edits in trunk/Source/WebCore
Kill legacy valueToStringWithNullCheck() utility function
https://bugs.webkit.org/show_bug.cgi?id=159991
Reviewed by Sam Weinig.
Kill legacy valueToStringWithNullCheck() utility function. Treating null as
a null string is legacy behavior so drop this function so that people are
not tempted to use it. We should be using either:
- JSValue::toWTFString() for non-nullable DOMStrings
- valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
- valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
No new tests, no web-exposed behavior change.
- bindings/js/JSDOMBinding.cpp:
(WebCore::valueToStringWithNullCheck): Deleted.
- bindings/js/JSDOMBinding.h:
- bindings/js/JSHTMLFrameElementCustom.cpp:
(WebCore::JSHTMLFrameElement::setLocation):
- html/HTMLFrameElement.idl:
- 11:23 AM Changeset in webkit [203515] by
-
- 2 edits in branches/safari-602-branch/LayoutTests
Merge r203506. rdar://problem/27353750
- 11:20 AM Changeset in webkit [203514] by
-
- 2 edits in trunk/Source/WebCore
Do not keep invalid IOSurface in ImageBufferData.
https://bugs.webkit.org/show_bug.cgi?id=160005
<rdar://problem/27208636>
Reviewed by Simon Fraser.
When we fail to initialize the IOSurface for the accelerated context, we switch over to
the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
the graphics context is in accelerated mode, we need to reset it when the initialization fails.
Unable to create a test case.
- platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::ImageBuffer::ImageBuffer):
- 11:17 AM Changeset in webkit [203513] by
-
- 4 edits1 add in branches/safari-602-branch
Merge r203508. rdar://problem/27392691
- 11:08 AM Changeset in webkit [203512] by
-
- 54 edits in trunk
Clarify testing mode names in run-jsc-stress-tests
https://bugs.webkit.org/show_bug.cgi?id=160021
Reviewed by Mark Lam.
Default should mean really default, not default with disabled FTL, renamed
- runMozillaTestDefault to runMozillaTestNoFTL
- runMozillaTestDefaultFTL to runMozillaTestDefault
- runDefault to runNoFTL
- runDefaultFTL to runDefault
- runLayoutTestDefault to runLayoutTestNoFTL
- runLayoutTestDefaultFTL to runLayoutTestDefault
- runNoisyTestDefault to runNoisyTestNoFTL
- runNoisyTestDefaultFTL to runNoisyTestDefault
Source/JavaScriptCore:
- tests/mozilla/mozilla-tests.yaml:
- tests/stress/lift-tdz-bypass-catch.js:
- tests/stress/obscure-error-message-dont-crash.js:
- tests/stress/shadow-chicken-disabled.js:
Tools:
- Scripts/run-jsc-stress-tests:
LayoutTests:
- js/regress/script-tests/DataView-custom-properties.js:
- js/regress/script-tests/HashMap-put-get-iterate-keys.js:
- js/regress/script-tests/HashMap-put-get-iterate.js:
- js/regress/script-tests/HashMap-string-put-get-iterate.js:
- js/regress/script-tests/array-nonarray-polymorhpic-access.js:
- js/regress/script-tests/basic-set.js:
- js/regress/script-tests/bug-153431.js:
- js/regress/script-tests/destructuring-arguments.js:
- js/regress/script-tests/destructuring-swap.js:
- js/regress/script-tests/inline-arguments-local-escape.js:
- js/regress/script-tests/method-on-number.js:
- js/regress/script-tests/new-array-buffer-push.js:
- js/regress/script-tests/new-array-push.js:
- js/regress/script-tests/poly-stricteq.js:
- js/regress/script-tests/polymorphic-array-call.js:
- js/regress/script-tests/regexp-prototype-is-not-instance.js:
- js/regress/script-tests/regexp-prototype-search-observable-side-effects.js:
- js/regress/script-tests/regexp-prototype-search-observable-side-effects2.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects2.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects3-flags.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects3-global.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects3-ignoreCase.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects3-multiline.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects3-sticky.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects3-unicode.js:
- js/regress/script-tests/regexp-prototype-split-observable-side-effects4.js:
- js/regress/script-tests/regexp-prototype-test-observable-side-effects.js:
- js/regress/script-tests/regexp-prototype-test-observable-side-effects2.js:
- js/regress/script-tests/string-equality.js:
- js/regress/script-tests/string-prototype-search-observable-side-effects.js:
- js/regress/script-tests/string-prototype-search-observable-side-effects2.js:
- js/regress/script-tests/string-prototype-search-observable-side-effects3.js:
- js/regress/script-tests/string-prototype-search-observable-side-effects4.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects2.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects3-flags.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects3-global.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects3-ignoreCase.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects3-multiline.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects3-sticky.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects3-unicode.js:
- js/regress/script-tests/string-prototype-split-observable-side-effects4.js:
- js/regress/script-tests/string-repeat-arith.js:
- js/regress/script-tests/string-sub.js:
- js/slow-stress/script-tests/destructuring-arguments-length.js:
- 10:54 AM Changeset in webkit [203511] by
-
- 5 edits in trunk
playsInline IDL attribute has the wrong casing
https://bugs.webkit.org/show_bug.cgi?id=160029
<rdar://problem/27474031>
Reviewed by Jon Lee.
Source/WebCore:
Fix case from video.playsinline to video.playsInline in order to match
the specification:
It still reflects the "playsinline" content attribute though, as per
the specification:
No new tests, updated existing test.
- html/HTMLVideoElement.idl:
LayoutTests:
Update test to use the correct case.
- media/video-playsinline-expected.txt:
- media/video-playsinline.html:
- 10:24 AM WebKitGTK/Gardening/Calendar edited by
- (diff)
- 10:23 AM WebKitGTK/Gardening/Calendar edited by
- (diff)
- 10:20 AM Changeset in webkit [203510] by
-
- 3 edits2 adds in trunk
Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
https://bugs.webkit.org/show_bug.cgi?id=160026
Reviewed by Sam Weinig.
Source/WebCore:
Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
attribute as it does not match the specification:
It does not change web-exposed behavior because assigning to "" or "null"
gets ignored as those are not valid operations.
Test: fast/canvas/context-globalCompositeOperation-null.html
- html/canvas/CanvasRenderingContext2D.idl:
LayoutTests:
Add test coverage.
- fast/canvas/context-globalCompositeOperation-null-expected.txt: Added.
- fast/canvas/context-globalCompositeOperation-null.html: Added.
- 10:12 AM Changeset in webkit [203509] by
-
- 8 edits in trunk/LayoutTests
[GTK] Gardening: Layout tests expectations updates and test rebaselines.
Unreviewed.
- TestExpectations: js/regress-139548.html is ~10x slower since r203142.
- fast/mediastream/RTCPeerConnection-add-removeTrack-expected.txt: Rebaseline after r203333.
- fast/mediastream/RTCPeerConnection-addIceCandidate-expected.txt: Rebaseline after r203333.
- fast/mediastream/RTCPeerConnection-setLocalDescription-offer-expected.txt: Rebaseline after r203333.
- fast/mediastream/RTCPeerConnection-setRemoteDescription-offer-expected.txt: Rebaseline after r203333.
- platform/efl/TestExpectations: workers/bomb.html is slow.
- platform/gtk/TestExpectations: workers/bomb.html is slow, media/media-source/media-source-small-gap.html timeouts and new failure on platform/gtk/scrollbars/main-frame-scrollbar-horizontal-wheel-scroll.html.
- 10:01 AM Changeset in webkit [203508] by
-
- 4 edits1 add in trunk
WebBackForwardList's currentIndex could get out of bounds when filtering items.
https://bugs.webkit.org/show_bug.cgi?id=159986
Source/WebKit2:
When generating a new BackForwardListState object, if we filter out multiple items in the list, the currentIndex could get
out of bounds.
Patch by Yongjun Zhang <yongjun_zhang@apple.com> on 2016-07-21
Reviewed by Dan Bernstein.
- UIProcess/WebBackForwardList.cpp:
(WebKit::WebBackForwardList::backForwardListState): Make currentIndex point to the last item if it is out of bounds.
Tools:
Add a test to verify filtering out 2 items from a 3-item list will set the currentIndex
to 0.
Patch by Yongjun Zhang <yongjun_zhang@apple.com> on 2016-07-21
Reviewed by Dan Bernstein.
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/WebKit2/WKBackForwardList.mm: Added.
(-[WKBackForwardListTestNavigationDelegate webView:didFinishNavigation:]):
(TEST):
- 9:59 AM Changeset in webkit [203507] by
-
- 3 edits in trunk/Source/WebKit2
Web Automation: Allow JavaScript evaluation to return an InvalidElementState error
https://bugs.webkit.org/show_bug.cgi?id=160015
<rdar://problem/27434529>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-07-21
Reviewed by Brian Burg.
- UIProcess/Automation/Automation.json:
- WebProcess/Automation/WebAutomationSessionProxy.cpp:
(WebKit::WebAutomationSessionProxy::evaluateJavaScriptFunction):
- 9:21 AM Changeset in webkit [203506] by
-
- 2 edits in trunk/LayoutTests
Update test expectations for rdar://problem/27353750.
- platform/mac/TestExpectations:
- 9:05 AM Changeset in webkit [203505] by
-
- 3 edits in trunk/Source/WebCore
[GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
https://bugs.webkit.org/show_bug.cgi?id=160020
Reviewed by Michael Catanzaro.
It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
scrollbars even when not using overlay scrollbars.
- platform/gtk/ScrollbarThemeGtk.cpp:
(WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
- rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
threaded compositor is enabled.
- 9:02 AM Changeset in webkit [203504] by
-
- 7 edits in trunk/Source/WebKit2
[GTK][Threaded Compositor] WTR generates fully white images for pixel tests most of the time
https://bugs.webkit.org/show_bug.cgi?id=160016
Reviewed by Žan Doberšek.
WTR sends a force repaint message to the web process before taking a snapshot of the web view. With the threaded
compositor, the UI process is notified about the force repaint callback before the contents have been actually
painted. We need to ensure that the contents are rendered before the UI process is notified.
- Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::forceRepaint): Synchronously render the layer tree.
- Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
- UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewRenderAcceleratedCompositingResults): Always mark the redirected window surface as dirty before
rendering, since it can be modified by the web process at any time.
- UIProcess/gtk/RedirectedXCompositeWindow.cpp:
(WebKit::XDamageNotifier::add):
(WebKit::RedirectedXCompositeWindow::RedirectedXCompositeWindow): Do not mark the surface as dirty on every
damage since the view will do it before rendering.
- WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:
(WebKit::ThreadedCoordinatedLayerTreeHost::forceRepaint): Call ThreadedCompositor::forceRepaint().
- WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:
- 9:01 AM Changeset in webkit [203503] by
-
- 2 edits in trunk/Source/WebCore
[Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
https://bugs.webkit.org/show_bug.cgi?id=160014
Reviewed by Michael Catanzaro.
In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
ImageBuffer cairo implementation.
- platform/graphics/cairo/ImageBufferCairo.cpp:
(WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
- 6:03 AM Changeset in webkit [203502] by
-
- 2 edits in trunk/Source/WebCore
[GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
https://bugs.webkit.org/show_bug.cgi?id=160018
Patch by Miguel Gomez <magomez@igalia.com> on 2016-07-21
Reviewed by Philippe Normand.
Lock the video sample mutex while accessing it.
Covered by existent tests.
- platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
- 4:36 AM Changeset in webkit [203501] by
-
- 1 edit12 adds in trunk/LayoutTests
[css-grid] Handle min-content/max-content with orthogonal flows
https://bugs.webkit.org/show_bug.cgi?id=159294
Reviewed by Darin Adler.
New layout tests to evaluate basic positioning and sizing using orthogonal flows.
- fast/css-grid-layout/grid-item-positioning-with-orthogonal-flows-expected.txt: Added.
- fast/css-grid-layout/grid-item-positioning-with-orthogonal-flows.html: Added.
- fast/css-grid-layout/grid-item-sizing-with-orthogonal-flows-expected.txt: Added.
- fast/css-grid-layout/grid-item-sizing-with-orthogonal-flows.html: Added.
- fast/css-grid-layout/grid-item-spanning-and-orthogonal-flows-expected.txt: Added.
- fast/css-grid-layout/grid-item-spanning-and-orthogonal-flows.html: Added.
- fast/css-grid-layout/grid-track-sizing-with-orthogonal-flows-expected.txt: Added.
- fast/css-grid-layout/grid-track-sizing-with-orthogonal-flows.html: Added.
- fast/css-grid-layout/grid-track-sizing-with-percentages-and-orthogonal-flows-expected.txt: Added.
- fast/css-grid-layout/grid-track-sizing-with-percentages-and-orthogonal-flows.html: Added.
- 12:35 AM Changeset in webkit [203500] by
-
- 3 edits in trunk/Source/WebKit2
[GTK] White page when loaded tab is visited until it's hovered when AC mode is always on
https://bugs.webkit.org/show_bug.cgi?id=159512
Reviewed by Michael Catanzaro.
The redirected window is always mapped, but offscreen, to ensure that the web process can always render
there. When the web process renders something into the offscreen window, we receive a damage event in the UI
process and queue a redraw of the web view. However, when the web view is not mapped, even if we still receive
the damage events, the web view redraws are ignored until the view is mapped again (gtk_widget_queue_draw()
returns early when the widget is not visible). The redirected window updates its pixmap on demand when the
surface is requested, which happens when the web view draws its contents. So when the web view becames visible,
the redirected window creates a new pixmap and surface (the first time or if the web view was resized), that we
initialize to avoid artifacts when the web process hasn't render anything yet. That initialization is actually
overwriting anything rendered into the redirected window while the view was unmapped. That's why see white pages
the first time, and previous contents after a resize, and we don't see the actual contents until the web process
renders again and we reuse the existing pixmap. The white page didn't happen for tabs with accelerated content,
because in those cases the web process was rendering a new frame every 16ms, but instead there was a flickering
effect due to the current frame being overwritten when the view is mapped until the next frame.
So, instead of lazily create and initialize the redirected window pixmap and surface, we should always create
the new pixmap as soon as the window is created or resized (and not empty) This fixes the issues but also makes
resizing the window a bit smoother when AC mode is enabled.
- UIProcess/gtk/RedirectedXCompositeWindow.cpp:
(WebKit::RedirectedXCompositeWindow::RedirectedXCompositeWindow): Create the pixmap and surface if the window is
not empty.
(WebKit::RedirectedXCompositeWindow::resize): Ditto.
(WebKit::RedirectedXCompositeWindow::createNewPixampAndPixampSurface): Create the pixmap and surface.
(WebKit::RedirectedXCompositeWindow::surface): Deleted.
- UIProcess/gtk/RedirectedXCompositeWindow.h:
(WebKit::RedirectedXCompositeWindow::surface):
- 12:33 AM Changeset in webkit [203499] by
-
- 23 edits2 copies9 adds in trunk/Source/JavaScriptCore
[ES7] Introduce exponentiation expression
https://bugs.webkit.org/show_bug.cgi?id=159969
Reviewed by Saam Barati.
This patch implements the exponentiation expression, e.g.
x ** y
.
The exponentiation expression is introduced in ECMA262 2016 and ECMA262 2016
is already released. So this is not the draft spec.
The exponentiation expression has 2 interesting points.
- Right associative
To follow the Math expression, operator is right associative.
When we executex ** y ** z
, this is handled asx ** (y ** z)
, not(x ** y) ** z
.
This patch introduces the right associativity to the binary operator and handles it
in the operator precedence parser in Parser.cpp.
- LHS of the exponentiation expression is UpdateExpression
ExponentiationExpression[Yield]:
UnaryExpression?Yield
UpdateExpression?Yield ExponentiationExpression?Yield
As we can see, the left hand side of the ExponentiationExpression is UpdateExpression, not UnaryExpression.
It means that+x ** y
becomes a syntax error. This is intentional. Without superscript in JS,
-x**y
is confusing between-(x ** y)
and(-x) ** y
. So ECMA262 intentionally avoids UnaryExpression here.
If we need to use a negated value, we need to write parentheses explicitly e.g.(-x) ** y
.
In this patch, we ensure that the left hand side is not an unary expression by checking an operator in
parseBinaryExpression. This works since**
has the highest operator precedence in the binary operators.
We introduce a new bytecode, op_pow. That simply works as similar as the other binary operators.
And it is converted to ArithPow in DFG and handled in DFG and FTL.
In this patch, we take the approach just introducing a new bytecode instead of calling Math.pow.
This is because we would like to execute ToNumber in the caller side, not in the callee (Math.pow) side.
And we don't want to compile into the following.
lhsNumber = to_number (lhs)
rhsNumber = to_number (rhs)
call Math.pow(lhsNumber, rhsNumber)
We ensure that this patch passes all the test262 tests related to the exponentiation expression.
The only sensitive part to the performance is the parser changes.
So we measured the code-load performance and it is neutral in my x64 Linux box (hanayamata).
Collected 30 samples per benchmark/VM, with 30 VM invocations per benchmark. Emitted a call to
gc() between sample measurements. Used 1 benchmark iteration per VM invocation for warm-up. Used
the jsc-specific preciseTime() function to get microsecond-level timing. Reporting benchmark
execution times with 95% confidence intervals in milliseconds.
baseline patched
closure 0.60499+-0.00250 0.60180+-0.00244
jquery 7.89175+-0.02433 ? 7.91287+-0.04759 ?
<geometric> 2.18499+-0.00523 2.18207+-0.00689 might be 1.0013x faster
- bytecode/BytecodeList.json:
- bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
- bytecompiler/NodesCodegen.cpp:
(JSC::emitReadModifyAssignment):
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
- dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
- jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
- jit/JIT.h:
- jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_pow):
- llint/LowLevelInterpreter.asm:
- parser/ASTBuilder.h:
(JSC::ASTBuilder::operatorStackShouldReduce):
(JSC::ASTBuilder::makePowNode):
(JSC::ASTBuilder::makeMultNode):
(JSC::ASTBuilder::makeDivNode):
(JSC::ASTBuilder::makeModNode):
(JSC::ASTBuilder::makeSubNode):
(JSC::ASTBuilder::makeBinaryNode):
(JSC::ASTBuilder::operatorStackHasHigherPrecedence): Deleted.
- parser/Lexer.cpp:
(JSC::Lexer<T>::lex):
- parser/NodeConstructors.h:
(JSC::PowNode::PowNode):
- parser/Nodes.h:
- parser/Parser.cpp:
(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::isUnaryOpExcludingUpdateOp):
(JSC::Parser<LexerType>::parseBinaryExpression):
(JSC::isUnaryOp): Deleted.
- parser/ParserTokens.h:
(JSC::isUpdateOp):
(JSC::isUnaryOp):
- parser/SyntaxChecker.h:
(JSC::SyntaxChecker::operatorStackPop):
- runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
- runtime/CommonSlowPaths.h:
- tests/stress/pow-basics.js: Added.
(valuesAreClose):
(mathPowDoubleDouble1):
(mathPowDoubleInt1):
(test1):
(mathPowDoubleDouble2):
(mathPowDoubleInt2):
(test2):
(mathPowDoubleDouble3):
(mathPowDoubleInt3):
(test3):
(mathPowDoubleDouble4):
(mathPowDoubleInt4):
(test4):
(mathPowDoubleDouble5):
(mathPowDoubleInt5):
(test5):
(mathPowDoubleDouble6):
(mathPowDoubleInt6):
(test6):
(mathPowDoubleDouble7):
(mathPowDoubleInt7):
(test7):
(mathPowDoubleDouble8):
(mathPowDoubleInt8):
(test8):
(mathPowDoubleDouble9):
(mathPowDoubleInt9):
(test9):
(mathPowDoubleDouble10):
(mathPowDoubleInt10):
(test10):
(mathPowDoubleDouble11):
(mathPowDoubleInt11):
(test11):
- tests/stress/pow-coherency.js: Added.
(pow42):
(build42AsDouble.opaqueAdd):
(build42AsDouble):
(powDouble42):
(clobber):
(pow42NoConstantFolding):
(powDouble42NoConstantFolding):
- tests/stress/pow-evaluation-order.js: Added.
(shouldBe):
(throw.new.Error):
- tests/stress/pow-expects-update-expression-on-lhs.js: Added.
(testSyntax):
(testSyntaxError):
(throw.new.Error):
(let.token.of.tokens.testSyntax.pow):
(testSyntax.pow):
- tests/stress/pow-integer-exponent-fastpath.js: Added.
(valuesAreClose):
(mathPowDoubleDoubleTestExponentFifty):
(mathPowDoubleIntTestExponentFifty):
(testExponentFifty):
(mathPowDoubleDoubleTestExponentTenThousands):
(mathPowDoubleIntTestExponentTenThousands):
(testExponentTenThousands):
- tests/stress/pow-nan-behaviors.js: Added.
(testIntegerBaseWithNaNExponentStatic):
(mathPowIntegerBaseWithNaNExponentDynamic):
(testIntegerBaseWithNaNExponentDynamic):
(testFloatingPointBaseWithNaNExponentStatic):
(mathPowFloatingPointBaseWithNaNExponentDynamic):
(testFloatingPointBaseWithNaNExponentDynamic):
(testNaNBaseStatic):
(mathPowNaNBaseDynamic1):
(mathPowNaNBaseDynamic2):
(mathPowNaNBaseDynamic3):
(mathPowNaNBaseDynamic4):
(testNaNBaseDynamic):
(infiniteExponentsStatic):
(mathPowInfiniteExponentsDynamic1):
(mathPowInfiniteExponentsDynamic2):
(mathPowInfiniteExponentsDynamic3):
(mathPowInfiniteExponentsDynamic4):
(infiniteExponentsDynamic):
- tests/stress/pow-simple.js: Added.
(shouldBe):
(throw.new.Error):
- tests/stress/pow-stable-results.js: Added.
(opaquePow):
(isIdentical):
- tests/stress/pow-to-number-should-be-executed-in-code-side.js: Added.
(shouldBe):
(throw.new.Error):
- tests/stress/pow-with-constants.js: Added.
(exponentIsZero):
(testExponentIsZero):
(exponentIsOne):
(testExponentIsOne):
(powUsedAsSqrt):
(testPowUsedAsSqrt):
(powUsedAsOneOverSqrt):
(testPowUsedAsOneOverSqrt):
(powUsedAsSquare):
(testPowUsedAsSquare):
(intIntConstantsSmallNumbers):
(intIntConstantsLargeNumbers):
(intIntSmallConstants):
(intDoubleConstants):
(doubleDoubleConstants):
(doubleIntConstants):
(testBaseAndExponentConstantLiterals):
(exponentIsIntegerConstant):
(testExponentIsIntegerConstant):
(exponentIsDoubleConstant):
(testExponentIsDoubleConstant):
(exponentIsInfinityConstant):
(testExponentIsInfinityConstant):
(exponentIsNegativeInfinityConstant):
(testExponentIsNegativeInfinityConstant):
- tests/stress/pow-with-never-NaN-exponent.js: Added.
(exponentIsNonNanDouble1):
(exponentIsNonNanDouble2):
(testExponentIsDoubleConstant):
- tests/test262.yaml:
- 12:29 AM Changeset in webkit [203498] by
-
- 6 edits in trunk/Source/WebCore
[Threaded Compositor] Flickering when zooming in/out in maps.google.com
https://bugs.webkit.org/show_bug.cgi?id=154069
Patch by Miguel Gomez <magomez@igalia.com> on 2016-07-21
Reviewed by Carlos Garcia Campos.
Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
so it doesn't have to reuse the buffers that are still waiting for composition.
Covered by existing tests.
- platform/graphics/GraphicsContext3D.h:
Add a new texture to use for the rendering. Remove the compositor fbo we were using.
- platform/graphics/cairo/GraphicsContext3DCairo.cpp:
(WebCore::GraphicsContext3D::GraphicsContext3D):
Initialize the new texture and remove the previous fbo related code.
(WebCore::GraphicsContext3D::~GraphicsContext3D):
Properly destroy the new texture and remove the previous fbo related code.
- platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
(WebCore::GraphicsContext3D::reshapeFBOs):
Allocate the new texture and remove the previous fbo allocation.
- platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
(WebCore::GraphicsContext3D::prepareTexture):
Use a single fbo with three textures instead of two fbos with a texture each.
Rotate the three textures usage so:
- m_texture becomes m_compositorTexture to be pushed to the compositor.
- m_intermediateTexture becomes m_texture to receive the next rendering.
- m_compositorTexture becomes m_intermediateTexture.
And add a glFlush() to ensure that the gl commands are sent to the pipeline.
- platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
(WebCore::GraphicsContext3D::reshapeFBOs):
Allocate the new texture.
- 12:25 AM Changeset in webkit [203497] by
-
- 7 edits in trunk/Source
[GTK][Threaded Compositor] Web view background colors don't work
https://bugs.webkit.org/show_bug.cgi?id=159465
Reviewed by Michael Catanzaro.
Source/WebCore:
- rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
using the tiled cache layer.
Source/WebKit2:
- Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::setDrawsBackground): Set m_drawsBackground in compositing thread and schedule a
layer flush.
(WebKit::ThreadedCompositor::renderLayerTree): Clear the area when not rendering backgrounds.
- Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
- WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:
(WebKit::ThreadedCoordinatedLayerTreeHost::pageBackgroundTransparencyChanged): Notify the compositor.
- WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:
- 12:18 AM Changeset in webkit [203496] by
-
- 7 edits in trunk
[GTK] Web view background colors don't work in accelerated compositing mode
https://bugs.webkit.org/show_bug.cgi?id=159455
Reviewed by Michael Catanzaro.
Source/WebKit2:
In non AC mode it's the drawing area backing store the one drawing the background, and the web process just
renders into a transparent bitmap. In AC mode we need to make the redirected window pixmap transparent for the
web process to render there, and let the web view fill the background color before rendering the redirected
window pixmap on top. To be able to make the redirected window surface transparent, we need to ensure the parent
window has an RGBA visual, even when setting a fully opaque background, because we still need the web process
to render on the transparent xwindow.
- UIProcess/API/gtk/WebKitWebView.cpp: Update documentation of webkit_web_view_set_background_color() since now
it's required to set the RGBA visual even for opaque colors in case AC mode is enabled.
- UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewRenderAcceleratedCompositingResults): When a background color has been set, fill it before
rendering the redirected window surface.
- UIProcess/gtk/RedirectedXCompositeWindow.cpp:
(WebKit::RedirectedXCompositeWindow::RedirectedXCompositeWindow): Mark the surface as dirty after every damage
event, since the web process has modified it.
(WebKit::RedirectedXCompositeWindow::surface): Initialize the surface after creating it, to avoid flickering and
rendering artifacts when waiting for the first damage event from the web process.
- WebProcess/WebPage/gtk/LayerTreeHostGtk.cpp:
(WebKit::LayerTreeHostGtk::compositeLayersToContext): Use a fully transparent color to clear the context when the page
is resized or when a view background color has been set.
Tools:
Set always RGBA visual to the view widget when setting a background color.
- MiniBrowser/gtk/BrowserWindow.c:
(browser_window_set_background_color):
- 12:04 AM Changeset in webkit [203495] by
-
- 4 edits in trunk/Source/WebKit2
[GTK] Avoid the redirected window resize when the view is realized in AC mode
https://bugs.webkit.org/show_bug.cgi?id=159463
Reviewed by Michael Catanzaro.
We are always creating the redirected window at 1x1 and then resizing it if we are in AC mode. When the view is
realized and AC mode is already enabled, which happens for example when AC mode is forced, or when the threaded
compositor is enabled, we could just pass the initial size to the redirected window constructor to create the
XWindow at the right size.
- UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseResizeRedirectedWindow): We no longer need to pass the device scale factor, since the
RedirectedXCompositeWindow already knows it.
(webkitWebViewBaseRealize): Pass the WebPageProxy and an initial size to the RedirectedXCompositeWindow
constructor instead of the parent GdkWindow. If AC mode is disabled, the initial size will be empty. With the
WebPageProxy the redirected window has access to the device scale factor and view widget to get the parent
GdkWindow.
(deviceScaleFactorChanged): Resize the redirected window when device scale factor changes.
- UIProcess/gtk/RedirectedXCompositeWindow.cpp:
(WebKit::RedirectedXCompositeWindow::create):
(WebKit::RedirectedXCompositeWindow::RedirectedXCompositeWindow):
(WebKit::RedirectedXCompositeWindow::resize):
(WebKit::RedirectedXCompositeWindow::surface):
(WebKit::RedirectedXCompositeWindow::~RedirectedXCompositeWindow):
- UIProcess/gtk/RedirectedXCompositeWindow.h:
Jul 20, 2016:
- 11:51 PM Changeset in webkit [203494] by
-
- 11 edits1 add in trunk
[XHR] Cache response JS object in case of arraybuffer and blob response types
https://bugs.webkit.org/show_bug.cgi?id=128903
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-20
Reviewed by Alex Christensen.
Source/WebCore:
Covered by existing and modified tests.
Making response getter a JS builtin that caches response in @response private slot.
Handling invalidation of cached response with @responseCacheIsValid new private method.
Handling creation of cached response with @retrieveResponse new private method which reuses most of
JSXMLHttpRequest::response previous code.
Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
- CMakeLists.txt: Adding XMLHttpRequest.js.
- DerivedSources.make: Ditto.
- bindings/js/JSXMLHttpRequestCustom.cpp:
(WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
(WebCore::JSXMLHttpRequest::response): Deleted.
- bindings/js/WebCoreBuiltinNames.h: Adding new private names.
- xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
(WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
- xml/XMLHttpRequest.h:
- xml/XMLHttpRequest.idl:
LayoutTests:
- http/tests/xmlhttprequest/onabort-response-getters-expected.txt:
- http/tests/xmlhttprequest/onabort-response-getters.html:
- 11:41 PM Changeset in webkit [203493] by
-
- 4 edits in trunk/Source/WebKit2
[GTK][Threaded Compositor] Web Process crash when the page is closed before the web view is realized
https://bugs.webkit.org/show_bug.cgi?id=159918
Reviewed by Michael Catanzaro.
When the web view is unrealized, we send a sync message to the web process to destroy the native surface handle
for compositing, and then we actually destroy the redirected window. But if the page is closed explicitly before
the web view is unrealized, the drawing area proxy is destroyed so that when the web view is unrealized we can't
notify the web process that keeps trying to render to a now deleted window handle. That produces a BadDrawable
X error and the web process crashes.
- UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::PageClientImpl::pageClosed): Call webkitWebViewBasePageClosed().
- UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBasePageClosed): If the web view is still realized, destroy the native surface handle and the
redirected window.
- UIProcess/API/gtk/WebKitWebViewBasePrivate.h: Add webkitWebViewBasePageClosed().
- 11:38 PM Changeset in webkit [203492] by
-
- 1 edit10 adds in trunk/Websites/webkit.org
Unreviewed, new demo files for an up-coming blog post.
Patch by Frederic Wang <fwang@igalia.com> on 2016-07-20
- demos/mathml/demo2016/LICENSE-amiri.txt: Added.
- demos/mathml/demo2016/LICENSE-latinmodern-math.txt: Added.
- demos/mathml/demo2016/LICENSE-libertinusmath.txt: Added.
- demos/mathml/demo2016/README.txt: Added.
- demos/mathml/demo2016/amiri-regular.woff: Added.
- demos/mathml/demo2016/index.html: Added.
- demos/mathml/demo2016/latinmodern-math.woff: Added.
- demos/mathml/demo2016/libertinusmath-regular.woff: Added.
- demos/mathml/demo2016/webfonts.css: Added.
(@namespace url('http://www.w3.org/1999/xhtml');):
(@font-face):
(m|math, m|mtext):
(m|math.libertinus):
(m|math.arabic):
- 11:23 PM Changeset in webkit [203491] by
-
- 14 edits14 adds in trunk
Switching on symbols should be fast
https://bugs.webkit.org/show_bug.cgi?id=158892
Reviewed by Keith Miller.
Source/JavaScriptCore:
This does two things: fixes some goofs in our lowering of symbol equality and adds a new phase
to B3 to infer switch statements from linear chains of branches.
This changes how we compile equality to Symbols to constant-fold the load of the Symbol's UID.
This is necessary for making switches on Symbols inferrable. This also gives us the ability to
efficiently compile strict equality comparisons of SymbolUse and UntypedUse.
This adds a new phase to B3, which finds chains of branches that test for (in)equality on the
same value and constants, and turns them into a Switch. This can turn O(n) code into
O(log n) code, or even O(1) code if the switch cases are dense.
This can make a big difference in JS. Say you write a switch in which the case statements are
variable resolutions. The bytecode generator cannot use a bytecode switch in this case, since
we're required to evaluate the resolutions in order. But in DFG IR, we will often turn those
variable resolutions into constants, since we do that for any immutable singleton. This means
that B3 will see a chain of Branches: the else case of one Branch will point to a basic block
that does nothing but Branch on equality on the same value as the first Branch.
The inference algorithm is quite simple. The basic building block is the ability to summarize
a block's switch behavior. For a block that ends in a switch, this is just the collection of
switch cases. For a block that ends in a branch, we recognize Branch(Equal(value, const)),
Branch(NotEqual(value, const)), and Branch(value). Each of these are summarized as if they
were one-case switches. We infer a new switch if both some block and its sole predecessor
can be described as switches on the same value, nothing shady is going on (like loops), and
the block in question does no work other than this switch. In that case, the block is killed
and its cases (which we get from the summary) are added to the predecessor's switch. This
algorithm runs to fixpoint.
- CMakeLists.txt:
- JavaScriptCore.xcodeproj/project.pbxproj:
- b3/B3Generate.cpp:
(JSC::B3::generateToAir):
- b3/B3InferSwitches.cpp: Added.
(JSC::B3::inferSwitches):
- b3/B3InferSwitches.h: Added.
- b3/B3Procedure.h:
(JSC::B3::Procedure::cfg):
- b3/B3ReduceStrength.cpp:
- b3/B3Value.cpp:
(JSC::B3::Value::performSubstitution):
(JSC::B3::Value::isFree):
(JSC::B3::Value::dumpMeta):
- b3/B3Value.h:
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileCheckIdent):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
(JSC::FTL::DFG::LowerDFGToB3::lowSymbol):
(JSC::FTL::DFG::LowerDFGToB3::lowSymbolUID):
(JSC::FTL::DFG::LowerDFGToB3::lowNonNullObject):
LayoutTests:
- js/regress/bigswitch-indirect-expected.txt: Added.
- js/regress/bigswitch-indirect-symbol-expected.txt: Added.
- js/regress/bigswitch-indirect-symbol-or-undefined-expected.txt: Added.
- js/regress/bigswitch-indirect-symbol-or-undefined.html: Added.
- js/regress/bigswitch-indirect-symbol.html: Added.
- js/regress/bigswitch-indirect.html: Added.
- js/regress/implicit-bigswitch-indirect-symbol-expected.txt: Added.
- js/regress/implicit-bigswitch-indirect-symbol.html: Added.
- js/regress/script-tests/bigswitch-indirect-symbol-or-undefined.js: Added.
(foo):
- js/regress/script-tests/bigswitch-indirect-symbol.js: Added.
(foo):
- js/regress/script-tests/bigswitch-indirect.js: Added.
(foo):
- js/regress/script-tests/implicit-bigswitch-indirect-symbol.js: Added.
(foo):
- 11:12 PM Changeset in webkit [203490] by
-
- 14 edits in trunk/Source/WebCore
Remove crossOriginRequestPolicy from ThreadableLoaderOptions
https://bugs.webkit.org/show_bug.cgi?id=159417
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-20
Reviewed by Alex Christensen.
No observable change.
- Modules/fetch/FetchLoader.cpp:
(WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
- fileapi/FileReaderLoader.cpp:
(WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
- inspector/InspectorNetworkAgent.cpp:
(WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
- loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
(WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
(WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
(WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
(WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
option.
(WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
- loader/ThreadableLoader.cpp:
(WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
- loader/ThreadableLoader.h: Ditto.
- loader/WorkerThreadableLoader.cpp:
(WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
- page/EventSource.cpp:
(WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
- workers/Worker.cpp:
(WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
- workers/WorkerGlobalScope.cpp:
(WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
- workers/WorkerScriptLoader.cpp:
(WebCore::WorkerScriptLoader::loadSynchronously):
(WebCore::WorkerScriptLoader::loadAsynchronously):
- workers/WorkerScriptLoader.h:
- xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::createRequest):
- 11:09 PM Changeset in webkit [203489] by
-
- 4 edits in trunk/Tools
Bots should run built-ins generator tests
https://bugs.webkit.org/show_bug.cgi?id=159971
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-20
Reviewed by Alexey Proskuryakov.
- BuildSlaveSupport/build.webkit.org-config/master.cfg:
(RunBuiltinsTests): New step to run built-in generator tests.
(TestFactory.init): Adding an additional step for bultin generator tests.
- BuildSlaveSupport/build.webkit.org-config/mastercfg_unittest.py: Rebasing expectations.
- BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotIteration.js: Adding additional step for proper display.
- 10:24 PM Changeset in webkit [203488] by
-
- 9 edits1 add in trunk/Source/JavaScriptCore
FTL snippet generators should be able to request a different register for output and input
https://bugs.webkit.org/show_bug.cgi?id=160010
rdar://problem/27439330
Reviewed by Saam Barati.
The BitOr and BitXor snippet generators have problems if the register for the right input is
the same as the register for the result. We could fix those generators, but I'm not convinced
that the other snippet generators don't have this bug. So, the approach that this patch takes
is to teach the FTL to request that B3 to use a different register for the result than for
any input to the snippet patchpoint.
Air already has the ability to let any instruction do an EarlyDef, which means exactly this.
But B3 did not expose this via ValueRep. This patch exposes this in ValueRep as
SomeEarlyRegister. That's most of the change.
This adds a testb3 test for SomeEarlyRegister and a regression test for this particular
problem. The regression test failed on trunk JSC before this.
- b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
- b3/B3PatchpointSpecial.cpp:
(JSC::B3::PatchpointSpecial::forEachArg):
(JSC::B3::PatchpointSpecial::admitsStack):
- b3/B3StackmapSpecial.cpp:
(JSC::B3::StackmapSpecial::forEachArgImpl):
(JSC::B3::StackmapSpecial::isArgValidForRep):
- b3/B3Validate.cpp:
- b3/B3ValueRep.cpp:
(JSC::B3::ValueRep::addUsedRegistersTo):
(JSC::B3::ValueRep::dump):
(WTF::printInternal):
- b3/B3ValueRep.h:
(JSC::B3::ValueRep::ValueRep):
(JSC::B3::ValueRep::reg):
(JSC::B3::ValueRep::isAny):
(JSC::B3::ValueRep::isReg):
(JSC::B3::ValueRep::isSomeRegister): Deleted.
- b3/testb3.cpp:
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::emitBinarySnippet):
(JSC::FTL::DFG::LowerDFGToB3::emitBinaryBitOpSnippet):
(JSC::FTL::DFG::LowerDFGToB3::emitRightShiftSnippet):
- tests/stress/ftl-bit-xor-right-result-interference.js: Added.
- 8:30 PM Changeset in webkit [203487] by
-
- 5 edits2 adds in trunk
Fix null handling of several Document attributes
https://bugs.webkit.org/show_bug.cgi?id=159997
Reviewed by Ryosuke Niwa.
Source/WebCore:
Fix null handling of the following Document attributes: title, cookie
and domain.
In WebKit, they were all marked as [TreatNullAs=EmptyString], which
does not match the specification:
Details for each attribute:
- title: null is now treated as the string "null", thus setting the document title to "null". This matches Firefox and Chrome.
- cookie: adds a "null" cookie instead of being a no-op. This matches
both Firefox and Chrome.
- domain: Calls setDomain(String("null")) instead of
setDomain(String()). This throws an exception because "null"
is not a suffix of the effective domain name. The behavior
is the same in Firefox and Chrome. Previously, we were
already throwing an exception since setting the domain to
the empty string throws, as per the specification.
Test: http/testsdom/document-attributes-null-handling.html
- dom/Document.idl:
LayoutTests:
Add test coverage.
- http/tests/dom/document-attributes-null-handling-expected.txt: Added.
- http/tests/dom/document-attributes-null-handling.html: Added.
- fast/dom/document-attribute-js-null-expected.txt:
- fast/dom/document-attribute-js-null.html:
- 8:25 PM Changeset in webkit [203486] by
-
- 5 edits in trunk/Websites/perf.webkit.org
Perf dashboard always re-generate measurement set JSON
https://bugs.webkit.org/show_bug.cgi?id=159951
Reviewed by Chris Dumez.
The bug was caused by manifest.json reporting the last modified date of a measurement set in floating point,
and a measurement set JSON reporting it as an integer. Fixed the bug by always using an integer.
- public/api/measurement-set.php:
(main): Return 404 when the results is empty.
(MeasurementSetFetcher::execute_query): Use "extract(epoch from commit_time)" like ManifestGenerator to improve
the generation speed. This is ~10% runtime improvement.
(MeasurementSetFetcher::format_map): Updated to reflect the above change.
(MeasurementSetFetcher::parse_revisions_array): Ditto.
- public/include/manifest.php:
(ManifestGenerator::platforms): Fixed the bug by coercing lastModified to integer (instead of float).
- server-tests/api-measurement-set-tests.js: Added a test case for returning empty results, and a test case for
making sure lastModified dates in manifest.json and measurement sets match.
- tools/js/remote.js:
(RemoteAPI.prototype.sendHttpRequest): Reject the promise when HTTP status code is not 200.
- 7:09 PM Changeset in webkit [203485] by
-
- 2 edits in trunk/Tools
Revert temporary fix r203417
https://bugs.webkit.org/show_bug.cgi?id=160001
Reviewed by Alexey Proskuryakov.
- EWSTools/start-queue-mac.sh: Revert the temporary fix.
- 5:45 PM Changeset in webkit [203484] by
-
- 23 edits2 adds in trunk
Unreviewed, rolling out r203471.
https://bugs.webkit.org/show_bug.cgi?id=160003
many iOS-simulator tests are failing (Requested by litherum on
#webkit).
Reverted changeset:
"[iPhone] Playing a video on tudou.com plays only sound, no
video"
https://bugs.webkit.org/show_bug.cgi?id=159967
http://trac.webkit.org/changeset/203471
- 5:36 PM Changeset in webkit [203483] by
-
- 2 edits in trunk/Source/WebKit2
REGRESSION (r203189): Webpage snapshots are partially or fully blank when edge swiping back
https://bugs.webkit.org/show_bug.cgi?id=160000
rdar://problem/27455589
Reviewed by Zalan Bujtas.
r203189 triggered a call to -_updateContentRectsWithState: in the middle of a swipe,
during which we'd compute the visible rect of the view as having zero width, causing us
to not create tiles.
-_navigationGestureDidBegin already snapshots the visibleContentRect in _frozenVisibleContentRect,
but -_visibleContentRect then clipped that with ancestor views, causing the issue.
Fix by having -_visibleContentRect just return _frozenVisibleContentRect if we have one.
- UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _visibleContentRect]):
- 5:23 PM Changeset in webkit [203482] by
-
- 3 edits in trunk/Source/WebCore
iOS: Cannot paste images in RTF content
https://bugs.webkit.org/show_bug.cgi?id=159964
<rdar://problem/27442806>
Reviewed by Enrica Casucci.
The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
Worked around this bug by disabling image loading while parsing the document fragment.
- editing/ios/EditorIOS.mm:
(WebCore::Editor::createFragmentAndAddResources):
- 5:15 PM Changeset in webkit [203481] by
-
- 4 edits in trunk/Source/WebCore
Address a small FIXME in IDB code.
https://bugs.webkit.org/show_bug.cgi?id=159999
Reviewed by Andy Estes.
No new tests (No behavior change).
- Modules/indexeddb/IDBRequest.cpp:
(WebCore::IDBRequest::IDBRequest):
- Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
(WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
- Modules/indexeddb/shared/IDBResourceIdentifier.h:
- 4:28 PM Changeset in webkit [203480] by
-
- 7 edits in trunk/Source/WebCore
Remove some "modernFoo"s from IndexedDB code.
https://bugs.webkit.org/show_bug.cgi?id=159985
Reviewed by Andy Estes.
No new tests (No known behavior change).
- Modules/indexeddb/IDBCursor.cpp:
(WebCore::IDBCursor::IDBCursor):
(WebCore::IDBCursor::~IDBCursor):
(WebCore::IDBCursor::sourcesDeleted):
(WebCore::IDBCursor::effectiveObjectStore):
(WebCore::IDBCursor::transaction):
(WebCore::IDBCursor::direction):
(WebCore::IDBCursor::update):
(WebCore::IDBCursor::advance):
(WebCore::IDBCursor::continueFunction):
(WebCore::IDBCursor::uncheckedIterateCursor):
(WebCore::IDBCursor::deleteFunction):
(WebCore::IDBCursor::setGetResult):
- Modules/indexeddb/IDBIndex.cpp:
(WebCore::IDBIndex::IDBIndex):
(WebCore::IDBIndex::~IDBIndex):
(WebCore::IDBIndex::hasPendingActivity):
(WebCore::IDBIndex::name):
(WebCore::IDBIndex::objectStore):
(WebCore::IDBIndex::keyPath):
(WebCore::IDBIndex::unique):
(WebCore::IDBIndex::multiEntry):
(WebCore::IDBIndex::openCursor):
(WebCore::IDBIndex::doCount):
(WebCore::IDBIndex::openKeyCursor):
(WebCore::IDBIndex::doGet):
(WebCore::IDBIndex::doGetKey):
(WebCore::IDBIndex::markAsDeleted):
- Modules/indexeddb/IDBIndex.h:
- Modules/indexeddb/IDBObjectStore.cpp:
(WebCore::IDBObjectStore::transaction):
(WebCore::IDBObjectStore::deleteFunction): Deleted.
(WebCore::IDBObjectStore::modernDelete): Deleted.
- Modules/indexeddb/IDBObjectStore.h:
- bindings/js/JSIDBIndexCustom.cpp:
(WebCore::JSIDBIndex::visitAdditionalChildren):
- 4:28 PM Changeset in webkit [203479] by
-
- 2 edits in trunk/Tools
REGRESSION(r148588): ews classes might get garbage collected
https://bugs.webkit.org/show_bug.cgi?id=159990
Reviewed by Ryosuke Niwa.
- Scripts/webkitpy/tool/commands/init.py: Store the loaded ews classes
in a variable so that they do not get garbage collected.
- 4:24 PM Changeset in webkit [203478] by
-
- 2 edits2 adds in trunk/Tools
Add API test for layout constraints after exit fullscreen
https://bugs.webkit.org/show_bug.cgi?id=159900
Patch by Jeremy Jones <jeremyj@apple.com> on 2016-07-20
Reviewed by Jon Lee.
Added Fullscreen.LaytoutConstraints API test.
Tests fix from https://bugs.webkit.org/show_bug.cgi?id=159731
This test compares layout constraints on the web view before and after fullscreen to make sure
they are preserved.
- TestWebKitAPI/Tests/WebKit2Cocoa/FullscreenLayoutConstraints.html: Added.
- TestWebKitAPI/Tests/WebKit2Cocoa/FullscreenLayoutConstraints.mm: Added.
(-[FullscreenStateChangeMessageHandler userContentController:didReceiveScriptMessage:]):
(TestWebKitAPI::TEST):
- 4:23 PM Changeset in webkit [203477] by
-
- 2 edits in trunk/Tools
Disable two failing API tests.
Unreviewed test gardening.
- TestWebKitAPI/Tests/mac/CandidateTests.mm:
(TestWebKitAPI::TEST):
- 4:14 PM Changeset in webkit [203476] by
-
- 5 edits2 adds in trunk/LayoutTests
Fix timeout of imported/w3c/WebCryptoAPI/idlharness.html
https://bugs.webkit.org/show_bug.cgi?id=159979
Reviewed by Alex Christensen.
LayoutTests/imported/w3c:
Add missing resources.
- WebCryptoAPI/idlharness-expected.txt:
- WebCryptoAPI/idlharness.html:
- resources/WebIDLParser.js: Added.
(tokenise):
(WebIDLParseError):
(WebIDLParseError.prototype.toString):
(error):
(consume):
(ws):
(all_ws):
(integer_type):
(float_type):
(primitive_type):
(const_value):
(type_suffix):
(single_type):
(union_type):
(type):
(argument):
(argument_list):
(type_pair):
(simple_extended_attr):
(extended_attrs):
(default_):
(const_):
(inheritance):
(operation_rest):
(callback):
(attribute):
(return_type):
(operation):
(identifiers):
(serialiser):
(iterable_type):
(readonly_iterable_type):
(iterable):
(interface_):
(partial):
(dictionary):
(exception):
(enum_):
(parse):
- resources/idlharness.js: Added.
(constValue):
(minOverloadLength):
(throwOrReject):
(awaitNCallbacks):
(return.fround):
(fround):
(self.IdlArray):
(IdlArray.prototype.add_idls):
(IdlArray.prototype.add_untested_idls):
(IdlArray.prototype.internal_add_idls):
(IdlArray.prototype.add_objects):
(IdlArray.prototype.prevent_multiple_testing):
(IdlArray.prototype.recursively_get_implements):
(exposed_in):
(IdlArray.prototype.test):
(IdlArray.prototype.assert_type_is):
(IdlObject):
(IdlObject.prototype.test):
(IdlObject.prototype.has_extended_attribute):
(IdlInterface):
(IdlInterface.prototype.is_callback):
(IdlInterface.prototype.has_constants):
(IdlInterface.prototype.is_global):
(IdlInterface.prototype.test):
(IdlInterface.prototype.test_self):
(IdlInterface.prototype.test_member_const):
(IdlInterface.prototype.test_member_attribute):
(IdlInterface.prototype.test_member_operation):
(IdlInterface.prototype.do_member_operation_asserts):
(IdlInterface.prototype.test_member_stringifier):
(IdlInterface.prototype.test_members):
(IdlInterface.prototype.test_object):
(IdlInterface.prototype.test_primary_interface_of):
(IdlInterface.prototype.test_interface_of):
(IdlInterface.prototype.has_stringifier):
(IdlInterface.prototype.do_interface_attribute_asserts):
(IdlInterfaceMember):
(create_suitable_object):
(IdlEnum):
(IdlTypedef):
LayoutTests:
Remove the skip tuple of the test.
- 4:07 PM Changeset in webkit [203475] by
-
- 3 edits2 adds in trunk
Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
https://bugs.webkit.org/show_bug.cgi?id=159982
Reviewed by Ryosuke Niwa.
Source/WebCore:
valueToStringWithNullCheck() treats null as the null String() which is
legacy / non standard behavior. The specification says we should treat
null as the empty string:
Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
In practice, there is no web-exposed behavior change because
MutableStyleProperties::setProperty() removes the property wether the
value is the null String or the empty String.
This behavior is correct since the specification says that we should
remove the property if the value is the empty string:
I added test coverage to make sure we behave according to specification.
This test is passing in Firefox, Chrome and in WebKit (before and after
my change).
Test: fast/css/CSSStyleDeclaration-property-setter.html
- bindings/js/JSCSSStyleDeclarationCustom.cpp:
(WebCore::JSCSSStyleDeclaration::putDelegate):
LayoutTests:
Add layout test coverage for JSCSSStyleDeclaration::putDelegate(),
covering cases like setting to null or the empty String, to make
sure we behave according to specification.
- fast/css/CSSStyleDeclaration-property-setter-expected.txt: Added.
- fast/css/CSSStyleDeclaration-property-setter.html: Added.
- 4:06 PM Changeset in webkit [203474] by
-
- 7 edits in trunk
Fix null handling of HTMLFrameElement.marginWidth / marginHeight
https://bugs.webkit.org/show_bug.cgi?id=159987
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/reflection-obsolete-expected.txt:
Source/WebCore:
Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
We are supposed to treat null as the empty string but we treat it as
the string "null".
Firefox and Chrome both match the specification.
No new tests, updated existing tests.
- html/HTMLFrameElement.idl:
LayoutTests:
Update existing test to reflect the expected behavior change.
- fast/dom/element-attribute-js-null-expected.txt:
- fast/dom/element-attribute-js-null.html:
- 3:56 PM Changeset in webkit [203473] by
-
- 2 edits in trunk/Source/WebCore
Pausing autoplayed media should not remove all restrictions for that media element
https://bugs.webkit.org/show_bug.cgi?id=159988
Reviewed by Jon Lee.
Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
autoplaying video to just affect the hiding or showing of the media controller. This
prevents pages from using Javascript to start playing autoplaying videos that have
been paused by the user.
- html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::pause):
- 3:45 PM Changeset in webkit [203472] by
-
- 2 edits in branches/safari-602-branch/Tools
Merge follow-up patch for rdar://problem/27360961.
- 3:41 PM Changeset in webkit [203471] by
-
- 23 edits2 deletes in trunk
[iPhone] Playing a video on tudou.com plays only sound, no video
https://bugs.webkit.org/show_bug.cgi?id=159967
<rdar://problem/26964090>
Reviewed by Jon Lee.
Source/WebCore:
WebKit recently starting honoring the playsinline and webkit-playsinline
attribute on iPhones. However, because these attributes previously did
nothing, some sites (such as Todou) were setting them on their content
and expecting that they are not honored. In this specific case, the
video is absolutely positioned to be 1 pixel x 1 pixel.
Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
property on their WKWebView, which would honor the webkit-playsinline
attribute. Safari on iPhones didn't do this.
In order to not break these existing apps, it's important that the
allowsInlineMediaPlayback preference still allows webkit-playsinline
videos to play inline in apps using WKWebView. However, in Safari, these
videos should play fullscreen. (Todou videos have webkit-playsinline
but not playsinline.)
Therefore, in Safari, videos with playsinline should be inline, but
videos with webkit-playsinline should be fullscreen. In apps using
WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
playsinline should be inline, and videos with webkit-playsinline should
also be inline. Videos on iPad and Mac should all be inline by default.
We can create some truth tables for the cases which need to be covered:
All apps on Mac / iPad:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Inline
Present | Not present | Inline
Not Present | Present | Inline
Present | Present | Inline
Safari on iPhone:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Fullscreen
Present | Not present | Inline
Not Present | Present | Fullscreen
Present | Present | Inline
App on iPhone which sets allowsInlineMediaPlayback:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Fullscreen
Present | Not present | Inline
Not Present | Present | Inline
Present | Present | Inline
The way to distinguish Safari from another app is to create an SPI
boolean preference which Safari can set. This is already how the
iPhone and iPad are differentiated using the requiresPlayInlineAttribute
which Safari sets but other apps don't. However, this preference is
no longer sufficient because Safari should now be discriminating
between the playsinline and webkit-playsinline attributes. Therefore,
this preference should be extended to two boolean preferences, which
this patch adds:
allowsInlineMediaPlaybackWithPlaysInlineAttribute
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
Safari on iPhone will set
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
false. Other apps on iPhone will get their defaults values (because they
are SPI) which means they will both be true. On iPad and Mac, apps will
use the defaults values where both are false.
This patch adds support for these two preferences, but does not remove
the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
I will remove the exising preference as soon as I update Safari to migrate
off of it.
Test: media/video-playsinline.html
- html/MediaElementSession.cpp:
(WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
- page/Settings.cpp:
- page/Settings.in:
- testing/InternalSettings.cpp:
(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
- testing/InternalSettings.h:
- testing/InternalSettings.idl:
Source/WebKit/mac:
Add the two preferences to WebPreferences.
- WebView/WebPreferenceKeysPrivate.h:
- WebView/WebPreferences.mm:
(+[WebPreferences initialize]):
(-[WebPreferences allowsInlineMediaPlaybackWithPlaysInlineAttribute]):
(-[WebPreferences setAllowsInlineMediaPlaybackWithPlaysInlineAttribute:]):
(-[WebPreferences allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute]):
(-[WebPreferences setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute:]):
- WebView/WebPreferencesPrivate.h:
- WebView/WebView.mm:
(-[WebView _preferencesChanged:]):
Source/WebKit2:
Add the two preferences to WKWebViewConfiguration and WKPreferences to cover both
the Obj-C API and the C SPI.
- Shared/WebPreferencesDefinitions.h:
- UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WKPreferencesGetAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WKPreferencesSetAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
(WKPreferencesGetAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
- UIProcess/API/C/WKPreferencesRefPrivate.h:
- UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]):
- UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _allowsInlineMediaPlaybackWithPlaysInlineAttribute]):
(-[WKWebViewConfiguration _setAllowsInlineMediaPlaybackWithPlaysInlineAttribute:]):
(-[WKWebViewConfiguration _allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute]):
(-[WKWebViewConfiguration _setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute:]):
- UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):
LayoutTests:
- media/video-playsinline.html: Updated.
- media/video-webkit-playsinline-expected.txt: Removed.
- media/video-webkit-playsinline.html: Removed.
- 3:03 PM Changeset in webkit [203470] by
-
- 5 edits in trunk/Source/WebCore
Get rid of custom bindings code for XMLHttpRequest.open()
https://bugs.webkit.org/show_bug.cgi?id=159984
Reviewed by Ryosuke Niwa.
Get rid of custom bindings code for XMLHttpRequest.open() as the
bindings generator is able to generate it.
Relevant specification:
The issue is that legacy content prevents treating the 'async' argument
being undefined identical from it being omitted. However, this can be
achieved by using overloading in IDL, like in the specification.
No new tests, already covered by the following tests:
- http/tests/xmlhttprequest/basic-auth.html
- http/tests/xmlhttprequest/open-async-overload.html
- bindings/js/JSXMLHttpRequestCustom.cpp:
(WebCore::SendFunctor::SendFunctor): Deleted.
(WebCore::SendFunctor::line): Deleted.
(WebCore::SendFunctor::column): Deleted.
(WebCore::SendFunctor::url): Deleted.
(WebCore::SendFunctor::operator()): Deleted.
- xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::open):
- xml/XMLHttpRequest.h:
- xml/XMLHttpRequest.idl:
- 2:21 PM Changeset in webkit [203469] by
-
- 83 edits in trunk/Source/WebCore
Mark overriden methods in WebCore/svg final classes as final
https://bugs.webkit.org/show_bug.cgi?id=159966
Patch by Rawinder Singh <rawinder.singh-webkit@cisra.canon.com.au> on 2016-07-20
Reviewed by Michael Catanzaro.
Update WebCore/svg classes so that overriden methods in final classes are marked final.
- svg/SVGAElement.h:
- svg/SVGAltGlyphDefElement.h:
- svg/SVGAltGlyphItemElement.h:
- svg/SVGAnimateTransformElement.h:
- svg/SVGAnimatedColor.h:
- svg/SVGCircleElement.h:
- svg/SVGClipPathElement.h:
- svg/SVGCursorElement.h:
- svg/SVGDefsElement.h:
- svg/SVGDescElement.h:
- svg/SVGEllipseElement.h:
- svg/SVGFEMergeNodeElement.h:
- svg/SVGFilterElement.h:
- svg/SVGFontElement.h:
- svg/SVGFontFaceElement.h:
- svg/SVGFontFaceFormatElement.h:
- svg/SVGFontFaceNameElement.h:
- svg/SVGFontFaceSrcElement.h:
- svg/SVGFontFaceUriElement.h:
- svg/SVGForeignObjectElement.h:
- svg/SVGGElement.h:
- svg/SVGGlyphElement.h:
- svg/SVGGlyphRefElement.h:
- svg/SVGHKernElement.h:
- svg/SVGImageElement.h:
- svg/SVGLineElement.h:
- svg/SVGMPathElement.h:
- svg/SVGMaskElement.h:
- svg/SVGMetadataElement.h:
- svg/SVGMissingGlyphElement.h:
- svg/SVGPathBuilder.h:
- svg/SVGPathByteStreamBuilder.h:
- svg/SVGPathByteStreamSource.h:
- svg/SVGPathElement.h:
- svg/SVGPathSegArcAbs.h:
- svg/SVGPathSegArcRel.h:
- svg/SVGPathSegClosePath.h:
- svg/SVGPathSegCurvetoCubicAbs.h:
- svg/SVGPathSegCurvetoCubicRel.h:
- svg/SVGPathSegCurvetoCubicSmoothAbs.h:
- svg/SVGPathSegCurvetoCubicSmoothRel.h:
- svg/SVGPathSegCurvetoQuadraticAbs.h:
- svg/SVGPathSegCurvetoQuadraticRel.h:
- svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
- svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
- svg/SVGPathSegLinetoAbs.h:
- svg/SVGPathSegLinetoHorizontalAbs.h:
- svg/SVGPathSegLinetoHorizontalRel.h:
- svg/SVGPathSegLinetoRel.h:
- svg/SVGPathSegLinetoVerticalAbs.h:
- svg/SVGPathSegLinetoVerticalRel.h:
- svg/SVGPathSegListBuilder.h:
- svg/SVGPathSegListSource.h:
- svg/SVGPathSegMovetoAbs.h:
- svg/SVGPathSegMovetoRel.h:
- svg/SVGPathStringSource.h:
- svg/SVGPathTraversalStateBuilder.h:
- svg/SVGPatternElement.h:
- svg/SVGRectElement.h:
- svg/SVGScriptElement.h:
- svg/SVGStopElement.h:
- svg/SVGStyleElement.h:
- svg/SVGSwitchElement.h:
- svg/SVGTRefElement.cpp:
- svg/SVGTitleElement.h:
- svg/SVGToOTFFontConversion.cpp:
- svg/SVGUnknownElement.h:
- svg/SVGVKernElement.h:
- svg/SVGViewElement.h:
- svg/SVGZoomEvent.h:
- svg/animation/SVGSMILElement.cpp:
- svg/graphics/SVGImage.h:
- svg/graphics/SVGImageClients.h:
- svg/graphics/SVGImageForContainer.h:
- svg/graphics/filters/SVGFEImage.h:
- svg/graphics/filters/SVGFilter.h:
- svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
- svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
- svg/properties/SVGAnimatedPropertyTearOff.h:
- svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
- svg/properties/SVGMatrixTearOff.h:
- svg/properties/SVGPathSegListPropertyTearOff.h:
- 1:28 PM Changeset in webkit [203468] by
-
- 2 edits in trunk/Tools
Fix the build after 41dade3
- 1:03 PM Changeset in webkit [203467] by
-
- 2 edits in trunk/Source/WebKit2
Fix a linking failure caused by NetworkCache::Data::~Data()
https://bugs.webkit.org/show_bug.cgi?id=159931
Linking is failed with clang 3.6. It says WebKit::NetworkCache::Data::~Data is undefined.
It is fixed by adding a destructor for NetworkCache::Data.
Reviewed by Alex Christensen.
- NetworkProcess/cache/NetworkCacheData.h:
(WebKit::NetworkCache::Data::~Data):
- 1:00 PM Changeset in webkit [203466] by
-
- 2 edits in trunk/Source/WTF
Remove unnecessary if check from ParkingLot.cpp
https://bugs.webkit.org/show_bug.cgi?id=159961
Patch by Rajeev Misra <rajeevmisraforapple@gmail.com> on 2016-07-20
Reviewed by Alex Christensen.
A good practice is to have as less conditional statement
or special cases as possible in code. This change
simply removes a unnecessary "if" statement for
condition which was already evaluated by switch/case
and thus there was no need to evaluate again.
- wtf/ParkingLot.cpp:
- 12:42 PM Changeset in webkit [203465] by
-
- 19 edits in trunk/Source/WebCore
Transition most IDB interfaces from ScriptExecutionContext to ExecState.
https://bugs.webkit.org/show_bug.cgi?id=159975
Reviewed by Alex Christensen.
No new tests (No known behavior change).
- Modules/indexeddb/IDBCursor.cpp:
(WebCore::IDBCursor::continueFunction):
(WebCore::IDBCursor::deleteFunction):
- Modules/indexeddb/IDBCursor.h:
- Modules/indexeddb/IDBCursor.idl:
- Modules/indexeddb/IDBDatabase.idl:
- Modules/indexeddb/IDBFactory.cpp:
(WebCore::IDBFactory::cmp):
- Modules/indexeddb/IDBFactory.h:
- Modules/indexeddb/IDBFactory.idl:
- Modules/indexeddb/IDBIndex.cpp:
(WebCore::IDBIndex::openCursor):
(WebCore::IDBIndex::count):
(WebCore::IDBIndex::doCount):
(WebCore::IDBIndex::openKeyCursor):
(WebCore::IDBIndex::get):
(WebCore::IDBIndex::doGet):
(WebCore::IDBIndex::getKey):
(WebCore::IDBIndex::doGetKey):
- Modules/indexeddb/IDBIndex.h:
- Modules/indexeddb/IDBIndex.idl:
- Modules/indexeddb/IDBKeyRange.cpp:
(WebCore::IDBKeyRange::only): Deleted.
- Modules/indexeddb/IDBKeyRange.h:
- Modules/indexeddb/IDBObjectStore.cpp:
(WebCore::IDBObjectStore::openCursor):
(WebCore::IDBObjectStore::get):
(WebCore::IDBObjectStore::putOrAdd):
(WebCore::IDBObjectStore::deleteFunction):
(WebCore::IDBObjectStore::doDelete):
(WebCore::IDBObjectStore::modernDelete):
(WebCore::IDBObjectStore::clear):
(WebCore::IDBObjectStore::createIndex):
(WebCore::IDBObjectStore::count):
(WebCore::IDBObjectStore::doCount):
- Modules/indexeddb/IDBObjectStore.h:
- Modules/indexeddb/IDBObjectStore.idl:
- Modules/indexeddb/IDBTransaction.cpp:
(WebCore::IDBTransaction::requestOpenCursor):
(WebCore::IDBTransaction::doRequestOpenCursor):
(WebCore::IDBTransaction::requestGetRecord):
(WebCore::IDBTransaction::requestGetValue):
(WebCore::IDBTransaction::requestGetKey):
(WebCore::IDBTransaction::requestIndexRecord):
(WebCore::IDBTransaction::requestCount):
(WebCore::IDBTransaction::requestDeleteRecord):
(WebCore::IDBTransaction::requestClearObjectStore):
(WebCore::IDBTransaction::requestPutOrAdd):
- Modules/indexeddb/IDBTransaction.h:
- inspector/InspectorIndexedDBAgent.cpp:
- 12:25 PM Changeset in webkit [203464] by
-
- 5 edits1 add in trunk
Media controls don't appear when pausing a small autoplaying video
https://bugs.webkit.org/show_bug.cgi?id=159972
<rdar://problem/27180657>
Reviewed by Beth Dakin.
Source/WebCore:
When pausing an autoplaying video, remove behavior restrictions for the
initial user gesture and show media controls.
New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
- html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::pause):
Tools:
Adds a new test that verifies media controls show up when pausing a small autoplayed video. Also adds mechanisms
for simulating basic user interaction in VideoControlsManager.
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:
(-[WKWebView mouseDownAtPoint:]):
(-[DidPlayMessageHandler userContentController:didReceiveScriptMessage:]):
(-[OnLoadMessageHandler initWithWKWebView:handler:]):
(-[OnLoadMessageHandler userContentController:didReceiveScriptMessage:]):
(TestWebKitAPI::TEST):
- TestWebKitAPI/Tests/WebKit2Cocoa/autoplaying-video-with-audio.html: Added.
- 12:21 PM Changeset in webkit [203463] by
-
- 7 edits in trunk
Fix null handling of HTMLMediaElement.mediaGroup
https://bugs.webkit.org/show_bug.cgi?id=159974
Reviewed by Eric Carlson.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/reflection-embedded-expected.txt:
Source/WebCore:
Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
null is supposed to be treated as the String "null". This patch aligns
our behavior with the specification. I tested Firefox and Chrome but both
do not have this attribute on HTMLMediaElement.
Also remove support for [TreatNullAs=LegacyNullString] from our bindings
generator as HTMLMediaElement.mediaGroup was the last user.
No new tests, rebaselined existing test.
- bindings/scripts/CodeGeneratorJS.pm:
(JSValueToNative):
- bindings/scripts/IDLAttributes.txt:
- html/HTMLMediaElement.idl:
- 11:59 AM Changeset in webkit [203462] by
-
- 2 edits in trunk/Source/WebKit2
Explain the default value of WKWebViewConfiguration's ignoresViewportScaleLimits
https://bugs.webkit.org/show_bug.cgi?id=159978
<rdar://problem/27453189>
Reviewed by Dan Bernstein.
- UIProcess/API/Cocoa/WKWebViewConfiguration.h:
This defaults to NO.
- 11:10 AM Changeset in webkit [203461] by
-
- 8 copies1 add in releases/Apple/Safari Technology Preview 9
Added a tag for Safari Technology Preview release 9.
- 11:01 AM Changeset in webkit [203460] by
-
- 4 edits2 adds in trunk
CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
https://bugs.webkit.org/show_bug.cgi?id=159959
Reviewed by Alexey Proskuryakov.
Source/WebCore:
CSSStyleDeclaration.setProperty() should be able to unsert "important"
on a property as per the latest specification:
- https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
- https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
Firefox and Chrome match the specification here but WebKit was ignoring calls
to setProperty() if there is already an "important" property wit this name
and if the new property does not have the "important" flag set.
This behavior was added a long time ago via Bug 60007. However, it does not
match the latest specification or other browsers.
Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
- css/StyleProperties.cpp:
(WebCore::MutableStyleProperties::addParsedProperty):
Drop code that was added via Bug 60007 as this behavior no longer matches the
specification or other browsers. The layout test added in Bug 60007 fails in
other browsers and was updated in this patch to match the specification.
LayoutTests:
- fast/css/CSSStyleDeclaration-setProperty-unset-important-expected.txt: Added.
- fast/css/CSSStyleDeclaration-setProperty-unset-important.html: Added.
Add layout test coverage.
- fast/css/important-js-override.html:
The test covered our 'wrong' behavior and was failing in Firefox / Chrome.
I updated the test to match the behavior in the specification. The test
now passed in Chrome and Firefox.
- 10:55 AM Changeset in webkit [203459] by
-
- 13 edits2 deletes in trunk
Unreviewed, rolling out r203423.
https://bugs.webkit.org/show_bug.cgi?id=159977
The test for this change is failing on Mac Release WK2
(Requested by ryanhaddad on #webkit).
Reverted changeset:
"HTMLVideoElement frames do not update on iOS when src is a
MediaStream blob"
https://bugs.webkit.org/show_bug.cgi?id=159833
http://trac.webkit.org/changeset/203423
Patch by Commit Queue <commit-queue@webkit.org> on 2016-07-20
- 10:54 AM Changeset in webkit [203458] by
-
- 2 edits in trunk/LayoutTests
Land test expectations for rdar://problem/27434307.
- platform/mac/TestExpectations:
- 10:18 AM Changeset in webkit [203457] by
-
- 2 edits in trunk/Tools
[Win] MathML fonts are not found.
https://bugs.webkit.org/show_bug.cgi?id=159920
Reviewed by Alex Christensen.
When looking up a font in the registry, use the /v option of the Windows 'reg query' command to query
for a specific registry key value.
- Scripts/webkitdirs.pm:
(fontExists):
- 9:44 AM WebKitGTK/2.12.x edited by
- (diff)
- 9:37 AM Changeset in webkit [203456] by
-
- 4 edits2 adds in trunk
Fix null handling of HTMLSelectElement.value attribute
https://bugs.webkit.org/show_bug.cgi?id=159925
Reviewed by Benjamin Poulain.
Source/WebCore:
Fix null handling of HTMLSelectElement.value attribute:
We were treating null as the null String which would end up setting
selectedIndex to -1. However, we should treat null as the String "null"
which would set the selectedIndex to the index of the <option> element
whose value is "null".
Firefox and Chrome match the specification.
Test: fast/dom/HTMLSelectElement/value-null-handling.html
- html/HTMLSelectElement.cpp:
(WebCore::HTMLSelectElement::setValue):
- html/HTMLSelectElement.idl:
LayoutTests:
Add layout test coverage. I have verified that this test is passing in
both Firefox and Chrome.
- fast/dom/HTMLSelectElement/value-null-handling-expected.txt: Added.
- fast/dom/HTMLSelectElement/value-null-handling.html: Added.
- 8:50 AM Changeset in webkit [203455] by
-
- 2 edits in trunk/LayoutTests
Consolidating duplicate TestExpectations for fast/images/animated-png.html.
Unreviewed test gardening.
- platform/mac/TestExpectations:
- 8:41 AM Changeset in webkit [203454] by
-
- 2 edits in trunk/Source/WebInspectorUI
Web Inspector: Pausing when Debugger tab is closed opens tab in wrong state
https://bugs.webkit.org/show_bug.cgi?id=159946
<rdar://problem/27429886>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-07-20
Reviewed by Timothy Hatcher.
- UserInterface/Views/DebuggerSidebarPanel.js:
(WebInspector.DebuggerSidebarPanel):
At the end of construction, update the UI to match the current state
of the world. Such as updating the UI if we are paused, or if the
Timeline is capturing and we are temporarily disabling breakpoints.
- 8:40 AM Changeset in webkit [203453] by
-
- 5 edits in trunk/Tools
Improve prepare-ChangeLog for @media blocks
https://bugs.webkit.org/show_bug.cgi?id=159907
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-07-20
Reviewed by Timothy Hatcher.
- Scripts/prepare-ChangeLog:
(get_selector_line_ranges_for_css):
Get a range for @media blocks just like a selector.
Start Line = line with '{'
End line = line with '}'
Name = "@media ..."
- Scripts/webkitperl/prepare-ChangeLog_unittest/resources/css_unittests_warning-expected.txt:
Improved error messages for unbalanced portions.
- Scripts/webkitperl/prepare-ChangeLog_unittest/resources/css_unittests-expected.txt:
- Scripts/webkitperl/prepare-ChangeLog_unittest/resources/css_unittests.css:
(.media-query::before):
(@media only screen and (max-width: 980px)):
(.media-query a):
(@media (-webkit-min-device-pixel-ratio: 2)):
(.both a):
(.both b):
(.media-query b):
(.media-query::after):
- 7:50 AM Changeset in webkit [203452] by
-
- 6 edits1 add in trunk/Source/JavaScriptCore
CrashOnOverflow in JSC::Yarr::YarrPatternConstructor::setupAlternativeOffsets
https://bugs.webkit.org/show_bug.cgi?id=159954
Reviewed by Benjamin Poulain.
YarrPatternConstructor::setupAlternativeOffsets() is using the checked arithmetic class
Checked<>, for offset calculations. However the default use will just crash on
overflow. Instead we should stop processing and propagate the error up the call stack.
Consolidated explicit error string with the common RegExp parsing error logic.
Moved that logic to YarrPattern as that seems like a better common place to put it.
- jit/JITOperations.cpp:
- llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
- tests/stress/regress-159954.js: New test.
- yarr/YarrParser.h:
(JSC::Yarr::Parser::CharacterClassParserDelegate::CharacterClassParserDelegate):
(JSC::Yarr::Parser::CharacterClassParserDelegate::atomPatternCharacter):
(JSC::Yarr::Parser::Parser):
(JSC::Yarr::Parser::isIdentityEscapeAnError):
(JSC::Yarr::Parser::parseEscape):
(JSC::Yarr::Parser::parseCharacterClass):
(JSC::Yarr::Parser::parseParenthesesBegin):
(JSC::Yarr::Parser::parseParenthesesEnd):
(JSC::Yarr::Parser::parseQuantifier):
(JSC::Yarr::Parser::parseTokens):
(JSC::Yarr::Parser::parse):
- yarr/YarrPattern.cpp:
(JSC::Yarr::YarrPatternConstructor::disjunction):
(JSC::Yarr::YarrPatternConstructor::setupDisjunctionOffsets):
(JSC::Yarr::YarrPatternConstructor::setupOffsets):
(JSC::Yarr::YarrPattern::errorMessage):
(JSC::Yarr::YarrPattern::compile):
- yarr/YarrPattern.h:
(JSC::Yarr::YarrPattern::reset):
- 6:07 AM Changeset in webkit [203451] by
-
- 2 edits in trunk/Source/WebKit2
[Linux] MemoryPressureMonitor fallback code to get memory available in older linux kernels doesn't work
https://bugs.webkit.org/show_bug.cgi?id=159970
Reviewed by Antonio Gomes.
We are failing to detect zones when parsing /proc/zoneinfo.
- UIProcess/linux/MemoryPressureMonitor.cpp:
(WebKit::lowWatermarkPages): Use strncmp since we want to know whether the line starts with "Node".
(WebKit::MemoryPressureMonitor::MemoryPressureMonitor): Stop the polling if we fail to get the memory available,
because that means it's not sopported in the system for whatever reason.
- 6:02 AM Changeset in webkit [203450] by
-
- 4 edits in trunk/Source/WebCore
PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
https://bugs.webkit.org/show_bug.cgi?id=159962
<rdar://problem/21439264>
Reviewed by David Kilzer.
PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
other. It is therefore possible for a PostResolutionCallbackDisabler object to get
destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
ResourceLoadSuspender object is alive.
This leads to hard to investigate crashes where we end up re-entering WebKit and killing
the style resolver.
This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
is better because it manages a resolutionNestingDepth counter internally to make sure
it only calls LoaderStrategy::resumePendingRequests() once all
PostResolutionCallbackDisabler instances are destroyed.
No new tests, there is no easy way to reproduce the crashes.
- dom/Document.cpp:
(WebCore::Document::styleForElementIgnoringPendingStylesheets):
- loader/LoaderStrategy.cpp:
(WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
(WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
- loader/LoaderStrategy.h:
- 5:17 AM Changeset in webkit [203449] by
-
- 5 edits in trunk/Source/WebKit2
[Threaded Compositor] Web Process crash when the layer tree host is destroyed
https://bugs.webkit.org/show_bug.cgi?id=159922
Reviewed by Sergio Villar Senin.
It happens when the layer tree host is destroyed after the didChangeVisibleRect is scheduled to be run in the
main thread, but before it's actually dispatched. In that case the threaded compositor client points to a
deleted object and crashes when trying to dereference it.
- Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::~ThreadedCompositor): Add an assert to ensure invalidate is always called before
the object is deleted.
(WebKit::ThreadedCompositor::invalidate): Terminate the compositing thread and nullify the client.
(WebKit::ThreadedCompositor::didChangeVisibleRect): Return early if the client is null when the task is
dispatched in the main thread.
- Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h: Add invalidate().
- WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:
(WebKit::ThreadedCoordinatedLayerTreeHost::invalidate): Invalidate the ThreadedCompositor and chain up.
- WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:
- 3:55 AM MathML/Early_2016_Refactoring edited by
- (diff)
- 1:50 AM Changeset in webkit [203448] by
-
- 2 edits in trunk/Tools
Fix expectedFailErrorHandler in run-jsc-stress-tests
https://bugs.webkit.org/show_bug.cgi?id=159811
Reviewed by Yusuke Suzuki.
- Scripts/run-jsc-stress-tests:
- 1:49 AM Changeset in webkit [203447] by
-
- 2 edits in trunk/Tools
Unreviewed Mac cmake buildfix after r203426. Just for fun.
- TestWebKitAPI/PlatformMac.cmake:
- 12:30 AM Changeset in webkit [203446] by
-
- 2 edits in trunk
JSC JIT Broken on ARMv7 Traditional (without Thumb2)
https://bugs.webkit.org/show_bug.cgi?id=159880
Reviewed by Carlos Garcia Campos.
- Source/cmake/OptionsCommon.cmake: Use the BFD linker on ARM traditional because of a gold linker bug.
Jul 19, 2016:
- 11:23 PM Changeset in webkit [203445] by
-
- 10 edits1 copy in trunk/Source/WebCore
[Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
https://bugs.webkit.org/show_bug.cgi?id=159932
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-19
Reviewed by Alex Christensen.
Covered by existing tests.
Refactoring Headers initializeWith to use the new built-in internal that implements
https://fetch.spec.whatwg.org/#concept-headers-fill.
Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
- CMakeLists.txt: Adding FetchHeadersInternals.js
- DerivedSources.make: Ditto.
- Modules/fetch/FetchHeaders.js:
(initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
- Modules/fetch/FetchInternals.js: Added.
(fillFetchHeaders):
- Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
that the checks are done in the order defined by the spec.
(WebCore::FetchResponse::setStatus):
(WebCore::FetchResponse::initializeWith):
(WebCore::isNullBodyStatus): Deleted.
- Modules/fetch/FetchResponse.h:
- Modules/fetch/FetchResponse.idl:
- Modules/fetch/FetchResponse.js:
(initializeFetchResponse): New built-in internal.
- WebCore.xcodeproj/project.pbxproj:
- bindings/js/WebCoreBuiltinNames.h:
- 10:13 PM Changeset in webkit [203444] by
-
- 5 edits in trunk
Fix null handling of SVGScriptElement.type attribute
https://bugs.webkit.org/show_bug.cgi?id=159927
Reviewed by Benjamin Poulain.
Source/WebCore:
Fix null handling of SVGScriptElement.type attribute:
We were treating null as the null String which would end up removing
the 'type' content attribute. However, we should treat null as the
String "null".
Firefox and Chrome match the specification.
No new tests, updated existing test.
- svg/SVGScriptElement.idl:
LayoutTests:
Rebaseline existing test to reflect the behavior change.
- svg/dom/svg-element-attribute-js-null-expected.txt:
- svg/dom/svg-element-attribute-js-null.xhtml:
- 10:09 PM Changeset in webkit [203443] by
-
- 5 edits2 adds in trunk
Fix null handling of several HTMLDocument attributes
https://bugs.webkit.org/show_bug.cgi?id=159923
Reviewed by Benjamin Poulain.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/reflection-sections-expected.txt:
Source/WebCore:
Fix null handling of several HTMLDocument attributes:
- https://html.spec.whatwg.org/multipage/dom.html#document
- https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
In particular, null handling was incorrect in WebKit for 'dir',
'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
Firefox and Chrome match the specification.
Test: fast/dom/HTMLDocument/null-handling.html
- html/HTMLDocument.idl:
LayoutTests:
Add layout test coverage. I have verified that this test is passing in
both Firefox and Chrome.
- fast/dom/HTMLDocument/null-handling-expected.txt: Added.
- fast/dom/HTMLDocument/null-handling.html: Added.
- 8:23 PM Changeset in webkit [203442] by
-
- 2 edits in trunk/Source/WebKit2
Web Automation: WebAutomationSessionProxy's HashMaps should support '0' as valid keys
https://bugs.webkit.org/show_bug.cgi?id=159957
<rdar://problem/27376446>
Reviewed by Joseph Pecoraro.
- WebProcess/Automation/WebAutomationSessionProxy.h:
Use UnsignedWithZeroKeyHashTraits to avoid problems with zero as a key.
- 6:45 PM Changeset in webkit [203441] by
-
- 13 edits in trunk
Document.createElementNS() / createAttributeNS() parameters should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=159938
Reviewed by Benjamin Poulain.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/dom/nodes/Document-createElementNS-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Document.createElementNS() / createAttributeNS() parameters should be mandatory:
They were optional in WebKit. However, Firefox and Chrome both match the
specification.
No new tests, rebaselined existing tests.
- dom/Document.idl:
LayoutTests:
Update / rebaseline existing tests to reflect the behavior change.
- fast/dom/Document/createAttributeNS-namespace-err-expected.txt:
- fast/dom/Document/createElementNS-namespace-err-expected.txt:
- fast/dom/Document/script-tests/createAttributeNS-namespace-err.js:
- fast/dom/Document/script-tests/createElementNS-namespace-err.js:
- fast/dom/attribute-downcast-right.html:
- 6:45 PM Changeset in webkit [203440] by
-
- 5 edits in trunk
The default testing mode should not involve disabling the FTL JIT
https://bugs.webkit.org/show_bug.cgi?id=159929
Rubber stamped by Mark Lam and Saam Barati.
Source/JavaScriptCore:
Use the new powers to make some tests run only in the default configuration (i.e. FTL,
concurrent JIT).
- tests/mozilla/mozilla-tests.yaml:
Tools:
It used to be the case that most actively maintained ports did not have the FTL JIT enabled.
Heck, for most of the FTL's initial development, it wasn't enabled anywhere. So, testing the
FTL was not the default. You had to enable it with an option.
For some reason we have kept this arrangement even though the FTL JIT is now the default on
all of the major ports. This has become a serious pain. For example, it's useful to be able
to say that a test should only run in the default config that is representative of what a
normal user would see if they ran JSC. Clearly, this would be a config that does not
explicitly disable the FTL JIT on the command line. However, if you try to specify this then
your test won't run at all if the --ftl-jit option is not passed. That's dangerous!
So, this change gets rid of all of this logic. I think it's better to get rid of it then to
try to fix it, because:
- I don't know what the fix would look like. Presumably it would ensure that ports that don't have the FTL enabled never run any tests that explicitly disable the FTL, since that doesn't do anything. The code is not really structured to allow this.
- It benefits a minority of clients. Three build bots run tests in a config that has the FTL disabled in testing. On the other hand there are already build bots that do FTL tests despite having the FTL disabled by virtue of being a 32-bit platform. So, maybe rather than preserving this broken feature, we should create something that (a) acknowledges the fact that the FTL is the default on those platforms that support it and (b) avoids running no-ftl tests on precisely those platforms that don't have FTL.
- To the extent that some bots benefited from disabling FTL tests, they were doing it by relying on a feature that was never meant to stick around. The FTL JIT is meant to be the default configuration. Disabling the FTL JIT is the non-default. So, we shouldn't be pretending that the FTL JIT is not the default just because some bots used that as an optimization.
This change allows me to speed up some debug tests and paint some bots green.
- Scripts/run-javascriptcore-tests:
(runJSCStressTests):
- Scripts/run-jsc-stress-tests:
- 6:29 PM Changeset in webkit [203439] by
-
- 3 edits4 adds in trunk
Use getElementById for attribute matching if the attribute name is html's id
https://bugs.webkit.org/show_bug.cgi?id=159960
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-07-19
Reviewed by Chris Dumez.
Source/WebCore:
Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
(https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
If we are not in quirks mode, IdForStyleResolution has the same value
as the Id attribute. We can use the same optimization for both cases.
Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
fast/selectors/id-attribute-querySelector-used-as-id-selector.html
- dom/SelectorQuery.cpp:
(WebCore::canBeUsedForIdFastPath):
(WebCore::findIdMatchingType):
(WebCore::SelectorDataList::SelectorDataList):
(WebCore::selectorForIdLookup):
(WebCore::filterRootById):
LayoutTests:
- fast/selectors/id-attribute-querySelector-used-as-id-selector-expected.txt: Added.
- fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks-expected.txt: Added.
- fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html: Added.
- fast/selectors/id-attribute-querySelector-used-as-id-selector.html: Added.
- 6:27 PM Changeset in webkit [203438] by
-
- 7 edits2 adds in trunk
Drop SVGElement.xmlbase attribute
https://bugs.webkit.org/show_bug.cgi?id=159926
Reviewed by Benjamin Poulain.
Source/WebCore:
Drop SVGElement.xmlbase attribute as it is no longer part of the
specification:
Both Firefox and Chrome have already dropped support for
SVGElement.xmlbase.
Chrome's intent to remove:
https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
Test: svg/dom/SVGElement-xmlbase.html
- svg/SVGElement.cpp:
(WebCore::SVGElement::removedFrom): Deleted.
- svg/SVGElement.h:
- svg/SVGElement.idl:
LayoutTests:
- svg/dom/SVGElement-xmlbase-expected.txt: Added.
- svg/dom/SVGElement-xmlbase.html: Added.
Check that SVGElement.xmlbase does not exist.
- svg/dom/svg-element-attribute-js-null-expected.txt:
- svg/dom/svg-element-attribute-js-null.xhtml:
Drop obsolete testing for SVGElement.xmlbase.
- 6:20 PM Changeset in webkit [203437] by
-
- 5 edits2 adds in trunk
Align CSSStyleDeclaration.setProperty() with the specification
https://bugs.webkit.org/show_bug.cgi?id=159955
Reviewed by Benjamin Poulain.
Source/WebCore:
Align CSSStyleDeclaration.setProperty() with the specification:
In particular, the following changes were needed:
- The 'value' parameter should not be optional
- The 'priority' parameter should treat null as the empty string rather than the string "null".
- The 'priority' parameter's default value should be the empty string, not the string "undefined".
- CSSStyleDeclaration.setProperty() should return early if 'priority' is not the empty string and is not an ASCII case-insensitive match for the string "important".
Chrome matches the specification entirely.
Firefox matches the specification with the exception that it does a
case-sensitive match for "important".
Test: fast/css/CSSStyleDeclaration-setProperty.html
- css/CSSStyleDeclaration.idl:
- css/PropertySetCSSStyleDeclaration.cpp:
(WebCore::PropertySetCSSStyleDeclaration::setProperty):
LayoutTests:
Add layout test coverage.
- fast/css/CSSStyleDeclaration-setProperty-expected.txt: Added.
- fast/css/CSSStyleDeclaration-setProperty.html: Added.
- fast/css/shorthand-priority.html:
- 5:29 PM Changeset in webkit [203436] by
-
- 2 edits in trunk/Tools
Fix API test after r203426.
https://bugs.webkit.org/show_bug.cgi?id=159949
- TestWebKitAPI/Tests/WebKit2Cocoa/LocalStorageClear.mm:
(TEST):
If there is website data already on disk, the initial count after putting the AppCache data in place will not be exactly 1.
This is no problem. We want to verify that it is a nonzero number and that it decrements by one when we remove the 1 AppCache data.
- 5:09 PM Changeset in webkit [203435] by
-
- 6 edits in trunk
Move WebKitErrorFrameLoadBlockedByContentFilter from WebKitErrors.h to WebKitErrorsPrivate.h
https://bugs.webkit.org/show_bug.cgi?id=159956
Reviewed by Dan Bernstein.
Source/WebKit/mac:
- Misc/WebKitErrors.h: Moved definition of WebKitErrorFrameLoadBlockedByContentFilter from here ...
- Misc/WebKitErrorsPrivate.h: to here.
Tools:
- TestWebKitAPI/Tests/WebKit2Cocoa/ContentFiltering.mm: Included WKErrorRef.h.
(-[LoadAlternateNavigationDelegate webView:didFailProvisionalNavigation:withError:]):
Used kWKErrorCodeFrameLoadBlockedByContentFilter instead of WebKitErrorFrameLoadBlockedByContentFilter.
- TestWebKitAPI/Tests/mac/ContentFiltering.mm: Included WebKitErrorsPrivate.h instead of WebKitErrors.h.
- 4:38 PM Changeset in webkit [203434] by
-
- 5 edits56 adds in trunk
CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
https://bugs.webkit.org/show_bug.cgi?id=159841
<rdar://problem/27381684>
Reviewed by Brent Fulgham.
Source/WebCore:
Implement a first pass at sending multiple violation reports so as to more closely
conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
<https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
- page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
is allowed by all of the policies with the specified disposition.
(WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
all of the enforced policies.
(WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
(WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
(WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
(WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
(WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
(WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
report-only policies so that we only allow the resource for the former. As a side effect of this change
we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
for more details.
(WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
(WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
(WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
(WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
(WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
(WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
(WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
- page/csp/ContentSecurityPolicy.h:
(WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
LayoutTests:
- http/tests/security/contentSecurityPolicy/1.1/resources/scripthash-in-enforced-policy-and-not-in-report-only.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/resources/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/resources/scriptnonce-in-enforced-policy-and-not-in-report-only.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/resources/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html: Added.
- http/tests/security/contentSecurityPolicy/1.1/scripthash-multiple-policies-expected.txt: Update expected result to reflect additional console
messages. We will remove these extraneous console messages as part of the fix for <https://bugs.webkit.org/show_bug.cgi?id=159832>.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html: Added.
- 4:30 PM Changeset in webkit [203433] by
-
- 5 edits in tags/Safari-602.1.42.1/Source
Versioning.
- 4:28 PM Changeset in webkit [203432] by
-
- 1 copy in tags/Safari-602.1.42.1
New tag.
- 4:27 PM Changeset in webkit [203431] by
-
- 8 edits in branches/safari-602-branch/Source/JavaScriptCore
Merged r203419. rdar://problem/27420308
- 4:26 PM Changeset in webkit [203430] by
-
- 2 edits in branches/safari-602-branch/Source/WebCore
Merged r203404. rdar://problem/27420308
- 4:06 PM Changeset in webkit [203429] by
-
- 2 edits in trunk/Tools
Add regression test for r203392
https://bugs.webkit.org/show_bug.cgi?id=159949
Reviewed by Brady Eidson.
- TestWebKitAPI/Tests/WebKit2Cocoa/LocalStorageClear.mm:
(fileSize):
(swizzledBundleIdentifierWebBookmarksD):
(defaultApplicationCacheDirectory):
(TEST):
(swizzledBundleIdentifierMobileSafari): Deleted.
This actually tests that webbookmarksd uses the path quirk in WebsiteDataStore::defaultApplicationCacheDirectory.
I wanted to verify that it uses the same path as MobileSafari, but swizzling out the bundleIdentifier twice caused
problems with the static bools that are set once in RuntimeApplicationChecks.mm.
- 3:55 PM Changeset in webkit [203428] by
-
- 6 edits in trunk
Fix null handling of HTMLScriptElement.text attribute
https://bugs.webkit.org/show_bug.cgi?id=159943
Reviewed by Benjamin Poulain.
LayoutTests/imported/w3c:
Rebaseline W3C test now that one more check is passing.
- web-platform-tests/html/semantics/scripting-1/the-script-element/script-text-expected.txt:
Source/WebCore:
Fix null handling of HTMLScriptElement.text attribute:
We should treat null as the "null" String but we were treating it as
the empty string.
Firefox and Chrome match the specification.
No new tests, rebaselined existing test.
- html/HTMLScriptElement.idl:
- 3:55 PM Changeset in webkit [203427] by
-
- 5 edits2 adds in trunk
autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
https://bugs.webkit.org/show_bug.cgi?id=159934
Reviewed by Benjamin Poulain.
Source/WebCore:
autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
non-standard and we want to drop support for it from the bindings generator.
Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
given that both a missing/empty attribute result in using the default
autocapitalization mode and that autocapitalize returns the empty string by
default.
Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
- html/HTMLFormElement.idl:
- html/HTMLInputElement.idl:
- html/HTMLTextAreaElement.idl:
LayoutTests:
Add layout test coverage.
- platform/ios-simulator/ios/fast/forms/autocapitalize-null-expected.txt: Added.
- platform/ios-simulator/ios/fast/forms/autocapitalize-null.html: Added.
- 3:51 PM Changeset in webkit [203426] by
-
- 3 edits2 moves3 adds in trunk/Tools
Add regression test for r203392
https://bugs.webkit.org/show_bug.cgi?id=159949
Reviewed by Brady Eidson.
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/WebKit2Cocoa/ApplicationCache.db: Added.
- TestWebKitAPI/Tests/WebKit2Cocoa/ApplicationCache.db-shm: Added.
- TestWebKitAPI/Tests/WebKit2Cocoa/ApplicationCache.db-wal: Added.
- TestWebKitAPI/Tests/WebKit2Cocoa/LocalStorageClear.mm:
(TEST):
(fileSize):
(swizzledBundleIdentifierMobileSafari):
(swizzledBundleIdentifierWebBookmarksD):
(defaultApplicationCacheDirectory):
- TestWebKitAPI/cocoa/InstanceMethodSwizzler.h: Copied from TestWebKitAPI/mac/InstanceMethodSwizzler.h.
- TestWebKitAPI/cocoa/InstanceMethodSwizzler.mm: Copied from TestWebKitAPI/mac/InstanceMethodSwizzler.mm.
- TestWebKitAPI/mac/InstanceMethodSwizzler.h: Removed.
- TestWebKitAPI/mac/InstanceMethodSwizzler.mm: Removed.
- 3:50 PM Changeset in webkit [203425] by
-
- 2 edits in trunk/Source/WebCore
REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() !m_layoutRoot->container()->needsLayout() https://bugs.webkit.org/show_bug.cgi?id=159952
Reviewed by Simon Fraser.
Update ASSERTs to reflect new functionality, that is, now we can end up in a state
where the container (RenderView) of one of the dirty subtrees is dirty.
See r203415.
Covered by editing/pasteboard/drag-drop-input-in-svg.svg
- page/FrameView.cpp:
(WebCore::FrameView::scheduleRelayoutOfSubtree):
- 3:43 PM Changeset in webkit [203424] by
-
- 3 edits in trunk/Source/WebCore
REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
https://bugs.webkit.org/show_bug.cgi?id=159948
<rdar://problem/27391012>
Reviewed by Simon Fraser.
There is an iOS bug (<rdar://problem/27416744>) that is causing us
to not always get a color space on CGContextRefs. Investigation of this
exposed some optimizations we can take when we are creating ImageBuffers.
In particular, if we have a bitmap context or an IOSurfaceContext we
can simply copy their color space using API. Otherwise we stick with
the existing CGContextCopyDeviceColorSpace.
Lastly, if for some reason we are unable to copy the device color space,
we should fall back to sRGB.
- platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::ImageBuffer::createCompatibleBuffer):
- platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
- 3:35 PM Changeset in webkit [203423] by
-
- 13 edits2 adds in trunk
HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
https://bugs.webkit.org/show_bug.cgi?id=159833
<rdar://problem/27379487>
Patch by George Ruan <gruan@apple.com> on 2016-07-19
Reviewed by Eric Carlson.
Source/WebCore:
Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
- WebCore.xcodeproj/project.pbxproj:
- platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
of RefPtr<T>
- platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
- platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
observers and AVSampleBufferDisplayLayer
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
is available.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
for enqueuing sample buffers to the active video track.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
exists.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
new SampleBuffer is available.
(WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
MediaPlayerPrivateMediaSourceAVFObjC.mm
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
- platform/mediastream/MediaStreamPrivate.cpp:
(WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
- platform/mediastream/MediaStreamTrackPrivate.cpp:
(WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
is available.
- platform/mediastream/MediaStreamTrackPrivate.h:
(WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
- platform/mediastream/RealtimeMediaSource.cpp:
(WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
- platform/mediastream/RealtimeMediaSource.h:
- platform/mediastream/mac/AVVideoCaptureSource.mm:
(WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
LayoutTests:
- fast/mediastream/MediaStream-video-element-displays-buffer-expected.txt: Added.
- fast/mediastream/MediaStream-video-element-displays-buffer.html: Added. Checks that
a video element with a mediastream source displays frames that are neither black or transparent.
- fast/mediastream/resources/getUserMedia-helper.js:
(setupVideoElementWithStream): Sets up video element with global variable mediastream.
- 2:55 PM Changeset in webkit [203422] by
-
- 3 edits in trunk/Source/WebCore
Get rid of a #define private public hack in WebCore
https://bugs.webkit.org/show_bug.cgi?id=159953
Reviewed by Dan Bernstein.
Use @package instead.
- bindings/objc/DOMInternal.h:
- bindings/objc/DOMObject.h:
- 2:27 PM Changeset in webkit [203421] by
-
- 3 edits1 add in trunk
Test262 should have a file with the revision and url
https://bugs.webkit.org/show_bug.cgi?id=159937
Reviewed by Mark Lam.
Source/JavaScriptCore:
The file.
- tests/test262/test262-Revision.txt: Added.
Tools:
The import script should update the information from
the path to the test262 repository it gets.
- Scripts/import-test262-tests:
- 2:14 PM Changeset in webkit [203420] by
-
- 2 edits in trunk/Source/WebCore
Fix SharedBuffer leak in MockContentFilter::replacementData().
<https://webkit.org/b/159945>
Reviewed by Andy Estes.
Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
Since this is in the mock filter, it only affected layout tests.
- testing/MockContentFilter.cpp:
(WebCore::MockContentFilter::replacementData):
- 1:52 PM Changeset in webkit [203419] by
-
- 8 edits in trunk/Source/JavaScriptCore
WebCore-7602.1.42 fails to build: error: private field 'm_vm' is not used
https://bugs.webkit.org/show_bug.cgi?id=159944
rdar://problem/27420308
Reviewed by Dan Bernstein.
Wrap the m_vm declaration and initialization in conditional guards.
- Scripts/builtins/builtins_generate_internals_wrapper_header.py:
(generate_members):
- Scripts/builtins/builtins_generate_internals_wrapper_implementation.py:
(BuiltinsInternalsWrapperImplementationGenerator.generate_constructor):
Add guards.
- Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result:
- Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result:
- Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result:
- Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result:
- Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result:
Update expected results.
- 1:43 PM Changeset in webkit [203418] by
-
- 2 edits in trunk/LayoutTests
Land test expectations for rdar://problem/27356144.
- platform/mac/TestExpectations:
- 1:32 PM Changeset in webkit [203417] by
-
- 2 edits in trunk/Tools
Temporary workaround for iOS EWS failing after the fix for bug 159539.
To be deleted once the root cause is found and addressed.
- EWSTools/start-queue-mac.sh:
- 1:15 PM Changeset in webkit [203416] by
-
- 2 edits in trunk/Source/JavaScriptCore
REGRESSION (r203348-r203368): ASSERTION FAILED: from.isCell() && from.asCell()->JSCell::inherits(std::remove_pointer<To>::type::info())
https://bugs.webkit.org/show_bug.cgi?id=159930
Reviewed by Geoffrey Garen.
The problem is that the 32-bit DFG can flush the scope register as an unboxed cell, but the
Register::scope() method was causing us to assert that it's a JSValue with proper cell
boxing. We could have forced the DFG to flush it as a boxed JSValue, but I don't think that
would have made anything better. This fixes the issue by teaching Register::scope() that it
might see unboxed cells.
- runtime/JSScope.h:
(JSC::Register::scope):
(JSC::ExecState::lexicalGlobalObject):
- 1:10 PM Changeset in webkit [203415] by
-
- 3 edits2 adds in trunk
theguardian.co.uk crossword puzzles are sometimes not displaying text
https://bugs.webkit.org/show_bug.cgi?id=159924
<rdar://problem/27409483>
Reviewed by Simon Fraser.
Source/WebCore:
This patch fixes the case when
- 2 disjoint subtrees are dirty
- RenderView is also dirty.
and we end up not laying out one of the 2 subtrees.
In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
we already have a pending full layout which means that any previous subtree layouts have already been
converted to full layouts.
However this assumption is incorrect. RenderView can get dirty without checking if there's
already a pending subtree layout.
One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
This patch implements the second option.
Test: fast/misc/subtree-layouts.html
- page/FrameView.cpp:
(WebCore::FrameView::scheduleRelayoutOfSubtree):
LayoutTests:
- fast/misc/subtree-layouts-expected.html: Added.
- fast/misc/subtree-layouts.html: Added.
- 1:07 PM Changeset in webkit [203414] by
-
- 7 edits in trunk/Source
Some payment authorization status values should keep the sheet active
https://bugs.webkit.org/show_bug.cgi?id=159936
rdar://problem/26756701
Reviewed by Tim Horton.
Source/WebCore:
- Modules/applepay/ApplePaySession.cpp:
(WebCore::ApplePaySession::completePayment):
Keep the sheet active if the status isn't a final state status.
- Modules/applepay/PaymentAuthorizationStatus.h:
(WebCore::isFinalStateStatus):
Add a new helper function that returns whether a given payment authorization status is "final",
meaning that once that status has been passed to completePayment, the session is finished.
Source/WebKit2:
- UIProcess/ApplePay/WebPaymentCoordinatorProxy.cpp:
(WebKit::WebPaymentCoordinatorProxy::completePaymentSession):
If the status isn't a final state status, bounce the current state back to active.
- UIProcess/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.h:
Rename the _authorized ivar to _didReachFinalState.
- UIProcess/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.mm:
(-[WKPaymentAuthorizationViewControllerDelegate paymentAuthorizationViewControllerDidFinish:]):
(WebKit::WebPaymentCoordinatorProxy::platformCompletePaymentSession):
Set _didReachFinalState based on the return value of isFinalStateStatus.
- 12:20 PM Changeset in webkit [203413] by
-
- 5 edits in trunk/Source/JavaScriptCore
B3 methods that mutate the successors array should take FrequentedBlock by value
https://bugs.webkit.org/show_bug.cgi?id=159935
Reviewed by Michael Saboff.
This bug was found by ASan testing. setSuccessors() takes a const FrequentedBlock&, and the
caller that caused the ASan crash was doing:
block->setSuccessors(block->notTaken())
So, inside setSuccessors(), after we resize() the successors array, the const
FrequentedBlock& points to nonsense.
The fix is to pass FrequentedBlock by value in all of these kinds of methods.
No new tests, but ASan testing catches this instantly for anything that triggers CFG
simplification in B3. So like half of our tests.
- b3/B3BasicBlock.cpp:
(JSC::B3::BasicBlock::clearSuccessors):
(JSC::B3::BasicBlock::appendSuccessor):
(JSC::B3::BasicBlock::setSuccessors):
- b3/B3BasicBlock.h:
(JSC::B3::BasicBlock::successors):
(JSC::B3::BasicBlock::successorBlock):
- b3/B3Value.cpp:
(JSC::B3::Value::replaceWithPhi):
(JSC::B3::Value::replaceWithJump):
(JSC::B3::Value::replaceWithOops):
- b3/B3Value.h:
- 11:14 AM Changeset in webkit [203412] by
-
- 4 edits2 adds in trunk
AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
https://bugs.webkit.org/show_bug.cgi?id=159910
Reviewed by Chris Fleizach.
Source/WebCore:
We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
fixed a word navigation issue based on that.
Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
- accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::traverseToOffsetInRange):
(WebCore::AXObjectCache::rangeForNodeContents):
(WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
(WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
(WebCore::AXObjectCache::rightWordRange):
(WebCore::AXObjectCache::previousBoundary):
- accessibility/AXObjectCache.h:
(WebCore::AXObjectCache::isNodeInUse):
LayoutTests:
- accessibility/mac/text-marker-word-nav-collapsed-whitespace-expected.txt: Added.
- accessibility/mac/text-marker-word-nav-collapsed-whitespace.html: Added.
- 10:27 AM Changeset in webkit [203411] by
-
- 7 edits in trunk
[Streams API] ReadableStreamController methods should throw if its stream is not readable
https://bugs.webkit.org/show_bug.cgi?id=159871
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-19
Reviewed by Xabier Rodriguez-Calvar.
LayoutTests/imported/w3c:
- web-platform-tests/streams/readable-streams/bad-underlying-sources.https-expected.txt:
Source/WebCore:
Spec now mandates close and enqueue to throw if ReadableStream is not readable.
Covered by rebased and/or modified tests.
- Modules/streams/ReadableStreamController.js:
(enqueue): Throwing a TypeError if controlled stream is not readable.
(close): Ditto.
LayoutTests:
- streams/reference-implementation/pipe-to-options.html: Updated test case according whatwg original test.
- streams/reference-implementation/readable-stream-templated.html: Ditto.
- 10:23 AM Changeset in webkit [203410] by
-
- 2 edits in trunk/Websites/webkit.org
Adjust margins for first-line floating elements and add preset floating video sizing
https://bugs.webkit.org/show_bug.cgi?id=159898
Reviewed by Benjamin Poulain.
- wp-content/themes/webkit/style.css:
(article video.alignright):
(article .alignright:first-child):
(@media only screen and (max-width: 690px)):
(article .alignright:first-child):
(@media only screen and (max-width: 415px)):
(article video.alignright):
(article .alignright:first-child):
- 9:10 AM Changeset in webkit [203409] by
-
- 3 edits6 adds in trunk
Bubbles appear split for a brief moment in Messages
https://bugs.webkit.org/show_bug.cgi?id=159915
rdar://problem/27182267
Reviewed by David Hyatt.
Source/WebCore:
RenderView::repaintRootContents() had a long-standing bug in WebView when the
view is scrolled. repaint() uses visualOverflowRect() but, for the
RenderView, the visualOverflowRect() is the initial containing block
which is anchored at 0,0. When the view is scrolled it's clipped out and
calls to repaintRootContents() have no effect.
Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
will clip it to the view if necessary.
Test: fast/repaint/scrolled-view-full-repaint.html
- rendering/RenderView.cpp:
(WebCore::RenderView::repaintRootContents):
LayoutTests:
- fast/repaint/scrolled-view-full-repaint-expected.txt: Added.
- fast/repaint/scrolled-view-full-repaint.html: Added.
- platform/ios-simulator-wk1/fast/repaint/scrolled-view-full-repaint-expected.txt: Added.
- platform/mac-wk1/fast/repaint/scrolled-view-full-repaint-expected.txt: Added.
- 9:08 AM Changeset in webkit [203408] by
-
- 44 edits1 add in trunk/LayoutTests/imported/w3c
Refresh WPT tests up to 98ec1ad
https://bugs.webkit.org/show_bug.cgi?id=159879
Patch by Youenn Fablet <youennf@gmail.com> on 2016-07-19
Reviewed by Alex Christensen.
This refresh concerns fetch API tests with a number of test fixes.
Rebasing both window and worker expectations.
- resources/TestRepositories:
- web-platform-tests/fetch/api/basic/mode-same-origin-expected.txt:
- web-platform-tests/fetch/api/basic/mode-same-origin-worker-expected.txt:
- web-platform-tests/fetch/api/basic/mode-same-origin-worker.html:
- web-platform-tests/fetch/api/basic/mode-same-origin.html:
- web-platform-tests/fetch/api/basic/mode-same-origin.js:
- web-platform-tests/fetch/api/cors/cors-basic-worker.html:
- web-platform-tests/fetch/api/cors/cors-basic.html:
- web-platform-tests/fetch/api/cors/cors-basic.js:
(cors):
- web-platform-tests/fetch/api/cors/cors-cookies-expected.txt:
- web-platform-tests/fetch/api/cors/cors-cookies-worker-expected.txt:
- web-platform-tests/fetch/api/cors/cors-cookies-worker.html:
- web-platform-tests/fetch/api/cors/cors-cookies.html:
- web-platform-tests/fetch/api/cors/cors-cookies.js:
(corsCookies):
- web-platform-tests/fetch/api/cors/cors-no-preflight-worker.html:
- web-platform-tests/fetch/api/cors/cors-no-preflight.html:
- web-platform-tests/fetch/api/cors/cors-no-preflight.js:
(corsNoPreflight):
- web-platform-tests/fetch/api/cors/cors-origin-worker.html:
- web-platform-tests/fetch/api/cors/cors-origin.html:
- web-platform-tests/fetch/api/cors/cors-origin.js:
(corsOrigin):
- web-platform-tests/fetch/api/cors/cors-preflight-redirect-worker.html:
- web-platform-tests/fetch/api/cors/cors-preflight-redirect.html:
- web-platform-tests/fetch/api/cors/cors-preflight-redirect.js:
- web-platform-tests/fetch/api/cors/cors-preflight-referrer-expected.txt:
- web-platform-tests/fetch/api/cors/cors-preflight-referrer-worker-expected.txt:
- web-platform-tests/fetch/api/cors/cors-preflight-referrer-worker.html:
- web-platform-tests/fetch/api/cors/cors-preflight-referrer.html:
- web-platform-tests/fetch/api/cors/cors-preflight-referrer.js:
(corsPreflightReferrer):
- web-platform-tests/fetch/api/cors/cors-preflight-status-worker.html:
- web-platform-tests/fetch/api/cors/cors-preflight-status.html:
- web-platform-tests/fetch/api/cors/cors-preflight-status.js:
- web-platform-tests/fetch/api/cors/cors-redirect-credentials.html:
- web-platform-tests/fetch/api/cors/cors-redirect-credentials.js:
- web-platform-tests/fetch/api/cors/cors-redirect-worker.html:
- web-platform-tests/fetch/api/cors/cors-redirect.html:
- web-platform-tests/fetch/api/cors/cors-redirect.js:
- web-platform-tests/fetch/api/request/request-cache.html:
- web-platform-tests/fetch/api/request/resources/w3c-import.log:
- web-platform-tests/fetch/api/resources/get-host-info.sub.js: Added.
(get_host_info):
- web-platform-tests/fetch/api/resources/utils.js:
(validateBufferFromString):
- web-platform-tests/fetch/api/resources/w3c-import.log:
- web-platform-tests/fetch/api/response/response-clone-expected.txt:
- web-platform-tests/fetch/api/response/response-clone.html:
- web-platform-tests/fetch/api/response/response-consume-stream-expected.txt:
- 7:33 AM Changeset in webkit [203407] by
-
- 2 edits in trunk/Tools
[win] Fixup the register name for STIX Math and Latin Modern Math
Unreviewed follow-up of r203406
Patch by Frederic Wang <fwang@igalia.com> on 2016-07-19
- Scripts/webkitdirs.pm:
(checkInstalledTools):
- 7:18 AM Changeset in webkit [203406] by
-
- 2 edits in trunk/Tools
[win] Update the list of MathML fonts
https://bugs.webkit.org/show_bug.cgi?id=156838
The set of recommended math fonts is now described at
https://trac.webkit.org/wiki/MathML/Fonts
We update the Perl script to use the latest list of fonts.
Patch by Frederic Wang <fwang@igalia.com> on 2016-07-19
Reviewed by Brent Fulgham.
- Scripts/webkitdirs.pm:
(checkInstalledTools):
- 7:12 AM Changeset in webkit [203405] by
-
- 4 edits in trunk/LayoutTests
[Release WK2] LayoutTest imported/w3c/web-platform-tests/XMLHttpRequest/send-redirect-post-upload.htm failing
https://bugs.webkit.org/show_bug.cgi?id=159724
Unreviewed.
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-19
- TestExpectations: Marking test as failure,passs,crash.
- platform/ios-simulator-wk2/TestExpectations: Removing specific expectation.
- platform/mac-wk2/TestExpectations: Ditto.
- 7:12 AM Changeset in webkit [203404] by
-
- 2 edits in trunk/Source/WebCore
<rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
- bindings/js/JSDOMGlobalObject.cpp:
(WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
- 3:56 AM Changeset in webkit [203403] by
-
- 5 edits in trunk
[Win] The test fast/scrolling/overflow-scroll-past-max.html is timing out.
https://bugs.webkit.org/show_bug.cgi?id=159342
Reviewed by Darin Adler.
Source/WebKit/win:
- WebFrame.h: Link fix.
Tools:
Implement required functions in event sender.
- DumpRenderTree/PlatformWin.cmake:
- DumpRenderTree/win/EventSender.cpp:
(monitorWheelEvents): Added.
(callAfterScrollingCompletes): Added.
- 12:59 AM Changeset in webkit [203402] by
-
- 8 edits in trunk
[Streams API] Make ReadableStream properties not enumerable
https://bugs.webkit.org/show_bug.cgi?id=159868
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-19
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
- web-platform-tests/streams/readable-streams/general.https-expected.txt:
- web-platform-tests/streams/readable-streams/readable-stream-reader.https-expected.txt:
Source/WebCore:
Covered by rebased tests.
Uopdating IDL definitions to mark all functions/attributes as not enumerable.
Updating IDL constructor definitions to correctly compute constructor length.
Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
- Modules/streams/ReadableStream.idl:
- Modules/streams/ReadableStream.js:
- Modules/streams/ReadableStreamController.idl:
- Modules/streams/ReadableStreamReader.idl:
- 12:41 AM Changeset in webkit [203401] by
-
- 4 edits2 adds in trunk
form.enctype / encoding / method should treat null as "null" string
https://bugs.webkit.org/show_bug.cgi?id=159916
Reviewed by Ryosuke Niwa.
Source/WebCore:
form.enctype / encoding / method should treat null as "null" string:
Previously, WebKit would treat null as the null String, which would
end up removing the existing attribute.
Firefox and Chrome match the specification.
Test: fast/dom/HTMLFormElement/null-handling.html
- html/HTMLFormElement.h:
- html/HTMLFormElement.idl:
LayoutTests:
Add layout test coverage.
- fast/dom/HTMLFormElement/null-handling-expected.txt: Added.
- fast/dom/HTMLFormElement/null-handling.html: Added.
- 12:38 AM Changeset in webkit [203400] by
-
- 9 edits1 add in trunk
Add new aliases to http test server
https://bugs.webkit.org/show_bug.cgi?id=159878
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-19
Reviewed by Darin Adler.
Tools:
Adding testharness.css, testharness.js and testharnessreport.js new aliases to http test servers.
Adding explicitly these links to perl script.
Extracting default alias in an aliases.json file.
Reading that file from python scripts to initialize aliases from that file.
Python script changes covered by unit tests and changed layout test.
- Scripts/webkitperl/httpd.pm:
(getDefaultConfigForTestDirectory): Adding 3 new aliases
- Scripts/webkitpy/layout_tests/servers/aliases.json: Added.
- Scripts/webkitpy/layout_tests/servers/apache_http_server.py:
(LayoutTestApacheHttpd.init): Setting upper class tests_dir member if needed and according constructor parameter.
Adding -c directives for each alias.
- Scripts/webkitpy/layout_tests/servers/apache_http_server_unittest.py:
(TestLayoutTestApacheHttpd.test_start_cmd): Adding aliases.json mock-up file.
- Scripts/webkitpy/layout_tests/servers/http_server.py:
(Lighttpd.init): Setting upper class tests_dir member if needed and according constructor parameter.
Adding alias directive for each alias.
(Lighttpd._prepare_config):
- Scripts/webkitpy/layout_tests/servers/http_server_base.py:
(HttpServerBase.init): Adding tests_dir member with a default value being layout tests directory.
(HttpServerBase.aliases): Computing of alias from the json file, paths to the real files being relative to
layout tests directory.
- Scripts/webkitpy/layout_tests/servers/http_server_unittest.py:
(TestHttpServer.test_start_cmd): Adding aliases.json mock-up file and updating test expectation.
(TestHttpServer.test_win32_start_and_stop): Adding aliases.json mock-up file.
LayoutTests:
- http/tests/xmlhttprequest/set-bad-headervalue.html: Updating testharness.js and testharnessreport.js links to
ensure these new links are working on test servers.
Jul 18, 2016:
- 11:50 PM Changeset in webkit [203399] by
-
- 2 edits in trunk/Source/WebCore
All-in-one buildfix after r202439
https://bugs.webkit.org/show_bug.cgi?id=159877
Reviewed by Chris Dumez.
- Modules/webaudio/AudioDestinationNode.h:
(WebCore::AudioDestinationNode::resume):
(WebCore::AudioDestinationNode::suspend):
(WebCore::AudioDestinationNode::close):
- 11:50 PM Changeset in webkit [203398] by
-
- 2 edits in trunk/Source/WebKit2
Fix the --minimal build fail in InjectedBundle.cpp
https://bugs.webkit.org/show_bug.cgi?id=159770
Reviewed by Benjamin Poulain.
- WebProcess/InjectedBundle/InjectedBundle.cpp:
- 10:55 PM Changeset in webkit [203397] by
-
- 5 edits in branches/safari-602-branch/Source
Versioning.
- 10:42 PM Changeset in webkit [203396] by
-
- 8 edits1 copy1 add in trunk/Source/WebCore
Move parsing of subscriptshift and superscriptshift from rendering to element classes
https://bugs.webkit.org/show_bug.cgi?id=159622
Patch by Frederic Wang <fwang@igalia.com> on 2016-07-18
Reviewed by Darin Adler.
We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
attribute parsing to the DOM (bug 156536).
No new tests, rendering is unchanged.
- CMakeLists.txt: Add MathMLScriptsElement files.
- WebCore.xcodeproj/project.pbxproj: Ditto.
- mathml/MathMLAllInOne.cpp: Ditto.
- mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
(WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
- mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
parsing for the subscriptshift and superscriptshift MathML lengths.
(WebCore::MathMLScriptsElement::MathMLScriptsElement):
(WebCore::MathMLScriptsElement::create):
(WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
parsing the attribute again if necessary.
(WebCore::MathMLScriptsElement::superscriptShift): Ditto.
(WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
(WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
- mathml/MathMLScriptsElement.h: Ditto.
- mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
- rendering/mathml/RenderMathMLScripts.cpp:
(WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
MathMLScriptsElement.
(WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
using the functions from the MathMLScriptsElement class.
- rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
- 10:36 PM Changeset in webkit [203395] by
-
- 3 edits in trunk/Source/WebCore
Do not store gap and shift parameters on RenderMathMLFraction
https://bugs.webkit.org/show_bug.cgi?id=159876
Patch by Frederic Wang <fwang@igalia.com> on 2016-07-18
Reviewed by Darin Adler.
After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
do not need to store them on the class. We remove them and split updateLayoutParameters into
three functions: one to update the linethickness and two others to retrieve the fraction and
stack respectively.
No new tests, rendering is unchanged.
- rendering/mathml/RenderMathMLFraction.cpp:
(WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
(WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
(WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
(WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
for fraction and stack parameters.
(WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
- rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
for stack and fraction parameters.
- 10:22 PM MathML/Fonts edited by
- (diff)
- 9:45 PM Changeset in webkit [203394] by
-
- 11 edits4 adds in trunk
input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
https://bugs.webkit.org/show_bug.cgi?id=159908
Reviewed by Alex Christensen.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/reflection-forms-expected.txt:
Source/WebCore:
input.formEnctype / formMethod and button.formEnctype / formMethod / type
should treat null as "null" String:
- https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
- https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
In WebKit, we would treat null as a null String which would end up
removing the corresponding attribute. This does not match the
specification. Firefox and Chrome match the specification here.
Tests:
- fast/dom/HTMLButtonElement/null-handling.html
- fast/dom/HTMLInputElement/null-handling.html
- html/HTMLButtonElement.idl:
- html/HTMLInputElement.idl:
LayoutTests:
Add layout test coverage.
- fast/dom/HTMLButtonElement/change-type-expected.txt:
- fast/dom/HTMLButtonElement/change-type.html:
- fast/dom/HTMLButtonElement/null-handling-expected.txt: Added.
- fast/dom/HTMLButtonElement/null-handling.html: Added.
- fast/dom/HTMLInputElement/null-handling-expected.txt: Added.
- fast/dom/HTMLInputElement/null-handling.html: Added.
- fast/forms/submit-form-attributes-expected.txt:
- fast/forms/submit-form-attributes.html:
- 7:45 PM Changeset in webkit [203393] by
-
- 25 edits in trunk
Make builtin TypeErrors consistent
https://bugs.webkit.org/show_bug.cgi?id=159899
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-07-18
Reviewed by Keith Miller.
Source/JavaScriptCore:
Converge on the single TypeError for non-coercible this objects in builtins.
Also update some other style to be more consistent with-in builtins.
- builtins/ArrayIteratorPrototype.js:
(next):
- builtins/ArrayPrototype.js:
(values):
(keys):
(entries):
(reduce):
(reduceRight):
(every):
(forEach):
(filter):
(map):
(some):
(fill):
(find):
(findIndex):
(includes):
(sort):
(concatSlowPath):
(copyWithin):
- builtins/StringPrototype.js:
(match):
(repeat):
(padStart):
(padEnd):
(intrinsic.StringPrototypeReplaceIntrinsic.replace):
(localeCompare):
(search):
(split):
- tests/es6/String.prototype_methods_String.prototype.padEnd.js:
- tests/es6/String.prototype_methods_String.prototype.padStart.js:
- tests/stress/array-iterators-next-error-messages.js:
(catch):
- tests/stress/array-iterators-next-with-call.js:
- tests/stress/regexp-match.js:
(shouldThrow):
- tests/stress/regexp-search.js:
(shouldThrow):
LayoutTests:
- js/array-find-expected.txt:
- js/array-findIndex-expected.txt:
- js/array-includes-expected.txt:
- js/dom/array-prototype-properties-expected.txt:
- js/dom/script-tests/string-prototype-properties.js:
- js/dom/string-prototype-properties-expected.txt:
- js/script-tests/array-find.js:
- js/script-tests/array-findIndex.js:
- js/script-tests/string-localeCompare.js:
- js/string-localeCompare-expected.txt:
- sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.10_String.prototype.match/S15.5.4.10_A1_T3-expected.txt:
- sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.11_String.prototype.replace/S15.5.4.11_A1_T3-expected.txt:
- sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.12_String.prototype.search/S15.5.4.12_A1_T3-expected.txt:
- sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.14_String.prototype.split/S15.5.4.14_A1_T3-expected.txt:
- 7:02 PM Changeset in webkit [203392] by
-
- 5 edits in trunk/Source
webbookmarksd needs to use the same AppCache directory as MobileSafari
https://bugs.webkit.org/show_bug.cgi?id=159912
Source/WebCore:
Reviewed by Alexey Proskuryakov.
No new tests. This only changes behavior for webbookmarksd.
- platform/RuntimeApplicationChecks.h:
- platform/RuntimeApplicationChecks.mm:
(WebCore::IOSApplication::isWebBookmarksD): Added.
Source/WebKit2:
<rdar://problem/27056844>
Reviewed by Alexey Proskuryakov.
- UIProcess/API/Cocoa/APIWebsiteDataStoreCocoa.mm:
(API::WebsiteDataStore::defaultApplicationCacheDirectory):
Make webbookmarksd match MobileSafari by adding a matching runtime exception.
- 6:18 PM Changeset in webkit [203391] by
-
- 11 edits in trunk
EventTarget.dispatchEvent() parameter should not be nullable
https://bugs.webkit.org/show_bug.cgi?id=159897
Reviewed by Benjamin Poulain.
Source/WebCore:
EventTarget.dispatchEvent() parameter should not be nullable:
Even though the parameter was marked as nullable in our IDL, our
implementation does a null check and we already throw a TypeError
when calling dispatchEvent(null).
Update our IDL so that it matches the specification and so that
the null check is generated in the bindings instead.
No new tests, rebaseline existing tests.
- dom/EventTarget.cpp:
(WebCore::EventTarget::dispatchEventForBindings):
- dom/EventTarget.h:
- dom/EventTarget.idl:
LayoutTests:
Update layout tests as the message of the TypeError exception being
thrown when calling dispatchEvent(null) is now more helpful.
- fast/dom/Window/dispatchEvent-expected.txt:
- fast/events/dispatchEvent-crash-expected.txt:
- 6:16 PM Changeset in webkit [203390] by
-
- 52 edits6 adds2 deletes in trunk
Implement table-based switches in B3/Air
https://bugs.webkit.org/show_bug.cgi?id=151141
Reviewed by Benjamin Poulain.
Source/JavaScriptCore:
If a switch statement gets large, it's better to express it as an indirect jump rather than
using a binary switch (divide-and-conquer tree of comparisons leading to O(log n) branches to
get to the switch case). When dealing with integer switches, FTL will already use the B3
Switch and expect this to get lowered as efficiently as possible; it's a bug that B3 will
always use a binary switch rather than indirect jumps. When dealing with switches over some
more sophisticated types, we'd want FTL to build an indirect jump table itself and use
something like a hashtable to feed it. In that case, there will be no B3 Switch; we'll want
some way for the FTL to directly express an indirection jump when emitting B3.
This implies that we want B3 to have the ability to lower Switch to indirect jumps and to
expose those indirect jumps in IR so that the FTL could do its own indirect jumps for
switches over more complicated things like strings. But indirect jumps are tough to express
in IR. For example, the LLVM approach ("indirectbr" and "blockaddress", see
http://blog.llvm.org/2010/01/address-of-label-and-indirect-branches.html) means that some
control flow edges cannot be split. Indirectbr takes an address as input and jumps to it, and
blockaddress lets you build jump tables out of basic block addresses. This means that the
compiler can never change any successor of an indirectbr, since the client will have already
arranged for that indirectbr to jump to exactly those successors. We don't want such
restrictions in B3, since B3 relies on being able to break critical edges for SSA conversion.
Also, indirectbr is not cloneable, which would break any hope of doing specialization-based
transformations like we want to do for multiple entrypoints (bug 159391). The goal of this
change is to let clients do indirect jumps without placing any restrictions on IR.
The trick is to allow Patchpoints to be used as block terminals. Patchpoints already allow
clients of B3 to emit whatever code they like. Patchpoints are friendly to B3's other
transformations because the client of the patchpoint has to play along with whatever
decisions B3 had made around the patchpoint: what registers got used, what the control flow
looks like, etc. Patchpoints can even be cloned by B3, and the client has to accommodate this
in their patchpoint generator. It turns out that using Patchpoints as terminals is quite
natural. We accomplish this by moving the successor edges out of ControlValue and into
BasicBlock, and removing ControlValue entirely. This way, any Value subclass can be a
terminal. It was already true that a Value is a terminal if value->effects().terminal, which
works great with Patchpoints since they control their effects via PatchpointValue::effects.
You can make your Patchpoint into a terminal by placing it at the end of a block and doing:
patchpoint->effects.terminal = true;
A Patchpoints in terminal position gets access to additional API in StackmapGenerationParams.
The generator can get a Box<Label> for each successor to its owning block. For example, to
implement a jump-table-based switch, you would make your patchpoint take the table index as
its sole input. Inside the generator, you allocate the jump table and emit a BaseIndex jump
that uses the jump table pointer (which will be a constant known to the generator since it
just allocated it) as the base and the patchpoint input as an index. The jump table can be
populated by MacroAssemblerCodePtr's computed by installing a link task to resolve the labels
to concrete locations. This change makes LowerMacros do such a lowering for Switches that can
benefit from jump tables. This happens recursively: if the original Switch is too sparse, we
will divide-and-conquer as before. If at any recursion step we find that the remaining cases
are dense and large enough to profit from a jump table, then those cases will be lowered to a
Patchpoint that does the table jump. This is a fun way to do stepwise lowering: LowerMacros
is essentially pre-lowering the Switch directly to machine code, and wrapping that machine
code in a Patchpoint so that the rest of the compiler doesn't have to know anything about
what happened. I suspect that in the future we will want to do other pre-lowerings this way,
whenever the B3 IR phases have some special knowledge about what machine code should be
emitted and it would be annoying to drag that knowledge through the rest of the compiler.
One downside of this change is that we used ControlValue in so many places. Most of this
patch involves removing references to ControlValue. It would be less than 100kb if it wasn't
for that. To make this a bit easier, I added "appendNewControlValue" methods to BasicBlock,
which allocate a Value and set the successors as if you had done "appendNew<ControlValue>".
This made for an easy search-and-replace in testb3 and FTLOutput. I filed bug 159440 to
remove this ugly stopgap method.
I think that we will also end up using this facility to extend our use of snippets. We
already use shared snippet generators for the generic forms of arithmetic. We will probably
also want to do this for generic forms of branches. This wouldn't have been possible prior to
this change, since there would have been no way to emit a control snippet in FTL. Now we can
emit control snippets using terminal patchpoints.
This is a ~30% speed-up on microbenchmarks that have big switch statements (~60 cases). It's
not a speed-up on mainstream benchmarks.
This also adds a new test to testb3 for terminal Patchpoints, Get, and Set. The FTL does not
currently use terminal Patchpoints directly, but we want this to be possible. It also doesn't
use Get/Set directly even though we want this to be possible. It's important to test these
since opcodes that result from lowering don't affect early phases, so we could have
regressions in early phases related to these opcodes that wouldn't be caught by any JS test.
So, this adds a very basic threaded interpreter to testb3 for a Brainfuck-style language, and
tests it by having it run a program that prints the numbers 1..100 in a loop. Unlike a real
threaded interpreter, it uses a common dispatch block rather than having dispatch at the
terminus of each opcode. That's necessary because PolyJump is not cloneable. The state of the
interpreter is represented using Variables that we Get and Set, so it tests Get/Set as well.
- CMakeLists.txt:
- JavaScriptCore.xcodeproj/project.pbxproj:
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::jump):
- assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::jump):
- assembler/X86Assembler.h:
(JSC::X86Assembler::jmp_m):
- b3/B3BasicBlock.cpp:
(JSC::B3::BasicBlock::append):
(JSC::B3::BasicBlock::appendNonTerminal):
(JSC::B3::BasicBlock::removeLast):
(JSC::B3::BasicBlock::appendIntConstant):
(JSC::B3::BasicBlock::clearSuccessors):
(JSC::B3::BasicBlock::appendSuccessor):
(JSC::B3::BasicBlock::setSuccessors):
(JSC::B3::BasicBlock::replaceSuccessor):
(JSC::B3::BasicBlock::addPredecessor):
(JSC::B3::BasicBlock::deepDump):
(JSC::B3::BasicBlock::appendNewControlValue):
- b3/B3BasicBlock.h:
(JSC::B3::BasicBlock::numSuccessors):
(JSC::B3::BasicBlock::successor):
(JSC::B3::BasicBlock::successors):
(JSC::B3::BasicBlock::successorBlock):
(JSC::B3::BasicBlock::successorBlocks):
(JSC::B3::BasicBlock::numPredecessors):
(JSC::B3::BasicBlock::predecessor):
(JSC::B3::BasicBlock::frequency):
- b3/B3BasicBlockInlines.h:
(JSC::B3::BasicBlock::replaceLastWithNew):
(JSC::B3::BasicBlock::taken):
(JSC::B3::BasicBlock::notTaken):
(JSC::B3::BasicBlock::fallThrough):
(JSC::B3::BasicBlock::numSuccessors): Deleted.
(JSC::B3::BasicBlock::successor): Deleted.
(JSC::B3::BasicBlock::successors): Deleted.
(JSC::B3::BasicBlock::successorBlock): Deleted.
(JSC::B3::BasicBlock::successorBlocks): Deleted.
- b3/B3BlockInsertionSet.cpp:
(JSC::B3::BlockInsertionSet::splitForward):
- b3/B3BreakCriticalEdges.cpp:
(JSC::B3::breakCriticalEdges):
- b3/B3CaseCollection.cpp: Added.
(JSC::B3::CaseCollection::dump):
- b3/B3CaseCollection.h: Added.
(JSC::B3::CaseCollection::CaseCollection):
(JSC::B3::CaseCollection::operator[]):
(JSC::B3::CaseCollection::iterator::iterator):
(JSC::B3::CaseCollection::iterator::operator*):
(JSC::B3::CaseCollection::iterator::operator++):
(JSC::B3::CaseCollection::iterator::operator==):
(JSC::B3::CaseCollection::iterator::operator!=):
(JSC::B3::CaseCollection::begin):
(JSC::B3::CaseCollection::end):
- b3/B3CaseCollectionInlines.h: Added.
(JSC::B3::CaseCollection::fallThrough):
(JSC::B3::CaseCollection::size):
(JSC::B3::CaseCollection::at):
- b3/B3CheckSpecial.cpp:
(JSC::B3::CheckSpecial::CheckSpecial):
(JSC::B3::CheckSpecial::hiddenBranch):
- b3/B3Common.h:
(JSC::B3::is64Bit):
- b3/B3ControlValue.cpp: Removed.
- b3/B3ControlValue.h: Removed.
- b3/B3DataSection.cpp:
(JSC::B3::DataSection::DataSection):
- b3/B3DuplicateTails.cpp:
- b3/B3FixSSA.cpp:
- b3/B3FoldPathConstants.cpp:
- b3/B3LowerMacros.cpp:
- b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::run):
(JSC::B3::Air::LowerToAir::lower):
- b3/B3MathExtras.cpp:
(JSC::B3::powDoubleInt32):
- b3/B3Opcode.h:
(JSC::B3::isConstant):
(JSC::B3::isDefinitelyTerminal):
- b3/B3PatchpointSpecial.cpp:
(JSC::B3::PatchpointSpecial::generate):
(JSC::B3::PatchpointSpecial::isTerminal):
(JSC::B3::PatchpointSpecial::dumpImpl):
- b3/B3PatchpointSpecial.h:
- b3/B3Procedure.cpp:
(JSC::B3::Procedure::resetReachability):
- b3/B3Procedure.h:
(JSC::B3::Procedure::lastPhaseName):
(JSC::B3::Procedure::byproducts):
- b3/B3ReduceStrength.cpp:
- b3/B3StackmapGenerationParams.cpp:
(JSC::B3::StackmapGenerationParams::unavailableRegisters):
(JSC::B3::StackmapGenerationParams::successorLabels):
(JSC::B3::StackmapGenerationParams::fallsThroughToSuccessor):
(JSC::B3::StackmapGenerationParams::proc):
- b3/B3StackmapGenerationParams.h:
(JSC::B3::StackmapGenerationParams::gpScratch):
(JSC::B3::StackmapGenerationParams::fpScratch):
- b3/B3SwitchValue.cpp:
(JSC::B3::SwitchValue::~SwitchValue):
(JSC::B3::SwitchValue::removeCase):
(JSC::B3::SwitchValue::hasFallThrough):
(JSC::B3::SwitchValue::setFallThrough):
(JSC::B3::SwitchValue::appendCase):
(JSC::B3::SwitchValue::dumpSuccessors):
(JSC::B3::SwitchValue::dumpMeta):
(JSC::B3::SwitchValue::cloneImpl):
(JSC::B3::SwitchValue::SwitchValue):
- b3/B3SwitchValue.h:
(JSC::B3::SwitchValue::accepts):
(JSC::B3::SwitchValue::caseValues):
(JSC::B3::SwitchValue::cases):
(JSC::B3::SwitchValue::fallThrough): Deleted.
(JSC::B3::SwitchValue::size): Deleted.
(JSC::B3::SwitchValue::at): Deleted.
(JSC::B3::SwitchValue::operator[]): Deleted.
(JSC::B3::SwitchValue::iterator::iterator): Deleted.
(JSC::B3::SwitchValue::iterator::operator*): Deleted.
(JSC::B3::SwitchValue::iterator::operator++): Deleted.
(JSC::B3::SwitchValue::iterator::operator==): Deleted.
(JSC::B3::SwitchValue::iterator::operator!=): Deleted.
(JSC::B3::SwitchValue::begin): Deleted.
(JSC::B3::SwitchValue::end): Deleted.
- b3/B3Validate.cpp:
- b3/B3Value.cpp:
(JSC::B3::Value::replaceWithPhi):
(JSC::B3::Value::replaceWithJump):
(JSC::B3::Value::replaceWithOops):
(JSC::B3::Value::dump):
(JSC::B3::Value::deepDump):
(JSC::B3::Value::dumpSuccessors):
(JSC::B3::Value::negConstant):
(JSC::B3::Value::typeFor):
- b3/B3Value.h:
- b3/air/AirCode.cpp:
(JSC::B3::Air::Code::addFastTmp):
(JSC::B3::Air::Code::addDataSection):
(JSC::B3::Air::Code::jsHash):
- b3/air/AirCode.h:
(JSC::B3::Air::Code::isFastTmp):
(JSC::B3::Air::Code::setLastPhaseName):
- b3/air/AirCustom.h:
(JSC::B3::Air::PatchCustom::shouldTryAliasingDef):
(JSC::B3::Air::PatchCustom::isTerminal):
(JSC::B3::Air::PatchCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::PatchCustom::generate):
(JSC::B3::Air::CCallCustom::admitsStack):
(JSC::B3::Air::CCallCustom::isTerminal):
(JSC::B3::Air::CCallCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::ShuffleCustom::admitsStack):
(JSC::B3::Air::ShuffleCustom::isTerminal):
(JSC::B3::Air::ShuffleCustom::hasNonArgNonControlEffects):
- b3/air/AirGenerate.cpp:
(JSC::B3::Air::generate):
- b3/air/AirGenerationContext.h:
- b3/air/AirInst.h:
(JSC::B3::Air::Inst::hasNonControlEffects):
- b3/air/AirSimplifyCFG.cpp:
(JSC::B3::Air::simplifyCFG):
- b3/air/AirSpecial.cpp:
(JSC::B3::Air::Special::shouldTryAliasingDef):
(JSC::B3::Air::Special::isTerminal):
(JSC::B3::Air::Special::hasNonArgNonControlEffects):
- b3/air/AirSpecial.h:
- b3/air/AirValidate.cpp:
- b3/air/opcode_generator.rb:
- b3/testb3.cpp:
- ftl/FTLLowerDFGToB3.cpp:
- ftl/FTLOutput.cpp:
(JSC::FTL::Output::jump):
(JSC::FTL::Output::branch):
(JSC::FTL::Output::ret):
(JSC::FTL::Output::unreachable):
(JSC::FTL::Output::speculate):
(JSC::FTL::Output::trap):
(JSC::FTL::Output::anchor):
(JSC::FTL::Output::decrementSuperSamplerCount):
(JSC::FTL::Output::addIncomingToPhi):
- ftl/FTLOutput.h:
(JSC::FTL::Output::constIntPtr):
(JSC::FTL::Output::callWithoutSideEffects):
(JSC::FTL::Output::switchInstruction):
(JSC::FTL::Output::phi):
(JSC::FTL::Output::addIncomingToPhi):
Websites/webkit.org:
Update documentation to reflect Patchpoint's new powers.
- docs/b3/intermediate-representation.html:
LayoutTests:
- js/regress/bigswitch-expected.txt: Added.
- js/regress/bigswitch.html: Added.
- js/regress/script-tests/bigswitch.js: Added.
(foo):
- 5:57 PM Changeset in webkit [203389] by
-
- 6 edits2 adds in trunk
DocType's publicId / systemId should not be nullable
https://bugs.webkit.org/show_bug.cgi?id=159901
Reviewed by Benjamin Poulain.
LayoutTests/imported/w3c:
Rebaseline now that more checks regarding DocumentType serialization
are passing.
- web-platform-tests/domparsing/xml-serialization-expected.txt:
Source/WebCore:
DocType's publicId / systemId should not be nullable. While they were
not marked as nullable in our IDL, they could be stored as null Strings
in our implementation depending on how the Node was constructed. This
led to subtle bugs where String() != emptyString().
In particular, Node.isEqualNode() would return false when DocumentType
nodes would mismatch because of their publicId / systemId being null
instead of the emptyString.
Serialization would DocumentType nodes would also be wrong when
publicId / systemId were empty Strings instead of null strings. The
new behavior now matches:
To address these issues, we now always store publicId / systemId as
non-null Strings inside the DocumentType class.
Test: fast/dom/DocumentType/isEqualNode.html
- dom/DocumentType.cpp:
(WebCore::DocumentType::DocumentType):
- editing/MarkupAccumulator.cpp:
(WebCore::MarkupAccumulator::appendDocumentType):
LayoutTests:
Add test coverage for comparison of DocumentType nodes
using isEqualNode(). This tests used to fail and now passes.
The test passes in Firefox and Chrome as well.
- fast/dom/DocumentType/isEqualNode-expected.txt: Added.
- fast/dom/DocumentType/isEqualNode.html: Added.
- 5:47 PM Changeset in webkit [203388] by
-
- 6 edits2 adds in trunk
If previous media session interruptions were prevented, still allow subsequent interruptions to try.
https://bugs.webkit.org/show_bug.cgi?id=157553
rdar://problem/25740804
Patch by Jeremy Jones <jeremyj@apple.com> on 2016-07-18
Reviewed by Eric Carlson.
Source/WebCore:
Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
When suspending under lock on iOS, there is first a resign active event, then a
suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
suspend under lock to interrupt playback.
Currently if there are nested interruptions only the first one is acted upon.
This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
previous interruptions were ignored.
This test is for iPad only, so it must be run manually.
- html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
- platform/audio/PlatformMediaSession.cpp:
(WebCore::PlatformMediaSession::beginInterruption):
- testing/Internals.cpp:
(WebCore::Internals::beginMediaSessionInterruption):
LayoutTests:
When suspending under lock on iOS, there is first a resign active event, then a
suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
suspend under lock to interrupt playback.
Currently if there are nested interruptions only the first one is acted upon.
This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
previous interruptions were ignored.
This test is for iPad only, so it must be run manually.
- platform/ios-simulator/TestExpectations:
- platform/ios-simulator/media/video-interruption-suspendunderlock-expcted.txt: Added.
- platform/ios-simulator/media/video-interruption-suspendunderlock.html: Added.
- 5:38 PM Changeset in webkit [203387] by
-
- 2 edits in trunk/Source/WebKit2
Don't null out the IPC::Connection's XPC connection
https://bugs.webkit.org/show_bug.cgi?id=159911
rdar://problem/27018065
Reviewed by Alex Christensen.
The function that nulls out the XPC connection, platformInvalidate(), is called from the connection queue,
whereas the XPC connection is normally accessed from the main thread leading to inconsistencies when the
connection is being invalidated while the main thread is trying to access it.
Fix this by simply never nulling out the XPC connection. It will be released when the IPC::Connection is destroyed anyway.
- Platform/IPC/mac/ConnectionMac.mm:
(IPC::Connection::platformInvalidate):
- 5:24 PM Changeset in webkit [203386] by
-
- 5 edits in trunk/Tools
EWS console logs doesn't go to log file
https://bugs.webkit.org/show_bug.cgi?id=159539
<rdar://problem/24464570>
Reviewed by David Kilzer.
- Scripts/webkitpy/common/system/logutils.py:
(configure_logger_to_log_to_file): Added method to configure the logger to log to file.
(FileSystemHandler): Added class which uses logging.FileHandler as base class and supports writing
to filesystem. It also supports passing MockFilesystem.
(FileSystemHandler.init): Initialize the class and calls base class init.
(FileSystemHandler._open): Overrides the base class _open method to use filesystem object.
- Scripts/webkitpy/tool/commands/earlywarningsystem_unittest.py:
(AbstractEarlyWarningSystemTest.test_failing_tests_message): Added MockHost() parameter.
(_test_ews): Same.
- Scripts/webkitpy/tool/commands/queues.py:
(AbstractQueue.begin_work_queue): Configure the logger to log to file.
(AbstractQueue._log_directory): Using filesystem object instead of os.
(AbstractQueue.queue_log_path): Same.
(AbstractQueue.init): Passed host parameter.
(PatchProcessingQueue.init): Same.
(CommitQueue.init): Same.
(AbstractReviewQueue.init): Same.
(StyleQueue.init): Same.
- Scripts/webkitpy/tool/commands/queues_unittest.py:
(TestCommitQueue): Passed MockHost() as host.
(TestCommitQueue.init): Same.
(TestQueue.init): Same.
(TestReviewQueue.init): Same.
(TestFeederQueue.init): Same.
(AbstractPatchQueueTest.test_next_patch): Same.
(PatchProcessingQueueTest.test_upload_results_archive_for_patch): Same.
(test_commit_queue_failure): Same.
(MockCommitQueueTask.results_from_patch_test_run): Same.
(test_rollout_lands): Same.
(test_non_valid_patch): Same.
(test_auto_retry): Same.
(test_style_queue_with_watch_list_exception): Same.
- 5:24 PM Changeset in webkit [203385] by
-
- 2 edits in trunk/Source/WebKit2
Tapping on an apple.com tab in tab overview stutters when switching to it
https://bugs.webkit.org/show_bug.cgi?id=159904
<rdar://problem/27192350>
Reviewed by Simon Fraser.
- UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.mm:
(WebKit::RemoteLayerTreeDrawingAreaProxy::waitForDidUpdateViewState):
In any case where we get to waitForDidUpdateViewState (usually a tab switch),
if we have an outstanding didUpdate message, the Web process will not commit
a new layer tree until it receives the didUpdate message. However, since
waitForDidUpdateViewState synchronously blocks the UI process, we also
won't *send* the didUpdate message, so we block for the full timeout duration.
Instead, if we get to waitForDidUpdateViewState, just send the didUpdate without
waiting for the DisplayLink or anything else, because calling rAF slightly too
quickly, once, is certainly better than blocking the UI process for a whole second.
- 5:20 PM Changeset in webkit [203384] by
-
- 2 edits in trunk/Source/WebKit2
[GTK] ENABLE_OPENGL=OFF build broken since r201802
https://bugs.webkit.org/show_bug.cgi?id=159909
Reviewed by Antonio Gomes.
- WebProcess/WebPage/LayerTreeHost.h: Add missing include.
- 5:13 PM Changeset in webkit [203383] by
-
- 5 edits4 adds in trunk
Don't associate form-associated elements with forms in other trees.
https://bugs.webkit.org/show_bug.cgi?id=119451
<rdar://problem/27382946>
Change is based on the Blink change (patch by <adamk@chromium.org>):
<https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
Reviewed by Chris Dumez.
Source/WebCore:
Prevent elements from being associated with forms that are not part of the same home subtree.
This brings us in line with the WhatWG HTML specification as of September, 2013.
Tests: fast/forms/image-disconnected-during-parse.html
fast/forms/input-disconnected-during-parse.html
- dom/Element.h:
(WebCore::Node::rootElement): Added.
- html/FormAssociatedElement.cpp:
(WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
is not part of the same tree, remove the association.
- html/HTMLImageElement.cpp:
(WebCore::HTMLImageElement::insertedInto): Ditto.
LayoutTests:
- fast/forms/image-disconnected-during-parse-expected.txt: Added.
- fast/forms/image-disconnected-during-parse.html: Added.
- fast/forms/input-disconnected-during-parse-expected.txt: Added.
- fast/forms/input-disconnected-during-parse.html: Added.
- 4:56 PM Changeset in webkit [203382] by
-
- 1 copy in tags/Safari-602.1.42
New tag.
- 4:54 PM Changeset in webkit [203381] by
-
- 14 edits5 adds in trunk/Source
WebKit nightly fails to build on macOS Sierra
https://bugs.webkit.org/show_bug.cgi?id=159902
rdar://problem/27365672
Reviewed by Tim Horton.
Source/JavaScriptCore:
- icu/unicode/ucurr.h: Added.
Add ucurr.h from ICU.
Source/WebCore:
- Modules/applepay/cocoa/PaymentCocoa.mm:
- Modules/applepay/cocoa/PaymentContactCocoa.mm:
- Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
- Modules/applepay/cocoa/PaymentMethodCocoa.mm:
Use new PassKitSPI header.
- WebCore.xcodeproj/project.pbxproj:
Add new PassKitSPI header.
- icu/unicode/ucurr.h: Added.
Add ucurr.h from ICU.
- platform/spi/cocoa/PassKitSPI.h: Added.
Add new PassKitSPI header.
Source/WebKit/mac:
- icu/unicode/ucurr.h: Added.
Add ucurr.h from ICU.
Source/WebKit2:
- Shared/Cocoa/WebCoreArgumentCodersCocoa.mm:
- UIProcess/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.h:
- UIProcess/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.mm:
- UIProcess/ApplePay/mac/WebPaymentCoordinatorProxyMac.mm:
Use new PassKitSPI header.
Source/WTF:
- icu/unicode/ucurr.h: Added.
Add ucurr.h from ICU.
- 4:39 PM Changeset in webkit [203380] by
-
- 15 edits in trunk
REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
https://bugs.webkit.org/show_bug.cgi?id=159906
<rdar://problem/27391725>
Reviewed by Simon Fraser.
The fix for webkit.org/b/157569 in r200769 broke AMP pages.
The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
Revert them both until we have better testing.
Source/WebCore:
- css/CSSParser.cpp:
(WebCore::CSSParser::addPropertyWithPrefixingVariant):
(WebCore::CSSParser::parseValue):
(WebCore::CSSParser::parseAnimationShorthand):
(WebCore::CSSParser::parseTransitionShorthand): Deleted.
- css/CSSPropertyNames.in:
- css/PropertySetCSSStyleDeclaration.cpp:
(WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
(WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
(WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
(WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
- css/StyleProperties.cpp:
(WebCore::MutableStyleProperties::removeShorthandProperty):
(WebCore::MutableStyleProperties::removeProperty):
(WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
(WebCore::MutableStyleProperties::setProperty):
(WebCore::getIndexInShorthandVectorForPrefixingVariant):
(WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
(WebCore::MutableStyleProperties::setPrefixingVariantProperty):
(WebCore::StyleProperties::asText): Deleted.
- css/StyleProperties.h:
LayoutTests:
- animations/fill-mode-forwards-zero-duration.html:
- animations/play-state-start-paused.html:
- animations/script-tests/spring-parsing.js:
(testSpring):
- animations/spring-parsing-expected.txt:
- animations/unprefixed-properties-expected.txt:
- animations/unprefixed-properties.html:
- fast/css/prefixed-unprefixed-variant-style-declaration-expected.txt:
- fast/css/shorthand-omitted-initial-value-overrides-shorthand-expected.txt:
- 4:16 PM Changeset in webkit [203379] by
-
- 8 edits3 adds in trunk
There should be a way to simulate memory pressure in layout tests
<https://webkit.org/b/159743>
Reviewed by Simon Fraser.
Source/WebCore:
Add three window.internal APIs:
- boolean isUnderMemoryPressure (readonly attribute)
- void beginSimulatedMemoryPressure()
- void endSimulatedMemoryPressure()
These make it possible to write tests that exercise behaviors that only
occur during memory pressure situations.
I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
Test: memory/memory-pressure-simulation.html
- platform/MemoryPressureHandler.cpp:
(WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
(WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
- platform/MemoryPressureHandler.h:
(WebCore::MemoryPressureHandler::isUnderMemoryPressure):
- platform/cocoa/MemoryPressureHandlerCocoa.mm:
(WebCore::MemoryPressureHandler::platformReleaseMemory):
(WebCore::MemoryPressureHandler::install):
- testing/Internals.cpp:
(WebCore::Internals::isUnderMemoryPressure):
(WebCore::Internals::beginSimulatedMemoryPressure):
(WebCore::Internals::endSimulatedMemoryPressure):
- testing/Internals.h:
- testing/Internals.idl:
LayoutTests:
Add a basic test for the new APIs.
- memory/memory-pressure-simulation-expected.txt: Added.
- memory/memory-pressure-simulation.html: Added.
- 3:46 PM Changeset in webkit [203378] by
-
- 10 edits2 adds in trunk
[iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
https://bugs.webkit.org/show_bug.cgi?id=158715
Source/WebCore:
Patch by Said Abou-Hallawa <sabouhallawa@apple,com> on 2016-07-18
Reviewed by Dean Jackson.
Test: fast/images/displaced-non-cached-pdf.html
For iOS, we need to ensure the size of the cached PDF images will not
exceed some limit. Also we should be caching only a sub image of the PDF
if caching the whole image will exceed the memory limit.
- page/Settings.cpp:
(WebCore::Settings::Settings):
(WebCore::Settings::setCachedPDFImageEnabled):
- page/Settings.h:
(WebCore::Settings::isCachedPDFImageEnabled):
Add an option to disable caching the PDF images.
- platform/graphics/cg/PDFDocumentImage.cpp:
(WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
Allow the caller of draw() to disable caching the PDF images.
(WebCore::PDFDocumentImage::cacheParametersMatch):
Match the context dirty rectangle with the cached image rectangle.
(WebCore::transformContextForPainting):
When preparing the context for drawing the PDF, take the location
of the destination rectangle into account. We do not need to scale
the location of the source rectangle because we scale the size of
the rectangle but we don't scale the whole coordinate system.
(WebCore::cachedImageRect):
Calculate the rectangle of the cached image such that it does not
exceed the limit. Start from the center of the dirty rectangle and
then expand around it.
(WebCore::PDFDocumentImage::decodedSizeChanged):
In addition to notifying the ImageObserver, it keeps track of the size
of all the cached PDF images.
(WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
Ensure the size of all the cached images does not exceed the limit
(WebCore::PDFDocumentImage::destroyDecodedData):
- platform/graphics/cg/PDFDocumentImage.h:
- rendering/RenderImage.cpp:
(WebCore::RenderImage::paintIntoRect):
Pass the option to disable caching the PDF images to PDFDocumentImage.
- testing/InternalSettings.cpp:
(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setCachedPDFImageEnabled):
- testing/InternalSettings.h:
- testing/InternalSettings.idl:
Add an internal option to disable caching the PDF images.
LayoutTests:
Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-07-18
Reviewed by Dean Jackson.
Make sure the PDF image will be displayed at the correct position if caching
the PDF image is disabled.
- fast/images/displaced-non-cached-pdf-expected.html: Added.
- fast/images/displaced-non-cached-pdf.html: Added.
- 3:33 PM Changeset in webkit [203377] by
-
- 9 edits2 adds6 deletes in trunk
The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=158008
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline several W3C tests now that more checks are passing.
- web-platform-tests/XMLHttpRequest/interfaces-expected.txt:
- web-platform-tests/dom/interfaces-expected.txt:
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
The 2 first parameters to addEventListener() / removeEventListener() should be
mandatory:
Firefox 46 and Chrome 50 both match the specification and throw an exception when those
parameters are omitted. However, those parameters were marked as optional in WebKit and
the calls were no-ops if those parameters were omitted. This patch aligns our behavior
with the specification and other browsers.
Test: fast/dom/eventtarget-api-parameters.html
- bindings/scripts/CodeGeneratorJS.pm:
(GetFunctionLength): Deleted.
- dom/EventTarget.idl:
LayoutTests:
- fast/dom/Window/window-legacy-event-listener-expected.txt: Removed.
- fast/dom/Window/window-legacy-event-listener.html: Removed.
- fast/dom/XMLHttpRequest-legacy-event-listener-expected.txt: Removed.
- fast/dom/XMLHttpRequest-legacy-event-listener.html: Removed.
- fast/dom/node-legacy-event-listener-expected.txt: Removed.
- fast/dom/node-legacy-event-listener.html: Removed.
Drop legacy tests that expect the addEventListener() / removeEventListener()
parameters to be optional.
- fast/dom/eventtarget-api-parameters-expected.txt: Added.
- fast/dom/eventtarget-api-parameters.html: Added.
Add layout test to check that the 2 first parameters of addEventListener()
and removeEventListener() are now mandatory. It also checks that the
second parameter is nullable.
- media/video-remote-control-playpause.html:
Drop useless call to addEventListener() without a listener as it now throws.
- 3:20 PM Changeset in webkit [203376] by
-
- 3 edits1 add in trunk/Source
ASSERTION FAILED: : (year >= 1970 && yearday >= 0) (year < 1970 && yearday < 0) -- WTF/wtf/DateMath.cpp https://bugs.webkit.org/show_bug.cgi?id=159883
Reviewed by Filip Pizlo.
Source/JavaScriptCore:
New test.
- tests/stress/regress-159883.js: Added.
Source/WTF:
The function daysFrom1970ToYear() takes an integer year and returns a double result.
The calculation uses 1970 as a baseline year and subtracts 1970 from the argument year.
It does that subtraction using integer arithmetic, which given negative years close to
INT_MIN can underflow as a result of subtracting 1970. Since we want a double result,
the fix is to cast year as a double before the subtraction, which eliminates the underflow.
- wtf/DateMath.cpp:
(WTF::daysFrom1970ToYear):
- 2:33 PM Changeset in webkit [203375] by
-
- 21 edits2 adds in trunk/Source/JavaScriptCore
MarkedBlocks should know that they can be used for more than JSCells
https://bugs.webkit.org/show_bug.cgi?id=159643
Reviewed by Geoffrey Garen.
This teaches the Heap that a MarkedBlock may hold either JSCells, or Auxiliary, which is
not a JSCell. It teaches the heap and all of the things that walk the heap to ignore
non-JSCells whenever they are looking for global objects, JSObjects, and things to trace
for debugging or profiling. The idea is that we will be able to allocate butterflies and
typed array backing stores as Auxiliary in MarkedSpace rather than allocating those things
in CopiedSpace. That's what bug 159658 is all about.
This gives us a new type, called HeapCell, which is just meant to be a class distinct from
JSCell or any type we would use for Auxiliary. For convenience, JSCell is a subclass of
HeapCell. HeapCell has an enum called HeapCell::Kind, which is either HeapCell::JSCell or
HeapCell::Auxiliary. MarkedSpace no longer speaks of JSCells directly except when dealing
with destruction.
This change required doing a lot of stuff to all of those functor callbacks, since they
now take HeapCell* instead of JSCell* and they take an extra HeapCell::Kind argument to
tell them if they are dealing with JSCells or Auxiliary. I figured that this would be as
good a time as any to convert those functors to being lambda-compatible. This means that
operator() must be const. In some cases, converting the operator() to be const would have
taken more work than just turning the whole thing into a lambda. Whenever this was the
case, I converted the code to use lambdas. I left a lot of functors alone. In cases where
the functor would benefit from being a lambda, for example because it would get rid of
const_casts or mutables, I put in a FIXME referencing bug 159644.
- CMakeLists.txt:
- JavaScriptCore.xcodeproj/project.pbxproj:
- debugger/Debugger.cpp:
(JSC::Debugger::SetSteppingModeFunctor::SetSteppingModeFunctor):
(JSC::Debugger::SetSteppingModeFunctor::operator()):
(JSC::Debugger::ToggleBreakpointFunctor::ToggleBreakpointFunctor):
(JSC::Debugger::ToggleBreakpointFunctor::operator()):
(JSC::Debugger::ClearCodeBlockDebuggerRequestsFunctor::ClearCodeBlockDebuggerRequestsFunctor):
(JSC::Debugger::ClearCodeBlockDebuggerRequestsFunctor::operator()):
(JSC::Debugger::ClearDebuggerRequestsFunctor::ClearDebuggerRequestsFunctor):
(JSC::Debugger::ClearDebuggerRequestsFunctor::operator()):
- heap/CodeBlockSet.h:
(JSC::CodeBlockSet::iterate):
- heap/HandleSet.h:
(JSC::HandleNode::next):
(JSC::HandleSet::forEachStrongHandle):
- heap/Heap.cpp:
(JSC::GatherHeapSnapshotData::GatherHeapSnapshotData):
(JSC::GatherHeapSnapshotData::operator()):
(JSC::RemoveDeadHeapSnapshotNodes::RemoveDeadHeapSnapshotNodes):
(JSC::RemoveDeadHeapSnapshotNodes::operator()):
(JSC::Heap::protectedGlobalObjectCount):
(JSC::Heap::globalObjectCount):
(JSC::Heap::protectedObjectCount):
(JSC::Heap::protectedObjectTypeCounts):
(JSC::Heap::objectTypeCounts):
(JSC::Heap::deleteAllCodeBlocks):
(JSC::MarkedBlockSnapshotFunctor::MarkedBlockSnapshotFunctor):
(JSC::MarkedBlockSnapshotFunctor::operator()):
(JSC::Zombify::visit):
(JSC::Zombify::operator()):
(JSC::Heap::zombifyDeadObjects):
(JSC::Heap::flushWriteBarrierBuffer):
- heap/Heap.h:
(JSC::Heap::handleSet):
(JSC::Heap::handleStack):
- heap/HeapCell.cpp: Added.
(WTF::printInternal):
- heap/HeapCell.h: Added.
(JSC::HeapCell::HeapCell):
(JSC::HeapCell::zap):
(JSC::HeapCell::isZapped):
- heap/HeapInlines.h:
(JSC::Heap::deprecatedReportExtraMemory):
(JSC::Heap::forEachCodeBlock):
(JSC::Heap::forEachProtectedCell):
(JSC::Heap::allocateWithDestructor):
- heap/HeapStatistics.cpp:
(JSC::StorageStatistics::visit):
(JSC::StorageStatistics::operator()):
- heap/HeapVerifier.cpp:
(JSC::GatherLiveObjFunctor::visit):
(JSC::GatherLiveObjFunctor::operator()):
- heap/MarkedAllocator.cpp:
(JSC::MarkedAllocator::allocateBlock):
(JSC::MarkedAllocator::addBlock):
(JSC::MarkedAllocator::reset):
(JSC::MarkedAllocator::lastChanceToFinalize):
(JSC::LastChanceToFinalize::operator()): Deleted.
- heap/MarkedAllocator.h:
(JSC::MarkedAllocator::takeLastActiveBlock):
(JSC::MarkedAllocator::resumeAllocating):
(JSC::MarkedAllocator::forEachBlock):
- heap/MarkedBlock.cpp:
(JSC::MarkedBlock::create):
(JSC::MarkedBlock::destroy):
(JSC::MarkedBlock::MarkedBlock):
(JSC::MarkedBlock::callDestructor):
(JSC::MarkedBlock::specializedSweep):
(JSC::SetNewlyAllocatedFunctor::SetNewlyAllocatedFunctor):
(JSC::SetNewlyAllocatedFunctor::operator()):
(JSC::MarkedBlock::stopAllocating):
(JSC::MarkedBlock::didRetireBlock):
- heap/MarkedBlock.h:
(JSC::MarkedBlock::CountFunctor::CountFunctor):
(JSC::MarkedBlock::CountFunctor::count):
(JSC::MarkedBlock::CountFunctor::returnValue):
(JSC::MarkedBlock::needsDestruction):
(JSC::MarkedBlock::cellKind):
(JSC::MarkedBlock::size):
(JSC::MarkedBlock::clearNewlyAllocated):
(JSC::MarkedBlock::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::isLive):
(JSC::MarkedBlock::isLiveCell):
(JSC::MarkedBlock::forEachCell):
(JSC::MarkedBlock::forEachLiveCell):
(JSC::MarkedBlock::forEachDeadCell):
- heap/MarkedSpace.cpp:
(JSC::MarkedSpace::MarkedSpace):
(JSC::MarkedSpace::~MarkedSpace):
(JSC::MarkedSpace::lastChanceToFinalize):
(JSC::MarkedSpace::sweep):
(JSC::MarkedSpace::zombifySweep):
(JSC::MarkedSpace::resetAllocators):
(JSC::MarkedSpace::visitWeakSets):
(JSC::MarkedSpace::reapWeakSets):
(JSC::MarkedSpace::forEachAllocator):
(JSC::MarkedSpace::stopAllocating):
(JSC::MarkedSpace::resumeAllocating):
(JSC::MarkedSpace::isPagedOut):
(JSC::MarkedSpace::shrink):
(JSC::clearNewlyAllocatedInBlock):
(JSC::MarkedSpace::clearNewlyAllocated):
(JSC::MarkedSpace::clearMarks):
(JSC::Free::Free): Deleted.
(JSC::Free::operator()): Deleted.
(JSC::FreeOrShrink::FreeOrShrink): Deleted.
(JSC::FreeOrShrink::operator()): Deleted.
(JSC::VisitWeakSet::VisitWeakSet): Deleted.
(JSC::VisitWeakSet::operator()): Deleted.
(JSC::ReapWeakSet::operator()): Deleted.
(JSC::LastChanceToFinalize::operator()): Deleted.
(JSC::StopAllocatingFunctor::operator()): Deleted.
(JSC::ResumeAllocatingFunctor::operator()): Deleted.
(JSC::ClearNewlyAllocated::operator()): Deleted.
(JSC::VerifyNewlyAllocated::operator()): Deleted.
- heap/MarkedSpace.h:
(JSC::MarkedSpace::forEachLiveCell):
(JSC::MarkedSpace::forEachDeadCell):
(JSC::MarkedSpace::allocatorFor):
(JSC::MarkedSpace::allocateWithDestructor):
(JSC::MarkedSpace::forEachBlock):
(JSC::MarkedSpace::didAddBlock):
(JSC::MarkedSpace::objectCount):
(JSC::MarkedSpace::size):
(JSC::MarkedSpace::capacity):
(JSC::ClearMarks::operator()): Deleted.
(JSC::Sweep::operator()): Deleted.
(JSC::ZombifySweep::operator()): Deleted.
(JSC::MarkCount::operator()): Deleted.
(JSC::Size::operator()): Deleted.
- runtime/JSCell.h:
(JSC::JSCell::zap): Deleted.
(JSC::JSCell::isZapped): Deleted.
- runtime/JSCellInlines.h:
(JSC::allocateCell):
(JSC::JSCell::isObject):
(JSC::isZapped): Deleted.
- runtime/JSGlobalObject.cpp:
- tools/JSDollarVMPrototype.cpp:
(JSC::CellAddressCheckFunctor::CellAddressCheckFunctor):
(JSC::CellAddressCheckFunctor::operator()):
- 2:15 PM Changeset in webkit [203374] by
-
- 5 edits4 deletes in trunk
Unreviewed, rolling out r203373.
Unaddressed
Reverted changeset:
"Don't associate form-associated elements with forms in other
trees."
https://bugs.webkit.org/show_bug.cgi?id=119451
http://trac.webkit.org/changeset/203373
- 2:12 PM Changeset in webkit [203373] by
-
- 5 edits4 adds in trunk
Don't associate form-associated elements with forms in other trees.
https://bugs.webkit.org/show_bug.cgi?id=119451
<rdar://problem/27382946>
Change is based on the Blink change (patch by <adamk@chromium.org>):
<https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
Reviewed by Zalan Bujtas.
Source/WebCore:
Prevent elements from being associated with forms that are not part of the same home subtree.
This brings us in line with the WhatWG HTML specification as of September, 2013.
Tests: fast/forms/image-disconnected-during-parse.html
fast/forms/input-disconnected-during-parse.html
- dom/NodeTraversal.h:
(WebCore::NodeTraversal::highestAncestorOrSelf): Added.
- html/FormAssociatedElement.cpp:
(WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
is not part of the same tree, remove the association.
- html/HTMLImageElement.cpp:
(WebCore::HTMLImageElement::insertedInto): Ditto.
LayoutTests:
- fast/forms/image-disconnected-during-parse-expected.txt: Added.
- fast/forms/image-disconnected-during-parse.html: Added.
- fast/forms/input-disconnected-during-parse-expected.txt: Added.
- fast/forms/input-disconnected-during-parse.html: Added.
- 1:59 PM Changeset in webkit [203372] by
-
- 3 edits in trunk/LayoutTests
Marking storage/indexeddb/modern/handle-user-delete.html as flaky on mac-wk2
https://bugs.webkit.org/show_bug.cgi?id=159896
Unreviewed test gardening.
- platform/mac-wk2/TestExpectations:
- platform/mac/TestExpectations:
- 1:41 PM Changeset in webkit [203371] by
-
- 5 edits in trunk/Source/WebKit2
Mail contents are temporarily obscured by black rectangles when returning from suspend and in app switcher
https://bugs.webkit.org/show_bug.cgi?id=159894
<rdar://problem/26973202>
Reviewed by Simon Fraser.
- UIProcess/ApplicationStateTracker.h:
- UIProcess/ApplicationStateTracker.mm:
(WebKit::ApplicationStateTracker::ApplicationStateTracker):
(WebKit::ApplicationStateTracker::~ApplicationStateTracker):
(WebKit::ApplicationStateTracker::applicationDidCreateWindowContext):
- UIProcess/ios/WKContentView.mm:
(-[WKContentView didMoveToWindow]):
(-[WKContentView _applicationDidCreateWindowContext]):
(-[WKContentView _applicationWillEnterForeground]): Deleted.
- UIProcess/ios/WKPDFView.mm:
(-[WKPDFView didMoveToWindow]):
(-[WKPDFView _applicationDidCreateWindowContext]):
- UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::applicationDidFinishSnapshottingAfterEnteringBackground):
Hide content at window context creation time, instead of when the application
becomes foregrounded. Otherwise, background snapshots (which create/destroy
window contexts, but do not bring the app into the foreground) can have
parented layers that have volatile surfaces in them. In the normal case,
we will subsequently get foregrounded and re-build the layer tree; in the
background snapshot case, we will just have an empty layer tree.
In the future, we should consider making ApplicationStateTracker use
window context creation/destruction to drive web process lifetime, so
that we can actually paint correctly for background snapshots.
- 1:31 PM Changeset in webkit [203370] by
-
- 8 edits38 adds in trunk
Source/JavaScriptCore:
Repeatedly creating and destroying workers that enqueue DFG plans can outpace the DFG worklist, which then causes VM shutdown to stall, which then causes memory growth
https://bugs.webkit.org/show_bug.cgi?id=159754
Reviewed by Geoffrey Garen.
If you create and destroy workers at a high rate and those workers enqueue some DFG plans
that are still not compiled at the time that the worker is closed, then the closed workers
end up stalling in VM::~VM waiting for the DFG worklist thread to finish those plans. Since
we don't actually cancel the plans, it's easy to create a situation where the workers
outpace the DFG worklist, especially if you create many workers at a time and each one
finishes just after enqueueing those plans.
The solution is to allow VM::~VM to remove plans from the DFG worklist that are related to
that VM but aren't currently being worked on. That turns out to be an easy change.
I have a test that repros this, but it's quite long-running. I call it workers/bomb.html. We
may want to exclude it from test runs because of how long it takes.
- dfg/DFGWorklist.cpp:
(JSC::DFG::Worklist::removeDeadPlans):
(JSC::DFG::Worklist::removeNonCompilingPlansForVM):
(JSC::DFG::Worklist::queueLength):
(JSC::DFG::Worklist::runThread):
- dfg/DFGWorklist.h:
- runtime/VM.cpp:
(JSC::VM::~VM):
LayoutTests:
Repeatedly creating and destroying workers that enqueue DFG plans can outpace the DFG worklist, which then causes VM shutdown to stall, which then causes a memory growth
https://bugs.webkit.org/show_bug.cgi?id=159754
Reviewed by Geoffrey Garen.
Adds two tests that create a lot of workers that do sophisticated things. These are
long-running tests so we may want to skip them. It's OK if we end up only running them
manually occasionally.
- workers: Added.
- workers/bomb.html: Added.
- workers/bomb-expected.txt: Added.
- workers/bomb-with-v8.html: Added.
- workers/tests: Added.
- workers/tests/3d-cube.js: Added.
- workers/tests/3d-morph.js: Added.
- workers/tests/3d-raytrace.js: Added.
- workers/tests/access-binary-trees.js: Added.
- workers/tests/access-fannkuch.js: Added.
- workers/tests/access-nbody.js: Added.
- workers/tests/access-nsieve.js: Added.
- workers/tests/bitops-3bit-bits-in-byte.js: Added.
- workers/tests/bitops-bits-in-byte.js: Added.
- workers/tests/bitops-bitwise-and.js: Added.
- workers/tests/bitops-nsieve-bits.js: Added.
- workers/tests/controlflow-recursive.js: Added.
- workers/tests/crypto-aes.js: Added.
- workers/tests/crypto-md5.js: Added.
- workers/tests/crypto-sha1.js: Added.
- workers/tests/date-format-tofte.js: Added.
- workers/tests/date-format-xparb.js: Added.
- workers/tests/math-cordic.js: Added.
- workers/tests/math-partial-sums.js: Added.
- workers/tests/math-spectral-norm.js: Added.
- workers/tests/regexp-dna.js: Added.
- workers/tests/string-base64.js: Added.
- workers/tests/string-fasta.js: Added.
- workers/tests/string-tagcloud.js: Added.
- workers/tests/string-unpack-code.js: Added.
- workers/tests/string-validate-input.js: Added.
- workers/tests/v8-crypto.js: Added.
- workers/tests/v8-deltablue.js: Added.
- workers/tests/v8-earley-boyer.js: Added.
- workers/tests/v8-raytrace.js: Added.
- workers/tests/v8-regexp.js: Added.
- workers/tests/v8-richards.js: Added.
- workers/tests/v8-splay.js: Added.
- 1:16 PM Changeset in webkit [203369] by
-
- 2 edits in trunk/LayoutTests
Marking storage/indexeddb/modern/abort-requests-cancelled.html as flaky on mac-wk1
https://bugs.webkit.org/show_bug.cgi?id=156070
Unreviewed test gardening.
- platform/mac-wk1/TestExpectations:
- 1:12 PM Changeset in webkit [203368] by
-
- 6 edits9 adds in trunk
Object.preventExtensions/seal/freeze makes code much slower
https://bugs.webkit.org/show_bug.cgi?id=143247
Reviewed by Michael Saboff.
Source/JavaScriptCore:
This has been a huge pet peeve of mine for a long time, but I was always afraid of fixing
it because I thought that it would be hard. Well, it looks like it's not hard at all.
The problem is that you cannot mutate a structure that participates in transition caching.
You can only clone the structure and mutate that one. But if you do this, you have to make
a hard choice:
1) Clone the structure without caching the transition. This is what the code did before
this change. It's the most obvious choice, but it introduces an uncacheable transition
that leads to an explosion of structures, which then breaks all inline caches.
2) Perform one of the existing cacheable transitions. Cacheable transitions can either add
properties or they can do one of the NonPropertyTransitions, which until now have been
restricted to just IndexingType transitions. So, only adding transitions or making
certain prescribed changes to the indexing type count as cacheable transitions.
This change decouples NonPropertyTransition from IndexingType and adds three new kinds of
transitions: PreventExtensions, Seal, and Freeze. We have to give any cacheable transition
a name that fully disambiguates this transition from any other, so that the transition can
be cached. Since we're already giving them names in an enum, I figured that the most
pragmatic way to implement them is to have Structure::nonPropertyTransition() case on the
NonPropertyTransition and implement all of the mutations associated with that transition.
The alternative would have been to allow callers of nonPropertyTransition() to supply
something like a lambda that describes the mutation, but this seemed awkward since each
set of mutations has to anyway be tied to one of the NonPropertyTransition members.
This is an enormous speed-up on microbenchmarks that use Object.preventExtensions(),
Object.seal(), or Object.freeze(). I don't know if "real" benchmarks use these features
and I don't really care. This should be fast.
- runtime/JSObject.cpp:
(JSC::JSObject::notifyPresenceOfIndexedAccessors):
(JSC::JSObject::createInitialUndecided):
(JSC::JSObject::createInitialInt32):
(JSC::JSObject::createInitialDouble):
(JSC::JSObject::createInitialContiguous):
(JSC::JSObject::convertUndecidedToInt32):
(JSC::JSObject::convertUndecidedToDouble):
(JSC::JSObject::convertUndecidedToContiguous):
(JSC::JSObject::convertInt32ToDouble):
(JSC::JSObject::convertInt32ToContiguous):
(JSC::JSObject::convertDoubleToContiguous):
(JSC::JSObject::switchToSlowPutArrayStorage):
- runtime/Structure.cpp:
(JSC::Structure::suggestedArrayStorageTransition):
(JSC::Structure::addPropertyTransition):
(JSC::Structure::toUncacheableDictionaryTransition):
(JSC::Structure::sealTransition):
(JSC::Structure::freezeTransition):
(JSC::Structure::preventExtensionsTransition):
(JSC::Structure::takePropertyTableOrCloneIfPinned):
(JSC::Structure::nonPropertyTransition):
(JSC::Structure::pin):
(JSC::Structure::pinForCaching):
(JSC::Structure::allocateRareData):
- runtime/Structure.h:
- runtime/StructureTransitionTable.h:
(JSC::toAttributes):
(JSC::changesIndexingType):
(JSC::newIndexingType):
(JSC::preventsExtensions):
(JSC::setsDontDeleteOnAllProperties):
(JSC::setsReadOnlyOnAllProperties):
LayoutTests:
These tests now run ~25x faster.
- js/regress/freeze-and-do-work-expected.txt: Added.
- js/regress/freeze-and-do-work.html: Added.
- js/regress/prevent-extensions-and-do-work-expected.txt: Added.
- js/regress/prevent-extensions-and-do-work.html: Added.
- js/regress/script-tests/freeze-and-do-work.js: Added.
(Foo):
- js/regress/script-tests/prevent-extensions-and-do-work.js: Added.
(Foo):
- js/regress/script-tests/seal-and-do-work.js: Added.
(Foo):
- js/regress/seal-and-do-work-expected.txt: Added.
- js/regress/seal-and-do-work.html: Added.
- 1:12 PM Changeset in webkit [203367] by
-
- 2 edits in trunk/LayoutTests
Marking imported/w3c/web-platform-tests/XMLHttpRequest/event-readystatechange-loaded.htm as flaky on mac-debug WK1
https://bugs.webkit.org/show_bug.cgi?id=159893
Unreviewed test gardening.
- platform/mac-wk1/TestExpectations:
- 1:03 PM Changeset in webkit [203366] by
-
- 2 edits in trunk/LayoutTests
Marking media/video-load-preload-metadata.html as flaky on Mac.
https://bugs.webkit.org/show_bug.cgi?id=128312
Unreviewed test gardening.
- platform/mac/TestExpectations:
- 12:51 PM Changeset in webkit [203365] by
-
- 10 edits in trunk/Source
RegisterSet should use a Bitmap instead of a BitVector so that it never allocates memory and is trivial to copy
https://bugs.webkit.org/show_bug.cgi?id=159863
Reviewed by Saam Barati.
Source/JavaScriptCore:
Switch RegisterSet set to Bitmap because Bitmap doesn't ever allocate memory and can be
assigned by memcpy. This should be a performance improvement for compiler code that does a
lot of things with RegisterSet. For example, it's one of the fundamental data structures in
Air. The previous use of BitVector meant that almost every operation on RegisterSet would
have a slow path call. On ARM64, it would mean memory allocation for any RegisterSet that
used all available registers.
This meant adding even more GPR/FPR reflection to the MacroAssembler API: we now have consts
called numGPRs and numFPRs. This is necessary to statically size the Bitmap in RegisterSet.
Here's the breakdown of sizes of RegisterSet on different CPUs:
x86-32: 8 bits (GPRs) + 8 bits (FPRs) + 1 bit (is deleted) = 1x uint32_t.
x86-64: 16 bits + 16 bits + 1 bit = 2x uint32_t.
ARMv7: 16 bits + 16 bits + 1 bit = 2x uint32_t.
ARM64: 32 bits + 32 bits + 1 bit = 3x uint32_t.
- assembler/MacroAssemblerARM.h:
- assembler/MacroAssemblerARM64.h:
- assembler/MacroAssemblerARMv7.h:
- assembler/MacroAssemblerX86.h:
- assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::scratchRegister):
- assembler/MacroAssemblerX86_64.h:
- jit/RegisterSet.h:
(JSC::RegisterSet::set):
(JSC::RegisterSet::get):
(JSC::RegisterSet::setAll):
(JSC::RegisterSet::merge):
(JSC::RegisterSet::filter):
(JSC::RegisterSet::exclude):
(JSC::RegisterSet::numberOfSetRegisters):
(JSC::RegisterSet::RegisterSet):
(JSC::RegisterSet::isEmptyValue):
(JSC::RegisterSet::isDeletedValue):
(JSC::RegisterSet::operator==):
(JSC::RegisterSet::operator!=):
(JSC::RegisterSet::hash):
(JSC::RegisterSet::forEach):
(JSC::RegisterSet::setMany):
Source/WTF:
Give Bitmap all of the power of BitVector (except for automatic resizing). This means a
variant of set() that takes a bool, and a bunch of helper methods (merge, filter, exclude,
forEachSetBit, ==, !=, and hash).
- wtf/Bitmap.h:
(WTF::WordType>::set):
(WTF::WordType>::testAndSet):
(WTF::WordType>::isFull):
(WTF::WordType>::merge):
(WTF::WordType>::filter):
(WTF::WordType>::exclude):
(WTF::WordType>::forEachSetBit):
(WTF::=):
(WTF::WordType>::hash):
- 12:32 PM Changeset in webkit [203364] by
-
- 31 edits12 adds in trunk
DFG and FTL should support op_call_eval
https://bugs.webkit.org/show_bug.cgi?id=159786
Reviewed by Saam Barati.
Source/JavaScriptCore:
This adds support for op_call_eval in DFG and FTL by brute force:
- There is now a CallEval() node type, which compiles exactly the same way that we do in baseline.
- We teach the DFG and bytecode liveness that the scope register and 'this' are read by CallEval()/op_call_eval.
We can compile eval quite well, except that right now we cannot inline functions that use
eval. It would be nice to do that, but the payoff is probably smaller. "Don't inline users
of eval" may even be an OK inlining heuristic. Not inlining users of eval allows me to
reuse the baseline implementation, which is really great. Otherwise, I'd have to get rid
of things like the rogue reads of scope register and 'this'.
The goal here is to produce speed-ups for code that has functions that do both eval and
some computational stuff. Obviously, we're not producing any benefit for the eval itself.
But now the other stuff in a function that uses eval will get to participate in
optimization.
This is a huge speed-up on microbenchmarks.
- bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::printCallOp):
(JSC::CodeBlock::dumpBytecode):
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::setLocal):
(JSC::DFG::ByteCodeParser::setArgument):
(JSC::DFG::ByteCodeParser::flush):
(JSC::DFG::ByteCodeParser::parseBlock):
- dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGGraph.h:
(JSC::DFG::Graph::needsScopeRegister):
(JSC::DFG::Graph::needsFlushedThis):
- dfg/DFGHeapLocation.cpp:
(WTF::printInternal):
- dfg/DFGHeapLocation.h:
- dfg/DFGMayExit.cpp:
- dfg/DFGNode.h:
(JSC::DFG::Node::hasHeapPrediction):
- dfg/DFGNodeType.h:
- dfg/DFGOSRExitCompiler.cpp:
- dfg/DFGPredictionPropagationPhase.cpp:
- dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGStackLayoutPhase.cpp:
(JSC::DFG::StackLayoutPhase::run):
- dfg/DFGWatchpointCollectionPhase.cpp:
(JSC::DFG::WatchpointCollectionPhase::handle):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLCompile.cpp:
(JSC::FTL::compile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
(JSC::FTL::DFG::LowerDFGToB3::compileCallEval):
(JSC::FTL::DFG::LowerDFGToB3::compileLoadVarargs):
- jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer):
(JSC::AssemblyHelpers::emitDumbVirtualCall):
- jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::emitTypeOf):
- jit/JITCall.cpp:
(JSC::JIT::compileCallEvalSlowCase):
- jit/JITCall32_64.cpp:
(JSC::JIT::compileCallEvalSlowCase):
- jit/JITOperations.cpp:
- tests/stress/exit-then-eval.js: Added.
(foo):
- tests/stress/force-exit-then-eval-dfg.js: Added.
(foo):
- tests/stress/force-exit-then-eval.js: Added.
(foo):
LayoutTests:
- js/regress/eval-compute-expected.txt: Added.
- js/regress/eval-compute.html: Added.
- js/regress/eval-not-eval-compute-args-expected.txt: Added.
- js/regress/eval-not-eval-compute-args.html: Added.
- js/regress/eval-not-eval-compute-expected.txt: Added.
- js/regress/eval-not-eval-compute.html: Added.
- js/regress/script-tests/eval-compute.js: Added.
(foo):
- js/regress/script-tests/eval-not-eval-compute-args.js: Added.
(foo):
(i.result.foo):
- js/regress/script-tests/eval-not-eval-compute.js: Added.
(foo):
(i.result.foo):
- 12:23 PM Changeset in webkit [203363] by
-
- 5 edits2 adds in trunk/Source/WebCore
Move MediaSampleAVFObjC into its own file
https://bugs.webkit.org/show_bug.cgi?id=159796
<rdar://problem/27362488>
In preparation for a feature that uses MediaSampleAVFObjC, but does
not need SourceBufferPrivateAVFObjC, it is beneficial to move
MediaSampleAVFObjC to its own file.
Patch by George Ruan <gruan@apple.com> on 2016-07-18
Reviewed by Eric Carlson.
- WebCore.xcodeproj/project.pbxproj:
- platform/MediaSample.h: Allow setting trackID to associate
MediaSample id with MediaStreamTrackPrivate id.
- platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
- platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
from MediaSampleAVFObjC
(WebCore::MediaSampleAVFObjC::presentationTime):
(WebCore::MediaSampleAVFObjC::decodeTime):
(WebCore::MediaSampleAVFObjC::duration):
(WebCore::MediaSampleAVFObjC::sizeInBytes):
(WebCore::MediaSampleAVFObjC::platformSample):
(WebCore::CMSampleBufferIsRandomAccess):
(WebCore::MediaSampleAVFObjC::flags):
(WebCore::MediaSampleAVFObjC::presentationSize):
(WebCore::MediaSampleAVFObjC::dump):
(WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
(WebCore::MediaSampleAVFObjC::setTimestamps):
- platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
Moved MediaSampleAVFObjC to its own file.
(WebCore::MediaSampleAVFObjC::platformSample): Deleted.
(WebCore::CMSampleBufferIsRandomAccess): Deleted.
(WebCore::MediaSampleAVFObjC::flags): Deleted.
(WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
(WebCore::MediaSampleAVFObjC::dump): Deleted.
(WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
(WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
- platform/mock/mediasource/MockSourceBufferPrivate.cpp:
- 12:18 PM Changeset in webkit [203362] by
-
- 3 edits in trunk/Source/WebCore
[MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
https://bugs.webkit.org/show_bug.cgi?id=159812
<rdar://problem/27371624>
Reviewed by Jon Lee.
No new tests, it isn't possible to test this with our current testing infrastructure.
- platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
- platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
(WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
been an HDCP error.
(WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
- 12:12 PM Changeset in webkit [203361] by
-
- 25 edits6 adds in trunk
DFG should really support jneq_ptr
https://bugs.webkit.org/show_bug.cgi?id=159700
Reviewed by Keith Miller.
Source/JavaScriptCore:
Prior to this change, DFG statically speculated that jneq_ptr would always fall through. This
meant that programs that called o.apply() or o.call() where apply or call weren't the
expected ones (i.e. the function.prototype.apply/call) would rage-recompile forever.
This adds profiling to jneq_ptr. We now know if it always falls through or sometimes doesn't.
If it sometimes doesn't, we now emit an actual control flow diamond. I decided to add a new
NodeType for "equal pointer", since none of the existing ones really captured that. For
example, there was no way to express "equal pointer" for strings or symbols. We don't use it
for that right now, but we might, and if we did, then it would be hugely surprising that the
DFG interpreted this as value equality. So, the DFG now has CompareEqPtr, which means exactly
what jneq_ptr means by "equal pointer".
This is an enormous speed-up on microbenchmarks. I would assume that it's a speed-up on some
real things, too, but I don't know that for a fact.
- bytecode/BytecodeList.json:
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
- bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
(JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
(JSC::BytecodeGenerator::emitExpectedFunctionSnippet):
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGNode.h:
(JSC::DFG::Node::hasCellOperand):
- dfg/DFGNodeType.h:
- dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileRecordRegExpCachedResult):
(JSC::DFG::SpeculativeJIT::compileCompareEqPtr):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGValidate.cpp:
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareEqPtr):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareLess):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEqConstant): Deleted.
- jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_eq):
- jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_eq):
- llint/LowLevelInterpreter32_64.asm:
- llint/LowLevelInterpreter64.asm:
LayoutTests:
These tests now run super fast.
- js/regress/apply-not-apply-expected.txt: Added.
- js/regress/apply-not-apply.html: Added.
- js/regress/call-or-not-call-expected.txt: Added.
- js/regress/call-or-not-call.html: Added.
- js/regress/script-tests/apply-not-apply.js: Added.
(let.o.apply):
(foo):
- js/regress/script-tests/call-or-not-call.js: Added.
(let.o.call):
(foo):
- 12:12 PM Changeset in webkit [203360] by
-
- 3 edits in branches/safari-602-branch/Source/JavaScriptCore
Merged r203351. rdar://problem/27327111
- 12:07 PM Changeset in webkit [203359] by
-
- 12 edits in branches/safari-602-branch/Source
Merge patch for rdar://problem/27360961.
- 11:57 AM Changeset in webkit [203358] by
-
- 2 edits in trunk/LayoutTests
Marking fast/shapes/shape-outside-floats/shape-outside-big-box-border-radius-002.html as flaky on ios-sim
https://bugs.webkit.org/show_bug.cgi?id=159881
Unreviewed test gardening.
- platform/ios-simulator-wk2/TestExpectations:
- 11:57 AM Changeset in webkit [203357] by
-
- 3 edits in trunk/LayoutTests
Marking http/tests/loading/basic-auth-resend-wrong-credentials.html as flaky on Mac and iOS WK2
https://bugs.webkit.org/show_bug.cgi?id=159884
Unreviewed test gardening.
- platform/ios-simulator-wk2/TestExpectations:
- platform/mac-wk2/TestExpectations:
- 11:55 AM Changeset in webkit [203356] by
-
- 7 edits3 adds in trunk
OSR entry into DFG has problems with lexical scoping
https://bugs.webkit.org/show_bug.cgi?id=159687
Reviewed by Saam Barati.
Source/JavaScriptCore:
What a fun bug! It turns out that uses of lexical scoping, like "let", may sometimes cause us
to not be able to OSR enter into a loop from baseline to DFG. The bug is in a mitigation for
a different bug, which in turn had a mitigation for yet another bug, so the story here is a
long one.
DFG OSR entry has long had a mitigation for the following bug: the DFG bytecode parser may
choose to make us always OSR exit at some instruction if it thinks that it doesn't have
enough profiling for that instruction. We will do this if some kinds of put_by_id only
execute once, for example. This causes problems for loopy benchmarks like this:
put_by_id(something crazy);
for (var i = 0; i < bigNumber; ++i) simpleMath;
In this case, the put_by_id will have only executed once, and since it did something crazy
that one time, the bytecode parser will replace it with ForceOSRExit.
This creates an OSR entry bug: DFG CFA will then prove that the loop is unreachable, and will
tell OSR entry that it's impossible to enter into that loop.
We mitigated this bug a long time ago by recording mustHandleValues for loops at which we
want to enter. We inject these values into DFG CFA and we force CFA to recognize that the
loop is reachable even if CFA wanted to prove that it wasn't.
But this leads to another bug: we need to scrape the values from the stack inside
operationOptimize() and then we need to reason about them in the compiler. Some of those
values may be garbage, which would cause pandemonium inside the compiler. We also mitigated
this bug, by only recording the "vars", since those are guaranteed to be reset by op_enter.
And that's where the lexical scoping bug happens: "let" bound variables aren't part of the
"vars". DFG will see that they are live, but mustHandleValues will not have anything for
those variables, so CFA will prove that the values are Bottom. Then OSR entry will always
fail because no value is ever a subset of Bottom.
The first part of the fix is to ensure that mustHandleValues record all of the values on the
stack (i.e. within m_numCalleeLocals, rather than just m_numVars). But this creates a second
problem: we may record garbage. This patch includes a better fix for the garbage: before
touching mustHandleValues we run the bytecode liveness analysis and clear any values that are
not live. This ensures that we clear the garbage.
This is an enormous speed-up on microbenchmarks that use lexical scoping and have some crazy
put_by_id in the lead-up to the hot loop.
- dfg/DFGCFAPhase.cpp:
(JSC::DFG::CFAPhase::run):
- dfg/DFGOSREntry.cpp:
(JSC::DFG::prepareOSREntry):
- dfg/DFGPlan.cpp:
(JSC::DFG::Plan::compileInThreadImpl):
(JSC::DFG::Plan::checkLivenessAndVisitChildren):
(JSC::DFG::Plan::cancel):
(JSC::DFG::Plan::cleanMustHandleValuesIfNecessary):
- dfg/DFGPlan.h:
(JSC::DFG::Plan::canTierUpAndOSREnter):
- jit/JITOperations.cpp:
LayoutTests:
- js/regress/script-tests/strict-osr-entry.js: Added.
(let.o.apply_):
- js/regress/strict-osr-entry-expected.txt: Added.
- js/regress/strict-osr-entry.html: Added.
- 11:51 AM Changeset in webkit [203355] by
-
- 7 edits in branches/safari-602-branch/Source/JavaScriptCore
Merged r203353. rdar://problem/27405849
- 11:48 AM Changeset in webkit [203354] by
-
- 5 edits in trunk/Source
Versioning.
- 11:47 AM Changeset in webkit [203353] by
-
- 7 edits in trunk/Source/JavaScriptCore
REGRESSION(r202975): --minimal build is broken
https://bugs.webkit.org/show_bug.cgi?id=159765
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-18
Reviewed by Chris Dumez.
Covered partially by builtin generated test code.
Updating generator to add a global compilation guard around the code that generates all global internal properties.
Split the generate_methods function in two, one dedicated to the visit method and the second one dedicated to
the initialize method.
- Scripts/builtins/builtins_generate_internals_wrapper_implementation.py:
(BuiltinsInternalsWrapperImplementationGenerator.generate_section_for_object): Use splitted generation functions.
(BuiltinsInternalsWrapperImplementationGenerator.generate_visit_method): Response to generate the visit method.
(BuiltinsInternalsWrapperImplementationGenerator._generate_initialize_static_globals): Responsible to generate
the code to initialize the internal globals. This code is put in a global compilation guard in case all
internals are compiled out by specific builds.
(BuiltinsInternalsWrapperImplementationGenerator):
(BuiltinsInternalsWrapperImplementationGenerator.generate_initialize_method): Responsible to generate the
initialize method.
(BuiltinsInternalsWrapperImplementationGenerator.generate_methods): Deleted.
- Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result: Copyright change.
- Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result: Ditto.
- Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result: Ditto.
- Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result: Ditto.
- Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result: Reflects partially the built-in
generator change.
- 11:46 AM Changeset in webkit [203352] by
-
- 1 copy in branches/safari-602-branch
New Branch.
- 11:38 AM Changeset in webkit [203351] by
-
- 3 edits in trunk/Source/JavaScriptCore
Fix bad assertions in genericTypedArrayViewPrivateFuncSubarrayCreate
https://bugs.webkit.org/show_bug.cgi?id=159882
<rdar://problem/27327111>
Reviewed by Mark Lam.
According the spec toInteger can return values we don't consider ints.
Such as, -0 and +/-Infinity. This broke some assertions in
genericTypedArrayViewPrivateFuncSubarrayCreate.
- runtime/JSGenericTypedArrayViewPrototypeFunctions.h:
(JSC::genericTypedArrayViewPrivateFuncSubarrayCreate):
- tests/stress/typedarray-subarray.js:
- 11:32 AM Changeset in webkit [203350] by
-
- 10 edits in trunk
WTF::Lock should be fair eventually
https://bugs.webkit.org/show_bug.cgi?id=159384
Reviewed by Geoffrey Garen.
Source/WTF:
In https://webkit.org/blog/6161/locking-in-webkit/ we showed how relaxing the fairness of
locks makes them fast. That post presented lock fairness as a trade-off between two
extremes:
- Barging. A barging lock, like WTF::Lock, releases the lock in unlock() even if there was a thread on the queue. If there was a thread on the queue, the lock is released and that thread is made runnable. That thread may then grab the lock, or some other thread may grab the lock first (it may barge). Usually, the barging thread is the thread that released the lock in the first place. This maximizes throughput but hurts fairness. There is no good theoretical bound on how unfair the lock may become, but empirical data suggests that it's fair enough for the cases we previously measured.
- FIFO. A FIFO lock, like HandoffLock in ToyLocks.h, does not release the lock in unlock() if there is a thread waiting. If there is a thread waiting, unlock() will make that thread runnable and inform it that it now holds the lock. This ensures perfect round-robin fairness and allows us to reason theoretically about how long it may take for a thread to grab the lock. For example, if we know that only N threads are running and each one may contend on a critical section, and each one may hold the lock for at most S seconds, then the time it takes to grab the lock is N * S. Unfortunately, FIFO locks perform very badly in most cases. This is because for the common case of short critical sections, they force a context switch after each critical section if the lock is contended.
This change makes WTF::Lock almost as fair as FIFO while still being as fast as barging.
Thanks to this new algorithm, you can now have both of these things at the same time.
This change makes WTF::Lock eventually fair. We can almost (more on the caveats below)
guarantee that the time it takes to grab a lock is N * max(1ms, S). In other words, critical
sections that are longer than 1ms are always fair. For shorter critical sections, the amount
of time that any thread waits is 1ms times the number of threads. There are some caveats
that arise from our use of randomness, but even then, in the limit as the critical section
length goes to infinity, the lock becomes fair. The corner cases are unlikely to happen; our
experiments show that the lock becomes exactly as fair as a FIFO lock for any critical
section that is 1ms or longer.
The fairness mechanism is broken into two parts. WTF::Lock can now choose to unlock a lock
fairly or unfairly thanks to the new ParkingLot token mechanism. WTF::Lock knows when to use
fair unlocking based on a timeout mechanism in ParkingLot called timeToBeFair.
ParkingLot::unparkOne() and ParkingLot::parkConditionally() can now communicate with each
other via a token. unparkOne() can pass a token, which parkConditionally() will return. This
change also makes parkConditionally() a lot more precise about when it was unparked due to a
call to unparkOne(). If unparkOne() is told that a thread was unparked then this thread is
guaranteed to report that it was unparked rather than timing out, and that thread is
guaranteed to get the token that unparkOne() passed. The token is an intptr_t. We use it as
a boolean variable in WTF::Lock, but you could use it to pass arbitrary data structures. By
default, the token is zero. WTF::Lock's unlock() will pass 1 as the token if it is doing
fair unlocking. In that case, unlock() will not release the lock, and lock() will know that
it holds the lock as soon as parkConditionally() returns. Note that this algorithm relies
on unparkOne() invoking WTF::Lock's callback while the queue lock is held, so that WTF::Lock
can make a decision about unlock strategy and inject a token while it has complete knowledge
over the state of the queue. As such, it's not immediately obvious how to implement this
algorithm on top of futexes. You really need ParkingLot!
WTF::Lock does not use fair unlocking every time. We expose a new API, Lock::unlockFairly(),
which forces the fair unlocking behavior. Additionally, ParkingLot now maintains a
per-bucket stochastic fairness timeout. When the timeout fires, the unparkOne() callback
sees UnparkResult::timeToBeFair = true. This timeout is set to be anywhere from 0ms to 1ms
at random. When a dequeue happens and there are threads that actually get dequeued, we check
if the time since the last unfair unlock (the last time timeToBeFair was set to true) is
more than the timeout amount. If so, then we set timeToBeFair to true and reset the timeout.
This means that in the absence of ParkingLot collisions, unfair unlocking is guaranteed to
happen at least once per millisecond. It will happen at 2 KHz on average. If there are
collisions, then each collision adds one millisecond to the worst case (and 0.5 ms to the
average case). The reason why we don't just use a fixed 1ms timeout is that we want to avoid
resonance. Imagine a program in which some thread acquires a lock at 1 KHz in-phase with the
timeToBeFair timeout. Then this thread would be the benefactor of fairness to the detriment
of everyone else. Randomness ensures that we aren't too fair to any one thread.
Empirically, this is neutral on our major benchmarks like JetStream but it's an enormous
improvement in LockFairnessTest. It's common for an unfair lock (either our BargingLock, the
old WTF::Lock, any of the other futex-based locks that barge, or new os_unfair_lock) to
allow only one thread to hold the lock during a whole second in which each thread is holding
the lock for 1ms at a time. This is because in a barging lock, releasing a lock after
holding it for 1ms and then reacquiring it immediately virtually ensures that none of the
other threads can wake up in time to grab it before it's relocked. But the new WTF::Lock
handles this case like a champ: each thread gets equal turns.
Here's some data. If we launch 10 threads and have each of them run for 1 second while
repeatedly holding a critical section for 1ms, then here's how many times each thread gets
to hold the lock using the old WTF::Lock algorithm:
799, 6, 1, 1, 1, 1, 1, 1, 1, 1
One thread hogged the lock for almost the whole time! With the new WTF::Lock, the lock
becomes totally fair:
80, 79, 79, 79, 79, 79, 79, 80, 80, 79
I don't know of anyone creating such an automatically-fair adaptive lock before, so I think
that this is a pretty awesome advancement to the state of the art!
This change is good for three reasons:
- We do have long critical sections in WebKit and we don't want to have to worry about starvation. This reduces the likelihood that we will see starvation due to our lock strategy.
- I was talking to ggaren about bmalloc's locking needs, and he wanted unlockFairly() or lockFairly() or some moral equivalent for the scavenger thread.
- If we use a WTF::Lock to manage heap access in a multithreaded GC, we'll need the ability to unlock and relock without barging.
- benchmarks/LockFairnessTest.cpp:
(main):
- benchmarks/ToyLocks.h:
- wtf/Condition.h:
(WTF::ConditionBase::waitUntil):
(WTF::ConditionBase::notifyOne):
- wtf/Lock.cpp:
(WTF::LockBase::lockSlow):
(WTF::LockBase::unlockSlow):
(WTF::LockBase::unlockFairlySlow):
(WTF::LockBase::unlockSlowImpl):
- wtf/Lock.h:
(WTF::LockBase::try_lock):
(WTF::LockBase::unlock):
(WTF::LockBase::unlockFairly):
(WTF::LockBase::isHeld):
(WTF::LockBase::isFullyReset):
- wtf/ParkingLot.cpp:
(WTF::ParkingLot::parkConditionallyImpl):
(WTF::ParkingLot::unparkOne):
(WTF::ParkingLot::unparkOneImpl):
(WTF::ParkingLot::unparkAll):
- wtf/ParkingLot.h:
(WTF::ParkingLot::parkConditionally):
(WTF::ParkingLot::compareAndPark):
(WTF::ParkingLot::unparkOne):
Tools:
- TestWebKitAPI/Tests/WTF/ParkingLot.cpp:
- 10:43 AM Changeset in webkit [203349] by
-
- 2 edits in trunk/Source/WebCore
Add preload to features.json
https://bugs.webkit.org/show_bug.cgi?id=159872
Reviewed by Darin Adler.
No new tests but no functional change.
- features.json:
- 9:17 AM Changeset in webkit [203348] by
-
- 2 edits in trunk
"make ARCHS=x86_64" fails to build
https://bugs.webkit.org/show_bug.cgi?id=159867
Reviewed by Dan Bernstein.
- Makefile.shared: Override VALID_ARCHS when ARCHS is set, so that even projects
that normally customize VALID_ARCHS wouldn't fail to build.
- 6:41 AM Changeset in webkit [203347] by
-
- 6 edits in trunk
[Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
https://bugs.webkit.org/show_bug.cgi?id=159870
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-18
Reviewed by Xabier Rodriguez-Calvar.
LayoutTests/imported/w3c:
- web-platform-tests/streams/readable-streams/bad-strategies.https-expected.txt:
Source/WebCore:
Covered by rebased test.
- Modules/streams/StreamInternals.js:
(validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
LayoutTests:
- streams/reference-implementation/bad-strategies.html: Reflecting isNaN change in WritableStream test.
- 6:24 AM MathML/Fonts edited by
- Update supported MATH constants (diff)
- 5:41 AM Changeset in webkit [203346] by
-
- 2 edits in trunk/Source/WebCore
Windows buildfix after r203338
https://bugs.webkit.org/show_bug.cgi?id=159875
Unreviewed buildfix.
- dom/UserGestureIndicator.h:
(WebCore::UserGestureToken::addDestructionObserver):
- 3:39 AM Changeset in webkit [203345] by
-
- 1 copy in releases/WebKitGTK/webkit-2.13.3
WebKitGTK+ 2.13.3
- 3:35 AM Changeset in webkit [203344] by
-
- 4 edits in trunk
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.13.3 release.
.:
- Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit2:
- gtk/NEWS: Add release notes for 2.13.3.
- 2:24 AM Changeset in webkit [203343] by
-
- 2 edits in trunk/Source/WebKit2
[Mac][cmake] Unreviewed buildfix after r203338. Just for fun.
- PlatformMac.cmake:
- 2:04 AM Changeset in webkit [203342] by
-
- 18 edits1 copy2 adds in trunk/Source
MemoryPressureHandler doesn't work if cgroups aren't present in Linux
https://bugs.webkit.org/show_bug.cgi?id=155255
Reviewed by Sergio Villar Senin.
Source/WebCore:
Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
available.
- platform/MemoryPressureHandler.h:
- platform/linux/MemoryPressureHandlerLinux.cpp:
Source/WebKit2:
There's no way to get notifications about memory pressure in Linux without using cgroups that doesn't require a
manual polling. We can get that information from /proc/meminfo, but that's not pollable so it requires to
manually check its contents in a loop sleeping for a while between checks. This means we would be waking up the
process on every poll iteration, most of the times for nothing. That's specially problematic on devices running
on battery. And taking into account that there's a memory pressure handler in every secondary process (Web,
Network and Plugin), we would be waking up all those process all the time. However, not having a memory pressure
handler is even more problematic than the manual polling.
This patch adds a class MemoryPressureMonitor to the manual polling of /proc/meminfo, but runs in the UI
process, to avoid the weakups in all other secondary processes, and uses an eventFD to notify all other
processes. It's only used in case cgroups is not available. The eventFD descriptor is sent to all other
processes at startup, and passed to the MemoryPressureHandler before install() is called for the first
time. To minimize the wakeups even in the UI process, the poll interval is calculated from 1 to 5 seconds
depending on the current memory used, so in case of low memory level we sleep for a longer time.
It's also important to make the memory calculations as accurate as possible to avoid cleaning resources in the
secondary processes unnecessarily.
- NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::initializeNetworkProcess): Pass the memory pressure monitor file descriptor to the MemoryPressureHandler.
- NetworkProcess/NetworkProcess.h:
- NetworkProcess/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode): Encode memory pressure monitor handle.
(WebKit::NetworkProcessCreationParameters::decode): Decode memory pressure monitor handle.
- NetworkProcess/NetworkProcessCreationParameters.h:
- PlatformEfl.cmake: Add new file to compilation, and update include dirs.
- PlatformGTK.cmake: Ditto.
- PluginProcess/PluginProcess.cpp:
(WebKit::PluginProcess::initializePluginProcess): Pass the memory pressure monitor file descriptor to the MemoryPressureHandler.
- Shared/Plugins/PluginProcessCreationParameters.cpp:
(WebKit::PluginProcessCreationParameters::encode): Encode memory pressure monitor handle.
(WebKit::PluginProcessCreationParameters::decode): Decode memory pressure monitor handle.
- Shared/Plugins/PluginProcessCreationParameters.h:
- Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode): Encode memory pressure monitor handle.
(WebKit::WebProcessCreationParameters::decode): Decode memory pressure monitor handle.
- Shared/WebProcessCreationParameters.h:
- UIProcess/Plugins/PluginProcessProxy.cpp:
(WebKit::PluginProcessProxy::didFinishLaunching): Create the memory pressure monitor handle for the plugin
process if needed.
- UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::ensureNetworkProcess): Create the memory pressure monitor handle for the network
process if needed.
(WebKit::WebProcessPool::createNewWebProcess): Create the memory pressure monitor handle for the web process if
needed.
- UIProcess/linux/MemoryPressureMonitor.cpp: Added.
(WebKit::lowWatermarkPages):
(WebKit::systemPageSize):
(WebKit::calculateMemoryAvailable):
(WebKit::systemMemoryUsedAsPercentage):
(WebKit::pollIntervalForUsedMemoryPercentage):
(WebKit::isSystemdMemoryPressureMonitorAvailable):
(WebKit::MemoryPressureMonitor::isEnabled):
(WebKit::MemoryPressureMonitor::singleton):
(WebKit::MemoryPressureMonitor::MemoryPressureMonitor):
(WebKit::MemoryPressureMonitor::createHandle):
- UIProcess/linux/MemoryPressureMonitor.h:
- WebProcess/WebProcess.cpp:
(WebKit::WebProcess::initializeWebProcess): Pass the memory pressure monitor file descriptor to the MemoryPressureHandler.