Timeline



Dec 28, 2016:

7:10 PM Changeset in webkit [210203] by sbarati@apple.com
  • 4 edits
    1 add in trunk

WebAssembly: Don't allow duplicate export names
https://bugs.webkit.org/show_bug.cgi?id=166490
<rdar://problem/29815000>

Reviewed by Keith Miller.

JSTests:

  • wasm.yaml:
  • wasm/function-tests/invalid-duplicate-export.js: Added.

Source/JavaScriptCore:

  • wasm/WasmModuleParser.cpp:
4:18 PM Changeset in webkit [210202] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed. Fix jsc.cpp build error.

  • jsc.cpp:

(functionTestWasmModuleFunctions):

4:06 PM Changeset in webkit [210201] by sbarati@apple.com
  • 40 edits
    5 adds in trunk

WebAssembly: Implement grow_memory and current_memory
https://bugs.webkit.org/show_bug.cgi?id=166448
<rdar://problem/29803676>

Reviewed by Keith Miller.

JSTests:

I rewrote some of the testWasmModuleFunctions that used Memory to use
the JS API since the jsc.cpp version can no longer use memory.

  • wasm.yaml:
  • wasm/function-tests/add-12.js:

(testWasmModuleFunctions):

  • wasm/function-tests/br-if-loop-less-than.js:

(testWasmModuleFunctions):

  • wasm/function-tests/brTableAsIf.js:

(testWasmModuleFunctions):

  • wasm/function-tests/brTableManyValues.js:

(testWasmModuleFunctions):

  • wasm/function-tests/brTableWithLoop.js:

(testWasmModuleFunctions):

  • wasm/function-tests/dumb-eq-if-then-else.js:
  • wasm/function-tests/eqz.js:
  • wasm/function-tests/grow-memory-2.js: Added.

(const.func):
(assert.eq.instance.exports.foo):

  • wasm/function-tests/grow-memory-3.js: Added.
  • wasm/function-tests/grow-memory-4.js: Added.

(const.func):

  • wasm/function-tests/grow-memory.js: Added.

(binaryShouldNotParse):
(assert.truthy):
(assert.eq):
(memory.grow):

  • wasm/function-tests/i32-load.js:

(testWasmModuleFunctions):

  • wasm/function-tests/i32-load8-s.js:
  • wasm/function-tests/max.js:
  • wasm/function-tests/min.js:
  • wasm/js-api/memory-grow.js: Added.

(i.i):
(assertEq):

  • wasm/js-api/test_memory.js:
  • wasm/wasm.json:

Source/JavaScriptCore:

This patch implements grow_memory, current_memory, and WebAssembly.prototype.grow.
See relevant spec texts here:

https://github.com/WebAssembly/design/blob/master/Semantics.md#linear-memory-accesses
https://github.com/WebAssembly/design/blob/master/JS.md#webassemblymemoryprototypegrow

I also fix a couple miscellaneous bugs:

  1. Data section now understands full init_exprs.
  2. parseVarUint1 no longer has a bug where we allow values larger than 1 if

their bottom 8 bits are zero.

Since the JS API can now grow memory, we need to make calling an import
and call_indirect refresh the base memory register and the size registers.

  • jsc.cpp:

(functionTestWasmModuleFunctions):

  • runtime/Options.h:
  • runtime/VM.h:
  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::reloadPinnedRegisters):
(JSC::Wasm::B3IRGenerator::emitReloadPinnedRegisters):
(JSC::Wasm::createJSToWasmWrapper):
(JSC::Wasm::parseAndCompile):

  • wasm/WasmFormat.cpp:

(JSC::Wasm::Segment::create):

  • wasm/WasmFormat.h:

(JSC::Wasm::I32InitExpr::I32InitExpr):
(JSC::Wasm::I32InitExpr::globalImport):
(JSC::Wasm::I32InitExpr::constValue):
(JSC::Wasm::I32InitExpr::isConst):
(JSC::Wasm::I32InitExpr::isGlobalImport):
(JSC::Wasm::I32InitExpr::globalImportIndex):
(JSC::Wasm::Segment::byte):
(JSC::Wasm::ModuleInformation::importFunctionCount):
(JSC::Wasm::ModuleInformation::hasMemory):

  • wasm/WasmFunctionParser.h:
  • wasm/WasmMemory.cpp:

(JSC::Wasm::Memory::Memory):
(JSC::Wasm::Memory::grow):

  • wasm/WasmMemory.h:

(JSC::Wasm::Memory::size):
(JSC::Wasm::Memory::sizeInPages):
(JSC::Wasm::Memory::offsetOfMemory):
(JSC::Wasm::Memory::isValid): Deleted.
(JSC::Wasm::Memory::grow): Deleted.

  • wasm/WasmModuleParser.cpp:

(JSC::Wasm::makeI32InitExpr):

  • wasm/WasmModuleParser.h:
  • wasm/WasmPageCount.h:

(JSC::Wasm::PageCount::bytes):
(JSC::Wasm::PageCount::pageCount):
(JSC::Wasm::PageCount::fromBytes):
(JSC::Wasm::PageCount::operator+):

  • wasm/WasmParser.h:

(JSC::Wasm::Parser<SuccessType>::parseVarUInt1):

  • wasm/WasmValidate.cpp:
  • wasm/js/JSWebAssemblyInstance.h:

(JSC::JSWebAssemblyInstance::offsetOfMemory):

  • wasm/js/JSWebAssemblyMemory.cpp:

(JSC::JSWebAssemblyMemory::~JSWebAssemblyMemory):
(JSC::JSWebAssemblyMemory::grow):

  • wasm/js/JSWebAssemblyMemory.h:

(JSC::JSWebAssemblyMemory::offsetOfMemory):

  • wasm/js/JSWebAssemblyModule.h:

(JSC::JSWebAssemblyModule::functionImportCount):
(JSC::JSWebAssemblyModule::jsEntrypointCalleeFromFunctionIndexSpace):
(JSC::JSWebAssemblyModule::wasmEntrypointCalleeFromFunctionIndexSpace):
(JSC::JSWebAssemblyModule::importCount): Deleted.

  • wasm/js/WebAssemblyFunction.cpp:

(JSC::callWebAssemblyFunction):

  • wasm/js/WebAssemblyInstanceConstructor.cpp:

(JSC::constructJSWebAssemblyInstance):

  • wasm/js/WebAssemblyMemoryConstructor.cpp:

(JSC::constructJSWebAssemblyMemory):

  • wasm/js/WebAssemblyMemoryPrototype.cpp:

(JSC::getMemory):
(JSC::webAssemblyMemoryProtoFuncBuffer):
(JSC::webAssemblyMemoryProtoFuncGrow):

  • wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::link):
(JSC::dataSegmentFail):
(JSC::WebAssemblyModuleRecord::evaluate):

  • wasm/wasm.json:
6:36 AM Changeset in webkit [210200] by clopez@igalia.com
  • 4 edits in trunk/LayoutTests

[Gardening] Remove INDIE_UI related entries from TestExpectation files.
https://bugs.webkit.org/show_bug.cgi?id=165881

Unreviewed.

  • platform/efl/TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/win/TestExpectations:
4:16 AM Changeset in webkit [210199] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r206637 - Unreviewed, fix 32-bit build.

  • loader/cache/CachedImage.cpp:

(WebCore::CachedImage::decodedSizeChanged):

4:15 AM Changeset in webkit [210198] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.14

Merge r206635 - Change the MemoryCache and CachedResource adjustSize functions to take a long argument
https://bugs.webkit.org/show_bug.cgi?id=162708
<rdar://problem/28555702>

Reviewed by Brent Fulgham.

Source/WebCore:

Because the MemoryCache stores the size of the cached memory in unsigned,
two problems my happen when reporting a change in the size of the memory:

  1. Signed integer overflow -- which can happen because MemoryCache::adjustSize() takes a signed integer argument. If the allocated or the freed memory size is larger than the maximum of a signed integer, an overflow will happen. For the image caching code, this can be seen where the unsigned decodedSize is casted to an integer before passing it to ImageObserver::decodedSizeChanged().
  1. Unsigned integer overflow -- which can happen if the new allocated memory size plus the currentSize exceeds the maximum of unsigned. This can be seen in MemoryCache::adjustSize() where we add delta to m_liveSize or m_deadSize without checking whether this addition will overflow or not. We do not assert for overflow although we assert for underflow.

The fix for these two problems can be the following:

  1. Make all the adjustSize functions all the way till MemoryCache::adjustSize() take a signed long integer argument.
  1. Do not create a NativeImagePtr for an ImageFrame if its frameBytes plus the ImageFrameCache::decodedSize() will exceed the maximum of an unsigned integer.
  • loader/cache/CachedImage.cpp:

(WebCore::CachedImage::decodedSizeChanged): Change the argument to be long. No overflow will happen when casting the argument from unsigned to long.

  • loader/cache/CachedImage.h:
  • loader/cache/CachedResource.cpp:

(WebCore::CachedResource::setDecodedSize): Use long integer casting when calling MemoryCache::adjustSize().
(WebCore::CachedResource::setEncodedSize): Ditto.

  • loader/cache/MemoryCache.cpp:

(WebCore::MemoryCache::MemoryCache): Add as static assert to ensure sizeof(long long) can hold any unsigned or its negation.
(WebCore::MemoryCache::revalidationSucceeded): Use long integer casting when calling MemoryCache::adjustSize().
(WebCore::MemoryCache::remove): Ditto.
(WebCore::MemoryCache::adjustSize): Change the function argument to long integer. No overflow will happen when casting the argument from unsigned to long.

  • loader/cache/MemoryCache.h:
  • platform/graphics/ImageFrameCache.cpp:

(WebCore::ImageFrameCache::destroyIncompleteDecodedData): Call a function with its new name.
(WebCore::ImageFrameCache::decodedSizeChanged): Change the function argument to long integer. No overflow will happen when casting the argument from unsigned to long.
(WebCore::ImageFrameCache::decodedSizeIncreased): Use long integer casting when calling decodedSizeChanged().
(WebCore::ImageFrameCache::decodedSizeDecreased): Ditto.
(WebCore::ImageFrameCache::decodedSizeReset): Ditto.
(WebCore::ImageFrameCache::didDecodeProperties): Ditto.
(WebCore::ImageFrameCache::frameAtIndex): Do not create the NativeImage if adding its frameByes to the MemoryCache will cause numerical overflow.
(WebCore::ImageFrameCache::decodedSizeIncremented): Deleted. This function is renamed decodedSizeIncreased().
(WebCore::ImageFrameCache::decodedSizeDecremented): Deleted. This function is renamed decodedSizeDecreased().

  • platform/graphics/ImageFrameCache.h:
  • platform/graphics/ImageObserver.h:
  • platform/graphics/IntSize.h:

(WebCore::IntSize::unclampedArea): Returns the area of an IntSize in size_t.

  • platform/graphics/cg/PDFDocumentImage.cpp:

(WebCore::PDFDocumentImage::decodedSizeChanged): Use long integer casting when calling ImageObserver::decodedSizeChanged().

LayoutTests:

3:06 AM Changeset in webkit [210197] by svillar@igalia.com
  • 3 edits in trunk/Source/WebCore

[css-grid] Move Grid into GridSizingData
https://bugs.webkit.org/show_bug.cgi?id=165654

Reviewed by Darin Adler.

The grid track sizing algorithm has been using the m_grid attribute from RenderGrid to
compute the sizes of the tracks unconditionally. However the goal is to make it work against
a generic instance of the Grid class, so that the intrinsic size computation and the layout
processes could be effectively decoupled.

Instead of passing the Grid as a new argument to all the track sizing algorithm methods we
leverage the existence of GridSizingData which is already passed to all of them. This data
structure holds from now on a reference to the Grid instance so that the track sizing
algorithm could use it.

No new tests as this is a refactoring.

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::GridSizingData::GridSizingData):
(WebCore::RenderGrid::GridSizingData::grid):
(WebCore::RenderGrid::computeTrackBasedLogicalHeight):
(WebCore::RenderGrid::computeTrackSizesForDirection):
(WebCore::RenderGrid::repeatTracksSizingIfNeeded):
(WebCore::RenderGrid::layoutBlock):
(WebCore::RenderGrid::guttersSize):
(WebCore::RenderGrid::computeIntrinsicLogicalWidths):
(WebCore::RenderGrid::computeIntrinsicLogicalHeight):
(WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
(WebCore::RenderGrid::computeFlexSizedTracksGrowth):
(WebCore::RenderGrid::computeFlexFactorUnitSize):
(WebCore::RenderGrid::findFlexFactorUnitSize):
(WebCore::RenderGrid::rawGridTrackSize):
(WebCore::RenderGrid::gridTrackSize):
(WebCore::RenderGrid::spanningItemCrossesFlexibleSizedTracks):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
(WebCore::RenderGrid::tracksAreWiderThanMinTrackBreadth):
(WebCore::RenderGrid::trackSizesForComputedStyle):
(WebCore::RenderGrid::applyStretchAlignmentToTracksIfNeeded):
(WebCore::RenderGrid::layoutGridItems):
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
(WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
(WebCore::RenderGrid::gridAreaBreadthForChild):
(WebCore::RenderGrid::gridAreaBreadthForChildIncludingAlignmentOffsets):
(WebCore::RenderGrid::populateGridPositionsForDirection):
(WebCore::RenderGrid::columnAxisOffsetForChild):
(WebCore::RenderGrid::rowAxisOffsetForChild):
(WebCore::RenderGrid::findChildLogicalPosition):
(WebCore::RenderGrid::numTracks):
(WebCore::RenderGrid::paintChildren):

  • rendering/RenderGrid.h:
3:04 AM Changeset in webkit [210196] by Carlos Garcia Campos
  • 15 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r208168 - Do a better job of protecting Frame objects in the context of JavaScript calls
https://bugs.webkit.org/show_bug.cgi?id=164163
<rdar://problem/28955249>

Reviewed by Darin Adler.

Source/WebCore:

  • editing/AlternativeTextController.cpp:

(WebCore::AlternativeTextController::respondToUnappliedSpellCorrection): Protected the Frame.

  • editing/Editor.cpp:

(WebCore::Editor::setTextAsChildOfElement): Ditto.

  • editing/EditorCommand.cpp:

(WebCore::executeSwapWithMark): Ditto.

  • editing/TypingCommand.cpp:

(WebCore::TypingCommand::deleteKeyPressed): Ditto.
(WebCore::TypingCommand::forwardDeleteKeyPressed): Ditto.

  • editing/mac/EditorMac.mm:

(WebCore::Editor::replaceNodeFromPasteboard): Ditto.

  • page/ContextMenuController.cpp:

(WebCore::ContextMenuController::contextMenuItemSelected): Ditto.

  • page/DOMSelection.cpp:

(WebCore::DOMSelection::collapse): Ditto.
(WebCore::DOMSelection::collapseToEnd): Ditto.
(WebCore::DOMSelection::collapseToStart): Ditto.
(WebCore::DOMSelection::setBaseAndExtent): Ditto.
(WebCore::DOMSelection::setPosition): Ditto.
(WebCore::DOMSelection::modify): Ditto.
(WebCore::DOMSelection::extend): Ditto.
(WebCore::DOMSelection::addRange): Ditto.
(WebCore::DOMSelection::deleteFromDocument): Ditto.

  • page/DragController.cpp:

(WebCore::setSelectionToDragCaret): Ditto.
(WebCore::DragController::startDrag): Ditto.

  • page/Frame.cpp:

(WebCore::Frame::checkOverflowScroll): Ditto.

  • page/TextIndicator.cpp:

(WebCore::TextIndicator::createWithRange): Ditto.

Source/WebKit2:

  • WebProcess/InjectedBundle/DOM/InjectedBundleRangeHandle.cpp:

(WebKit::InjectedBundleRangeHandle::renderedImage): Protected the Frame.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::insertTextAsync): Ditto.
(WebKit::WebPage::setComposition): Ditto.

  • WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::insertDictatedTextAsync): Ditto.

2:37 AM Changeset in webkit [210195] by Carlos Garcia Campos
  • 9 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r208003 - Prevent hit tests from being performed on an invalid render tree
https://bugs.webkit.org/show_bug.cgi?id=163877
<rdar://problem/28675761>

Reviewed by Simon Fraser.

Source/WebCore:

Changeset r200971 added code to ensure that layout is up-to-date before hit testing, but did
so only for the main frame. It was still possible to enter cross-frame hit testing with a
subframe needing style recalc. In that situation, the subframe's updateLayout() would get
called, which could trigger a compositing change that marked the parent frame as needing style
recalc. A subsequent layout on the parent frame (for example by hit testing traversing into
a second subframe) could then mutate the parent frame's layer tree while hit testing was
traversing it.

This patch modifies the hit test logic to ensure that a recursive layout is performed so that
we always perform hit tests on a clean set of frames. It also adds some assertions to warn
us if we encounter this invalid state.

Tested by fast/layers/prevent-hit-test-during-layout.html.

  • dom/Document.cpp:

(WebCore::Document::scheduleStyleRecalc): Assert that we are not hit testing
during style recalculation.

  • page/EventHandler.cpp:

(WebCore::EventHandler::hitTestResultAtPoint): Ensure that we have a clean render tree
when hit testing.

  • page/FrameView.cpp:

(WebCore::FrameView::setNeedsLayout): Assert that we are not in the process of hit testing
when we schedule a layout.

  • rendering/RenderView.cpp:

(WebCore::RenderView::hitTest): Mark RenderView as in an active hit test.

  • rendering/RenderView.h:

LayoutTests:

  • fast/layers/prevent-hit-test-during-layout-expected.txt: Added.
  • fast/layers/prevent-hit-test-during-layout.html: Added.
  • platform/efl/TestExpectations: Skip on this platform.
  • platform/gtk/TestExpectations: Skip on this platform.
  • platform/ios-simulator/TestExpectations: Skip on this platform.
  • platform/win/TestExpectations: Skip on this platform.
2:30 AM Changeset in webkit [210194] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r207930 - Ignore out-of-flow siblings when searching for a spanner candidate.
https://bugs.webkit.org/show_bug.cgi?id=164042.
<rdar://problem/28758456>

Reviewed by Simon Fraser.

Source/WebCore:

While searching for the spanner candidates in a flow thread, we have to take into account
whether renderers are in- or out-of-flow.
What it means is that while traversing the renderer tree to find the the candidate
renderer (next sibling/ancestor's next child in pre-order traversal), we have to check if the candidate
is in the same layout context too.

Test: fast/multicol/crash-when-spanner-candidate-is-out-of-flow.html

  • rendering/RenderMultiColumnFlowThread.cpp:

(WebCore::spannerPlacehoderCandidate):
(WebCore::RenderMultiColumnFlowThread::processPossibleSpannerDescendant):

LayoutTests:

  • fast/multicol/crash-when-spanner-candidate-is-out-of-flow-expected.txt: Added.
  • fast/multicol/crash-when-spanner-candidate-is-out-of-flow.html: Added.
2:28 AM Changeset in webkit [210193] by Carlos Garcia Campos
  • 20 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r207708 - Bug 163762: IntSize::area() should used checked arithmetic
<https://webkit.org/b/163762>

Reviewed by Darin Adler.

Source/WebCore:

No new tests since no change in nominal behavior.

  • platform/graphics/IntSize.h:

(WebCore::IntSize::area): Change to return a
Checked<unsigned, T> value. Use WTF:: namespace to avoid
including another header.

  • platform/graphics/IntRect.h:

(WebCore::IntRect::area): Ditto.

The remaining changes are to use the Checked<unsigned> return
value of IntSize::area() and IntRect::area() correctly in
context, in addition to items noted below.

  • html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::isTopLevelFullPagePlugin):
Declare contentWidth and contentHeight as float values to
prevent overflow when computing the area, and to make the
inequality comparison in the return statement uses the same type
for both sides.

  • html/ImageData.cpp:

(WebCore::ImageData::ImageData):

  • html/MediaElementSession.cpp:

(WebCore::isElementRectMostlyInMainFrame):

  • platform/graphics/ImageBackingStore.h:

(WebCore::ImageBackingStore::setSize): Restructure logic to
compute area only once.
(WebCore::ImageBackingStore::clear):

  • platform/graphics/ImageFrame.h:

(WebCore::ImageFrame::frameBytes):

  • platform/graphics/ImageSource.cpp:

(WebCore::ImageSource::maximumSubsamplingLevel):

  • platform/graphics/ca/LayerPool.cpp:

(WebCore::LayerPool::backingStoreBytesForSize):

  • platform/graphics/cg/ImageDecoderCG.cpp:

(WebCore::ImageDecoder::frameBytesAtIndex):

  • platform/graphics/filters/FEGaussianBlur.cpp:

(WebCore::FEGaussianBlur::platformApplySoftware):

  • platform/graphics/filters/FilterEffect.cpp:

(WebCore::FilterEffect::asUnmultipliedImage):
(WebCore::FilterEffect::asPremultipliedImage):
(WebCore::FilterEffect::copyUnmultipliedImage):
(WebCore::FilterEffect::copyPremultipliedImage):
(WebCore::FilterEffect::createUnmultipliedImageResult):
(WebCore::FilterEffect::createPremultipliedImageResult):

  • platform/graphics/win/ImageBufferDataDirect2D.cpp:

(WebCore::ImageBufferData::getData): Update overflow check,
rename local variable to numBytes, and compute numBytes once.

  • platform/graphics/win/ImageDecoderDirect2D.cpp:

(WebCore::ImageDecoder::frameBytesAtIndex):

  • platform/image-decoders/ImageDecoder.cpp:

(WebCore::ImageDecoder::frameBytesAtIndex):

  • platform/ios/LegacyTileLayerPool.mm:

(WebCore::LegacyTileLayerPool::bytesBackingLayerWithPixelSize):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::requiresCompositingForCanvas):

  • rendering/shapes/Shape.cpp:

(WebCore::Shape::createRasterShape):

Source/WebKit2:

  • Shared/ShareableBitmap.cpp:

(WebKit::ShareableBitmap::create): Add overflow check and return
nullptr on overflow.
(WebKit::ShareableBitmap::createShareable): Ditto.
(WebKit::ShareableBitmap::create): Change debug assert for
adequate buffer size check into release check.

  • Shared/ShareableBitmap.h:

(WebKit::ShareableBitmap::numBytesForSize): Change to return a
Checked<unsigned, RecordOverflow> value.
(WebKit::ShareableBitmap::sizeInBytes):

  • Shared/cairo/ShareableBitmapCairo.cpp:

(WebKit::ShareableBitmap::numBytesForSize): Ditto.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _takeViewSnapshot]): Call unsafeGet().

Tools:

  • TestWebKitAPI/Tests/WebCore/IntRect.cpp:

(TestWebKitAPI::TEST): Call unsafeGet().

  • TestWebKitAPI/Tests/WebCore/IntSize.cpp:

(TestWebKitAPI::TEST): Ditto.

1:59 AM Changeset in webkit [210192] by Gyuyoung Kim
  • 2 edits in trunk/LayoutTests

[EFL] Gardening on 28th Dec.

Unreviewed EFL gardening.

  • platform/efl/TestExpectations: Mark failing tests to Failure or ImageOnlyFailure.
1:47 AM Changeset in webkit [210191] by Carlos Garcia Campos
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r207692 - SVG should not paint selection within a mask
https://bugs.webkit.org/show_bug.cgi?id=163772
<rdar://problem/28705129>

Reviewed by Simon Fraser.

Source/WebCore:

When masking content, we shouldn't paint the text
selection as we are rendering into the masking
offscreen buffer.

Test: svg/masking/mask-should-not-paint-selection.html

  • rendering/PaintPhase.h: Add a new behavior - PaintBehaviorSkipSelectionHighlight.
  • rendering/svg/SVGInlineTextBox.cpp:

(WebCore::SVGInlineTextBox::paint): Don't update the selectionStyle if
PaintBehaviorSkipSelectionHighlight is true.

  • rendering/svg/SVGRenderingContext.cpp:

(WebCore::SVGRenderingContext::renderSubtreeToImageBuffer): Add PaintBehaviorSkipSelectionHighlight
to the PaintInfo.

LayoutTests:

  • svg/masking/mask-should-not-paint-selection-expected.html: Added.
  • svg/masking/mask-should-not-paint-selection.html: Added.
1:40 AM Changeset in webkit [210190] by Carlos Garcia Campos
  • 14 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r207229 - Web Inspector: Improve support for logging Proxy objects in console
https://bugs.webkit.org/show_bug.cgi?id=163323
<rdar://problem/28432553>

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

This is based off of similiar patches in Blink for Proxy handling.

  • bindings/ScriptValue.cpp:

(Deprecated::ScriptValue::isEqual):
Use strict equality. This is the intent, and it prevents the possibility of triggering
primitive conversion on objects in previous ConsoleMessage argument lists.

  • inspector/InjectedScriptSource.js:

(InjectedScript.prototype._propertyDescriptors):
Bail if the object is a Proxy.

(InjectedScript.prototype._describe):
Provide a friendlier name, "Proxy" instead of "ProxyObject".

(InjectedScript.RemoteObject):
When generating a preview for a Proxy object, generate it from the final target
and mark it as lossy so that the object can always be expanded to get the internal
target/handler properties.

  • inspector/JSInjectedScriptHost.h:
  • inspector/JSInjectedScriptHost.cpp:

(Inspector::JSInjectedScriptHost::subtype):
New subtype for Proxy objects.

(Inspector::JSInjectedScriptHost::proxyTargetValue):
Resolve the final target value for a Proxy.

  • inspector/JSInjectedScriptHostPrototype.cpp:

(Inspector::JSInjectedScriptHostPrototype::finishCreation):
(Inspector::jsInjectedScriptHostPrototypeFunctionProxyTargetValue):
Add the new method.

  • inspector/ScriptArguments.cpp:

(Inspector::ScriptArguments::getFirstArgumentAsString):
Avoid triggering Proxy traps on a Proxy object when getting a quick
string description for ConsoleMessages.

  • inspector/protocol/Runtime.json:

Add new "proxy" subtype.

Source/WebInspectorUI:

  • UserInterface/Views/ConsoleMessageView.js:

(WebInspector.ConsoleMessageView.prototype._formatParameter):
Treat a Proxy like any other object.

LayoutTests:

  • inspector/console/console-log-proxy-expected.txt: Added.
  • inspector/console/console-log-proxy.html: Added.

Add a test specific to console logs of Proxy objects to ensure the get
trap is not used in different cases.

  • inspector/model/remote-object-expected.txt:
  • inspector/model/remote-object.html:
  • platform/mac/inspector/model/remote-object-expected.txt:

Update results for Proxy objects and include a test for a multi-level
Proxy object, which should preview the target.

1:35 AM Changeset in webkit [210189] by Carlos Garcia Campos
  • 59 edits
    7 adds in releases/WebKitGTK/webkit-2.14

Merge r206809 - Do not follow redirects when sending violation report
https://bugs.webkit.org/show_bug.cgi?id=162520
<rdar://problem/27957639>

Reviewed by Alex Christensen.

Source/WebCore:

Do not follow redirects when sending a Content Security Policy or XSS Auditor violation report
as redirects can be used to forward report details to a third-party.

This changes makes WebKit more closely conform to the reporting requirements in section Reporting
of the Content Security Level 2 standard: <https://w3c.github.io/webappsec-csp/2/#violation-reports>
(Editor's Draft, 25 April 2016).

Tests: http/tests/security/contentSecurityPolicy/report-blocked-uri-and-do-not-follow-redirect-when-sending-report.php

http/tests/security/xssAuditor/report-script-tag-and-do-not-follow-redirect-when-sending-report.html
http/tests/security/xssAuditor/report-script-tag-full-block-and-do-not-follow-redirect-when-sending-report.html

  • loader/LoaderStrategy.h: Modified createPingHandle() to take a boolean, shouldFollowRedirects,

whether to follow redirect responses for a ping request.

  • loader/PingLoader.cpp:

(WebCore::PingLoader::loadImage): Pass ShouldFollowRedirects::Yes to PingLoader::startPingLoad to
keep our current behavior.
(WebCore::PingLoader::sendPing): Ditto. Note our current behavior of following redirects matches
the behavior described in the section "Hyperlink auditing" of the HTML standard:
<https://html.spec.whatwg.org/multipage/semantics.html#hyperlink-auditing> (23 September 2016).
(WebCore::PingLoader::sendViolationReport): Pass ShouldFollowRedirects::No to PingLoader::startPingLoad
so that we do not follow redirects when sending a violation report.
(WebCore::PingLoader::startPingLoad): Modified to take argument shouldFollowRedirects whether to
follow redirect responses for a ping request.

  • loader/PingLoader.h:
  • platform/network/PingHandle.h: Add boolean m_shouldFollowRedirects. I grouped this boolean with

the existing boolean, m_shouldUseCredentialStorage, as opposed to appending to the end of the class
definition to avoid increasing object size as clang will coalesces the two bools into a single
machine word. Override ResourceHandleClient::willSendRequest() and ResourceHandleClient::willSendRequestAsync()
to follow a redirect, if applicable.

Source/WebKit:

Update implementation of legacy WebKit loader strategy to pass through a boolean,
shouldFollowRedirects, to PingHandle as to whether to follow redirect responses
for a ping request.

  • WebCoreSupport/WebResourceLoadScheduler.cpp:

(WebResourceLoadScheduler::createPingHandle):

  • WebCoreSupport/WebResourceLoadScheduler.h:

Source/WebKit2:

Update the non-Network Session WebKit2 implementation to follow redirect responses for a ping
request, if applicable. I did not update the Network Session implementation at this time. I
will fix it in <https://bugs.webkit.org/show_bug.cgi?id=162580>.

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::loadPing): Tell PingHandle whether to follow redirects.

  • NetworkProcess/NetworkLoadParameters.h:
  • NetworkProcess/NetworkResourceLoadParameters.cpp:

(WebKit::NetworkResourceLoadParameters::encode): Encode NetworkResourceLoadParameters::shouldFollowRedirects.
(WebKit::NetworkResourceLoadParameters::decode): Decode NetworkResourceLoadParameters::shouldFollowRedirects.

  • NetworkProcess/PingLoad.h: Added FIXME comment to implement support for following redirects,

if applicable (for hyperlink auditing). See <https://bugs.webkit.org/show_bug.cgi?id=162580>
for more details.

  • WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::WebLoaderStrategy::createPingHandle): Modified to take a boolean whether to follow
redirects responses and set NetworkResourceLoadParameters::shouldFollowRedirects as appropriate.

  • WebProcess/Network/WebLoaderStrategy.h:

LayoutTests:

Add tests for Content Security Policy and XSS Auditor to ensure that we do not follow redirects
when sending a violation report. Modified http/tests/security/contentSecurityPolicy/resources/save-report.php
to save the URL of the original ping request and conditionally clear cookies. Modified
http/tests/security/xssAuditor/resources/echo-intertag.pl to support testing for the XSS Auditor.
These changes together with the existing HTTP Host information that is saved with the report we can detect
if a redirect occurred when saving a report.

Updated expected results of existing tests now that we emit the URL of the ping request in the saved report.

  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/report-uri-effective-directive-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-and-enforce-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-blocked-data-uri-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-blocked-file-uri-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-blocked-uri-and-do-not-follow-redirect-when-sending-report-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/report-blocked-uri-and-do-not-follow-redirect-when-sending-report.php: Added.
  • http/tests/security/contentSecurityPolicy/report-blocked-uri-cross-origin-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-blocked-uri-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-when-private-browsing-enabled-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-when-private-browsing-toggled-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-only-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-only-from-header-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-only-upgrade-insecure-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-same-origin-no-cookies-when-private-browsing-toggled-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-same-origin-with-cookies-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-same-origin-with-cookies-when-private-browsing-enabled-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-status-code-zero-when-using-https-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-from-child-frame-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-from-inline-javascript-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-from-javascript-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-scheme-relative-expected.txt:
  • http/tests/security/contentSecurityPolicy/resources/save-report-and-redirect-to-save-report.php: Added.
  • http/tests/security/contentSecurityPolicy/resources/save-report.php:
  • http/tests/security/xssAuditor/report-script-tag-and-do-not-follow-redirect-when-sending-report-expected.txt: Added.
  • http/tests/security/xssAuditor/report-script-tag-and-do-not-follow-redirect-when-sending-report.html: Added.
  • http/tests/security/xssAuditor/report-script-tag-expected.txt:
  • http/tests/security/xssAuditor/report-script-tag-full-block-and-do-not-follow-redirect-when-sending-report-expected.txt: Added.
  • http/tests/security/xssAuditor/report-script-tag-full-block-and-do-not-follow-redirect-when-sending-report.html: Added.
  • http/tests/security/xssAuditor/report-script-tag-full-block-expected.txt:
  • http/tests/security/xssAuditor/report-script-tag-replace-state-expected.txt:
  • http/tests/security/xssAuditor/resources/echo-intertag.pl:
1:35 AM Changeset in webkit [210188] by Carlos Garcia Campos
  • 49 edits in releases/WebKitGTK/webkit-2.14

Merge r206278 - [CSP] Violation report may be sent to wrong domain on frame-ancestors violation
https://bugs.webkit.org/show_bug.cgi?id=162079
<rdar://problem/28321575>

Reviewed by Andy Estes.

Source/WebCore:

Fixes an issue where a CSP violation report may be sent to the wrong domain when the
frame-ancestors directive is violated. In particular, when the frame-ancestors directive
is violated for a page that specifies a report URI that is a relative URL then the
report URI would be resolved with respect to the parent frame's document URL and hence
be sent to the domain of the parent frame's document.

  • page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::reportViolation): Adjust the report URL with respect
to the blocked URL when we do not have a script execution context.

LayoutTests:

Modified http/tests/security/contentSecurityPolicy/resources/save-report.php to print the HTTP Host header as a means
to validate that the CSP violation report was sent to the appropriate host. Update test expectations.

Note that the presence of "localhost" in the HTTP Host header in the test results for tests
security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin.html and
security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https.html
verify that we resolve a relative URL CSP report URI with respect to the blocked URL.

  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https.html:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin.html:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https.html:
  • http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin.html:
  • http/tests/security/contentSecurityPolicy/1.1/report-uri-effective-directive-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
  • http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-and-enforce-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-blocked-data-uri-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-blocked-file-uri-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-blocked-uri-cross-origin-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-blocked-uri-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-when-private-browsing-enabled-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-when-private-browsing-toggled-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-only-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-only-from-header-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-only-upgrade-insecure-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-same-origin-no-cookies-when-private-browsing-toggled-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-same-origin-with-cookies-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-same-origin-with-cookies-when-private-browsing-enabled-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-status-code-zero-when-using-https-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-from-child-frame-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-from-inline-javascript-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-from-javascript-expected.txt:
  • http/tests/security/contentSecurityPolicy/report-uri-scheme-relative-expected.txt:
  • http/tests/security/contentSecurityPolicy/resources/save-report.php:
  • http/tests/security/xssAuditor/report-script-tag-expected.txt:
  • http/tests/security/xssAuditor/report-script-tag-full-block-expected.txt:
  • http/tests/security/xssAuditor/report-script-tag-replace-state-expected.txt:
1:24 AM Changeset in webkit [210187] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r206132 - Suppress JavaScript prompts early on in certain cases
https://bugs.webkit.org/show_bug.cgi?id=162243
rdar://problem/27661602

Reviewed by Geoffrey Garen.

Source/WebCore:

Export symbols needed by WebKit2.

  • loader/FrameLoader.h:
  • loader/FrameLoaderStateMachine.h:

Source/WebKit2:

  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::shouldSuppressJavaScriptDialogs):
Add helper function.

(WebKit::WebChromeClient::runJavaScriptAlert):
(WebKit::WebChromeClient::runJavaScriptConfirm):
(WebKit::WebChromeClient::runJavaScriptPrompt):
Call helper function and return early if we should supress dialogs.

1:14 AM Changeset in webkit [210186] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.14

Merge r206472 - B3::lowerMacros forgets to before->updatePredecessorsAfter() when lowering ChillMod on ARM64
https://bugs.webkit.org/show_bug.cgi?id=162644

Reviewed by Keith Miller.

JSTests:

  • stress/chill-mod-chill-mod.js: Added.

(foo):

Source/JavaScriptCore:

If you forget to update the predecessors of your successors, then bad things will happen if you
do something that requires accurate predecessors for correctness. lowerMacros() uses
BlockInsertionSet, which relies on accurate predecessors.

  • b3/B3LowerMacros.cpp:
1:11 AM Changeset in webkit [210185] by Carlos Garcia Campos
  • 14 edits in releases/WebKitGTK/webkit-2.14

Merge r205190 - [Fetch API] Blob not found URL should result in a network error
https://bugs.webkit.org/show_bug.cgi?id=161381

Patch by Youenn Fablet <youenn@apple.com> on 2016-08-30
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/basic/scheme-blob-expected.txt:
  • web-platform-tests/fetch/api/basic/scheme-blob-worker-expected.txt:
  • web-platform-tests/fetch/api/basic/scheme-blob-worker.html:
  • web-platform-tests/fetch/api/basic/scheme-blob.html:
  • web-platform-tests/fetch/api/basic/scheme-blob.js:

(invalidRequestMethods.forEach):

Source/WebCore:

Covered by rebased and updated tests.

Raising a network error if no blob can be found from the URL.
It is no longer notified by a 404 response.

Updated FileReaderLoader to generate the correct exception.

Made some clean-up in the code, in particular adding an enum class for BlobResourceHandle errors.

  • fileapi/FileReaderLoader.cpp:

(WebCore::FileReaderLoader::didFail):
(WebCore::FileReaderLoader::toErrorCode):
(WebCore::FileReaderLoader::httpStatusCodeToErrorCode):

  • fileapi/FileReaderLoader.h:
  • platform/network/BlobResourceHandle.cpp:

(WebCore::BlobResourceHandle::loadResourceSynchronously):
(WebCore::BlobResourceHandle::doStart):
(WebCore::BlobResourceHandle::didGetSize):
(WebCore::BlobResourceHandle::readSync):
(WebCore::BlobResourceHandle::readFileSync):
(WebCore::BlobResourceHandle::readAsync):
(WebCore::BlobResourceHandle::didOpen):
(WebCore::BlobResourceHandle::didRead):
(WebCore::BlobResourceHandle::failed):
(WebCore::BlobResourceHandle::notifyResponse):
(WebCore::BlobResourceHandle::notifyResponseOnError):
(WebCore::BlobResourceHandle::notifyFail):

  • platform/network/BlobResourceHandle.h:

LayoutTests:

  • fast/files/apply-blob-url-to-xhr-expected.txt:
  • fast/files/workers/worker-apply-blob-url-to-xhr-expected.txt:
1:06 AM Changeset in webkit [210184] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14

Revert "Merge r204266 - Popups opened from a sandboxed iframe should themselves be sandboxed"

This reverts commit r210183. r204266 is before 2.14 branch point so this
was an empty commit.

12:59 AM Changeset in webkit [210183] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14

Merge r204266 - Popups opened from a sandboxed iframe should themselves be sandboxed
https://bugs.webkit.org/show_bug.cgi?id=134850
<rdar://problem/27375388>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):

Now copies the opener's frame loader effective sandbox flags to the
new frame loader.

LayoutTests:

  • http/tests/security/resources/anchor-tag-with-blank-target.html: Added.
  • http/tests/security/resources/page-executing-javascript.html: Added.
  • http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox-expected.txt: Added.
  • http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html: Added.
12:51 AM Changeset in webkit [210182] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/JavaScriptCore

Merge r205882 - DFG NewArrayBuffer node should watch for "have a bad time" state change.
https://bugs.webkit.org/show_bug.cgi?id=161927
<rdar://problem/27995222>

Reviewed by Geoffrey Garen.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

12:49 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)

Dec 27, 2016:

6:48 PM Changeset in webkit [210181] by commit-queue@webkit.org
  • 19 edits in trunk/Source/WebKit2

reduce PassRefPtr use in WebKit2
https://bugs.webkit.org/show_bug.cgi?id=166452

Patch by Alex Christensen <achristensen@webkit.org> on 2016-12-27
Reviewed by Yusuke Suzuki.

  • Shared/API/c/cg/WKImageCG.cpp:

(WKImageCreateCGImage):
(WKImageCreateFromCGImage):

  • Shared/ShareableBitmap.cpp:

(WebKit::ShareableBitmap::createHandle):

  • Shared/ShareableBitmap.h:
  • Shared/UserData.cpp:

(WebKit::UserData::encode):
(WebKit::UserData::decode):

  • Shared/WebImage.cpp:

(WebKit::WebImage::create):
(WebKit::WebImage::WebImage):

  • Shared/WebImage.h:

(WebKit::WebImage::bitmap):

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didGetImageForFindMatch):

  • UIProcess/mac/WKTextFinderClient.mm:

(-[WKTextFinderClient didGetImageForMatchResult:]):

  • WebProcess/Automation/WebAutomationSessionProxy.cpp:

(WebKit::WebAutomationSessionProxy::takeScreenshot):

  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInNodeHandle.mm:

(-[WKWebProcessPlugInNodeHandle renderedImageWithOptions:]):

  • WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.cpp:

(WebKit::imageForRect):
(WebKit::InjectedBundleNodeHandle::renderedImage):
(WebKit::InjectedBundleNodeHandle::visibleRange):
(WebKit::InjectedBundleNodeHandle::htmlTableCellElementCellAbove):
(WebKit::InjectedBundleNodeHandle::documentFrame):
(WebKit::InjectedBundleNodeHandle::htmlFrameElementContentFrame):
(WebKit::InjectedBundleNodeHandle::htmlIFrameElementContentFrame):

  • WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.h:
  • WebProcess/InjectedBundle/DOM/InjectedBundleRangeHandle.cpp:

(WebKit::InjectedBundleRangeHandle::renderedImage):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::takeSnapshot):
(WebKit::WebPage::snapshotAtSize):
(WebKit::WebPage::snapshotNode):
(WebKit::WebPage::drawRectToImage):

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::getPositionInformation):

  • WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::setTopOverhangImage):
(WebKit::WebPage::setBottomOverhangImage):

9:57 AM Changeset in webkit [210180] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit2

Ensure NetworkProcess is ready before whitelisting TLS certificates
https://bugs.webkit.org/show_bug.cgi?id=162962

Patch by Emanuele Aina <Emanuele Aina> on 2016-12-27
Reviewed by Alex Christensen.

If the API user tries to whitelist TLS certificates before any web
view has been created, the action will be ignored because the
NetworkProcess hasn't been fired up yet.

For example, the snippet below using the GTK+ API does not work,
unless the whitelisting is moved after the web view creation:

webkit_web_context_allow_tls_certificate_for_host(webkit_web_context_get_default(), crt, host);
webView = webkit_web_view_new();

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::allowSpecificHTTPSCertificateForHost): Ensure
that the NetworkProcess has been already fired up when adding
certificates, so they can be whitelisted before the first web view is
instantiated.

9:57 AM WebKitGTK/2.14.x edited by Michael Catanzaro
Propose r210180 (diff)
9:12 AM Changeset in webkit [210179] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.14

Merge r210168 - [GTK] Improve user agent construction
https://bugs.webkit.org/show_bug.cgi?id=142074

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Use the macOS rather than the Chrome quirk for Google domains, to avoid problems with
Google Calendar and Google Maps.

  • platform/UserAgentQuirks.cpp:

(WebCore::urlRequiresChromeBrowser):
(WebCore::urlRequiresMacintoshPlatform):

Tools:

  • TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:

(TestWebKitAPI::TEST):

9:11 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
9:03 AM Changeset in webkit [210178] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r209534 - [GTK] Process accelerated compositing env variables only if they are really enabled
https://bugs.webkit.org/show_bug.cgi?id=165300

Don't process the WEBKIT_FORCE_COMPOSITING_MODE and
WEBKIT_DISABLE_COMPOSITING_MODE env variables if they are disabled
(eg. WEBKIT_DISABLE_COMPOSITING_MODE=0).

Reviewed by Michael Catanzaro.

  • UIProcess/gtk/WebPreferencesGtk.cpp:

(WebKit::WebPreferences::platformInitializeStore):

9:02 AM Changeset in webkit [210177] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r209064 - [GTK] Crash in WebCore::PlatformDisplayX11::supportsXComposite when running under Wayland
https://bugs.webkit.org/show_bug.cgi?id=164917

Reviewed by Michael Catanzaro.

WebKitGTK+ appplications are expected to call gtk_init(), because WebKitGTK+, like GTK+ itself, requires a
display to work. We currently fallback to create a X11 display when X11 is enabled in cases where GTK+ doesn't
have a default display (gtk_init() wasn't called or failed). That's why we end up creating an X11 display under
Wayland when both Wayland and X11 option are enabled. The code assumes X11 display creation will always work if
X11 is enabled, but that's not true now that we support also Wayland at runtime. So, we should try to get a
native display before creating the PlatformDisplay. Rendering will not work in any case when gtk_init() is not
called, but in most of the cases those applications are not actually going to render anything, so this way at
least we will not crash.

  • platform/graphics/PlatformDisplay.cpp:

(WebCore::PlatformDisplay::createPlatformDisplay): Use create() method for X11 and Wayland if we couldn't get a
native display from GTK+. If everything fails create a display with no native.
(WebCore::PlatformDisplay::PlatformDisplay): Add NativeDisplayOwned parameter.

  • platform/graphics/PlatformDisplay.h:
  • platform/graphics/wayland/PlatformDisplayWayland.cpp:

(WebCore::PlatformDisplayWayland::create): Try to create a native Wayland display or return nullptr.
(WebCore::PlatformDisplayWayland::PlatformDisplayWayland): Initialize NativeDisplayOwned parameter.
(WebCore::PlatformDisplayWayland::~PlatformDisplayWayland): Destroy the display if owned.
(WebCore::PlatformDisplayWayland::initialize): Return early if native display is nullptr.

  • platform/graphics/wayland/PlatformDisplayWayland.h:
  • platform/graphics/x11/PlatformDisplayX11.cpp:

(WebCore::PlatformDisplayX11::create): Try to create a native X11 display or return nullptr.
(WebCore::PlatformDisplayX11::PlatformDisplayX11): Use NativeDisplayOwned now.
(WebCore::PlatformDisplayX11::~PlatformDisplayX11): Ditto.

  • platform/graphics/x11/PlatformDisplayX11.h:
9:02 AM Changeset in webkit [210176] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r205852 - [GTK] Crash of WebProcess on the last WebView disconnect (take two)
https://bugs.webkit.org/show_bug.cgi?id=161842

Reviewed by Michael Catanzaro.

The problem is that when PlatformDisplayX11 is destroyed, the sharing GL context is deleted and its destructor
makes a downcast of PlatformDisplay to get the native X11 display. We could simply keep a pointer to the native
X11 display in GLContextGLX, got at construction time from the PlatformDisplay, and ensure the sharing GL
context is deleted before the native X11 display is closed.

  • platform/graphics/PlatformDisplay.h: Make m_sharingGLContext protected.
  • platform/graphics/glx/GLContextGLX.cpp:

(WebCore::GLContextGLX::GLContextGLX): Initialize m_x11Display.
(WebCore::GLContextGLX::~GLContextGLX): Use m_x11Display and remove confusing comment about possible crash with
nviedia closed drivers.
(WebCore::GLContextGLX::defaultFrameBufferSize): Use m_x11Display.
(WebCore::GLContextGLX::makeContextCurrent): Ditto.
(WebCore::GLContextGLX::swapBuffers): Ditto.
(WebCore::GLContextGLX::swapInterval): Ditto.
(WebCore::GLContextGLX::cairoDevice): Ditto.

  • platform/graphics/glx/GLContextGLX.h:
  • platform/graphics/x11/PlatformDisplayX11.cpp:

(WebCore::PlatformDisplayX11::~PlatformDisplayX11): Delete the sharing GL context before closing the display.

9:00 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
8:44 AM Changeset in webkit [210175] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r209177 - [GTK] UI process crash in WebKit::WaylandCompositor::Surface::prepareTextureForPainting
https://bugs.webkit.org/show_bug.cgi?id=164911

Reviewed by Michael Catanzaro.

The problem is that m_buffer is nullptr in Surface::prepareTextureForPainting() even though we have already an
image. We only use the buffer to get the image size, so we could save the image size when the image is created,
and then we don't need to care about the buffer anymore.

  • UIProcess/gtk/WaylandCompositor.cpp:

(WebKit::WaylandCompositor::Surface::prepareTextureForPainting):
(WebKit::WaylandCompositor::Surface::commit):

  • UIProcess/gtk/WaylandCompositor.h:
8:43 AM Changeset in webkit [210174] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r209063 - [GTK] BadDamage X Window System error in WebKit::AcceleratedBackingStoreX11::update when called from WebPageProxy::exitAcceleratedCompositingMode
https://bugs.webkit.org/show_bug.cgi?id=164303

Reviewed by Michael Catanzaro.

Trap also BadDrawable and BadDamage X errors when creating the surface and damage.

  • UIProcess/gtk/AcceleratedBackingStoreX11.cpp:

(WebKit::AcceleratedBackingStoreX11::update):

8:43 AM Changeset in webkit [210173] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r208285 - [GTK] BadDamage X Window System error in WebKit::AcceleratedBackingStoreX11::update when called from WebPageProxy::exitAcceleratedCompositingMode
https://bugs.webkit.org/show_bug.cgi?id=164303

Reviewed by Michael Catanzaro.

This can happen if the web process exits before the UI process has cleaned up the accelerated surface. Trap
BadDrawable and BadDamage X errors and ignore them, while still crashing for any other X error.

  • UIProcess/gtk/AcceleratedBackingStoreX11.cpp:

(WebKit::AcceleratedBackingStoreX11::~AcceleratedBackingStoreX11):
(WebKit::AcceleratedBackingStoreX11::update):

8:41 AM Changeset in webkit [210172] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r210056 - [Cairo] Conditional jump or move depends on uninitialised value(s)
https://bugs.webkit.org/show_bug.cgi?id=166058

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-12-20
Reviewed by Michael Catanzaro.

Initialize x and y members of cairo_glyph_t struct before passing it to cairo_glyph_path.

  • platform/graphics/cairo/FontCairo.cpp:

(WebCore::CairoGlyphToPathTranslator::path):

8:39 AM Changeset in webkit [210171] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r209122 - [GTK] Database process should not initialize gtk
https://bugs.webkit.org/show_bug.cgi?id=165138

Reviewed by Sergio Villar Senin.

It doesn't use GTK+ at all.

  • DatabaseProcess/gtk/DatabaseProcessMainGtk.cpp:

(WebKit::DatabaseProcessMainUnix):
(): Deleted.

8:38 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
8:38 AM Changeset in webkit [210170] by Carlos Garcia Campos
  • 4 edits
    3 adds in releases/WebKitGTK/webkit-2.14

Merge r208675 - [HarfBuzz] HarfBuzzShaper should not assume numGlyphs is greater than 0
https://bugs.webkit.org/show_bug.cgi?id=164500

Patch by Fujii Hironori <Fujii Hironori> on 2016-11-13
Reviewed by Myles C. Maxfield.

Source/WebCore:

Test: fast/text/international/harfbuzz-runs-with-no-glyph.html

HarfBuzzShaper assumes numGlyphs of HarfBuzzRun is greater than
zero. But this is not necessarily true. If a font does not have a
glyph of SPACE (U+0020), HarfBuzz removes ignorable glyphs. In
this case, HarfBuzzRun can have no glyphs.

  • platform/graphics/harfbuzz/HarfBuzzShaper.cpp:

(WebCore::HarfBuzzShaper::HarfBuzzRun::applyShapeResult): Resize
m_offsets to one if m_numGlyphs is zero.

  • platform/graphics/harfbuzz/HarfBuzzShaper.h:

(WebCore::HarfBuzzShaper::HarfBuzzRun::glyphs): Use Vector::data()
instread of operator[0].
(WebCore::HarfBuzzShaper::HarfBuzzRun::advances): Ditto.
(WebCore::HarfBuzzShaper::HarfBuzzRun::offsets): Ditto.
(WebCore::HarfBuzzShaper::HarfBuzzRun::glyphToCharacterIndexes): Ditto.

LayoutTests:

  • fast/text/international/harfbuzz-runs-with-no-glyph-expected.txt: Added.
  • fast/text/international/harfbuzz-runs-with-no-glyph.html: Added.
  • fast/text/international/resources/ignorables.woff: Added.
8:36 AM Changeset in webkit [210169] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebKit2

Merge r208495 - Experimental features should not be enabled by default
https://bugs.webkit.org/show_bug.cgi?id=164367

Reviewed by Darin Adler.

We have two classes of experimental features:

(1) Features that are unstable and should be off by default, except for the developers

currently working on them. This is straightforward to handle; the default value should
be false.

(2) Features that are still not ready for end users, but are stable enough for testing. We

want these features to be enabled in testing environments like the bots, MiniBrowser,
Safari Tech Preview, and so forth, but not in stable release builds.

Implement this. It is better than having all experimental features on unconditionally, and
expecting them to be disabled manually on release branches, which is not something we are
keen to do. An exception is Cocoa ports, which to my knowledge do not currently have any
concept of development builds. These ports seem happy to continue disabling features
manually in release branches, and should continue to do so at least for now.

We also have features that we wish to enumerate at runtime, yet have enabled by default
unconditionally. We do not currently have any infrastructure to support this and should not
abuse the experimental status for this purpose; it requires future work. All settings can
still be toggled at runtime by clients that know about them using the existing runtime
features API.

Lastly, the custom elements feature is ready to be enabled by default, so it's no longer
experimental and can graduate to the list of normal boolean features.

  • Shared/WebPreferencesDefinitions.h:
7:26 AM Changeset in webkit [210168] by Michael Catanzaro
  • 4 edits in trunk

[GTK] Improve user agent construction
https://bugs.webkit.org/show_bug.cgi?id=142074

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Use the macOS rather than the Chrome quirk for Google domains, to avoid problems with
Google Calendar and Google Maps.

  • platform/UserAgentQuirks.cpp:

(WebCore::urlRequiresChromeBrowser):
(WebCore::urlRequiresMacintoshPlatform):

Tools:

  • TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:

(TestWebKitAPI::TEST):

7:26 AM WebKitGTK/2.14.x edited by Michael Catanzaro
Propose r210168 (diff)
4:13 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
4:11 AM Changeset in webkit [210167] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r209982 - [GTK] GLXBadFBConfig error when creating an OpenGL context
https://bugs.webkit.org/show_bug.cgi?id=165200

Reviewed by Carlos Garcia Campos.

glXCreateContextAttribsARB causes a GLXBadFBConfig X error when it's not able to provide the
OpenGL version >= 3.2 we are requesting. Due to this, the app crashes instead of falling back to
the legacy path.
The patch modifies GLX context creation using a XErrorTrapper, so the first time a context is created
we don't crash if OpenGL >= 3.2 is not available.
If the gotten context is not valid, we fall back to whatever version glXCreateContextAttribsARB is
able to provide.
The legacy glXCreateContext is only used if the GLX_ARB_create_context extension is not available.

Covered by existent tests.

  • platform/graphics/glx/GLContextGLX.cpp:

(WebCore::tryCreateGLXARBContext):
(WebCore::GLContextGLX::createWindowContext):
(WebCore::GLContextGLX::createPbufferContext):

4:11 AM Changeset in webkit [210166] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r209234 - [GTK] Use an OpenGL < 3.0 compliant way to request the OpenGL version
https://bugs.webkit.org/show_bug.cgi?id=165253

Reviewed by Carlos Garcia Campos.

Use glGetString(GL_VERSION) to get the OpenGL version, as glGetIntegerv with GL_MAJOR_VERSION
and GL_MINOR_VERSION is only supported from 3.0 on.

Covered by existent tests.

  • platform/graphics/GLContext.cpp:

(WebCore::GLContext::version):

3:52 AM Changeset in webkit [210165] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r210133 - [GTK] GLES build broken since r208997
https://bugs.webkit.org/show_bug.cgi?id=166455

Unreviewed. Fix the preprocessor guards here; this code is incompatible with GLES2.

Looks like it's been broken for a month. Typical!

  • platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:

(WebCore::Extensions3DOpenGLCommon::initializeAvailableExtensions):

3:52 AM Changeset in webkit [210164] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r208997 - [GTK] Dramatic increase on memory usage since 2.14.x
https://bugs.webkit.org/show_bug.cgi?id=164049

Reviewed by Žan Doberšek.

Use OpenGL version 3.2 Core for rendering when available.
Update some operations that have changed when using 3.2 Core:

  • Use glGetStringi to get the extensions list.
  • Do not use GL_POINT_SPRITE.
  • Always use a VAO when rendering.
  • Use a GLSL 1.50 compatible shader.

No new tests needed.

  • platform/graphics/GLContext.cpp:

(WebCore::GLContext::version):
Add a method to get OpenGL version we are using.

  • platform/graphics/GLContext.h:

Ditto.

  • platform/graphics/GraphicsContext3D.h:

Add an attribute to store the VAO used for rendering.

  • platform/graphics/OpenGLShims.cpp:

(WebCore::initializeOpenGLShims):
Add glGetStringi to the list of functions.

  • platform/graphics/OpenGLShims.h:

Ditto.

  • platform/graphics/cairo/GraphicsContext3DCairo.cpp:

(WebCore::GraphicsContext3D::GraphicsContext3D):
Set appropriate output to the shader compiler and initalize the VAO if needed.
(WebCore::GraphicsContext3D::~GraphicsContext3D):
Delete the VAO if needed.
(WebCore::GraphicsContext3D::getExtensions):
Use glGetExtensionsi for OpenGL versions >= 3.2.

  • platform/graphics/glx/GLContextGLX.cpp:

(WebCore::hasGLXARBCreateContextExtension):
Check whether the GLX_ARB_create_context extension is available.
(WebCore::GLContextGLX::createWindowContext):
Use glXCreateContextAttribsARB() if possible to request an OpenGL 3.2 context.
(WebCore::GLContextGLX::createPbufferContext):
Ditto.

  • platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:

(WebCore::Extensions3DOpenGLCommon::initializeAvailableExtensions):
Enable glGetStringi for GTK.

  • platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:

Do not use default getExtensions() method for GTK.

  • platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:

Ditto.

3:52 AM Changeset in webkit [210163] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.14/Source/ThirdParty/ANGLE

Merge r208136 - -Wpragmas warning spam from angleutils.h
https://bugs.webkit.org/show_bug.cgi?id=164207

Reviewed by Darin Adler.

Use #pragma clang instead of #pragma GCC since all of the warnings we need to suppress are
Clang-specific warnings. GCC ignores unknown pragmas and does not warn, but it does warn if
any GCC pragma is invalid.

Note that this might still be broken for MSVCC, as MSVCC warns when it sees unknown pragmas.

  • changes.diff:
  • src/common/angleutils.cpp:

(FormatString):

  • src/common/angleutils.h:

(MakeStaticString):

  • src/common/debug.cpp:
  • src/common/mathutil.cpp:
  • src/libANGLE/Caps.cpp:

(gl::TextureCapsMap::get):
(gl::GetExtensionInfoMap):

  • src/libANGLE/Device.cpp:

(egl::GetDeviceSet):

  • src/libANGLE/Display.cpp:

(egl::Display::getClientExtensionString):

  • src/libANGLE/formatutils.cpp:

(gl::GetInternalFormatMap):
(gl::GetAllSizedInternalFormats):

  • src/libANGLE/validationES3.cpp:

(gl::IsValidES3CopyTexImageCombination):

3:52 AM Changeset in webkit [210162] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/ThirdParty/ANGLE

Merge r208041 - Another build fix.

  • CMakeLists.txt:
3:51 AM Changeset in webkit [210161] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r208040 - Fix Windows WebGL build after r208036
https://bugs.webkit.org/show_bug.cgi?id=164101

  • CMakeLists.txt:

Source/WebCore:
Fix Windows WebGL build after r208022
https://bugs.webkit.org/show_bug.cgi?id=164091

  • platform/graphics/opengl/Extensions3DOpenGLCommon.h:
  • platform/graphics/opengl/Extensions3DOpenGLES.cpp:

(WebCore::Extensions3DOpenGLES::Extensions3DOpenGLES):

  • platform/graphics/opengl/Extensions3DOpenGLES.h:
  • platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:

(WebCore::GraphicsContext3D::getExtensions):

3:51 AM Changeset in webkit [210160] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/ThirdParty/ANGLE

Merge r208037 - Fix Windows WebGL build after r208036
https://bugs.webkit.org/show_bug.cgi?id=164101

  • CMakeLists.txt:

Add new files, remove deleted files.

3:49 AM Changeset in webkit [210159] by Carlos Garcia Campos
  • 436 edits
    537 adds
    96 deletes in releases/WebKitGTK/webkit-2.14/Source

Merge r208036 - Update ANGLE
https://bugs.webkit.org/show_bug.cgi?id=164101

Reviewed by Darin Adler.

Source/ThirdParty/ANGLE:

Updated to f01731530e7f754e5ebaf32d00f3e23b62376424
Differences between upstream ANGLE and WebKit's copy of ANGLE are in changes.diff

Source/WebCore:

ShCheckVariablesWithinPackingLimits has changed signatures from taking a ShVariableInfo* and length
to taking a std::vector<sh::ShaderVariable> which requires more information about the shader variables
than we kept in GraphicsContext3D::SymbolInfo. I removed the SymbolInfo class because it was redundant
with ANGLE's sh::ShaderVariable and now unused.

Covered by existing WebGL tests.

  • CMakeLists.txt:
  • PlatformMac.cmake:
  • PlatformWin.cmake:
  • platform/graphics/ANGLEWebKitBridge.cpp:

(WebCore::appendSymbol):
(WebCore::getStructInfo):
(WebCore::getSymbolInfo):
(WebCore::ANGLEWebKitBridge::compileShaderSource):

  • platform/graphics/ANGLEWebKitBridge.h:

(WebCore::ANGLEShaderSymbol::isSampler): Deleted.

  • platform/graphics/GraphicsContext3D.h:

(WebCore::GraphicsContext3D::SymbolInfo::SymbolInfo): Deleted.
(WebCore::GraphicsContext3D::SymbolInfo::operator==): Deleted.

  • platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:

(WebCore::Extensions3DOpenGLCommon::getTranslatedShaderSourceANGLE):

  • platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:

(WebCore::GraphicsContext3D::checkVaryingsPacking):
(WebCore::GraphicsContext3D::precisionsMatch):
(WebCore::GraphicsContext3D::mappedSymbolName):
(WebCore::GraphicsContext3D::originalSymbolName):

3:41 AM Changeset in webkit [210158] by Carlos Garcia Campos
  • 11 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r208022 - [macOS] [WebGL2] Temporarily upgrade WebGL 2's internal OpenGL context from version 2.1 to 3.2
https://bugs.webkit.org/show_bug.cgi?id=164091

Reviewed by Dean Jackson.

Source/WebCore:

In order to test WebGL2 correctly, I had to upgrade the macOS's OpenGL
context to a 3.2-compatible context to make sure the new symbols are
accepted. Eventually, this 3.2-compatible context will have to be
reverted and replaced with an ANGLE context. The current 3.2-compatible
context is just for testing.

Test: fast/canvas/webgl/webgl2-context-creation.html

  • html/canvas/WebGLBuffer.cpp: Use "nullptr" instead of 0.

(WebCore::WebGLBuffer::associateBufferData):

  • html/canvas/WebGLRenderingContextBase.cpp: Use make_unique() instead

of the unique_ptr constructor.
(WebCore::WebGLRenderingContextBase::create):

  • platform/graphics/GraphicsContext3D.h: GraphicsContext should know

if it is using a 3.2-compatible context because some parts of 2.1 are
removed in these contexts, and replaced with new things which aren't
in 2.1.

  • platform/graphics/mac/GraphicsContext3DMac.mm:

(WebCore::setPixelFormat): Use kCGLPFAOpenGLProfile to specify an
OpenGL 3.2 context.
(WebCore::GraphicsContext3D::GraphicsContext3D): GL_CLAMP is deprecated
in OpenGL 3.2. Fortunately, GL_CLAMP_TO_EDGE isn't deprecated and does
exactly what we want. In OpenGL3.2, point sprites are always enabled,
so there's no need to enable them in those contexts.
(WebCore::GraphicsContext3D::isGLES2Compliant):

  • platform/graphics/opengl/Extensions3DOpenGL.cpp: In OpenGL 3.2,

glGetString() no longer accepts GL_EXTENSIONS. Instead, glGetStringi()
is used instead. Unfortunately, glGetString() is not available in
OpenGL 2.1 contexts, so we need to use one or the other based on the
version of the context we're using.
(WebCore::Extensions3DOpenGL::Extensions3DOpenGL):
(WebCore::Extensions3DOpenGL::getExtensions):

  • platform/graphics/opengl/Extensions3DOpenGL.h:
  • platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:

(WebCore::Extensions3DOpenGLCommon::Extensions3DOpenGLCommon):
(WebCore::Extensions3DOpenGLCommon::initializeAvailableExtensions):
Instead of modifying getExtensions() to use glGetStringi(), it makes
better sense to modify this function because getExtensions() returns
a string. Building up a string just to split it up again is silly, so
modifying this function instead makes more sense.

  • platform/graphics/opengl/Extensions3DOpenGLCommon.h:
  • platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:

(WebCore::GraphicsContext3D::getIntegerv): GL_MAX_VARYING_FLOATS is
removed in OpenGL 3.2 contexts. However, it is replaced by
GL_MAX_VARYING_COMPONENTS, though this is deprecated but not removed.
In the more recent OpenGL context versions, GL_MAX_VARYING_VECTORS is
recommended instead, but that isn't available in OpenGL 3.2.
(WebCore::GraphicsContext3D::getExtensions):

LayoutTests:

  • TestExpectations:
  • fast/canvas/webgl/webgl2-context-creation-expected.txt: Added.
  • fast/canvas/webgl/webgl2-context-creation.html: Added.
3:40 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
2:43 AM Changeset in webkit [210157] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r207666 - [GTK] Several tests crashing on debug bot in (anonymous namespace)::MediaPlayerPrivateGStreamerBase::repaint
https://bugs.webkit.org/show_bug.cgi?id=163511

Patch by Miguel Gomez <magomez@igalia.com> on 2016-10-21
Reviewed by Carlos Garcia Campos.

Perform the video repaint in the main thread when accelerated compositing is disabled. Added a new method to
MediaPlayerClient to get whether accelerated compositing is enabled from the MediaPlayer. This is needed
because mediaPlayerAcceleratedCompositingEnabled() will return false while HTMLMediaElement doesn't have a
RenderVideo, even when accelerated compositing is enabled.

Covered by existent tests.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::mediaPlayerAcceleratedCompositingEnabled):

  • html/HTMLMediaElement.h:
  • platform/graphics/MediaPlayer.h:

(WebCore::MediaPlayerClient::mediaPlayerAcceleratedCompositingEnabled):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
(WebCore::MediaPlayerPrivateGStreamerBase::repaint):
(WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
2:43 AM Changeset in webkit [210156] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r207287 - [GTK] Video playback doesn't work properly with accelerated compositing disabled
https://bugs.webkit.org/show_bug.cgi?id=163386

Patch by Miguel Gomez <magomez@igalia.com> on 2016-10-13
Reviewed by Carlos Garcia Campos.

Trigger a repaint of the player when a new frame arrives and accelerated compositing is disabled.

Covered by existent tests.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):

2:42 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
2:34 AM WebKitGTK/2.14.x edited by Carlos Garcia Campos
(diff)
2:33 AM Changeset in webkit [210155] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Merge r205544 - [GTK] Crash of WebProcess on the last WebView disconnect
https://bugs.webkit.org/show_bug.cgi?id=161605

Reviewed by Michael Catanzaro.

Stop tracking X11 GL contexts to be cleanered on an exit handler. This was added to work around bugs on drivers,
and it's assuming that all GLContext not deleted when the exit handler is called are leaked, which is no longer
true, because PlatformDisplay now owns a GLContext and is deleted after exit handlers.

  • platform/graphics/GLContext.cpp:

(WebCore::GLContext::GLContext):
(WebCore::GLContext::~GLContext):
(WebCore::activeContextList): Deleted.
(WebCore::GLContext::addActiveContext): Deleted.
(WebCore::GLContext::removeActiveContext): Deleted.
(WebCore::GLContext::cleanupActiveContextsAtExit): Deleted.

2:33 AM Changeset in webkit [210154] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.14/Source/WebCore

Revert "Merge r205852 - [GTK] Crash of WebProcess on the last WebView disconnect (take two)"

This reverts commit c6853af17a2290c2321cce33f5e012656511d27c.

12:04 AM Changeset in webkit [210153] by Gyuyoung Kim
  • 2 edits in trunk/LayoutTests

[EFL] Gardening on 27th Dec.

Unreviewed EFL gardening.

Patch by Gyuyoung Kim <gyuyoung.kim@navercorp.com> on 2016-12-27

  • platform/efl/TestExpectations: Mark failing tests to Timeout or Skip.

Dec 26, 2016:

7:14 PM Changeset in webkit [210152] by Alan Bujtas
  • 3 edits
    2 adds in trunk

ASSERTION FAILED: !rect.isEmpty() in WebCore::GraphicsContext::drawRect
https://bugs.webkit.org/show_bug.cgi?id=163461

Reviewed by Darin Adler.

Source/WebCore:

Make sure we don't paint empty rects.

Test: fast/lists/assert-on-empty-list-marker.html

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::paint):

LayoutTests:

  • fast/lists/assert-on-empty-list-marker-expected.txt: Added.
  • fast/lists/assert-on-empty-list-marker.html: Added.
11:00 AM Changeset in webkit [210151] by Yusuke Suzuki
  • 3 edits in trunk/Source/JavaScriptCore

Use variadic templates in JSC Parser to clean up
https://bugs.webkit.org/show_bug.cgi?id=166482

Reviewed by Saam Barati.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::logError):

  • parser/Parser.h:

Dec 25, 2016:

11:47 PM Changeset in webkit [210150] by Chris Fleizach
  • 3 edits
    2 adds in trunk

AX: Headers of table not read by VoiceOver
https://bugs.webkit.org/show_bug.cgi?id=158693
<rdar://problem/26771065>

Reviewed by Darin Adler.

Source/WebCore:

If a table cell header is hidden, by pushing off screen then the content won't be accessible.
It seems that unless specifically requested (such as using aria-hidden), we should try to return
that table cell header.

Test: accessibility/hidden-th-still-column-header.html

  • accessibility/AccessibilityTableColumn.cpp:

(WebCore::AccessibilityTableColumn::headerObjectForSection):

LayoutTests:

  • accessibility/hidden-th-still-column-header-expected.txt: Added.
  • accessibility/hidden-th-still-column-header.html: Added.
10:35 PM Changeset in webkit [210149] by Yusuke Suzuki
  • 43 edits
    2 adds in trunk

Propagate the source origin as much as possible
https://bugs.webkit.org/show_bug.cgi?id=166348

Reviewed by Darin Adler.

JSTests:

  • stress/source-origin.js: Added.

(shouldBe):

Source/JavaScriptCore:

This patch introduces CallFrame::callerSourceOrigin, SourceOrigin class
and SourceProvider::m_sourceOrigin. CallFrame::callerSourceOrigin returns
an appropriate SourceOrigin if possible. If we cannot find the appropriate
one, we just return null SourceOrigin.

This paves the way for implementing the module dynamic-import[1].
When the import operator is evaluated, it will resolve the module
specifier with this propagated source origin of the caller function.

To support import operator inside the dynamic code generation
functions (like eval, new Function, indirect call to eval),
we need to propagate the caller's source origin to the generated
source code.

We do not use sourceURL for that purpose. This is because we
would like to keep sourceURL for eval / new Function null.
This sourceURL will be used for the stack dump for errors with line/column
numbers. Dumping the caller's sourceURL with line/column numbers are
meaningless. So we would like to keep it null while we would like
to propagate SourceOrigin for dynamic imports.

[1]: https://github.com/tc39/proposal-dynamic-import

  • API/JSBase.cpp:

(JSEvaluateScript):
(JSCheckScriptSyntax):

  • API/JSObjectRef.cpp:

(JSObjectMakeFunction):

  • API/JSScriptRef.cpp:

(OpaqueJSScript::create):
(OpaqueJSScript::vm):
(OpaqueJSScript::OpaqueJSScript):
(parseScript):

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Scripts/builtins/builtins_templates.py:
  • Scripts/tests/builtins/expected/WebCore-AnotherGuardedInternalBuiltin-Separate.js-result:
  • Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result:
  • Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result:
  • Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result:
  • Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result:
  • Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result:
  • builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::BuiltinExecutables):
(JSC::BuiltinExecutables::createDefaultConstructor):

  • debugger/DebuggerCallFrame.cpp:

(JSC::DebuggerCallFrame::evaluateWithScopeExtension):

  • inspector/InjectedScriptManager.cpp:

(Inspector::InjectedScriptManager::createInjectedScript):

  • inspector/JSInjectedScriptHost.cpp:

(Inspector::JSInjectedScriptHost::evaluateWithScopeExtension):

  • inspector/agents/InspectorRuntimeAgent.cpp:

(Inspector::InspectorRuntimeAgent::parse):

  • interpreter/CallFrame.cpp:

(JSC::CallFrame::callerSourceOrigin):

  • interpreter/CallFrame.h:
  • interpreter/Interpreter.cpp:

(JSC::eval):

  • jsc.cpp:

(jscSource):
(GlobalObject::finishCreation):
(extractDirectoryName):
(currentWorkingDirectory):
(GlobalObject::moduleLoaderResolve):
(functionRunString):
(functionLoadString):
(functionCallerSourceOrigin):
(functionCreateBuiltin):
(functionCheckModuleSyntax):
(runInteractive):

  • parser/SourceCode.h:

(JSC::makeSource):

  • parser/SourceProvider.cpp:

(JSC::SourceProvider::SourceProvider):

  • parser/SourceProvider.h:

(JSC::SourceProvider::sourceOrigin):
(JSC::StringSourceProvider::create):
(JSC::StringSourceProvider::StringSourceProvider):
(JSC::WebAssemblySourceProvider::create):
(JSC::WebAssemblySourceProvider::WebAssemblySourceProvider):

  • runtime/FunctionConstructor.cpp:

(JSC::constructFunction):
(JSC::constructFunctionSkippingEvalEnabledCheck):

  • runtime/FunctionConstructor.h:
  • runtime/JSGlobalObjectFunctions.cpp:

(JSC::globalFuncEval):

  • runtime/ModuleLoaderPrototype.cpp:

(JSC::moduleLoaderPrototypeParseModule):

  • runtime/ScriptExecutable.h:

(JSC::ScriptExecutable::sourceOrigin):

  • runtime/SourceOrigin.h: Added.

(JSC::SourceOrigin::SourceOrigin):
(JSC::SourceOrigin::string):
(JSC::SourceOrigin::isNull):

  • tools/FunctionOverrides.cpp:

(JSC::initializeOverrideInfo):

Source/WebCore:

  • bindings/js/CachedScriptSourceProvider.h:

(WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):

  • bindings/js/JSLazyEventListener.cpp:

(WebCore::JSLazyEventListener::initializeJSFunction):

  • bindings/js/ScriptSourceCode.h:

(WebCore::ScriptSourceCode::ScriptSourceCode):

  • bridge/NP_jsobject.cpp:

(_NPN_Evaluate):

  • bridge/objc/WebScriptObject.mm:

(-[WebScriptObject evaluateWebScript:]):

Source/WebKit/mac:

  • Plugins/Hosted/NetscapePluginInstanceProxy.mm:

(WebKit::NetscapePluginInstanceProxy::evaluate):

Source/WebKit/win:

  • Plugins/PluginPackage.cpp:

(WebCore::NPN_Evaluate):
(WebCore::makeSource): Deleted.

Source/WebKit2:

  • WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:

(WebKit::NPRuntimeObjectMap::evaluate):

5:33 PM Changeset in webkit [210148] by weinig@apple.com
  • 38 edits
    2 adds in trunk

[WebIDL] Remove (most) custom bindings for the IndexedDB code
https://bugs.webkit.org/show_bug.cgi?id=166451

Reviewed by Darin Adler.

Source/WebCore:

Removes the custom bindings for all but one attribute (IDBRequest.result) in
the IndexedDB code.

  • Adds a new WebIDL extension type, IDBKey, to represent the complex key conversion rules IndexedDB specifies.
  • Replaces custom bindings for IDBCursor.source with use of a union.
  • Replaces custom enum type checking for IDBCursor.direction with a WebIDL enum.
  • Replaces custom code generation for IDBKeyPaths with a union.
  • CMakeLists.txt:
  • DerivedSources.make:
  • WebCore.xcodeproj/project.pbxproj:

Add new files.

  • Modules/indexeddb/IDBCursor.cpp:

(WebCore::IDBCursor::source):
(WebCore::IDBCursor::direction):
(WebCore::IDBCursor::directionNext): Deleted.
(WebCore::IDBCursor::directionNextUnique): Deleted.
(WebCore::IDBCursor::directionPrev): Deleted.
(WebCore::IDBCursor::directionPrevUnique): Deleted.
(WebCore::IDBCursor::stringToDirection): Deleted.
(WebCore::IDBCursor::directionToString): Deleted.

  • Modules/indexeddb/IDBCursor.h:

(WebCore::IDBCursor::objectStore): Deleted.
(WebCore::IDBCursor::index): Deleted.
Replace custom enum checking with direct use of the enum, letting the generator
handle the checks. Also adds source function which returns a Variant.

  • Modules/indexeddb/IDBCursor.idl:

Remove custom annotation and use correct types.

  • Modules/indexeddb/IDBCursorDirection.h: Added.
  • Modules/indexeddb/IDBCursorDirection.idl: Added.
  • Modules/indexeddb/IDBIndex.cpp:

(WebCore::IDBIndex::openCursor):
(WebCore::IDBIndex::openKeyCursor):

  • Modules/indexeddb/IDBIndex.h:
  • Modules/indexeddb/IDBIndex.idl:
  • Modules/indexeddb/IDBObjectStore.cpp:

(WebCore::IDBObjectStore::openCursor):
(WebCore::IDBObjectStore::openKeyCursor):

  • Modules/indexeddb/IDBObjectStore.h:
  • Modules/indexeddb/IDBObjectStore.idl:

Replace Strings with IDBCursorDirection enums.

  • Modules/indexeddb/IDBKeyRange.idl:

Remove annotation and use new IDBKey extension type.

  • Modules/indexeddb/IDBOpenDBRequest.cpp:

(WebCore::IDBOpenDBRequest::onSuccess):
(WebCore::IDBOpenDBRequest::onUpgradeNeeded):
(WebCore::IDBOpenDBRequest::onDeleteDatabaseSuccess):
Use ReadyState enum in place of the old m_isDone boolean.

  • Modules/indexeddb/IDBRequest.cpp:

(WebCore::IDBRequest::IDBRequest):
(WebCore::IDBRequest::error):
(WebCore::IDBRequest::source):
(WebCore::IDBRequest::dispatchEvent):
(WebCore::IDBRequest::willIterateCursor):
(WebCore::IDBRequest::completeRequestAndDispatchEvent):
(WebCore::IDBRequest::readyState): Deleted.

  • Modules/indexeddb/IDBRequest.h:

(WebCore::IDBRequest::readyState):
(WebCore::IDBRequest::isDone):
(WebCore::IDBRequest::objectStoreSource): Deleted.
(WebCore::IDBRequest::indexSource): Deleted.
(WebCore::IDBRequest::cursorSource): Deleted.

  • Modules/indexeddb/IDBRequest.idl:

Replace the readyState String with a enum, and the custom source binding with a
source function that returns a Variant.

  • Modules/indexeddb/IndexedDB.h:

Add the missing values to CursorDirection to make it comply with the IDL definition.

  • bindings/generic/IDLTypes.h:
  • bindings/js/JSDOMConvert.h:

(WebCore::JSConverter<IDLIDBKey<T>>::convert):
Add new extension type IDLIDBKey.

  • bindings/js/JSIDBCursorCustom.cpp:

(WebCore::JSIDBCursor::source): Deleted.

  • bindings/js/JSIDBRequestCustom.cpp:

(WebCore::JSIDBRequest::source): Deleted.
Remove custom bindings.

  • bindings/scripts/CodeGenerator.pm:

(IsBuiltinType):

  • bindings/scripts/CodeGeneratorJS.pm:

(GetBaseIDLType):
(NativeToJSValueDOMConvertNeedsState):
(NativeToJSValueDOMConvertNeedsGlobalObject):
(NativeToJSValue):
Add support for IDBKey, and remove custom code for IndexedDB in core conversion logic.

  • bindings/scripts/IDLAttributes.txt:

Remove now unused ImplementationReturnType attribute.

  • inspector/InspectorIndexedDBAgent.cpp:

Update to work with new functions taking enums rather than strings.

LayoutTests:

  • storage/indexeddb/exceptions-expected.txt:
  • storage/indexeddb/exceptions-private-expected.txt:
  • storage/indexeddb/index-basics-expected.txt:
  • storage/indexeddb/index-basics-private-expected.txt:
  • storage/indexeddb/index-basics-workers-expected.txt:
  • storage/indexeddb/objectstore-cursor-expected.txt:
  • storage/indexeddb/objectstore-cursor-private-expected.txt:

Update results for improved exception messages.

3:57 PM Changeset in webkit [210147] by Simon Fraser
  • 10 edits
    10 adds in trunk

REGRESSION (r209299): Selection is broken when you zoom in webpage using trackpad
https://bugs.webkit.org/show_bug.cgi?id=166472
rdar://problem/29675551

Reviewed by Tim Horton.

Source/WebCore:

r209299 broke autoscroll in zoomed pages because it changed RenderLayer::scrollRectToVisible()
to shrink viewRect by page scale. This is incorrect for all callers of scrollRectToVisible, since
the "absoluteRect" passed in is actually in zoomed document coordinates for all the callers I tested.

This code is also fixed to account for headers and footers. getRectToExpose() takes rectangles
in "scroll view contents" coordinates (i.e. including header, and zoomed document), so doesn't need
the separate visibleRectRelativeToDocument parameter.

Tests: fast/events/autoscroll-main-document.html

fast/events/autoscroll-when-zoomed.html
fast/events/drag-select-when-zoomed-with-header.html
fast/events/drag-select-when-zoomed.html
fast/scrolling/scroll-to-anchor-zoomed-header.html

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::scrollRectToVisible):
(WebCore::RenderLayer::getRectToExpose):

  • rendering/RenderLayer.h:

Tools:

These changes are necessary to allow the mouse to leave the WTR window while
drag-scrolling, to test autoscroll. Previously, we were never calling -mouseDragged
(which DRT does); we'd always go through mouseMoved, which hits an early return
in WebViewImpl::mouseMoved() when the point is outside the view.

  • WebKitTestRunner/mac/EventSenderProxy.mm:

(WTR::EventSenderProxy::mouseMoveTo):

LayoutTests:

Add some test coverage for autoscroll of the main document. I could only get this
working in WebKitTestRunner, not DumpRenderTree.

  • TestExpectations:
  • fast/events/autoscroll-main-document-expected.txt: Added.
  • fast/events/autoscroll-main-document.html: Added.
  • fast/events/autoscroll-when-zoomed-expected.txt: Added.
  • fast/events/autoscroll-when-zoomed.html: Added.
  • fast/events/drag-select-when-zoomed-expected.txt: Added.
  • fast/events/drag-select-when-zoomed-with-header-expected.txt: Added.
  • fast/events/drag-select-when-zoomed-with-header.html: Added.
  • fast/events/drag-select-when-zoomed.html: Added.
  • fast/scrolling/scroll-to-anchor-zoomed-header-expected.txt: Added.
  • fast/scrolling/scroll-to-anchor-zoomed-header.html: Added.
  • fast/transforms/selection-bounds-in-transformed-view.html: Revert the target scroll position to what it was

before r209299, and improve the failure output.

  • platform/ios-simulator/TestExpectations:
  • platform/mac-wk2/TestExpectations:

Dec 24, 2016:

1:26 PM Changeset in webkit [210146] by commit-queue@webkit.org
  • 16 edits
    2 adds in trunk

[test262] Fixing mapped arguments object property test case
https://bugs.webkit.org/show_bug.cgi?id=159398

Patch by Caio Lima <Caio Lima> on 2016-12-24
Reviewed by Saam Barati.

JSTests:

  • stress/arguments-bizarre-behaviour-disable-enumerability.js:
  • stress/arguments-define-property.js: Added.

(assert):
(testProperties):

  • stress/arguments-non-configurable.js: Added.

(assert):
(tryChangeNonConfigurableDescriptor):
(set tryChangeNonConfigurableDescriptor):
(tryChangeWritableOfNonConfigurableDescriptor):

  • test262.yaml:

Source/JavaScriptCore:

This patch changes GenericArguments' override mechanism to
implement corret behavior on ECMAScript test262 suite test cases of
mapped arguments object with non-configurable and non-writable
property. Also it is ensuring that arguments[i]
cannot be deleted when argument "i" is {configurable: false}.

The previous implementation is against to the specification for 2 reasons:

  1. Every argument in arguments object are {writable: true} by default (http://www.ecma-international.org/ecma-262/7.0/index.html#sec-createunmappedargumentsobject). It means that we have to stop mapping a defined property index if the new property descriptor contains writable (i.e writable is present) and its value is false (also check https://tc39.github.io/ecma262/#sec-arguments-exotic-objects-defineownproperty-p-desc). Previous implementation considers {writable: false} if writable is not present.
  1. When a property is overriden, "delete" operation is always returning true. However delete operations should follow the specification.

We created an auxilary boolean array named m_modifiedArgumentsDescriptor
to store which arguments[i] descriptor was changed from its default
property descriptor. This modification was necessary because m_overrides
was responsible to keep this information at the same time
of keeping information about arguments mapping. The problem of this apporach was
that we needed to call overridesArgument(i) as soon as the ith argument's property
descriptor was changed and it stops the argument's mapping as sideffect, producing
wrong behavior.
To keep tracking arguments mapping status, we renamed DirectArguments::m_overrides to
DirectArguments::m_mappedArguments and now we it is responsible to manage if an
argument[i] is mapped or not.
With these 2 structures, now it is possible to an argument[i] have its property
descriptor modified and don't stop the mapping as soon as it happens. One example
of that wrong behavior can be found on arguments-bizarre-behaviour-disable-enumerability
test case, that now is fixed by this new mechanism.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::generateWithGuard):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetByValOnDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileCreateDirectArguments):

  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateDirectArguments):

  • jit/JITOperations.cpp:

(JSC::canAccessArgumentIndexQuickly):

  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitDirectArgumentsGetByVal):

  • runtime/DirectArguments.cpp:

(JSC::DirectArguments::estimatedSize):
(JSC::DirectArguments::visitChildren):
(JSC::DirectArguments::overrideThings):
(JSC::DirectArguments::overrideThingsIfNecessary):
(JSC::DirectArguments::unmapArgument):
(JSC::DirectArguments::copyToArguments):
(JSC::DirectArguments::overridesSize):
(JSC::DirectArguments::overrideArgument): Deleted.

  • runtime/DirectArguments.h:

(JSC::DirectArguments::length):
(JSC::DirectArguments::isMappedArgument):
(JSC::DirectArguments::isMappedArgumentInDFG):
(JSC::DirectArguments::getIndexQuickly):
(JSC::DirectArguments::setIndexQuickly):
(JSC::DirectArguments::overrodeThings):
(JSC::DirectArguments::initModifiedArgumentsDescriptorIfNecessary):
(JSC::DirectArguments::setModifiedArgumentDescriptor):
(JSC::DirectArguments::isModifiedArgumentDescriptor):
(JSC::DirectArguments::offsetOfMappedArguments):
(JSC::DirectArguments::offsetOfModifiedArgumentsDescriptor):
(JSC::DirectArguments::canAccessIndexQuickly): Deleted.
(JSC::DirectArguments::canAccessArgumentIndexQuicklyInDFG): Deleted.
(JSC::DirectArguments::offsetOfOverrides): Deleted.

  • runtime/GenericArguments.h:
  • runtime/GenericArgumentsInlines.h:

(JSC::GenericArguments<Type>::visitChildren):
(JSC::GenericArguments<Type>::getOwnPropertySlot):
(JSC::GenericArguments<Type>::getOwnPropertySlotByIndex):
(JSC::GenericArguments<Type>::getOwnPropertyNames):
(JSC::GenericArguments<Type>::put):
(JSC::GenericArguments<Type>::putByIndex):
(JSC::GenericArguments<Type>::deleteProperty):
(JSC::GenericArguments<Type>::deletePropertyByIndex):
(JSC::GenericArguments<Type>::defineOwnProperty):
(JSC::GenericArguments<Type>::initModifiedArgumentsDescriptor):
(JSC::GenericArguments<Type>::initModifiedArgumentsDescriptorIfNecessary):
(JSC::GenericArguments<Type>::setModifiedArgumentDescriptor):
(JSC::GenericArguments<Type>::isModifiedArgumentDescriptor):
(JSC::GenericArguments<Type>::copyToArguments):

  • runtime/ScopedArguments.cpp:

(JSC::ScopedArguments::visitChildren):
(JSC::ScopedArguments::unmapArgument):
(JSC::ScopedArguments::overrideArgument): Deleted.

  • runtime/ScopedArguments.h:

(JSC::ScopedArguments::isMappedArgument):
(JSC::ScopedArguments::isMappedArgumentInDFG):
(JSC::ScopedArguments::getIndexQuickly):
(JSC::ScopedArguments::setIndexQuickly):
(JSC::ScopedArguments::initModifiedArgumentsDescriptorIfNecessary):
(JSC::ScopedArguments::setModifiedArgumentDescriptor):
(JSC::ScopedArguments::isModifiedArgumentDescriptor):
(JSC::ScopedArguments::canAccessIndexQuickly): Deleted.
(JSC::ScopedArguments::canAccessArgumentIndexQuicklyInDFG): Deleted.

10:00 AM Changeset in webkit [210145] by Alan Bujtas
  • 8 edits in trunk/Source/WebCore

RenderBlockFlow::moveFloatsTo does not move floats.
https://bugs.webkit.org/show_bug.cgi?id=166467

Reviewed by Darin Adler.

RenderBlockFlow::moveFloatsTo name is misleading. Floats are not moved from "this" to
the new RenderBlockFlow parent, but rather they are copied so that overhanging floats
don't get lost.

Covered by existing tests.

  • rendering/FloatingObjects.cpp:

(WebCore::FloatingObject::cloneForNewParent):
(WebCore::FloatingObject::unsafeClone): Deleted.

  • rendering/FloatingObjects.h:
  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::addFloatsToNewParent):
(WebCore::RenderBlockFlow::moveAllChildrenIncludingFloatsTo):
(WebCore::RenderBlockFlow::moveFloatsTo): Deleted.

  • rendering/RenderBlockFlow.h:
  • rendering/RenderRubyBase.cpp:

(WebCore::RenderRubyBase::mergeChildrenWithBase):

  • rendering/RenderRubyBase.h:
  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::removeChild):

Note: See TracTimeline for information about the timeline view.