Timeline



Jan 18, 2016:

11:57 PM Changeset in webkit [195252] by Carlos Garcia Campos
  • 4 edits
    3 adds in releases/WebKitGTK/webkit-2.10

Merge r194888 - Inconsistencies in main resource load delegates when loading from history
https://bugs.webkit.org/show_bug.cgi?id=150927

Reviewed by Michael Catanzaro.

Source/WebCore:

When restoring a page from the page cache, even though there
isn't an actual load of resources, we are still emitting the load
delegates to let the API layer know there are contents being
loaded in the web view. This makes the page cache restoring
transparent for the API layer. However, when restoring a page from
the cache, all the delegates are emitted after the load is
committed. This is not consistent with real loads, where we first
load the main resource and once we get a response we commit the
load. This inconsistency is problematic if the API layer expects
to always have a main resource with a response when the load is
committed. This is the case of the GTK+ port, for example. So,
this patch ensures that when a page is restored from the page
cache, the main resource load delegates that are emitted until a
response is received in normal loads, are emitted before the load
is committed.

Test: http/tests/loading/main-resource-delegates-on-back-navigation.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad): When loading from
the page cache, send delegate messages up to didReceiveResponse
for the main resource before the load is committed, and the
remaining messages afterwards.

LayoutTests:

Add test to check that main resource load delegates are emitted in
the same order before the load is committed when loading a page
from history with the page cache enabled and disabled.

  • http/tests/loading/main-resource-delegates-on-back-navigation-expected.txt: Added.
  • http/tests/loading/main-resource-delegates-on-back-navigation.html: Added.
  • http/tests/loading/resources/page-go-back-onload.html: Added.
  • loader/go-back-cached-main-resource-expected.txt:
11:51 PM Changeset in webkit [195251] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194867 - Padding added to table-cell element after font-size change.
https://bugs.webkit.org/show_bug.cgi?id=152796

Reviewed by David Hyatt.

Do not include intrinsicPaddingBefore value while figuring out the height of a row.
In RenderTableSection::calcRowLogicalHeight() we are interested in the height of the content
without the additional padding (normal padding is included).

Source/WebCore:

Test: fast/table/table-baseline-grows.html

  • rendering/RenderTableSection.cpp:

(WebCore::RenderTableSection::calcRowLogicalHeight):

LayoutTests:

  • TestExpectations: This test fails even without the patch when Ahem font is not used.
  • fast/table/table-baseline-grows-expected.html: Added.
  • fast/table/table-baseline-grows.html: Added.
11:44 PM Changeset in webkit [195250] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r194846 - [WK2][GTK] Propagate motion-notify-event signals from the WebView
https://bugs.webkit.org/show_bug.cgi?id=152974

Reviewed by Carlos Garcia Campos.

Always propagate motion-notify-event signals, regardless of what the
web process does, so that we can listen for those events (which does
not act on specific targets inside the webview) from the container
widget too, and not just from the WebView itself.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseMotionNotifyEvent): Ensure the signal gets propagated.

11:41 PM Changeset in webkit [195249] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194823 - REGRESSION (r194426): First email field is not autofilled on amazon.com
https://bugs.webkit.org/show_bug.cgi?id=152945
<rdar://problem/24082914>

Reviewed by Simon Fraser.

r194426 missed marking the m_layoutRoot for layout while converting to full layout (it only marked the new layout root).

Source/WebCore:

Test: fast/forms/multiple-subtree-layout-failure.html

  • page/FrameView.cpp:

(WebCore::FrameView::scheduleRelayoutOfSubtree):

LayoutTests:

  • fast/forms/multiple-subtree-layout-failure-expected.html: Added.
  • fast/forms/multiple-subtree-layout-failure.html: Added.
11:37 PM Changeset in webkit [195248] by rniwa@webkit.org
  • 13 edits
    1 copy
    1 move
    1 add in trunk

createAttribute should lowercase the attribute name in a HTML document
https://bugs.webkit.org/show_bug.cgi?id=153112

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline a test now that it's passing all test cases.

  • web-platform-tests/dom/nodes/Document-createAttribute-expected.txt:

Source/WebCore:

In a HTML document, we should always lowercase localName in document.createAttribute as specified in
https://dom.spec.whatwg.org/#dom-document-createattribute:

  1. If localName does not match the Name production in XML, throw an InvalidCharacterError exception.
  2. If the context object is an HTML document, let localName be converted to ASCII lowercase.
  3. Return a new attribute whose local name is localName.

Change WebKit's behavior to match the spec as well as Firefox. document.createAttributeNS will
continue to preserve the case as spec'ed.

No new tests are added since the behavior change is covered by existing tests.

  • dom/Document.cpp:

(WebCore::Document::createAttribute):

LayoutTests:

Update tests, rebaseline tests, and add more test cases as needed.

createAttribute lowercases localName and getAttributeNode finds attribute ignoring cases
whereas createAttributeNS preserves localName's case and getAttributeNodeNS finds attribute preserving cases

  • fast/dom/Element/mozilla-dom-base-tests/test_bug1075702-expected.txt: Since the test is adding "aa" as well

as "AA" as Attr nodes, we should be able to get both.

  • fast/dom/Element/mozilla-dom-base-tests/test_bug1075702.xhtml: Renamed from .html file since test cases here

are more relevant for XHTML documents.

  • fast/dom/Element/getAttribute-check-case-sensitivity-expected.txt:
  • fast/dom/Element/script-tests/getAttribute-check-case-sensitivity.js:

(testGetAttributeNodeMixedCase): Change the test case to retrieve the attribute name with lowercase name
since createAttribute always lowercases the name in a HTML document.
(testAttribNodeNamePreservesCase): Use getAttributeNode instead of getAttributeNodeNS since the former does
case insensitive lookup as needed here.
(testAttribNodeNamePreservesCaseGetNode): Ditto.
(testAttribNodeNamePreservesCaseGetNode2): Ditto. Use createAttributeNS to create a case-preserving Attr node.

  • fast/dom/Element/setAttributeNode-case-insensitivity-expected.txt:
  • fast/dom/Element/setAttributeNode-case-insensitivity.html: Since getAttributeNode does a case-insensitive

lookup, we should be getting the same Attr node for both 'style' and 'STYLE'.

  • fast/dom/Element/setAttributeNode-for-existing-attribute-expected.txt: Rebaselined. This is a progression

since we're now getting "green" when querying style.backgroundColor as expected.

  • fast/dom/Element/setAttributeNode-overriding-lowercase-values-1-expected.txt:
  • fast/dom/Element/setAttributeNode-overriding-lowercase-values-1.html: Updated test cases for new behavior.
  • fast/dom/Element/setAttributeNode-overriding-lowercase-values-1-xml-expected.txt: Added.
  • fast/dom/Element/setAttributeNode-overriding-lowercase-values-1-xml.xhtml: Added. Test behaviors in a XML

document.

10:02 PM Changeset in webkit [195247] by beidson@apple.com
  • 9 edits
    1 copy
    301 adds in trunk

Modern IDB: Add private-browsing variant for many IDB tests, and enable private browsing in Modern IDB.
https://bugs.webkit.org/show_bug.cgi?id=153179

Reviewed by Darin Adler.

Source/WebCore:

Tests: Many private-browsing copies of existing IDB tests.

  • Modules/indexeddb/client/IDBFactoryImpl.cpp:

(WebCore::IDBClient::shouldThrowSecurityException): Allow IDB access in private browsing.

LayoutTests:

Update many expectations files to skip some of the new tests on some platforms:

  • TestExpectations:
  • platform/mac-wk1/TestExpectations:
  • platform/wk2/TestExpectations:

Add a special case for URLs that end with "-private.html" to enable private browsing:

  • resources/js-test.js:

Add a whole bunch of -private.html wrappers along with new test expectations, along
with some minor test changes to remove unnecessary ambiguity due to .html filename:

  • storage/indexeddb/aborted-versionchange-closes-private-expected.txt: Added.
  • storage/indexeddb/aborted-versionchange-closes-private.html: Added.
  • storage/indexeddb/basics-private-expected.txt: Added.
  • storage/indexeddb/basics-private.html: Added.
  • storage/indexeddb/create-and-remove-object-store-private-expected.txt: Added.
  • storage/indexeddb/create-and-remove-object-store-private.html: Added.
  • storage/indexeddb/create-object-store-options-private-expected.txt: Added.
  • storage/indexeddb/create-object-store-options-private.html: Added.
  • storage/indexeddb/createIndex-after-failure-private-expected.txt: Added.
  • storage/indexeddb/createIndex-after-failure-private.html: Added.
  • storage/indexeddb/createObjectStore-name-argument-required-private-expected.txt: Added.
  • storage/indexeddb/createObjectStore-name-argument-required-private.html: Added.
  • storage/indexeddb/createObjectStore-null-name-private-expected.txt: Added.
  • storage/indexeddb/createObjectStore-null-name-private.html: Added.
  • storage/indexeddb/cursor-added-bug-private-expected.txt: Added.
  • storage/indexeddb/cursor-added-bug-private.html: Added.
  • storage/indexeddb/cursor-advance-private-expected.txt: Added.
  • storage/indexeddb/cursor-advance-private.html: Added.
  • storage/indexeddb/cursor-basics-private-expected.txt: Added.
  • storage/indexeddb/cursor-basics-private.html: Added.
  • storage/indexeddb/cursor-continue-dir-private-expected.txt: Added.
  • storage/indexeddb/cursor-continue-dir-private.html: Added.
  • storage/indexeddb/cursor-continue-private-expected.txt: Added.
  • storage/indexeddb/cursor-continue-private.html: Added.
  • storage/indexeddb/cursor-continue-validity-private-expected.txt: Added.
  • storage/indexeddb/cursor-continue-validity-private.html: Added.
  • storage/indexeddb/cursor-delete-private-expected.txt: Added.
  • storage/indexeddb/cursor-delete-private.html: Added.
  • storage/indexeddb/cursor-finished-private-expected.txt: Added.
  • storage/indexeddb/cursor-finished-private.html: Added.
  • storage/indexeddb/cursor-inconsistency-private-expected.txt: Added.
  • storage/indexeddb/cursor-inconsistency-private.html: Added.
  • storage/indexeddb/cursor-index-delete-private-expected.txt: Added.
  • storage/indexeddb/cursor-index-delete-private.html: Added.
  • storage/indexeddb/cursor-key-order-private-expected.txt: Added.
  • storage/indexeddb/cursor-key-order-private.html: Added.
  • storage/indexeddb/cursor-prev-no-duplicate-private-expected.txt: Added.
  • storage/indexeddb/cursor-prev-no-duplicate-private.html: Added.
  • storage/indexeddb/cursor-primary-key-order-private-expected.txt: Added.
  • storage/indexeddb/cursor-primary-key-order-private.html: Added.
  • storage/indexeddb/cursor-properties-private-expected.txt: Added.
  • storage/indexeddb/cursor-properties-private.html: Added.
  • storage/indexeddb/cursor-reverse-bug-private-expected.txt: Added.
  • storage/indexeddb/cursor-reverse-bug-private.html: Added.
  • storage/indexeddb/cursor-skip-deleted-private-expected.txt: Added.
  • storage/indexeddb/cursor-skip-deleted-private.html: Added.
  • storage/indexeddb/cursor-update-private-expected.txt: Added.
  • storage/indexeddb/cursor-update-private.html: Added.
  • storage/indexeddb/cursor-update-value-argument-required-private-expected.txt: Added.
  • storage/indexeddb/cursor-update-value-argument-required-private.html: Added.
  • storage/indexeddb/cursor-value-private-expected.txt: Added.
  • storage/indexeddb/cursor-value-private.html: Added.
  • storage/indexeddb/database-basics-private-expected.txt: Added.
  • storage/indexeddb/database-basics-private.html: Added.
  • storage/indexeddb/database-close-private-expected.txt: Added.
  • storage/indexeddb/database-close-private.html: Added.
  • storage/indexeddb/database-closepending-flag-private-expected.txt: Added.
  • storage/indexeddb/database-closepending-flag-private.html: Added.
  • storage/indexeddb/database-deletepending-flag-private-expected.txt: Added.
  • storage/indexeddb/database-deletepending-flag-private.html: Added.
  • storage/indexeddb/database-name-undefined-private-expected.txt: Added.
  • storage/indexeddb/database-name-undefined-private.html: Added.
  • storage/indexeddb/database-odd-names-private-expected.txt: Added.
  • storage/indexeddb/database-odd-names-private.html: Added.
  • storage/indexeddb/database-quota-private-expected.txt: Added.
  • storage/indexeddb/database-quota-private.html: Added.
  • storage/indexeddb/database-wrapper-private-expected.txt: Added.
  • storage/indexeddb/database-wrapper-private.html: Added.
  • storage/indexeddb/delete-closed-database-object-private-expected.txt: Added.
  • storage/indexeddb/delete-closed-database-object-private.html: Added.
  • storage/indexeddb/delete-in-upgradeneeded-close-in-open-success-private-expected.txt: Added.
  • storage/indexeddb/delete-in-upgradeneeded-close-in-open-success-private.html: Added.
  • storage/indexeddb/delete-in-upgradeneeded-close-in-versionchange-private-expected.txt: Added.
  • storage/indexeddb/delete-in-upgradeneeded-close-in-versionchange-private.html: Added.
  • storage/indexeddb/delete-range-private-expected.txt: Added.
  • storage/indexeddb/delete-range-private.html: Added.
  • storage/indexeddb/deleteIndex-private-expected.txt: Added.
  • storage/indexeddb/deleteIndex-private.html: Added.
  • storage/indexeddb/deleteObjectStore-name-argument-required-private-expected.txt: Added.
  • storage/indexeddb/deleteObjectStore-name-argument-required-private.html: Added.
  • storage/indexeddb/deleteObjectStore-null-name-private-expected.txt: Added.
  • storage/indexeddb/deleteObjectStore-null-name-private.html: Added.
  • storage/indexeddb/deleted-objects-private-expected.txt: Added.
  • storage/indexeddb/deleted-objects-private.html: Added.
  • storage/indexeddb/deletedatabase-blocked-private-expected.txt: Added.
  • storage/indexeddb/deletedatabase-blocked-private.html: Added.
  • storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-private-expected.txt: Added.
  • storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-private.html: Added.
  • storage/indexeddb/deletedatabase-delayed-by-versionchange-private-expected.txt: Added.
  • storage/indexeddb/deletedatabase-not-blocked-private-expected.txt: Added.
  • storage/indexeddb/deletedatabase-not-blocked-private.html: Added.
  • storage/indexeddb/dont-wedge-private-expected.txt: Added.
  • storage/indexeddb/dont-wedge-private.html: Added.
  • storage/indexeddb/duplicates-private-expected.txt: Added.
  • storage/indexeddb/duplicates-private.html: Added.
  • storage/indexeddb/error-causes-abort-by-default-private-expected.txt: Added.
  • storage/indexeddb/error-causes-abort-by-default-private.html: Added.
  • storage/indexeddb/events-private-expected.txt: Added.
  • storage/indexeddb/events-private.html: Added.
  • storage/indexeddb/exception-in-event-aborts-private-expected.txt: Added.
  • storage/indexeddb/exception-in-event-aborts-private.html: Added.
  • storage/indexeddb/exceptions-private-expected.txt: Added.
  • storage/indexeddb/exceptions-private.html: Added.
  • storage/indexeddb/factory-cmp-private-expected.txt: Added.
  • storage/indexeddb/factory-cmp-private.html: Added.
  • storage/indexeddb/factory-deletedatabase-private-expected.txt: Added.
  • storage/indexeddb/factory-deletedatabase-private.html: Added.
  • storage/indexeddb/get-keyrange-private-expected.txt: Added.
  • storage/indexeddb/get-keyrange-private.html: Added.
  • storage/indexeddb/index-basics-private-expected.txt: Added.
  • storage/indexeddb/index-basics-private.html: Added.
  • storage/indexeddb/index-count-private-expected.txt: Added.
  • storage/indexeddb/index-count-private.html: Added.
  • storage/indexeddb/index-cursor-private-expected.txt: Added.
  • storage/indexeddb/index-cursor-private.html: Added.
  • storage/indexeddb/index-duplicate-keypaths-private-expected.txt: Added.
  • storage/indexeddb/index-duplicate-keypaths-private.html: Added.
  • storage/indexeddb/index-get-key-argument-required-private-expected.txt: Added.
  • storage/indexeddb/index-get-key-argument-required-private.html: Added.
  • storage/indexeddb/index-multientry-private-expected.txt: Added.
  • storage/indexeddb/index-multientry-private.html: Added.
  • storage/indexeddb/index-population-private-expected.txt: Added.
  • storage/indexeddb/index-population-private.html: Added.
  • storage/indexeddb/index-unique-private-expected.txt: Added.
  • storage/indexeddb/index-unique-private.html: Added.
  • storage/indexeddb/interfaces-private-expected.txt: Added.
  • storage/indexeddb/interfaces-private.html: Added.
  • storage/indexeddb/intversion-abort-in-initial-upgradeneeded-private-expected.txt: Added.
  • storage/indexeddb/intversion-abort-in-initial-upgradeneeded-private.html: Added.
  • storage/indexeddb/intversion-bad-parameters-private-expected.txt: Added.
  • storage/indexeddb/intversion-bad-parameters-private.html: Added.
  • storage/indexeddb/intversion-blocked-private-expected.txt: Added.
  • storage/indexeddb/intversion-blocked-private.html: Added.
  • storage/indexeddb/intversion-close-between-events-private-expected.txt: Added.
  • storage/indexeddb/intversion-close-between-events-private.html: Added.
  • storage/indexeddb/intversion-close-in-oncomplete-private-expected.txt: Added.
  • storage/indexeddb/intversion-close-in-oncomplete-private.html: Added.
  • storage/indexeddb/intversion-close-in-upgradeneeded-private-expected.txt: Added.
  • storage/indexeddb/intversion-close-in-upgradeneeded-private.html: Added.
  • storage/indexeddb/intversion-encoding-private-expected.txt: Added.
  • storage/indexeddb/intversion-encoding-private.html: Added.
  • storage/indexeddb/intversion-gated-on-delete-private-expected.txt: Added.
  • storage/indexeddb/intversion-gated-on-delete-private.html: Added.
  • storage/indexeddb/intversion-long-queue-private-expected.txt: Added.
  • storage/indexeddb/intversion-long-queue-private.html: Added.
  • storage/indexeddb/intversion-omit-parameter-private-expected.txt: Added.
  • storage/indexeddb/intversion-omit-parameter-private.html: Added.
  • storage/indexeddb/intversion-open-in-upgradeneeded-private-expected.txt: Added.
  • storage/indexeddb/intversion-open-in-upgradeneeded-private.html: Added.
  • storage/indexeddb/intversion-open-with-version-private-expected.txt: Added.
  • storage/indexeddb/intversion-open-with-version-private.html: Added.
  • storage/indexeddb/intversion-pending-version-changes-ascending-private-expected.txt: Added.
  • storage/indexeddb/intversion-pending-version-changes-ascending-private.html: Added.
  • storage/indexeddb/intversion-pending-version-changes-descending-private-expected.txt: Added.
  • storage/indexeddb/intversion-pending-version-changes-descending-private.html: Added.
  • storage/indexeddb/intversion-pending-version-changes-same-private-expected.txt: Added.
  • storage/indexeddb/intversion-pending-version-changes-same-private.html: Added.
  • storage/indexeddb/intversion-persistence-private-expected.txt: Added.
  • storage/indexeddb/intversion-persistence-private.html: Added.
  • storage/indexeddb/intversion-revert-on-abort-private-expected.txt: Added.
  • storage/indexeddb/intversion-revert-on-abort-private.html: Added.
  • storage/indexeddb/intversion-two-opens-no-versions-private-expected.txt: Added.
  • storage/indexeddb/intversion-two-opens-no-versions-private.html: Added.
  • storage/indexeddb/intversion-upgrades-private-expected.txt: Added.
  • storage/indexeddb/intversion-upgrades-private.html: Added.
  • storage/indexeddb/invalid-keys-private-expected.txt: Added.
  • storage/indexeddb/invalid-keys-private.html: Added.
  • storage/indexeddb/key-generator-private-expected.txt: Added.
  • storage/indexeddb/key-generator-private.html: Added.
  • storage/indexeddb/key-sort-order-across-types-private-expected.txt: Added.
  • storage/indexeddb/key-sort-order-across-types-private.html: Added.
  • storage/indexeddb/key-sort-order-date-private-expected.txt: Added.
  • storage/indexeddb/key-sort-order-date-private.html: Added.
  • storage/indexeddb/key-type-array-private-expected.txt: Added.
  • storage/indexeddb/key-type-array-private.html: Added.
  • storage/indexeddb/key-type-binary-private-expected.txt: Added.
  • storage/indexeddb/key-type-binary-private.html: Added.
  • storage/indexeddb/key-type-infinity-private-expected.txt: Added.
  • storage/indexeddb/key-type-infinity-private.html: Added.
  • storage/indexeddb/keypath-arrays-private-expected.txt: Added.
  • storage/indexeddb/keypath-arrays-private.html: Added.
  • storage/indexeddb/keypath-basics-private-expected.txt: Added.
  • storage/indexeddb/keypath-basics-private.html: Added.
  • storage/indexeddb/keypath-edges-private-expected.txt: Added.
  • storage/indexeddb/keypath-edges-private.html: Added.
  • storage/indexeddb/keypath-fetch-key-private-expected.txt: Added.
  • storage/indexeddb/keypath-fetch-key-private.html: Added.
  • storage/indexeddb/keypath-intrinsic-properties-private-expected.txt: Added.
  • storage/indexeddb/keypath-intrinsic-properties-private.html: Added.
  • storage/indexeddb/keyrange-private-expected.txt: Added.
  • storage/indexeddb/keyrange-private.html: Added.
  • storage/indexeddb/keyrange-required-arguments-private-expected.txt: Added.
  • storage/indexeddb/keyrange-required-arguments-private.html: Added.
  • storage/indexeddb/lazy-index-types-private-expected.txt: Added.
  • storage/indexeddb/lazy-index-types-private.html: Added.
  • storage/indexeddb/legacy-constants-private-expected.txt: Added.
  • storage/indexeddb/legacy-constants-private.html: Added.
  • storage/indexeddb/list-ordering-private-expected.txt: Added.
  • storage/indexeddb/list-ordering-private.html: Added.
  • storage/indexeddb/metadata-private-expected.txt: Added.
  • storage/indexeddb/metadata-private.html: Added.
  • storage/indexeddb/mutating-cursor-private-expected.txt: Added.
  • storage/indexeddb/mutating-cursor-private.html: Added.
  • storage/indexeddb/objectStore-required-arguments-private-expected.txt: Added.
  • storage/indexeddb/objectStore-required-arguments-private.html: Added.
  • storage/indexeddb/objectstore-autoincrement-private-expected.txt: Added.
  • storage/indexeddb/objectstore-autoincrement-private.html: Added.
  • storage/indexeddb/objectstore-basics-private-expected.txt: Added.
  • storage/indexeddb/objectstore-basics-private.html: Added.
  • storage/indexeddb/objectstore-clear-private-expected.txt: Added.
  • storage/indexeddb/objectstore-clear-private.html: Added.
  • storage/indexeddb/objectstore-count-private-expected.txt: Added.
  • storage/indexeddb/objectstore-count-private.html: Added.
  • storage/indexeddb/objectstore-cursor-private-expected.txt: Added.
  • storage/indexeddb/objectstore-cursor-private.html: Added.
  • storage/indexeddb/objectstore-removeobjectstore-private-expected.txt: Added.
  • storage/indexeddb/objectstore-removeobjectstore-private.html: Added.
  • storage/indexeddb/odd-strings-private-expected.txt: Added.
  • storage/indexeddb/odd-strings-private.html: Added.
  • storage/indexeddb/open-cursor-private-expected.txt: Added.
  • storage/indexeddb/open-cursor-private.html: Added.
  • storage/indexeddb/open-during-transaction-private-expected.txt: Added.
  • storage/indexeddb/open-during-transaction-private.html: Added.
  • storage/indexeddb/open-ordering-private-expected.txt: Added.
  • storage/indexeddb/open-ordering-private.html: Added.
  • storage/indexeddb/opencursor-key-private-expected.txt: Added.
  • storage/indexeddb/opencursor-key-private.html: Added.
  • storage/indexeddb/pending-activity-private-expected.txt: Added.
  • storage/indexeddb/pending-activity-private.html: Added.
  • storage/indexeddb/pending-version-change-on-exit-private-expected.txt: Added.
  • storage/indexeddb/pending-version-change-on-exit-private.html: Added.
  • storage/indexeddb/pending-version-change-stuck-private-expected.txt: Added.
  • storage/indexeddb/pending-version-change-stuck-private.html: Added.
  • storage/indexeddb/persistence-expected.txt:
  • storage/indexeddb/persistence-private-expected.txt: Copied from LayoutTests/storage/indexeddb/persistence-expected.txt.
  • storage/indexeddb/persistence-private.html: Added.
  • storage/indexeddb/prefetch-bugfix-108071-private-expected.txt: Added.
  • storage/indexeddb/prefetch-bugfix-108071-private.html: Added.
  • storage/indexeddb/queued-commands-private-expected.txt: Added.
  • storage/indexeddb/queued-commands-private.html: Added.
  • storage/indexeddb/readonly-private-expected.txt: Added.
  • storage/indexeddb/readonly-private.html: Added.
  • storage/indexeddb/readonly-properties-private-expected.txt: Added.
  • storage/indexeddb/readonly-properties-private.html: Added.
  • storage/indexeddb/removed-private-expected.txt: Added.
  • storage/indexeddb/removed-private.html: Added.
  • storage/indexeddb/request-continue-abort-private-expected.txt: Added.
  • storage/indexeddb/request-continue-abort-private.html: Added.
  • storage/indexeddb/request-event-propagation-private-expected.txt: Added.
  • storage/indexeddb/request-event-propagation-private.html: Added.
  • storage/indexeddb/resources/persistence.js:
  • storage/indexeddb/set_version_blocked-private-expected.txt: Added.
  • storage/indexeddb/set_version_blocked-private.html: Added.
  • storage/indexeddb/setversion-blocked-by-versionchange-close-private-expected.txt: Added.
  • storage/indexeddb/setversion-blocked-by-versionchange-close-private.html: Added.
  • storage/indexeddb/setversion-not-blocked-private-expected.txt: Added.
  • storage/indexeddb/setversion-not-blocked-private.html: Added.
  • storage/indexeddb/transaction-abort-private-expected.txt: Added.
  • storage/indexeddb/transaction-abort-private.html: Added.
  • storage/indexeddb/transaction-active-flag-private-expected.txt: Added.
  • storage/indexeddb/transaction-active-flag-private.html: Added.
  • storage/indexeddb/transaction-after-close-private-expected.txt: Added.
  • storage/indexeddb/transaction-after-close-private.html: Added.
  • storage/indexeddb/transaction-and-objectstore-calls-private-expected.txt: Added.
  • storage/indexeddb/transaction-and-objectstore-calls-private.html: Added.
  • storage/indexeddb/transaction-basics-private-expected.txt: Added.
  • storage/indexeddb/transaction-basics-private.html: Added.
  • storage/indexeddb/transaction-complete-workers-private-expected.txt: Added.
  • storage/indexeddb/transaction-complete-workers-private.html: Added.
  • storage/indexeddb/transaction-coordination-across-databases-private-expected.txt: Added.
  • storage/indexeddb/transaction-coordination-across-databases-private.html: Added.
  • storage/indexeddb/transaction-coordination-within-database-private-expected.txt: Added.
  • storage/indexeddb/transaction-coordination-within-database-private.html: Added.
  • storage/indexeddb/transaction-crash-on-abort-private-expected.txt: Added.
  • storage/indexeddb/transaction-crash-on-abort-private.html: Added.
  • storage/indexeddb/transaction-error-private-expected.txt: Added.
  • storage/indexeddb/transaction-error-private.html: Added.
  • storage/indexeddb/transaction-event-propagation-private-expected.txt: Added.
  • storage/indexeddb/transaction-event-propagation-private.html: Added.
  • storage/indexeddb/transaction-read-only-private-expected.txt: Added.
  • storage/indexeddb/transaction-read-only-private.html: Added.
  • storage/indexeddb/transaction-readwrite-exclusive-private-expected.txt: Added.
  • storage/indexeddb/transaction-readwrite-exclusive-private.html: Added.
  • storage/indexeddb/transaction-rollback-private-expected.txt: Added.
  • storage/indexeddb/transaction-rollback-private.html: Added.
  • storage/indexeddb/transaction-scope-sequencing-private-expected.txt: Added.
  • storage/indexeddb/transaction-scope-sequencing-private.html: Added.
  • storage/indexeddb/transaction-starvation-private-expected.txt: Added.
  • storage/indexeddb/transaction-storeNames-required-private-expected.txt: Added.
  • storage/indexeddb/transaction-storeNames-required-private.html: Added.
  • storage/indexeddb/unblocked-version-changes-private-expected.txt: Added.
  • storage/indexeddb/unblocked-version-changes-private.html: Added.
  • storage/indexeddb/unprefix-private-expected.txt: Added.
  • storage/indexeddb/unprefix-private.html: Added.
  • storage/indexeddb/value-undefined-private-expected.txt: Added.
  • storage/indexeddb/value-undefined-private.html: Added.
  • storage/indexeddb/values-odd-types-private-expected.txt: Added.
  • storage/indexeddb/values-odd-types-private.html: Added.
  • storage/indexeddb/version-change-abort-private-expected.txt: Added.
  • storage/indexeddb/version-change-abort-private.html: Added.
  • storage/indexeddb/version-change-exclusive-private-expected.txt: Added.
  • storage/indexeddb/version-change-exclusive-private.html: Added.
  • storage/indexeddb/versionchangerequest-activedomobject-private-expected.txt: Added.
  • storage/indexeddb/versionchangerequest-activedomobject-private.html: Added.
8:08 PM Changeset in webkit [195246] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

assertions in BytecodeUseDef.h about opcode length are off by one
https://bugs.webkit.org/show_bug.cgi?id=153215

Reviewed by Dan Bernstein.

  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):

8:05 PM Changeset in webkit [195245] by clopez@igalia.com
  • 2 edits in trunk/Tools

[GTK][EFL] Layout tests abort with PulseAudioSanitizer instance has no attribute '_pa_module_index' when the build is not ready.
https://bugs.webkit.org/show_bug.cgi?id=153216

Reviewed by Michael Catanzaro.

  • Scripts/webkitpy/port/pulseaudio_sanitizer.py:

(PulseAudioSanitizer.init): initialize _pa_module_index in the constructor.

7:28 PM Changeset in webkit [195244] by eric.carlson@apple.com
  • 2 edits in trunk/Source/WebCore

[iOS Simulator WK1] ASSERT loading Blink layout test imported/web-platform-tests/mediacapture-streams/stream-api/mediastream/mediastream-idl.html
https://bugs.webkit.org/show_bug.cgi?id=153070
<rdar://problem/24183105>

Reviewed by Darin Adler.

No new tests, this prevents an existing test from crashing.

  • platform/mock/MockRealtimeVideoSource.cpp:

(WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource): Create the timer with RunLoop::current

instead of RunLoop::main.

6:56 PM Changeset in webkit [195243] by Gyuyoung Kim
  • 18 edits in trunk/Source/WebCore

Reduce PassRefPtr uses in dom - 3
https://bugs.webkit.org/show_bug.cgi?id=153055

Reviewed by Darin Adler.

Third patch to reduce uses of PassRefPtr in WebCore/dom.

  • dom/MutationObserverInterestGroup.cpp:

(WebCore::MutationObserverInterestGroup::enqueueMutationRecord):

  • dom/MutationRecord.cpp:

(WebCore::MutationRecord::createChildList):
(WebCore::MutationRecord::createAttributes):
(WebCore::MutationRecord::createCharacterData):
(WebCore::MutationRecord::createWithNullOldValue):

  • dom/MutationRecord.h:
  • dom/NamedFlowCollection.cpp:

(WebCore::NamedFlowCollection::createCSSOMSnapshot):

  • dom/NamedFlowCollection.h:
  • dom/PendingScript.cpp:

(WebCore::PendingScript::releaseElementAndClear):

  • dom/PendingScript.h:
  • dom/ScriptRunner.h:
  • dom/SecurityContext.h:
  • dom/ShadowRoot.cpp:

(WebCore::ShadowRoot::cloneNode):

  • dom/ShadowRoot.h:
  • dom/SpaceSplitString.cpp:

(WebCore::SpaceSplitStringData::create):

  • dom/SpaceSplitString.h:
  • dom/TreeWalker.cpp:

(WebCore::TreeWalker::setCurrent):
(WebCore::TreeWalker::parentNode):
(WebCore::TreeWalker::previousNode):
(WebCore::TreeWalker::nextNode):

  • dom/TreeWalker.h:
  • dom/default/PlatformMessagePortChannel.cpp:

(WebCore::PlatformMessagePortChannel::entangledChannel):

  • dom/default/PlatformMessagePortChannel.h:
5:23 PM Changeset in webkit [195242] by Michael Catanzaro
  • 3 edits in trunk

[CMake] Duplicate attempts to find software during cmake stage
https://bugs.webkit.org/show_bug.cgi?id=153211

Reviewed by Martin Robinson.

  • CMakeLists.txt: Remove duplication of commands in WebKitCommon.cmake.
  • Source/cmake/WebKitCommon.cmake: Guard the entire file so it runs only once.
5:08 PM Changeset in webkit [195241] by ryuan.choi@navercorp.com
  • 7 edits in trunk/Source/WebKit2

[EFL] Remove wkView() from EwkView
https://bugs.webkit.org/show_bug.cgi?id=152604

Reviewed by Gyuyoung Kim.

  • UIProcess/API/efl/EwkView.cpp:

(EwkViewEventHandler<EVAS_CALLBACK_SHOW>::handleEvent):
(EwkViewEventHandler<EVAS_CALLBACK_HIDE>::handleEvent):
(EwkView::EwkView):
(EwkView::create):
(EwkView::wkPage):
(EwkView::isVisible):
(EwkView::setVisible):
(EwkView::setDeviceScaleFactor):
(EwkView::deviceSize):
(EwkView::displayTimerFired):
(EwkView::setViewportPosition):
(EwkView::requestExitFullScreen):
(EwkView::contentsSize):
(EwkView::setThemePath):
(EwkView::feedTouchEvent):
(EwkView::createGLSurface):
(EwkView::showContextMenu):
(EwkView::requestPopupMenu):
(EwkView::webView):
(EwkView::handleEvasObjectCalculate):
(EwkView::handleEvasObjectColorSet):
(EwkView::handleEwkViewFocusIn):
(EwkView::handleEwkViewFocusOut):
(EwkView::feedTouchEvents):
(EwkView::takeSnapshot):
(EwkView::scrollBy):
(EwkView::setBackgroundColor):
(EwkView::backgroundColor):

  • UIProcess/API/efl/EwkView.h:

(EwkView::wkView): Deleted.

  • UIProcess/API/efl/GestureRecognizer.cpp:

(WebKit::GestureHandler::handleSingleTap):

  • UIProcess/API/efl/ewk_view.cpp:

(EWKViewCreate):
(EWKViewGetWKView):
(ewk_view_fullscreen_exit):
(ewk_view_layout_fixed_set):
(ewk_view_layout_fixed_get):
(ewk_view_layout_fixed_size_set):
(ewk_view_layout_fixed_size_get):
(ewk_view_bg_color_get):
(ewk_view_contents_size_get):

  • UIProcess/efl/PageViewportControllerClientEfl.cpp:

(WebKit::PageViewportControllerClientEfl::setPageScaleFactor):

  • UIProcess/efl/ViewClientEfl.cpp:

(WebKit::ViewClientEfl::webProcessDidRelaunch):
(WebKit::ViewClientEfl::ViewClientEfl):
(WebKit::ViewClientEfl::~ViewClientEfl):

4:56 PM Changeset in webkit [195240] by n_wang@apple.com
  • 9 edits
    4 adds in trunk

AX: [Mac] Implement next/previous text marker functions using TextIterator
https://bugs.webkit.org/show_bug.cgi?id=152728

Reviewed by Chris Fleizach.

Source/WebCore:

The existing AXTextMarker based calls are implemented using visible position, and that introduced
some bugs which make VoiceOver working incorrectly on Mac sometimes. Since TextIterator uses rendering
position, we tried to use it to refactor those AXTextMarker based calls.
In this patch, I implemented functions to navigate to previous/next text marker using Range and TextIterator.
Also added a conversion between visible position and character offset to make sure unconverted text marker
related functions are still working correctly.

Tests: accessibility/mac/previous-next-text-marker.html

accessibility/mac/text-marker-with-user-select-none.html

  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::visiblePositionForTextMarkerData):
(WebCore::AXObjectCache::traverseToOffsetInRange):
(WebCore::AXObjectCache::lengthForRange):
(WebCore::AXObjectCache::rangeForNodeContents):
(WebCore::characterOffsetsInOrder):
(WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets):
(WebCore::AXObjectCache::setTextMarkerDataWithCharacterOffset):
(WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
(WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
(WebCore::AXObjectCache::nextNode):
(WebCore::AXObjectCache::previousNode):
(WebCore::AXObjectCache::visiblePositionFromCharacterOffset):
(WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
(WebCore::AXObjectCache::accessibilityObjectForTextMarkerData):
(WebCore::AXObjectCache::textMarkerDataForVisiblePosition):

  • accessibility/AXObjectCache.h:

(WebCore::CharacterOffset::CharacterOffset):
(WebCore::CharacterOffset::remaining):
(WebCore::CharacterOffset::isNull):
(WebCore::AXObjectCache::setNodeInUse):
(WebCore::AXObjectCache::removeNodeForUse):
(WebCore::AXObjectCache::isNodeInUse):

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::selectionRange):
(WebCore::AccessibilityObject::elementRange):
(WebCore::AccessibilityObject::selectText):
(WebCore::AccessibilityObject::lineRangeForPosition):
(WebCore::AccessibilityObject::replacedNodeNeedsCharacter):
(WebCore::renderListItemContainerForNode):
(WebCore::listMarkerTextForNode):
(WebCore::AccessibilityObject::listMarkerTextForNodeAndPosition):
(WebCore::AccessibilityObject::stringForRange):
(WebCore::AccessibilityObject::stringForVisiblePositionRange):
(WebCore::replacedNodeNeedsCharacter): Deleted.

  • accessibility/AccessibilityObject.h:

(WebCore::AccessibilityObject::visiblePositionRange):
(WebCore::AccessibilityObject::visiblePositionRangeForLine):
(WebCore::AccessibilityObject::boundsForVisiblePositionRange):
(WebCore::AccessibilityObject::setSelectedVisiblePositionRange):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(isTextMarkerIgnored):
(-[WebAccessibilityObjectWrapper accessibilityObjectForTextMarker:]):
(accessibilityObjectForTextMarker):
(-[WebAccessibilityObjectWrapper textMarkerRangeFromRange:]):
(textMarkerRangeFromRange):
(-[WebAccessibilityObjectWrapper startOrEndTextMarkerForRange:isStart:]):
(startOrEndTextmarkerForRange):
(-[WebAccessibilityObjectWrapper nextTextMarkerForNode:offset:]):
(-[WebAccessibilityObjectWrapper previousTextMarkerForNode:offset:]):
(-[WebAccessibilityObjectWrapper textMarkerForNode:offset:]):
(textMarkerForCharacterOffset):
(-[WebAccessibilityObjectWrapper rangeForTextMarkerRange:]):
(-[WebAccessibilityObjectWrapper characterOffsetForTextMarker:]):
(textMarkerForVisiblePosition):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

Tools:

  • WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::accessibilityElementForTextMarker):

LayoutTests:

  • accessibility/mac/previous-next-text-marker-expected.txt: Added.
  • accessibility/mac/previous-next-text-marker.html: Added.
  • accessibility/mac/text-marker-with-user-select-none-expected.txt: Added.
  • accessibility/mac/text-marker-with-user-select-none.html: Added.
4:06 PM Changeset in webkit [195239] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[Mac] Remove unused playerToPrivateMap()
https://bugs.webkit.org/show_bug.cgi?id=153203

Patch by Olivier Blin <Olivier Blin> on 2016-01-18
Reviewed by Darin Adler.

This was used in previous EME implementations, but is unnecessary
since r163907.

No new tests since this removes dead code only.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::globalLoaderDelegateQueue): Deleted.
(WebCore::MediaPlayerPrivateAVFoundationObjC::~MediaPlayerPrivateAVFoundationObjC): Deleted.

2:15 PM Changeset in webkit [195238] by sbarati@apple.com
  • 2 edits
    1 add in trunk/Source/JavaScriptCore

FTL doesn't do proper spilling for exception handling when GetById/Snippets go to slow path
https://bugs.webkit.org/show_bug.cgi?id=153186

Reviewed by Michael Saboff.

Michael was investigating a bug he found while doing the new JSC calling
convention work and it turns out to be a latent bug in FTL try/catch machinery.
After I looked at the code again, I realized that what I had previously
written is wrong in a subtle way. The FTL callOperation machinery will remove
its result register from the set of registers it needs to spill. This is not
correct when we have try/catch. We may want to do value recovery on
the value that the result register is prior to the call after the call
throws an exception. The case that we were solving before was when the
resultRegister == baseRegister in a GetById, or left/rightRegister == resultRegister in a Snippet.
This code is correct in wanting to spill in that case, even though it might spill
when we don't need it to (i.e the result is not needed for value recovery). Once I
investigated this bug further, I realized that the previous rule is just a
partial subset of the rule that says we should spill anytime the result is
a register we might do value recovery on. This patch implements the rule that
says we always want to spill the result when we will do value recovery on it
if an exception is thrown.

  • ftl/FTLCompile.cpp:

(JSC::FTL::mmAllocateDataSection):

  • tests/stress/ftl-try-catch-getter-throw-interesting-value-recovery.js: Added.

(assert):
(random):
(identity):
(let.o2.get f):
(let.o3.get f):
(foo):
(i.else):

1:27 PM Changeset in webkit [195237] by Simon Fraser
  • 5 edits in trunk/Source/WebCore

Add TextStream-based logging for Position and VisiblePosition
https://bugs.webkit.org/show_bug.cgi?id=153195

Reviewed by Ryosuke Niwa.

Make it easy to dump Positions and VisiblePositions with a TextStream.

  • dom/Position.cpp:

(WebCore::operator<<):

  • dom/Position.h:
  • editing/VisiblePosition.cpp:

(WebCore::operator<<):

  • editing/VisiblePosition.h:
1:07 PM Changeset in webkit [195236] by commit-queue@webkit.org
  • 4 edits in trunk/Source/JavaScriptCore

[MIPS] LLInt: fix calculation of Global Offset Table
https://bugs.webkit.org/show_bug.cgi?id=150381

Offlineasm adds a .cpload $t9 when we create a label in MIPS, which
computes address of GOT. However, this instruction requires $t9 to
contain address of current function. So we need to set $t9 to pcBase,
otherwise GOT-related calculations will be invalid.

Since offlineasm does not allow direct move to $t9 on MIPS, added new
instruction setcallreg which does exactly that.

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-18
Reviewed by Michael Saboff.

  • llint/LowLevelInterpreter.asm:
  • offlineasm/instructions.rb:
  • offlineasm/mips.rb:
12:26 PM Changeset in webkit [195235] by commit-queue@webkit.org
  • 13 edits in trunk/Source

Sink the Vector<uint8_t> buffer into the SerializedScriptValue constructor
https://bugs.webkit.org/show_bug.cgi?id=142634

Patch by Zan Dobersek <zdobersek@igalia.com> on 2016-01-18
Reviewed by Darin Adler.

Source/WebCore:

Have the SerializedScriptValue constructor take in the Vector<uint8_t> buffer
through an rvalue reference, avoiding the copying into the m_data member. The
three-parameter constructor now takes in the Vector<String> blob URL object
via const reference, and the std::unique_ptr<> object via a rvalue reference.

Adjust all the call sites and affected code to now either move or copy a
non-movable object into the SerializedScriptValue constructor or the helper
methods.

No new tests -- no change in behavior.

  • bindings/js/IDBBindingUtilities.cpp:

(WebCore::deserializeIDBValueDataToJSValue):
(WebCore::deserializeIDBValueBuffer):
(WebCore::idbValueDataToJSValue):

  • bindings/js/IDBBindingUtilities.h:
  • bindings/js/SerializedScriptValue.cpp:

(WebCore::SerializedScriptValue::SerializedScriptValue):
(WebCore::SerializedScriptValue::create):
(WebCore::SerializedScriptValue::numberValue):
(WebCore::SerializedScriptValue::undefinedValue):
(WebCore::SerializedScriptValue::nullValue):

  • bindings/js/SerializedScriptValue.h:
  • testing/Internals.cpp:

(WebCore::Internals::deserializeBuffer):

Source/WebKit2:

Update API::SerializedScriptValue::adopt() to take in a Vector<uint8_t>
rvalue, moving it into the WebCore::SerializedScriptValue::adopt() call.

Update other places that are affected by the SerializedScriptValue changes.

  • DatabaseProcess/IndexedDB/sqlite/UniqueIDBDatabaseBackingStoreSQLite.cpp:

(WebKit::UniqueIDBDatabaseBackingStoreSQLite::createIndex):

  • Shared/API/APISerializedScriptValue.h:

(API::SerializedScriptValue::adopt):

  • Shared/UserData.cpp:

(WebKit::UserData::decode):

  • UIProcess/UserContent/WebUserContentControllerProxy.cpp:

(WebKit::WebUserContentControllerProxy::didPostMessage):

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::scriptValueCallback):

  • WebProcess/WebCoreSupport/SessionStateConversion.cpp:

(WebKit::applyFrameState):

11:22 AM Changeset in webkit [195234] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

[GStreamer] Remove unused m_endTime
https://bugs.webkit.org/show_bug.cgi?id=153209

Patch by Olivier Blin <Olivier Blin> on 2016-01-18
Reviewed by Michael Catanzaro.

m_endTime has been unused since r47710 in MediaPlayerPrivateGStreamer.

No new tests since this is just a member cleanup.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer): Deleted.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
8:47 AM WebKitGTK/Gardening/Calendar edited by clopez@igalia.com
(diff)
7:28 AM Changeset in webkit [195233] by Csaba Osztrogonác
  • 2 edits in trunk/Source/JavaScriptCore

REGRESSION(r194601): Fix the jsc timeout option of jsc.cpp
https://bugs.webkit.org/show_bug.cgi?id=153204

Reviewed by Michael Catanzaro.

  • jsc.cpp:

(main):

7:19 AM Changeset in webkit [195232] by Csaba Osztrogonác
  • 4 edits in trunk

[cmake] Add testair to the build system
https://bugs.webkit.org/show_bug.cgi?id=153126

Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

  • shell/CMakeLists.txt:

Tools:

  • Scripts/build-jsc:
7:17 AM Changeset in webkit [195231] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebKit2

[EFL][GTK][WK2] Fix UIProcess build with GStreamer and without VIDEO
https://bugs.webkit.org/show_bug.cgi?id=153135

Patch by Olivier Blin <Olivier Blin> on 2016-01-18
Reviewed by Michael Catanzaro.

GStreamer builds fail when WebAudio is enabled but VIDEO disabled.

This change makes the flag more consistent around the
decicePolicyForInstallMissingMediaPluginsPermissionRequest() method:
ENABLE(VIDEO) && USE(GSTREAMER) everywhere, while the code used to
test either one or the other.

This does not enable InstallMissingMediaPlugins for WebAudio, since no
code makes use of this in WebKitWebAudioSourceGStreamer.

It also fixes a naming typo for the following method:
decidePolicyForInstallMissingMediaPluginsPermissionRequest()

  • UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::decidePolicyForInstallMissingMediaPluginsPermissionRequest):

  • UIProcess/API/gtk/PageClientImpl.h:
  • UIProcess/PageClient.h:
  • UIProcess/efl/WebViewEfl.h:
  • UIProcess/gstreamer/WebPageProxyGStreamer.cpp:

(WebKit::WebPageProxy::requestInstallMissingMediaPlugins):

5:57 AM Changeset in webkit [195230] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore/platform/gtk/po

Merge r194822 - [l10n] Updated Turkish translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=152948

"Reviewed" by Michael Catanzaro.

Patch by Muhammet Kara <muhammetk@gmail.com> on 2016-01-09

  • tr.po:
5:54 AM Changeset in webkit [195229] by calvaris@igalia.com
  • 3 edits in trunk/LayoutTests/imported/w3c

[Streams API] Import tests updated to Jan 13 2016
https://bugs.webkit.org/show_bug.cgi?id=153059

Reviewed by Youenn Fablet.

Update tests after merge of https://github.com/whatwg/streams/pull/420.

  • web-platform-tests/streams-api/README.txt: Updated last version.
  • web-platform-tests/streams-api/readable-streams/bad-strategies.js: Updated.
5:54 AM Changeset in webkit [195228] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/ThirdParty/ANGLE

Merge r194780 - [ANGLE] Correct UNREACHABLE runtime assertion for void constructors
https://bugs.webkit.org/show_bug.cgi?id=152900
<rdar://problem/24107501>

Reviewed by Alex Christensen.

Tested by Khronos WebGL 1.0.4 suite.

Merge a small part of ANGLE upstream commit r284735:

commit 01971113492d9aca386f2bca021b1f4b134fc277
author Dmitry Skiba <dskiba@google.com> Fri Jul 10 18:54:00 2015
committer Jamie Madill <jmadill@chromium.org> Fri Jul 10 19:03:34 2015
tree 47e42eac00f7d64cddb14b3cc21a4e605c189d20

This issue was found by <https://www.khronos.org/registry/webgl/sdk/tests/conformance/glsl/bugs/angle-constructor-invalid-parameters.html?webglVersion=1&quiet=0>

  • src/compiler/translator/Types.cpp:

(TType::buildMangledName): Don't assert with UNREACHABLE here.

5:40 AM Changeset in webkit [195227] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194766 - [mips] Fixed unused parameter warnings
https://bugs.webkit.org/show_bug.cgi?id=152885

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-08
Reviewed by Mark Lam.

  • jit/CCallHelpers.h:

(JSC::CCallHelpers::setupArgumentsWithExecState):

5:39 AM Changeset in webkit [195226] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194764 - [mips] Max value of immediate arg of logical ops is 0xffff
https://bugs.webkit.org/show_bug.cgi?id=152884

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-08
Reviewed by Michael Saboff.

Replaced imm.m_value < 65535 checks with imm.m_value <= 65535

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::and32):
(JSC::MacroAssemblerMIPS::or32):

5:38 AM Changeset in webkit [195225] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194751 - Correct missing EXT_sRGB Format Handling
https://bugs.webkit.org/show_bug.cgi?id=152876
<rdar://problem/23284389>

Reviewed by Alex Christensen.

Tested by WebGL 1.0.4 suite.

  • platform/graphics/GraphicsContext3D.cpp:

(getDataFormat): Handle missing SRGB and SRGB_ALPHA cases.

  • platform/graphics/GraphicsContext3D.h: Add missing SRGB_ALPHA value from the Khronos standard.
  • platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:

(WebCore::GraphicsContext3D::texImage2D): Add an assertion that we are not being handed
an internal format to a method that works with normal formats.

5:35 AM Changeset in webkit [195224] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194725 - [mips] Lower immediates of logical operations.
https://bugs.webkit.org/show_bug.cgi?id=152693

On MIPS immediate operands of andi, ori, and xori are required to be 16-bit
non-negative numbers.

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-07
Reviewed by Michael Saboff.

  • offlineasm/mips.rb:
5:34 AM Changeset in webkit [195223] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194715 - [mips] Implemented missing branch patching methods.
https://bugs.webkit.org/show_bug.cgi?id=152845

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-07
Reviewed by Michael Saboff.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::canJumpReplacePatchableBranch32WithPatch):
(JSC::MacroAssemblerMIPS::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerMIPS::revertJumpReplacementToPatchableBranch32WithPatch):

5:33 AM Changeset in webkit [195222] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194713 - [mips] Make repatchCall public to fix compilation.
https://bugs.webkit.org/show_bug.cgi?id=152843

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-07
Reviewed by Michael Saboff.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::repatchCall):
(JSC::MacroAssemblerMIPS::linkCall): Deleted.

5:33 AM Changeset in webkit [195221] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194712 - [mips] Replaced subi with addi in getHostCallReturnValue
https://bugs.webkit.org/show_bug.cgi?id=152841

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-07
Reviewed by Michael Saboff.

MIPS architecture does not have subi instruction, addi with negative
number should be used instead.

  • jit/JITOperations.cpp:
5:31 AM Changeset in webkit [195220] by Carlos Garcia Campos
  • 3 edits
    4 adds in releases/WebKitGTK/webkit-2.10

Merge r194710 - Incorrect position: fixed; rendering when child of position:relative/sticky.
https://bugs.webkit.org/show_bug.cgi?id=147284

Reviewed by Simon Fraser and David Hyatt.

Computing logical left for positioned objects should take the relative positioned ancestors' offset
into account.

Source/WebCore:

Tests: fast/block/positioning/fixed-container-with-relative-parent.html

fast/block/positioning/fixed-container-with-sticky-parent.html

  • rendering/RenderBox.cpp:

(WebCore::computeInlineStaticDistance):

LayoutTests:

  • fast/block/positioning/fixed-container-with-relative-parent-expected.html: Added.
  • fast/block/positioning/fixed-container-with-relative-parent.html: Added.
  • fast/block/positioning/fixed-container-with-sticky-parent-expected.html: Added.
  • fast/block/positioning/fixed-container-with-sticky-parent.html: Added.
5:27 AM Changeset in webkit [195219] by Csaba Osztrogonác
  • 2 edits in trunk/Source/WebCore

Fix the --minimal build due to missing VM.h include
https://bugs.webkit.org/show_bug.cgi?id=153128

Reviewed by Michael Catanzaro.

  • bindings/js/WebCoreJSBuiltinInternals.h:
5:26 AM Changeset in webkit [195218] by Csaba Osztrogonác
  • 3 edits in trunk/Source/WebCore

Remove the SKIP_UNUSED_PARAM define
https://bugs.webkit.org/show_bug.cgi?id=153129

Reviewed by Michael Catanzaro.

  • bindings/js/WebCoreJSBuiltinInternals.cpp:

(WebCore::JSBuiltinInternalFunctions::visit):
(WebCore::JSBuiltinInternalFunctions::initialize):

  • bindings/js/WebCoreJSBuiltinInternals.h:
5:21 AM Changeset in webkit [195217] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194709 - [mips] GPRInfo::toArgumentRegister missing
https://bugs.webkit.org/show_bug.cgi?id=152838

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-07
Reviewed by Michael Saboff.

  • jit/GPRInfo.h:

(JSC::GPRInfo::toArgumentRegister):

5:20 AM Changeset in webkit [195216] by Carlos Garcia Campos
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194706 - Directly-composited animated GIFs never resume once scrolled offscreen
https://bugs.webkit.org/show_bug.cgi?id=152817
<rdar://problem/19982020>

Reviewed by Daniel Bates.

Source/WebCore:

Directly-composited animated GIFs would never resume once scrolled
offscreen. This is because calling repaint() in this case would not
cause BitmapImage::draw() to be called and the animation would thus
not be resumed. To address the problem,
repaintForPausedImageAnimationsIfNeeded() now calls
RenderBoxModelObject::contentChanged(ImageChanged) in addition to
repaint() to make sure the animation actually gets resumed, even in
the directly-composited animated GIF case.

Test: fast/images/composited-animated-gif-outside-viewport.html

  • platform/graphics/BitmapImage.h:

Make currentFrame() public so it can be exposed via Internals for the
purpose of testing.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded):
Call RenderBoxModelObject::contentChanged(ImageChanged) in addition to
calling repaint() to make sure the animation actually gets resumed in
the directly-composited animated GIFs case.

  • testing/Internals.cpp:

(WebCore::Internals::imageFrameIndex):

  • testing/Internals.h:
  • testing/Internals.idl:

Expose new "unsigned long imageFrameIndex(Element)" operation on
Internals so layout tests can better check if an image is actually
animating. Previously, we would rely on the output of
internals.hasPausedImageAnimations(Element) but this is not sufficient
to cover this bug as our rendering code believed it has resumed the
animations but the GIF was not actually animating due to it being
directly-composited.

LayoutTests:

Add a layout test to check that directly-composited animated GIFs are
properly suspended / resumed based on visibility inside the viewport.

  • fast/images/composited-animated-gif-outside-viewport-expected.txt: Added.
  • fast/images/composited-animated-gif-outside-viewport.html: Added.
5:08 AM Changeset in webkit [195215] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194699 - [mips] Add two missing abortWithReason implementations
https://bugs.webkit.org/show_bug.cgi?id=136753

Patch by Julien Brianceau <jbriance@cisco.com> on 2016-01-07
Reviewed by Benjamin Poulain.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::memoryFence):
(JSC::MacroAssemblerMIPS::abortWithReason):
(JSC::MacroAssemblerMIPS::readCallTarget):

5:08 AM Changeset in webkit [195214] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194697 - [SOUP] Consider reducing max simultaneous connections
https://bugs.webkit.org/show_bug.cgi?id=137282

Reviewed by Carlos Garcia Campos.

Reduce max simultaneous connections from 35 to 17, because (a) all major browsers except
Chrome use 17, and (b) Chrome uses 10. The only reason we previously used 35 was that other
browsers were using 35 at the time.

  • platform/network/soup/SoupNetworkSession.cpp:

(WebCore::SoupNetworkSession::SoupNetworkSession):

5:06 AM Changeset in webkit [195213] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194666 - Port blocking bypass issue using 307 redirect
https://bugs.webkit.org/show_bug.cgi?id=152801
<rdar://problem/24048554>

Reviewed by Anders Carlsson.

Source/WebCore:

Tested by http/tests/security/blocked-on-redirect.html.

Make sure that 307 redirects check the requested URL via 'portAllowed'.

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::willSendRequest): Confirm that the requested port
is valid, and block load if it is not.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::reportBlockedPortFailed): Added.
(WebCore::FrameLoader::blockedError): Added.

  • loader/FrameLoader.h:

LayoutTests:

  • http/tests/security/blocked-on-redirect-expected.txt: Added.
  • http/tests/security/blocked-on-redirect.html: Added.
4:56 AM Changeset in webkit [195212] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194645 - Float with media query positioned incorrectly after window resize.
https://bugs.webkit.org/show_bug.cgi?id=152558

Reviewed by Simon Fraser and David Hyatt.

This patch ensures that when a renderer becomes floated, it is moved
to the right containing block.
When this floated renderer's previous sibling is an anonymous block, it needs
to be reparented so that the float is positioned as if there was no anonymous block at all.

Source/WebCore:

Test: fast/block/float/float-with-anonymous-previous-sibling.html

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::styleDidChange):

LayoutTests:

  • fast/block/float/float-with-anonymous-previous-sibling-expected.html: Added.
  • fast/block/float/float-with-anonymous-previous-sibling.html: Added.
4:54 AM Changeset in webkit [195211] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194641 - [mips] Fix branchTruncateDoubleToUint32 implementation in macro assembler
https://bugs.webkit.org/show_bug.cgi?id=152782

Patch by Julien Brianceau <jbriance@cisco.com> on 2016-01-06
Reviewed by Benjamin Poulain.

Already covered by LayoutTests/js/dfg-uint32array-overflow-values test.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::branchTruncateDoubleToUint32):

4:54 AM Changeset in webkit [195210] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194640 - [mips] Fix or32 implementation in macro assembler
https://bugs.webkit.org/show_bug.cgi?id=152781

Reviewed by Michael Saboff.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::or32):

4:53 AM Changeset in webkit [195209] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194639 - [mips] Add missing branchAdd32 implementation in macro assembler
https://bugs.webkit.org/show_bug.cgi?id=152785

Reviewed by Michael Saboff.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::branchAdd32):

4:52 AM Changeset in webkit [195208] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194638 - isAnonymousInlineBlock() should exclude any ruby content.
https://bugs.webkit.org/show_bug.cgi?id=152648
<rdar://problem/23872549>

Reviewed by David Hyatt.

isAnonymousInlineBlock is designed for the new Block-Inside-Inline Model
and all other anonymous inline-block renderers (including Ruby) should bail out of it.
(see webkit.org/b/143145)

Source/WebCore:

Test: fast/ruby/ruby-inline-margin-collapse-crash.html

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::isAnonymousInlineBlock):

  • rendering/RenderObject.h:

(WebCore::RenderObject::isAnonymousInlineBlock): Deleted.

LayoutTests:

  • fast/ruby/ruby-inline-margin-collapse-crash-expected.txt: Added.
  • fast/ruby/ruby-inline-margin-collapse-crash.html: Added.
4:18 AM Changeset in webkit [195207] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194617 - Image should not be re-registered if m_form already exists. This leads to an assertion failure.
https://bugs.webkit.org/show_bug.cgi?id=152741
<rdar://problem/24030778>

Patch by Pranjal Jumde <pjumde@apple.com> on 2016-01-05
Reviewed by Brent Fulgham.

Source/WebCore:

  • Source/WebCore/html/HTMLImageElement.cpp: Node::InsertionNotificationRequest HTMLImageElement::insertedInto(ContainerNode& insertionPoint)

LayoutTests:

  • LayoutTests/fast/html/form-registerimg-multiple-crash-expected.txt: Added.
  • LayoutTests/fast/html/form-registerimg-multiple-crash.html: Added.
4:16 AM Changeset in webkit [195206] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194589 - Avoid NULL deference in Page::updateIsPlayingMedia
https://bugs.webkit.org/show_bug.cgi?id=152732

No new tests, this fixes a rare crash that I am unable to reproduce.

Reviewed by David Kilzer.

  • page/Page.cpp:

(WebCore::Page::updateIsPlayingMedia): frame->document() can return NULL.

4:14 AM Changeset in webkit [195205] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194576 - Shave off a TransformationMatrix copy if RenderLayer's transparencyClipBox()
https://bugs.webkit.org/show_bug.cgi?id=152119

Reviewed by Simon Fraser.

  • rendering/RenderLayer.cpp:

(WebCore::transparencyClipBox): Multiply the transformation matrix returned by
layer.transform() directly into the transform object, instead of first
multiplying them and then copying the result back into the transform object.

4:09 AM Changeset in webkit [195204] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194503 - APNG decoder: only decode the frames up to haltAtFrame
https://bugs.webkit.org/show_bug.cgi?id=146205

Patch by Max Stepin <maxstepin@gmail.com> on 2016-01-02
Reviewed by Michael Catanzaro.

No new tests, already covered by existing tests.

  • platform/image-decoders/png/PNGImageDecoder.cpp:

(WebCore::PNGImageReader::close):
(WebCore::PNGImageReader::decode):
(WebCore::PNGImageDecoder::isSizeAvailable):
(WebCore::PNGImageDecoder::frameBufferAtIndex):
(WebCore::PNGImageDecoder::pngComplete):
(WebCore::PNGImageDecoder::decode):

  • platform/image-decoders/png/PNGImageDecoder.h:

(WebCore::PNGImageDecoder::isComplete):
(WebCore::PNGImageDecoder::isCompleteAtIndex):

4:08 AM Changeset in webkit [195203] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebInspectorUI

Merge r194498 - [GTK] webkit 2.3.5 build failure with python 3.3.4
https://bugs.webkit.org/show_bug.cgi?id=128971

Reviewed by Michael Catanzaro.

Make sure that the stdin encoding is 'UTF-8' if using Python 3,
otherwise the build will break.

  • Scripts/cssmin.py:
4:05 AM Changeset in webkit [195202] by Carlos Garcia Campos
  • 6 edits
    1 add in releases/WebKitGTK/webkit-2.10

Merge r194480 - [SOUP] REGRESSION(r192761): Broke resource URIs for applications that use g_resource_load in a web extension
https://bugs.webkit.org/show_bug.cgi?id=152634

Reviewed by Carlos Garcia Campos.

Source/WebKit2:

Load GResource URIs locally, not in the network process. Applications expect calling
g_resource_load in a web extension to make it possible to load resource URIs, but that
doesn't work now that the network process is in use. Loading them locally solves this.

  • WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::WebLoaderStrategy::scheduleLoad):

Tools:

  • TestWebKitAPI/Tests/WebKit2Gtk/TestLoaderClient.cpp:

(testLoadFromGResource): Added test.
(beforeAll):

  • TestWebKitAPI/Tests/WebKit2Gtk/WebExtensionTest.cpp:

(registerGResource): Added.
(webkit_web_extension_initialize_with_user_data): Load the test gresource.

  • TestWebKitAPI/Tests/WebKit2Gtk/resources/boring.html: Added.
  • TestWebKitAPI/Tests/WebKit2Gtk/resources/webkit2gtk-tests.gresource.xml: Add an HTML file.
3:55 AM Changeset in webkit [195201] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194462 - Simple line layout: Text with stroke width is not positioned correctly.
https://bugs.webkit.org/show_bug.cgi?id=152614

Reviewed by Simon Fraser.

Visual overflow should not affect text position.

Source/WebCore:

Test: fast/text/simple-line-layout-text-position-with-stroke.html

  • rendering/SimpleLineLayoutFunctions.cpp:

(WebCore::SimpleLineLayout::paintFlow):

LayoutTests:

  • fast/text/simple-line-layout-text-position-with-stroke-expected.html: Added.
  • fast/text/simple-line-layout-text-position-with-stroke.html: Added.
3:55 AM Changeset in webkit [195200] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192564 - Simple line layout: Add letter-spacing support.
https://bugs.webkit.org/show_bug.cgi?id=151362

Reviewed by Antti Koivisto.

This enables us to use simple line layout on letter-spacing content.
(fixme: webkit.org/b/151368 -> Repaint rect is not computed correctly when negative letter-spacing applied)

Source/WebCore:

Test: fast/text/simple-line-letterspacing.html

  • rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::canUseForStyle):

  • rendering/SimpleLineLayoutFunctions.cpp:

(WebCore::SimpleLineLayout::paintFlow): RenderLineBoxList tests vertical intersection only.

  • rendering/SimpleLineLayoutTextFragmentIterator.cpp:

(WebCore::SimpleLineLayout::TextFragmentIterator::runWidth):

LayoutTests:

  • fast/text/simple-line-letterspacing-expected.html: Added.
  • fast/text/simple-line-letterspacing.html: Added.
3:49 AM Changeset in webkit [195199] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194461 - Simple line layout: Nested block with pseudo first-line parent should bail out of simple line layout.
https://bugs.webkit.org/show_bug.cgi?id=152599

Reviewed by Simon Fraser.

We should bail out of simple line layout if any of the ancestors have pseudo first-line style.
(see RenderBlock::firstLineBlock())

Source/WebCore:

Test: fast/block/line-layout/first-line-should-bail-out-of-simple-line-layout.html

  • rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::canUseForWithReason):

LayoutTests:

  • fast/block/line-layout/first-line-should-bail-out-of-simple-line-layout-expected.html: Added.
  • fast/block/line-layout/first-line-should-bail-out-of-simple-line-layout.html: Added.
3:43 AM Changeset in webkit [195198] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194426 - Should never be reached failure in WebCore::RenderElement::clearLayoutRootIfNeeded
https://bugs.webkit.org/show_bug.cgi?id=151590

Reviewed by Simon Fraser.

We should always set the layoutroot when a new subtree layout is requested (and convert it
to a full layout when needed). It ensures that renderers are detached cleanly even when
they are set as layoutroot.

Source/WebCore:

Test: fast/block/assert-when-layout-root-is-not-cleared.html

  • page/FrameView.cpp:

(WebCore::FrameView::scheduleRelayoutOfSubtree):

LayoutTests:

  • fast/block/assert-when-layout-root-is-not-cleared-expected.txt: Added.
  • fast/block/assert-when-layout-root-is-not-cleared.html: Added.
3:41 AM Changeset in webkit [195197] by Carlos Garcia Campos
  • 3 edits
    4 adds in releases/WebKitGTK/webkit-2.10

Merge r194418 - ASSERTION FAILED: x2 >= x1 in WebCore::RenderElement::drawLineForBoxSide
https://bugs.webkit.org/show_bug.cgi?id=151210

Reviewed by Simon Fraser.

Source/WebCore:

"IntRect outer = snappedIntRect(inner)" explicitly converts inner to LayoutRect first and
returns a snapped IntRect. When inner (after the inflate) overflows LayoutUnit,
the snapped rect might become smaller than the inner rect.

This patch also enables outline painting on subpixel positions.

Tests: fast/borders/hidpi-outline-on-subpixel-position.html

fast/borders/outline-offset-overflow.html

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::paintOutline):

LayoutTests:

"IntRect outer = snappedIntRect(inner)" explicitly converts inner to LayoutRect and
returns a snapped IntRect. When inner (after the inflate) overflows LayoutUnit,
the snapped outer rect becomes smaller than the inner rect.

This patch also enables outline painting on subpixel positions.

  • fast/borders/hidpi-outline-on-subpixel-position-expected.html: Added.
  • fast/borders/hidpi-outline-on-subpixel-position.html: Added.
  • fast/borders/outline-offset-overflow-expected.txt: Added.
  • fast/borders/outline-offset-overflow.html: Added.
3:36 AM Changeset in webkit [195196] by Carlos Garcia Campos
  • 13 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194405 - REGRESSION (r187593): Scroll position jumps when selecting text in an iframe
https://bugs.webkit.org/show_bug.cgi?id=152541
rdar://problem/23886181

Reviewed by Tim Horton.

Source/WebCore:

r154382 added code that modifies parentLayer traversal, looking for ancestor
scrollable layers. However, it confusingly added another code path in which
the ancestor layer traversal cross a frame boundary, when RenderLayer::scrollRectToVisible()
already has one. I fixed this new location to adjust the rect coordinates in r187593,
but then code that hit both crossing points double-mapped the coordinates, causing
autoscroll jumping.

Fix by reverting r154382 and r187593, going back to doing the ancestor walk in
one place. Re-fix r154382 by implementing RenderLayer::allowsCurrentScroll(),
which contains the logic for line clamp, autoscroll and ensuring that overflow:hidden
can be programmatically scrolled.

Form controls are special; they can have overflow:hidden but still be user-scrollable
during autoscroll; this is handled via the confusingly-named canBeProgramaticallyScrolled().
RenderTextControlSingleLine implements this to ensure that readonly text inputs
autoscroll (which is exercised by a test).

The frame-to-parent-frame rect mapping in RenderLayer::scrollRectToVisible() is
fixed to use the coordinate mapping functions from Widget/ScrollView, with the
addition of a new utility function contentsToContainingViewContents().

A "Scrolling" logging channel is added with a few log points.

Test: fast/events/autoscroll-in-iframe-body.html

  • page/scrolling/ScrollingCoordinator.cpp:

(WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame):
use contentsToContainingViewContents().

  • platform/Logging.h:
  • platform/ScrollView.cpp:

(WebCore::ScrollView::contentsToContainingViewContents):

  • platform/ScrollView.h:
  • platform/graphics/IntPoint.cpp:

(WebCore::IntPoint::constrainedBetween): New helper to constrain a point between
two other points.

  • platform/graphics/IntPoint.h:

(WebCore::IntPoint::expandedTo):
(WebCore::IntPoint::shrunkTo):

  • rendering/RenderBox.cpp:
  • rendering/RenderLayer.cpp:

(WebCore::parentLayerCrossFrame):
(WebCore::RenderLayer::enclosingScrollableLayer):
(WebCore::frameElementAndViewPermitScroll):
(WebCore::RenderLayer::allowsCurrentScroll):
(WebCore::RenderLayer::scrollRectToVisible):

  • rendering/RenderLayer.h:
  • rendering/RenderTextControlSingleLine.h:

LayoutTests:

New test for autoscrolling iframe contents (an existing test scrolled an overflow:scroll
inside an iframe, and didn't catch the bug).

  • fast/events/autoscroll-in-iframe-body-expected.txt: Added.
  • fast/events/autoscroll-in-iframe-body.html: Added.
  • fast/forms/input-readonly-autoscroll.html: Fix a missing double quote.
3:36 AM Changeset in webkit [195195] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194404 - Minor cleanup in RenderBox::canBeProgramaticallyScrolled()
https://bugs.webkit.org/show_bug.cgi?id=152515

Reviewed by Tim Horton.

Source/WebCore:

Remove the scrollsOverflow() check in RenderBox::canBeProgramaticallyScrolled(),
since if hasScrollableOverflow is true, scrollsOverflow() must also be true.

Factor clientWidth/Height vs. scrollWidth/Height checks into separate functions,
and call them from two places.

Added a test which is not affected by this particular change, but will verify
that a later change doesn't break anything.

Test: fast/overflow/overflow-hidden-scroll-into-view.html

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::canBeScrolledAndHasScrollableArea):
(WebCore::RenderBox::canBeProgramaticallyScrolled):

  • rendering/RenderBox.h:

(WebCore::RenderBox::hasHorizontalOverflow):
(WebCore::RenderBox::hasVerticalOverflow):
(WebCore::RenderBox::hasScrollableOverflowX):
(WebCore::RenderBox::hasScrollableOverflowY):

LayoutTests:

Test that programmatic scrolling works inside overflow:hidden.

  • fast/overflow/overflow-hidden-scroll-into-view-expected.html: Added.
  • fast/overflow/overflow-hidden-scroll-into-view.html: Added.
2:57 AM Changeset in webkit [195194] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194399 - Avoids stack recursion when indexed propertyNames defined using Object.defineProperty are deleted.
https://bugs.webkit.org/show_bug.cgi?id=149179
<rdar://problem/22708019>.

Patch by Pranjal Jumde <pjumde@apple.com> on 2015-12-23
Reviewed by Filip Pizlo.

  • runtime/JSObject.cpp:

(JSStorage::deletePropertyByIndex was invoking Base::deleteProperty for indexed propertyNames instead of Base::deletePropertyByIndex leading to a stack recursion)

LayoutTests:
Test to check for stack recursion when indexed propertyNames defined using Object.defineProperty are deleted.
https://bugs.webkit.org/show_bug.cgi?id=149179
<rdar://problem/22708019>.

Patch by Pranjal Jumde <pjumde@apple.com> on 2015-12-23
Reviewed by Filip Pizlo.

  • storage/domstorage/localstorage/delete-defineproperty-removal-expected.txt: Added.
  • storage/domstorage/localstorage/delete-defineproperty-removal.html: Added.
2:42 AM Changeset in webkit [195193] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Tools

Merge r194327 - [GTK] jquery.min.js violates DFSG
https://bugs.webkit.org/show_bug.cgi?id=152428

Reviewed by Joseph Pecoraro.

Stop distributing Source/WebInspectorUI/Tools. It is not needed in tarballs. This brings us
into compliance with DFSG by removing a bundled, minified copy of jQuery from our tarball.

  • gtk/manifest.txt.in:
2:41 AM Changeset in webkit [195192] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.10/Source

Merge r194323 - [SOUP] Performs DNS prefetch when a proxy is configured (information leak)
https://bugs.webkit.org/show_bug.cgi?id=145542

Reviewed by Darin Adler.

Source/WebCore:

Perform DNS prefetch only when no proxy is configured.

No new tests. Test this manually with Wireshark. Run the simple-proxy example program found
in libsoup's examples directory, set that as your system HTTP proxy, and see if DNS queries
show up in Wireshark when refreshing a page sent over HTTP. They should appear only when the
proxy is not configured.

  • platform/network/DNSResolveQueue.cpp:

(WebCore::DNSResolveQueue::DNSResolveQueue):
(WebCore::DNSResolveQueue::isUsingProxy):

  • platform/network/DNSResolveQueue.h:
  • platform/network/cf/DNSCFNet.cpp:

(WebCore::DNSResolveQueue::updateIsUsingProxy):
(WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted.

  • platform/network/soup/DNSSoup.cpp:

(WebCore::didResolveProxy):
(WebCore::proxyResolvedForHttpUriCallback):
(WebCore::proxyResolvedForHttpsUriCallback):
(WebCore::DNSResolveQueue::updateIsUsingProxy):
(WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted.

Source/WTF:

Specialize GUniquePtr<char*>, using g_strfreev.

  • wtf/glib/GUniquePtr.h:
1:50 AM Changeset in webkit [195191] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore/platform/gtk/po

Merge r194321 - German translation update
https://bugs.webkit.org/show_bug.cgi?id=152228

Unreviewed.

Patch by Bernd Homuth <dev@hmt.im> on 2015-12-20

  • de.po:
12:23 AM Changeset in webkit [195190] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194290 - Place an upper bound on canvas pixel count
https://bugs.webkit.org/show_bug.cgi?id=151825
<rdar://problem/23324916>

Reviewed by Simon Fraser (Relanded by Brent Fulgham)

Malformed JavaScript can attempt to create lots of canvas contexts. Limit the amount of memory
we will use for this purpose to some percentage of system RAM.

  • html/HTMLCanvasElement.cpp:

(WebCore::removeFromActivePixelMemory): Added helper function
(WebCore::HTMLCanvasElement::~HTMLCanvasElement): Call new 'releaseImageBufferAndContext' method
to ensure ImageBuffer and graphics context state are properly cleaned up.
(WebCore::maxActivePixels): Use one quarter of the system RAM, or 2 GB (whichever is more) as
an upper bound on active pixel memory.
(WebCore::HTMLCanvasElement::getContext): If we are attempting to create a context that will cause
us to exceed the allowed active pixel count, fail.
(WebCore::HTMLCanvasElement::releaseImageBufferAndContext): Added helper function
(WebCore::HTMLCanvasElement::setSurfaceSize): Use the new 'releaseImageBufferAndContext' method
to handle active pixel memory counts.
(WebCore::HTMLCanvasElement::createImageBuffer): Refuse to create a backing buffer if it will
exceed our available pixel memory.

12:15 AM Changeset in webkit [195189] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r194208 - ARM64 MacroAssembler improperly reuses data temp register in test32() and test8() calls
https://bugs.webkit.org/show_bug.cgi?id=152370

Reviewed by Benjamin Poulain.

Changed the test8/32(Address, Register) flavors to use the memoryTempRegister for loading the value
att Address so that it doesn't collide with the subsequent use of dataTempRegister by the
test32(Register, Register) function.

  • assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::test32):
(JSC::MacroAssemblerARM64::test8):

12:10 AM Changeset in webkit [195188] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194155 - Legacy style scrollbars do not change color when you mouse over them if you
are scrolled
https://bugs.webkit.org/show_bug.cgi?id=152319
-and corresponding-
rdar://problem/23317668

Reviewed by Darin Adler.

The scrollbar’s frameRect is in window coordinates, so we need to compare a
point in window coordinates when we test this.

The call to convertFromContainingWindow does not return a point in view
coordinates, so we should not call the variable viewPoint. We do still need
to call it for subframes. convertFromContainingWindow doesn’t do anything for
the root ScrollView (for Mac WK2 at least).

  • platform/ScrollView.cpp:

(WebCore::ScrollView::scrollbarAtPoint):

HitTestLocation is in contents coordinates. It needs to be converted to
window coordinates

  • rendering/RenderView.cpp:

(WebCore::RenderView::hitTest):

12:09 AM Changeset in webkit [195187] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194558 - REGRESSION(r194143): Float width incorrectly calculated on Wikipedia
https://bugs.webkit.org/show_bug.cgi?id=152644

Reviewed by Myles C. Maxfield.

Source/WebCore:

The min/max-content contribution computation for non replaced
blocks changed in r194143. The implementation was actually
more complex than it should be and actually incomplete as it
was not considering the case of out of flow elements (because
it was directly calling computeLogicalWidthInRegion()).

This new implementation simplifies a lot the code and makes it
more complete as it relies on min|maxPreferredLogicalWidth()
calls which already consider all the different types of boxes.

Test: fast/css-intrinsic-dimensions/inlinesize-contribution-floats.html

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::computeBlockPreferredLogicalWidths):

LayoutTests:

  • fast/css-intrinsic-dimensions/inlinesize-contribution-floats-expected.html: Added.
  • fast/css-intrinsic-dimensions/inlinesize-contribution-floats.html: Added.

Jan 17, 2016:

8:41 PM Changeset in webkit [195186] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit2

Add quotes around ${CMAKE_SHARED_LINKER_FLAGS} in case it is unset
https://bugs.webkit.org/show_bug.cgi?id=153175

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-01-17
Reviewed by Michael Catanzaro.

  • PlatformGTK.cmake:
7:20 PM Changeset in webkit [195185] by Simon Fraser
  • 5 edits
    9 adds in trunk

More displaylist tests, and minor cleanup
https://bugs.webkit.org/show_bug.cgi?id=153198

Reviewed by Zalan Bujtas.

Source/WebCore:

Have the DisplayListRecorder's constructor push the recorder onto the GraphicsContext,
and remove that code from GraphicsLayerCA.

Tests: displaylists/extent-includes-shadow.html

displaylists/extent-includes-transforms.html

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::recursiveCommitChanges):

  • platform/graphics/displaylists/DisplayListRecorder.cpp:

(WebCore::DisplayList::Recorder::Recorder):

LayoutTests:

A couple more display list tests that check that the computed extent of an item
includes shadows and transforms.

WK1 results differ in that they disable should-subpixel-quantize-fonts in the state
(which is a bug).

Move some shared JS into a helper file.

  • displaylists/extent-includes-shadow-expected.txt: Added.
  • displaylists/extent-includes-shadow.html: Added.
  • displaylists/extent-includes-transforms-expected.txt: Added.
  • displaylists/extent-includes-transforms.html: Added.
  • displaylists/layer-dispay-list.html:
  • displaylists/resources/dump-target-display-list.js: Added.

(doTest):

  • platform/mac-wk1/displaylists/extent-includes-shadow-expected.txt: Added.
  • platform/mac-wk1/displaylists/extent-includes-transforms-expected.txt: Added.
2:24 PM Changeset in webkit [195184] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Ensure that CF_AVAILABLE is undefined when building webkit-gtk

https://bugs.webkit.org/show_bug.cgi?id=152720

This change ensures that CF_AVAILABLE is correctly a no-op to
address build failure that was observed when building on older
versions of OSX. Previously, CF_AVAILABLE may have been unexpectedly
re-defined to the system header value based on include-order.

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-01-17
Reviewed by Michael Catanzaro.

  • API/WebKitAvailability.h:
10:09 AM Changeset in webkit [195183] by Michael Catanzaro
  • 5 edits in trunk

[CMake] Do not build bmalloc when USE_SYSTEM_MALLOC is ON
https://bugs.webkit.org/show_bug.cgi?id=153190

Reviewed by Csaba Osztrogonác.

Build bmalloc when NOT USE_SYSTEM_MALLOC rather than when NOT WIN32.

.:

  • Source/CMakeLists.txt:
  • Source/cmake/OptionsWin.cmake:

Source/WTF:

  • wtf/CMakeLists.txt:
1:15 AM Changeset in webkit [195182] by Julien Brianceau
  • 5 edits in trunk/Source/JavaScriptCore

[mips] Fix regT2 and regT3 trampling in MacroAssembler
https://bugs.webkit.org/show_bug.cgi?id=153131

Mips $t2 and $t3 registers were used as temporary registers
in MacroAssemblerMIPS.h, whereas they are mapped to regT2
and regT3 in LLInt and GPRInfo.

This patch rearranges register mapping for the mips architecture:

  • use $t0 and $t1 as temp registers in LLInt (as in MacroAssembler)
  • use $t7 and $t8 as temp registers in MacroAssembler (as in LLInt)
  • remove $t6 from temp registers list in LLInt
  • update GPRInfo.h accordingly
  • add mips macroScratchRegisters() list in RegisterSet.cpp

Reviewed by Michael Saboff.

  • assembler/MacroAssemblerMIPS.h:
  • jit/GPRInfo.h:

(JSC::GPRInfo::toRegister):
(JSC::GPRInfo::toIndex):

  • jit/RegisterSet.cpp:

(JSC::RegisterSet::macroScratchRegisters):
(JSC::RegisterSet::calleeSaveRegisters):

  • offlineasm/mips.rb:
12:13 AM Changeset in webkit [195181] by beidson@apple.com
  • 227 edits in trunk/LayoutTests

Modern IDB: .js test files should not log database names.
https://bugs.webkit.org/show_bug.cgi?id=153181

Reviewed by Alex Christensen.

We'll be sharing .js files as well as test expectations between different HTML test files,
and logging the filename is counter to this goal, as it will change depending on the HTML
driver running the test.

  • storage/indexeddb/resources/shared.js:

(setDBNameFromPath): eval() setting the filename instead of evalAndLog().

  • platform/wk2/storage/indexeddb/aborted-versionchange-closes-expected.txt:
  • platform/wk2/storage/indexeddb/create-and-remove-object-store-expected.txt:
  • platform/wk2/storage/indexeddb/cursor-continue-dir-expected.txt:
  • platform/wk2/storage/indexeddb/cursor-continue-expected.txt:
  • platform/wk2/storage/indexeddb/cursor-finished-expected.txt:
  • platform/wk2/storage/indexeddb/database-basics-expected.txt:
  • platform/wk2/storage/indexeddb/index-count-expected.txt:
  • platform/wk2/storage/indexeddb/intversion-abort-in-initial-upgradeneeded-expected.txt:
  • platform/wk2/storage/indexeddb/intversion-close-in-oncomplete-expected.txt:
  • platform/wk2/storage/indexeddb/intversion-close-in-upgradeneeded-expected.txt:
  • platform/wk2/storage/indexeddb/invalid-keys-expected.txt:
  • platform/wk2/storage/indexeddb/key-type-array-expected.txt:
  • platform/wk2/storage/indexeddb/keypath-arrays-expected.txt:
  • platform/wk2/storage/indexeddb/keypath-edges-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/bad-keypath-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/clear-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/create-objectstore-basics-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/cursors-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/key-requirements-delete-null-key-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/key-requirements-inline-and-passed-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/key-requirements-put-no-key-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/key-requirements-put-null-key-expected.txt:
  • platform/wk2/storage/indexeddb/mozilla/readonly-transactions-expected.txt:
  • platform/wk2/storage/indexeddb/object-lookups-in-versionchange-expected.txt:
  • platform/wk2/storage/indexeddb/objectstore-count-expected.txt:
  • platform/wk2/storage/indexeddb/open-cursor-expected.txt:
  • platform/wk2/storage/indexeddb/request-result-cache-expected.txt:
  • platform/wk2/storage/indexeddb/transaction-abort-expected.txt:
  • platform/wk2/storage/indexeddb/transaction-active-flag-expected.txt:
  • platform/wk2/storage/indexeddb/transaction-after-close-expected.txt:
  • platform/wk2/storage/indexeddb/transaction-read-only-expected.txt:
  • platform/wk2/storage/indexeddb/version-change-exclusive-expected.txt:
  • storage/indexeddb/aborted-versionchange-closes-expected.txt:
  • storage/indexeddb/clone-exception-expected.txt:
  • storage/indexeddb/closed-cursor-expected.txt:
  • storage/indexeddb/create-and-remove-object-store-expected.txt:
  • storage/indexeddb/create-object-store-options-expected.txt:
  • storage/indexeddb/createIndex-after-failure-expected.txt:
  • storage/indexeddb/createObjectStore-name-argument-required-expected.txt:
  • storage/indexeddb/createObjectStore-null-name-expected.txt:
  • storage/indexeddb/cursor-added-bug-expected.txt:
  • storage/indexeddb/cursor-advance-expected.txt:
  • storage/indexeddb/cursor-basics-expected.txt:
  • storage/indexeddb/cursor-cast-expected.txt:
  • storage/indexeddb/cursor-continue-dir-expected.txt:
  • storage/indexeddb/cursor-continue-expected.txt:
  • storage/indexeddb/cursor-continue-validity-expected.txt:
  • storage/indexeddb/cursor-delete-expected.txt:
  • storage/indexeddb/cursor-finished-expected.txt:
  • storage/indexeddb/cursor-inconsistency-expected.txt:
  • storage/indexeddb/cursor-index-delete-expected.txt:
  • storage/indexeddb/cursor-key-order-expected.txt:
  • storage/indexeddb/cursor-overloads-expected.txt:
  • storage/indexeddb/cursor-prev-no-duplicate-expected.txt:
  • storage/indexeddb/cursor-primary-key-order-expected.txt:
  • storage/indexeddb/cursor-properties-expected.txt:
  • storage/indexeddb/cursor-reverse-bug-expected.txt:
  • storage/indexeddb/cursor-skip-deleted-expected.txt:
  • storage/indexeddb/cursor-update-expected.txt:
  • storage/indexeddb/cursor-update-value-argument-required-expected.txt:
  • storage/indexeddb/cursor-value-expected.txt:
  • storage/indexeddb/database-basics-expected.txt:
  • storage/indexeddb/database-close-expected.txt:
  • storage/indexeddb/database-closepending-flag-expected.txt:
  • storage/indexeddb/database-deletepending-flag-expected.txt:
  • storage/indexeddb/database-wrapper-expected.txt:
  • storage/indexeddb/delete-closed-database-object-expected.txt:
  • storage/indexeddb/delete-in-upgradeneeded-close-in-open-success-expected.txt:
  • storage/indexeddb/delete-in-upgradeneeded-close-in-versionchange-expected.txt:
  • storage/indexeddb/delete-range-expected.txt:
  • storage/indexeddb/deleteIndex-expected.txt:
  • storage/indexeddb/deleteObjectStore-name-argument-required-expected.txt:
  • storage/indexeddb/deleteObjectStore-null-name-expected.txt:
  • storage/indexeddb/deleted-objects-expected.txt:
  • storage/indexeddb/deletedatabase-blocked-expected.txt:
  • storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-expected.txt:
  • storage/indexeddb/deletedatabase-not-blocked-expected.txt:
  • storage/indexeddb/deletedatabase-transaction-expected.txt:
  • storage/indexeddb/dont-wedge-expected.txt:
  • storage/indexeddb/duplicates-expected.txt:
  • storage/indexeddb/error-causes-abort-by-default-expected.txt:
  • storage/indexeddb/exception-in-event-aborts-expected.txt:
  • storage/indexeddb/exceptions-expected.txt:
  • storage/indexeddb/factory-deletedatabase-expected.txt:
  • storage/indexeddb/get-keyrange-expected.txt:
  • storage/indexeddb/index-basics-expected.txt:
  • storage/indexeddb/index-count-expected.txt:
  • storage/indexeddb/index-cursor-expected.txt:
  • storage/indexeddb/index-duplicate-keypaths-expected.txt:
  • storage/indexeddb/index-get-key-argument-required-expected.txt:
  • storage/indexeddb/index-multientry-expected.txt:
  • storage/indexeddb/index-population-expected.txt:
  • storage/indexeddb/index-unique-expected.txt:
  • storage/indexeddb/intversion-abort-in-initial-upgradeneeded-expected.txt:
  • storage/indexeddb/intversion-bad-parameters-expected.txt:
  • storage/indexeddb/intversion-blocked-expected.txt:
  • storage/indexeddb/intversion-close-between-events-expected.txt:
  • storage/indexeddb/intversion-close-in-oncomplete-expected.txt:
  • storage/indexeddb/intversion-close-in-upgradeneeded-expected.txt:
  • storage/indexeddb/intversion-encoding-expected.txt:
  • storage/indexeddb/intversion-gated-on-delete-expected.txt:
  • storage/indexeddb/intversion-long-queue-expected.txt:
  • storage/indexeddb/intversion-omit-parameter-expected.txt:
  • storage/indexeddb/intversion-open-in-upgradeneeded-expected.txt:
  • storage/indexeddb/intversion-open-with-version-expected.txt:
  • storage/indexeddb/intversion-pending-version-changes-ascending-expected.txt:
  • storage/indexeddb/intversion-pending-version-changes-descending-expected.txt:
  • storage/indexeddb/intversion-pending-version-changes-same-expected.txt:
  • storage/indexeddb/intversion-persistence-expected.txt:
  • storage/indexeddb/intversion-revert-on-abort-expected.txt:
  • storage/indexeddb/intversion-two-opens-no-versions-expected.txt:
  • storage/indexeddb/intversion-upgrades-expected.txt:
  • storage/indexeddb/invalid-keys-expected.txt:
  • storage/indexeddb/key-generator-expected.txt:
  • storage/indexeddb/key-sort-order-across-types-expected.txt:
  • storage/indexeddb/key-sort-order-date-expected.txt:
  • storage/indexeddb/key-type-array-expected.txt:
  • storage/indexeddb/key-type-binary-expected.txt:
  • storage/indexeddb/key-type-infinity-expected.txt:
  • storage/indexeddb/keypath-arrays-expected.txt:
  • storage/indexeddb/keypath-basics-expected.txt:
  • storage/indexeddb/keypath-edges-expected.txt:
  • storage/indexeddb/keypath-fetch-key-expected.txt:
  • storage/indexeddb/keypath-intrinsic-properties-expected.txt:
  • storage/indexeddb/lazy-index-population-expected.txt:
  • storage/indexeddb/lazy-index-types-expected.txt:
  • storage/indexeddb/list-ordering-expected.txt:
  • storage/indexeddb/metadata-expected.txt:
  • storage/indexeddb/metadata-race-expected.txt:
  • storage/indexeddb/modern/abort-objectstore-info-expected.txt:
  • storage/indexeddb/modern/blocked-open-db-requests-expected.txt:
  • storage/indexeddb/modern/memory-index-not-deleted-with-objectstore-expected.txt:
  • storage/indexeddb/modern/transaction-scheduler-4-expected.txt:
  • storage/indexeddb/mozilla/add-twice-failure-expected.txt:
  • storage/indexeddb/mozilla/autoincrement-indexes-expected.txt:
  • storage/indexeddb/mozilla/bad-keypath-expected.txt:
  • storage/indexeddb/mozilla/clear-expected.txt:
  • storage/indexeddb/mozilla/create-index-unique-expected.txt:
  • storage/indexeddb/mozilla/create-index-with-integer-keys-expected.txt:
  • storage/indexeddb/mozilla/create-objectstore-basics-expected.txt:
  • storage/indexeddb/mozilla/create-objectstore-null-name-expected.txt:
  • storage/indexeddb/mozilla/cursor-mutation-expected.txt:
  • storage/indexeddb/mozilla/cursor-mutation-objectstore-only-expected.txt:
  • storage/indexeddb/mozilla/cursor-update-updates-indexes-expected.txt:
  • storage/indexeddb/mozilla/cursors-expected.txt:
  • storage/indexeddb/mozilla/delete-result-expected.txt:
  • storage/indexeddb/mozilla/event-source-expected.txt:
  • storage/indexeddb/mozilla/global-data-expected.txt:
  • storage/indexeddb/mozilla/index-prev-no-duplicate-expected.txt:
  • storage/indexeddb/mozilla/indexes-expected.txt:
  • storage/indexeddb/mozilla/key-requirements-delete-null-key-expected.txt:
  • storage/indexeddb/mozilla/key-requirements-expected.txt:
  • storage/indexeddb/mozilla/key-requirements-inline-and-passed-expected.txt:
  • storage/indexeddb/mozilla/key-requirements-put-no-key-expected.txt:
  • storage/indexeddb/mozilla/key-requirements-put-null-key-expected.txt:
  • storage/indexeddb/mozilla/object-cursors-expected.txt:
  • storage/indexeddb/mozilla/object-identity-expected.txt:
  • storage/indexeddb/mozilla/object-store-inline-autoincrement-key-added-on-put-expected.txt:
  • storage/indexeddb/mozilla/object-store-remove-values-expected.txt:
  • storage/indexeddb/mozilla/objectstorenames-expected.txt:
  • storage/indexeddb/mozilla/odd-result-order-expected.txt:
  • storage/indexeddb/mozilla/put-get-values-expected.txt:
  • storage/indexeddb/mozilla/readonly-transactions-expected.txt:
  • storage/indexeddb/mozilla/readwrite-transactions-expected.txt:
  • storage/indexeddb/mozilla/readyState-expected.txt:
  • storage/indexeddb/mozilla/remove-index-expected.txt:
  • storage/indexeddb/mozilla/remove-objectstore-expected.txt:
  • storage/indexeddb/mozilla/versionchange-abort-expected.txt:
  • storage/indexeddb/mutating-cursor-expected.txt:
  • storage/indexeddb/noblobs-expected.txt:
  • storage/indexeddb/object-lookups-in-versionchange-expected.txt:
  • storage/indexeddb/objectStore-required-arguments-expected.txt:
  • storage/indexeddb/objectstore-autoincrement-expected.txt:
  • storage/indexeddb/objectstore-basics-expected.txt:
  • storage/indexeddb/objectstore-clear-expected.txt:
  • storage/indexeddb/objectstore-count-expected.txt:
  • storage/indexeddb/objectstore-cursor-expected.txt:
  • storage/indexeddb/objectstore-removeobjectstore-expected.txt:
  • storage/indexeddb/open-cursor-expected.txt:
  • storage/indexeddb/open-during-transaction-expected.txt:
  • storage/indexeddb/open-ordering-expected.txt:
  • storage/indexeddb/opencursor-key-expected.txt:
  • storage/indexeddb/optional-arguments-expected.txt:
  • storage/indexeddb/pending-activity-expected.txt:
  • storage/indexeddb/persistence-expected.txt:
  • storage/indexeddb/prefetch-bugfix-108071-expected.txt:
  • storage/indexeddb/prefetch-invalidation-expected.txt:
  • storage/indexeddb/prefetch-race-expected.txt:
  • storage/indexeddb/queued-commands-expected.txt:
  • storage/indexeddb/readonly-expected.txt:
  • storage/indexeddb/readonly-properties-expected.txt:
  • storage/indexeddb/request-continue-abort-expected.txt:
  • storage/indexeddb/request-event-propagation-expected.txt:
  • storage/indexeddb/request-result-cache-expected.txt:
  • storage/indexeddb/set_version_blocked-expected.txt:
  • storage/indexeddb/setversion-blocked-by-versionchange-close-expected.txt:
  • storage/indexeddb/setversion-not-blocked-expected.txt:
  • storage/indexeddb/structured-clone-expected.txt:
  • storage/indexeddb/transaction-abort-expected.txt:
  • storage/indexeddb/transaction-active-flag-expected.txt:
  • storage/indexeddb/transaction-after-close-expected.txt:
  • storage/indexeddb/transaction-and-objectstore-calls-expected.txt:
  • storage/indexeddb/transaction-basics-expected.txt:
  • storage/indexeddb/transaction-complete-with-js-recursion-cross-frame-expected.txt:
  • storage/indexeddb/transaction-complete-with-js-recursion-expected.txt:
  • storage/indexeddb/transaction-coordination-across-databases-expected.txt:
  • storage/indexeddb/transaction-coordination-within-database-expected.txt:
  • storage/indexeddb/transaction-crash-in-tasks-expected.txt:
  • storage/indexeddb/transaction-crash-on-abort-expected.txt:
  • storage/indexeddb/transaction-error-expected.txt:
  • storage/indexeddb/transaction-event-propagation-expected.txt:
  • storage/indexeddb/transaction-ordering-expected.txt:
  • storage/indexeddb/transaction-overlapping-expected.txt:
  • storage/indexeddb/transaction-read-only-expected.txt:
  • storage/indexeddb/transaction-readwrite-exclusive-expected.txt:
  • storage/indexeddb/transaction-rollback-expected.txt:
  • storage/indexeddb/transaction-scope-sequencing-expected.txt:
  • storage/indexeddb/transaction-starvation-expected.txt:
  • storage/indexeddb/transaction-storeNames-required-expected.txt:
  • storage/indexeddb/unblocked-version-changes-expected.txt:
  • storage/indexeddb/value-undefined-expected.txt:
  • storage/indexeddb/values-odd-types-expected.txt:
  • storage/indexeddb/version-change-abort-expected.txt:
  • storage/indexeddb/version-change-event-expected.txt:
  • storage/indexeddb/version-change-exclusive-expected.txt:

Jan 16, 2016:

8:54 PM Changeset in webkit [195180] by mmaxfield@apple.com
  • 34 edits
    8 deletes in trunk

Remove TextRun::allowsRoundingHacks()
https://bugs.webkit.org/show_bug.cgi?id=153185

Reviewed by Simon Fraser.

Source/WebCore:

Rounding hacks are disallowed by default, and are only re-enabled on iOS 4 and
earlier, which are not supported OSes. Because they are disallowed on all
supported configurations, remove support for them wholesale.

No new tests.

  • html/canvas/CanvasRenderingContext2D.cpp:

(WebCore::CanvasRenderingContext2D::drawTextInternal):

  • platform/graphics/FontCascade.cpp:
  • platform/graphics/FontCascade.h:

(WebCore::FontCascade::isRoundingHackCharacter): Deleted.

  • platform/graphics/StringTruncator.cpp:

(WebCore::stringWidth):
(WebCore::truncateString):
(WebCore::StringTruncator::centerTruncate):
(WebCore::StringTruncator::rightTruncate):
(WebCore::StringTruncator::width):
(WebCore::StringTruncator::leftTruncate):
(WebCore::StringTruncator::rightClipToCharacter):
(WebCore::StringTruncator::rightClipToWord):

  • platform/graphics/StringTruncator.h:
  • platform/graphics/TextRun.cpp:

(WebCore::TextRun::setAllowsRoundingHacks): Deleted.
(WebCore::TextRun::allowsRoundingHacks): Deleted.

  • platform/graphics/TextRun.h:

(WebCore::TextRun::TextRun):
(WebCore::TextRun::applyRunRounding): Deleted.
(WebCore::TextRun::applyWordRounding): Deleted.
(WebCore::TextRun::disableRoundingHacks): Deleted.

  • platform/graphics/WidthIterator.cpp:

(WebCore::WidthIterator::advanceInternal):

  • platform/graphics/mac/ComplexTextController.cpp:

(WebCore::ComplexTextController::adjustGlyphsAndAdvances):

  • platform/mac/DragImageMac.mm:

(WebCore::widthWithFont): Deleted.
(WebCore::drawAtPoint): Deleted.

  • rendering/RenderFileUploadControl.cpp:

(WebCore::RenderFileUploadControl::fileTextValue):
(WebCore::RenderFileUploadControl::paintObject): Deleted.

  • rendering/RenderListBox.cpp:

(WebCore::RenderListBox::paintItemForeground):
(WebCore::RenderListBox::updateFromElement): Deleted.

  • rendering/RenderTextControl.cpp:

(WebCore::RenderTextControl::getAverageCharWidth): Deleted.

  • rendering/RenderTheme.cpp:

(WebCore::RenderTheme::fileListNameForWidth):

  • rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::fileListNameForWidth):

  • rendering/svg/SVGInlineTextBox.cpp:

(WebCore::SVGInlineTextBox::constructTextRun): Deleted.

  • rendering/svg/SVGTextMetrics.cpp:

(WebCore::SVGTextMetrics::constructTextRun): Deleted.

  • testing/Internals.cpp:

(WebCore::Internals::resetToConsistentState): Deleted.
(WebCore::Internals::allowRoundingHacks): Deleted.

  • testing/Internals.h:
  • testing/Internals.idl:

Source/WebKit/ios:

  • Misc/WebUIKitSupport.mm:

(WebKitInitialize): Deleted.

Source/WebKit/mac:

  • Misc/WebKitNSStringExtras.mm:

(-[NSString _web_drawAtPoint:font:textColor:allowingFontSmoothing:]): Deleted.
(-[NSString _web_widthWithFont:]): Deleted.

  • WebView/WebView.mm:

(+[WebView _setAllowsRoundingHacks:]): Deleted.
(+[WebView _allowsRoundingHacks]): Deleted.

  • WebView/WebViewPrivate.h:

Tools:

  • DumpRenderTree/mac/DumpRenderTree.mm:

(resetWebViewToConsistentStateBeforeTesting): Deleted.

LayoutTests:

  • platform/mac/fast/text/rounding-hacks-expansion.html: Removed.
  • platform/mac/fast/text/rounding-hacks.html: Removed.
  • platform/mac/platform/mac/fast/text/rounding-hacks-expansion-expected.png: Removed.
  • platform/mac/platform/mac/fast/text/rounding-hacks-expansion-expected.txt: Removed.
  • platform/mac/platform/mac/fast/text/rounding-hacks-expected.png: Removed.
  • platform/mac/platform/mac/fast/text/rounding-hacks-expected.txt: Removed.
  • svg/text/svg-font-word-rounding-hacks-spaces-expected.html: Removed.
  • svg/text/svg-font-word-rounding-hacks-spaces.html: Removed.
4:21 PM Changeset in webkit [195179] by akling@apple.com
  • 4 edits in trunk/Source/WebCore

Allocate style sheet media queries in BumpArena.
<https://webkit.org/b/153188>

Reviewed by Antti Koivisto.

Teach the CSS parser to allocate MediaQuery and MediaQueryExp from BumpArena as well.

  • css/CSSGrammar.y.in:
  • css/MediaQuery.h:
  • css/MediaQueryExp.h:
4:04 PM Changeset in webkit [195178] by commit-queue@webkit.org
  • 8 edits in trunk

[ES6] Arrow function syntax. Arrow function should support the destructuring parameters.
https://bugs.webkit.org/show_bug.cgi?id=146934

Patch by Skachkov Oleksandr <gskachkov@gmail.com> on 2016-01-16
Reviewed by Saam Barati.
Source/JavaScriptCore:

Added support of destructuring parameters, before arrow function expect only simple parameters,
e.g. (), (x), (x, y) or x in assigment expressio. To support destructuring parameters added
additional check that check for destructuring paramters if check does not pass for simple parameters.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::isArrowFunctionParameters):
(JSC::Parser<LexerType>::parseAssignmentExpression):

  • parser/Parser.h:

LayoutTests:

  • js/arrowfunction-syntax-errors-expected.txt:
  • js/arrowfunction-syntax-expected.txt:
  • js/script-tests/arrowfunction-syntax-errors.js:
  • js/script-tests/arrowfunction-syntax.js:
4:00 PM Changeset in webkit [195177] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore

[GTK] Add a couple comments to ScrollbarThemeGtk
https://bugs.webkit.org/show_bug.cgi?id=153184

Reviewed by Carlos Garcia Campos.

  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::paint):

1:05 PM Changeset in webkit [195176] by timothy@apple.com
  • 2 edits in trunk/Websites/webkit.org

Fix some responsive issues on smaller screens.

  • wp-content/themes/webkit/style.css:

(.timeline .time):
(@media (max-width: 900px)):
(.timeline:before):
(.timeline > li):
(.timeline > li:before):
(.timeline .content):
(.timeline li .time::before):

12:53 PM Changeset in webkit [195175] by commit-queue@webkit.org
  • 1 edit
    2 adds in trunk/LayoutTests

Web Inspector: Add tests for Array Utilities like lowerBound/upperBound
https://bugs.webkit.org/show_bug.cgi?id=153177

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-01-16
Reviewed by Timothy Hatcher.

  • inspector/unit-tests/array-utilities-expected.txt: Added.
  • inspector/unit-tests/array-utilities.html: Added.
12:50 PM Changeset in webkit [195174] by commit-queue@webkit.org
  • 4 edits in trunk

.:
[GTK] Use -Wl,-all_load on darwin to include contents of all static archives

https://bugs.webkit.org/show_bug.cgi?id=153117

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-01-16
Reviewed by Michael Catanzaro.

  • Source/cmake/OptionsGTK.cmake:

Source/WebKit2:
Remove a now-irrelevant darwin build hack
https://bugs.webkit.org/show_bug.cgi?id=153117

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-01-16
Reviewed by Michael Catanzaro.

  • PlatformGTK.cmake:
12:37 PM Changeset in webkit [195173] by akling@apple.com
  • 3 edits in trunk/Source/WebCore

Give RuleSet a BumpArena and start using it for RuleDataVectors.
<https://webkit.org/b/153169>

Reviewed by Antti Koivisto.

Since RuleSet only supports appending rules and doesn't need to worry about removing them,
it's a great candidate for BumpArena optimizations.

Give each RuleSet its own BumpArena and teach them how to allocate RuleDataVector objects
out of them.

There are more things that can be done here, ideally all the sub-allocations inside RuleSet
that happen via e.g Vector and HashMap would also come out of the BumpArena.

  • css/RuleSet.cpp:

(WebCore::RuleSet::RuleSet):
(WebCore::RuleSet::addToRuleSet):
(WebCore::RuleSet::copyShadowPseudoElementRulesFrom):

  • css/RuleSet.h:

(WebCore::RuleSet::RuleDataVector::create):
(WebCore::RuleSet::RuleSet): Deleted.

11:07 AM Changeset in webkit [195172] by Simon Fraser
  • 4 edits in trunk

Source/WebCore:
Fix flakiness of displaylists/layer-dispay-list.html

When toggling "uses display list drawing" on a GraphicsLayerCA, do
a repaint.

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::setUsesDisplayListDrawing):

LayoutTests:
This test needs to force layout before calling setElementUsesDisplayListDrawing(),
so that the layer already has its "drawsContents" property updated.

  • displaylists/layer-dispay-list.html:
11:03 AM Changeset in webkit [195171] by jhoneycutt@apple.com
  • 3 edits in trunk/Source/WebKit2

[iOS] Replace deprecated -[UIDocumentMenuViewController
_setIgnoreApplicationEntitlementForImport:]

<https://bugs.webkit.org/show_bug.cgi?id=145690>
<rdar://problem/20636577>

Reviewed by Brent Fulgham.

  • Platform/spi/ios/UIKitSPI.h:

Replace deprecated SPI with newer SPI.

  • UIProcess/ios/forms/WKFileUploadPanel.mm:

(-[WKFileUploadPanel presentWithParameters:resultListener:]):
(-[WKFileUploadPanel _showDocumentPickerMenu]):
Ditto.

10:12 AM Changeset in webkit [195170] by Simon Fraser
  • 17 edits in trunk/Source

Remove GraphicsContext::drawConvexPolygon() and GraphicsContext::clipConvexPolygon()
https://bugs.webkit.org/show_bug.cgi?id=153174

Reviewed by Zalan Bujtas.

GraphicsContext::drawConvexPolygon() and GraphicsContext::clipConvexPolygon() were
poorly named (non-convex polygons are allowed), and just syntactic sugar over
clipPath() and drawPath().

Remove them, but add a convenience function to create a Path from a Vector of
points. For CG, we can use the more efficient CGPathAddLines().
Source/WebCore:

Add TextStream dumping for Path.

  • platform/graphics/GraphicsContext.h:
  • platform/graphics/Path.cpp:

(WebCore::Path::polygonPathFromPoints):
(WebCore::Path::dump):
(WebCore::operator<<):

  • platform/graphics/Path.h:
  • platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::setPlatformShouldAntialias):
(WebCore::addConvexPolygonToContext): Deleted.
(WebCore::GraphicsContext::drawConvexPolygon): Deleted.
(WebCore::GraphicsContext::clipConvexPolygon): Deleted.

  • platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::addConvexPolygonToPath): Deleted.
(WebCore::GraphicsContext::drawConvexPolygon): Deleted.
(WebCore::GraphicsContext::clipConvexPolygon): Deleted.

  • platform/graphics/cg/PathCG.cpp:

(WebCore::Path::polygonPathFromPoints):
(WebCore::Path::moveTo):
(WebCore::Path::addLineTo):
(WebCore::Path::addQuadCurveTo):
(WebCore::Path::addBezierCurveTo):
(WebCore::Path::addArcTo):

  • platform/graphics/displaylists/DisplayListItems.cpp:

(WebCore::DisplayList::Item::sizeInBytes): Deleted.
(WebCore::DisplayList::ClipConvexPolygon::ClipConvexPolygon): Deleted.
(WebCore::DisplayList::ClipConvexPolygon::apply): Deleted.
(WebCore::DisplayList::operator<<): Deleted.
(WebCore::DisplayList::addConvexPolygonToPath): Deleted.
(WebCore::DisplayList::DrawConvexPolygon::DrawConvexPolygon): Deleted.
(WebCore::DisplayList::DrawConvexPolygon::localBounds): Deleted.
(WebCore::DisplayList::DrawConvexPolygon::apply): Deleted.

  • platform/graphics/displaylists/DisplayListItems.h:

(WebCore::DisplayList::ClipConvexPolygon::create): Deleted.
(WebCore::DisplayList::ClipConvexPolygon::points): Deleted.
(WebCore::DisplayList::ClipConvexPolygon::antialias): Deleted.
(WebCore::DisplayList::DrawConvexPolygon::create): Deleted.
(WebCore::DisplayList::DrawConvexPolygon::points): Deleted.
(WebCore::DisplayList::DrawConvexPolygon::antialiased): Deleted.

  • platform/graphics/displaylists/DisplayListRecorder.cpp:

(WebCore::DisplayList::Recorder::drawConvexPolygon): Deleted.
(WebCore::DisplayList::Recorder::clipConvexPolygon): Deleted.

  • platform/graphics/displaylists/DisplayListRecorder.h:
  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::clipBorderSidePolygon):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::drawLineForBoxSide):

  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::paintMenuListButtonDecorations):

  • rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::paintMenuListButtonDecorations):

Source/WebKit/win:

  • FullscreenVideoController.cpp:

(HUDSlider::draw):

8:46 AM Changeset in webkit [195169] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Add Platform.cpp to ANGLESupport

https://bugs.webkit.org/show_bug.cgi?id=153120

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-01-16
Reviewed by Darin Adler.

No new tests, only addresses a build failure.

  • CMakeLists.txt:
7:15 AM Changeset in webkit [195168] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit2

[GTK] Unreviewed. Fix a typo in an API comment.

  • UIProcess/API/gtk/WebKitWebViewSessionState.cpp:
1:44 AM Changeset in webkit [195167] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

[GTK] List box selections stopped working again with GTK+ from current git master
https://bugs.webkit.org/show_bug.cgi?id=153122

Reviewed by Michael Catanzaro.

The problem is that the ListBox selection implementation is
wrong. We are using a similar implementation to GtkEntry, but
GtkTreeView doesn't have a child CSS node for selections.

  • rendering/RenderThemeGtk.cpp:

(WebCore::styleColor): Don't use a child style context for ListBox selections.
(WebCore::createStyleContext): Remove ListBoxSelection.

1:36 AM Changeset in webkit [195166] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit2

[GTK] GVariant runtime critical errors when encoding session data
https://bugs.webkit.org/show_bug.cgi?id=153130

Reviewed by Michael Catanzaro.

It happens when the FrameState has children, because the recursive
serialization is wrong. Also fix serialization of
documentSequenceNumber and itemSequenceNumber that are gint64, not
guint64.

  • UIProcess/API/gtk/WebKitWebViewSessionState.cpp:

(encodeFrameState): Let the caller open/init the given
builder. Use a new builder to encode child states recursively.
(encodePageState): Do the builder open/close for the FrameState encoding.
(decodeFrameState): Get the variant of every child.

12:49 AM Changeset in webkit [195165] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

[SOUP] Initialize HTTP version of ResourceResponse
https://bugs.webkit.org/show_bug.cgi?id=153088

Reviewed by Michael Catanzaro.

  • platform/network/soup/ResourceResponseSoup.cpp:

(WebCore::ResourceResponse::updateFromSoupMessage):

12:25 AM Changeset in webkit [195164] by mmaxfield@apple.com
  • 2 edits in trunk/Source/WebCore

Tiny cleanup in FontFaceComparator
https://bugs.webkit.org/show_bug.cgi?id=153044

Reviewed by Zalan Bujtas.

This is a follow-up patch to r194923.

No new tests because there is no behavior change.

  • css/CSSFontSelector.cpp:

(WebCore::FontFaceComparator::FontFaceComparator):
(WebCore::FontFaceComparator::operator()):

Jan 15, 2016:

7:57 PM Changeset in webkit [195163] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[webkitdirs] Avoid list form of open because it broke WinCairo
https://bugs.webkit.org/show_bug.cgi?id=153106

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-15
Reviewed by Alex Christensen.

  • Scripts/webkitdirs.pm:

(determineArchitecture):

6:08 PM Changeset in webkit [195162] by jiewen_tan@apple.com
  • 4 edits
    4 adds in trunk

FrameLoaderClient::didReceiveServerRedirectForProvisionalLoadForFrame() is never called when loading a main resource from the memory cache
https://bugs.webkit.org/show_bug.cgi?id=152520
<rdar://problem/23305737>

Reviewed by Andy Estes.

Source/WebCore:

Test: http/tests/loading/server-redirect-for-provisional-load-caching.html

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::responseReceived):
Dispatch message to notify client that a cached resource was redirected. So,
client can make proper actions to treat server side redirection.

  • loader/cache/CachedRawResource.h:

Add a method to tell whether the cached resource was redirected.

LayoutTests:

  • http/tests/loading/resources/server-redirect-result.html: Added.
  • http/tests/loading/resources/server-redirect.php: Added.
  • http/tests/loading/server-redirect-for-provisional-load-caching-expected.txt: Added.
  • http/tests/loading/server-redirect-for-provisional-load-caching.html: Added.
5:55 PM Changeset in webkit [195161] by mmaxfield@apple.com
  • 2 edits in trunk/LayoutTests

Content blocking console messages are not deterministic for one test
https://bugs.webkit.org/show_bug.cgi?id=153051

Unreviewed.

Console messages will print the line number of whichever JavaScript line is
being parsed. However, font requests (and therefore content blockers) are
not run in response to script. The solution is to add the webfont style
from script, so the line number is deterministic.

  • http/tests/contentextensions/font-display-none-repeated-layout.html:
5:03 PM Changeset in webkit [195160] by Chris Dumez
  • 7 edits
    2 deletes in trunk

Drop obsolete HTMLDocument.width / height attributes
https://bugs.webkit.org/show_bug.cgi?id=153144

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/dom/historical-expected.txt:

Source/WebCore:

Drop obsolete HTMLDocument.width / height attributes as these are
obsolete and already not supported by other major browsers (tested
Firefox and Chrome).

No new tests, already covered by existing tests.

  • html/HTMLDocument.idl:

LayoutTests:

  • fast/dom/HTMLDocument/width-and-height-expected.txt: Removed.
  • fast/dom/HTMLDocument/width-and-height.html: Removed.

Drop outdated test.

  • fast/dom/Window/window-property-invalid-characters-ignored-expected.txt:
  • fast/dom/Window/window-property-invalid-characters-ignored.html:

Stop relying on Document.width / height as these are obsolete.

4:37 PM Changeset in webkit [195159] by commit-queue@webkit.org
  • 5 edits
    2 adds in trunk/Source/JavaScriptCore

[JSC] Legalize Memory Offsets for ARM64 before lowering to Air
https://bugs.webkit.org/show_bug.cgi?id=153065

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-01-15
Reviewed by Mark Lam.
Reviewed by Filip Pizlo.

On ARM64, we cannot use signed 32bits offset for memory addressing.
There are two available addressing: signed 9bits and unsigned scaled 12bits.
Air already knows about it.

In this patch, the offsets are changed to something valid for ARM64
prior to lowering. When an offset is invalid, it is just computed
before the instruction and used as the base for addressing.

(JSC::B3::generateToAir):

  • b3/B3LegalizeMemoryOffsets.cpp: Added.

(JSC::B3::legalizeMemoryOffsets):

  • b3/B3LegalizeMemoryOffsets.h: Added.
  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::effectiveAddr): Deleted.

  • b3/testb3.cpp:

(JSC::B3::testLoadWithOffsetImpl):
(JSC::B3::testLoadOffsetImm9Max):
(JSC::B3::testLoadOffsetImm9MaxPlusOne):
(JSC::B3::testLoadOffsetImm9MaxPlusTwo):
(JSC::B3::testLoadOffsetImm9Min):
(JSC::B3::testLoadOffsetImm9MinMinusOne):
(JSC::B3::testLoadOffsetScaledUnsignedImm12Max):
(JSC::B3::testLoadOffsetScaledUnsignedOverImm12Max):
(JSC::B3::run):

4:16 PM Changeset in webkit [195158] by Beth Dakin
  • 1 edit
    2 adds in trunk/LayoutTests

Add a test for touch events in scaled documents
https://bugs.webkit.org/show_bug.cgi?id=153149
-and corresponding-
rdar://problem/24181371

Reviewed by Simon Fraser.

  • fast/events/touch/ios/touch-event-in-scaled-document-expected.txt: Added.
  • fast/events/touch/ios/touch-event-in-scaled-document.html: Added.
4:08 PM Changeset in webkit [195157] by Chris Dumez
  • 5 edits in trunk

Drop obsolete DocumentType.entities / notations
https://bugs.webkit.org/show_bug.cgi?id=153147

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/dom/historical-expected.txt:

Source/WebCore:

Drop obsolete DocumentType.entities / notations attributes.

Firefox and Chrome already dropped those. We already dropped support for
entities and notations so these always returned null.

No new tests, already covered by existing tests.

  • dom/DocumentType.h:
  • dom/DocumentType.idl:
3:57 PM Changeset in webkit [195156] by Simon Fraser
  • 15 edits
    3 adds in trunk

Make a way to test display-list drawing
https://bugs.webkit.org/show_bug.cgi?id=152956

Reviewed by Ryosuke Niwa.
Source/WebCore:

Make it possible to toggle display-list drawing for a given compositing
layer via internals, as well as getting a textual representation of the display
list, optionally including items with platform-specific behavior.

Add one test that uses this.

Test: displaylists/layer-dispay-list.html

  • platform/graphics/GraphicsLayer.h:

(WebCore::GraphicsLayer::displayListAsText):

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::displayListAsText):

  • platform/graphics/ca/GraphicsLayerCA.h:
  • platform/graphics/displaylists/DisplayList.cpp:

(WebCore::DisplayList::DisplayList::shouldDumpForFlags):
(WebCore::DisplayList::DisplayList::asText):

  • platform/graphics/displaylists/DisplayList.h:
  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::setUsesDisplayListDrawing):
(WebCore::RenderLayerBacking::displayListAsText):

  • rendering/RenderLayerBacking.h:
  • testing/Internals.cpp:

(WebCore::Internals::setElementUsesDisplayListDrawing):
(WebCore::Internals::displayListForElement):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

Enable displaylists tests on Mac and iOS.

  • TestExpectations:
  • displaylists/layer-dispay-list-expected.txt: Added.
  • displaylists/layer-dispay-list.html: Added.
  • platform/ios-simulator/TestExpectations:
  • platform/mac/TestExpectations:
3:42 PM Changeset in webkit [195155] by achristensen@apple.com
  • 16 edits in trunk/Source

Fix internal Windows build
https://bugs.webkit.org/show_bug.cgi?id=153142

Source/JavaScriptCore:

Reviewed by Brent Fulgham.

The internal Windows build builds JavaScriptCore from a directory that is not called JavaScriptCore.
Searching for JavaScriptCore/API/APICast.h fails because it is in SomethingElse/API/APICast.h.
Since we are including the JavaScriptCore directory, it is not necessary to have JavaScriptCore in
the forwarding headers, but removing it allows builds form directories that are not named JavaScriptCore.

  • ForwardingHeaders/JavaScriptCore/APICast.h:
  • ForwardingHeaders/JavaScriptCore/JSBase.h:
  • ForwardingHeaders/JavaScriptCore/JSCTestRunnerUtils.h:
  • ForwardingHeaders/JavaScriptCore/JSContextRef.h:
  • ForwardingHeaders/JavaScriptCore/JSObjectRef.h:
  • ForwardingHeaders/JavaScriptCore/JSRetainPtr.h:
  • ForwardingHeaders/JavaScriptCore/JSStringRef.h:
  • ForwardingHeaders/JavaScriptCore/JSStringRefCF.h:
  • ForwardingHeaders/JavaScriptCore/JSValueRef.h:
  • ForwardingHeaders/JavaScriptCore/JavaScript.h:
  • ForwardingHeaders/JavaScriptCore/JavaScriptCore.h:
  • ForwardingHeaders/JavaScriptCore/OpaqueJSString.h:
  • ForwardingHeaders/JavaScriptCore/WebKitAvailability.h:

Source/WebKit2:

Unreviewed addition to Alex's JSC patch, which was reviewed by Brent Fulgham. Pass
-I${JAVASCRIPTCORE_DIR} to g-ir-scanner.

Patch by Michael Catanzaro <Michael Catanzaro> on 2016-01-15

  • PlatformGTK.cmake:
3:34 PM Changeset in webkit [195154] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebCore

Fix audio build with video disabled
https://bugs.webkit.org/show_bug.cgi?id=153134

Patch by Olivier Blin <Olivier Blin> on 2016-01-15
Reviewed by Michael Catanzaro.

Build fails when WebAudio is enabled but VIDEO disabled.

No new tests since this is a build fix only.

  • platform/audio/PlatformMediaSession.cpp:
  • platform/audio/PlatformMediaSession.h:
  • platform/audio/PlatformMediaSessionManager.cpp:
  • testing/Internals.cpp:

(WebCore::Internals::setAudioContextRestrictions):

3:22 PM Changeset in webkit [195153] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[GTK] Fix build of RenderThemeGtk without VIDEO by including HTMLInputElement
https://bugs.webkit.org/show_bug.cgi?id=153133

Patch by Olivier Blin <Olivier Blin> on 2016-01-15
Reviewed by Michael Catanzaro.

Build was fine with VIDEO enabled, since HTMLInputElement.h was
included by transitivity through MediaControlElements.h and
MediaControlElementTypes.h.

This seems to be broken since r194847.

No new tests since this is just a build fix.

  • rendering/RenderThemeGtk.cpp:
3:06 PM Changeset in webkit [195152] by rniwa@webkit.org
  • 5 edits
    2 adds in trunk

createElementNS and createAttributeNS should treat undefined namespaceURI as null string
https://bugs.webkit.org/show_bug.cgi?id=153119

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

Rebaseline a test now that more test cases are passing.

  • web-platform-tests/dom/nodes/Document-createElementNS-expected.txt:

Source/WebCore:

Treat undefined as null in document.createElementNS and document.createAttributeNS as defined in:
https://dom.spec.whatwg.org/#document

Test: fast/dom/Document/createAttributeNS-undefined-namespace.html

  • dom/Document.idl:

LayoutTests:

Add a regression test for calling createAttributeNS with undefined namespaceURI.

  • fast/dom/Document/createAttributeNS-undefined-namespace-expected.txt: Added.
  • fast/dom/Document/createAttributeNS-undefined-namespace.html: Added.
3:03 PM Changeset in webkit [195151] by jiewen_tan@apple.com
  • 10 edits in trunk/LayoutTests

Refine http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer*
https://bugs.webkit.org/show_bug.cgi?id=153140

Reviewed by Alexey Proskuryakov.

  • http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-always.html:
  • http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-default.html:
  • http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-never.html:
  • http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-no-referrer-when-downgrade.html:
  • http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-no-referrer.html:
  • http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-origin.html:
  • http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-unsafe-url.html:
  • http/tests/contentdispositionattachmentsandbox/referer-header-stripped.html:
  • http/tests/contentdispositionattachmentsandbox/resources/referer-header-stripped.js:

(onload):
(navigation): Deleted.
The reason why the tests are not completed after calling testRunner.notifyDone() is that the original navigation()
is bound as the onload of the iframe which will dispatch two load events. Therefore, navigation() will be called
twice. Here, change the navigation() to be bound with the main frame's onload function, which will restrict it to
be called only once.

2:58 PM Changeset in webkit [195150] by mmaxfield@apple.com
  • 3 edits
    2 adds in trunk

[Cocoa] Font features are not applied to the system font
https://bugs.webkit.org/show_bug.cgi?id=153053

Reviewed by Dean Jackson.

Source/WebCore:

We simply need to call preparePlatformFont() on it.

Test: fast/text/system-font-features.html

  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::fontWithFamily):

LayoutTests:

  • fast/text/system-font-features-expected.html: Added.
  • fast/text/system-font-features.html: Added.
2:29 PM Changeset in webkit [195149] by timothy_horton@apple.com
  • 6 edits in trunk/Source

Data detector yellow highlight location is vertically mirrored in WebKit1
https://bugs.webkit.org/show_bug.cgi?id=152216
<rdar://problem/23848003>

Reviewed by Beth Dakin.

No new tests, because we currently have no decent mechanism for testing
where TextIndicator/Lookup/DataDetectors actually make it to the screen,
nor for synthetic force-click in WebKit1.

  • editing/mac/DictionaryLookup.h:
  • editing/mac/DictionaryLookup.mm:

(WebCore::showPopupOrCreateAnimationController):
(WebCore::DictionaryLookup::showPopup):
(WebCore::DictionaryLookup::animationControllerForPopup):
Add an optional function for converting between root-FrameView and
handed-in-NSView coordinates, and use it to convert textBoundingRectInRootViewCoordinates
into the coordinates of the WebView.

  • WebView/WebImmediateActionController.mm:

(-[WebImmediateActionController _animationControllerForDataDetectedText]):
(-[WebImmediateActionController _animationControllerForDataDetectedLink]):
These assignments have no effect because they're operating on a copy, because
TextIndicator::data() does not return a reference... so remove them.

  • WebView/WebView.mm:

(-[WebView _setTextIndicator:withLifetime:]):
Convert textBoundingRectInRootViewCoordinates to WebView coordinates before
converting to Window coordinates from WebView coordinates so we get flipping right.

(-[WebView _animationControllerForDictionaryLookupPopupInfo:]):
(-[WebView _showDictionaryLookupPopup:]):
Ditto for these, except in the aforementioned conversion callback.

2:28 PM Changeset in webkit [195148] by commit-queue@webkit.org
  • 4 edits
    2 adds
    2 deletes in trunk

Media Query (-webkit-video-playable-inline) is failing as an invalid media query expression
https://bugs.webkit.org/show_bug.cgi?id=153111

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-01-15
Reviewed by Dean Jackson.

Source/WebCore:

Test: fast/media/video-playable-inline-media-query.html

  • css/MediaQueryEvaluator.cpp:

(WebCore::video_playable_inlineMediaFeatureEval):
(WebCore::isRunningOnIPhoneOrIPod): Deleted.
Make the media query work regardless of the platform.
It should just check the web view's settings.

  • css/MediaQueryExp.cpp:

(WebCore::featureWithoutValue):
This media query expects no value, include it in the list
so it is not treated as invalid.

LayoutTests:

  • fast/media/video-playable-inline-media-query-expected.txt: Added.
  • fast/media/video-playable-inline-media-query.html: Added.
  • platform/ios-simulator/ios/fast/media/video-inline-expected.txt: Removed.
  • platform/ios-simulator/ios/fast/media/video-inline.html: Removed.
2:21 PM Changeset in webkit [195147] by commit-queue@webkit.org
  • 5 edits
    4 adds in trunk/LayoutTests

LayoutTest inspector/script-profiler/event-type-Other.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=153016
<rdar://problem/24192919>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-01-15
Reviewed by Brian Burg.

Introduce a better way for the inspected page to signal to
the inspector page by dispatching an event with JSON data.
Use it in this test to try to eliminate flakyness.

  • http/tests/inspector/resources/inspector-test.js:

(TestPage.dispatchEventToFrontend):

  • http/tests/inspector/resources/protocol-test.js:

(TestPage.runTest.window.runTest):
(TestPage.dispatchEventToFrontend):

  • inspector/script-profiler/event-type-Other.html:
  • inspector/unit-tests/inspector-test-dispatch-event-to-frontend-expected.txt: Added.
  • inspector/unit-tests/inspector-test-dispatch-event-to-frontend.html: Added.
  • inspector/unit-tests/protocol-test-dispatch-event-to-frontend-expected.txt: Added.
  • inspector/unit-tests/protocol-test-dispatch-event-to-frontend.html: Added.
  • platform/mac/TestExpectations:
1:49 PM Changeset in webkit [195146] by Alan Bujtas
  • 3 edits
    2 adds in trunk
ASSERTION FAILED: canHaveChildren()
canHaveGeneratedChildren() in WebCore::RenderElement::insertChildInternal

https://bugs.webkit.org/show_bug.cgi?id=123331

Reviewed by Darin Adler.

Do not set named flow fragment bit on the flow until after the renderer is attached. Setting/resetting it too early
could affect the attach/detach process itself (This is similar to attaching a multi column flow thread).

Source/WebCore:

Test: fast/regions/input-box-with-region-assert.html

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::willBeDestroyed):
(WebCore::RenderBlockFlow::createRenderNamedFlowFragmentIfNeeded):
(WebCore::RenderBlockFlow::setRenderNamedFlowFragment):

LayoutTests:

  • fast/regions/input-box-with-region-assert-expected.txt: Added.
  • fast/regions/input-box-with-region-assert.html: Added.
1:43 PM Changeset in webkit [195145] by peavo@outlook.com
  • 5 edits in trunk/Source/JavaScriptCore

[B3][Win64] Compile fixes.
https://bugs.webkit.org/show_bug.cgi?id=153127

Reviewed by Alex Christensen.

MSVC have several overloads of fmod, pow, and ceil. We need to suggest to MSVC
which one we want to use.

  • b3/B3LowerMacros.cpp:
  • b3/B3LowerMacrosAfterOptimizations.cpp:
  • b3/B3MathExtras.cpp:

(JSC::B3::powDoubleInt32):

  • b3/B3ReduceStrength.cpp:
1:18 PM Changeset in webkit [195144] by commit-queue@webkit.org
  • 5 edits in trunk/LayoutTests

Web Inspector: Fix some typos in unit tests
https://bugs.webkit.org/show_bug.cgi?id=153141

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-01-15
Reviewed by Brian Burg.

  • inspector/unit-tests/async-test-suite-expected.txt:
  • inspector/unit-tests/async-test-suite.html:
  • inspector/unit-tests/sync-test-suite-expected.txt:
  • inspector/unit-tests/sync-test-suite.html:

Fix some typos.

1:11 PM Changeset in webkit [195143] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Rebaseline tables/mozilla_expected_failures/bugs/bug89315.html for ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=152130

Unreviewed test gardening.

  • platform/ios-simulator/tables/mozilla_expected_failures/bugs/bug89315-expected.txt:
12:57 PM Changeset in webkit [195142] by Simon Fraser
  • 9 edits
    3 adds in trunk

Add kdebug_trace signposts for a few WebCore operations
https://bugs.webkit.org/show_bug.cgi?id=153136
rdar://problem/24208487

Reviewed by Sam Weinig.
Source/WebCore:

Add trace points for style recalc, layout, view painting and layer painting.

  • dom/Document.cpp:

(WebCore::Document::recalcStyle):

  • page/FrameView.cpp:

(WebCore::FrameView::layout):
(WebCore::FrameView::paintContents):

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::platformCALayerPaintContents):

Source/WTF:

New header with the reserved WebKit component code, trace point codes, and
a stack-based helper that traces scope entry and exit.

The available range of trace point codes is arbitrarily segmented into WTF, JSC,
WebCore, WebKit and WebKit2.

  • WTF.xcodeproj/project.pbxproj:
  • wtf/CMakeLists.txt:
  • wtf/SystemTracing.h: Added.

(WTF::TraceScope::TraceScope):
(WTF::TraceScope::~TraceScope):

Tools:

Plist used by kdebug_trace() viewing tools.

  • Tracing/SystemTracePoints.plist: Added.
12:01 PM Changeset in webkit [195141] by akling@apple.com
  • 23 edits
    2 adds in trunk/Source

Source/WebCore:
Use BumpArena for style sheet object tree.
<https://webkit.org/b/152696>

Reviewed by Antti Koivisto.

Give each StyleSheetContents its own BumpArena, and plumb it down through CSSParser
to allocate StyleRule, StyleProperties and CSSSelectorList's selector arrays there.

This basically means that most objects that make up a given style sheet will end up
in one (or a few) contiguous region(s) of memory, instead of being scattered all
over the malloc heap.

In the common case (no CSSOM manipulation), the lifetimes of these objects are very
predictable: everything tends to die when the StyleSheetContents dies.
This dramatically improves space-efficiency in those cases, and allows us to return
contiguous chunks of memory to the system once a style sheet is no longer needed.

One-off CSS parses that don't work within a StyleSheetContents context will have
their StyleRules & co allocated through FastMalloc just like before.

Bonus: give SelectorQueryCache a dedicated BumpArena as well, since it has very
predictable lifetime.

  • css/CSSGrammar.y.in:
  • css/CSSKeyframesRule.h:

(WebCore::StyleRuleKeyframes::create):

  • css/CSSParser.cpp:

(WebCore::CSSParser::createStyleProperties):
(WebCore::CSSParser::createMediaRule):
(WebCore::CSSParser::createSupportsRule):
(WebCore::CSSParser::createKeyframesRule):
(WebCore::CSSParser::setArena):
(WebCore::CSSParser::arena):
(WebCore::CSSParser::createStyleRule):
(WebCore::CSSParser::createFontFaceRule):
(WebCore::CSSParser::createPageRule):
(WebCore::CSSParser::createRegionRule):
(WebCore::CSSParser::createViewportRule):

  • css/CSSParser.h:
  • css/CSSParserValues.cpp:

(WebCore::CSSParserSelector::parsePseudoElementCueFunctionSelector):
(WebCore::CSSParserSelector::adoptSelectorVector):

  • css/CSSParserValues.h:
  • css/CSSSelectorList.cpp:

(WebCore::CSSSelectorList::CSSSelectorList):
(WebCore::CSSSelectorList::adoptSelectorVector):
(WebCore::CSSSelectorList::deleteSelectors):

  • css/CSSSelectorList.h:
  • css/StyleProperties.cpp:

(WebCore::ImmutableStyleProperties::create):
(WebCore::StyleProperties::immutableCopyIfNeeded):

  • css/StyleProperties.h:
  • css/StyleRule.cpp:

(WebCore::StyleRule::create):
(WebCore::StyleRule::splitIntoMultipleRulesWithMaximumSelectorComponentCount):
(WebCore::StyleRuleRegion::StyleRuleRegion):

  • css/StyleRule.h:

(WebCore::StyleRule::create):
(WebCore::StyleRule::parserAdoptSelectorVector):
(WebCore::StyleRuleFontFace::create):
(WebCore::StyleRulePage::create):
(WebCore::StyleRulePage::parserAdoptSelectorVector):
(WebCore::StyleRuleMedia::create):
(WebCore::StyleRuleSupports::create):
(WebCore::StyleRuleRegion::create):
(WebCore::StyleRuleViewport::create):

  • css/StyleSheetContents.cpp:

(WebCore::StyleSheetContents::StyleSheetContents):
(WebCore::StyleSheetContents::parseAuthorStyleSheet):
(WebCore::StyleSheetContents::parseStringAtPosition):

  • css/StyleSheetContents.h:
  • dom/SelectorQuery.cpp:

(WebCore::SelectorQueryCache::SelectorQueryCache):
(WebCore::SelectorQueryCache::add):

  • dom/SelectorQuery.h:
  • svg/SVGFontFaceElement.cpp:

(WebCore::SVGFontFaceElement::SVGFontFaceElement):

Source/WTF:
Fragmentation-free allocator for timeless and/or coupled allocations.
<https://webkit.org/b/152696>

Reviewed by Antti Koivisto.

Introduce BumpArena, a space-efficient memory allocator for situations where
you feel pretty confident betting on allocation lifetimes.

Basic design:

  • Reserves 128MB range of memory at startup.
  • Allocates 4kB-aligned blocks of 4kB from VM at a time.
  • Bump-pointer allocates out of a block until it reaches end.
  • Each allocation increments the ref-count of its block.
  • Each deallocation decrements the ref-count of its block.
  • Transparently falls back to fastMalloc()/fastFree() when needed.

Interface:

  • BumpArena::create()

Create your very own BumpArena!

  • BumpArena::allocate(BumpArena* arena, size_t size)

Allocates 'size' bytes of memory from 'arena'.
If 'arena' is null, falls back to fastMalloc().

  • BumpArena::deallocate(void* ptr)

If 'ptr' is BumpArena allocation, decrements block ref-count.
If 'ptr' is FastMalloc allocation, calls fastFree() on it.

  • WTF_MAKE_BUMPARENA_ALLOCATED;

Macro that gives a class or struct custom operators new and delete
for allocation out of BumpArena. Just like WTF_MAKE_FAST_ALLOCATED;

Note that while the name of this patch says "fragmentation-free allocator"
it will only be fragmentation-free when used for appropriate things.
This is not meant to be a general-purpose allocator. Only use it for sets of
allocations that are known to die roughly at the same time.

BumpArena will never resume allocating from a block that has been filled,
so it's even more important than usual that everything gets deallocated.

BumpArena redirects allocations to FastMalloc in three cases:

  • When invoked with a null BumpArena*
  • When allocation request is larger than BumpArena's block size (4kB)
  • When BumpArena has exhausted all of its pre-reserved VM. (128MB)

The VM allocator will eagerly return blocks of VM to the kernel by calling
madvise(). Average time spent in madvise is around 0.007ms on my box.

  • WTF.vcxproj/WTF.vcxproj:
  • WTF.vcxproj/WTF.vcxproj.filters:
  • WTF.xcodeproj/project.pbxproj:
  • wtf/BumpArena.cpp: Added.

(WTF::BumpArena::Block::capacity):
(WTF::BumpArena::Block::arena):
(WTF::BumpArena::Block::payloadStart):
(WTF::arenas):
(WTF::BumpArena::Block::Block):
(WTF::BumpArena::Block::~Block):
(WTF::BumpArena::Block::ref):
(WTF::BlockAllocator::BlockAllocator):
(WTF::BlockAllocator::isAllocation):
(WTF::blockAllocator):
(WTF::BlockAllocator::allocateBlock):
(WTF::BlockAllocator::deallocateBlock):
(WTF::BumpArena::Block::deref):
(WTF::BumpArena::Block::create):
(WTF::BumpArena::Block::dump):
(WTF::BumpArena::dump):
(WTF::BumpArena::create):
(WTF::BumpArena::BumpArena):
(WTF::BumpArena::~BumpArena):
(WTF::BumpArena::allocateSlow):
(WTF::BumpArena::allocate):
(WTF::BumpArena::deallocate):
(WTF::BumpArena::Block::blockFor):
(WTF::BumpArena::arenaFor):

  • wtf/BumpArena.h: Added.
  • wtf/CMakeLists.txt:
11:55 AM Changeset in webkit [195140] by timothy@apple.com
  • 2 edits in trunk/Websites/webkit.org

Eliminate the margin on timeline elements so multiple timelines can touch.

  • wp-content/themes/webkit/style.css:

(.timeline):

11:41 AM Changeset in webkit [195139] by fpizlo@apple.com
  • 30 edits
    10 adds in trunk/Source/JavaScriptCore

Air needs a Shuffle instruction
https://bugs.webkit.org/show_bug.cgi?id=152952

Reviewed by Saam Barati.

This adds an instruction called Shuffle. Shuffle allows you to simultaneously perform
multiple moves to perform arbitrary permutations over registers and memory. We call these
rotations. It also allows you to perform "shifts", like (a => b, b => c): after the shift,
c will have b's old value, b will have a's old value, and a will be unchanged. Shifts can
use immediates as their source.

Shuffle is added as a custom instruction, since it has a variable number of arguments. It
takes any number of triplets of arguments, where each triplet describes one mapping of the
shuffle. For example, to represent (a => b, b => c), we might say:

Shuffle %a, %b, 64, %b, %c, 64

Note the "64"s, those are width arguments that describe how many bits of the register are
being moved. Each triplet is referred to as a "shuffle pair". We call it a pair because the
most relevant part of it is the pair of registers or memroy locations (i.e. %a, %b form one
of the pairs in the example). For GP arguments, the width follows ZDef semantics.

In the future, we will be able to use Shuffle for a lot of things. This patch is modest about
how to use it:

  • C calling convention argument marshalling. Previously we used move instructions. But that's problematic since it introduces artificial interference between the argument registers and the inputs. Using Shuffle removes that interference. This helps a bit.
  • Cold C calls. This is what really motivated me to write this patch. If we have a C call on a cold path, then we want it to appear to the register allocator like it doesn't clobber any registers. Only after register allocation should we handle the clobbering by simply saving all of the live volatile registers to the stack. If you imagine the saving and the argument marshalling, you can see how before the call, we want to have a Shuffle that does both of those things. This is important. If argument marshalling was separate from the saving, then we'd still appear to clobber argument registers. Doing them together as one Shuffle means that the cold call doesn't appear to even clobber the argument registers.

Unfortunately, I was wrong about cold C calls being the dominant problem with our register
allocator right now. Fixing this revealed other problems in my current tuning benchmark,
Octane/encrypt. Nonetheless, this is a small speed-up across the board, and gives us some
functionality we will need to implement other optimizations.

Relanding after fixing production build.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • assembler/AbstractMacroAssembler.h:

(JSC::isX86_64):
(JSC::isIOS):
(JSC::optimizeForARMv7IDIVSupported):

  • assembler/MacroAssemblerX86Common.h:

(JSC::MacroAssemblerX86Common::zeroExtend32ToPtr):
(JSC::MacroAssemblerX86Common::swap32):
(JSC::MacroAssemblerX86Common::moveConditionally32):

  • assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::store64WithAddressOffsetPatch):
(JSC::MacroAssemblerX86_64::swap64):
(JSC::MacroAssemblerX86_64::move64ToDouble):

  • assembler/X86Assembler.h:

(JSC::X86Assembler::xchgl_rr):
(JSC::X86Assembler::xchgl_rm):
(JSC::X86Assembler::xchgq_rr):
(JSC::X86Assembler::xchgq_rm):
(JSC::X86Assembler::movl_rr):

  • b3/B3CCallValue.h:
  • b3/B3Compilation.cpp:

(JSC::B3::Compilation::Compilation):
(JSC::B3::Compilation::~Compilation):

  • b3/B3Compilation.h:

(JSC::B3::Compilation::code):

  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::run):
(JSC::B3::Air::LowerToAir::createSelect):
(JSC::B3::Air::LowerToAir::lower):
(JSC::B3::Air::LowerToAir::marshallCCallArgument): Deleted.

  • b3/B3OpaqueByproducts.h:

(JSC::B3::OpaqueByproducts::count):

  • b3/B3StackmapSpecial.cpp:

(JSC::B3::StackmapSpecial::isArgValidForValue):
(JSC::B3::StackmapSpecial::isArgValidForRep):

  • b3/air/AirArg.cpp:

(JSC::B3::Air::Arg::isStackMemory):
(JSC::B3::Air::Arg::isRepresentableAs):
(JSC::B3::Air::Arg::usesTmp):
(JSC::B3::Air::Arg::canRepresent):
(JSC::B3::Air::Arg::isCompatibleType):
(JSC::B3::Air::Arg::dump):
(WTF::printInternal):

  • b3/air/AirArg.h:

(JSC::B3::Air::Arg::forEachType):
(JSC::B3::Air::Arg::isWarmUse):
(JSC::B3::Air::Arg::cooled):
(JSC::B3::Air::Arg::isEarlyUse):
(JSC::B3::Air::Arg::imm64):
(JSC::B3::Air::Arg::immPtr):
(JSC::B3::Air::Arg::addr):
(JSC::B3::Air::Arg::special):
(JSC::B3::Air::Arg::widthArg):
(JSC::B3::Air::Arg::operator==):
(JSC::B3::Air::Arg::isImm64):
(JSC::B3::Air::Arg::isSomeImm):
(JSC::B3::Air::Arg::isAddr):
(JSC::B3::Air::Arg::isIndex):
(JSC::B3::Air::Arg::isMemory):
(JSC::B3::Air::Arg::isRelCond):
(JSC::B3::Air::Arg::isSpecial):
(JSC::B3::Air::Arg::isWidthArg):
(JSC::B3::Air::Arg::isAlive):
(JSC::B3::Air::Arg::base):
(JSC::B3::Air::Arg::hasOffset):
(JSC::B3::Air::Arg::offset):
(JSC::B3::Air::Arg::width):
(JSC::B3::Air::Arg::isGPTmp):
(JSC::B3::Air::Arg::isGP):
(JSC::B3::Air::Arg::isFP):
(JSC::B3::Air::Arg::isType):
(JSC::B3::Air::Arg::isGPR):
(JSC::B3::Air::Arg::isValidForm):
(JSC::B3::Air::Arg::forEachTmpFast):

  • b3/air/AirBasicBlock.h:

(JSC::B3::Air::BasicBlock::insts):
(JSC::B3::Air::BasicBlock::appendInst):
(JSC::B3::Air::BasicBlock::append):

  • b3/air/AirCCallingConvention.cpp: Added.

(JSC::B3::Air::computeCCallingConvention):
(JSC::B3::Air::cCallResult):
(JSC::B3::Air::buildCCall):

  • b3/air/AirCCallingConvention.h: Added.
  • b3/air/AirCode.h:

(JSC::B3::Air::Code::proc):

  • b3/air/AirCustom.cpp: Added.

(JSC::B3::Air::CCallCustom::isValidForm):
(JSC::B3::Air::CCallCustom::generate):
(JSC::B3::Air::ShuffleCustom::isValidForm):
(JSC::B3::Air::ShuffleCustom::generate):

  • b3/air/AirCustom.h:

(JSC::B3::Air::PatchCustom::forEachArg):
(JSC::B3::Air::PatchCustom::generate):
(JSC::B3::Air::CCallCustom::forEachArg):
(JSC::B3::Air::CCallCustom::isValidFormStatic):
(JSC::B3::Air::CCallCustom::admitsStack):
(JSC::B3::Air::CCallCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::ColdCCallCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::isValidFormStatic):
(JSC::B3::Air::ShuffleCustom::admitsStack):
(JSC::B3::Air::ShuffleCustom::hasNonArgNonControlEffects):

  • b3/air/AirEmitShuffle.cpp: Added.

(JSC::B3::Air::ShufflePair::dump):
(JSC::B3::Air::emitShuffle):

  • b3/air/AirEmitShuffle.h: Added.

(JSC::B3::Air::ShufflePair::ShufflePair):
(JSC::B3::Air::ShufflePair::src):
(JSC::B3::Air::ShufflePair::dst):
(JSC::B3::Air::ShufflePair::width):

  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::prepareForGeneration):

  • b3/air/AirGenerate.h:
  • b3/air/AirInsertionSet.cpp:

(JSC::B3::Air::InsertionSet::insertInsts):
(JSC::B3::Air::InsertionSet::execute):

  • b3/air/AirInsertionSet.h:

(JSC::B3::Air::InsertionSet::insertInst):
(JSC::B3::Air::InsertionSet::insert):

  • b3/air/AirInst.h:

(JSC::B3::Air::Inst::operator bool):
(JSC::B3::Air::Inst::append):

  • b3/air/AirLowerAfterRegAlloc.cpp: Added.

(JSC::B3::Air::lowerAfterRegAlloc):

  • b3/air/AirLowerAfterRegAlloc.h: Added.
  • b3/air/AirLowerMacros.cpp: Added.

(JSC::B3::Air::lowerMacros):

  • b3/air/AirLowerMacros.h: Added.
  • b3/air/AirOpcode.opcodes:
  • b3/air/AirRegisterPriority.h:

(JSC::B3::Air::regsInPriorityOrder):

  • b3/air/testair.cpp: Added.

(hiddenTruthBecauseNoReturnIsStupid):
(usage):
(JSC::B3::Air::compile):
(JSC::B3::Air::invoke):
(JSC::B3::Air::compileAndRun):
(JSC::B3::Air::testSimple):
(JSC::B3::Air::loadConstantImpl):
(JSC::B3::Air::loadConstant):
(JSC::B3::Air::loadDoubleConstant):
(JSC::B3::Air::testShuffleSimpleSwap):
(JSC::B3::Air::testShuffleSimpleShift):
(JSC::B3::Air::testShuffleLongShift):
(JSC::B3::Air::testShuffleLongShiftBackwards):
(JSC::B3::Air::testShuffleSimpleRotate):
(JSC::B3::Air::testShuffleSimpleBroadcast):
(JSC::B3::Air::testShuffleBroadcastAllRegs):
(JSC::B3::Air::testShuffleTreeShift):
(JSC::B3::Air::testShuffleTreeShiftBackward):
(JSC::B3::Air::testShuffleTreeShiftOtherBackward):
(JSC::B3::Air::testShuffleMultipleShifts):
(JSC::B3::Air::testShuffleRotateWithFringe):
(JSC::B3::Air::testShuffleRotateWithLongFringe):
(JSC::B3::Air::testShuffleMultipleRotates):
(JSC::B3::Air::testShuffleShiftAndRotate):
(JSC::B3::Air::testShuffleShiftAllRegs):
(JSC::B3::Air::testShuffleRotateAllRegs):
(JSC::B3::Air::testShuffleSimpleSwap64):
(JSC::B3::Air::testShuffleSimpleShift64):
(JSC::B3::Air::testShuffleSwapMixedWidth):
(JSC::B3::Air::testShuffleShiftMixedWidth):
(JSC::B3::Air::testShuffleShiftMemory):
(JSC::B3::Air::testShuffleShiftMemoryLong):
(JSC::B3::Air::testShuffleShiftMemoryAllRegs):
(JSC::B3::Air::testShuffleShiftMemoryAllRegs64):
(JSC::B3::Air::combineHiLo):
(JSC::B3::Air::testShuffleShiftMemoryAllRegsMixedWidth):
(JSC::B3::Air::testShuffleRotateMemory):
(JSC::B3::Air::testShuffleRotateMemory64):
(JSC::B3::Air::testShuffleRotateMemoryMixedWidth):
(JSC::B3::Air::testShuffleRotateMemoryAllRegs64):
(JSC::B3::Air::testShuffleRotateMemoryAllRegsMixedWidth):
(JSC::B3::Air::testShuffleSwapDouble):
(JSC::B3::Air::testShuffleShiftDouble):
(JSC::B3::Air::run):
(run):
(main):

  • b3/testb3.cpp:

(JSC::B3::testCallSimple):
(JSC::B3::testCallRare):
(JSC::B3::testCallRareLive):
(JSC::B3::testCallSimplePure):
(JSC::B3::run):

11:30 AM Changeset in webkit [195138] by commit-queue@webkit.org
  • 12 edits
    4 adds in trunk

[INTL] Implement Date.prototype.toLocaleString in ECMA-402
https://bugs.webkit.org/show_bug.cgi?id=147611

Patch by Andy VanWagoner <thetalecrafter@gmail.com> on 2016-01-15
Reviewed by Benjamin Poulain.

Source/JavaScriptCore:

Expose dateProtoFuncGetTime as thisTimeValue for builtins.
Remove unused code in DateTimeFormat toDateTimeOptions, and make the
function specific to the call in initializeDateTimeFormat. Properly
throw when the options parameter is null.
Add toLocaleString in builtin JavaScript, with it's own specific branch
of toDateTimeOptions.

  • CMakeLists.txt:
  • DerivedSources.make:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • builtins/DatePrototype.js: Added.

(toLocaleString.toDateTimeOptionsAnyAll):
(toLocaleString):

  • runtime/CommonIdentifiers.h:
  • runtime/DatePrototype.cpp:

(JSC::DatePrototype::finishCreation):

  • runtime/DatePrototype.h:
  • runtime/IntlDateTimeFormat.cpp:

(JSC::toDateTimeOptionsAnyDate):
(JSC::IntlDateTimeFormat::initializeDateTimeFormat):
(JSC::toDateTimeOptions): Deleted.

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

LayoutTests:

  • js/intl-datetimeformat-expected.txt: Added test for null options.
  • js/date-toLocaleString-expected.txt: Added.
  • js/date-toLocaleString.html: Added.
  • js/script-tests/intl-datetimeformat.js: Added test for null options.
  • js/script-tests/date-toLocaleString.js: Added.
10:59 AM Changeset in webkit [195137] by bshafiei@apple.com
  • 2 edits in branches/safari-601.1.46-branch/LayoutTests

Merged r195130. rdar://problem/24154420

10:57 AM Changeset in webkit [195136] by bshafiei@apple.com
  • 2 edits in branches/safari-601-branch/LayoutTests

Merged r195130. rdar://problem/24154290

10:56 AM Changeset in webkit [195135] by matthew_hanson@apple.com
  • 5 edits in branches/safari-601-branch/Source

Versioning.

10:53 AM Changeset in webkit [195134] by commit-queue@webkit.org
  • 3 edits in trunk/Source/JavaScriptCore

[mips] Implemented emitFunctionPrologue/Epilogue
https://bugs.webkit.org/show_bug.cgi?id=152947

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-15
Reviewed by Michael Saboff.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::popPair):
(JSC::MacroAssemblerMIPS::pushPair):

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::emitFunctionPrologue):
(JSC::AssemblyHelpers::emitFunctionEpilogueWithEmptyFrame):
(JSC::AssemblyHelpers::emitFunctionEpilogue):

9:07 AM Changeset in webkit [195133] by commit-queue@webkit.org
  • 30 edits
    10 deletes in trunk/Source/JavaScriptCore

Unreviewed, rolling out r195084.
https://bugs.webkit.org/show_bug.cgi?id=153132

Broke Production build (Requested by ap on #webkit).

Reverted changeset:

"Air needs a Shuffle instruction"
https://bugs.webkit.org/show_bug.cgi?id=152952
http://trac.webkit.org/changeset/195084

9:06 AM Changeset in webkit [195132] by hyatt@apple.com
  • 6 edits in trunk/Source/WebCore

Avoid downloading the wrong image for <picture> elements.
https://bugs.webkit.org/show_bug.cgi?id=153027

Reviewed by Dean Jackson.

No tests, since they are always flaky.

  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::HTMLImageElement):
(WebCore::HTMLImageElement::~HTMLImageElement):
(WebCore::HTMLImageElement::createForJSConstructor):
(WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
(WebCore::HTMLImageElement::insertedInto):
(WebCore::HTMLImageElement::removedFrom):
(WebCore::HTMLImageElement::pictureElement):
(WebCore::HTMLImageElement::setPictureElement):
(WebCore::HTMLImageElement::width):

  • html/HTMLImageElement.h:

(WebCore::HTMLImageElement::hasShadowControls):

  • html/HTMLPictureElement.h:
  • html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::createHTMLElement):

  • html/parser/HTMLPreloadScanner.cpp:

(WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):

Images that are built underneath a <picture> element are now connected
to that picture element via a setPictureNode call from the parser. This
ensures that the correct <source> elements are examined before checking the image.

This connection between images and their picture owners is handled using a static
HashMap in HTMLImageElement. This connection is made both from the parser and from
DOM insertions, and the map is queried now instead of looking directly at the
image's parentNode().

5:41 AM Changeset in webkit [195131] by Carlos Garcia Campos
  • 3 edits
    29 adds in releases/WebKitGTK/webkit-2.10

Merge r194143 - Fix computation of min|max-content contribution of non-replaced blocks
https://bugs.webkit.org/show_bug.cgi?id=152004

Reviewed by Darin Adler.

Source/WebCore:

WebKit currently always returns the min preferred logical
width for the min-content contribution (and the max preferred
logical width for the max-content contribution) for
non-replaced blocks. That is not correct according to specs
https://drafts.csswg.org/css-sizing/#block-intrinsic.

The min-content and max-content contributions actually depend
on the computed inline size of the block:

  • for min-content,max-content or definite sizes: min-content

and max-content contributions are the inline size plus border,
margin and padding.

  • otherwise: min-content contribution is the min-content size

and max-content contribution is the max-content size (in both
cases plus border, padding and margin).

Tests: fast/css-intrinsic-dimensions/auto-maxcontent-inlinesize-contribution-nonreplaced-blocks.html

fast/css-intrinsic-dimensions/auto-mincontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/fillavailable-maxcontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/fillavailable-mincontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/fitcontent-maxcontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/fitcontent-mincontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/fixed-inlinesize-contribution-nonreplaced-blocks-1.html
fast/css-intrinsic-dimensions/fixed-inlinesize-contribution-nonreplaced-blocks-2.html
fast/css-intrinsic-dimensions/indefinite-percent-maxcontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/indefinite-percent-mincontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/maxcontent-maxcontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/maxcontent-mincontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/mincontent-maxcontent-inlinesize-contribution-nonreplaced-blocks.html
fast/css-intrinsic-dimensions/mincontent-mincontent-inlinesize-contribution-nonreplaced-blocks.html

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::computeBlockPreferredLogicalWidths):

LayoutTests:

  • fast/css-intrinsic-dimensions/auto-maxcontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/auto-maxcontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/auto-mincontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/auto-mincontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/fillavailable-maxcontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/fillavailable-maxcontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/fillavailable-mincontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/fillavailable-mincontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/fitcontent-maxcontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/fitcontent-maxcontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/fitcontent-mincontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/fitcontent-mincontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/fixed-inlinesize-contribution-nonreplaced-blocks-1-expected.html: Added.
  • fast/css-intrinsic-dimensions/fixed-inlinesize-contribution-nonreplaced-blocks-1.html: Added.
  • fast/css-intrinsic-dimensions/fixed-inlinesize-contribution-nonreplaced-blocks-2-expected.html: Added.
  • fast/css-intrinsic-dimensions/fixed-inlinesize-contribution-nonreplaced-blocks-2.html: Added.
  • fast/css-intrinsic-dimensions/indefinite-percent-maxcontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/indefinite-percent-maxcontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/indefinite-percent-mincontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/indefinite-percent-mincontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/maxcontent-maxcontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/maxcontent-maxcontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/maxcontent-mincontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/maxcontent-mincontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/mincontent-maxcontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/mincontent-maxcontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/mincontent-mincontent-inlinesize-contribution-nonreplaced-blocks-expected.html: Added.
  • fast/css-intrinsic-dimensions/mincontent-mincontent-inlinesize-contribution-nonreplaced-blocks.html: Added.
  • fast/css-intrinsic-dimensions/resources/intrinsic-size-contribution.css: Added.

(.container):
(.item):
(.border):
(.padding):
(.margin):

5:23 AM Changeset in webkit [195130] by Antti Koivisto
  • 2 edits in trunk/LayoutTests

Switch out from ES6 arrow function syntax to allow the test to work with an older WebKit.

  • fast/loader/cache-encoding.html:
5:16 AM Changeset in webkit [195129] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.10/Source/WTF

Merge r194037 - REGRESSION (r162777): Remove Boost Software License from WTF
<http://webkit.org/b/152243>

Reviewed by Darin Adler.

The source code that the Boost Software License was referring to
was removed in r162777 by switching to std::atomic.

  • wtf/Atomics.cpp:
  • wtf/Atomics.h:
  • wtf/ThreadSafeRefCounted.h:
  • Remove Boost Software License.
  • Update Apple Inc. copyright as needed.
  • Refresh Apple Inc. license text.
5:14 AM Changeset in webkit [195128] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194016 - Clean up absolute positioned map properly.
https://bugs.webkit.org/show_bug.cgi?id=152219
rdar://problem/23861165

Reviewed by Simon Fraser.

We insert positioned renderers into a static map (RenderBlock::gPositionedDescendantsMap) to keep track of them.
Since this static map is at block level, (positioned)inline renderers use their containing block to store
their positioned descendants.
This patch ensures that when an inline element can no longer hold positioned children, we remove them from
the inline's containing block's map. -unless the container itself can hold positioned renderers(see RenderElement::canContainAbsolutelyPositionedObjects).

Source/WebCore:

Test: fast/block/positioning/crash-when-positioned-inline-has-positioned-child.html

  • rendering/RenderInline.cpp:

(WebCore::RenderInline::styleWillChange):

  • rendering/RenderInline.h:

LayoutTests:

  • fast/block/positioning/crash-when-positioned-inline-has-positioned-child-expected.txt: Added.
  • fast/block/positioning/crash-when-positioned-inline-has-positioned-child.html: Added.
5:11 AM Changeset in webkit [195127] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194002 - ASSERTION FAILED: !rect.isEmpty() in WebCore::GraphicsContext::drawRect
https://bugs.webkit.org/show_bug.cgi?id=151201

Reviewed by Simon Fraser.

Drawing empty rect is a waste.

Source/WebCore:

Test: fast/borders/empty-drawrect-assert-after-pixelsnap.html

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::drawLineForBoxSide):

LayoutTests:

  • fast/borders/empty-drawrect-assert-after-pixelsnap-expected.txt: Added.
  • fast/borders/empty-drawrect-assert-after-pixelsnap.html: Added.
5:10 AM Changeset in webkit [195126] by Carlos Garcia Campos
  • 3 edits
    4 adds in releases/WebKitGTK/webkit-2.10

Merge r194001 - Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
https://bugs.webkit.org/show_bug.cgi?id=152102
<rdar://problem/22124230>

Reviewed by Andy Estes.

Source/WebCore:

Keep the ReferrerPolicy for a document as ReferrerPolicyNever if the document is loaded with
"Content-Disposition: attachment".

Test: http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html

  • dom/Document.cpp:

(WebCore::Document::processReferrerPolicy):
(WebCore::Document::applyContentDispositionAttachmentSandbox):

LayoutTests:

  • http/tests/contentdispositionattachmentsandbox/resources/echo-http-referer.php: Added.
  • http/tests/contentdispositionattachmentsandbox/resources/subresource-request-not-include-referer-header-frame.php: Added.
  • http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header-expected.txt: Added.
  • http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html: Added.
4:42 AM Changeset in webkit [195125] by Carlos Garcia Campos
  • 6 edits
    1 copy
    4 adds in releases/WebKitGTK/webkit-2.10

Merge r193939 - [CSP] eval() is not blocked for stringified literals
https://bugs.webkit.org/show_bug.cgi?id=152158
<rdar://problem/15775625>

Reviewed by Saam Barati.

Source/JavaScriptCore:

Fixes an issue where stringified literals can be eval()ed despite being disallowed by
Content Security Policy of the page.

  • interpreter/Interpreter.cpp:

(JSC::eval): Throw a JavaScript EvalError exception if eval() is disallowed for the page
and return undefined.

  • runtime/JSGlobalObjectFunctions.cpp:

(JSC::globalFuncEval): Ditto.

LayoutTests:

Update test LayoutTests/http/tests/security/contentSecurityPolicy/eval-blocked.html to be
more comprehensive.

Add tests to ensure that we block eval() from within an external JavaScript script when the
policy of the page disallows eval() and that we block eval() inside a subframe that disallows
eval() when the page in the main frame allows eval().

  • http/tests/security/contentSecurityPolicy/eval-blocked-expected.txt:
  • http/tests/security/contentSecurityPolicy/eval-blocked-in-external-script-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/eval-blocked-in-external-script.html: Added.
  • http/tests/security/contentSecurityPolicy/eval-blocked-in-subframe-expected.txt: Copied from LayoutTests/http/tests/security/contentSecurityPolicy/eval-blocked-expected.txt.
  • http/tests/security/contentSecurityPolicy/eval-blocked-in-subframe.html: Added.
  • http/tests/security/contentSecurityPolicy/eval-blocked.html:
  • http/tests/security/contentSecurityPolicy/resources/eval-blocked-in-external-script.js: Added.
4:38 AM Changeset in webkit [195124] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194955 - [GTK] Fix return value of some paint methods in RenderThemeGtk
https://bugs.webkit.org/show_bug.cgi?id=153015

Reviewed by Michael Catanzaro.

The bool value returned by paint methods in RenderTheme means
whether the appearance is supported or not, so we should return
true when not supported (so we didn't paint anything) and false
when supported (so we actually painted the theme part).

  • rendering/RenderThemeGtk.cpp:

(WebCore::RenderThemeGtk::paintSearchFieldResultsDecorationPart):
(WebCore::RenderThemeGtk::paintSearchFieldCancelButton):
(WebCore::RenderThemeGtk::paintMediaButton):
(WebCore::RenderThemeGtk::paintMediaMuteButton):
(WebCore::RenderThemeGtk::paintMediaPlayButton):
(WebCore::RenderThemeGtk::paintMediaSliderTrack):
(WebCore::RenderThemeGtk::paintMediaVolumeSliderContainer): Deleted.

  • rendering/RenderThemeGtk.h:
4:38 AM Changeset in webkit [195123] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194847 - [GTK] Cleanup RenderThemeGtk
https://bugs.webkit.org/show_bug.cgi?id=152888

Reviewed by Michael Catanzaro.

Use a common path for GTK+ 3.19 and previous versions, simplifying
the code and removing a lot of ifdefs.

  • createStyleContext() now receives a theme part enum value, and an optional parent GtkStyleContext. It encapsulates all the differences between GTK+ 3.19 and previous version leaving the rendering code common and free of ifdefs.
  • Stock icons support have been removed, simplifying the code that now always renders symbolic icons, updating the colors depending on the current state.
  • Media button and colors have been removed, because they are unused now that we render the media controls with CSS.
  • ComboBox separators support has also been removed. In GTK+ 3.19 combo boxes no longer have separators and most of the GTK+ themes don't use the either, so it's better to simple not render them anymore in WebKit either.
  • Code to paint caps lock indicator has been removed too, since caps lock indicator is now shadow dom and automatically rendered by WebCore.
  • rendering/RenderThemeGtk.cpp:

(WebCore::createStyleContext):
(WebCore::loadThemedIcon):
(WebCore::gtkIconStateFlags):
(WebCore::RenderThemeGtk::adjustRepaintRect):
(WebCore::setToggleSize):
(WebCore::paintToggle):
(WebCore::RenderThemeGtk::setCheckboxSize):
(WebCore::RenderThemeGtk::paintCheckbox):
(WebCore::RenderThemeGtk::setRadioSize):
(WebCore::RenderThemeGtk::paintRadio):
(WebCore::RenderThemeGtk::paintButton):
(WebCore::getComboBoxMetrics):
(WebCore::RenderThemeGtk::popupInternalPaddingLeft):
(WebCore::RenderThemeGtk::popupInternalPaddingRight):
(WebCore::RenderThemeGtk::popupInternalPaddingTop):
(WebCore::RenderThemeGtk::popupInternalPaddingBottom):
(WebCore::RenderThemeGtk::paintMenuList):
(WebCore::RenderThemeGtk::paintTextField):
(WebCore::adjustSearchFieldIconStyle):
(WebCore::RenderThemeGtk::adjustSearchFieldResultsDecorationPartStyle):
(WebCore::paintIcon):
(WebCore::paintEntryIcon):
(WebCore::RenderThemeGtk::paintSearchFieldResultsDecorationPart):
(WebCore::RenderThemeGtk::adjustSearchFieldCancelButtonStyle):
(WebCore::RenderThemeGtk::paintSearchFieldCancelButton):
(WebCore::RenderThemeGtk::shouldHaveCapsLockIndicator):
(WebCore::RenderThemeGtk::paintSliderTrack):
(WebCore::RenderThemeGtk::paintSliderThumb):
(WebCore::RenderThemeGtk::adjustSliderThumbSize):
(WebCore::RenderThemeGtk::paintProgressBar):
(WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
(WebCore::paintSpinArrowButton):
(WebCore::RenderThemeGtk::paintInnerSpinButton):
(WebCore::styleColor):
(WebCore::RenderThemeGtk::platformActiveSelectionBackgroundColor):
(WebCore::RenderThemeGtk::platformInactiveSelectionBackgroundColor):
(WebCore::RenderThemeGtk::platformActiveSelectionForegroundColor):
(WebCore::RenderThemeGtk::platformInactiveSelectionForegroundColor):
(WebCore::RenderThemeGtk::platformActiveListBoxSelectionBackgroundColor):
(WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor):
(WebCore::RenderThemeGtk::platformActiveListBoxSelectionForegroundColor):
(WebCore::RenderThemeGtk::platformInactiveListBoxSelectionForegroundColor):
(WebCore::RenderThemeGtk::systemColor):
(WebCore::RenderThemeGtk::paintMediaButton):
(WebCore::RenderThemeGtk::paintMediaFullscreenButton):
(WebCore::RenderThemeGtk::paintMediaMuteButton):
(WebCore::RenderThemeGtk::paintMediaPlayButton):
(WebCore::RenderThemeGtk::paintMediaSeekBackButton):
(WebCore::RenderThemeGtk::paintMediaSeekForwardButton):
(WebCore::RenderThemeGtk::paintMediaToggleClosedCaptionsButton):

  • rendering/RenderThemeGtk.h:
4:37 AM Changeset in webkit [195122] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194844 - [GTK] Cleanup ScrollbarThemeGtk
https://bugs.webkit.org/show_bug.cgi?id=152830

Reviewed by Michael Catanzaro.

Use a common path for GTK+ 3.19 and previous versions, simplifying
the code and removing a lot of ifdefs. Use always a new
GtkStyleContext, but when painting cache the newly created one so
all paint methods use that one. We were also caching some theme
properties assuming they don't change unless the theme changes,
but some of them can have different values depending on the state,
for example, when hovered or pressed. Those properties are now
only cached when we create a new GtkStyleContext.
The method updateScrollbarsFrameThickness() has also been removed,
since the Scrollbar constructor already initializes the frame rect
using the scrollbarThickness(). This method was not doing anything
anyway, since that was called on the constructor of the theme,
when there were no scrollbars registered. This also means we no
longer need to track registered/unregistered scrollbars.

  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::backButtonRect): Use the cached
GtkStyleContext and properties or create a new.
(WebCore::ScrollbarThemeGtk::forwardButtonRect): Ditto.
(WebCore::ScrollbarThemeGtk::trackRect): Ditto.
(WebCore::orientationStyleClass):
(WebCore::ScrollbarThemeGtk::getOrCreateStyleContext): Create a
new GtkStyleContext for the scrollbar if there isn't a cached
one. Also initialize the properties that depend on the state.
(WebCore::createChildStyleContext): Create a new GtkStyleContext
from a parent one.
(WebCore::ScrollbarThemeGtk::updateThemeProperties): Get the
properties that can only change when the theme changes.
(WebCore::ScrollbarThemeGtk::thumbRect): Use the cached
GtkStyleContext and properties or create a new.
(WebCore::adjustRectAccordingToMargin): Use always the
GtkStyleContext state instead of receiving it and setting it again.
(WebCore::ScrollbarThemeGtk::paintTrackBackground): Get or create
a GtkStyleContext for the scrollbar and create a child one for the trough.
(WebCore::ScrollbarThemeGtk::paintScrollbarBackground): Use the
cached GtkStyleContext or create a new one.
(WebCore::ScrollbarThemeGtk::paintThumb): Get or create a
GtkStyleContext for the scrollbar and create a child ones for
trough and slider.
(WebCore::ScrollbarThemeGtk::paintButton): Get or create a
GtkStyleContext for the scrollbar and create a child one for the button.
(WebCore::ScrollbarThemeGtk::paint): Create a GtkStyleContext and
cache it temporarily using TemporaryChange until the method finishes.
(WebCore::ScrollbarThemeGtk::scrollbarThickness): Use the cached
GtkStyleContext and properties or create a new.
(WebCore::ScrollbarThemeGtk::buttonSize): Ditto.

  • platform/gtk/ScrollbarThemeGtk.h:
4:37 AM Changeset in webkit [195121] by Carlos Garcia Campos
  • 8 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r194817 - Absolute positioning -webkit-search-cancel-button crashes Safari.
https://bugs.webkit.org/show_bug.cgi?id=152847
<rdar://problem/24112087>

Reviewed by Simon Fraser.

Do not call offsetFromContainer while resolving the painting position for the search/cancel button renderer.
It skips the static positioned parent input renderer, when the search/cancel renderer is absolute positioned.
This patch also fixes a rendering glitch when the margin-right is > 0.

Source/WebCore:

Test: fast/forms/absolute-positioned-custom-search-cancel-crash.html

  • rendering/RenderTheme.h:

(WebCore::RenderTheme::paintSearchFieldCancelButton):
(WebCore::RenderTheme::paintSearchFieldResultsDecorationPart):
(WebCore::RenderTheme::paintSearchFieldResultsButton):

  • rendering/RenderThemeMac.h:
  • rendering/RenderThemeMac.mm:

(WebCore::convertToPaintingPosition):
(WebCore::RenderThemeMac::paintSearchFieldCancelButton):
(WebCore::RenderThemeMac::paintSearchFieldResultsDecorationPart):
(WebCore::RenderThemeMac::paintSearchFieldResultsButton):
(WebCore::RenderThemeMac::convertToPaintingRect): Deleted.

LayoutTests:

  • fast/forms/absolute-positioned-custom-search-cancel-crash-expected.txt: Added.
  • fast/forms/absolute-positioned-custom-search-cancel-crash.html: Added.
4:37 AM Changeset in webkit [195120] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r194377 - [GTK] Everything broken in GTK+ 3.19
https://bugs.webkit.org/show_bug.cgi?id=150550

Reviewed by Carlos Garcia Campos.

Port RenderThemeGtk and ScrollbarThemeGtk to use CSS nodes. This makes it possible to render
stuff with modern GTK+.

No new tests. We already have tons of tests for this functionality, but we're running them
with GTK+ 3.16, so they cannot have detected this breakage. These fixes require unreleased
GTK+, and GTK+ rendering is currently in a state of flux; once things settle down, we can
consider upgrading the GTK+ used for our layout tests.

  • platform/gtk/GRefPtrGtk.cpp:

(WTF::refGPtr):
(WTF::derefGPtr):

  • platform/gtk/GRefPtrGtk.h:
  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::themeChanged):
(WebCore::ScrollbarThemeGtk::updateThemeProperties):
(WebCore::orientationStyleClass):
(WebCore::applyScrollbarStyleContextClasses):
(WebCore::ScrollbarThemeGtk::paintTrackBackground):
(WebCore::ScrollbarThemeGtk::paintScrollbarBackground):
(WebCore::ScrollbarThemeGtk::paintThumb):
(WebCore::ScrollbarThemeGtk::paintButton):

  • rendering/RenderThemeGtk.cpp:

(WebCore::createStyleContext):
(WebCore::setToggleSize):
(WebCore::paintToggle):
(WebCore::RenderThemeGtk::paintButton):
(WebCore::getComboBoxMetrics):
(WebCore::RenderThemeGtk::paintMenuList):
(WebCore::RenderThemeGtk::paintTextField):
(WebCore::applySliderStyleContextClasses):
(WebCore::RenderThemeGtk::paintSliderTrack):
(WebCore::RenderThemeGtk::paintSliderThumb):
(WebCore::RenderThemeGtk::paintProgressBar):
(WebCore::paintSpinArrowButton):
(WebCore::styleColor):

4:36 AM Changeset in webkit [195119] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r193896 - [GTK] RenderThemeGtk::platformActiveSelectionBackgroundColor, et. al. should not clobber state of cached GtkStyleContexts
https://bugs.webkit.org/show_bug.cgi?id=151533

Reviewed by Carlos Garcia Campos.

Remove the style context cache to simplify the code, drastically reduce the number of
expensive save/restore operations performed on style contexts, and avoid unwanted
side-effects in RenderThemeGtk::styleColor. This is also a speculative fix for improper
button rendering with certain custom themes, and a simplification that will make it easier
to fix bug #150550.

This change does have performance implications, which I intend to check on the perf bot
after landing to ensure that removing the cache does not have a significant negative impact
on performance; I have no clue whether this will be a net performance win or loss. However,
this is a bit tricky, because the bot is running GTK+ 3.16, whereas I expect save/restore
might be much more expensive in GTK+ 3.20, and I do not want to make performance decisions
except based on the latest GTK+ due to large changes in the implementation of
GtkStyleContext.

  • rendering/RenderThemeGtk.cpp:

(WebCore::createStyleContext):
(WebCore::getStockIconForWidgetType):
(WebCore::getStockSymbolicIconForWidgetType):
(WebCore::RenderThemeGtk::initMediaColors):
(WebCore::RenderThemeGtk::adjustRepaintRect):
(WebCore::setToggleSize):
(WebCore::paintToggle):
(WebCore::RenderThemeGtk::setCheckboxSize):
(WebCore::RenderThemeGtk::setRadioSize):
(WebCore::RenderThemeGtk::paintButton):
(WebCore::getComboBoxMetrics):
(WebCore::RenderThemeGtk::paintMenuList):
(WebCore::RenderThemeGtk::paintTextField):
(WebCore::RenderThemeGtk::paintSliderTrack):
(WebCore::RenderThemeGtk::paintSliderThumb):
(WebCore::RenderThemeGtk::adjustSliderThumbSize):
(WebCore::RenderThemeGtk::paintProgressBar):
(WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
(WebCore::RenderThemeGtk::paintInnerSpinButton):
(WebCore::styleColor):
(WebCore::gtkStyleChangedCallback): Deleted.
(WebCore::styleContextMap): Deleted.
(WebCore::getStyleContext): Deleted.

3:34 AM Changeset in webkit [195118] by Carlos Garcia Campos
  • 6 edits
    4 adds in releases/WebKitGTK/webkit-2.10

Merge r193841 - AX: [GTK] Anonymous render block flow elements should be exposed as ATK_ROLE_SECTION; not ATK_ROLE_PANEL
https://bugs.webkit.org/show_bug.cgi?id=152070

Reviewed by Mario Sanchez Prada.

Source/WebCore:

Map the element to WebCore AccessibilityRole DivRole for GTK. This is being
done in the shared layer rather than in the platform layer because we want all
subsequent logic to treat anonymous render block flow elements as divs.

No new tests. We already have sufficient test coverage. The expectations
been updated accordingly.

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::determineAccessibilityRole):

LayoutTests:

  • platform/gtk/accessibility/deleting-iframe-destroys-axcache-expected.txt: Added.
  • platform/gtk/accessibility/gtk/media-controls-panel-title-expected.txt: Added.
  • platform/gtk/accessibility/gtk/replaced-objects-in-anonymous-blocks-expected.txt: Added.
  • platform/gtk/accessibility/image-link-expected.txt: Updated
  • platform/gtk/accessibility/image-with-alt-and-map-expected.txt: Updated.
  • platform/gtk/accessibility/lists-expected.txt: Updated.
  • platform/gtk/accessibility/media-emits-object-replacement-expected.txt: Updated.
3:32 AM Changeset in webkit [195117] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.10

Merge r193840 - form.elements should reflect the element ordering after the HTML tree builder algorithm
https://bugs.webkit.org/show_bug.cgi?id=148870
rdar://problem/22589879

Patch by Keith Rollin <Keith Rollin> on 2015-12-09
Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline existing test.

  • web-platform-tests/html/semantics/forms/the-form-element/form-elements-nameditem-02-expected.txt:

Source/WebCore:

form.elements should return form-associated elements in tree order.
However, when presented with an HTML fragment like the following,
forms.elements is not built in tree order. Instead, the elements
appear in forms.element in the same order they appear in the HTML --
that is in the same order as they are parsed.

<form id=form>

<table>

<tr>

<td><input type="radio" name="radio1" id="r1" value=1></td>
<td><input type="radio" name="radio2" id="r2" value=2></td>
<input type="radio" name="radio0" id="r0" value=0>

</tr>

</table>

</form>

The reason why elements appear in forms.elements in parse order is
because they register themselves with the designated form when they
are created. At this time, they are not in the DOM tree, so the form
can only assume that the element will be appended to the DOM tree,
with the result that it records the elements in the HTML fragment
above as [r1, r2, r0].

However, it's not always the case that the newly-created element will
be appended to the current tree. In the HTML fragment above, the r0
input element is hoised out of the table element. It ends up being the
preceding sibling of the table element, with the result that the
actual tree-order of the input elements is [r0, r1, r2].

Because the problem is due to registering form-associated elements
with the form *before* the elements are added to the DOM tree, the
solution is to defer that registration until afterwards. With the new
element in the tree, the form can now use its current location in the
tree to correctly place the element in form.elements.

Existing tests now pass:

  • imported/w3c/web-platform-tests/html/semantics/forms/the-form-element/form-elements-nameditem-02-html
  • html/FormAssociatedElement.cpp:

(WebCore::FormAssociatedElement::FormAssociatedElement):
(WebCore::FormAssociatedElement::insertedInto):
(WebCore::FormAssociatedElement::removedFrom):
(WebCore::FormAssociatedElement::formRemovedFromTree):
(WebCore::FormAssociatedElement::formWillBeDestroyed):

  • html/FormAssociatedElement.h:
  • html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::HTMLFormControlElement):

  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::HTMLImageElement):
(WebCore::HTMLImageElement::insertedInto):
(WebCore::HTMLImageElement::removedFrom):

  • html/HTMLImageElement.h:
  • html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::HTMLObjectElement):

3:21 AM Changeset in webkit [195116] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.10

Merge r193830 - [GTK] Crash in WebProcess when loading large content with custom URI schemes
https://bugs.webkit.org/show_bug.cgi?id=144262

Reviewed by Carlos Garcia Campos.

Source/WebKit2:

Properly handle scenarios where errors happen after reading the first
chunk of data coming from the GInputStream provided by the application.

  • UIProcess/API/gtk/WebKitWebContextPrivate.h:
  • UIProcess/API/gtk/WebKitWebContext.cpp:

(webkitWebContextIsLoadingCustomProtocol): New, checks whether a load
is still in progress, after the startLoading method has been called.

  • UIProcess/API/gtk/WebKitURISchemeRequest.cpp:

(webkitURISchemeRequestReadCallback): Early return if the stream has been
cancelled on finish_error, so that we make sure we don't keep on reading
the GInputStream after that point.
(webkit_uri_scheme_request_finish_error): Don't send a didFailWithError
message to the Network process if the load is not longer in progress.

  • Shared/Network/CustomProtocols/soup/CustomProtocolManagerImpl.cpp:

(WebKit::CustomProtocolManagerImpl::didFailWithError): Handle the case where
an error is notified from the UI process after the first chunk has been read.
(WebKit::CustomProtocolManagerImpl::didReceiveResponse): Handle the case where
data might no longer be available if an error happened even before this point.

  • WebProcess/soup/WebKitSoupRequestInputStream.h:
  • WebProcess/soup/WebKitSoupRequestInputStream.cpp:

(webkitSoupRequestInputStreamDidFailWithError): Notify the custom GInputStream
that we no longer want to keep reading data in chunks due to a specific error.
(webkitSoupRequestInputStreamReadAsync): Early finish the GTask with a specific
error whenever webkitSoupRequestInputStreamDidFailWithError() has been called.

Tools:

Added new unit test to check the additional scenarios we now
handle for custom URI schemes.

  • TestWebKitAPI/Tests/WebKit2Gtk/TestWebKitWebContext.cpp:

(generateHTMLContent): New helper function to generate big enough content.
(testWebContextURIScheme): New unit test.

2:42 AM Changeset in webkit [195115] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r193829 - Bad position of large operators inside an munderover element
https://bugs.webkit.org/show_bug.cgi?id=151916

Reviewed by Alejandro G. Castro.

Source/WebCore:

Test: mathml/opentype/large-operators-munderover.html

  • rendering/mathml/RenderMathMLOperator.h:

(WebCore::RenderMathMLOperator::isVertical): Expose the direction of the operator.

  • rendering/mathml/RenderMathMLUnderOver.cpp:

(WebCore::RenderMathMLUnderOver::layout): Remove call to horizontal stretching for vertical operators.

LayoutTests:

  • mathml/opentype/large-operators-munderover-expected.txt: Added.
  • mathml/opentype/large-operators-munderover.html: Added.

Add a test to verify the position and size of a large operator used as an munderover base.

2:40 AM Changeset in webkit [195114] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r193819 - [TextureMapper] TextureMapperShaderProgram::setMatrix() should use TransformationMatrix::FloatMatrix4
https://bugs.webkit.org/show_bug.cgi?id=152042

Reviewed by Martin Robinson.

  • platform/graphics/texmap/TextureMapperShaderProgram.cpp:

(WebCore::TextureMapperShaderProgram::setMatrix): Instead of manually writing out
the complete matrix in a C array, simply use TransformationMatrix::FloatMatrix4
and fill that via the TransformationMatrix::toColumnMajorFloatArray() method
called on the passed-in TransformationMatrix.

2:39 AM Changeset in webkit [195113] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r193818 - [Soup] Attach the SocketStreamHandleSoup write-ready source to the thread-default context
https://bugs.webkit.org/show_bug.cgi?id=152041

Reviewed by Carlos Garcia Campos.

  • platform/network/soup/SocketStreamHandleSoup.cpp:

(WebCore::SocketStreamHandle::beginWaitingForSocketWritability): Attach the
write-ready source to the thread-default context, instead of implicitly
relying on the default context for dispatching.

2:38 AM Changeset in webkit [195112] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r193817 - [Soup] SocketStreamHandle should call g_source_destroy() on the write-ready source
https://bugs.webkit.org/show_bug.cgi?id=152040

Reviewed by Carlos Garcia Campos.

  • platform/network/soup/SocketStreamHandleSoup.cpp:

(WebCore::SocketStreamHandle::stopWaitingForSocketWritability): Instead of
calling the g_source_get_id()-g_source_remove() pair, destroy the source via
the g_source_destroy() call. Also use nullptr to clear out the pointer
variable.

2:37 AM Changeset in webkit [195111] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r193798 - Changing <video> src during 'ended' event can leave screen sleep disabled
https://bugs.webkit.org/show_bug.cgi?id=152018

Reviewed by Eric Carlson.

Resetting a HTMLMediaElement's src during 'ended' introduces a race condition: whether
the 'mediaPlayerRateChanged()' notification will fire before createMediaPlayer() destroys
the old MediaPlayer firing said notification.

To break the race condition, always update the sleep disabling assertion after destroying
the media player (by creating a new one).

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::createMediaPlayer):

2:35 AM Changeset in webkit [195110] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r193773 - Do not insert positioned renderers to multiple gPositionedDescendantsMap.
https://bugs.webkit.org/show_bug.cgi?id=151878
rdar://problem/22229889

Reviewed by Simon Fraser.

We insert positioned renderers into a static map (RenderBlock::gPositionedDescendantsMap) to keep track of them.
This static map is at block level. A particular absolute positioned object is added to its closest ancestor that
returns true for RenderElement::canContainAbsolutelyPositionedObjects().
canContainAbsolutelyPositionedObjects() returns true if the ancestor is either positioned or has transform.
If this container's style changes so that it's no longer positioned and it has no transform anymore,
we need to clear its static map of positioned objects (they'll get re-inserted to another ancestor at next layout).

This patch addresses the case when the renderer does not have transforms anymore.

Source/WebCore:

Test: fast/block/positioning/crash-when-transform-is-removed.html

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::styleWillChange):

LayoutTests:

  • fast/block/positioning/crash-when-transform-is-removed-expected.txt: Added.
  • fast/block/positioning/crash-when-transform-is-removed.html: Added.
2:32 AM Changeset in webkit [195109] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r193743 - [cairo] Solid stroke of lines with thickness less than 1 pixel broken after r191658
https://bugs.webkit.org/show_bug.cgi?id=151947

Reviewed by Martin Robinson.

Source/WebCore:

Test: mathml/presentation/radical-bar-visibility.html

  • platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::drawLine): Force a minimal thickness of 1px

LayoutTests:

Add a test to check that the radical overbar appears on the screen when it has thickness less than 1px.

  • mathml/presentation/radical-bar-visibility-expected-mismatch.html: Added.
  • mathml/presentation/radical-bar-visibility.html: Added.
2:30 AM Changeset in webkit [195108] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r193654 - [WK2] Regression(r187691): If a page is showing an auth pane in one tab, any new tabs with same page hang until credentials are entered in first tab
https://bugs.webkit.org/show_bug.cgi?id=151960
<rdar://problem/23618112>

Reviewed by Alex Christensen.

After r187691, if a page is showing an auth pane in one tab, any new
tabs with same page hang until credentials are entered in first tab.
This is because we coalescing all authentication challenges from the
same domain, no matter what tab they are for. This can be confusing
so we now only coalesce authentication challenges within each tab,
by leveraging the pageID (in addition to the domain).

  • Shared/Authentication/AuthenticationManager.cpp:

(WebKit::AuthenticationManager::shouldCoalesceChallenge):
(WebKit::AuthenticationManager::coalesceChallengesMatching):
(WebKit::AuthenticationManager::didReceiveAuthenticationChallenge):

  • Shared/Authentication/AuthenticationManager.h:
2:30 AM Changeset in webkit [195107] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r192287 - Implement authentication challenge handling when using NETWORK_SESSION
https://bugs.webkit.org/show_bug.cgi?id=150968

Reviewed by Antti Koivisto.

  • NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::didReceiveChallenge):
Copy functionality from NetworkLoad::canAuthenticateAgainstProtectionSpaceAsync (which is used when we don't use NETWORK_SESSION)
because there is no canAuthenticateAgainstProtectionSpace delegate callback when using NSURLSession, according to
https://developer.apple.com/library/ios/documentation/Cocoa/Conceptual/URLLoadingSystem/Articles/AuthenticationChallenges.html
Instead, all authentication challenge callbacks go to URLSession:task:didReceiveChallenge:completionHandler:
because we do not implement URLSession:didReceiveChallenge:completionHandler:

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(-[NetworkSessionDelegate URLSession:task:willPerformHTTPRedirection:newRequest:completionHandler:]):
(-[NetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
(-[NetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]):
Make a block copy of the completion handlers so we can copy the std::functions that wrap them into HashMaps and call them later,
in this case we call the completion handler after the UIProcess gives us credentials for an authentication challenge.

  • Shared/Authentication/AuthenticationManager.cpp:

(WebKit::AuthenticationManager::AuthenticationManager):
(WebKit::AuthenticationManager::addChallengeToChallengeMap):
(WebKit::AuthenticationManager::shouldCoalesceChallenge):
(WebKit::AuthenticationManager::coalesceChallengesMatching):
(WebKit::AuthenticationManager::didReceiveAuthenticationChallenge):
Fix an existing bug that caused multiple calls to addChallengeToChallengeMap for one challenge. This caused too many calls to
the AuthenticationClient methods, which did not cause a problem because they were not one-time-use block copies of completion handlers before.
(WebKit::AuthenticationManager::useCredentialForSingleChallenge):
(WebKit::AuthenticationManager::continueWithoutCredentialForChallenge):
(WebKit::AuthenticationManager::continueWithoutCredentialForSingleChallenge):
(WebKit::AuthenticationManager::cancelChallenge):
(WebKit::AuthenticationManager::cancelSingleChallenge):
(WebKit::AuthenticationManager::performDefaultHandling):
(WebKit::AuthenticationManager::performDefaultHandlingForSingleChallenge):
(WebKit::AuthenticationManager::rejectProtectionSpaceAndContinue):
(WebKit::AuthenticationManager::rejectProtectionSpaceAndContinueForSingleChallenge):
Call completion handlers which we stored in a HashMap before doing IPC if we are using NETWORK_SESSION,
which has completion handlers instead of continueSomething client calls.

  • Shared/Authentication/AuthenticationManager.h:

(WebKit::AuthenticationManager::outstandingAuthenticationChallengeCount):

  • Shared/Downloads/Download.cpp:

(WebKit::Download::didReceiveAuthenticationChallenge):
(WebKit::Download::didReceiveResponse):

  • Shared/Downloads/DownloadAuthenticationClient.cpp:

(WebKit::DownloadAuthenticationClient::receivedChallengeRejection):

  • Shared/Downloads/DownloadAuthenticationClient.h:

Add ifdefs for code related to downloading I will implement later.

2:06 AM Changeset in webkit [195106] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r193648 - Crashes on PPC64 due to mprotect() on address not aligned to the page size
https://bugs.webkit.org/show_bug.cgi?id=130237

Reviewed by Mark Lam.

Make sure that commitSize is at least as big as the page size.

  • interpreter/JSStack.cpp:

(JSC::commitSize):
(JSC::JSStack::JSStack):
(JSC::JSStack::growSlowCase):

  • interpreter/JSStack.h:
1:35 AM Changeset in webkit [195105] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r193635 - Crash in MemoryCache::pruneDeadResourcesToSize()
https://bugs.webkit.org/show_bug.cgi?id=151833
<rdar://problem/22392235>

Reviewed by David Kilzer.

MemoryCache::pruneDeadResourcesToSize() is iterating over m_allResources
(which is a vector of LRUList). It first destroys decoded data for each
resource in the LRUList. Then, if it does not suffice to reach the
target size, and starts actually removing resources from the cache.

The issue is that this code alters m_allResources (and its LRULists) as
it is iterating over it. We tried to deal with this in various ways:

  1. Increment the iterator before removing the resource pointed by the iterator.
  2. Protect the next resource in the LRUList and abort early if it is no longer in the cache.

This adds code complexity and apparently does not correctly handle all
the edge cases as we still see crashes in this code. In particular, I
suspect that 2. may not be sufficient if it is possible for the next
resource to be moved to another LRUList (in which case, next->inCache()
would still return true but the iterator would however become invalid).

To make the code simpler and more robust, this patch copies the LRUList
(and refs the CachedResources) before iterating over it. This is a lot
safer and should hopefully fix the crashes we see in this function.

No new tests, no reproduction case.

  • loader/cache/MemoryCache.cpp:

(WebCore::MemoryCache::pruneDeadResourcesToSize):

1:33 AM Changeset in webkit [195104] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r193613 - Clipping along compositing borders in svg-edit
https://bugs.webkit.org/show_bug.cgi?id=151791

Reviewed by Zalan Bujtas.

Source/WebCore:

RenderSVGRoot::layout() failed to clear overflow before recomputing
visual overflow, which could cause it to get stuck with stale overflow.
This would cause underpainting if its size went from small to large.

Test: svg/overflow/visual-overflow-change.html

  • rendering/svg/RenderSVGRoot.cpp:

(WebCore::RenderSVGRoot::layout):

LayoutTests:

Ref test that triggers recomputation of overflow.

  • svg/overflow/visual-overflow-change-expected.html: Added.
  • svg/overflow/visual-overflow-change.html: Added.
1:31 AM Changeset in webkit [195103] by Carlos Garcia Campos
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r193610 - REGRESSION (r187121): Can't get to the main content of the page at https://theintercept.com/drone-papers/
https://bugs.webkit.org/show_bug.cgi?id=151849
rdar://problem/23132828

Reviewed by Zalan Bujtas.

Source/WebCore:

This page uses a fill-forwards animation where the last keyframe has height: auto.
After r187121, we tried to blend the height Length value from the last keyframe to the
first keyframe with progress=0 (which should pick up the 'auto' from the last keyframe).

However, Length::blend() just considered both 0 and 'auto' to be zero, and returned
the 0 length.

So fix Length::blend() to return the "from" length if progress is zero.

Test: animations/fill-forwards-auto-height.html

  • page/animation/CSSPropertyAnimation.cpp:

(WebCore::blendFunc): Length::blend takes a double, so don't narrow to float.

  • page/animation/KeyframeAnimation.cpp:

(WebCore::KeyframeAnimation::fetchIntervalEndpointsForProperty): Declare two variables
at first use.

  • platform/Length.h:

(WebCore::Length::blend):

LayoutTests:

New ref test.

The behavior of imported/blink/transitions/transition-not-interpolable.html changed
with this patch, but that test is trying to determine if transitions run to/from
'auto' values, and doing it wrong. The current patch doesn't change the user-visible
behavior of transitions with 'auto' endpoints (covered by http://webkit.org/b/38243).

  • animations/fill-forwards-auto-height-expected.html: Added.
  • animations/fill-forwards-auto-height.html: Added.
  • imported/blink/transitions/transition-not-interpolable-expected.txt:
1:15 AM Changeset in webkit [195102] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r193609 - Give SVGTransformList some inline vector capacity
https://bugs.webkit.org/show_bug.cgi?id=151644

Reviewed by Andreas Kling.

Giving SVGTransformList inline capacity of one drops time under SVGTransformList::parse() by
about 1% on http://animateplus.com/demos/stress-test/

  • svg/SVGTransformList.h:
1:14 AM Changeset in webkit [195101] by youenn.fablet@crf.canon.fr
  • 23 edits in trunk

[Streams API] Expose ReadableStream and relatives to Worker
https://bugs.webkit.org/show_bug.cgi?id=152066

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebasing tests as Worker tests are now running.

  • web-platform-tests/streams-api/byte-length-queuing-strategy-expected.txt:
  • web-platform-tests/streams-api/count-queuing-strategy-expected.txt:
  • web-platform-tests/streams-api/readable-streams/bad-underlying-sources-expected.txt:
  • web-platform-tests/streams-api/readable-streams/bad-strategies-expected.txt:
  • web-platform-tests/streams-api/readable-streams/brand-checks-expected.txt:
  • web-platform-tests/streams-api/readable-streams/cancel-expected.txt:
  • web-platform-tests/streams-api/readable-streams/count-queuing-strategy-integration-expected.txt:
  • web-platform-tests/streams-api/readable-streams/garbage-collection-expected.txt:
  • web-platform-tests/streams-api/readable-streams/general-expected.txt:
  • web-platform-tests/streams-api/readable-streams/pipe-through-expected.txt:
  • web-platform-tests/streams-api/readable-streams/readable-stream-reader-expected.txt:
  • web-platform-tests/streams-api/readable-streams/tee-expected.txt:
  • web-platform-tests/streams-api/readable-streams/templated-expected.txt:

Source/WebCore:

Covered by rebased tests.

  • Modules/streams/ByteLengthQueuingStrategy.idl:
  • Modules/streams/CountQueuingStrategy.idl:
  • Modules/streams/ReadableStream.idl:
  • Modules/streams/ReadableStreamController.idl:
  • Modules/streams/ReadableStreamReader.idl:

LayoutTests:

Rebasing tests as ReadableStream is now available in workers.

  • js/dom/global-constructors-attributes-dedicated-worker-expected.txt:
  • platform/efl/js/dom/global-constructors-attributes-dedicated-worker-expected.txt:
1:11 AM Changeset in webkit [195100] by youenn.fablet@crf.canon.fr
  • 5 edits
    8 adds in trunk

CORS: Fix the handling of redirected request containing Origin null.
https://bugs.webkit.org/show_bug.cgi?id=128816

Reviewed by Brent Fulgham.

Source/WebCore:

Merging Blink patch from George Ancil (https://chromiumcodereview.appspot.com/20735002).

This patch removes the check for securityOrigin->isUnique() in passesAccessControlCheck().
This check prevented a redirected request with "Origin: null" from being
successful even when the response contains "Access-Control-Allow-Origin: null"

Tests: http/tests/xmlhttprequest/access-control-sandboxed-iframe-allow-origin-null.html

http/tests/xmlhttprequest/redirect-cors-origin-null.html

  • loader/CrossOriginAccessControl.cpp:

(WebCore::passesAccessControlCheck):

LayoutTests:

Merging Blink patch from George Ancil (https://chromiumcodereview.appspot.com/20735002)

Added two tests to check CORS with Origin null in HTTP redirect and iframe cases.
Updated two test sandboxed iframes test expectations (requests are still denied but error messages are different).

  • http/tests/xmlhttprequest/access-control-sandboxed-iframe-allow-origin-null-expected.txt: Added.
  • http/tests/xmlhttprequest/access-control-sandboxed-iframe-allow-origin-null.html: Added.
  • http/tests/xmlhttprequest/access-control-sandboxed-iframe-denied-expected.txt:
  • http/tests/xmlhttprequest/access-control-sandboxed-iframe-denied-without-wildcard-expected.txt:
  • http/tests/xmlhttprequest/redirect-cors-origin-null-expected.txt: Added.
  • http/tests/xmlhttprequest/redirect-cors-origin-null.html: Added.
  • http/tests/xmlhttprequest/resources/access-control-sandboxed-iframe-allow-origin-null-iframe.html: Added.
  • http/tests/xmlhttprequest/resources/access-control-sandboxed-iframe-allow-origin-null.cgi: Added.
  • http/tests/xmlhttprequest/resources/redirect-cors-origin-null-pass.php: Added.
  • http/tests/xmlhttprequest/resources/redirect-cors-origin-null.php: Added.
1:04 AM Changeset in webkit [195099] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r193390 - Remove the use of GraphicsContextStateSaver from RenderLayer::paintLayerByApplyingTransform
https://bugs.webkit.org/show_bug.cgi?id=151829

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2015-12-03
Reviewed by Simon Fraser.

Set the CTM of the GraphicsContext to its original value before changing
it. This is a lot cheaper than using GraphicsContextStateSaver to save the
whole state of the GraphicsContext and restore it back;

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::paintLayerByApplyingTransform):

12:58 AM Changeset in webkit [195098] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.10/Source/bmalloc

Merge r193373 - bmalloc: extra large allocations could be more efficient
https://bugs.webkit.org/show_bug.cgi?id=151817

Reviewed by Geoffrey Garen.

Reduced the super chunk size from 4MB to 2MB.

Added path to reallocate() of an extra large object to see if we can extend the allocation.

  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::reallocate):

  • bmalloc/SegregatedFreeList.h:
  • bmalloc/Sizes.h:
  • bmalloc/VMAllocate.h:

(bmalloc::tryVMAllocate):
(bmalloc::tryVMExtend):
(bmalloc::vmAllocate):

12:36 AM Changeset in webkit [195097] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192989 - Reduce size of ScriptElement
https://bugs.webkit.org/show_bug.cgi?id=151786

Patch by Alex Christensen <achristensen@webkit.org> on 2015-12-02
Reviewed by Andreas Kling.

  • dom/ScriptElement.cpp:

(WebCore::ScriptElement::ScriptElement):
(WebCore::ScriptElement::requestScript):

  • dom/ScriptElement.h:

Use callOnMainThread instead of a Timer to save memory on a timer that is rarely used.
Use bit fields for the boolean values to save another 8 bytes per ScriptElement.
This reduces sizeof(ScriptElement) from 168 to 48 bytes.

12:33 AM Changeset in webkit [195096] by Carlos Garcia Campos
  • 8 edits
    3 adds in releases/WebKitGTK/webkit-2.10

Merge r192983 - Asynchronously call onerror when a content blocker blocks ascript element's load
https://bugs.webkit.org/show_bug.cgi?id=151649

Patch by Alex Christensen <achristensen@webkit.org> on 2015-12-02
Reviewed by Brady Eidson.

Source/WebCore:

Test: http/tests/contentextensions/script-onerror.html

  • dom/ScriptElement.cpp:

(WebCore::ScriptElement::ScriptElement):
(WebCore::ScriptElement::requestScript):

  • dom/ScriptElement.h:

LayoutTests:

  • http/tests/contentextensions/script-onerror-expected.txt: Added.
  • http/tests/contentextensions/script-onerror.html: Added.
  • http/tests/contentextensions/script-onerror.html.json: Added.
  • http/tests/misc/unloadable-script-expected.txt:
  • http/tests/misc/unloadable-script.html:
  • http/tests/security/local-JavaScript-from-remote-expected.txt:
  • http/tests/security/local-JavaScript-from-remote.html:

Added testRunner.waitUntilDone and testRunner.notifyDone to reflect the fact that onerror is no longer called synchronously.

12:26 AM Changeset in webkit [195095] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192969 - Fix preloader issue with srcdoc documents.
https://bugs.webkit.org/show_bug.cgi?id=151744

Reviewed by Ryosuke Niwa.

Source/WebCore:

Make sure that PreloadRequest is resolving URLs based on the document's
baseURL() rather than using url() as the base URL, which is not how URLs
are resolved by the parser, and fails when document->url() diverges from
the document's base URL (e.g. in the case of srcdoc based documents).

Test: fast/preloader/iframe-srcdoc.html

  • html/parser/HTMLResourcePreloader.cpp:

(WebCore::PreloadRequest::completeURL):

LayoutTests:

Added a test that makes sure that srcdoc based subresources are properly preloaded.

  • fast/preloader/iframe-srcdoc-expected.txt: Added.
  • fast/preloader/iframe-srcdoc.html: Added.
12:22 AM Changeset in webkit [195094] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WTF

[EFL] WorkQueue methods should be defined inside WTF namespace.
https://bugs.webkit.org/show_bug.cgi?id=153097

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-15
Reviewed by Gyuyoung Kim.

  • wtf/efl/WorkQueueEfl.cpp:
12:11 AM Changeset in webkit [195093] by Julien Brianceau
  • 3 edits in trunk/Source/JavaScriptCore

[mips] Add countLeadingZeros32 implementation in macro assembler
https://bugs.webkit.org/show_bug.cgi?id=152886

Reviewed by Michael Saboff.

  • assembler/MIPSAssembler.h:

(JSC::MIPSAssembler::lui):
(JSC::MIPSAssembler::clz):
(JSC::MIPSAssembler::addiu):

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::and32):
(JSC::MacroAssemblerMIPS::countLeadingZeros32):
(JSC::MacroAssemblerMIPS::lshift32):

Jan 14, 2016:

11:18 PM Changeset in webkit [195092] by achristensen@apple.com
  • 8 edits
    3 deletes in trunk

Unreviewed, rolling out r195064.
https://bugs.webkit.org/show_bug.cgi?id=153118

test fails most of the time (Requested by alexchristensen on
#webkit).

Reverted changeset:

"Avoid downloading the wrong image for <picture> elements."
https://bugs.webkit.org/show_bug.cgi?id=153027
http://trac.webkit.org/changeset/195064

Patch by Commit Queue <commit-queue@webkit.org> on 2016-01-14

10:12 PM Changeset in webkit [195091] by rniwa@webkit.org
  • 10 edits in trunk

createElement should not lowercase non-ASCII characters
https://bugs.webkit.org/show_bug.cgi?id=153114

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Rebaselined the tests for document.createElement now that more test cases are passing.

  • web-platform-tests/dom/nodes/Document-createElement-expected.txt:
  • web-platform-tests/dom/nodes/Document-getElementsByTagName-expected.txt:
  • web-platform-tests/dom/nodes/Element-getElementsByTagName-expected.txt:
  • web-platform-tests/dom/nodes/case-expected.txt:

Source/WebCore:

According to step 2 in https://dom.spec.whatwg.org/#dom-document-createelement, document.createElement should not
lowercase non-ASCII letters, and this is also what Firefox does. Match that behavior by lowercasing the tag name
by convertToASCIILowercase() instead of lower() in createElement.

Also merged HTMLDocument::createElement into Document::createElement for simplicity and avoid duplicating
the call to isValidName and setting a DOM exception.

No new tests since the behavior change is covered by the existing W3C tests.

  • dom/Document.cpp:

(WebCore::Document::createElement): Create a HTML element with ASCII-lowercased tag name inside a HTML document.

  • dom/Document.h:
  • html/HTMLDocument.cpp:

(WebCore::addLocalNameToSet):
(WebCore::HTMLDocument::createElement): Merged into Document::createElement.

  • html/HTMLDocument.h:
9:40 PM Changeset in webkit [195090] by beidson@apple.com
  • 14 edits
    1 copy in trunk/Source

Modern IDB: Support opening and deleting SQLite databases on disk.
https://bugs.webkit.org/show_bug.cgi?id=153084

Reviewed by Alex Christensen, Sam Weinig and Andy Estes (oh my!).

Source/WebCore:

No new tests (Infrastructure, no testable change in behavior).

  • Modules/indexeddb/IDBDatabaseIdentifier.cpp:

(WebCore::IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot):

  • Modules/indexeddb/IDBDatabaseIdentifier.h:
  • Modules/indexeddb/server/IDBServer.cpp:

(WebCore::IDBServer::IDBServer::create):
(WebCore::IDBServer::IDBServer::IDBServer):
(WebCore::IDBServer::IDBServer::createBackingStore):

  • Modules/indexeddb/server/IDBServer.h:
  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::SQLiteIDBBackingStore):
(WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo):
(WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):

  • Modules/indexeddb/server/SQLiteIDBBackingStore.h:
  • Modules/indexeddb/shared/InProcessIDBServer.cpp:

(WebCore::InProcessIDBServer::create):
(WebCore::InProcessIDBServer::InProcessIDBServer):

  • Modules/indexeddb/shared/InProcessIDBServer.h:

Source/WebKit:

  • Storage/WebDatabaseProvider.cpp:

(WebDatabaseProvider::idbConnectionToServerForSession):

  • Storage/WebDatabaseProvider.h:
  • WebKit.xcodeproj/project.pbxproj:

Source/WebKit/mac:

  • Storage/WebDatabaseProvider.mm: Copied from Source/WebKit/Storage/WebDatabaseProvider.cpp.

(WebDatabaseProvider::indexedDatabaseDirectoryPath):

9:23 PM Changeset in webkit [195089] by mmaxfield@apple.com
  • 2 edits in trunk/LayoutTests

Test gardening after r195088

Unreviewed.

  • http/tests/contentextensions/font-display-none-repeated-layout-expected.txt:
7:31 PM Changeset in webkit [195088] by mmaxfield@apple.com
  • 5 edits
    3 adds in trunk

Mixing Content Blocking of fonts and display:none rules causes battery drain
https://bugs.webkit.org/show_bug.cgi?id=153051
<rdar://problem/23187709>

Reviewed by Alex Christensen.

Source/WebCore:

If we have applied a rule before and we are not applying it again, don't
resolve the style again.

Test: http/tests/contentextensions/font-display-none-repeated-layout.html

  • contentextensions/ContentExtensionStyleSheet.cpp:

(WebCore::ContentExtensions::ContentExtensionStyleSheet::addDisplayNoneSelector):

  • contentextensions/ContentExtensionStyleSheet.h:
  • dom/ExtensionStyleSheets.cpp:

(WebCore::ExtensionStyleSheets::addDisplayNoneSelector):

LayoutTests:

Make sure that layoutCount does not skyrocket.

  • http/tests/contentextensions/font-display-none-repeated-layout-expected.txt: Added.
  • http/tests/contentextensions/font-display-none-repeated-layout.html: Added.
  • http/tests/contentextensions/font-display-none-repeated-layout.html.json: Added.
6:59 PM Changeset in webkit [195087] by rniwa@webkit.org
  • 12 edits
    9 adds in trunk

Add document.defineCustomElement
https://bugs.webkit.org/show_bug.cgi?id=153092

Reviewed by Chris Dumez.

Source/WebCore:

Added document.defineCustomElement and added a constructor to HTMLElement which can be called
as "super" in a subclass of HTMLElement. This is a prototype of new custom elements API and
willfully violates the current specification at http://w3c.github.io/webcomponents/spec/custom/

Each author defined class can define multiple elements using distinct tag names. In such cases,
the super call must specify the tag name. e.g.

class SomeCustomElement extends HTMLElement { constructor(name) { super(name); } }
document.defineCustomElement('some-custom-element', SomeCustomElement);
document.defineCustomElement('other-custom-element', SomeCustomElement);
new SomeCustomElement('some-custom-element');

When a class is associated with exactly one tag name, the argument can be omitted. e.g.

class AnotherCustomElement extends HTMLElement {}
document.defineCustomElement('another-custom-element', AnotherCustomElement);
new AnotherCustomElement();

We allow only subclassing of HTMLElement and only in (X)HTML namespace.

Tests: fast/custom-elements/Document-defineCustomElement.html

fast/custom-elements/HTMLElement-constructor.html

  • CMakeLists.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSCustomElementInterface.cpp: Added. Abstracts an author-defined class associated

with a custom element. It's a Active DOM object and lives until the associated document dies.
(WebCore::JSCustomElementInterface::JSCustomElementInterface):
(WebCore::JSCustomElementInterface::~JSCustomElementInterface):

  • bindings/js/JSCustomElementInterface.h: Added.

(WebCore::JSCustomElementInterface::create):
(WebCore::JSCustomElementInterface::scriptExecutionContext):
(WebCore::JSCustomElementInterface::constructor):

  • bindings/js/JSDocumentCustom.cpp:

(WebCore::JSDocument::defineCustomElement): Added. Define a custom element by associating a tag
name with an author defined JS class after validating arguments.

  • bindings/js/JSHTMLElementCustom.cpp:

(WebCore::constructJSHTMLElement): Added. Look up the tag name based on new.target if one is not
specified. If a tag name is specified, check that new.target is associated with the tag name.

  • dom/CustomElementDefinitions.cpp: Added.

(WebCore::CustomElementDefinitions::checkName): Added. Restricts tag names similarly to
http://w3c.github.io/webcomponents/spec/custom/#dfn-custom-element-type
(WebCore::CustomElementDefinitions::defineElement): Added. Associates a JS class with a tag name.
(WebCore::CustomElementDefinitions::findInterface): Added. Finds a JS class by a tag name.
(WebCore::CustomElementDefinitions::findName): Added. Finds a tag name by a JS class.

  • dom/CustomElementDefinitions.h: Added.

(WebCore::CustomElementDefinitions::CustomElementInfo): Added.

  • dom/Document.cpp:

(WebCore::Document::ensureCustomElementDefinitions): Added.

  • dom/Document.h:

(WebCore::Document::customElementDefinitions): Added.

  • dom/Document.idl:
  • html/HTMLElement.idl:

LayoutTests:

Added tests for document.defineCustomElement and instantiating custom elements.

  • TestExpectations: Skipped the tests on non-Mac ports.
  • fast/custom-elements: Added.
  • fast/custom-elements/Document-defineCustomElement-expected.txt: Added.
  • fast/custom-elements/Document-defineCustomElement.html: Added.
  • fast/custom-elements/HTMLElement-constructor-expected.txt: Added.
  • fast/custom-elements/HTMLElement-constructor.html: Added.
  • platform/mac/TestExpectations:
5:04 PM Changeset in webkit [195086] by matthew_hanson@apple.com
  • 1 copy in tags/Safari-601.5.10

New Tag.

4:59 PM Changeset in webkit [195085] by matthew_hanson@apple.com
  • 1 copy in tags/Safari-601.1.46.92

New Tag.

4:58 PM Changeset in webkit [195084] by fpizlo@apple.com
  • 30 edits
    10 adds in trunk/Source/JavaScriptCore

Air needs a Shuffle instruction
https://bugs.webkit.org/show_bug.cgi?id=152952

Reviewed by Saam Barati.

This adds an instruction called Shuffle. Shuffle allows you to simultaneously perform
multiple moves to perform arbitrary permutations over registers and memory. We call these
rotations. It also allows you to perform "shifts", like (a => b, b => c): after the shift,
c will have b's old value, b will have a's old value, and a will be unchanged. Shifts can
use immediates as their source.

Shuffle is added as a custom instruction, since it has a variable number of arguments. It
takes any number of triplets of arguments, where each triplet describes one mapping of the
shuffle. For example, to represent (a => b, b => c), we might say:

Shuffle %a, %b, 64, %b, %c, 64

Note the "64"s, those are width arguments that describe how many bits of the register are
being moved. Each triplet is referred to as a "shuffle pair". We call it a pair because the
most relevant part of it is the pair of registers or memroy locations (i.e. %a, %b form one
of the pairs in the example). For GP arguments, the width follows ZDef semantics.

In the future, we will be able to use Shuffle for a lot of things. This patch is modest about
how to use it:

  • C calling convention argument marshalling. Previously we used move instructions. But that's problematic since it introduces artificial interference between the argument registers and the inputs. Using Shuffle removes that interference. This helps a bit.
  • Cold C calls. This is what really motivated me to write this patch. If we have a C call on a cold path, then we want it to appear to the register allocator like it doesn't clobber any registers. Only after register allocation should we handle the clobbering by simply saving all of the live volatile registers to the stack. If you imagine the saving and the argument marshalling, you can see how before the call, we want to have a Shuffle that does both of those things. This is important. If argument marshalling was separate from the saving, then we'd still appear to clobber argument registers. Doing them together as one Shuffle means that the cold call doesn't appear to even clobber the argument registers.

Unfortunately, I was wrong about cold C calls being the dominant problem with our register
allocator right now. Fixing this revealed other problems in my current tuning benchmark,
Octane/encrypt. Nonetheless, this is a small speed-up across the board, and gives us some
functionality we will need to implement other optimizations.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • assembler/AbstractMacroAssembler.h:

(JSC::isX86_64):
(JSC::isIOS):
(JSC::optimizeForARMv7IDIVSupported):

  • assembler/MacroAssemblerX86Common.h:

(JSC::MacroAssemblerX86Common::zeroExtend32ToPtr):
(JSC::MacroAssemblerX86Common::swap32):
(JSC::MacroAssemblerX86Common::moveConditionally32):

  • assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::store64WithAddressOffsetPatch):
(JSC::MacroAssemblerX86_64::swap64):
(JSC::MacroAssemblerX86_64::move64ToDouble):

  • assembler/X86Assembler.h:

(JSC::X86Assembler::xchgl_rr):
(JSC::X86Assembler::xchgl_rm):
(JSC::X86Assembler::xchgq_rr):
(JSC::X86Assembler::xchgq_rm):
(JSC::X86Assembler::movl_rr):

  • b3/B3CCallValue.h:
  • b3/B3Compilation.cpp:

(JSC::B3::Compilation::Compilation):
(JSC::B3::Compilation::~Compilation):

  • b3/B3Compilation.h:

(JSC::B3::Compilation::code):

  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::run):
(JSC::B3::Air::LowerToAir::createSelect):
(JSC::B3::Air::LowerToAir::lower):
(JSC::B3::Air::LowerToAir::marshallCCallArgument): Deleted.

  • b3/B3OpaqueByproducts.h:

(JSC::B3::OpaqueByproducts::count):

  • b3/B3StackmapSpecial.cpp:

(JSC::B3::StackmapSpecial::isArgValidForValue):
(JSC::B3::StackmapSpecial::isArgValidForRep):

  • b3/air/AirArg.cpp:

(JSC::B3::Air::Arg::isStackMemory):
(JSC::B3::Air::Arg::isRepresentableAs):
(JSC::B3::Air::Arg::usesTmp):
(JSC::B3::Air::Arg::canRepresent):
(JSC::B3::Air::Arg::isCompatibleType):
(JSC::B3::Air::Arg::dump):
(WTF::printInternal):

  • b3/air/AirArg.h:

(JSC::B3::Air::Arg::forEachType):
(JSC::B3::Air::Arg::isWarmUse):
(JSC::B3::Air::Arg::cooled):
(JSC::B3::Air::Arg::isEarlyUse):
(JSC::B3::Air::Arg::imm64):
(JSC::B3::Air::Arg::immPtr):
(JSC::B3::Air::Arg::addr):
(JSC::B3::Air::Arg::special):
(JSC::B3::Air::Arg::widthArg):
(JSC::B3::Air::Arg::operator==):
(JSC::B3::Air::Arg::isImm64):
(JSC::B3::Air::Arg::isSomeImm):
(JSC::B3::Air::Arg::isAddr):
(JSC::B3::Air::Arg::isIndex):
(JSC::B3::Air::Arg::isMemory):
(JSC::B3::Air::Arg::isRelCond):
(JSC::B3::Air::Arg::isSpecial):
(JSC::B3::Air::Arg::isWidthArg):
(JSC::B3::Air::Arg::isAlive):
(JSC::B3::Air::Arg::base):
(JSC::B3::Air::Arg::hasOffset):
(JSC::B3::Air::Arg::offset):
(JSC::B3::Air::Arg::width):
(JSC::B3::Air::Arg::isGPTmp):
(JSC::B3::Air::Arg::isGP):
(JSC::B3::Air::Arg::isFP):
(JSC::B3::Air::Arg::isType):
(JSC::B3::Air::Arg::isGPR):
(JSC::B3::Air::Arg::isValidForm):
(JSC::B3::Air::Arg::forEachTmpFast):

  • b3/air/AirBasicBlock.h:

(JSC::B3::Air::BasicBlock::insts):
(JSC::B3::Air::BasicBlock::appendInst):
(JSC::B3::Air::BasicBlock::append):

  • b3/air/AirCCallingConvention.cpp: Added.

(JSC::B3::Air::computeCCallingConvention):
(JSC::B3::Air::cCallResult):
(JSC::B3::Air::buildCCall):

  • b3/air/AirCCallingConvention.h: Added.
  • b3/air/AirCode.h:

(JSC::B3::Air::Code::proc):

  • b3/air/AirCustom.cpp: Added.

(JSC::B3::Air::CCallCustom::isValidForm):
(JSC::B3::Air::CCallCustom::generate):
(JSC::B3::Air::ShuffleCustom::isValidForm):
(JSC::B3::Air::ShuffleCustom::generate):

  • b3/air/AirCustom.h:

(JSC::B3::Air::PatchCustom::forEachArg):
(JSC::B3::Air::PatchCustom::generate):
(JSC::B3::Air::CCallCustom::forEachArg):
(JSC::B3::Air::CCallCustom::isValidFormStatic):
(JSC::B3::Air::CCallCustom::admitsStack):
(JSC::B3::Air::CCallCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::ColdCCallCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::isValidFormStatic):
(JSC::B3::Air::ShuffleCustom::admitsStack):
(JSC::B3::Air::ShuffleCustom::hasNonArgNonControlEffects):

  • b3/air/AirEmitShuffle.cpp: Added.

(JSC::B3::Air::ShufflePair::dump):
(JSC::B3::Air::emitShuffle):

  • b3/air/AirEmitShuffle.h: Added.

(JSC::B3::Air::ShufflePair::ShufflePair):
(JSC::B3::Air::ShufflePair::src):
(JSC::B3::Air::ShufflePair::dst):
(JSC::B3::Air::ShufflePair::width):

  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::prepareForGeneration):

  • b3/air/AirGenerate.h:
  • b3/air/AirInsertionSet.cpp:

(JSC::B3::Air::InsertionSet::insertInsts):
(JSC::B3::Air::InsertionSet::execute):

  • b3/air/AirInsertionSet.h:

(JSC::B3::Air::InsertionSet::insertInst):
(JSC::B3::Air::InsertionSet::insert):

  • b3/air/AirInst.h:

(JSC::B3::Air::Inst::operator bool):
(JSC::B3::Air::Inst::append):

  • b3/air/AirLowerAfterRegAlloc.cpp: Added.

(JSC::B3::Air::lowerAfterRegAlloc):

  • b3/air/AirLowerAfterRegAlloc.h: Added.
  • b3/air/AirLowerMacros.cpp: Added.

(JSC::B3::Air::lowerMacros):

  • b3/air/AirLowerMacros.h: Added.
  • b3/air/AirOpcode.opcodes:
  • b3/air/AirRegisterPriority.h:

(JSC::B3::Air::regsInPriorityOrder):

  • b3/air/testair.cpp: Added.

(hiddenTruthBecauseNoReturnIsStupid):
(usage):
(JSC::B3::Air::compile):
(JSC::B3::Air::invoke):
(JSC::B3::Air::compileAndRun):
(JSC::B3::Air::testSimple):
(JSC::B3::Air::loadConstantImpl):
(JSC::B3::Air::loadConstant):
(JSC::B3::Air::loadDoubleConstant):
(JSC::B3::Air::testShuffleSimpleSwap):
(JSC::B3::Air::testShuffleSimpleShift):
(JSC::B3::Air::testShuffleLongShift):
(JSC::B3::Air::testShuffleLongShiftBackwards):
(JSC::B3::Air::testShuffleSimpleRotate):
(JSC::B3::Air::testShuffleSimpleBroadcast):
(JSC::B3::Air::testShuffleBroadcastAllRegs):
(JSC::B3::Air::testShuffleTreeShift):
(JSC::B3::Air::testShuffleTreeShiftBackward):
(JSC::B3::Air::testShuffleTreeShiftOtherBackward):
(JSC::B3::Air::testShuffleMultipleShifts):
(JSC::B3::Air::testShuffleRotateWithFringe):
(JSC::B3::Air::testShuffleRotateWithLongFringe):
(JSC::B3::Air::testShuffleMultipleRotates):
(JSC::B3::Air::testShuffleShiftAndRotate):
(JSC::B3::Air::testShuffleShiftAllRegs):
(JSC::B3::Air::testShuffleRotateAllRegs):
(JSC::B3::Air::testShuffleSimpleSwap64):
(JSC::B3::Air::testShuffleSimpleShift64):
(JSC::B3::Air::testShuffleSwapMixedWidth):
(JSC::B3::Air::testShuffleShiftMixedWidth):
(JSC::B3::Air::testShuffleShiftMemory):
(JSC::B3::Air::testShuffleShiftMemoryLong):
(JSC::B3::Air::testShuffleShiftMemoryAllRegs):
(JSC::B3::Air::testShuffleShiftMemoryAllRegs64):
(JSC::B3::Air::combineHiLo):
(JSC::B3::Air::testShuffleShiftMemoryAllRegsMixedWidth):
(JSC::B3::Air::testShuffleRotateMemory):
(JSC::B3::Air::testShuffleRotateMemory64):
(JSC::B3::Air::testShuffleRotateMemoryMixedWidth):
(JSC::B3::Air::testShuffleRotateMemoryAllRegs64):
(JSC::B3::Air::testShuffleRotateMemoryAllRegsMixedWidth):
(JSC::B3::Air::testShuffleSwapDouble):
(JSC::B3::Air::testShuffleShiftDouble):
(JSC::B3::Air::run):
(run):
(main):

  • b3/testb3.cpp:

(JSC::B3::testCallSimple):
(JSC::B3::testCallRare):
(JSC::B3::testCallRareLive):
(JSC::B3::testCallSimplePure):
(JSC::B3::run):

4:50 PM Changeset in webkit [195083] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[webkitdirs] Replaced grep invocation with perl code
https://bugs.webkit.org/show_bug.cgi?id=153106

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-01-14
Reviewed by Alex Christensen.

  • Scripts/webkitdirs.pm:

(determineArchitecture):

4:14 PM Changeset in webkit [195082] by Simon Fraser
  • 5 edits in trunk/Source

Remove workaround for rdar://problem/23623670
https://bugs.webkit.org/show_bug.cgi?id=153107
rdar://problem/23633319

Reviewed by Tim Horton.

Remove the code that uses IOSurfaceAcceleratorTransformSurface() when copying from
back-to-front buffer, now that CGIOSurfaceContextCreate()-code path works correctly.

Source/WebCore:

  • platform/graphics/cocoa/IOSurface.h:
  • platform/graphics/cocoa/IOSurface.mm:

(IOSurface::ensurePlatformContext):
(IOSurface::copyToSurface): Deleted.

Source/WebKit2:

  • Shared/mac/RemoteLayerBackingStore.mm:

(WebKit::RemoteLayerBackingStore::display):

4:07 PM Changeset in webkit [195081] by Beth Dakin
  • 9 edits in trunk/Source

WK1 and WK2 should share more candidate request code
https://bugs.webkit.org/show_bug.cgi?id=153108

Reviewed by Simon Fraser.

requestCandidatesForSelection() does not need to be exposed as an
EditorClient function. WK1 can just call invoke this code from the existing
respondToChangedSelection EditorClient function, which is what WK2 does.
Source/WebCore:

  • editing/Editor.cpp:

(WebCore::Editor::respondToChangedSelection):

  • loader/EmptyClients.h:
  • page/EditorClient.h:

(WebCore::EditorClient::supportsGlobalSelection):

Source/WebKit/mac:

  • WebCoreSupport/WebEditorClient.h:
  • WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::respondToChangedSelection):

Cleanup — use some code that was moved to WebCore::Editor.
(WebEditorClient::requestCandidatesForSelection):
(WebEditorClient::handleRequestedCandidates):
(textCheckingResultFromNSTextCheckingResult):
(WebEditorClient::handleAcceptedCandidate):
(candidateRangeForSelection): Deleted.
(candidateWouldReplaceText): Deleted.

Source/WebKit2:

  • WebProcess/WebCoreSupport/WebEditorClient.h:
3:07 PM Changeset in webkit [195080] by BJ Burg
  • 2 edits in trunk/Tools

prepare-changelog does not read paths containing spaces properly
https://bugs.webkit.org/show_bug.cgi?id=137982

Reviewed by Joseph Pecoraro.

Escape whitespace in filenames before passing the file path to other functions.

  • Scripts/prepare-ChangeLog:

(generateFunctionLists): Use the more explicit 3-argument form of 'open'.

3:00 PM Changeset in webkit [195079] by Chris Dumez
  • 2 edits in trunk/Source/WTF

Unreviewed, rolling out r195035.

Caused 1-3% PLT regression on iOS

Reverted changeset:

"Part 2/2: Stop using USE(CFNETWORK) path on iOS"
https://bugs.webkit.org/show_bug.cgi?id=142540
http://trac.webkit.org/changeset/195035

2:44 PM Changeset in webkit [195078] by Beth Dakin
  • 15 edits
    2 adds in trunk

WK2: Request completion candidates when needed
https://bugs.webkit.org/show_bug.cgi?id=153040
-and corresponding-
rdar://problem/24155631

Reviewed by Enrica Casucci and Tim Horton.

Source/WebCore:

Helper functions for stringForCandidateRequest() and
handleAcceptedCandidate()

  • editing/Editor.cpp:

(WebCore::candidateRangeForSelection):
(WebCore::candidateWouldReplaceText):

Request candidates for the word that is currently being typed so long as the
candidate would replace that word. Otherwise, use String().
(WebCore::Editor::stringForCandidateRequest):

When a candidate has been accepted, insert the text.
(WebCore::Editor::handleAcceptedCandidate):

  • editing/Editor.h:

Source/WebKit2:

Mac needs to support postLayoutData in order to have some layout-related
editing information to request candidates. This patch re-shuffles some items
in the struct so that they can be shared by Mac and iOS, and it adds 3 new
items for Mac only.

  • Shared/EditorState.cpp:

(WebKit::EditorState::encode):
(WebKit::EditorState::decode):
(WebKit::EditorState::PostLayoutData::encode):
(WebKit::EditorState::PostLayoutData::decode):

  • Shared/EditorState.h:

Request and handle candidates here in WebViewImpl, and cache the
m_lastStringForCandidateRequest so that we can ensure the results we receive
were received in a timely enough manner that they are still for the same
String.

  • UIProcess/Cocoa/WebViewImpl.h:
  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::selectionDidChange):

When selection changes, request new candidates.
(WebKit::WebViewImpl::requestCandidatesForSelectionIfNeeded):

Once candidates have been received, we ask the sharedSpellChecker to show
them.
(WebKit::WebViewImpl::handleRequestedCandidates):

If a candidate is accepted, we ask the WebProcess to accept it, so we start
by converting the NSTextCheckingResult to a WebCore::TextCheckingResult.
(WebKit::textCheckingResultFromNSTextCheckingResult):
(WebKit::WebViewImpl::handleAcceptedCandidate):

Ask the WebProcess to handle accepting the candidate.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::handleAcceptedCandidate):

  • UIProcess/WebPageProxy.h:
  • WebProcess/WebPage/WebPage.h:

(WebKit::WebPage:: handleAcceptedCandidate):

  • WebProcess/WebPage/WebPage.messages.in:

Now that Mac has some postLayoutData in the EditorState, fill that in in
platformEditorState().

  • WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::platformEditorState):

Ask WebCore::Editor to handle the accepted candidate.
(WebKit::WebPage::handleAcceptedCandidate):

LayoutTests:

Getting updated EditorState in platformEditorState causes some extra layout
to happen, so now the layout test results for WK2 reflect the results that we
already see on iOS for this test and they reflect the render tree as it is
when you load the page in browser.

  • platform/mac/fast/dom/focus-contenteditable-expected.txt:

WebKit 1 is not affected by these new results, so this adds WK-1 only results
that match the old Mac results.

  • platform/mac-wk1/fast/dom: Added.
  • platform/mac-wk1/fast/dom/focus-contenteditable-expected.txt: Added.
2:44 PM Changeset in webkit [195077] by keith_miller@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed mark passing es6 tests as no longer failing.

  • tests/es6.yaml:
2:33 PM Changeset in webkit [195076] by jmarcell@apple.com
  • 4 edits in trunk/Tools

Standardize the usage of "branch" vs. "branchName". https://bugs.webkit.org/show_bug.cgi?id=152982

Reviewed by Daniel Bates.

In an earlier patch we started using the name "branch" to indicate a branch object, whereas
"branchName" implies that the variable or property in question is simply a string.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotQueueView.js:

(BuildbotQueueView.prototype._popoverLinesForCommitRange): Change branch to branchName.
(BuildbotQueueView.prototype._presentPopoverForRevisionRange): Change branch to branch.name.
(BuildbotQueueView.prototype._revisionContentWithPopoverForIteration): Change branch to branchName.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/Trac.js:

(Trac.prototype.commitsOnBranch): Change branch to branchName.
(Trac.prototype._convertCommitInfoElementToObject): Ditto.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockTrac.js:

(MockTrac): Ditto.

1:42 PM Changeset in webkit [195075] by dbates@webkit.org
  • 5 edits
    15 adds in trunk

Disallow use of Geolocation service from unique origins
https://bugs.webkit.org/show_bug.cgi?id=153102
<rdar://problem/23055645>

Reviewed by Alexey Proskuryakov.

Source/WebCore:

Tests: fast/dom/Geolocation/dataURL-getCurrentPosition.html

fast/dom/Geolocation/dataURL-watchPosition.html
fast/dom/Geolocation/srcdoc-getCurrentPosition.html
fast/dom/Geolocation/srcdoc-watchPosition.html
http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html
http/tests/security/sandboxed-iframe-geolocation-watchPosition.html

  • Modules/geolocation/Geolocation.cpp:

(WebCore::Geolocation::securityOrigin): Convenience function to get the SecurityOrigin object
associated with this script execution context.
(WebCore::Geolocation::startRequest): Notify requester POSITION_UNAVAILABLE when requested
from a document with a unique origin.

  • Modules/geolocation/Geolocation.h:
  • page/SecurityOrigin.h:

(WebCore::SecurityOrigin::canRequestGeolocation): Added.

LayoutTests:

  • fast/dom/Geolocation/dataURL-getCurrentPosition-expected.txt: Added.
  • fast/dom/Geolocation/dataURL-getCurrentPosition.html: Added.
  • fast/dom/Geolocation/dataURL-watchPosition-expected.txt: Added.
  • fast/dom/Geolocation/dataURL-watchPosition.html: Added.
  • fast/dom/Geolocation/srcdoc-getCurrentPosition-expected.txt: Added.
  • fast/dom/Geolocation/srcdoc-getCurrentPosition.html: Added.
  • fast/dom/Geolocation/srcdoc-watchPosition-expected.txt: Added.
  • fast/dom/Geolocation/srcdoc-watchPosition.html: Added.
  • http/tests/security/resources/checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod.js: Added.

(done):
(logMessage):
(didReceivePosition):
(didReceiveError):
(checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
(markupToCheckThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
(dataURLToCheckThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):

  • http/tests/security/resources/sandboxed-iframe-geolocation-getCurrentPosition.html: Added.
  • http/tests/security/resources/sandboxed-iframe-geolocation-watchPosition.html: Added.
  • http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt: Added.
  • http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html: Added.
  • http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt: Added.
  • http/tests/security/sandboxed-iframe-geolocation-watchPosition.html: Added.
1:40 PM Changeset in webkit [195074] by dbates@webkit.org
  • 3 edits in trunk/Source/WebCore

[XSS Auditor] Extract attribute truncation logic and formalize string canonicalization
https://bugs.webkit.org/show_bug.cgi?id=152874

Reviewed by Brent Fulgham.

Derived from Blink patch (by Tom Sepez <tsepez@chromium.org>):
<https://src.chromium.org/viewvc/blink?revision=176339&view=revision>

Extract the src-like and script-like attribute truncation logic into independent functions
towards making it more straightforward to re-purpose this logic. Additionally, formalize the
concept of string canonicalization as a member function that consolidates the process of
decoding URL escape sequences, truncating the decoded string (if applicable), and removing
characters that are considered noise.

  • html/parser/XSSAuditor.cpp:

(WebCore::truncateForSrcLikeAttribute): Extracted from XSSAuditor::decodedSnippetForAttribute().
(WebCore::truncateForScriptLikeAttribute): Ditto.
(WebCore::XSSAuditor::init): Write in terms of XSSAuditor::canonicalize().
(WebCore::XSSAuditor::filterCharacterToken): Updated to make use of formalized canonicalization methods.
(WebCore::XSSAuditor::filterScriptToken): Ditto.
(WebCore::XSSAuditor::filterObjectToken): Ditto.
(WebCore::XSSAuditor::filterParamToken): Ditto.
(WebCore::XSSAuditor::filterEmbedToken): Ditto.
(WebCore::XSSAuditor::filterAppletToken): Ditto.
(WebCore::XSSAuditor::filterFrameToken): Ditto.
(WebCore::XSSAuditor::filterInputToken): Ditto.
(WebCore::XSSAuditor::filterButtonToken): Ditto.
(WebCore::XSSAuditor::eraseDangerousAttributesIfInjected): Ditto.
(WebCore::XSSAuditor::eraseAttributeIfInjected): Updated code to use early return style and avoid an unnecessary string
comparison when we know that a src attribute was injected.
(WebCore::XSSAuditor::canonicalizedSnippetForTagName): Renamed; formerly known as XSSAuditor::decodedSnippetForName(). Updated
to make use of XSSAuditor::canonicalize().
(WebCore::XSSAuditor::snippetFromAttribute): Renamed; formerly known as XSSAuditor::decodedSnippetForAttribute(). Moved
truncation logic from here to WebCore::truncateFor{Script, Src}LikeAttribute.
(WebCore::XSSAuditor::canonicalize): Added.
(WebCore::XSSAuditor::canonicalizedSnippetForJavaScript): Added.
(WebCore::canonicalize): Deleted.
(WebCore::XSSAuditor::decodedSnippetForName): Deleted.
(WebCore::XSSAuditor::decodedSnippetForAttribute): Deleted.
(WebCore::XSSAuditor::decodedSnippetForJavaScript): Deleted.

  • html/parser/XSSAuditor.h: Define enum class for the various attribute truncation styles.
1:37 PM Changeset in webkit [195073] by dbates@webkit.org
  • 4 edits
    2 adds in trunk

[XSS Auditor] Partial bypass when web server collapses path components
https://bugs.webkit.org/show_bug.cgi?id=152872

Reviewed by Brent Fulgham.

Merged from Blink (patch by Tom Sepez <tsepez@chromium.org>):
<https://src.chromium.org/viewvc/blink?revision=167610&view=revision>

Source/WebCore:

Test: http/tests/security/xssAuditor/embed-tag-in-path-unterminated.html

  • html/parser/XSSAuditor.cpp:

(WebCore::isNonCanonicalCharacter):
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::decodedSnippetForName):
(WebCore::XSSAuditor::decodedSnippetForAttribute):
(WebCore::XSSAuditor::decodedSnippetForJavaScript):
(WebCore::fullyDecodeString): Deleted.

LayoutTests:

  • http/tests/security/xssAuditor/embed-tag-in-path-unterminated-expected.txt: Added.
  • http/tests/security/xssAuditor/embed-tag-in-path-unterminated.html: Added.
  • http/tests/security/xssAuditor/intercept/.htaccess:
1:31 PM Changeset in webkit [195072] by Beth Dakin
  • 2 edits in trunk/Source/WebCore

imported/blink/editing/text-iterator/read-past-cloned-first-letter.html
crashes
https://bugs.webkit.org/show_bug.cgi?id=153104
-and corresponding-
rdar://problem/24155631

Reviewed by Simon Fraser.

Though we merged the Blink test, we never merged Blink patch that fixed this
bug. So this is a merge of https://github.com/ChromiumWebApps/blink/commit/5a0d23d4368c661f621364339fde66b41ef019e5

  • editing/TextIterator.cpp:

(WebCore::SimplifiedBackwardsTextIterator::handleFirstLetter):

1:11 PM Changeset in webkit [195071] by Alan Bujtas
  • 2 edits in trunk/LayoutTests

[iOS Simulator] fast/table/003.html failing
https://bugs.webkit.org/show_bug.cgi?id=152444

Unreviewed gardening.

  • platform/ios-simulator/fast/table/003-expected.txt:
12:45 PM Changeset in webkit [195070] by keith_miller@apple.com
  • 10 edits
    1 add in trunk

[ES6] Support subclassing Function.
https://bugs.webkit.org/show_bug.cgi?id=153081

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

This patch enables subclassing the Function object. It also fixes an existing
bug that prevented users from subclassing functions that have a function in
the superclass's prototype property.

  • bytecompiler/NodesCodegen.cpp:

(JSC::ClassExprNode::emitBytecode):

  • runtime/FunctionConstructor.cpp:

(JSC::constructWithFunctionConstructor):
(JSC::constructFunction):
(JSC::constructFunctionSkippingEvalEnabledCheck):

  • runtime/FunctionConstructor.h:
  • runtime/JSFunction.cpp:

(JSC::JSFunction::create):

  • runtime/JSFunction.h:

(JSC::JSFunction::createImpl):

  • runtime/JSFunctionInlines.h:

(JSC::JSFunction::createWithInvalidatedReallocationWatchpoint):
(JSC::JSFunction::JSFunction): Deleted.

  • tests/stress/class-subclassing-function.js: Added.

LayoutTests:

Rebasline tests with the new clearer error message.

  • js/class-syntax-extends-expected.txt:
  • js/script-tests/class-syntax-extends.js:
12:09 PM Changeset in webkit [195069] by Alan Bujtas
  • 6 edits
    2 adds in trunk
ASSERTION FAILED: !newRelayoutRoot.container()
!newRelayoutRoot.container()->needsLayout() in WebCore::FrameView::scheduleRelayoutOfSubtree

https://bugs.webkit.org/show_bug.cgi?id=151605#c1

Reviewed by David Hyatt.

Do not let RenderMultiColumnSet/RenderFlowThread mark ancestors dirty while updating scrollbars
for overflow content. While updating scrollbars, we only layout descendants so marking parents dirty
is unnecessary and could lead to an invalid dirty state.

Source/WebCore:

Test: fast/multicol/body-stuck-with-dirty-bit-with-columns.html

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::layoutSpecialExcludedChild):

  • rendering/RenderFlowThread.cpp:

(WebCore::RenderFlowThread::invalidateRegions):

  • rendering/RenderFlowThread.h:
  • rendering/RenderMultiColumnSet.cpp:

(WebCore::RenderMultiColumnSet::prepareForLayout):

LayoutTests:

  • fast/multicol/body-stuck-with-dirty-bit-with-columns-expected.txt: Added.
  • fast/multicol/body-stuck-with-dirty-bit-with-columns.html: Added.
11:19 AM Changeset in webkit [195068] by matthew_hanson@apple.com
  • 15 edits
    2 adds in branches/safari-601-branch

Merge r194672. rdar://problem/24154288

11:19 AM Changeset in webkit [195067] by matthew_hanson@apple.com
  • 43 edits
    3 copies
    1 add in branches/safari-601-branch

Merge r192200. rdar://problem/24154288

11:18 AM Changeset in webkit [195066] by matthew_hanson@apple.com
  • 9 edits in branches/safari-601-branch/Source

Merge r189135. rdar://problem/24154288

11:18 AM Changeset in webkit [195065] by timothy@apple.com
  • 2 edits in branches/safari-601-branch/Source/WebInspectorUI

<rdar://problem/24189668> REGRESSION: The Web Inspector isn't visible when its associated menu item is selected via the "Develop" menu

  • UserInterface/Base/Main.js:

(WebInspector._dockedResizerMouseDown.dockedResizerDrag): Change let to var.

11:13 AM Changeset in webkit [195064] by hyatt@apple.com
  • 8 edits
    3 adds in trunk

Avoid downloading the wrong image for <picture> elements.
https://bugs.webkit.org/show_bug.cgi?id=153027

Reviewed by Dean Jackson.

Source/WebCore:

Added test in fast/picture.

  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::HTMLImageElement):
(WebCore::HTMLImageElement::~HTMLImageElement):
(WebCore::HTMLImageElement::createForJSConstructor):
(WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
(WebCore::HTMLImageElement::insertedInto):
(WebCore::HTMLImageElement::removedFrom):
(WebCore::HTMLImageElement::pictureElement):
(WebCore::HTMLImageElement::setPictureElement):
(WebCore::HTMLImageElement::width):

  • html/HTMLImageElement.h:

(WebCore::HTMLImageElement::hasShadowControls):

  • html/HTMLPictureElement.h:
  • html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::createHTMLElement):

  • html/parser/HTMLPreloadScanner.cpp:

(WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):

Images that are built underneath a <picture> element are now connected
to that picture element via a setPictureNode call from the parser. This
ensures that the correct <source> elements are examined before checking the image.

This connection between images and their picture owners is handled using a static
HashMap in HTMLImageElement. This connection is made both from the parser and from
DOM insertions, and the map is queried now instead of looking directly at the
image's parentNode().

LayoutTests:

  • fast/picture/image-picture-loads-1x-expected.txt: Added.
  • fast/picture/image-picture-loads-1x.html: Added.
11:05 AM Changeset in webkit [195063] by timothy@apple.com
  • 2 edits in trunk/Websites/webkit.org

Use a 2px border radius instead to look good on 2x devices as well as 1x.

  • wp-content/themes/webkit/style.css:

(.timeline .time):

11:01 AM Changeset in webkit [195062] by jmarcell@apple.com
  • 1 edit
    6 adds in trunk/Tools

Add a unit test to test BuildbotQueueView._appendPendingRevisionCount. https://bugs.webkit.org/show_bug.cgi?id=152910

Reviewed by Daniel Bates.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockBuildbotQueue.js: Added.

(MockBuildbotQueue): Added. Mock BuildbotQueue object that doesn't need to talk to an actual Buildbot server.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockBuildbotQueueView.js: Added.

(MockBuildbotQueueView): Added. Mock BuildbotQueueView object that returns a pre-specified _latestProductiveIteration without
the need to talk to a real Buildbot server.
(MockBuildbotQueueView.prototype._latestProductiveIteration): Added. Returns a pre-specified _latestProductiveIteration
without the need to talk to a real Buildbot server.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockTrac.js: Added.

(MockTrac): Added. Mock Trac constructor that has pre-populated "recordedCommits" and does not need to talk to a real Trac
server.
(MockTrac.prototype.get oldestRecordedRevisionNumber): Added. Returns a pre-specified revision.
(MockTrac.prototype.get latestRecordedRevisionNumber): Ditto.
(MockTrac.prototype.loadMoreHistoricalData): Added. Overrides the real loadMoreHistoricalData so that we don't waste time
trying to talk to Trac.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/index.html: Added. Web page container for

QUnit unit tests.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/tests.js: Added. QUnit unit tests.
11:00 AM Changeset in webkit [195061] by timothy@apple.com
  • 2 edits in trunk/Websites/webkit.org

Fix hairline crack on 1x devices between arrow and time label.

  • wp-content/themes/webkit/style.css:

(.timeline .content):
(.timeline .time):

10:18 AM Changeset in webkit [195060] by youenn.fablet@crf.canon.fr
  • 1 edit
    1 move
    1 add
    1 delete in trunk/LayoutTests

Move streams/webkitGetUserMedia-shadowing-then.html to fast/mediastream
https://bugs.webkit.org/show_bug.cgi?id=152973

Reviewed by Brent Fulgham.

Moved the test, made it asynchronous to ensure that the error callback is called.

  • fast/mediastream/webkitGetUserMedia-shadowing-then-expected.txt: Renamed from LayoutTests/streams/webkitGetUserMedia-shadowing-then-expected.txt.
  • fast/mediastream/webkitGetUserMedia-shadowing-then.html: Renamed from LayoutTests/streams/webkitGetUserMedia-shadowing-then.html.
9:50 AM Changeset in webkit [195059] by commit-queue@webkit.org
  • 15 edits
    1 delete in trunk

Unreviewed, rolling out r195002.
https://bugs.webkit.org/show_bug.cgi?id=153098

Crashes many/most editing tests (Requested by ap on #webkit).

Reverted changeset:

"WK2: Request completion candidates when needed"
https://bugs.webkit.org/show_bug.cgi?id=153040
http://trac.webkit.org/changeset/195002

9:32 AM Changeset in webkit [195058] by commit-queue@webkit.org
  • 5 edits
    2 adds in trunk

[GTK] [EFL] Hyphenation can never work in practice due to requirements on lang tags
https://bugs.webkit.org/show_bug.cgi?id=147310

Patch by Martin Robinson <mrobinson@igalia.com> on 2016-01-14
Reviewed by Michael Catanzaro.

Source/WebCore:

Test: platform/gtk/fast/text/hyphenate-flexible-locales.html

  • platform/text/hyphen/HyphenationLibHyphen.cpp: Make locale matching for dictionary

selection a lot looser by matching case insensitively, matching multiple dictionaries
when only the language is specified, and ignoring the difference between '_' and '-' in
the locale name.
(WebCore::scanDirectoryForDicionaries): Now produce HashMap of Vectors instead of a single
path for each locale. Also add alternate entries to handle different ways of specifying
the locale.
(WebCore::scanTestDictionariesDirectoryIfNecessary): Update to handle the difference
in HashMap type.
(WebCore::availableLocales): Ditto.
(WebCore::canHyphenate): Also look for the lowercased version of the locale.
(WebCore::AtomicStringKeyedMRUCache<RefPtr<HyphenationDictionary>>::createValueForKey):
Key on the dictionary path now so that we can load more than one dictionary per locale.
(WebCore::lastHyphenLocation): Iterate through each matched dictionary in turn.

LayoutTests:

Update some baselines and add a GTK+ specific test for locale variations.

  • platform/gtk/fast/text/hyphenate-flexible-locales-expected.html: Added.
  • platform/gtk/fast/text/hyphenate-flexible-locales.html: Added.
  • platform/gtk/fast/text/hyphenate-locale-expected.png: We now properly hyphenate

text with the 'en' locale.

  • platform/gtk/fast/text/hyphenate-locale-expected.txt:
8:31 AM Changeset in webkit [195057] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[CMake][GTK] CMake Error: Could not create named generator Eclipse CDT4 - Ninja
https://bugs.webkit.org/show_bug.cgi?id=132599

Patch by Nikos Andronikos <nikos.andronikos-webkit@cisra.canon.com.au> on 2016-01-14
Reviewed by Michael Catanzaro.

Check if cmake Ninja generators are installed.

  • Scripts/webkitdirs.pm:

(canUseNinjaGenerator):
(canUseEclipseNinjaGenerator):
(generateBuildSystemFromCMakeProject):
(canUseEclipse): Deleted.

6:42 AM Changeset in webkit [195056] by Gyuyoung Kim
  • 2 edits in trunk/Source/WebKit2

[EFL][GTK][SeccompFilter] Fix build break when enabling --seccomp-filters
https://bugs.webkit.org/show_bug.cgi?id=153094

Reviewed by Csaba Osztrogonác.

diskCacheDirectory and cookiePersistentStoragePath were removed by r192796.
But SyscallPolicy::addDefaultWebProcessPolicy has added directory permission
to the removed paths.

It looks two paths needs to be handled by network process.

  • Shared/linux/SeccompFilters/SyscallPolicy.cpp:

(WebKit::SyscallPolicy::addDefaultWebProcessPolicy): Deleted.

6:22 AM Changeset in webkit [195055] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192947 - Null dereference loading Blink layout test fast/loader/unload-mutation-crash.html
https://bugs.webkit.org/show_bug.cgi?id=149305
<rdar://problem/22747892>

Reviewed by Brent Fulgham.

Source/WebCore:

Add an extra guard to replaceDocument() against rude JS in unload event handlers.

Test: fast/loader/unload-mutation-crash.html

  • loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::replaceDocument):
(WebCore::DocumentWriter::begin):

LayoutTests:

This test case is from Blink r180918:
https://codereview.chromium.org/495743003

  • fast/loader/unload-mutation-crash-expected.txt: Added.
  • fast/loader/unload-mutation-crash.html: Added.
5:59 AM Changeset in webkit [195054] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192880 - [GTK] ASSERTION FAILED: m_table running /webkit2/BackForwardList/navigation in Debug build
https://bugs.webkit.org/show_bug.cgi?id=151700

Reviewed by Martin Robinson.

This happens when the frame notifies its observers that the page
will be detached. The m_table that asserts is the
FrameDestructionObserver HashSet. It happens when clearing the
GObject DOM cache wrappers during frame destruction, and there's a
Document object wrapped whose last reference is held by the DOM
wrapper. In that case, the Document object is destroyed while the
frame is being destroyed. Deleting the wrapper objects after the
frame destruction fixes the crash.

  • bindings/gobject/DOMObjectCache.cpp:
5:54 AM Changeset in webkit [195053] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192854 - Amazon.com Additional Information links aren't clickable
https://bugs.webkit.org/show_bug.cgi?id=151401
<rdar://problem/23454261>

Reviewed by Darin Adler.

Source/WebCore:

The cause of this issue is that the painting order is different from the hittest order so we can end up
with visible but unreachable content. To fix this, the executation flow of hittest has been reordered.
According to the paint system, which renders the webpage from the bottom RenderLayer to the top, contents
are rendered before floats. Hence, for the hittest, which determines the hitted location from top RenderLayer
to the bottom, should do it reversedly. Now, hittest will first test floats then contents.

Test: fast/block/float/hit-test-on-overlapping-floats.html

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::nodeAtPoint):

LayoutTests:

  • fast/block/float/hit-test-on-overlapping-floats-expected.txt: Added.
  • fast/block/float/hit-test-on-overlapping-floats.html: Added.
5:53 AM Changeset in webkit [195052] by Carlos Garcia Campos
  • 7 edits
    3 adds in releases/WebKitGTK/webkit-2.10

Merge r192844 - Null dereference loading Blink layout test http/tests/misc/detach-during-notifyDone.html
https://bugs.webkit.org/show_bug.cgi?id=149309
<rdar://problem/22748363>

Reviewed by Brent Fulgham.

Source/WebCore:

A weird order of event execution introduced by the test case will kill the webpage in a
subframe of the page while executing its |frame.loader().checkLoadCompleteForThisFrame()|.
Therefore, any frames comes after the failing subframe will have no page. Check it before
calling to those frames' |frame.loader().checkLoadCompleteForThisFrame()|, otherwise the
assertion in |frame.loader().checkLoadCompleteForThisFrame()| will fail.

Test: http/tests/misc/detach-during-notifyDone.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::checkLoadComplete):

Source/WebKit/mac:

  • WebView/WebDataSource.mm:

(WebDataSourcePrivate::~WebDataSourcePrivate):
Refine the assertion to treat <rdar://problem/9673866>.

Source/WebKit2:

Callback of bundle clients could kill the documentloader. Therefore, make a copy
of the navigationID before invoking the callback.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDidChangeLocationWithinPage):
(WebKit::WebFrameLoaderClient::dispatchDidPushStateWithinPage):
(WebKit::WebFrameLoaderClient::dispatchDidReplaceStateWithinPage):
(WebKit::WebFrameLoaderClient::dispatchDidPopStateWithinPage):
(WebKit::WebFrameLoaderClient::dispatchDidFailLoad):
(WebKit::WebFrameLoaderClient::dispatchDidFinishDocumentLoad):
(WebKit::WebFrameLoaderClient::dispatchDidFinishLoad):

LayoutTests:

The test case is from Blink r175601:
https://codereview.chromium.org/317513002
The test case will generate a set of weird ordering events that affects the documentLoader:

  1. The subframe finishes loading, and since the frame’s testRunner is not set to wait until

done, WebKitTestRunner stops the load (by calling WKBundlePageStopLoading()).

  1. This causes the in-progress XHR to be aborted, which causes its readyState to become DONE

(this bug doesn’t always reproduce because sometimes the XHR has already finished before the
frame finishes loading).

  1. The onreadystatechange callback is executed, which sets innerHTML on the parent frame.
  2. Setting innerHTML disconnects the subframe, nulling out its DocumentLoader.
  3. We return to WebFrameLoaderClient::dispatchDidFinishLoad() from step #1, but now the

FrameLoader’s DocumentLoader is null. And WebKit crashes here.

Note that steps 2-4 happen synchronously inside WebFrameLoaderClient::dispatchDidFinishLoad().

  • http/tests/misc/detach-during-notifyDone-expected.txt: Added.
  • http/tests/misc/detach-during-notifyDone.html: Added.
  • http/tests/misc/resources/detached-frame.html: Added.
5:49 AM Changeset in webkit [195051] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.10

Merge r192810 - location.origin is undefined in a web worker
https://bugs.webkit.org/show_bug.cgi?id=151614

Reviewed by Darin Adler.

Source/WebCore:

Expose location.origin to web workers, as per:
https://html.spec.whatwg.org/multipage/workers.html#workerlocation

This behavior is consistent with the behavior of Firefox and Chrome.

Test: fast/workers/worker-location.html

  • workers/WorkerLocation.cpp:

(WebCore::WorkerLocation::origin):

  • workers/WorkerLocation.h:
  • workers/WorkerLocation.idl:

LayoutTests:

Update existing layout test to confirm the existence of location.origin when in a
WorkerGlobalScope.

  • fast/workers/resources/worker-location.js:
  • fast/workers/worker-location-expected.txt:
5:40 AM Changeset in webkit [195050] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r192792 - [GTK] UI process crash when the screensaver DBus proxy is being created while the web view is destroyed
https://bugs.webkit.org/show_bug.cgi?id=151653

Reviewed by Martin Robinson.

We correctly cancel the proxy creation, but when the async ready
callback is called, the view could be destroyed already. In that
case g_dbus_proxy_new_for_bus_finish() will return nullptr and
fail with cancelled error, but we are using the passed web view
without checking first if the creation failed or not.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(screenSaverProxyCreatedCallback):

5:39 AM Changeset in webkit [195049] by Carlos Garcia Campos
  • 5 edits
    4 adds in releases/WebKitGTK/webkit-2.10

Merge r192788 - Browser does not fall back to SVG attribute value when CSS style value is invalid or not supported
https://bugs.webkit.org/show_bug.cgi?id=147932

Patch by Antoine Quint <Antoine Quint> on 2015-11-29
Reviewed by Dean Jackson.

Source/WebCore:

Instead of returning an SVGPaint object of type SVG_PAINTTYPE_UNKNOWN when we encounter an SVG paint
value that cannot be parsed, we now return nullptr which will cause that value to be ignored and
let another paint value in the cascade be used instead. This is the same approach used for SVGColor.
Since we're removing the only call site for SVGPaint::createUnknown(), we remove that function entirely.

Tests: svg/css/invalid-color-cascade.svg

svg/css/invalid-paint-cascade.svg

  • css/SVGCSSParser.cpp:

(WebCore::CSSParser::parseSVGPaint):

  • svg/SVGPaint.h:

(WebCore::SVGPaint::createUnknown): Deleted.

LayoutTests:

Testing that we correctly fall back to the presentation attribute for SVGPaint and SVGColor values
specified with an invalid keyword in a style attribute. We also update the expected output for
svg/css/svg-attribute-parser-mode.html which is now in line with values returned by Firefox and
Chrome, where we correctly use the default value instead of null objects, which was definitely
an error.

  • svg/css/invalid-color-cascade-expected.svg: Added.
  • svg/css/invalid-color-cascade.svg: Added.
  • svg/css/invalid-paint-cascade-expected.svg: Added.
  • svg/css/invalid-paint-cascade.svg: Added.
  • svg/css/script-tests/svg-attribute-parser-mode.js:
  • svg/css/svg-attribute-parser-mode-expected.txt:
5:29 AM Changeset in webkit [195048] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192787 - Use SVGTransform::SVGTransformType instead of an unsigned short
https://bugs.webkit.org/show_bug.cgi?id=151637

Reviewed by Brady Eidson.

Make 'type' more strongly typed.

  • svg/SVGTransformable.cpp:

(WebCore::SVGTransformable::parseTransformValue):
(WebCore::parseAndSkipType):
(WebCore::SVGTransformable::parseTransformType):
(WebCore::SVGTransformable::parseTransformAttribute):

  • svg/SVGTransformable.h:
5:23 AM Changeset in webkit [195047] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192775 - [GTK] Do not use the WebCore garbage collector timer
https://bugs.webkit.org/show_bug.cgi?id=151623

Reviewed by Martin Robinson.

Now that garbage collector timers have been implemented in
JavaScriptCore for glib, we don't need to use another Timer in WebCore.

  • bindings/js/GCController.cpp:

(WebCore::GCController::garbageCollectSoon):
(WebCore::GCController::garbageCollectNowIfNotDoneRecently):

5:22 AM Changeset in webkit [195046] by Carlos Garcia Campos
  • 10 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r192773 - [GLIB] Implement garbage collector timers
https://bugs.webkit.org/show_bug.cgi?id=151391

Reviewed by Žan Doberšek.

Add GLib implementation using GSource.

  • heap/EdenGCActivityCallback.cpp:
  • heap/FullGCActivityCallback.cpp:
  • heap/GCActivityCallback.cpp:

(JSC::GCActivityCallback::GCActivityCallback):
(JSC::GCActivityCallback::scheduleTimer):
(JSC::GCActivityCallback::cancelTimer):

  • heap/GCActivityCallback.h:
  • heap/Heap.cpp:

(JSC::Heap::Heap):

  • heap/HeapTimer.cpp:

(JSC::HeapTimer::HeapTimer):
(JSC::HeapTimer::~HeapTimer):
(JSC::HeapTimer::timerDidFire):

  • heap/HeapTimer.h:
  • heap/IncrementalSweeper.cpp:

(JSC::IncrementalSweeper::IncrementalSweeper):
(JSC::IncrementalSweeper::scheduleTimer):
(JSC::IncrementalSweeper::cancelTimer):

  • heap/IncrementalSweeper.h:
5:17 AM Changeset in webkit [195045] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r192721 - GC timers should carry on gracefully when Heap claims it grew from GC.
<https://webkit.org/b/151521>

Reviewed by Mark Lam.

TL;DR the Heap "extra memory" reporting APIs are hard to use 100% correctly
and GC scheduling shouldn't break if someone makes a mistake with it.

The JSC::Heap allows you to report an extra memory cost for any GC object.
This is reported first when allocating the memory, and then each time the
object is visited during the marking phase.

When reporting an allocation, it's added to the Heap's "bytes allocated in
this cycle" counter. This contributes to the computed heap size at the start
of a collection.

When visiting a GC object that reports extra memory, it's added to the Heap's
"extra memory visited in this collection" counter. This contributes to the
computed heap size at the end of a collection.

As you can see, this means that visiting more memory than we said we allocated
can lead to the Heap thinking it's bigger after a collection than it was before.

Clients of this API do some sketchy things to compute costs, for instance
StringImpl cost is determined by dividing the number of bytes used for the
characters, and dividing it by the StringImpl's ref count. Since a JSString
could be backed by any StringImpl, any code that modifies a StringImpl's
ref count during collection will change the extra memory reported by all
JSString objects that wrap that StringImpl.

So anyways...

The object death rate, which is the basis for when to schedule the next
collection is computed like so:

deathRate = (sizeBeforeGC - sizeAfterGC) / sizeBeforeGC

This patch adds a safety mechanism that returns a zero death rate when the Heap
claims it grew from collection.

  • heap/EdenGCActivityCallback.cpp:

(JSC::EdenGCActivityCallback::deathRate):

  • heap/FullGCActivityCallback.cpp:

(JSC::FullGCActivityCallback::deathRate):

5:14 AM Changeset in webkit [195044] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192770 - Checks for buffer-overflows when reading characters from textRun
https://bugs.webkit.org/show_bug.cgi?id=151055
<rdar://problem/23251789>

Patch by Pranjal Jumde <pjumde@apple.com> on 2015-11-25
Reviewed by Myles C. Maxfield.

Source/WebCore:

Prevents an off by one error when adding the last font data to the GlyphBuffer.

  • Source/WebCore/platform/graphics/WidthIterator.cpp:
  • Source/WebCore/platform/graphics/FontCascade.cpp:

LayoutTests:

  • dom/html/level1/core/151055_asan.html:
  • dom/html/level1/core/151055_asan-expected.txt:
5:12 AM Changeset in webkit [195043] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192758 - Hardening against CSSSelector double frees
<http://webkit.org/b/56124>
<rdar://problem/9119036>

Reviewed by Antti Koivisto.

Add some security assertions to catch this issue if it ever
happens in Debug builds, and make changes in
CSSSelector::~CSSSelector() and
CSSSelectorList::deleteSelectors() to prevent obvious issues if
they're ever called twice in Release builds.

No new tests because we don't know how to reproduce this.

  • css/CSSSelector.cpp:

(WebCore::CSSSelector::CSSSelector): Initialize
m_destructorHasBeenCalled.

  • css/CSSSelector.h:

(WebCore::CSSSelector::m_destructorHasBeenCalled): Add bitfield.
(WebCore::CSSSelector::CSSSelector): Initialize
m_destructorHasBeenCalled.
(WebCore::CSSSelector::~CSSSelector): Add security assertion
that this is never called twice. Clear out any fields that
would have caused us to dereference an object twice.

  • css/CSSSelectorList.cpp:

(WebCore::CSSSelectorList::deleteSelectors): Clear
m_selectorArray when freeing the memory to which it was
pointing. This prevents re-entrancy issues or calling this
method twice on the same thread. Also restructure the for()
loop to prevent calling CSSSelector::isLastInSelectorList()
after CSSSelector::~CSSSelector() has been called (via CRBug
241892).

5:02 AM Changeset in webkit [195042] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.10

Merge r192747 - Fix crash in ~WebProcessPool when using Geolocation with useNetworkProcess=true
https://bugs.webkit.org/show_bug.cgi?id=151532

Reviewed by Benjamin Poulain.

Source/WebKit2:

  • UIProcess/WebGeolocationManagerProxy.cpp:

(WebKit::WebGeolocationManagerProxy::processPoolDestroyed):
(WebKit::WebGeolocationManagerProxy::processDidClose):
When a WebProcessPool is destroyed, only call stopUpdating if m_updateRequesters.clear()
stopped the updating, like we do in WebGeolocationManagerProxy::removeRequester.
Otherwise, call setEnableHighAccuracy if needed, also like we do in WebGeolocationManagerProxy::removeRequester.

Tools:

  • TestWebKitAPI/Tests/WebKit2/Geolocation.cpp:

(TestWebKitAPI::GeolocationTransitionToHighAccuracyStateTracker::eventsChanged):
(TestWebKitAPI::TEST):
(TestWebKitAPI::GeolocationTransitionToLowAccuracyStateTracker::eventsChanged):
(TestWebKitAPI::GeolocationTransitionToHighAccuracyStateTracker::GeolocationTransitionToHighAccuracyStateTracker): Deleted.
(TestWebKitAPI::GeolocationTransitionToLowAccuracyStateTracker::GeolocationTransitionToLowAccuracyStateTracker): Deleted.
Properly load about:blank in all WebViews to clean up. Without this change, we had a
Geolocation provider stopping after its state tracker was destroyed with its stack frame,
so it was calling a function on a test object that had gone out of scope.
Also, call WKContextSetUsesNetworkProcess(context, true) to show what crash this fixed,
but that will become the default soon and that call will be removed.

4:30 AM Changeset in webkit [195041] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore/platform/gtk/po

Merge r192737 - [GTK] [l10n] Updated Italian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=151543

Unreviewed.

Patch by Milo Casagrande <milo@milo.name> on 2015-11-22

  • it.po:
4:27 AM Changeset in webkit [195040] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192724 - [GTK] Off-by-one error in getStyleContext()
https://bugs.webkit.org/show_bug.cgi?id=151524

Reviewed by Carlos Garcia Campos.

GtkWidgetPath* path = gtk_widget_path_new();
gtk_widget_path_append_type(path, widgetType);
...
gtk_widget_path_iter_add_class(path, 0, GTK_STYLE_CLASS_BUTTON);
gtk_widget_path_iter_add_class(path, 1, "text-button");

Only one widget type was appended to the widget path, so the maximum valid index is 0. This
code means to add both style classes to the first widget type in the widget path, so the
second call should use index 0 rather than index 1.

This caused no bug in practice, because when the index is invalid,
gtk_widget_path_iter_add_class() automatically changes the index to the last valid position
in the widget path -- in this case, 0. This is routinely done with -1 as a convention for
specifying the last position in the widget path.

  • rendering/RenderThemeGtk.cpp:

(WebCore::getStyleContext):

4:26 AM Changeset in webkit [195039] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192723 - [GTK] Warning spam from GtkStyleContext
https://bugs.webkit.org/show_bug.cgi?id=151520

Reviewed by Carlos Garcia Campos.

Audit every use of gtk_style_context_get_* to fix compatibility with GTK+ 3.19. Some of
these were already fine and are only changed for clarity.

Company: gtk_style_context_get() (and _get_padding/border/color()) should only ever be

called with the same state as gtk_style_context_get_state()

Company: usually that's a simple replacing of the old state (like in the trace you posted)
Company: sometimes it requires calling gtk_style_context_set_sate() with the right state

first

Company: and in very rare cases it needs a gtk_style_context_save() before the set_state(),

too

  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::adjustRectAccordingToMargin):

  • rendering/RenderThemeGtk.cpp:

(gtk_css_section_print):
(WebCore::getStyleContext):
(WebCore::RenderThemeGtk::initMediaColors):
(WebCore::renderButton):
(WebCore::getComboBoxMetrics):
(WebCore::RenderThemeGtk::paintMenuList):
(WebCore::RenderThemeGtk::paintTextField):
(WebCore::RenderThemeGtk::paintProgressBar):
(WebCore::spinButtonArrowSize):
(WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
(WebCore::styleColor):

4:23 AM Changeset in webkit [195038] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r192702 - A hung webpage pretends to be responsive if you scroll
https://bugs.webkit.org/show_bug.cgi?id=151518

Reviewed by Sam Weinig.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::sendWheelEvent):
(WebKit::WebPageProxy::didReceiveEvent): Don't treat wheel events as
starting or stopping the responsiveness timer. Wheel events usually
process on the event dispatch thread, which responds even if the main
thread is hung.

Instead, send an out-of-band ping to the main thread to verify that
it is still responsive and we'll be able to paint and respond to clicks
after scrolling.

  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::sendMainThreadPing):
(WebKit::WebProcessProxy::didReceiveMainThreadPing):

  • UIProcess/WebProcessProxy.h:
  • UIProcess/WebProcessProxy.messages.in: UI process support for pinging

the main thread in the web process.

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::mainThreadPing):

  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in: Web process support for responding

to pings.

4:14 AM Changeset in webkit [195037] by Carlos Garcia Campos
  • 7 edits
    4 adds in releases/WebKitGTK/webkit-2.10

Merge r192641 - REGRESSION(r8780): Backwards delete by word incorrectly appends deleted text to kill ring, should be prepend
https://bugs.webkit.org/show_bug.cgi?id=151300

Reviewed by Darin Adler.

Source/WebCore:

Over 11 years ago, someone was in a big hurry to fix a bunch
of emacs keybindings bugs, and accidentally regressed the kill ring
behavior for backwards-delete-word. It should prepend to the beginning.

This patch fixes the regression and cleans up the kill ring-related
code in Editor and commands. It also adds some tests to cover the
regressed code a bit better.

Tests: editing/pasteboard/emacs-killring-alternating-append-prepend.html

editing/pasteboard/emacs-killring-backward-delete-prepend.html

  • editing/Editor.cpp:

Use more explicit names for insertion mode parameters and member variables.

(WebCore::Editor::deleteWithDirection):
(WebCore::Editor::performDelete):
(WebCore::Editor::addRangeToKillRing):
(WebCore::Editor::addTextToKillRing):

Only one call site for now, but another will be added in a dependent fix.

(WebCore::Editor::addToKillRing): Deleted.

  • editing/Editor.h:
  • editing/TypingCommand.cpp:

(WebCore::TypingCommand::TypingCommand):
(WebCore::TypingCommand::deleteKeyPressed):
(WebCore::TypingCommand::forwardDeleteKeyPressed):
(WebCore::TypingCommand::doApply):

  • editing/TypingCommand.h:
  • platform/mac/KillRingMac.mm:

(WebCore::KillRing::append):
(WebCore::KillRing::prepend):

It turns out that the native API implicitly clears the kill sequence when
alternating between prepend and append operations. Its behavior does not match
what Sublime Text or Emacs do in this case. Clear the previous operation flag
to prevent this behavior from happening.

LayoutTests:

  • editing/pasteboard/emacs-killring-alternating-append-prepend-expected.txt: Added.
  • editing/pasteboard/emacs-killring-alternating-append-prepend.html: Added.
  • editing/pasteboard/emacs-killring-backward-delete-prepend-expected.txt: Added.
  • editing/pasteboard/emacs-killring-backward-delete-prepend.html: Added.
4:08 AM Changeset in webkit [195036] by Carlos Garcia Campos
  • 5 edits
    5 adds in releases/WebKitGTK/webkit-2.10

Merge r192604 - [WK1] Crash loading Blink layout test fast/dom/Window/property-access-on-cached-window-after-frame-removed.html
https://bugs.webkit.org/show_bug.cgi?id=150198
<rdar://problem/23136026>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: fast/dom/Window/property-access-on-cached-window-after-frame-removed.html

Properties of a contentWindow could be accessed even if the frame who owns the window is
detached. Therefore, check whether the document loader is still alive before using it.

  • page/PerformanceTiming.cpp:

(WebCore::PerformanceTiming::monotonicTimeToIntegerMilliseconds):

Tools:

  • WebKitTestRunner/InjectedBundle/mac/TestRunnerMac.mm:

(WTR::TestRunner::inspectorTestStubURL):
Since WebInspectorUI.framework is not available for iOS, the framework
and corresponding functions are disabled in iOS.

LayoutTests:

  • fast/dom/Window/666869-expected.txt: Added.
  • fast/dom/Window/666869.html: Added.

Test case is from Mozilla.

  • fast/dom/Window/property-access-on-cached-window-after-frame-removed-expected.txt: Added.
  • fast/dom/Window/property-access-on-cached-window-after-frame-removed.html: Added.
  • fast/dom/Window/resources/window-property-collector.js: Added.

(collectProperties):
(emitExpectedResult):
(collectPropertiesHelper):
Test case is from Blink r168256:
https://codereview.chromium.org/131113003

  • platform/mac-wk2/TestExpectations:
4:04 AM Changeset in webkit [195035] by ddkilzer@apple.com
  • 2 edits in trunk/Source/WTF

Part 2/2: Stop using USE(CFNETWORK) path on iOS
<https://webkit.org/b/142540>

Original patch by Antti Koivisto <Antti Koivisto> on 2015-03-10
Reviewed by Chris Dumez.

  • wtf/Platform.h: Turn off USE(CFNETWORK) for PLATFORM(IOS).
4:03 AM Changeset in webkit [195034] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192582 - Null dereference in Performance::Performance(WebCore::Frame*)
https://bugs.webkit.org/show_bug.cgi?id=151390

Reviewed by Brady Eidson.

Based on the stack trace, it appears the DocumentLoader can be null
when constructing the Performance object. This patch thus adds a null
check before trying to dereference it.

No new tests, was not able to reproduce.

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::navigator):
(WebCore::DOMWindow::performance):

  • page/Performance.cpp:

(WebCore::Performance::Performance):
(WebCore::Performance::scriptExecutionContext):

  • page/Performance.h:
4:02 AM Changeset in webkit [195033] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192574 - [Cairo] SolidStroke broken in drawLine after r191658
https://bugs.webkit.org/show_bug.cgi?id=151385

Patch by Alejandro G. Castro <alex@igalia.com> on 2015-11-18
Reviewed by Carlos Garcia Campos.

Fix the drawLine function after r191658, we have to make sure the
color is set when line is SolidStroke.

  • platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::drawLine):

4:01 AM Changeset in webkit [195032] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Tools

Merge r192568 - [XvfbDriver] Fail to run all layout tests when X server started with -displayfd option
https://bugs.webkit.org/show_bug.cgi?id=151135

Reviewed by Darin Adler.

The XvfbDriver uses the x server command line to check the
displays that are currently in use. This doesn't work when X
server was started with -displayfd option. This option is used to let
the server find the display id available that is written to the
given file descriptor. With this option xorg doesn't need to
create the lock files in tmp either. The -displayfd option is also
available in Xvfb, so we could use it too. That would simplify the
code, fixing also race conditions between the check for available
displays and Xvfb opening the connection, we wouldn't need to wait
for 4 seconds after launching Xvfb, and all lock files we are
using won't be needed either.

  • Scripts/webkitpy/port/xvfbdriver.py:

(XvfbDriver._xvfb_pipe): Helper function to create the pipe, only
needed to be overriden by unit tests.
(XvfbDriver._xvfb_read_display_id): Helper function to read from
the pipe, only needed to be overriden by unit tests.
(XvfbDriver._xvfb_run): Run Xvfb with -displayfd option, using a
pipe to read the display id.
(XvfbDriver._start): Call _xvfb_run() and remove the code to run
Xvfb for a given display.
(XvfbDriver.stop): Remove code to release and delete file locks.

  • Scripts/webkitpy/port/xvfbdriver_unittest.py:

(XvfbDriverTest.make_driver):
(XvfbDriverTest.test_start):
(XvfbDriverTest.test_start_arbitrary_worker_number):
(XvfbDriverTest.test_stop):
(XvfbDriverTest.assertDriverStartSuccessful): Deleted.
(XvfbDriverTest): Deleted.
(XvfbDriverTest.test_stop.FakeXvfbProcess): Deleted.

3:58 AM Changeset in webkit [195031] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10

Merge r192567 - Null dereference loading Blink layout test editing/execCommand/indent-button-crash.html
https://bugs.webkit.org/show_bug.cgi?id=151187

Reviewed by Darin Adler.

Source/WebCore:

This is a merge of Blink r174671:
https://codereview.chromium.org/291143002

Fixes imported/blink/editing/execCommand/indent-button-crash.html.

  • editing/ApplyBlockElementCommand.cpp:

(WebCore::ApplyBlockElementCommand::doApply):

LayoutTests:

Unskip the test.

  • platform/gtk/TestExpectations:
  • platform/win/TestExpectations:
3:56 AM Changeset in webkit [195030] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r192528 - A window with a hung tab waits 5s before closing
https://bugs.webkit.org/show_bug.cgi?id=151319

Reviewed by Anders Carlsson.

I manually tested that I did not break unload events upon window close
by running run-webkit-httpd and invoking a 1x1 image load of
http://127.0.0.1:8000/navigation/resources/save-Ping.php from an unload
handler.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::tryClose): Use the sudden termination bit to
close without waiting for a response.

  • UIProcess/WebProcessProxy.h:

(WebKit::WebProcessProxy::isSuddenTerminationEnabled): Expose the bit.

3:51 AM Changeset in webkit [195029] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r192527 - Reserved VM pool established in r187125 is likely too conservative
https://bugs.webkit.org/show_bug.cgi?id=151351

Reviewed by Filip Pizlo.

Reduce the VM allocation reserved pool from 25% to 15% for ARM32.

  • jit/ExecutableAllocator.h:
3:31 AM Changeset in webkit [195028] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192513 - ASSERTION FAILED: contentSize >= 0 in WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMax
https://bugs.webkit.org/show_bug.cgi?id=151025

Reviewed by Darin Adler.

Source/WebCore:

Negative margins could make RenderFlexibleBox compute negative
intrinsic sizes. Clamp intrinsic sizes to 0.

Test: css3/flexbox/negative-margins-assert.html

  • rendering/RenderFlexibleBox.cpp:

(WebCore::RenderFlexibleBox::computeIntrinsicLogicalWidths):

LayoutTests:

  • css3/flexbox/negative-margins-assert-expected.txt: Added.
  • css3/flexbox/negative-margins-assert.html: Added.
3:30 AM Changeset in webkit [195027] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r192510 - [GTK] Web Process crashes on reparenting a WebView with AC mode on
https://bugs.webkit.org/show_bug.cgi?id=151139

Reviewed by Mario Sanchez Prada.

When the web view is reparented, the widget is first unrealized,
and then realized again when added to the new parent. In the
second realize, the old redirected XComposite window is destroyed
and a new one is created, but the web process is still using the
old redirected window ID. As soon as the redirected window is
destroyed and the web process tries to use the window ID, it
crashes due to a BadDrawable X error. We have to notify the web
process as soon as the web view is unrealized to stop using the
current window ID and exit accelerated compositing mode until a
new window ID is given. This notification needs to be synchronous,
because the window can be destroyed in the UI process before the
message is received in the web process.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseRealize): Add an assert to ensure we never have
a redirected window when the view is realized. Also check drawing
area is not nullptr, since it can be destroyed at any time if the
web process crashes.
(webkitWebViewBaseUnrealize): Call
DrawingAreaProxyImpl::destroyNativeSurfaceHandleForCompositing()
and destroy the redirected XComposite window.

  • UIProcess/DrawingAreaProxyImpl.cpp:

(WebKit::DrawingAreaProxyImpl::destroyNativeSurfaceHandleForCompositing):
Send DestroyNativeSurfaceHandleForCompositing synchronous messsage
to the web process.

  • UIProcess/DrawingAreaProxyImpl.h:
  • WebProcess/WebPage/DrawingArea.h:
  • WebProcess/WebPage/DrawingArea.messages.in: Add

DestroyNativeSurfaceHandleForCompositing message.

  • WebProcess/WebPage/DrawingAreaImpl.cpp:

(WebKit::DrawingAreaImpl::destroyNativeSurfaceHandleForCompositing):
Set the native surface handler for compositing to 0 to reset it.

  • WebProcess/WebPage/DrawingAreaImpl.h:
  • WebProcess/WebPage/gtk/LayerTreeHostGtk.cpp:

(WebKit::LayerTreeHostGtk::makeContextCurrent): Return false
early always when layer tree context ID is 0, even if we already
have a context.
(WebKit::LayerTreeHostGtk::setNativeSurfaceHandleForCompositing):
Cancel any pending layer flush when setting a new handler.

3:27 AM Changeset in webkit [195026] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192499 - Source/WebCore:
Fixes the buffer-overflow when reading characters from textRun
https://bugs.webkit.org/attachment.cgi?bugid=151055
<rdar://problem/23251789>

Patch by Pranjal Jumde <pjumde@apple.com> on 2015-11-16
Reviewed by Brent Fulgham.

  • platform/graphics/FontCascade.cpp

LayoutTests:
Checks for buffer-overflows when reading characters from textRun
https://bugs.webkit.org/attachment.cgi?bugid=151055
<rdar://problem/23251789>

Patch by Pranjal Jumde <pjumde@apple.com> on 2015-11-16
Reviewed by Brent Fulgham.

  • webgl/1.0.3/151055_asan-expected.txt
  • webgl/1.0.3/151055_asan.html
3:26 AM Changeset in webkit [195025] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r192496 - WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction calls an std::function after it's been moved from
https://bugs.webkit.org/show_bug.cgi?id=151248

Reviewed by Darin Adler.

Like r188287, calling an empty std::function results in a std::bad_function_call
exception being thrown when sendSync is failed.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

3:14 AM Changeset in webkit [195024] by Carlos Garcia Campos
  • 4 edits
    4 adds in releases/WebKitGTK/webkit-2.10

Merge r192477 - Null-pointer dereference in WebCore::firstEditablePositionAfterPositionInRoot
https://bugs.webkit.org/show_bug.cgi?id=151288
<rdar://problem/23450367>

Reviewed by Darin Adler.

Source/WebCore:

Some problematic organization of body element could cause problems to JustifyRight
and Indent commnads.

Tests: editing/execCommand/justify-right-then-indent-with-problematic-body.html

editing/execCommand/justify-right-with-problematic-body.html

  • editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):
Assertion at l1017 is not held anymore with the testcase:
editing/execCommand/justify-right-with-problematic-body.html.
Therefore, change it to an if statement.
Also, add a guardance before calling insertNewDefaultParagraphElementAt()
as insertNodeAt() requires an editable position.
(WebCore::CompositeEditCommand::moveParagraphWithClones):
Add a guardance before calling insertNodeAt() as it requires an editable position.

  • editing/htmlediting.cpp:

(WebCore::firstEditablePositionAfterPositionInRoot):
(WebCore::lastEditablePositionBeforePositionInRoot):

LayoutTests:

  • editing/execCommand/justify-right-then-indent-with-problematic-body-expected.txt: Added.
  • editing/execCommand/justify-right-then-indent-with-problematic-body.html: Added.
  • editing/execCommand/justify-right-with-problematic-body-expected.txt: Added.
  • editing/execCommand/justify-right-with-problematic-body.html: Added.
3:11 AM Changeset in webkit [195023] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r192458 - Regression(r188820): Downloads of data URLs is broken
https://bugs.webkit.org/show_bug.cgi?id=150900
rdar://problem/23399223

Reviewed by Darin Adler.

No test, the current test infrastructure only allows testing policy decisions, not the actual download.

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::continueAfterContentPolicy):

Use normal download path for data URLs instead of trying to convert the main resource load.
Since we decode data URLs locally there is no associated resource load on WebKit side.

3:09 AM Changeset in webkit [195022] by Carlos Garcia Campos
  • 10 edits in releases/WebKitGTK/webkit-2.10

Merge r192444 - Always render at least a device pixel line when border/outline width > 0.
https://bugs.webkit.org/show_bug.cgi?id=151269

This matches Firefox behaviour.

Reviewed by Simon Fraser.

Source/WebCore:

Existing test is modified to reflect the new behaviour.

  • css/StyleBuilderConverter.h:

(WebCore::StyleBuilderConverter::convertLineWidth):

  • rendering/BorderEdge.cpp:

(WebCore::BorderEdge::BorderEdge): Deleted.

  • rendering/BorderEdge.h:

LayoutTests:

  • fast/borders/hidpi-border-width-flooring-expected.html:
  • fast/borders/hidpi-border-width-flooring.html:
2:56 AM Changeset in webkit [195021] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192433 - Element::focus() should acquire the ownership of Frame.
https://bugs.webkit.org/show_bug.cgi?id=150204
<rdar://problem/23136794>

Reviewed by Brent Fulgham.

Source/WebCore:

The FrameSelection::setSelection method sometimes releases the last reference to a frame.
When this happens, the Element::updateFocusAppearance would attempt to use dereferenced memory.
Instead, we should ensure that the Frame lifetime is guaranteed to extend through the duration
of the method call.

Test: editing/selection/focus-iframe-removal-crash.html

  • dom/Element.cpp:

(WebCore::Element::updateFocusAppearance):

LayoutTests:

  • editing/selection/focus-iframe-removal-crash-expected.txt: Added.
  • editing/selection/focus-iframe-removal-crash.html: Added.
2:20 AM Changeset in webkit [195020] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192389 - Ignore visited background color when deciding if the input renderer needs to be painted natively.
https://bugs.webkit.org/show_bug.cgi?id=151211
rdar://problem/21449823

Reviewed by Antti Koivisto.

Source/WebCore:

Test: fast/css/pseudo-visited-background-color-on-input.html

  • rendering/RenderTheme.cpp:

(WebCore::RenderTheme::isControlStyled):

  • rendering/style/RenderStyle.h:

LayoutTests:

  • fast/css/pseudo-visited-background-color-on-input-expected.html: Added.
  • fast/css/pseudo-visited-background-color-on-input.html: Added.
2:07 AM Changeset in webkit [195019] by Carlos Garcia Campos
  • 4 edits
    6 adds in releases/WebKitGTK/webkit-2.10

Merge r192369 - popstate event should be dispatched asynchronously
https://bugs.webkit.org/show_bug.cgi?id=36202
<rdar://problem/7761279>

Based on an original patch by Mihai Parparita <mihaip@chromium.org>.

Reviewed by Brent Fulgham.

Source/WebCore:

Tests: fast/loader/remove-iframe-during-history-navigation-different.html

fast/loader/remove-iframe-during-history-navigation-same.html
fast/loader/stateobjects/popstate-is-asynchronous.html

  • dom/Document.cpp:

(WebCore::Document::enqueuePopstateEvent):
Use enqueueWindowEvent().

LayoutTests:

  • fast/loader/remove-iframe-during-history-navigation-different-expected.txt: Added.
  • fast/loader/remove-iframe-during-history-navigation-different.html: Added.

Imported from Blink.

  • fast/loader/remove-iframe-during-history-navigation-same-expected.txt: Added.
  • fast/loader/remove-iframe-during-history-navigation-same.html: Added.

Ditto.

  • fast/loader/stateobjects/popstate-fires-on-history-traversal.html:

Modified to account for popstate firing asynchronously.

  • fast/loader/stateobjects/popstate-is-asynchronous-expected.txt: Added.
  • fast/loader/stateobjects/popstate-is-asynchronous.html: Added.

Based on Mihai's original test. Modified to pass in current WebKit.

2:00 AM Changeset in webkit [195018] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192316 - Crash loading Blink layout test fast/parser/strip-script-attrs-on-input.html
https://bugs.webkit.org/show_bug.cgi?id=150201
<rdar://problem/23136478>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: fast/parser/strip-script-attrs-on-input.html

  • html/parser/HTMLTreeBuilder.cpp:

(WebCore::HTMLTreeBuilder::processStartTagForInBody):
Get the attribute after calling
HTMLConstructionSite::insertSelfClosingHTMLElement(), as this may
mutate the token's attributes.

LayoutTests:

  • fast/parser/strip-script-attrs-on-input-expected.txt: Added.
  • fast/parser/strip-script-attrs-on-input.html: Added.
1:56 AM Changeset in webkit [195017] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.10/Source/WebKit2

Merge r192311 - [GTK] Runtime critical warnings when closing a page containing windowed plugins
https://bugs.webkit.org/show_bug.cgi?id=151132

Reviewed by Martin Robinson.

This is because our plugin widget, that is a GtkPlug (derived from
GtkWindow), can receive the delete-event signal before
NetscapePlugin::platformDestroy is called. The delete-event
signal, by default, destroys the window when the signal is not
handled. So, after the delete-event the GtkPlug is destroyed, but
our pointer hasn't been reset. We can handle the delete-event
using gtk_widget_hide_on_delete as callback, so that the plugin
widget is hidden instead of destroyed.

  • WebProcess/Plugins/Netscape/x11/NetscapePluginX11.cpp:

(WebKit::NetscapePlugin::platformPostInitializeWindowed):

1:52 AM Changeset in webkit [195016] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192281 - Crash running webaudio/panner-loop.html
https://bugs.webkit.org/show_bug.cgi?id=150200
<rdar://problem/23136282>

Reviewed by Jer Noble.

Source/WebCore:

Test: webaudio/panner-loop.html

This is based on the changes in Blink r164822:
https://codereview.chromium.org/130003002

Avoid infinitely recursing on audio nodes by keeping track of which nodes we've already
visited.

  • Modules/webaudio/PannerNode.cpp:

(WebCore::PannerNode::pullInputs): Pass set of visited nodes so we don't revisit
nodes we've already serviced.
(WebCore::PannerNode::notifyAudioSourcesConnectedToNode): Accept visitedNodes argument
so we can avoid revisiting nodes. Check if the current node has already been visited
before processing it.

  • Modules/webaudio/PannerNode.h:

LayoutTests:

This is based on the changes in Blink r164822:
https://codereview.chromium.org/130003002

  • webaudio/panner-loop-expected.txt: Added.
  • webaudio/panner-loop.html: Added.
1:49 AM Changeset in webkit [195015] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.10

Merge r192275 - Continuations with anonymous wrappers inside misplaces child renderers.
https://bugs.webkit.org/show_bug.cgi?id=150908

When a child is appended to an inline container and the beforeChild is not a direct child, but
it is inside a generated subtree, we need to special case the inline split to form continuation.

RenderInline::splitInlines() assumes that beforeChild is always a direct child of the current
inline container. However when beforeChild type requires wrapper content (such as table cells), the DOM and the
render tree get out of sync. In such cases, we need to ensure that both the beforeChild and its siblings end up
in the correct generated block.

Reviewed by Darin Adler and David Hyatt.

Source/WebCore:

Test: fast/inline/continuation-with-anon-wrappers.html

  • rendering/RenderInline.cpp:

(WebCore::RenderInline::splitInlines):
(WebCore::RenderInline::addChildToContinuation):

LayoutTests:

  • fast/inline/continuation-with-anon-wrappers-expected.txt: Added.
  • fast/inline/continuation-with-anon-wrappers.html: Added.
1:45 AM Changeset in webkit [195014] by Carlos Garcia Campos
  • 9 edits
    36 adds in releases/WebKitGTK/webkit-2.10

Merge r191011 - Anonymous table objects: inline parent box requires inline-table child.
https://bugs.webkit.org/show_bug.cgi?id=150090

Reviewed by David Hyatt.

According to the CSS2.1 specification, if a child needs anonymous table wrapper
and the child's parent is an inline box, the generated table needs to be inline-table.
(inline-block and block parents generate non-inline table)

Import W3C CSS2.1 anonymous table tests.

Source/WebCore:

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::childRequiresTable):
(WebCore::RenderElement::addChild):

  • rendering/RenderElement.h:
  • rendering/RenderInline.cpp:

(WebCore::RenderInline::newChildIsInline):
(WebCore::RenderInline::addChildIgnoringContinuation):
(WebCore::RenderInline::addChildToContinuation):

  • rendering/RenderInline.h:
  • rendering/RenderTable.cpp:

(WebCore::RenderTable::createAnonymousWithParentRenderer):

LayoutTests:

  • css2.1/tables/table-anonymous-objects-177.xht: Added.
  • css2.1/tables/table-anonymous-objects-178.xht: Added.
  • css2.1/tables/table-anonymous-objects-179.xht: Added.
  • css2.1/tables/table-anonymous-objects-180.xht: Added.
  • css2.1/tables/table-anonymous-objects-181.xht: Added.
  • css2.1/tables/table-anonymous-objects-189.xht: Added.
  • css2.1/tables/table-anonymous-objects-190.xht: Added.
  • css2.1/tables/table-anonymous-objects-191.xht: Added.
  • css2.1/tables/table-anonymous-objects-192.xht: Added.
  • css2.1/tables/table-anonymous-objects-193.xht: Added.
  • css2.1/tables/table-anonymous-objects-194.xht: Added.
  • css2.1/tables/table-anonymous-objects-195.xht: Added.
  • css2.1/tables/table-anonymous-objects-196.xht: Added.
  • css2.1/tables/table-anonymous-objects-205.xht: Added.
  • css2.1/tables/table-anonymous-objects-206.xht: Added.
  • css2.1/tables/table-anonymous-objects-207.xht: Added.
  • css2.1/tables/table-anonymous-objects-208.xht: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-177-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-178-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-179-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-180-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-181-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-189-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-190-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-191-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-192-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-193-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-194-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-195-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-196-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-205-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-206-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-207-expected.txt: Added.
  • platform/mac/css2.1/tables/table-anonymous-objects-208-expected.txt: Added.
1:35 AM Changeset in webkit [195013] by Carlos Garcia Campos
  • 18 edits
    25 adds in releases/WebKitGTK/webkit-2.10

Merge r192270 - alert, confirm, prompt, showModalDialog should be forbidden during page close and navigation
https://bugs.webkit.org/show_bug.cgi?id=150980

Reviewed by Chris Dumez.

Source/WebCore:

Tests: fast/events/beforeunload-alert.html

fast/events/beforeunload-confirm.html
fast/events/beforeunload-prompt.html
fast/events/beforeunload-showModalDialog.html
fast/events/pagehide-alert.html
fast/events/pagehide-confirm.html
fast/events/pagehide-prompt.html
fast/events/pagehide-showModalDialog.html
fast/events/unload-alert.html
fast/events/unload-confirm.html
fast/events/unload-prompt.html
fast/events/unload-showModalDialog.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::stopLoading): Factored out a helper function for
unload event processing.
(WebCore::FrameLoader::handleUnloadEvents): Forbid prompts in unload
events just like we do in beforeunload events, and for the same reasons.

(WebCore::FrameLoader::handleBeforeUnloadEvent): Updated for renames.

  • loader/FrameLoader.h:
  • page/DOMWindow.cpp:

(WebCore::DOMWindow::print):
(WebCore::DOMWindow::alert):
(WebCore::DOMWindow::confirm):
(WebCore::DOMWindow::prompt):
(WebCore::DOMWindow::showModalDialog): Updated for renames. Refactored
some of this code to handle null pages more cleanly. In particular, we
sometimes used to treat null page as "everything is permitted" -- but it
is best practice in a permissions context to treat lack of information
as no permission granted rather than all permissions granted. (I don't
know of a way to trigger this condition in practice.)

  • page/Page.cpp:

(WebCore::Page::Page):
(WebCore::Page::forbidPrompts):
(WebCore::Page::allowPrompts):
(WebCore::Page::arePromptsAllowed): Renamed to make these functions
reflect their new, broader context.

(WebCore::Page::incrementFrameHandlingBeforeUnloadEventCount): Deleted.
(WebCore::Page::decrementFrameHandlingBeforeUnloadEventCount): Deleted.
(WebCore::Page::isAnyFrameHandlingBeforeUnloadEvent): Deleted.

  • page/Page.h:

LayoutTests:

Added tests to cover the matrix of [ alert, confirm, prompt, showModalDialog ] x [ beforeunload, unload, pagehide ].

  • fast/events/beforeunload-alert-expected.txt: Added.
  • fast/events/beforeunload-alert.html: Added.
  • fast/events/beforeunload-confirm-expected.txt: Added.
  • fast/events/beforeunload-confirm.html: Added.
  • fast/events/beforeunload-prompt-expected.txt: Added.
  • fast/events/beforeunload-prompt.html: Added.
  • fast/events/beforeunload-showModalDialog-expected.txt: Added.
  • fast/events/beforeunload-showModalDialog.html: Added.
  • fast/events/onunload-expected.txt:
  • fast/events/onunload-not-on-body-expected.txt:
  • fast/events/onunload-window-property-expected.txt:
  • fast/events/pagehide-alert-expected.txt: Added.
  • fast/events/pagehide-alert.html: Added.
  • fast/events/pagehide-confirm-expected.txt: Added.
  • fast/events/pagehide-confirm.html: Added.
  • fast/events/pagehide-prompt-expected.txt: Added.
  • fast/events/pagehide-prompt.html: Added.
  • fast/events/pagehide-showModalDialog-expected.txt: Added.
  • fast/events/pagehide-showModalDialog.html: Added.
  • fast/events/pageshow-pagehide-on-back-cached-expected.txt:
  • fast/events/pageshow-pagehide-on-back-uncached-expected.txt:
  • fast/events/resources/prompt-landing-page.html: Added.
  • fast/events/unload-alert-expected.txt: Added.
  • fast/events/unload-alert.html: Added.
  • fast/events/unload-confirm-expected.txt: Added.
  • fast/events/unload-confirm.html: Added.
  • fast/events/unload-prompt-expected.txt: Added.
  • fast/events/unload-prompt.html: Added.
  • fast/events/unload-showModalDialog-expected.txt: Added.
  • fast/events/unload-showModalDialog.html: Added.
  • platform/wk2/TestExpectations: WebKit2 can't handle showModalDialog tests.
  • compositing/iframes/page-cache-layer-tree-expected.txt:
  • fast/dom/Geolocation/notimer-after-unload-expected.txt:
  • fast/history/timed-refresh-in-cached-frame-expected.txt:
  • fast/loader/frames-with-unload-handlers-in-page-cache-expected.txt:
  • fast/loader/page-dismissal-modal-dialogs-expected.txt: These were

pre-existing tests that tried to alert during unload.

1:17 AM Changeset in webkit [195012] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.10/Source/JavaScriptCore

Merge r192267 - X86_64 support for compareDouble(DoubleCondition, FPRegisterID left, FPRegisterID right, RegisterID dest)
https://bugs.webkit.org/show_bug.cgi?id=151009

Reviewed by Filip Pizlo.

Added compareDouble() macro assembler function and the supporting setnp_r() and setp_r() X86 assembler functions.
Hand tested.

  • assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::compare64):
(JSC::MacroAssemblerX86_64::compareDouble):
(JSC::MacroAssemblerX86_64::branch64):

  • assembler/X86Assembler.h:

(JSC::X86Assembler::setnz_r):
(JSC::X86Assembler::setnp_r):
(JSC::X86Assembler::setp_r):
(JSC::X86Assembler::cdq):

12:50 AM Changeset in webkit [195011] by peavo@outlook.com
  • 4 edits in trunk/Source

[Win] Remove workarounds for fixed bugs in fmod and pow.
https://bugs.webkit.org/show_bug.cgi?id=153071

Reviewed by Brent Fulgham.

Source/WebCore:

Compile fix, help MSVC pick correct pow overload.

  • rendering/shapes/BoxShape.cpp:

(WebCore::adjustRadiusForMarginBoxShape):

Source/WTF:

The bugs have been fixed in the MSVC CRT, and we can remove the workarounds.

  • wtf/MathExtras.h:

(wtf_fmod): Deleted.
(wtf_pow): Deleted.

12:39 AM Changeset in webkit [195010] by youenn.fablet@crf.canon.fr
  • 28 edits
    3 adds in trunk

Fix problems with cross-origin redirects
https://bugs.webkit.org/show_bug.cgi?id=116075

Reviewed by Daniel Bates.

LayoutTests/imported/w3c:

Rebasing test expectations.
These tests cannot work as expected as WTR/DRT block access to www2.localhost and example.not.

  • web-platform-tests/XMLHttpRequest/send-redirect-bogus-expected.txt:
  • web-platform-tests/XMLHttpRequest/send-redirect-to-cors-expected.txt:
  • web-platform-tests/XMLHttpRequest/send-redirect-to-non-cors-expected.txt:

Source/WebCore:

Merging https://chromium.googlesource.com/chromium/blink/+/7ea774e478f84f355748108d2aaabca15355d512 by Ken Russell
Same origin redirect responses leading to cross-origin requests were checked as cross-origin redirect responses.
Introduced ClientRequestedCredentials to manage whether credentials are needed or not in the cross-origin request.

In addition to Blink patch, it was needed to update some loaders with the newly introduced ClientRequestedCredentials parameter.
Added the clearing of "Accept-Encoding" header from cross-origin requests as Mac HTTP network layer is adding it for same-origin requests.

Test: http/tests/xmlhttprequest/access-control-and-redirects-async-same-origin.html

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::startLoadingMainResource): Added new security parameter (from Blink patch).

  • loader/DocumentThreadableLoader.cpp:

(WebCore::DocumentThreadableLoader::redirectReceived): Updated checks so that same origin redirections are not treated as cross origin redirections (from Blink patch).

  • loader/MediaResourceLoader.cpp:

(WebCore::MediaResourceLoader::start):

  • loader/NetscapePlugInStreamLoader.cpp:

(WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader): Added new security parameter.

  • loader/ResourceLoaderOptions.h:

(WebCore::ResourceLoaderOptions::ResourceLoaderOptions): Added new security parameter (from Blink patch).
(WebCore::ResourceLoaderOptions::credentialRequest):
(WebCore::ResourceLoaderOptions::setCredentialRequest):

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestUserCSSStyleSheet): Ditto.
(WebCore::CachedResourceLoader::defaultCachedResourceOptions): Ditto.

  • loader/icon/IconLoader.cpp:

(WebCore::IconLoader::startLoading): Added new security parameter.

  • page/EventSource.cpp:

(WebCore::EventSource::connect): Added new security parameter (from Blink patch).

  • platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:

(WebCore::WebCoreAVCFResourceLoader::startLoading): Added new security parameter.

  • platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:

(WebCore::WebCoreAVFResourceLoader::startLoading): Ditto.

  • platform/network/ResourceHandleTypes.h: Added new security parameter constants (from Blink patch).
  • platform/network/ResourceRequestBase.cpp:

(WebCore::ResourceRequestBase::clearHTTPAcceptEncoding): Function to remove "Accept-Encoding" header.

  • platform/network/ResourceRequestBase.h: Ditto.
  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::createRequest): Added new security parameter.

LayoutTests:

Merging https://chromium.googlesource.com/chromium/blink/+/7ea774e478f84f355748108d2aaabca15355d512 by Ken Russell
This merge adds tests for cross origin requests triggered from same origin redirection responses with and without credentials).
Rebaseline of some tests due to console error messages generated from newly hit CORS checks.

  • TestExpectations: Disabled WPT tests that require access to non localhost URLs which are currently blocked by DTR/WTR.
  • http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:
  • http/tests/xmlhttprequest/access-control-and-redirects-async-same-origin-expected.txt: Added.
  • http/tests/xmlhttprequest/access-control-and-redirects-async-same-origin.html: Added.
  • http/tests/xmlhttprequest/access-control-and-redirects-async.html:
  • http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
  • http/tests/xmlhttprequest/access-control-and-redirects.html:
  • http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt:
  • http/tests/xmlhttprequest/redirect-cross-origin-expected.txt:
  • http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt:
  • http/tests/xmlhttprequest/redirect-cross-origin-tripmine-expected.txt:
  • http/tests/xmlhttprequest/resources/access-control-basic-allow-no-credentials.cgi: Added.
  • http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt:
Note: See TracTimeline for information about the timeline view.