Timeline



Feb 8, 2016:

9:26 PM Changeset in webkit [196304] by jonlee@apple.com
  • 7 edits in trunk/PerformanceTests

Address Said's comments on the benchmark, and do some clean up.

  • Animometer/developer.html:
  • Animometer/resources/debug-runner/animometer.css: Add styles for averages.
  • Animometer/resources/debug-runner/animometer.js: Use the right

Strings constants.

  • Animometer/resources/debug-runner/graph.js:

(_addRegressionLine): Add missing code to draw the line and standard
deviation highlight.
(onGraphTypeChanged): Remove unneeded variables
(onTimeGraphOptionsChanged):

  • Animometer/resources/runner/benchmark-runner.js:

(_runBenchmarkAndRecordResults): Rename samplers to suiteResults and
_suitesSamplers to _suitesResults.

  • Animometer/tests/resources/main.js:

(results): Call processSamples().
(update): Change sampling timestamp comparison.
(_animateLoop): Move shouldStop call to before the update.

  • Animometer/tests/resources/sampler.js:

(process): Rename to processSamples().

9:15 PM Changeset in webkit [196303] by Chris Dumez
  • 21 edits in trunk

Attribute getters should not require an explicit 'this' value for Window properties
https://bugs.webkit.org/show_bug.cgi?id=153968

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Attribute getters should not require an explicit 'this' value for
Window properties. This is because the Window interface is marked
as [ImplicitThis]:

This matches the behavior of Firefox and the expectations of the W3C
web-platform-tests.

No new tests, already covered by existing tests.

  • bindings/scripts/CodeGeneratorJS.pm:

In attribute getters of an interface marked as [ImplicitThis],
if 'thisValue' is undefined or null, fall back to using the
global object as 'thisValue'.

  • bindings/scripts/IDLAttributes.txt:

Add support for [ImplicitThis]:
http://heycam.github.io/webidl/#ImplicitThis

  • bindings/scripts/test/JS/JSTestEventConstructor.cpp:
  • bindings/scripts/test/JS/JSTestException.cpp:
  • bindings/scripts/test/JS/JSTestInterface.cpp:
  • bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
  • bindings/scripts/test/JS/JSTestNode.cpp:
  • bindings/scripts/test/JS/JSTestNondeterministic.cpp:
  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
  • bindings/scripts/test/JS/JSTestTypedefs.cpp:
  • bindings/scripts/test/JS/JSattribute.cpp:

Rebaseline bindings tests.

  • page/DOMWindow.idl:

Mark Window as [ImplicitThis]:
http://heycam.github.io/webidl/#ImplicitThis

LayoutTests:

Rebaseline existing tests now that more checks are passing.

  • fast/dom/Window/getOwnPropertyDescriptor-other-window-expected.txt:
  • fast/dom/Window/getOwnPropertyDescriptor-other-window.html:
  • js/getOwnPropertyDescriptor-window-attributes-expected.txt:
7:46 PM Changeset in webkit [196302] by keith_miller@apple.com
  • 2 edits
    1 add in trunk/Source/JavaScriptCore

Error construction for inlined operations should not use the inliner's CodeBlock
https://bugs.webkit.org/show_bug.cgi?id=154021

Reviewed by Mark Lam.

Previously, if one function, A, was inlined into another function, B, in the DFG/FTL
we would use B's DFG/FTL CodeBlock to construct source information about the Error.
We would correctly compute the bytecodeOffset in A for the an expression but we would
not use one of A's CodeBlocks when looking up source. This caused crashes during
operationIn as we expected to be able to find the text "in" in the source.

  • runtime/ErrorInstance.cpp:

(JSC::appendSourceToError):

  • tests/stress/inlined-error-gets-correct-codeblock-for-bytecodeoffset.js: Added.

(map):
(n):
(one):
(catch):

7:33 PM Changeset in webkit [196301] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Uncaught exception merging script profiler records
https://bugs.webkit.org/show_bug.cgi?id=154004

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-08
Reviewed by Brian Burg.

  • UserInterface/Controllers/TimelineManager.js:

(WebInspector.TimelineManager.prototype._mergeScriptProfileRecords):
Stop if we've merged all script profiler records.

7:31 PM Changeset in webkit [196300] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

runtimeTypeForValue should protect against seeing TDZ value
https://bugs.webkit.org/show_bug.cgi?id=154023

Reviewed by Michael Saboff.

There are a few back traces I've seen from crashes that bottom out
inside runtimeTypeForValue. I haven't been able to reproduce
any such crash, but it's likely that we're encountering the
empty JSValue. It's better to just have this function protect
against seeing the empty value instead of dereferencing a null
pointer when it thinks the value is a cell.

  • runtime/RuntimeType.cpp:

(JSC::runtimeTypeForValue):

7:30 PM Changeset in webkit [196299] by jonlee@apple.com
  • 2 edits in trunk/PerformanceTests

Teach Controller to measure intervals, and turn off the frame length estimator.

  • Animometer/tests/resources/main.js: Default interval length is 100 ms.

(start): Set the first interval.
(_measureAndResetInterval): Reports the average frame length of the interval that just
completed, and sets up the next interval.
(update): If there is no length, then just use the estimator per frame, otherwise the
estimator measures per interval. Add a didFinishInterval for subclasses to process
prior to recording the sample. Update tune() to include whether an interval had
finished.
(StepController): Step controllers don't measure on an interval basis.

7:30 PM Changeset in webkit [196298] by jonlee@apple.com
  • 2 edits in trunk/PerformanceTests

Minor refactoring. Rename Controller._estimator to Controller._frameLengthEstimator
and switch the parameters for start(), update(), and tune(), so that the timestamp
is first and stage is second.

  • Animometer/tests/resources/main.js:
7:30 PM Changeset in webkit [196297] by jonlee@apple.com
  • 5 edits in trunk/PerformanceTests

Move ResultsTable functionality not needed for release tests out.
Move reporting of score and mean to selection of the time-based graph.

  • Animometer/developer.html: Rename graph-options to time-graph-options.
  • Animometer/resources/debug-runner/animometer.js:

(DeveloperResultsTable): Moved from runner/animometer.js. Switch from mean
values to "average" objects which can hold stdev. Move graph button and
calculation of noisy measurements here. Sophisticated header processing
is not needed in release suite.
(populateTable): Use DeveloperResultsTable.

  • Animometer/resources/debug-runner/graph.js: Pull time graph creation to

its own function, and add a new onGraphTypeChanged handler in preparation
of a complexity graph to be added later.

  • Animometer/resources/runner/animometer.js:

(ResultsTable): Simplify to just handle test names and scores.

7:30 PM Changeset in webkit [196296] by jonlee@apple.com
  • 5 edits in trunk/PerformanceTests

Tests: reuse objects already made.

Avoid thrash of object creation and removal by maintaining an index that
moves along the array as the adjust values change. If the tune value
requires more objects than the maximum size of the object array, then create
new objects. This means that the object array size never decreases.

  • Animometer/tests/master/resources/canvas-stage.js: Maintain a separate

offsetIndex. For these tests, we want to avoid drawing the oldest objects,
so the scene will draw the object at offsetIndex to the end of the array.
(tune): Reverse the logic since "removal" of objects is much simpler and
involves simply changing the offsetIndex.
(animate): Update the for loop to draw from offsetIndex to the end.
(complexity): Update the definition.

  • Animometer/tests/master/resources/canvas-tests.js: Maintain a separate

offsetIndex. For these tests, we want to avoid drawing the newest objects,
so the scene will draw the object at index 0 to the object at offsetIndex.
(SimpleCanvasStage.animate): Fly-by removal of local stage variable,
which is unneeded. Update the for loop to draw from offsetIndex to the end.

  • Animometer/tests/simple/resources/simple-canvas-paths.js:

(SimpleCanvasStage.animate): Update the for loop to draw from 0 to
offsetIndex.

  • Animometer/tests/simple/resources/simple-canvas.js:

(tune): Update logic. Here, offsetIndex represents the boundary of the last
index to render.
(animate): Update the for loop to draw from 0 to offsetIndex.
(complexity): Update the definition.

7:30 PM Changeset in webkit [196295] by jonlee@apple.com
  • 7 edits in trunk/PerformanceTests

Tests: refactor and update styles.

  • Animometer/tests/resources/main.js: Add helper methods that return

a color that hue rotates based on the date, and a counter value that
increases based on the date. Fix randomInt() to not bias against the min and
max values.

  • Animometer/tests/master/resources/canvas-tests.js: Use new helper methods.
  • Animometer/tests/master/resources/dom-particles.js: Ditto.
  • Animometer/tests/master/resources/particles.js: Ditto.
  • Animometer/tests/simple/resources/simple-canvas-paths.js: Refactor to

use a rotating color instead of a random color. The fast switching of color
is too vivid to watch.

  • Animometer/tests/bouncing-particles/resources/bouncing-svg-shapes.js:

(BouncingSvgParticlesStage.call.createGradient): Fix the gradient so
that the last stop is located at the end.

7:30 PM Changeset in webkit [196294] by jonlee@apple.com
  • 12 edits in trunk/PerformanceTests

Refactor tune() to not return the complexity of the scene.

We have stage.complexity() now, so returning the complexity through tune
is unnecessary.

  • Animometer/tests/bouncing-particles/resources/bouncing-particles.js:
  • Animometer/tests/master/resources/canvas-stage.js:
  • Animometer/tests/master/resources/particles.js:
  • Animometer/tests/misc/resources/canvas-electrons.js:
  • Animometer/tests/misc/resources/canvas-stars.js:
  • Animometer/tests/resources/main.js:
  • Animometer/tests/simple/resources/simple-canvas.js:
  • Animometer/tests/simple/resources/tiled-canvas-image.js:
  • Animometer/tests/template/resources/template-canvas.js:
  • Animometer/tests/template/resources/template-css.js:
  • Animometer/tests/template/resources/template-svg.js:
  • Animometer/tests/text/resources/layering-text.js:
7:30 PM Changeset in webkit [196293] by jonlee@apple.com
  • 4 edits in trunk/PerformanceTests

Make the fixed controller a step controller instead. Halfway through the test
it will bump up the complexity 4-fold. Calculate the step timestamp using options
instead of a separate parameter to the Controller constructor.

  • Animometer/developer.html: Change value to "step"
  • Animometer/resources/debug-runner/animometer.js:

(window.suitesManager.updateEditsElementsState): Show number inputs when set to "step".

  • Animometer/tests/resources/main.js:

(update): Provide a hook for subclasses to tune.
(StepController): Maintain a flag determining whether we've stepped, and the time
we should step.
(Benchmark): Use the new StepController.

7:30 PM Changeset in webkit [196292] by jonlee@apple.com
  • 5 edits in trunk/PerformanceTests

Adjust the FPS graph scale.

Instead of making the FPS graph linearly scale, scale it based on the frame length,
but show the data in terms of FPS. Because it is inversely proportional, and most
of the data never gets below 20, concentrate the axis from 20-60 FPS, since otherwise
over half of the available graph space ends up blank.

This means we should convert all of the FPS data to frame length data.

  • Animometer/resources/debug-runner/graph.js: Update the domain to be based on

frame length in milliseconds instead of FPS. Update the cursor to consider all of the
values being shown, and then pick the min and max values to represent the length of the
cursor.

  • Animometer/resources/runner/animometer.js:
  • Animometer/resources/strings.js:
  • Animometer/tests/resources/main.js:

(processSamples): Add the ability to only sample a range of the data instead of everything
after an offset index. Update sampler to record the frame lengths instead of the frame
rate.

7:30 PM Changeset in webkit [196291] by jonlee@apple.com
  • 4 edits in trunk/PerformanceTests

Add option to use different methods for retrieving a timestamp.

  • Animometer/developer.html: Add performance.now and Date.now options.
  • Animometer/resources/runner/animometer.js: Default to performance.now.

(window.benchmarkController.startBenchmark):

  • Animometer/tests/resources/main.js: Tie the desired method to _getTimestamp.

(run): Use _getTimestamp.
(_animateLoop): Ditto.

7:30 PM Changeset in webkit [196290] by jonlee@apple.com
  • 7 edits in trunk/PerformanceTests

Allow adding any number of markers to the graph. The markers can be labeled
and contain timestamp and sample index data. Make it a part of the controller
rather than keeping it in the sampler.

  • Animometer/resources/debug-runner/animometer.css: Add styles for markers
  • Animometer/resources/debug-runner/graph.js: Create the markers and add

text labels.

  • Animometer/resources/runner/animometer.js: Assume the samplingTimeOffset

is just one of the marks provided.

  • Animometer/resources/strings.js: Add Strings.json.marks.
  • Animometer/tests/resources/main.js:

(Controller): Keep marks here. They are keyed by the marker name, so no two
markers should have the same name.
(recordFirstSample): Refactor to use mark.
(mark): Allows for arbitrary data if needed later. The timestamp maintained
is relative to the absolute start timestamp.
(containsMark): Checks whether a mark with a specific comment exists.
(processSamples): Removes the _startTimestamp offset from the marks before
setting it in results.

  • Animometer/tests/resources/sampler.js: Remove marks.
7:30 PM Changeset in webkit [196289] by jonlee@apple.com
  • 22 edits in trunk/PerformanceTests

Get rid of options member variable in Benchmark.

Options are only needed when initializing the stage or benchmark, so there's no
need to also keep a reference to it.

  • Animometer/tests/resources/main.js: Get rid of options variable in Benchmark.

Pass options to Controllers and Stages.
(Controller.Utilities.createClass):
(Benchmark.Utilities.createClass):
(get options): Deleted.

  • Animometer/tests/bouncing-particles/resources/bouncing-canvas-images.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-canvas-particles.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-canvas-shapes.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-css-images.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-css-shapes.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-particles.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-svg-images.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-svg-shapes.js:
  • Animometer/tests/master/resources/canvas-stage.js:
  • Animometer/tests/master/resources/canvas-tests.js:
  • Animometer/tests/master/resources/particles.js:
  • Animometer/tests/misc/resources/canvas-electrons.js:
  • Animometer/tests/misc/resources/canvas-stars.js:
  • Animometer/tests/misc/resources/compositing-transforms.js:
  • Animometer/tests/simple/resources/simple-canvas-paths.js:
  • Animometer/tests/simple/resources/tiled-canvas-image.js:
  • Animometer/tests/template/resources/template-canvas.js:
  • Animometer/tests/template/resources/template-css.js:
  • Animometer/tests/template/resources/template-svg.js:
  • Animometer/tests/text/resources/layering-text.js:
7:25 PM Changeset in webkit [196288] by jonlee@apple.com
  • 10 edits in trunk/PerformanceTests

Update how the benchmark is run
https://bugs.webkit.org/show_bug.cgi?id=153960

Provisionally reviewed by Said Abou-Hallawa.

Introduce the notion of a Controller. It is responsible for recording, updating,
and processing the statistics and complexity of the benchmark. This allows
plugging in different Controllers.

This strips most of the functionality from Animator and BenchmarkState, so fold
what's left into Benchmark. Now, Benchmarks only own a stage and a controller, but
are responsible for driving the animation loop.

Rewrite Animator._shouldRequestAnotherFrame into two different Controllers. One
maintains a fixed complexity, and the other adapts the complexity to meet a
fixed FPS.

Fix the Kalman estimator to be modeled on a scalar variable with no model.

  • Animometer/tests/resources/main.js: Remove BenchmarkState and Animator, and

replace it with a Controller. Add a FixedController and refactor the previous controller
to an AdaptiveController.

(Controller): Controllers own the estimator and the sampler. When a new frame is
displayed, the animation loop calls update(). The estimator and sampler record
stats, then tune. Samplers can track multiple series of data. The basic controller
tracks timestamp, complexity, and estimated frame rate.

The Kalman estimation is based on the frame length rather than the frame

rate. Because FPS is inverse proportional to frame length, in the case where the measured
frame length is very small, the FPS ends up being a wildly large number (in the order of
600-1000 "FPS"), and it pulls the estimator up drastically enough that it takes a while
for it to settle back down. Using frame length reduces the impact of these spikes.

Converging the estimation takes enough time to avoid initializing it immediately

when the benchmark starts. Instead, the benchmark runs for a brief period of time (100ms)
before running it in earnest. Allow controllers an opportunity to set the complexity
before starting recording.

When the benchmark is complete, the controller has an opportunity to process

the samples. The default implementation calculates the raw FPS based on the time
difference of the samples, and calculates the complexity score. This is moved from
Benchmark.processSamples.

(Controller): Initialize timestamps. These are at first relative to the start of the
benchmark, but are offset by the absolute start time during start(). By default maintain
3 data series, but subclasses can override.
(start): Calls recordFirstSample() for subclasses to override if needed.
(recordFirstSample): For basic controller, start sampling at the beginning.
(update): Update the frame length estimator and sample.
(shouldStop): Checks that the time is before _endTimestamp.
(results): Returns the processed samples.
(processSamples): Iterate through the sample data and collate them. Include scores.

(FixedComplexityController): Controller that tunes the stage to the desired complexity
prior to starting, and keeps it at that complexity.

(AdaptiveController): Have the estimator estimate the interval frame rate instead of the
raw frame rate.

The previous version of this controller ignored the frame that came after the

adjustment. The raw FPS show that whatever noise the scene change adds is negligible
compared to the noise of the system overall. Stop ignoring that frame and include all
frames in the measurements.

(Benchmark): Remove dependency on animator, and instantiate a runner based on what is
selected. Most of the loop's functionality is in Controller, so remove here.
(Benchmark.run): Remove start() since it is only called from run(), and fold it in here.
(Benchmark._animateLoop): Fold in from Animator.animateLoop. Let the benchmark run for
a brief period before calling Controller.start().

  • Animometer/tests/resources/math.js: Fix the Kalman estimator. The filter estimates

a scalar variable, and makes basic assumptions regarding the model. As a result
none of the linear algebra classes are needed, so remove Matrix, Vector3, and Matrix3.
(SimpleKalmanEstimator): Calculate the gain based on the provided process and
measurement errors.
(KalmanEstimator): Deleted.
(IdentityEstimator): Deleted.
(PIDController): Refactor to use the Utilities.createClass() helper.

The Kalman filter algorithm is explained here http://greg.czerniak.info/guides/kalman1/.
The state, represented by a scalar, is the estimated frame length. There is no user
transition of the state, and the state is the same as the measurement. With this model,
the estimation error converges, so calculate the gain ahead of time.

  • Animometer/developer.html: Remove fixed-after-warmup since it is not useful.

Replace the option to toggle the estimator, and make it possible to customize the
estimator's error parameters. Show raw FPS by default, and remove interval FPS,
which will be shown instead of the filtered raw FPS.

  • Animometer/resources/debug-runner/animometer.css: Put the header behind the graph.

Remove #intervalFPS rules; move the color to #filteredFPS.

  • Animometer/resources/debug-runner/graph.js:

(updateGraphData): Update the hr style to force the layout to be calculated
correctly. Change the tick format to be in terms of seconds, since the timestamps
are in milliseconds. Remove interval data.

  • Animometer/resources/runner/animometer.js:

(window.benchmarkController.startBenchmark): Set Kalman parameters.

  • Animometer/resources/runner/benchmark-runner.js:

(_runBenchmarkAndRecordResults): When a benchmark completes, expect it to return
the final data, rather than passing a sampler from the controller. This avoids
needing to expose the sampler variable in the benchmark.

  • Animometer/tests/resources/sampler.js:

(process): Move the setting of the target frame rate to AdaptiveController.

7:04 PM Changeset in webkit [196287] by n_wang@apple.com
  • 5 edits
    2 adds in trunk

AX: crash at WebCore::Range::selectNodeContents(WebCore::Node*, int&)
https://bugs.webkit.org/show_bug.cgi?id=154018

Reviewed by Chris Fleizach.

Source/WebCore:

Sometimes rangeForUnorderedCharacterOffsets call is accessing derefed node objects
and leading to a crash. Fixed it by checking isNodeInUse before creating the CharacterOffset
object.

Test: accessibility/text-marker/text-marker-range-stale-node-crash.html

  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::visiblePositionForTextMarkerData):
(WebCore::AXObjectCache::characterOffsetForTextMarkerData):
(WebCore::AXObjectCache::traverseToOffsetInRange):

  • accessibility/AXObjectCache.h:
  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper rangeForTextMarkerRange:]):
(characterOffsetForTextMarker):
(-[WebAccessibilityObjectWrapper characterOffsetForTextMarker:]):
(textMarkerForVisiblePosition):

LayoutTests:

  • accessibility/text-marker/text-marker-range-stale-node-crash-expected.txt: Added.
  • accessibility/text-marker/text-marker-range-stale-node-crash.html: Added.
6:22 PM Changeset in webkit [196286] by akling@apple.com
  • 7 edits in trunk/Source

[iOS] Throw away some unlinked code when navigating to a new page.
<https://webkit.org/b/154014>

Reviewed by Gavin Barraclough.

Source/JavaScriptCore:

  • runtime/VM.cpp:

(JSC::VM::deleteAllCodeExceptCaches):
(JSC::VM::deleteAllLinkedCode): Deleted.

  • runtime/VM.h:

Source/WebCore:

Extended the mechanism introduced earlier to also throw away unlinked code
that's only relevant to the page that we're navigating away from.

The new JSC::VM API is deleteAllCodeExceptCaches() and it does what it sounds
like, deleting unlinked and linked code but leaving code caches alone.

This means that if the page we're navigating to wants to parse some of the
same JS that the page we're leaving had on it, it might still be found in the
JSC::CodeCache.

Doing a back navigation to a PageCache'd page may now incur some reparsing,
just like leaving the app or tab would.

  • bindings/js/GCController.cpp:

(WebCore::GCController::deleteAllCodeExceptCaches):
(WebCore::GCController::deleteAllLinkedCode): Deleted.

  • bindings/js/GCController.h:
  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad):

5:55 PM Changeset in webkit [196285] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Search doesn't seem to find text that is present in multiple places
https://bugs.webkit.org/show_bug.cgi?id=154016
<rdar://problem/23391307>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-08
Reviewed by Brian Burg.

  • UserInterface/Controllers/DebuggerManager.js:

(WebInspector.DebuggerManager.prototype.get searchableScripts):

  • UserInterface/Views/SearchSidebarPanel.js:

(WebInspector.SearchSidebarPanel.prototype.performSearch):
Only search scripts with a URL. Don't search the potentially
large number of anonymous scripts.

5:50 PM Changeset in webkit [196284] by commit-queue@webkit.org
  • 4 edits
    2 adds in trunk

Web Inspector: Zooming in on the timeline graph does not increase its time resolution from minutes
https://bugs.webkit.org/show_bug.cgi?id=154013
<rdar://problem/23844527>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-08
Reviewed by Brian Burg.

Source/WebInspectorUI:

  • UserInterface/Base/Utilities.js:

(Number.secondsToString):
Simplify logic and ensure that when under high resolution we
don't go above seconds for our units.

(Number.bytesToString):
Simplify logic.

  • UserInterface/Views/LinearTimelineOverview.js:

(WebInspector.LinearTimelineOverview):
Reduce the rather large maximum seconds per pixel from 60 seconds
per pixel to 2 seconds per pixel. This means when the user zooms
out of a timeline they don't see such large time values.

LayoutTests:

  • inspector/unit-tests/number-utilities-expected.txt: Added.
  • inspector/unit-tests/number-utilities.html: Added.

Basic tests for our Number utilities methods.

5:26 PM Changeset in webkit [196283] by dbates@webkit.org
  • 23 edits
    30 adds in trunk

CSP connect-src directive should block redirects
https://bugs.webkit.org/show_bug.cgi?id=69359
<rdar://problem/24383025>

Reviewed by Brent Fulgham.

Source/WebCore:

Inspired by Blink patch:
<https://src.chromium.org/viewvc/blink?revision=150246&view=revision>

Apply the connect-src directive of the Content Security Policy for the document or worker to the redirect URL
of an XMLHttpRequest and EventSource load so as to conform to section Paths and Redirects of the CSP 2.0 spec.,
<https://w3c.github.io/webappsec-csp/2/#source-list-paths-and-redirects> (29 August 2015).

Additionally, check that each requested script URL passed to WorkerGlobalScope.importScripts() is allowed by
the CSP of the worker before initiating a load for it. If some URL i is blocked by the CSP policy
then we do not try to load URLs j >= i.

Tests: http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-block-aborts-all-subsequent-imports.html

http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked.html
http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin.html
http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-allowed.html
http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked.html
http/tests/security/contentSecurityPolicy/worker-without-csp-importScripts-redirect-cross-origin-allowed.html
http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-redirect.html
http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-importScript-redirect-cross-origin.html
http/tests/security/isolatedWorld/bypass-main-world-csp-worker-importScripts-redirect-cross-origin.html
http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr-redirect-cross-origin.html
http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr.html

  • fileapi/FileReaderLoader.cpp:

(WebCore::FileReaderLoader::start): Do not enforce a CSP directive as CSP is not applicable to File API.

  • inspector/InspectorNetworkAgent.cpp:

(WebCore::InspectorNetworkAgent::loadResource): Do not enforce a CSP directive as CSP should not interfere
with the Web Inspector.

  • loader/DocumentThreadableLoader.cpp:

(WebCore::DocumentThreadableLoader::loadResourceSynchronously): Modified to take an optional ContentSecurityPolicy
and pass it through to DocumentThreadableLoader::create().
(WebCore::DocumentThreadableLoader::create): Modified to take an optional ContentSecurityPolicy and pass it through
to DocumentThreadableLoader::DocumentThreadableLoader().
(WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Modified to take an optional ContentSecurityPolicy.
Asserts that the CSP allows the load of the request URL so as to catch when a caller creates a loader for a request
that is not allowed by the CSP. The caller should not create a loader for such a request.
(WebCore::DocumentThreadableLoader::redirectReceived): Check if the CSP allows the redirect URL. If it does not
then notify the client that the redirect check failed.
(WebCore::DocumentThreadableLoader::loadRequest): Ditto.
(WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Checks that the specified URL is allowed
by the enforced CSP directive.
(WebCore::DocumentThreadableLoader::contentSecurityPolicy): Returns the ContentSecurityPolicy object passed to
DocumentThreadableLoader on instantiation or the ContentSecurityPolicy object of the associated document.

  • loader/DocumentThreadableLoader.h: Add overloaded variants of DocumentThreadableLoader::{create, loadResourceSynchronously}()

that take a std::unique_ptr<ContentSecurityPolicy>&&. Remove some unnecessary headers.

  • loader/ThreadableLoader.cpp:

(WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Take the CSP directive to enforce and store it.
(WebCore::ThreadableLoaderOptions::isolatedCopy): Copy the CSP directive to enforce.

  • loader/ThreadableLoader.h: Added member field to store the CSP directive to enforce (defaults to enforce the

directive connect-src - the most appropriate directive in most circumstances). As of the time of writing,
only WorkerGlobalScope.importScripts() enforces a different directive: script-src.

  • loader/WorkerThreadableLoader.cpp:

(WebCore::WorkerThreadableLoader::WorkerThreadableLoader): Pass the SecurityOrigin and ContentSecurityPolicy associated
with the WorkerGlobalScope to WorkerThreadableLoader::MainThreadBridge::MainThreadBridge().
(WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass a copy of the worker's ContentSecurityPolicy
to the DocumentThreadableLoader.

  • loader/WorkerThreadableLoader.h:
  • page/EventSource.cpp:

(WebCore::EventSource::connect): Enforce the CSP directive connect-src on redirects unless we are running in an isolated world.

  • workers/AbstractWorker.cpp:

(WebCore::AbstractWorker::resolveURL): Modified to take a boolean whether to bypass the main world Content Security Policy
instead of querying for it directly.

  • workers/AbstractWorker.h:
  • workers/Worker.cpp:

(WebCore::Worker::create): Added FIXME to enforce child-src directive of the document's CSP to the worker's script URL
on redirect once we fix <https://bugs.webkit.org/show_bug.cgi?id=153562>. For now, do not enforce a CSP policy on redirect
of the worker's script URL.

  • workers/WorkerGlobalScope.cpp:

(WebCore::WorkerGlobalScope::importScripts): Check that the requested URL is allowed by the CSP of the worker (if applicable).
Enforce the CSP directive script-src on redirects unless we are running in an isolated world.

  • workers/WorkerScriptLoader.cpp:

(WebCore::WorkerScriptLoader::loadSynchronously): Pass SecurityOrigin and ContentSecurityPolicyEnforcement to WorkerThreadableLoader.
(WebCore::WorkerScriptLoader::loadAsynchronously): Ditto.

  • workers/WorkerScriptLoader.h:
  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::createRequest): Enforce the CSP directive connect-src on redirects unless we are running in
an isolated world.

LayoutTests:

Add more tests, update erroneous expected results, and remove some entries from TestExpectations for tests
that now pass.

  • TestExpectations: Remove entries for tests that now pass. The failure of test http/tests/security/contentSecurityPolicy/worker-importscripts-blocked.html

was erroneously attributed to <https://bugs.webkit.org/show_bug.cgi?id=153562>.

  • http/tests/security/contentSecurityPolicy/resources/determine-content-security-policy-header.php: Added.
  • http/tests/security/contentSecurityPolicy/resources/script-set-value.js: Use global variable self instead of window so as to

make this script work both from a Document and a Web Worker. In a document, self refers to the Window object and in a worker
it refers to the WorkerGlobalScope object.

  • http/tests/security/contentSecurityPolicy/resources/worker-importScript-redirect-cross-origin-allowed.php: Added.
  • http/tests/security/contentSecurityPolicy/resources/worker-importScript-redirect-cross-origin-blocked.php: Added.
  • http/tests/security/contentSecurityPolicy/resources/worker-xhr-allowed.php: Added.
  • http/tests/security/contentSecurityPolicy/resources/worker-xhr-redirect-cross-origin-allowed.php: Added.
  • http/tests/security/contentSecurityPolicy/resources/worker-xhr-redirect-cross-origin-blocked.php: Added.
  • http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-expected.txt: Remove Blink-specific messages so that the test passes.
  • http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-block-aborts-all-subsequent-imports-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-block-aborts-all-subsequent-imports.html: Added.
  • http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin.html: Added.
  • http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/worker-importscripts-blocked-expected.txt: Substitute Blink-specific error text with the analogous WebKit error text.
  • http/tests/security/contentSecurityPolicy/worker-importscripts-blocked.html: Ditto.
  • http/tests/security/contentSecurityPolicy/worker-without-csp-importScripts-redirect-cross-origin-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/worker-without-csp-importScripts-redirect-cross-origin-allowed.html: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-redirect-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-redirect.html: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-importScript-redirect-cross-origin-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-importScript-redirect-cross-origin.html: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-importScripts-redirect-cross-origin-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-importScript-redirect-cross-origin-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-importScripts-redirect-cross-origin-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-importScripts-redirect-cross-origin.html: Added.
  • http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr-redirect-cross-origin-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr-redirect-cross-origin.html: Added.
  • http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr.html: Added.
5:25 PM Changeset in webkit [196282] by Antti Koivisto
  • 2 edits in trunk/Source/WebCore

Try to fix Yosemite build.

  • dom/ComposedTreeIterator.h:

(WebCore::ComposedTreeIterator::ComposedTreeIterator):
(WebCore::ComposedTreeIterator::traverseNext):

5:15 PM Changeset in webkit [196281] by Antti Koivisto
  • 5 edits
    1 add in trunk/Source/WebCore

Implement ComposedTreeIterator in terms of ElementAndTextDescendantIterator
https://bugs.webkit.org/show_bug.cgi?id=154003

Reviewed by Darin Adler.

Currently ComposedTreeIterator implements tree traversal using NodeTraversal. This makes it overly complicated.
It can also return nodes other than Element and Text which should not be part of the composed tree.

This patch adds a new iterator type, ElementAndTextDescendantIterator, similar to the existing ElementDescendantIterator.
ComposedTreeIterator is then implemented using this new iterator.

When entering a shadow tree or a slot the local iterator is pushed along with the context stack and a new local
iterator is initialized for the new context. When leaving a shadow tree the context stack is popped and the previous
local iterator becomes active.

  • WebCore.xcodeproj/project.pbxproj:
  • dom/ComposedTreeIterator.cpp:

(WebCore::ComposedTreeIterator::ComposedTreeIterator):
(WebCore::ComposedTreeIterator::initializeContextStack):
(WebCore::ComposedTreeIterator::pushContext):
(WebCore::ComposedTreeIterator::traverseNextInShadowTree):
(WebCore::ComposedTreeIterator::traverseNextLeavingContext):
(WebCore::ComposedTreeIterator::advanceInSlot):
(WebCore::ComposedTreeIterator::traverseSiblingInSlot):
(WebCore::ComposedTreeIterator::initializeShadowStack): Deleted.
(WebCore::ComposedTreeIterator::traverseParentInShadowTree): Deleted.
(WebCore::ComposedTreeIterator::traverseNextSiblingSlot): Deleted.
(WebCore::ComposedTreeIterator::traversePreviousSiblingSlot): Deleted.

  • dom/ComposedTreeIterator.h:

(WebCore::ComposedTreeIterator::operator*):
(WebCore::ComposedTreeIterator::operator->):
(WebCore::ComposedTreeIterator::operator==):
(WebCore::ComposedTreeIterator::operator!=):
(WebCore::ComposedTreeIterator::operator++):
(WebCore::ComposedTreeIterator::Context::Context):
(WebCore::ComposedTreeIterator::context):
(WebCore::ComposedTreeIterator::current):
(WebCore::ComposedTreeIterator::ComposedTreeIterator):
(WebCore::ComposedTreeIterator::traverseNext):
(WebCore::ComposedTreeIterator::traverseNextSkippingChildren):
(WebCore::ComposedTreeIterator::traverseNextSibling):
(WebCore::ComposedTreeIterator::traversePreviousSibling):
(WebCore::ComposedTreeDescendantAdapter::ComposedTreeDescendantAdapter):
(WebCore::ComposedTreeDescendantAdapter::begin):
(WebCore::ComposedTreeDescendantAdapter::end):
(WebCore::ComposedTreeDescendantAdapter::at):
(WebCore::ComposedTreeChildAdapter::Iterator::Iterator):
(WebCore::ComposedTreeChildAdapter::ComposedTreeChildAdapter):
(WebCore::ComposedTreeChildAdapter::begin):
(WebCore::ComposedTreeChildAdapter::end):
(WebCore::ComposedTreeChildAdapter::at):
(WebCore::ComposedTreeIterator::ShadowContext::ShadowContext): Deleted.
(WebCore::ComposedTreeIterator::traverseParent): Deleted.

  • dom/ElementAndTextDescendantIterator.h: Added.

New iterator type that traverses Element and Text nodes (that is renderable nodes only).
It also tracks depth for future use.

5:06 PM Changeset in webkit [196280] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

B3::foldPathConstants() needs to execute its insertion set
https://bugs.webkit.org/show_bug.cgi?id=154020

Reviewed by Saam Barati.

  • b3/B3FoldPathConstants.cpp:
  • b3/testb3.cpp:

(JSC::B3::testFoldPathEqual): Added this. It used to crash in validation.
(JSC::B3::run):

3:29 PM Changeset in webkit [196279] by bshafiei@apple.com
  • 1 copy in tags/Safari-601.3.9.1.3

New tag.

3:18 PM Changeset in webkit [196278] by bshafiei@apple.com
  • 20 edits
    2 copies in branches/safari-601-branch

Merged r187245. rdar://problem/19861992

3:15 PM Changeset in webkit [196277] by bshafiei@apple.com
  • 20 edits
    2 copies in branches/safari-601.3.9.1-branch

Merged r187245. rdar://problem/19861992

3:14 PM Changeset in webkit [196276] by Yusuke Suzuki
  • 5 edits in trunk/Source/JavaScriptCore

[JSC] Introduce @isObject bytecode intrinsic and use it instead of JS implemented one
https://bugs.webkit.org/show_bug.cgi?id=153976

Reviewed by Darin Adler.

Use bytecode op_is_object directly.

  • builtins/GlobalObject.js:

(isObject): Deleted.

  • bytecode/BytecodeIntrinsicRegistry.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::BytecodeIntrinsicNode::emit_intrinsic_toString):
(JSC::BytecodeIntrinsicNode::emit_intrinsic_isObject):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init): Deleted.

3:13 PM Changeset in webkit [196275] by commit-queue@webkit.org
  • 22 edits in trunk/Source/WebInspectorUI

Web Inspector: Extract a few common unicode characters into global variables
https://bugs.webkit.org/show_bug.cgi?id=154008

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-08
Reviewed by Timothy Hatcher.

  • UserInterface/Base/Utilities.js:

Create global variables for emDash and ellipsis to use all over the tools.

  • UserInterface/Views/ConsoleMessageView.js:

(WebInspector.ConsoleMessageView.prototype._formatParameterAsTable): Deleted.

  • UserInterface/Views/DefaultDashboardView.js:

(WebInspector.DefaultDashboardView.prototype._updateDisplay):

  • UserInterface/Views/HierarchicalPathComponent.js:

(WebInspector.HierarchicalPathComponent.prototype._updateElementTitleAndText):
(WebInspector.HierarchicalPathComponent.prototype._updateSelectElement.createOption):
(WebInspector.HierarchicalPathComponent.prototype._updateSelectElement):

  • UserInterface/Views/HierarchicalPathNavigationItem.js:

(WebInspector.HierarchicalPathNavigationItem.prototype.updateLayout):

  • UserInterface/Views/LayerTreeDataGridNode.js:

(WebInspector.LayerTreeDataGridNode.prototype.set layer):

  • UserInterface/Views/LayoutTimelineDataGridNode.js:

(WebInspector.LayoutTimelineDataGridNode.prototype.createCellContent):
(WebInspector.LayoutTimelineDataGridNode):

  • UserInterface/Views/MemoryCategoryView.js:

(WebInspector.MemoryCategoryView.prototype._updateDetails): Deleted.
(WebInspector.MemoryCategoryView): Deleted.

  • UserInterface/Views/MemoryTimelineView.js:

(WebInspector.MemoryTimelineView.prototype._clearUsageLegend):
(WebInspector.MemoryTimelineView.prototype._updateUsageLegend):
(WebInspector.MemoryTimelineView.prototype._clearMaxComparisonLegend):
(WebInspector.MemoryTimelineView.prototype._updateMaxComparisonLegend):

  • UserInterface/Views/MultipleScopeBarItem.js:

(WebInspector.MultipleScopeBarItem.set scopeBarItems.createOption):
(WebInspector.MultipleScopeBarItem.prototype.set scopeBarItems):

  • UserInterface/Views/ObjectPreviewView.js:

(WebInspector.ObjectPreviewView.prototype._appendEntryPreviews):
(WebInspector.ObjectPreviewView.prototype._appendPropertyPreviews):

  • UserInterface/Views/ProfileNodeDataGridNode.js:

(WebInspector.ProfileNodeDataGridNode.prototype.createCellContent):
(WebInspector.ProfileNodeDataGridNode):

  • UserInterface/Views/RenderingFrameTimelineDataGridNode.js:

(WebInspector.RenderingFrameTimelineDataGridNode.prototype.createCellContent):
(WebInspector.RenderingFrameTimelineDataGridNode):

  • UserInterface/Views/ResourceDetailsSidebarPanel.js:

(WebInspector.ResourceDetailsSidebarPanel.prototype._refreshRequestAndResponse): Deleted.
(WebInspector.ResourceDetailsSidebarPanel.prototype._valueForSize): Deleted.

  • UserInterface/Views/ResourceTimelineDataGridNode.js:

(WebInspector.ResourceTimelineDataGridNode.prototype.createCellContent):

  • UserInterface/Views/ScriptTimelineDataGridNode.js:

(WebInspector.ScriptTimelineDataGridNode.prototype.createCellContent):
(WebInspector.ScriptTimelineDataGridNode):

  • UserInterface/Views/SearchResultTreeElement.js:

(WebInspector.SearchResultTreeElement.truncateAndHighlightTitle):

  • UserInterface/Views/TimelineDataGridNode.js:

(WebInspector.TimelineDataGridNode.prototype.createCellContent):

  • UserInterface/Views/TypeTreeElement.js:

(WebInspector.TypeTreeElement.prototype.onpopulate):

  • UserInterface/Views/TypeTreeView.js:

(WebInspector.TypeTreeView.prototype._populate):
(WebInspector.TypeTreeView):

3:12 PM Changeset in webkit [196274] by Yusuke Suzuki
  • 6 edits in trunk

{Map,Set}.prototype.forEach should be visible as own properties
https://bugs.webkit.org/show_bug.cgi?id=153974

Reviewed by Darin Adler.

Source/JavaScriptCore:

Now, Map and Set uses builtin tables. We should inlude it in class info.

  • runtime/MapPrototype.cpp:
  • runtime/SetPrototype.cpp:

LayoutTests:

  • js/Object-getOwnPropertyNames-expected.txt:
  • js/script-tests/Object-getOwnPropertyNames.js:
3:00 PM Changeset in webkit [196273] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Baseline JIT should not require its input to be constant-propagated
https://bugs.webkit.org/show_bug.cgi?id=154011
rdar://problem/24290933

Reviewed by Mark Lam.

  • jit/JITArithmetic.cpp:

(JSC::JIT::emitBitBinaryOpFastPath):
(JSC::JIT::emitRightShiftFastPath):
(JSC::JIT::emit_op_add):
(JSC::JIT::emit_op_div):
(JSC::JIT::emit_op_mul):

2:31 PM Changeset in webkit [196272] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

CodeCache should give up on evals if there are variables under TDZ
https://bugs.webkit.org/show_bug.cgi?id=154002
rdar://problem/24300998

Reviewed by Mark Lam.

Disable the code cache optimization because our approach to TDZ for scoped variables - using
a separate check_tdz opcode when logically it's the get_from_scope's job to do it - makes
caching code impossible if there are any variables in TDZ.

We should do the right thing in the future, and fold the TDZ check into the get_from_scope.
This is better not only because it will restore caching, but because our bytecode for heap
accesses is usually at the highest practically doable level of abstraction, so that ICs,
compilers and caches can see the intended meaning of the bytecode more easily.

This doesn't appear to slow anything down, but that's just because we don't have enough ES6
benchmarks. I've filed: https://bugs.webkit.org/show_bug.cgi?id=154010

  • runtime/CodeCache.cpp:

(JSC::CodeCache::getGlobalCodeBlock):

2:07 PM Changeset in webkit [196271] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: ⇧⌘→ when editing text in the Elements tree shouldn't switch inspector tab
https://bugs.webkit.org/show_bug.cgi?id=154006
<rdar://problem/22892489>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-08
Reviewed by Timothy Hatcher.

  • UserInterface/Views/EditingSupport.js:

(WebInspector.isEventTargetAnEditableField):
Check the WebInspector's custom editing state.

1:50 PM Changeset in webkit [196270] by commit-queue@webkit.org
  • 4 edits
    2 adds in trunk

Web Inspector: copy({x:1}) should copy "{x:1}", not "[object Object]"
https://bugs.webkit.org/show_bug.cgi?id=148605

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-08
Reviewed by Brian Burg.

Source/WebCore:

Test: inspector/console/command-line-api-copy.html

  • inspector/CommandLineAPIModuleSource.js:

(CommandLineAPIImpl.prototype.copy):
Support copying different types. This is meant to be more
convenient then just JSON.stringify, so it handles types
like Node, Symbol, RegExp, and Function a bit better.

LayoutTests:

  • inspector/console/command-line-api-copy-expected.txt: Added.
  • inspector/console/command-line-api-copy.html: Added.
  • http/tests/inspector/console/cross-domain-inspected-node-access-expected.txt:
1:47 PM Changeset in webkit [196269] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark fast/text/crash-complex-text-surrogate.html as flaky on mac-wk2
https://bugs.webkit.org/show_bug.cgi?id=154005

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
12:54 PM Changeset in webkit [196268] by commit-queue@webkit.org
  • 19 edits
    2 adds in trunk

REGRESSION(r181345): SVG polyline and polygon leak page
https://bugs.webkit.org/show_bug.cgi?id=152759

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-02-08
Reviewed by Darin Adler.

Source/WebCore:

The leak happens because of cyclic reference between SVGListPropertyTearOff
and SVGAnimatedListPropertyTearOff which is derived from SVGAnimatedProperty.
There is also cyclic reference between SVGAnimatedProperty and SVGElement
and this causes the whole document to be leaked. So if the JS requests, for
example, an instance of SVGPolylineElement.points, the whole document will be
leaked.

The fix depends on having the cyclic reference as is since the owning and the
owned classes have to live together if any of them is referenced. But the owning
class caches a raw 'ref-counted' pointer of the owned class. If it is requested
for an instance of the owned class it returned a RefPtr<> of it. Once the owned
class is not used, it can delete itself. The only thing needed here is to notify
the owner class of the deletion so it cleans its caches and be able to create a
new pointer if it is requested for an instance of the owned class later.

Revert the change of r181345 in SVGAnimatedProperty::lookupOrCreateWrapper()
to break the cyclic reference between SVGElement and SVGAnimatedProperty.

Also apply the same approach in SVGAnimatedListPropertyTearOff::baseVal() and
animVal() to break cyclic reference between SVGListPropertyTearOff and
SVGAnimatedListPropertyTearOff.

Test: svg/animations/smil-leak-list-property-instances.svg

  • bindings/scripts/CodeGeneratorJS.pm:

(NativeToJSValue): The SVG non-string list tear-off properties became of
type RefPtr<>. So we need to use get() with the casting expressions.

  • svg/SVGMarkerElement.cpp:

(WebCore::SVGMarkerElement::orientType):
Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().

  • svg/SVGPathElement.cpp:

(WebCore::SVGPathElement::pathByteStream):
(WebCore::SVGPathElement::lookupOrCreateDWrapper):
Since SVGAnimatedProperty::lookupWrappe() returns a RefPtr<> we need to
use get() for the casting expressions.

(WebCore::SVGPathElement::pathSegList):
(WebCore::SVGPathElement::normalizedPathSegList):
(WebCore::SVGPathElement::animatedPathSegList):
(WebCore::SVGPathElement::animatedNormalizedPathSegList):

  • svg/SVGPathElement.h:

Change the return value from raw pointer to RefPtr<>.

  • svg/SVGPathSegWithContext.h:

(WebCore::SVGPathSegWithContext::animatedProperty):
Change the return type to be RefPtr<> to preserve the value from being deleted.

  • svg/SVGPolyElement.cpp:

(WebCore::SVGPolyElement::parseAttribute):
Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to
use get() for the casting expressions.

(WebCore::SVGPolyElement::points):
(WebCore::SVGPolyElement::animatedPoints):

  • svg/SVGPolyElement.h:

Change the return value from raw pointer to RefPtr<>.

  • svg/SVGViewSpec.cpp:

(WebCore::SVGViewSpec::setTransformString):
Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to
use get() for the casting expressions.

(WebCore::SVGViewSpec::transform):

  • svg/SVGViewSpec.h:

Change the return value from raw pointer to RefPtr<>.

  • svg/properties/SVGAnimatedListPropertyTearOff.h:

(WebCore::SVGAnimatedListPropertyTearOff::baseVal):
(WebCore::SVGAnimatedListPropertyTearOff::animVal):
Change the return value from raw pointer to RefPtr<> and change the cached
value from RefPtr<> to raw pointer. If the property is null, it will be
created, its raw pointer will be cached and the only ref-counted RefPtr<>
will be returned. This will guarantee, the RefPtr<> will be deleted once
it is not used anymore.

(WebCore::SVGAnimatedListPropertyTearOff::propertyWillBeDeleted):
Clean the raw pointer caches m_baseVal and m_animVal upon deleting the
actual pointer. This function will be called from the destructor of
SVGListPropertyTearOff.

(WebCore::SVGAnimatedListPropertyTearOff::findItem):
(WebCore::SVGAnimatedListPropertyTearOff::removeItemFromList):
We have to ensure the baseVal() is created before using it.

(WebCore::SVGAnimatedListPropertyTearOff::detachListWrappers):
(WebCore::SVGAnimatedListPropertyTearOff::currentAnimatedValue):
(WebCore::SVGAnimatedListPropertyTearOff::animationStarted):
(WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
(WebCore::SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded):
(WebCore::SVGAnimatedListPropertyTearOff::animValWillChange):
(WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
For animation, a separate RefPtr<> 'm_animatingAnimVal' will be assigned
to the animVal(). This will prevent deleting m_animVal while animation.

  • svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:

(WebCore::SVGAnimatedPathSegListPropertyTearOff::baseVal):
(WebCore::SVGAnimatedPathSegListPropertyTearOff::animVal):
Same as what is done in SVGAnimatedListPropertyTearOff.

(WebCore::SVGAnimatedPathSegListPropertyTearOff::findItem):
(WebCore::SVGAnimatedPathSegListPropertyTearOff::removeItemFromList):
Same as what is done in SVGAnimatedListPropertyTearOff.

  • svg/properties/SVGAnimatedProperty.h:

(WebCore::SVGAnimatedProperty::lookupOrCreateWrapper):
Change the return value from raw reference to Ref<> and change the
cached value from Ref<> to raw pointer. This reverts the change of
r181345 in this function.

(WebCore::SVGAnimatedProperty::lookupWrapper):
Change the return value from raw pointer to RefPtr<>.

  • svg/properties/SVGAnimatedPropertyMacros.h:

Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().

  • svg/properties/SVGAnimatedTransformListPropertyTearOff.h:

(WebCore::SVGAnimatedTransformListPropertyTearOff::baseVal):
(WebCore::SVGAnimatedTransformListPropertyTearOff::animVal):
Same as what is done in SVGAnimatedListPropertyTearOff.

  • svg/properties/SVGListPropertyTearOff.h:

(WebCore::SVGListPropertyTearOff::~SVGListPropertyTearOff):
Call the SVGAnimatedListPropertyTearOff::propertyWillBeDeleted() to clean
its raw pointers when the RefPtr<> deletes itself.

LayoutTests:

  • svg/animations/smil-leak-list-property-instances-expected.txt: Added.
  • svg/animations/smil-leak-list-property-instances.svg: Added.

Ensure if SVGPolylineElement.points is requested from JS, the document will
not leak.

12:53 PM Changeset in webkit [196267] by andersca@apple.com
  • 2 edits in trunk/Source/WebKit/mac

Crash when trying to chain to the old -[NSView setNeedsDisplayInRect:]
https://bugs.webkit.org/show_bug.cgi?id=154001
rdar://problem/24519975

Reviewed by Dan Bernstein.

If our replaced -[NSView setNeedsDisplayInRect:] is called before the old IMP has been initialized,
we can end up trying to call a null pointer.

Fix this by using method_exchangeImplementations instead of method_setImplementation, since the former is done
atomically.

  • WebView/WebHTMLView.mm:

(-[NSView _web_setNeedsDisplayInRect:]):
(+[WebHTMLViewPrivate initialize]):
(setNeedsDisplayInRect): Deleted.

11:49 AM Changeset in webkit [196266] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: Long values for comma separated CSS properties overflow the Visual sidebar area
https://bugs.webkit.org/show_bug.cgi?id=153890
<rdar://problem/24510216>

Patch by Devin Rousso <Devin Rousso> on 2016-02-08
Reviewed by Timothy Hatcher.

For especially long values in comma-separated CSS properties (such as
background-image), the text will not be clipped as expected due to the
way in which the width is calculated for the element (the value, inside
the title element, is the only child with a specified width other than
100%). This overflowing causes the width of the section containing that
property to expand, pushing content outside of the inspector window. To
remedy this, a specified width is set on the relevant properties based
on the width of the sidebar to ensure proper text clipping.

  • UserInterface/Views/VisualStyleCommaSeparatedKeywordEditor.css:

(.visual-style-property-container.comma-separated-keyword-editor > .visual-style-property-value-container > .visual-style-comma-separated-keyword-list > .visual-style-comma-separated-keyword-item.visual-style-font-family-list-item > .visual-style-comma-separated-keyword-item-editor):
(.visual-style-property-container.comma-separated-keyword-editor > .visual-style-property-value-container > .visual-style-comma-separated-keyword-list > .visual-style-comma-separated-keyword-item > .titles):
(.visual-style-property-container.comma-separated-keyword-editor > .visual-style-property-value-container > .visual-style-comma-separated-keyword-list > .visual-style-comma-separated-keyword-item > .titles > .subtitle):
(.visual-style-property-container.comma-separated-keyword-editor > .visual-style-property-value-container): Deleted.
(.visual-style-property-container.comma-separated-keyword-editor > .visual-style-property-value-container > .visual-style-comma-separated-keyword-list): Deleted.
(.visual-style-property-container.comma-separated-keyword-editor > .visual-style-property-value-container > .visual-style-comma-separated-keyword-list > .visual-style-comma-separated-keyword-item): Deleted.

  • UserInterface/Views/VisualStyleCommaSeparatedKeywordEditor.js:

(WebInspector.VisualStyleCommaSeparatedKeywordEditor.prototype.set specifiedWidth):
Calculates the necessary subtractions from the given width value based on
the margins and size of sibling elements.

  • UserInterface/Views/VisualStyleDetailsPanel.js:

(WebInspector.VisualStyleDetailsPanel.prototype._updateProperties):
(WebInspector.VisualStyleDetailsPanel.prototype._populateFontSection):
(WebInspector.VisualStyleDetailsPanel.prototype._populateBackgroundStyleSection):
(WebInspector.VisualStyleDetailsPanel.prototype._populateBoxShadowSection):
(WebInspector.VisualStyleDetailsPanel.prototype._populateTransitionSection):
Added another list to each group which, if set, will pass the current
sidebar width to all contained property editors.

  • UserInterface/Views/VisualStylePropertyEditor.js:

(WebInspector.VisualStylePropertyEditor.prototype.update):
Somewhat unrelated (r196146), but added another check to ensure that the
CSS property exists before checking to see if it has an invalid value.

11:42 AM Changeset in webkit [196265] by Carlos Garcia Campos
  • 5 edits in trunk/Source

[GTK] WebKitWebView should send crossing events to the WebProcess
https://bugs.webkit.org/show_bug.cgi?id=153740

Reviewed by Michael Catanzaro.

Source/WebCore:

Update the target element under the mouse also when only updating
scrollbars, so that if the mouse enters the page when the window
is not active, the scroll animator is notified that the mouse
entered the scrollable area.

  • page/EventHandler.cpp:

(WebCore::EventHandler::handleMouseMoveEvent): Call
updateMouseEventTargetNode() before early returning in case of
only updating scrollbars.

Source/WebKit2:

We don't currently handle crossing events in the web view
(enter/leave). That's why if you hover a scrollbar and leave the
window, the scrollbar is still rendered as hovered.

  • Shared/gtk/WebEventFactory.cpp:

(WebKit::buttonForEvent): Handle the case of GDK_ENTER_NOTIFY and
GDK_LEAVE_NOTIFY events.
(WebKit::WebEventFactory::createWebMouseEvent): Ditto.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseRealize): Add GDK_ENTER_NOTIFY_MASK and
GDK_LEAVE_NOTIFY_MASK flags to the web view event mask.
(webkitWebViewBaseCrossingNotifyEvent): Handle enter/leave notify
events by generating a mouse move event, ensuring the double to
int conversion will not cause any problem.
(webkit_web_view_base_class_init): Add an implementation for
enter_notify_event and leave_notify_event.

11:41 AM Changeset in webkit [196264] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit2

Infinite loop when processing mouse events synchronously
https://bugs.webkit.org/show_bug.cgi?id=153995

Reviewed by Darin Adler.

This happened with WTR in the GTK+ port after landing patch in bug
#153740. The thing is that WTR forces events handling IPC messages
to be synchronous. When a drag and drop operation is in progress,
the web process ignores mouse move events and replies with
DidReceiveEvent signal. The DidReceiveEvent message handler in
WebPageProxy checks if we have a m_nextMouseMoveEvent and handles
it, but when all this happens synchronously the
m_nextMouseMoveEvent is the current one because we haven't
returned yet from handleMouseEvent(). We need to invalidate the
m_nextMouseMoveEvent before calling handleMouseEvent().

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didReceiveEvent):

11:33 AM Changeset in webkit [196263] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

PiP and external playback are mutually exclusive.
https://bugs.webkit.org/show_bug.cgi?id=153988
rdar://problem/24108661

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-02-08
Reviewed by Eric Carlson.

Adding isPlayingOnSecondScreen to isPlayingOnExternalScreen allows AVKit to disable PiP
when appropriate. Testing video fullscreen mode in updateDisableExternalPlayback allows us to
turn-off external playback when entering picture-in-picture.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode):
(WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):

  • platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

(-[WebAVPlayerController isPlayingOnExternalScreen]):
(+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]):

11:31 AM Changeset in webkit [196262] by beidson@apple.com
  • 4 edits in trunk/LayoutTests

IndexedDB: No test covers cursor.delete() setting the source of the request to the cursor.
https://bugs.webkit.org/show_bug.cgi?id=153992

Reviewed by Jer Noble.

  • storage/indexeddb/cursor-delete-expected.txt:
  • storage/indexeddb/cursor-delete-private-expected.txt:
  • storage/indexeddb/resources/cursor-delete.js:
11:29 AM Changeset in webkit [196261] by commit-queue@webkit.org
  • 10 edits in trunk

[ES6] Arrow function syntax. Using 'super' in arrow function that declared out of the class should lead to Syntax error
https://bugs.webkit.org/show_bug.cgi?id=150893

Patch by Skachkov Oleksandr <gskachkov@gmail.com> on 2016-02-08
Reviewed by Saam Barati.
Source/JavaScriptCore:

'super' and 'super()' inside of the arrow function should lead to syntax error if they are used
out of the class context or they wrapped by ordinary function. Now JSC returns ReferenceError but
should return SyntaxError according to the following specs:
http://www.ecma-international.org/ecma-262/6.0/#sec-function-definitions-static-semantics-early-errors
and http://www.ecma-international.org/ecma-262/6.0/#sec-arrow-function-definitions-runtime-semantics-evaluation
Curren patch implemented only one case when super/super() are used inside of the arrow function
Case when super/super() are used within the eval:

class A {}
class B extends A {

costructor() { eval("super()");}

}

is not part of this patch and will be implemented in this issue https://bugs.webkit.org/show_bug.cgi?id=153864.
The same for case when eval with super/super() is invoked in arrow function will be
implemented in issue https://bugs.webkit.org/show_bug.cgi?id=153977.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseFunctionInfo):

  • parser/Parser.h:

(JSC::Scope::Scope):
(JSC::Scope::setExpectedSuperBinding):
(JSC::Scope::expectedSuperBinding):
(JSC::Scope::setConstructorKind):
(JSC::Scope::constructorKind):
(JSC::Parser::closestParentNonArrowFunctionNonLexicalScope):

  • tests/stress/arrowfunction-lexical-bind-supercall-4.js:
  • tests/stress/arrowfunction-lexical-bind-superproperty.js:

LayoutTests:

Adding tests for using of the 'super' inside of the arrow function

  • js/arrowfunction-superproperty-expected.txt:
  • js/arrowfunction-syntax-errors-expected.txt:
  • js/script-tests/arrowfunction-superproperty.js:
  • js/script-tests/arrowfunction-syntax-errors.js:
11:27 AM Changeset in webkit [196260] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit2

Remove weak from WKAirPlayRoutePicker.mm to fix build warning.
https://bugs.webkit.org/show_bug.cgi?id=153985
rdar://problem/24485348

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-02-08
Reviewed by Darin Adler.

Remove weak since it is only available when using ARC.

  • UIProcess/ios/forms/WKAirPlayRoutePicker.mm:
10:58 AM Changeset in webkit [196259] by fpizlo@apple.com
  • 4 edits in trunk/Source/WTF

Make sure that locking code that relies on module boundaries for compiler fences uses NEVER_INLINE
https://bugs.webkit.org/show_bug.cgi?id=153972

Reviewed by Andreas Kling.

When this code was written, we assumed that module boundaries were compiler fences. That might
not be the case if we ever do LTO.

  • wtf/Lock.cpp:

(WTF::LockBase::lockSlow):
(WTF::LockBase::unlockSlow):

  • wtf/ParkingLot.cpp:

(WTF::ParkingLot::parkConditionally):
(WTF::ParkingLot::unparkOne):
(WTF::ParkingLot::unparkAll):
(WTF::ParkingLot::forEach):

  • wtf/WordLock.cpp:

(WTF::WordLock::lockSlow):
(WTF::WordLock::unlockSlow):

10:52 AM Changeset in webkit [196258] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Parser should detect error before calls to parseAssignmentExpression()
https://bugs.webkit.org/show_bug.cgi?id=153975
rdar://problem/24291231

Reviewed by Saam Barati.

Fixes a very hard-to-create situation that an internal test picked up.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseVariableDeclarationList):
(JSC::Parser<LexerType>::parseAssignmentExpression):

10:43 AM Changeset in webkit [196257] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit2

[GTK] Fix crash when creating webview with g_object_new
https://bugs.webkit.org/show_bug.cgi?id=153989

Patch by Danilo Cesar Lemes de Paula <danilo.cesar@collabora.co.uk> on 2016-02-08
Reviewed by Carlos Garcia Campos.

g_object_new(WEBKIT_TYPE_WEB_VIEW, NULL) crashes webkit
as _WebKitWebViewBasePrivate constructor requires a mainloop, but
webkit is only initialized when a context is created (which
doesn't happen with a direct call to g_object_new).

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkit_web_view_base_class_init):

10:28 AM Changeset in webkit [196256] by commit-queue@webkit.org
  • 5 edits in trunk/Source

Unreviewed, rolling out r196253.
https://bugs.webkit.org/show_bug.cgi?id=153990

Caused several crashes in GTK+ bots (Requested by KaL on
#webkit).

Reverted changeset:

"[GTK] WebKitWebView should send crossing events to the
WebProcess"
https://bugs.webkit.org/show_bug.cgi?id=153740
http://trac.webkit.org/changeset/196253

10:23 AM Changeset in webkit [196255] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: WebInspector.Setting should have a "reset" method
https://bugs.webkit.org/show_bug.cgi?id=153971
<rdar://problem/24544101>

Reviewed by Brian Burg.

Currently UI needing to restore a setting to its default must retain a copy
of the default value. This should be a basic operation of WebInspector.Setting.

  • UserInterface/Base/Setting.js:

(WebInspector.Setting):
(WebInspector.Setting.prototype.reset):
Sets value to a copy of the default.

9:06 AM Changeset in webkit [196254] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

WebAVPlayerController should implement currentTimeWithinEndTimes.
https://bugs.webkit.org/show_bug.cgi?id=153983
rdar://problem/22864621

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-02-08
Reviewed by Eric Carlson.

Implement currentTimeWithinEndTimes in terms of seekToTime and AVTiming. This is a trivial
implementation becuase AVPlayer start and end times aren't used.

  • platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

(-[WebAVPlayerController currentTimeWithinEndTimes]):
(-[WebAVPlayerController setCurrentTimeWithinEndTimes:]):
(+[WebAVPlayerController keyPathsForValuesAffectingCurrentTimeWithinEndTimes]):

8:59 AM Changeset in webkit [196253] by Carlos Garcia Campos
  • 5 edits in trunk/Source

[GTK] WebKitWebView should send crossing events to the WebProcess
https://bugs.webkit.org/show_bug.cgi?id=153740

Reviewed by Michael Catanzaro.

Source/WebCore:

Update the target element under the mouse also when only updating
scrollbars, so that if the mouse enters the page when the window
is not active, the scroll animator is notified that the mouse
entered the scrollable area.

  • page/EventHandler.cpp:

(WebCore::EventHandler::handleMouseMoveEvent): Call
updateMouseEventTargetNode() before early returning in case of
only updating scrollbars.

Source/WebKit2:

We don't currently handle crossing events in the web view
(enter/leave). That's why if you hover a scrollbar and leave the
window, the scrollbar is still rendered as hovered.

  • Shared/gtk/WebEventFactory.cpp:

(WebKit::buttonForEvent): Handle the case of GDK_ENTER_NOTIFY and
GDK_LEAVE_NOTIFY events.
(WebKit::WebEventFactory::createWebMouseEvent): Ditto.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseRealize): Add GDK_ENTER_NOTIFY_MASK and
GDK_LEAVE_NOTIFY_MASK flags to the web view event mask.
(webkitWebViewBaseCrossingNotifyEvent): Handle enter/leave notify
events by generating a mouse move event, ensuring the double to
int conversion will not cause any problem.
(webkit_web_view_base_class_init): Add an implementation for
enter_notify_event and leave_notify_event.

8:46 AM Changeset in webkit [196252] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

WebVideoFullscreenInterface should handle video resizing.
https://bugs.webkit.org/show_bug.cgi?id=153982
rdar://problem/22031249

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-02-08
Reviewed by Eric Carlson.

Video fullscreen can be initiated before video dimension are available.
Protect against an initial width or height of zero and observe resize events
to update once video dimensions become available or change.

  • platform/cocoa/WebVideoFullscreenModelVideoElement.mm:

(WebVideoFullscreenModelVideoElement::updateForEventName):
(WebVideoFullscreenModelVideoElement::observedEventNames):

  • platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

(-[WebAVPlayerLayer layoutSublayers]):
(-[WebAVPlayerLayer videoRect]):
(WebVideoFullscreenInterfaceAVKit::setVideoDimensions):

8:25 AM Changeset in webkit [196251] by akling@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Visiting a WeakBlock should report bytes visited, since we reported them allocated.
<https://webkit.org/b/153978>

Reviewed by Darin Adler.

When creating a WeakBlock, we tell Heap that we've allocated 1 KB (WeakBlock::blockSize)
of memory. Consequently, when visiting a WeakBlock, we should also report 1 KB of memory
visited. Otherwise Heap will think that those 1 KB already went away.

This was causing us to underestimate heap size, which affects collection scheduling.

  • heap/SlotVisitor.h:

(JSC::SlotVisitor::reportMemoryVisited):

  • heap/WeakBlock.cpp:

(JSC::WeakBlock::visit):

5:43 AM Changeset in webkit [196250] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

Timeouts in tests because of non implemented UIScriptController::singleTapAtPoint()
https://bugs.webkit.org/show_bug.cgi?id=153833

Unreviewed.

Patch by Adrien Plazas <aplazas@igalia.com> on 2016-02-08

  • platform/gtk/TestExpectations:
5:41 AM Changeset in webkit [196249] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Indent inline box test fails due to assertion in VisibleSelection::selectionFromContentsOfNode()
https://bugs.webkit.org/show_bug.cgi?id=153824

Patch by Adrien Plazas <aplazas@igalia.com> on 2016-02-08
Reviewed by Michael Catanzaro.

  • editing/markup.cpp:

(WebCore::highestAncestorToWrapMarkup):

Feb 7, 2016:

7:22 PM Changeset in webkit [196248] by weinig@apple.com
  • 2 edits in trunk/Source/WebCore

Remove unused enum ScrollbarOverlayState.

Rubber-stamped by Dan Bernstein.

  • platform/ScrollTypes.h:
7:20 PM Changeset in webkit [196247] by weinig@apple.com
  • 3 edits in trunk/Source/WebCore

Remove unnecessary respondsToSelector checks for methods that exist on all supported platforms
https://bugs.webkit.org/show_bug.cgi?id=153970

Reviewed by Dan Bernstein.

-[NSScrollerImp mouseEnteredScroller], -[NSScrollerImp expansionTransitionProgress],
-[NSScrollerImpPair contentAreaScrolledInDirection:], and -[NSScrollerImp setExpanded:]
are now available on all supported OS's. No need to check for them.

  • platform/mac/ScrollAnimatorMac.mm:

(macScrollbarTheme):
(-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
(-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
(WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
(WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
(WebCore::ScrollAnimatorMac::sendContentAreaScrolled):
(WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):
(supportsUIStateTransitionProgress): Deleted.
(supportsExpansionTransitionProgress): Deleted.
(supportsContentAreaScrolledInDirection): Deleted.

  • platform/mac/ScrollbarThemeMac.mm:

(+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
(+[WebScrollbarPrefsObserver behaviorPrefsChanged:]):
(WebCore::ScrollbarThemeMac::scrollbarThickness):

7:01 PM Changeset in webkit [196246] by weinig@apple.com
  • 8 edits
    1 add in trunk/Source/WebCore

Use modern SPI header idiom for NSScrollerImp and NSScrollerImpPair
https://bugs.webkit.org/show_bug.cgi?id=153969

Reviewed by Dan Bernstein.

  • WebCore.xcodeproj/project.pbxproj:

Add new file NSScrollerImpSPI.h

  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

Use new include of NSScrollerImpSPI.h.

  • platform/ScrollbarThemeComposite.h:

Define ScrollbarPainter more precisely as NSScrollerImp * now that the type is available to us.

  • platform/mac/NSScrollerImpDetails.h:

Remove NSObject category based SPI usage with the modern one NSScrollerImpSPI.h

  • platform/mac/NSScrollerImpDetails.mm:

(WebCore::recommendedScrollerStyle):
Simplify recommendedScrollerStyle() now that all OS's we ship on have +[NSScroller preferredScrollerStyle].

  • platform/mac/ScrollAnimatorMac.mm:

(supportsUIStateTransitionProgress):
(supportsExpansionTransitionProgress):
(supportsContentAreaScrolledInDirection):
Stop using NSClassFromString now that we can reference the classes explicitly.

(-[WebScrollbarPainterControllerDelegate invalidate]):
(-[WebScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
(-[WebScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
(-[WebScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
(-[WebScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
(-[WebScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
(-[WebScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
(-[WebScrollbarPainterDelegate layer]):
(-[WebScrollbarPainterDelegate mouseLocationInScrollerForScrollerImp:]):
(-[WebScrollbarPainterDelegate convertRectToLayer:]):
(-[WebScrollbarPainterDelegate shouldUseLayerPerPartForScrollerImp:]):
(-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
(-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
(-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
(-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
(-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
(-[WebScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
(WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
(WebCore::ScrollAnimatorMac::lockOverlayScrollbarStateToHidden):
(WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
(WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
(WebCore::ScrollAnimatorMac::updateScrollerStyle):
Add proper conforming to protocols and replace ids with proper types.

  • platform/mac/ScrollbarThemeMac.mm:

(WebCore::supportsExpandedScrollbars):
(WebCore::ScrollbarThemeMac::registerScrollbar):
(WebCore::ScrollbarThemeMac::scrollbarThickness):
(WebCore::ScrollbarThemeMac::setUpContentShadowLayer):
Stop using NSClassFromString now that we can reference the classes explicitly.

  • platform/spi/mac/NSScrollerImpSPI.h: Added.
5:34 PM Changeset in webkit [196245] by Yusuke Suzuki
  • 6 edits in trunk

[GTK][EFL] Enable SamplingProfiler
https://bugs.webkit.org/show_bug.cgi?id=153638

Reviewed by Michael Catanzaro.

.:

Enable SamplingProfiler in GTK and EFL.
And added option to CMake to switch this from the build command.

  • Source/cmake/OptionsEfl.cmake:
  • Source/cmake/OptionsGTK.cmake:
  • Source/cmake/WebKitFeatures.cmake:

Source/WTF:

  • wtf/Platform.h:
4:33 PM Changeset in webkit [196244] by Alan Bujtas
  • 145 edits
    2 adds in trunk

Outline does not clip when ancestor has overflow: hidden and requires layer.
https://bugs.webkit.org/show_bug.cgi?id=153901

Now that outline is part of visual overflow, we no longer need the special outline cliprect.
PaintPhaseChildOutlines drawing will switch to foreground cliprect. It ensures proper overflow clipping
at parent level. PaintPhaseSelfOutline drawing will start using the visual overflow inflated background cliprect.
With this change, outline will be using the same cliprects as the other visual overflow properties (box-shadow etc).

Reviewed by David Hyatt.

Source/WebCore:

Test: fast/repaint/outline-with-overflow-hidden-ancestor.html

  • rendering/LayerFragment.h:

(WebCore::LayerFragment::setRects):
(WebCore::LayerFragment::moveBy): Deleted.
(WebCore::LayerFragment::intersect): Deleted.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::collectFragments):
(WebCore::RenderLayer::paintOutlineForFragments):
(WebCore::RenderLayer::calculateClipRects):
(WebCore::RenderLayer::paintForegroundForFragments): Deleted.

  • rendering/RenderLayer.h:
  • rendering/RenderTreeAsText.cpp:

(WebCore::write):
(WebCore::writeLayers):

LayoutTests:

  • compositing/geometry/limit-layer-bounds-overflow-repaint-expected.txt:
  • compositing/masks/mask-of-clipped-layer-expected.txt:
  • css2.1/20110323/abspos-non-replaced-width-margin-000-expected.txt:
  • css2.1/20110323/abspos-replaced-width-margin-000-expected.txt:
  • css3/blending/blend-mode-isolation-turn-off-self-painting-layer2-expected.txt:
  • css3/blending/blend-mode-isolation-turn-on-self-painting-layer-expected.txt:
  • fast/block/positioning/negative-rel-position-expected.txt:
  • fast/dynamic/staticY-expected.txt:
  • fast/inline/absolute-positioned-block-in-centred-block-expected.txt:
  • fast/multicol/flipped-blocks-border-after-expected.txt:
  • fast/multicol/pagination-h-horizontal-bt-expected.txt:
  • fast/multicol/pagination-h-horizontal-tb-expected.txt:
  • fast/multicol/pagination-h-vertical-rl-expected.txt:
  • fast/multicol/pagination-v-horizontal-bt-expected.txt:
  • fast/multicol/pagination-v-vertical-lr-expected.txt:
  • fast/multicol/pagination-v-vertical-rl-expected.txt:
  • fast/multicol/pagination/LeftToRight-tb-hittest-expected.txt:
  • fast/multicol/pagination/RightToLeft-rl-hittest-expected.txt:
  • fast/multicol/progression-reverse-expected.txt:
  • fast/multicol/vertical-rl/rules-with-border-before-expected.txt:
  • fast/overflow/overflow-update-transform-expected.txt:
  • fast/overflow/position-relative-expected.txt:
  • fast/repaint/focus-ring-expected.txt:
  • fast/repaint/focus-ring-repaint.html:
  • fast/repaint/outline-with-overflow-hidden-ancestor-expected.html: Added.
  • fast/repaint/outline-with-overflow-hidden-ancestor.html: Added.
  • fast/table/overflow-table-collapsed-borders-cell-painting-expected.txt:
  • fast/table/overflow-table-collapsed-borders-cell-painting-table-self-painting-layer-expected.txt:
  • fast/table/overflow-table-collapsed-borders-section-layer-painting-expected.txt:
  • fast/table/overflow-table-collapsed-borders-section-layer-table-self-painting-layer-expected.txt:
  • fast/table/overflow-table-collapsed-borders-section-self-painting-layer-painting-expected.txt:
  • fast/table/overflow-table-collapsed-borders-section-self-painting-layer-table-self-painting-layer-expected.txt:
  • platform/mac/compositing/geometry/clipping-foreground-expected.txt:
  • platform/mac/compositing/geometry/root-layer-update-expected.txt:
  • platform/mac/compositing/overflow/ancestor-overflow-expected.txt:
  • platform/mac/compositing/overflow/nested-scrolling-expected.txt:
  • platform/mac/compositing/overflow/overflow-scroll-expected.txt:
  • platform/mac/compositing/overflow/parent-overflow-expected.txt:
  • platform/mac/compositing/overflow/scrollbar-painting-expected.txt:
  • platform/mac/compositing/reflections/nested-reflection-on-overflow-expected.txt:
  • platform/mac/compositing/sibling-positioning-expected.txt:
  • platform/mac/css3/blending/blend-mode-overflow-expected.txt:
  • platform/mac/css3/unicode-bidi-isolate-basic-expected.txt:
  • platform/mac/fast/block/float/overhanging-tall-block-expected.txt:
  • platform/mac/fast/block/positioning/auto/vertical-rl/007-expected.txt:
  • platform/mac/fast/block/positioning/vertical-rl/fixed-positioning-expected.txt:
  • platform/mac/fast/borders/border-antialiasing-expected.txt:
  • platform/mac/fast/clip/001-expected.txt:
  • platform/mac/fast/clip/013-expected.txt:
  • platform/mac/fast/clip/014-expected.txt:
  • platform/mac/fast/clip/016-expected.txt:
  • platform/mac/fast/clip/outline-overflowClip-expected.txt:
  • platform/mac/fast/css/clip-zooming-expected.txt:
  • platform/mac/fast/forms/validation-message-appearance-expected.txt:
  • platform/mac/fast/inline/left-right-center-inline-alignment-in-ltr-and-rtl-blocks-expected.txt:
  • platform/mac/fast/line-grid/line-grid-inside-columns-expected.txt:
  • platform/mac/fast/line-grid/line-grid-into-columns-expected.txt:
  • platform/mac/fast/lists/scrolled-marker-paint-expected.txt:
  • platform/mac/fast/multicol/client-rects-expected.txt:
  • platform/mac/fast/multicol/column-break-with-balancing-expected.txt:
  • platform/mac/fast/multicol/column-rules-expected.txt:
  • platform/mac/fast/multicol/column-rules-stacking-expected.txt:
  • platform/mac/fast/multicol/columns-shorthand-parsing-expected.txt:
  • platform/mac/fast/multicol/float-paginate-complex-expected.txt:
  • platform/mac/fast/multicol/float-paginate-empty-lines-expected.txt:
  • platform/mac/fast/multicol/float-paginate-expected.txt:
  • platform/mac/fast/multicol/layers-in-multicol-expected.txt:
  • platform/mac/fast/multicol/layers-split-across-columns-expected.txt:
  • platform/mac/fast/multicol/max-height-columns-block-expected.txt:
  • platform/mac/fast/multicol/nested-columns-expected.txt:
  • platform/mac/fast/multicol/newmulticol/client-rects-expected.txt:
  • platform/mac/fast/multicol/overflow-across-columns-expected.txt:
  • platform/mac/fast/multicol/overflow-across-columns-percent-height-expected.txt:
  • platform/mac/fast/multicol/overflow-unsplittable-expected.txt:
  • platform/mac/fast/multicol/paginate-block-replaced-expected.txt:
  • platform/mac/fast/multicol/pagination/BottomToTop-bt-expected.txt:
  • platform/mac/fast/multicol/pagination/BottomToTop-lr-expected.txt:
  • platform/mac/fast/multicol/pagination/BottomToTop-rl-expected.txt:
  • platform/mac/fast/multicol/pagination/BottomToTop-tb-expected.txt:
  • platform/mac/fast/multicol/pagination/LeftToRight-bt-expected.txt:
  • platform/mac/fast/multicol/pagination/LeftToRight-rl-expected.txt:
  • platform/mac/fast/multicol/pagination/LeftToRight-tb-expected.txt:
  • platform/mac/fast/multicol/pagination/RightToLeft-bt-expected.txt:
  • platform/mac/fast/multicol/pagination/RightToLeft-lr-expected.txt:
  • platform/mac/fast/multicol/pagination/RightToLeft-rl-dynamic-expected.txt:
  • platform/mac/fast/multicol/pagination/RightToLeft-rl-expected.txt:
  • platform/mac/fast/multicol/pagination/RightToLeft-tb-expected.txt:
  • platform/mac/fast/multicol/pagination/TopToBottom-bt-expected.txt:
  • platform/mac/fast/multicol/pagination/TopToBottom-lr-expected.txt:
  • platform/mac/fast/multicol/pagination/TopToBottom-rl-expected.txt:
  • platform/mac/fast/multicol/positive-leading-expected.txt:
  • platform/mac/fast/multicol/scrolling-column-rules-expected.txt:
  • platform/mac/fast/multicol/scrolling-overflow-expected.txt:
  • platform/mac/fast/multicol/span/anonymous-style-inheritance-expected.txt:
  • platform/mac/fast/multicol/span/span-as-immediate-child-complex-splitting-expected.txt:
  • platform/mac/fast/multicol/span/span-as-immediate-child-generated-content-expected.txt:
  • platform/mac/fast/multicol/span/span-as-immediate-child-property-removal-expected.txt:
  • platform/mac/fast/multicol/span/span-as-immediate-columns-child-dynamic-expected.txt:
  • platform/mac/fast/multicol/span/span-as-immediate-columns-child-expected.txt:
  • platform/mac/fast/multicol/span/span-as-immediate-columns-child-removal-expected.txt:
  • platform/mac/fast/multicol/span/span-as-nested-columns-child-dynamic-expected.txt:
  • platform/mac/fast/multicol/span/span-as-nested-columns-child-expected.txt:
  • platform/mac/fast/multicol/span/span-margin-collapsing-expected.txt:
  • platform/mac/fast/multicol/table-vertical-align-expected.txt:
  • platform/mac/fast/multicol/tall-image-behavior-expected.txt:
  • platform/mac/fast/multicol/vertical-lr/column-break-with-balancing-expected.txt:
  • platform/mac/fast/multicol/vertical-lr/column-rules-expected.txt:
  • platform/mac/fast/multicol/vertical-lr/float-multicol-expected.txt:
  • platform/mac/fast/multicol/vertical-lr/float-paginate-complex-expected.txt:
  • platform/mac/fast/multicol/vertical-lr/float-paginate-expected.txt:
  • platform/mac/fast/multicol/vertical-lr/nested-columns-expected.txt:
  • platform/mac/fast/multicol/vertical-rl/column-break-with-balancing-expected.txt:
  • platform/mac/fast/multicol/vertical-rl/column-rules-expected.txt:
  • platform/mac/fast/multicol/vertical-rl/float-multicol-expected.txt:
  • platform/mac/fast/multicol/vertical-rl/float-paginate-complex-expected.txt:
  • platform/mac/fast/multicol/vertical-rl/float-paginate-expected.txt:
  • platform/mac/fast/multicol/vertical-rl/nested-columns-expected.txt:
  • platform/mac/fast/overflow/clip-rects-fixed-ancestor-expected.txt:
  • platform/mac/fast/overflow/float-in-relpositioned-expected.txt:
  • platform/mac/fast/overflow/overflow-auto-position-absolute-expected.txt:
  • platform/mac/fast/overflow/overflow-rtl-expected.txt:
  • platform/mac/fast/overflow/paged-x-div-expected.txt:
  • platform/mac/fast/overflow/paged-x-div-with-column-gap-expected.txt:
  • platform/mac/fast/overflow/paged-x-on-root-expected.txt:
  • platform/mac/fast/overflow/paged-x-with-column-gap-expected.txt:
  • platform/mac/fast/overflow/paged-y-div-expected.txt:
  • platform/mac/fast/overflow/scroll-nested-positioned-layer-in-overflow-expected.txt:
  • platform/mac/fast/regions/repaint/region-painting-via-layout-expected.txt:
  • platform/mac/fast/repaint/box-shadow-h-expected.txt:
  • platform/mac/fast/repaint/box-shadow-v-expected.txt:
  • platform/mac/fast/repaint/layer-outline-expected.txt:
  • platform/mac/fast/repaint/layer-outline-horizontal-expected.txt:
  • platform/mac/fast/table/edge-offsets-expected.txt:
  • platform/mac/fast/transforms/overflow-with-transform-expected.txt:
  • platform/mac/fast/transforms/rotated-transform-affects-scrolling-1-expected.txt:
  • platform/mac/fast/transforms/rotated-transform-affects-scrolling-2-expected.txt:
  • platform/mac/fast/writing-mode/Kusa-Makura-background-canvas-expected.txt:
  • platform/mac/printing/single-line-must-not-be-split-into-two-pages-expected.txt:
  • platform/mac/scrollbars/scrollbars-on-positioned-content-expected.txt:
  • platform/mac/svg/custom/getscreenctm-in-scrollable-div-area-nested-expected.txt:
  • platform/mac/svg/custom/image-rescale-clip-expected.txt:
  • svg/overflow/overflow-on-foreignObject-expected.txt:
3:16 PM Changeset in webkit [196243] by sbarati@apple.com
  • 3 edits
    3 adds in trunk

Source/JavaScriptCore:
Follow up patch to: [ES6] bound functions .name property should be "bound " + the target function's name
https://bugs.webkit.org/show_bug.cgi?id=153796

Reviewed by Darin Adler.

This follow-up patch addresses some comments/suggestions by
Ryosuke, Darin, and Joe. It simplifies JSBoundFunction::toStringName
and adds some tests for bound names.

  • runtime/JSBoundFunction.cpp:

(JSC::hasInstanceBoundFunction):
(JSC::JSBoundFunction::create):
(JSC::JSBoundFunction::toStringName):

LayoutTests:
[ES6] bound functions .name property should be "bound " + the target function's name
https://bugs.webkit.org/show_bug.cgi?id=153796

Reviewed by Darin Adler.

  • js/bound-function-name-expected.txt: Added.
  • js/bound-function-name.html: Added.
  • js/script-tests/bound-function-name.js: Added.

(assert):
(assert.foo):
(bar):

2:26 PM Changeset in webkit [196242] by dbates@webkit.org
  • 26 edits
    6 adds in trunk

CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy
https://bugs.webkit.org/show_bug.cgi?id=153622
<rdar://problem/24400023>

Source/WebCore:

Reviewed by Gavin Barraclough.

Fixes an issue where Web Workers initiated from an isolated world (say, a Safari Content Script Extension)
would be subject to the Content Security Policy of the page.

Currently code in an isolated world that does not execute in a Web Worker is exempt from the CSP of
the page. However, code that runs inside a Web Worker that was initiated from an isolated world is
subject to the CSP of the page. Instead, such Web Worker code should also be exempt from the CSP of
the page.

Tests: http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval.html

http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr.html
http/tests/security/isolatedWorld/bypass-main-world-csp-worker.html

  • Modules/websockets/WebSocket.cpp:

(WebCore::WebSocket::connect): Modified to ask the script execution context whether to bypass the
main world Content Security Policy now that script execution context knows this information.

  • bindings/js/ScriptController.cpp:

(WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy): Deleted; moved logic from here...

  • bindings/js/ScriptController.h:
  • dom/Document.cpp:

(WebCore::Document::shouldBypassMainWorldContentSecurityPolicy): ...to here.

  • dom/Document.h:
  • dom/ScriptExecutionContext.h:

(WebCore::ScriptExecutionContext::shouldBypassMainWorldContentSecurityPolicy): Added; defaults to false -
do not bypass the main world Content Security Policy.

  • page/EventSource.cpp:

(WebCore::EventSource::create): Modified to ask the script execution context whether to bypass the
main world Content Security Policy now that script execution context knows this information.

  • page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy): Deleted.

  • page/csp/ContentSecurityPolicy.h:
  • workers/AbstractWorker.cpp:

(WebCore::AbstractWorker::resolveURL): Bypass the main world Content Security Policy if applicable.
Added FIXME comment to enforce the child-src directive of the document's CSP (as opposed to the script-src
directive) on the worker's script URL. Also, scriptExecutionContext()->contentSecurityPolicy() should
always be non-null just as we expect scriptExecutionContext()->securityOrigin() to be non-null. Assert
this invariant to catch cases where a ScriptExecutionContext is not properly initialized.

  • workers/DedicatedWorkerGlobalScope.cpp:

(WebCore::DedicatedWorkerGlobalScope::create): Modified to take boolean argument shouldBypassMainWorldContentSecurityPolicy
as to whether to bypass the main world Content Security Policy and only apply the Content Security
Policy headers when shouldBypassMainWorldContentSecurityPolicy is false.
(WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
as to whether to bypass the main world Content Security Policy.

  • workers/DedicatedWorkerGlobalScope.h:
  • workers/DedicatedWorkerThread.cpp:

(WebCore::DedicatedWorkerThread::DedicatedWorkerThread): Ditto.
(WebCore::DedicatedWorkerThread::createWorkerGlobalScope): Ditto.

  • workers/DedicatedWorkerThread.h:
  • workers/Worker.cpp:

(WebCore::Worker::create): Store whether we should bypass the main world Content Security Policy so
that we can pass it to WorkerMessagingProxy::startWorkerGlobalScope() in Worker::notifyFinished().
We need to store this decision here as opposed to determining it at any later time (say, in Worker::notifyFinished())
because it is dependent on the current JavaScript program stack at the time this function is invoked.
(WebCore::Worker::notifyFinished): Pass whether to bypass the main world Content Security Policy.

  • workers/Worker.h:
  • workers/WorkerGlobalScope.cpp:

(WebCore::WorkerGlobalScope::WorkerGlobalScope): Modified to take a boolean as to whether to bypass the
main world Content Security Policy and store it in a member field. Also, always instantiate a Content
Security Policy object as our current code assumes that one is always created.

  • workers/WorkerGlobalScope.h:
  • workers/WorkerGlobalScopeProxy.h:
  • workers/WorkerMessagingProxy.cpp:

(WebCore::WorkerMessagingProxy::startWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
as to whether to bypass the main world Content Security Policy.

  • workers/WorkerMessagingProxy.h:
  • workers/WorkerThread.cpp:

(WebCore::WorkerThreadStartupData::WorkerThreadStartupData): Modified to take a boolean argument as to
whether to bypass the main world Content Security Policy and store it in a member field.
(WebCore::WorkerThread::WorkerThread): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
as to whether to bypass the main world Content Security Policy.
(WebCore::WorkerThread::workerThread): Ditto.

  • workers/WorkerThread.h:
  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::open): Modified to ask the script execution context whether to bypass the
main world Content Security Policy now that script execution context knows this information.

LayoutTests:

Reviewed by Gavin Barraclough and Andy Estes.

Add tests to ensure that a Web Worker initiated from an isolated world can bypass the main world
Content Security Policy.

  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval.html: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr.html: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker-expected.txt: Added.
  • http/tests/security/isolatedWorld/bypass-main-world-csp-worker.html: Added.
11:25 AM Changeset in webkit [196241] by commit-queue@webkit.org
  • 4 edits in trunk

[cmake] Move LLVM detection for LLVMDisassembler to OptionsCommon.cmake
https://bugs.webkit.org/show_bug.cgi?id=153961

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-02-07
Reviewed by Michael Catanzaro.

  • Source/cmake/OptionsCommon.cmake:
  • Source/cmake/OptionsEfl.cmake:
  • Source/cmake/OptionsGTK.cmake:
11:03 AM Changeset in webkit [196240] by fpizlo@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

String.match should defend against matches that would crash the VM
https://bugs.webkit.org/show_bug.cgi?id=153964
rdar://problem/24301119

Reviewed by Saam Barati.

This fixes a crash in an internal test case.

  • runtime/ArgList.cpp:

(JSC::MarkedArgumentBuffer::slowAppend): Use best practices to ensure that the size we

compute makes sense. Crash if it stops making sense, since most users of this API assume
that they are creating something small enough to fit on the stack.

  • runtime/ArgList.h:

(JSC::MarkedArgumentBuffer::~MarkedArgumentBuffer):
(JSC::MarkedArgumentBuffer::size):
(JSC::MarkedArgumentBuffer::operator new): Deleted. These were ineffective. According to the

debugger, we were still calling system malloc. So, I changed the code to use fastMalloc()
directly.

(JSC::MarkedArgumentBuffer::operator delete): Deleted.

  • runtime/StringPrototype.cpp:

(JSC::stringProtoFuncMatch): Explicitly defend against absurd sizes. Of course, it's still

possible to crash the VM on OOME. That's sort of always been the philosophy of JSC - we
don't guarantee that you'll get a nice-looking error whenever you run out of memory,
since in a GC'd environment you can't really guarantee those things. But, if you have a
match that obvious won't fit in memory, then reporting an error is useful in case this is
a developer experimenting with a buggy regexp.

10:44 AM Changeset in webkit [196239] by mitz@apple.com
  • 21 edits in trunk/Source

[Cocoa] Replace has_include guards around inclusion of Apple-internal-SDK headers with USE(APPLE_INTERNAL_SDK)
https://bugs.webkit.org/show_bug.cgi?id=153963

Reviewed by Sam Weinig.

Source/JavaScriptCore:

  • inspector/remote/RemoteInspectorXPCConnection.mm:

Source/WebCore:

  • accessibility/mac/AXObjectCacheMac.mm:
  • crypto/CommonCryptoUtilities.cpp:
  • crypto/CommonCryptoUtilities.h:
  • editing/mac/TextUndoInsertionMarkupMac.h:
  • editing/mac/TextUndoInsertionMarkupMac.mm:
  • platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
  • platform/graphics/cg/ImageSourceCG.cpp:
  • platform/graphics/mac/PDFDocumentImageMac.mm:
  • platform/network/ios/NetworkStateNotifierIOS.mm:
  • platform/network/mac/BlobDataFileReferenceMac.mm:
  • platform/network/mac/ResourceHandleMac.mm:
  • rendering/RenderThemeMac.mm:

Source/WebKit/mac:

  • WebView/WebPDFView.mm:

Source/WTF:

  • wtf/SystemTracing.h:
  • wtf/WTFThreadData.h:
  • wtf/spi/darwin/CommonCryptoSPI.h:
2:09 AM Changeset in webkit [196238] by Carlos Garcia Campos
  • 4 edits in trunk

REGRESSION(r195661): [GTK] Scrollbar tests crashing after overlay scrollbar groundwork
https://bugs.webkit.org/show_bug.cgi?id=153695

Reviewed by Michael Catanzaro.

Source/WebCore:

The problem is that ScrollAnimation objects are not destroyed by
the ScrollAnimator destructor, because I forgot to add a virtual
destructor for ScrollAnimation in r195661.

  • platform/ScrollAnimation.h:

(WebCore::ScrollAnimation::~ScrollAnimation):

LayoutTests:

  • platform/gtk/TestExpectations:

Feb 6, 2016:

10:34 PM Changeset in webkit [196237] by Chris Dumez
  • 9 edits in trunk/LayoutTests

Unreviewed, update several layout tests for WK1 after r196227.

  • http/tests/security/cross-frame-access-enumeration-expected.txt:
  • http/tests/security/cross-frame-access-enumeration.html:
  • http/tests/security/cross-frame-access-get-expected.txt:
  • http/tests/security/cross-frame-access-get.html:
  • http/tests/security/cross-frame-access-history-get-expected.txt:
  • http/tests/security/cross-frame-access-history-get-override-expected.txt:
  • http/tests/security/cross-frame-access-history-get-override.html:
  • http/tests/security/cross-frame-access-history-get.html:
9:55 PM Changeset in webkit [196236] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

REGRESSION (r195432): Web Inspector: bottom right section of the styles sidebar is 1px taller than the console prompt
https://bugs.webkit.org/show_bug.cgi?id=153959
<rdar://problem/24541053>

Reviewed by Timothy Hatcher.

  • UserInterface/Views/CSSStyleDetailsSidebarPanel.css:

(.sidebar > .panel.details.css-style > .content ~ .options-container):
(.sidebar > .panel.details.css-style > .content ~ .class-list-container)::
Revert the height to what it used to be prior r195432.

6:21 PM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
6:17 PM Changeset in webkit [196235] by Michael Catanzaro
  • 5 edits in trunk/LayoutTests

[GTK] Rebaseline some tests and update expectations after r196222

Unreviewed test gardening.

  • platform/gtk/TestExpectations:
  • platform/gtk/fast/clip/outline-overflowClip-expected.txt:
  • platform/gtk/fast/repaint/layer-outline-expected.txt:
  • platform/gtk/fast/repaint/layer-outline-horizontal-expected.txt:
6:03 PM Changeset in webkit [196234] by dbates@webkit.org
  • 2 edits in trunk/Source/WebKit2

Call CFRelease() on SecRequirementRef when no longer needed
https://bugs.webkit.org/show_bug.cgi?id=153954
<rdar://problem/24540259>

Reviewed by Dan Bernstein.

  • Shared/mac/ChildProcessMac.mm:

(WebKit::ChildProcess::initializeSandbox):

5:52 PM Changeset in webkit [196233] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] imported/blink/compositing/squashing/abspos-under-abspos-overflow-scroll.html is flaky

Unreviewed test gardening.

  • platform/gtk/TestExpectations:
5:51 PM Changeset in webkit [196232] by fpizlo@apple.com
  • 2 edits
    1 add in trunk/Source/JavaScriptCore

FTL must store the call site index before runtime calls, even if it's the tail call slow path
https://bugs.webkit.org/show_bug.cgi?id=153955
rdar://problem/24290970

Reviewed by Saam Barati.

This is necessary because you could throw an exception in a host call on the tail call's slow
path. That'll route us to lookupExceptionHandler(), which unwinds starting with the call site
index of our frame. Bad things happen if it's not set. Prior to this patch it was possible
for the call site index field to be uninitialized, which meant that the throwing machinery
was making a wild guess about where we are.

  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::DFG::LowerDFGToLLVM::compileTailCall):

  • tests/stress/tail-call-host-call-throw.js: Added.
4:45 PM Changeset in webkit [196231] by jonlee@apple.com
  • 2 edits in trunk/PerformanceTests

Code clean up: Move Rotater function closer to Stage static methods.
The Rotater is used together with those methods; keep them close.

  • Animometer/tests/resources/main.js:
4:39 PM Changeset in webkit [196230] by jonlee@apple.com
  • 3 edits in trunk/PerformanceTests

Update the JS includes due to ResultsTable move.

  • Animometer/developer.html:
  • Animometer/index.html:
4:34 PM Changeset in webkit [196229] by jonlee@apple.com
  • 7 edits in trunk/PerformanceTests

Move createElement and createSVGElement to Utilities.

  • Animometer/resources/extensions.js:

(Utilities.createElement): Added.
(Utilities.createSVGElement): Added.
(DocumentExtension.createElement): Deleted.
(DocumentExtension.createSvgElement): Deleted.

  • Animometer/resources/debug-runner/animometer.js:
  • Animometer/resources/runner/animometer.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-svg-images.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-svg-particles.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-svg-shapes.js:
4:27 PM Changeset in webkit [196228] by jonlee@apple.com
  • 10 edits in trunk/PerformanceTests

Add a convenience function for creating a class.

The pattern for creating a class is common enough to add as a Utilities
helper function. It also makes it easy to collapse class definitions when
editing.

  • Animometer/resources/debug-runner/animometer.js: Move ProgressBar definition,

since it is only used here.

  • Animometer/resources/runner/animometer.js: Move ResultsDashboard and

ResultsTable definition, since it is only used here.

  • Animometer/resources/extensions.js: Move Utilities definition to the top. Convert

Point, Insets, SimplePromise.
(ProgressBar): Moved to animometer.js.
(ResultsDashboard): Moved to animometer.js.
(ResultsTable): Moved to animometer.js.

  • Animometer/resources/runner/benchmark-runner.js: Convert BenchmarkRunnerState,

BenchmarkRunner.

  • Animometer/tests/resources/main.js: Convert Rotater, Stage, Animator, Benchmark.
  • Animometer/tests/resources/sampler.js: Convert Experiment, Sampler.

Convert test primitives.

  • Animometer/tests/master/resources/canvas-tests.js: Convert CanvasLineSegment,

CanvasArc, CanvasLinePoint.

  • Animometer/tests/simple/resources/simple-canvas-paths.js: Convert CanvasLineSegment,

CanvasLinePoint, CanvasQuadraticSegment, CanvasQuadraticPoint, CanvasBezierSegment,
CanvasBezierPoint, CanvasArcToSegment, CanvasArcToSegmentFill, CanvasArcSegment,
CanvasArcSegmentFill, CanvasRect, CanvasRectFill.

  • Animometer/tests/simple/resources/tiled-canvas-image.js: Convert CanvasImageTile.
4:18 PM Changeset in webkit [196227] by Chris Dumez
  • 18 edits
    2 deletes in trunk

Prevent cross-origin access to window.history
https://bugs.webkit.org/show_bug.cgi?id=153931

Reviewed by Darin Adler.

Source/WebCore:

Prevent cross-origin access to window.history to match the specification [1]
and the behavior of other browsers (tested Firefox and Chrome).

[1] https://html.spec.whatwg.org/multipage/browsers.html#security-window

No new tests, already covered by existing tests that
were updated in this patch.

  • bindings/js/JSHistoryCustom.cpp:

(WebCore::JSHistory::pushState):
(WebCore::JSHistory::replaceState):
(WebCore::JSHistory::state): Deleted.

  • page/DOMWindow.idl:
  • page/History.idl:

LayoutTests:

Update / rebaseline several layout tests now that cross-origin access to
window.history is prevented.

  • fast/frames/sandboxed-iframe-history-denied-expected.txt:
  • http/tests/history/cross-origin-replace-history-object-child-expected.txt:
  • http/tests/security/cross-frame-access-call-expected.txt:
  • http/tests/security/cross-frame-access-call.html:
  • http/tests/security/cross-frame-access-delete-expected.txt:
  • http/tests/security/cross-frame-access-delete.html:
  • http/tests/security/cross-frame-access-history-prototype-expected.txt:
  • http/tests/security/cross-frame-access-history-put.html: Removed.
  • http/tests/security/cross-frame-access-object-getPrototypeOf-expected.txt:
  • http/tests/security/cross-frame-access-object-getPrototypeOf.html:
  • http/tests/security/cross-frame-access-object-setPrototypeOf-expected.txt:
  • http/tests/security/cross-frame-access-object-setPrototypeOf.html:
  • http/tests/security/resources/cross-frame-iframe-for-history-put-test.html: Removed.
3:41 PM Changeset in webkit [196226] by Beth Dakin
  • 3 edits in trunk/Source/WebCore

ScrollbarPainters needs to be deallocated on the main thread
https://bugs.webkit.org/show_bug.cgi?id=153932
-and corresponding-
rdar://problem/24015483

Reviewed by Dan Bernstein.

Darin pointed out that this was still race-y. There was still a race
condition between the destruction of the two local variables and the
destruction of the lambda on the main thread. This should fix that.

  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

(WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
(WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollbarPaintersOnTheMainThread):
(WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):

3:36 PM Changeset in webkit [196225] by jonlee@apple.com
  • 5 edits in trunk/PerformanceTests

Minor improvements to debug harness.

  • Animometer/developer.html:
  • Animometer/resources/debug-runner/animometer.css:

(#suites): Put the complexity text boxes closer to the test names.
(#options):
(#rawFPS circle): Make the interval FPS appear as a separate data series, with a line.
(#intervalFPS path):
(#intervalFPS circle):

  • Animometer/resources/debug-runner/animometer.js:

(window.optionsManager.updateLocalStorageFromUI): Convert number inputs from text.
(window.suitesManager._onChangeTestCheckbox): Refactor to take a checkbox.
(window.suitesManager._createTestElement): Enhance such that typing into the complexity
input will automatically select that test for running.
(window.suitesManager.updateLocalStorageFromJSON): Make the harness work for private
browsing.

  • Animometer/resources/debug-runner/graph.js: Separate the intervalFPS data, and show

more accuracy in timestamps.

3:31 PM Changeset in webkit [196224] by jonlee@apple.com
  • 12 edits in trunk/PerformanceTests

Refactor helper methods for getting random values for a stage.

Instead of requiring a Stage instance, just attach it to the Stage object.

  • Animometer/tests/bouncing-particles/resources/bouncing-canvas-shapes.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-css-shapes.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-particles.js:
  • Animometer/tests/bouncing-particles/resources/bouncing-svg-shapes.js:
  • Animometer/tests/master/resources/canvas-tests.js:
  • Animometer/tests/master/resources/particles.js:
  • Animometer/tests/misc/resources/canvas-electrons.js:
  • Animometer/tests/misc/resources/canvas-stars.js:
  • Animometer/tests/misc/resources/compositing-transforms.js:
  • Animometer/tests/resources/main.js:
  • Animometer/tests/simple/resources/simple-canvas-paths.js:
3:18 PM Changeset in webkit [196223] by Darin Adler
  • 57 edits in trunk/Source

Finish auditing call sites of upper() and lower(), eliminate many, and rename the functions
https://bugs.webkit.org/show_bug.cgi?id=153905

Reviewed by Sam Weinig.

Source/JavaScriptCore:

  • runtime/IntlObject.cpp:

(JSC::canonicalLangTag): Use converToASCIIUppercase on the language tag.

  • runtime/StringPrototype.cpp:

(JSC::stringProtoFuncToLowerCase): Tweak style and update for name change.
(JSC::stringProtoFuncToUpperCase): Ditto.

Source/WebCore:

  • Modules/mediasource/MediaSource.cpp:

(WebCore::MediaSource::isTypeSupported): Use convertToASCIILowercase on MIME type.

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::selectText): Use new names for lower and upper. Also
tweaked style a tiny bit and used u_toupper rather than converting an entire
string to uppercase.

  • dom/Document.cpp:

(WebCore::Document::addImageElementByCaseFoldedUsemap): Renamed to reflect the use
of case folding rather than lowercasing.
(WebCore::Document::removeImageElementByCaseFoldedUsemap): Ditto.
(WebCore::Document::imageElementByCaseFoldedUsemap): Ditto.

  • dom/Document.h: Ditto.
  • dom/DocumentOrderedMap.cpp:

(WebCore::DocumentOrderedMap::getElementByCaseFoldedMapName): Ditto.
(WebCore::DocumentOrderedMap::getElementByCaseFoldedUsemap): Ditto.

  • dom/DocumentOrderedMap.h: Ditto.
  • dom/TreeScope.cpp:

(WebCore::TreeScope::getImageMap): Removed unneeded special case for null string.
Simplified logic for cases where the URL does not have a "#" character in it.
Use case folding instead of lowercase.

  • editing/cocoa/HTMLConverter.mm:

(HTMLConverter::_processText): Removed unneded special case for the empty string.
Use makCapitalized instead of Cocoa function for "capitalize". Use upper and lower
functions by their new names.

  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::parseAttribute): Use case folding instead of
lowerasing for the usemap attribute.
(WebCore::HTMLImageElement::insertedInto): Ditto.
(WebCore::HTMLImageElement::removedFrom): Ditto.
(WebCore::HTMLImageElement::matchesCaseFoldedUsemap): Ditto.

  • html/HTMLImageElement.h: Rename since usemap is case folded now, not lowercased.
  • html/HTMLMapElement.cpp:

(WebCore::HTMLMapElement::imageElement): Use case folding instead of lowercasing
for usemap.
(WebCore::HTMLMapElement::parseAttribute): Ditto.

  • platform/Language.cpp:

(WebCore::canonicalLanguageIdentifier): Use convertToASCIILowercase for language code.
(WebCore::indexOfBestMatchingLanguageInList): Ditto.

  • platform/graphics/harfbuzz/HarfBuzzShaper.cpp:

(WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Use new name for the upper function.

  • platform/network/HTTPParsers.cpp:

(WebCore::parseContentTypeOptionsHeader): Use equalLettersIgnoringASCIICase instead
of lowercasing to check for a specific header value.

  • platform/network/MIMEHeader.cpp:

(WebCore::retrieveKeyValuePairs): Use convertToASCIILowercase for MIME header name.
(WebCore::MIMEHeader::parseContentTransferEncoding): Use equalLettersIgnoringASCIICase
instead of lowercasing.

  • platform/network/cf/ResourceHandleCFNet.cpp:

(WebCore::allowsAnyHTTPSCertificateHosts): Make this hash ASCII case-insensitive.
(WebCore::clientCertificates): Ditto.
(WebCore::ResourceHandle::createCFURLConnection): Remove call to lower since the
set is now ASCII case-insensitive.
(WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
(WebCore::ResourceHandle::setClientCertificate): Ditto.

  • platform/network/curl/CookieJarCurl.cpp:

(WebCore::getNetscapeCookieFormat): Use equalLettersIgnoringASCIICase instead of
lowercasing.

  • platform/network/curl/MultipartHandle.cpp:

(WebCore::MultipartHandle::didReceiveResponse): Use convertToASCIILowercase to
make a MIME type lowercase.

  • platform/network/curl/ResourceHandleCurl.cpp:

(WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Removed unneeded
conversion to lowercase now that the set is ASCII case-insensitive.
(WebCore::ResourceHandle::setClientCertificate): Removed code that populates a map
that is then never used for anything.

  • platform/network/curl/ResourceHandleManager.cpp:

(WebCore::headerCallback): Use convertToASCIILowercase for MIME type.

  • platform/network/curl/SSLHandle.cpp: Made hash maps keyed by host names

ASCII case-insensitive.
(WebCore::addAllowedClientCertificate): Removed lowercasing since the map itself
is now ASCII case insensitve.
(WebCore::setSSLClientCertificate): Ditto. Also use auto for iterator type so we
don't have to write out the map type.
(WebCore::sslIgnoreHTTPSCertificate): Ditto.
(WebCore::certVerifyCallback): Ditto.

  • platform/network/soup/ResourceHandleSoup.cpp: Made hash maps keyed by host names

ASCII case-insensitive.
(WebCore::allowsAnyHTTPSCertificateHosts): Ditto.
(WebCore::handleUnignoredTLSErrors): Ditto.
(WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
(WebCore::ResourceHandle::setClientCertificate): Ditto.

  • platform/text/LocaleToScriptMappingDefault.cpp: Made hash maps keyed by script

names ASCII case-insensitive. USE WTF_ARRAY_LENGTH as appropriate.
(WebCore::scriptNameToCode): Use modern style to initialize the map. Removed
unnecessary lowercasing of the script name before looking at the map.
(WebCore::localeToScriptCodeForFontSelection): Ditto.

  • platform/text/win/LocaleWin.cpp:

(WebCore::convertLocaleNameToLCID): Made map ASCII case-insensitive and removed
unneeded lowercasing.

  • platform/win/PasteboardWin.cpp:

(WebCore::clipboardTypeFromMIMEType): Use equalLettersIgnoringASCIICase instead
of lowercasing.

  • rendering/RenderText.cpp:

(WebCore::applyTextTransform): Use new names for the upper and lower functions.

  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::responseIsXML): Remove unneeded lowercasing, since
DOMImplementation now has ASCII case-insensitive handling of MIME types.

Source/WebKit/mac:

  • Plugins/WebBasePluginPackage.mm:

(-[WebBasePluginPackage getPluginInfoFromPLists]): Use modern for loops.
(-[WebBasePluginPackage supportsExtension:]): Use convertToASCIILowercase for extension assert.
Also use modern for loop.
(-[WebBasePluginPackage supportsMIMEType:]): Ditto.
(-[WebBasePluginPackage MIMETypeForExtension:]): Ditto.

Source/WebKit/win:

  • Plugins/PluginDatabase.cpp:

(WebCore::PluginDatabase::pluginForMIMEType): Use ASCII case-insensitive map rather
than lowercasing the MIME type.
(WebCore::PluginDatabase::setPreferredPluginForMIMEType): Ditto.

  • Plugins/PluginDatabase.h: Make m_preferredPlugins use an ASCII case-insensitive hash.
  • Plugins/PluginPackage.h: Use ASCII case-insensitive hash for maps keyed by MIME type.
  • Plugins/PluginPackageWin.cpp:

(WebCore::PluginPackage::fetchInfo): Use convertToASCIILowercase to lowercase a MIME type.

Source/WebKit2:

  • NetworkProcess/CustomProtocols/CustomProtocolManager.h: Use ASCII case-insensitive hash

for set of registered schemes.

  • Shared/Plugins/Netscape/mac/NetscapePluginModuleMac.mm:

(WebKit::getPluginInfoFromPropertyLists): Use convertToASCIILowercase for MIME type and
for file extensions.

  • Shared/Plugins/Netscape/x11/NetscapePluginModuleX11.cpp:

(WebKit::NetscapePluginModule::parseMIMEDescription): Use convertToASCIILowercase for
MIME description.

  • UIProcess/API/efl/ewk_context.cpp:

(ewk_context_preferred_languages_set): Use convertToASCIILowercase for language.

  • UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_set_preferred_languages): Use convertToASCIILowercase for language.

  • UIProcess/Plugins/PluginInfoStore.cpp:

(WebKit::PluginInfoStore::findPluginForExtension): Use Vector::contains instead of
writing it out using std::find.
(WebKit::pathExtension): Lowercase the result with convertToASCIILowercase instead of
leaving that to the caller.
(WebKit::PluginInfoStore::findPlugin): Removed call to lower since pathExtension
handles that now.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::findPlugin): Use convertToASCIILowercase for MIME type.

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::globalURLSchemesWithCustomProtocolHandlers): Use
an ASCII case-insensitive hash.
(WebKit::WebProcessPool::registerGlobalURLSchemeAsHavingCustomProtocolHandlers):
Remove lowercasing, since the hash is now ASCII case-insensitive.
(WebKit::WebProcessPool::unregisterGlobalURLSchemeAsHavingCustomProtocolHandlers):
Ditto.

  • UIProcess/WebProcessPool.h: Use an ASCII case-insensitive hash.
  • WebProcess/Plugins/Netscape/NetscapePlugin.cpp:

(WebKit::NetscapePlugin::initialize): Use convertToASCIILowercase on parameter names
and values.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::pluginSupportsExtension): Use convertToASCIILowercase for extension assertion.
Also use a modern for loop.
(WebKit::WebFrameLoaderClient::objectContentType): Make the checks for empty MIME types
a little less redundant. Reordered logic to avoid checking the list of supported MIME
types extra times, and to eliminate the need for a boolean. Use convertToASCIILowercase
on the extension.

Source/WTF:

  • wtf/text/AtomicString.cpp:

(WTF::AtomicString::lower): Deleted.

  • wtf/text/AtomicString.h: Deleted the lower function.
  • wtf/text/StringImpl.cpp:

(WTF::StringImpl::convertToLowercaseWithoutLocale): Renamed from lower.
(WTF::StringImpl::convertToUppercaseWithoutLocale): Renamed from upper.
(WTF::StringImpl::convertToLowercaseWithLocale): Renamed from lower.
(WTF::StringImpl::convertToUppercaseWithLocale): Renamed from upper.
(WTF::StringImpl::foldCase): Added fast cases for ASCII since this is
now used in some more-performance-critical code.

  • wtf/text/StringImpl.h: Renamed lower and upper.
  • wtf/text/WTFString.cpp:

(WTF::String::convertToLowercaseWithoutLocale): Renamed from lower.
(WTF::String::convertToUppercaseWithoutLocale): Renamed from upper.
(WTF::String::convertToLowercaseWithLocale): Renamed from lower.
(WTF::String::convertToUppercaseWithLocale): Renamed from upper.

  • wtf/text/WTFString.h: Renamed lower and upper. Removed unneeded comment.
3:07 PM Changeset in webkit [196222] by Alan Bujtas
  • 46 edits
    4 adds in trunk

Outline should contribute to visual overflow.
https://bugs.webkit.org/show_bug.cgi?id=153299

This patch eliminates the special outline handling (RenderView::setMaximalOutlineSize).
Now that outline is part of visual overflow, we don't have to inflate the layers to accomodate
outline borders.
This patch fixes several focusring related repaint issues. However when both the outline: auto
and the descendant renderer are composited, we still don't paint properly in certain cases. -not a regression.
(Also when parent renderer has overflow: hidden repaint does not take outline into account. -regression.)
It changes column behavior (see TestExpectations) since outline behaves now like any other visual overflow properties.

Reviewed by David Hyatt.

Source/WebCore:

Test: fast/repaint/focus-ring-repaint.html

fast/repaint/focus-ring-repaint-with-negative-offset.html

  • css/html.css: resetting to old behavior.

(:focus):
(input:focus, textarea:focus, isindex:focus, keygen:focus, select:focus):

  • rendering/InlineFlowBox.cpp:

(WebCore::InlineFlowBox::addToLine):
(WebCore::InlineFlowBox::addOutlineVisualOverflow):
(WebCore::InlineFlowBox::computeOverflow):
(WebCore::InlineFlowBox::paint): Deleted.

  • rendering/InlineFlowBox.h:
  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::computeOverflow):
(WebCore::RenderBlock::outlineStyleForRepaint):
(WebCore::RenderBlock::paint): Deleted.

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::layoutBlock): Deleted.
(WebCore::RenderBlockFlow::addFocusRingRectsForInlineChildren): Deleted.

  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::addOverflowFromInlineChildren):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::addVisualEffectOverflow):
(WebCore::RenderBox::applyVisualEffectOverflow):
(WebCore::RenderBox::clippedOverflowRectForRepaint): Deleted.

  • rendering/RenderBoxModelObject.h:
  • rendering/RenderDetailsMarker.cpp:

(WebCore::RenderDetailsMarker::paint): Deleted.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::insertChildInternal):
(WebCore::RenderElement::styleDidChange):
(WebCore::RenderElement::repaintAfterLayoutIfNeeded):
(WebCore::RenderElement::issueRepaintForOutlineAuto):
(WebCore::RenderElement::updateOutlineAutoAncestor):
(WebCore::RenderElement::computeMaxOutlineSize): Deleted.
(WebCore::RenderElement::styleWillChange): Deleted.

  • rendering/RenderElement.h:

(WebCore::RenderElement::hasContinuation):

  • rendering/RenderInline.cpp:

(WebCore::RenderInline::paintOutlineForLine): Deleted.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects):

  • rendering/RenderLineBoxList.cpp:

(WebCore::RenderLineBoxList::anyLineIntersectsRect):
(WebCore::RenderLineBoxList::lineIntersectsDirtyRect):
(WebCore::RenderLineBoxList::paint):
(WebCore::isOutlinePhase): Deleted.

  • rendering/RenderLineBoxList.h:
  • rendering/RenderListBox.cpp:

(WebCore::RenderListBox::computePreferredLogicalWidths):

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::paint): Deleted.

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::propagateRepaintToParentWithOutlineAutoIfNeeded): The renderer with outline: auto is responsible for
painting focusring around the descendants. If we issued repaint only on the descendant when it changes,
the focusring would not refresh properly. We have to find the ancestor with outline: auto, inflate the repaint rect and
issue the repaint on the ancestor if we crossed repaint container.

(WebCore::RenderObject::repaintUsingContainer):
(WebCore::RenderObject::adjustRectForOutlineAndShadow):
(WebCore::RenderObject::setHasOutlineAutoAncestor):
(WebCore::RenderObject::adjustRectWithMaximumOutline): Deleted.

  • rendering/RenderObject.h: We mark the descendants of outline: auto so that

when a child renderer changes we can propagate the repaint to the ancestor with outline.

(WebCore::RenderObject::hasOutlineAutoAncestor):
(WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):

  • rendering/RenderRegion.cpp:

(WebCore::RenderRegion::overflowRectForFlowThreadPortion):

  • rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::shouldPaint): Deleted.
(WebCore::RenderReplaced::clippedOverflowRectForRepaint): Deleted.

  • rendering/RenderTable.cpp:

(WebCore::RenderTable::paint): Deleted.

  • rendering/RenderTableCell.cpp:

(WebCore::RenderTableCell::clippedOverflowRectForRepaint): Deleted.
(WebCore::RenderTableCell::paintCollapsedBorders): Deleted.

  • rendering/RenderTableRow.cpp:

(WebCore::RenderTableRow::layout):
(WebCore::RenderTableRow::clippedOverflowRectForRepaint): Deleted.

  • rendering/RenderTableSection.cpp:

(WebCore::RenderTableSection::layoutRows):
(WebCore::RenderTableSection::computeOverflowFromCells): Deleted.
(WebCore::RenderTableSection::paintObject): Deleted.

  • rendering/RenderTheme.h:

(WebCore::RenderTheme::platformFocusRingWidth):

  • rendering/RenderView.cpp:

(WebCore::RenderView::setMaximalOutlineSize): Deleted.

  • rendering/RenderView.h:
  • rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::changeAffectsVisualOverflow):
(WebCore::RenderStyle::outlineWidth):

  • rendering/style/RenderStyle.h:

LayoutTests:

  • fast/repaint/focus-ring-repaint-expected.txt: Added.
  • fast/repaint/focus-ring-repaint.html: Added.
  • fast/repaint/focus-ring-repaint-expected-with-negative-offset.txt: Added.
  • fast/repaint/focus-ring-repaint-with-negative-offset.html: Added.
  • TestExpectations:
  • platform/mac/TestExpectations:
  • platform/mac/compositing/geometry/ancestor-overflow-change-expected.txt:
  • platform/mac/compositing/geometry/composited-in-columns-expected.txt:
  • platform/mac/compositing/layer-creation/overlap-animation-container-expected.txt:
  • platform/mac/compositing/layer-creation/stacking-context-overlap-nested-expected.txt:
  • platform/mac/compositing/visibility/visibility-image-layers-dynamic-expected.txt:
  • platform/mac/fast/clip/outline-overflowClip-expected.txt:
  • platform/mac/fast/inline/continuation-outlines-with-layers-expected.txt:
  • platform/mac/fast/repaint/4776765-expected.txt: Added.
  • platform/mac/fast/repaint/focus-ring-expected.txt: Added.
  • platform/mac/fast/repaint/layer-outline-expected.txt:
  • platform/mac/fast/repaint/layer-outline-horizontal-expected.txt:
  • platform/mac/svg/custom/focus-ring-expected.txt:
10:14 AM Changeset in webkit [196221] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] Various tests are flaky

More unreviewed test gardening.

  • platform/gtk/TestExpectations:
10:13 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
10:12 AM Changeset in webkit [196220] by Chris Dumez
  • 7 edits
    2 adds in trunk

Object.getOwnPropertyDescriptor() does not work on sub-frame's window
https://bugs.webkit.org/show_bug.cgi?id=153925

Reviewed by Darin Adler.

Source/JavaScriptCore:

Calling Object.getOwnPropertyDescriptor() on a sub-frame's window was
returning undefined for that window's own properties. The reason was
that the check getOwnPropertySlot() is using to make sure the
PropertySlot is not for a property coming from the prototype was wrong.

The check was checking that 'this != slotBase' which works fine unless
this is a JSProxy (e.g. JSDOMWindowShell). To handle proxies, the code
was also checking that 'slotBase.toThis() != this', attempting to
get the slotBase/Window's proxy. However, due to the implementation of
toThis(), we were getting the lexical global object's proxy instead of
slotBase's proxy. To avoid this issue, the new code explicitly checks
if 'this' is a JSProxy and makes sure 'JSProxy::target() != slotBase',
instead of using toThis().

  • runtime/JSObject.cpp:

(JSC::JSObject::getOwnPropertyDescriptor):

LayoutTests:

  • fast/dom/Window/getOwnPropertyDescriptor-other-window-expected.txt: Added.
  • fast/dom/Window/getOwnPropertyDescriptor-other-window.html: Added.

Add test case to test calling Object.getOwnPropertyDescriptor() on a
sub-frame's window.

  • http/tests/security/cross-origin-window-property-access-expected.txt:
  • http/tests/security/cross-origin-window-property-access.html:
  • Update test use use an iframe instead of opening a Window for convenience.
  • Use an actual cross-origin URL. The previous URL was same-origin and therefore the test would have failed if window.location was a proper getter/setter instead of a 'value' descriptor.
  • Add more tests to cover other Window properties (such as 'name') which are actual getter / setters to make sure using the current window's getter on a cross origin window does not bypass the security origin checks.
  • http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt:
  • http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html:
  • Drop checks for properties for which cross-origin access via

getOwnPropertyDescriptor() now works. They used to not work because of the bug
this patch fixes, and not due to security checks.

  • Most of these properties are part of the properties that the specification

states can be accessed cross-origin:

https://html.spec.whatwg.org/multipage/browsers.html#security-window

  • ALL of these properties could already be accessed cross origin via regular

property getters (e.g. crossOriginWindow.blur) in Safari 9 so there should not
be any reason for getOwnPropertyDescriptor() not to work.

  • I have also verified that Firefox allows cross-origin access for all these properties (via regular getters or getOwnPropertyDescriptor), except for the 'history' property. We may want to align our behavior here and prevent cross-origin access to 'window.history' but this is not a regression in this patch. You could already access crossOriginWindow.history in Safari 9.
9:33 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
9:26 AM Changeset in webkit [196219] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] Various tests are flaky

Unreviewed test gardening.

  • platform/gtk/TestExpectations:
9:26 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
9:01 AM Changeset in webkit [196218] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] Gardening for unexpected passes

Unreviewed test gardening.

  • platform/gtk/TestExpectations:
9:00 AM Changeset in webkit [196217] by akling@apple.com
  • 7 edits in trunk/Source

[iOS] Throw away linked code when navigating to a new page.
<https://webkit.org/b/153851>

Reviewed by Gavin Barraclough.

Source/JavaScriptCore:

Add a VM API for throwing away linked code only.

  • runtime/VM.cpp:

(JSC::VM::deleteAllLinkedCode):

  • runtime/VM.h:

Source/WebCore:

When navigating to a new page, tell JSC to throw out any linked code it has lying around.
Linked code is tied to a specific global object, and as we're creating a new one for the
new page, none of it is useful to us here.

In the event that the user navigates back, the cost of relinking some code will be far
lower than the memory cost of keeping all of it around.

This landed previously but was rolled out due to a Speedometer regression. I've made one
minor but important change here: only throw away code if we're navigating away from an
existing history item. Or in other words, don't throw away code for "force peeks" or any
other navigations that are not traditional top-level main frame navigations.

  • bindings/js/GCController.cpp:

(WebCore::GCController::deleteAllLinkedCode):

  • bindings/js/GCController.h:
  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad):

7:55 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
Move myself to Saturday because Friday gardening sucks (diff)
5:44 AM Changeset in webkit [196216] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Added implementations of AXObjectCache methods for !HAVE(ACCESSIBILITY).
https://bugs.webkit.org/show_bug.cgi?id=153924

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-02-06
Reviewed by Andreas Kling.

No new tests needed.

  • accessibility/AXObjectCache.h:

(WebCore::AXObjectCache::ariaModalNode): Added stub implementation.
(WebCore::AXObjectCache::postLiveRegionChangeNotification): Ditto.
(WebCore::AXObjectCache::rangeForNodeContents): Ditto.
(WebCore::AXObjectCache::setIsSynchronizingSelection): Ditto.
(WebCore::AXObjectCache::setTextSelectionIntent): Ditto.
(WebCore::AXAttributeCacheEnabler::AXAttributeCacheEnabler): Ditto.
(WebCore::AXAttributeCacheEnabler::~AXAttributeCacheEnabler): Ditto.

4:51 AM Changeset in webkit [196215] by Antti Koivisto
  • 3 edits in trunk/Source/WebCore

Use scope stack instead of nested TreeResolvers for shadow trees
https://bugs.webkit.org/show_bug.cgi?id=153893

Reviewed by Andreas Kling.

Make TreeResolver per-document. This is a step towards iterative style resolve.

This is done replacing use of nested TreeResolvers with a scope stack that maintains
the style resolver and the selector filter for the current tree scope.

  • style/StyleTreeResolver.cpp:

(WebCore::Style::ensurePlaceholderStyle):
(WebCore::Style::TreeResolver::Scope::Scope):
(WebCore::Style::TreeResolver::TreeResolver):
(WebCore::Style::shouldCreateRenderer):
(WebCore::Style::TreeResolver::styleForElement):
(WebCore::Style::TreeResolver::createRenderTreeForShadowRoot):
(WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
(WebCore::Style::TreeResolver::createRenderTreeRecursively):
(WebCore::Style::TreeResolver::resolveLocally):
(WebCore::Style::TreeResolver::resolveShadowTree):
(WebCore::Style::TreeResolver::resolveBeforeOrAfterPseudoElement):
(WebCore::Style::TreeResolver::resolveChildren):
(WebCore::Style::TreeResolver::resolveSlotAssignees):
(WebCore::Style::TreeResolver::resolveRecursively):
(WebCore::Style::TreeResolver::resolve):
(WebCore::Style::detachRenderTree):

  • style/StyleTreeResolver.h:

(WebCore::Style::TreeResolver::scope):
(WebCore::Style::TreeResolver::pushScope):
(WebCore::Style::TreeResolver::pushEnclosingScope):
(WebCore::Style::TreeResolver::popScope):

3:29 AM Changeset in webkit [196214] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit2

Unreviewed. Fix more incorrect ASSERT introduced in r196053.

  • WebProcess/Plugins/Netscape/x11/NetscapePluginX11.cpp:

(WebKit::NetscapePluginX11::handleMouseEvent):
(WebKit::NetscapePluginX11::handleWheelEvent):
(WebKit::NetscapePluginX11::setFocus):
(WebKit::NetscapePluginX11::handleMouseEnterEvent):
(WebKit::NetscapePluginX11::handleMouseLeaveEvent):
(WebKit::NetscapePluginX11::handleKeyboardEvent):

2:12 AM Changeset in webkit [196213] by commit-queue@webkit.org
  • 7 edits in trunk/Source

Unreviewed, rolling out r196104.
https://bugs.webkit.org/show_bug.cgi?id=153940

Regressed Speedometer on iOS (Requested by kling on #webkit).

Reverted changeset:

"[iOS] Throw away linked code when navigating to a new page."
https://bugs.webkit.org/show_bug.cgi?id=153851
http://trac.webkit.org/changeset/196104

Feb 5, 2016:

11:00 PM Changeset in webkit [196212] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

tests fail if display sleeps while run-webkit-tests is running
https://bugs.webkit.org/show_bug.cgi?id=153919

Reviewed by Alexey Proskuryakov.

  • DumpRenderTree/mac/LayoutTestHelper.m:

(addDisplaySleepAssertion): Add the assertion so that the display doesn't turn off.
(releaseDisplaySleepAssertion): Release the DisplaySleep Assertion.
(simpleSignalHandler): Release the DisplaySleepAssertion in case of any iterrupt.

10:21 PM Changeset in webkit [196211] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk/PerformanceTests

Add a new graphics test for CanvasRenderingContext2D functions: getImageData and putImageData
https://bugs.webkit.org/show_bug.cgi?id=151716

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-02-05
Reviewed by Darin Adler.

The purpose of this test is to measure the performance of getImageData
and putImageData functions. This test draws a background on the canvas
and then gets some random tiles from this background and draw them in
destinations different from their original sources.

  • Animometer/resources/debug-runner/tests.js: Adding the new test to the canvas simple tests suite.
  • Animometer/resources/extensions.js:

(Array.prototype.shuffle): Shuffles the elements of an array.

(Point.zero): Returns a new Point object whose x and y are equal zero.
(Point.prototype.str): Used for debugging the Point object.

  • Animometer/tests/simple/resources/tiled-canvas-image.js: Added.

(CanvasImageTile):
(CanvasImageTile.prototype.getImageData):
(CanvasImageTile.prototype.putImageData):
(Stage.call.initialize):
(Stage.call._createTiles):
(Stage.call._nextTilePosition):
(Stage.call.tune):
(Stage.call._drawBackground):
(Stage.call.animate):
(Stage.call.complexity):
(Stage.call):

  • Animometer/tests/simple/tiled-canvas-image.html: Added.
8:53 PM Changeset in webkit [196210] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] Unreviewed test expectations gardening.

  • platform/gtk/TestExpectations:
8:51 PM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
5:56 PM Changeset in webkit [196209] by matthew_hanson@apple.com
  • 1 edit in branches/safari-601-branch/LayoutTests/platform/mac/TestExpectations

Skip ES6-related Layout Tests. rdar://problem/24190123

5:24 PM Changeset in webkit [196208] by Beth Dakin
  • 2 edits in trunk/Source/WebCore

ScrollbarPainters needs to be deallocated on the main thread
https://bugs.webkit.org/show_bug.cgi?id=153932
-and corresponding-
rdar://problem/24015483

Reviewed by Geoff Garen.

Follow-up fix since the first one was still race-y.

  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

(WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
(WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):

5:15 PM Changeset in webkit [196207] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Visual Styles sidebar should be more forgiving to long labels
https://bugs.webkit.org/show_bug.cgi?id=153927
<rdar://problem/24343897>

Patch by Devin Rousso <Devin Rousso> on 2016-02-05
Reviewed by Timothy Hatcher.

If a label is too long for it's container, it overflows and is visible
above the rest of the elements nearby.

  • UserInterface/Views/VisualStylePropertyEditor.css:

(.visual-style-property-container > .visual-style-property-title):
Adds text overflow to properties that extend beyond the container's width.

  • UserInterface/Views/VisualStylePropertyEditor.js:

(WebInspector.VisualStylePropertyEditor):
Now also adds the label value as a title attribute to the element, just in
case the content overflows.

5:08 PM Changeset in webkit [196206] by Beth Dakin
  • 2 edits in trunk/Source/WebCore

ScrollbarPainters needs to be deallocated on the main thread
https://bugs.webkit.org/show_bug.cgi?id=153932
-and corresponding-
rdar://problem/24015483

Reviewed by Tim Horton.

Ensure the the destructor of ScrollingTreeFrameScrollingNodeMac and the
assignments done in this class are not responsible for deallocating the
ScrollbarPainter.

  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

(WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
(WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):

5:08 PM Changeset in webkit [196205] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark css3/filters/multiple-filters-invalidation.html as flaky on ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=153933

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
4:49 PM Changeset in webkit [196204] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking pageoverlay/overlay-small-frame-paints.html as flaky on ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=153898

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
4:20 PM Changeset in webkit [196203] by bshafiei@apple.com
  • 2 edits in tags/Safari-602.1.18.5/Source/JavaScriptCore

Merged r196197. rdar://problem/24534864

4:20 PM Changeset in webkit [196202] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking css3-text-decoration/text-underline-position/underline-visual-overflow-with-subpixel-position.html as failing on ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=153315

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
4:19 PM Changeset in webkit [196201] by bshafiei@apple.com
  • 5 edits in tags/Safari-602.1.18.5/Source

Versioning.

4:18 PM Changeset in webkit [196200] by Chris Dumez
  • 17 edits
    3 adds in trunk

Instance property getters / setters cannot be called on another instance of the same type
https://bugs.webkit.org/show_bug.cgi?id=153895

Reviewed by Gavin Barraclough.

Source/WebCore:

It should be possible to call instance property getters / setters on
other instances of the same type, as per the WEB IDL specification:

This matches the behavior of Firefox.

The issue without our bindings was that the getters / setters were
using |slotBase| instead of |thisValue| and therefore ended up using
the instance the getter was taken from instead of the actual target
object.

Test:
js/instance-property-getter-other-instance.html
js/instance-property-setter-other-instance.html

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation):

  • Have instance getters / setters use thisValue instead of slotBase.
  • In the case of interfaces that have attributes on the instance for compatibility reasons, try the prototype object if |thisValue| does does have the right type, instead of using slotBase like previously. I believe this maintains the original compatibility intention while also behaving correctly when called on another instance.
  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
  • bindings/scripts/test/JS/JSTestEventConstructor.cpp:
  • bindings/scripts/test/JS/JSTestException.cpp:
  • bindings/scripts/test/JS/JSTestInterface.cpp:
  • bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
  • bindings/scripts/test/JS/JSTestNode.cpp:
  • bindings/scripts/test/JS/JSTestNondeterministic.cpp:
  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
  • bindings/scripts/test/JS/JSTestTypedefs.cpp:
  • bindings/scripts/test/JS/JSattribute.cpp:

Rebaseline bindings tests.

LayoutTests:

  • js/dom/script-tests/shadow-navigator-geolocation-in-strict-mode-does-not-throw.js:
  • js/dom/shadow-navigator-geolocation-in-strict-mode-does-not-throw-expected.txt:

Extend this layout test coverage to cover the getter case in addition to the
setter case. This test covers the compatibility mode where we don't throw.
I made sure to maintain this behavior when refactoring the bindings to avoid
breakage.

  • js/instance-property-getter-other-instance-expected.txt:

Rebaseline now that this test passes.

  • js/instance-property-setter-other-instance-expected.txt: Added.
  • js/instance-property-setter-other-instance.html: Added.

Add test to cover the setter case.

4:13 PM Changeset in webkit [196199] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.18.5

New tag.

4:13 PM Changeset in webkit [196198] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark http/tests/security/cross-frame-access-custom.html as flaky on ios-simulator-wk2
https://bugs.webkit.org/show_bug.cgi?id=153050

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations:
4:07 PM Changeset in webkit [196197] by achristensen@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Fix internal Windows build
https://bugs.webkit.org/show_bug.cgi?id=153930
<rdar://problem/24534864>

Reviewed by Mark Lam.

I made a typo in r196144.

4:06 PM Changeset in webkit [196196] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skipping js/basic-set.html on Mac since it is already runs as a part of run-jsc-stress-tests
https://bugs.webkit.org/show_bug.cgi?id=153879

Unreviewed test gardening.

  • platform/mac/TestExpectations:
3:55 PM Changeset in webkit [196195] by rniwa@webkit.org
  • 4 edits
    1 move in trunk/Websites/perf.webkit.org

Testing with remote server cache is unusably slow
https://bugs.webkit.org/show_bug.cgi?id=153928

Reviewed by Chris Dumez.

Don't use the single process mode of httpd as it's way too slow even for testing.
Also we'll hit a null pointer crash (http://svn.apache.org/viewvc?view=revision&revision=1711479)

Since httpd exits immediately when launched in multi-process mode, remote-cache-server.py (renamed from
run-with-remote-server.py) now has "start" and "stop" commands to start/stop the Apache. Also added
"reset" command to reset the cache for convenience.

  • Install.md: Updated the instruction.
  • config.json: Fixed a typo: httpdErro*r*Log.
  • tools/remote-cache-server.py: Copied from Websites/perf.webkit.org/tools/run-with-remote-server.py.

Now takes one of the following commands: "start", "stop", and "reset".
(main):
(start_httpd): Extracted from main.
(stop_httpd): Added.

  • tools/remote-server-relay.conf: Removed redundant (duplicate) LoadModule's.
  • tools/run-with-remote-server.py: Removed.
3:32 PM Changeset in webkit [196194] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking imported/w3c/web-platform-tests/html/semantics/document-metadata/styling/LinkStyle.html as flaky on ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=153929

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
3:25 PM Changeset in webkit [196193] by sbarati@apple.com
  • 7 edits
    2 adds in trunk

Web Inspector: Include SamplingProfiler's expression-level data for stack frames in the protocol
https://bugs.webkit.org/show_bug.cgi?id=153455
<rdar://problem/24335884>

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

We now send the sampling profiler's expression-level
line/column info in the inspector protocol.

  • inspector/agents/InspectorScriptProfilerAgent.cpp:

(Inspector::buildSamples):

  • inspector/protocol/ScriptProfiler.json:
  • runtime/SamplingProfiler.h:

(JSC::SamplingProfiler::StackFrame::hasExpressionInfo):

Source/WebInspectorUI:

JSC has been collecting expression-level data in the sampling
profiler, and with this patch, we now get that information
in the inspector. With this information, we probably have
all the data we need to make real heat maps.

  • UserInterface/Models/CallingContextTree.js:

(WebInspector.CallingContextTree.prototype.updateTreeWithStackTrace):
(WebInspector.CCTNode):
(WebInspector.CCTNode.prototype.findOrMakeChild):
(WebInspector.CCTNode.prototype.addTimestampAndExpressionLocation):
(WebInspector.CCTNode.prototype.addTimestamp): Deleted.

LayoutTests:

  • inspector/sampling-profiler/expression-location-info-expected.txt: Added.
  • inspector/sampling-profiler/expression-location-info.html: Added.
3:16 PM Changeset in webkit [196192] by bshafiei@apple.com
  • 4 edits in tags/Safari-602.1.18.0.2/Source/bmalloc

Merged r196186. rdar://problem/18620635

2:30 PM Changeset in webkit [196191] by beidson@apple.com
  • 7 edits in trunk/Source/WebCore

Modern IDB: UniqueIDBDatabase's m_databaseInfo is unsafely used from multiple threads.
https://bugs.webkit.org/show_bug.cgi?id=153912

Reviewed by Alex Christensen.

No new tests (Anything testable about this patch is already covered by existing tests).

  • Modules/indexeddb/server/IDBBackingStore.h:
  • Modules/indexeddb/server/MemoryIDBBackingStore.cpp:

(WebCore::IDBServer::MemoryIDBBackingStore::infoForObjectStore):

  • Modules/indexeddb/server/MemoryIDBBackingStore.h:

Teach the SQLiteIDBBackingStore to actually keep its m_databaseInfo up to date as it changes,
and to revert it when version change transactions abort:

  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::beginTransaction):
(WebCore::IDBServer::SQLiteIDBBackingStore::abortTransaction):
(WebCore::IDBServer::SQLiteIDBBackingStore::commitTransaction):
(WebCore::IDBServer::SQLiteIDBBackingStore::createObjectStore):
(WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore):
(WebCore::IDBServer::SQLiteIDBBackingStore::createIndex):
(WebCore::IDBServer::SQLiteIDBBackingStore::deleteIndex):
(WebCore::IDBServer::SQLiteIDBBackingStore::infoForObjectStore):

  • Modules/indexeddb/server/SQLiteIDBBackingStore.h:
  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd): Use the IDBBackingStore's copy of the

IDBObjectStoreInfo, meant only for the database thread, instead of the UniqueIDBDatabase's copy,
which is meant only for the main thread.

2:28 PM Changeset in webkit [196190] by rniwa@webkit.org
  • 2 edits
    1 add in trunk/Websites/perf.webkit.org

Perf dashboard should have a script to setup database
https://bugs.webkit.org/show_bug.cgi?id=153906

Reviewed by Chris Dumez.

Added tools/setup-database.py to setup the database. It retrieves the database name, username, password
and initializes a database at the specified location.

  • Install.md: Updated instruction to setup postgres to use setup-database.py.
  • tools/setup-database.py: Added.

(main):
(load_database_config):
(determine_psql_dir):
(start_or_stop_database):
(execute_psql_command):

1:53 PM Changeset in webkit [196189] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

Fix iOS API tests after r196082
https://bugs.webkit.org/show_bug.cgi?id=153900

Patch by Alex Christensen <achristensen@webkit.org> on 2016-02-05
Reviewed by Jer Noble.

  • TestWebKitAPI/Tests/WebCore/WebCoreNSURLSession.mm:

(TestWebKitAPI::WebCoreNSURLSessionTest::SetUp):
[WebView initialize] doesn't call JSC::initializeThreading on iOS.

1:41 PM Changeset in webkit [196188] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

follow-up to: JSC Sampling Profiler: (host) is confusing in cases where I would expect to see JS name
https://bugs.webkit.org/show_bug.cgi?id=153663
<rdar://problem/24415092>

Rubber stamped by Joseph Pecoraro.

We were performing operations that required us to
hold the VM lock even when we might not have been holding it.
We now ensure we're holding it.

  • inspector/agents/InspectorScriptProfilerAgent.cpp:

(Inspector::InspectorScriptProfilerAgent::trackingComplete):

1:38 PM Changeset in webkit [196187] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Navigation bar in sidebars should always fit on a single line
https://bugs.webkit.org/show_bug.cgi?id=153412
<rdar://problem/24318706>

Patch by Devin Rousso <Devin Rousso> on 2016-02-05
Reviewed by Timothy Hatcher.

This happened because the allowed maximum width of the sidebar was greater
than the minimum width derived from the currently visible sidebar.

  • UserInterface/Base/Utilities.js:

(Number.constrain):
Added logic to reverse the values of min and max if max is less than min.

1:34 PM Changeset in webkit [196186] by sbarati@apple.com
  • 4 edits in trunk/Source/bmalloc

bmalloc: largeMax calculation is wrong on iOS
https://bugs.webkit.org/show_bug.cgi?id=153923

Reviewed by Mark Lam.

Our number for largeMax was larger than what we had
space to actually allocate inside the LargeChunk. This made
it so that we would allocate a large object for something
that really should be extra large. Previously:
largeMax + sizeof(LargeChunk) > 1MB
which meant that when we would grow() to accommodate an allocation
of a particular size inside a LargeObject despite the fact that
the allocation size would be too large to actually fit in the LargeObject.
This would manifest when we had an allocation size in the range:
1MB - sizeof(LargeChunk) < allocation size < largeMax

We fix this bug by being precise in our calculation of largeMax
instead of just assuming largeChunkSize * 99/100 is enough
space for the metadata.

  • bmalloc/LargeChunk.h:

(bmalloc::LargeChunk::get):

  • bmalloc/Sizes.h:
1:22 PM Changeset in webkit [196185] by timothy@apple.com
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Don't wrap labels in Breakpoint Editor popover
https://bugs.webkit.org/show_bug.cgi?id=153926
rdar://problem/24149542

Reviewed by Brian Burg.

  • UserInterface/Views/BreakpointPopoverController.css:

(.popover .edit-breakpoint-popover-content > table > tr > th): Added white-space: nowrap.

1:20 PM Changeset in webkit [196184] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebInspectorUI

Web Inspector: Replace all instances of '%s' with “%s“
https://bugs.webkit.org/show_bug.cgi?id=153891
<rdar://problem/24510236>

Patch by Devin Rousso <Devin Rousso> on 2016-02-05
Reviewed by Timothy Hatcher.

Switched all WebInspector.UIString() from using to ““.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Views/CSSStyleDeclarationSection.js:

(WebInspector.CSSStyleDeclarationSection.prototype._handleSelectorPaste):

  • UserInterface/Views/CSSStyleDeclarationTextEditor.js:

(WebInspector.CSSStyleDeclarationTextEditor.prototype._createTextMarkerForPropertyIfNeeded):

  • UserInterface/Views/VisualStylePropertyEditor.js:

(WebInspector.VisualStylePropertyEditor.prototype.update):

  • UserInterface/Views/VisualStyleSelectorTreeItem.js:

(WebInspector.VisualStyleSelectorTreeItem.prototype._updateSelectorIcon):

1:19 PM Changeset in webkit [196183] by timothy@apple.com
  • 2 edits in trunk/Source/WebKit2

Web Inspector: Error when closing page with WebInspector open
https://bugs.webkit.org/show_bug.cgi?id=152867
rdar://problem/24099423

Reviewed by Brian Burg.

  • UIProcess/WebInspectorProxy.cpp:

(WebKit::WebInspectorProxy::didClose): Null out m_inspectorPage after platformDetach(),
so the views can be cleaned up correctly.

12:52 PM Changeset in webkit [196182] by bshafiei@apple.com
  • 2 edits in tags/Safari-602.1.18.4/Source/JavaScriptCore

Merged r196144. rdar://problem/24499887

12:51 PM Changeset in webkit [196181] by bshafiei@apple.com
  • 5 edits in tags/Safari-602.1.18.4/Source

Versioning.

12:49 PM Changeset in webkit [196180] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.18.4

New tag.

11:52 AM Changeset in webkit [196179] by fpizlo@apple.com
  • 6 edits
    2 adds in trunk/Source/JavaScriptCore

Arrayify for a typed array shouldn't create a monster
https://bugs.webkit.org/show_bug.cgi?id=153908
rdar://problem/24290639

Reviewed by Mark Lam.

Previously if you convinced the DFG to emit an Arrayify to ArrayStorage and then gave it a
typed array, you'd corrupt the object.

  • runtime/JSArrayBufferView.cpp:

(WTF::printInternal):

  • runtime/JSArrayBufferView.h:
  • runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren):
(JSC::JSGenericTypedArrayView<Adaptor>::slowDownAndWasteMemory):

  • runtime/JSObject.cpp:

(JSC::JSObject::copyButterfly):
(JSC::JSObject::enterDictionaryIndexingMode):
(JSC::JSObject::ensureInt32Slow):
(JSC::JSObject::ensureDoubleSlow):
(JSC::JSObject::ensureContiguousSlow):
(JSC::JSObject::ensureArrayStorageSlow):
(JSC::JSObject::growOutOfLineStorage):
(JSC::getBoundSlotBaseFunctionForGetterSetter):

  • runtime/Structure.h:
  • tests/stress/arrayify-array-storage-typed-array.js: Added. This test failed.
  • tests/stress/arrayify-int32-typed-array.js: Added. This test case already had other protections, but we beefed them up.
11:51 AM Changeset in webkit [196178] by achristensen@apple.com
  • 5 edits
    2 adds in trunk/Source/WebKit2

Move NetworkDataTask to its own header and source files
https://bugs.webkit.org/show_bug.cgi?id=153922

Reviewed by Tim Horton.

Also renamed NetworkSessionTaskClient to NetworkDataTaskClient.

  • NetworkProcess/NetworkDataTask.h: Added.

(WebKit::NetworkDataTaskClient::~NetworkDataTaskClient):
(WebKit::NetworkDataTask::create):
(WebKit::NetworkDataTask::client):
(WebKit::NetworkDataTask::pendingDownloadID):
(WebKit::NetworkDataTask::pendingDownload):
(WebKit::NetworkDataTask::setPendingDownloadID):
(WebKit::NetworkDataTask::setPendingDownload):

  • NetworkProcess/NetworkLoad.h:
  • NetworkProcess/NetworkSession.h:

(WebKit::NetworkSessionTaskClient::~NetworkSessionTaskClient): Deleted.
(WebKit::NetworkDataTask::create): Deleted.
(WebKit::NetworkDataTask::client): Deleted.
(WebKit::NetworkDataTask::pendingDownloadID): Deleted.
(WebKit::NetworkDataTask::pendingDownload): Deleted.
(WebKit::NetworkDataTask::setPendingDownloadID): Deleted.
(WebKit::NetworkDataTask::setPendingDownload): Deleted.

  • NetworkProcess/cocoa/NetworkDataTaskCocoa.mm: Added.

(WebKit::NetworkDataTask::NetworkDataTask):
(WebKit::NetworkDataTask::~NetworkDataTask):
(WebKit::NetworkDataTask::scheduleFailure):
(WebKit::NetworkDataTask::failureTimerFired):
(WebKit::NetworkDataTask::tryPasswordBasedAuthentication):
(WebKit::NetworkDataTask::cancel):
(WebKit::NetworkDataTask::resume):
(WebKit::NetworkDataTask::suspend):

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSession::takeDownloadID):
(WebKit::NetworkDataTask::NetworkDataTask): Deleted.
(WebKit::NetworkDataTask::~NetworkDataTask): Deleted.
(WebKit::NetworkDataTask::scheduleFailure): Deleted.
(WebKit::NetworkDataTask::failureTimerFired): Deleted.
(WebKit::NetworkDataTask::tryPasswordBasedAuthentication): Deleted.
(WebKit::NetworkDataTask::cancel): Deleted.
(WebKit::NetworkDataTask::resume): Deleted.
(WebKit::NetworkDataTask::suspend): Deleted.

  • WebKit2.xcodeproj/project.pbxproj:
10:52 AM Changeset in webkit [196177] by bshafiei@apple.com
  • 3 edits in tags/Safari-602.1.18.0.2/Source/WebKit2

Merged r196037. rdar://problem/24399218

10:51 AM Changeset in webkit [196176] by bshafiei@apple.com
  • 5 edits in tags/Safari-602.1.18.0.2/Source

Versioning.

10:49 AM Changeset in webkit [196175] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.18.0.2

New tag.

8:57 AM Changeset in webkit [196174] by achristensen@apple.com
  • 20 edits in trunk/Source

Clean up Blob code
https://bugs.webkit.org/show_bug.cgi?id=153910

Reviewed by Alexey Proskuryakov.

Source/WebCore:

No new tests, no change in behavior.

  • css/StyleSheet.h:
  • fileapi/Blob.cpp:

(WebCore::Blob::Blob):
(WebCore::Blob::normalizedContentType):
(WebCore::Blob::isNormalizedContentType):
(WebCore::Blob::registry):

  • fileapi/Blob.h:
  • fileapi/BlobURL.cpp:

(WebCore::BlobURL::createPublicURL):

  • fileapi/BlobURL.h:

(WebCore::BlobURL::BlobURL):
(WebCore::BlobURL::blobProtocol): Deleted.

  • platform/PlatformStrategies.cpp:

(WebCore::setPlatformStrategies):
(WebCore::hasPlatformStrategies): Deleted.

  • platform/PlatformStrategies.h:
  • platform/network/BlobRegistry.cpp:

(WebCore::blobRegistry):

  • platform/network/BlobRegistry.h:
  • platform/network/BlobRegistryImpl.cpp:

(WebCore::BlobRegistryImpl::~BlobRegistryImpl):
(WebCore::createResourceHandle):
(WebCore::registerBlobResourceHandleConstructor):
(WebCore::BlobRegistryImpl::createResourceHandle):
(WebCore::BlobRegistryImpl::appendStorageItems):
(WebCore::BlobRegistryImpl::registerFileBlobURL):
(WebCore::BlobRegistryImpl::registerBlobURL):

  • platform/network/BlobRegistryImpl.h:
  • platform/network/BlobResourceHandle.cpp:

(WebCore::BlobResourceHandle::loadResourceSynchronously):
(WebCore::BlobResourceHandle::BlobResourceHandle):

  • platform/network/ResourceHandle.h:

Source/WebKit2:

  • NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:

(WebKit::NetworkBlobRegistry::NetworkBlobRegistry):
(WebKit::NetworkBlobRegistry::registerFileBlobURL):

  • NetworkProcess/FileAPI/NetworkBlobRegistry.h:
  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::registerFileBlobURL):
(WebKit::NetworkConnectionToWebProcess::registerBlobURL):

  • WebProcess/FileAPI/BlobRegistryProxy.cpp:

(WebKit::BlobRegistryProxy::registerFileBlobURL):

  • WebProcess/FileAPI/BlobRegistryProxy.h:
7:38 AM Changeset in webkit [196173] by mitz@apple.com
  • 5 edits
    1 delete in trunk/Source/WebKit2

[Cocoa] Get rid of unused SPI declarations
https://bugs.webkit.org/show_bug.cgi?id=153915

Reviewed by Tim Horton.

  • Platform/spi/Cocoa/NSInvocationSPI.h: Removed NSInvocation SPI method declaration.
  • Platform/spi/ios/SafariServicesSPI.h: Removed.
  • UIProcess/API/Cocoa/WKSecurityOrigin.mm:

(-[WKSecurityOrigin methodSignatureForSelector:]): Deleted.
(-[WKSecurityOrigin forwardInvocation:]): Deleted.

  • UIProcess/ios/WKContentViewInteraction.mm: Removed unused #import.
  • WebKit2.xcodeproj/project.pbxproj: Removed reference to deleted header.
6:04 AM Changeset in webkit [196172] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

[GTK] Scrollbars incorrectly rendered with older versions of GTK+
https://bugs.webkit.org/show_bug.cgi?id=153861

Reviewed by Michael Catanzaro.

The theme doesn't really know it's a scrollbar. Older versions of
GTK+ require to explicitly add the scrollbar style class to the
child GtkStyleContext.

  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::createChildStyleContext):

6:02 AM WebKitGTK/2.10.x edited by Andres Gomez
(diff)
6:01 AM WebKitGTK/2.10.x edited by Andres Gomez
(diff)
5:58 AM Changeset in webkit [196171] by Carlos Garcia Campos
  • 3 edits in trunk/Source/WebCore

[GTK] Scrollbars not correctly rendered in non GNOME environments
https://bugs.webkit.org/show_bug.cgi?id=153860

Reviewed by Michael Catanzaro.

I noticed this in a matchbox environment, where there's no
gnome-setting-daemon running. The problem is only with the
scrollbars, because we initialize the GtkSettings in
RenderThemeGtk and notify the ScrollbarTheme when it changes, but
ScrollbarTheme is created before RenderThemeGtk so we initialize
the theme properties before the GtkSettings have been
initialized. We can just let the ScrollbarTheme monitor the
theme itself instead of relying on being notified by the WebCore
layer.

  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::themeChangedCallback):
(WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):

  • rendering/RenderThemeGtk.cpp:

(WebCore::gtkStyleChangedCallback): Deleted.

1:59 AM Changeset in webkit [196170] by youenn.fablet@crf.canon.fr
  • 3 edits in trunk/Source/WebCore

Remove DOMWrapped parameter from JSKeyValueIterator
https://bugs.webkit.org/show_bug.cgi?id=153859

Reviewed by Sam Weinig.

No change in behavior.

Using std::declval to infer DOMWrapped from JSWrapper::wrapped.

  • bindings/js/JSFetchHeadersCustom.cpp:

(WebCore::JSFetchHeaders::entries):
(WebCore::JSFetchHeaders::keys):
(WebCore::JSFetchHeaders::values):

  • bindings/js/JSKeyValueIterator.h:

(WebCore::createIterator):
(WebCore::JSKeyValueIterator<JSWrapper>::destroy):
(WebCore::JSKeyValueIterator<JSWrapper>::next):
(WebCore::JSKeyValueIteratorPrototypeFunctionNext):
(WebCore::JSKeyValueIteratorPrototype<JSWrapper>::finishCreation):

1:03 AM Changeset in webkit [196169] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

REGRESSION (r193913): Web Inspector: Wrong z-index of inner sections
https://bugs.webkit.org/show_bug.cgi?id=153914

Reviewed by Timothy Hatcher.

  • UserInterface/Views/DetailsSection.css:

(.details-section .details-section > .header):

1:01 AM Changeset in webkit [196168] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Decrease font-weight of inner sections
https://bugs.webkit.org/show_bug.cgi?id=153913
<rdar://problem/24520326>

Reviewed by Timothy Hatcher.

  • UserInterface/Views/DetailsSection.css:

(.details-section .details-section > .header):

12:53 AM Changeset in webkit [196167] by n_wang@apple.com
  • 3 edits
    2 adds in trunk

AX: WebKit hanging when VoiceOver attempts to focus in on page
https://bugs.webkit.org/show_bug.cgi?id=153899
<rdar://problem/24506603>

Reviewed by Chris Fleizach.

Source/WebCore:

The VisiblePosition to CharacterOffset conversion will lead to an infinite loop if the
nextVisiblePostion call is returning the original VisiblePosition. Fixed it by breaking out
of the loop early in that situation.

Test: accessibility/text-marker/character-offset-visible-position-conversion-hang.html

  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::characterOffsetFromVisiblePosition):

LayoutTests:

  • accessibility/text-marker/character-offset-visible-position-conversion-hang-expected.txt: Added.
  • accessibility/text-marker/character-offset-visible-position-conversion-hang.html: Added.

Feb 4, 2016:

9:57 PM Changeset in webkit [196166] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: console.table background stripes are misaligned
https://bugs.webkit.org/show_bug.cgi?id=152954
<rdar://problem/24197735>

Reviewed by Timothy Hatcher.

  • UserInterface/Views/LogContentView.css:

(.console-item .data-grid table.data):
(.console-item .data-grid table.data tr:nth-child(even)):
Replace CSS gradient that produces fixed height stripes with
a rule that sets background only on even table rows.

9:24 PM Changeset in webkit [196165] by commit-queue@webkit.org
  • 64 edits in trunk

Web Inspector: InspectorTimelineAgent doesn't need to recompile functions because it now uses the sampling profiler
https://bugs.webkit.org/show_bug.cgi?id=153500
<rdar://problem/24352458>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-04
Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

Be more explicit about enabling legacy profiling.

  • jsc.cpp:
  • runtime/Executable.cpp:

(JSC::ScriptExecutable::newCodeBlockFor):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::hasLegacyProfiler):
(JSC::JSGlobalObject::createProgramCodeBlock):
(JSC::JSGlobalObject::createEvalCodeBlock):
(JSC::JSGlobalObject::createModuleProgramCodeBlock):
(JSC::JSGlobalObject::hasProfiler): Deleted.

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::supportsLegacyProfiling):
(JSC::JSGlobalObject::supportsProfiling): Deleted.

Source/WebCore:

  • bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::supportsLegacyProfiling):
(WebCore::JSDOMWindowBase::supportsRichSourceInfo):
(WebCore::JSDOMWindowBase::supportsProfiling): Deleted.

  • bindings/js/JSDOMWindowBase.h:
  • bindings/js/JSWorkerGlobalScopeBase.cpp:

(WebCore::JSWorkerGlobalScopeBase::supportsLegacyProfiling):
(WebCore::JSWorkerGlobalScopeBase::supportsProfiling): Deleted.

  • bindings/js/JSWorkerGlobalScopeBase.h:
  • inspector/InspectorController.h:
  • inspector/InspectorController.cpp:

(WebCore::InspectorController::legacyProfilerEnabled):
(WebCore::InspectorController::setLegacyProfilerEnabled):
Be more explicit about enabling legacy profiling.

  • inspector/InspectorTimelineAgent.cpp:

(WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
(WebCore::InspectorTimelineAgent::didCreateFrontendAndBackend): Deleted.
TimelineAgent doesn't need to recompile if using the sampling profiler.
This breaks console.profile, but console.profile should move to using
the sampling profiler as well.

(WebCore::InspectorTimelineAgent::startFromConsole):
(WebCore::InspectorTimelineAgent::stopFromConsole):
(WebCore::startProfiling): Deleted.
(WebCore::stopProfiling): Deleted.
Inlined the use once static functions.

  • page/PageConsoleClient.cpp:

(WebCore::PageConsoleClient::profile):
(WebCore::PageConsoleClient::profileEnd):
Added FIXMEs for improving console.profile and profileEnd.

  • testing/Internals.cpp:

(WebCore::Internals::resetToConsistentState):
(WebCore::Internals::setLegacyJavaScriptProfilingEnabled):
(WebCore::Internals::setJavaScriptProfilingEnabled): Deleted.

  • testing/Internals.h:
  • testing/Internals.idl:

Be more explicit about enabling legacy profiling.

Source/WebKit/win:

(WebInspector::isJavaScriptProfilingEnabled):
(WebInspector::setJavaScriptProfilingEnabled):
Switch to the new API names.

LayoutTests:

  • fast/profiler/*.html

Be more explicit about enabling legacy profiling.

  • inspector/sampling-profiler/eval-source-url.html

Remove an inner loop that was causing tail call optimizations
to eliminate the sourceURL we were expecting.

6:01 PM Changeset in webkit [196164] by Brent Fulgham
  • 2 edits in trunk/Source/WebCore

Follow-up: Add "WebKit built-in PDF" Plugin to set of publicly visible plugins
https://bugs.webkit.org/show_bug.cgi?id=153657
<rdar://problem/24413107>

Reviewed by Darin Adler.

  • plugins/PluginData.cpp:

(WebCore::shouldBePubliclyVisible): Revise comments to provide a
better explanation of the function and why it exists.

5:31 PM Changeset in webkit [196163] by Joseph Pecoraro
  • 2 edits
    6 deletes in trunk/Source/WebInspectorUI

Unreviewed, follow-up fix to r196151 that removes some more images.

  • UserInterface/Images/Colors.png: Removed.
  • UserInterface/Images/Colors@2x.png: Removed.
  • UserInterface/Images/Network.png: Removed.
  • UserInterface/Images/Network@2x.png: Removed.
  • UserInterface/Images/Script.png: Removed.
  • UserInterface/Images/Script@2x.png: Removed.

These images were supposed to also be removed.

  • WebInspectorUI.vcxproj/WebInspectorUI.vcxproj:

Also remove references to now removed images.

5:20 PM Changeset in webkit [196162] by bshafiei@apple.com
  • 5 edits in branches/safari-601-branch/Source

Versioning.

5:19 PM Changeset in webkit [196161] by bshafiei@apple.com
  • 5 edits in branches/safari-601.1.46-branch/Source

Versioning.

5:18 PM Changeset in webkit [196160] by bshafiei@apple.com
  • 1 copy in tags/Safari-601.1.46.97

New tag.

5:18 PM Changeset in webkit [196159] by bshafiei@apple.com
  • 1 copy in tags/Safari-601.5.15

New tag.

4:51 PM Changeset in webkit [196158] by jmarcell@apple.com
  • 2 edits in trunk/Tools

The status message for passing combined builder queues should say "all builds succeeded" when expanded. https://bugs.webkit.org/show_bug.cgi?id=153882

Reviewed by Alexey Proskuryakov.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotCombinedQueueView.js:

(BuildbotCombinedQueueView.prototype.update): Set status to "all builds succeeded" for combined builder queues
when expanded.

4:46 PM Changeset in webkit [196157] by Hunseop Jeong
  • 2 edits in trunk/LayoutTests

Unreviewed. EFL gardening. Mark some video tests to failure.

  • platform/efl/TestExpectations:
4:42 PM Changeset in webkit [196156] by Ryan Haddad
  • 1 edit
    1 delete in trunk/LayoutTests

Remove ios-simulator-wk2 specific expectation for imported/w3c/web-platform-tests/html/dom/interfaces.html
https://bugs.webkit.org/show_bug.cgi?id=153844

Unreviewed test gardening.

  • platform/ios-simulator-wk2/imported/w3c/web-platform-tests/html/dom/interfaces-expected.txt: Removed.
4:36 PM Changeset in webkit [196155] by keith_miller@apple.com
  • 5 edits in trunk/Source/JavaScriptCore

ArrayPrototype should have a destroy function
https://bugs.webkit.org/show_bug.cgi?id=153847

Reviewed by Filip Pizlo.

ArrayPrototype should have an destroy function as it now has a unique_ptr member that
needs to be freed at the end of the object's life cycle. Also, this patch adds an
option, gcAtEnd, that will cause jsc.cpp to do a garbage collection before exiting.

  • jsc.cpp:

(runJSC):
(jscmain):

  • runtime/ArrayPrototype.cpp:

(JSC::ArrayPrototype::create):
(JSC::ArrayPrototype::destroy):

  • runtime/ArrayPrototype.h:
  • runtime/Options.h:
3:54 PM Changeset in webkit [196154] by Jon Davis
  • 2 edits in trunk/Source/WebCore

Add Fetch API and CSS Variables to feature status
https://bugs.webkit.org/show_bug.cgi?id=153896

Reviewed by Timothy Hatcher.

  • features.json:
3:47 PM Changeset in webkit [196153] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Rebaseline imported/w3c/web-platform-tests/html/dom/interfaces.html for ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=153844

Reviewed by Chris Dumez.

  • platform/ios-simulator/imported/w3c/web-platform-tests/html/dom/interfaces-expected.txt:
3:23 PM Changeset in webkit [196152] by fpizlo@apple.com
  • 6 edits in trunk/Source/JavaScriptCore

REGRESSION(192409): Cannot rely on add32() to zero-extend
https://bugs.webkit.org/show_bug.cgi?id=153897

Unreviewed rollout of r192409.

  • assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::add32):
(JSC::MacroAssemblerARM64::add64):

  • assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::add32):

  • assembler/MacroAssemblerX86.h:

(JSC::MacroAssemblerX86::add32):

  • assembler/MacroAssemblerX86Common.h:

(JSC::MacroAssemblerX86Common::add32):
(JSC::MacroAssemblerX86Common::add8):
(JSC::MacroAssemblerX86Common::branchAdd32):
(JSC::MacroAssemblerX86Common::generateTest32):
(JSC::MacroAssemblerX86Common::clz32AfterBsr):
(JSC::MacroAssemblerX86Common::add32AndSetFlags): Deleted.

  • assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::add32):
(JSC::MacroAssemblerX86_64::add64):
(JSC::MacroAssemblerX86_64::branchAdd64):
(JSC::MacroAssemblerX86_64::repatchCall):
(JSC::MacroAssemblerX86_64::clz64AfterBsr):
(JSC::MacroAssemblerX86_64::add64AndSetFlags): Deleted.

3:13 PM Changeset in webkit [196151] by commit-queue@webkit.org
  • 4 edits
    5 adds
    8 deletes in trunk/Source/WebInspectorUI

Web Inspector: New timeline images for instruments
https://bugs.webkit.org/show_bug.cgi?id=153884
<rdar://problem/24509429>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-04
Reviewed by Timothy Hatcher.

  • UserInterface/Views/TimelineTabContentView.js:

(WebInspector.TimelineTabContentView.iconClassNameForTimeline):
Better names and give Memory timeline a name for an icon.

  • UserInterface/Views/TreeOutline.css:

(.tree-outline.large .item .icon):
Add more padding next to large icons.

  • UserInterface/Images/ColorsLarge.png: Removed.
  • UserInterface/Images/ColorsLarge@2x.png: Removed.
  • UserInterface/Images/Frames.png: Removed.
  • UserInterface/Images/Frames@2x.png: Removed.
  • UserInterface/Images/LayoutInstrument.svg: Added.
  • UserInterface/Images/MemoryInstrument.svg: Added.
  • UserInterface/Images/NetworkInstrument.svg: Added.
  • UserInterface/Images/NetworkLarge.png: Removed.
  • UserInterface/Images/NetworkLarge@2x.png: Removed.
  • UserInterface/Images/RenderingFramesInstrument.svg: Added.
  • UserInterface/Images/ScriptLarge.png: Removed.
  • UserInterface/Images/ScriptLarge@2x.png: Removed.

Remove old timeline pngs.

  • UserInterface/Images/ScriptsInstrument.svg: Added.
  • UserInterface/Views/TimelineIcons.css:

(.network-icon .icon):
(.script-icon .icon):
(.memory-icon .icon):
(.layout-icon .icon):
(.rendering-frame-icon .icon):
Use the new SVGs.

(body:not(.mac-platform, .windows-platform) .network-icon .icon):
(body:not(.mac-platform, .windows-platform) .network-icon.large .icon):
(body:not(.mac-platform, .windows-platform) .layout-icon .icon):
(body:not(.mac-platform, .windows-platform) .layout-icon.large .icon):
(body:not(.mac-platform, .windows-platform) .script-icon .icon):
(body:not(.mac-platform, .windows-platform) .script-icon.large .icon):
(body:not(.mac-platform, .windows-platform) .rendering-frame-icon .icon):
Fallback to old icons for non-Mac/Windows ports using Images/gtk images.

2:54 PM Changeset in webkit [196150] by eric.carlson@apple.com
  • 2 edits in trunk/LayoutTests

media/video-size.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=124932
<rdar://problem/23336430>

Reviewed by Jer Noble.

  • media/video-size.html: Add logic to retry each stage silently twice before logging failure because we can't predict how long it will take to load the poster frame.
2:07 PM Changeset in webkit [196149] by akling@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Remove dead ENABLE(BYTECODE_COMMENTS) cruft.
<https://webkit.org/b/153888>

Reviewed by Antti Koivisto.

  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): Deleted.

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::shrinkToFit): Deleted.

1:52 PM Changeset in webkit [196148] by dbates@webkit.org
  • 4 edits in trunk/Source

WebKit for iOS Simulator fails to build with public iOS SDK
https://bugs.webkit.org/show_bug.cgi?id=153881

Reviewed by Alex Christensen.

Source/WebCore:

Make constants have internal linkage to match the Apple Internal SDK.

  • platform/spi/ios/MobileGestaltSPI.h:

Source/WebKit2:

Add version guards around SPI that is now API as of iOS SDK 9.2. Until we upgrade the iOS EWS
and iOS buildbots to use the 9.2 SDK we need to keep these SPI declarations to avoid breaking
the build.

  • Platform/spi/ios/UIKitSPI.h:
1:51 PM Changeset in webkit [196147] by sbarati@apple.com
  • 5 edits
    3 adds in trunk/Source/JavaScriptCore

JSC Sampling Profiler: (host) is confusing in cases where I would expect to see JS name
https://bugs.webkit.org/show_bug.cgi?id=153663
<rdar://problem/24415092>

Reviewed by Geoffrey Garen.

We now collect the Callee in the processed StackFrame
when the Callee is a valid GC object. We later ask
the Callee for it's .displayName or .name property.
When we don't have a valid callee, we will still
use the Executable for this information.

This helps us come up with good names for frames where
the Callee object is a bound function or an InternalFunction.

  • inspector/agents/InspectorScriptProfilerAgent.cpp:

(Inspector::InspectorScriptProfilerAgent::addEvent):
(Inspector::buildSamples):
(Inspector::InspectorScriptProfilerAgent::trackingComplete):

  • runtime/SamplingProfiler.cpp:

(JSC::reportStats):
(JSC::FrameWalker::walk):
(JSC::SamplingProfiler::processUnverifiedStackTraces):
(JSC::SamplingProfiler::visit):
(JSC::SamplingProfiler::shutdown):
(JSC::SamplingProfiler::clearData):
(JSC::SamplingProfiler::StackFrame::nameFromCallee):
(JSC::SamplingProfiler::StackFrame::displayName):
(JSC::SamplingProfiler::StackFrame::displayNameForJSONTests):
(JSC::SamplingProfiler::stackTracesAsJSON):

  • runtime/SamplingProfiler.h:

(JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame):
(JSC::SamplingProfiler::StackFrame::StackFrame):

  • tests/stress/sampling-profiler-basic.js:

(platformSupportsSamplingProfiler.nothing):
(platformSupportsSamplingProfiler.top):

  • tests/stress/sampling-profiler-bound-function-name.js: Added.

(platformSupportsSamplingProfiler.foo):
(platformSupportsSamplingProfiler.bar):
(platformSupportsSamplingProfiler.let.baz):
(platformSupportsSamplingProfiler):

  • tests/stress/sampling-profiler-display-name.js: Added.

(platformSupportsSamplingProfiler.foo):
(platformSupportsSamplingProfiler.baz):
(platformSupportsSamplingProfiler.):
(platformSupportsSamplingProfiler.bar):
(platformSupportsSamplingProfiler.jaz):
(platformSupportsSamplingProfiler.makeFunction.let.result):
(platformSupportsSamplingProfiler.makeFunction):

  • tests/stress/sampling-profiler-internal-function-name.js: Added.

(platformSupportsSamplingProfiler.foo):
(platformSupportsSamplingProfiler.bar):
(platformSupportsSamplingProfiler):

1:51 PM Changeset in webkit [196146] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebInspectorUI

Web Inspector: Show error icons if invalid values already exist for properties in the Visual sidebar
https://bugs.webkit.org/show_bug.cgi?id=153702
<rdar://problem/24424025>

Patch by Devin Rousso <Devin Rousso> on 2016-02-04
Reviewed by Timothy Hatcher.

When CSS properties have invalid values, instead of displaying the computed
value for that property in the Visual sidebar, show an error icon with the
the invalid value.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Views/VisualStyleNumberInputBox.css:

(.visual-style-property-container > .visual-style-property-value-container > .number-input-container > .number-input-value):
(.visual-style-property-container > .visual-style-property-value-container > .visual-style-special-property-placeholder[hidden] ~ .number-input-container > .number-input-value):
By default, do not allow any pointer events to interact with the input element.
Instead, only allow interaction when the placeholder element is hidden to ensure
that the user cannot add a value when the computed value is displayed.

  • UserInterface/Views/VisualStyleNumberInputBox.js:

(WebInspector.VisualStyleNumberInputBox.prototype.set specialPropertyPlaceholderElementText):
Reset the selected keyword to "Unchanged" since this is either a warning
message or the computed value.

  • UserInterface/Views/VisualStylePropertyEditor.css:

(.visual-style-property-container > .visual-style-property-editor-warning.missing-dependency):
(.visual-style-property-container > .visual-style-property-editor-warning.invalid-value):
(.visual-style-property-container > .visual-style-property-editor-warning):

  • UserInterface/Views/VisualStylePropertyEditor.js:

(WebInspector.VisualStylePropertyEditor):
Replaced document.createElement with [element].createChild for simplicity.

(WebInspector.VisualStylePropertyEditor.prototype.update):
Before assigning the value of the property to the editor, check to see if
the property is valid. If not, display an Error icon and message stating
that the current value is invalid.

(WebInspector.VisualStylePropertyEditor.prototype.updateEditorValues):
(WebInspector.VisualStylePropertyEditor.prototype.set specialPropertyPlaceholderElementText):
Unhides the special placeholder element with the given text as its content.

(WebInspector.VisualStylePropertyEditor.prototype._valueDidChange):
(WebInspector.VisualStylePropertyEditor.prototype._checkDependencies):
(WebInspector.VisualStylePropertyEditor.prototype.addDependency):

1:36 PM Changeset in webkit [196145] by Chris Dumez
  • 19 edits
    6 adds in trunk

Object.getOwnPropertyDescriptor() returns incomplete descriptor for instance properties
https://bugs.webkit.org/show_bug.cgi?id=153817

Reviewed by Geoffrey Garen.

LayoutTests/imported/w3c:

Rebaseline W3C HTML test now that more checks are passing. Some checks are still
failing because getter.call(undefined) / getter.call() currently throws an exception
for Window properties but shouldn't. Global object property getters should not require
an explicit |this|.

  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/JavaScriptCore:

Extend support for Object.getOwnPropertyDescriptor() on native bindings
to instance properties (e.g. Unforgeable properties or Global object
properties) so that the returned descriptor has getter / setter
functions, as expected.

  • runtime/JSObject.cpp:

(JSC::JSObject::reifyAllStaticProperties):
Add method that reifies all static properties, including the custom
accessors. This is similar to what is done eagerly on the prototype
objects in the bindings code.

(JSC::JSObject::getOwnPropertyDescriptor):
getOwnPropertyDescriptor() would previously fails for custom accessors
that are on the instance because getDirect() does not check the static
property table and those custom accessors were not reified (We only
reified all properties eagerly - including custom accessors - on
prototype objects. To address this issue, we now call
reifyAllStaticProperties() if the call to getDirect() fails and then
call getDirect() again. This fix is however insufficient for Window
properties because |this| is a JSDOMWindowShell / JSProxy in this case
and getDirect() / reifyAllStaticProperties() would fail as the proxy
does not actually have the properties. This issue was addressed by
checking if |this| is a JSProxy and then using JSProxy::target() instead
of |this| for the calls to getDirect() and for the reification.

  • runtime/JSObject.h:
  • runtime/Lookup.h:

(JSC::reifyStaticProperty):
(JSC::reifyStaticProperties):
Move most code in reifyStaticProperties() to a separate function so the
code can be shared with JSObject::reifyAllStaticProperties().
reifyStaticProperties() is currently called by the bindings on the
prototype objects.

Source/WebCore:

Update the bindings generator so that property getters / setters now
make sure |this| has the right type and throw a TypeError if it does
not, as per:

This was an issue when doing something like:
Object.getOwnPropertyDescriptor(window, "location").get.call(nonWindow)

We would call toJSDOMWindow(thisValue), which would return null as
thisValue is not a JSDOMWindow. We would then dereference this null
pointer and crash. We now do a null check and throw a TypeError in
this case, as per the Web IDL specification.

The generated bindings still have some non-spec compliant behavior
though:

  1. The getters / setters of instance properties use slotBase instead of thisValue, which means that calling instanceA's getter on instanceB returns instanceA's property insteas of instanceB's.
  2. Global object property getters should not require an explicit |this| so calling the following should work:
    • Object.getOwnPropertyDescriptor(window, "location").get.call() We currently throw in this case.

These issues will be addressed in follow-up patches.

Tests: js/getOwnPropertyDescriptor-unforgeable-attributes.html

js/getOwnPropertyDescriptor-window-attributes.html
js/instance-property-getter-other-instance.html

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation):

  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:

(WebCore::jsTestActiveDOMObjectExcitingAttr):

  • bindings/scripts/test/JS/JSTestException.cpp:

(WebCore::jsTestExceptionName):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjConstructorTestSubObj):
(WebCore::jsTestObjTestSubObjEnabledBySettingConstructor):
(WebCore::jsTestObjConditionalAttr4Constructor):
(WebCore::jsTestObjConditionalAttr5Constructor):
(WebCore::jsTestObjConditionalAttr6Constructor):
(WebCore::jsTestObjContentDocument):
(WebCore::setJSTestObjTestSubObjEnabledBySettingConstructor):
(WebCore::setJSTestObjConditionalAttr4Constructor):
(WebCore::setJSTestObjConditionalAttr5Constructor):
(WebCore::setJSTestObjConditionalAttr6Constructor):
(WebCore::setJSTestObjConstructor): Deleted.
(WebCore::setJSTestObjConstructorStaticStringAttr): Deleted.
(WebCore::setJSTestObjConditionalAttr3): Deleted.

  • bindings/scripts/test/JS/JSTestTypedefs.cpp:

(WebCore::jsTestTypedefsConstructorTestSubObj):

LayoutTests:

Add layout test coverage for calling Object.getOwnPropertyDescriptor()
on instance properties (e.g. Unforgeable properties and Window properties).

  • http/tests/security/cross-origin-window-property-access-expected.txt:
  • http/tests/security/cross-origin-window-property-access.html:
  • Fix bug causing the onload function to not find the crossOriginWindow variable.
  • Update the case for accessing crossOriginWindow.location property as this is actually expected to work as per the specification: https://html.spec.whatwg.org/multipage/browsers.html#security-window
  • js/dom/dom-as-prototype-assignment-exception-expected.txt:
  • js/dom/getOwnPropertyDescriptor-expected.txt:
  • js/dom/script-tests/dom-as-prototype-assignment-exception.js:
  • js/getOwnPropertyDescriptor-unforgeable-attributes-expected.txt: Added.
  • js/getOwnPropertyDescriptor-unforgeable-attributes.html: Added.
  • js/getOwnPropertyDescriptor-window-attributes-expected.txt: Added.
  • js/getOwnPropertyDescriptor-window-attributes.html: Added.
  • js/instance-property-getter-other-instance-expected.txt: Added.
  • js/instance-property-getter-other-instance.html: Added.
  • js/resources/getOwnPropertyDescriptor.js:
1:20 PM Changeset in webkit [196144] by achristensen@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Fix internal Windows build
https://bugs.webkit.org/show_bug.cgi?id=153886
<rdar://problem/24499887>

Reviewed by Mark Lam.

In r190253 I changed the directory of the headers from AppleInternal/include/JavaScriptCore
to AppleInternal/include/private/JavaScriptCore. This is ok for WebCore and WebKit, but not
other projects, such as CFNetwork, which expect the public API headers to be in the old location.
This used to be done by a combination of copy-files.cmd and the old JavaScriptCore.proj.
This change copies all the API headers, which copies everything in copy-files.cmd except APIShims.h
which does not exist any more. It copies additional headers that were not copied before, but
I think this is beneficial so we do not forget to add new public headers to a list of public headers
to be copied in the internal build. Having extra public headers in the internal Windows build is
not a problem because only internal clients use the internal Windows build.

1:14 PM Changeset in webkit [196143] by fpizlo@apple.com
  • 2 edits in trunk/Tools

run-jsc-stress-tests should be better at telling you details about test failures
https://bugs.webkit.org/show_bug.cgi?id=153845

Reviewed by Geoffrey Garen.

Here's an example of the contents of results/resultsByFamily, one of the new files that this
generates, for some local testing I'm doing. Notice how it groups families of tests together.

You won't see this unless you cat results/resultsByFamily.

regress.yaml/Regress/radar-24289839.js:

regress.yaml/Regress/radar-24289839.js.default: PASS
regress.yaml/Regress/radar-24289839.js.ftl: PASS
regress.yaml/Regress/radar-24289839.js.ftl-no-cjit: FAIL
regress.yaml/Regress/radar-24289839.js.ftl-eager-no-cjit: FAIL


regress.yaml/Regress/radar-24290639.js:

regress.yaml/Regress/radar-24290639.js.default: PASS
regress.yaml/Regress/radar-24290639.js.ftl: PASS
regress.yaml/Regress/radar-24290639.js.ftl-no-cjit: PASS
regress.yaml/Regress/radar-24290639.js.ftl-eager-no-cjit: FAIL


regress.yaml/Regress/radar-24290670.js: FAILED

  • Scripts/run-jsc-stress-tests:
1:02 PM Changeset in webkit [196142] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebKit2

Web Inspector: Give nested inspectors their own process pool
https://bugs.webkit.org/show_bug.cgi?id=153880
<rdar://problem/24508310>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-04
Reviewed by Timothy Hatcher.

When inspecting the inspector both inspectors were using the same
Inspector process and sharing the same VM. This meant that profiling
information was confusing (memory and JavaScript sampling) because
it was showing data about both inspectors sharing the same process.

  • UIProcess/WebInspectorProxy.cpp:

(WebKit::WebInspectorProxy::inspectorProcessPool):
(WebKit::WebInspectorProxy::isInspectorProcessPool):
Have two process pools. The main inspector process pool (1st level inspectors)
and a nested inspector process pool (inspecting the inspector, only expected
by WebKit developers).

  • UIProcess/WebInspectorProxy.h:
  • UIProcess/efl/WebInspectorProxyEfl.cpp:

(WebKit::WebInspectorProxy::platformCreateInspectorPage):

  • UIProcess/gtk/WebInspectorProxyGtk.cpp:

(WebKit::WebInspectorProxy::platformCreateInspectorPage):

  • UIProcess/mac/WebInspectorProxyMac.mm:

(WebKit::WebInspectorProxy::platformCreateInspectorPage):
Pass the inspectionLevel to determine the appropriate pool to use.

12:38 PM Changeset in webkit [196141] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking imported/w3c/web-platform-tests/html/semantics/document-metadata/styling/LinkStyle.html as flaky on Mac
https://bugs.webkit.org/show_bug.cgi?id=153871

Unreviewed test gardening.

  • platform/mac/TestExpectations:
12:26 PM Changeset in webkit [196140] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking webgl/1.0.3/conformance/extensions/oes-texture-half-float-linear.html as flaky on mac
https://bugs.webkit.org/show_bug.cgi?id=153883

Unreviewed test gardening.

  • platform/mac/TestExpectations:
12:23 PM Changeset in webkit [196139] by Jon Davis
  • 2 edits in trunk/Websites/webkit.org

Fix bad link on the Feature Status page.
https://bugs.webkit.org/show_bug.cgi?id=152086

Reviewed by Timothy Hatcher.

  • wp-content/themes/webkit/status.php:
12:06 PM Changeset in webkit [196138] by Csaba Osztrogonác
  • 2 edits in trunk/Source/WebKit2

Fix the !ENABLE(NETSCAPE_PLUGIN_API) build after r196053
https://bugs.webkit.org/show_bug.cgi?id=153878

Unreviewed buildfix.

  • WebProcess/Plugins/Netscape/x11/NetscapePluginX11.h:
11:46 AM Changeset in webkit [196137] by beidson@apple.com
  • 5 edits
    5 adds in trunk

Modern IDB: LayoutTest imported/w3c/indexeddb/keyorder-private.html is flaky.
https://bugs.webkit.org/show_bug.cgi?id=153438.

Reviewed by Alex Christensen.

Source/WebCore:

Tests: storage/indexeddb/modern/idbkey-array-equality-private.html

storage/indexeddb/modern/idbkey-array-equality.html

  • Modules/indexeddb/IDBKeyData.cpp:

(WebCore::IDBKeyData::loggingString):
(WebCore::IDBKeyData::operator==): Fix obvious bug.

LayoutTests:

  • platform/mac-wk1/TestExpectations: Re-enable the flaky test.
  • resources/js-test.js:
  • storage/indexeddb/modern/idbkey-array-equality-expected.txt: Added.
  • storage/indexeddb/modern/idbkey-array-equality-private-expected.txt: Added.
  • storage/indexeddb/modern/idbkey-array-equality-private.html: Added.
  • storage/indexeddb/modern/idbkey-array-equality.html: Added.
  • storage/indexeddb/modern/resources/idbkey-array-equality.js: Added.
11:38 AM Changeset in webkit [196136] by Chris Dumez
  • 7 edits in trunk/Source/WebCore

Unreviewed, fix the EFL clean build after r196123
https://bugs.webkit.org/show_bug.cgi?id=153875

  • CMakeLists.txt:
  • PlatformGTK.cmake:
  • PlatformMac.cmake:
  • html/DOMSettableTokenList.h:
  • html/DOMSettableTokenList.idl:
11:27 AM Changeset in webkit [196135] by eric.carlson@apple.com
  • 10 edits in trunk/Source/WebCore

PageGroup::captionPreferences should return a reference
https://bugs.webkit.org/show_bug.cgi?id=153877
<rdar://problem/24506917>

Reviewed by Jer Noble.

No new tests, no functional change.

  • Modules/mediacontrols/MediaControlsHost.cpp:

(WebCore::MediaControlsHost::sortedTrackListForMenu):
(WebCore::MediaControlsHost::displayNameForTrack):
(WebCore::MediaControlsHost::captionMenuOffItem):
(WebCore::MediaControlsHost::captionDisplayMode):

  • dom/Document.cpp:

(WebCore::Document::registerForCaptionPreferencesChangedCallbacks):

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::HTMLMediaElement):
(WebCore::HTMLMediaElement::addTextTrack):
(WebCore::HTMLMediaElement::configureTextTrackGroup):
(WebCore::HTMLMediaElement::setSelectedTextTrack):
(WebCore::HTMLMediaElement::configureTextTracks):
(WebCore::HTMLMediaElement::captionPreferencesChanged):
(WebCore::HTMLMediaElement::mediaPlayerPreferredAudioCharacteristics):

  • html/shadow/MediaControlElements.cpp:

(WebCore::MediaControlClosedCaptionsTrackListElement::updateDisplay):
(WebCore::MediaControlClosedCaptionsTrackListElement::rebuildTrackListMenu):
(WebCore::MediaControlTextTrackContainerElement::updateActiveCuesFontSize):

  • page/PageGroup.cpp:

(WebCore::PageGroup::captionPreferencesChanged):
(WebCore::PageGroup::captionPreferences):

  • page/PageGroup.h:
  • platform/cocoa/WebVideoFullscreenModelVideoElement.mm:

(WebVideoFullscreenModelVideoElement::updateLegibleOptions):

  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::setShouldDisplayTrackKind):
(WebCore::InternalSettings::shouldDisplayTrackKind):

  • testing/Internals.cpp:

(WebCore::Internals::resetToConsistentState):
(WebCore::Internals::Internals):
(WebCore::Internals::userPreferredAudioCharacteristics):
(WebCore::Internals::setUserPreferredAudioCharacteristic):
(WebCore::Internals::captionsStyleSheetOverride):
(WebCore::Internals::setCaptionsStyleSheetOverride):
(WebCore::Internals::setPrimaryAudioTrackLanguageOverride):
(WebCore::Internals::setCaptionDisplayMode):

11:20 AM Changeset in webkit [196134] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Removed unused Settings::setPrivateBrowsingEnabled.
https://bugs.webkit.org/show_bug.cgi?id=153869

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-02-04
Reviewed by Alexey Proskuryakov.

Implementation of Settings::setPrivateBrowsingEnabled was removed
in r166661, but declaration is still here.

No new tests needed.

  • page/Settings.h:

(WebCore::Settings::setPrivateBrowsingEnabled): Deleted.

11:12 AM Changeset in webkit [196133] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skip two flaky indexeddb tests on Yosemite Release WK2

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
10:29 AM Changeset in webkit [196132] by matthew_hanson@apple.com
  • 1 edit in branches/safari-601-branch/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm

Guard use of MediaToolbox by ENABLE(AVF_CAPTIONS).

10:20 AM Changeset in webkit [196131] by eric.carlson@apple.com
  • 7 edits in trunk

Don't discard in-band cues with negative start times
https://bugs.webkit.org/show_bug.cgi?id=153867
<rdar://problem/19588632>

Reviewed by Jer Noble.

Source/WebCore:

No new tests, updated and un-skipped http/tests/media/track-in-band-hls-metadata.html.

  • platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:

(WebCore::InbandMetadataTextTrackPrivateAVF::addDataCue): ASSERT if passed negative time value.
(WebCore::InbandMetadataTextTrackPrivateAVF::updatePendingCueEndTimes): Ditto. Correct logging.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::processCue): ASSERT if passed negative time value.
(WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive): Convert negative cue times to zero.
(-[WebCoreAVFMovieObserver legibleOutput:didOutputAttributedStrings:nativeSampleBuffers:forItemTime:]):

Ditto.

LayoutTests:

  • http/tests/media/track-in-band-hls-metadata-expected.txt:
  • http/tests/media/track-in-band-hls-metadata.html: Test more attributes for correctness, fail test immediately if cue.value is undefined so the test doesn't generate an exception and exit without any results.
  • platform/mac/TestExpectations: Unskip test.
10:03 AM Changeset in webkit [196130] by commit-queue@webkit.org
  • 7 edits
    2 adds in trunk

Specify an exception for createChannelMerger, createChannelSplitter and createPeriodicWave
https://bugs.webkit.org/show_bug.cgi?id=150925

Patch by Hyemi Shin <hyemi.sin@samsung.com> on 2016-02-04
Reviewed by Darin Adler.

createChannelMerger and createChannelSplitter should throw INDEX_SIZE_ERR
for invalid numberOfInputs value.
createPeriodicWave should throw INDEX_SIZE_ERR for invalid lengths of parameters.

Source/WebCore:

Tests: webaudio/audiochannelmerger-basic.html

webaudio/audiochannelsplitter.html
webaudio/periodicwave-lengths.html

  • Modules/webaudio/AudioContext.cpp:

(WebCore::AudioContext::createChannelSplitter):
(WebCore::AudioContext::createChannelMerger):
(WebCore::AudioContext::createPeriodicWave):

LayoutTests:

  • webaudio/audiochannelmerger-basic-expected.txt: numberOfInputs could be 32.
  • webaudio/audiochannelmerger-basic.html: Ditto.
  • webaudio/audiochannelsplitter-expected.txt: Ditto.
  • webaudio/audiochannelsplitter.html: Ditto.
  • webaudio/periodicwave-lengths-expected.txt: Added.
  • webaudio/periodicwave-lengths.html: Added.
9:45 AM Changeset in webkit [196129] by matthew_hanson@apple.com
  • 1 edit in branches/safari-601-branch/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm

Use feature-based guards instead of OS-based guards, and wrap them around both MediaToolbox SOFT_LINK macros.

9:43 AM Changeset in webkit [196128] by youenn.fablet@crf.canon.fr
  • 15 edits
    1 copy
    1 add in trunk

[Fetch API] Add support for iterating over Headers
https://bugs.webkit.org/show_bug.cgi?id=153787

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Relanding.

  • web-platform-tests/fetch/api/headers/headers-basic-expected.txt:
  • web-platform-tests/fetch/api/headers/headers-basic.html:
  • web-platform-tests/fetch/api/headers/headers-structure-expected.txt:
  • web-platform-tests/fetch/api/request/request-clone.sub-expected.txt:
  • web-platform-tests/fetch/api/request/request-init-003.sub-expected.txt:
  • web-platform-tests/fetch/api/resources/utils.js:

(checkRequest):
(readTextStream):

Source/WebCore:

Relanding, updating bindings/js/JSKeyValueIterator.h for Windows bots.

Covered by updated tests.
Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.

  • CMakeLists.txt:
  • Modules/fetch/FetchHeaders.cpp:

(WebCore::FetchHeaders::Iterator::next):
(WebCore::FetchHeaders::Iterator::Iterator):

  • Modules/fetch/FetchHeaders.h:

(WebCore::FetchHeaders::createIterator):

  • Modules/fetch/FetchHeaders.idl:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSBindingsAllInOne.cpp:
  • bindings/js/JSDOMBinding.h:

(WebCore::jsPair):

  • bindings/js/JSFetchHeadersCustom.cpp: Added.

(WebCore::JSFetchHeaders::entries):
(WebCore::JSFetchHeaders::keys):
(WebCore::JSFetchHeaders::values):

  • bindings/js/JSKeyValueIterator.h: Added.

(WebCore::JSKeyValueIteratorPrototype::create):
(WebCore::JSKeyValueIteratorPrototype::createStructure):
(WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
(WebCore::createIterator):
(WebCore::DOMWrapped>::destroy):
(WebCore::DOMWrapped>::next):
(WebCore::DOMWrapped>::finishCreation):

9:39 AM Changeset in webkit [196127] by matthew_hanson@apple.com
  • 1 edit in branches/safari-601-branch/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm

Build fix.

9:34 AM Changeset in webkit [196126] by Ryan Haddad
  • 2 edits
    2 adds in trunk/LayoutTests

Rebaseline imported/w3c/web-platform-tests/html/semantics/forms/the-select-element/select-ask-for-reset.html for ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=153850

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
  • platform/ios-simulator/imported/w3c/web-platform-tests/html/semantics/forms/the-select-element/select-ask-for-reset-expected.txt: Added.
9:27 AM Changeset in webkit [196125] by matthew_hanson@apple.com
  • 1 edit in branches/safari-601-branch/Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm

Speculative Mavericks Build Fix. rdar://problem/24417428

9:12 AM Changeset in webkit [196124] by Chris Dumez
  • 2 edits in trunk/Source/WebKit2

Unreviewed, rolling out r196067.

Re-enable speculative revalidation now that we have measured
the impact on the perf bots

Reverted changeset:

"Unreviewed, rolling out r195555."
https://bugs.webkit.org/show_bug.cgi?id=153443
http://trac.webkit.org/changeset/196067

8:57 AM Changeset in webkit [196123] by Chris Dumez
  • 43 edits
    1 delete in trunk

Merge DOMTokenList and DOMSettableTokenList
https://bugs.webkit.org/show_bug.cgi?id=153677
<rdar://problem/24419675>

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/historical-expected.txt:
  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/dom/nodes/Element-classlist-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces.html:

Update HTMLAreaElement.relList to match the specification.

Source/WebCore:

Merge DOMTokenList and DOMSettableTokenList, as per a recent
specification change:

No new tests, already covered by existing tests.

  • CMakeLists.txt:
  • DerivedSources.cpp:
  • WebCore.vcxproj/WebCore.vcxproj:
  • WebCore.vcxproj/WebCore.vcxproj.filters:
  • WebCore.xcodeproj/project.pbxproj:
  • dom/Element.idl:
  • dom/Node.h:
  • dom/NodeRareData.h:
  • html/AttributeDOMTokenList.h:
  • html/DOMSettableTokenList.cpp: Removed.
  • html/DOMSettableTokenList.h:
  • html/DOMSettableTokenList.idl:
  • html/DOMTokenList.cpp:

(WebCore::DOMTokenList::setValue):

  • html/DOMTokenList.h:
  • html/DOMTokenList.idl:
  • html/HTMLAnchorElement.idl:
  • html/HTMLAreaElement.idl:
  • html/HTMLElement.cpp:
  • html/HTMLElement.idl:
  • html/HTMLIFrameElement.cpp:

(WebCore::HTMLIFrameElement::sandbox):

  • html/HTMLIFrameElement.h:
  • html/HTMLIFrameElement.idl:
  • html/HTMLLinkElement.cpp:

(WebCore::HTMLLinkElement::sizes):

  • html/HTMLLinkElement.h:
  • html/HTMLLinkElement.idl:
  • html/HTMLOutputElement.cpp:

(WebCore::HTMLOutputElement::htmlFor):

  • html/HTMLOutputElement.h:
  • html/HTMLOutputElement.idl:
  • html/HTMLTableCellElement.idl:
  • page/DOMWindow.cpp:
  • page/DOMWindow.idl:

LayoutTests:

Update / rebaseline several tests now that relList attributes
use [PutForward=value].

  • fast/dom/HTMLElement/class-list-expected.txt:
  • fast/dom/HTMLElement/class-list-quirks-expected.txt:
  • fast/dom/HTMLElement/script-tests/class-list.js:
  • fast/dom/rel-list-expected.txt:
  • fast/dom/rel-list.html:
8:22 AM Changeset in webkit [196122] by matthew_hanson@apple.com
  • 3 edits
    2 adds in branches/safari-601.1.46-branch

Merge r195837. rdar://problem/24001782

8:22 AM Changeset in webkit [196121] by matthew_hanson@apple.com
  • 14 edits
    2 adds in branches/safari-601.1.46-branch

Merge r196010. rdar://problem/24416768

8:22 AM Changeset in webkit [196120] by matthew_hanson@apple.com
  • 4 edits
    4 adds in branches/safari-601.1.46-branch

Merge r195912. rdar://problem/24416768

8:22 AM Changeset in webkit [196119] by matthew_hanson@apple.com
  • 4 edits
    2 adds in branches/safari-601.1.46-branch

Merge r192570. rdar://problem/24416768

4:46 AM Changeset in webkit [196118] by youenn.fablet@crf.canon.fr
  • 14 edits
    2 deletes in trunk

Unreviewed. Reverting r196115 and r19116, related tohttps://bugs.webkit.org/show_bug.cgi?id=153787.

3:39 AM Changeset in webkit [196117] by alex
  • 5 edits
    2 adds in trunk/Source/WebCore

[GTK] Implement mediastream mediaplayer
https://bugs.webkit.org/show_bug.cgi?id=153541

Reviewed by Martin Robinson.

Added the implementation of the mediaplayer for the
mediastream. The code was implemented by Philippe Normand and
Alessandro Decina.

  • PlatformGTK.cmake: Added the file to the compilation.
  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::setSrcObject): Set the src of the
media element to the mediastream.

  • platform/graphics/MediaPlayer.cpp:

(WebCore::buildMediaEnginesVector): Register the mediastream
mediaplayer as an option in the media engines vector.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp: Added.

(WebCore::MediaPlayerPrivateGStreamerOwr::MediaPlayerPrivateGStreamerOwr):
(WebCore::MediaPlayerPrivateGStreamerOwr::~MediaPlayerPrivateGStreamerOwr):
(WebCore::MediaPlayerPrivateGStreamerOwr::play):
(WebCore::MediaPlayerPrivateGStreamerOwr::pause):
(WebCore::MediaPlayerPrivateGStreamerOwr::hasVideo):
(WebCore::MediaPlayerPrivateGStreamerOwr::hasAudio):
(WebCore::MediaPlayerPrivateGStreamerOwr::currentTime):
(WebCore::MediaPlayerPrivateGStreamerOwr::load):
(WebCore::MediaPlayerPrivateGStreamerOwr::loadingFailed):
(WebCore::MediaPlayerPrivateGStreamerOwr::didLoadingProgress):
(WebCore::MediaPlayerPrivateGStreamerOwr::internalLoad):
(WebCore::MediaPlayerPrivateGStreamerOwr::stop):
(WebCore::MediaPlayerPrivateGStreamerOwr::registerMediaEngine):
(WebCore::MediaPlayerPrivateGStreamerOwr::getSupportedTypes):
(WebCore::MediaPlayerPrivateGStreamerOwr::supportsType):
(WebCore::MediaPlayerPrivateGStreamerOwr::isAvailable):
(WebCore::MediaPlayerPrivateGStreamerOwr::createGSTAudioSinkBin):
(WebCore::MediaPlayerPrivateGStreamerOwr::sourceStopped):
(WebCore::MediaPlayerPrivateGStreamerOwr::sourceMutedChanged):
(WebCore::MediaPlayerPrivateGStreamerOwr::sourceSettingsChanged):
(WebCore::MediaPlayerPrivateGStreamerOwr::preventSourceFromStopping):
(WebCore::MediaPlayerPrivateGStreamerOwr::createVideoSink):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h: Added.

(WebCore::MediaPlayerPrivateGStreamerOwr::engineDescription):
(WebCore::MediaPlayerPrivateGStreamerOwr::load):
(WebCore::MediaPlayerPrivateGStreamerOwr::cancelLoad):
(WebCore::MediaPlayerPrivateGStreamerOwr::prepareToPlay):
(WebCore::MediaPlayerPrivateGStreamerOwr::duration):
(WebCore::MediaPlayerPrivateGStreamerOwr::seek):
(WebCore::MediaPlayerPrivateGStreamerOwr::seeking):
(WebCore::MediaPlayerPrivateGStreamerOwr::setRate):
(WebCore::MediaPlayerPrivateGStreamerOwr::setPreservesPitch):
(WebCore::MediaPlayerPrivateGStreamerOwr::paused):
(WebCore::MediaPlayerPrivateGStreamerOwr::hasClosedCaptions):
(WebCore::MediaPlayerPrivateGStreamerOwr::setClosedCaptionsVisible):
(WebCore::MediaPlayerPrivateGStreamerOwr::maxTimeSeekable):
(WebCore::MediaPlayerPrivateGStreamerOwr::buffered):
(WebCore::MediaPlayerPrivateGStreamerOwr::totalBytes):
(WebCore::MediaPlayerPrivateGStreamerOwr::bytesLoaded):
(WebCore::MediaPlayerPrivateGStreamerOwr::canLoadPoster):
(WebCore::MediaPlayerPrivateGStreamerOwr::setPoster):
(WebCore::MediaPlayerPrivateGStreamerOwr::isLiveStream):
(WebCore::MediaPlayerPrivateGStreamerOwr::audioSink):

3:14 AM Changeset in webkit [196116] by youenn.fablet@crf.canon.fr
  • 3 edits in trunk/Source/WebCore/bindings/js

Unreviewed. Speculative Win Build fix

2:39 AM Changeset in webkit [196115] by youenn.fablet@crf.canon.fr
  • 15 edits
    1 copy
    1 add in trunk

[Fetch API] Add support for iterating over Headers
https://bugs.webkit.org/show_bug.cgi?id=153787

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/headers/headers-basic-expected.txt:
  • web-platform-tests/fetch/api/headers/headers-basic.html:
  • web-platform-tests/fetch/api/headers/headers-structure-expected.txt:
  • web-platform-tests/fetch/api/request/request-clone.sub-expected.txt:
  • web-platform-tests/fetch/api/request/request-init-003.sub-expected.txt:
  • web-platform-tests/fetch/api/resources/utils.js: fixed typo in test.

Source/WebCore:

Covered by updated tests.
Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.

  • CMakeLists.txt:
  • Modules/fetch/FetchHeaders.cpp:

(WebCore::FetchHeaders::Iterator::next):
(WebCore::FetchHeaders::Iterator::Iterator):

  • Modules/fetch/FetchHeaders.h:

(WebCore::FetchHeaders::createIterator):

  • Modules/fetch/FetchHeaders.idl:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSDOMBinding.h:

(WebCore::jsPair):

  • bindings/js/JSBindingsAllInOne.cpp:
  • bindings/js/JSFetchHeadersCustom.cpp: Added.

(WebCore::JSFetchHeaders::entries):
(WebCore::JSFetchHeaders::keys):
(WebCore::JSFetchHeaders::values):

  • bindings/js/JSKeyValueIterator.h: Added.

(WebCore::JSKeyValueIteratorPrototype::create):
(WebCore::JSKeyValueIteratorPrototype::createStructure):
(WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
(WebCore::JSKeyValueIteratorPrototypeFuncNext):

2:10 AM Changeset in webkit [196114] by Hunseop Jeong
  • 15 edits in trunk/LayoutTests

Unreviewed. EFL gardening after r195740.

  • platform/efl/accessibility/table-attributes-expected.txt:
  • platform/efl/accessibility/table-cell-spans-expected.txt:
  • platform/efl/accessibility/table-cells-expected.txt:
  • platform/efl/accessibility/table-sections-expected.txt:
  • platform/efl/accessibility/table-with-rules-expected.txt:
  • platform/efl/css2.1/20110323/table-height-algorithm-023-expected.txt:
  • platform/efl/css2.1/20110323/table-height-algorithm-024-expected.txt:
  • platform/efl/css3/selectors3/xml/css3-modsel-43b-expected.txt:
  • platform/efl/editing/deleting/5099303-expected.txt:
  • platform/efl/editing/deleting/5144139-2-expected.txt:
  • platform/efl/editing/deleting/5483370-expected.txt:
  • platform/efl/editing/deleting/delete-to-select-table-expected.txt:
  • platform/efl/editing/deleting/table-cells-expected.txt:
  • platform/efl/fast/text/atsui-multiple-renderers-expected.txt:
2:05 AM Changeset in webkit [196113] by Csaba Osztrogonác
  • 3 edits in trunk

Unreviewed non X86_64 buildfix after r196077.

  • Source/cmake/OptionsEfl.cmake:
  • Source/cmake/OptionsGTK.cmake:
12:25 AM Changeset in webkit [196112] by Carlos Garcia Campos
  • 3 edits
    2 adds in trunk

Do not show context menu when right clicking on a scrollbar
https://bugs.webkit.org/show_bug.cgi?id=153493

Reviewed by Michael Catanzaro.

Source/WebCore:

Scrollbars don't currently handle right clicks, but we are showing
the context menu when they are right clicked. This is not desired
at least in GTK+ and I've checked that it isn't consistent with
other applications in Mac either.

Test: fast/events/contextmenu-on-scrollbars.html

  • page/EventHandler.cpp:

(WebCore::EventHandler::sendContextMenuEvent):

LayoutTests:

Add a test to check that context menu event is not sent when right
clicking on a scrollbar.

  • fast/events/contextmenu-on-scrollbars-expected.txt: Added.
  • fast/events/contextmenu-on-scrollbars.html: Added.
Note: See TracTimeline for information about the timeline view.