Context Navigation

REGRESSION(r198077): generated Objective-C protocol object getters leak their wrappers
https://bugs.webkit.org/show_bug.cgi?id=155523
<rdar://problem/25181764>

Reviewed by Joseph Pecoraro.

Since the code may not be compiled with ARC, autorelease the returned wrapper.

inspector/scripts/codegen/objc_generator.py:

(ObjCGenerator.protocol_to_objc_expression_for_member):

inspector/scripts/tests/expected/type-declaration-object-type.json-result:
inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:

7:16 PM Changeset in webkit [198256] by commit-queue@webkit.org

6 edits in trunk/Source/JavaScriptCore

[JSC] Help clang generate better code on arrayProtoFuncToString()
https://bugs.webkit.org/show_bug.cgi?id=155512

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-15
Reviewed by Mark Lam.

3d-raytrace hits Array.toString() hard with small arrays.
Half of the time is going into overhead around the StringJoiner.
This patch makes the function shorter and the layout better.

runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncToString):
Add "UNLIKELY" on rare cases. Clang pushes that code to the tail.

Factor the code of jsMakeNontrivialString() so that the operation
is not duplicated in the function.

runtime/JSStringBuilder.h:

(JSC::jsMakeNontrivialString):
jsNontrivialString() supports r-value reference.
Move the result string into jsNontrivialString(), this removes
the deref+destructor from the function.

runtime/JSStringJoiner.cpp:

(JSC::JSStringJoiner::~JSStringJoiner):
The destructor is pretty large. No point in inlining it.

(JSC::joinStrings):

runtime/JSStringJoiner.h:

(JSC::JSStringJoiner::JSStringJoiner):
(JSC::JSStringJoiner::append):
The calls were duplicated. That's unnecessary.

runtime/NumericStrings.h:

(JSC::NumericStrings::add):
Return a reference in all cases.
This removes a deref+destructor.

6:51 PM Changeset in webkit [198255] by Alan Bujtas

13 edits
2 deletes in trunk

Remove overflow: -webkit-marquee
https://bugs.webkit.org/show_bug.cgi?id=155517
<rdar://problem/25028481>

Reviewed by Simon Fraser.

This patch is based on Blink patch from jchaffraix@chromium.org (https://src.chromium.org/viewvc/blink?revision=151756&view=revision)

Source/WebCore:

css/CSSParser.cpp:

(WebCore::isValidKeywordPropertyAndValue):

css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Deleted.
(WebCore::CSSPrimitiveValue::operator EOverflow): Deleted.

css/CSSValueKeywords.in:
css/StyleResolver.cpp:

(WebCore::StyleResolver::adjustRenderStyle):

css/html.css:

(marquee): Deleted.

rendering/RenderBox.cpp:

(WebCore::RenderBox::sizesLogicalWidthToFitContent):

rendering/RenderLayer.cpp:

(WebCore::RenderLayer::scrollTo):
(WebCore::RenderLayer::updateScrollInfoAfterLayout):
(WebCore::RenderLayer::calculateClipRects):

rendering/RenderLayer.h:
rendering/RenderMarquee.h:
rendering/style/RenderStyleConstants.h:

LayoutTests:

fast/css/getPropertyValue-webkit-marquee.html:
fast/css/webkit-marquee-anonymous-node-crash-expected.txt: Removed.
fast/css/webkit-marquee-anonymous-node-crash.html: Removed.

6:45 PM Changeset in webkit [198254] by jdiggs@igalia.com

11 edits in trunk

AX: Expose pointers to SVG elements referenced by aria-labelledby
https://bugs.webkit.org/show_bug.cgi?id=155481

Reviewed by Chris Fleizach.

Source/WebCore:

Expose elements referenced by aria-labelledby via ATK_RELATION_LABELLED_BY.
Stop calling the supportsARIA* methods before getting the elements referred
to by the associated ARIA property in the accessible wrapper for ATK and
the inspector: Getting the elements will be just as fast when there are no
such elements, and faster when there are.

Modified the w3c-svg-name-calculation.html test to include AXTitleUIElement
in its output.

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::supportsARIAAttributes):
(WebCore::AccessibilityObject::ariaElementsFromAttribute): Added.
(WebCore::AccessibilityObject::ariaControlsElements): Added.
(WebCore::AccessibilityObject::ariaDescribedByElements): Added.
(WebCore::AccessibilityObject::ariaFlowToElements): Added.
(WebCore::AccessibilityObject::ariaLabelledByElements): Added.
(WebCore::AccessibilityObject::ariaOwnsElements): Added.

accessibility/AccessibilityObject.h:

(WebCore::AccessibilityObject::ariaOwnsElements): No longer virtual.
(WebCore::AccessibilityObject::supportsARIAFlowTo): Deleted.
(WebCore::AccessibilityObject::ariaFlowToElements): No longer virtual.
(WebCore::AccessibilityObject::supportsARIADescribedBy): Deleted.
(WebCore::AccessibilityObject::ariaDescribedByElements): No longer virtual.
(WebCore::AccessibilityObject::supportsARIAControls): Deleted.
(WebCore::AccessibilityObject::ariaControlsElements): No longer virtual.

accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::ariaElementsFromAttribute): Moved to AccessibilityObject.
(WebCore::AccessibilityRenderObject::supportsARIAFlowTo): Deleted.
(WebCore::AccessibilityRenderObject::ariaFlowToElements): Moved to AccessibilityObject.
(WebCore::AccessibilityRenderObject::supportsARIADescribedBy): Deleted.
(WebCore::AccessibilityRenderObject::ariaDescribedByElements): Moved to AccessibilityObject.
(WebCore::AccessibilityRenderObject::supportsARIAControls): Deleted.
(WebCore::AccessibilityRenderObject::ariaControlsElements): Moved to AccessibilityObject.
(WebCore::AccessibilityRenderObject::ariaOwnsElements): Moved to AccessibilityObject.

accessibility/AccessibilityRenderObject.h:
accessibility/atk/WebKitAccessibleWrapperAtk.cpp:

(setAtkRelationSetFromCoreObject):

inspector/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):

LayoutTests:

accessibility/w3c-svg-name-calculation.html: Modified to also output AXTitleUIElement.
platform/gtk/accessibility/w3c-svg-name-calculation-expected.txt: Updated.
platform/mac/accessibility/w3c-svg-name-calculation-expected.txt: Updated.

6:07 PM Changeset in webkit [198253] by commit-queue@webkit.org

2 edits in trunk/Source/JavaScriptCore

Remove stale ArrayPrototype declarations
https://bugs.webkit.org/show_bug.cgi?id=155520

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-15
Reviewed by Mark Lam.

runtime/ArrayPrototype.cpp:

The implementations went away when the methods were moved to builtins
but the declarations were left behind.

6:02 PM Changeset in webkit [198252] by oliver@apple.com

4 edits in trunk/Source/JavaScriptCore

Rename performJITMemcpy to something more inline with our normal webkit function names
https://bugs.webkit.org/show_bug.cgi?id=155525

Reviewed by Saam Barati.

Simple bulk search/replace with a better name.

assembler/ARM64Assembler.h:

(JSC::ARM64Assembler::fillNops):
(JSC::ARM64Assembler::replaceWithJump):
(JSC::ARM64Assembler::replaceWithLoad):
(JSC::ARM64Assembler::replaceWithAddressComputation):
(JSC::ARM64Assembler::setPointer):
(JSC::ARM64Assembler::repatchInt32):
(JSC::ARM64Assembler::repatchCompact):
(JSC::ARM64Assembler::linkJumpOrCall):
(JSC::ARM64Assembler::linkCompareAndBranch):
(JSC::ARM64Assembler::linkConditionalBranch):
(JSC::ARM64Assembler::linkTestAndBranch):

assembler/LinkBuffer.cpp:

(JSC::LinkBuffer::copyCompactAndLinkCode):

jit/ExecutableAllocator.h:

(JSC::writeToExecutableRegion):
(JSC::performJITMemcpy): Deleted.

5:45 PM Changeset in webkit [198251] by jer.noble@apple.com

2 edits in trunk/Source/WebKit/mac

[ios-sim debug] API test WebKit1.AudioSessionCategoryIOS timing out
https://bugs.webkit.org/show_bug.cgi?id=155275

Reviewed by Alexey Proskuryakov.

The videoPlaybackRequiresUserGesture and audioPlaybackRequiresUserGesture should both defalut to
NO, so that legacy clients of -[UIWebView setMediaPlaybackRequiresUserAction:] continue to work
as expected.

WebView/WebPreferences.mm:

(+[WebPreferences initialize]):

5:22 PM Changeset in webkit [198250] by matthew_hanson@apple.com

2 edits in branches/safari-601.1.46-branch/Source/WebKit2

Merge r195982. rdar://problem/24560759

5:22 PM Changeset in webkit [198249] by matthew_hanson@apple.com

4 edits
1 add in branches/safari-601.1.46-branch

Merge r194060. rdar://problem/24560757

5:22 PM Changeset in webkit [198248] by matthew_hanson@apple.com

4 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r197125. rdar://problem/24860685

5:22 PM Changeset in webkit [198247] by matthew_hanson@apple.com

2 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r196670. rdar://problem/24860681

5:22 PM Changeset in webkit [198246] by matthew_hanson@apple.com

19 edits
2 adds in branches/safari-601.1.46-branch

Merge r196268. rdar://problem/24748259

5:02 PM Changeset in webkit [198245] by enrica@apple.com

2 edits in trunk/Source/WebKit2

Follow up to r195769.
https://bugs.webkit.org/show_bug.cgi?id=155519
rdar://problem/25146483

Reviewed by Tim Horton.

There are two code paths that lead to calling handleSyntheticClick()
where we need to check if the default action can be performed on the
data detector link.
Only one was covered in r195769 and this patch addresses the missing one.
I've also discovered that the point reported in DidNotHandleTapAsClick was
incorrectly always (0, 0) and I've fixed it.

WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::handleTap):

5:00 PM Changeset in webkit [198244] by Brent Fulgham

2 edits in trunk/Source/WebKit/win

[Win] Correct double-release of CFURLConnectionRef
https://bugs.webkit.org/show_bug.cgi?id=155515
<rdar://problem/25159143>

Reviewed by Tim Horton.

Tested by http/tests/download suite.

WebDownloadCFNet.cpp: Remove extra CFRelease.

4:59 PM Changeset in webkit [198243] by Simon Fraser

2 edits in trunk/Source/WebCore

Occasional crash under GraphicsContext::platformContext() when dragging Google maps
https://bugs.webkit.org/show_bug.cgi?id=155521
rdar://problem/24357307

Reviewed by Tim Horton.

It's possible for createDragImageForSelection() to return a null image, if the bounds
of the selection are an empty rect. That would cause a crash under convertImageToBitmap()
because a zero-sized ShareableBitmap will return a null GraphicsContext.

To avoid this, early return from DragController::startDrag() if the dragImage is null.

I wasn't able to come up with a test for this.

page/DragController.cpp:

(WebCore::DragController::startDrag):

4:51 PM Changeset in webkit [198242] by timothy_horton@apple.com

2 edits in trunk/Tools

[iOS Simulator] Test result snapshots are upside down
https://bugs.webkit.org/show_bug.cgi?id=154761

Reviewed by Simon Fraser.

WebKitTestRunner/cg/TestInvocationCG.cpp:

(WTR::createCGContextFromImage):
(WTR::TestInvocation::dumpPixelsAndCompareWithExpected):
In r97104, Simon added code to take WindowServer snapshots, which came
in flipped, and added code to flip them back. At this point, WindowServer
snapshots got flipped, and software snapshots did not.

In r140067, Simon noticed that WindowServer ref test images were upside-down
on Mac (not sure why this changed), so turned off the flipping code (but
didn't delete it!). Now, WindowServer snapshots and software snapshots both
are not flipped.

In r190304, Carlos added an enum for the source of the snapshot ("WebView"
for window server snapshots, and "WebContent" for software snapshots),
and - critically - changed the flipping logic to flip software snapshots!

We didn't notice this on Mac because at this point we've made it so that
we *always* have WindowServer snapshots, but on iOS we still don't have
WindowServer snapshots, so now they're flipped.

And that's how we got here.

To restore the behavior from r140067, and correctly unflip snapshots on
iOS, just delete this code.

4:29 PM Changeset in webkit [198241] by oliver@apple.com

2 edits in trunk/Source/JavaScriptCore

Improved build fix.

4:24 PM Changeset in webkit [198240] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Gardening: build fix after r198235.

Not Reviewed.

jit/ExecutableAllocatorFixedVMPool.cpp:

(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):

4:13 PM Changeset in webkit [198239] by timothy_horton@apple.com

12 edits
2 adds in trunk

iOS <attachment> element should allow customization of action text color
https://bugs.webkit.org/show_bug.cgi?id=155513
<rdar://problem/24805991>

Reviewed by Simon Fraser.

Test: fast/attachment/attachment-action.html

css/html.css:

(attachment):
On iOS (the only place it is used), <attachment> color should default to system blue.

rendering/RenderThemeIOS.mm:

(WebCore::attachmentActionColor):
(WebCore::AttachmentInfo::AttachmentInfo):
Make use of the <attachment>'s CSS color for the action text.
This is a little weird because there are multiple bits of text in an
<attachment>, but only the action text ever changes color.

fast/attachment/attachment-action-expected.html: Added.
fast/attachment/attachment-action.html: Added.
platform/ios-simulator/fast/attachment/attachment-label-highlight-expected.txt:
platform/ios-simulator/fast/attachment/attachment-progress-expected.txt:
platform/ios-simulator/fast/attachment/attachment-rendering-expected.txt:
platform/ios-simulator/fast/attachment/attachment-select-on-click-expected.txt:
platform/ios-simulator/fast/attachment/attachment-select-on-click-inside-user-select-all-expected.txt:
platform/ios-simulator/fast/attachment/attachment-subtitle-expected.txt:
platform/ios-simulator/fast/attachment/attachment-title-expected.txt:

Rebaseline some tests and add one that action text matches the requested color.

4:10 PM Changeset in webkit [198238] by Alan Bujtas

9 edits in trunk/Source/WebCore

Delay HTMLFormControlElement::focus() call until after layout is finished.
https://bugs.webkit.org/show_bug.cgi?id=155503
<rdar://problem/24046635>

Reviewed by Simon Fraser.

Calling focus on a form element can trigger arbitrary JS code which could interfere with
the ongoing layout.
This patch delays HTMLFormControlElement::focus() call until after layout is finished.
If we are currently not in the middle of a layout, HTMLFormControlElement::focus() is delayed until
after style resolution is done.

Covered by LayoutTests/fast/dom/adopt-node-crash-2.html

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::updateBackingStore):

dom/Document.cpp:

(WebCore::Document::updateStyleIfNeeded):
(WebCore::Document::updateLayout):
(WebCore::Document::updateLayoutIfDimensionsOutOfDate):

html/HTMLEmbedElement.cpp:

(WebCore::HTMLEmbedElement::renderWidgetLoadingPlugin):

html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::didAttachRenderers):

page/FrameView.cpp:

(WebCore::FrameView::layout):
(WebCore::FrameView::queuePostLayoutCallback):
(WebCore::FrameView::flushPostLayoutTasksQueue):
(WebCore::FrameView::performPostLayoutTasks):
(WebCore::FrameView::sendResizeEventIfNeeded):

page/FrameView.h:
rendering/RenderBox.cpp:

(WebCore::RenderBox::imageChanged):

rendering/RenderLayer.cpp:

(WebCore::RenderLayer::scrollTo):

3:57 PM Changeset in webkit [198237] by Ryan Haddad

2 edits in trunk/Source/WebKit2

Unreviewed, rolling out r198230.

This change caused LayoutTests to fail on Mac

Reverted changeset:

"REGRESSION (r194660): Navigating to HTTPS sites may fail with
error"
https://bugs.webkit.org/show_bug.cgi?id=155455
http://trac.webkit.org/changeset/198230

3:46 PM Changeset in webkit [198236] by Simon Fraser

2 edits
7 adds in trunk/PerformanceTests

Add developer Animometer test that bounces P3-tagged images
https://bugs.webkit.org/show_bug.cgi?id=155511

Reviewed by Tim Horton.

Add a test for rendering performance of tagged images. The 5 images are tagged
with the Display P3 colorspace.

Animometer/resources/debug-runner/tests.js:
Animometer/tests/bouncing-particles/bouncing-tagged-images.html: Added.
Animometer/tests/bouncing-particles/resources/bouncing-tagged-images.js: Added.
Animometer/tests/bouncing-particles/resources/image1.jpg: Added.
Animometer/tests/bouncing-particles/resources/image2.jpg: Added.
Animometer/tests/bouncing-particles/resources/image3.jpg: Added.
Animometer/tests/bouncing-particles/resources/image4.jpg: Added.
Animometer/tests/bouncing-particles/resources/image5.jpg: Added.

3:44 PM Changeset in webkit [198235] by oliver@apple.com

16 edits in trunk/Source

Remove compile time define for SEPARATED_HEAP
https://bugs.webkit.org/show_bug.cgi?id=155508

Reviewed by Mark Lam.

Source/JavaScriptCore:

This removes the compile time define for the SEPARATED_HEAP
feature, and moves to a default-off runtime preference.

This happily also removes the need for world rebuilds while
bringing it up on different platforms.

Configurations/FeatureDefines.xcconfig:
assembler/LinkBuffer.cpp:

(JSC::LinkBuffer::copyCompactAndLinkCode):

jit/ExecutableAllocator.h:

(JSC::performJITMemcpy):

jit/ExecutableAllocatorFixedVMPool.cpp:

(JSC::FixedVMPoolExecutableAllocator::initializeSeparatedWXHeaps):
(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):
(JSC::FixedVMPoolExecutableAllocator::genericWriteToJITRegion):
(JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator): Deleted.

runtime/Options.cpp:

(JSC::recomputeDependentOptions):

runtime/Options.h:

Source/WebCore:

Remove the feature define.

Configurations/FeatureDefines.xcconfig:

Source/WebKit/mac:

Remove the feature define.

Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

Remove the feature define.

Configurations/FeatureDefines.xcconfig:

Source/WTF:

Remove the feature define.

wtf/FeatureDefines.h:
wtf/Platform.h:

3:42 PM Changeset in webkit [198234] by rniwa@webkit.org

2 edits
1 add in trunk/Websites/perf.webkit.org

Extract the code to format commit logs into its own PHP file
https://bugs.webkit.org/show_bug.cgi?id=155514

Rubber-stamped by Chris Dumez.

Extracted CommitLogFetcher out of /api/commits so that it could be used in analysis-tasks.php
in the future to support associating cause/fix for each analysis task.

public/api/commits.php:
public/include/commit-log-fetcher.php: Added.

(CommitLogFetcher)
(CommitLogFetcher::construct): Added.
(CommitLogFetcher::repository_id_from_name): Added.
(CommitLogFetcher::fetch_between): Added.
(CommitLogFetcher::fetch_oldest): Added.
(CommitLogFetcher::fetch_latest): Added.
(CommitLogFetcher::fetch_last_reported): Added.
(CommitLogFetcher::fetch_revision): Added.
(CommitLogFetcher::commit_for_revision): Added.
(CommitLogFetcher::format_single_commit): Added.
(CommitLogFetcher::format_commit): Added.

3:38 PM Changeset in webkit [198233] by commit-queue@webkit.org

6 edits in trunk

Unreviewed, rolling out r198148.
https://bugs.webkit.org/show_bug.cgi?id=155518

"Lets do this patch at a later time" (Requested by saamyjoon
on #webkit).

Reverted changeset:

"[ES6] Disallow var assignments in for-in loops"
https://bugs.webkit.org/show_bug.cgi?id=155451
http://trac.webkit.org/changeset/198148

3:22 PM Changeset in webkit [198232] by ap@apple.com

2 edits in trunk/LayoutTests

Test result gardening for
ASSERT_NOT_REACHED on imported/w3c/web-platform-tests/html/semantics/embedded-content/the-area-element/area-coords.html
https://bugs.webkit.org/show_bug.cgi?id=155516

TestExpectations: Skip the test in debug, as it's not useful to crash every time.

3:04 PM Changeset in webkit [198231] by ap@apple.com

2 edits in trunk/Tools

run-api-tests doesn't print test name when the test crashes
https://bugs.webkit.org/show_bug.cgi?id=155476

Reviewed by Daniel Bates.

Scripts/run-api-tests: Print "UNEXPECTEDLY EXITED" with a test name when output

doesn't contain the test name yet. Changed test name output to always be before raw
stdout for clarity.

2:55 PM Changeset in webkit [198230] by dbates@webkit.org

2 edits in trunk/Source/WebKit2

REGRESSION (r194660): Navigating to HTTPS sites may fail with error
https://bugs.webkit.org/show_bug.cgi?id=155455
<rdar://problem/24308793>

Reviewed by Alexey Proskuryakov.

Fixes an issue where navigating to an HTTPS site may fail because the Security Framework uses
a cache directory that it does not have permission to use.

Shared/mac/ChildProcessMac.mm:

(WebKit::codeSigningIdentifierForProcess): Queries the Security Framework for the code signed
bundle identifier/code signing identifier.
(WebKit::ChildProcess::initializeSandbox): Use the client identifier as part of the user directory
suffix. Verify that the client identifier matches the code signed bundled identifier/code
signing identifier for the code signed app/tool. Fix minor code style issue; use a C++-style cast
instead of a C-style cast when casting an OSStatus to a long.
(WebKit::findSecCodeForProcess): Deleted; incorporated logic into WebKit::codeSigningIdentifierForProcess().

2:48 PM Changeset in webkit [198229] by commit-queue@webkit.org

4 edits in trunk

REGRESSION: ASSERTION FAILED: !m_lastActiveBlock on js/function-apply.html
https://bugs.webkit.org/show_bug.cgi?id=155411
<rdar://problem/25134537>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-15
Reviewed by Mark Lam.

Source/JavaScriptCore:

heap/Heap.cpp:

(JSC::Heap::collectImpl):
(JSC::Heap::didFinishCollection):
During collection allocators are stop/reset. The HeapProfiler tasks
were using HeapIterationScope (to satisfy MarkedSpace forEachCell API
contracts) which was doing its own stop/resume of allocators. Doing a
stop/resume in between the normal stop/reset of collection is unexpected.

Move this to didFinishCollection, alongside other heap iterations
like zombies and immortal objects. Putting this after those tasks
also means the heap snapshots will respect the zombies/immortal options
when deciding if the cell is alive or not.

LayoutTests:

platform/mac/TestExpectations:

Unmark test as flakey.

1:41 PM Changeset in webkit [198228] by sbarati@apple.com

13 edits in trunk/Source/JavaScriptCore

We should have different JSTypes for JSGlobalLexicalEnvironment and JSLexicalEnvironment and JSModuleEnvironment
https://bugs.webkit.org/show_bug.cgi?id=152406

Reviewed by Mark Lam.

This makes testing for a JSGlobalLexicalEnvironment faster
because we can just check the Cell's type instead of using
jsDynamicCast. I also changed code that does jsDynamicCast<JSGlobalObject*>
instead of isGlobalObject().

interpreter/Interpreter.cpp:

(JSC::Interpreter::execute):

jit/JITOperations.cpp:
llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::tryCachePutToScopeGlobal):
(JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal):

runtime/JSGlobalLexicalEnvironment.h:

(JSC::JSGlobalLexicalEnvironment::createStructure):

runtime/JSLexicalEnvironment.h:

(JSC::JSLexicalEnvironment::createStructure):
(JSC::JSLexicalEnvironment::JSLexicalEnvironment):

runtime/JSModuleEnvironment.h:

(JSC::JSModuleEnvironment::createStructure):
(JSC::JSModuleEnvironment::offsetOfModuleRecord):

runtime/JSObject.h:

(JSC::JSObject::isGlobalObject):
(JSC::JSObject::isJSLexicalEnvironment):
(JSC::JSObject::isGlobalLexicalEnvironment):
(JSC::JSObject::isErrorInstance):

runtime/JSScope.cpp:

(JSC::abstractAccess):
(JSC::isUnscopable):
(JSC::JSScope::resolve):
(JSC::JSScope::collectVariablesUnderTDZ):
(JSC::JSScope::isVarScope):
(JSC::JSScope::isLexicalScope):
(JSC::JSScope::isModuleScope):
(JSC::JSScope::isCatchScope):
(JSC::JSScope::isFunctionNameScopeObject):
(JSC::JSScope::isNestedLexicalScope):
(JSC::JSScope::constantScopeForCodeBlock):
(JSC::isScopeType): Deleted.
(JSC::JSScope::isGlobalLexicalEnvironment): Deleted.

runtime/JSScope.h:
runtime/JSType.h:

1:31 PM Changeset in webkit [198227] by Ryan Haddad

2 edits in trunk/LayoutTests

Fixing expectation for css3/masking/mask-svg-script-none-to-png.html on ios-simulator

Unreviewed test gardening.

platform/ios-simulator/TestExpectations:

1:27 PM Changeset in webkit [198226] by timothy_horton@apple.com

12 edits in trunk/LayoutTests

Unskip and rebaseline <attachment> tests on iOS
<rdar://problem/24805991>

fast/attachment/attachment-default-icon.html:
fast/attachment/attachment-folder-icon.html:
fast/attachment/attachment-type-attribute.html:

Make these tests have identical titles between ref and actual, because
on iOS the layout differs if you have a title or not (unlike on Mac).

platform/ios-simulator/TestExpectations:
platform/ios-simulator/fast/attachment/attachment-label-highlight-expected.txt:
platform/ios-simulator/fast/attachment/attachment-progress-expected.txt:
platform/ios-simulator/fast/attachment/attachment-rendering-expected.txt:
platform/ios-simulator/fast/attachment/attachment-select-on-click-expected.txt:
platform/ios-simulator/fast/attachment/attachment-select-on-click-inside-user-select-all-expected.txt:
platform/ios-simulator/fast/attachment/attachment-subtitle-expected.txt:
platform/ios-simulator/fast/attachment/attachment-title-expected.txt:

Unskip and rebaseline all but one of the attachment tests on iOS.

1:01 PM Changeset in webkit [198225] by Chris Dumez

2 edits in trunk/Source/WebCore

Restore pre-r197244 behavior on Mac
https://bugs.webkit.org/show_bug.cgi?id=155507
<rdar://problem/25174132>

Reviewed by Gavin Barraclough.

<http://trac.webkit.org/changeset/197244> changed the session restore
behavior to disallow stale content on all platforms except iOS.
We would also like to maintain the behavior on Mac for performance
reasons and consistency between iOS and Mac.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadDifferentDocumentItem):

12:46 PM Changeset in webkit [198224] by Antti Koivisto

2 edits in trunk/Source/WebKit2

Add Antti to WebKit2 Owners file
https://bugs.webkit.org/show_bug.cgi?id=155504

Reviewed by Anders Carlsson and Sam Weinig.

Owners:

12:45 PM Changeset in webkit [198223] by timothy_horton@apple.com

2 edits in trunk/Source/WebCore

<attachment> on iOS isn't quite vertically centered
https://bugs.webkit.org/show_bug.cgi?id=155502
<rdar://problem/24805991>

Reviewed by Beth Dakin.

No new tests; there are existing tests that will be enabled shortly.

rendering/RenderThemeIOS.mm:

(WebCore::AttachmentInfo::AttachmentInfo):
We were overcounting the total height of the attachment content by one margin, because each item
would add in its margin, including the last one. Remove one margin.

12:43 PM Changeset in webkit [198222] by Ryan Haddad

2 edits in trunk/LayoutTests

Remove flaky expectation for webgl/1.0.2/conformance/rendering/gl-scissor-test.html for mac
https://bugs.webkit.org/show_bug.cgi?id=126586

Unreviewed test gardening.

platform/mac/TestExpectations:

12:24 PM Changeset in webkit [198221] by Ryan Haddad

2 edits in trunk/LayoutTests

Fixing a typo in the ios-simulator TestExpectations file

Unreviewed test gardening.

platform/ios-simulator/TestExpectations:

12:15 PM Changeset in webkit [198220] by Ryan Haddad

2 edits in trunk/LayoutTests

Marking animations/3d/transform-origin-vs-functions.html as flaky on ios-simulator-wk2
https://bugs.webkit.org/show_bug.cgi?id=155501

Unreviewed test gardening.

platform/ios-simulator-wk2/TestExpectations:

12:03 PM Changeset in webkit [198219] by Chris Fleizach

3 edits
2 adds in trunk

AX: certain elements not included in accessibility tree
https://bugs.webkit.org/show_bug.cgi?id=155480

Reviewed by Beth Dakin.

Source/WebCore:

This test case exposed a hole in the nextSibling logic where you can get into a state where we skip content.
The fix is to check if an inline element continuation has no sibling, to fall back on to the parent case to see if that has a sibling.

Test: accessibility/double-nested-inline-element-missing-from-tree.html

accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::nextSibling):

LayoutTests:

accessibility/double-nested-inline-element-missing-from-tree-expected.txt: Added.
accessibility/double-nested-inline-element-missing-from-tree.html: Added.

11:26 AM Changeset in webkit [198218] by Chris Dumez

22 edits
2 deletes in trunk

Unreviewed, rolling out r198203.

Favorites view is no longer loading on iOS

Reverted changeset:

"URL Parsing should signal failure for illegal IDN"
https://bugs.webkit.org/show_bug.cgi?id=154945
http://trac.webkit.org/changeset/198203

11:25 AM Changeset in webkit [198217] by timothy_horton@apple.com

3 edits in trunk/Source/WebCore

<attachment> on iOS should use short and emphasized fonts
https://bugs.webkit.org/show_bug.cgi?id=155485
<rdar://problem/24805991>

Reviewed by Simon Fraser.

No new tests; there are existing tests that will be enabled shortly.

rendering/RenderThemeIOS.mm:

(WebCore::attachmentActionFont):
(WebCore::attachmentTitleFont):
(WebCore::attachmentSubtitleFont):
(WebCore::AttachmentInfo::buildTitleLines):
(WebCore::AttachmentInfo::buildSingleLine):
(WebCore::AttachmentInfo::AttachmentInfo):
No need for UIFonts, we can use CoreText, and that allows us to ask for the
correct Short and Emphasized variants that we need.

10:26 AM Changeset in webkit [198216] by Antti Koivisto

9 edits in trunk

Source/WebCore:
REGRESSION (196383): Class change invalidation does not handle :not correctly
https://bugs.webkit.org/show_bug.cgi?id=155493
<rdar://problem/24846762>

Reviewed by Andreas Kling.

We fail to invalidate bar style in

:not(.foo) bar { }

when class foo is added or removed.

There is a logic error in the invalidation code. It assumes that class addition can only make new selectors match
and removal make them not match. This is not true when :not is present.

style/AttributeChangeInvalidation.h:

(WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):

style/ClassChangeInvalidation.cpp:

(WebCore::Style::ClassChangeInvalidation::invalidateStyle):

Invalidate style and collect full set of rules that may affect descendant style.

(WebCore::Style::ClassChangeInvalidation::invalidateDescendantStyle):

Invalidate with this set both before and after committing the changes.

(WebCore::Style::ClassChangeInvalidation::computeClassChange): Deleted.

style/ClassChangeInvalidation.h:

(WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
(WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):

LayoutTests:
Class change invalidation does not handle :not correctly
https://bugs.webkit.org/show_bug.cgi?id=155493
<rdar://problem/24846762>

Reviewed by Andreas Kling.

fast/css/style-invalidation-attribute-change-descendants-expected.txt:
fast/css/style-invalidation-attribute-change-descendants.html:

Also add :not case for attribute changes (which handles this correctly already).

fast/css/style-invalidation-class-change-descendants-expected.txt:
fast/css/style-invalidation-class-change-descendants.html:

Add :not case.

8:30 AM Changeset in webkit [198215] by bshafiei@apple.com

5 edits in trunk/Source

Versioning.

8:28 AM Changeset in webkit [198214] by bshafiei@apple.com

1 copy in tags/Safari-602.1.23

New tag.

8:27 AM Changeset in webkit [198213] by bshafiei@apple.com

1 delete in tags/Safari-602.1.23

Delete tag.

8:26 AM Changeset in webkit [198212] by fpizlo@apple.com

45 edits
2 deletes in trunk/Source/JavaScriptCore

Remove the Baker barrier from JSC
https://bugs.webkit.org/show_bug.cgi?id=155479

Reviewed by Saam Barati.

It's been a while since I added a Baker barrier, but I never followed it up with an actual
concurrent GC. While thinking about the GC, I became convinced that the right path forward
is to do a non-copying concurrent GC. That is, remove the copied space and just use the
marked space. The downside of using marked space cannot be more than the overhead of the
Baker barrier, so concurrent non-copying GC is definitely better than copying
non-concurrent GC. I also suspect that just plain non-copying non-concurrent GC is going to
be fine also, so the path forward will probably be to first just remove CopiedSpace.

Anyway, for now this patch just removes the Baker barrier. It was a cute implementation but
it just cost performance and I don't think we'll ever use it.

CMakeLists.txt:
JavaScriptCore.xcodeproj/project.pbxproj:
bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::generate):

dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGArgumentsEliminationPhase.cpp:
dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

dfg/DFGCopyBarrierOptimizationPhase.cpp: Removed.
dfg/DFGCopyBarrierOptimizationPhase.h: Removed.
dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

dfg/DFGHeapLocation.cpp:

(WTF::printInternal):

dfg/DFGHeapLocation.h:
dfg/DFGNodeType.h:
dfg/DFGOperations.cpp:
dfg/DFGOperations.h:
dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset):
(JSC::DFG::SpeculativeJIT::compileGetButterfly):

dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):

ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileGetButterfly):
(JSC::FTL::DFG::LowerDFGToB3::compileConstantStoragePointer):
(JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckArray):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiGetByOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiPutByOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileGetDirectPname):
(JSC::FTL::DFG::LowerDFGToB3::storageForTransition):
(JSC::FTL::DFG::LowerDFGToB3::getById):
(JSC::FTL::DFG::LowerDFGToB3::isFastTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::compileGetButterflyReadOnly): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadButterflyWithBarrier): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadVectorWithBarrier): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::copyBarrier): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::isInToSpace): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadButterflyReadOnly): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadVectorReadOnly): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::removeSpaceBits): Deleted.

heap/CopyBarrier.h:

(JSC::CopyBarrierBase::CopyBarrierBase):
(JSC::CopyBarrierBase::operator bool):
(JSC::CopyBarrierBase::get):
(JSC::CopyBarrierBase::clear):
(JSC::CopyBarrierBase::setWithoutBarrier):
(JSC::CopyBarrier::CopyBarrier):
(JSC::CopyBarrier::get):
(JSC::CopyBarrier::set):
(JSC::CopyBarrier::setWithoutBarrier):
(JSC::CopyBarrierBase::operator!): Deleted.
(JSC::CopyBarrierBase::getWithoutBarrier): Deleted.
(JSC::CopyBarrierBase::getPredicated): Deleted.
(JSC::CopyBarrierBase::copyState): Deleted.
(JSC::CopyBarrierBase::setCopyState): Deleted.
(JSC::CopyBarrierBase::weakCASWithoutBarrier): Deleted.
(JSC::CopyBarrier::getWithoutBarrier): Deleted.
(JSC::CopyBarrier::getPredicated): Deleted.
(JSC::CopyBarrier::weakCASWithoutBarrier): Deleted.

heap/Heap.cpp:

(JSC::Heap::addToRememberedSet):
(JSC::Heap::collectAndSweep):
(JSC::Heap::copyBarrier): Deleted.

heap/Heap.h:

(JSC::Heap::writeBarrierBuffer):

jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::branchIfNotFastTypedArray):
(JSC::AssemblyHelpers::purifyNaN):
(JSC::AssemblyHelpers::loadTypedArrayVector): Deleted.

jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::branchStructure):
(JSC::AssemblyHelpers::addressForByteOffset):
(JSC::AssemblyHelpers::branchIfToSpace): Deleted.
(JSC::AssemblyHelpers::branchIfNotToSpace): Deleted.
(JSC::AssemblyHelpers::removeSpaceBits): Deleted.

jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompile):

jit/JITOpcodes.cpp:

(JSC::JIT::emitSlow_op_has_indexed_property):
(JSC::JIT::emit_op_get_direct_pname):
(JSC::JIT::emitSlow_op_get_direct_pname):

jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_get_direct_pname):
(JSC::JIT::emitSlow_op_get_direct_pname):

jit/JITPropertyAccess.cpp:

(JSC::JIT::emitDoubleLoad):
(JSC::JIT::emitContiguousLoad):
(JSC::JIT::emitArrayStorageLoad):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitGenericContiguousPutByVal):
(JSC::JIT::emitArrayStoragePutByVal):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emitSlow_op_get_from_scope):
(JSC::JIT::emit_op_put_to_scope):
(JSC::JIT::emitSlow_op_put_to_scope):
(JSC::JIT::emitIntTypedArrayGetByVal):
(JSC::JIT::emitFloatTypedArrayGetByVal):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

llint/LowLevelInterpreter.asm:
llint/LowLevelInterpreter64.asm:
runtime/DirectArguments.cpp:

(JSC::DirectArguments::visitChildren):
(JSC::DirectArguments::copyBackingStore):
(JSC::DirectArguments::overrideArgument):
(JSC::DirectArguments::copyToArguments):

runtime/DirectArguments.h:

(JSC::DirectArguments::canAccessIndexQuickly):
(JSC::DirectArguments::canAccessArgumentIndexQuicklyInDFG):

runtime/JSArray.cpp:

(JSC::JSArray::setLength):
(JSC::JSArray::pop):
(JSC::JSArray::push):
(JSC::JSArray::fastSlice):
(JSC::JSArray::fastConcatWith):
(JSC::JSArray::shiftCountWithArrayStorage):
(JSC::JSArray::shiftCountWithAnyIndexingType):
(JSC::JSArray::unshiftCountWithAnyIndexingType):
(JSC::JSArray::fillArgList):
(JSC::JSArray::copyToArguments):

runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::finalize):

runtime/JSArrayBufferView.h:

(JSC::JSArrayBufferView::isNeutered):
(JSC::JSArrayBufferView::vector):
(JSC::JSArrayBufferView::length):

runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren):
(JSC::JSGenericTypedArrayView<Adaptor>::copyBackingStore):

runtime/JSObject.cpp:

(JSC::JSObject::visitChildren):
(JSC::JSObject::copyBackingStore):
(JSC::JSObject::heapSnapshot):
(JSC::JSObject::getOwnPropertySlotByIndex):
(JSC::JSObject::putByIndex):
(JSC::JSObject::enterDictionaryIndexingMode):
(JSC::JSObject::createInitialIndexedStorage):
(JSC::JSObject::createArrayStorage):
(JSC::JSObject::convertUndecidedToInt32):
(JSC::JSObject::convertUndecidedToDouble):
(JSC::JSObject::convertUndecidedToContiguous):
(JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
(JSC::JSObject::convertUndecidedToArrayStorage):
(JSC::JSObject::convertInt32ToDouble):
(JSC::JSObject::convertInt32ToContiguous):
(JSC::JSObject::convertInt32ToArrayStorage):
(JSC::JSObject::convertDoubleToContiguous):
(JSC::JSObject::convertDoubleToArrayStorage):
(JSC::JSObject::convertContiguousToArrayStorage):
(JSC::JSObject::setIndexQuicklyToUndecided):
(JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
(JSC::JSObject::deletePropertyByIndex):
(JSC::JSObject::getOwnPropertyNames):
(JSC::JSObject::putIndexedDescriptor):
(JSC::JSObject::defineOwnIndexedProperty):
(JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
(JSC::JSObject::putDirectIndexBeyondVectorLength):
(JSC::JSObject::getNewVectorLength):
(JSC::JSObject::ensureLengthSlow):
(JSC::JSObject::reallocateAndShrinkButterfly):
(JSC::JSObject::growOutOfLineStorage):
(JSC::getBoundSlotBaseFunctionForGetterSetter):
(JSC::JSObject::getEnumerableLength):

runtime/JSObject.h:

(JSC::JSObject::getArrayLength):
(JSC::JSObject::getVectorLength):
(JSC::JSObject::canGetIndexQuickly):
(JSC::JSObject::getIndexQuickly):
(JSC::JSObject::tryGetIndexQuickly):
(JSC::JSObject::canSetIndexQuickly):
(JSC::JSObject::canSetIndexQuicklyForPutDirect):
(JSC::JSObject::setIndexQuickly):
(JSC::JSObject::initializeIndex):
(JSC::JSObject::hasSparseMap):
(JSC::JSObject::inSparseIndexingMode):
(JSC::JSObject::inlineStorage):
(JSC::JSObject::butterfly):
(JSC::JSObject::outOfLineStorage):
(JSC::JSObject::locationForOffset):
(JSC::JSObject::ensureInt32):
(JSC::JSObject::ensureDouble):
(JSC::JSObject::ensureContiguous):
(JSC::JSObject::ensureArrayStorage):
(JSC::JSObject::arrayStorage):
(JSC::JSObject::arrayStorageOrNull):
(JSC::JSObject::ensureLength):
(JSC::JSObject::putDirectWithoutTransition):

runtime/MapData.h:

(JSC::JSIterator>::IteratorData::next):
(JSC::JSIterator>::IteratorData::refreshCursor):

runtime/MapDataInlines.h:

(JSC::JSIterator>::find):
(JSC::JSIterator>::add):
(JSC::JSIterator>::remove):
(JSC::JSIterator>::replaceAndPackBackingStore):
(JSC::JSIterator>::replaceBackingStore):
(JSC::JSIterator>::ensureSpaceForAppend):
(JSC::JSIterator>::visitChildren):
(JSC::JSIterator>::copyBackingStore):

runtime/Options.h:

8:20 AM Changeset in webkit [198211] by jer.noble@apple.com

5 edits
2 adds in trunk

Video elements with autoplay do not begin playing when scrolling into view if InvisibleAutoplayNotPermitted is set.
https://bugs.webkit.org/show_bug.cgi?id=155468

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/video-restricted-invisible-autoplay-allowed-when-visible.html

A few bugs came together to cause this behavior. We were not telling the media session that we were going to begin
the autoplaying state, we were not restoring the correct state when the interruption ended, and we were not checking
to see if we could actually play correctly when the interruption ended.

html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::prepareForLoad):
(WebCore::HTMLMediaElement::canTransitionFromAutoplayToPlay):
(WebCore::HTMLMediaElement::setReadyState):
(WebCore::HTMLMediaElement::resumeAutoplaying):
(WebCore::HTMLMediaElement::updateShouldPlay):
(WebCore::elementCanTransitionFromAutoplayToPlay): Deleted.

html/HTMLMediaElement.h:
platform/audio/PlatformMediaSession.cpp:

(WebCore::PlatformMediaSession::endInterruption):

LayoutTests:

media/video-restricted-invisible-autoplay-allowed-when-visible-expected.txt: Added.
media/video-restricted-invisible-autoplay-allowed-when-visible.html: Added.

8:10 AM Changeset in webkit [198210] by Manuel Rego Casasnovas

10 edits
1 move in trunk/Source/WebCore

[css-grid] Rename GridCoordinate to GridArea
https://bugs.webkit.org/show_bug.cgi?id=155489

Reviewed by Sergio Villar Senin.

As the comment in GridCoordinate states,
it actually represents a grid area as it stores
the initial and final positions in both axis (columns and rows).

Someone can think about a grid coordinate just like a single cell.
However this class was representing an area of several cells.

On top of that the "grid area" concept is defined in the spec:
https://drafts.csswg.org/css-grid/#grid-area-concept

No new tests, no change of behavior.

WebCore.xcodeproj/project.pbxproj:
css/CSSGridTemplateAreasValue.cpp:

(WebCore::stringForPosition):

css/CSSGridTemplateAreasValue.h:
css/CSSParser.cpp:

(WebCore::CSSParser::parseGridTemplateAreasRow):

css/CSSParser.h:
rendering/RenderGrid.cpp:

(WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
(WebCore::RenderGrid::insertItemIntoGrid):
(WebCore::RenderGrid::placeItemsOnGrid):
(WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
(WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
(WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
(WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
(WebCore::RenderGrid::clearGrid):
(WebCore::RenderGrid::cachedGridArea):
(WebCore::RenderGrid::cachedGridSpan):

rendering/RenderGrid.h:
rendering/style/GridArea.h: Renamed from Source/WebCore/rendering/style/GridCoordinate.h.

(WebCore::GridSpan::untranslatedDefiniteGridSpan):
(WebCore::GridSpan::translatedDefiniteGridSpan):
(WebCore::GridSpan::indefiniteGridSpan):
(WebCore::GridSpan::operator==):
(WebCore::GridSpan::integerSpan):
(WebCore::GridSpan::untranslatedResolvedInitialPosition):
(WebCore::GridSpan::untranslatedResolvedFinalPosition):
(WebCore::GridSpan::resolvedInitialPosition):
(WebCore::GridSpan::resolvedFinalPosition):
(WebCore::GridSpan::GridSpanIterator::GridSpanIterator):
(WebCore::GridSpan::GridSpanIterator::operator unsigned&):
(WebCore::GridSpan::GridSpanIterator::operator*):
(WebCore::GridSpan::begin):
(WebCore::GridSpan::end):
(WebCore::GridSpan::isTranslatedDefinite):
(WebCore::GridSpan::isIndefinite):
(WebCore::GridSpan::translate):
(WebCore::GridSpan::GridSpan):
(WebCore::GridArea::GridArea):
(WebCore::GridArea::operator==):
(WebCore::GridArea::operator!=):

rendering/style/GridPositionsResolver.cpp:
rendering/style/StyleGridData.h:

7:21 AM Changeset in webkit [198209] by jh718.park@samsung.com

2 edits in trunk/Source/WebCore

[GTK] Remove duplicate HashMap traversal and unneeded reference count churn in DataObjectGtk::forClipboard
https://bugs.webkit.org/show_bug.cgi?id=155470

Reviewed by Carlos Garcia Campos.

No new tests, no new behaviours.

platform/gtk/DataObjectGtk.cpp:

(WebCore::DataObjectGtk::forClipboard):

3:42 AM Changeset in webkit [198208] by Gyuyoung Kim

2 edits in trunk/Source/WebKit2

EFL build has been broken since r198180
https://bugs.webkit.org/show_bug.cgi?id=155488

Unreviewed build fix.

WebProcess/UserContent/WebUserContentController.h: Use ENABLE(USER_MESSAGE_HANDLERS) guard.

3:38 AM Changeset in webkit [198207] by Manuel Rego Casasnovas

7 edits
2 moves in trunk/Source/WebCore

[css-grid] Rename GridResolvedPosition to GridPositionsResolver
https://bugs.webkit.org/show_bug.cgi?id=155486

Reviewed by Sergio Villar Senin.

GridResolvedPosition is not storing a position (track or line) anymore.
Currently it's just a class wrapping the methods to resolve
grid positions from style.
Renamed the class to avoid confusions.

No new tests, no change of behavior.

CMakeLists.txt:
WebCore.xcodeproj/project.pbxproj:
rendering/RenderGrid.cpp:

(WebCore::RenderGrid::placeItemsOnGrid):
(WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
(WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
(WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
(WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):

rendering/RenderGrid.h:
rendering/style/GridCoordinate.h:
rendering/style/GridPositionsResolver.cpp: Renamed from Source/WebCore/rendering/style/GridResolvedPosition.cpp.

(WebCore::isColumnSide):
(WebCore::isStartSide):
(WebCore::initialPositionSide):
(WebCore::finalPositionSide):
(WebCore::gridLinesForSide):
(WebCore::implicitNamedGridLineForSide):
(WebCore::GridPositionsResolver::isNonExistentNamedLineOrArea):
(WebCore::adjustGridPositionsFromStyle):
(WebCore::GridPositionsResolver::explicitGridColumnCount):
(WebCore::GridPositionsResolver::explicitGridRowCount):
(WebCore::explicitGridSizeForSide):
(WebCore::lookAheadForNamedGridLine):
(WebCore::lookBackForNamedGridLine):
(WebCore::resolveNamedGridLinePositionFromStyle):
(WebCore::definiteGridSpanWithNamedLineSpanAgainstOpposite):
(WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
(WebCore::resolveGridPositionAgainstOppositePosition):
(WebCore::GridPositionsResolver::spanSizeForAutoPlacedItem):
(WebCore::resolveGridPositionFromStyle):
(WebCore::GridPositionsResolver::resolveGridPositionsFromStyle):

rendering/style/GridPositionsResolver.h: Renamed from Source/WebCore/rendering/style/GridResolvedPosition.h.
rendering/style/StyleAllInOne.cpp:

1:59 AM Changeset in webkit [198206] by sbarati@apple.com

5 edits
2 adds in trunk/Source/JavaScriptCore

Destructuring parameters are evaluated in the wrong scope
https://bugs.webkit.org/show_bug.cgi?id=155454

Reviewed by Geoffrey Garen.

This patch makes our engine compatible with how parameter
lists are evaluated in ES6. A parameter list that contains
a rest parameter, any destructuring patterns, or default parameter values,
is classified as being non-simple. Non-simple parameter lists
must get their own scope to live in, and the variables in the
scope are under TDZ. This means that functions evaluated in the
parameter list don't have access to variables inside the function
body. Also, non-simple parameter lists get the strict-mode arguments object.

bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::~BytecodeGenerator):
(JSC::BytecodeGenerator::initializeDefaultParameterValuesAndSetupFunctionScopeStack):
(JSC::BytecodeGenerator::initializeArrowFunctionContextScopeIfNeeded):

bytecompiler/BytecodeGenerator.h:
parser/Nodes.h:

(JSC::FunctionParameters::size):
(JSC::FunctionParameters::at):
(JSC::FunctionParameters::append):
(JSC::FunctionParameters::hasDefaultParameterValues): Deleted.

tests/es6.yaml:
tests/stress/parameter-scoping.js: Added.

(assert):
(test):
(test.foo):
(test.):

1:58 AM Changeset in webkit [198205] by commit-queue@webkit.org

3 edits in trunk/Source/WebCore

Leak: Accelerated ImageBufferCairo doesn't destroy the used textures
https://bugs.webkit.org/show_bug.cgi?id=155431

Patch by Miguel Gomez <magomez@igalia.com> on 2016-03-15
Reviewed by Žan Doberšek.

When using the Cairo backend, add a destructor to ImageBufferData and use it to destroy the
textures created if the buffer is being accelerated.

No new tests, already covered by existing ones.

platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::ImageBufferData::ImageBufferData):
Store the renderingMode flag.
(WebCore::ImageBufferData::~ImageBufferData):
Destroy gl resources if renderingMode is accelerated.
(WebCore::ImageBuffer::ImageBuffer):
Pass renderingMode to the data class and use it fro checks instead of the function parameter.

platform/graphics/cairo/ImageBufferDataCairo.h:

Add destructor and a renderingMode flag.

1:49 AM Changeset in webkit [198204] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r198201 - REGRESSION (r197724): [GTK] Web Inspector: Images being blocked by CSP 2.0
https://bugs.webkit.org/show_bug.cgi?id=155432

Reviewed by Darin Adler.

The GTK+ port Web Inspector uses GResources for all internal
resources (images, fonts, scripts, etc.) that are now blocked by
the CSP. GResouces are like data URLs in practice, so we should
always allow them.

page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):

12:53 AM Changeset in webkit [198203] by jiewen_tan@apple.com

22 edits
2 adds in trunk

URL Parsing should signal failure for illegal IDN
https://bugs.webkit.org/show_bug.cgi?id=154945
<rdar://problem/8014795>

Reviewed by Brent Fulgham.

Source/WebCore:

WebCore::URL will now invalidate URLs with illegal IDN. And functions inside WebCoreNSURLExtras.h
that deal with IDN mapping will now return nil to signal error.

Test: fast/url/invalid-idn.html

platform/URL.cpp:

(WebCore::isSchemeFirstChar):
(WebCore::URL::init):
(WebCore::appendEncodedHostname):
(WebCore::encodeHostnames):
(WebCore::encodeRelativeString):

platform/mac/WebCoreNSURLExtras.h:
platform/mac/WebCoreNSURLExtras.mm:

(WebCore::mapHostNameWithRange):
(WebCore::hostNameNeedsDecodingWithRange):
(WebCore::hostNameNeedsEncodingWithRange):
(WebCore::decodeHostNameWithRange):
(WebCore::encodeHostNameWithRange):
(WebCore::decodeHostName):
(WebCore::encodeHostName):
(WebCore::collectRangesThatNeedMapping):
(WebCore::mapHostNames):
(WebCore::URLWithData):
(WebCore::dataWithUserTypedString):
(WebCore::URLWithUserTypedString):
(WebCore::URLWithUserTypedStringDeprecated):
(WebCore::userVisibleString):

Source/WebKit/ios:

Misc/WebNSStringExtrasIOS.m:

(-[NSString _web_possibleURLsForForUserTypedString:]):

WebView/WebPDFViewPlaceholder.mm:

(-[WebPDFViewPlaceholder _updateTitleForURL:]):

Source/WebKit/mac:

In this patch, we add new SPIs _webkit_URLWithUserTypedString, _webkit_decodeHostName and
_webkit_encodeHostName which will return nil while dealing with illegal IDN.

Old SPIs _web_URLWithUserTypedString, _web_decodeHostName and _web_encodeHostName are marked
deprecated as they ignore URL parsing failure.

History/WebHistoryItem.mm:

(-[WebHistoryItem initFromDictionaryRepresentation:]):

Misc/WebKitErrors.m:

(+[NSError _webKitErrorWithCode:failingURL:]):

Misc/WebNSFileManagerExtras.mm:

(-[NSFileManager _webkit_setMetadataURL:referrer:atPath:]):

Misc/WebNSPasteboardExtras.mm:

(-[NSPasteboard _web_bestURL]):

Misc/WebNSURLExtras.h:
Misc/WebNSURLExtras.mm:

(+[NSURL _web_URLWithUserTypedString:]):
(+[NSURL _webkit_URLWithUserTypedString:relativeToURL:]):
(+[NSURL _webkit_URLWithUserTypedString:]):
(-[NSString _web_decodeHostName]):
(-[NSString _web_encodeHostName]):
(-[NSString _webkit_decodeHostName]):
(-[NSString _webkit_encodeHostName]):

Panels/WebAuthenticationPanel.m:

(-[WebAuthenticationPanel setUpForChallenge:]):

WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::canonicalizeURLString):

Tools:

MiniBrowser/mac/WK2BrowserWindowController.m:

(-[WK2BrowserWindowController fetch:]):

TestWebKitAPI/Tests/Cocoa/URLExtras.mm:

(TestWebKitAPI::TEST):

LayoutTests:

fast/url/host-expected.txt:
fast/url/idna2003-expected.txt:
fast/url/invalid-idn-expected.txt: Added.
fast/url/invalid-idn.html: Added.

12:37 AM Changeset in webkit [198202] by Chris Dumez

2 edits in trunk/Source/WebKit2

Regression(r197939): ASSERTION FAILED: url.containsOnlyASCII() in URL.cpp
https://bugs.webkit.org/show_bug.cgi?id=155449
<rdar://problem/25134826>

Reviewed by Carlos Garcia Campos.

Bump WK2 Network Disk Cache version after r197939 as the new cache format
is not compatible with the old one and leads to assertions being hit when
browsing in Debug builds.

SubresourceInfo used to only contain a boolean and would therefore be
serialized as "0" / "1". However, after r197939, a URL field was added
and when trying to decode old cache entries with the new format, we
would try to construct a URL from the String "0" or "1". This would
assert because these are not valid URLs.

NetworkProcess/cache/NetworkCacheStorage.h:

12:01 AM Changeset in webkit [198201] by Carlos Garcia Campos

2 edits in trunk/Source/WebCore

REGRESSION (r197724): [GTK] Web Inspector: Images being blocked by CSP 2.0
https://bugs.webkit.org/show_bug.cgi?id=155432

Reviewed by Darin Adler.

page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):

Mar 14, 2016:

10:47 PM Changeset in webkit [198200] by bshafiei@apple.com

4 edits
1 copy in tags/Safari-602.1.22.0.2/Source/WebKit2

Merged r198089. rdar://problem/24428418

10:46 PM Changeset in webkit [198199] by bshafiei@apple.com

5 edits in tags/Safari-602.1.22.0.2/Source

Versioning.

10:39 PM Changeset in webkit [198198] by ggaren@apple.com

9 edits
1 copy
1 delete in trunk/Source/bmalloc

Unreviewed, rolling out r197955.

I decided to go in another direction

Reverted changeset:

"bmalloc: Rename SmallPage to SmallRun"
https://bugs.webkit.org/show_bug.cgi?id=155320
http://trac.webkit.org/changeset/197955

10:32 PM Changeset in webkit [198197] by achristensen@apple.com

2 edits in trunk/Source/WebCore

Fix WinCairo build after r198195.

platform/network/NetworkingContext.h:

curl networking now uses NetworkingContext::storageSession. That's everybody!

10:02 PM Changeset in webkit [198196] by commit-queue@webkit.org

9 edits
1 add in trunk/Source/WebInspectorUI

Web Inspector: Show path from root to instances in the Heap Snapshot content view
https://bugs.webkit.org/show_bug.cgi?id=155478
<rdar://problem/25157408>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-14
Reviewed by Timothy Hatcher.

Localizations/en.lproj/localizedStrings.js:
UserInterface/Main.html:

New strings and resources.

UserInterface/Models/HeapSnapshotNode.js:

(WebInspector.HeapSnapshotNode.prototype.get shortestGCRootPath):
(WebInspector.HeapSnapshotNode.prototype._gcRootPaths.visitNode):
(WebInspector.HeapSnapshotNode.prototype._gcRootPaths):
Helper to get the shortest path from a GC root to the node.

UserInterface/Models/HeapSnapshotRootPath.js: Added.

(WebInspector.HeapSnapshotRootPath):
(WebInspector.HeapSnapshotRootPath.emptyPath):
(WebInspector.HeapSnapshotRootPath.prototype.get node):
(WebInspector.HeapSnapshotRootPath.prototype.get parent):
(WebInspector.HeapSnapshotRootPath.prototype.get pathComponent):
(WebInspector.HeapSnapshotRootPath.prototype.get rootNode):
(WebInspector.HeapSnapshotRootPath.prototype.get fullPath):
(WebInspector.HeapSnapshotRootPath.prototype.isRoot):
(WebInspector.HeapSnapshotRootPath.prototype.isEmpty):
(WebInspector.HeapSnapshotRootPath.prototype.isGlobalScope):
(WebInspector.HeapSnapshotRootPath.prototype.isPathComponentImpossible):
(WebInspector.HeapSnapshotRootPath.prototype.isFullPathImpossible):
(WebInspector.HeapSnapshotRootPath.prototype.appendInternal):
(WebInspector.HeapSnapshotRootPath.prototype.appendArrayIndex):
(WebInspector.HeapSnapshotRootPath.prototype.appendPropertyName):
(WebInspector.HeapSnapshotRootPath.prototype.appendVariableName):
(WebInspector.HeapSnapshotRootPath.prototype.appendGlobalScopeName):
(WebInspector.HeapSnapshotRootPath.prototype.appendEdge):
(WebInspector.HeapSnapshotRootPath.prototype._canPropertyNameBeDotAccess):
Helper class, like PropertyPath, for building a string path to
a HeapSnapshotNode. Typically the path is built up with
HeapSnapshotEdges and so you can build a string such as:
window.foo[0]["prop erty"]._foo.

UserInterface/Views/HeapAllocationsTimelineView.js:

(WebInspector.HeapAllocationsTimelineView.prototype.showHeapSnapshotList):
(WebInspector.HeapAllocationsTimelineView.prototype.showHeapSnapshotTimelineRecord):
(WebInspector.HeapAllocationsTimelineView.prototype.showHeapSnapshotDiff):
(WebInspector.HeapAllocationsTimelineView.prototype.shown):
(WebInspector.HeapAllocationsTimelineView.prototype.hidden):
(WebInspector.HeapAllocationsTimelineView.prototype.closed):
Propogate shown/hidden to the contentViewContainer.
Cleanup the contentViewContainer when closing.

UserInterface/Views/HeapSnapshotInstanceDataGridNode.js:

(WebInspector.HeapSnapshotInstanceDataGridNode.logHeapSnapshotNode):
Helper for logging a HeapSnapshotNode value to the console. If the
path is possible from the root, just output the path in the console
otherwise use a synthetic "Heap Snapshot Object (@1234)" like string.
For strings, just get the preview as we won't get a real RemoteObject.

(WebInspector.HeapSnapshotInstanceDataGridNode.prototype.createCellContent):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler.appendPath):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler.appendPathRow):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler.sanitizeClassName):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler.stringifyEdge):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler):
Give the @1234 id element a mouseover handler to display a popover
with the path from a root. Stop the path at "Window" if possible
to avoid displaying internals like "JSDOMWindowShell".

UserInterface/Views/HeapSnapshotInstancesContentView.css:

(.heap-snapshot .object-id):
(.heap-snapshot .object-id:hover):
(.heap-snapshot > .data-grid tr:not(.selected) td .object-id): Deleted.
(.heap-snapshot .icon):
(.heap-snapshot-instance-popover-content):
(.heap-snapshot-instance-popover-content table):
(.heap-snapshot-instance-popover-content tr):
(.heap-snapshot-instance-popover-content td):
(.heap-snapshot-instance-popover-content td.edge-name):
(.heap-snapshot-instance-popover-content td.object-data):
(.heap-snapshot-instance-popover-content .node):
(.heap-snapshot-instance-popover-content .node *):
Styles for contents of the popover.

UserInterface/Views/HeapSnapshotInstancesContentView.js:

(WebInspector.HeapSnapshotInstancesContentView.prototype.hidden):

UserInterface/Views/HeapSnapshotInstancesDataGridTree.js:

(WebInspector.HeapSnapshotInstancesDataGridTree):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.get popover):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.get popoverNode):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.set popoverNode):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.hidden):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.willDismissPopover):
Have a single popover for the entire tree. Cache and clear
contents of the popover when appropriate.

9:59 PM Changeset in webkit [198195] by achristensen@apple.com

5 edits in trunk/Source

[WinCairo] Compile fix.
https://bugs.webkit.org/show_bug.cgi?id=155463

Patch by Per Arne Vollan <peavo@outlook.com> on 2016-03-14
Reviewed by Alex Christensen.

Get the NetworkStorageSession object from the document in the same way as other platforms do.

Source/WebCore:

loader/CookieJar.cpp:

(WebCore::storageSession):

Source/WebKit/win:

WebCoreSupport/WebFrameNetworkingContext.cpp:

(WebFrameNetworkingContext::storageSession):

WebCoreSupport/WebFrameNetworkingContext.h:

(WebFrameNetworkingContext::storageSession):

9:39 PM Changeset in webkit [198194] by bshafiei@apple.com

1 copy in tags/Safari-602.1.22.0.2

New tag.

9:26 PM Changeset in webkit [198193] by bshafiei@apple.com

1 copy in tags/Safari-601.6.9

New tag.

9:08 PM Changeset in webkit [198192] by Yusuke Suzuki

6 edits in trunk/Source/JavaScriptCore

[JSC] Don't reference the properties of @Reflect directly
https://bugs.webkit.org/show_bug.cgi?id=155436

Reviewed by Geoffrey Garen.

Reflect.ownKeys and Reflect.getOwnPropertyDescriptor can be altered with the user-crafted values.
Instead of referencing them directly, let's reference them through private names.

builtins/ObjectConstructor.js:

(assign):

runtime/CommonIdentifiers.h:
runtime/ObjectConstructor.cpp:

(JSC::ObjectConstructor::finishCreation): Deleted.

runtime/ReflectObject.cpp:

(JSC::ReflectObject::finishCreation):

tests/stress/object-assign-correctness.js:

(runTests.):
(runTests.get let):
(Reflect.ownKeys):
(Reflect.getOwnPropertyDescriptor):
(test.let.handler.switch.case.string_appeared_here.return.get enumerable): Deleted.
(test.let.handler.getOwnPropertyDescriptor): Deleted.
(test.let.handler.ownKeys): Deleted.
(test.let.handler.get getProps): Deleted.
(test.let.handler): Deleted.
(test): Deleted.

9:01 PM Changeset in webkit [198191] by timothy_horton@apple.com

2 edits in trunk/Source/WebCore

<attachment> on iOS should paint its progress indicator instead of a green square
https://bugs.webkit.org/show_bug.cgi?id=155482
<rdar://problem/24805991>

Reviewed by Simon Fraser.

No new tests; there are existing tests that will be enabled shortly.

rendering/RenderThemeIOS.mm:

(WebCore::getAttachmentProgress):
Clamp progress to 0-1.

(WebCore::paintAttachmentProgress):
Paint a pie.

8:53 PM Changeset in webkit [198190] by bshafiei@apple.com

1 copy in tags/Safari-602.1.23

New tag.

8:53 PM Changeset in webkit [198189] by Chris Dumez

37 edits in trunk

Unreviewed, rolling out r197981.

Caused a massive PLT regression on Mac.

Reverted changeset:

"Font antialiasing (smoothing) changes when elements are
rendered into compositing layers"
https://bugs.webkit.org/show_bug.cgi?id=23364
http://trac.webkit.org/changeset/197981

8:51 PM Changeset in webkit [198188] by Chris Dumez

2 edits in trunk/Source/WebCore

Unreviewed, rolling out r198145.

This attempt to disable the feature did not fix the PLT
regression

Reverted changeset:

"Regression(r197981): Huge regression on Mac PLT"
https://bugs.webkit.org/show_bug.cgi?id=155443
http://trac.webkit.org/changeset/198145

7:19 PM WebKitGTK/2.12.x edited by Michael Catanzaro

(diff)

6:52 PM Changeset in webkit [198187] by Dewei Zhu

4 edits in trunk/Tools

Add twisted-15.5.0 module to webkitpy.thirdparty.autoinstalled.
https://bugs.webkit.org/show_bug.cgi?id=154667

Reviewed by Ryosuke Niwa and Simon Fraser.

Add twisted-15.5.0 to webkitpy.thirdparty.autoinstalled.
Minor fix for twsited_http_server used by run-benchmark that we should only stop http server while recieving 'GET /shutdown'.

Scripts/webkitpy/benchmark_runner/http_server_driver/http_server/twisted_http_server.py:

(ServerControl.render_POST): Deleted.

Scripts/webkitpy/thirdparty/init.py:

(AutoinstallImportHook.find_module):
(AutoinstallImportHook._install_twisted_15_5_0):

Scripts/webkitpy/thirdparty/init_unittest.py:

(ThirdpartyTest.test_imports):

6:40 PM Changeset in webkit [198186] by bshafiei@apple.com

5 edits in branches/safari-601.1.46.101-branch/Source

Versioning.

6:36 PM Changeset in webkit [198185] by bshafiei@apple.com

1 copy in branches/safari-601.1.46.101-branch

New Branch.

6:31 PM Changeset in webkit [198184] by bshafiei@apple.com

5 edits in branches/safari-601.1.46-branch/Source

Versioning.

6:27 PM Changeset in webkit [198183] by weinig@apple.com

2 edits in trunk/Source/WebCore

Remove errant space.

page/UserContentController.cpp:

6:21 PM Changeset in webkit [198182] by weinig@apple.com

2 edits in trunk/Source/WebCore

Fix the windows build.

page/UserContentController.cpp:

5:59 PM Changeset in webkit [198181] by Brent Fulgham

2 edits in trunk/LayoutTests

REGRESSION (r197114): Crash in WebCore::MediaDevicesRequest::didCompletePermissionCheck
https://bugs.webkit.org/show_bug.cgi?id=155453

Reviewed by Eric Carlson.
<rdar://problem/24879447>

Reviewed by Dan Bates.

Further refinement to test case: Remove use of 'setTimeout', and ensure the code gets
called by using 'testRunner.waitUntilDone()'/'testRunner.notifyDone()'.

fast/mediastream/enumerating-crash.html:

5:48 PM Changeset in webkit [198180] by weinig@apple.com

42 edits
4 adds in trunk/Source

Add a baseURL parameter to _WKUserStyleSheet
https://bugs.webkit.org/show_bug.cgi?id=155219

Reviewed by Tim Horton.

Source/WebCore:

Moves to a model for user content where instead of each page having a WebCore::UserContentController object, we have an abstract WebCore::UserContentProvider interface that can be implemented at the WebKit level. For now, legacy WebKit continues to use the old UserContentController, which implements WebCore::UserContentProvider, and WebKit2 implements its own implementation so it can store additional state.

WebCore.xcodeproj/project.pbxproj:

Add new files.

dom/ExtensionStyleSheets.cpp:

(WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache):
Switch to using forEachUserStyleSheet on the UserContentProvider.

html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::loadResource):
Remove null check now that we always have a UserContentProvider.

loader/EmptyClients.cpp:

(WebCore::fillWithEmptyClients):

loader/EmptyClients.h:

Add new EmptyClients.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadResourceSynchronously):
Remove null check now that we always have a UserContentProvider.

loader/PingLoader.cpp:

(WebCore::processContentExtensionRulesForLoad):
Remove null check now that we always have a UserContentProvider.

loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::willSendRequestInternal):
Remove null check now that we always have a UserContentProvider.

loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestResource):
Remove null check now that we always have a UserContentProvider.

page/DOMWindow.cpp:

(WebCore::DOMWindow::shouldHaveWebKitNamespaceForWorld):
Remove null checks now that we always have a UserContentProvider, and userMessageHandlerDescriptors
returns a reference.

(WebCore::DOMWindow::open):
Remove null check now that we always have a UserContentProvider.

page/Frame.cpp:

(WebCore::Frame::injectUserScripts):
Simplify by lifting document check out of the main loop and using forEachUserScript.

page/Page.cpp:

(WebCore::Page::Page):
(WebCore::Page::~Page):
(WebCore::Page::userContentProvider):
(WebCore::Page::setUserContentProvider):
(WebCore::Page::setUserContentController): Deleted.

page/Page.h:

(WebCore::Page::userContentController): Deleted.

page/PageConfiguration.h:

Store the UserContentProvider in a Ref, and require PageConfigurations to provide one. This
removes a bunch of null checks and simplifies the code.

page/UserContentController.cpp:

(WebCore::UserContentController::~UserContentController):
(WebCore::UserContentController::forEachUserScript):
(WebCore::UserContentController::forEachUserStyleSheet):
(WebCore::UserContentController::addUserScript):
(WebCore::UserContentController::removeUserScript):
(WebCore::UserContentController::removeUserScripts):
(WebCore::UserContentController::addUserStyleSheet):
(WebCore::UserContentController::removeUserStyleSheet):
(WebCore::UserContentController::removeUserStyleSheets):
(WebCore::UserContentController::addUserMessageHandlerDescriptor):
(WebCore::UserContentController::removeUserMessageHandlerDescriptor):
(WebCore::UserContentController::addUserContentExtension):
(WebCore::UserContentController::removeUserContentExtension):
(WebCore::UserContentController::removeAllUserContentExtensions):
(WebCore::UserContentController::removeAllUserContent):
(WebCore::UserContentController::addPage): Deleted.
(WebCore::UserContentController::removePage): Deleted.
(WebCore::contentExtensionsEnabled): Deleted.
(WebCore::UserContentController::processContentExtensionRulesForLoad): Deleted.
(WebCore::UserContentController::actionsForResourceLoad): Deleted.

page/UserContentController.h:

(WebCore::UserContentController::userScripts): Deleted.
(WebCore::UserContentController::userStyleSheets): Deleted.
(WebCore::UserContentController::userMessageHandlerDescriptors): Deleted.
Add inheritance from UserContentProvider and simplify things by removing unique_ptrs
that were holding the member variables. There is usually only one UserContentController
so having these in unique_ptrs doesn't make much sense.

page/UserContentProvider.cpp: Added.

(WebCore::UserContentProvider::UserContentProvider):
(WebCore::UserContentProvider::~UserContentProvider):
(WebCore::UserContentProvider::addPage):
(WebCore::UserContentProvider::removePage):
(WebCore::UserContentProvider::invalidateInjectedStyleSheetCacheInAllFramesInAllPages):
(WebCore::contentExtensionsEnabled):
(WebCore::UserContentProvider::processContentExtensionRulesForLoad):
(WebCore::UserContentProvider::actionsForResourceLoad):

page/UserContentProvider.h: Added.

Add abstract class for providing user content and add some helpers on it.

page/UserMessageHandlerDescriptor.h:

(WebCore::UserMessageHandlerDescriptor::create):
(WebCore::UserMessageHandlerDescriptor::client):
(WebCore::UserMessageHandlerDescriptor::invalidateClient):

page/UserMessageHandlersNamespace.cpp:

(WebCore::UserMessageHandlersNamespace::handler):
Simplify now that userContentProvider() and userMessageHandlerDescriptors() are references.

Source/WebKit/mac:

WebView/WebView.mm:

(-[WebView _commonInitializationWithFrameName:groupName:]):
(-[WebView initSimpleHTMLDocumentWithStyle:frame:preferences:groupName:]):
(-[WebView setGroupName:]):
Update to account for the name change from UserContentController -> UserContentProvider.

Source/WebKit2:

Moves to a model for user content where instead of using a WebCore::UserContentController object, we implement the new WebCore::UserContentProvider interface (on the existing WebUserContentController object).
Uses this to maintain maps of UserStylesSheets and UserScripts along with their identifiers, freeing up the URL, which had been acting as the identifier, to be used as the baseURL which was what it was intended for.
Adds a baseURL property to _WKUserStyleSheet.

WebKit2.xcodeproj/project.pbxproj:

Add new files.

Scripts/webkit/messages.py:

(headers_for_type):
Add support for sending WebUserContentControllerDataTypes.

Shared/WebUserContentControllerDataTypes.cpp: Added.

(WebKit::WebUserScriptData::encode):
(WebKit::WebUserScriptData::decode):
(WebKit::WebUserStyleSheetData::encode):
(WebKit::WebUserStyleSheetData::decode):

Shared/WebUserContentControllerDataTypes.h: Added.

Add helper types for sending user content over IPC.

UIProcess/API/APIUserScript.cpp:

(API::UserScript::generateUniqueURL):
(API::UserScript::UserScript):

UIProcess/API/APIUserScript.h:
UIProcess/API/APIUserStyleSheet.cpp:

(API::UserStyleSheet::generateUniqueURL):
(API::UserStyleSheet::UserStyleSheet):

UIProcess/API/APIUserStyleSheet.h:

Add identifiers for tracking across processes.

UIProcess/API/Cocoa/_WKUserStyleSheet.h:
UIProcess/API/Cocoa/_WKUserStyleSheet.mm:

(-[_WKUserStyleSheet initWithSource:forMainFrameOnly:legacyWhitelist:legacyBlacklist:baseURL:userContentWorld:]):
(-[_WKUserStyleSheet baseURL]):
Add new initializer which takes a baseURL as well as an accessor for the baseURL.

UIProcess/UserContent/WebUserContentControllerProxy.cpp:

(WebKit::WebUserContentControllerProxy::addProcess):
(WebKit::WebUserContentControllerProxy::addUserScript):
(WebKit::WebUserContentControllerProxy::removeUserScript):
(WebKit::WebUserContentControllerProxy::addUserStyleSheet):
(WebKit::WebUserContentControllerProxy::removeUserStyleSheet):
Pass identifiers as well as user content.

WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::addUserScript):
(WebKit::InjectedBundle::addUserStyleSheet):
Move user content in via move semantics rather than using a unique_ptr.

(WebKit::InjectedBundle::removeUserScript):
(WebKit::InjectedBundle::removeUserStyleSheet):
(WebKit::InjectedBundle::removeUserScripts):
(WebKit::InjectedBundle::removeUserStyleSheets):
(WebKit::InjectedBundle::removeAllUserContent):
Update for new function signatures.

WebProcess/UserContent/WebUserContentController.cpp:

(WebKit::WebUserContentController::WebUserContentController):
(WebKit::WebUserContentController::~WebUserContentController):
(WebKit::WebUserContentController::addUserContentWorlds):
(WebKit::WebUserContentController::removeUserContentWorlds):
(WebKit::WebUserContentController::addUserScripts):
(WebKit::WebUserContentController::removeUserScript):
(WebKit::WebUserContentController::removeAllUserScripts):
(WebKit::WebUserContentController::addUserStyleSheets):
(WebKit::WebUserContentController::removeUserStyleSheet):
(WebKit::WebUserContentController::removeAllUserStyleSheets):
(WebKit::WebUserContentController::addUserScriptMessageHandlers):
(WebKit::WebUserContentController::removeUserScriptMessageHandler):
(WebKit::WebUserContentController::addUserContentExtensions):
(WebKit::WebUserContentController::removeUserContentExtension):
(WebKit::WebUserContentController::removeAllUserContentExtensions):
(WebKit::WebUserContentController::addUserScriptInternal):
(WebKit::WebUserContentController::addUserScript):
(WebKit::WebUserContentController::removeUserScriptWithURL):
(WebKit::WebUserContentController::removeUserScriptInternal):
(WebKit::WebUserContentController::removeUserScripts):
(WebKit::WebUserContentController::addUserStyleSheetInternal):
(WebKit::WebUserContentController::addUserStyleSheet):
(WebKit::WebUserContentController::removeUserStyleSheetWithURL):
(WebKit::WebUserContentController::removeUserStyleSheetInternal):
(WebKit::WebUserContentController::removeUserStyleSheets):
(WebKit::WebUserContentController::removeAllUserContent):
(WebKit::WebUserContentController::forEachUserScript):
(WebKit::WebUserContentController::forEachUserStyleSheet):

WebProcess/UserContent/WebUserContentController.h:
WebProcess/UserContent/WebUserContentController.messages.in:

Convert to inheriting from UserContentProvider, rather than containing a UserContentController.
This means adding the storage for the user content, which has been simplified to avoid using
unique_ptrs.

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::addUserScript):
(WebKit::WebPage::addUserStyleSheet):
(WebKit::WebPage::removeAllUserContent):
Update to call the WebUserContentController, rather than going to the UserContentController, which
no longer exists.

WebProcess/WebPage/WebPageGroupProxy.cpp:

(WebKit::WebPageGroupProxy::userContentController):

WebProcess/WebPage/WebPageGroupProxy.h:

Return the WebUserContentController rather than old UserContentController.

5:47 PM Changeset in webkit [198179] by enrica@apple.com

4 edits
1 add
2 deletes in trunk/Source/WebCore

iOS: RTFD format is not available in the pasteboard after copy/cut.
https://bugs.webkit.org/show_bug.cgi?id=155477
rdar://problem/23500600

Reviewed by Tim Horton.

WebKit is using UTTypeRTFD instead of UTTypeFlatRTFD that is the
proper RTFD format for pastedboard. I also discovered that, when
we create the NSTextAttachment in the NSAttributedString we produce
from the DOM range, we are not generating a file name with the
appropriate extension for the MIME type. The iOS specific implementation
of the MIMETypeRegistry functions were empty.
There is no need to have a differentiation between OS X and iOS, so
we now have only one file called MIMETypeRegistryCocoa.mm.

WebCore.xcodeproj/project.pbxproj:
platform/cocoa/MIMETypeRegistryCocoa.mm: Added.

(WebCore::MIMETypeRegistry::getMIMETypeForExtension):
(WebCore::MIMETypeRegistry::getExtensionsForMIMEType):
(WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType):
(WebCore::MIMETypeRegistry::isApplicationPluginMIMEType):

platform/ios/MIMETypeRegistryIOS.mm: Removed.
platform/ios/PasteboardIOS.mm:

(WebCore::Pasteboard::read):
(WebCore::Pasteboard::supportedPasteboardTypes):
(WebCore::Pasteboard::hasData):

platform/ios/PlatformPasteboardIOS.mm:

(WebCore::PlatformPasteboard::write):

platform/mac/MIMETypeRegistryMac.mm: Removed.

5:39 PM Changeset in webkit [198178] by dbates@webkit.org

9 edits
4 adds in trunk

Web Inspector: Display Content Security Policy hash in details sidebar for script and style elements
https://bugs.webkit.org/show_bug.cgi?id=155466
<rdar://problem/25152480>

Reviewed by Joseph Pecoraro and Timothy Hatcher.

Source/JavaScriptCore:

Add property contentSecurityPolicyHash to store the CSP hash for an HTML style element or an
applicable HTML script element.

inspector/protocol/DOM.json:

Source/WebCore:

For convenience, display the SHA-256 Content Security Policy (CSP) hash in the node details
sidebar for the selected HTML script element or HTML style element. A CSP script hash is
only applicable to inline JavaScript scripts. Therefore, we will display a hash for HTML
script elements only if they do not have a src attribute.

Tests: inspector/dom/csp-big5-hash.html

inspector/dom/csp-hash.html

inspector/InspectorDOMAgent.cpp:

(WebCore::computeContentSecurityPolicySHA256Hash): Added.
(WebCore::InspectorDOMAgent::buildObjectForNode): For an applicable HTML script- or style-
element, pass the computed SHA-256 CSP hash to the Inspector front end.

Source/WebInspectorUI:

Localizations/en.lproj/localizedStrings.js: Add English localized string for the CSP hash UI label.
UserInterface/Models/DOMNode.js:

(WebInspector.DOMNode): Initialize the instance variable this._contentSecurityPolicyHash
with the value passed from the Inspector back end.
(WebInspector.DOMNode.prototype.contentSecurityPolicyHash): Returns the CSP hash for this node.

UserInterface/Views/DOMNodeDetailsSidebarPanel.js:

(WebInspector.DOMNodeDetailsSidebarPanel): Append a row to the end of section Identity to display
the CSP hash (if applicable).
(WebInspector.DOMNodeDetailsSidebarPanel.prototype.refresh): Query the underlying WebInspector.DOMNode
for the CSP hash of the selected node.

LayoutTests:

Add tests to ensure that the WebInspector.DOMNode object associated with an HTML style element
or applicable HTML script element has a valid CSP hash.

inspector/dom/csp-big5-hash-expected.txt: Added.
inspector/dom/csp-big5-hash.html: Added.
inspector/dom/csp-hash-expected.txt: Added.
inspector/dom/csp-hash.html: Added.

5:22 PM Changeset in webkit [198177] by jh718.park@samsung.com

94 edits in trunk/Source

Purge PassRefPtr from ArrayBuffer, ArchiveResource, Pasteboard, LegacyWebArchive and DataObjectGtk
https://bugs.webkit.org/show_bug.cgi?id=150497

Reviewed by Darin Adler.

Source/JavaScriptCore:

runtime/ArrayBuffer.h:

(JSC::ArrayBuffer::create):
(JSC::ArrayBuffer::createAdopted):
(JSC::ArrayBuffer::createFromBytes):
(JSC::ArrayBuffer::createUninitialized):
(JSC::ArrayBuffer::slice):
(JSC::ArrayBuffer::sliceImpl):

Source/WebCore:

No new tests, no new behaviours.

Modules/indexeddb/IDBGetResult.h:

(WebCore::IDBGetResult::IDBGetResult):

Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):

Modules/mediastream/RTCDataChannel.cpp:

(WebCore::RTCDataChannel::didReceiveRawData):

dom/MessageEvent.cpp:

(WebCore::MessageEvent::MessageEvent):

dom/MessageEvent.h:
editing/Editor.cpp:

(WebCore::Editor::selectedRange):

editing/Editor.h:
editing/FrameSelection.h:

(WebCore::FrameSelection::toNormalizedRange):

editing/VisiblePosition.cpp:

(WebCore::makeRange):

editing/VisiblePosition.h:
editing/VisibleSelection.cpp:

(WebCore::VisibleSelection::toNormalizedRange):

editing/VisibleSelection.h:
editing/VisibleUnits.cpp:

(WebCore::enclosingTextUnitOfGranularity):
(WebCore::wordRangeFromPosition):
(WebCore::rangeExpandedByCharactersInDirectionAtWordBoundary):
(WebCore::rangeExpandedAroundPositionByCharacters):

editing/VisibleUnits.h:
editing/cocoa/HTMLConverter.mm:

(HTMLConverter::_addAttachmentForElement):
(fileWrapperForURL):

editing/efl/EditorEfl.cpp:

(WebCore::Editor::webContentFromPasteboard):

editing/gtk/EditorGtk.cpp:

(WebCore::createFragmentFromPasteboardData):
(WebCore::Editor::webContentFromPasteboard):

editing/ios/EditorIOS.mm:

(WebCore::dataInRTFDFormat):
(WebCore::dataInRTFFormat):
(WebCore::Editor::selectionInWebArchiveFormat):
(WebCore::Editor::WebContentReader::addFragment):
(WebCore::Editor::WebContentReader::readWebArchive):
(WebCore::Editor::WebContentReader::readRTFD):
(WebCore::Editor::WebContentReader::readRTF):
(WebCore::Editor::WebContentReader::readImage):
(WebCore::Editor::WebContentReader::readURL):
(WebCore::Editor::webContentFromPasteboard):
(WebCore::Editor::pasteWithPasteboard):
(WebCore::Editor::createFragmentAndAddResources):
(WebCore::Editor::createFragmentForImageResourceAndAddResource):

editing/mac/EditorMac.mm:

(WebCore::Editor::selectionInWebArchiveFormat):
(WebCore::Editor::adjustedSelectionRange):
(WebCore::dataInRTFDFormat):
(WebCore::dataInRTFFormat):
(WebCore::Editor::dataSelectionForPasteboard):
(WebCore::Editor::WebContentReader::readWebArchive):
(WebCore::Editor::WebContentReader::readRTFD):
(WebCore::Editor::WebContentReader::readRTF):
(WebCore::Editor::WebContentReader::readImage):
(WebCore::Editor::WebContentReader::readURL):
(WebCore::Editor::webContentFromPasteboard):
(WebCore::Editor::createFragmentForImageResourceAndAddResource):
(WebCore::Editor::createFragmentAndAddResources):

editing/win/EditorWin.cpp:

(WebCore::createFragmentFromPlatformData):
(WebCore::Editor::webContentFromPasteboard):

inspector/InspectorPageAgent.cpp:

(WebCore::InspectorPageAgent::archive):

loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::mainResourceData):
(WebCore::DocumentLoader::maybeCreateArchive):
(WebCore::DocumentLoader::addArchiveResource):
(WebCore::DocumentLoader::mainResource):

loader/DocumentLoader.h:
loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadArchive):

loader/SubstituteData.h:

(WebCore::SubstituteData::SubstituteData):
(WebCore::SubstituteData::isValid):

loader/SubstituteResource.h:

(WebCore::SubstituteResource::data):
(WebCore::SubstituteResource::SubstituteResource):

loader/appcache/ApplicationCacheGroup.cpp:

(WebCore::ApplicationCacheGroup::didReceiveResponse):
(WebCore::ApplicationCacheGroup::didReceiveData):
(WebCore::ApplicationCacheGroup::didFail):
(WebCore::ApplicationCacheGroup::didReceiveManifestData):
(WebCore::ApplicationCacheGroup::didFinishLoadingManifest):

loader/appcache/ApplicationCacheHost.cpp:

(WebCore::ApplicationCacheHost::maybeLoadMainResource):
(WebCore::ApplicationCacheHost::maybeLoadSynchronously):
(WebCore::ApplicationCacheHost::maybeLoadFallbackSynchronously):

loader/appcache/ApplicationCacheResource.cpp:

(WebCore::ApplicationCacheResource::ApplicationCacheResource):
(WebCore::ApplicationCacheResource::deliver):
(WebCore::ApplicationCacheResource::estimatedSizeInStorage):

loader/appcache/ApplicationCacheResource.h:

(WebCore::ApplicationCacheResource::create):

loader/appcache/ApplicationCacheStorage.cpp:

(WebCore::ApplicationCacheStorage::store):
(WebCore::ApplicationCacheStorage::writeDataToUniqueFileInDirectory):

loader/appcache/ApplicationCacheStorage.h:
loader/archive/ArchiveFactory.cpp:

(WebCore::archiveFactoryCreate):
(WebCore::ArchiveFactory::create):

loader/archive/ArchiveFactory.h:
loader/archive/ArchiveResource.cpp:

(WebCore::ArchiveResource::ArchiveResource):
(WebCore::ArchiveResource::create):

loader/archive/ArchiveResource.h:
loader/archive/ArchiveResourceCollection.cpp:

(WebCore::ArchiveResourceCollection::addResource):

loader/archive/ArchiveResourceCollection.h:
loader/archive/cf/LegacyWebArchive.cpp:

(WebCore::LegacyWebArchive::createPropertyListRepresentation):
(WebCore::LegacyWebArchive::createResource):
(WebCore::LegacyWebArchive::create):
(WebCore::LegacyWebArchive::createFromSelection):

loader/archive/cf/LegacyWebArchive.h:
loader/archive/mhtml/MHTMLArchive.cpp:

(WebCore::MHTMLArchive::create):

loader/archive/mhtml/MHTMLArchive.h:
loader/archive/mhtml/MHTMLParser.cpp:

(WebCore::MHTMLParser::parseArchive):
(WebCore::MHTMLParser::parseArchiveWithHeader):
(WebCore::MHTMLParser::parseNextPart):

loader/archive/mhtml/MHTMLParser.h:
loader/cache/CachedImage.cpp:

(WebCore::CachedImage::didAddClient):

loader/icon/IconDatabase.cpp:

(WebCore::loadDefaultIconRecord):

loader/icon/IconRecord.cpp:

(WebCore::IconRecord::setImageData):

loader/icon/IconRecord.h:
platform/Pasteboard.h:
platform/PasteboardStrategy.h:
platform/PlatformPasteboard.h:
platform/SharedBuffer.cpp:

(WebCore::SharedBuffer::createArrayBuffer):
(WebCore::utf8Buffer):

platform/SharedBuffer.h:

(WebCore::SharedBuffer::create):

platform/cf/SharedBufferCF.cpp:

(WebCore::SharedBuffer::wrapCFData):

platform/cocoa/NetworkExtensionContentFilter.mm:

(WebCore::NetworkExtensionContentFilter::replacementData):

platform/cocoa/ParentalControlsContentFilter.mm:

(WebCore::ParentalControlsContentFilter::replacementData):

platform/graphics/Image.cpp:

(WebCore::Image::setData):

platform/graphics/Image.h:
platform/gtk/DataObjectGtk.cpp:

(WebCore::DataObjectGtk::forClipboard):

platform/gtk/DataObjectGtk.h:

(WebCore::DataObjectGtk::create):

platform/gtk/PasteboardGtk.cpp:

(WebCore::Pasteboard::Pasteboard):
(WebCore::Pasteboard::dataObject):

platform/ios/PasteboardIOS.mm:

(WebCore::Pasteboard::read):

platform/ios/PlatformPasteboardIOS.mm:

(WebCore::PlatformPasteboard::bufferForType):
(WebCore::PlatformPasteboard::readBuffer):

platform/mac/PasteboardMac.mm:

(WebCore::writeFileWrapperAsRTFDAttachment):
(WebCore::Pasteboard::read):

platform/mac/PlatformPasteboardMac.mm:

(WebCore::PlatformPasteboard::bufferForType):

platform/mac/SharedBufferMac.mm:

(WebCore::SharedBuffer::wrapNSData):
(WebCore::SharedBuffer::createFromReadingFile):

platform/network/MIMEHeader.cpp:

(WebCore::retrieveKeyValuePairs):
(WebCore::MIMEHeader::parseHeader):

platform/network/MIMEHeader.h:
platform/soup/SharedBufferSoup.cpp:

(WebCore::SharedBuffer::wrapSoupBuffer):

platform/win/ClipboardUtilitiesWin.cpp:

(WebCore::fragmentFromFilenames):
(WebCore::fragmentFromCFHTML):
(WebCore::fragmentFromHTML):

platform/win/ClipboardUtilitiesWin.h:
platform/win/PasteboardWin.cpp:

(WebCore::Pasteboard::documentFragment):

Source/WebKit/mac:

DOM/WebDOMOperations.mm:

(-[DOMNode webArchive]):
(-[DOMNode webArchiveByFilteringSubframes:]):

WebCoreSupport/WebPlatformStrategies.h:
WebCoreSupport/WebPlatformStrategies.mm:

(WebPlatformStrategies::bufferForType):
(WebPlatformStrategies::readBufferFromPasteboard):

WebView/WebArchive.mm:

(-[WebArchive initWithData:]):

WebView/WebDataSource.mm:

(-[WebDataSource webArchive]):
(-[WebDataSource addSubresource:]):

WebView/WebResource.mm:

(-[WebResource encodeWithCoder:]):
(-[WebResource data]):
(-[WebResource _stringValue]):
(-[WebResource _initWithCoreResource:]): Deleted.

Source/WebKit/win:

WebArchive.cpp:

(WebArchive::initWithNode):

Source/WebKit2:

Shared/APIWebArchive.mm:

(API::WebArchive::WebArchive):

Shared/APIWebArchiveResource.mm:

(API::WebArchiveResource::data):

WebProcess/Plugins/PDF/DeprecatedPDFPlugin.mm:

(WebKit::PDFPlugin::addArchiveResource):

WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:

(WebKit::WebPlatformStrategies::bufferForType):
(WebKit::WebPlatformStrategies::readBufferFromPasteboard):

WebProcess/WebCoreSupport/WebPlatformStrategies.h:
WebProcess/WebCoreSupport/ios/WebEditorClientIOS.mm:

(WebKit::WebEditorClient::documentFragmentFromAttributedString):

WebProcess/WebCoreSupport/mac/WebDragClientMac.mm:

(WebKit::WebDragClient::declareAndWriteDragImage):

WebProcess/WebPage/WebFrame.cpp:

(WebKit::WebFrame::webArchiveData):

WebProcess/WebPage/WebPage.cpp:

(WebKit::resourceDataForFrame):

4:35 PM Changeset in webkit [198176] by benjamin@webkit.org

2 edits in trunk/Source/JavaScriptCore

Andy VanWagoner no longer has time to own Intl

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-14

features.json:

Andy is busy with other things.

Andy, thanks for your amazing work on Intl and your dedication
to making things right.

4:35 PM Changeset in webkit [198175] by commit-queue@webkit.org

2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION(r197974): HeapAllocationsTimelineView broken, doesn't handle Timeline Sidebar Navigation removal
https://bugs.webkit.org/show_bug.cgi?id=155458
<rdar://problem/25150803>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-14
Reviewed by Timothy Hatcher.

UserInterface/Views/HeapAllocationsTimelineView.js:

(WebInspector.HeapAllocationsTimelineView):
(WebInspector.HeapAllocationsTimelineView.prototype.showHeapSnapshotTimelineRecord):
(WebInspector.HeapAllocationsTimelineView.prototype.get selectionPathComponents):
(WebInspector.HeapAllocationsTimelineView.prototype.layout):
(WebInspector.HeapAllocationsTimelineView.prototype._compareHeapSnapshotsClicked):
(WebInspector.HeapAllocationsTimelineView.prototype._dataGridNodeSelected):
(WebInspector.HeapAllocationsTimelineView.prototype.get navigationSidebarTreeOutlineLabel): Deleted.
Update the TimelineView now that there is no sidebar.
Remove any TreeOutline logic and replace with DataGrid logic.

4:33 PM Changeset in webkit [198174] by commit-queue@webkit.org

2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION(r198026): Can't click on Snapshot in Timeline Overview
https://bugs.webkit.org/show_bug.cgi?id=155457
<rdar://problem/25150706>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-14
Reviewed by Timothy Hatcher.

UserInterface/Views/TimelineRuler.js:

(WebInspector.TimelineRuler.prototype._handleClick):
The conditional was accidentally inverted in r198026.

4:31 PM Changeset in webkit [198173] by Julien Brianceau

2 edits in trunk/Source/JavaScriptCore

[mips] Fix unaligned access in LLINT.
https://bugs.webkit.org/show_bug.cgi?id=153228

Address loads used with btbxx opcodes were wrongly converted to lw
instruction instead of lbu, leading to unaligned access on mips
platforms. This is not a bug as it's silently fixed up by kernel,
but it's more efficient to avoid unaligned accesses for mips.

Reviewed by Geoffrey Garen.

offlineasm/mips.rb:

4:28 PM Changeset in webkit [198172] by bshafiei@apple.com

8 edits in tags/Safari-602.1.22.2/Source

Merged r198167. rdar://problem/25128146

4:28 PM Changeset in webkit [198171] by fpizlo@apple.com

9 edits in trunk

REGRESSION(r194394): >2x slow-down on CDjs
https://bugs.webkit.org/show_bug.cgi?id=155471

Unreviewed (rollout).

Source/JavaScriptCore:

This revision changes localeCompare() so that it's *much* slower than before. It's
understandable that sometimes things will get a tiny bit slower when implementing new
language features, but more than 2x regression on a major benchmark is not OK.

This rolls out that change. We can reland it once we think about how to do it in a
performant way.

builtins/StringPrototype.js:

(search):
(localeCompare): Deleted.

runtime/StringPrototype.cpp:

(JSC::StringPrototype::finishCreation):

LayoutTests:

js/dom/script-tests/string-prototype-properties.js:
js/dom/string-prototype-properties-expected.txt:
js/script-tests/string-localeCompare.js:
js/string-localeCompare-expected.txt:
js/string-localeCompare.html:

4:26 PM Changeset in webkit [198170] by bshafiei@apple.com

5 edits in tags/Safari-602.1.22.2/Source

Versioning.

4:23 PM Changeset in webkit [198169] by bshafiei@apple.com

1 copy in tags/Safari-602.1.22.2

New tag.

4:20 PM Changeset in webkit [198168] by mark.lam@apple.com

8 edits in trunk

Need to distinguish between Symbol() and Symbol("").
https://bugs.webkit.org/show_bug.cgi?id=155438

Reviewed by Saam Barati.

Source/JavaScriptCore:

runtime/PrivateName.h:

(JSC::PrivateName::PrivateName):

Source/WTF:

While toString of both Symbol() and Symbol("") yields "Symbol()", Function.name
should yield "" and "[]" respectively. Hence, we need to tell between the two.
This functionality will be needed later in https://bugs.webkit.org/show_bug.cgi?id=155437.

We achieve this by creating another singleton instance like the empty StringImpl
as the null StringImpl. isNullSymbol() tests if the Stringimpl instance is a
symbol, and its substring is the null() singleton.

wtf/text/StringImpl.cpp:

(WTF::StringImpl::createSymbol):
(WTF::StringImpl::createNullSymbol):
(WTF::StringImpl::containsOnlyWhitespace):
(WTF::StringImpl::createSymbolEmpty): Deleted.

wtf/text/StringImpl.h:

(WTF::StringImpl::tryCreateUninitialized):
(WTF::StringImpl::stringKind):
(WTF::StringImpl::isSymbol):
(WTF::StringImpl::isAtomic):
(WTF::StringImpl::isNullSymbol):

wtf/text/StringStatics.cpp:

(WTF::StringImpl::null):

Tools:

TestWebKitAPI/Tests/WTF/StringImpl.cpp:

(TestWebKitAPI::TEST):

Test that the a symbol with an empty string is not equivalent to a null symbol.

4:14 PM Changeset in webkit [198167] by oliver@apple.com

8 edits in trunk/Source

Temporarily disable the separated heap.
https://bugs.webkit.org/show_bug.cgi?id=155472

Reviewed by Geoffrey Garen.

Temporarily disable this.

Configurations/FeatureDefines.xcconfig:

3:58 PM Changeset in webkit [198166] by Beth Dakin

3 edits in trunk/Source/WebKit2

[iOS] WKPreviewAction conforms to NSCopying but doesn’t override -
copyWithZone:
https://bugs.webkit.org/show_bug.cgi?id=155395

Reviewed by Sam Weinig.

UIProcess/API/Cocoa/WKPreviewActionItem.mm:

(-[WKPreviewAction copyWithZone:]):

3:38 PM Changeset in webkit [198165] by Ryan Haddad

2 edits in trunk/LayoutTests

Marking js/funcion-apply.html as flaky on mac debug
https://bugs.webkit.org/show_bug.cgi?id=155411

Unreviewed test gardening.

platform/mac/TestExpectations:

3:22 PM Changeset in webkit [198164] by timothy@apple.com

3 edits in trunk/Source/WebInspectorUI

Web Inspector: cssmin.py does not handle calc(var(--toolbar-height) + var(--tab-bar-height))

https://bugs.webkit.org/show_bug.cgi?id=155464
rdar://problem/25152196

Reviewed by Joseph Pecoraro.

Scripts/cssmin.py:

(cssminify): Check for var when stripping spaces around + and -.

UserInterface/Views/TimelineOverview.js:

(WebInspector.TimelineOverview.prototype._viewModeDidChange):
Drive-by fix to add a missing semi-colon found by the copy-user-interface-resources-dryrun.rb script.

3:08 PM Changeset in webkit [198163] by tonikitoo@webkit.org

4 edits
6 adds in trunk

Selecting with shift+drag results in unexpected drag-n-drop
https://bugs.webkit.org/show_bug.cgi?id=155314

Reviewed by Darin Adler.

Source/WebCore:

Test: editing/selection/shift-drag-selection-no-drag-n-drop.html

Whenever user tries to extend an existing text selection by dragging the mouse
(left button hold) with shift key pressed, WebKit enters drag-n-drop mode.
This behavior does not match common editing behavior out there, including other
browsers' (Firefox, Opera/Presto and IE).

Patch changes WebKit so that whenever one extends a selection with mouse
and shift key pressed off of a #text node, it does not enter drag-n-drop mode.

Additionally, patch also adds some further tests to ensure that when
selection is extended off of either a link or an image, drag-n-drop does
get triggered, no matter if shift key is pressed.

page/EventHandler.cpp:

(WebCore::EventHandler::handleMousePressEvent):

LayoutTests:

Tests that ensure that WebKit:

1) does not enter drag-n-drop mode and extending selection by dragging with mouse with shift key is pressed,

off of a #text node.

2) does enter drag-n-drop mode and extending selection by dragging with mouse with shift key is pressed,

off of a link.

3) does enter drag-n-drop mode and extending selection by dragging with mouse with shift key is pressed,

off of an image.

Note that (1) is a behavior changed by this patch, whereas (2) and (3) represent existing
behavior that is kept.
Tests are also skip for iOS similarly to other drag-n-drop related tests.

fast/events/shift-drag-selection-no-drag-n-drop-expected.txt: Added.
fast/events/shift-drag-selection-no-drag-n-drop.html: Added.
fast/events/shift-drag-selection-on-link-triggers-drag-n-drop-expected.txt: Added.
fast/events/shift-drag-selection-on-link-triggers-drag-n-drop.html: Added.
fast/events/shift-drag-selection-on-image-triggers-drag-n-drop-expected.txt: Added.
fast/events/shift-drag-selection-on-image-triggers-drag-n-drop.html: Added.

3:03 PM Changeset in webkit [198162] by Ryan Haddad

2 edits in trunk/LayoutTests

Marking storage/indexeddb/transaction-abort-private.html as flaky on mac-wk1
https://bugs.webkit.org/show_bug.cgi?id=155067

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

3:03 PM Changeset in webkit [198161] by Ryan Haddad

3 edits in trunk/LayoutTests

Skip test storage/indexeddb/odd-strings.html
https://bugs.webkit.org/show_bug.cgi?id=154975

Unreviewed test gardening.

Removing duplicate expectation for test and skipping since it fails or times out on every run.

TestExpectations:
platform/mac-wk1/TestExpectations:

2:53 PM Changeset in webkit [198160] by Brent Fulgham

3 edits
2 adds in trunk

REGRESSION (r197114): Crash in WebCore::MediaDevicesRequest::didCompletePermissionCheck
https://bugs.webkit.org/show_bug.cgi?id=155453
<rdar://problem/24879447>

Reviewed by Daniel Bates.

Source/WebCore:

Tested by fast/mediastream/enumerating-crash.html.

Modules/mediastream/MediaDevicesRequest.cpp:

(WebCore::MediaDevicesRequest::didCompletePermissionCheck): Prevent UserMediaPermissionCheck object from being
destroyed before the method completes.

LayoutTests:

fast/mediastream/enumerating-crash-expected.txt: Added.
fast/mediastream/enumerating-crash.html: Added.

2:50 PM Changeset in webkit [198159] by commit-queue@webkit.org

6 edits in trunk/Source

Reduce generated JSON HeapSnapshot size
https://bugs.webkit.org/show_bug.cgi?id=155460

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-14
Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

Adjust the HeapSnapshot JSON to better reduce its size.
Changes include:

avoid inner array groups and instead just have a large array for nodes/edges. This removes lots of small array allocations.
eliminate duplicate edges
avoid duplicating edge names by including them in their own table;
now both the nodes and edges lists hold only integers

heap/HeapSnapshotBuilder.cpp:

(JSC::HeapSnapshotBuilder::json):
Add some more documentation for the slightly modified format.
While generating, clear data structures as early as possible.

heap/HeapSnapshotBuilder.h:

(JSC::HeapSnapshotEdge::HeapSnapshotEdge):
During JSON building, the edge's cell pointers are converted to the
identifier they point to. This avoids having to re-lookup the identifier.

tests/heapProfiler/driver/driver.js:

(CheapHeapSnapshotEdge):
(CheapHeapSnapshot):
(CheapHeapSnapshot.prototype.edgeNameFromTableIndex):
(HeapSnapshot):
Update test driver for slightly different snapshot format.

Source/WebInspectorUI:

UserInterface/Models/HeapSnapshot.js:

(WebInspector.HeapSnapshot.fromPayload):
Update for the slightly modified format.

2:44 PM Changeset in webkit [198158] by commit-queue@webkit.org

2 edits in trunk/Source/WebInspectorUI

Unreviewed, rolling out r198095.
https://bugs.webkit.org/show_bug.cgi?id=155467

Made text look poor (Requested by JoePeck on #webkit).

Reverted changeset:

"Web Inspector: Large repaints when typing any character in
console"
https://bugs.webkit.org/show_bug.cgi?id=155387
http://trac.webkit.org/changeset/198095

2:33 PM WebKitGTK/2.10.x edited by clopez@igalia.com

(diff)

2:32 PM Changeset in webkit [198157] by Simon Fraser

2 edits in trunk/Source/WebCore

Fix crash when reloading a page using requestAnimationFrame on iOS
https://bugs.webkit.org/show_bug.cgi?id=155465
rdar://problem/25100202

Reviewed by Tim Horton.

On iOS, it's possible for all clients for a DisplayRefreshMonitor
to be unregistered, but still get a subsequent displayDidRefresh() for that monitor.
In this case, we would remove(notFound) which release-asserts.

Fix by just checking for notFound.

Unable to test because requestAnimationFrame doesn't work in the simulator.

platform/graphics/DisplayRefreshMonitorManager.cpp:

(WebCore::DisplayRefreshMonitorManager::displayDidRefresh):

2:16 PM Changeset in webkit [198156] by andersca@apple.com

3 edits in trunk/Source/WebKit2

Remove usage of -[UIGestureRecognizer requireOtherGestureToFail:]
https://bugs.webkit.org/show_bug.cgi?id=155461
rdar://problem/25143282

Reviewed by Beth Dakin.

Use -[UIGestureRecognizer requireGestureRecognizerToFail:] instead, which has been API ever since UIGestureRecognizer was added.

Platform/spi/ios/UIKitSPI.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _createAndConfigureDoubleTapGestureRecognizer]):

1:55 PM Changeset in webkit [198155] by peavo@outlook.com

3 edits in trunk/Source/WebCore

[WinCairo][MediaFoundation] Implement float versions of MediaPlayer methods.
https://bugs.webkit.org/show_bug.cgi?id=155357

Reviewed by Brent Fulgham.

It is better to implement the float versions of some of the MediaPlayer methods,
since the default implementation of the double versions is to call the float version.
Also added override keyword to overridden methods.

platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:

(WebCore::MediaPlayerPrivateMediaFoundation::seeking):
(WebCore::MediaPlayerPrivateMediaFoundation::seek):
(WebCore::MediaPlayerPrivateMediaFoundation::setRate):
(WebCore::MediaPlayerPrivateMediaFoundation::duration):
(WebCore::MediaPlayerPrivateMediaFoundation::currentTime):
(WebCore::MediaPlayerPrivateMediaFoundation::seekDouble): Deleted.
(WebCore::MediaPlayerPrivateMediaFoundation::setRateDouble): Deleted.
(WebCore::MediaPlayerPrivateMediaFoundation::durationDouble): Deleted.

platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:

1:55 PM Changeset in webkit [198154] by keith_miller@apple.com

26 edits
1 add in trunk/Source/JavaScriptCore

We should be able to eliminate cloned arguments objects that use the length property
https://bugs.webkit.org/show_bug.cgi?id=155391

Reviewed by Geoffrey Garen.

Previously if a programmer tried to use arguments.length in a strict function we would not eliminate the
arguments object. We were unable to eliminate the arguments object because the user would get a cloned arguments
object, which does not special case the length property. Thus, in order to get arguments elimination for cloned
we need to add a special case. There are two things that need to happen for the elimination to succeed.

First, we need to eliminate the CheckStructure blocking the GetByOffset for the length property. In order to
eliminate the check structure we need to prove to the Abstract Interpreter that this structure check is
unnesssary. This didn't occur before for two reasons: 1) CreateClonedArguments did not set the structure it
produced. 2) Even if CreateClonedArguments provided the global object's cloned arguments structure we would
transition the new argements object when we added the length property during construction. To fix the second
problem we now pre-assign a slot on clonedArgumentsStructure for the length property. Additionally, in order to
prevent future transitions of the structure we need to choose an indexing type for the structure. Since, not
eliminating the arguments object is so expensive we choose to have all cloned arguments start with continuous
indexing type, this avoids transitioning when otherwise we would not have to. In the future we should be smarter
about choosing the indexing type but since its relatively rare to have a arguments object escape we don't worry
about this for now.

Additionally, this patch renames all former references of outOfBandArguments to clonedArguments and adds
extra instrumentation to DFGArgumentsEliminationPhase.

bytecode/BytecodeList.json:
bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

bytecode/ValueRecovery.h:

(JSC::ValueRecovery::clonedArgumentsThatWereNotCreated):
(JSC::ValueRecovery::outOfBandArgumentsThatWereNotCreated): Deleted.

bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):

dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGArgumentsEliminationPhase.cpp:
dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

dfg/DFGOperations.cpp:
dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCreateClonedArguments):

dfg/DFGStructureRegistrationPhase.cpp:

(JSC::DFG::StructureRegistrationPhase::run):

dfg/DFGVariableEventStream.cpp:

(JSC::DFG::VariableEventStream::tryToSetConstantRecovery):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileCreateClonedArguments):

ftl/FTLOperations.cpp:

(JSC::FTL::operationMaterializeObjectInOSR):

jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):

jit/JIT.h:
jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_create_cloned_arguments):
(JSC::JIT::emit_op_create_out_of_band_arguments): Deleted.

llint/LowLevelInterpreter.asm:
runtime/ClonedArguments.cpp:

(JSC::ClonedArguments::ClonedArguments):
(JSC::ClonedArguments::createEmpty):
(JSC::ClonedArguments::createWithInlineFrame):
(JSC::ClonedArguments::createByCopyingFrom):
(JSC::ClonedArguments::createStructure):

runtime/ClonedArguments.h:
runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):

runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::clonedArgumentsStructure):
(JSC::JSGlobalObject::outOfBandArgumentsStructure): Deleted.

1:54 PM Changeset in webkit [198153] by andersca@apple.com

2 edits in trunk/Source/WebKit2

REGRESSION (r191691): Can't Share Selected Text
https://bugs.webkit.org/show_bug.cgi?id=155459
rdar://problem/24893625

Reviewed by Tim Horton.

Add the selected text as well. Somehow this got lost in the refactoring.

UIProcess/mac/WebContextMenuProxyMac.mm:

(WebKit::WebContextMenuProxyMac::createShareMenuItem):

1:27 PM Changeset in webkit [198152] by timothy_horton@apple.com

10 edits in trunk/Source

Revert r194125 and r194186: We're going to fix this a different way.

page/EventHandler.cpp:

(WebCore::EventHandler::clear):

page/EventHandler.h:

Shared/NativeWebGestureEvent.h:
Shared/mac/NativeWebGestureEventMac.mm:

(WebKit::pointForEvent):
(WebKit::NativeWebGestureEvent::NativeWebGestureEvent):
(WebKit::distanceForTouches): Deleted.

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView selectFindMatch:completionHandler:]):
(-[WKWebView _web_superInputContext]):
(-[WKWebView touchesBeganWithEvent:]): Deleted.
(-[WKWebView touchesMovedWithEvent:]): Deleted.
(-[WKWebView touchesEndedWithEvent:]): Deleted.
(-[WKWebView touchesCancelledWithEvent:]): Deleted.

UIProcess/API/mac/WKView.mm:

(-[WKView namesOfPromisedFilesDroppedAtDestination:]):
(-[WKView initWithFrame:processPool:configuration:webView:]):
(-[WKView touchesBeganWithEvent:]): Deleted.
(-[WKView touchesMovedWithEvent:]): Deleted.
(-[WKView touchesEndedWithEvent:]): Deleted.
(-[WKView touchesCancelledWithEvent:]): Deleted.

UIProcess/Cocoa/WebViewImpl.h:
UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::WebViewImpl):
(WebKit::WebViewImpl::magnifyWithEvent):
(WebKit::WebViewImpl::smartMagnifyWithEvent):
(WebKit::WebViewImpl::rotateWithEvent):
(WebKit::WebViewImpl::touchesOrderedByAge): Deleted.
(WebKit::WebViewImpl::touchesBeganWithEvent): Deleted.
(WebKit::WebViewImpl::touchesMovedWithEvent): Deleted.
(WebKit::WebViewImpl::touchesEndedWithEvent): Deleted.
(WebKit::WebViewImpl::touchesCancelledWithEvent): Deleted.

1:13 PM Changeset in webkit [198151] by youenn.fablet@crf.canon.fr

7 edits in trunk

[Fetch API] FetchLoader should check for empty bodies
https://bugs.webkit.org/show_bug.cgi?id=155440

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

web-platform-tests/fetch/api/request/request-consume-empty-expected.txt:
web-platform-tests/fetch/api/request/request-consume-empty.html:
web-platform-tests/fetch/api/response/response-consume-empty-expected.txt:
web-platform-tests/fetch/api/response/response-consume-empty.html:

Source/WebCore:

Covered by added tests.

Modules/fetch/FetchLoader.cpp:

(WebCore::FetchLoader::didFinishLoading): returning empty array buffer/empty string if no data received during loading.

1:07 PM Changeset in webkit [198150] by sbarati@apple.com

6 edits in trunk/Source/JavaScriptCore

[ES6] Make JSON.stringify ES6 compatible
https://bugs.webkit.org/show_bug.cgi?id=155448

Reviewed by Sam Weinig and Mark Lam.

We weren't following the spec with respect to the "toJSON" property
of the thing being stringified. We were perform hasProperty(.)
on "toJSON" instead of get(.). This patch changes it our
implementation to perform get(value, "toJSON").

runtime/JSCJSValue.h:
runtime/JSCJSValueInlines.h:

(JSC::JSValue::isFunction):
(JSC::JSValue::isCallable):

runtime/JSONObject.cpp:

(JSC::Stringifier::toJSON):
(JSC::Stringifier::toJSONImpl):
(JSC::Stringifier::appendStringifiedValue):

tests/es6.yaml:
tests/stress/proxy-json.js:

(test):
(test.let.handler.get assert):
(test.let.handler):

1:06 PM Changeset in webkit [198149] by andersca@apple.com

6 edits in trunk/Source

Fix build.

Source/WebKit/mac:

Ignore nullability warnings, create an empty PDF selection.

WebView/WebPDFView.mm:

(-[WebPDFView centerSelectionInVisibleArea:]):
(-[WebPDFView searchFor:direction:caseSensitive:wrap:startInSelection:]):
(+[WebPDFView _PDFSelectionClass]):
(-[WebPDFView _nextMatchFor:direction:caseSensitive:wrap:fromSelection:startInSelection:]):

Source/WebKit2:

Create an empty PDF selection.

Shared/mac/PDFKitImports.h:
Shared/mac/PDFKitImports.mm:

(WebKit::pdfSelectionClass):

WebProcess/Plugins/PDF/DeprecatedPDFPlugin.mm:

(WebKit::PDFPlugin::nextMatchForString):

12:40 PM Changeset in webkit [198148] by sbarati@apple.com

6 edits in trunk

[ES6] Disallow var assignments in for-in loops
https://bugs.webkit.org/show_bug.cgi?id=155451

Reviewed by Mark Lam.

Source/JavaScriptCore:

We're doing this in its own patch instead of the patch for https://bugs.webkit.org/show_bug.cgi?id=155384
because last time we made this change it broke some websites. Lets try making
it again because it's what the ES6 mandates. If it still breaks things we will
roll it out.

parser/Parser.cpp:

(JSC::Parser<LexerType>::parseForStatement):

LayoutTests:

js/parser-syntax-check-expected.txt:
js/script-tests/parser-syntax-check.js:

12:33 PM Changeset in webkit [198147] by Beth Dakin

3 edits in trunk/Source/WebKit2

Unable to commit previews in Mobile Safari
https://bugs.webkit.org/show_bug.cgi?id=155450
-and corresponding-
rdar://problem/25135529

Reviewed by Tim Horton.

_uiDelegateProvidedPreviewingViewController was being consulted before
invoking the old SPI, which was always wrong. It should have been consulted
before calling the new API! But also, it doesn’t seem to be necessary at all
since [WKContentView _previewItemController:commitPreview:] is only invoked
when a custom view controller has been provided.

UIProcess/ios/WKContentViewInteraction.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _registerPreview]):
(-[WKContentView _unregisterPreview]):
(-[WKContentView _interactionShouldBeginFromPreviewItemController:forPosition:]):
(-[WKContentView _presentedViewControllerForPreviewItemController:]):
(-[WKContentView _previewItemController:commitPreview:]):

12:15 PM Changeset in webkit [198146] by bshafiei@apple.com

5 edits in branches/safari-601-branch/Source

Versioning.

12:01 PM Changeset in webkit [198145] by Chris Dumez

2 edits in trunk/Source/WebCore

Regression(r197981): Huge regression on Mac PLT
https://bugs.webkit.org/show_bug.cgi?id=155443
<rdar://problem/25113391>

Reviewed by Gavin Barraclough.

We have experience a huge regression on Mac PLT after r197981, so
disable the feature until the performance issue is resolved.

platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayer::supportsSmoothedLayerText):

11:38 AM Changeset in webkit [198144] by sbarati@apple.com

7 edits in trunk

assignments in for-in/for-of header not allowed
https://bugs.webkit.org/show_bug.cgi?id=155384

Reviewed by Darin Adler.

Source/JavaScriptCore:

This patch prevents assignments to the loop variable
in for in/of loops in all but one situation. The following
syntax is still allowed even though the spec prevents it:
`
for (var i = X in blah) ;
`
If the loop contains let/const, destructuring, or is a for-of
loop, we always throw a syntax error if there is an assignment.
We can do this with full backwards compatibility.
We only allow the above type of for-in loops because Oliver told
me that when he tried to make such programs illegal he ran
into real websites breaking.

This patch also removed the !::CreatesAST compile-time branch when checking
assignments to new.target. This was a dangerous thing for me
to introduce into our parser. There are times where ::CreatesAST
is true but we also want to check for syntax errors. For example,
when parsing the top-level AST of a program. Though this check
was technically correct, it's dangerous to have. It was correct
because we would always be reparsing the new.target assignment
because new.target is only allowed inside a function. That made it
so that (!::CreatesAST <=> we care about new.target assignment syntax errors).
But, (!::CreatesAST <=> we care about syntax error X) is not true in general.
I think it's safer to remove such code.

parser/ASTBuilder.h:

(JSC::ASTBuilder::createNewTargetExpr):
(JSC::ASTBuilder::isNewTarget):
(JSC::ASTBuilder::createResolve):

parser/Nodes.h:

(JSC::ExpressionNode::isBoolean):
(JSC::ExpressionNode::isSpreadExpression):
(JSC::ExpressionNode::isSuperNode):
(JSC::ExpressionNode::isNewTarget):
(JSC::ExpressionNode::isBytecodeIntrinsicNode):

parser/Parser.cpp:

(JSC::Parser<LexerType>::parseForStatement):
(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::Parser<LexerType>::parseUnaryExpression):

LayoutTests:

js/parser-syntax-check-expected.txt:
js/script-tests/parser-syntax-check.js:

11:29 AM Changeset in webkit [198143] by Brent Fulgham

7 edits in trunk/Source

PingHandle delete's itself but pointer is still used by handleDataURL
https://bugs.webkit.org/show_bug.cgi?id=154752
<rdar://problem/24872347>

Source/WebCore:

Patch by Chris Vienneau <chris.vno@outlook.com> on 2016-03-14
Reviewed by Alex Christensen.

When a PingHandle is destroyed, we should tell its client so that the client can clear the pointer it
holds to the element to avoid accidentally attempting to use deallocated memory.

The ResourceHandle's client member may be null after "didReceiveResponse" is called. We should confirm
the client is still valid after these calls.

platform/network/DataURL.cpp:

(WebCore::handleDataURL): Check the client pointer before using it.

platform/network/PingHandle.h:

(WebCore::PingHandle::~PingHandle): Notify the client we are being destroyed.

platform/platform/network/ResourceHandle.h:

Source/WebKit2:

Reviewed by Alex Christensen.

When a PingLoad is destroyed, we should tell its client so that the client can clear the pointer it
holds to the element to avoid accidentally attempting to use deallocated memory.

NetworkProcess/PingLoad.h:

(WebKit::PingLoad::~PingLoad): Notify the client we are being destroyed.

11:13 AM Changeset in webkit [198142] by Alan Bujtas

3 edits
2 adds in trunk

Negative outline offset could break curved outline-style: auto
https://bugs.webkit.org/show_bug.cgi?id=155416

Reviewed by Tim Horton.

When radius becomes negative the rounded rect could end up being un-renderable -> no rounded corners at all.

Source/WebCore:

Test: fast/inline/hidpi-outline-auto-negative-offset-with-border-radius.html

platform/graphics/PathUtilities.cpp:

(WebCore::adjustedtRadiiForHuggingCurve):

LayoutTests:

fast/inline/hidpi-outline-auto-negative-offset-with-border-radius-expected.html: Added.
fast/inline/hidpi-outline-auto-negative-offset-with-border-radius.html: Added.

11:09 AM Changeset in webkit [198141] by ddkilzer@apple.com

3 edits in trunk/Tools

Remove blank lines after #include "config.h"

Follow-up fix from review comments on Bug 155394.

TestWebKitAPI/PlatformUtilities.cpp:
TestWebKitAPI/Tests/WTF/RefLogger.cpp:

11:01 AM Changeset in webkit [198140] by Alan Bujtas

5 edits
2 adds in trunk

[Outline: auto] Fractional radius value could result in non-renderable rounded border.
https://bugs.webkit.org/show_bug.cgi?id=155420

Reviewed by Tim Horton.

RoundedRect::pixelSnappedRoundedRectForPainting ensures that the rounded rect is always renderable.

Source/WebCore:

Test: fast/inline/hidpi-outline-auto-with-fractional-radius.html

platform/graphics/PathUtilities.cpp:

(WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):

platform/graphics/PathUtilities.h:
rendering/RenderElement.cpp:

(WebCore::RenderElement::paintFocusRing):

LayoutTests:

fast/inline/hidpi-outline-auto-with-fractional-radius-expected.html: Added.
fast/inline/hidpi-outline-auto-with-fractional-radius.html: Added.

10:53 AM WebKitIDL edited by youenn.fablet@crf.canon.fr

(diff)

10:30 AM Changeset in webkit [198139] by youenn.fablet@crf.canon.fr

1 edit in trunk/LayoutTests/TestExpectations

Unreviewed.
Marking imported/fetch/api/request/request-consume.html as flaky on debug builds.

10:22 AM Changeset in webkit [198138] by Alan Bujtas

3 edits
2 adds in trunk

Outline: auto has sharp corners with single line contenteditable.
https://bugs.webkit.org/show_bug.cgi?id=155418

Reviewed by Tim Horton.

Multiple rectangles assumed multiline content and it broke bottomLeft and bottomRight corner check.
This patch adds fast path for polygons with 4 corners.

Source/WebCore:

Test: fast/inline/hidpi-outline-auto-with-one-focusring-rect.html

platform/graphics/PathUtilities.cpp:

(WebCore::cornerType):
(WebCore::cornerTypeForMultiline):
(WebCore::rectFromPolygon):
(WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):

LayoutTests:

fast/inline/hidpi-outline-auto-with-one-focusring-rect-expected.html: Added.
fast/inline/hidpi-outline-auto-with-one-focusring-rect.html: Added.

10:18 AM Changeset in webkit [198137] by jdiggs@igalia.com

7 edits in trunk

[AX] SVG element with child desc not exposed
https://bugs.webkit.org/show_bug.cgi?id=155374

Reviewed by Darin Adler.

Source/WebCore:

Covered by the accessibility/w3c-svg-roles.html test, which was updated.

AccessibilitySVGRoot is now a subclass of AccessibilitySVGElement, which
exposes SVG elements with a child desc element as per the specification.
Also made existing protected methods private.

accessibility/AccessibilitySVGElement.h:
accessibility/AccessibilitySVGRoot.cpp:

(WebCore::AccessibilitySVGRoot::AccessibilitySVGRoot):
(WebCore::AccessibilitySVGRoot::parentObject):

accessibility/AccessibilitySVGRoot.h:

LayoutTests:

platform/gtk/accessibility/w3c-svg-roles-expected.txt: Updated.
platform/mac/accessibility/w3c-svg-roles-expected.txt: Updated.

9:55 AM Changeset in webkit [198136] by Ryan Haddad

2 edits in trunk/LayoutTests

Skip asserting test http/tests/security/aboutBlank/security-context-write.html
https://bugs.webkit.org/show_bug.cgi?id=94458

Unreviewed test gardening.

TestExpectations:

9:27 AM Changeset in webkit [198135] by Darin Adler

3 edits in trunk/LayoutTests

Add copy/paste plug-in check for XHTML document
https://bugs.webkit.org/show_bug.cgi?id=106350

TestExpectations: Re-enable test now that it works in WebKit 1.
editing/pasteboard/paste-noplugin-xhtml.xhtml: Fixed problem where test would try to

call setBlockAllPlugins even when it did not exist. Turns out that's needed for the
test to run under WebKit 2, but not needed at all under WebKit 1.

9:16 AM Changeset in webkit [198134] by ap@apple.com

2 edits in trunk/Source/WebCore

Build fix.

Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::loadedBlobAsText):

8:58 AM Changeset in webkit [198133] by youenn.fablet@crf.canon.fr

15 edits
3 copies
1 add in trunk

[Fetch API] Implement data resolution for blob stored in Body
https://bugs.webkit.org/show_bug.cgi?id=155359

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

web-platform-tests/fetch/api/request/request-consume-expected.txt:
web-platform-tests/fetch/api/request/request-consume.html:
web-platform-tests/fetch/api/request/request-init-002-expected.txt:
web-platform-tests/fetch/api/response/response-consume-expected.txt:
web-platform-tests/fetch/api/response/response-consume.html:
web-platform-tests/fetch/api/response/response-init-002-expected.txt:

Source/WebCore:

Introducing FetchLoader as a wrapper around ThreadableLoader to load resources.
FetchLoader can retrieve data as text or array buffer. It only supports blob currently.

Introducing FetchLoaderClient interface and FetchBodyOwner::BlobLoader as specifc blob loader client.

Covered by existing rebased tests.

CMakeLists.txt:
Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::loadingType):
(WebCore::FetchBody::loadedAsArrayBuffer):
(WebCore::FetchBody::loadedAsText):

Modules/fetch/FetchBody.h:
Modules/fetch/FetchBodyOwner.cpp: Added.

(WebCore::FetchBodyOwner::FetchBodyOwner):
(WebCore::FetchBodyOwner::loadBlob):
(WebCore::FetchBodyOwner::finishBlobLoading):
(WebCore::FetchBodyOwner::blobLoadingFailed):
(WebCore::FetchBodyOwner::BlobLoader::didReceiveResponse):

Modules/fetch/FetchBodyOwner.h:

(WebCore::FetchBodyOwner::loadedBlobAsText):
(WebCore::FetchBodyOwner::loadedBlobAsArrayBuffer):
(WebCore::FetchBodyOwner::blobLoadingSucceeded):

Modules/fetch/FetchLoader.cpp: Added.

(WebCore::FetchLoader::start):
(WebCore::FetchLoader::FetchLoader):
(WebCore::FetchLoader::stop):
(WebCore::FetchLoader::didReceiveResponse):
(WebCore::FetchLoader::didReceiveData):
(WebCore::FetchLoader::didFinishLoading):
(WebCore::FetchLoader::didFail):

Modules/fetch/FetchLoader.h: Added.
Modules/fetch/FetchLoaderClient.h: Added.

(WebCore::FetchLoaderClient::~FetchLoaderClient):
(WebCore::FetchLoaderClient::didReceiveResponse):
(WebCore::FetchLoaderClient::didFinishLoadingAsText):
(WebCore::FetchLoaderClient::didFinishLoadingAsArrayBuffer):

WebCore.xcodeproj/project.pbxproj:

8:42 AM Changeset in webkit [198132] by commit-queue@webkit.org

5 edits in trunk

Restored ENABLE_WEBCORE option and used it in JSCOnly port.
https://bugs.webkit.org/show_bug.cgi?id=155428

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-14
Reviewed by Michael Catanzaro.

This is a partial revert of r182624.

CMakeLists.txt:
Source/CMakeLists.txt:
Source/cmake/OptionsJSCOnly.cmake:
Source/cmake/WebKitFS.cmake:

8:40 AM Changeset in webkit [198131] by fred.wang@free.fr

2 edits in trunk/Tools

Unreviewed: Add my professional email address.

Scripts/webkitpy/common/config/contributors.json:

8:26 AM Changeset in webkit [198130] by fred.wang@free.fr

2 edits in trunk/LayoutTests

Skip accessibility/internal-link-anchors2.html as the linked ui element API is not supported for links.

Unreviewed test gardening.

platform/gtk/TestExpectations:

8:19 AM Changeset in webkit [198129] by fred.wang@free.fr

4 edits
2 adds in trunk

Make MathML colspan/rowspan consistent with HTML table cells.
https://bugs.webkit.org/show_bug.cgi?id=150253

Patch by Frederic Wang <fwang@igalia.com> on 2016-03-14
Reviewed by Martin Robinson.

Source/WebCore:

Test: mathml/rowspan-crash.xhtml

We make MathMLElement::colSpan and MathMLElement::rowSpan consistent with the corresponding functions in HTMLTableCellElement.cpp.
These functions now return unsigned integers, use the same parsing functions and set a maximum for rowspan.
This latter change fixes crash/timeout with large values of rowspan.

mathml/MathMLElement.cpp: Include HTMLParserIdioms to use limitToOnlyHTMLNonNegative.

(WebCore::MathMLElement::colSpan): Use unsigned integer and limitToOnlyHTMLNonNegative.
(WebCore::MathMLElement::rowSpan): ditto. We also use the same maximum limit as HTMLTableCellElement.

mathml/MathMLElement.h: Make colSpan and rowSpan return unsigned integers.

LayoutTests:

We import crashing test from bug 150253.

mathml/rowspan-crash-expected.txt: Added.
mathml/rowspan-crash.xhtml: Added.

8:17 AM Changeset in webkit [198128] by Darin Adler

2 edits in trunk/LayoutTests

Continue work on https://bugs.webkit.org/show_bug.cgi?id=106350

TestExpectations: Disable test fow now since it seems to be failing in WebKit 1 and depends on hooks not present in WebKit 1 test runner.

8:13 AM Changeset in webkit [198127] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

Enable GSS-Negotiate support in libsoup
https://bugs.webkit.org/show_bug.cgi?id=155354

Patch by Tomas Popela <tpopela@redhat.com> on 2016-03-14
Reviewed by Carlos Garcia Campos.

Enable the SOUP_TYPE_AUTH_NEGOTIATE feature if libsoup was compiled
with the GSS-Negotiate support.

platform/network/soup/SoupNetworkSession.cpp:

(WebCore::SoupNetworkSession::SoupNetworkSession):

7:17 AM Changeset in webkit [198126] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2

Merge r198124 - [GTK] Reimplement webkit_web_context_clear_cache functionality.
https://bugs.webkit.org/show_bug.cgi?id=146041

Reviewed by Michael Catanzaro.

UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_clear_cache):

7:13 AM Changeset in webkit [198125] by Carlos Garcia Campos

2 edits in trunk/Source/WebKit2

Unreviewed. Fix the GTK+ build after r198124.

WebsiteDataTypes is now an OptionSet.

UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_clear_cache):

6:36 AM Changeset in webkit [198124] by Carlos Garcia Campos

2 edits in trunk/Source/WebKit2

[GTK] Reimplement webkit_web_context_clear_cache functionality.
https://bugs.webkit.org/show_bug.cgi?id=146041

Reviewed by Michael Catanzaro.

UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_clear_cache):

6:16 AM Changeset in webkit [198123] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2

Merge r198098 - Install WebKit2 WebProcess NetworkProcess on OSX when not building the Mac PORT
https://bugs.webkit.org/show_bug.cgi?id=152651

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-14
Reviewed by Philippe Normand.

CMakeLists.txt:

6:12 AM WebKitGTK/2.12.x edited by Carlos Garcia Campos

(diff)

6:12 AM Changeset in webkit [198122] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.12

Merge r198058 - [GTK][Mac] Don't force ENABLE_INTROSPECTION=OFF on Mac
https://bugs.webkit.org/show_bug.cgi?id=152650

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-12
Reviewed by Carlos Garcia Campos.

Source/cmake/OptionsGTK.cmake:

Source/WebKit2:
[GTK][Mac] Use DYLD_LIBRARY_PATH on OSX rather then LD_LIBRARY_PATH
https://bugs.webkit.org/show_bug.cgi?id=152650

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-12
Reviewed by Carlos Garcia Campos.

PlatformGTK.cmake:

6:09 AM Changeset in webkit [198121] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2

Merge r197927 - [GTK] Artifacts when using web view background color
https://bugs.webkit.org/show_bug.cgi?id=155229

Reviewed by Mario Sanchez Prada.

This is because when using a web view color, we fill with the
color every rectangle updated by the web process, but we should
always fill the entire backing store before rendering the actual
contents on top.

WebProcess/WebPage/DrawingAreaImpl.cpp:

(WebKit::DrawingAreaImpl::display): Ensure the web process always
renders the whole visible rectangle when background is rendered by
the UI process.

6:08 AM Changeset in webkit [198120] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r197998 - [GTK] Fix rendering of slider input elements
https://bugs.webkit.org/show_bug.cgi?id=155296

Reviewed by Michael Catanzaro.

Use the new gadgets for newer GTK+ and improve a bit the rendering
for previous versions to better match GTK+.

rendering/RenderThemeGtk.cpp:

(WebCore::createStyleContext): Add ScaleContents and
ScaleHighlight parts that are only used with GTK+ 3.19.
(WebCore::RenderThemeGtk::paintSliderTrack): Use a smaller trough,
centered in the given rectangle to better match GTK+. Also render
the hightlight gadget with GTK+ 3.19.
(WebCore::RenderThemeGtk::paintSliderThumb): Also create the style
context for contents gadget.
(WebCore::RenderThemeGtk::adjustSliderThumbSize): Take into
account the slider border when calculating the slider thumb size.

6:07 AM Changeset in webkit [198119] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r197997 - [GTK] Scrollbars are broken once again with current GTK+ master
https://bugs.webkit.org/show_bug.cgi?id=155292

Reviewed by Michael Catanzaro.

Most of the trough theming properties have been moved to the
scrollbar, and a new gadget "contents" has been added between the
scrollbar and its children.

platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::getOrCreateStyleContext): Add
left/bottom style classes to ensure the scrollbars border is taken
into account and rendered.
(WebCore::ScrollbarThemeGtk::paintTrackBackground): Also create
style context for contents gadget.
(WebCore::ScrollbarThemeGtk::paintThumb): Ditto.
(WebCore::ScrollbarThemeGtk::paintButton): Ditto.
(WebCore::ScrollbarThemeGtk::scrollbarThickness): Take the
scrollbar border into account.
(WebCore::ScrollbarThemeGtk::buttonSize): Also create style
context for contents gadget.
(WebCore::ScrollbarThemeGtk::getStepperSpacing): Ditto.
(WebCore::ScrollbarThemeGtk::minimumThumbLength): Ditto.
(WebCore::ScrollbarThemeGtk::thumbFatness): Ditto.
(WebCore::ScrollbarThemeGtk::getTroughBorder): Take the scrollbar
border into account.

6:06 AM Changeset in webkit [198118] by Carlos Garcia Campos

12 edits in releases/WebKitGTK/webkit-2.12

Merge r197811 - Font size computed style is innaccurate
https://bugs.webkit.org/show_bug.cgi?id=154705
<rdar://problem/23474068>

Reviewed by Timothy Hatcher.

Source/WebCore:

Safari rounds the font size value reported to getComputedStyle(). Neither Firefox
nor Chrome do this.

Covered by existing tests.

css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::getFontSizeCSSValuePreferringKeyword):
(WebCore::fontSizeFromStyle):

LayoutTests:

Update expected results.

css3/calc/font-size-fractional-expected.txt:
css3/viewport-percentage-lengths/viewport-percentage-lengths-relative-font-size.html:
css3/viewport-percentage-lengths/viewport-percentage-lengths-relative-font-size-expected.txt:
editing/mac/attributed-string/font-size-expected.txt:
editing/mac/attributed-string/vertical-align-expected.txt:
platform/mac-mavericks/editing/mac/attributed-string/font-size-expected.txt:
platform/mac-mavericks/editing/mac/attributed-string/vertical-align-expected.txt:
platform/mac-yosemite/editing/mac/attributed-string/font-size-expected.txt:
platform/mac-yosemite/editing/mac/attributed-string/vertical-align-expected.txt:

5:15 AM Changeset in webkit [198117] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebInspectorUI

Merge r197802 - Web Inspector: Images being blocked by CSP 2.0
https://bugs.webkit.org/show_bug.cgi?id=155182
<rdar://problem/25040640>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-08
Reviewed by Daniel Bates.

UserInterface/Main.html:

Allow Web Inspector to load file: and blob: image resources.
Also blob: media and font resources.

5:10 AM Changeset in webkit [198116] by youenn.fablet@crf.canon.fr

8 edits in trunk

Web platform test server should not try to launch servers on already bound sockets
https://bugs.webkit.org/show_bug.cgi?id=141157

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

resources/config.json: Changed wpt https port from 8443 to 9443.
web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Updated according https port change.
web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Ditto.
web-platform-tests/fetch/api/basic/mode-same-origin-expected.txt: Ditto.
web-platform-tests/fetch/api/basic/mode-same-origin-worker-expected.txt: Ditto.

Tools:

Scripts/webkitpy/layout_tests/servers/web_platform_test_server.py:

(wpt_config_json): Load WPT config from LayoutTests/imported/w3c/resources/config.json.
(base_url): Refactored to use wpt_config_json routine.
(WebPlatformTestServer.init): Fill port mappings according WPT config.

5:02 AM Changeset in webkit [198115] by rniwa@webkit.org

17 edits
2 adds in trunk

Add slotchange event
https://bugs.webkit.org/show_bug.cgi?id=155424
<rdar://problem/24997534>

Reviewed by Antti Koivisto.

Source/WebCore:

Added slotchange event as discussed on https://github.com/w3c/webcomponents/issues/288.

While the exact semantics of it could still evolve over time, this patch implements as
an asynchronous event that fires on a slot element whenever its distributed nodes change
(flattened assigned nodes):
http://w3c.github.io/webcomponents/spec/shadow/#dfn-distributed-nodes

Since inserting or removing an element from a shadow host could needs to enqueue this event
on the right slot element, this patch moves the invalidation point of element removals and
insertions from Element::childrenChanged to Element::insertedInto and Element::removedFrom.
Text nodes are still invalidated at Element::childrenChanged for performance reasons
since it could only appear within a default slot element.

Because this more fine-grained invalidation needs to be overridden by HTMLDetailsElement,
we now subclass SlotAssignment in HTMLDetailsElement instead of passing in a std::function.

Test: fast/shadow-dom/slotchange-event.html

dom/Document.cpp:

(WebCore::Document::enqueueSlotchangeEvent): Added.

dom/Document.h:
dom/Element.cpp:

(WebCore::Element::attributeChanged): Call hostChildElementDidChangeSlotAttr.
(WebCore::Element::insertedInto): Call hostChildElementDidChange.
(WebCore::Element::removedFrom): Ditto.
(WebCore::Element::childrenChanged): Don't invalidate the slots on ElementInserted and
ElementRemoved since they're now done in Element::insertedInto and Element::removedFrom.

dom/Event.cpp:

(WebCore::Event::scoped): slotchange event is scoped.

dom/EventNames.h: Added eventNames().slotchange.
dom/ShadowRoot.cpp:

(WebCore::ShadowRoot::invalidateSlotAssignments): Deleted.
(WebCore::ShadowRoot::invalidateDefaultSlotAssignments): Deleted.

dom/ShadowRoot.h:

(ShadowRoot): Added more fine-grained invalidators, mirroring changes to SlotAssignment.

dom/SlotAssignment.cpp:

(WebCore::SlotAssignment::SlotAssignment): Removed a variant that takes SlotNameFunction
since HTMLDetailsElement now subclasses SlotAssignment.
(WebCore::SlotAssignment::~SlotAssignment): Added now that the class is virtual.
(WebCore::recursivelyFireSlotChangeEvent): Added.
(WebCore::SlotAssignment::didChangeSlot): Added. Invalidates the style tree only if there
is a corresponding slot element, and fires slotchange event. When the slot element we found
in this shadow tree is assigned to a slot element inside an inner shadow tree, recursively
fire slotchange event on each such inner slots.
(WebCore::SlotAssignment::hostChildElementDidChange): Added. Update the matching slot when
an element is inserted or removed under a shadow host.
(WebCore::SlotAssignment::assignedNodesForSlot): Removed the superfluous early exit to an
release assert since addSlotElementByName should always create a SlotInfo for each element.
(WebCore::SlotAssignment::slotNameForHostChild): Added. This is the equivalent of old
m_slotNameFunction which DetailsSlotAssignment overrides.
(WebCore::SlotAssignment::invalidateDefaultSlot): Deleted.
(WebCore::SlotAssignment::findFirstSlotElement): Added an assertion. slotInfo.element must
be nullptr if elementCount is 0, and elementCount must be 0 if slotInfo.element is nullptr
after calling resolveAllSlotElements, which traverses the entire shadow tree to find all
slot elements.
(WebCore::SlotAssignment::assignSlots):

dom/SlotAssignment.h: Implemented inline functions of ShadowRoot here to avoid including

SlotAssignment.h in ShadowRoot.h. Not inlining them results in extra function calls for all
builtin elements with shadow root without slot elements, which impacts performance.
(WebCore::ShadowRoot::didRemoveAllChildrenOfShadowHost): Added.
(WebCore::ShadowRoot::didChangeDefaultSlot): Added.
(WebCore::ShadowRoot::hostChildElementDidChange): Added.
(WebCore::ShadowRoot::hostChildElementDidChangeSlotAttribute): Added.
(WebCore::ShadowRoot::innerSlotDidChange):

html/HTMLDetailsElement.cpp:

(WebCore::DetailsSlotAssignment): Added. Subclasses SlotAssignment to override
hostChildElementDidChange and slotNameForHostChild.
(WebCore::DetailsSlotAssignment::hostChildElementDidChange): Added. We don't check if this
is the first summary element since we don't know the answer when this function is called
inside Element::removedFrom.
(WebCore::DetailsSlotAssignment::slotNameForHostChild): Renamed from slotNameFunction. Also
removed the code to return nullAtom when details element is not open as that messes up new
fine-grained invalidation. Insert/remove the slot element in parseAttribute instead.
(WebCore::HTMLDetailsElement::didAddUserAgentShadowRoot): Don't insert the slot element for
the summary since the details element is not open now.
(WebCore::HTMLDetailsElement::parseAttribute): Remove and insert the slot element for the
summary here instead of changing the behavior of slotNameForHostChild.

html/HTMLDetailsElement.h:
html/HTMLSlotElement.cpp:

(WebCore::HTMLSlotElement::enqueueSlotChangeEvent): Added. Enqueues a new slotchange event
if we haven't done so for this element yet.
(WebCore::HTMLSlotElement::dispatchEvent): Added. Clear m_hasEnqueuedSlotChangeEvent when
dispatching a slotchange event so that a subsequent call to enqueueSlotChangeEvent would
enqueue a new event. Note scripts call EventTarget::dispatchEventForBindings instead.

html/HTMLSlotElement.h:

LayoutTests:

Added a W3C style testharness.js test.

fast/shadow-dom/ShadowRoot-interface-expected.txt:
fast/shadow-dom/ShadowRoot-interface.html: Don't import testharness.css from svn.webkit.org.
fast/shadow-dom/slotchange-event-expected.txt: Added.
fast/shadow-dom/slotchange-event.html: Added.

4:57 AM Changeset in webkit [198114] by Carlos Garcia Campos

9 edits
2 adds in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197796 - Regexp matching should incur less call overhead
https://bugs.webkit.org/show_bug.cgi?id=155181

Reviewed by Geoffrey Garen.

Previously we had DFG/FTL code call into the DFGOperation, which then called in to
RegExpObject, which then called into createRegExpMatchesArray, which then called into
RegExp, which then called the code generated by Yarr.

Now we have DFG/FTL code call into the DFGOperation, which does all of the things and calls
into code generated by Yarr.

This is another tiny Octane/regexp speed-up.

JavaScriptCore.xcodeproj/project.pbxproj:
dfg/DFGOperations.cpp:
runtime/RegExp.cpp:

(JSC::regExpFlags):
(JSC::RegExp::compile):
(JSC::RegExp::match):
(JSC::RegExp::compileMatchOnly):
(JSC::RegExp::deleteCode):
(JSC::RegExpFunctionalTestCollector::clearRegExp): Deleted.
(JSC::RegExp::compileIfNecessary): Deleted.
(JSC::RegExp::compileIfNecessaryMatchOnly): Deleted.

runtime/RegExp.h:
runtime/RegExpInlines.h: Added.

(JSC::RegExpFunctionalTestCollector::clearRegExp):
(JSC::RegExp::compileIfNecessary):
(JSC::RegExp::matchInline):
(JSC::RegExp::compileIfNecessaryMatchOnly):

runtime/RegExpMatchesArray.cpp:

(JSC::createEmptyRegExpMatchesArray):
(JSC::createStructureImpl):
(JSC::tryCreateUninitializedRegExpMatchesArray): Deleted.
(JSC::createRegExpMatchesArray): Deleted.

runtime/RegExpMatchesArray.h:

(JSC::tryCreateUninitializedRegExpMatchesArray):
(JSC::createRegExpMatchesArray):

runtime/RegExpObject.cpp:

(JSC::RegExpObject::put):
(JSC::RegExpObject::exec):
(JSC::RegExpObject::match):
(JSC::getLastIndexAsUnsigned): Deleted.

runtime/RegExpObject.h:

(JSC::RegExpObject::getLastIndex):
(JSC::RegExpObject::test):
(JSC::RegExpObject::testInline):

runtime/RegExpObjectInlines.h: Added.

(JSC::getRegExpObjectLastIndexAsUnsigned):
(JSC::RegExpObject::execInline):
(JSC::RegExpObject::matchInline):

4:38 AM Changeset in webkit [198113] by Nikita Vasilyev

2 edits in trunk/Source/WebInspectorUI

Web Inspector: Reduce unnecessary dashboard repaints
https://bugs.webkit.org/show_bug.cgi?id=155425
<rdar://problem/25138247>

Reviewed by Timothy Hatcher.

UserInterface/Views/DefaultDashboardView.js:

(WebInspector.DefaultDashboardView.prototype._appendElementForNamedItem.):
newText is a number for console message counters.

4:31 AM Changeset in webkit [198112] by Carlos Garcia Campos

3 edits
2 adds in releases/WebKitGTK/webkit-2.12

Merge r197784 - Scrolling does not work when the mouse down is handled by a node
https://bugs.webkit.org/show_bug.cgi?id=19033

Reviewed by Simon Fraser.

Source/WebCore:

Test: fast/events/prevent-default-prevents-interaction-with-scrollbars-.html

When a mouse press/down event happens on a scrollbar area, but event
is default prevented in the document level, for example, event does not get
properly passed to scrollbars, although it should.

Problem started long ago with r17770, and was improved with r19596.
However, years later, the way Scrollbar* is obtained is still currently different
weither event is default prevented or not.

Patch uniforms the logic for both cases, and fixes the bug.

Note: code before used to look like

if (swallowEvent) {

<code>

} else {

<bleh>
<foo>

}

.. and now looks like

if (!swallowEvent)

<bleh>

<code>

if (!swallowEvent)

<foo>

e.g. document.addEventListener('mousedown', function (e) { e.preventDefault(); });

page/EventHandler.cpp:

(WebCore::scrollbarForMouseEvent):
(WebCore::EventHandler::handleMousePressEvent):

LayoutTests:

fast/events/prevent-default-prevents-interaction-with-scrollbars-expected.txt: Added.
fast/events/prevent-default-prevents-interaction-with-scrollbars.html: Added.

4:24 AM Changeset in webkit [198111] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197774 - WeakBlock::visit() should check for a WeakHandleOwner before consulting mark bits.
<https://webkit.org/b/155154>

Reviewed by Darin Adler.

Reorder the checks in WeakBlock::visit() so we don't look at the mark bits in MarkedBlock
unless the current WeakImpl has a WeakHandleOwner we need to consult.

I was originally hoping to make an optimization that could skip over entire WeakBlocks
if they didn't have a single WeakHandleOwner, but it turns out that scenario is not as
common as I suspected.

heap/WeakBlock.cpp:

(JSC::WeakBlock::visit):

4:11 AM Changeset in webkit [198110] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197730 - Reduce the number of instructions needed to record the last regexp result
https://bugs.webkit.org/show_bug.cgi?id=155161

Reviewed by Sam Weinig.

This tightens up RegExpCachedResult::record(). My profiling shows that we spend just
over 1% of the time in Octane/regexp in this function. This function had two obvious
redundancies:

1) It executed the write barrier on owner twice. It only needs to execute it once. Since

the same RegExpConstructor is likely to be used many times, it makes sense to do the
barrier without looking at the 'to' objects at all. In steady state, this means that
the RegExpConstructor will simply be OldGrey so this one barrier will always skip the
slow path.

2) It cleared some fields that didn't need to be cleared, since we can just use

m_reified to indicate that the fields are not meaningful anymore.

This is meant to be a microscopic regexp speed-up.

runtime/RegExpCachedResult.cpp:

(JSC::RegExpCachedResult::visitChildren):
(JSC::RegExpCachedResult::lastResult):

runtime/RegExpCachedResult.h:

(JSC::RegExpCachedResult::record):

4:02 AM Changeset in webkit [198109] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197729 - createRegExpMatchesArray should allocate substrings more quickly
https://bugs.webkit.org/show_bug.cgi?id=155160

Reviewed by Sam Weinig.

This was calling a version of jsSubstring() that isn't inlineable because it was doing a lot
of checks in finishCreation(). In particular, it was checking that the base string is not
itself a substring and that it's been resolved. We don't need those checks here, since the
string must have been resolved prior to regexp processing.

This patch is also smart about whether to do checks for the empty and full substrings. In
the matches array loop, these checks are super unlikely to be profitable, so we just
unconditionally allocate the substring.

This removes those checks and makes the allocation inlineable. It looks like a 1% speed-up
on Octane/regexp.

runtime/JSString.h:

(JSC::jsSubstring):
(JSC::jsSubstringOfResolved):

runtime/RegExpMatchesArray.cpp:

(JSC::createRegExpMatchesArray):

3:27 AM Changeset in webkit [198108] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197725 - [JSC] Small clean up of how we use SSA's valuesAtHead
https://bugs.webkit.org/show_bug.cgi?id=155152

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-07
Reviewed by Filip Pizlo.

liveAtHead and valuesAtHead contain the same nodes,
we do not need the extra look up.

This also opens the way to use the same kind of liveness
analysis as Air (where live values at head do not use a set).

dfg/DFGInPlaceAbstractState.cpp:

(JSC::DFG::InPlaceAbstractState::beginBasicBlock):
(JSC::DFG::InPlaceAbstractState::merge):

3:20 AM Changeset in webkit [198107] by Carlos Garcia Campos

6 edits
34 adds in releases/WebKitGTK/webkit-2.12

Merge r197724 - CSP: Source '*' should not match URLs with schemes blob, data, or filesystem
https://bugs.webkit.org/show_bug.cgi?id=154122
<rdar://problem/24613336>

Reviewed by Brent Fulgham.

Source/WebCore:

Restrict matching of source expression * to HTTP or HTTPS URLs for all directives except
img-src and media-src. This policy is more restrictive than the policy described in section
Matching Source Expressions of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721>,
which restricts matching * to schemes that are not blob, data, or filesystem.

For directive img-src we restrict matching of * to HTTP, HTTPS, and data URLs. For directive
media-src we restrict matching of * to HTTP, HTTPS, data URLs and blob URLs. We use a
more lenient interpretation of * for directives img-src and media-src than required by
the spec. to mitigate web compatibility issues.

Tests: fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html

fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html
fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html
fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html
fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html
fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star.html
http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star.html
http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star.html
http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star.html
http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star.html
media/video-with-blob-url-allowed-by-csp-media-src-star.html
media/video-with-data-url-allowed-by-csp-media-src-star.html
media/video-with-file-url-blocked-by-csp-media-src-star.html

page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar): Added.
(WebCore::ContentSecurityPolicySourceList::matches): Modified to only match * if ContentSecurityPolicySourceList::isProtocolAllowedByStar().
evaluates to true.

page/csp/ContentSecurityPolicySourceList.h:

LayoutTests:

Add tests to ensure that we do not regress our interpretation of * with respect to directives
img-src, media-src, style-src, and default-src.

When running in WebKitTestRunner, skip the tests fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html
and media/video-with-blob-url-allowed-by-csp-media-src-star.html as they make use of eventSender.beginDragWithFiles(),
which is not implement. We will need to fix <https://bugs.webkit.org/show_bug.cgi?id=64285>
before we can run these tests in WebKitTestRunner.

TestExpectations:
fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html: Added.
fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html: Added.
fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html: Added.
fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html: Added.
fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html: Added.
fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html: Added.
fast/dom/HTMLImageElement/resources/green.png: Added.
fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html: Added.
fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html: Added.
fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html: Added.
fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html: Added.
fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html: Added.
fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html: Added.
fast/dom/HTMLLinkElement/resources/red-background-color.css: Added.

(#test):

http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star-expected.txt: Added.
http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star.html: Added.
http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star-expected.txt: Added.
http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star.html: Added.
http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star-expected.txt: Added.
http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star.html: Added.
http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star-expected.txt: Added.
http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star.html: Added.
http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star-expected.txt: Added.
http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star.html: Added.
http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star-expected.txt: Added.
http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star.html: Added.
http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star-expected.txt: Added.
http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star.html: Added.
media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html: Added.
media/video-with-blob-url-allowed-by-csp-media-src-star.html: Added.
media/video-with-data-url-allowed-by-csp-media-src-star-expected.html: Added.
media/video-with-data-url-allowed-by-csp-media-src-star.html: Added.
media/video-with-file-url-blocked-by-csp-media-src-star-expected.html: Added.
media/video-with-file-url-blocked-by-csp-media-src-star.html: Added.
platform/wk2/TestExpectations:

3:19 AM Changeset in webkit [198106] by Carlos Garcia Campos

10 edits in releases/WebKitGTK/webkit-2.12/Source

Merge r197706 - Cleanup: Add convenience function URL::procotolIsBlob()
https://bugs.webkit.org/show_bug.cgi?id=155127
<rdar://problem/25016829>

Reviewed by Brent Fulgham.

Source/WebCore:

Similar to the class member function URL::protocolIsData(), add a class member function to
class URL to determine if a URL is a blob URL.

No functionality was changed. So, no new tests.

page/SecurityOrigin.cpp:

(WebCore::SecurityOrigin::shouldUseInnerURL): Modified to use URL::protocolIsBlob().
(WebCore::getCachedOrigin): Ditto.

platform/URL.h:

(WebCore::URL::protocolIsBlob): Added.

platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webKitWebSrcStart): Modified to use URL::protocolIsBlob().
(urlHasSupportedProtocol): Ditto.

workers/Worker.cpp:

(WebCore::Worker::didReceiveResponse): Ditto.

xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::createRequest): Ditto.

Source/WebKit2:

NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::NetworkLoad): Modified to use URL::protocolIsBlob().

NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::NetworkResourceLoader): Ditto.

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::canHandleRequest): Ditto.

2:57 AM Changeset in webkit [198105] by Carlos Garcia Campos

7 edits
1 copy in releases/WebKitGTK/webkit-2.12/Source/bmalloc

Merge r197797 - Unreviewed, rolling in r197722.
https://bugs.webkit.org/show_bug.cgi?id=155171

The right calculation for our static_assert is actually:

sizeof(SmallChunk) % vmPageSize + 2 * smallMax <= vmPageSize

instead of:

sizeof(SmallChunk) % vmPageSize + smallMax <= vmPageSize

smallMax is not enough because line metadata might require us to begin
allocation at an offset as large as smallMax, so we need 2 * smallMax.

Once correct, this static_assert fires, and we fix it by increasing
the alignment of SmallChunk.

Restored changeset:

"bmalloc: Use List<T> instead of Vector<T> in some places"
https://bugs.webkit.org/show_bug.cgi?id=155150
http://trac.webkit.org/changeset/197722

2:52 AM Changeset in webkit [198104] by Carlos Garcia Campos

11 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r197716 - Crash in WebCore::RenderElement::containingBlockForObjectInFlow
https://bugs.webkit.org/show_bug.cgi?id=155109

Reviewed by Simon Fraser.

It's unsafe to call containingBlock() on RenderView.

Unable to reproduce.

rendering/RenderBlock.cpp:

(WebCore::RenderBlock::styleWillChange):
(WebCore::RenderBlock::isSelfCollapsingBlock):
(WebCore::RenderBlock::selectionGaps):

rendering/RenderBox.cpp:

(WebCore::RenderBox::borderBoxRectInRegion):
(WebCore::RenderBox::computePercentageLogicalHeight):
(WebCore::RenderBox::computeReplacedLogicalHeightUsing):
(WebCore::logicalWidthIsResolvable):
(WebCore::RenderBox::percentageLogicalHeightIsResolvableFromBlock):

rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight):

rendering/RenderFlowThread.cpp:

(WebCore::RenderFlowThread::adjustedPositionRelativeToOffsetParent):
(WebCore::RenderFlowThread::offsetFromLogicalTopOfFirstRegion):

rendering/RenderLayer.cpp:

(WebCore::RenderLayer::hasCompositedLayerInEnclosingPaginationChain):
(WebCore::RenderLayer::updatePagination):
(WebCore::inContainingBlockChain):

rendering/RenderMultiColumnFlowThread.cpp:

(WebCore::isValidColumnSpanner):

rendering/RenderNamedFlowThread.cpp:

(WebCore::RenderNamedFlowThread::decorationsClipRectForBoxInNamedFlowFragment):

rendering/RenderObject.cpp:

(WebCore::hasFixedPosInNamedFlowContainingBlock):

rendering/RenderReplaced.cpp:

(WebCore::firstContainingBlockWithLogicalWidth):

rendering/RenderView.cpp:

(WebCore::RenderView::subtreeSelectionBounds):
(WebCore::RenderView::repaintSubtreeSelection):
(WebCore::RenderView::clearSubtreeSelection):
(WebCore::RenderView::applySubtreeSelection):

2:46 AM Changeset in webkit [198103] by Carlos Garcia Campos

9 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197715 - RegExp.prototype.exec() should call into Yarr at most once
https://bugs.webkit.org/show_bug.cgi?id=155139

Reviewed by Saam Barati.

For apparently no good reason, RegExp.prototype.match() was calling into Yarr twice, almost
as if it was hoping that the non-matching case was so common that it was best to have the
matching case do the work all over again.

This is a 4% speed-up on Octane/regexp. It's also a matter of common sense: we should not be
in the business of presuming whether someone's match will succeed or fail. The increased
cost of running Yarr twice is so much larger than whatever savings we were getting from
running a match-only regexp that this is just not a good overall deal for the engine.

Also, it's interesting that we are seeing a 4% speed-up on regexp despite the fact that a
majority (almost a supermajority, I think) of calls into RegExp.prototype.match() are failed
matches. So, this change is a 4% speed-up despite being a slow down on the common case. That
tells you just how bad the old behavior was on the uncommon case.

runtime/MatchResult.h:

(MatchResult::MatchResult):
(MatchResult::failed):
(MatchResult::operator bool):

runtime/RegExpCachedResult.cpp:

(JSC::RegExpCachedResult::lastResult):

runtime/RegExpConstructor.h:

(JSC::RegExpConstructor::setMultiline):
(JSC::RegExpConstructor::multiline):
(JSC::RegExpConstructor::performMatch):
(JSC::RegExpConstructor::recordMatch):

runtime/RegExpMatchesArray.cpp:

(JSC::createRegExpMatchesArray):
(JSC::createEmptyRegExpMatchesArray):
(JSC::createStructureImpl):

runtime/RegExpMatchesArray.h:

(JSC::createRegExpMatchesArray):

runtime/RegExpObject.cpp:

(JSC::RegExpObject::put):
(JSC::getLastIndexAsUnsigned):
(JSC::RegExpObject::exec):
(JSC::RegExpObject::match):

runtime/RegExpObject.h:

(JSC::RegExpObject::getLastIndex):
(JSC::RegExpObject::test):

runtime/StringPrototype.cpp:

(JSC::stringProtoFuncMatch):

2:44 AM Changeset in webkit [198102] by youenn.fablet@crf.canon.fr

20 edits in trunk/Source/WebCore

Introduce CallWith=Document in binding generator
https://bugs.webkit.org/show_bug.cgi?id=155358

Reviewed by Darin Adler.

Covered by existing tests and binding test.

Modules/notifications/Notification.cpp:

(WebCore::Notification::permission): Taking a Document& instead of ScriptExecutionContext&.
(WebCore::Notification::requestPermission): Ditto.

Modules/notifications/Notification.h:
Modules/notifications/Notification.idl: Using CallWith=Document.
bindings/scripts/CodeGeneratorJS.pm: Adding support for CallWith=Document and changed name from scriptContext to context.

(GenerateCallWith):
(GenerateConstructorDefinition):

bindings/scripts/IDLAttributes.txt: Adding support for CallWith=Document.
bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:

(webkit_dom_test_obj_with_document_argument):

bindings/scripts/test/GObject/WebKitDOMTestObj.h:
bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2):
(WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjWithScriptExecutionContextAttribute):
(WebCore::jsTestObjWithScriptExecutionContextAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttribute):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
(WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContext):
(WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptState):
(WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateObjException):
(WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces):
(WebCore::jsTestObjPrototypeFunctionWithDocumentArgument):

bindings/scripts/test/ObjC/DOMTestObj.h:
bindings/scripts/test/ObjC/DOMTestObj.mm:

(-[DOMTestObj withDocumentArgument]):

bindings/scripts/test/TestObj.idl: Adding binding test.
page/DOMWindow.cpp:

(WebCore::DOMWindow::focus): Taking a Document& instead of ScriptExecutionContext&.
(WebCore::DOMWindow::close): Ditto.

page/DOMWindow.h:
page/DOMWindow.idl:
page/History.cpp:

(WebCore::History::back): Ditto.
(WebCore::History::forward): Ditto.
(WebCore::History::go): Ditto.

page/History.h:
page/History.idl:
testing/Internals.cpp:

(WebCore::InspectorStubFrontend::closeWindow): Calling DOMWindow::close() directly.

2:21 AM Changeset in webkit [198101] by Carlos Garcia Campos

13 edits
8 adds
1 delete in releases/WebKitGTK/webkit-2.12

Merge r197697 - CSP: object-src directive should prohibit creation of nested browsing context
https://bugs.webkit.org/show_bug.cgi?id=153153
<rdar://problem/24383209>

Reviewed by Brent Fulgham.

Source/WebCore:

Enforce the Content Security Policy object-src directive when fetching a URL for content
that will cause an HTML object or HTML embed element to act as a nested browsing context
(i.e. behave as if the content was loaded in an HTML iframe element). This makes our
enforcement of the object-src directive match the behavior of the object-src directive
in the Content Security Policy 2.0 spec., <http://www.w3.org/TR/2015/CR-CSP2-20150721/>.

Tests: http/tests/security/contentSecurityPolicy/embed-src-url-blocked.html

http/tests/security/contentSecurityPolicy/embed-src-url-blocked2.html
http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2.html
http/tests/security/contentSecurityPolicy/object-src-url-blocked2.html

loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Extracted from SubframeLoader::pluginIsLoadable().
Checks if the plugin element is allowed by the Content Security Policy to load the URL and MIME type.
(WebCore::SubframeLoader::pluginIsLoadable): Extract out the logic for determining if
the plugin content is allowed to load by the Content Security Policy into SubframeLoader::isPluginContentAllowedByContentSecurityPolicy()
and make use of this function.
(WebCore::SubframeLoader::requestObject): Modified to call SubframeLoader::isPluginContentAllowedByContentSecurityPolicy()
before loading plugin content into a sub frame. If the plugin content is not allowed to load then we
mark the plugin as unavailable with the reason being that it was blocked by the Content Security Policy.

loader/SubframeLoader.h:

LayoutTests:

Add test to ensure that we enforce the Content Security Policy object-src directive
for HTML object and HTML embed elements that behave like an HTML iframe element.

TestExpectations: Remove entries for tests that pass.
http/tests/security/contentSecurityPolicy/embed-src-url-blocked-expected.txt: Added.
http/tests/security/contentSecurityPolicy/embed-src-url-blocked.html: Added.
http/tests/security/contentSecurityPolicy/embed-src-url-blocked2-expected.txt: Added.
http/tests/security/contentSecurityPolicy/embed-src-url-blocked2.html: Added.

http/tests/security/contentSecurityPolicy/object-src-param-code-blocked-expected.txt:
http/tests/security/contentSecurityPolicy/object-src-param-movie-blocked-expected.txt:
http/tests/security/contentSecurityPolicy/object-src-param-movie-blocked.html:
http/tests/security/contentSecurityPolicy/object-src-param-src-blocked-expected.txt:
http/tests/security/contentSecurityPolicy/object-src-param-src-blocked.html:
http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2-expected.txt: Added.
http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2.html: Added.
http/tests/security/contentSecurityPolicy/object-src-param-url-blocked-expected.txt:
http/tests/security/contentSecurityPolicy/object-src-param-url-blocked.html:

Simplify the code used in the above tests and update incorrect expected results.

http/tests/security/contentSecurityPolicy/object-src-url-blocked2-expected.txt: Added.
http/tests/security/contentSecurityPolicy/object-src-url-blocked2.html: Added.
http/tests/security/contentSecurityPolicy/resources/object-src-param.js: Removed.

1:44 AM Changeset in webkit [198100] by Carlos Garcia Campos

1 copy in releases/WebKitGTK/webkit-2.4.10

WebKitGTK+ 2.4.10

1:43 AM Changeset in webkit [198099] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.4

Unreviewed. Update NEWS and Versions.m4 for 2.4.10 release.

Source/autotools/Versions.m4: Bump version numbers.

Source/WebKit/gtk:

NEWS: Added release notes for 2.4.10.

1:37 AM Changeset in webkit [198098] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit2

Install WebKit2 WebProcess NetworkProcess on OSX when not building the Mac PORT
https://bugs.webkit.org/show_bug.cgi?id=152651

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-14
Reviewed by Philippe Normand.

CMakeLists.txt:

12:34 AM Changeset in webkit [198097] by Carlos Garcia Campos

8 edits in releases/WebKitGTK/webkit-2.4/Source/WebCore/platform/gtk/po

Translation updates: German, Spanish, French, Italian, Korean, Brazilian Portuguese, Russian, Chinese

12:07 AM WebKitGTK/2.4.x edited by Carlos Garcia Campos

(diff)

Mar 13, 2016:

11:27 PM Changeset in webkit [198096] by Darin Adler

1 edit
2 adds in trunk/LayoutTests

Add copy/paste plug-in check for XHTML document
https://bugs.webkit.org/show_bug.cgi?id=106350

Reviewed by David Kilzer.

This bug was filed because of the assumption that there was a bug, but it
turns out that even in XHTML documents, we use HTML tree builder, so there is
no bug. Thus this just adds the test that demonstrates this.

editing/pasteboard/paste-noplugin-xhtml-expected.txt: Added.
editing/pasteboard/paste-noplugin-xhtml.xhtml: Added.

11:20 PM Changeset in webkit [198095] by Nikita Vasilyev

2 edits in trunk/Source/WebInspectorUI

Web Inspector: Large repaints when typing any character in console
https://bugs.webkit.org/show_bug.cgi?id=155387
<rdar://problem/25125720>

Reviewed by Timothy Hatcher.

UserInterface/Views/Main.css:

(#content):

10:57 PM Changeset in webkit [198094] by commit-queue@webkit.org

2 edits in trunk/Source/WebInspectorUI

Web Inspector: Memory timeline pie charts are misaligned when there is no recording
https://bugs.webkit.org/show_bug.cgi?id=155421

Patch by Devin Rousso <Devin Rousso> on 2016-03-13
Reviewed by Timothy Hatcher.

UserInterface/Views/MemoryTimelineView.css:

(.timeline-view.memory > .content > .overview):
Removed top padding to match bottom padding.

(.timeline-view.memory .legend > .row):
(.timeline-view.memory .legend):
Moved specified width to prevent unrecorded timelines from having graphs
that are offset horizontally.

9:52 PM Changeset in webkit [198093] by commit-queue@webkit.org

22 edits in trunk

Remove ENABLE(ES6_TEMPLATE_LITERAL_SYNTAX) guards
https://bugs.webkit.org/show_bug.cgi?id=155417

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-13
Reviewed by Yusuke Suzuki.

Source/cmake/OptionsWin.cmake:
Source/cmake/WebKitFeatures.cmake:
Source/cmake/tools/vsprops/FeatureDefines.props:
Source/cmake/tools/vsprops/FeatureDefinesCairo.props:

Source/JavaScriptCore:

Configurations/FeatureDefines.xcconfig:
parser/Parser.cpp:

(JSC::Parser<LexerType>::parsePrimaryExpression): Deleted.
(JSC::Parser<LexerType>::parseMemberExpression): Deleted.

Source/WebCore:

Configurations/FeatureDefines.xcconfig:

Source/WebKit/mac:

Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

Configurations/FeatureDefines.xcconfig:

Source/WTF:

wtf/FeatureDefines.h:

Tools:

Scripts/webkitperl/FeatureList.pm:
TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

WebKitLibraries:

win/tools/vsprops/FeatureDefines.props:
win/tools/vsprops/FeatureDefinesCairo.props:

9:43 PM Changeset in webkit [198092] by weinig@apple.com

6 edits
3 adds in trunk

Implement unprivileged execCommand("copy") and execCommand("cut")
<rdar://problem/24354406>
https://bugs.webkit.org/show_bug.cgi?id=146336

Reviewed by Dean Jackson.

Source/WebCore:

Test: editing/execCommand/clipboard-access-with-user-gesture.html

WebCore.xcodeproj/project.pbxproj:

Add new files.

editing/ClipboardAccessPolicy.h:

Added.

editing/EditorCommand.cpp:

(WebCore::defaultValueForSupportedCopyCut):
(WebCore::supportedCopyCut):
Match other browsers and allow the copy and cut commands
to be executed when there is a user gesture.

page/Settings.h:

Add include of ClipboardAccessPolicy.h.

page/Settings.in:

Add new setting for ClipboardAccessPolicy

LayoutTests:

editing/execCommand/clipboard-access-with-user-gesture-expected.txt: Added.
editing/execCommand/clipboard-access-with-user-gesture.html: Added.

Add test for using execCommand("copy") and execCommand("cut") during a user gesture.

8:58 PM Changeset in webkit [198091] by dino@apple.com

41 edits in trunk

DRT should enable WebGL by default on Mac
https://bugs.webkit.org/show_bug.cgi?id=155419
<rdar://problem/25136981>

Reviewed by Sam Weinig.

Tools:

For some reason, lost in time, WebGL was enabled
by default on trunk, but disabled by default
in DumpRenderTree when using WebKit 1. This
was very annoying, because each test had
an explicit command to enable it.

DumpRenderTree/mac/DumpRenderTree.mm:

(resetWebPreferencesToConsistentValues): Deleted WebGL line.

LayoutTests:

Update all the tests that no longer have to explicitly
turn WebGL on.

compositing/backface-visibility/backface-visibility-webgl.html:
compositing/visibility/visibility-simple-webgl-layer.html:
compositing/webgl/webgl-background-color.html:
compositing/webgl/webgl-no-alpha.html:
compositing/webgl/webgl-nonpremultiplied-blend.html:
compositing/webgl/webgl-reflection.html:
compositing/webgl/webgl-repaint.html:
fast/canvas/webgl/antialiasing-enabled.html:
fast/canvas/webgl/canvas-resize-crash.html:
fast/canvas/webgl/css-webkit-canvas-repaint.html:
fast/canvas/webgl/css-webkit-canvas.html:
fast/canvas/webgl/out-of-bounds-simulated-vertexAttrib0-drawArrays-expected.txt:
fast/canvas/webgl/out-of-bounds-simulated-vertexAttrib0-drawArrays.html:
fast/canvas/webgl/premultiplyalpha-test.html:
fast/canvas/webgl/resources/webgl-test.js:

(initNonKhronosFramework): Deleted.

fast/canvas/webgl/texImage2DImageDataTest.html:
fast/canvas/webgl/toDataURL-unpremultipliedAlpha.html:
fast/canvas/webgl/unprefixed-context.html:
fast/canvas/webgl/webgl-composite-modes-repaint.html:
fast/canvas/webgl/webgl-composite-modes.html:
fast/canvas/webgl/webgl-drawarrays-crash.html:
fast/canvas/webgl/webgl-layer-update.html:
fast/canvas/webgl/webgl-reload-crash.html:
http/tests/canvas/webgl/origin-clean-conformance.html:
http/tests/security/webgl-remote-read-remote-image-allowed-with-credentials.html:
http/tests/security/webgl-remote-read-remote-image-allowed.html:
http/tests/security/webgl-remote-read-remote-image-blocked-no-crossorigin.html:
http/tests/webgl/1.0.2/resources/webgl_test_files/conformance/more/unit.js:
http/tests/webgl/1.0.2/resources/webgl_test_files/resources/js-test-pre.js:
http/tests/webgl/1.0.2/resources/webkit-webgl-test-harness.js:
imported/blink/compositing/draws-content/webgl-simple-background.html:
webgl/1.0.2/resources/webgl_test_files/conformance/more/unit.js:
webgl/1.0.2/resources/webgl_test_files/resources/js-test-pre.js:
webgl/1.0.2/resources/webkit-webgl-test-harness.js:
webgl/1.0.3/resources/webgl_test_files/conformance/more/unit.js:
webgl/1.0.3/resources/webgl_test_files/resources/js-test-pre.js:
webgl/1.0.3/resources/webkit-webgl-test-harness.js:
webgl/resources/webkit-webgl-test-harness.js:

6:57 PM Changeset in webkit [198090] by rniwa@webkit.org

5 edits
2 adds in trunk

REGRESSION (r190840): crash inside details element's slotNameFunction
https://bugs.webkit.org/show_bug.cgi?id=155388

Reviewed by Antti Koivisto.

Source/WebCore:

The bug was caused by HTMLDetailsElement::isActiveSummary calling findAssignedSlot with a summary element
inside the shadow tree of the detials element. Fixed it by existing early when the summary element passed
to isActiveSummary is not a direct child of the details element.

Test: fast/html/details-summary-tabindex-crash.html

dom/ShadowRoot.cpp:

(WebCore::ShadowRoot::findAssignedSlot): Added an assertion for regression testing.

dom/SlotAssignment.cpp:

(WebCore::SlotAssignment::findAssignedSlot): Removed the superfluous call to assignSlots added in r190840.
There is no need to update the slot assignments here (entires in m_slots are added or removed by
addSlotElementByName or removeSlotElementByName and assignSlots only updates assignedNodes in each SlotInfo
which is never used in this function or findFirstSlotElement.

html/HTMLDetailsElement.cpp:

(WebCore::HTMLDetailsElement::isActiveSummary): Fixed the bug.

LayoutTests:

Added a regression test.

fast/html/details-summary-tabindex-crash-expected.txt: Added.
fast/html/details-summary-tabindex-crash.html: Added.

6:44 PM Changeset in webkit [198089] by mitz@apple.com

4 edits
1 add in trunk/Source/WebKit2

[Mac] Injected bundle in relocatable WebContent service can’t use XPC services from other relocatable frameworks
https://bugs.webkit.org/show_bug.cgi?id=155414
<rdar://problem/24428418>

Reviewed by Sam Weinig.

Configurations/DebugRelease.xcconfig: Set WK_WEBCONTENT_SERVICE_NEEDS_XPC_DOMAIN_EXTENSION_ENTITLEMENT to NO, because engineering builds are ad-hoc signed and therefore can’t have a private entitlement.

Configurations/WebContent-OSX.entitlements: Added. Includes the XPC domain extension entitlement.

Configurations/WebContentService.xcconfig: Set WK_WEBCONTENT_SERVICE_NEEDS_XPC_DOMAIN_EXTENSION_ENTITLEMENT to YES if not already set and the framework is relocatable. Set CODE_SIGN_ENTITLEMENTS to the new entitlements file if the domain extension entitlement is needed.

WebKit2.xcodeproj/project.pbxproj: Added reference to new file.

6:09 PM Changeset in webkit [198088] by dino@apple.com

32 edits in trunk

<attachment> should be a runtime-enabled feature
https://bugs.webkit.org/show_bug.cgi?id=155413
<rdar://problem/25120753>

Reviewed by Sam Weinig and Anders Carlsson.

Source/WebKit/mac:

Add an internal setting on WebPreferences
to enable the <attachment> element support.

WebView/WebPreferenceKeysPrivate.h:
WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences attachmentElementEnabled]):
(-[WebPreferences setAttachmentElementEnabled:]):

WebView/WebPreferencesPrivate.h:
WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Source/WebKit2:

Add an internal setting on WKWebViewConfiguration
to enable the <attachment> element support.

Shared/WebPreferencesDefinitions.h:
UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _attachmentElementEnabled]):
(-[WKWebViewConfiguration _setAttachmentElementEnabled:]):

UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

LayoutTests:

Now that <attachment> is disabled by default, use an
internal setting to turn them back on test by test.

fast/attachment/attachment-default-icon-expected.html:
fast/attachment/attachment-default-icon.html:
fast/attachment/attachment-disabled-dom.html:
fast/attachment/attachment-disabled-rendering.html:
fast/attachment/attachment-dom.html:
fast/attachment/attachment-folder-icon-expected.html:
fast/attachment/attachment-folder-icon.html:
fast/attachment/attachment-icon-from-file-extension-expected.html:
fast/attachment/attachment-icon-from-file-extension.html:
fast/attachment/attachment-label-highlight.html:
fast/attachment/attachment-progress.html:
fast/attachment/attachment-rendering.html:
fast/attachment/attachment-select-on-click-inside-user-select-all.html:
fast/attachment/attachment-select-on-click.html:
fast/attachment/attachment-subtitle.html:
fast/attachment/attachment-title.html:
fast/attachment/attachment-type-attribute-expected.html:
fast/attachment/attachment-type-attribute.html:
editing/pasteboard/copy-paste-attachment.html:
editing/pasteboard/drag-and-drop-attachment-contenteditable.html:

3:54 PM Changeset in webkit [198087] by Antti Koivisto

4 edits
2 adds in trunk

ComposedTreeIterator fails to traverse slots if root is shadow host
https://bugs.webkit.org/show_bug.cgi?id=155407

Reviewed by Darin Adler.

Source/WebCore:

Test: fast/shadow-dom/composed-tree-shadow-subtree.html

dom/ComposedTreeIterator.cpp:

(WebCore::ComposedTreeIterator::ComposedTreeIterator):

Traversal functions assume m_contextStack is deeper than 1 before they need to enter slot traversal code paths.
Call initializeContextStack in case of shadow host which does the right thing.

(WebCore::ComposedTreeIterator::traverseSiblingInSlot):
(WebCore::composedTreeAsText):

Add option to include pointers as debugging aid.

dom/ComposedTreeIterator.h:

(WebCore::composedTreeChildren):

LayoutTests:

fast/shadow-dom/composed-tree-shadow-subtree-expected.txt: Added.
fast/shadow-dom/composed-tree-shadow-subtree.html: Added.

3:30 PM Changeset in webkit [198086] by commit-queue@webkit.org

8 edits
7 adds in trunk

Added new port JSCOnly.
https://bugs.webkit.org/show_bug.cgi?id=154512

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-13
Reviewed by Michael Catanzaro.

This port allows to build JavaScriptCore engine with minimal
dependencies.

CMakeLists.txt:
Source/cmake/OptionsJSCOnly.cmake: Added.

Source/JavaScriptCore:

PlatformJSCOnly.cmake: Added.

Source/WTF:

wtf/PlatformJSCOnly.cmake: Added.
wtf/none/MainThreadNone.cpp: Added.
wtf/none/RunLoopNone.cpp: Added.
wtf/none/WorkQueueNone.cpp: Added.

Tools:

Scripts/build-jsc:
Scripts/webkitdirs.pm:

(argumentsForConfiguration):
(executableProductDir):
(determinePortName):
(isJSCOnly):
(wrapperPrefixIfNeeded):
(generateBuildSystemFromCMakeProject):
(buildCMakeGeneratedProject):

3:28 PM Changeset in webkit [198085] by ddkilzer@apple.com

6 edits
1 copy in trunk/Tools

TestWebKitAPI: fix linker warnings
<http://webkit.org/b/155394>

Reviewed by Darin Adler.

TestWebKitAPI/CMakeLists.txt:
Add RefLogger.cpp source file.
Add other missing cross-platform source files.
Add FIXMEs about RunLoop.cpp and about missing platform-specific source files.
TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
Add RefLogger.cpp source file.

TestWebKitAPI/Counters.cpp:

(DeleterCounter<ConstructorDestructorCounter>::deleterCount):
Move specific declaration here to fix linker warning.

TestWebKitAPI/Counters.h:

(DeleterCounter<T>::deleterCount): Remove declaration of global
template variable.

TestWebKitAPI/Tests/WTF/RefLogger.cpp: Added.

(TestWebKitAPI::log): Added. Move inline definition in
RefLogger.h to here to fix linker warning.

TestWebKitAPI/Tests/WTF/RefLogger.h:

(TestWebKitAPI::log): Replace inline function with declaration.

3:03 PM Changeset in webkit [198084] by commit-queue@webkit.org

3 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Styles sidebar inline swatches are oddly shaped
https://bugs.webkit.org/show_bug.cgi?id=155410

Patch by Devin Rousso <Devin Rousso> on 2016-03-13
Reviewed by Timothy Hatcher.

UserInterface/Views/InlineSwatch.css:

(.inline-swatch):
(.inline-swatch > span):
Added more consistent border-radius with UserInterface/Images/CubicBezier.svg.

UserInterface/Views/VisualStyleColorPicker.css:

(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .inline-swatch.color):
Made border-radius consistent with the adjacent input field.

1:12 PM Changeset in webkit [198083] by weinig@apple.com

20 edits in trunk/Source

WebKit can easily crash below NetworkSession::dataTaskForIdentifier() with NSURLSession enabled
<rdar://problem/25129946>
https://bugs.webkit.org/show_bug.cgi?id=155401

Reviewed by Alex Christensen.

Source/WebCore:

Add a SessionID as a member of NetworkStorageSession. This allows us to avoid having HashMaps
to map between the two types.

platform/network/NetworkStorageSession.h:

(WebCore::NetworkStorageSession::sessionID):
(WebCore::NetworkStorageSession::credentialStorage):
(WebCore::NetworkStorageSession::platformSession):

platform/network/NetworkStorageSessionStub.cpp:

(WebCore::NetworkStorageSession::NetworkStorageSession):
(WebCore::NetworkStorageSession::context):
(WebCore::NetworkStorageSession::createPrivateBrowsingSession):
(WebCore::defaultSession):
(WebCore::NetworkStorageSession::defaultStorageSession):
(WebCore::NetworkStorageSession::switchToNewTestingSession):

platform/network/cf/NetworkStorageSessionCFNet.cpp:

(WebCore::NetworkStorageSession::NetworkStorageSession):
(WebCore::NetworkStorageSession::switchToNewTestingSession):
(WebCore::NetworkStorageSession::defaultStorageSession):
(WebCore::NetworkStorageSession::createPrivateBrowsingSession):

platform/network/soup/NetworkStorageSessionSoup.cpp:

(WebCore::NetworkStorageSession::NetworkStorageSession):
(WebCore::NetworkStorageSession::defaultStorageSession):
(WebCore::NetworkStorageSession::createPrivateBrowsingSession):
(WebCore::NetworkStorageSession::switchToNewTestingSession):
(WebCore::NetworkStorageSession::soupNetworkSession):

Source/WebKit/mac:

WebCoreSupport/WebFrameNetworkingContext.mm:

(WebFrameNetworkingContext::ensurePrivateBrowsingSession):
Pass a SessionID to NetworkStorageSession::createPrivateBrowsingSession().

Source/WebKit/win:

WebCoreSupport/WebFrameNetworkingContext.cpp:

(WebFrameNetworkingContext::ensurePrivateBrowsingSession):
Pass a SessionID to NetworkStorageSession::createPrivateBrowsingSession().

Source/WebKit2:

The issue was that NSURLSessionDataTasks can continue to invoke their NSURLSession's delegate methods
after -[NSURLSession invalidateAndCancel] is called. So, when the NetworkSession was destroyed, and
still had outstanding data tasks, the session delegate would get called, try to use the session, and
crash. To fix this I:

Made NetworkSession RefCounted.
Gave NetworkSession two delegates, one for each NSURLSession.
Made each delegate have a strong reference to the NetworkSession that gets cleared out in the newly implemented URLSession:didBecomeInvalidWithError: method.
Changed from simply destroying the NetworkSession in SessionTracker::destroySession(), to derefing it and explicitly calling invalidateAndCancel on the two associated NSURLSessions (which in turn eventually cause the URLSession:didBecomeInvalidWithError: to fire).
To ensure the correct lifetime of the WebCore::NetworkStorageSession, I made it a member of the NetworkSession. This also allowed some simplification inside SessionTracker.

NetworkProcess/NetworkDataTask.h:

(WebKit::NetworkDataTask::setPendingDownload):
(WebKit::NetworkDataTask::pendingDownloadLocation):

NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::NetworkLoad):

NetworkProcess/NetworkSession.h:

(WebKit::NetworkSession::sessionID):

NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(WebKit::NetworkDataTask::NetworkDataTask):
(WebKit::NetworkDataTask::~NetworkDataTask):
(WebKit::NetworkDataTask::willPerformHTTPRedirection):
(WebKit::NetworkDataTask::tryPasswordBasedAuthentication):

NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(-[WKNetworkSessionDelegate initWithNetworkSession:]):
(-[WKNetworkSessionDelegate URLSession:didBecomeInvalidWithError:]):
(WebKit::NetworkSession::setCustomProtocolManager):
(WebKit::NetworkSession::create):
(WebKit::NetworkSession::defaultSession):
(WebKit::NetworkSession::NetworkSession):
(WebKit::NetworkSession::~NetworkSession):
(WebKit::NetworkSession::invalidateAndCancel):
(WebKit::NetworkSession::networkStorageSession):
(WebKit::NetworkSession::clearCredentials):

NetworkProcess/mac/RemoteNetworkingContext.mm:

(WebKit::RemoteNetworkingContext::ensurePrivateBrowsingSession):

Shared/SessionTracker.cpp:

(WebKit::identifierBase):
(WebKit::SessionTracker::getIdentifierBase):
(WebKit::SessionTracker::setIdentifierBase):
(WebKit::staticSessionMap):
(WebKit::SessionTracker::networkSession):
(WebKit::SessionTracker::storageSession):
(WebKit::staticStorageSessionMap):
(WebKit::SessionTracker::sessionID):
(WebKit::SessionTracker::setSession):
(WebKit::SessionTracker::destroySession):
(WebKit::SessionTracker::forEachNetworkStorageSession):
(WebKit::storageSessionToID): Deleted.
(WebKit::SessionTracker::storageSessionMap): Deleted.

Shared/SessionTracker.h:
WebProcess/WebCoreSupport/mac/WebFrameNetworkingContext.mm:

(WebKit::WebFrameNetworkingContext::ensurePrivateBrowsingSession):
(WebKit::WebFrameNetworkingContext::setCookieAcceptPolicyForAllContexts):
(WebKit::WebFrameNetworkingContext::localFileContentSniffingEnabled):
(WebKit::WebFrameNetworkingContext::scheduledRunLoopPairs):

WebProcess/WebCoreSupport/soup/WebFrameNetworkingContext.cpp:

12:51 PM Changeset in webkit [198082] by jonlee@apple.com

2 edits in trunk/Source/WebCore

getUserMedia requests from the main frame should be treated the same as requests from an iframe with the same origin
https://bugs.webkit.org/show_bug.cgi?id=155405
<rdar://problem/25131007>

Reviewed by Eric Carlson.

When gUM is called from the main frame, or from a subframe with the same origin, the
top level document origin should be the same.

Modules/mediastream/UserMediaRequest.cpp:

(WebCore::UserMediaRequest::userMediaDocumentOrigin): Reverse the logic so that it is similar
to topLevelDocumentOrigin.
(WebCore::UserMediaRequest::topLevelDocumentOrigin): Return the top origin always.

12:02 PM Changeset in webkit [198081] by ddkilzer@apple.com

4 edits in trunk/Source

REGRESSION (r198079): Windows build broke because of "%PRId64" format specifier

Source/WebCore:

platform/network/ParsedContentRange.cpp: Add #include

<wtf/StdLibExtras.h> and remove local definition of "PRId64".

Source/WTF:

This fixes the following build failure in WebCore for Windows:

C:\Source\WebCore\page\DOMTimer.cpp(396): error C2146: syntax error: missing ')' before identifier 'PRId64' [C:\WebKitBuild\Debug\Source\WebCore\WebCore.vcxproj]
C:\Source\WebCore\page\DOMTimer.cpp(399): error C2146: syntax error: missing ')' before identifier 'PRId64' [C:\WebKitBuild\Debug\Source\WebCore\WebCore.vcxproj]

wtf/StdLibExtras.h: Define "PRId64" for Windows here so it may

be shared. This should fix DOMTimer.cpp after r198079 since it
already includes StdLibExtras.h.

8:46 AM Changeset in webkit [198080] by mark.lam@apple.com

2 edits
1 add in trunk/Source/JavaScriptCore

http://kangax.github.io/compat-table/esnext/ crashes reliably.
https://bugs.webkit.org/show_bug.cgi?id=155404

Reviewed by Yusuke Suzuki.

constructObjectFromPropertyDescriptor() was incorrectly assuming that either
both getter and setter will be set or unset. It did not consider that only one
of the getter or setter may be set. This patch fixes that.

runtime/ObjectConstructor.h:

(JSC::constructObjectFromPropertyDescriptor):

tests/stress/proxy-with-unbalanced-getter-setter.js: Added.

(assert):
(let.handler.defineProperty):
(i.):
(i.assert):
(i.get assert):
(set assert):

7:46 AM Changeset in webkit [198079] by jh718.park@samsung.com

2 edits in trunk/Source/WebCore

[EFL] Fix debug build error since r197690. Unreviewed.
https://bugs.webkit.org/show_bug.cgi?id=155408

Unreviewed. Change %lld to %PRId instead to correct the error below.
error: format ‘%lld’ expects argument of type ‘long long int’,
but argument 5 has type ‘std::chrono::duration<long int, std::ratio<1l, 1000l> >::rep
{aka long int}’ [-Werror=format=]

page/DOMTimer.cpp:

(WebCore::DOMTimer::updateTimerIntervalIfNecessary):

Mar 12, 2016:

7:58 PM Changeset in webkit [198078] by mmaxfield@apple.com

12 edits in trunk/Source/WebCore

[Cocoa] Remove typedef from NSScrollerImp to ScrollbarPainter
https://bugs.webkit.org/show_bug.cgi?id=155379

Reviewed by Beth Dakin.

There's no reason to not call them what they are.

No new tests because there is no behavior change.

page/scrolling/AsyncScrollingCoordinator.cpp:

(WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):

page/scrolling/ScrollingStateFrameScrollingNode.cpp:

(WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
(WebCore::ScrollingStateFrameScrollingNode::setScrollerImpsFromScrollbars):
(WebCore::ScrollingStateFrameScrollingNode::setScrollbarPaintersFromScrollbars): Deleted.

page/scrolling/ScrollingStateFrameScrollingNode.h:
page/scrolling/mac/ScrollingStateFrameScrollingNodeMac.mm:

(WebCore::ScrollingStateFrameScrollingNode::setScrollerImpsFromScrollbars):
(WebCore::ScrollingStateFrameScrollingNode::setScrollbarPaintersFromScrollbars): Deleted.

page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

(WebCore::ScrollingTreeFrameScrollingNodeMac::ScrollingTreeFrameScrollingNodeMac):
(WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
(WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollerImpsOnTheMainThread):
(WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
(WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent):
(WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollLayerPosition):
(WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollbarPaintersOnTheMainThread): Deleted.

platform/ScrollbarThemeComposite.h:
platform/mac/ScrollAnimatorMac.h:
platform/mac/ScrollAnimatorMac.mm:

(scrollbarPainterForScrollbar):
(-[WebScrollerImpDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
(-[WebScrollerImpDelegate scrollerImp:animateKnobAlphaTo:duration:]):
(-[WebScrollerImpDelegate scrollerImp:animateTrackAlphaTo:duration:]):
(-[WebScrollerImpDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
(-[WebScrollerImpDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
(WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
(WebCore::ScrollAnimatorMac::~ScrollAnimatorMac):
(WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
(WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
(WebCore::ScrollAnimatorMac::mouseIsDownInScrollbar):
(WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
(WebCore::ScrollAnimatorMac::willRemoveVerticalScrollbar):
(WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
(WebCore::ScrollAnimatorMac::willRemoveHorizontalScrollbar):
(WebCore::ScrollAnimatorMac::invalidateScrollbarPartLayers):
(WebCore::ScrollAnimatorMac::verticalScrollbarLayerDidChange):
(WebCore::ScrollAnimatorMac::horizontalScrollbarLayerDidChange):
(WebCore::ScrollAnimatorMac::shouldScrollbarParticipateInHitTesting):
(WebCore::ScrollAnimatorMac::notifyContentAreaScrolled):
(WebCore::ScrollAnimatorMac::cancelAnimations):
(WebCore::ScrollAnimatorMac::updateScrollerStyle):
(WebCore::ScrollAnimatorMac::initialScrollbarPaintTimerFired):
(-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]): Deleted.
(-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]): Deleted.
(-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]): Deleted.
(-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]): Deleted.
(-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]): Deleted.

platform/mac/ScrollbarThemeMac.h:
platform/mac/ScrollbarThemeMac.mm:

(WebCore::scrollbarMap):
(+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
(WebCore::ScrollbarThemeMac::registerScrollbar):
(WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
(WebCore::ScrollbarThemeMac::painterForScrollbar):
(WebCore::ScrollbarThemeMac::scrollbarThickness):
(WebCore::ScrollbarThemeMac::updateScrollbarOverlayStyle):
(WebCore::ScrollbarThemeMac::hasThumb):
(WebCore::ScrollbarThemeMac::setPaintCharacteristicsForScrollbar):
(WebCore::scrollbarPainterPaint):

7:48 PM Changeset in webkit [198077] by BJ Burg

11 edits in trunk/Source/JavaScriptCore

When generating Objective-C protocol types, getters for objects need to synthesize a new object instance
https://bugs.webkit.org/show_bug.cgi?id=155389
<rdar://problem/25125821>

Reviewed by Timothy Hatcher.

Currently, in object property getters for Objective-C protocol types, we use
a C-style cast of the member's RWIProtocolJSONObject * to the type of the property.
However, at runtime the class of self is going to be RWIProtocolJSONObject *,
not MemberType *, so any subsequent calls to MemberType properties on the return value
will fail as the selectors will not be recognized.

Instead of doing a C-style pointer cast, we need to create a new MemberType object
that's backed by the InspectorObject retrieved from the parent object by key.
This requires a new initWithJSONObject initializer for each object protocol type.

inspector/scripts/codegen/generate_objc_header.py:

(ObjCHeaderGenerator._generate_type_interface): Add new declaration.

inspector/scripts/codegen/generate_objc_protocol_types_implementation.py:

(ObjCProtocolTypesImplementationGenerator.generate_type_implementation):
(ObjCProtocolTypesImplementationGenerator._generate_init_method_for_json_object): Added.
Forward through to the super class initializer who assigns the underlying InspectorObject.

(ObjCProtocolTypesImplementationGenerator._generate_init_method_for_required_members):
Drive-by cleanup to use the more compact [super init] form.

inspector/scripts/codegen/objc_generator.py:

(ObjCGenerator.protocol_to_objc_expression_for_member):
For property getters of objects, use initWithJSONObject: rather than a C-style cast.

Rebaseline relevant test results.

inspector/scripts/tests/expected/commands-with-async-attribute.json-result:
inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
inspector/scripts/tests/expected/events-with-optional-parameters.json-result:
inspector/scripts/tests/expected/generate-domains-with-feature-guards.json-result:
inspector/scripts/tests/expected/shadowed-optional-type-setters.json-result:
inspector/scripts/tests/expected/type-declaration-object-type.json-result:
inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:

6:39 PM Changeset in webkit [198076] by commit-queue@webkit.org

2 edits in trunk/Source/JavaScriptCore

Removed variable names from default constructor declarations.
https://bugs.webkit.org/show_bug.cgi?id=155397

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-12
Reviewed by Mark Lam.

They carry no information and generate unused variable warning with GCC
4.8 in a lot of source files.

parser/VariableEnvironment.h:

5:55 PM Changeset in webkit [198075] by dino@apple.com

5 edits
4 adds in trunk

REGRESSION (r188647): Teamtreehouse website sidebar buttons are not rendered
https://bugs.webkit.org/show_bug.cgi?id=155400
<rdar://problem/24818602>

Reviewed by Anders Carlsson.

Source/WebCore:

When we unprefixed CSS filters we accidentally
stopped SVG elements that use the CSS filter shorthands
from rendering. We still don't actually support
the shorthands in this case, but we should render
the element without the filter.

Tests: css3/filters/filters-on-svg-element.html

css3/filters/filters-on-svg-root.html

rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::hasReferenceFilterOnly): Add
this new function that tells us if we have the
style of filter that we can handle in SVG content.

rendering/style/RenderStyle.h:
rendering/svg/SVGRenderingContext.cpp:

(WebCore::SVGRenderingContext::prepareToRenderSVGContent):
We can mark an element as ready to render if it
has a shorthand filter.

LayoutTests:

Add tests with SVG content that uses CSS filter
shorthands. These particular filters are no-ops
so should not affect rendering. If they actually
tried to do something you wouldn't see them work
until we enable shorthand filters on SVG content.

css3/filters/filters-on-svg-element-expected.html: Added.
css3/filters/filters-on-svg-element.html: Added.
css3/filters/filters-on-svg-root-expected.html: Added.
css3/filters/filters-on-svg-root.html: Added.

4:36 PM Changeset in webkit [198074] by mmaxfield@apple.com

75 edits
7 deletes in trunk

Delete dead SVG Font code
https://bugs.webkit.org/show_bug.cgi?id=154718

Reviewed by Antti Koivisto.

Source/cmake/OptionsEfl.cmake:
Source/cmake/OptionsWin.cmake:
Source/cmake/WebKitFeatures.cmake:
Source/cmake/tools/vsprops/FeatureDefines.props:
Source/cmake/tools/vsprops/FeatureDefinesCairo.props:

Source/JavaScriptCore:

Configurations/FeatureDefines.xcconfig:

Source/WebCore:

All the ports have adopted the SVG -> OTF Font Converter, so there will never
be an instantiation of a font backed by a DOM subtree. We can remove all the
infrastructure used to support that.

No new tests because there is no behavior change.

CMakeLists.txt:
Configurations/FeatureDefines.xcconfig:
WebCore.order:
WebCore.xcodeproj/project.pbxproj:
css/CSSFontFaceSource.cpp:

(WebCore::CSSFontFaceSource::CSSFontFaceSource): Deleted.
(WebCore::CSSFontFaceSource::font): Deleted.

css/CSSFontFaceSource.h:
loader/cache/CachedFont.cpp:
loader/cache/CachedSVGFont.cpp:

(WebCore::CachedSVGFont::createFont): Deleted.
(WebCore::CachedSVGFont::ensureCustomFontData): Deleted.

loader/cache/CachedSVGFont.h:
platform/graphics/Font.cpp:

(WebCore::Font::Font):
(WebCore::fillGlyphPage):
(WebCore::Font::description): Deleted.
(WebCore::Font::createScaledFont): Deleted.
(WebCore::Font::applyTransforms): Deleted.

platform/graphics/Font.h:

(WebCore::Font::widthForGlyph):
(WebCore::Font::SVGData::~SVGData): Deleted.
(WebCore::Font::create): Deleted.
(WebCore::Font::svgData): Deleted.
(WebCore::Font::isSVGFont): Deleted.

platform/graphics/win/FontWin.cpp:
platform/graphics/FontCascade.cpp:

(WebCore::FontCascade::drawText):
(WebCore::FontCascade::drawEmphasisMarks):
(WebCore::FontCascade::glyphDataForCharacter):
(WebCore::FontCascade::adjustSelectionRectForText):
(WebCore::FontCascade::offsetForPosition):
(WebCore::FontCascade::drawEmphasisMarksForSimpleText):
(WebCore::FontCascade::drawGlyphBuffer):
(WebCore::isDrawnWithSVGFont): Deleted.
(WebCore::FontCascade::width): Deleted.
(WebCore::FontCascade::codePath): Deleted.

platform/graphics/FontCascade.h:
platform/graphics/GraphicsContext.h:
platform/graphics/SVGGlyph.cpp: Removed.

(WebCore::processArabicFormDetection): Deleted.
(WebCore::charactersWithArabicForm): Deleted.
(WebCore::isCompatibleArabicForm): Deleted.
(WebCore::isCompatibleGlyph): Deleted.

platform/graphics/SVGGlyph.h: Removed.

(WebCore::SVGGlyph::SVGGlyph): Deleted.
(WebCore::SVGGlyph::inheritedValue): Deleted.
(WebCore::SVGGlyph::operator==): Deleted.

platform/graphics/TextRun.cpp:
platform/graphics/TextRun.h:

(WebCore::TextRun::RenderingContext::~RenderingContext): Deleted.
(WebCore::TextRun::renderingContext): Deleted.
(WebCore::TextRun::setRenderingContext): Deleted.

platform/graphics/WidthIterator.cpp:

(WebCore::WidthIterator::applyFontTransforms):
(WebCore::WidthIterator::advanceInternal):
(WebCore::WidthIterator::glyphDataForCharacter): Deleted.

platform/graphics/WidthIterator.h:

(WebCore::WidthIterator::lastGlyphName): Deleted.
(WebCore::WidthIterator::setLastGlyphName): Deleted.
(WebCore::WidthIterator::arabicForms): Deleted.

platform/graphics/cairo/FontCairo.cpp:

(WebCore::CairoGlyphToPathTranslator::advance):
(WebCore::FontCascade::dashesForIntersectionsWithRect):
(WebCore::CairoGlyphToPathTranslator::moveToNextValidGlyph): Deleted.

platform/graphics/cocoa/FontCascadeCocoa.mm:

(WebCore::MacGlyphToPathTranslator::advance):
(WebCore::FontCascade::dashesForIntersectionsWithRect):
(WebCore::FontCascade::primaryFontIsSystemFont):
(WebCore::FontCascade::drawEmphasisMarksForComplexText):
(WebCore::MacGlyphToPathTranslator::moveToNextValidGlyph): Deleted.

platform/graphics/harfbuzz/HarfBuzzShaper.cpp:

(WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Deleted.

platform/graphics/mac/ComplexTextController.cpp:

(WebCore::TextLayout::isNeeded):
(WebCore::TextLayout::TextLayout):
(WebCore::TextLayout::constructTextRun):

rendering/EllipsisBox.cpp:

(WebCore::EllipsisBox::paint):
(WebCore::EllipsisBox::selectionRect):
(WebCore::EllipsisBox::paintSelection):

rendering/InlineTextBox.cpp:

(WebCore::InlineTextBox::localSelectionRect):
(WebCore::InlineTextBox::paint):
(WebCore::InlineTextBox::paintSelection):
(WebCore::InlineTextBox::paintCompositionBackground):
(WebCore::InlineTextBox::paintDocumentMarker):
(WebCore::InlineTextBox::paintTextMatchMarker):
(WebCore::InlineTextBox::offsetForPosition):
(WebCore::InlineTextBox::positionForOffset):
(WebCore::InlineTextBox::constructTextRun):

rendering/InlineTextBox.h:
rendering/RenderBlock.cpp:

(WebCore::RenderBlock::constructTextRun):

rendering/RenderBlock.h:
rendering/RenderBlockFlow.cpp:

(WebCore::stripTrailingSpace):

rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::checkLinesForTextOverflow):

rendering/RenderDeprecatedFlexibleBox.cpp:

(WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):

rendering/RenderFileUploadControl.cpp:

(WebCore::RenderFileUploadControl::paintObject):
(WebCore::RenderFileUploadControl::computeIntrinsicLogicalWidths):

rendering/RenderImage.cpp:

(WebCore::RenderImage::setImageSizeForAltText):
(WebCore::RenderImage::paintReplaced):

rendering/RenderListBox.cpp:

(WebCore::RenderListBox::updateFromElement):

rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::paint):
(WebCore::RenderListMarker::computePreferredLogicalWidths):
(WebCore::RenderListMarker::getRelativeMarkerRect):

rendering/RenderMenuList.cpp:

(RenderMenuList::updateOptionsWidth):

rendering/RenderText.cpp:

(WebCore::RenderText::widthFromCache):
(WebCore::RenderText::trimmedPrefWidths):
(WebCore::hyphenWidth):
(WebCore::maxWordFragmentWidth):
(WebCore::RenderText::computePreferredLogicalWidths):
(WebCore::RenderText::width):

rendering/RenderTextControl.cpp:

(WebCore::RenderTextControl::getAverageCharWidth):

rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeMeasureTextClient::RenderThemeMeasureTextClient):
(WebCore::adjustInputElementButtonStyle):

rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::canUseForFontAndText): Deleted.

rendering/line/BreakingContext.h:

(WebCore::WordTrailingSpace::WordTrailingSpace):
(WebCore::WordTrailingSpace::width):
(WebCore::measureHyphenWidth):
(WebCore::textWidth):
(WebCore::tryHyphenating):
(WebCore::BreakingContext::handleText):

rendering/svg/RenderSVGAllInOne.cpp:
rendering/svg/RenderSVGText.cpp:
rendering/svg/SVGInlineTextBox.cpp:

(WebCore::SVGInlineTextBox::prepareGraphicsContextForTextPainting):
(WebCore::SVGInlineTextBox::restoreGraphicsContextAfterTextPainting):
(WebCore::SVGInlineTextBox::paintTextWithShadows):
(WebCore::SVGInlineTextBox::constructTextRun): Deleted.

rendering/svg/SVGInlineTextBox.h:
rendering/svg/SVGTextLayoutEngine.cpp:

(WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath):

rendering/svg/SVGTextLayoutEngineSpacing.cpp:

(WebCore::SVGTextLayoutEngineSpacing::calculateSVGKerning): Deleted.

rendering/svg/SVGTextLayoutEngineSpacing.h:
rendering/svg/SVGTextMetrics.cpp:

(WebCore::SVGTextMetrics::SVGTextMetrics):
(WebCore::SVGTextMetrics::constructTextRun): Deleted.

rendering/svg/SVGTextMetrics.h:
rendering/svg/SVGTextMetricsBuilder.cpp:

(WebCore::SVGTextMetricsBuilder::advanceSimpleText):

rendering/svg/SVGTextRunRenderingContext.cpp: Removed.

(WebCore::svgFontAndFontFaceElementForFontData): Deleted.
(WebCore::SVGTextRunRenderingContext::floatWidthUsingSVGFont): Deleted.
(WebCore::SVGTextRunRenderingContext::applySVGKerning): Deleted.
(WebCore::SVGGlyphToPathTranslator::SVGGlyphToPathTranslator): Deleted.
(WebCore::SVGGlyphToPathTranslator::transform): Deleted.
(WebCore::SVGGlyphToPathTranslator::path): Deleted.
(WebCore::SVGGlyphToPathTranslator::extents): Deleted.
(WebCore::SVGGlyphToPathTranslator::moveToNextValidGlyph): Deleted.
(WebCore::SVGGlyphToPathTranslator::advance): Deleted.
(WebCore::SVGTextRunRenderingContext::createGlyphToPathTranslator): Deleted.
(WebCore::SVGTextRunRenderingContext::drawSVGGlyphs): Deleted.
(WebCore::missingGlyphForFont): Deleted.
(WebCore::SVGTextRunRenderingContext::glyphDataForCharacter): Deleted.

rendering/svg/SVGTextRunRenderingContext.h: Removed.
svg/SVGAllInOne.cpp:
svg/SVGFontData.cpp: Removed.

(WebCore::SVGFontData::SVGFontData): Deleted.
(WebCore::SVGFontData::initializeFont): Deleted.
(WebCore::SVGFontData::widthForSVGGlyph): Deleted.
(WebCore::SVGFontData::applySVGGlyphSelection): Deleted.
(WebCore::SVGFontData::fillSVGGlyphPage): Deleted.
(WebCore::SVGFontData::fillBMPGlyphs): Deleted.
(WebCore::SVGFontData::fillNonBMPGlyphs): Deleted.
(WebCore::computeNormalizedSpaces): Deleted.
(WebCore::createStringWithMirroredCharacters): Deleted.

svg/SVGFontData.h: Removed.

(WebCore::SVGFontData::~SVGFontData): Deleted.
(WebCore::SVGFontData::svgFontFaceElement): Deleted.
(WebCore::SVGFontData::horizontalOriginX): Deleted.
(WebCore::SVGFontData::horizontalOriginY): Deleted.
(WebCore::SVGFontData::horizontalAdvanceX): Deleted.
(WebCore::SVGFontData::verticalOriginX): Deleted.
(WebCore::SVGFontData::verticalOriginY): Deleted.
(WebCore::SVGFontData::verticalAdvanceY): Deleted.

svg/SVGFontElement.cpp:

(WebCore::SVGFontElement::SVGFontElement): Deleted.
(WebCore::SVGFontElement::invalidateGlyphCache): Deleted.
(WebCore::SVGFontElement::firstMissingGlyphElement): Deleted.
(WebCore::SVGFontElement::registerLigaturesInGlyphCache): Deleted.
(WebCore::SVGFontElement::ensureGlyphCache): Deleted.
(WebCore::SVGKerningMap::clear): Deleted.
(WebCore::SVGKerningMap::insert): Deleted.
(WebCore::stringMatchesUnicodeRange): Deleted.
(WebCore::stringMatchesGlyphName): Deleted.
(WebCore::stringMatchesUnicodeName): Deleted.
(WebCore::matches): Deleted.
(WebCore::kerningForPairOfStringsAndGlyphs): Deleted.
(WebCore::SVGFontElement::horizontalKerningForPairOfStringsAndGlyphs): Deleted.
(WebCore::SVGFontElement::verticalKerningForPairOfStringsAndGlyphs): Deleted.
(WebCore::SVGFontElement::collectGlyphsForString): Deleted.
(WebCore::SVGFontElement::collectGlyphsForGlyphName): Deleted.
(WebCore::SVGFontElement::svgGlyphForGlyph): Deleted.
(WebCore::SVGFontElement::missingGlyph): Deleted.

svg/SVGFontElement.h:

(WebCore::SVGKerning::SVGKerning): Deleted.
(WebCore::SVGKerningMap::isEmpty): Deleted.

svg/SVGGlyphElement.cpp:

(WebCore::SVGGlyphElement::invalidateGlyphCache): Deleted.
(WebCore::SVGGlyphElement::parseAttribute): Deleted.
(WebCore::SVGGlyphElement::insertedInto): Deleted.
(WebCore::SVGGlyphElement::removedFrom): Deleted.
(WebCore::parseArabicForm): Deleted.
(WebCore::parseOrientation): Deleted.
(WebCore::SVGGlyphElement::inheritUnspecifiedAttributes): Deleted.
(WebCore::parseSVGGlyphAttribute): Deleted.
(WebCore::SVGGlyphElement::buildGenericGlyphIdentifier): Deleted.
(WebCore::SVGGlyphElement::buildGlyphIdentifier): Deleted.

svg/SVGGlyphElement.h:
svg/SVGGlyphMap.h: Removed.

(WebCore::GlyphMapNode::GlyphMapNode): Deleted.
(WebCore::GlyphMapNode::create): Deleted.
(WebCore::SVGGlyphMap::SVGGlyphMap): Deleted.
(WebCore::SVGGlyphMap::addGlyph): Deleted.
(WebCore::SVGGlyphMap::appendToGlyphTable): Deleted.
(WebCore::SVGGlyphMap::compareGlyphPriority): Deleted.
(WebCore::SVGGlyphMap::collectGlyphsForString): Deleted.
(WebCore::SVGGlyphMap::clear): Deleted.
(WebCore::SVGGlyphMap::svgGlyphForGlyph): Deleted.
(WebCore::SVGGlyphMap::glyphIdentifierForGlyphName): Deleted.

svg/SVGHKernElement.cpp:

(WebCore::SVGHKernElement::insertedInto): Deleted.
(WebCore::SVGHKernElement::removedFrom): Deleted.

svg/SVGHKernElement.h:
svg/SVGToOTFFontConversion.cpp:
svg/SVGToOTFFontConversion.h:
svg/SVGVKernElement.cpp:

(WebCore::SVGVKernElement::insertedInto): Deleted.
(WebCore::SVGVKernElement::removedFrom): Deleted.

svg/SVGVKernElement.h:

Source/WebKit/mac:

Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

Configurations/FeatureDefines.xcconfig:

4:22 PM Changeset in webkit [198073] by bshafiei@apple.com

4 edits in tags/Safari-602.1.22.1/Source

Roll out r197572. rdar://problem/25114544

4:02 PM Changeset in webkit [198072] by bshafiei@apple.com

5 edits in tags/Safari-602.1.22.1/Source

Versioning.

3:59 PM Changeset in webkit [198071] by bshafiei@apple.com

1 copy in tags/Safari-602.1.22.1

New tag.

3:15 PM Changeset in webkit [198070] by Beth Dakin

7 edits
11 moves in trunk/Source/WebKit2

Make preview inline navigation work API
https://bugs.webkit.org/show_bug.cgi?id=155383
-and corresponding-
rdar://problem/25117985

Reviewed by Dan Bernstein.

With this patch:
_WKElementInfo is now WKElementInfo in file and class names. Header is now
public.

_WKPreviewElementInfo is now WKPreviewElementInfo in file and class names.
Header is now public.

_WKPreviewAction is now WKPreviewActionItem in filenames (header is now
public), the protocol _WKPreviewActionItem is now WKPreviewActionItem, and
the _WKPreviewAction class is now WKPreviewAction. (The internal header is
still project, of course.)
and
WKPreviewActionIdentifiersPrivate.h/mm is now
WKPreviewActionItemIdentifiers.h/mm and all the the identifiers have been
updated. Header is now public.

Shared/API/Cocoa/WebKit.h:
UIProcess/API/Cocoa/WKElementInfo.h: Copied from UIProcess/API/Cocoa/_WKElementInfo.h.
UIProcess/API/Cocoa/WKElementInfo.mm: Copied from UIProcess/API/Cocoa/_WKElementInfo.mm.

(-[WKElementInfo copyWithZone:]):
(-[_WKElementInfo copyWithZone:]): Deleted.

UIProcess/API/Cocoa/WKElementInfoInternal.h: Copied from UIProcess/API/Cocoa/_WKElementInfoInternal.h.
UIProcess/API/Cocoa/WKPreviewActionIdentifiersPrivate.h: Removed.
UIProcess/API/Cocoa/WKPreviewActionIdentifiersPrivate.mm: Removed.
UIProcess/API/Cocoa/WKPreviewActionItem.h: Copied from UIProcess/API/Cocoa/_WKPreviewAction.h.
UIProcess/API/Cocoa/WKPreviewActionItem.mm: Copied from UIProcess/API/Cocoa/_WKPreviewAction.mm.
UIProcess/API/Cocoa/WKPreviewActionItemIdentifiers.h: Copied from UIProcess/API/Cocoa/WKPreviewActionIdentifiersPrivate.h.
UIProcess/API/Cocoa/WKPreviewActionItemIdentifiers.mm: Copied from UIProcess/API/Cocoa/WKPreviewActionIdentifiersPrivate.mm.
UIProcess/API/Cocoa/WKPreviewActionItemInternal.h: Copied from UIProcess/API/Cocoa/_WKPreviewActionInternal.h.
UIProcess/API/Cocoa/WKPreviewElementInfo.h: Copied from UIProcess/API/Cocoa/_WKPreviewElementInfo.h.
UIProcess/API/Cocoa/WKPreviewElementInfo.mm: Copied from UIProcess/API/Cocoa/_WKPreviewElementInfo.mm.

(-[WKPreviewElementInfo _initWithLinkURL:]):
(-[_WKPreviewElementInfo _initWithLinkURL:]): Deleted.

UIProcess/API/Cocoa/WKPreviewElementInfoInternal.h: Copied from UIProcess/API/Cocoa/_WKPreviewElementInfoInternal.h.
UIProcess/API/Cocoa/WKUIDelegate.h:
UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
UIProcess/API/Cocoa/_WKContextMenuElementInfo.h:
UIProcess/API/Cocoa/_WKElementInfo.h: Removed.
UIProcess/API/Cocoa/_WKElementInfo.mm: Removed.
UIProcess/API/Cocoa/_WKElementInfoInternal.h: Removed.
UIProcess/API/Cocoa/_WKPreviewAction.h: Removed.
UIProcess/API/Cocoa/_WKPreviewAction.mm: Removed.
UIProcess/API/Cocoa/_WKPreviewActionInternal.h: Removed.
UIProcess/API/Cocoa/_WKPreviewElementInfo.h: Removed.
UIProcess/API/Cocoa/_WKPreviewElementInfo.mm: Removed.
UIProcess/API/Cocoa/_WKPreviewElementInfoInternal.h: Removed.
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _interactionShouldBeginFromPreviewItemController:forPosition:]):
(previewIdentifierForElementAction):
(-[WKContentView _presentedViewControllerForPreviewItemController:]):
(-[WKContentView _previewItemController:commitPreview:]):

WebKit2.xcodeproj/project.pbxproj:

1:18 PM Changeset in webkit [198069] by mmaxfield@apple.com

14 edits
10 adds in trunk

[OS X] Scrollbars of overflow:scroll divs should appear on the left on RTL systems
https://bugs.webkit.org/show_bug.cgi?id=155385

Reviewed by Simon Fraser.

Source/WebCore:

There is already some existing setup for RTL scrollbars. This patch hooks up this
existing support to the OS X triggering mechanism introduced in r197956. It also
fixes up the existing support to function even when the direction of the
RTL-scrollbar div is LTR (this means the contents of the div must be pushed
over by the width of the scrollbar).

Tests: fast/scrolling/rtl-scrollbars-overflow-contents.html

fast/scrolling/rtl-scrollbars-overflow-dir-rtl.html
fast/scrolling/rtl-scrollbars-overflow-padding.html
fast/scrolling/rtl-scrollbars-overflow-simple.html
fast/scrolling/rtl-scrollbars-overflow.html

rendering/RenderBlock.cpp:

(WebCore::RenderBlock::addOverflowFromPositionedObjects):
(WebCore::RenderBlock::logicalLeftOffsetForContent):
(WebCore::RenderBlock::logicalRightOffsetForContent):

rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::determineLogicalLeftPositionForChild):

rendering/RenderBox.cpp:

(WebCore::RenderBox::overflowClipRect):
(WebCore::RenderBox::layoutOverflowRectForPropagation):

rendering/RenderLayer.cpp:

(WebCore::RenderLayer::computeScrollDimensions):

rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::shouldPlaceBlockDirectionScrollbarOnLogicalLeft):

rendering/style/RenderStyle.h:

LayoutTests:

platform/mac-wk1/TestExpectations:
platform/mac/TestExpectations:
platform/efl/TestExpectations:
platform/gtk/TestExpectations:
platform/ios-simulator/TestExpectations:
platform/win/TestExpectations:
fast/scrolling/rtl-scrollbars-overflow-contents-expected.html: Added.
fast/scrolling/rtl-scrollbars-overflow-contents.html: Added.
fast/scrolling/rtl-scrollbars-overflow-dir-rtl-expected.html: Added.
fast/scrolling/rtl-scrollbars-overflow-dir-rtl.html: Added.
fast/scrolling/rtl-scrollbars-overflow-expected.html: Added.
fast/scrolling/rtl-scrollbars-overflow-padding-expected.html: Added.
fast/scrolling/rtl-scrollbars-overflow-padding.html: Added.
fast/scrolling/rtl-scrollbars-overflow-simple-expected-mismatch.html: Added.
fast/scrolling/rtl-scrollbars-overflow-simple.html: Added.
fast/scrolling/rtl-scrollbars-overflow.html: Added.

12:59 PM Changeset in webkit [198068] by bshafiei@apple.com

1 copy in tags/Safari-601.6.8

New tag.

12:58 PM Changeset in webkit [198067] by ddkilzer@apple.com

2 edits in trunk/Tools

REGRESSION (r178615): Fix incorrect case in included header for WeakPtr.cpp

TestWebKitAPI/Tests/WTF/WeakPtr.cpp: Change "test.h" to

"Test.h" to fix incorrect case. This was discovered when adding
WeakPtr.cpp to CMakeLists.txt for the patch on Bug 155394.

11:59 AM Changeset in webkit [198066] by ddkilzer@apple.com

4 edits in trunk/Tools

run-webkit-tests: handle Darwin framework/library environment variables more consistently
<http://webkit.org/b/155392>

Reviewed by Daniel Bates.

These changes will make it possible to pass through environment
variables from the run-webkit-tests command-line.

Scripts/webkitpy/port/base.py:

(Port.to.setup_environ_for_server): Add DYLD_FRAMEWORK_PATH,
XPC_DYLD_FRAMEWORK_PATH and XPC_DYLD_LIBRARY_PATH to the
list of variables to keep from the run-webkit-test environment.

Scripts/webkitpy/port/driver.py:

(Driver._append_environment_variable_path): Add method to append
a path to an environment variable, or set the path if the
variable doesn't exist.
(Driver._setup_environ_for_driver): Extract build_root_path into
a local variable. Use Driver._append_environment_variable_path
to extend DYLD_LIBRARY_PATH, XPC_DYLD_LIBRARY_PATH,
DYLD_FRAMEWORK_PATH and XPC_DYLD_FRAMEWORK_PATH instead of
overwriting them.

Scripts/webkitpy/port/driver_unittest.py:

(DriverTest.testappend_environment_variable_path): Add test
method to test Driver._append_environment_variable_path.

10:16 AM Changeset in webkit [198065] by Nikita Vasilyev

5 edits in trunk/Source/WebInspectorUI

Web Inspector: Convert toolbar and tab bar to position absolute to reduce repaint areas
https://bugs.webkit.org/show_bug.cgi?id=155386

Reviewed by Timothy Hatcher.

Using CSS flexbox causes unnecessary large repaints.
Convert top level elements (.toolbar, .tab-bar, #main)
from flexbox to "position: absolute".

UserInterface/Views/Main.css:

(#main):

UserInterface/Views/TabBar.css:

(.tab-bar):

UserInterface/Views/Toolbar.css:

(.toolbar):
(body.mac-platform:not(.docked, .mavericks) .toolbar):
(body.mac-platform:not(.docked, .mavericks)):
(body.window-inactive:not(.mavericks) .toolbar): Deleted.

UserInterface/Views/Variables.css:

(:root):

9:30 AM Changeset in webkit [198064] by bshafiei@apple.com

5 edits in tags/Safari-602.1.22.0.1/Source

Versioning.

9:27 AM Changeset in webkit [198063] by bshafiei@apple.com

1 copy in tags/Safari-602.1.22.0.1

New tag.

9:24 AM Changeset in webkit [198062] by Alan Bujtas

9 edits
8 adds in trunk

[Forms: focus] focus rings around text fields do not follow contour (border-radius)
https://bugs.webkit.org/show_bug.cgi?id=154099
rdar://problem/9988429

Reviewed by Tim Horton.

Source/WebCore:

This patch enables outline-style: auto to follow the curve of border-radius.
When both border-radius and outline-style: auto are set, the native focusring painting will take the border-radius values
into account. This is only for outline-style: auto, other non-auto outline styles paint as if there
was no border-radius set.
It supports both single and multiline content with joint rectangles.
However in case of disjoint rectangles, we fallback to the non-radius drawing.

Tests: fast/inline/hidpi-outline-auto-with-border-radius-horizontal-ltr.html

fast/inline/hidpi-outline-auto-with-border-radius-horizontal-rtl.html
fast/inline/hidpi-outline-auto-with-border-radius-vertical-ltr.html
fast/inline/hidpi-outline-auto-with-border-radius-vertical-rtl.html

platform/graphics/GraphicsContext.h:
platform/graphics/Path.cpp:

(WebCore::Path::addBeziersForRoundedRect):

platform/graphics/Path.h:

(WebCore::Path::circleControlPoint):

platform/graphics/PathUtilities.cpp:

(WebCore::polygonsForRect):
(WebCore::PathUtilities::pathsWithShrinkWrappedRects):
(WebCore::startAndEndPointsForCorner):
(WebCore::cornerType):
(WebCore::controlPointsForBezierCurve):
(WebCore::adjustedtRadiiForHuggingCurve):
(WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):

platform/graphics/PathUtilities.h:
platform/graphics/mac/GraphicsContextMac.mm:

(WebCore::GraphicsContext::drawFocusRing):

rendering/RenderElement.cpp:

(WebCore::RenderElement::paintFocusRing):

LayoutTests:

Unfortunately there's no proper way to test native focusring drawing.
These tests attempt to verify that we don't end up painting sharp corners.

fast/inline/hidpi-outline-auto-with-border-radius-horizontal-ltr-expected.html: Added.
fast/inline/hidpi-outline-auto-with-border-radius-horizontal-ltr.html: Added.
fast/inline/hidpi-outline-auto-with-border-radius-horizontal-rtl-expected.html: Added.
fast/inline/hidpi-outline-auto-with-border-radius-horizontal-rtl.html: Added.
fast/inline/hidpi-outline-auto-with-border-radius-vertical-ltr-expected.html: Added.
fast/inline/hidpi-outline-auto-with-border-radius-vertical-ltr.html: Added.
fast/inline/hidpi-outline-auto-with-border-radius-vertical-rtl-expected.html: Added.
fast/inline/hidpi-outline-auto-with-border-radius-vertical-rtl.html: Added.

7:22 AM WebKitGTK/2.12.x edited by Michael Catanzaro

(diff)

2:51 AM Changeset in webkit [198061] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.4/Source/JavaScriptCore

Merge r173886 - [CLoop] - Fix CLoop on the 32-bit Big-Endians
https://bugs.webkit.org/show_bug.cgi?id=137020

Patch by Tomas Popela <tpopela@redhat.com> on 2016-03-12
Reviewed by Mark Lam.

llint/LowLevelInterpreter.asm:
llint/LowLevelInterpreter32_64.asm:

2:50 AM Changeset in webkit [198060] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.4/Source/JavaScriptCore

LLINT op_put_to_scope and op_get_from_scope should use loadpFromInstruction to get operand from instruction
https://bugs.webkit.org/show_bug.cgi?id=132333

Unreviewed.

When loading operand variable from instruction in
_llint_op_get_from_scope and _llint_op_put_to_scope use
loadpFromInstruction instead of loadisFromInstruction. Also when
saving the operand in LLIntSlowPaths.cpp use the same way as in
CodeBlock.cpp.

Patch by Tomas Popela <tpopela@redhat.com> on 2016-03-12

llint/LLIntSlowPaths.cpp:
llint/LowLevelInterpreter32_64.asm:
llint/LowLevelInterpreter64.asm:

2:50 AM Changeset in webkit [198059] by Carlos Garcia Campos

5 edits in releases/WebKitGTK/webkit-2.4/Source/JavaScriptCore

Revert "Merge r173886 - [CLoop] - Fix CLoop on the 32-bit Big-Endians"

This reverts commit 5eed35f00c8f26efa2bd5084dc5009563c307e7f.

2:23 AM Changeset in webkit [198058] by commit-queue@webkit.org

4 edits in trunk

.:
[GTK][Mac] Don't force ENABLE_INTROSPECTION=OFF on Mac
https://bugs.webkit.org/show_bug.cgi?id=152650

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-12
Reviewed by Carlos Garcia Campos.

Source/cmake/OptionsGTK.cmake:

Source/WebKit2:
[GTK][Mac] Use DYLD_LIBRARY_PATH on OSX rather then LD_LIBRARY_PATH
https://bugs.webkit.org/show_bug.cgi?id=152650

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-12
Reviewed by Carlos Garcia Campos.

PlatformGTK.cmake:

Mar 11, 2016:

7:28 PM Changeset in webkit [198057] by commit-queue@webkit.org

2 edits in trunk/Source/JavaScriptCore

[JSC] Remove a few jumps from DFG
https://bugs.webkit.org/show_bug.cgi?id=155347

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-11
Reviewed by Mark Lam.

Usually, setting ValueTrue or ValueFalse is set
by Compare+Or. There are 3 places in DFG with branches instead.

This patch changes them to the usual pattern.

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compileObjectEquality):
(JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):

7:11 PM Changeset in webkit [198056] by rniwa@webkit.org

26 edits
8 adds in trunk

Add Event.deepPath() and Event.scoped
https://bugs.webkit.org/show_bug.cgi?id=153538
<rdar://problem/24363836>

Reviewed by Darin Adler.

Source/WebCore:

Added the support for deepPath(), scoped, and relatedTargetScoped on Event.prototype for shadow DOM:
http://w3c.github.io/webcomponents/spec/shadow/#extensions-to-event-interface
and updated the EventPath class to respect scoped and relatedTargetScoped flags as specified at:
http://w3c.github.io/webcomponents/spec/shadow/#get-the-parent

Tests: fast/shadow-dom/Extensions-to-Event-Interface.html

fast/shadow-dom/trusted-event-scoped-flags.html

bindings/scripts/CodeGeneratorJS.pm:

(GenerateConstructorDefinition): Added the support for Conditional for InitializedByEventConstructor.

bindings/scripts/test/GObject/WebKitDOMTestEventConstructor.cpp:
bindings/scripts/test/GObject/WebKitDOMTestEventConstructor.h:
bindings/scripts/test/JS/JSTestEventConstructor.cpp:
bindings/scripts/test/ObjC/DOMTestEventConstructor.h:
bindings/scripts/test/ObjC/DOMTestEventConstructor.mm:
bindings/scripts/test/TestEventConstructor.idl: Added a test case for using InitializedByEventConstructor

with Conditional.

dom/Event.cpp:

(WebCore::Event::Event): Initialize m_scoped and m_relatedTargetScoped from EventInit dictionary.
(WebCore::Event::scoped): Added. Implements http://w3c.github.io/webcomponents/spec/shadow/#scoped-flag
(WebCore::Event::deepPath): Added.

dom/Event.h:

(WebCore::Event::relatedTargetScoped): Added. Overridden by FocusEvent and MouseEvent to implement
http://w3c.github.io/webcomponents/spec/shadow/#relatedtargetscoped-flag
(WebCore::Event::setEventPath): Added.
(WebCore::Event::clearEventPath): Added.

dom/Event.idl: Added scoped, relatedTargetScoped, and deepPath() conditionally enabled for shadow DOM.
dom/EventContext.h:

(WebCore::EventContext::currentTarget):

dom/EventDispatcher.cpp:

(WebCore::EventDispatcher::dispatchEvent): Set the event path while the event is being dispatched.

dom/EventPath.cpp:

(WebCore::shouldEventCrossShadowBoundary): Check event.scoped flag instead of hard-coding a list of events here
which has been moved to Event::scoped. See above.
(WebCore::EventPath::setRelatedTarget): Check m_event.relatedTargetScoped() instead of hard-coding a list of
events here. relatedTargetScoped is overridden by FocusEvent and MouseEvent.
(WebCore::EventPath::hasEventListeners): Fixed the misleading variable name.
(WebCore::isUnclosedNodeOf): Added. Implements http://w3c.github.io/webcomponents/spec/shadow/#dfn-unclosed-node
(WebCore::EventPath::computePathDisclosedToTarget): Added. Implements the algorithm to filter event targets:
http://w3c.github.io/webcomponents/spec/shadow/#widl-Event-deepPath-sequence-EventTarget

dom/EventPath.h:
dom/FocusEvent.cpp:

(WebCore::FocusEvent::relatedTargetScoped): Returns true when this is a trusted event per:
http://w3c.github.io/webcomponents/spec/shadow/#relatedtargetscoped-flag

dom/FocusEvent.h:
dom/MouseEvent.cpp:

(WebCore::MouseEvent::relatedTargetScoped): Ditto.

dom/MouseEvent.h:

LayoutTests:

Added a W3C style testharness.js tests for Event.prototype.scoped, Event.prototype.scopedRelatedTarget,
Event.prototype.deepPath() and a test that uses eventSender to verify the values of the scoped and
scopedRelatedTarget flags on trusted events.

fast/shadow-dom/Extensions-to-Event-Interface-expected.txt: Added.
fast/shadow-dom/Extensions-to-Event-Interface.html: Added.
fast/shadow-dom/event-with-related-target.html:
fast/shadow-dom/resources: Added.
fast/shadow-dom/resources/event-path-test-helpers.js: Added. Extracted from event-with-related-target.html.
fast/shadow-dom/trusted-event-scoped-flags-expected.txt: Added.
fast/shadow-dom/trusted-event-scoped-flags.html: Added.
fast/xmlhttprequest/xmlhttprequest-get-expected.txt:
http/tests/workers/worker-importScriptsOnError-expected.txt:
inspector/model/remote-object-get-properties-expected.txt:
platform/ios-simulator/fast/shadow-dom/trusted-event-scoped-flags-expected.txt: Added.

4:36 PM Changeset in webkit [198055] by commit-queue@webkit.org

9 edits in trunk/Source

Move prevalent resource classifier from WebCore to WebKit.
https://bugs.webkit.org/show_bug.cgi?id=155242
<rdar://problem/24913272>

Patch by John Wilander <wilander@apple.com> on 2016-03-11
Reviewed by Andy Estes.

Source/WebCore:

No new tests since we have yet to decide how to set up tests for prevalent resources.

loader/ResourceLoadObserver.cpp:

(WebCore::ResourceLoadObserver::logFrameNavigation):
(WebCore::ResourceLoadObserver::logSubresourceLoading):

Removed calls to old classifier in WebCore.

loader/ResourceLoadStatistics.cpp:

(WebCore::encodeHashCountedSet):
(WebCore::ResourceLoadStatistics::checkAndSetAsPrevalentResourceIfNecessary): Deleted.
(WebCore::ResourceLoadStatistics::hasPrevalentResourceCharacteristics): Deleted.

loader/ResourceLoadStatistics.h:
- Deleted old classification functions.
loader/ResourceLoadStatisticsStore.cpp:

(WebCore::ResourceLoadStatisticsStore::create):
(WebCore::ResourceLoadStatisticsStore::fireDataModificationHandler):
(WebCore::ResourceLoadStatisticsStore::hasEnoughDataForStatisticsProcessing):

New function to allow for checks before calls to processStatistics.

(WebCore::ResourceLoadStatisticsStore::processStatistics):

New function that receives a lamda and executes it on every entry in its statistics map.

loader/ResourceLoadStatisticsStore.h:

Source/WebKit2:

UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::create):
(WebKit::WebResourceLoadStatisticsStore::~WebResourceLoadStatisticsStore):
(WebKit::hasPrevalentResourceCharacteristics):
(WebKit::classifyPrevalentResources):

Moved these two functions from WebCore.

(WebKit::WebResourceLoadStatisticsStore::resourceLoadStatisticsUpdated):

Calls processStatistics with a lamda function to classify prevalent resources.

WebKit2.xcodeproj/project.pbxproj:
- Fixed the ordering of source files.

3:59 PM Changeset in webkit [198054] by weinig@apple.com

2 edits in trunk/Source/WebKit2

WebKit needs a new sandbox profile addition for DataDetectors
<rdar://problem/25091102>

Reviewed by Brent Fulgham.

WebProcess/com.apple.WebProcess.sb.in:

3:56 PM Changeset in webkit [198053] by ap@apple.com

3 edits in trunk/Tools

[ios-sim debug] API test WTF_Lock.ContendedShortSection and WTF_ParkingLot.UnparkOneFifty timing out
https://bugs.webkit.org/show_bug.cgi?id=155276

[ios-sim] API test WTF_Condition.TenProducersTenConsumersOneSlot timing out
https://bugs.webkit.org/show_bug.cgi?id=155345

[iOS Simulator] API test timeout: WTF_ParkingLot.UnparkOneFiftyThenFiftyAll
https://bugs.webkit.org/show_bug.cgi?id=153997
<rdar://problem/23580034>

<rdar://problem/23580018> TestWebKitAPI Timeout: WTF_ParkingLot.UnparkOneFifty

Rubber-stamped by Filip Pizlo.

Scripts/run-api-tests: These tests are pretty slow. Increase API test timeout.

TestWebKitAPI/Tests/WTF/ParkingLot.cpp: Start running WTF_ParkingLot.UnparkOneFiftyThenFiftyAll

on iOS again.

3:48 PM Changeset in webkit [198052] by sbarati@apple.com

5 edits
1 add in trunk/Source/JavaScriptCore

[ES6] Make Object.assign spec compliant
https://bugs.webkit.org/show_bug.cgi?id=155375

Reviewed by Michael Saboff.

This is a straight forward implementation of Object.assign
in the spec.
https://tc39.github.io/ecma262/#sec-object.assign
Before, weren't performing all of the specified operations.
Now, we are.

builtins/ObjectConstructor.js:

(assign):

runtime/CommonIdentifiers.h:
runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

tests/es6.yaml:

3:24 PM Changeset in webkit [198051] by Chris Dumez

5 edits in trunk/Source/WebKit2

Regression(r198040): WebKit2.DocumentStartUserScriptAlertCrashTest API test is crashing in debug
https://bugs.webkit.org/show_bug.cgi?id=155382

Reviewed by Alexey Proskuryakov.

r198040 introduced an assertion to make sure we never call
applicationBundleIsEqualTo() before setApplicationBundleIdentifier()
is called. This new assertion found a bug as it turns out we were
calling setApplicationBundleIdentifier() too late during the
WebProcess initialization and some runtime applications checks were
already done by then.

To address the problem, this patch moves the
setApplicationBundleIdentifier() call as early as possible during
the WebProcess and the NetworkProcess initialization. It also moves
it to the Cocoa specific files for clarity.

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::initializeNetworkProcess):

NetworkProcess/cocoa/NetworkProcessCocoa.mm:

(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):

WebProcess/WebProcess.cpp:

(WebKit::WebProcess::initializeWebProcess):

WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess):

3:15 PM Changeset in webkit [198050] by jiewen_tan@apple.com

3 edits
3 adds in trunk

WebKit should not be redirected to an invalid URL
https://bugs.webkit.org/show_bug.cgi?id=155263
<rdar://problem/22820172>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: http/tests/navigation/redirect-to-invalid-url.html

loader/SubresourceLoader.cpp:

(WebCore::SubresourceLoader::willSendRequestInternal):

LayoutTests:

http/tests/navigation/redirect-to-invalid-url-expected.txt: Added.
http/tests/navigation/redirect-to-invalid-url.html: Added.
http/tests/navigation/resources/redirect-to-invalid-url-frame.php: Added.

2:50 PM Changeset in webkit [198049] by enrica@apple.com

2 edits in trunk/Source/WebKit2

Use only selected text for Look up.
https://bugs.webkit.org/show_bug.cgi?id=155380

Reviewed by Tim Horton.

The corresponding piece that uses the extended context for Look up
is not ready yet. For the moment default to retrieving the selected text.

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _lookup:]):

2:49 PM Changeset in webkit [198048] by jer.noble@apple.com

2 edits in trunk/Tools

[ios-sim debug] API tests RequiresUserActionForPlaybackTest.DoesNotRequireUserActionForMediaPlayback and RequiresUserActionForAudioButNotVideoPlayback asserting
https://bugs.webkit.org/show_bug.cgi?id=155365

Reviewed by Darin Adler.

Allow tests running on iOS simulator to play video inline, avoiding this assert.

TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:

(RequiresUserActionForPlaybackTest::SetUp):

2:25 PM Changeset in webkit [198047] by bshafiei@apple.com

4 edits in tags/Safari-602.1.22/Source/WebKit2

Merged r198046.

2:13 PM Changeset in webkit [198046] by mitz@apple.com

4 edits in trunk/Source/WebKit2

[iOS] Allow clients to specify text suggestions to be used for a form input session
https://bugs.webkit.org/show_bug.cgi?id=155343

Patch by Chelsea Pugh <cpugh@apple.com> on 2016-03-11
Reviewed by Dan Bernstein.

UIProcess/API/Cocoa/_WKFormInputSession.h:
UIProcess/API/Cocoa/_WKInputDelegate.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKFormInputSession suggestions]): Add a getter for suggestions.
(-[WKFormInputSession setSuggestions:]): Add a setter, which calls setSuggestions with our suggestions on the input delegate.
(-[WKContentView insertTextSuggestion:]): Call _webView:insertTextSuggestion:inInputSession: on our input delegate so clients know
a text suggestion was tapped.

1:53 PM Changeset in webkit [198045] by Matt Baker

2 edits in trunk/Source/WebInspectorUI

Web Inspector: Wrong TimelineOverview height after switching from Events to Frames
https://bugs.webkit.org/show_bug.cgi?id=155366
<rdar://problem/25111028>

Reviewed by Timothy Hatcher.

UserInterface/Views/TimelineRecordingContentView.js:

(WebInspector.TimelineRecordingContentView.prototype._currentContentViewDidChange):
Update the overview height after setting a new view mode.

1:47 PM Changeset in webkit [198044] by Brent Fulgham

2 edits in trunk/Source/WebCore

Fix typo in StyleTreeResolver.cpp
https://bugs.webkit.org/show_bug.cgi?id=139946

Patch by Maksim Kisilev <mkisilev@yandex-team.ru> on 2016-03-10
Reviewed by Andy Estes.

The constructor for CheckForVisibilityChangeOnRecalcStyle was improperly comparing the
result of WKContentChange() (which is not a function) to WKContentVisibilityChange. I
believe the above cast would implicitly resolve to WKContentNoChange in all cases,
whether a visibility change had been observed or not.

This patch corrects this problem. I would expect that this might affect some content
visibility change behavior, but I'm not sure what the appropriate test case would be
since this was apparently found through code inspection.

style/StyleTreeResolver.cpp:

(WebCore::Style::CheckForVisibilityChangeOnRecalcStyle::CheckForVisibilityChangeOnRecalcStyle):

1:46 PM Changeset in webkit [198043] by Ryan Haddad

2 edits in trunk/LayoutTests

Marking media/track/track-in-band-style.html as flaky on Yosemite
https://bugs.webkit.org/show_bug.cgi?id=153143

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

1:08 PM Changeset in webkit [198042] by mark.lam@apple.com

21 edits in trunk

Implement Function.name and Function#toString for ES6 class.
https://bugs.webkit.org/show_bug.cgi?id=155336

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

The only thing that the ES6 spec says about toString with regards to class
objects is:

"The string representation must have the syntax of a FunctionDeclaration,
FunctionExpression, GeneratorDeclaration, GeneratorExpression, ClassDeclaration,
ClassExpression, ArrowFunction, MethodDefinition, or GeneratorMethod depending
upon the actual characteristics of the object."

Previously, invoking toString() on a class object will return the function
source string of the class' constructor function. This does not conform to the
spec in that the toString string for a class does not have the syntax of a
ClassDeclaration or ClassExpression.

This is now fixed by doing the following:

Added "m_classSource" to FunctionExecutable (and correspondingly to UnlinkedFunctionExecutable, FunctionMetadataNode, and ClassExprNode). m_classSource is the SourceCode for the code range "class ... { ... }".

Since the class constructor function is the in memory representation of the
class object, only class constructor functions will have its m_classSource
set. m_classSource will be "null" (by default) for all other functions.
This is how we know if a FunctionExecutable is for a class.

Note: FunctionExecutable does not have its own m_classSource. It always gets
it from its UnlinkedFunctionExecutable. This is ok to do because our CodeCache
currently does not cache UnlinkedFunctionExecutables for class constructors.

The ClassExprNode now tracks the SourceCode range for the class expression. This is used to set m_classSource in the UnlinkedFunctionExecutable at bytecode generation time, and the FunctionExecutable later at bytecode linking time.

Function.prototype.toString() now checks if the function is for a class. If so, it returns the string for the class source instead of just the function source for the class constructor.

Note: the class source is static from the time the class was parsed. This
can introduces some weirdness at runtime. Consider the following:

var v1 = class {}
v1.toString(); yields "class {}".

class c2 extends v1 {}

c2.proto === v1; yields true i.e. c2 extends v1.
c2.toString(); yields "class c2 extends v1 {}" which is fine.

v1 = {}; point v1 to something else now.

c2.proto === v1; now yields false i.e. c2 no longer extends v1.

c2 actually extends the class that v1 used to
point to, but ...

c2.toString(); still yields "class c2 extends v1 {}" which is no longer true.

It is unclear how we can best implement toString() to avoid this issue.
The above behavior is how Chrome (Version 51.0.2671.0 canary (64-bit))
currently implements toString() of a class, and we do the same in this patch.
In Firefox (45.0), toString() of a class will yield the function source of it
constructor function, which is not better.

In this patch, we also added ES6 compliance for Function.name on class objects:

The ClassExprNode now has a m_ecmaName string for tracking the inferred name of a class according to the ES6 spec. The ASTBuilder now mirrors its handling of FuncExprNodes to ClassExprNodes in setting the nodes' m_ecmaName where relevant.

The m_ecmaName is later used to set the m_ecmaName of the FunctionExecutable
of the class constructor, which in turn is used to populate the initial value
of the Function.name property.

Also renamed some variable names (/m_metadata/metadata/) to be consistent with webkit naming convention.

bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

bytecode/UnlinkedFunctionExecutable.h:
bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitNewArrowFunctionExpression):
(JSC::BytecodeGenerator::emitNewDefaultConstructor):

bytecompiler/BytecodeGenerator.h:
bytecompiler/NodesCodegen.cpp:

(JSC::ClassExprNode::emitBytecode):

parser/ASTBuilder.h:

(JSC::ASTBuilder::createAssignResolve):
(JSC::ASTBuilder::createYield):
(JSC::ASTBuilder::createClassExpr):
(JSC::ASTBuilder::createFunctionExpr):
(JSC::ASTBuilder::createProperty):
(JSC::ASTBuilder::makeAssignNode):

parser/NodeConstructors.h:

(JSC::FunctionParameters::FunctionParameters):
(JSC::BaseFuncExprNode::BaseFuncExprNode):
(JSC::FuncExprNode::FuncExprNode):
(JSC::FuncDeclNode::FuncDeclNode):
(JSC::ArrowFuncExprNode::ArrowFuncExprNode):
(JSC::ClassDeclNode::ClassDeclNode):
(JSC::ClassExprNode::ClassExprNode):

parser/Nodes.h:

(JSC::ExpressionNode::isDestructuringNode):
(JSC::ExpressionNode::isFuncExprNode):
(JSC::ExpressionNode::isArrowFuncExprNode):
(JSC::ExpressionNode::isClassExprNode):
(JSC::ExpressionNode::isCommaNode):
(JSC::ExpressionNode::isSimpleArray):
(JSC::ExpressionNode::isAdd):

parser/Parser.cpp:

(JSC::stringForFunctionMode):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::Parser<LexerType>::parseClass):

parser/ParserFunctionInfo.h:
parser/SyntaxChecker.h:

(JSC::SyntaxChecker::createEmptyLetExpression):
(JSC::SyntaxChecker::createYield):
(JSC::SyntaxChecker::createClassExpr):
(JSC::SyntaxChecker::createFunctionExpr):
(JSC::SyntaxChecker::createFunctionMetadata):
(JSC::SyntaxChecker::createArrowFunctionExpr):

runtime/Executable.cpp:

(JSC::FunctionExecutable::FunctionExecutable):
(JSC::FunctionExecutable::finishCreation):

runtime/Executable.h:
runtime/FunctionPrototype.cpp:

(JSC::functionProtoFuncToString):

tests/es6.yaml:

LayoutTests:

js/class-syntax-name-expected.txt:
js/script-tests/class-syntax-name.js:

(shouldBe):
(shouldBeTrue):

Rebased expected result.

js/function-toString-vs-name.html:
js/script-tests/function-toString-vs-name.js:
Added new tests for class.

platform/mac/inspector/model/remote-object-expected.txt:
Rebased expected result.

1:07 PM BuildingGtk edited by clopez@igalia.com

(diff)

1:06 PM BuildingGtk edited by clopez@igalia.com

(diff)

1:05 PM BuildingGtk edited by clopez@igalia.com

(diff)

12:59 PM Changeset in webkit [198041] by andersca@apple.com

2 edits in trunk/Source/WebKit2

Creating and releasing a WKBackForwardListItem crashes
https://bugs.webkit.org/show_bug.cgi?id=155376
rdar://problem/17377712

Reviewed by Dan Bernstein.

Make init unavailable.

UIProcess/API/Cocoa/WKBackForwardListItem.h:

12:26 PM Changeset in webkit [198040] by Chris Dumez

2 edits in trunk/Source/WebCore

iOS-sim debug: WebCoreNSURLSessionTest.BasicOperation and WebCoreNSURLSessionTest.InvalidateEmpty asserting
https://bugs.webkit.org/show_bug.cgi?id=155256

Reviewed by Alexey Proskuryakov.

r197628 consolidated the runtime application checking code for iOS and
Mac. However, while the new code works fine for WebKit2, it is unsafe
on WebKit1 / iOS and hits assertion in debug. The reason is that
applicationBundleIdentifier() for getting called from several threads
(WebThread, UIThread).

To address the problem, this patch renames applicationBundleIdentifier()
to applicationBundleIdentifierOverride() and only initializes the
override upon WebProcess and Network process initialization. We therefore
do not initialize the override in WebKit1 or in the WebKit2 UIProcess.
When the override is not set, we fall back to using the main bundle
identifier (which does the right thing for WebKit1 / WebKit2 UIProcess)
but without caching it to avoid thread safety issues.

No new tests, already covered by API tests currently crashing.

platform/RuntimeApplicationChecks.mm:

(WebCore::applicationBundleIdentifierOverride):

Renamed applicationBundleIdentifier() to applicationBundleIdentifierOverride() and only initialize upon initialization of the WebProcess or the Network process.
In debug, set a flag to indicate that the override was already queried.

(WebCore::applicationBundleIdentifier):
New utility function that is returns the application bundle override if it is
set and fallback to calling [[NSBundle mainBundle] bundleIdentifier] otherwise.

(WebCore::setApplicationBundleIdentifier):
Add assertions to make sure that:

This is always called from the main thread.
The application bundle identifier has not been queried *before* getting overriden as this would indicate a bug in our code and we would have wrongly returned the main bundle identifier in such case.

(WebCore::MacApplication::isAppleMail):
(WebCore::MacApplication::isIBooks):
(WebCore::MacApplication::isITunes):
(WebCore::MacApplication::isMicrosoftMessenger):
(WebCore::MacApplication::isAdobeInstaller):
(WebCore::MacApplication::isMicrosoftOutlook):
(WebCore::MacApplication::isQuickenEssentials):
(WebCore::MacApplication::isAperture):
(WebCore::MacApplication::isVersions):
(WebCore::MacApplication::isHRBlock):
(WebCore::MacApplication::isHipChat):
(WebCore::IOSApplication::isMobileSafari):
(WebCore::IOSApplication::isDumpRenderTree):
(WebCore::IOSApplication::isMobileStore):
(WebCore::IOSApplication::isFacebook):
(WebCore::IOSApplication::isDaijisenDictionary):
(WebCore::IOSApplication::isNASAHD):
(WebCore::IOSApplication::isTheEconomistOnIphone):
(WebCore::IOSApplication::isWebProcess):
(WebCore::IOSApplication::isIBooks):
Drop assertions making sure the cached flag is correct. We now have
an assertion to detect this earlier in setApplicationBundleIdentifier().

12:04 PM Changeset in webkit [198039] by Ryan Haddad

2 edits in trunk/LayoutTests

Marking imported/blink/fast/multicol/dynamic/multicol-with-abspos-svg-with-foreignobject-with-multicol-crash.html as flaky
https://bugs.webkit.org/show_bug.cgi?id=155339

Unreviewed test gardening.

This test is a flaky crash on ios-simulator debug.

platform/ios-simulator/TestExpectations:

12:01 PM Changeset in webkit [198038] by bshafiei@apple.com

5 edits
1 delete in tags/Safari-602.1.22/Source/JavaScriptCore

Merged r198024.

11:54 AM Changeset in webkit [198037] by Beth Dakin

2 edits in trunk/Source/WebKit2

Follow-up to:

_WKPreviewAction should be in an internal header
https://bugs.webkit.org/show_bug.cgi?id=155370

Rubber-stamped by Dan Bernstein.

UIProcess/API/Cocoa/_WKPreviewActionInternal.h:

11:37 AM Changeset in webkit [198036] by Ryan Haddad

2 edits in trunk/LayoutTests

Marking inspector/heap/getPreview.html as flaky on mac-wk2
https://bugs.webkit.org/show_bug.cgi?id=155312

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

11:35 AM Changeset in webkit [198035] by jer.noble@apple.com

5 edits in trunk/Source/WebCore

Web Audio becomes distorted after sample rate changes
https://bugs.webkit.org/show_bug.cgi?id=154538
<rdar://problem/24771292>

Reviewed by Darin Adler.

When the underlying audio hardware sample rate changes, the AudioUnit render callback will begin asking
for fewer or more frames. For example, when the sample rate goes from 44.1kHz to 48kHz, it will ask for
118 samples instead of 128. (And vice-versa, 140 samples instead of 128.) But the Web Audio engine can only
really handle requests in multiples of 128 samples. In the case where there are requests for < 128 samples,
actually render 128, but save off the unrequested samples in a separate bus. Then fill that bus during the
next request.

platform/audio/AudioBus.cpp:

(WebCore::AudioBus::copyFromRange): Added utility method.

platform/audio/AudioBus.h:
platform/audio/ios/AudioDestinationIOS.cpp:

(WebCore::AudioDestinationIOS::AudioDestinationIOS): Create a "spare" bus.
(WebCore::assignAudioBuffersToBus): Moved from inside render.
(WebCore::AudioDestinationIOS::render): Save off extra samples to the "spare" bus.

platform/audio/ios/AudioDestinationIOS.h:

11:30 AM Changeset in webkit [198034] by Ryan Haddad

2 edits in trunk/LayoutTests

Marking css3/masking/mask-luminance-svg.html and css3/masking/mask-svg-script-none-to-png.html as flaky
https://bugs.webkit.org/show_bug.cgi?id=155372.

Unreviewed test gardening.

These two tests are flaky crashes on ios-simulator debug.

platform/ios-simulator/TestExpectations:

11:29 AM Changeset in webkit [198033] by Beth Dakin

5 edits
1 add in trunk/Source/WebKit2

_WKPreviewAction should be in an internal header
https://bugs.webkit.org/show_bug.cgi?id=155370

Reviewed by Tim Horton.

Move _WKPreviewAction to an Internal header since only the protocol needs to
be SPI.

UIProcess/API/Cocoa/_WKPreviewAction.h:
UIProcess/API/Cocoa/_WKPreviewAction.mm:
UIProcess/API/Cocoa/_WKPreviewActionInternal.h: Added.
UIProcess/ios/WKContentViewInteraction.mm:
WebKit2.xcodeproj/project.pbxproj:

11:05 AM Changeset in webkit [198032] by bshafiei@apple.com

3 edits
3 deletes in tags/Safari-602.1.22

Merged r198027.

11:03 AM Changeset in webkit [198031] by bshafiei@apple.com

5 edits in trunk/Source

Versioning.

11:02 AM Changeset in webkit [198030] by bshafiei@apple.com

1 copy in tags/Safari-602.1.22

New tag.

10:52 AM Changeset in webkit [198029] by commit-queue@webkit.org

2 edits in trunk/Tools

[jhbuild] Disable LLVM OCaml bindings.
https://bugs.webkit.org/show_bug.cgi?id=153274

Patch by Frederic Wang <fwang@igalia.com> on 2016-03-11
Reviewed by Michael Catanzaro.

gtk/jhbuild.modules: disable all (actually only OCaml) bindings for LLVM.

10:48 AM Changeset in webkit [198028] by Yusuke Suzuki

2 edits in trunk/Source/WebCore

Unreviewed build fix after r198023.
https://bugs.webkit.org/show_bug.cgi?id=155024

Reviewed by Geoffrey Garen.

Update binding test results.

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::setJSTestObjWithScriptExecutionContextAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):

10:36 AM Changeset in webkit [198027] by Ryan Haddad

3 edits
3 deletes in trunk

Unreviewed, rolling out r197984.

This change caused an existing LayoutTest to fail

Reverted changeset:

"WebKit should not be redirected to an invalid URL"
https://bugs.webkit.org/show_bug.cgi?id=155263
http://trac.webkit.org/changeset/197984

10:30 AM Changeset in webkit [198026] by Matt Baker

3 edits in trunk/Source/WebInspectorUI

Web Inspector: Make it possible to disable TimelineRuler UI
https://bugs.webkit.org/show_bug.cgi?id=155348
<rdar://problem/25103505>

Reviewed by Timothy Hatcher.

Adds an "enabled" property to TimelineRuler, allowing the selection UI
to be disabled without removing the current selection.

UserInterface/Views/TimelineRuler.css:

(.timeline-ruler.allows-time-range-selection:not(.disabled)):
(.timeline-ruler > .selection-drag):
(.timeline-ruler:not(.disabled) > .selection-drag):
(.timeline-ruler:not(.disabled) > .selection-drag:active):
(.timeline-ruler.disabled > .selection-handle):
(.timeline-ruler.allows-time-range-selection): Deleted.
(.timeline-ruler > .selection-drag:active): Deleted.
Updated ruler styles for "disabled" state: pointer events are disabled,
selection handles hidden, and the default cursor is shown.

UserInterface/Views/TimelineRuler.js:

(WebInspector.TimelineRuler):
(WebInspector.TimelineRuler.prototype.get enabled):
(WebInspector.TimelineRuler.prototype.set enabled):
New property.
(WebInspector.TimelineRuler.prototype._handleClick):
Corrected code which always reset the pointer events to "all", instead
of setting it back to the original value.

10:02 AM Changeset in webkit [198025] by commit-queue@webkit.org

2 edits in trunk/Tools

Unreviewed, rolling out r197495.
https://bugs.webkit.org/show_bug.cgi?id=155369

LLVM is needed to run update-webkitgtk-libs reliably
(Requested by mcatanzaro on #webkit).

Reverted changeset:

"[jhbuild] Remove LLVM dependency."
https://bugs.webkit.org/show_bug.cgi?id=153274
http://trac.webkit.org/changeset/197495

9:51 AM Changeset in webkit [198024] by commit-queue@webkit.org

5 edits
1 delete in trunk/Source/JavaScriptCore

Unreviewed, rolling out r197994.
https://bugs.webkit.org/show_bug.cgi?id=155368

Broke several ARM tests (Requested by msaboff on #webkit).

Reverted changeset:

"[JSC] Add register reuse for ArithAdd of an Int32 and
constant in DFG"
https://bugs.webkit.org/show_bug.cgi?id=155164
http://trac.webkit.org/changeset/197994

9:28 AM Changeset in webkit [198023] by Yusuke Suzuki

116 edits
4 adds in trunk

[ES6] Implement Reflect.set without receiver support
https://bugs.webkit.org/show_bug.cgi?id=155024

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

This patch implements Reflect.set.
The challenge in this patch is Reflect.set requires boolean result of Set?,
this is not propagated in the previous JSC put implementation.

This patch changes the put and putByIndex signature from void put(...) and void putByIndex(...) to bool put(...) and bool putByIndex(...),
more consistent style to the ECMA262 spec's Set?.

This patch modifies so many part of WebKit. But almost all the changes are mechanical ones.

Currently, this patch does not support receiver modification support.
This will be supported in the subsequent patch[1].

[1]: https://bugs.webkit.org/show_bug.cgi?id=155294

API/JSCallbackObject.h:
API/JSCallbackObjectFunctions.h:

(JSC::JSCallbackObject<Parent>::put):
(JSC::JSCallbackObject<Parent>::putByIndex):

debugger/DebuggerScope.cpp:

(JSC::DebuggerScope::put):

debugger/DebuggerScope.h:
jsc.cpp:

(WTF::RuntimeArray::put):

runtime/ClassInfo.h:
runtime/ClonedArguments.cpp:

(JSC::ClonedArguments::put):

runtime/ClonedArguments.h:
runtime/CustomGetterSetter.cpp:

(JSC::callCustomSetter):

runtime/CustomGetterSetter.h:
runtime/GenericArguments.h:
runtime/GenericArgumentsInlines.h:

(JSC::GenericArguments<Type>::put):
(JSC::GenericArguments<Type>::putByIndex):

runtime/GetterSetter.cpp:

(JSC::callSetter):

runtime/GetterSetter.h:
runtime/JSArray.cpp:

(JSC::JSArray::defineOwnProperty):
(JSC::JSArray::put):
(JSC::JSArray::push):

runtime/JSArray.h:
runtime/JSArrayBuffer.cpp:

(JSC::JSArrayBuffer::put):

runtime/JSArrayBuffer.h:
runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::put):

runtime/JSArrayBufferView.h:
runtime/JSCJSValue.cpp:

(JSC::JSValue::putToPrimitive):
(JSC::JSValue::putToPrimitiveByIndex):

runtime/JSCJSValue.h:
runtime/JSCJSValueInlines.h:

(JSC::JSValue::put):
(JSC::JSValue::putInline):
(JSC::JSValue::putByIndex):

runtime/JSCell.cpp:

(JSC::JSCell::put):
(JSC::JSCell::putByIndex):

runtime/JSCell.h:
runtime/JSDataView.cpp:

(JSC::JSDataView::put):

runtime/JSDataView.h:
runtime/JSFunction.cpp:

(JSC::JSFunction::put):
(JSC::JSFunction::defineOwnProperty):

runtime/JSFunction.h:
runtime/JSGenericTypedArrayView.h:
runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::put):
(JSC::JSGenericTypedArrayView<Adaptor>::putByIndex):

runtime/JSGlobalLexicalEnvironment.cpp:

(JSC::JSGlobalLexicalEnvironment::put):

runtime/JSGlobalLexicalEnvironment.h:
runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::put):

runtime/JSGlobalObject.h:
runtime/JSLexicalEnvironment.cpp:

(JSC::JSLexicalEnvironment::put):

runtime/JSLexicalEnvironment.h:
runtime/JSModuleEnvironment.cpp:

(JSC::JSModuleEnvironment::put):

runtime/JSModuleEnvironment.h:
runtime/JSModuleNamespaceObject.cpp:

(JSC::JSModuleNamespaceObject::put):
(JSC::JSModuleNamespaceObject::putByIndex):

runtime/JSModuleNamespaceObject.h:
runtime/JSModuleRecord.cpp:

(JSC::JSModuleRecord::instantiateDeclarations):

runtime/JSObject.cpp:

(JSC::JSObject::put):
(JSC::JSObject::putInlineSlow):
(JSC::JSObject::putByIndex):
(JSC::JSObject::putGetter):
(JSC::JSObject::putSetter):
(JSC::JSObject::putDirectAccessor):
(JSC::JSObject::putDirectCustomAccessor):
(JSC::JSObject::putDirectNonIndexAccessor):
(JSC::JSObject::putIndexedDescriptor):
(JSC::JSObject::defineOwnIndexedProperty):
(JSC::JSObject::attemptToInterceptPutByIndexOnHoleForPrototype):
(JSC::JSObject::attemptToInterceptPutByIndexOnHole):
(JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
(JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
(JSC::JSObject::putByIndexBeyondVectorLength):
(JSC::JSObject::putDirectNativeIntrinsicGetter):
(JSC::JSObject::putDirectNativeFunction):
(JSC::JSObject::putDirectMayBeIndex):
(JSC::validateAndApplyPropertyDescriptor):

runtime/JSObject.h:

(JSC::JSObject::putByIndexInline):
(JSC::JSObject::putDirect):

runtime/JSObjectInlines.h:

(JSC::JSObject::putInline):

runtime/JSProxy.cpp:

(JSC::JSProxy::put):
(JSC::JSProxy::putByIndex):

runtime/JSProxy.h:
runtime/JSSymbolTableObject.h:

(JSC::symbolTablePut):
(JSC::symbolTablePutTouchWatchpointSet):
(JSC::symbolTablePutInvalidateWatchpointSet):
(JSC::symbolTablePutWithAttributesTouchWatchpointSet):

runtime/Lookup.h:

(JSC::putEntry):
(JSC::lookupPut):

runtime/ProxyObject.cpp:

(JSC::ProxyObject::performPut):
(JSC::ProxyObject::put):
(JSC::ProxyObject::putByIndexCommon):
(JSC::ProxyObject::putByIndex):

runtime/ProxyObject.h:
runtime/PutPropertySlot.h:
runtime/ReflectObject.cpp:

(JSC::reflectObjectSet):

runtime/RegExpConstructor.cpp:

(JSC::setRegExpConstructorInput):
(JSC::setRegExpConstructorMultiline):

runtime/RegExpObject.cpp:

(JSC::RegExpObject::defineOwnProperty):
(JSC::regExpObjectSetLastIndexStrict):
(JSC::regExpObjectSetLastIndexNonStrict):
(JSC::RegExpObject::put):

runtime/RegExpObject.h:
runtime/SparseArrayValueMap.cpp:

(JSC::SparseArrayValueMap::putEntry):
(JSC::SparseArrayEntry::put):

runtime/SparseArrayValueMap.h:
runtime/StringObject.cpp:

(JSC::StringObject::put):
(JSC::StringObject::putByIndex):

runtime/StringObject.h:
tests/es6.yaml:
tests/modules/namespace.js:
tests/stress/reflect-set.js: Added.

(shouldBe):
(shouldThrow):
(receiverCase.object2.set Cocoa):
(receiverCase):
(proxyCase):
(objectCase.set get shouldBe):
(objectCase.get shouldBe):
(arrayCase.set get shouldBe):
(arrayCase.get shouldBe):
(arrayBufferCase.set get shouldBe):
(arrayBufferCase.get shouldBe):
(set get shouldBe):
(get shouldBe):
(argumentCase.test1):
(argumentCase.test2):
(argumentCase.test3):
(argumentCase.test4.set get shouldBe):
(argumentCase.test5.get shouldBe):
(argumentStrictCase.test1):
(argumentStrictCase.test2):
(argumentStrictCase.test3):
(argumentStrictCase.test4.set get shouldBe):
(argumentStrictCase.test5.get shouldBe):
(stringObjectCase.set get shouldBe):
(stringObjectCase.get shouldBe):
(customSetter.test1):
(customSetter.test2):
(customSetter.test3):
(customSetter):
(regExpLastIndex):
(functionCase.func):

Source/WebCore:

CustomSetter returns boolean value that indicates the result of Set?.
According to this change, this patch modifies the CodeGeneratorJS and test results.

Currently, DOM elements' Set? return true when the setter is found.
This is good for the first step.

bindings/js/JSCSSStyleDeclarationCustom.cpp:

(WebCore::JSCSSStyleDeclaration::putDelegate):

bindings/js/JSDOMBinding.cpp:

(WebCore::throwSetterTypeError):

bindings/js/JSDOMBinding.h:
bindings/js/JSDOMStringMapCustom.cpp:

(WebCore::JSDOMStringMap::putDelegate):

bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::updateDocument):

bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::put):
(WebCore::JSDOMWindow::putByIndex):

bindings/js/JSHTMLAppletElementCustom.cpp:

(WebCore::JSHTMLAppletElement::putDelegate):

bindings/js/JSHTMLEmbedElementCustom.cpp:

(WebCore::JSHTMLEmbedElement::putDelegate):

bindings/js/JSHTMLObjectElementCustom.cpp:

(WebCore::JSHTMLObjectElement::putDelegate):

bindings/js/JSLocationCustom.cpp:

(WebCore::JSLocation::putDelegate):
(WebCore::JSLocationPrototype::putDelegate):

bindings/js/JSPluginElementFunctions.cpp:

(WebCore::pluginElementCustomPut):

bindings/js/JSPluginElementFunctions.h:
bindings/js/JSStorageCustom.cpp:

(WebCore::JSStorage::putDelegate):

bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader):
(GenerateImplementation):
(GeneratePrototypeDeclaration):

bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:

(WebCore::setJSTestActiveDOMObjectConstructor):

bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:

(WebCore::setJSTestClassWithJSBuiltinConstructorConstructor):

bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:

(WebCore::setJSTestCustomConstructorWithNoInterfaceObjectConstructor):

bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:

(WebCore::setJSTestCustomNamedGetterConstructor):

bindings/scripts/test/JS/JSTestEventConstructor.cpp:

(WebCore::setJSTestEventConstructorConstructor):

bindings/scripts/test/JS/JSTestEventTarget.cpp:

(WebCore::setJSTestEventTargetConstructor):

bindings/scripts/test/JS/JSTestException.cpp:

(WebCore::setJSTestExceptionConstructor):

bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:

(WebCore::setJSTestGenerateIsReachableConstructor):

bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::setJSTestInterfaceConstructor):
(WebCore::JSTestInterface::put):
(WebCore::JSTestInterface::putByIndex):
(WebCore::setJSTestInterfaceConstructorImplementsStaticAttr):
(WebCore::setJSTestInterfaceImplementsStr2):
(WebCore::setJSTestInterfaceImplementsStr3):
(WebCore::setJSTestInterfaceImplementsNode):
(WebCore::setJSTestInterfaceConstructorSupplementalStaticAttr):
(WebCore::setJSTestInterfaceSupplementalStr2):
(WebCore::setJSTestInterfaceSupplementalStr3):
(WebCore::setJSTestInterfaceSupplementalNode):

bindings/scripts/test/JS/JSTestInterface.h:
bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:

(WebCore::setJSTestJSBuiltinConstructorConstructor):
(WebCore::setJSTestJSBuiltinConstructorTestAttributeRWCustom):

bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:

(WebCore::setJSTestMediaQueryListListenerConstructor):

bindings/scripts/test/JS/JSTestNamedConstructor.cpp:

(WebCore::setJSTestNamedConstructorConstructor):

bindings/scripts/test/JS/JSTestNode.cpp:

(WebCore::setJSTestNodeConstructor):
(WebCore::setJSTestNodeName):

bindings/scripts/test/JS/JSTestNondeterministic.cpp:

(WebCore::setJSTestNondeterministicConstructor):
(WebCore::setJSTestNondeterministicNondeterministicWriteableAttr):
(WebCore::setJSTestNondeterministicNondeterministicExceptionAttr):
(WebCore::setJSTestNondeterministicNondeterministicGetterExceptionAttr):
(WebCore::setJSTestNondeterministicNondeterministicSetterExceptionAttr):

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::setJSTestObjConstructor):
(WebCore::setJSTestObjConstructorStaticStringAttr):
(WebCore::setJSTestObjTestSubObjEnabledBySettingConstructor):
(WebCore::setJSTestObjEnumAttr):
(WebCore::setJSTestObjByteAttr):
(WebCore::setJSTestObjOctetAttr):
(WebCore::setJSTestObjShortAttr):
(WebCore::setJSTestObjUnsignedShortAttr):
(WebCore::setJSTestObjLongAttr):
(WebCore::setJSTestObjLongLongAttr):
(WebCore::setJSTestObjUnsignedLongLongAttr):
(WebCore::setJSTestObjStringAttr):
(WebCore::setJSTestObjTestObjAttr):
(WebCore::setJSTestObjLenientTestObjAttr):
(WebCore::setJSTestObjStringAttrTreatingNullAsEmptyString):
(WebCore::setJSTestObjXMLObjAttr):
(WebCore::setJSTestObjCreate):
(WebCore::setJSTestObjReflectedStringAttr):
(WebCore::setJSTestObjReflectedIntegralAttr):
(WebCore::setJSTestObjReflectedUnsignedIntegralAttr):
(WebCore::setJSTestObjReflectedBooleanAttr):
(WebCore::setJSTestObjReflectedURLAttr):
(WebCore::setJSTestObjReflectedCustomIntegralAttr):
(WebCore::setJSTestObjReflectedCustomBooleanAttr):
(WebCore::setJSTestObjReflectedCustomURLAttr):
(WebCore::setJSTestObjTypedArrayAttr):
(WebCore::setJSTestObjAttrWithGetterException):
(WebCore::setJSTestObjAttrWithGetterExceptionWithMessage):
(WebCore::setJSTestObjAttrWithSetterException):
(WebCore::setJSTestObjAttrWithSetterExceptionWithMessage):
(WebCore::setJSTestObjStringAttrWithGetterException):
(WebCore::setJSTestObjStringAttrWithSetterException):
(WebCore::setJSTestObjStrictTypeCheckingAttribute):
(WebCore::setJSTestObjCustomAttr):
(WebCore::setJSTestObjOnfoo):
(WebCore::setJSTestObjWithScriptStateAttribute):
(WebCore::setJSTestObjWithCallWithAndSetterCallWithAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAttribute):
(WebCore::setJSTestObjWithScriptStateAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
(WebCore::setJSTestObjWithScriptArgumentsAndCallStackAttribute):
(WebCore::setJSTestObjConditionalAttr1):
(WebCore::setJSTestObjConditionalAttr2):
(WebCore::setJSTestObjConditionalAttr3):
(WebCore::setJSTestObjConditionalAttr4Constructor):
(WebCore::setJSTestObjConditionalAttr5Constructor):
(WebCore::setJSTestObjConditionalAttr6Constructor):
(WebCore::setJSTestObjAnyAttribute):
(WebCore::setJSTestObjMutablePoint):
(WebCore::setJSTestObjImmutablePoint):
(WebCore::setJSTestObjStrawberry):
(WebCore::setJSTestObjStrictFloat):
(WebCore::setJSTestObjId):
(WebCore::setJSTestObjReplaceableAttribute):
(WebCore::setJSTestObjNullableLongSettableAttribute):
(WebCore::setJSTestObjNullableStringSettableAttribute):
(WebCore::setJSTestObjNullableStringValue):
(WebCore::setJSTestObjAttributeWithReservedEnumType):
(WebCore::setJSTestObjPutForwardsAttribute):
(WebCore::setJSTestObjPutForwardsNullableAttribute):

bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:

(WebCore::setJSTestOverloadedConstructorsConstructor):

bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:

(WebCore::setJSTestOverrideBuiltinsConstructor):

bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:

(WebCore::setJSTestSerializedScriptValueInterfaceConstructor):
(WebCore::setJSTestSerializedScriptValueInterfaceValue):
(WebCore::setJSTestSerializedScriptValueInterfaceCachedValue):

bindings/scripts/test/JS/JSTestTypedefs.cpp:

(WebCore::setJSTestTypedefsConstructor):
(WebCore::setJSTestTypedefsUnsignedLongLongAttr):
(WebCore::setJSTestTypedefsImmutableSerializedScriptValue):
(WebCore::setJSTestTypedefsAttrWithGetterException):
(WebCore::setJSTestTypedefsAttrWithSetterException):
(WebCore::setJSTestTypedefsStringAttrWithGetterException):
(WebCore::setJSTestTypedefsStringAttrWithSetterException):

bindings/scripts/test/JS/JSattribute.cpp:

(WebCore::setJSattributeConstructor):

bindings/scripts/test/JS/JSreadonly.cpp:

(WebCore::setJSreadonlyConstructor):

bridge/c/c_runtime.cpp:

(JSC::Bindings::CField::setValueToInstance):

bridge/c/c_runtime.h:
bridge/jsc/BridgeJSC.h:

(JSC::Bindings::Instance::put):

bridge/objc/objc_runtime.h:
bridge/objc/objc_runtime.mm:

(JSC::Bindings::ObjcField::setValueToInstance):
(JSC::Bindings::ObjcArray::setValueAt):
(JSC::Bindings::ObjcFallbackObjectImp::put):

bridge/runtime_array.cpp:

(JSC::RuntimeArray::put):
(JSC::RuntimeArray::putByIndex):

bridge/runtime_array.h:
bridge/runtime_object.cpp:

(JSC::Bindings::RuntimeObject::put):

bridge/runtime_object.h:

Source/WebKit/mac:

As the same to NPJSObject, we just propagate the returned value of NetscapePluginInstanceProxy::setProperty.

Plugins/Hosted/ProxyInstance.h:
Plugins/Hosted/ProxyInstance.mm:

(WebKit::ProxyField::setValueToInstance):
(WebKit::ProxyInstance::setFieldValue):

Source/WebKit2:

NPJSObject::setProperty may call methodTable()->put operation, but we intentionally do not propagate it to the caller's ::put.
In the current implementation, we just use the result of ::setProperty call.
This is true when ::setProperty attempts to call methodTable()->put.
In ::setProperty, after calling methodTable()->put, ::setProperty function clears the exception state.
So this is not the same semantics to the simple data property store. Rather, this is like the accessor.
In ECMA262 Set?, it returns true if there is a setter. So we just use the returned value of ::setProperty.
This indicates that there is a setter for the given Set? operation.

WebProcess/Plugins/Netscape/JSNPObject.cpp:

(WebKit::JSNPObject::put):

WebProcess/Plugins/Netscape/JSNPObject.h:

LayoutTests:

js/dom/reflect-set-onto-dom-expected.txt: Added.
js/dom/reflect-set-onto-dom.html: Added.
js/dom/script-tests/reflect-set-onto-dom.js: Added.

8:57 AM Changeset in webkit [198022] by BJ Burg

5 edits in trunk/Source/JavaScriptCore

Web Inspector: generated initWithPayload: protocol object initializers should recursively decode array and object members
https://bugs.webkit.org/show_bug.cgi?id=155337
<rdar://problem/25098357>

Reviewed by Timothy Hatcher.

In cases where an object member is itself an object or array, we were
not calling initWithPayload: on the object member itself. So, this caused
a runtime error when constructing the outer object because the generated
code casted the NSDictionary/NSArray into the member's protocol object type.

inspector/scripts/codegen/objc_generator.py:

(ObjCGenerator.payload_to_objc_expression_for_member):
Do a straightforward call to initWithPayload: for objects. For arrays,
call a templated helper function which does the same thing. The helper
is used to make this array decoding fit into a single generated expression.

Rebaseline relevant test results.

inspector/scripts/tests/expected/shadowed-optional-type-setters.json-result:
inspector/scripts/tests/expected/type-declaration-object-type.json-result:
inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:

8:20 AM Changeset in webkit [198021] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197695 - [JSC] Improve and64() and or64() with immediate on x86
https://bugs.webkit.org/show_bug.cgi?id=155104

Reviewed by Geoffrey Garen.

GetButterflyReadOnly was doing:

movq 0x8(%rbx), %r9
movq $0xfffffffffffffffc, %r11
andq %r11, %r9

There is no need for the move to load the immediate,
andq sign extend its immediate.

With this patch, we have:

movq 0x8(%rbx), %r9
andq $0xfffffffffffffffc, %r9

assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::and64):
(JSC::MacroAssemblerX86_64::or64):

7:54 AM Changeset in webkit [198020] by ddkilzer@apple.com

2 edits in trunk/Source/WebCore

REGRESSION (r197956): WebContent process crashes on launch due to unrecognized selector
<http://webkit.org/b/155356>

Reviewed by Alexey Proskuryakov.

platform/mac/ScrollableAreaMac.mm:

(WebCore::ScrollableArea::systemLanguageIsRTL): Add
-respondsToSelector: check.

7:10 AM Changeset in webkit [198019] by youenn.fablet@crf.canon.fr

8 edits in trunk

WTF should have a similar function as equalLettersIgnoringASCIICase to match beginning of strings
https://bugs.webkit.org/show_bug.cgi?id=153419

Reviewed by Darin Adler.

Source/WebCore:

Covered by added unint tests.

Modules/fetch/FetchHeaders.cpp:

(WebCore::isForbiddenHeaderName): Using startsWithLettersIgnoringASCIICase.

Source/WTF:

Introducing startsWithLettersIgnoringASCIICase, to check the beginning of a string.
Moving some code from WTF::equalLettersIgnoringASCIICaseCommonWithoutLength in
WTF::hasPrefixWithLettersIgnoringASCIICaseCommon to enable reuse in
WTF::startsWithLettersIgnoringASCIICaseCommon.

wtf/text/StringCommon.h:

(WTF::hasPrefixWithLettersIgnoringASCIICaseCommon):
(WTF::equalLettersIgnoringASCIICaseCommonWithoutLength):
(WTF::startsWithLettersIgnoringASCIICaseCommonWithoutLength):
(WTF::startsWithLettersIgnoringASCIICaseCommon):

wtf/text/StringImpl.h:

(WTF::startsWithLettersIgnoringASCIICase):

wtf/text/WTFString.h:

(WTF::startsWithLettersIgnoringASCIICase):

Tools:

TestWebKitAPI/Tests/WTF/StringOperators.cpp:

(TestWebKitAPI::TEST): Adding test case for startsWithLettersIgnoringASCIICase.

6:45 AM Changeset in webkit [198018] by Carlos Garcia Campos

5 edits
1 add in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge - 197688 - [JSC] Simplify the overflow check of ArithAbs
https://bugs.webkit.org/show_bug.cgi?id=155063

Reviewed by Geoffrey Garen.

The only integer that overflow abs(int32) is INT_MIN.
For some reason, our code testing for that case
was checking the top bit of the result specifically.

The code required a large immediate on x86 and an extra
register on ARM64.

This patch turns the overflow check into a branch on
the sign of the result.

dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileArithAbs):

jit/ThunkGenerators.cpp:

(JSC::absThunkGenerator):

tests/stress/arith-abs-overflow.js: Added.

(opaqueAbs):

6:37 AM Changeset in webkit [198017] by Carlos Garcia Campos

5 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197687 - [JSC] Improve how DFG zero Floating Point registers
https://bugs.webkit.org/show_bug.cgi?id=155096

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-07
Reviewed by Geoffrey Garen.

DFG had a weird way of zeroing a FPR:

-zero a GP.
-move that to a FP.

Filip added moveZeroToDouble() for B3. This patch
uses that in the lower tiers.

assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::moveZeroToDouble):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::fillSpeculateDouble):

jit/ThunkGenerators.cpp:

(JSC::floorThunkGenerator):
(JSC::roundThunkGenerator):

Fix the ARM build after r197687
https://bugs.webkit.org/show_bug.cgi?id=155128

Reviewed by Saam Barati.

assembler/MacroAssemblerARM.h:

(JSC::MacroAssemblerARM::moveZeroToDouble):

6:28 AM Changeset in webkit [198016] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197686 - REGRESSION (r197303): Web Inspector crashes web process when inspecting an element on TOT
<https://webkit.org/b/154812>

Reviewed by Geoffrey Garen.

Guard against null pointer dereference for UnlinkedCodeBlocks that don't have any control flow
profiling data.

bytecode/CodeBlock.cpp:

(JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler):

bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::hasOpProfileControlFlowBytecodeOffsets):

6:28 AM Changeset in webkit [198015] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197305 - REGRESSION(r197303): 4 jsc tests failing on bots.

Unreviewed follow-up fix.

bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset): This function
can still get called with !m_rareData, in case the type profiler is active but this
particular code block doesn't have type profiler data. Handle it gracefully.

6:28 AM Changeset in webkit [198014] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197303 - Shrink UnlinkedCodeBlock a bit.
<https://webkit.org/b/154797>

Reviewed by Anders Carlsson.

Move profiler-related members of UnlinkedCodeBlock into its RareData
structure, saving 40 bytes, and then reorder the other members of
UnlinkedCodeBlock to save another 24 bytes, netting a nice total 64.

The VM member was removed entirely since UnlinkedCodeBlock is a cell
and can retrieve its VM through MarkedBlock header lookup.

bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::vm):
(JSC::UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset):
(JSC::UnlinkedCodeBlock::addTypeProfilerExpressionInfo):
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): Deleted.

bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::addRegExp):
(JSC::UnlinkedCodeBlock::addConstant):
(JSC::UnlinkedCodeBlock::addFunctionDecl):
(JSC::UnlinkedCodeBlock::addFunctionExpr):
(JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset):
(JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets):
(JSC::UnlinkedCodeBlock::vm): Deleted.

6:14 AM Changeset in webkit [198013] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197685 - [JSC] Remove a useless "Move" from baseline-JIT op_mul's fast path
https://bugs.webkit.org/show_bug.cgi?id=155071

Reviewed by Geoffrey Garen.

We do not need to multiply to a scratch and then move the result
to the destination. We can just multiply to the destination.

jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_mul):

jit/JITMulGenerator.cpp:

(JSC::JITMulGenerator::generateFastPath):

6:05 AM Changeset in webkit [198012] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r197680 - Make RenderStyle copy-on-write a bit less.
<https://webkit.org/b/155106>

Reviewed by Antti Koivisto.

Add a cheesy SET_NESTED_VAR macro complement to SET_VAR so we can avoid copy-on-write
detachment of nested RenderStyle substructures when the leaf value doesn't change.

I spotted about 300kB of these mistakes being made during PLT on iOS, most of them
in the transformX setter.

rendering/style/RenderStyle.h:

5:58 AM Changeset in webkit [198011] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r197678 - [TextureMapper] [BitmapTexturePool] Use appropriate list size when freeing textures
https://bugs.webkit.org/show_bug.cgi?id=155105

Patch by Miguel Gomez <magomez@igalia.com> on 2016-03-07
Reviewed by Žan Doberšek.

Use appropriate list size when releasing the textures used as attachment.
This is a fix for the patch to https://bugs.webkit.org/show_bug.cgi?id=154965.

No new tests because no new functionality was added.

platform/graphics/texmap/BitmapTexturePool.cpp:

(WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):

5:49 AM Changeset in webkit [198010] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197655 - [JSC] Improve DFG's Int32 ArithMul if one operand is a constant
https://bugs.webkit.org/show_bug.cgi?id=155066

Reviewed by Filip Pizlo.

When multiplying an integer by a constant, DFG was doing quite
a bit worse than baseline JIT.
We were loading the constant into a register, doing the multiply,
the checking the result and both operands for negative zero.

This patch changes:
-Use the multiply-by-immediate form on x86.
-Do as few checks as possible to detect negative-zero.

In most cases, this reduce the negative-zero checks
to zero or one TEST+JUMP.

assembler/MacroAssembler.h:

(JSC::MacroAssembler::mul32):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileArithMul):

4:59 AM Changeset in webkit [198009] by Carlos Garcia Campos

1 copy in releases/WebKitGTK/webkit-2.10.8

WebKitGTK+ 2.10.8

4:58 AM Changeset in webkit [198008] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.10

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.10.8 release.

Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit2:

gtk/NEWS: Add release notes for 2.10.8

4:58 AM Changeset in webkit [198007] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r197997 - [GTK] Scrollbars are broken once again with current GTK+ master
https://bugs.webkit.org/show_bug.cgi?id=155292

Reviewed by Michael Catanzaro.

Most of the trough theming properties have been moved to the
scrollbar, and a new gadget "contents" has been added between the
scrollbar and its children.

platform/gtk/ScrollbarThemeGtk.cpp:

4:58 AM Changeset in webkit [198006] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.10/Source/WebCore

Merge r197609 - [GTK] Scrollbars are broken again with GTK+ >= 3.19.11
https://bugs.webkit.org/show_bug.cgi?id=154890

Reviewed by Michael Catanzaro.

Scrollbar style properties have been deprecated in GTK+, and it
seems that now deprecating means keeping the properties but
ignoring them. So, this reworks the whole scrollbars theme code
again to not cache style properties anymore, but retrieve them
from the GtkStyleContext. Previous GTK+ versions still need to
query the style properties, so I've added helper functions to get
all the style properties with the ifdefs, trying to keep the
common render code free of GTK+ versions ifdefs.

platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::backButtonRect):
(WebCore::ScrollbarThemeGtk::forwardButtonRect):
(WebCore::ScrollbarThemeGtk::trackRect):
(WebCore::ScrollbarThemeGtk::thumbRect):
(WebCore::ScrollbarThemeGtk::paintTrackBackground):
(WebCore::ScrollbarThemeGtk::paintThumb):
(WebCore::ScrollbarThemeGtk::paint):
(WebCore::ScrollbarThemeGtk::scrollbarThickness):
(WebCore::ScrollbarThemeGtk::buttonSize):
(WebCore::ScrollbarThemeGtk::stepperSize):
(WebCore::ScrollbarThemeGtk::getStepperSpacing):
(WebCore::ScrollbarThemeGtk::troughUnderSteppers):
(WebCore::ScrollbarThemeGtk::minimumThumbLength):
(WebCore::ScrollbarThemeGtk::thumbFatness):
(WebCore::ScrollbarThemeGtk::getTroughBorder):
(WebCore::ScrollbarThemeGtk::getOrCreateStyleContext):
(WebCore::ScrollbarThemeGtk::updateThemeProperties):
(WebCore::ScrollbarThemeGtk::handleMousePressEvent):

platform/gtk/ScrollbarThemeGtk.h:

4:08 AM Changeset in webkit [198005] by youenn.fablet@crf.canon.fr

6 edits
4 adds in trunk

[Fetch API] Use DeferredWrapper directly in FetchBody promise handling
https://bugs.webkit.org/show_bug.cgi?id=155291

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

web-platform-tests/fetch/api/request/request-consume-empty-expected.txt: Added.
web-platform-tests/fetch/api/request/request-consume-empty.html: Added.
web-platform-tests/fetch/api/response/response-consume-empty-expected.txt: Added.
web-platform-tests/fetch/api/response/response-consume-empty.html: Added.

Source/WebCore:

Moved from typed DOMPromise to DeferredWrapper as there can only be one promise resolved.
Started preparing the handling of blobs translation to other resolved types.

Fixed the case of empty body, in which case promises should resolve with empty objects (strings, buffers...) and not null.

Added Consumer structure to handle asynchronous resolution/rejection of promises.
Added preliminary API to resolve promises based on data stored as a Blob.
FetchBodyOwner will be responsible to do/stop blob loading.

Tests: imported/w3c/web-platform-tests/fetch/api/request/request-consume-empty.html

imported/w3c/web-platform-tests/fetch/api/response/response-consume-empty.html

Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::processIfEmptyOrDisturbed): Fixed empty body case.
(WebCore::FetchBody::arrayBuffer):
(WebCore::FetchBody::blob):
(WebCore::FetchBody::json):
(WebCore::FetchBody::text):
(WebCore::FetchBody::consume):
(WebCore::FetchBody::consumeText):
(WebCore::FetchBody::loadingType):
(WebCore::FetchBody::consumeBlob):
(WebCore::FetchBody::resolveAsJSON):
(WebCore::FetchBody::loadingFailed):
(WebCore::FetchBody::loadedAsBlob):

Modules/fetch/FetchBody.h:

(WebCore::FetchBody::formData):
(WebCore::FetchBody::Consumer::Consumer):

Modules/fetch/FetchBody.idl:
Modules/fetch/FetchBodyOwner.h:

(WebCore::FetchBodyOwner::arrayBuffer):
(WebCore::FetchBodyOwner::blob):
(WebCore::FetchBodyOwner::formData):
(WebCore::FetchBodyOwner::json):
(WebCore::FetchBodyOwner::text):
(WebCore::FetchBodyOwner::loadBlob):

3:13 AM Changeset in webkit [198004] by yoav@yoav.ws

3 edits
4 adds
2 deletes in trunk

Avoid applying link tags with an invalid media attribute
https://bugs.webkit.org/show_bug.cgi?id=143262

Reviewed by Brent Fulgham.

Source/WebCore:

In current HTML spec, unlike HTML4, the UA must not apply <link> based resources
when the media attribute does not match:
https://html.spec.whatwg.org/multipage/semantics.html#attr-link-media

An invalid media attribute parsing creates a non-empty MediaQuerySet
containing a single query with no expressions and no media type.
(and with its m_ignored flag off)

In order to ignore such MediaQueries, I added an extra check that makes sure
that the queries handled by MediaQueryEvaluator::eval have either expressions
or a media type, and if not, they are ignored.

Test: fast/dom/HTMLLinkElement/link-stylesheet-invalid-media.html

css/MediaQueryEvaluator.cpp:

(WebCore::MediaQueryEvaluator::eval):

LayoutTests:

These tests make sure that when <link rel=stylesheet> is present with an invalid
media attribute, the styles are not being applied.

fast/dom/HTMLLinkElement/link-stylesheet-invalid-media-expected.txt: Added.
fast/dom/HTMLLinkElement/link-stylesheet-invalid-media.html: Added.
fast/dom/HTMLLinkElement/link-stylesheet-media-type-expected.txt: Added.
fast/dom/HTMLLinkElement/link-stylesheet-media-type.html: Added.

These tests test the old HTML4 behavior and are no longer relevant.

fast/media/media-descriptor-syntax-05.html: Removed.
fast/media/media-descriptor-syntax-05-expected.html: Removed.

2:04 AM Changeset in webkit [198003] by fred.wang@free.fr

2 edits in trunk/LayoutTests

Skip content-editable-as-textarea.html on GTK as it uses AX API.

Unreviewed test gardening.

Patch by Frederic Wang <fwang@igalia.com> on 2016-03-11

platform/gtk/TestExpectations:

1:44 AM Changeset in webkit [198002] by youenn.fablet@crf.canon.fr

58 edits in trunk/Source/WebCore

[CallWith=ScriptExecutionContext] should pass ScriptExecutionContext to the implementation by reference
https://bugs.webkit.org/show_bug.cgi?id=155297

Reviewed by Darin Adler.

Changing the binding generator to pass ScriptExecutionContext by reference.
Updating DOM classes accordingly.

Covered by existing tests.

Modules/encryptedmedia/MediaKeySession.cpp:

(WebCore::MediaKeySession::create):
(WebCore::MediaKeySession::MediaKeySession):

Modules/encryptedmedia/MediaKeySession.h:
Modules/encryptedmedia/MediaKeys.cpp:

(WebCore::MediaKeys::createSession):

Modules/encryptedmedia/MediaKeys.h:
Modules/fetch/FetchRequest.cpp:

(WebCore::FetchRequest::clone):

Modules/fetch/FetchRequest.h:
Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::error):
(WebCore::FetchResponse::redirect):
(WebCore::FetchResponse::clone):

Modules/fetch/FetchResponse.h:
Modules/indexeddb/IDBCursor.h:

(WebCore::IDBCursor::continueFunction):

Modules/indexeddb/IDBFactory.h:
Modules/indexeddb/IDBIndex.h:
Modules/indexeddb/IDBKeyRange.cpp:

(WebCore::IDBKeyRange::lowerValue):
(WebCore::IDBKeyRange::upperValue):
(WebCore::IDBKeyRange::only):
(WebCore::IDBKeyRange::lowerBound):
(WebCore::IDBKeyRange::upperBound):
(WebCore::IDBKeyRange::bound):

Modules/indexeddb/IDBKeyRange.h:

(WebCore::IDBKeyRange::lowerBound):
(WebCore::IDBKeyRange::upperBound):
(WebCore::IDBKeyRange::bound):

Modules/indexeddb/IDBObjectStore.h:
Modules/indexeddb/IDBOpenDBRequest.cpp:

(WebCore::IDBOpenDBRequest::IDBOpenDBRequest):

Modules/indexeddb/IDBOpenDBRequest.h:
Modules/indexeddb/IDBRequest.cpp:

(WebCore::IDBRequest::IDBRequest):

Modules/indexeddb/IDBRequest.h:
Modules/indexeddb/client/IDBCursorImpl.cpp:

(WebCore::IDBClient::IDBCursor::continueFunction):
(WebCore::IDBClient::IDBCursor::deleteFunction):

Modules/indexeddb/client/IDBCursorImpl.h:
Modules/indexeddb/client/IDBFactoryImpl.cpp:

(WebCore::IDBClient::shouldThrowSecurityException):
(WebCore::IDBClient::IDBFactory::getDatabaseNames):
(WebCore::IDBClient::IDBFactory::open):
(WebCore::IDBClient::IDBFactory::openInternal):
(WebCore::IDBClient::IDBFactory::deleteDatabase):
(WebCore::IDBClient::IDBFactory::cmp):

Modules/indexeddb/client/IDBFactoryImpl.h:
Modules/indexeddb/client/IDBIndexImpl.cpp:

(WebCore::IDBClient::IDBIndex::IDBIndex):
(WebCore::IDBClient::IDBIndex::openCursor):
(WebCore::IDBClient::IDBIndex::count):
(WebCore::IDBClient::IDBIndex::openKeyCursor):
(WebCore::IDBClient::IDBIndex::get):
(WebCore::IDBClient::IDBIndex::getKey):

Modules/indexeddb/client/IDBIndexImpl.h:
Modules/indexeddb/client/IDBObjectStoreImpl.cpp:

(WebCore::IDBClient::IDBObjectStore::create):
(WebCore::IDBClient::IDBObjectStore::IDBObjectStore):
(WebCore::IDBClient::IDBObjectStore::openCursor):
(WebCore::IDBClient::IDBObjectStore::get):
(WebCore::IDBClient::IDBObjectStore::deleteFunction):
(WebCore::IDBClient::IDBObjectStore::doDelete):
(WebCore::IDBClient::IDBObjectStore::modernDelete):
(WebCore::IDBClient::IDBObjectStore::clear):
(WebCore::IDBClient::IDBObjectStore::createIndex):
(WebCore::IDBClient::IDBObjectStore::index):
(WebCore::IDBClient::IDBObjectStore::count):

Modules/indexeddb/client/IDBObjectStoreImpl.h:
Modules/indexeddb/client/IDBOpenDBRequestImpl.cpp:

(WebCore::IDBClient::IDBOpenDBRequest::createDeleteRequest):
(WebCore::IDBClient::IDBOpenDBRequest::createOpenRequest):
(WebCore::IDBClient::IDBOpenDBRequest::IDBOpenDBRequest):

Modules/indexeddb/client/IDBOpenDBRequestImpl.h:
Modules/indexeddb/client/IDBRequestImpl.cpp:

(WebCore::IDBClient::IDBRequest::IDBRequest):

Modules/indexeddb/client/IDBRequestImpl.h:
Modules/indexeddb/client/IDBTransactionImpl.cpp:

(WebCore::IDBClient::IDBTransaction::objectStore):
(WebCore::IDBClient::IDBTransaction::createObjectStore):
(WebCore::IDBClient::IDBTransaction::createIndex):

Modules/mediasource/DOMURLMediaSource.cpp:

(WebCore::DOMURLMediaSource::createObjectURL):

Modules/mediasource/DOMURLMediaSource.h:
Modules/mediastream/DOMURLMediaStream.cpp:

(WebCore::DOMURLMediaStream::createObjectURL):

Modules/mediastream/DOMURLMediaStream.h:
Modules/mediastream/HTMLMediaElementMediaStream.cpp:

(WebCore::HTMLMediaElementMediaStream::setSrcObject):

Modules/mediastream/HTMLMediaElementMediaStream.h:
Modules/mediastream/HTMLMediaElementMediaStream.idl:
Modules/notifications/Notification.cpp:

(WebCore::Notification::Notification):
(WebCore::Notification::create):
(WebCore::Notification::permission):
(WebCore::Notification::requestPermission):

Modules/notifications/Notification.h:
Modules/notifications/NotificationCenter.cpp:

(WebCore::NotificationCenter::createNotification):

Modules/notifications/NotificationClient.h:
Modules/quota/StorageInfo.cpp:

(WebCore::StorageInfo::queryUsageAndQuota):
(WebCore::StorageInfo::requestQuota):

Modules/quota/StorageInfo.h:
Modules/quota/StorageQuota.h:
bindings/js/JSIDBObjectStoreCustom.cpp:

(WebCore::JSIDBObjectStore::createIndex):

bindings/scripts/CodeGeneratorJS.pm:

(GenerateCallWith):

bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2):
(WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):

bindings/scripts/test/JS/JSTestObj.cpp:

fileapi/FileReaderSync.cpp:

(WebCore::FileReaderSync::readAsArrayBuffer):
(WebCore::FileReaderSync::readAsBinaryString):
(WebCore::FileReaderSync::readAsText):
(WebCore::FileReaderSync::readAsDataURL):
(WebCore::FileReaderSync::startLoading):

fileapi/FileReaderSync.h:

(WebCore::FileReaderSync::readAsText):

html/DOMURL.cpp:

(WebCore::DOMURL::createObjectURL):
(WebCore::DOMURL::createPublicURL):
(WebCore::DOMURL::revokeObjectURL):

html/DOMURL.h:
html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::setSrcObject):

html/HTMLMediaElement.h:
inspector/InspectorIndexedDBAgent.cpp:

(WebCore::InspectorIndexedDBAgent::requestDatabaseNames):

page/DOMWindow.h:
page/History.h:

(WebCore::History::back):
(WebCore::History::forward):
(WebCore::History::go):

Note: See TracTimeline for information about the timeline view.

Download in other formats:

RSS Feed