Timeline



Mar 16, 2016:

11:52 PM WebKitGTK/2.10.x edited by Carlos Garcia Campos
(diff)
9:42 PM Changeset in webkit [198317] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Uncaught Exception: SyntaxError: Invalid regular expression: \ at end of pattern
https://bugs.webkit.org/show_bug.cgi?id=155556
<rdar://problem/25200058>

Reviewed by Timothy Hatcher.

Use simpleGlobStringToRegExp, which returns a valid regular expression
for strings with trailing backslashes, and also provides globbing.
String.escapeForRegExp returns a JS string ending in "
", which isn't
a valid regular expression.

  • UserInterface/Views/OpenResourceDialog.js:

(WebInspector.OpenResourceDialog):
(WebInspector.OpenResourceDialog.prototype._handleMousedownEvent):
Fixed typo.

(WebInspector.OpenResourceDialog.prototype._updateFilter):
Switch to simpleGlobStringToRegExp.

8:36 PM Changeset in webkit [198316] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

SVG tear offs should return a const reference if possible
https://bugs.webkit.org/show_bug.cgi?id=153214

Patch by Nikos Andronikos <nikos.andronikos-webkit@cisra.canon.com.au> on 2016-03-16
Reviewed by Alex Christensen.

A smaller change than expected because the returned reference is being copied into a value in additional locations that baseVal and animVal are used.

No new tests as there is no change in behaviour.

  • svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
  • svg/properties/SVGAnimatedStaticPropertyTearOff.h:

(WebCore::SVGAnimatedStaticPropertyTearOff::baseVal):
(WebCore::SVGAnimatedStaticPropertyTearOff::animVal):

7:49 PM Changeset in webkit [198315] by jonlee@apple.com
  • 3 edits
    4 adds in trunk/PerformanceTests

Add a new benchmark test
https://bugs.webkit.org/show_bug.cgi?id=155570

Reviewed by Simon Fraser.

New Leaves test includes various image sizes and opacity.

  • Animometer/resources/debug-runner/tests.js: Add it to the HTML test suite.
  • Animometer/tests/dom/leaves.html: Added.
  • Animometer/tests/dom/resources/leaves.js: Added. Override the

(Particle.call.reset): Uses a range of sizes, and opacity.
(Particle.call.animate): Opacity goes up then down. When it hits 0, reset the particle.
(Particle.call.move): Set transform and opacity.

  • Animometer/tests/master/resources/leaves.js: Get rid of the closure so that it

can be used in this test. Update the relative path so that it works in both the master
and dom test suite.

7:18 PM Changeset in webkit [198314] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Unreviewed, partial roll out of r197254.
<rdar://problem/25078552>

It caused a ~1.1% PLT regression on iOS.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad): Deleted.

6:48 PM Changeset in webkit [198313] by matthew_hanson@apple.com
  • 5 edits in branches/safari-601.1.46-branch/Source

Versioning.

6:45 PM Changeset in webkit [198312] by matthew_hanson@apple.com
  • 1 copy in tags/Safari-601.1.46.120

New Tag.

5:56 PM Changeset in webkit [198311] by enrica@apple.com
  • 2 edits in trunk/Source/WebCore

Recognize mailto and tel url as data detector links.
https://bugs.webkit.org/show_bug.cgi?id=155569
rdar://problem/24836185

Reviewed by Sam Weinig.

When we check if the element is a data detector link,
we should return true also for URLs with mailto: and tel: scheme.

  • editing/cocoa/DataDetection.mm:

(WebCore::DataDetection::isDataDetectorLink):

5:13 PM Changeset in webkit [198310] by Chris Dumez
  • 4 edits in trunk/Tools

Unreviewed, rolling out r198187.
https://bugs.webkit.org/show_bug.cgi?id=155564

Potentially break testing on iOS (Requested by Guest23 on
#webkit).

Reverted changeset:

"Add twisted-15.5.0 module to
webkitpy.thirdparty.autoinstalled."
https://bugs.webkit.org/show_bug.cgi?id=154667
http://trac.webkit.org/changeset/198187

Patch by Commit Queue <commit-queue@webkit.org> on 2016-03-16

5:07 PM Changeset in webkit [198309] by Alan Bujtas
  • 3 edits
    2 adds in trunk

Subpixel rendering: Directly composited image layers need pixelsnapping.
https://bugs.webkit.org/show_bug.cgi?id=155558

Reviewed by Simon Fraser.

In order to match non-composited image size/position, we need to pixelsnap both the contents and the clipping
layer bounds for directly composited images.

Source/WebCore:

Test: fast/images/hidpi-directly-composited-image-on-subpixel-position.html

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::resetContentsRect):
(WebCore::RenderLayerBacking::updateChildClippingStrategy):
(WebCore::RenderLayerBacking::updateImageContents):

LayoutTests:

  • fast/images/hidpi-directly-composited-image-on-subpixel-position-expected.html: Added.
  • fast/images/hidpi-directly-composited-image-on-subpixel-position.html: Added.
4:37 PM Changeset in webkit [198308] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skipping mathml/very-large-stretchy-operators.html on ios-simulator debug
https://bugs.webkit.org/show_bug.cgi?id=155565

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
4:32 PM Changeset in webkit [198307] by Ryan Haddad
  • 3 edits in trunk/LayoutTests

Marking compositing/visible-rect/animated-from-none.html as flaky on ios-sim-wk2, failing on ios-sim-wk1
https://bugs.webkit.org/show_bug.cgi?id=155495

Unreviewed test gardening.

  • platform/ios-simulator-wk1/TestExpectations:
  • platform/ios-simulator-wk2/TestExpectations:
4:25 PM Changeset in webkit [198306] by Beth Dakin
  • 28 edits in trunk/Source

Provide NSSpellChecker spellChecking methods with the current insertion point
https://bugs.webkit.org/show_bug.cgi?id=155532
-and corresponding-
rdar://problem/24066952

Reviewed by Simon Fraser.

Source/WebCore:

Pass the Frame’s selection to a handful of spelling checking methods that
call into WebKit/WebKit2 to ultimately call into NSSpellChecker.

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::hasMisspelling):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(AXAttributeStringSetSpelling):

  • editing/AlternativeTextController.cpp:

(WebCore::AlternativeTextController::timerFired):

  • editing/Editor.cpp:

(WebCore::Editor::guessesForMisspelledWord):
(WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):

  • editing/SpellChecker.cpp:

(WebCore::SpellChecker::invokeRequest):
(WebCore::SpellChecker::enqueueRequest):

  • editing/TextCheckingHelper.cpp:

(WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar):
(WebCore::TextCheckingHelper::guessesForMisspelledOrUngrammaticalRange):
(WebCore::TextCheckingHelper::unifiedTextCheckerEnabled):
(WebCore::checkTextOfParagraph):

  • editing/TextCheckingHelper.h:
  • loader/EmptyClients.cpp:

(WebCore::EmptyFrameLoaderClient::createNetworkingContext):
(WebCore::EmptyTextCheckerClient::requestCheckingOfString):

  • loader/EmptyClients.h:
  • platform/text/TextCheckerClient.h:

(WebCore::TextCheckerClient::~TextCheckerClient):

The key needed to include the insertion point.

  • platform/spi/mac/NSSpellCheckerSPI.h:

Source/WebKit/mac:

Extract the insertion point from the VisibleSelection that WebCore has
passed.

  • WebCoreSupport/WebEditorClient.h:

(WebEditorClient::getGuessesForWord):

  • WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::checkTextOfParagraph):
(insertionPointFromCurrentSelection):
(WebEditorClient::getGuessesForWord):
(WebEditorClient::requestCheckingOfString):

Source/WebKit2:

Pass the insertionPoint to the UIProcess

  • UIProcess/TextChecker.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::checkTextOfParagraph):
(WebKit::WebPageProxy::getGuessesForWord):
(WebKit::WebPageProxy::requestCheckingOfString):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/efl/TextCheckerEfl.cpp:

(WebKit::TextChecker::checkTextOfParagraph):
(WebKit::TextChecker::getGuessesForWord):
(WebKit::TextChecker::requestCheckingOfString):

  • UIProcess/gtk/TextCheckerGtk.cpp:

(WebKit::TextChecker::getGuessesForWord):
(WebKit::TextChecker::requestCheckingOfString):
(WebKit::TextChecker::checkTextOfParagraph):

  • UIProcess/ios/TextCheckerIOS.mm:

(WebKit::TextChecker::checkTextOfParagraph):
(WebKit::TextChecker::getGuessesForWord):
(WebKit::TextChecker::requestCheckingOfString):

  • UIProcess/mac/TextCheckerMac.mm:

(WebKit::TextChecker::checkTextOfParagraph):
(WebKit::TextChecker::getGuessesForWord):
(WebKit::TextChecker::ignoreWord):
(WebKit::TextChecker::requestCheckingOfString):

Extract the insertion point from the VisibleSelection that WebCore has
passed.

  • WebProcess/WebCoreSupport/WebEditorClient.cpp:

(WebKit::insertionPointFromCurrentSelection):
(WebKit::WebEditorClient::checkTextOfParagraph):
(WebKit::WebEditorClient::getGuessesForWord):
(WebKit::WebEditorClient::requestCheckingOfString):

  • WebProcess/WebCoreSupport/WebEditorClient.h:
3:10 PM Changeset in webkit [198305] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Fix assertion failure on drive.google.com after r196052
https://bugs.webkit.org/show_bug.cgi?id=155562

Reviewed by Jer Noble.

  • rendering/RenderGeometryMap.cpp:

(WebCore::RenderGeometryMap::mapToContainer):
Change float equality check to areEssentiallyEqual.
This assertion was failing because rendererMappedResult was (944.335693, 232.047409)
but result was (944.335693, 232.047394). They differ by (0, 0.000015).

3:06 PM Changeset in webkit [198304] by ddkilzer@apple.com
  • 3 edits in trunk/Tools

check-webkit-style: should warn about blank lines after #include "config.h" in TestWebKitAPI
<http://webkit.org/b/155445>

Reviewed by Darin Adler.

  • Scripts/webkitpy/style/checker.py:

(_PATH_RULES_SPECIFIER): Do not ignore "build/include*" checks
on TestWebKitAPI since this project uses a config.h header as of
r95188. Also remove references to WebKitAPITest, which ceased
to exist in r95944.

  • Scripts/webkitpy/style/checker_unittest.py:

(GlobalVariablesTest.test_path_rules_specifier): Add tests.
Remove reference to WebKitAPITest project.

2:49 PM Changeset in webkit [198303] by n_wang@apple.com
  • 3 edits
    2 adds in trunk

AX: Expose aria-current status to children
https://bugs.webkit.org/show_bug.cgi?id=155469

Reviewed by Chris Fleizach.

Source/WebCore:

Added aria-current to the global ARIA attributes list.

Test: accessibility/aria-current-global-attribute.html

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::supportsARIAAttributes):

LayoutTests:

  • accessibility/aria-current-global-attribute-expected.txt: Added.
  • accessibility/aria-current-global-attribute.html: Added.
2:31 PM Changeset in webkit [198302] by timothy_horton@apple.com
  • 6 edits in trunk

[mac] Printing test snapshots are upside-down after r198242
https://bugs.webkit.org/show_bug.cgi?id=155543

Reviewed by Simon Fraser.

Source/WebCore:

  • page/PrintContext.cpp:

(WebCore::PrintContext::spoolAllPagesWithBoundaries):
Stop PLATFORM(COCOA)-conditionally flipping here. Just paint.
This function is only used by the test runners so this doesn't have a
huge impact on anything else.

Tools:

  • DumpRenderTree/mac/PixelDumpSupportMac.mm:

(createPagedBitmapContext):
Flip printing snapshots in DRT so that everything is right-side-up.

LayoutTests:

Re-un-skip these tests.

1:58 PM Changeset in webkit [198301] by dbates@webkit.org
  • 2 edits in trunk/Source/WebCore

Update WebKit Feature Status page to include the status of Content Security Policy Level 2 and Level 3

  • features.json:
1:44 PM Changeset in webkit [198300] by matthew_hanson@apple.com
  • 2 edits in branches/safari-601-branch/Source/WebCore

Merge r188574. rdar://problem/25070230

1:44 PM Changeset in webkit [198299] by matthew_hanson@apple.com
  • 18 edits
    12 deletes in branches/safari-601-branch

Merge r188566. rdar://problem/25070230

1:17 PM Changeset in webkit [198298] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebKit2

REGRESSION (r192184): CleanMyDrive 2's tutorial window is blank
https://bugs.webkit.org/show_bug.cgi?id=155550
<rdar://problem/24250689>

Reviewed by Dan Bernstein.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setDrawsTransparentBackground:]):
The app is using this SPI via key-value coding, so just keeping the implementation
is sufficient to make AppKit stop throwing an undefined key exception.
Log once that this is deprecated (... it's also SPI) and then forward to setDrawsBackground.

1:13 PM Changeset in webkit [198297] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking inspector/controller/runtime-controller.html as flaky on mac
https://bugs.webkit.org/show_bug.cgi?id=154688

Unreviewed test gardening.

  • platform/mac/TestExpectations:
1:12 PM Changeset in webkit [198296] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

ASSERTION FAILED: !edge->isPhantomAllocation() in regress/script-tests/sink-huge-activation.js.ftl-eager in debug mode
https://bugs.webkit.org/show_bug.cgi?id=153805

Reviewed by Mark Lam.

The object allocation sinking phase uses InferredValue::isStillValid() in the opposite
way from most clients: it will do an *extra* optimization if it returns false. The
phase will first compute sink candidates and then it will compute materialization
points. If something is a sink candidate then it is not a materialization point. A
NewFunction node may appear as not being a sink candidate during the first pass, so it's
not added to the set of things that will turn into PhantomNewFunction. But on the second
pass where we add materializations, we check isStillValid() again. Now this may become
false, so that second pass thinks that NewFunction is a sink candidate (even though it's
not in the sink candidates set) and so is not a materialization point.

This manifests as the NewFunction referring to a PhantomCreateActivation or whatever.

The solution is to have the phase cache results of calls to isStillValid(). It's OK if
we just remember the result of the first call and assume that it's not a sink candidate.
That's the worst that can happen.

No new tests since this is a super hard race and sink-huge-activation seemed to already
be catching it.

  • dfg/DFGObjectAllocationSinkingPhase.cpp:
1:09 PM Changeset in webkit [198295] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-allow.html as flaky
https://bugs.webkit.org/show_bug.cgi?id=94458

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
12:49 PM Changeset in webkit [198294] by sbarati@apple.com
  • 3 edits
    1 add in trunk/Source/JavaScriptCore

[ES6] Make Array.prototype.reverse spec compatible.
https://bugs.webkit.org/show_bug.cgi?id=155528

Reviewed by Michael Saboff.

This patch make Array.prototype.reverse spec compatible.
Before, we weren't performing a HasProperty of each index
before performing a Get on that index. We now do that on
the slow path.

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncReverse):

  • tests/stress/array-reverse-proxy.js: Added.

(assert):
(test):
(shallowCopy):
(shallowEqual):
(let.handler.get getSet):
(test.let.handler.get getSet):

12:47 PM Changeset in webkit [198293] by ap@apple.com
  • 2 edits in trunk/Tools

Update unit test for iOS debug queues.

  • BuildSlaveSupport/build.webkit.org-config/mastercfg_unittest.py:
12:46 PM Changeset in webkit [198292] by dbates@webkit.org
  • 20 edits
    1 move
    48 adds in trunk

<video> and <audio> elements do not obey Content Security Policy on redirect
https://bugs.webkit.org/show_bug.cgi?id=155509
<rdar://problem/10234844>

Reviewed by Alex Christensen.

Source/WebCore:

Fixes an issue where the Content Security Policy of the page was not enforced
on redirects when loading a media subresource via an HTML video or HTML audio
element.

Tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed.html

http/tests/security/contentSecurityPolicy/audio-redirect-blocked.html
http/tests/security/contentSecurityPolicy/font-redirect-allowed.html
http/tests/security/contentSecurityPolicy/font-redirect-blocked.html
http/tests/security/contentSecurityPolicy/image-redirect-allowed.html
http/tests/security/contentSecurityPolicy/image-redirect-blocked.html
http/tests/security/contentSecurityPolicy/script-redirect-allowed.html
http/tests/security/contentSecurityPolicy/script-redirect-blocked.html
http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed.html
http/tests/security/contentSecurityPolicy/stylesheet-redirect-blocked.html
http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed.html
http/tests/security/contentSecurityPolicy/svg-font-redirect-blocked.html
http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed.html
http/tests/security/contentSecurityPolicy/svg-image-redirect-blocked.html
http/tests/security/contentSecurityPolicy/track-redirect-allowed.html
http/tests/security/contentSecurityPolicy/track-redirect-blocked.html
http/tests/security/contentSecurityPolicy/video-redirect-allowed.html
http/tests/security/contentSecurityPolicy/video-redirect-blocked.html
http/tests/security/contentSecurityPolicy/xsl-redirect-allowed.html
http/tests/security/contentSecurityPolicy/xsl-redirect-blocked.html

  • inspector/InspectorPageAgent.cpp:

(WebCore::InspectorPageAgent::cachedResourceContent): Treat media resources as raw resources just as we do currently.
(WebCore::InspectorPageAgent::cachedResourceType): Ditto.

  • loader/MediaResourceLoader.cpp:

(WebCore::MediaResourceLoader::requestResource): Modified to use CachedResourceLoader::requestMedia() instead
of CachedResourceLoader::requestRawResource() so that we can differentiate between a media resource and a raw
resource in CachedResourceLoader. Added FIXME comment to skip checking the Content Security Policy for loads
initiated by an element in a user agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505> for
more details.

  • loader/ResourceLoadInfo.cpp:

(WebCore::toResourceType): Treat media resources as raw resources just as we do currently. Also, add cases for
CachedResource::LinkPrefetch and CachedResource::LinkSubresource (when ENABLE(LINK_PREFETCH) is enabled) and
remove the default statement to force a compile-time error when a new CachedResource enumerator is added and
the switch block in this function is not updated.

  • loader/SubresourceLoader.cpp:

(WebCore::logResourceLoaded): Ditto.

  • loader/cache/CachedRawResource.cpp:

(WebCore::CachedRawResource::CachedRawResource): Substitute CachedResource::isMainOrMediaOrRawResource() for
CachedResource::isMainOrRawResource() as the latter was renamed to the former.

  • loader/cache/CachedRawResource.h:

(isType): Ditto.

  • loader/cache/CachedResource.cpp:

(WebCore::defaultPriorityForResourceType): Use priority ResourceLoadPriority::Medium for media resources just as
we do currently.

  • loader/cache/CachedResource.h:

(WebCore::CachedResource::isMainOrMediaOrRawResource): Formerly named isMainOrRawResource. Returns true if the type
of this resource is a main resource, media resource, or raw resource.
(WebCore::CachedResource::isMainOrRawResource): Deleted.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::createResource): Treat media resources as raw resources just as we do currently.
(WebCore::CachedResourceLoader::requestMedia): Added.
(WebCore::contentTypeFromResourceType): Consider media resources as MixedContentChecker::ContentType::Active
just as we do currently.
(WebCore::CachedResourceLoader::checkInsecureContent): Apply the mixed content policy to media resources
just as we do currently.
(WebCore::CachedResourceLoader::canRequest): Apply the Same Origin Policy to media resources just as we
do currently. Query the Content Security Policy of the page to determine if the media resource can be
requested.
(WebCore::CachedResourceLoader::determineRevalidationPolicy): Substitute CachedResource::isMainOrMediaOrRawResource()
for CachedResource::isMainOrRawResource() as the latter was renamed to the former.

  • loader/cache/CachedResourceLoader.h:
  • platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:

(WebCore::WebCoreAVFResourceLoader::startLoading): Modified to use CachedResourceLoader::requestMedia() instead
of CachedResourceLoader::requestRawResource() so that we can differentiate between a media resource and a raw
resource in CachedResourceLoader. Added FIXME comment to skip checking the Content Security Policy for loads
initiated by an element in a user agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505> for
more details. Additionally, simplified code that determined whether to request the media resource or error out
by coalescing two conditional expressions into one conditional on whether we have a loader and substituted
nullptr for 0.

Source/WebKit2:

Use 0ms as the maximum buffering time for media resource just as we do currently.

  • WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::maximumBufferingTime):

LayoutTests:

Add tests to ensure that the Content Security Policy is enforced on redirects when
loading a subresource, including a video or audio file.

  • http/tests/resources/redirect.php: Fix PHP "undefined index" warnings when either query

parameter code or refresh (or both) are not specified.

  • http/tests/security/contentSecurityPolicy/audio-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/audio-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/audio-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/audio-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/font-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/font-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/font-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/font-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/image-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/image-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/image-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/image-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/resources/ABCFont.svg: Renamed from LayoutTests/http/tests/security/contentSecurityPolicy/userAgentShadowDOM/resources/ABCFont.svg.
  • http/tests/security/contentSecurityPolicy/resources/alert-fail.xsl: Added.
  • http/tests/security/contentSecurityPolicy/resources/alert-pass.xsl: Added.
  • http/tests/security/contentSecurityPolicy/resources/green-square.svg: Added.
  • http/tests/security/contentSecurityPolicy/resources/red-square.svg: Added.
  • http/tests/security/contentSecurityPolicy/resources/xsl-redirect-allowed.php: Added.
  • http/tests/security/contentSecurityPolicy/resources/xsl-redirect-blocked.php: Added.
  • http/tests/security/contentSecurityPolicy/script-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/script-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/script-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/script-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/stylesheet-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/stylesheet-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/svg-font-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/svg-font-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/svg-image-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/svg-image-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/track-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/track-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/track-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/track-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font.html:
  • http/tests/security/contentSecurityPolicy/video-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/video-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/video-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/video-redirect-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/xsl-redirect-allowed-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/xsl-redirect-allowed.html: Added.
  • http/tests/security/contentSecurityPolicy/xsl-redirect-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/xsl-redirect-blocked.html: Added.
  • platform/efl/TestExpectations: For now skip tests http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-{audio, video}.html

until we fix <https://bugs.webkit.org/show_bug.cgi?id=155505>. We will also need to fix
<https://bugs.webkit.org/show_bug.cgi?id=153866> before we can unskip test http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html
As far as I can tell the functionality exercised by these tests is not being using by the EFL port.

  • platform/gtk/TestExpectations: For now skip tests http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-{audio, video}.html

until we fix <https://bugs.webkit.org/show_bug.cgi?id=155505>. As far as I can tell the functionality
exercised by these tests is not being using by the GTK port.

  • platform/ios-simulator/http/tests/security/contentSecurityPolicy/audio-redirect-blocked-expected.txt: Added expected failure result as

AV Foundation is responsible for loading media on iOS. That is, WebCore is not responsible for loading media.

  • platform/ios-simulator/http/tests/security/contentSecurityPolicy/video-redirect-blocked-expected.txt: Ditto.
  • platform/mac/TestExpectations: For now skip tests http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-{audio, video}.html

until we fix <https://bugs.webkit.org/show_bug.cgi?id=155505>. The functionality exercised by these
tests is not used on OS X. Additionally, mark as Failure on Yosemite and ElCapitan the added tests
http/tests/security/contentSecurityPolicy/{video, audio}-redirect-blocked.html as we do not support
Content Security Policy for media redirects in these versions of OS X.

12:33 PM Changeset in webkit [198291] by Chris Dumez
  • 17 edits in trunk/Source

Unreviewed, rolling out r198235, r198240, r198241, and
r198252.

Causing crashes on ARM

Reverted changesets:

"Remove compile time define for SEPARATED_HEAP"
https://bugs.webkit.org/show_bug.cgi?id=155508
http://trac.webkit.org/changeset/198235

"Gardening: build fix after r198235."
http://trac.webkit.org/changeset/198240

"Build fix."
http://trac.webkit.org/changeset/198241

"Rename performJITMemcpy to something more inline with our
normal webkit function names"
https://bugs.webkit.org/show_bug.cgi?id=155525
http://trac.webkit.org/changeset/198252

12:03 PM Changeset in webkit [198290] by BJ Burg
  • 4 edits in trunk/Source/JavaScriptCore

Unreviewed, rolling out r198257.
https://bugs.webkit.org/show_bug.cgi?id=155553

This change is unnecessary, clients can instead compile the
file with ARC enabled (Requested by brrian on #webkit).

Reverted changeset:

"REGRESSION(r198077): generated Objective-C protocol object
getters leak their wrappers"
https://bugs.webkit.org/show_bug.cgi?id=155523
http://trac.webkit.org/changeset/198257

11:31 AM Changeset in webkit [198289] by jiewen_tan@apple.com
  • 22 edits
    2 adds in trunk

URL Parsing should signal failure for illegal IDN
https://bugs.webkit.org/show_bug.cgi?id=154945
<rdar://problem/8014795>

Reviewed by Brent Fulgham.

Source/WebCore:

WebCore::URL will now invalidate URLs with illegal IDN. And functions inside WebCoreNSURLExtras.h
that deal with IDN mapping will now return nil to signal error.

Test: fast/url/invalid-idn.html

  • platform/URL.cpp:

(WebCore::isSchemeFirstChar):
(WebCore::URL::init):
(WebCore::appendEncodedHostname):
(WebCore::encodeHostnames):
(WebCore::encodeRelativeString):

  • platform/mac/WebCoreNSURLExtras.h:
  • platform/mac/WebCoreNSURLExtras.mm:

(WebCore::mapHostNameWithRange):
(WebCore::hostNameNeedsDecodingWithRange):
(WebCore::hostNameNeedsEncodingWithRange):
(WebCore::decodeHostNameWithRange):
(WebCore::encodeHostNameWithRange):
(WebCore::decodeHostName):
(WebCore::encodeHostName):
(WebCore::collectRangesThatNeedMapping):
(WebCore::mapHostNames):
(WebCore::URLWithData):
(WebCore::dataWithUserTypedString):
(WebCore::URLWithUserTypedString):
(WebCore::URLWithUserTypedStringDeprecated):
(WebCore::userVisibleString):

Source/WebKit/ios:

  • Misc/WebNSStringExtrasIOS.m:

(-[NSString _web_possibleURLsForForUserTypedString:]):

  • WebView/WebPDFViewPlaceholder.mm:

(-[WebPDFViewPlaceholder _updateTitleForURL:]):

Source/WebKit/mac:

In this patch, we add new SPIs _webkit_URLWithUserTypedString, _webkit_decodeHostName and
_webkit_encodeHostName which will return nil while dealing with illegal IDN.

Old SPIs _web_URLWithUserTypedString, _web_decodeHostName and _web_encodeHostName are marked
deprecated as they ignore URL parsing failure.

  • History/WebHistoryItem.mm:

(-[WebHistoryItem initFromDictionaryRepresentation:]):

  • Misc/WebKitErrors.m:

(+[NSError _webKitErrorWithCode:failingURL:]):

  • Misc/WebNSFileManagerExtras.mm:

(-[NSFileManager _webkit_setMetadataURL:referrer:atPath:]):

  • Misc/WebNSPasteboardExtras.mm:

(-[NSPasteboard _web_bestURL]):

  • Misc/WebNSURLExtras.h:
  • Misc/WebNSURLExtras.mm:

(+[NSURL _web_URLWithUserTypedString:]):
(+[NSURL _webkit_URLWithUserTypedString:relativeToURL:]):
(+[NSURL _webkit_URLWithUserTypedString:]):
(-[NSString _web_decodeHostName]):
(-[NSString _web_encodeHostName]):
(-[NSString _webkit_decodeHostName]):
(-[NSString _webkit_encodeHostName]):

  • Panels/WebAuthenticationPanel.m:

(-[WebAuthenticationPanel setUpForChallenge:]):

  • WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::canonicalizeURLString):

Tools:

  • MiniBrowser/mac/WK2BrowserWindowController.m:

(-[WK2BrowserWindowController fetch:]):

  • TestWebKitAPI/Tests/Cocoa/URLExtras.mm:

(TestWebKitAPI::TEST):

LayoutTests:

  • fast/url/host-expected.txt:
  • fast/url/idna2003-expected.txt:
  • fast/url/invalid-idn-expected.txt: Added.
  • fast/url/invalid-idn.html: Added.
11:16 AM Changeset in webkit [198288] by mark.lam@apple.com
  • 42 edits
    1 add in trunk

Add support for setting Function.name from computed properties.
https://bugs.webkit.org/show_bug.cgi?id=155437

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

In JS code, we can have initialization of computed properties with function and
class objects e.g.

var o = {

[x]: function() {},
[y]: class {}

}

The ES6 spec states that the function and class in the example above (being
anonymous) should take on the value of x and y respectively as their names:

o[x].name; should be the "stringified" value of x.
o[y].name;
should be the "stringified" value of y.

To achieve this, we will now inject an op_set_function_name bytecode at property
initialization sites if:

  1. the property assigned value is a function or class, and
  2. the function and class is anonymous, and
  3. if property assigned value is a class, it doesn't have a static method that is statically named "name".

The op_set_function_name will result in JSFunction::setFunctionName() being
called on the target function / class before it is assigned to the property.
JSFunction::setFunctionName() will take care of:

  1. computing the name to use from the value of the computed property name e.g. x and y in the example above.

If the computed property name is not a symbol, then the function / class name
should be the toString() value of that computed property name.

If the computed property name is a symbol, then ...

  1. if the Symbol has a defined description (e.g. Symbol("foo")), then the function / class name should be "[<symbol description>]" e.g. "[foo]".
  2. if the Symbol has an undefined description (e.g. Symbol()), then the function / class name should be "".

Note: Symbol("") is not the same as Symbol(). The former has a defined
descriptor "", and hence, yields a function / class name of "[]". The latter
yields a function / class name of "".

  1. reifying the lazy name property with this function / class name.

op_set_function_name is named after the SetFunctionName internal function
in the ES6 spec that performs the above operation.

It is behaviorally correct to use op_set_function_name at every property
initialization site with computed property names. However, we choose to not
emit the op_set_function_name bytecode when we already know that it will do
nothing i.e. when the target function / class is proven to already have a name or
name property. This is done as an optimization to avoid unnecessary calls to
JSFunction::setFunctionName().

Note: we could further check if the class has a static method with a computed
name that is a constant string "name" and elide op_set_function_name there too.
However, we don't bother because this should be rare. JSFunction::setFunctionName()
will still do the right thing.

  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitNewFunction):
(JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded):
(JSC::BytecodeGenerator::emitCall):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::PropertyListNode::emitBytecode):
(JSC::PropertyListNode::emitPutConstantProperty):

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileNewFunction):
(JSC::DFG::SpeculativeJIT::compileSetFunctionName):
(JSC::DFG::SpeculativeJIT::compileForwardVarargs):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGStoreBarrierInsertionPhase.cpp:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileNewRegexp):
(JSC::FTL::DFG::LowerDFGToB3::compileSetFunctionName):
(JSC::FTL::DFG::LowerDFGToB3::compileStringReplace):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):

  • jit/JIT.h:
  • jit/JITInlines.h:

(JSC::JIT::callOperation):

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emit_op_set_function_name):
(JSC::JIT::emit_op_strcat):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emitSlow_op_to_primitive):
(JSC::JIT::emit_op_set_function_name):
(JSC::JIT::emit_op_strcat):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::handleHostCall):

  • llint/LLIntSlowPaths.h:
  • llint/LowLevelInterpreter.asm:
  • parser/Nodes.cpp:

(JSC::FunctionNode::finishParsing):
(JSC::PropertyListNode::hasStaticallyNamedProperty):
(JSC::VariableEnvironmentNode::VariableEnvironmentNode):

  • parser/Nodes.h:
  • runtime/JSFunction.cpp:

(JSC::getCalculatedDisplayName):
(JSC::JSFunction::setFunctionName):
(JSC::JSFunction::reifyLength):
(JSC::JSFunction::reifyName):

  • runtime/JSFunction.h:
  • tests/es6.yaml:
  • tests/stress/computed-function-names.js: Added.

(toKeyString):
(toFuncName):
(shouldBe):
(return.propKey):

LayoutTests:

  • js/object-literal-computed-methods-expected.txt:
  • Exercise op_set_function_name at all tiers.
  • js/script-tests/function-toString-vs-name.js:
  • Added tests for computed properties.
  • js/script-tests/object-literal-computed-methods.js:
  • rebased results.
10:20 AM Changeset in webkit [198287] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking imported/blink/fast/multicol/dynamic/relayout-abspos-in-relpos-spanner.html as flaky on ios-sim
https://bugs.webkit.org/show_bug.cgi?id=155339

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
10:17 AM Changeset in webkit [198286] by matthew_hanson@apple.com
  • 2 edits in branches/safari-601-branch/Source/WebCore

Merge r192054. rdar://problem/25152937

9:58 AM Changeset in webkit [198285] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skipping failing printing tests
https://bugs.webkit.org/show_bug.cgi?id=155543

Unreviewed test gardening.

Three printing tests that rely on software snapshotting are failing after r198242 exposed
an underlying issue. Skipping these tests to get the bots back to green during investigation.

9:46 AM Changeset in webkit [198284] by Antti Koivisto
  • 5 edits
    2 adds in trunk

Don't invalidate style unnecessarily when setting inline style cssText
https://bugs.webkit.org/show_bug.cgi?id=155541
rdar://problem/23318893

Reviewed by Simon Fraser.

Source/WebCore:

We currently invalidate style when cssText is set whether the style declaration changed or not.

Based on a patch by Simon.

Test: fast/css/style-invalidation-inline-csstext.html

  • css/PropertySetCSSStyleDeclaration.cpp:

(WebCore::PropertySetCSSStyleDeclaration::cssText):
(WebCore::PropertySetCSSStyleDeclaration::setCssText):

Invalidate only if the parsed style changed.

  • css/StyleProperties.cpp:

(WebCore::MutableStyleProperties::parseDeclaration):

Compare the original and new style after parsing, return result.

  • css/StyleProperties.h:

LayoutTests:

  • fast/css/style-invalidation-inline-csstext-expected.txt: Added.
  • fast/css/style-invalidation-inline-csstext.html: Added.
9:26 AM Changeset in webkit [198283] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Rebaseline fast/css/getPropertyValue-webkit-marquee.html after r198255
https://bugs.webkit.org/show_bug.cgi?id=155544

Unreviewed test gardening.

  • fast/css/getPropertyValue-webkit-marquee-expected.txt:
8:35 AM Changeset in webkit [198282] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.11.92

WebKitGTK+ 2.11.92

8:31 AM Changeset in webkit [198281] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r198127 - Enable GSS-Negotiate support in libsoup
https://bugs.webkit.org/show_bug.cgi?id=155354

Patch by Tomas Popela <tpopela@redhat.com> on 2016-03-14
Reviewed by Carlos Garcia Campos.

Enable the SOUP_TYPE_AUTH_NEGOTIATE feature if libsoup was compiled
with the GSS-Negotiate support.

  • platform/network/soup/SoupNetworkSession.cpp:

(WebCore::SoupNetworkSession::SoupNetworkSession):

8:16 AM Changeset in webkit [198280] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.12

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.11.92 release.

.:

  • Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit2:

  • gtk/NEWS: Add release notes for 2.11.92.
8:16 AM Changeset in webkit [198279] by Carlos Garcia Campos
  • 22 edits
    6 deletes in releases/WebKitGTK/webkit-2.12

Revert "Merge r197549 - DFG/FTL should inline accesses to RegExpObject::m_lastIndex"

This reverts commit 75a052408f9d2d6401972afb8a422f0e5979aeff.

8:15 AM Changeset in webkit [198278] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Revert "Merge r197622 - The most aggressive form of RegExpTest/RegExpExec should speculate more aggressively than just cell"

This reverts commit 782aaddfb605fb925d3de4cb1e7b562cc26821b7.

8:15 AM Changeset in webkit [198277] by Carlos Garcia Campos
  • 33 edits
    5 deletes in releases/WebKitGTK/webkit-2.12

Revert "Merge r197641 - RegExpMatchesArray doesn't know how to have a bad time"

This reverts commit 240414640dd08dd67d4866c3992f399cb1035bc1.

8:14 AM Changeset in webkit [198276] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Revert "Merge r197715 - RegExp.prototype.exec() should call into Yarr at most once"

This reverts commit 2731cf7e9df14edf11cba6984e4c8cd1b14e752b.

8:14 AM Changeset in webkit [198275] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Revert "Merge r197730 - Reduce the number of instructions needed to record the last regexp result"

This reverts commit 074b9a12367b04dd3cd70f9d7c73695f8184fbb6.

8:14 AM Changeset in webkit [198274] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Revert "Merge r197729 - createRegExpMatchesArray should allocate substrings more quickly"

This reverts commit 5127c006fe6f7fcb4a512376866bce75b83a1c27.

8:13 AM Changeset in webkit [198273] by Carlos Garcia Campos
  • 9 edits
    2 deletes in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Revert "Merge r197796 - Regexp matching should incur less call overhead"

This reverts commit 462dd3fe9ae1b6992bbf331c52e9d4d440298a16.

8:13 AM Changeset in webkit [198272] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r198269 - REGRESSION(r195661): [GTK] very slow scrolling
https://bugs.webkit.org/show_bug.cgi?id=155334

Reviewed by Sergio Villar Senin.

Fix smooth scrolling behaviour change after r195661.

  • platform/ScrollAnimationSmooth.cpp:

(WebCore::getAnimationParametersForGranularity): Fix a typo,
animationTime for pixel granularity should be 11 * tickTime.
(WebCore::ScrollAnimationSmooth::animateScroll): Previous code
reset all the data except the visibleLenght, so keep it in the
PerAxisData after the reset.

8:13 AM Changeset in webkit [198271] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.12/Source

Merge r198266 - Unreviewed, rolling out r196803.
https://bugs.webkit.org/show_bug.cgi?id=155534

Introduced several rendering issues in popular websites
(Requested by KaL on #webkit).

Reverted changeset:

"[GTK] Limit the number of tiles according to the visible
area"
https://bugs.webkit.org/show_bug.cgi?id=126122
http://trac.webkit.org/changeset/196803

6:59 AM Changeset in webkit [198270] by Yusuke Suzuki
  • 29 edits
    1 copy
    3 adds in trunk

[ES6] Reflect.set with receiver
https://bugs.webkit.org/show_bug.cgi?id=155294

Reviewed by Saam Barati.

Source/JavaScriptCore:

This patch introduces the receiver parameter support for Reflect.set.
Reflect.set can alter the receiver with arbitrary values.
Each property descriptor uses the receiver in Set?.

1) In the accessor descriptor case, the receiver is used as |this| value for setter calls.
2) In the data descriptor case, the actual property will be set onto the receiver objects.

The current put operation does not support the receiver that is different from the base object.
In particular, (2) case is not supported.
The naive implementation adds one more GetOwnProperty? for the receiver per Set? (9.1.9.1-4-c [1]), and it is unacceptable.
To keep the fast path efficiently, we fall back to the slow but generic implementation (ordinarySetSlow)
only when the receiver is altered.

We need not to change any JIT part, because the JS code cannot alter the receiver without Reflect.set.
The property accesses generated by the JIT code always have the receiver that is the same to the base object.
ProxyObject can alter the receiver, but this situation has no problem because ProxyObject disables Inline Caching.
NOTE: Generating Inline Caching for JSProxy (that is used for the Window proxy) is already disabled before this change.

[1]: https://tc39.github.io/ecma262/#sec-ordinaryset

  • jsc.cpp:

(functionCreateProxy):

  • runtime/GenericArgumentsInlines.h:

(JSC::GenericArguments<Type>::put):

  • runtime/JSArray.cpp:

(JSC::JSArray::put):

  • runtime/JSArrayBuffer.cpp:

(JSC::JSArrayBuffer::put):

  • runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::put):

  • runtime/JSCJSValue.h:
  • runtime/JSCJSValueInlines.h:

(JSC::isThisValueAltered):

  • runtime/JSDataView.cpp:

(JSC::JSDataView::put):

  • runtime/JSFunction.cpp:

(JSC::JSFunction::put):

  • runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::put):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::put):

  • runtime/JSObject.cpp:

(JSC::ordinarySetSlow):
(JSC::JSObject::putInlineSlow):

  • runtime/JSObject.h:
  • runtime/JSObjectInlines.h:

(JSC::JSObject::putInline):

  • runtime/JSProxy.h:

(JSC::JSProxy::createStructure):

  • runtime/Lookup.h:

(JSC::putEntry):

  • runtime/PropertySlot.h:
  • runtime/ProxyObject.cpp:

(JSC::ProxyObject::put):

  • runtime/PutPropertySlot.h:

(JSC::PutPropertySlot::PutPropertySlot):
(JSC::PutPropertySlot::isCacheablePut):
(JSC::PutPropertySlot::isCacheableSetter):
(JSC::PutPropertySlot::isCacheableCustom):
(JSC::PutPropertySlot::isCustomAccessor):
(JSC::PutPropertySlot::disableCaching):
(JSC::PutPropertySlot::isCacheable):

  • runtime/ReflectObject.cpp:

(JSC::reflectObjectSet):

  • runtime/RegExpObject.cpp:

(JSC::RegExpObject::put):
(JSC::reject): Deleted.

  • runtime/StringObject.cpp:

(JSC::StringObject::put):

  • tests/es6.yaml:
  • tests/stress/ordinary-set-exceptions.js: Added.

(shouldBe):
(shouldThrow):
(shouldThrow.set get var):

  • tests/stress/proxy-set.js:
  • tests/stress/reflect-set-proxy-set.js: Copied from Source/JavaScriptCore/tests/stress/proxy-set.js.

(shouldBe):
(unreachable):
(assert):
(throw.new.Error.let.handler.set 45):
(throw.new.Error):
(let.target.set x):
(let.target.get x):
(set let):

  • tests/stress/reflect-set-receiver-proxy-set.js: Added.

(shouldBe):
(unreachable):
(assert):
(let.handler.set 45):
(catch):
(let.target.set x):
(let.target.get x):
(set let):

  • tests/stress/reflect-set-with-global-proxy.js: Added.

(shouldBe):
(unreachable):
(get shouldBe):
(set shouldBe):
(set test1):
(set test2):
(set test3):

  • tests/stress/reflect-set.js:

(shouldThrow):
(unreachable):
(get shouldBe):
(set shouldBe):
(receiverTestIndexed):
(set get Uint8Array):
(receiverCase): Deleted.
(proxyCase): Deleted.
(stringObjectCase.set get shouldBe): Deleted.
(regExpLastIndex): Deleted.

LayoutTests:

Currently, putDelegate (JSLocation is special case) and CustomIndexedSetter work as special setters.

  • js/dom/reflect-set-onto-dom-expected.txt:
  • js/dom/script-tests/reflect-set-onto-dom.js:
2:36 AM Changeset in webkit [198269] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

REGRESSION(r195661): [GTK] very slow scrolling
https://bugs.webkit.org/show_bug.cgi?id=155334

Reviewed by Sergio Villar Senin.

Fix smooth scrolling behaviour change after r195661.

  • platform/ScrollAnimationSmooth.cpp:

(WebCore::getAnimationParametersForGranularity): Fix a typo,
animationTime for pixel granularity should be 11 * tickTime.
(WebCore::ScrollAnimationSmooth::animateScroll): Previous code
reset all the data except the visibleLenght, so keep it in the
PerAxisData after the reset.

12:18 AM Changeset in webkit [198268] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit/win

Unreviewed, rolling out r196951 and r197031.

Revert also WinCairo follow ups after r196803

Reverted changesets:

"[WinCairo] Compile fix."
https://bugs.webkit.org/show_bug.cgi?id=154545
http://trac.webkit.org/changeset/196951

"[WinCairo] Mark layer as non composited."
https://bugs.webkit.org/show_bug.cgi?id=154640
http://trac.webkit.org/changeset/197031

12:11 AM Changeset in webkit [198267] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit/win

Unreviewed, rolling out r197693.

197031

Reverted changeset:

"[WinCairo][AcceleratedCompositing] Rendering issues on
www.bbc.com."
https://bugs.webkit.org/show_bug.cgi?id=154912
http://trac.webkit.org/changeset/197693

12:05 AM Changeset in webkit [198266] by commit-queue@webkit.org
  • 7 edits in trunk/Source

Unreviewed, rolling out r196803.
https://bugs.webkit.org/show_bug.cgi?id=155534

Introduced several rendering issues in popular websites
(Requested by KaL on #webkit).

Reverted changeset:

"[GTK] Limit the number of tiles according to the visible
area"
https://bugs.webkit.org/show_bug.cgi?id=126122
http://trac.webkit.org/changeset/196803

12:02 AM Changeset in webkit [198265] by rniwa@webkit.org
  • 11 edits
    2 adds in trunk/Websites/perf.webkit.org

Analysis task page should allow specifying commits that caused or fixed a regression or a progression
https://bugs.webkit.org/show_bug.cgi?id=155529

Reviewed by Chris Dumez.

Added the capability to associate revisions that caused or fixed a progression or a regression for which
an analysis task was created. Added task_commits that stores this relationship and added the backend
support to retrieve this table in /api/analysis-tasks and an privileged API to update this table at
/privileged-api/associate-commit.

Also extracted a new component, MutableListView, out of AnalysisTaskPage to render and manipulate a list
of mutable items, and used it to render the list of associated bugs and commits. The view takes a list of
kinds (e.g. repositories or bug trackers), and accepts a pair of a kind and arbitrary text as a new item
value.

  • init-database.sql: Added task_commits table.
  • public/api/analysis-tasks.php:

(main):
(fetch_associated_data_for_tasks): Renamed from fetch_and_push_bugs_to_tasks now that it also fetches
the list of commits associated with each analysis task by calling CommitLogFetcher::fetch_for_tasks.
Also fixe the bug that we were not taking
(format_task): No longer sets 'category' since the computation of category now depends on the list of
commits associated with this analysis task which aren't available until fetch_associated_data_for_tasks.
(determine_category): Added. Categorize any analysis tasks with "fixes" commits as "closed" and "causes"
commits as "identified".

  • public/include/commit-log-fetcher.php:

(CommitLogFetcher::construct): Remove the unused instance variable.
(CommitLogFetcher::fetch_for_tasks): Added. Fetches all commits associated with a list of analysis tasks.
Assumes the caller (fetch_associated_data_for_tasks) had setup "fixes" and "causes" fields on each task.

  • public/privileged-api/associate-commit.php: Added. Updates task_commits table to associate or disassociate

a commit with an analysis task. When the specified analysis task and the specified commit are already
associated, we simply update the table instead of adding a duplicating entry or error. For dissociation,
the front-end specifies the commit ID.
(main): Added.

  • public/v3/index.html:
  • public/v3/components/mutable-list-view.js: Added. Used by the list associated bugs and commits.

(MutableListView): Added.
(MutableListView.prototype.setList): Added.
(MutableListView.prototype.setKindList): Added.
(MutableListView.prototype.setAddCallback): Added. This callback is invoked when the user tries to add
a new item to the list.
(MutableListView.prototype.render): Added.
(MutableListView.prototype._submitted): Added.
(MutableListView.cssTemplate):
(MutableListView.htmlTemplate):
(MutableListItem): Added. RemovalLink could be a hyperlink or a callback and gets involved when the user
tries to delete this item.
(MutableListItem.prototype.content):

  • public/v3/models/analysis-task.js:

(AnalysisTask): Added the support of the list of commits that fixed and caused changes.
(AnalysisTask.prototype.updateSingleton): Ditto.
(AnalysisTask.prototype.causes): Added.
(AnalysisTask.prototype.fixes): Added.
(AnalysisTask.prototype.associateCommit): Added. Use the API added at /privileged-api/associate-commit
to associate a new commit with this analysis task. Each commit has either caused or fixed the change.
(AnalysisTask.prototype.dissociateCommit): Added. Use the same API to disassociate each commit.
(AnalysisTask._constructAnalysisTasksFromRawData): Find all commits associated with each analysis task.
Because commit log objects use a fake ID fdue to /api/measurement-set not providing commit IDs, we must
use CommitLog.findByRemoteId to find each commit instead of usual CommitLog.findById.
(AnalysisTask._constructAnalysisTasksFromRawData.resolveCommits): Added.

  • public/v3/models/build-request.js:

(BuildRequest.prototype.hasFinished): Renamed from hasCompleted since it was confusing for this._status
being "completed" wasn't a necessary condition for this function to return true.

  • public/v3/models/commit-log.js:

(CommitLog): Added the static map for actual commit ID instead of a fake ID created in ensureSingleton.
(CommitLog.prototype.remoteId): Added. Returns the real commit ID.
(CommitLog.findByRemoteId): Added. Finds an CommitLog object using the real ID.

  • public/v3/models/test-group.js:

(TestGroup.prototype.hasFinished): Renamed from hasCompleted to match the rename in BuildRequest.

  • public/v3/pages/analysis-task-page.js:

(AnalysisTaskPage): Added lists for the commits that fixed and caused the change using MutableListView.
Also adopted MutableListView for the list of associated bugs.
(AnalysisTaskPage.prototype.render): Added the code to populate the newly added lists.
(AnalysisTaskPage.prototype._makeCommitListItem): Added.
(AnalysisTaskPage.prototype._associateBug): Now this is a callback from MutableListView.
(AnalysisTaskPage.prototype._associateCommit): Added.
(AnalysisTaskPage.prototype._dissociateCommit): Added.
(AnalysisTaskPage.htmlTemplate):
(AnalysisTaskPage.cssTemplate):

  • public/v3/remote.js:

(getJSON): Spit out the entire responseText when JSON failed to parse to make debugging easier.

Mar 15, 2016:

11:48 PM Changeset in webkit [198264] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

[JSC] Remove hint from SlowCaseEntry
https://bugs.webkit.org/show_bug.cgi?id=155530

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-15
Reviewed by Alex Christensen.

  • jit/JIT.h:

(JSC::SlowCaseEntry::SlowCaseEntry):

11:30 PM Changeset in webkit [198263] by bshafiei@apple.com
  • 1 copy in tags/Safari-601.5.17.2.1

New tag.

11:26 PM Changeset in webkit [198262] by bshafiei@apple.com
  • 2 edits in branches/safari-601-branch/Source/WebKit/win

Merged r198244. rdar://problem/25181891

11:25 PM Changeset in webkit [198261] by bshafiei@apple.com
  • 5 edits in branches/safari-601.5.17.2-branch/Source

Versioning.

11:23 PM Changeset in webkit [198260] by bshafiei@apple.com
  • 2 edits in branches/safari-601.5.17.2-branch/Source/WebKit/win

Merged r198244. rdar://problem/25181891

11:22 PM Changeset in webkit [198259] by bshafiei@apple.com
  • 5 edits in branches/safari-601.5.17.2-branch/Source

Versioning.

11:18 PM Changeset in webkit [198258] by bshafiei@apple.com
  • 1 copy in branches/safari-601.5.17.2-branch

New Branch.

8:31 PM Changeset in webkit [198257] by BJ Burg
  • 4 edits in trunk/Source/JavaScriptCore

REGRESSION(r198077): generated Objective-C protocol object getters leak their wrappers
https://bugs.webkit.org/show_bug.cgi?id=155523
<rdar://problem/25181764>

Reviewed by Joseph Pecoraro.

Since the code may not be compiled with ARC, autorelease the returned wrapper.

  • inspector/scripts/codegen/objc_generator.py:

(ObjCGenerator.protocol_to_objc_expression_for_member):

  • inspector/scripts/tests/expected/type-declaration-object-type.json-result:
  • inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:
7:16 PM Changeset in webkit [198256] by commit-queue@webkit.org
  • 6 edits in trunk/Source/JavaScriptCore

[JSC] Help clang generate better code on arrayProtoFuncToString()
https://bugs.webkit.org/show_bug.cgi?id=155512

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-15
Reviewed by Mark Lam.

3d-raytrace hits Array.toString() hard with small arrays.
Half of the time is going into overhead around the StringJoiner.
This patch makes the function shorter and the layout better.

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncToString):
Add "UNLIKELY" on rare cases. Clang pushes that code to the tail.

Factor the code of jsMakeNontrivialString() so that the operation
is not duplicated in the function.

  • runtime/JSStringBuilder.h:

(JSC::jsMakeNontrivialString):
jsNontrivialString() supports r-value reference.
Move the result string into jsNontrivialString(), this removes
the deref+destructor from the function.

  • runtime/JSStringJoiner.cpp:

(JSC::JSStringJoiner::~JSStringJoiner):
The destructor is pretty large. No point in inlining it.

(JSC::joinStrings):

  • runtime/JSStringJoiner.h:

(JSC::JSStringJoiner::JSStringJoiner):
(JSC::JSStringJoiner::append):
The calls were duplicated. That's unnecessary.

  • runtime/NumericStrings.h:

(JSC::NumericStrings::add):
Return a reference in all cases.
This removes a deref+destructor.

6:51 PM Changeset in webkit [198255] by Alan Bujtas
  • 13 edits
    2 deletes in trunk

Remove overflow: -webkit-marquee
https://bugs.webkit.org/show_bug.cgi?id=155517
<rdar://problem/25028481>

Reviewed by Simon Fraser.

This patch is based on Blink patch from jchaffraix@chromium.org (https://src.chromium.org/viewvc/blink?revision=151756&view=revision)

Source/WebCore:

  • css/CSSParser.cpp:

(WebCore::isValidKeywordPropertyAndValue):

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Deleted.
(WebCore::CSSPrimitiveValue::operator EOverflow): Deleted.

  • css/CSSValueKeywords.in:
  • css/StyleResolver.cpp:

(WebCore::StyleResolver::adjustRenderStyle):

  • css/html.css:

(marquee): Deleted.

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::sizesLogicalWidthToFitContent):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::scrollTo):
(WebCore::RenderLayer::updateScrollInfoAfterLayout):
(WebCore::RenderLayer::calculateClipRects):

  • rendering/RenderLayer.h:
  • rendering/RenderMarquee.h:
  • rendering/style/RenderStyleConstants.h:

LayoutTests:

  • fast/css/getPropertyValue-webkit-marquee.html:
  • fast/css/webkit-marquee-anonymous-node-crash-expected.txt: Removed.
  • fast/css/webkit-marquee-anonymous-node-crash.html: Removed.
6:45 PM Changeset in webkit [198254] by jdiggs@igalia.com
  • 11 edits in trunk

AX: Expose pointers to SVG elements referenced by aria-labelledby
https://bugs.webkit.org/show_bug.cgi?id=155481

Reviewed by Chris Fleizach.

Source/WebCore:

Expose elements referenced by aria-labelledby via ATK_RELATION_LABELLED_BY.
Stop calling the supportsARIA* methods before getting the elements referred
to by the associated ARIA property in the accessible wrapper for ATK and
the inspector: Getting the elements will be just as fast when there are no
such elements, and faster when there are.

Modified the w3c-svg-name-calculation.html test to include AXTitleUIElement
in its output.

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::supportsARIAAttributes):
(WebCore::AccessibilityObject::ariaElementsFromAttribute): Added.
(WebCore::AccessibilityObject::ariaControlsElements): Added.
(WebCore::AccessibilityObject::ariaDescribedByElements): Added.
(WebCore::AccessibilityObject::ariaFlowToElements): Added.
(WebCore::AccessibilityObject::ariaLabelledByElements): Added.
(WebCore::AccessibilityObject::ariaOwnsElements): Added.

  • accessibility/AccessibilityObject.h:

(WebCore::AccessibilityObject::ariaOwnsElements): No longer virtual.
(WebCore::AccessibilityObject::supportsARIAFlowTo): Deleted.
(WebCore::AccessibilityObject::ariaFlowToElements): No longer virtual.
(WebCore::AccessibilityObject::supportsARIADescribedBy): Deleted.
(WebCore::AccessibilityObject::ariaDescribedByElements): No longer virtual.
(WebCore::AccessibilityObject::supportsARIAControls): Deleted.
(WebCore::AccessibilityObject::ariaControlsElements): No longer virtual.

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::ariaElementsFromAttribute): Moved to AccessibilityObject.
(WebCore::AccessibilityRenderObject::supportsARIAFlowTo): Deleted.
(WebCore::AccessibilityRenderObject::ariaFlowToElements): Moved to AccessibilityObject.
(WebCore::AccessibilityRenderObject::supportsARIADescribedBy): Deleted.
(WebCore::AccessibilityRenderObject::ariaDescribedByElements): Moved to AccessibilityObject.
(WebCore::AccessibilityRenderObject::supportsARIAControls): Deleted.
(WebCore::AccessibilityRenderObject::ariaControlsElements): Moved to AccessibilityObject.
(WebCore::AccessibilityRenderObject::ariaOwnsElements): Moved to AccessibilityObject.

  • accessibility/AccessibilityRenderObject.h:
  • accessibility/atk/WebKitAccessibleWrapperAtk.cpp:

(setAtkRelationSetFromCoreObject):

  • inspector/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):

LayoutTests:

  • accessibility/w3c-svg-name-calculation.html: Modified to also output AXTitleUIElement.
  • platform/gtk/accessibility/w3c-svg-name-calculation-expected.txt: Updated.
  • platform/mac/accessibility/w3c-svg-name-calculation-expected.txt: Updated.
6:07 PM Changeset in webkit [198253] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Remove stale ArrayPrototype declarations
https://bugs.webkit.org/show_bug.cgi?id=155520

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-15
Reviewed by Mark Lam.

  • runtime/ArrayPrototype.cpp:

The implementations went away when the methods were moved to builtins
but the declarations were left behind.

6:02 PM Changeset in webkit [198252] by oliver@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

Rename performJITMemcpy to something more inline with our normal webkit function names
https://bugs.webkit.org/show_bug.cgi?id=155525

Reviewed by Saam Barati.

Simple bulk search/replace with a better name.

  • assembler/ARM64Assembler.h:

(JSC::ARM64Assembler::fillNops):
(JSC::ARM64Assembler::replaceWithJump):
(JSC::ARM64Assembler::replaceWithLoad):
(JSC::ARM64Assembler::replaceWithAddressComputation):
(JSC::ARM64Assembler::setPointer):
(JSC::ARM64Assembler::repatchInt32):
(JSC::ARM64Assembler::repatchCompact):
(JSC::ARM64Assembler::linkJumpOrCall):
(JSC::ARM64Assembler::linkCompareAndBranch):
(JSC::ARM64Assembler::linkConditionalBranch):
(JSC::ARM64Assembler::linkTestAndBranch):

  • assembler/LinkBuffer.cpp:

(JSC::LinkBuffer::copyCompactAndLinkCode):

  • jit/ExecutableAllocator.h:

(JSC::writeToExecutableRegion):
(JSC::performJITMemcpy): Deleted.

5:45 PM Changeset in webkit [198251] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebKit/mac

[ios-sim debug] API test WebKit1.AudioSessionCategoryIOS timing out
https://bugs.webkit.org/show_bug.cgi?id=155275

Reviewed by Alexey Proskuryakov.

The videoPlaybackRequiresUserGesture and audioPlaybackRequiresUserGesture should both defalut to
NO, so that legacy clients of -[UIWebView setMediaPlaybackRequiresUserAction:] continue to work
as expected.

  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):

5:22 PM Changeset in webkit [198250] by matthew_hanson@apple.com
  • 2 edits in branches/safari-601.1.46-branch/Source/WebKit2

Merge r195982. rdar://problem/24560759

5:22 PM Changeset in webkit [198249] by matthew_hanson@apple.com
  • 4 edits
    1 add in branches/safari-601.1.46-branch

Merge r194060. rdar://problem/24560757

5:22 PM Changeset in webkit [198248] by matthew_hanson@apple.com
  • 4 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r197125. rdar://problem/24860685

5:22 PM Changeset in webkit [198247] by matthew_hanson@apple.com
  • 2 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r196670. rdar://problem/24860681

5:22 PM Changeset in webkit [198246] by matthew_hanson@apple.com
  • 19 edits
    2 adds in branches/safari-601.1.46-branch

Merge r196268. rdar://problem/24748259

5:02 PM Changeset in webkit [198245] by enrica@apple.com
  • 2 edits in trunk/Source/WebKit2

Follow up to r195769.
https://bugs.webkit.org/show_bug.cgi?id=155519
rdar://problem/25146483

Reviewed by Tim Horton.

There are two code paths that lead to calling handleSyntheticClick()
where we need to check if the default action can be performed on the
data detector link.
Only one was covered in r195769 and this patch addresses the missing one.
I've also discovered that the point reported in DidNotHandleTapAsClick was
incorrectly always (0, 0) and I've fixed it.

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::handleTap):

5:00 PM Changeset in webkit [198244] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit/win

[Win] Correct double-release of CFURLConnectionRef
https://bugs.webkit.org/show_bug.cgi?id=155515
<rdar://problem/25159143>

Reviewed by Tim Horton.

Tested by http/tests/download suite.

  • WebDownloadCFNet.cpp: Remove extra CFRelease.
4:59 PM Changeset in webkit [198243] by Simon Fraser
  • 2 edits in trunk/Source/WebCore

Occasional crash under GraphicsContext::platformContext() when dragging Google maps
https://bugs.webkit.org/show_bug.cgi?id=155521
rdar://problem/24357307

Reviewed by Tim Horton.

It's possible for createDragImageForSelection() to return a null image, if the bounds
of the selection are an empty rect. That would cause a crash under convertImageToBitmap()
because a zero-sized ShareableBitmap will return a null GraphicsContext.

To avoid this, early return from DragController::startDrag() if the dragImage is null.

I wasn't able to come up with a test for this.

  • page/DragController.cpp:

(WebCore::DragController::startDrag):

4:51 PM Changeset in webkit [198242] by timothy_horton@apple.com
  • 2 edits in trunk/Tools

[iOS Simulator] Test result snapshots are upside down
https://bugs.webkit.org/show_bug.cgi?id=154761

Reviewed by Simon Fraser.

  • WebKitTestRunner/cg/TestInvocationCG.cpp:

(WTR::createCGContextFromImage):
(WTR::TestInvocation::dumpPixelsAndCompareWithExpected):
In r97104, Simon added code to take WindowServer snapshots, which came
in flipped, and added code to flip them back. At this point, WindowServer
snapshots got flipped, and software snapshots did not.

In r140067, Simon noticed that WindowServer ref test images were upside-down
on Mac (not sure why this changed), so turned off the flipping code (but
didn't delete it!). Now, WindowServer snapshots and software snapshots both
are not flipped.

In r190304, Carlos added an enum for the source of the snapshot ("WebView"
for window server snapshots, and "WebContent" for software snapshots),
and - critically - changed the flipping logic to flip software snapshots!

We didn't notice this on Mac because at this point we've made it so that
we *always* have WindowServer snapshots, but on iOS we still don't have
WindowServer snapshots, so now they're flipped.

And that's how we got here.

To restore the behavior from r140067, and correctly unflip snapshots on
iOS, just delete this code.

4:29 PM Changeset in webkit [198241] by oliver@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Improved build fix.

4:24 PM Changeset in webkit [198240] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Gardening: build fix after r198235.

Not Reviewed.

  • jit/ExecutableAllocatorFixedVMPool.cpp:

(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):

4:13 PM Changeset in webkit [198239] by timothy_horton@apple.com
  • 12 edits
    2 adds in trunk

iOS <attachment> element should allow customization of action text color
https://bugs.webkit.org/show_bug.cgi?id=155513
<rdar://problem/24805991>

Reviewed by Simon Fraser.

Test: fast/attachment/attachment-action.html

  • css/html.css:

(attachment):
On iOS (the only place it is used), <attachment> color should default to system blue.

  • rendering/RenderThemeIOS.mm:

(WebCore::attachmentActionColor):
(WebCore::AttachmentInfo::AttachmentInfo):
Make use of the <attachment>'s CSS color for the action text.
This is a little weird because there are multiple bits of text in an
<attachment>, but only the action text ever changes color.

  • fast/attachment/attachment-action-expected.html: Added.
  • fast/attachment/attachment-action.html: Added.
  • platform/ios-simulator/fast/attachment/attachment-label-highlight-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-progress-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-rendering-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-select-on-click-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-select-on-click-inside-user-select-all-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-subtitle-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-title-expected.txt:

Rebaseline some tests and add one that action text matches the requested color.

4:10 PM Changeset in webkit [198238] by Alan Bujtas
  • 9 edits in trunk/Source/WebCore

Delay HTMLFormControlElement::focus() call until after layout is finished.
https://bugs.webkit.org/show_bug.cgi?id=155503
<rdar://problem/24046635>

Reviewed by Simon Fraser.

Calling focus on a form element can trigger arbitrary JS code which could interfere with
the ongoing layout.
This patch delays HTMLFormControlElement::focus() call until after layout is finished.
If we are currently not in the middle of a layout, HTMLFormControlElement::focus() is delayed until
after style resolution is done.

Covered by LayoutTests/fast/dom/adopt-node-crash-2.html

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::updateBackingStore):

  • dom/Document.cpp:

(WebCore::Document::updateStyleIfNeeded):
(WebCore::Document::updateLayout):
(WebCore::Document::updateLayoutIfDimensionsOutOfDate):

  • html/HTMLEmbedElement.cpp:

(WebCore::HTMLEmbedElement::renderWidgetLoadingPlugin):

  • html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::didAttachRenderers):

  • page/FrameView.cpp:

(WebCore::FrameView::layout):
(WebCore::FrameView::queuePostLayoutCallback):
(WebCore::FrameView::flushPostLayoutTasksQueue):
(WebCore::FrameView::performPostLayoutTasks):
(WebCore::FrameView::sendResizeEventIfNeeded):

  • page/FrameView.h:
  • rendering/RenderBox.cpp:

(WebCore::RenderBox::imageChanged):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::scrollTo):

3:57 PM Changeset in webkit [198237] by Ryan Haddad
  • 2 edits in trunk/Source/WebKit2

Unreviewed, rolling out r198230.

This change caused LayoutTests to fail on Mac

Reverted changeset:

"REGRESSION (r194660): Navigating to HTTPS sites may fail with
error"
https://bugs.webkit.org/show_bug.cgi?id=155455
http://trac.webkit.org/changeset/198230

3:46 PM Changeset in webkit [198236] by Simon Fraser
  • 2 edits
    7 adds in trunk/PerformanceTests

Add developer Animometer test that bounces P3-tagged images
https://bugs.webkit.org/show_bug.cgi?id=155511

Reviewed by Tim Horton.

Add a test for rendering performance of tagged images. The 5 images are tagged
with the Display P3 colorspace.

  • Animometer/resources/debug-runner/tests.js:
  • Animometer/tests/bouncing-particles/bouncing-tagged-images.html: Added.
  • Animometer/tests/bouncing-particles/resources/bouncing-tagged-images.js: Added.
  • Animometer/tests/bouncing-particles/resources/image1.jpg: Added.
  • Animometer/tests/bouncing-particles/resources/image2.jpg: Added.
  • Animometer/tests/bouncing-particles/resources/image3.jpg: Added.
  • Animometer/tests/bouncing-particles/resources/image4.jpg: Added.
  • Animometer/tests/bouncing-particles/resources/image5.jpg: Added.
3:44 PM Changeset in webkit [198235] by oliver@apple.com
  • 16 edits in trunk/Source

Remove compile time define for SEPARATED_HEAP
https://bugs.webkit.org/show_bug.cgi?id=155508

Reviewed by Mark Lam.

Source/JavaScriptCore:

This removes the compile time define for the SEPARATED_HEAP
feature, and moves to a default-off runtime preference.

This happily also removes the need for world rebuilds while
bringing it up on different platforms.

  • Configurations/FeatureDefines.xcconfig:
  • assembler/LinkBuffer.cpp:

(JSC::LinkBuffer::copyCompactAndLinkCode):

  • jit/ExecutableAllocator.h:

(JSC::performJITMemcpy):

  • jit/ExecutableAllocatorFixedVMPool.cpp:

(JSC::FixedVMPoolExecutableAllocator::initializeSeparatedWXHeaps):
(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):
(JSC::FixedVMPoolExecutableAllocator::genericWriteToJITRegion):
(JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator): Deleted.

  • runtime/Options.cpp:

(JSC::recomputeDependentOptions):

  • runtime/Options.h:

Source/WebCore:

Remove the feature define.

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit/mac:

Remove the feature define.

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

Remove the feature define.

  • Configurations/FeatureDefines.xcconfig:

Source/WTF:

Remove the feature define.

  • wtf/FeatureDefines.h:
  • wtf/Platform.h:
3:42 PM Changeset in webkit [198234] by rniwa@webkit.org
  • 2 edits
    1 add in trunk/Websites/perf.webkit.org

Extract the code to format commit logs into its own PHP file
https://bugs.webkit.org/show_bug.cgi?id=155514

Rubber-stamped by Chris Dumez.

Extracted CommitLogFetcher out of /api/commits so that it could be used in analysis-tasks.php
in the future to support associating cause/fix for each analysis task.

  • public/api/commits.php:
  • public/include/commit-log-fetcher.php: Added.

(CommitLogFetcher)
(CommitLogFetcher::construct): Added.
(CommitLogFetcher::repository_id_from_name): Added.
(CommitLogFetcher::fetch_between): Added.
(CommitLogFetcher::fetch_oldest): Added.
(CommitLogFetcher::fetch_latest): Added.
(CommitLogFetcher::fetch_last_reported): Added.
(CommitLogFetcher::fetch_revision): Added.
(CommitLogFetcher::commit_for_revision): Added.
(CommitLogFetcher::format_single_commit): Added.
(CommitLogFetcher::format_commit): Added.

3:38 PM Changeset in webkit [198233] by commit-queue@webkit.org
  • 6 edits in trunk

Unreviewed, rolling out r198148.
https://bugs.webkit.org/show_bug.cgi?id=155518

"Lets do this patch at a later time" (Requested by saamyjoon
on #webkit).

Reverted changeset:

"[ES6] Disallow var assignments in for-in loops"
https://bugs.webkit.org/show_bug.cgi?id=155451
http://trac.webkit.org/changeset/198148

3:22 PM Changeset in webkit [198232] by ap@apple.com
  • 2 edits in trunk/LayoutTests

Test result gardening for
ASSERT_NOT_REACHED on imported/w3c/web-platform-tests/html/semantics/embedded-content/the-area-element/area-coords.html
https://bugs.webkit.org/show_bug.cgi?id=155516

  • TestExpectations: Skip the test in debug, as it's not useful to crash every time.
3:04 PM Changeset in webkit [198231] by ap@apple.com
  • 2 edits in trunk/Tools

run-api-tests doesn't print test name when the test crashes
https://bugs.webkit.org/show_bug.cgi?id=155476

Reviewed by Daniel Bates.

  • Scripts/run-api-tests: Print "UNEXPECTEDLY EXITED" with a test name when output

doesn't contain the test name yet. Changed test name output to always be before raw
stdout for clarity.

2:55 PM Changeset in webkit [198230] by dbates@webkit.org
  • 2 edits in trunk/Source/WebKit2

REGRESSION (r194660): Navigating to HTTPS sites may fail with error
https://bugs.webkit.org/show_bug.cgi?id=155455
<rdar://problem/24308793>

Reviewed by Alexey Proskuryakov.

Fixes an issue where navigating to an HTTPS site may fail because the Security Framework uses
a cache directory that it does not have permission to use.

  • Shared/mac/ChildProcessMac.mm:

(WebKit::codeSigningIdentifierForProcess): Queries the Security Framework for the code signed
bundle identifier/code signing identifier.
(WebKit::ChildProcess::initializeSandbox): Use the client identifier as part of the user directory
suffix. Verify that the client identifier matches the code signed bundled identifier/code
signing identifier for the code signed app/tool. Fix minor code style issue; use a C++-style cast
instead of a C-style cast when casting an OSStatus to a long.
(WebKit::findSecCodeForProcess): Deleted; incorporated logic into WebKit::codeSigningIdentifierForProcess().

2:48 PM Changeset in webkit [198229] by commit-queue@webkit.org
  • 4 edits in trunk

REGRESSION: ASSERTION FAILED: !m_lastActiveBlock on js/function-apply.html
https://bugs.webkit.org/show_bug.cgi?id=155411
<rdar://problem/25134537>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-15
Reviewed by Mark Lam.

Source/JavaScriptCore:

  • heap/Heap.cpp:

(JSC::Heap::collectImpl):
(JSC::Heap::didFinishCollection):
During collection allocators are stop/reset. The HeapProfiler tasks
were using HeapIterationScope (to satisfy MarkedSpace forEachCell API
contracts) which was doing its own stop/resume of allocators. Doing a
stop/resume in between the normal stop/reset of collection is unexpected.

Move this to didFinishCollection, alongside other heap iterations
like zombies and immortal objects. Putting this after those tasks
also means the heap snapshots will respect the zombies/immortal options
when deciding if the cell is alive or not.

LayoutTests:

  • platform/mac/TestExpectations:

Unmark test as flakey.

1:41 PM Changeset in webkit [198228] by sbarati@apple.com
  • 13 edits in trunk/Source/JavaScriptCore

We should have different JSTypes for JSGlobalLexicalEnvironment and JSLexicalEnvironment and JSModuleEnvironment
https://bugs.webkit.org/show_bug.cgi?id=152406

Reviewed by Mark Lam.

This makes testing for a JSGlobalLexicalEnvironment faster
because we can just check the Cell's type instead of using
jsDynamicCast. I also changed code that does jsDynamicCast<JSGlobalObject*>
instead of isGlobalObject().

  • interpreter/Interpreter.cpp:

(JSC::Interpreter::execute):

  • jit/JITOperations.cpp:
  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::tryCachePutToScopeGlobal):
(JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal):

  • runtime/JSGlobalLexicalEnvironment.h:

(JSC::JSGlobalLexicalEnvironment::createStructure):

  • runtime/JSLexicalEnvironment.h:

(JSC::JSLexicalEnvironment::createStructure):
(JSC::JSLexicalEnvironment::JSLexicalEnvironment):

  • runtime/JSModuleEnvironment.h:

(JSC::JSModuleEnvironment::createStructure):
(JSC::JSModuleEnvironment::offsetOfModuleRecord):

  • runtime/JSObject.h:

(JSC::JSObject::isGlobalObject):
(JSC::JSObject::isJSLexicalEnvironment):
(JSC::JSObject::isGlobalLexicalEnvironment):
(JSC::JSObject::isErrorInstance):

  • runtime/JSScope.cpp:

(JSC::abstractAccess):
(JSC::isUnscopable):
(JSC::JSScope::resolve):
(JSC::JSScope::collectVariablesUnderTDZ):
(JSC::JSScope::isVarScope):
(JSC::JSScope::isLexicalScope):
(JSC::JSScope::isModuleScope):
(JSC::JSScope::isCatchScope):
(JSC::JSScope::isFunctionNameScopeObject):
(JSC::JSScope::isNestedLexicalScope):
(JSC::JSScope::constantScopeForCodeBlock):
(JSC::isScopeType): Deleted.
(JSC::JSScope::isGlobalLexicalEnvironment): Deleted.

  • runtime/JSScope.h:
  • runtime/JSType.h:
1:31 PM Changeset in webkit [198227] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Fixing expectation for css3/masking/mask-svg-script-none-to-png.html on ios-simulator

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
1:27 PM Changeset in webkit [198226] by timothy_horton@apple.com
  • 12 edits in trunk/LayoutTests

Unskip and rebaseline <attachment> tests on iOS
<rdar://problem/24805991>

  • fast/attachment/attachment-default-icon.html:
  • fast/attachment/attachment-folder-icon.html:
  • fast/attachment/attachment-type-attribute.html:

Make these tests have identical titles between ref and actual, because
on iOS the layout differs if you have a title or not (unlike on Mac).

  • platform/ios-simulator/TestExpectations:
  • platform/ios-simulator/fast/attachment/attachment-label-highlight-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-progress-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-rendering-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-select-on-click-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-select-on-click-inside-user-select-all-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-subtitle-expected.txt:
  • platform/ios-simulator/fast/attachment/attachment-title-expected.txt:

Unskip and rebaseline all but one of the attachment tests on iOS.

1:01 PM Changeset in webkit [198225] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Restore pre-r197244 behavior on Mac
https://bugs.webkit.org/show_bug.cgi?id=155507
<rdar://problem/25174132>

Reviewed by Gavin Barraclough.

<http://trac.webkit.org/changeset/197244> changed the session restore
behavior to disallow stale content on all platforms except iOS.
We would also like to maintain the behavior on Mac for performance
reasons and consistency between iOS and Mac.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadDifferentDocumentItem):

12:46 PM Changeset in webkit [198224] by Antti Koivisto
  • 2 edits in trunk/Source/WebKit2

Add Antti to WebKit2 Owners file
https://bugs.webkit.org/show_bug.cgi?id=155504

Reviewed by Anders Carlsson and Sam Weinig.

  • Owners:
12:45 PM Changeset in webkit [198223] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebCore

<attachment> on iOS isn't quite vertically centered
https://bugs.webkit.org/show_bug.cgi?id=155502
<rdar://problem/24805991>

Reviewed by Beth Dakin.

No new tests; there are existing tests that will be enabled shortly.

  • rendering/RenderThemeIOS.mm:

(WebCore::AttachmentInfo::AttachmentInfo):
We were overcounting the total height of the attachment content by one margin, because each item
would add in its margin, including the last one. Remove one margin.

12:43 PM Changeset in webkit [198222] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Remove flaky expectation for webgl/1.0.2/conformance/rendering/gl-scissor-test.html for mac
https://bugs.webkit.org/show_bug.cgi?id=126586

Unreviewed test gardening.

  • platform/mac/TestExpectations:
12:24 PM Changeset in webkit [198221] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Fixing a typo in the ios-simulator TestExpectations file

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
12:15 PM Changeset in webkit [198220] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking animations/3d/transform-origin-vs-functions.html as flaky on ios-simulator-wk2
https://bugs.webkit.org/show_bug.cgi?id=155501

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations:
12:03 PM Changeset in webkit [198219] by Chris Fleizach
  • 3 edits
    2 adds in trunk

AX: certain elements not included in accessibility tree
https://bugs.webkit.org/show_bug.cgi?id=155480

Reviewed by Beth Dakin.

Source/WebCore:

This test case exposed a hole in the nextSibling logic where you can get into a state where we skip content.
The fix is to check if an inline element continuation has no sibling, to fall back on to the parent case to see if that has a sibling.

Test: accessibility/double-nested-inline-element-missing-from-tree.html

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::nextSibling):

LayoutTests:

  • accessibility/double-nested-inline-element-missing-from-tree-expected.txt: Added.
  • accessibility/double-nested-inline-element-missing-from-tree.html: Added.
11:26 AM Changeset in webkit [198218] by Chris Dumez
  • 22 edits
    2 deletes in trunk

Unreviewed, rolling out r198203.

Favorites view is no longer loading on iOS

Reverted changeset:

"URL Parsing should signal failure for illegal IDN"
https://bugs.webkit.org/show_bug.cgi?id=154945
http://trac.webkit.org/changeset/198203

11:25 AM Changeset in webkit [198217] by timothy_horton@apple.com
  • 3 edits in trunk/Source/WebCore

<attachment> on iOS should use short and emphasized fonts
https://bugs.webkit.org/show_bug.cgi?id=155485
<rdar://problem/24805991>

Reviewed by Simon Fraser.

No new tests; there are existing tests that will be enabled shortly.

  • rendering/RenderThemeIOS.mm:

(WebCore::attachmentActionFont):
(WebCore::attachmentTitleFont):
(WebCore::attachmentSubtitleFont):
(WebCore::AttachmentInfo::buildTitleLines):
(WebCore::AttachmentInfo::buildSingleLine):
(WebCore::AttachmentInfo::AttachmentInfo):
No need for UIFonts, we can use CoreText, and that allows us to ask for the
correct Short and Emphasized variants that we need.

10:26 AM Changeset in webkit [198216] by Antti Koivisto
  • 9 edits in trunk

Source/WebCore:
REGRESSION (196383): Class change invalidation does not handle :not correctly
https://bugs.webkit.org/show_bug.cgi?id=155493
<rdar://problem/24846762>

Reviewed by Andreas Kling.

We fail to invalidate bar style in

:not(.foo) bar { }

when class foo is added or removed.

There is a logic error in the invalidation code. It assumes that class addition can only make new selectors match
and removal make them not match. This is not true when :not is present.

  • style/AttributeChangeInvalidation.h:

(WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):

  • style/ClassChangeInvalidation.cpp:

(WebCore::Style::ClassChangeInvalidation::invalidateStyle):

Invalidate style and collect full set of rules that may affect descendant style.

(WebCore::Style::ClassChangeInvalidation::invalidateDescendantStyle):

Invalidate with this set both before and after committing the changes.

(WebCore::Style::ClassChangeInvalidation::computeClassChange): Deleted.

  • style/ClassChangeInvalidation.h:

(WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
(WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):

LayoutTests:
Class change invalidation does not handle :not correctly
https://bugs.webkit.org/show_bug.cgi?id=155493
<rdar://problem/24846762>

Reviewed by Andreas Kling.

  • fast/css/style-invalidation-attribute-change-descendants-expected.txt:
  • fast/css/style-invalidation-attribute-change-descendants.html:

Also add :not case for attribute changes (which handles this correctly already).

  • fast/css/style-invalidation-class-change-descendants-expected.txt:
  • fast/css/style-invalidation-class-change-descendants.html:

Add :not case.

8:30 AM Changeset in webkit [198215] by bshafiei@apple.com
  • 5 edits in trunk/Source

Versioning.

8:28 AM Changeset in webkit [198214] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.23

New tag.

8:27 AM Changeset in webkit [198213] by bshafiei@apple.com
  • 1 delete in tags/Safari-602.1.23

Delete tag.

8:26 AM Changeset in webkit [198212] by fpizlo@apple.com
  • 45 edits
    2 deletes in trunk/Source/JavaScriptCore

Remove the Baker barrier from JSC
https://bugs.webkit.org/show_bug.cgi?id=155479

Reviewed by Saam Barati.

It's been a while since I added a Baker barrier, but I never followed it up with an actual
concurrent GC. While thinking about the GC, I became convinced that the right path forward
is to do a non-copying concurrent GC. That is, remove the copied space and just use the
marked space. The downside of using marked space cannot be more than the overhead of the
Baker barrier, so concurrent non-copying GC is definitely better than copying
non-concurrent GC. I also suspect that just plain non-copying non-concurrent GC is going to
be fine also, so the path forward will probably be to first just remove CopiedSpace.

Anyway, for now this patch just removes the Baker barrier. It was a cute implementation but
it just cost performance and I don't think we'll ever use it.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::generate):

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGArgumentsEliminationPhase.cpp:
  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGCopyBarrierOptimizationPhase.cpp: Removed.
  • dfg/DFGCopyBarrierOptimizationPhase.h: Removed.
  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGHeapLocation.cpp:

(WTF::printInternal):

  • dfg/DFGHeapLocation.h:
  • dfg/DFGNodeType.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset):
(JSC::DFG::SpeculativeJIT::compileGetButterfly):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileGetButterfly):
(JSC::FTL::DFG::LowerDFGToB3::compileConstantStoragePointer):
(JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckArray):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiGetByOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiPutByOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileGetDirectPname):
(JSC::FTL::DFG::LowerDFGToB3::storageForTransition):
(JSC::FTL::DFG::LowerDFGToB3::getById):
(JSC::FTL::DFG::LowerDFGToB3::isFastTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::compileGetButterflyReadOnly): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadButterflyWithBarrier): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadVectorWithBarrier): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::copyBarrier): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::isInToSpace): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadButterflyReadOnly): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadVectorReadOnly): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::removeSpaceBits): Deleted.

  • heap/CopyBarrier.h:

(JSC::CopyBarrierBase::CopyBarrierBase):
(JSC::CopyBarrierBase::operator bool):
(JSC::CopyBarrierBase::get):
(JSC::CopyBarrierBase::clear):
(JSC::CopyBarrierBase::setWithoutBarrier):
(JSC::CopyBarrier::CopyBarrier):
(JSC::CopyBarrier::get):
(JSC::CopyBarrier::set):
(JSC::CopyBarrier::setWithoutBarrier):
(JSC::CopyBarrierBase::operator!): Deleted.
(JSC::CopyBarrierBase::getWithoutBarrier): Deleted.
(JSC::CopyBarrierBase::getPredicated): Deleted.
(JSC::CopyBarrierBase::copyState): Deleted.
(JSC::CopyBarrierBase::setCopyState): Deleted.
(JSC::CopyBarrierBase::weakCASWithoutBarrier): Deleted.
(JSC::CopyBarrier::getWithoutBarrier): Deleted.
(JSC::CopyBarrier::getPredicated): Deleted.
(JSC::CopyBarrier::weakCASWithoutBarrier): Deleted.

  • heap/Heap.cpp:

(JSC::Heap::addToRememberedSet):
(JSC::Heap::collectAndSweep):
(JSC::Heap::copyBarrier): Deleted.

  • heap/Heap.h:

(JSC::Heap::writeBarrierBuffer):

  • jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::branchIfNotFastTypedArray):
(JSC::AssemblyHelpers::purifyNaN):
(JSC::AssemblyHelpers::loadTypedArrayVector): Deleted.

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::branchStructure):
(JSC::AssemblyHelpers::addressForByteOffset):
(JSC::AssemblyHelpers::branchIfToSpace): Deleted.
(JSC::AssemblyHelpers::branchIfNotToSpace): Deleted.
(JSC::AssemblyHelpers::removeSpaceBits): Deleted.

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompile):

  • jit/JITOpcodes.cpp:

(JSC::JIT::emitSlow_op_has_indexed_property):
(JSC::JIT::emit_op_get_direct_pname):
(JSC::JIT::emitSlow_op_get_direct_pname):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_get_direct_pname):
(JSC::JIT::emitSlow_op_get_direct_pname):

  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitDoubleLoad):
(JSC::JIT::emitContiguousLoad):
(JSC::JIT::emitArrayStorageLoad):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitGenericContiguousPutByVal):
(JSC::JIT::emitArrayStoragePutByVal):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emitSlow_op_get_from_scope):
(JSC::JIT::emit_op_put_to_scope):
(JSC::JIT::emitSlow_op_put_to_scope):
(JSC::JIT::emitIntTypedArrayGetByVal):
(JSC::JIT::emitFloatTypedArrayGetByVal):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter64.asm:
  • runtime/DirectArguments.cpp:

(JSC::DirectArguments::visitChildren):
(JSC::DirectArguments::copyBackingStore):
(JSC::DirectArguments::overrideArgument):
(JSC::DirectArguments::copyToArguments):

  • runtime/DirectArguments.h:

(JSC::DirectArguments::canAccessIndexQuickly):
(JSC::DirectArguments::canAccessArgumentIndexQuicklyInDFG):

  • runtime/JSArray.cpp:

(JSC::JSArray::setLength):
(JSC::JSArray::pop):
(JSC::JSArray::push):
(JSC::JSArray::fastSlice):
(JSC::JSArray::fastConcatWith):
(JSC::JSArray::shiftCountWithArrayStorage):
(JSC::JSArray::shiftCountWithAnyIndexingType):
(JSC::JSArray::unshiftCountWithAnyIndexingType):
(JSC::JSArray::fillArgList):
(JSC::JSArray::copyToArguments):

  • runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::finalize):

  • runtime/JSArrayBufferView.h:

(JSC::JSArrayBufferView::isNeutered):
(JSC::JSArrayBufferView::vector):
(JSC::JSArrayBufferView::length):

  • runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren):
(JSC::JSGenericTypedArrayView<Adaptor>::copyBackingStore):

  • runtime/JSObject.cpp:

(JSC::JSObject::visitChildren):
(JSC::JSObject::copyBackingStore):
(JSC::JSObject::heapSnapshot):
(JSC::JSObject::getOwnPropertySlotByIndex):
(JSC::JSObject::putByIndex):
(JSC::JSObject::enterDictionaryIndexingMode):
(JSC::JSObject::createInitialIndexedStorage):
(JSC::JSObject::createArrayStorage):
(JSC::JSObject::convertUndecidedToInt32):
(JSC::JSObject::convertUndecidedToDouble):
(JSC::JSObject::convertUndecidedToContiguous):
(JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
(JSC::JSObject::convertUndecidedToArrayStorage):
(JSC::JSObject::convertInt32ToDouble):
(JSC::JSObject::convertInt32ToContiguous):
(JSC::JSObject::convertInt32ToArrayStorage):
(JSC::JSObject::convertDoubleToContiguous):
(JSC::JSObject::convertDoubleToArrayStorage):
(JSC::JSObject::convertContiguousToArrayStorage):
(JSC::JSObject::setIndexQuicklyToUndecided):
(JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
(JSC::JSObject::deletePropertyByIndex):
(JSC::JSObject::getOwnPropertyNames):
(JSC::JSObject::putIndexedDescriptor):
(JSC::JSObject::defineOwnIndexedProperty):
(JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
(JSC::JSObject::putDirectIndexBeyondVectorLength):
(JSC::JSObject::getNewVectorLength):
(JSC::JSObject::ensureLengthSlow):
(JSC::JSObject::reallocateAndShrinkButterfly):
(JSC::JSObject::growOutOfLineStorage):
(JSC::getBoundSlotBaseFunctionForGetterSetter):
(JSC::JSObject::getEnumerableLength):

  • runtime/JSObject.h:

(JSC::JSObject::getArrayLength):
(JSC::JSObject::getVectorLength):
(JSC::JSObject::canGetIndexQuickly):
(JSC::JSObject::getIndexQuickly):
(JSC::JSObject::tryGetIndexQuickly):
(JSC::JSObject::canSetIndexQuickly):
(JSC::JSObject::canSetIndexQuicklyForPutDirect):
(JSC::JSObject::setIndexQuickly):
(JSC::JSObject::initializeIndex):
(JSC::JSObject::hasSparseMap):
(JSC::JSObject::inSparseIndexingMode):
(JSC::JSObject::inlineStorage):
(JSC::JSObject::butterfly):
(JSC::JSObject::outOfLineStorage):
(JSC::JSObject::locationForOffset):
(JSC::JSObject::ensureInt32):
(JSC::JSObject::ensureDouble):
(JSC::JSObject::ensureContiguous):
(JSC::JSObject::ensureArrayStorage):
(JSC::JSObject::arrayStorage):
(JSC::JSObject::arrayStorageOrNull):
(JSC::JSObject::ensureLength):
(JSC::JSObject::putDirectWithoutTransition):

  • runtime/MapData.h:

(JSC::JSIterator>::IteratorData::next):
(JSC::JSIterator>::IteratorData::refreshCursor):

  • runtime/MapDataInlines.h:

(JSC::JSIterator>::find):
(JSC::JSIterator>::add):
(JSC::JSIterator>::remove):
(JSC::JSIterator>::replaceAndPackBackingStore):
(JSC::JSIterator>::replaceBackingStore):
(JSC::JSIterator>::ensureSpaceForAppend):
(JSC::JSIterator>::visitChildren):
(JSC::JSIterator>::copyBackingStore):

  • runtime/Options.h:
8:20 AM Changeset in webkit [198211] by jer.noble@apple.com
  • 5 edits
    2 adds in trunk

Video elements with autoplay do not begin playing when scrolling into view if InvisibleAutoplayNotPermitted is set.
https://bugs.webkit.org/show_bug.cgi?id=155468

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/video-restricted-invisible-autoplay-allowed-when-visible.html

A few bugs came together to cause this behavior. We were not telling the media session that we were going to begin
the autoplaying state, we were not restoring the correct state when the interruption ended, and we were not checking
to see if we could actually play correctly when the interruption ended.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::prepareForLoad):
(WebCore::HTMLMediaElement::canTransitionFromAutoplayToPlay):
(WebCore::HTMLMediaElement::setReadyState):
(WebCore::HTMLMediaElement::resumeAutoplaying):
(WebCore::HTMLMediaElement::updateShouldPlay):
(WebCore::elementCanTransitionFromAutoplayToPlay): Deleted.

  • html/HTMLMediaElement.h:
  • platform/audio/PlatformMediaSession.cpp:

(WebCore::PlatformMediaSession::endInterruption):

LayoutTests:

  • media/video-restricted-invisible-autoplay-allowed-when-visible-expected.txt: Added.
  • media/video-restricted-invisible-autoplay-allowed-when-visible.html: Added.
8:10 AM Changeset in webkit [198210] by Manuel Rego Casasnovas
  • 10 edits
    1 move in trunk/Source/WebCore

[css-grid] Rename GridCoordinate to GridArea
https://bugs.webkit.org/show_bug.cgi?id=155489

Reviewed by Sergio Villar Senin.

As the comment in GridCoordinate states,
it actually represents a grid area as it stores
the initial and final positions in both axis (columns and rows).

Someone can think about a grid coordinate just like a single cell.
However this class was representing an area of several cells.

On top of that the "grid area" concept is defined in the spec:
https://drafts.csswg.org/css-grid/#grid-area-concept

No new tests, no change of behavior.

  • WebCore.xcodeproj/project.pbxproj:
  • css/CSSGridTemplateAreasValue.cpp:

(WebCore::stringForPosition):

  • css/CSSGridTemplateAreasValue.h:
  • css/CSSParser.cpp:

(WebCore::CSSParser::parseGridTemplateAreasRow):

  • css/CSSParser.h:
  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
(WebCore::RenderGrid::insertItemIntoGrid):
(WebCore::RenderGrid::placeItemsOnGrid):
(WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
(WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
(WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
(WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
(WebCore::RenderGrid::clearGrid):
(WebCore::RenderGrid::cachedGridArea):
(WebCore::RenderGrid::cachedGridSpan):

  • rendering/RenderGrid.h:
  • rendering/style/GridArea.h: Renamed from Source/WebCore/rendering/style/GridCoordinate.h.

(WebCore::GridSpan::untranslatedDefiniteGridSpan):
(WebCore::GridSpan::translatedDefiniteGridSpan):
(WebCore::GridSpan::indefiniteGridSpan):
(WebCore::GridSpan::operator==):
(WebCore::GridSpan::integerSpan):
(WebCore::GridSpan::untranslatedResolvedInitialPosition):
(WebCore::GridSpan::untranslatedResolvedFinalPosition):
(WebCore::GridSpan::resolvedInitialPosition):
(WebCore::GridSpan::resolvedFinalPosition):
(WebCore::GridSpan::GridSpanIterator::GridSpanIterator):
(WebCore::GridSpan::GridSpanIterator::operator unsigned&):
(WebCore::GridSpan::GridSpanIterator::operator*):
(WebCore::GridSpan::begin):
(WebCore::GridSpan::end):
(WebCore::GridSpan::isTranslatedDefinite):
(WebCore::GridSpan::isIndefinite):
(WebCore::GridSpan::translate):
(WebCore::GridSpan::GridSpan):
(WebCore::GridArea::GridArea):
(WebCore::GridArea::operator==):
(WebCore::GridArea::operator!=):

  • rendering/style/GridPositionsResolver.cpp:
  • rendering/style/StyleGridData.h:
7:21 AM Changeset in webkit [198209] by jh718.park@samsung.com
  • 2 edits in trunk/Source/WebCore

[GTK] Remove duplicate HashMap traversal and unneeded reference count churn in DataObjectGtk::forClipboard
https://bugs.webkit.org/show_bug.cgi?id=155470

Reviewed by Carlos Garcia Campos.

No new tests, no new behaviours.

  • platform/gtk/DataObjectGtk.cpp:

(WebCore::DataObjectGtk::forClipboard):

3:42 AM Changeset in webkit [198208] by Gyuyoung Kim
  • 2 edits in trunk/Source/WebKit2

EFL build has been broken since r198180
https://bugs.webkit.org/show_bug.cgi?id=155488

Unreviewed build fix.

  • WebProcess/UserContent/WebUserContentController.h: Use ENABLE(USER_MESSAGE_HANDLERS) guard.
3:38 AM Changeset in webkit [198207] by Manuel Rego Casasnovas
  • 7 edits
    2 moves in trunk/Source/WebCore

[css-grid] Rename GridResolvedPosition to GridPositionsResolver
https://bugs.webkit.org/show_bug.cgi?id=155486

Reviewed by Sergio Villar Senin.

GridResolvedPosition is not storing a position (track or line) anymore.
Currently it's just a class wrapping the methods to resolve
grid positions from style.
Renamed the class to avoid confusions.

No new tests, no change of behavior.

  • CMakeLists.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::placeItemsOnGrid):
(WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
(WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
(WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
(WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):

  • rendering/RenderGrid.h:
  • rendering/style/GridCoordinate.h:
  • rendering/style/GridPositionsResolver.cpp: Renamed from Source/WebCore/rendering/style/GridResolvedPosition.cpp.

(WebCore::isColumnSide):
(WebCore::isStartSide):
(WebCore::initialPositionSide):
(WebCore::finalPositionSide):
(WebCore::gridLinesForSide):
(WebCore::implicitNamedGridLineForSide):
(WebCore::GridPositionsResolver::isNonExistentNamedLineOrArea):
(WebCore::adjustGridPositionsFromStyle):
(WebCore::GridPositionsResolver::explicitGridColumnCount):
(WebCore::GridPositionsResolver::explicitGridRowCount):
(WebCore::explicitGridSizeForSide):
(WebCore::lookAheadForNamedGridLine):
(WebCore::lookBackForNamedGridLine):
(WebCore::resolveNamedGridLinePositionFromStyle):
(WebCore::definiteGridSpanWithNamedLineSpanAgainstOpposite):
(WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
(WebCore::resolveGridPositionAgainstOppositePosition):
(WebCore::GridPositionsResolver::spanSizeForAutoPlacedItem):
(WebCore::resolveGridPositionFromStyle):
(WebCore::GridPositionsResolver::resolveGridPositionsFromStyle):

  • rendering/style/GridPositionsResolver.h: Renamed from Source/WebCore/rendering/style/GridResolvedPosition.h.
  • rendering/style/StyleAllInOne.cpp:
1:59 AM Changeset in webkit [198206] by sbarati@apple.com
  • 5 edits
    2 adds in trunk/Source/JavaScriptCore

Destructuring parameters are evaluated in the wrong scope
https://bugs.webkit.org/show_bug.cgi?id=155454

Reviewed by Geoffrey Garen.

This patch makes our engine compatible with how parameter
lists are evaluated in ES6. A parameter list that contains
a rest parameter, any destructuring patterns, or default parameter values,
is classified as being non-simple. Non-simple parameter lists
must get their own scope to live in, and the variables in the
scope are under TDZ. This means that functions evaluated in the
parameter list don't have access to variables inside the function
body. Also, non-simple parameter lists get the strict-mode arguments object.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::~BytecodeGenerator):
(JSC::BytecodeGenerator::initializeDefaultParameterValuesAndSetupFunctionScopeStack):
(JSC::BytecodeGenerator::initializeArrowFunctionContextScopeIfNeeded):

  • bytecompiler/BytecodeGenerator.h:
  • parser/Nodes.h:

(JSC::FunctionParameters::size):
(JSC::FunctionParameters::at):
(JSC::FunctionParameters::append):
(JSC::FunctionParameters::hasDefaultParameterValues): Deleted.

  • tests/es6.yaml:
  • tests/stress/parameter-scoping.js: Added.

(assert):
(test):
(test.foo):
(test.):

1:58 AM Changeset in webkit [198205] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

Leak: Accelerated ImageBufferCairo doesn't destroy the used textures
https://bugs.webkit.org/show_bug.cgi?id=155431

Patch by Miguel Gomez <magomez@igalia.com> on 2016-03-15
Reviewed by Žan Doberšek.

When using the Cairo backend, add a destructor to ImageBufferData and use it to destroy the
textures created if the buffer is being accelerated.

No new tests, already covered by existing ones.

  • platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::ImageBufferData::ImageBufferData):
Store the renderingMode flag.
(WebCore::ImageBufferData::~ImageBufferData):
Destroy gl resources if renderingMode is accelerated.
(WebCore::ImageBuffer::ImageBuffer):
Pass renderingMode to the data class and use it fro checks instead of the function parameter.

  • platform/graphics/cairo/ImageBufferDataCairo.h:

Add destructor and a renderingMode flag.

1:49 AM Changeset in webkit [198204] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r198201 - REGRESSION (r197724): [GTK] Web Inspector: Images being blocked by CSP 2.0
https://bugs.webkit.org/show_bug.cgi?id=155432

Reviewed by Darin Adler.

The GTK+ port Web Inspector uses GResources for all internal
resources (images, fonts, scripts, etc.) that are now blocked by
the CSP. GResouces are like data URLs in practice, so we should
always allow them.

  • page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):

12:53 AM Changeset in webkit [198203] by jiewen_tan@apple.com
  • 22 edits
    2 adds in trunk

URL Parsing should signal failure for illegal IDN
https://bugs.webkit.org/show_bug.cgi?id=154945
<rdar://problem/8014795>

Reviewed by Brent Fulgham.

Source/WebCore:

WebCore::URL will now invalidate URLs with illegal IDN. And functions inside WebCoreNSURLExtras.h
that deal with IDN mapping will now return nil to signal error.

Test: fast/url/invalid-idn.html

  • platform/URL.cpp:

(WebCore::isSchemeFirstChar):
(WebCore::URL::init):
(WebCore::appendEncodedHostname):
(WebCore::encodeHostnames):
(WebCore::encodeRelativeString):

  • platform/mac/WebCoreNSURLExtras.h:
  • platform/mac/WebCoreNSURLExtras.mm:

(WebCore::mapHostNameWithRange):
(WebCore::hostNameNeedsDecodingWithRange):
(WebCore::hostNameNeedsEncodingWithRange):
(WebCore::decodeHostNameWithRange):
(WebCore::encodeHostNameWithRange):
(WebCore::decodeHostName):
(WebCore::encodeHostName):
(WebCore::collectRangesThatNeedMapping):
(WebCore::mapHostNames):
(WebCore::URLWithData):
(WebCore::dataWithUserTypedString):
(WebCore::URLWithUserTypedString):
(WebCore::URLWithUserTypedStringDeprecated):
(WebCore::userVisibleString):

Source/WebKit/ios:

  • Misc/WebNSStringExtrasIOS.m:

(-[NSString _web_possibleURLsForForUserTypedString:]):

  • WebView/WebPDFViewPlaceholder.mm:

(-[WebPDFViewPlaceholder _updateTitleForURL:]):

Source/WebKit/mac:

In this patch, we add new SPIs _webkit_URLWithUserTypedString, _webkit_decodeHostName and
_webkit_encodeHostName which will return nil while dealing with illegal IDN.

Old SPIs _web_URLWithUserTypedString, _web_decodeHostName and _web_encodeHostName are marked
deprecated as they ignore URL parsing failure.

  • History/WebHistoryItem.mm:

(-[WebHistoryItem initFromDictionaryRepresentation:]):

  • Misc/WebKitErrors.m:

(+[NSError _webKitErrorWithCode:failingURL:]):

  • Misc/WebNSFileManagerExtras.mm:

(-[NSFileManager _webkit_setMetadataURL:referrer:atPath:]):

  • Misc/WebNSPasteboardExtras.mm:

(-[NSPasteboard _web_bestURL]):

  • Misc/WebNSURLExtras.h:
  • Misc/WebNSURLExtras.mm:

(+[NSURL _web_URLWithUserTypedString:]):
(+[NSURL _webkit_URLWithUserTypedString:relativeToURL:]):
(+[NSURL _webkit_URLWithUserTypedString:]):
(-[NSString _web_decodeHostName]):
(-[NSString _web_encodeHostName]):
(-[NSString _webkit_decodeHostName]):
(-[NSString _webkit_encodeHostName]):

  • Panels/WebAuthenticationPanel.m:

(-[WebAuthenticationPanel setUpForChallenge:]):

  • WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::canonicalizeURLString):

Tools:

  • MiniBrowser/mac/WK2BrowserWindowController.m:

(-[WK2BrowserWindowController fetch:]):

  • TestWebKitAPI/Tests/Cocoa/URLExtras.mm:

(TestWebKitAPI::TEST):

LayoutTests:

  • fast/url/host-expected.txt:
  • fast/url/idna2003-expected.txt:
  • fast/url/invalid-idn-expected.txt: Added.
  • fast/url/invalid-idn.html: Added.
12:37 AM Changeset in webkit [198202] by Chris Dumez
  • 2 edits in trunk/Source/WebKit2

Regression(r197939): ASSERTION FAILED: url.containsOnlyASCII() in URL.cpp
https://bugs.webkit.org/show_bug.cgi?id=155449
<rdar://problem/25134826>

Reviewed by Carlos Garcia Campos.

Bump WK2 Network Disk Cache version after r197939 as the new cache format
is not compatible with the old one and leads to assertions being hit when
browsing in Debug builds.

SubresourceInfo used to only contain a boolean and would therefore be
serialized as "0" / "1". However, after r197939, a URL field was added
and when trying to decode old cache entries with the new format, we
would try to construct a URL from the String "0" or "1". This would
assert because these are not valid URLs.

  • NetworkProcess/cache/NetworkCacheStorage.h:
12:01 AM Changeset in webkit [198201] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

REGRESSION (r197724): [GTK] Web Inspector: Images being blocked by CSP 2.0
https://bugs.webkit.org/show_bug.cgi?id=155432

Reviewed by Darin Adler.

The GTK+ port Web Inspector uses GResources for all internal
resources (images, fonts, scripts, etc.) that are now blocked by
the CSP. GResouces are like data URLs in practice, so we should
always allow them.

  • page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):

Mar 14, 2016:

10:47 PM Changeset in webkit [198200] by bshafiei@apple.com
  • 4 edits
    1 copy in tags/Safari-602.1.22.0.2/Source/WebKit2

Merged r198089. rdar://problem/24428418

10:46 PM Changeset in webkit [198199] by bshafiei@apple.com
  • 5 edits in tags/Safari-602.1.22.0.2/Source

Versioning.

10:39 PM Changeset in webkit [198198] by ggaren@apple.com
  • 9 edits
    1 copy
    1 delete in trunk/Source/bmalloc

Unreviewed, rolling out r197955.

I decided to go in another direction

Reverted changeset:

"bmalloc: Rename SmallPage to SmallRun"
https://bugs.webkit.org/show_bug.cgi?id=155320
http://trac.webkit.org/changeset/197955

10:32 PM Changeset in webkit [198197] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Fix WinCairo build after r198195.

  • platform/network/NetworkingContext.h:

curl networking now uses NetworkingContext::storageSession. That's everybody!

10:02 PM Changeset in webkit [198196] by commit-queue@webkit.org
  • 9 edits
    1 add in trunk/Source/WebInspectorUI

Web Inspector: Show path from root to instances in the Heap Snapshot content view
https://bugs.webkit.org/show_bug.cgi?id=155478
<rdar://problem/25157408>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-14
Reviewed by Timothy Hatcher.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Main.html:

New strings and resources.

  • UserInterface/Models/HeapSnapshotNode.js:

(WebInspector.HeapSnapshotNode.prototype.get shortestGCRootPath):
(WebInspector.HeapSnapshotNode.prototype._gcRootPaths.visitNode):
(WebInspector.HeapSnapshotNode.prototype._gcRootPaths):
Helper to get the shortest path from a GC root to the node.

  • UserInterface/Models/HeapSnapshotRootPath.js: Added.

(WebInspector.HeapSnapshotRootPath):
(WebInspector.HeapSnapshotRootPath.emptyPath):
(WebInspector.HeapSnapshotRootPath.prototype.get node):
(WebInspector.HeapSnapshotRootPath.prototype.get parent):
(WebInspector.HeapSnapshotRootPath.prototype.get pathComponent):
(WebInspector.HeapSnapshotRootPath.prototype.get rootNode):
(WebInspector.HeapSnapshotRootPath.prototype.get fullPath):
(WebInspector.HeapSnapshotRootPath.prototype.isRoot):
(WebInspector.HeapSnapshotRootPath.prototype.isEmpty):
(WebInspector.HeapSnapshotRootPath.prototype.isGlobalScope):
(WebInspector.HeapSnapshotRootPath.prototype.isPathComponentImpossible):
(WebInspector.HeapSnapshotRootPath.prototype.isFullPathImpossible):
(WebInspector.HeapSnapshotRootPath.prototype.appendInternal):
(WebInspector.HeapSnapshotRootPath.prototype.appendArrayIndex):
(WebInspector.HeapSnapshotRootPath.prototype.appendPropertyName):
(WebInspector.HeapSnapshotRootPath.prototype.appendVariableName):
(WebInspector.HeapSnapshotRootPath.prototype.appendGlobalScopeName):
(WebInspector.HeapSnapshotRootPath.prototype.appendEdge):
(WebInspector.HeapSnapshotRootPath.prototype._canPropertyNameBeDotAccess):
Helper class, like PropertyPath, for building a string path to
a HeapSnapshotNode. Typically the path is built up with
HeapSnapshotEdges and so you can build a string such as:
window.foo[0]["prop erty"]._foo.

  • UserInterface/Views/HeapAllocationsTimelineView.js:

(WebInspector.HeapAllocationsTimelineView.prototype.showHeapSnapshotList):
(WebInspector.HeapAllocationsTimelineView.prototype.showHeapSnapshotTimelineRecord):
(WebInspector.HeapAllocationsTimelineView.prototype.showHeapSnapshotDiff):
(WebInspector.HeapAllocationsTimelineView.prototype.shown):
(WebInspector.HeapAllocationsTimelineView.prototype.hidden):
(WebInspector.HeapAllocationsTimelineView.prototype.closed):
Propogate shown/hidden to the contentViewContainer.
Cleanup the contentViewContainer when closing.

  • UserInterface/Views/HeapSnapshotInstanceDataGridNode.js:

(WebInspector.HeapSnapshotInstanceDataGridNode.logHeapSnapshotNode):
Helper for logging a HeapSnapshotNode value to the console. If the
path is possible from the root, just output the path in the console
otherwise use a synthetic "Heap Snapshot Object (@1234)" like string.
For strings, just get the preview as we won't get a real RemoteObject.

(WebInspector.HeapSnapshotInstanceDataGridNode.prototype.createCellContent):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler.appendPath):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler.appendPathRow):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler.sanitizeClassName):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler.stringifyEdge):
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler):
Give the @1234 id element a mouseover handler to display a popover
with the path from a root. Stop the path at "Window" if possible
to avoid displaying internals like "JSDOMWindowShell".

  • UserInterface/Views/HeapSnapshotInstancesContentView.css:

(.heap-snapshot .object-id):
(.heap-snapshot .object-id:hover):
(.heap-snapshot > .data-grid tr:not(.selected) td .object-id): Deleted.
(.heap-snapshot .icon):
(.heap-snapshot-instance-popover-content):
(.heap-snapshot-instance-popover-content table):
(.heap-snapshot-instance-popover-content tr):
(.heap-snapshot-instance-popover-content td):
(.heap-snapshot-instance-popover-content td.edge-name):
(.heap-snapshot-instance-popover-content td.object-data):
(.heap-snapshot-instance-popover-content .node):
(.heap-snapshot-instance-popover-content .node *):
Styles for contents of the popover.

  • UserInterface/Views/HeapSnapshotInstancesContentView.js:

(WebInspector.HeapSnapshotInstancesContentView.prototype.hidden):

  • UserInterface/Views/HeapSnapshotInstancesDataGridTree.js:

(WebInspector.HeapSnapshotInstancesDataGridTree):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.get popover):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.get popoverNode):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.set popoverNode):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.hidden):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.willDismissPopover):
Have a single popover for the entire tree. Cache and clear
contents of the popover when appropriate.

9:59 PM Changeset in webkit [198195] by achristensen@apple.com
  • 5 edits in trunk/Source

[WinCairo] Compile fix.
https://bugs.webkit.org/show_bug.cgi?id=155463

Patch by Per Arne Vollan <peavo@outlook.com> on 2016-03-14
Reviewed by Alex Christensen.

Get the NetworkStorageSession object from the document in the same way as other platforms do.

Source/WebCore:

  • loader/CookieJar.cpp:

(WebCore::storageSession):

Source/WebKit/win:

  • WebCoreSupport/WebFrameNetworkingContext.cpp:

(WebFrameNetworkingContext::storageSession):

  • WebCoreSupport/WebFrameNetworkingContext.h:

(WebFrameNetworkingContext::storageSession):

9:39 PM Changeset in webkit [198194] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.22.0.2

New tag.

9:26 PM Changeset in webkit [198193] by bshafiei@apple.com
  • 1 copy in tags/Safari-601.6.9

New tag.

9:08 PM Changeset in webkit [198192] by Yusuke Suzuki
  • 6 edits in trunk/Source/JavaScriptCore

[JSC] Don't reference the properties of @Reflect directly
https://bugs.webkit.org/show_bug.cgi?id=155436

Reviewed by Geoffrey Garen.

Reflect.ownKeys and Reflect.getOwnPropertyDescriptor can be altered with the user-crafted values.
Instead of referencing them directly, let's reference them through private names.

  • builtins/ObjectConstructor.js:

(assign):

  • runtime/CommonIdentifiers.h:
  • runtime/ObjectConstructor.cpp:

(JSC::ObjectConstructor::finishCreation): Deleted.

  • runtime/ReflectObject.cpp:

(JSC::ReflectObject::finishCreation):

  • tests/stress/object-assign-correctness.js:

(runTests.):
(runTests.get let):
(Reflect.ownKeys):
(Reflect.getOwnPropertyDescriptor):
(test.let.handler.switch.case.string_appeared_here.return.get enumerable): Deleted.
(test.let.handler.getOwnPropertyDescriptor): Deleted.
(test.let.handler.ownKeys): Deleted.
(test.let.handler.get getProps): Deleted.
(test.let.handler): Deleted.
(test): Deleted.

9:01 PM Changeset in webkit [198191] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebCore

<attachment> on iOS should paint its progress indicator instead of a green square
https://bugs.webkit.org/show_bug.cgi?id=155482
<rdar://problem/24805991>

Reviewed by Simon Fraser.

No new tests; there are existing tests that will be enabled shortly.

  • rendering/RenderThemeIOS.mm:

(WebCore::getAttachmentProgress):
Clamp progress to 0-1.

(WebCore::paintAttachmentProgress):
Paint a pie.

8:53 PM Changeset in webkit [198190] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.23

New tag.

8:53 PM Changeset in webkit [198189] by Chris Dumez
  • 37 edits in trunk

Unreviewed, rolling out r197981.

Caused a massive PLT regression on Mac.

Reverted changeset:

"Font antialiasing (smoothing) changes when elements are
rendered into compositing layers"
https://bugs.webkit.org/show_bug.cgi?id=23364
http://trac.webkit.org/changeset/197981

8:51 PM Changeset in webkit [198188] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Unreviewed, rolling out r198145.

This attempt to disable the feature did not fix the PLT
regression

Reverted changeset:

"Regression(r197981): Huge regression on Mac PLT"
https://bugs.webkit.org/show_bug.cgi?id=155443
http://trac.webkit.org/changeset/198145

7:19 PM WebKitGTK/2.12.x edited by Michael Catanzaro
(diff)
6:52 PM Changeset in webkit [198187] by Dewei Zhu
  • 4 edits in trunk/Tools

Add twisted-15.5.0 module to webkitpy.thirdparty.autoinstalled.
https://bugs.webkit.org/show_bug.cgi?id=154667

Reviewed by Ryosuke Niwa and Simon Fraser.

Add twisted-15.5.0 to webkitpy.thirdparty.autoinstalled.
Minor fix for twsited_http_server used by run-benchmark that we should only stop http server while recieving 'GET /shutdown'.

  • Scripts/webkitpy/benchmark_runner/http_server_driver/http_server/twisted_http_server.py:

(ServerControl.render_POST): Deleted.

  • Scripts/webkitpy/thirdparty/init.py:

(AutoinstallImportHook.find_module):
(AutoinstallImportHook._install_twisted_15_5_0):

  • Scripts/webkitpy/thirdparty/init_unittest.py:

(ThirdpartyTest.test_imports):

6:40 PM Changeset in webkit [198186] by bshafiei@apple.com
  • 5 edits in branches/safari-601.1.46.101-branch/Source

Versioning.

6:36 PM Changeset in webkit [198185] by bshafiei@apple.com
  • 1 copy in branches/safari-601.1.46.101-branch

New Branch.

6:31 PM Changeset in webkit [198184] by bshafiei@apple.com
  • 5 edits in branches/safari-601.1.46-branch/Source

Versioning.

6:27 PM Changeset in webkit [198183] by weinig@apple.com
  • 2 edits in trunk/Source/WebCore

Remove errant space.

  • page/UserContentController.cpp:
6:21 PM Changeset in webkit [198182] by weinig@apple.com
  • 2 edits in trunk/Source/WebCore

Fix the windows build.

  • page/UserContentController.cpp:
5:59 PM Changeset in webkit [198181] by Brent Fulgham
  • 2 edits in trunk/LayoutTests

REGRESSION (r197114): Crash in WebCore::MediaDevicesRequest::didCompletePermissionCheck
https://bugs.webkit.org/show_bug.cgi?id=155453

Reviewed by Eric Carlson.
<rdar://problem/24879447>

Reviewed by Dan Bates.

Further refinement to test case: Remove use of 'setTimeout', and ensure the code gets
called by using 'testRunner.waitUntilDone()'/'testRunner.notifyDone()'.

  • fast/mediastream/enumerating-crash.html:
5:48 PM Changeset in webkit [198180] by weinig@apple.com
  • 42 edits
    4 adds in trunk/Source

Add a baseURL parameter to _WKUserStyleSheet
https://bugs.webkit.org/show_bug.cgi?id=155219

Reviewed by Tim Horton.

Source/WebCore:

  • Moves to a model for user content where instead of each page having a WebCore::UserContentController object, we have an abstract WebCore::UserContentProvider interface that can be implemented at the WebKit level. For now, legacy WebKit continues to use the old UserContentController, which implements WebCore::UserContentProvider, and WebKit2 implements its own implementation so it can store additional state.
  • WebCore.xcodeproj/project.pbxproj:

Add new files.

  • dom/ExtensionStyleSheets.cpp:

(WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache):
Switch to using forEachUserStyleSheet on the UserContentProvider.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::loadResource):
Remove null check now that we always have a UserContentProvider.

  • loader/EmptyClients.cpp:

(WebCore::fillWithEmptyClients):

  • loader/EmptyClients.h:

Add new EmptyClients.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadResourceSynchronously):
Remove null check now that we always have a UserContentProvider.

  • loader/PingLoader.cpp:

(WebCore::processContentExtensionRulesForLoad):
Remove null check now that we always have a UserContentProvider.

  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::willSendRequestInternal):
Remove null check now that we always have a UserContentProvider.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestResource):
Remove null check now that we always have a UserContentProvider.

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::shouldHaveWebKitNamespaceForWorld):
Remove null checks now that we always have a UserContentProvider, and userMessageHandlerDescriptors
returns a reference.

(WebCore::DOMWindow::open):
Remove null check now that we always have a UserContentProvider.

  • page/Frame.cpp:

(WebCore::Frame::injectUserScripts):
Simplify by lifting document check out of the main loop and using forEachUserScript.

  • page/Page.cpp:

(WebCore::Page::Page):
(WebCore::Page::~Page):
(WebCore::Page::userContentProvider):
(WebCore::Page::setUserContentProvider):
(WebCore::Page::setUserContentController): Deleted.

  • page/Page.h:

(WebCore::Page::userContentController): Deleted.

  • page/PageConfiguration.h:

Store the UserContentProvider in a Ref, and require PageConfigurations to provide one. This
removes a bunch of null checks and simplifies the code.

  • page/UserContentController.cpp:

(WebCore::UserContentController::~UserContentController):
(WebCore::UserContentController::forEachUserScript):
(WebCore::UserContentController::forEachUserStyleSheet):
(WebCore::UserContentController::addUserScript):
(WebCore::UserContentController::removeUserScript):
(WebCore::UserContentController::removeUserScripts):
(WebCore::UserContentController::addUserStyleSheet):
(WebCore::UserContentController::removeUserStyleSheet):
(WebCore::UserContentController::removeUserStyleSheets):
(WebCore::UserContentController::addUserMessageHandlerDescriptor):
(WebCore::UserContentController::removeUserMessageHandlerDescriptor):
(WebCore::UserContentController::addUserContentExtension):
(WebCore::UserContentController::removeUserContentExtension):
(WebCore::UserContentController::removeAllUserContentExtensions):
(WebCore::UserContentController::removeAllUserContent):
(WebCore::UserContentController::addPage): Deleted.
(WebCore::UserContentController::removePage): Deleted.
(WebCore::contentExtensionsEnabled): Deleted.
(WebCore::UserContentController::processContentExtensionRulesForLoad): Deleted.
(WebCore::UserContentController::actionsForResourceLoad): Deleted.

  • page/UserContentController.h:

(WebCore::UserContentController::userScripts): Deleted.
(WebCore::UserContentController::userStyleSheets): Deleted.
(WebCore::UserContentController::userMessageHandlerDescriptors): Deleted.
Add inheritance from UserContentProvider and simplify things by removing unique_ptrs
that were holding the member variables. There is usually only one UserContentController
so having these in unique_ptrs doesn't make much sense.

  • page/UserContentProvider.cpp: Added.

(WebCore::UserContentProvider::UserContentProvider):
(WebCore::UserContentProvider::~UserContentProvider):
(WebCore::UserContentProvider::addPage):
(WebCore::UserContentProvider::removePage):
(WebCore::UserContentProvider::invalidateInjectedStyleSheetCacheInAllFramesInAllPages):
(WebCore::contentExtensionsEnabled):
(WebCore::UserContentProvider::processContentExtensionRulesForLoad):
(WebCore::UserContentProvider::actionsForResourceLoad):

  • page/UserContentProvider.h: Added.

Add abstract class for providing user content and add some helpers on it.

  • page/UserMessageHandlerDescriptor.h:

(WebCore::UserMessageHandlerDescriptor::create):
(WebCore::UserMessageHandlerDescriptor::client):
(WebCore::UserMessageHandlerDescriptor::invalidateClient):

  • page/UserMessageHandlersNamespace.cpp:

(WebCore::UserMessageHandlersNamespace::handler):
Simplify now that userContentProvider() and userMessageHandlerDescriptors() are references.

Source/WebKit/mac:

  • WebView/WebView.mm:

(-[WebView _commonInitializationWithFrameName:groupName:]):
(-[WebView initSimpleHTMLDocumentWithStyle:frame:preferences:groupName:]):
(-[WebView setGroupName:]):
Update to account for the name change from UserContentController -> UserContentProvider.

Source/WebKit2:

  • Moves to a model for user content where instead of using a WebCore::UserContentController object, we implement the new WebCore::UserContentProvider interface (on the existing WebUserContentController object).
  • Uses this to maintain maps of UserStylesSheets and UserScripts along with their identifiers, freeing up the URL, which had been acting as the identifier, to be used as the baseURL which was what it was intended for.
  • Adds a baseURL property to _WKUserStyleSheet.
  • WebKit2.xcodeproj/project.pbxproj:

Add new files.

  • Scripts/webkit/messages.py:

(headers_for_type):
Add support for sending WebUserContentControllerDataTypes.

  • Shared/WebUserContentControllerDataTypes.cpp: Added.

(WebKit::WebUserScriptData::encode):
(WebKit::WebUserScriptData::decode):
(WebKit::WebUserStyleSheetData::encode):
(WebKit::WebUserStyleSheetData::decode):

  • Shared/WebUserContentControllerDataTypes.h: Added.

Add helper types for sending user content over IPC.

  • UIProcess/API/APIUserScript.cpp:

(API::UserScript::generateUniqueURL):
(API::UserScript::UserScript):

  • UIProcess/API/APIUserScript.h:
  • UIProcess/API/APIUserStyleSheet.cpp:

(API::UserStyleSheet::generateUniqueURL):
(API::UserStyleSheet::UserStyleSheet):

  • UIProcess/API/APIUserStyleSheet.h:

Add identifiers for tracking across processes.

  • UIProcess/API/Cocoa/_WKUserStyleSheet.h:
  • UIProcess/API/Cocoa/_WKUserStyleSheet.mm:

(-[_WKUserStyleSheet initWithSource:forMainFrameOnly:legacyWhitelist:legacyBlacklist:baseURL:userContentWorld:]):
(-[_WKUserStyleSheet baseURL]):
Add new initializer which takes a baseURL as well as an accessor for the baseURL.

  • UIProcess/UserContent/WebUserContentControllerProxy.cpp:

(WebKit::WebUserContentControllerProxy::addProcess):
(WebKit::WebUserContentControllerProxy::addUserScript):
(WebKit::WebUserContentControllerProxy::removeUserScript):
(WebKit::WebUserContentControllerProxy::addUserStyleSheet):
(WebKit::WebUserContentControllerProxy::removeUserStyleSheet):
Pass identifiers as well as user content.

  • WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::addUserScript):
(WebKit::InjectedBundle::addUserStyleSheet):
Move user content in via move semantics rather than using a unique_ptr.

(WebKit::InjectedBundle::removeUserScript):
(WebKit::InjectedBundle::removeUserStyleSheet):
(WebKit::InjectedBundle::removeUserScripts):
(WebKit::InjectedBundle::removeUserStyleSheets):
(WebKit::InjectedBundle::removeAllUserContent):
Update for new function signatures.

  • WebProcess/UserContent/WebUserContentController.cpp:

(WebKit::WebUserContentController::WebUserContentController):
(WebKit::WebUserContentController::~WebUserContentController):
(WebKit::WebUserContentController::addUserContentWorlds):
(WebKit::WebUserContentController::removeUserContentWorlds):
(WebKit::WebUserContentController::addUserScripts):
(WebKit::WebUserContentController::removeUserScript):
(WebKit::WebUserContentController::removeAllUserScripts):
(WebKit::WebUserContentController::addUserStyleSheets):
(WebKit::WebUserContentController::removeUserStyleSheet):
(WebKit::WebUserContentController::removeAllUserStyleSheets):
(WebKit::WebUserContentController::addUserScriptMessageHandlers):
(WebKit::WebUserContentController::removeUserScriptMessageHandler):
(WebKit::WebUserContentController::addUserContentExtensions):
(WebKit::WebUserContentController::removeUserContentExtension):
(WebKit::WebUserContentController::removeAllUserContentExtensions):
(WebKit::WebUserContentController::addUserScriptInternal):
(WebKit::WebUserContentController::addUserScript):
(WebKit::WebUserContentController::removeUserScriptWithURL):
(WebKit::WebUserContentController::removeUserScriptInternal):
(WebKit::WebUserContentController::removeUserScripts):
(WebKit::WebUserContentController::addUserStyleSheetInternal):
(WebKit::WebUserContentController::addUserStyleSheet):
(WebKit::WebUserContentController::removeUserStyleSheetWithURL):
(WebKit::WebUserContentController::removeUserStyleSheetInternal):
(WebKit::WebUserContentController::removeUserStyleSheets):
(WebKit::WebUserContentController::removeAllUserContent):
(WebKit::WebUserContentController::forEachUserScript):
(WebKit::WebUserContentController::forEachUserStyleSheet):

  • WebProcess/UserContent/WebUserContentController.h:
  • WebProcess/UserContent/WebUserContentController.messages.in:

Convert to inheriting from UserContentProvider, rather than containing a UserContentController.
This means adding the storage for the user content, which has been simplified to avoid using
unique_ptrs.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::addUserScript):
(WebKit::WebPage::addUserStyleSheet):
(WebKit::WebPage::removeAllUserContent):
Update to call the WebUserContentController, rather than going to the UserContentController, which
no longer exists.

  • WebProcess/WebPage/WebPageGroupProxy.cpp:

(WebKit::WebPageGroupProxy::userContentController):

  • WebProcess/WebPage/WebPageGroupProxy.h:

Return the WebUserContentController rather than old UserContentController.

5:47 PM Changeset in webkit [198179] by enrica@apple.com
  • 4 edits
    1 add
    2 deletes in trunk/Source/WebCore

iOS: RTFD format is not available in the pasteboard after copy/cut.
https://bugs.webkit.org/show_bug.cgi?id=155477
rdar://problem/23500600

Reviewed by Tim Horton.

WebKit is using UTTypeRTFD instead of UTTypeFlatRTFD that is the
proper RTFD format for pastedboard. I also discovered that, when
we create the NSTextAttachment in the NSAttributedString we produce
from the DOM range, we are not generating a file name with the
appropriate extension for the MIME type. The iOS specific implementation
of the MIMETypeRegistry functions were empty.
There is no need to have a differentiation between OS X and iOS, so
we now have only one file called MIMETypeRegistryCocoa.mm.

  • WebCore.xcodeproj/project.pbxproj:
  • platform/cocoa/MIMETypeRegistryCocoa.mm: Added.

(WebCore::MIMETypeRegistry::getMIMETypeForExtension):
(WebCore::MIMETypeRegistry::getExtensionsForMIMEType):
(WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType):
(WebCore::MIMETypeRegistry::isApplicationPluginMIMEType):

  • platform/ios/MIMETypeRegistryIOS.mm: Removed.
  • platform/ios/PasteboardIOS.mm:

(WebCore::Pasteboard::read):
(WebCore::Pasteboard::supportedPasteboardTypes):
(WebCore::Pasteboard::hasData):

  • platform/ios/PlatformPasteboardIOS.mm:

(WebCore::PlatformPasteboard::write):

  • platform/mac/MIMETypeRegistryMac.mm: Removed.
5:39 PM Changeset in webkit [198178] by dbates@webkit.org
  • 9 edits
    4 adds in trunk

Web Inspector: Display Content Security Policy hash in details sidebar for script and style elements
https://bugs.webkit.org/show_bug.cgi?id=155466
<rdar://problem/25152480>

Reviewed by Joseph Pecoraro and Timothy Hatcher.

Source/JavaScriptCore:

Add property contentSecurityPolicyHash to store the CSP hash for an HTML style element or an
applicable HTML script element.

  • inspector/protocol/DOM.json:

Source/WebCore:

For convenience, display the SHA-256 Content Security Policy (CSP) hash in the node details
sidebar for the selected HTML script element or HTML style element. A CSP script hash is
only applicable to inline JavaScript scripts. Therefore, we will display a hash for HTML
script elements only if they do not have a src attribute.

Tests: inspector/dom/csp-big5-hash.html

inspector/dom/csp-hash.html

  • inspector/InspectorDOMAgent.cpp:

(WebCore::computeContentSecurityPolicySHA256Hash): Added.
(WebCore::InspectorDOMAgent::buildObjectForNode): For an applicable HTML script- or style-
element, pass the computed SHA-256 CSP hash to the Inspector front end.

Source/WebInspectorUI:

  • Localizations/en.lproj/localizedStrings.js: Add English localized string for the CSP hash UI label.
  • UserInterface/Models/DOMNode.js:

(WebInspector.DOMNode): Initialize the instance variable this._contentSecurityPolicyHash
with the value passed from the Inspector back end.
(WebInspector.DOMNode.prototype.contentSecurityPolicyHash): Returns the CSP hash for this node.

  • UserInterface/Views/DOMNodeDetailsSidebarPanel.js:

(WebInspector.DOMNodeDetailsSidebarPanel): Append a row to the end of section Identity to display
the CSP hash (if applicable).
(WebInspector.DOMNodeDetailsSidebarPanel.prototype.refresh): Query the underlying WebInspector.DOMNode
for the CSP hash of the selected node.

LayoutTests:

Add tests to ensure that the WebInspector.DOMNode object associated with an HTML style element
or applicable HTML script element has a valid CSP hash.

  • inspector/dom/csp-big5-hash-expected.txt: Added.
  • inspector/dom/csp-big5-hash.html: Added.
  • inspector/dom/csp-hash-expected.txt: Added.
  • inspector/dom/csp-hash.html: Added.
5:22 PM Changeset in webkit [198177] by jh718.park@samsung.com
  • 94 edits in trunk/Source

Purge PassRefPtr from ArrayBuffer, ArchiveResource, Pasteboard, LegacyWebArchive and DataObjectGtk
https://bugs.webkit.org/show_bug.cgi?id=150497

Reviewed by Darin Adler.

Source/JavaScriptCore:

  • runtime/ArrayBuffer.h:

(JSC::ArrayBuffer::create):
(JSC::ArrayBuffer::createAdopted):
(JSC::ArrayBuffer::createFromBytes):
(JSC::ArrayBuffer::createUninitialized):
(JSC::ArrayBuffer::slice):
(JSC::ArrayBuffer::sliceImpl):

Source/WebCore:

No new tests, no new behaviours.

  • Modules/indexeddb/IDBGetResult.h:

(WebCore::IDBGetResult::IDBGetResult):

  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):

  • Modules/mediastream/RTCDataChannel.cpp:

(WebCore::RTCDataChannel::didReceiveRawData):

  • dom/MessageEvent.cpp:

(WebCore::MessageEvent::MessageEvent):

  • dom/MessageEvent.h:
  • editing/Editor.cpp:

(WebCore::Editor::selectedRange):

  • editing/Editor.h:
  • editing/FrameSelection.h:

(WebCore::FrameSelection::toNormalizedRange):

  • editing/VisiblePosition.cpp:

(WebCore::makeRange):

  • editing/VisiblePosition.h:
  • editing/VisibleSelection.cpp:

(WebCore::VisibleSelection::toNormalizedRange):

  • editing/VisibleSelection.h:
  • editing/VisibleUnits.cpp:

(WebCore::enclosingTextUnitOfGranularity):
(WebCore::wordRangeFromPosition):
(WebCore::rangeExpandedByCharactersInDirectionAtWordBoundary):
(WebCore::rangeExpandedAroundPositionByCharacters):

  • editing/VisibleUnits.h:
  • editing/cocoa/HTMLConverter.mm:

(HTMLConverter::_addAttachmentForElement):
(fileWrapperForURL):

  • editing/efl/EditorEfl.cpp:

(WebCore::Editor::webContentFromPasteboard):

  • editing/gtk/EditorGtk.cpp:

(WebCore::createFragmentFromPasteboardData):
(WebCore::Editor::webContentFromPasteboard):

  • editing/ios/EditorIOS.mm:

(WebCore::dataInRTFDFormat):
(WebCore::dataInRTFFormat):
(WebCore::Editor::selectionInWebArchiveFormat):
(WebCore::Editor::WebContentReader::addFragment):
(WebCore::Editor::WebContentReader::readWebArchive):
(WebCore::Editor::WebContentReader::readRTFD):
(WebCore::Editor::WebContentReader::readRTF):
(WebCore::Editor::WebContentReader::readImage):
(WebCore::Editor::WebContentReader::readURL):
(WebCore::Editor::webContentFromPasteboard):
(WebCore::Editor::pasteWithPasteboard):
(WebCore::Editor::createFragmentAndAddResources):
(WebCore::Editor::createFragmentForImageResourceAndAddResource):

  • editing/mac/EditorMac.mm:

(WebCore::Editor::selectionInWebArchiveFormat):
(WebCore::Editor::adjustedSelectionRange):
(WebCore::dataInRTFDFormat):
(WebCore::dataInRTFFormat):
(WebCore::Editor::dataSelectionForPasteboard):
(WebCore::Editor::WebContentReader::readWebArchive):
(WebCore::Editor::WebContentReader::readRTFD):
(WebCore::Editor::WebContentReader::readRTF):
(WebCore::Editor::WebContentReader::readImage):
(WebCore::Editor::WebContentReader::readURL):
(WebCore::Editor::webContentFromPasteboard):
(WebCore::Editor::createFragmentForImageResourceAndAddResource):
(WebCore::Editor::createFragmentAndAddResources):

  • editing/win/EditorWin.cpp:

(WebCore::createFragmentFromPlatformData):
(WebCore::Editor::webContentFromPasteboard):

  • inspector/InspectorPageAgent.cpp:

(WebCore::InspectorPageAgent::archive):

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::mainResourceData):
(WebCore::DocumentLoader::maybeCreateArchive):
(WebCore::DocumentLoader::addArchiveResource):
(WebCore::DocumentLoader::mainResource):

  • loader/DocumentLoader.h:
  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadArchive):

  • loader/SubstituteData.h:

(WebCore::SubstituteData::SubstituteData):
(WebCore::SubstituteData::isValid):

  • loader/SubstituteResource.h:

(WebCore::SubstituteResource::data):
(WebCore::SubstituteResource::SubstituteResource):

  • loader/appcache/ApplicationCacheGroup.cpp:

(WebCore::ApplicationCacheGroup::didReceiveResponse):
(WebCore::ApplicationCacheGroup::didReceiveData):
(WebCore::ApplicationCacheGroup::didFail):
(WebCore::ApplicationCacheGroup::didReceiveManifestData):
(WebCore::ApplicationCacheGroup::didFinishLoadingManifest):

  • loader/appcache/ApplicationCacheHost.cpp:

(WebCore::ApplicationCacheHost::maybeLoadMainResource):
(WebCore::ApplicationCacheHost::maybeLoadSynchronously):
(WebCore::ApplicationCacheHost::maybeLoadFallbackSynchronously):

  • loader/appcache/ApplicationCacheResource.cpp:

(WebCore::ApplicationCacheResource::ApplicationCacheResource):
(WebCore::ApplicationCacheResource::deliver):
(WebCore::ApplicationCacheResource::estimatedSizeInStorage):

  • loader/appcache/ApplicationCacheResource.h:

(WebCore::ApplicationCacheResource::create):

  • loader/appcache/ApplicationCacheStorage.cpp:

(WebCore::ApplicationCacheStorage::store):
(WebCore::ApplicationCacheStorage::writeDataToUniqueFileInDirectory):

  • loader/appcache/ApplicationCacheStorage.h:
  • loader/archive/ArchiveFactory.cpp:

(WebCore::archiveFactoryCreate):
(WebCore::ArchiveFactory::create):

  • loader/archive/ArchiveFactory.h:
  • loader/archive/ArchiveResource.cpp:

(WebCore::ArchiveResource::ArchiveResource):
(WebCore::ArchiveResource::create):

  • loader/archive/ArchiveResource.h:
  • loader/archive/ArchiveResourceCollection.cpp:

(WebCore::ArchiveResourceCollection::addResource):

  • loader/archive/ArchiveResourceCollection.h:
  • loader/archive/cf/LegacyWebArchive.cpp:

(WebCore::LegacyWebArchive::createPropertyListRepresentation):
(WebCore::LegacyWebArchive::createResource):
(WebCore::LegacyWebArchive::create):
(WebCore::LegacyWebArchive::createFromSelection):

  • loader/archive/cf/LegacyWebArchive.h:
  • loader/archive/mhtml/MHTMLArchive.cpp:

(WebCore::MHTMLArchive::create):

  • loader/archive/mhtml/MHTMLArchive.h:
  • loader/archive/mhtml/MHTMLParser.cpp:

(WebCore::MHTMLParser::parseArchive):
(WebCore::MHTMLParser::parseArchiveWithHeader):
(WebCore::MHTMLParser::parseNextPart):

  • loader/archive/mhtml/MHTMLParser.h:
  • loader/cache/CachedImage.cpp:

(WebCore::CachedImage::didAddClient):

  • loader/icon/IconDatabase.cpp:

(WebCore::loadDefaultIconRecord):

  • loader/icon/IconRecord.cpp:

(WebCore::IconRecord::setImageData):

  • loader/icon/IconRecord.h:
  • platform/Pasteboard.h:
  • platform/PasteboardStrategy.h:
  • platform/PlatformPasteboard.h:
  • platform/SharedBuffer.cpp:

(WebCore::SharedBuffer::createArrayBuffer):
(WebCore::utf8Buffer):

  • platform/SharedBuffer.h:

(WebCore::SharedBuffer::create):

  • platform/cf/SharedBufferCF.cpp:

(WebCore::SharedBuffer::wrapCFData):

  • platform/cocoa/NetworkExtensionContentFilter.mm:

(WebCore::NetworkExtensionContentFilter::replacementData):

  • platform/cocoa/ParentalControlsContentFilter.mm:

(WebCore::ParentalControlsContentFilter::replacementData):

  • platform/graphics/Image.cpp:

(WebCore::Image::setData):

  • platform/graphics/Image.h:
  • platform/gtk/DataObjectGtk.cpp:

(WebCore::DataObjectGtk::forClipboard):

  • platform/gtk/DataObjectGtk.h:

(WebCore::DataObjectGtk::create):

  • platform/gtk/PasteboardGtk.cpp:

(WebCore::Pasteboard::Pasteboard):
(WebCore::Pasteboard::dataObject):

  • platform/ios/PasteboardIOS.mm:

(WebCore::Pasteboard::read):

  • platform/ios/PlatformPasteboardIOS.mm:

(WebCore::PlatformPasteboard::bufferForType):
(WebCore::PlatformPasteboard::readBuffer):

  • platform/mac/PasteboardMac.mm:

(WebCore::writeFileWrapperAsRTFDAttachment):
(WebCore::Pasteboard::read):

  • platform/mac/PlatformPasteboardMac.mm:

(WebCore::PlatformPasteboard::bufferForType):

  • platform/mac/SharedBufferMac.mm:

(WebCore::SharedBuffer::wrapNSData):
(WebCore::SharedBuffer::createFromReadingFile):

  • platform/network/MIMEHeader.cpp:

(WebCore::retrieveKeyValuePairs):
(WebCore::MIMEHeader::parseHeader):

  • platform/network/MIMEHeader.h:
  • platform/soup/SharedBufferSoup.cpp:

(WebCore::SharedBuffer::wrapSoupBuffer):

  • platform/win/ClipboardUtilitiesWin.cpp:

(WebCore::fragmentFromFilenames):
(WebCore::fragmentFromCFHTML):
(WebCore::fragmentFromHTML):

  • platform/win/ClipboardUtilitiesWin.h:
  • platform/win/PasteboardWin.cpp:

(WebCore::Pasteboard::documentFragment):

Source/WebKit/mac:

  • DOM/WebDOMOperations.mm:

(-[DOMNode webArchive]):
(-[DOMNode webArchiveByFilteringSubframes:]):

  • WebCoreSupport/WebPlatformStrategies.h:
  • WebCoreSupport/WebPlatformStrategies.mm:

(WebPlatformStrategies::bufferForType):
(WebPlatformStrategies::readBufferFromPasteboard):

  • WebView/WebArchive.mm:

(-[WebArchive initWithData:]):

  • WebView/WebDataSource.mm:

(-[WebDataSource webArchive]):
(-[WebDataSource addSubresource:]):

  • WebView/WebResource.mm:

(-[WebResource encodeWithCoder:]):
(-[WebResource data]):
(-[WebResource _stringValue]):
(-[WebResource _initWithCoreResource:]): Deleted.

Source/WebKit/win:

  • WebArchive.cpp:

(WebArchive::initWithNode):

Source/WebKit2:

  • Shared/APIWebArchive.mm:

(API::WebArchive::WebArchive):

  • Shared/APIWebArchiveResource.mm:

(API::WebArchiveResource::data):

  • WebProcess/Plugins/PDF/DeprecatedPDFPlugin.mm:

(WebKit::PDFPlugin::addArchiveResource):

  • WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:

(WebKit::WebPlatformStrategies::bufferForType):
(WebKit::WebPlatformStrategies::readBufferFromPasteboard):

  • WebProcess/WebCoreSupport/WebPlatformStrategies.h:
  • WebProcess/WebCoreSupport/ios/WebEditorClientIOS.mm:

(WebKit::WebEditorClient::documentFragmentFromAttributedString):

  • WebProcess/WebCoreSupport/mac/WebDragClientMac.mm:

(WebKit::WebDragClient::declareAndWriteDragImage):

  • WebProcess/WebPage/WebFrame.cpp:

(WebKit::WebFrame::webArchiveData):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::resourceDataForFrame):

4:35 PM Changeset in webkit [198176] by benjamin@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Andy VanWagoner no longer has time to own Intl

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-14

  • features.json:

Andy is busy with other things.

Andy, thanks for your amazing work on Intl and your dedication
to making things right.

4:35 PM Changeset in webkit [198175] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION(r197974): HeapAllocationsTimelineView broken, doesn't handle Timeline Sidebar Navigation removal
https://bugs.webkit.org/show_bug.cgi?id=155458
<rdar://problem/25150803>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-14
Reviewed by Timothy Hatcher.

  • UserInterface/Views/HeapAllocationsTimelineView.js:

(WebInspector.HeapAllocationsTimelineView):
(WebInspector.HeapAllocationsTimelineView.prototype.showHeapSnapshotTimelineRecord):
(WebInspector.HeapAllocationsTimelineView.prototype.get selectionPathComponents):
(WebInspector.HeapAllocationsTimelineView.prototype.layout):
(WebInspector.HeapAllocationsTimelineView.prototype._compareHeapSnapshotsClicked):
(WebInspector.HeapAllocationsTimelineView.prototype._dataGridNodeSelected):
(WebInspector.HeapAllocationsTimelineView.prototype.get navigationSidebarTreeOutlineLabel): Deleted.
Update the TimelineView now that there is no sidebar.
Remove any TreeOutline logic and replace with DataGrid logic.

4:33 PM Changeset in webkit [198174] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION(r198026): Can't click on Snapshot in Timeline Overview
https://bugs.webkit.org/show_bug.cgi?id=155457
<rdar://problem/25150706>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-14
Reviewed by Timothy Hatcher.

  • UserInterface/Views/TimelineRuler.js:

(WebInspector.TimelineRuler.prototype._handleClick):
The conditional was accidentally inverted in r198026.

4:31 PM Changeset in webkit [198173] by Julien Brianceau
  • 2 edits in trunk/Source/JavaScriptCore

[mips] Fix unaligned access in LLINT.
https://bugs.webkit.org/show_bug.cgi?id=153228

Address loads used with btbxx opcodes were wrongly converted to lw
instruction instead of lbu, leading to unaligned access on mips
platforms. This is not a bug as it's silently fixed up by kernel,
but it's more efficient to avoid unaligned accesses for mips.

Reviewed by Geoffrey Garen.

  • offlineasm/mips.rb:
4:28 PM Changeset in webkit [198172] by bshafiei@apple.com
  • 8 edits in tags/Safari-602.1.22.2/Source

Merged r198167. rdar://problem/25128146

4:28 PM Changeset in webkit [198171] by fpizlo@apple.com
  • 9 edits in trunk

REGRESSION(r194394): >2x slow-down on CDjs
https://bugs.webkit.org/show_bug.cgi?id=155471

Unreviewed (rollout).

Source/JavaScriptCore:

This revision changes localeCompare() so that it's *much* slower than before. It's
understandable that sometimes things will get a tiny bit slower when implementing new
language features, but more than 2x regression on a major benchmark is not OK.

This rolls out that change. We can reland it once we think about how to do it in a
performant way.

  • builtins/StringPrototype.js:

(search):
(localeCompare): Deleted.

  • runtime/StringPrototype.cpp:

(JSC::StringPrototype::finishCreation):

LayoutTests:

  • js/dom/script-tests/string-prototype-properties.js:
  • js/dom/string-prototype-properties-expected.txt:
  • js/script-tests/string-localeCompare.js:
  • js/string-localeCompare-expected.txt:
  • js/string-localeCompare.html:
4:26 PM Changeset in webkit [198170] by bshafiei@apple.com
  • 5 edits in tags/Safari-602.1.22.2/Source

Versioning.

4:23 PM Changeset in webkit [198169] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.22.2

New tag.

4:20 PM Changeset in webkit [198168] by mark.lam@apple.com
  • 8 edits in trunk

Need to distinguish between Symbol() and Symbol("").
https://bugs.webkit.org/show_bug.cgi?id=155438

Reviewed by Saam Barati.

Source/JavaScriptCore:

  • runtime/PrivateName.h:

(JSC::PrivateName::PrivateName):

Source/WTF:

While toString of both Symbol() and Symbol("") yields "Symbol()", Function.name
should yield "" and "[]" respectively. Hence, we need to tell between the two.
This functionality will be needed later in https://bugs.webkit.org/show_bug.cgi?id=155437.

We achieve this by creating another singleton instance like the empty StringImpl
as the null StringImpl. isNullSymbol() tests if the Stringimpl instance is a
symbol, and its substring is the null() singleton.

  • wtf/text/StringImpl.cpp:

(WTF::StringImpl::createSymbol):
(WTF::StringImpl::createNullSymbol):
(WTF::StringImpl::containsOnlyWhitespace):
(WTF::StringImpl::createSymbolEmpty): Deleted.

  • wtf/text/StringImpl.h:

(WTF::StringImpl::tryCreateUninitialized):
(WTF::StringImpl::stringKind):
(WTF::StringImpl::isSymbol):
(WTF::StringImpl::isAtomic):
(WTF::StringImpl::isNullSymbol):

  • wtf/text/StringStatics.cpp:

(WTF::StringImpl::null):

Tools:

  • TestWebKitAPI/Tests/WTF/StringImpl.cpp:

(TestWebKitAPI::TEST):

  • Test that the a symbol with an empty string is not equivalent to a null symbol.
4:14 PM Changeset in webkit [198167] by oliver@apple.com
  • 8 edits in trunk/Source

Temporarily disable the separated heap.
https://bugs.webkit.org/show_bug.cgi?id=155472

Reviewed by Geoffrey Garen.

Temporarily disable this.

  • Configurations/FeatureDefines.xcconfig:
3:58 PM Changeset in webkit [198166] by Beth Dakin
  • 3 edits in trunk/Source/WebKit2

[iOS] WKPreviewAction conforms to NSCopying but doesn’t override -
copyWithZone:
https://bugs.webkit.org/show_bug.cgi?id=155395

Reviewed by Sam Weinig.

  • UIProcess/API/Cocoa/WKPreviewActionItem.mm:

(-[WKPreviewAction copyWithZone:]):

3:38 PM Changeset in webkit [198165] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking js/funcion-apply.html as flaky on mac debug
https://bugs.webkit.org/show_bug.cgi?id=155411

Unreviewed test gardening.

  • platform/mac/TestExpectations:
3:22 PM Changeset in webkit [198164] by timothy@apple.com
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: cssmin.py does not handle calc(var(--toolbar-height) + var(--tab-bar-height))

https://bugs.webkit.org/show_bug.cgi?id=155464
rdar://problem/25152196

Reviewed by Joseph Pecoraro.

  • Scripts/cssmin.py:

(cssminify): Check for var when stripping spaces around + and -.

  • UserInterface/Views/TimelineOverview.js:

(WebInspector.TimelineOverview.prototype._viewModeDidChange):
Drive-by fix to add a missing semi-colon found by the copy-user-interface-resources-dryrun.rb script.

3:08 PM Changeset in webkit [198163] by tonikitoo@webkit.org
  • 4 edits
    6 adds in trunk

Selecting with shift+drag results in unexpected drag-n-drop
https://bugs.webkit.org/show_bug.cgi?id=155314

Reviewed by Darin Adler.

Source/WebCore:

Test: editing/selection/shift-drag-selection-no-drag-n-drop.html

Whenever user tries to extend an existing text selection by dragging the mouse
(left button hold) with shift key pressed, WebKit enters drag-n-drop mode.
This behavior does not match common editing behavior out there, including other
browsers' (Firefox, Opera/Presto and IE).

Patch changes WebKit so that whenever one extends a selection with mouse
and shift key pressed off of a #text node, it does not enter drag-n-drop mode.

Additionally, patch also adds some further tests to ensure that when
selection is extended off of either a link or an image, drag-n-drop does
get triggered, no matter if shift key is pressed.

  • page/EventHandler.cpp:

(WebCore::EventHandler::handleMousePressEvent):

LayoutTests:

Tests that ensure that WebKit:

1) does not enter drag-n-drop mode and extending selection by dragging with mouse with shift key is pressed,

off of a #text node.

2) does enter drag-n-drop mode and extending selection by dragging with mouse with shift key is pressed,

off of a link.

3) does enter drag-n-drop mode and extending selection by dragging with mouse with shift key is pressed,

off of an image.

Note that (1) is a behavior changed by this patch, whereas (2) and (3) represent existing
behavior that is kept.
Tests are also skip for iOS similarly to other drag-n-drop related tests.

  • fast/events/shift-drag-selection-no-drag-n-drop-expected.txt: Added.
  • fast/events/shift-drag-selection-no-drag-n-drop.html: Added.
  • fast/events/shift-drag-selection-on-link-triggers-drag-n-drop-expected.txt: Added.
  • fast/events/shift-drag-selection-on-link-triggers-drag-n-drop.html: Added.
  • fast/events/shift-drag-selection-on-image-triggers-drag-n-drop-expected.txt: Added.
  • fast/events/shift-drag-selection-on-image-triggers-drag-n-drop.html: Added.
3:03 PM Changeset in webkit [198162] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking storage/indexeddb/transaction-abort-private.html as flaky on mac-wk1
https://bugs.webkit.org/show_bug.cgi?id=155067

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
3:03 PM Changeset in webkit [198161] by Ryan Haddad
  • 3 edits in trunk/LayoutTests

Skip test storage/indexeddb/odd-strings.html
https://bugs.webkit.org/show_bug.cgi?id=154975

Unreviewed test gardening.

Removing duplicate expectation for test and skipping since it fails or times out on every run.

2:53 PM Changeset in webkit [198160] by Brent Fulgham
  • 3 edits
    2 adds in trunk

REGRESSION (r197114): Crash in WebCore::MediaDevicesRequest::didCompletePermissionCheck
https://bugs.webkit.org/show_bug.cgi?id=155453
<rdar://problem/24879447>

Reviewed by Daniel Bates.

Source/WebCore:

Tested by fast/mediastream/enumerating-crash.html.

  • Modules/mediastream/MediaDevicesRequest.cpp:

(WebCore::MediaDevicesRequest::didCompletePermissionCheck): Prevent UserMediaPermissionCheck object from being
destroyed before the method completes.

LayoutTests:

  • fast/mediastream/enumerating-crash-expected.txt: Added.
  • fast/mediastream/enumerating-crash.html: Added.
2:50 PM Changeset in webkit [198159] by commit-queue@webkit.org
  • 6 edits in trunk/Source

Reduce generated JSON HeapSnapshot size
https://bugs.webkit.org/show_bug.cgi?id=155460

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-14
Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

Adjust the HeapSnapshot JSON to better reduce its size.
Changes include:

  • avoid inner array groups and instead just have a large array for nodes/edges. This removes lots of small array allocations.
  • eliminate duplicate edges
  • avoid duplicating edge names by including them in their own table;
  • now both the nodes and edges lists hold only integers
  • heap/HeapSnapshotBuilder.cpp:

(JSC::HeapSnapshotBuilder::json):
Add some more documentation for the slightly modified format.
While generating, clear data structures as early as possible.

  • heap/HeapSnapshotBuilder.h:

(JSC::HeapSnapshotEdge::HeapSnapshotEdge):
During JSON building, the edge's cell pointers are converted to the
identifier they point to. This avoids having to re-lookup the identifier.

  • tests/heapProfiler/driver/driver.js:

(CheapHeapSnapshotEdge):
(CheapHeapSnapshot):
(CheapHeapSnapshot.prototype.edgeNameFromTableIndex):
(HeapSnapshot):
Update test driver for slightly different snapshot format.

Source/WebInspectorUI:

  • UserInterface/Models/HeapSnapshot.js:

(WebInspector.HeapSnapshot.fromPayload):
Update for the slightly modified format.

2:44 PM Changeset in webkit [198158] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Unreviewed, rolling out r198095.
https://bugs.webkit.org/show_bug.cgi?id=155467

Made text look poor (Requested by JoePeck on #webkit).

Reverted changeset:

"Web Inspector: Large repaints when typing any character in
console"
https://bugs.webkit.org/show_bug.cgi?id=155387
http://trac.webkit.org/changeset/198095

2:33 PM WebKitGTK/2.10.x edited by clopez@igalia.com
(diff)
2:32 PM Changeset in webkit [198157] by Simon Fraser
  • 2 edits in trunk/Source/WebCore

Fix crash when reloading a page using requestAnimationFrame on iOS
https://bugs.webkit.org/show_bug.cgi?id=155465
rdar://problem/25100202

Reviewed by Tim Horton.

On iOS, it's possible for all clients for a DisplayRefreshMonitor
to be unregistered, but still get a subsequent displayDidRefresh() for that monitor.
In this case, we would remove(notFound) which release-asserts.

Fix by just checking for notFound.

Unable to test because requestAnimationFrame doesn't work in the simulator.

  • platform/graphics/DisplayRefreshMonitorManager.cpp:

(WebCore::DisplayRefreshMonitorManager::displayDidRefresh):

2:16 PM Changeset in webkit [198156] by andersca@apple.com
  • 3 edits in trunk/Source/WebKit2

Remove usage of -[UIGestureRecognizer requireOtherGestureToFail:]
https://bugs.webkit.org/show_bug.cgi?id=155461
rdar://problem/25143282

Reviewed by Beth Dakin.

Use -[UIGestureRecognizer requireGestureRecognizerToFail:] instead, which has been API ever since UIGestureRecognizer was added.

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _createAndConfigureDoubleTapGestureRecognizer]):

1:55 PM Changeset in webkit [198155] by peavo@outlook.com
  • 3 edits in trunk/Source/WebCore

[WinCairo][MediaFoundation] Implement float versions of MediaPlayer methods.
https://bugs.webkit.org/show_bug.cgi?id=155357

Reviewed by Brent Fulgham.

It is better to implement the float versions of some of the MediaPlayer methods,
since the default implementation of the double versions is to call the float version.
Also added override keyword to overridden methods.

  • platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:

(WebCore::MediaPlayerPrivateMediaFoundation::seeking):
(WebCore::MediaPlayerPrivateMediaFoundation::seek):
(WebCore::MediaPlayerPrivateMediaFoundation::setRate):
(WebCore::MediaPlayerPrivateMediaFoundation::duration):
(WebCore::MediaPlayerPrivateMediaFoundation::currentTime):
(WebCore::MediaPlayerPrivateMediaFoundation::seekDouble): Deleted.
(WebCore::MediaPlayerPrivateMediaFoundation::setRateDouble): Deleted.
(WebCore::MediaPlayerPrivateMediaFoundation::durationDouble): Deleted.

  • platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:
1:55 PM Changeset in webkit [198154] by keith_miller@apple.com
  • 26 edits
    1 add in trunk/Source/JavaScriptCore

We should be able to eliminate cloned arguments objects that use the length property
https://bugs.webkit.org/show_bug.cgi?id=155391

Reviewed by Geoffrey Garen.

Previously if a programmer tried to use arguments.length in a strict function we would not eliminate the
arguments object. We were unable to eliminate the arguments object because the user would get a cloned arguments
object, which does not special case the length property. Thus, in order to get arguments elimination for cloned
we need to add a special case. There are two things that need to happen for the elimination to succeed.

First, we need to eliminate the CheckStructure blocking the GetByOffset for the length property. In order to
eliminate the check structure we need to prove to the Abstract Interpreter that this structure check is
unnesssary. This didn't occur before for two reasons: 1) CreateClonedArguments did not set the structure it
produced. 2) Even if CreateClonedArguments provided the global object's cloned arguments structure we would
transition the new argements object when we added the length property during construction. To fix the second
problem we now pre-assign a slot on clonedArgumentsStructure for the length property. Additionally, in order to
prevent future transitions of the structure we need to choose an indexing type for the structure. Since, not
eliminating the arguments object is so expensive we choose to have all cloned arguments start with continuous
indexing type, this avoids transitioning when otherwise we would not have to. In the future we should be smarter
about choosing the indexing type but since its relatively rare to have a arguments object escape we don't worry
about this for now.

Additionally, this patch renames all former references of outOfBandArguments to clonedArguments and adds
extra instrumentation to DFGArgumentsEliminationPhase.

  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • bytecode/ValueRecovery.h:

(JSC::ValueRecovery::clonedArgumentsThatWereNotCreated):
(JSC::ValueRecovery::outOfBandArgumentsThatWereNotCreated): Deleted.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGArgumentsEliminationPhase.cpp:
  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

  • dfg/DFGOperations.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCreateClonedArguments):

  • dfg/DFGStructureRegistrationPhase.cpp:

(JSC::DFG::StructureRegistrationPhase::run):

  • dfg/DFGVariableEventStream.cpp:

(JSC::DFG::VariableEventStream::tryToSetConstantRecovery):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileCreateClonedArguments):

  • ftl/FTLOperations.cpp:

(JSC::FTL::operationMaterializeObjectInOSR):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):

  • jit/JIT.h:
  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_create_cloned_arguments):
(JSC::JIT::emit_op_create_out_of_band_arguments): Deleted.

  • llint/LowLevelInterpreter.asm:
  • runtime/ClonedArguments.cpp:

(JSC::ClonedArguments::ClonedArguments):
(JSC::ClonedArguments::createEmpty):
(JSC::ClonedArguments::createWithInlineFrame):
(JSC::ClonedArguments::createByCopyingFrom):
(JSC::ClonedArguments::createStructure):

  • runtime/ClonedArguments.h:
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::clonedArgumentsStructure):
(JSC::JSGlobalObject::outOfBandArgumentsStructure): Deleted.

1:54 PM Changeset in webkit [198153] by andersca@apple.com
  • 2 edits in trunk/Source/WebKit2

REGRESSION (r191691): Can't Share Selected Text
https://bugs.webkit.org/show_bug.cgi?id=155459
rdar://problem/24893625

Reviewed by Tim Horton.

Add the selected text as well. Somehow this got lost in the refactoring.

  • UIProcess/mac/WebContextMenuProxyMac.mm:

(WebKit::WebContextMenuProxyMac::createShareMenuItem):

1:27 PM Changeset in webkit [198152] by timothy_horton@apple.com
  • 10 edits in trunk/Source

Revert r194125 and r194186: We're going to fix this a different way.

  • page/EventHandler.cpp:

(WebCore::EventHandler::clear):

  • page/EventHandler.h:
  • Shared/NativeWebGestureEvent.h:
  • Shared/mac/NativeWebGestureEventMac.mm:

(WebKit::pointForEvent):
(WebKit::NativeWebGestureEvent::NativeWebGestureEvent):
(WebKit::distanceForTouches): Deleted.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView selectFindMatch:completionHandler:]):
(-[WKWebView _web_superInputContext]):
(-[WKWebView touchesBeganWithEvent:]): Deleted.
(-[WKWebView touchesMovedWithEvent:]): Deleted.
(-[WKWebView touchesEndedWithEvent:]): Deleted.
(-[WKWebView touchesCancelledWithEvent:]): Deleted.

  • UIProcess/API/mac/WKView.mm:

(-[WKView namesOfPromisedFilesDroppedAtDestination:]):
(-[WKView initWithFrame:processPool:configuration:webView:]):
(-[WKView touchesBeganWithEvent:]): Deleted.
(-[WKView touchesMovedWithEvent:]): Deleted.
(-[WKView touchesEndedWithEvent:]): Deleted.
(-[WKView touchesCancelledWithEvent:]): Deleted.

  • UIProcess/Cocoa/WebViewImpl.h:
  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::WebViewImpl):
(WebKit::WebViewImpl::magnifyWithEvent):
(WebKit::WebViewImpl::smartMagnifyWithEvent):
(WebKit::WebViewImpl::rotateWithEvent):
(WebKit::WebViewImpl::touchesOrderedByAge): Deleted.
(WebKit::WebViewImpl::touchesBeganWithEvent): Deleted.
(WebKit::WebViewImpl::touchesMovedWithEvent): Deleted.
(WebKit::WebViewImpl::touchesEndedWithEvent): Deleted.
(WebKit::WebViewImpl::touchesCancelledWithEvent): Deleted.

1:13 PM Changeset in webkit [198151] by youenn.fablet@crf.canon.fr
  • 7 edits in trunk

[Fetch API] FetchLoader should check for empty bodies
https://bugs.webkit.org/show_bug.cgi?id=155440

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/request/request-consume-empty-expected.txt:
  • web-platform-tests/fetch/api/request/request-consume-empty.html:
  • web-platform-tests/fetch/api/response/response-consume-empty-expected.txt:
  • web-platform-tests/fetch/api/response/response-consume-empty.html:

Source/WebCore:

Covered by added tests.

  • Modules/fetch/FetchLoader.cpp:

(WebCore::FetchLoader::didFinishLoading): returning empty array buffer/empty string if no data received during loading.

1:07 PM Changeset in webkit [198150] by sbarati@apple.com
  • 6 edits in trunk/Source/JavaScriptCore

[ES6] Make JSON.stringify ES6 compatible
https://bugs.webkit.org/show_bug.cgi?id=155448

Reviewed by Sam Weinig and Mark Lam.

We weren't following the spec with respect to the "toJSON" property
of the thing being stringified. We were perform hasProperty(.)
on "toJSON" instead of get(.). This patch changes it our
implementation to perform get(value, "toJSON").

  • runtime/JSCJSValue.h:
  • runtime/JSCJSValueInlines.h:

(JSC::JSValue::isFunction):
(JSC::JSValue::isCallable):

  • runtime/JSONObject.cpp:

(JSC::Stringifier::toJSON):
(JSC::Stringifier::toJSONImpl):
(JSC::Stringifier::appendStringifiedValue):

  • tests/es6.yaml:
  • tests/stress/proxy-json.js:

(test):
(test.let.handler.get assert):
(test.let.handler):

1:06 PM Changeset in webkit [198149] by andersca@apple.com
  • 6 edits in trunk/Source

Fix build.

Source/WebKit/mac:

Ignore nullability warnings, create an empty PDF selection.

  • WebView/WebPDFView.mm:

(-[WebPDFView centerSelectionInVisibleArea:]):
(-[WebPDFView searchFor:direction:caseSensitive:wrap:startInSelection:]):
(+[WebPDFView _PDFSelectionClass]):
(-[WebPDFView _nextMatchFor:direction:caseSensitive:wrap:fromSelection:startInSelection:]):

Source/WebKit2:

Create an empty PDF selection.

  • Shared/mac/PDFKitImports.h:
  • Shared/mac/PDFKitImports.mm:

(WebKit::pdfSelectionClass):

  • WebProcess/Plugins/PDF/DeprecatedPDFPlugin.mm:

(WebKit::PDFPlugin::nextMatchForString):

12:40 PM Changeset in webkit [198148] by sbarati@apple.com
  • 6 edits in trunk

[ES6] Disallow var assignments in for-in loops
https://bugs.webkit.org/show_bug.cgi?id=155451

Reviewed by Mark Lam.

Source/JavaScriptCore:

We're doing this in its own patch instead of the patch for https://bugs.webkit.org/show_bug.cgi?id=155384
because last time we made this change it broke some websites. Lets try making
it again because it's what the ES6 mandates. If it still breaks things we will
roll it out.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseForStatement):

LayoutTests:

  • js/parser-syntax-check-expected.txt:
  • js/script-tests/parser-syntax-check.js:
12:33 PM Changeset in webkit [198147] by Beth Dakin
  • 3 edits in trunk/Source/WebKit2

Unable to commit previews in Mobile Safari
https://bugs.webkit.org/show_bug.cgi?id=155450
-and corresponding-
rdar://problem/25135529

Reviewed by Tim Horton.

_uiDelegateProvidedPreviewingViewController was being consulted before
invoking the old SPI, which was always wrong. It should have been consulted
before calling the new API! But also, it doesn’t seem to be necessary at all
since [WKContentView _previewItemController:commitPreview:] is only invoked
when a custom view controller has been provided.

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _registerPreview]):
(-[WKContentView _unregisterPreview]):
(-[WKContentView _interactionShouldBeginFromPreviewItemController:forPosition:]):
(-[WKContentView _presentedViewControllerForPreviewItemController:]):
(-[WKContentView _previewItemController:commitPreview:]):

12:15 PM Changeset in webkit [198146] by bshafiei@apple.com
  • 5 edits in branches/safari-601-branch/Source

Versioning.

12:01 PM Changeset in webkit [198145] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Regression(r197981): Huge regression on Mac PLT
https://bugs.webkit.org/show_bug.cgi?id=155443
<rdar://problem/25113391>

Reviewed by Gavin Barraclough.

We have experience a huge regression on Mac PLT after r197981, so
disable the feature until the performance issue is resolved.

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayer::supportsSmoothedLayerText):

11:38 AM Changeset in webkit [198144] by sbarati@apple.com
  • 7 edits in trunk

assignments in for-in/for-of header not allowed
https://bugs.webkit.org/show_bug.cgi?id=155384

Reviewed by Darin Adler.

Source/JavaScriptCore:

This patch prevents assignments to the loop variable
in for in/of loops in all but one situation. The following
syntax is still allowed even though the spec prevents it:
`
for (var i = X in blah) ;
`
If the loop contains let/const, destructuring, or is a for-of
loop, we always throw a syntax error if there is an assignment.
We can do this with full backwards compatibility.
We only allow the above type of for-in loops because Oliver told
me that when he tried to make such programs illegal he ran
into real websites breaking.

This patch also removed the !::CreatesAST compile-time branch when checking
assignments to new.target. This was a dangerous thing for me
to introduce into our parser. There are times where ::CreatesAST
is true but we also want to check for syntax errors. For example,
when parsing the top-level AST of a program. Though this check
was technically correct, it's dangerous to have. It was correct
because we would always be reparsing the new.target assignment
because new.target is only allowed inside a function. That made it
so that (!::CreatesAST <=> we care about new.target assignment syntax errors).
But, (!::CreatesAST <=> we care about syntax error X) is not true in general.
I think it's safer to remove such code.

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createNewTargetExpr):
(JSC::ASTBuilder::isNewTarget):
(JSC::ASTBuilder::createResolve):

  • parser/Nodes.h:

(JSC::ExpressionNode::isBoolean):
(JSC::ExpressionNode::isSpreadExpression):
(JSC::ExpressionNode::isSuperNode):
(JSC::ExpressionNode::isNewTarget):
(JSC::ExpressionNode::isBytecodeIntrinsicNode):

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseForStatement):
(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::Parser<LexerType>::parseUnaryExpression):

LayoutTests:

  • js/parser-syntax-check-expected.txt:
  • js/script-tests/parser-syntax-check.js:
11:29 AM Changeset in webkit [198143] by Brent Fulgham
  • 7 edits in trunk/Source

PingHandle delete's itself but pointer is still used by handleDataURL
https://bugs.webkit.org/show_bug.cgi?id=154752
<rdar://problem/24872347>

Source/WebCore:

Patch by Chris Vienneau <chris.vno@outlook.com> on 2016-03-14
Reviewed by Alex Christensen.

When a PingHandle is destroyed, we should tell its client so that the client can clear the pointer it
holds to the element to avoid accidentally attempting to use deallocated memory.

The ResourceHandle's client member may be null after "didReceiveResponse" is called. We should confirm
the client is still valid after these calls.

  • platform/network/DataURL.cpp:

(WebCore::handleDataURL): Check the client pointer before using it.

  • platform/network/PingHandle.h:

(WebCore::PingHandle::~PingHandle): Notify the client we are being destroyed.

  • platform/platform/network/ResourceHandle.h:

Source/WebKit2:

Reviewed by Alex Christensen.

When a PingLoad is destroyed, we should tell its client so that the client can clear the pointer it
holds to the element to avoid accidentally attempting to use deallocated memory.

  • NetworkProcess/PingLoad.h:

(WebKit::PingLoad::~PingLoad): Notify the client we are being destroyed.

11:13 AM Changeset in webkit [198142] by Alan Bujtas
  • 3 edits
    2 adds in trunk

Negative outline offset could break curved outline-style: auto
https://bugs.webkit.org/show_bug.cgi?id=155416

Reviewed by Tim Horton.

When radius becomes negative the rounded rect could end up being un-renderable -> no rounded corners at all.

Source/WebCore:

Test: fast/inline/hidpi-outline-auto-negative-offset-with-border-radius.html

  • platform/graphics/PathUtilities.cpp:

(WebCore::adjustedtRadiiForHuggingCurve):

LayoutTests:

  • fast/inline/hidpi-outline-auto-negative-offset-with-border-radius-expected.html: Added.
  • fast/inline/hidpi-outline-auto-negative-offset-with-border-radius.html: Added.
11:09 AM Changeset in webkit [198141] by ddkilzer@apple.com
  • 3 edits in trunk/Tools

Remove blank lines after #include "config.h"

Follow-up fix from review comments on Bug 155394.

  • TestWebKitAPI/PlatformUtilities.cpp:
  • TestWebKitAPI/Tests/WTF/RefLogger.cpp:
11:01 AM Changeset in webkit [198140] by Alan Bujtas
  • 5 edits
    2 adds in trunk

[Outline: auto] Fractional radius value could result in non-renderable rounded border.
https://bugs.webkit.org/show_bug.cgi?id=155420

Reviewed by Tim Horton.

RoundedRect::pixelSnappedRoundedRectForPainting ensures that the rounded rect is always renderable.

Source/WebCore:

Test: fast/inline/hidpi-outline-auto-with-fractional-radius.html

  • platform/graphics/PathUtilities.cpp:

(WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):

  • platform/graphics/PathUtilities.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::paintFocusRing):

LayoutTests:

  • fast/inline/hidpi-outline-auto-with-fractional-radius-expected.html: Added.
  • fast/inline/hidpi-outline-auto-with-fractional-radius.html: Added.
10:53 AM WebKitIDL edited by youenn.fablet@crf.canon.fr
(diff)
10:30 AM Changeset in webkit [198139] by youenn.fablet@crf.canon.fr
  • 1 edit in trunk/LayoutTests/TestExpectations

Unreviewed.
Marking imported/fetch/api/request/request-consume.html as flaky on debug builds.

10:22 AM Changeset in webkit [198138] by Alan Bujtas
  • 3 edits
    2 adds in trunk

Outline: auto has sharp corners with single line contenteditable.
https://bugs.webkit.org/show_bug.cgi?id=155418

Reviewed by Tim Horton.

Multiple rectangles assumed multiline content and it broke bottomLeft and bottomRight corner check.
This patch adds fast path for polygons with 4 corners.

Source/WebCore:

Test: fast/inline/hidpi-outline-auto-with-one-focusring-rect.html

  • platform/graphics/PathUtilities.cpp:

(WebCore::cornerType):
(WebCore::cornerTypeForMultiline):
(WebCore::rectFromPolygon):
(WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):

LayoutTests:

  • fast/inline/hidpi-outline-auto-with-one-focusring-rect-expected.html: Added.
  • fast/inline/hidpi-outline-auto-with-one-focusring-rect.html: Added.
10:18 AM Changeset in webkit [198137] by jdiggs@igalia.com
  • 7 edits in trunk

[AX] SVG element with child desc not exposed
https://bugs.webkit.org/show_bug.cgi?id=155374

Reviewed by Darin Adler.

Source/WebCore:

Covered by the accessibility/w3c-svg-roles.html test, which was updated.

AccessibilitySVGRoot is now a subclass of AccessibilitySVGElement, which
exposes SVG elements with a child desc element as per the specification.
Also made existing protected methods private.

  • accessibility/AccessibilitySVGElement.h:
  • accessibility/AccessibilitySVGRoot.cpp:

(WebCore::AccessibilitySVGRoot::AccessibilitySVGRoot):
(WebCore::AccessibilitySVGRoot::parentObject):

  • accessibility/AccessibilitySVGRoot.h:

LayoutTests:

  • platform/gtk/accessibility/w3c-svg-roles-expected.txt: Updated.
  • platform/mac/accessibility/w3c-svg-roles-expected.txt: Updated.
9:55 AM Changeset in webkit [198136] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skip asserting test http/tests/security/aboutBlank/security-context-write.html
https://bugs.webkit.org/show_bug.cgi?id=94458

Unreviewed test gardening.

9:27 AM Changeset in webkit [198135] by Darin Adler
  • 3 edits in trunk/LayoutTests

Add copy/paste plug-in check for XHTML document
https://bugs.webkit.org/show_bug.cgi?id=106350

  • TestExpectations: Re-enable test now that it works in WebKit 1.
  • editing/pasteboard/paste-noplugin-xhtml.xhtml: Fixed problem where test would try to

call setBlockAllPlugins even when it did not exist. Turns out that's needed for the
test to run under WebKit 2, but not needed at all under WebKit 1.

9:16 AM Changeset in webkit [198134] by ap@apple.com
  • 2 edits in trunk/Source/WebCore

Build fix.

  • Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::loadedBlobAsText):

8:58 AM Changeset in webkit [198133] by youenn.fablet@crf.canon.fr
  • 15 edits
    3 copies
    1 add in trunk

[Fetch API] Implement data resolution for blob stored in Body
https://bugs.webkit.org/show_bug.cgi?id=155359

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/request/request-consume-expected.txt:
  • web-platform-tests/fetch/api/request/request-consume.html:
  • web-platform-tests/fetch/api/request/request-init-002-expected.txt:
  • web-platform-tests/fetch/api/response/response-consume-expected.txt:
  • web-platform-tests/fetch/api/response/response-consume.html:
  • web-platform-tests/fetch/api/response/response-init-002-expected.txt:

Source/WebCore:

Introducing FetchLoader as a wrapper around ThreadableLoader to load resources.
FetchLoader can retrieve data as text or array buffer. It only supports blob currently.

Introducing FetchLoaderClient interface and FetchBodyOwner::BlobLoader as specifc blob loader client.

Covered by existing rebased tests.

  • CMakeLists.txt:
  • Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::loadingType):
(WebCore::FetchBody::loadedAsArrayBuffer):
(WebCore::FetchBody::loadedAsText):

  • Modules/fetch/FetchBody.h:
  • Modules/fetch/FetchBodyOwner.cpp: Added.

(WebCore::FetchBodyOwner::FetchBodyOwner):
(WebCore::FetchBodyOwner::loadBlob):
(WebCore::FetchBodyOwner::finishBlobLoading):
(WebCore::FetchBodyOwner::blobLoadingFailed):
(WebCore::FetchBodyOwner::BlobLoader::didReceiveResponse):

  • Modules/fetch/FetchBodyOwner.h:

(WebCore::FetchBodyOwner::loadedBlobAsText):
(WebCore::FetchBodyOwner::loadedBlobAsArrayBuffer):
(WebCore::FetchBodyOwner::blobLoadingSucceeded):

  • Modules/fetch/FetchLoader.cpp: Added.

(WebCore::FetchLoader::start):
(WebCore::FetchLoader::FetchLoader):
(WebCore::FetchLoader::stop):
(WebCore::FetchLoader::didReceiveResponse):
(WebCore::FetchLoader::didReceiveData):
(WebCore::FetchLoader::didFinishLoading):
(WebCore::FetchLoader::didFail):

  • Modules/fetch/FetchLoader.h: Added.
  • Modules/fetch/FetchLoaderClient.h: Added.

(WebCore::FetchLoaderClient::~FetchLoaderClient):
(WebCore::FetchLoaderClient::didReceiveResponse):
(WebCore::FetchLoaderClient::didFinishLoadingAsText):
(WebCore::FetchLoaderClient::didFinishLoadingAsArrayBuffer):

  • WebCore.xcodeproj/project.pbxproj:
8:42 AM Changeset in webkit [198132] by commit-queue@webkit.org
  • 5 edits in trunk

Restored ENABLE_WEBCORE option and used it in JSCOnly port.
https://bugs.webkit.org/show_bug.cgi?id=155428

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-14
Reviewed by Michael Catanzaro.

This is a partial revert of r182624.

  • CMakeLists.txt:
  • Source/CMakeLists.txt:
  • Source/cmake/OptionsJSCOnly.cmake:
  • Source/cmake/WebKitFS.cmake:
8:40 AM Changeset in webkit [198131] by fred.wang@free.fr
  • 2 edits in trunk/Tools

Unreviewed: Add my professional email address.

  • Scripts/webkitpy/common/config/contributors.json:
8:26 AM Changeset in webkit [198130] by fred.wang@free.fr
  • 2 edits in trunk/LayoutTests

Skip accessibility/internal-link-anchors2.html as the linked ui element API is not supported for links.

Unreviewed test gardening.

  • platform/gtk/TestExpectations:
8:19 AM Changeset in webkit [198129] by fred.wang@free.fr
  • 4 edits
    2 adds in trunk

Make MathML colspan/rowspan consistent with HTML table cells.
https://bugs.webkit.org/show_bug.cgi?id=150253

Patch by Frederic Wang <fwang@igalia.com> on 2016-03-14
Reviewed by Martin Robinson.

Source/WebCore:

Test: mathml/rowspan-crash.xhtml

We make MathMLElement::colSpan and MathMLElement::rowSpan consistent with the corresponding functions in HTMLTableCellElement.cpp.
These functions now return unsigned integers, use the same parsing functions and set a maximum for rowspan.
This latter change fixes crash/timeout with large values of rowspan.

  • mathml/MathMLElement.cpp: Include HTMLParserIdioms to use limitToOnlyHTMLNonNegative.

(WebCore::MathMLElement::colSpan): Use unsigned integer and limitToOnlyHTMLNonNegative.
(WebCore::MathMLElement::rowSpan): ditto. We also use the same maximum limit as HTMLTableCellElement.

  • mathml/MathMLElement.h: Make colSpan and rowSpan return unsigned integers.

LayoutTests:

We import crashing test from bug 150253.

  • mathml/rowspan-crash-expected.txt: Added.
  • mathml/rowspan-crash.xhtml: Added.
8:17 AM Changeset in webkit [198128] by Darin Adler
  • 2 edits in trunk/LayoutTests

Continue work on https://bugs.webkit.org/show_bug.cgi?id=106350

  • TestExpectations: Disable test fow now since it seems to be failing in WebKit 1 and depends on hooks not present in WebKit 1 test runner.
8:13 AM Changeset in webkit [198127] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Enable GSS-Negotiate support in libsoup
https://bugs.webkit.org/show_bug.cgi?id=155354

Patch by Tomas Popela <tpopela@redhat.com> on 2016-03-14
Reviewed by Carlos Garcia Campos.

Enable the SOUP_TYPE_AUTH_NEGOTIATE feature if libsoup was compiled
with the GSS-Negotiate support.

  • platform/network/soup/SoupNetworkSession.cpp:

(WebCore::SoupNetworkSession::SoupNetworkSession):

7:17 AM Changeset in webkit [198126] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2

Merge r198124 - [GTK] Reimplement webkit_web_context_clear_cache functionality.
https://bugs.webkit.org/show_bug.cgi?id=146041

Reviewed by Michael Catanzaro.

  • UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_clear_cache):

7:13 AM Changeset in webkit [198125] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit2

Unreviewed. Fix the GTK+ build after r198124.

WebsiteDataTypes is now an OptionSet.

  • UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_clear_cache):

6:36 AM Changeset in webkit [198124] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit2

[GTK] Reimplement webkit_web_context_clear_cache functionality.
https://bugs.webkit.org/show_bug.cgi?id=146041

Reviewed by Michael Catanzaro.

  • UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_clear_cache):

6:16 AM Changeset in webkit [198123] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2

Merge r198098 - Install WebKit2 WebProcess NetworkProcess on OSX when not building the Mac PORT
https://bugs.webkit.org/show_bug.cgi?id=152651

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-14
Reviewed by Philippe Normand.

  • CMakeLists.txt:
6:12 AM WebKitGTK/2.12.x edited by Carlos Garcia Campos
(diff)
6:12 AM Changeset in webkit [198122] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.12

Merge r198058 - [GTK][Mac] Don't force ENABLE_INTROSPECTION=OFF on Mac
https://bugs.webkit.org/show_bug.cgi?id=152650

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-12
Reviewed by Carlos Garcia Campos.

  • Source/cmake/OptionsGTK.cmake:

Source/WebKit2:
[GTK][Mac] Use DYLD_LIBRARY_PATH on OSX rather then LD_LIBRARY_PATH
https://bugs.webkit.org/show_bug.cgi?id=152650

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-12
Reviewed by Carlos Garcia Campos.

  • PlatformGTK.cmake:
6:09 AM Changeset in webkit [198121] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2

Merge r197927 - [GTK] Artifacts when using web view background color
https://bugs.webkit.org/show_bug.cgi?id=155229

Reviewed by Mario Sanchez Prada.

This is because when using a web view color, we fill with the
color every rectangle updated by the web process, but we should
always fill the entire backing store before rendering the actual
contents on top.

  • WebProcess/WebPage/DrawingAreaImpl.cpp:

(WebKit::DrawingAreaImpl::display): Ensure the web process always
renders the whole visible rectangle when background is rendered by
the UI process.

6:08 AM Changeset in webkit [198120] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r197998 - [GTK] Fix rendering of slider input elements
https://bugs.webkit.org/show_bug.cgi?id=155296

Reviewed by Michael Catanzaro.

Use the new gadgets for newer GTK+ and improve a bit the rendering
for previous versions to better match GTK+.

  • rendering/RenderThemeGtk.cpp:

(WebCore::createStyleContext): Add ScaleContents and
ScaleHighlight parts that are only used with GTK+ 3.19.
(WebCore::RenderThemeGtk::paintSliderTrack): Use a smaller trough,
centered in the given rectangle to better match GTK+. Also render
the hightlight gadget with GTK+ 3.19.
(WebCore::RenderThemeGtk::paintSliderThumb): Also create the style
context for contents gadget.
(WebCore::RenderThemeGtk::adjustSliderThumbSize): Take into
account the slider border when calculating the slider thumb size.

6:07 AM Changeset in webkit [198119] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r197997 - [GTK] Scrollbars are broken once again with current GTK+ master
https://bugs.webkit.org/show_bug.cgi?id=155292

Reviewed by Michael Catanzaro.

Most of the trough theming properties have been moved to the
scrollbar, and a new gadget "contents" has been added between the
scrollbar and its children.

  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::getOrCreateStyleContext): Add
left/bottom style classes to ensure the scrollbars border is taken
into account and rendered.
(WebCore::ScrollbarThemeGtk::paintTrackBackground): Also create
style context for contents gadget.
(WebCore::ScrollbarThemeGtk::paintThumb): Ditto.
(WebCore::ScrollbarThemeGtk::paintButton): Ditto.
(WebCore::ScrollbarThemeGtk::scrollbarThickness): Take the
scrollbar border into account.
(WebCore::ScrollbarThemeGtk::buttonSize): Also create style
context for contents gadget.
(WebCore::ScrollbarThemeGtk::getStepperSpacing): Ditto.
(WebCore::ScrollbarThemeGtk::minimumThumbLength): Ditto.
(WebCore::ScrollbarThemeGtk::thumbFatness): Ditto.
(WebCore::ScrollbarThemeGtk::getTroughBorder): Take the scrollbar
border into account.

6:06 AM Changeset in webkit [198118] by Carlos Garcia Campos
  • 12 edits in releases/WebKitGTK/webkit-2.12

Merge r197811 - Font size computed style is innaccurate
https://bugs.webkit.org/show_bug.cgi?id=154705
<rdar://problem/23474068>

Reviewed by Timothy Hatcher.

Source/WebCore:

Safari rounds the font size value reported to getComputedStyle(). Neither Firefox
nor Chrome do this.

Covered by existing tests.

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::getFontSizeCSSValuePreferringKeyword):
(WebCore::fontSizeFromStyle):

LayoutTests:

Update expected results.

  • css3/calc/font-size-fractional-expected.txt:
  • css3/viewport-percentage-lengths/viewport-percentage-lengths-relative-font-size.html:
  • css3/viewport-percentage-lengths/viewport-percentage-lengths-relative-font-size-expected.txt:
  • editing/mac/attributed-string/font-size-expected.txt:
  • editing/mac/attributed-string/vertical-align-expected.txt:
  • platform/mac-mavericks/editing/mac/attributed-string/font-size-expected.txt:
  • platform/mac-mavericks/editing/mac/attributed-string/vertical-align-expected.txt:
  • platform/mac-yosemite/editing/mac/attributed-string/font-size-expected.txt:
  • platform/mac-yosemite/editing/mac/attributed-string/vertical-align-expected.txt:
5:15 AM Changeset in webkit [198117] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebInspectorUI

Merge r197802 - Web Inspector: Images being blocked by CSP 2.0
https://bugs.webkit.org/show_bug.cgi?id=155182
<rdar://problem/25040640>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-08
Reviewed by Daniel Bates.

  • UserInterface/Main.html:

Allow Web Inspector to load file: and blob: image resources.
Also blob: media and font resources.

5:10 AM Changeset in webkit [198116] by youenn.fablet@crf.canon.fr
  • 8 edits in trunk

Web platform test server should not try to launch servers on already bound sockets
https://bugs.webkit.org/show_bug.cgi?id=141157

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

  • resources/config.json: Changed wpt https port from 8443 to 9443.
  • web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Updated according https port change.
  • web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Ditto.
  • web-platform-tests/fetch/api/basic/mode-same-origin-expected.txt: Ditto.
  • web-platform-tests/fetch/api/basic/mode-same-origin-worker-expected.txt: Ditto.

Tools:

  • Scripts/webkitpy/layout_tests/servers/web_platform_test_server.py:

(wpt_config_json): Load WPT config from LayoutTests/imported/w3c/resources/config.json.
(base_url): Refactored to use wpt_config_json routine.
(WebPlatformTestServer.init): Fill port mappings according WPT config.

5:02 AM Changeset in webkit [198115] by rniwa@webkit.org
  • 17 edits
    2 adds in trunk

Add slotchange event
https://bugs.webkit.org/show_bug.cgi?id=155424
<rdar://problem/24997534>

Reviewed by Antti Koivisto.

Source/WebCore:

Added slotchange event as discussed on https://github.com/w3c/webcomponents/issues/288.

While the exact semantics of it could still evolve over time, this patch implements as
an asynchronous event that fires on a slot element whenever its distributed nodes change
(flattened assigned nodes):
http://w3c.github.io/webcomponents/spec/shadow/#dfn-distributed-nodes

Since inserting or removing an element from a shadow host could needs to enqueue this event
on the right slot element, this patch moves the invalidation point of element removals and
insertions from Element::childrenChanged to Element::insertedInto and Element::removedFrom.
Text nodes are still invalidated at Element::childrenChanged for performance reasons
since it could only appear within a default slot element.

Because this more fine-grained invalidation needs to be overridden by HTMLDetailsElement,
we now subclass SlotAssignment in HTMLDetailsElement instead of passing in a std::function.

Test: fast/shadow-dom/slotchange-event.html

  • dom/Document.cpp:

(WebCore::Document::enqueueSlotchangeEvent): Added.

  • dom/Document.h:
  • dom/Element.cpp:

(WebCore::Element::attributeChanged): Call hostChildElementDidChangeSlotAttr.
(WebCore::Element::insertedInto): Call hostChildElementDidChange.
(WebCore::Element::removedFrom): Ditto.
(WebCore::Element::childrenChanged): Don't invalidate the slots on ElementInserted and
ElementRemoved since they're now done in Element::insertedInto and Element::removedFrom.

  • dom/Event.cpp:

(WebCore::Event::scoped): slotchange event is scoped.

  • dom/EventNames.h: Added eventNames().slotchange.
  • dom/ShadowRoot.cpp:

(WebCore::ShadowRoot::invalidateSlotAssignments): Deleted.
(WebCore::ShadowRoot::invalidateDefaultSlotAssignments): Deleted.

  • dom/ShadowRoot.h:

(ShadowRoot): Added more fine-grained invalidators, mirroring changes to SlotAssignment.

  • dom/SlotAssignment.cpp:

(WebCore::SlotAssignment::SlotAssignment): Removed a variant that takes SlotNameFunction
since HTMLDetailsElement now subclasses SlotAssignment.
(WebCore::SlotAssignment::~SlotAssignment): Added now that the class is virtual.
(WebCore::recursivelyFireSlotChangeEvent): Added.
(WebCore::SlotAssignment::didChangeSlot): Added. Invalidates the style tree only if there
is a corresponding slot element, and fires slotchange event. When the slot element we found
in this shadow tree is assigned to a slot element inside an inner shadow tree, recursively
fire slotchange event on each such inner slots.
(WebCore::SlotAssignment::hostChildElementDidChange): Added. Update the matching slot when
an element is inserted or removed under a shadow host.
(WebCore::SlotAssignment::assignedNodesForSlot): Removed the superfluous early exit to an
release assert since addSlotElementByName should always create a SlotInfo for each element.
(WebCore::SlotAssignment::slotNameForHostChild): Added. This is the equivalent of old
m_slotNameFunction which DetailsSlotAssignment overrides.
(WebCore::SlotAssignment::invalidateDefaultSlot): Deleted.
(WebCore::SlotAssignment::findFirstSlotElement): Added an assertion. slotInfo.element must
be nullptr if elementCount is 0, and elementCount must be 0 if slotInfo.element is nullptr
after calling resolveAllSlotElements, which traverses the entire shadow tree to find all
slot elements.
(WebCore::SlotAssignment::assignSlots):

  • dom/SlotAssignment.h: Implemented inline functions of ShadowRoot here to avoid including

SlotAssignment.h in ShadowRoot.h. Not inlining them results in extra function calls for all
builtin elements with shadow root without slot elements, which impacts performance.
(WebCore::ShadowRoot::didRemoveAllChildrenOfShadowHost): Added.
(WebCore::ShadowRoot::didChangeDefaultSlot): Added.
(WebCore::ShadowRoot::hostChildElementDidChange): Added.
(WebCore::ShadowRoot::hostChildElementDidChangeSlotAttribute): Added.
(WebCore::ShadowRoot::innerSlotDidChange):

  • html/HTMLDetailsElement.cpp:

(WebCore::DetailsSlotAssignment): Added. Subclasses SlotAssignment to override
hostChildElementDidChange and slotNameForHostChild.
(WebCore::DetailsSlotAssignment::hostChildElementDidChange): Added. We don't check if this
is the first summary element since we don't know the answer when this function is called
inside Element::removedFrom.
(WebCore::DetailsSlotAssignment::slotNameForHostChild): Renamed from slotNameFunction. Also
removed the code to return nullAtom when details element is not open as that messes up new
fine-grained invalidation. Insert/remove the slot element in parseAttribute instead.
(WebCore::HTMLDetailsElement::didAddUserAgentShadowRoot): Don't insert the slot element for
the summary since the details element is not open now.
(WebCore::HTMLDetailsElement::parseAttribute): Remove and insert the slot element for the
summary here instead of changing the behavior of slotNameForHostChild.

  • html/HTMLDetailsElement.h:
  • html/HTMLSlotElement.cpp:

(WebCore::HTMLSlotElement::enqueueSlotChangeEvent): Added. Enqueues a new slotchange event
if we haven't done so for this element yet.
(WebCore::HTMLSlotElement::dispatchEvent): Added. Clear m_hasEnqueuedSlotChangeEvent when
dispatching a slotchange event so that a subsequent call to enqueueSlotChangeEvent would
enqueue a new event. Note scripts call EventTarget::dispatchEventForBindings instead.

  • html/HTMLSlotElement.h:

LayoutTests:

Added a W3C style testharness.js test.

  • fast/shadow-dom/ShadowRoot-interface-expected.txt:
  • fast/shadow-dom/ShadowRoot-interface.html: Don't import testharness.css from svn.webkit.org.
  • fast/shadow-dom/slotchange-event-expected.txt: Added.
  • fast/shadow-dom/slotchange-event.html: Added.
4:57 AM Changeset in webkit [198114] by Carlos Garcia Campos
  • 9 edits
    2 adds in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197796 - Regexp matching should incur less call overhead
https://bugs.webkit.org/show_bug.cgi?id=155181

Reviewed by Geoffrey Garen.

Previously we had DFG/FTL code call into the DFGOperation, which then called in to
RegExpObject, which then called into createRegExpMatchesArray, which then called into
RegExp, which then called the code generated by Yarr.

Now we have DFG/FTL code call into the DFGOperation, which does all of the things and calls
into code generated by Yarr.

This is another tiny Octane/regexp speed-up.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • dfg/DFGOperations.cpp:
  • runtime/RegExp.cpp:

(JSC::regExpFlags):
(JSC::RegExp::compile):
(JSC::RegExp::match):
(JSC::RegExp::compileMatchOnly):
(JSC::RegExp::deleteCode):
(JSC::RegExpFunctionalTestCollector::clearRegExp): Deleted.
(JSC::RegExp::compileIfNecessary): Deleted.
(JSC::RegExp::compileIfNecessaryMatchOnly): Deleted.

  • runtime/RegExp.h:
  • runtime/RegExpInlines.h: Added.

(JSC::RegExpFunctionalTestCollector::clearRegExp):
(JSC::RegExp::compileIfNecessary):
(JSC::RegExp::matchInline):
(JSC::RegExp::compileIfNecessaryMatchOnly):

  • runtime/RegExpMatchesArray.cpp:

(JSC::createEmptyRegExpMatchesArray):
(JSC::createStructureImpl):
(JSC::tryCreateUninitializedRegExpMatchesArray): Deleted.
(JSC::createRegExpMatchesArray): Deleted.

  • runtime/RegExpMatchesArray.h:

(JSC::tryCreateUninitializedRegExpMatchesArray):
(JSC::createRegExpMatchesArray):

  • runtime/RegExpObject.cpp:

(JSC::RegExpObject::put):
(JSC::RegExpObject::exec):
(JSC::RegExpObject::match):
(JSC::getLastIndexAsUnsigned): Deleted.

  • runtime/RegExpObject.h:

(JSC::RegExpObject::getLastIndex):
(JSC::RegExpObject::test):
(JSC::RegExpObject::testInline):

  • runtime/RegExpObjectInlines.h: Added.

(JSC::getRegExpObjectLastIndexAsUnsigned):
(JSC::RegExpObject::execInline):
(JSC::RegExpObject::matchInline):

4:38 AM Changeset in webkit [198113] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Reduce unnecessary dashboard repaints
https://bugs.webkit.org/show_bug.cgi?id=155425
<rdar://problem/25138247>

Reviewed by Timothy Hatcher.

  • UserInterface/Views/DefaultDashboardView.js:

(WebInspector.DefaultDashboardView.prototype._appendElementForNamedItem.):
newText is a number for console message counters.

4:31 AM Changeset in webkit [198112] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.12

Merge r197784 - Scrolling does not work when the mouse down is handled by a node
https://bugs.webkit.org/show_bug.cgi?id=19033

Reviewed by Simon Fraser.

Source/WebCore:

Test: fast/events/prevent-default-prevents-interaction-with-scrollbars-.html

When a mouse press/down event happens on a scrollbar area, but event
is default prevented in the document level, for example, event does not get
properly passed to scrollbars, although it should.

Problem started long ago with r17770, and was improved with r19596.
However, years later, the way Scrollbar* is obtained is still currently different
weither event is default prevented or not.

Patch uniforms the logic for both cases, and fixes the bug.

Note: code before used to look like

if (swallowEvent) {

<code>

} else {

<bleh>
<foo>

}

.. and now looks like

if (!swallowEvent)

<bleh>

<code>

if (!swallowEvent)

<foo>

e.g. document.addEventListener('mousedown', function (e) { e.preventDefault(); });

  • page/EventHandler.cpp:

(WebCore::scrollbarForMouseEvent):
(WebCore::EventHandler::handleMousePressEvent):

LayoutTests:

  • fast/events/prevent-default-prevents-interaction-with-scrollbars-expected.txt: Added.
  • fast/events/prevent-default-prevents-interaction-with-scrollbars.html: Added.
4:24 AM Changeset in webkit [198111] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197774 - WeakBlock::visit() should check for a WeakHandleOwner before consulting mark bits.
<https://webkit.org/b/155154>

Reviewed by Darin Adler.

Reorder the checks in WeakBlock::visit() so we don't look at the mark bits in MarkedBlock
unless the current WeakImpl has a WeakHandleOwner we need to consult.

I was originally hoping to make an optimization that could skip over entire WeakBlocks
if they didn't have a single WeakHandleOwner, but it turns out that scenario is not as
common as I suspected.

  • heap/WeakBlock.cpp:

(JSC::WeakBlock::visit):

4:11 AM Changeset in webkit [198110] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197730 - Reduce the number of instructions needed to record the last regexp result
https://bugs.webkit.org/show_bug.cgi?id=155161

Reviewed by Sam Weinig.

This tightens up RegExpCachedResult::record(). My profiling shows that we spend just
over 1% of the time in Octane/regexp in this function. This function had two obvious
redundancies:

1) It executed the write barrier on owner twice. It only needs to execute it once. Since

the same RegExpConstructor is likely to be used many times, it makes sense to do the
barrier without looking at the 'to' objects at all. In steady state, this means that
the RegExpConstructor will simply be OldGrey so this one barrier will always skip the
slow path.

2) It cleared some fields that didn't need to be cleared, since we can just use

m_reified to indicate that the fields are not meaningful anymore.

This is meant to be a microscopic regexp speed-up.

  • runtime/RegExpCachedResult.cpp:

(JSC::RegExpCachedResult::visitChildren):
(JSC::RegExpCachedResult::lastResult):

  • runtime/RegExpCachedResult.h:

(JSC::RegExpCachedResult::record):

4:02 AM Changeset in webkit [198109] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197729 - createRegExpMatchesArray should allocate substrings more quickly
https://bugs.webkit.org/show_bug.cgi?id=155160

Reviewed by Sam Weinig.

This was calling a version of jsSubstring() that isn't inlineable because it was doing a lot
of checks in finishCreation(). In particular, it was checking that the base string is not
itself a substring and that it's been resolved. We don't need those checks here, since the
string must have been resolved prior to regexp processing.

This patch is also smart about whether to do checks for the empty and full substrings. In
the matches array loop, these checks are super unlikely to be profitable, so we just
unconditionally allocate the substring.

This removes those checks and makes the allocation inlineable. It looks like a 1% speed-up
on Octane/regexp.

  • runtime/JSString.h:

(JSC::jsSubstring):
(JSC::jsSubstringOfResolved):

  • runtime/RegExpMatchesArray.cpp:

(JSC::createRegExpMatchesArray):

3:27 AM Changeset in webkit [198108] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197725 - [JSC] Small clean up of how we use SSA's valuesAtHead
https://bugs.webkit.org/show_bug.cgi?id=155152

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-07
Reviewed by Filip Pizlo.

liveAtHead and valuesAtHead contain the same nodes,
we do not need the extra look up.

This also opens the way to use the same kind of liveness
analysis as Air (where live values at head do not use a set).

  • dfg/DFGInPlaceAbstractState.cpp:

(JSC::DFG::InPlaceAbstractState::beginBasicBlock):
(JSC::DFG::InPlaceAbstractState::merge):

3:20 AM Changeset in webkit [198107] by Carlos Garcia Campos
  • 6 edits
    34 adds in releases/WebKitGTK/webkit-2.12

Merge r197724 - CSP: Source '*' should not match URLs with schemes blob, data, or filesystem
https://bugs.webkit.org/show_bug.cgi?id=154122
<rdar://problem/24613336>

Reviewed by Brent Fulgham.

Source/WebCore:

Restrict matching of source expression * to HTTP or HTTPS URLs for all directives except
img-src and media-src. This policy is more restrictive than the policy described in section
Matching Source Expressions of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721>,
which restricts matching * to schemes that are not blob, data, or filesystem.

For directive img-src we restrict matching of * to HTTP, HTTPS, and data URLs. For directive
media-src we restrict matching of * to HTTP, HTTPS, data URLs and blob URLs. We use a
more lenient interpretation of * for directives img-src and media-src than required by
the spec. to mitigate web compatibility issues.

Tests: fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html

fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html
fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html
fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html
fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html
fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star.html
http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star.html
http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star.html
http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star.html
http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star.html
media/video-with-blob-url-allowed-by-csp-media-src-star.html
media/video-with-data-url-allowed-by-csp-media-src-star.html
media/video-with-file-url-blocked-by-csp-media-src-star.html

  • page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar): Added.
(WebCore::ContentSecurityPolicySourceList::matches): Modified to only match * if ContentSecurityPolicySourceList::isProtocolAllowedByStar().
evaluates to true.

  • page/csp/ContentSecurityPolicySourceList.h:

LayoutTests:

Add tests to ensure that we do not regress our interpretation of * with respect to directives
img-src, media-src, style-src, and default-src.

When running in WebKitTestRunner, skip the tests fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html
and media/video-with-blob-url-allowed-by-csp-media-src-star.html as they make use of eventSender.beginDragWithFiles(),
which is not implement. We will need to fix <https://bugs.webkit.org/show_bug.cgi?id=64285>
before we can run these tests in WebKitTestRunner.

  • TestExpectations:
  • fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html: Added.
  • fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html: Added.
  • fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html: Added.
  • fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html: Added.
  • fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html: Added.
  • fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html: Added.
  • fast/dom/HTMLImageElement/resources/green.png: Added.
  • fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html: Added.
  • fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html: Added.
  • fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html: Added.
  • fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html: Added.
  • fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html: Added.
  • fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html: Added.
  • fast/dom/HTMLLinkElement/resources/red-background-color.css: Added.

(#test):

  • http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star.html: Added.
  • http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star.html: Added.
  • http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star.html: Added.
  • http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star.html: Added.
  • http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star.html: Added.
  • http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star.html: Added.
  • http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star.html: Added.
  • media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html: Added.
  • media/video-with-blob-url-allowed-by-csp-media-src-star.html: Added.
  • media/video-with-data-url-allowed-by-csp-media-src-star-expected.html: Added.
  • media/video-with-data-url-allowed-by-csp-media-src-star.html: Added.
  • media/video-with-file-url-blocked-by-csp-media-src-star-expected.html: Added.
  • media/video-with-file-url-blocked-by-csp-media-src-star.html: Added.
  • platform/wk2/TestExpectations:
3:19 AM Changeset in webkit [198106] by Carlos Garcia Campos
  • 10 edits in releases/WebKitGTK/webkit-2.12/Source

Merge r197706 - Cleanup: Add convenience function URL::procotolIsBlob()
https://bugs.webkit.org/show_bug.cgi?id=155127
<rdar://problem/25016829>

Reviewed by Brent Fulgham.

Source/WebCore:

Similar to the class member function URL::protocolIsData(), add a class member function to
class URL to determine if a URL is a blob URL.

No functionality was changed. So, no new tests.

  • page/SecurityOrigin.cpp:

(WebCore::SecurityOrigin::shouldUseInnerURL): Modified to use URL::protocolIsBlob().
(WebCore::getCachedOrigin): Ditto.

  • platform/URL.h:

(WebCore::URL::protocolIsBlob): Added.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webKitWebSrcStart): Modified to use URL::protocolIsBlob().
(urlHasSupportedProtocol): Ditto.

  • workers/Worker.cpp:

(WebCore::Worker::didReceiveResponse): Ditto.

  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::createRequest): Ditto.

Source/WebKit2:

  • NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::NetworkLoad): Modified to use URL::protocolIsBlob().

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::NetworkResourceLoader): Ditto.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::canHandleRequest): Ditto.

2:57 AM Changeset in webkit [198105] by Carlos Garcia Campos
  • 7 edits
    1 copy in releases/WebKitGTK/webkit-2.12/Source/bmalloc

Merge r197797 - Unreviewed, rolling in r197722.
https://bugs.webkit.org/show_bug.cgi?id=155171

The right calculation for our static_assert is actually:

sizeof(SmallChunk) % vmPageSize + 2 * smallMax <= vmPageSize

instead of:

sizeof(SmallChunk) % vmPageSize + smallMax <= vmPageSize

smallMax is not enough because line metadata might require us to begin
allocation at an offset as large as smallMax, so we need 2 * smallMax.

Once correct, this static_assert fires, and we fix it by increasing
the alignment of SmallChunk.

Restored changeset:

"bmalloc: Use List<T> instead of Vector<T> in some places"
https://bugs.webkit.org/show_bug.cgi?id=155150
http://trac.webkit.org/changeset/197722

2:52 AM Changeset in webkit [198104] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r197716 - Crash in WebCore::RenderElement::containingBlockForObjectInFlow
https://bugs.webkit.org/show_bug.cgi?id=155109

Reviewed by Simon Fraser.

It's unsafe to call containingBlock() on RenderView.

Unable to reproduce.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::styleWillChange):
(WebCore::RenderBlock::isSelfCollapsingBlock):
(WebCore::RenderBlock::selectionGaps):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::borderBoxRectInRegion):
(WebCore::RenderBox::computePercentageLogicalHeight):
(WebCore::RenderBox::computeReplacedLogicalHeightUsing):
(WebCore::logicalWidthIsResolvable):
(WebCore::RenderBox::percentageLogicalHeightIsResolvableFromBlock):

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight):

  • rendering/RenderFlowThread.cpp:

(WebCore::RenderFlowThread::adjustedPositionRelativeToOffsetParent):
(WebCore::RenderFlowThread::offsetFromLogicalTopOfFirstRegion):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::hasCompositedLayerInEnclosingPaginationChain):
(WebCore::RenderLayer::updatePagination):
(WebCore::inContainingBlockChain):

  • rendering/RenderMultiColumnFlowThread.cpp:

(WebCore::isValidColumnSpanner):

  • rendering/RenderNamedFlowThread.cpp:

(WebCore::RenderNamedFlowThread::decorationsClipRectForBoxInNamedFlowFragment):

  • rendering/RenderObject.cpp:

(WebCore::hasFixedPosInNamedFlowContainingBlock):

  • rendering/RenderReplaced.cpp:

(WebCore::firstContainingBlockWithLogicalWidth):

  • rendering/RenderView.cpp:

(WebCore::RenderView::subtreeSelectionBounds):
(WebCore::RenderView::repaintSubtreeSelection):
(WebCore::RenderView::clearSubtreeSelection):
(WebCore::RenderView::applySubtreeSelection):

2:46 AM Changeset in webkit [198103] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore

Merge r197715 - RegExp.prototype.exec() should call into Yarr at most once
https://bugs.webkit.org/show_bug.cgi?id=155139

Reviewed by Saam Barati.

For apparently no good reason, RegExp.prototype.match() was calling into Yarr twice, almost
as if it was hoping that the non-matching case was so common that it was best to have the
matching case do the work all over again.

This is a 4% speed-up on Octane/regexp. It's also a matter of common sense: we should not be
in the business of presuming whether someone's match will succeed or fail. The increased
cost of running Yarr twice is so much larger than whatever savings we were getting from
running a match-only regexp that this is just not a good overall deal for the engine.

Also, it's interesting that we are seeing a 4% speed-up on regexp despite the fact that a
majority (almost a supermajority, I think) of calls into RegExp.prototype.match() are failed
matches. So, this change is a 4% speed-up despite being a slow down on the common case. That
tells you just how bad the old behavior was on the uncommon case.

  • runtime/MatchResult.h:

(MatchResult::MatchResult):
(MatchResult::failed):
(MatchResult::operator bool):

  • runtime/RegExpCachedResult.cpp:

(JSC::RegExpCachedResult::lastResult):

  • runtime/RegExpConstructor.h:

(JSC::RegExpConstructor::setMultiline):
(JSC::RegExpConstructor::multiline):
(JSC::RegExpConstructor::performMatch):
(JSC::RegExpConstructor::recordMatch):

  • runtime/RegExpMatchesArray.cpp:

(JSC::createRegExpMatchesArray):
(JSC::createEmptyRegExpMatchesArray):
(JSC::createStructureImpl):

  • runtime/RegExpMatchesArray.h:

(JSC::createRegExpMatchesArray):

  • runtime/RegExpObject.cpp:

(JSC::RegExpObject::put):
(JSC::getLastIndexAsUnsigned):
(JSC::RegExpObject::exec):
(JSC::RegExpObject::match):

  • runtime/RegExpObject.h:

(JSC::RegExpObject::getLastIndex):
(JSC::RegExpObject::test):

  • runtime/StringPrototype.cpp:

(JSC::stringProtoFuncMatch):

2:44 AM Changeset in webkit [198102] by youenn.fablet@crf.canon.fr
  • 20 edits in trunk/Source/WebCore

Introduce CallWith=Document in binding generator
https://bugs.webkit.org/show_bug.cgi?id=155358

Reviewed by Darin Adler.

Covered by existing tests and binding test.

  • Modules/notifications/Notification.cpp:

(WebCore::Notification::permission): Taking a Document& instead of ScriptExecutionContext&.
(WebCore::Notification::requestPermission): Ditto.

  • Modules/notifications/Notification.h:
  • Modules/notifications/Notification.idl: Using CallWith=Document.
  • bindings/scripts/CodeGeneratorJS.pm: Adding support for CallWith=Document and changed name from scriptContext to context.

(GenerateCallWith):
(GenerateConstructorDefinition):

  • bindings/scripts/IDLAttributes.txt: Adding support for CallWith=Document.
  • bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:

(webkit_dom_test_obj_with_document_argument):

  • bindings/scripts/test/GObject/WebKitDOMTestObj.h:
  • bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2):
(WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjWithScriptExecutionContextAttribute):
(WebCore::jsTestObjWithScriptExecutionContextAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttribute):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttribute):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
(WebCore::setJSTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
(WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContext):
(WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptState):
(WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateObjException):
(WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces):
(WebCore::jsTestObjPrototypeFunctionWithDocumentArgument):

  • bindings/scripts/test/ObjC/DOMTestObj.h:
  • bindings/scripts/test/ObjC/DOMTestObj.mm:

(-[DOMTestObj withDocumentArgument]):

  • bindings/scripts/test/TestObj.idl: Adding binding test.
  • page/DOMWindow.cpp:

(WebCore::DOMWindow::focus): Taking a Document& instead of ScriptExecutionContext&.
(WebCore::DOMWindow::close): Ditto.

  • page/DOMWindow.h:
  • page/DOMWindow.idl:
  • page/History.cpp:

(WebCore::History::back): Ditto.
(WebCore::History::forward): Ditto.
(WebCore::History::go): Ditto.

  • page/History.h:
  • page/History.idl:
  • testing/Internals.cpp:

(WebCore::InspectorStubFrontend::closeWindow): Calling DOMWindow::close() directly.

2:21 AM Changeset in webkit [198101] by Carlos Garcia Campos
  • 13 edits
    8 adds
    1 delete in releases/WebKitGTK/webkit-2.12

Merge r197697 - CSP: object-src directive should prohibit creation of nested browsing context
https://bugs.webkit.org/show_bug.cgi?id=153153
<rdar://problem/24383209>

Reviewed by Brent Fulgham.

Source/WebCore:

Enforce the Content Security Policy object-src directive when fetching a URL for content
that will cause an HTML object or HTML embed element to act as a nested browsing context
(i.e. behave as if the content was loaded in an HTML iframe element). This makes our
enforcement of the object-src directive match the behavior of the object-src directive
in the Content Security Policy 2.0 spec., <http://www.w3.org/TR/2015/CR-CSP2-20150721/>.

Tests: http/tests/security/contentSecurityPolicy/embed-src-url-blocked.html

http/tests/security/contentSecurityPolicy/embed-src-url-blocked2.html
http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2.html
http/tests/security/contentSecurityPolicy/object-src-url-blocked2.html

  • loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Extracted from SubframeLoader::pluginIsLoadable().
Checks if the plugin element is allowed by the Content Security Policy to load the URL and MIME type.
(WebCore::SubframeLoader::pluginIsLoadable): Extract out the logic for determining if
the plugin content is allowed to load by the Content Security Policy into SubframeLoader::isPluginContentAllowedByContentSecurityPolicy()
and make use of this function.
(WebCore::SubframeLoader::requestObject): Modified to call SubframeLoader::isPluginContentAllowedByContentSecurityPolicy()
before loading plugin content into a sub frame. If the plugin content is not allowed to load then we
mark the plugin as unavailable with the reason being that it was blocked by the Content Security Policy.

  • loader/SubframeLoader.h:

LayoutTests:

Add test to ensure that we enforce the Content Security Policy object-src directive
for HTML object and HTML embed elements that behave like an HTML iframe element.

  • TestExpectations: Remove entries for tests that pass.
  • http/tests/security/contentSecurityPolicy/embed-src-url-blocked-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/embed-src-url-blocked.html: Added.
  • http/tests/security/contentSecurityPolicy/embed-src-url-blocked2-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/embed-src-url-blocked2.html: Added.
  • http/tests/security/contentSecurityPolicy/object-src-param-code-blocked-expected.txt:
  • http/tests/security/contentSecurityPolicy/object-src-param-movie-blocked-expected.txt:
  • http/tests/security/contentSecurityPolicy/object-src-param-movie-blocked.html:
  • http/tests/security/contentSecurityPolicy/object-src-param-src-blocked-expected.txt:
  • http/tests/security/contentSecurityPolicy/object-src-param-src-blocked.html:
  • http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2.html: Added.
  • http/tests/security/contentSecurityPolicy/object-src-param-url-blocked-expected.txt:
  • http/tests/security/contentSecurityPolicy/object-src-param-url-blocked.html:

Simplify the code used in the above tests and update incorrect expected results.

  • http/tests/security/contentSecurityPolicy/object-src-url-blocked2-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/object-src-url-blocked2.html: Added.
  • http/tests/security/contentSecurityPolicy/resources/object-src-param.js: Removed.
1:44 AM Changeset in webkit [198100] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.4.10

WebKitGTK+ 2.4.10

1:43 AM Changeset in webkit [198099] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.4

Unreviewed. Update NEWS and Versions.m4 for 2.4.10 release.

.:

  • Source/autotools/Versions.m4: Bump version numbers.

Source/WebKit/gtk:

  • NEWS: Added release notes for 2.4.10.
1:37 AM Changeset in webkit [198098] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit2

Install WebKit2 WebProcess NetworkProcess on OSX when not building the Mac PORT
https://bugs.webkit.org/show_bug.cgi?id=152651

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-14
Reviewed by Philippe Normand.

  • CMakeLists.txt:
12:34 AM Changeset in webkit [198097] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.4/Source/WebCore/platform/gtk/po

Translation updates: German, Spanish, French, Italian, Korean, Brazilian Portuguese, Russian, Chinese

12:07 AM WebKitGTK/2.4.x edited by Carlos Garcia Campos
(diff)

Mar 13, 2016:

11:27 PM Changeset in webkit [198096] by Darin Adler
  • 1 edit
    2 adds in trunk/LayoutTests

Add copy/paste plug-in check for XHTML document
https://bugs.webkit.org/show_bug.cgi?id=106350

Reviewed by David Kilzer.

This bug was filed because of the assumption that there was a bug, but it
turns out that even in XHTML documents, we use HTML tree builder, so there is
no bug. Thus this just adds the test that demonstrates this.

  • editing/pasteboard/paste-noplugin-xhtml-expected.txt: Added.
  • editing/pasteboard/paste-noplugin-xhtml.xhtml: Added.
11:20 PM Changeset in webkit [198095] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Large repaints when typing any character in console
https://bugs.webkit.org/show_bug.cgi?id=155387
<rdar://problem/25125720>

Reviewed by Timothy Hatcher.

  • UserInterface/Views/Main.css:

(#content):

10:57 PM Changeset in webkit [198094] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Memory timeline pie charts are misaligned when there is no recording
https://bugs.webkit.org/show_bug.cgi?id=155421

Patch by Devin Rousso <Devin Rousso> on 2016-03-13
Reviewed by Timothy Hatcher.

  • UserInterface/Views/MemoryTimelineView.css:

(.timeline-view.memory > .content > .overview):
Removed top padding to match bottom padding.

(.timeline-view.memory .legend > .row):
(.timeline-view.memory .legend):
Moved specified width to prevent unrecorded timelines from having graphs
that are offset horizontally.

9:52 PM Changeset in webkit [198093] by commit-queue@webkit.org
  • 22 edits in trunk

Remove ENABLE(ES6_TEMPLATE_LITERAL_SYNTAX) guards
https://bugs.webkit.org/show_bug.cgi?id=155417

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-13
Reviewed by Yusuke Suzuki.

.:

  • Source/cmake/OptionsWin.cmake:
  • Source/cmake/WebKitFeatures.cmake:
  • Source/cmake/tools/vsprops/FeatureDefines.props:
  • Source/cmake/tools/vsprops/FeatureDefinesCairo.props:

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:
  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parsePrimaryExpression): Deleted.
(JSC::Parser<LexerType>::parseMemberExpression): Deleted.

Source/WebCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit/mac:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

  • Configurations/FeatureDefines.xcconfig:

Source/WTF:

  • wtf/FeatureDefines.h:

Tools:

  • Scripts/webkitperl/FeatureList.pm:
  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

WebKitLibraries:

  • win/tools/vsprops/FeatureDefines.props:
  • win/tools/vsprops/FeatureDefinesCairo.props:
9:43 PM Changeset in webkit [198092] by weinig@apple.com
  • 6 edits
    3 adds in trunk

Implement unprivileged execCommand("copy") and execCommand("cut")
<rdar://problem/24354406>
https://bugs.webkit.org/show_bug.cgi?id=146336

Reviewed by Dean Jackson.

Source/WebCore:

Test: editing/execCommand/clipboard-access-with-user-gesture.html

  • WebCore.xcodeproj/project.pbxproj:

Add new files.

  • editing/ClipboardAccessPolicy.h:

Added.

  • editing/EditorCommand.cpp:

(WebCore::defaultValueForSupportedCopyCut):
(WebCore::supportedCopyCut):
Match other browsers and allow the copy and cut commands
to be executed when there is a user gesture.

  • page/Settings.h:

Add include of ClipboardAccessPolicy.h.

  • page/Settings.in:

Add new setting for ClipboardAccessPolicy

LayoutTests:

  • editing/execCommand/clipboard-access-with-user-gesture-expected.txt: Added.
  • editing/execCommand/clipboard-access-with-user-gesture.html: Added.

Add test for using execCommand("copy") and execCommand("cut") during a user gesture.

8:58 PM Changeset in webkit [198091] by dino@apple.com
  • 41 edits in trunk

DRT should enable WebGL by default on Mac
https://bugs.webkit.org/show_bug.cgi?id=155419
<rdar://problem/25136981>

Reviewed by Sam Weinig.

Tools:

For some reason, lost in time, WebGL was enabled
by default on trunk, but disabled by default
in DumpRenderTree when using WebKit 1. This
was very annoying, because each test had
an explicit command to enable it.

  • DumpRenderTree/mac/DumpRenderTree.mm:

(resetWebPreferencesToConsistentValues): Deleted WebGL line.

LayoutTests:

Update all the tests that no longer have to explicitly
turn WebGL on.

  • compositing/backface-visibility/backface-visibility-webgl.html:
  • compositing/visibility/visibility-simple-webgl-layer.html:
  • compositing/webgl/webgl-background-color.html:
  • compositing/webgl/webgl-no-alpha.html:
  • compositing/webgl/webgl-nonpremultiplied-blend.html:
  • compositing/webgl/webgl-reflection.html:
  • compositing/webgl/webgl-repaint.html:
  • fast/canvas/webgl/antialiasing-enabled.html:
  • fast/canvas/webgl/canvas-resize-crash.html:
  • fast/canvas/webgl/css-webkit-canvas-repaint.html:
  • fast/canvas/webgl/css-webkit-canvas.html:
  • fast/canvas/webgl/out-of-bounds-simulated-vertexAttrib0-drawArrays-expected.txt:
  • fast/canvas/webgl/out-of-bounds-simulated-vertexAttrib0-drawArrays.html:
  • fast/canvas/webgl/premultiplyalpha-test.html:
  • fast/canvas/webgl/resources/webgl-test.js:

(initNonKhronosFramework): Deleted.

  • fast/canvas/webgl/texImage2DImageDataTest.html:
  • fast/canvas/webgl/toDataURL-unpremultipliedAlpha.html:
  • fast/canvas/webgl/unprefixed-context.html:
  • fast/canvas/webgl/webgl-composite-modes-repaint.html:
  • fast/canvas/webgl/webgl-composite-modes.html:
  • fast/canvas/webgl/webgl-drawarrays-crash.html:
  • fast/canvas/webgl/webgl-layer-update.html:
  • fast/canvas/webgl/webgl-reload-crash.html:
  • http/tests/canvas/webgl/origin-clean-conformance.html:
  • http/tests/security/webgl-remote-read-remote-image-allowed-with-credentials.html:
  • http/tests/security/webgl-remote-read-remote-image-allowed.html:
  • http/tests/security/webgl-remote-read-remote-image-blocked-no-crossorigin.html:
  • http/tests/webgl/1.0.2/resources/webgl_test_files/conformance/more/unit.js:
  • http/tests/webgl/1.0.2/resources/webgl_test_files/resources/js-test-pre.js:
  • http/tests/webgl/1.0.2/resources/webkit-webgl-test-harness.js:
  • imported/blink/compositing/draws-content/webgl-simple-background.html:
  • webgl/1.0.2/resources/webgl_test_files/conformance/more/unit.js:
  • webgl/1.0.2/resources/webgl_test_files/resources/js-test-pre.js:
  • webgl/1.0.2/resources/webkit-webgl-test-harness.js:
  • webgl/1.0.3/resources/webgl_test_files/conformance/more/unit.js:
  • webgl/1.0.3/resources/webgl_test_files/resources/js-test-pre.js:
  • webgl/1.0.3/resources/webkit-webgl-test-harness.js:
  • webgl/resources/webkit-webgl-test-harness.js:
6:57 PM Changeset in webkit [198090] by rniwa@webkit.org
  • 5 edits
    2 adds in trunk

REGRESSION (r190840): crash inside details element's slotNameFunction
https://bugs.webkit.org/show_bug.cgi?id=155388

Reviewed by Antti Koivisto.

Source/WebCore:

The bug was caused by HTMLDetailsElement::isActiveSummary calling findAssignedSlot with a summary element
inside the shadow tree of the detials element. Fixed it by existing early when the summary element passed
to isActiveSummary is not a direct child of the details element.

Test: fast/html/details-summary-tabindex-crash.html

  • dom/ShadowRoot.cpp:

(WebCore::ShadowRoot::findAssignedSlot): Added an assertion for regression testing.

  • dom/SlotAssignment.cpp:

(WebCore::SlotAssignment::findAssignedSlot): Removed the superfluous call to assignSlots added in r190840.
There is no need to update the slot assignments here (entires in m_slots are added or removed by
addSlotElementByName or removeSlotElementByName and assignSlots only updates assignedNodes in each SlotInfo
which is never used in this function or findFirstSlotElement.

  • html/HTMLDetailsElement.cpp:

(WebCore::HTMLDetailsElement::isActiveSummary): Fixed the bug.

LayoutTests:

Added a regression test.

  • fast/html/details-summary-tabindex-crash-expected.txt: Added.
  • fast/html/details-summary-tabindex-crash.html: Added.
6:44 PM Changeset in webkit [198089] by mitz@apple.com
  • 4 edits
    1 add in trunk/Source/WebKit2

[Mac] Injected bundle in relocatable WebContent service can’t use XPC services from other relocatable frameworks
https://bugs.webkit.org/show_bug.cgi?id=155414
<rdar://problem/24428418>

Reviewed by Sam Weinig.

  • Configurations/DebugRelease.xcconfig: Set WK_WEBCONTENT_SERVICE_NEEDS_XPC_DOMAIN_EXTENSION_ENTITLEMENT to NO, because engineering builds are ad-hoc signed and therefore can’t have a private entitlement.
  • Configurations/WebContent-OSX.entitlements: Added. Includes the XPC domain extension entitlement.
  • Configurations/WebContentService.xcconfig: Set WK_WEBCONTENT_SERVICE_NEEDS_XPC_DOMAIN_EXTENSION_ENTITLEMENT to YES if not already set and the framework is relocatable. Set CODE_SIGN_ENTITLEMENTS to the new entitlements file if the domain extension entitlement is needed.
  • WebKit2.xcodeproj/project.pbxproj: Added reference to new file.
6:09 PM Changeset in webkit [198088] by dino@apple.com
  • 32 edits in trunk

<attachment> should be a runtime-enabled feature
https://bugs.webkit.org/show_bug.cgi?id=155413
<rdar://problem/25120753>

Reviewed by Sam Weinig and Anders Carlsson.

Source/WebKit/mac:

Add an internal setting on WebPreferences
to enable the <attachment> element support.

  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences attachmentElementEnabled]):
(-[WebPreferences setAttachmentElementEnabled:]):

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Source/WebKit2:

Add an internal setting on WKWebViewConfiguration
to enable the <attachment> element support.

  • Shared/WebPreferencesDefinitions.h:
  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _attachmentElementEnabled]):
(-[WKWebViewConfiguration _setAttachmentElementEnabled:]):

  • UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

LayoutTests:

Now that <attachment> is disabled by default, use an
internal setting to turn them back on test by test.

  • fast/attachment/attachment-default-icon-expected.html:
  • fast/attachment/attachment-default-icon.html:
  • fast/attachment/attachment-disabled-dom.html:
  • fast/attachment/attachment-disabled-rendering.html:
  • fast/attachment/attachment-dom.html:
  • fast/attachment/attachment-folder-icon-expected.html:
  • fast/attachment/attachment-folder-icon.html:
  • fast/attachment/attachment-icon-from-file-extension-expected.html:
  • fast/attachment/attachment-icon-from-file-extension.html:
  • fast/attachment/attachment-label-highlight.html:
  • fast/attachment/attachment-progress.html:
  • fast/attachment/attachment-rendering.html:
  • fast/attachment/attachment-select-on-click-inside-user-select-all.html:
  • fast/attachment/attachment-select-on-click.html:
  • fast/attachment/attachment-subtitle.html:
  • fast/attachment/attachment-title.html:
  • fast/attachment/attachment-type-attribute-expected.html:
  • fast/attachment/attachment-type-attribute.html:
  • editing/pasteboard/copy-paste-attachment.html:
  • editing/pasteboard/drag-and-drop-attachment-contenteditable.html:
3:54 PM Changeset in webkit [198087] by Antti Koivisto
  • 4 edits
    2 adds in trunk

ComposedTreeIterator fails to traverse slots if root is shadow host
https://bugs.webkit.org/show_bug.cgi?id=155407

Reviewed by Darin Adler.

Source/WebCore:

Test: fast/shadow-dom/composed-tree-shadow-subtree.html

  • dom/ComposedTreeIterator.cpp:

(WebCore::ComposedTreeIterator::ComposedTreeIterator):

Traversal functions assume m_contextStack is deeper than 1 before they need to enter slot traversal code paths.
Call initializeContextStack in case of shadow host which does the right thing.

(WebCore::ComposedTreeIterator::traverseSiblingInSlot):
(WebCore::composedTreeAsText):

Add option to include pointers as debugging aid.

  • dom/ComposedTreeIterator.h:

(WebCore::composedTreeChildren):

LayoutTests:

  • fast/shadow-dom/composed-tree-shadow-subtree-expected.txt: Added.
  • fast/shadow-dom/composed-tree-shadow-subtree.html: Added.
3:30 PM Changeset in webkit [198086] by commit-queue@webkit.org
  • 8 edits
    7 adds in trunk

Added new port JSCOnly.
https://bugs.webkit.org/show_bug.cgi?id=154512

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-13
Reviewed by Michael Catanzaro.

This port allows to build JavaScriptCore engine with minimal
dependencies.

.:

  • CMakeLists.txt:
  • Source/cmake/OptionsJSCOnly.cmake: Added.

Source/JavaScriptCore:

  • PlatformJSCOnly.cmake: Added.

Source/WTF:

  • wtf/PlatformJSCOnly.cmake: Added.
  • wtf/none/MainThreadNone.cpp: Added.
  • wtf/none/RunLoopNone.cpp: Added.
  • wtf/none/WorkQueueNone.cpp: Added.

Tools:

  • Scripts/build-jsc:
  • Scripts/webkitdirs.pm:

(argumentsForConfiguration):
(executableProductDir):
(determinePortName):
(isJSCOnly):
(wrapperPrefixIfNeeded):
(generateBuildSystemFromCMakeProject):
(buildCMakeGeneratedProject):

3:28 PM Changeset in webkit [198085] by ddkilzer@apple.com
  • 6 edits
    1 copy in trunk/Tools

TestWebKitAPI: fix linker warnings
<http://webkit.org/b/155394>

Reviewed by Darin Adler.

  • TestWebKitAPI/CMakeLists.txt:
  • Add RefLogger.cpp source file.
  • Add other missing cross-platform source files.
  • Add FIXMEs about RunLoop.cpp and about missing platform-specific source files.
  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • Add RefLogger.cpp source file.
  • TestWebKitAPI/Counters.cpp:

(DeleterCounter<ConstructorDestructorCounter>::deleterCount):
Move specific declaration here to fix linker warning.

  • TestWebKitAPI/Counters.h:

(DeleterCounter<T>::deleterCount): Remove declaration of global
template variable.

  • TestWebKitAPI/Tests/WTF/RefLogger.cpp: Added.

(TestWebKitAPI::log): Added. Move inline definition in
RefLogger.h to here to fix linker warning.

  • TestWebKitAPI/Tests/WTF/RefLogger.h:

(TestWebKitAPI::log): Replace inline function with declaration.

3:03 PM Changeset in webkit [198084] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Styles sidebar inline swatches are oddly shaped
https://bugs.webkit.org/show_bug.cgi?id=155410

Patch by Devin Rousso <Devin Rousso> on 2016-03-13
Reviewed by Timothy Hatcher.

  • UserInterface/Views/InlineSwatch.css:

(.inline-swatch):
(.inline-swatch > span):
Added more consistent border-radius with UserInterface/Images/CubicBezier.svg.

  • UserInterface/Views/VisualStyleColorPicker.css:

(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .inline-swatch.color):
Made border-radius consistent with the adjacent input field.

1:12 PM Changeset in webkit [198083] by weinig@apple.com
  • 20 edits in trunk/Source

WebKit can easily crash below NetworkSession::dataTaskForIdentifier() with NSURLSession enabled
<rdar://problem/25129946>
https://bugs.webkit.org/show_bug.cgi?id=155401

Reviewed by Alex Christensen.

Source/WebCore:

Add a SessionID as a member of NetworkStorageSession. This allows us to avoid having HashMaps
to map between the two types.

  • platform/network/NetworkStorageSession.h:

(WebCore::NetworkStorageSession::sessionID):
(WebCore::NetworkStorageSession::credentialStorage):
(WebCore::NetworkStorageSession::platformSession):

  • platform/network/NetworkStorageSessionStub.cpp:

(WebCore::NetworkStorageSession::NetworkStorageSession):
(WebCore::NetworkStorageSession::context):
(WebCore::NetworkStorageSession::createPrivateBrowsingSession):
(WebCore::defaultSession):
(WebCore::NetworkStorageSession::defaultStorageSession):
(WebCore::NetworkStorageSession::switchToNewTestingSession):

  • platform/network/cf/NetworkStorageSessionCFNet.cpp:

(WebCore::NetworkStorageSession::NetworkStorageSession):
(WebCore::NetworkStorageSession::switchToNewTestingSession):
(WebCore::NetworkStorageSession::defaultStorageSession):
(WebCore::NetworkStorageSession::createPrivateBrowsingSession):

  • platform/network/soup/NetworkStorageSessionSoup.cpp:

(WebCore::NetworkStorageSession::NetworkStorageSession):
(WebCore::NetworkStorageSession::defaultStorageSession):
(WebCore::NetworkStorageSession::createPrivateBrowsingSession):
(WebCore::NetworkStorageSession::switchToNewTestingSession):
(WebCore::NetworkStorageSession::soupNetworkSession):

Source/WebKit/mac:

  • WebCoreSupport/WebFrameNetworkingContext.mm:

(WebFrameNetworkingContext::ensurePrivateBrowsingSession):
Pass a SessionID to NetworkStorageSession::createPrivateBrowsingSession().

Source/WebKit/win:

  • WebCoreSupport/WebFrameNetworkingContext.cpp:

(WebFrameNetworkingContext::ensurePrivateBrowsingSession):
Pass a SessionID to NetworkStorageSession::createPrivateBrowsingSession().

Source/WebKit2:

The issue was that NSURLSessionDataTasks can continue to invoke their NSURLSession's delegate methods
after -[NSURLSession invalidateAndCancel] is called. So, when the NetworkSession was destroyed, and
still had outstanding data tasks, the session delegate would get called, try to use the session, and
crash. To fix this I:

  • Made NetworkSession RefCounted.
  • Gave NetworkSession two delegates, one for each NSURLSession.
  • Made each delegate have a strong reference to the NetworkSession that gets cleared out in the newly implemented URLSession:didBecomeInvalidWithError: method.
  • Changed from simply destroying the NetworkSession in SessionTracker::destroySession(), to derefing it and explicitly calling invalidateAndCancel on the two associated NSURLSessions (which in turn eventually cause the URLSession:didBecomeInvalidWithError: to fire).
  • To ensure the correct lifetime of the WebCore::NetworkStorageSession, I made it a member of the NetworkSession. This also allowed some simplification inside SessionTracker.
  • NetworkProcess/NetworkDataTask.h:

(WebKit::NetworkDataTask::setPendingDownload):
(WebKit::NetworkDataTask::pendingDownloadLocation):

  • NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::NetworkLoad):

  • NetworkProcess/NetworkSession.h:

(WebKit::NetworkSession::sessionID):

  • NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(WebKit::NetworkDataTask::NetworkDataTask):
(WebKit::NetworkDataTask::~NetworkDataTask):
(WebKit::NetworkDataTask::willPerformHTTPRedirection):
(WebKit::NetworkDataTask::tryPasswordBasedAuthentication):

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(-[WKNetworkSessionDelegate initWithNetworkSession:]):
(-[WKNetworkSessionDelegate URLSession:didBecomeInvalidWithError:]):
(WebKit::NetworkSession::setCustomProtocolManager):
(WebKit::NetworkSession::create):
(WebKit::NetworkSession::defaultSession):
(WebKit::NetworkSession::NetworkSession):
(WebKit::NetworkSession::~NetworkSession):
(WebKit::NetworkSession::invalidateAndCancel):
(WebKit::NetworkSession::networkStorageSession):
(WebKit::NetworkSession::clearCredentials):

  • NetworkProcess/mac/RemoteNetworkingContext.mm:

(WebKit::RemoteNetworkingContext::ensurePrivateBrowsingSession):

  • Shared/SessionTracker.cpp:

(WebKit::identifierBase):
(WebKit::SessionTracker::getIdentifierBase):
(WebKit::SessionTracker::setIdentifierBase):
(WebKit::staticSessionMap):
(WebKit::SessionTracker::networkSession):
(WebKit::SessionTracker::storageSession):
(WebKit::staticStorageSessionMap):
(WebKit::SessionTracker::sessionID):
(WebKit::SessionTracker::setSession):
(WebKit::SessionTracker::destroySession):
(WebKit::SessionTracker::forEachNetworkStorageSession):
(WebKit::storageSessionToID): Deleted.
(WebKit::SessionTracker::storageSessionMap): Deleted.

  • Shared/SessionTracker.h:
  • WebProcess/WebCoreSupport/mac/WebFrameNetworkingContext.mm:

(WebKit::WebFrameNetworkingContext::ensurePrivateBrowsingSession):
(WebKit::WebFrameNetworkingContext::setCookieAcceptPolicyForAllContexts):
(WebKit::WebFrameNetworkingContext::localFileContentSniffingEnabled):
(WebKit::WebFrameNetworkingContext::scheduledRunLoopPairs):

  • WebProcess/WebCoreSupport/soup/WebFrameNetworkingContext.cpp:

(WebKit::WebFrameNetworkingContext::ensurePrivateBrowsingSession):
(WebKit::WebFrameNetworkingContext::setCookieAcceptPolicyForAllContexts):
(WebKit::WebFrameNetworkingContext::WebFrameNetworkingContext):

12:51 PM Changeset in webkit [198082] by jonlee@apple.com
  • 2 edits in trunk/Source/WebCore

getUserMedia requests from the main frame should be treated the same as requests from an iframe with the same origin
https://bugs.webkit.org/show_bug.cgi?id=155405
<rdar://problem/25131007>

Reviewed by Eric Carlson.

When gUM is called from the main frame, or from a subframe with the same origin, the
top level document origin should be the same.

  • Modules/mediastream/UserMediaRequest.cpp:

(WebCore::UserMediaRequest::userMediaDocumentOrigin): Reverse the logic so that it is similar
to topLevelDocumentOrigin.
(WebCore::UserMediaRequest::topLevelDocumentOrigin): Return the top origin always.

12:02 PM Changeset in webkit [198081] by ddkilzer@apple.com
  • 4 edits in trunk/Source

REGRESSION (r198079): Windows build broke because of "%PRId64" format specifier

Source/WebCore:

  • platform/network/ParsedContentRange.cpp: Add #include

<wtf/StdLibExtras.h> and remove local definition of "PRId64".

Source/WTF:

This fixes the following build failure in WebCore for Windows:

C:\Source\WebCore\page\DOMTimer.cpp(396): error C2146: syntax error: missing ')' before identifier 'PRId64' [C:\WebKitBuild\Debug\Source\WebCore\WebCore.vcxproj]
C:\Source\WebCore\page\DOMTimer.cpp(399): error C2146: syntax error: missing ')' before identifier 'PRId64' [C:\WebKitBuild\Debug\Source\WebCore\WebCore.vcxproj]

  • wtf/StdLibExtras.h: Define "PRId64" for Windows here so it may

be shared. This should fix DOMTimer.cpp after r198079 since it
already includes StdLibExtras.h.

8:46 AM Changeset in webkit [198080] by mark.lam@apple.com
  • 2 edits
    1 add in trunk/Source/JavaScriptCore

http://kangax.github.io/compat-table/esnext/ crashes reliably.
https://bugs.webkit.org/show_bug.cgi?id=155404

Reviewed by Yusuke Suzuki.

constructObjectFromPropertyDescriptor() was incorrectly assuming that either
both getter and setter will be set or unset. It did not consider that only one
of the getter or setter may be set. This patch fixes that.

  • runtime/ObjectConstructor.h:

(JSC::constructObjectFromPropertyDescriptor):

  • tests/stress/proxy-with-unbalanced-getter-setter.js: Added.

(assert):
(let.handler.defineProperty):
(i.):
(i.assert):
(i.get assert):
(set assert):

7:46 AM Changeset in webkit [198079] by jh718.park@samsung.com
  • 2 edits in trunk/Source/WebCore

[EFL] Fix debug build error since r197690. Unreviewed.
https://bugs.webkit.org/show_bug.cgi?id=155408

Unreviewed. Change %lld to %PRId instead to correct the error below.
error: format ‘%lld’ expects argument of type ‘long long int’,
but argument 5 has type ‘std::chrono::duration<long int, std::ratio<1l, 1000l> >::rep
{aka long int}’ [-Werror=format=]

  • page/DOMTimer.cpp:

(WebCore::DOMTimer::updateTimerIntervalIfNecessary):

Mar 12, 2016:

7:58 PM Changeset in webkit [198078] by mmaxfield@apple.com
  • 12 edits in trunk/Source/WebCore

[Cocoa] Remove typedef from NSScrollerImp to ScrollbarPainter
https://bugs.webkit.org/show_bug.cgi?id=155379

Reviewed by Beth Dakin.

There's no reason to not call them what they are.

No new tests because there is no behavior change.

  • page/scrolling/AsyncScrollingCoordinator.cpp:

(WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):

  • page/scrolling/ScrollingStateFrameScrollingNode.cpp:

(WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
(WebCore::ScrollingStateFrameScrollingNode::setScrollerImpsFromScrollbars):
(WebCore::ScrollingStateFrameScrollingNode::setScrollbarPaintersFromScrollbars): Deleted.

  • page/scrolling/ScrollingStateFrameScrollingNode.h:
  • page/scrolling/mac/ScrollingStateFrameScrollingNodeMac.mm:

(WebCore::ScrollingStateFrameScrollingNode::setScrollerImpsFromScrollbars):
(WebCore::ScrollingStateFrameScrollingNode::setScrollbarPaintersFromScrollbars): Deleted.

  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

(WebCore::ScrollingTreeFrameScrollingNodeMac::ScrollingTreeFrameScrollingNodeMac):
(WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
(WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollerImpsOnTheMainThread):
(WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
(WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent):
(WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollLayerPosition):
(WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollbarPaintersOnTheMainThread): Deleted.

  • platform/ScrollbarThemeComposite.h:
  • platform/mac/ScrollAnimatorMac.h:
  • platform/mac/ScrollAnimatorMac.mm:

(scrollbarPainterForScrollbar):
(-[WebScrollerImpDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
(-[WebScrollerImpDelegate scrollerImp:animateKnobAlphaTo:duration:]):
(-[WebScrollerImpDelegate scrollerImp:animateTrackAlphaTo:duration:]):
(-[WebScrollerImpDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
(-[WebScrollerImpDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
(WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
(WebCore::ScrollAnimatorMac::~ScrollAnimatorMac):
(WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
(WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
(WebCore::ScrollAnimatorMac::mouseIsDownInScrollbar):
(WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
(WebCore::ScrollAnimatorMac::willRemoveVerticalScrollbar):
(WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
(WebCore::ScrollAnimatorMac::willRemoveHorizontalScrollbar):
(WebCore::ScrollAnimatorMac::invalidateScrollbarPartLayers):
(WebCore::ScrollAnimatorMac::verticalScrollbarLayerDidChange):
(WebCore::ScrollAnimatorMac::horizontalScrollbarLayerDidChange):
(WebCore::ScrollAnimatorMac::shouldScrollbarParticipateInHitTesting):
(WebCore::ScrollAnimatorMac::notifyContentAreaScrolled):
(WebCore::ScrollAnimatorMac::cancelAnimations):
(WebCore::ScrollAnimatorMac::updateScrollerStyle):
(WebCore::ScrollAnimatorMac::initialScrollbarPaintTimerFired):
(-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]): Deleted.
(-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]): Deleted.
(-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]): Deleted.
(-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]): Deleted.
(-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]): Deleted.

  • platform/mac/ScrollbarThemeMac.h:
  • platform/mac/ScrollbarThemeMac.mm:

(WebCore::scrollbarMap):
(+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
(WebCore::ScrollbarThemeMac::registerScrollbar):
(WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
(WebCore::ScrollbarThemeMac::painterForScrollbar):
(WebCore::ScrollbarThemeMac::scrollbarThickness):
(WebCore::ScrollbarThemeMac::updateScrollbarOverlayStyle):
(WebCore::ScrollbarThemeMac::hasThumb):
(WebCore::ScrollbarThemeMac::setPaintCharacteristicsForScrollbar):
(WebCore::scrollbarPainterPaint):

7:48 PM Changeset in webkit [198077] by BJ Burg
  • 11 edits in trunk/Source/JavaScriptCore

When generating Objective-C protocol types, getters for objects need to synthesize a new object instance
https://bugs.webkit.org/show_bug.cgi?id=155389
<rdar://problem/25125821>

Reviewed by Timothy Hatcher.

Currently, in object property getters for Objective-C protocol types, we use
a C-style cast of the member's RWIProtocolJSONObject * to the type of the property.
However, at runtime the class of self is going to be RWIProtocolJSONObject *,
not MemberType *, so any subsequent calls to MemberType properties on the return value
will fail as the selectors will not be recognized.

Instead of doing a C-style pointer cast, we need to create a new MemberType object
that's backed by the InspectorObject retrieved from the parent object by key.
This requires a new initWithJSONObject initializer for each object protocol type.

  • inspector/scripts/codegen/generate_objc_header.py:

(ObjCHeaderGenerator._generate_type_interface): Add new declaration.

  • inspector/scripts/codegen/generate_objc_protocol_types_implementation.py:

(ObjCProtocolTypesImplementationGenerator.generate_type_implementation):
(ObjCProtocolTypesImplementationGenerator._generate_init_method_for_json_object): Added.
Forward through to the super class initializer who assigns the underlying InspectorObject.

(ObjCProtocolTypesImplementationGenerator._generate_init_method_for_required_members):
Drive-by cleanup to use the more compact [super init] form.

  • inspector/scripts/codegen/objc_generator.py:

(ObjCGenerator.protocol_to_objc_expression_for_member):
For property getters of objects, use initWithJSONObject: rather than a C-style cast.

Rebaseline relevant test results.

  • inspector/scripts/tests/expected/commands-with-async-attribute.json-result:
  • inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
  • inspector/scripts/tests/expected/events-with-optional-parameters.json-result:
  • inspector/scripts/tests/expected/generate-domains-with-feature-guards.json-result:
  • inspector/scripts/tests/expected/shadowed-optional-type-setters.json-result:
  • inspector/scripts/tests/expected/type-declaration-object-type.json-result:
  • inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:
6:39 PM Changeset in webkit [198076] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Removed variable names from default constructor declarations.
https://bugs.webkit.org/show_bug.cgi?id=155397

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-12
Reviewed by Mark Lam.

They carry no information and generate unused variable warning with GCC
4.8 in a lot of source files.

  • parser/VariableEnvironment.h:
5:55 PM Changeset in webkit [198075] by dino@apple.com
  • 5 edits
    4 adds in trunk

REGRESSION (r188647): Teamtreehouse website sidebar buttons are not rendered
https://bugs.webkit.org/show_bug.cgi?id=155400
<rdar://problem/24818602>

Reviewed by Anders Carlsson.

Source/WebCore:

When we unprefixed CSS filters we accidentally
stopped SVG elements that use the CSS filter shorthands
from rendering. We still don't actually support
the shorthands in this case, but we should render
the element without the filter.

Tests: css3/filters/filters-on-svg-element.html

css3/filters/filters-on-svg-root.html

  • rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::hasReferenceFilterOnly): Add
this new function that tells us if we have the
style of filter that we can handle in SVG content.

  • rendering/style/RenderStyle.h:
  • rendering/svg/SVGRenderingContext.cpp:

(WebCore::SVGRenderingContext::prepareToRenderSVGContent):
We can mark an element as ready to render if it
has a shorthand filter.

LayoutTests:

Add tests with SVG content that uses CSS filter
shorthands. These particular filters are no-ops
so should not affect rendering. If they actually
tried to do something you wouldn't see them work
until we enable shorthand filters on SVG content.

  • css3/filters/filters-on-svg-element-expected.html: Added.
  • css3/filters/filters-on-svg-element.html: Added.
  • css3/filters/filters-on-svg-root-expected.html: Added.
  • css3/filters/filters-on-svg-root.html: Added.
4:36 PM Changeset in webkit [198074] by mmaxfield@apple.com
  • 75 edits
    7 deletes in trunk

Delete dead SVG Font code
https://bugs.webkit.org/show_bug.cgi?id=154718

Reviewed by Antti Koivisto.

.:

  • Source/cmake/OptionsEfl.cmake:
  • Source/cmake/OptionsWin.cmake:
  • Source/cmake/WebKitFeatures.cmake:
  • Source/cmake/tools/vsprops/FeatureDefines.props:
  • Source/cmake/tools/vsprops/FeatureDefinesCairo.props:

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

All the ports have adopted the SVG -> OTF Font Converter, so there will never
be an instantiation of a font backed by a DOM subtree. We can remove all the
infrastructure used to support that.

No new tests because there is no behavior change.

  • CMakeLists.txt:
  • Configurations/FeatureDefines.xcconfig:
  • WebCore.order:
  • WebCore.xcodeproj/project.pbxproj:
  • css/CSSFontFaceSource.cpp:

(WebCore::CSSFontFaceSource::CSSFontFaceSource): Deleted.
(WebCore::CSSFontFaceSource::font): Deleted.

  • css/CSSFontFaceSource.h:
  • loader/cache/CachedFont.cpp:
  • loader/cache/CachedSVGFont.cpp:

(WebCore::CachedSVGFont::createFont): Deleted.
(WebCore::CachedSVGFont::ensureCustomFontData): Deleted.

  • loader/cache/CachedSVGFont.h:
  • platform/graphics/Font.cpp:

(WebCore::Font::Font):
(WebCore::fillGlyphPage):
(WebCore::Font::description): Deleted.
(WebCore::Font::createScaledFont): Deleted.
(WebCore::Font::applyTransforms): Deleted.

  • platform/graphics/Font.h:

(WebCore::Font::widthForGlyph):
(WebCore::Font::SVGData::~SVGData): Deleted.
(WebCore::Font::create): Deleted.
(WebCore::Font::svgData): Deleted.
(WebCore::Font::isSVGFont): Deleted.

  • platform/graphics/win/FontWin.cpp:
  • platform/graphics/FontCascade.cpp:

(WebCore::FontCascade::drawText):
(WebCore::FontCascade::drawEmphasisMarks):
(WebCore::FontCascade::glyphDataForCharacter):
(WebCore::FontCascade::adjustSelectionRectForText):
(WebCore::FontCascade::offsetForPosition):
(WebCore::FontCascade::drawEmphasisMarksForSimpleText):
(WebCore::FontCascade::drawGlyphBuffer):
(WebCore::isDrawnWithSVGFont): Deleted.
(WebCore::FontCascade::width): Deleted.
(WebCore::FontCascade::codePath): Deleted.

  • platform/graphics/FontCascade.h:
  • platform/graphics/GraphicsContext.h:
  • platform/graphics/SVGGlyph.cpp: Removed.

(WebCore::processArabicFormDetection): Deleted.
(WebCore::charactersWithArabicForm): Deleted.
(WebCore::isCompatibleArabicForm): Deleted.
(WebCore::isCompatibleGlyph): Deleted.

  • platform/graphics/SVGGlyph.h: Removed.

(WebCore::SVGGlyph::SVGGlyph): Deleted.
(WebCore::SVGGlyph::inheritedValue): Deleted.
(WebCore::SVGGlyph::operator==): Deleted.

  • platform/graphics/TextRun.cpp:
  • platform/graphics/TextRun.h:

(WebCore::TextRun::RenderingContext::~RenderingContext): Deleted.
(WebCore::TextRun::renderingContext): Deleted.
(WebCore::TextRun::setRenderingContext): Deleted.

  • platform/graphics/WidthIterator.cpp:

(WebCore::WidthIterator::applyFontTransforms):
(WebCore::WidthIterator::advanceInternal):
(WebCore::WidthIterator::glyphDataForCharacter): Deleted.

  • platform/graphics/WidthIterator.h:

(WebCore::WidthIterator::lastGlyphName): Deleted.
(WebCore::WidthIterator::setLastGlyphName): Deleted.
(WebCore::WidthIterator::arabicForms): Deleted.

  • platform/graphics/cairo/FontCairo.cpp:

(WebCore::CairoGlyphToPathTranslator::advance):
(WebCore::FontCascade::dashesForIntersectionsWithRect):
(WebCore::CairoGlyphToPathTranslator::moveToNextValidGlyph): Deleted.

  • platform/graphics/cocoa/FontCascadeCocoa.mm:

(WebCore::MacGlyphToPathTranslator::advance):
(WebCore::FontCascade::dashesForIntersectionsWithRect):
(WebCore::FontCascade::primaryFontIsSystemFont):
(WebCore::FontCascade::drawEmphasisMarksForComplexText):
(WebCore::MacGlyphToPathTranslator::moveToNextValidGlyph): Deleted.

  • platform/graphics/harfbuzz/HarfBuzzShaper.cpp:

(WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Deleted.

  • platform/graphics/mac/ComplexTextController.cpp:

(WebCore::TextLayout::isNeeded):
(WebCore::TextLayout::TextLayout):
(WebCore::TextLayout::constructTextRun):

  • rendering/EllipsisBox.cpp:

(WebCore::EllipsisBox::paint):
(WebCore::EllipsisBox::selectionRect):
(WebCore::EllipsisBox::paintSelection):

  • rendering/InlineTextBox.cpp:

(WebCore::InlineTextBox::localSelectionRect):
(WebCore::InlineTextBox::paint):
(WebCore::InlineTextBox::paintSelection):
(WebCore::InlineTextBox::paintCompositionBackground):
(WebCore::InlineTextBox::paintDocumentMarker):
(WebCore::InlineTextBox::paintTextMatchMarker):
(WebCore::InlineTextBox::offsetForPosition):
(WebCore::InlineTextBox::positionForOffset):
(WebCore::InlineTextBox::constructTextRun):

  • rendering/InlineTextBox.h:
  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::constructTextRun):

  • rendering/RenderBlock.h:
  • rendering/RenderBlockFlow.cpp:

(WebCore::stripTrailingSpace):

  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::checkLinesForTextOverflow):

  • rendering/RenderDeprecatedFlexibleBox.cpp:

(WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):

  • rendering/RenderFileUploadControl.cpp:

(WebCore::RenderFileUploadControl::paintObject):
(WebCore::RenderFileUploadControl::computeIntrinsicLogicalWidths):

  • rendering/RenderImage.cpp:

(WebCore::RenderImage::setImageSizeForAltText):
(WebCore::RenderImage::paintReplaced):

  • rendering/RenderListBox.cpp:

(WebCore::RenderListBox::updateFromElement):

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::paint):
(WebCore::RenderListMarker::computePreferredLogicalWidths):
(WebCore::RenderListMarker::getRelativeMarkerRect):

  • rendering/RenderMenuList.cpp:

(RenderMenuList::updateOptionsWidth):

  • rendering/RenderText.cpp:

(WebCore::RenderText::widthFromCache):
(WebCore::RenderText::trimmedPrefWidths):
(WebCore::hyphenWidth):
(WebCore::maxWordFragmentWidth):
(WebCore::RenderText::computePreferredLogicalWidths):
(WebCore::RenderText::width):

  • rendering/RenderTextControl.cpp:

(WebCore::RenderTextControl::getAverageCharWidth):

  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeMeasureTextClient::RenderThemeMeasureTextClient):
(WebCore::adjustInputElementButtonStyle):

  • rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::canUseForFontAndText): Deleted.

  • rendering/line/BreakingContext.h:

(WebCore::WordTrailingSpace::WordTrailingSpace):
(WebCore::WordTrailingSpace::width):
(WebCore::measureHyphenWidth):
(WebCore::textWidth):
(WebCore::tryHyphenating):
(WebCore::BreakingContext::handleText):

  • rendering/svg/RenderSVGAllInOne.cpp:
  • rendering/svg/RenderSVGText.cpp:
  • rendering/svg/SVGInlineTextBox.cpp:

(WebCore::SVGInlineTextBox::prepareGraphicsContextForTextPainting):
(WebCore::SVGInlineTextBox::restoreGraphicsContextAfterTextPainting):
(WebCore::SVGInlineTextBox::paintTextWithShadows):
(WebCore::SVGInlineTextBox::constructTextRun): Deleted.

  • rendering/svg/SVGInlineTextBox.h:
  • rendering/svg/SVGTextLayoutEngine.cpp:

(WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath):

  • rendering/svg/SVGTextLayoutEngineSpacing.cpp:

(WebCore::SVGTextLayoutEngineSpacing::calculateSVGKerning): Deleted.

  • rendering/svg/SVGTextLayoutEngineSpacing.h:
  • rendering/svg/SVGTextMetrics.cpp:

(WebCore::SVGTextMetrics::SVGTextMetrics):
(WebCore::SVGTextMetrics::constructTextRun): Deleted.

  • rendering/svg/SVGTextMetrics.h:
  • rendering/svg/SVGTextMetricsBuilder.cpp:

(WebCore::SVGTextMetricsBuilder::advanceSimpleText):

  • rendering/svg/SVGTextRunRenderingContext.cpp: Removed.

(WebCore::svgFontAndFontFaceElementForFontData): Deleted.
(WebCore::SVGTextRunRenderingContext::floatWidthUsingSVGFont): Deleted.
(WebCore::SVGTextRunRenderingContext::applySVGKerning): Deleted.
(WebCore::SVGGlyphToPathTranslator::SVGGlyphToPathTranslator): Deleted.
(WebCore::SVGGlyphToPathTranslator::transform): Deleted.
(WebCore::SVGGlyphToPathTranslator::path): Deleted.
(WebCore::SVGGlyphToPathTranslator::extents): Deleted.
(WebCore::SVGGlyphToPathTranslator::moveToNextValidGlyph): Deleted.
(WebCore::SVGGlyphToPathTranslator::advance): Deleted.
(WebCore::SVGTextRunRenderingContext::createGlyphToPathTranslator): Deleted.
(WebCore::SVGTextRunRenderingContext::drawSVGGlyphs): Deleted.
(WebCore::missingGlyphForFont): Deleted.
(WebCore::SVGTextRunRenderingContext::glyphDataForCharacter): Deleted.

  • rendering/svg/SVGTextRunRenderingContext.h: Removed.
  • svg/SVGAllInOne.cpp:
  • svg/SVGFontData.cpp: Removed.

(WebCore::SVGFontData::SVGFontData): Deleted.
(WebCore::SVGFontData::initializeFont): Deleted.
(WebCore::SVGFontData::widthForSVGGlyph): Deleted.
(WebCore::SVGFontData::applySVGGlyphSelection): Deleted.
(WebCore::SVGFontData::fillSVGGlyphPage): Deleted.
(WebCore::SVGFontData::fillBMPGlyphs): Deleted.
(WebCore::SVGFontData::fillNonBMPGlyphs): Deleted.
(WebCore::computeNormalizedSpaces): Deleted.
(WebCore::createStringWithMirroredCharacters): Deleted.

  • svg/SVGFontData.h: Removed.

(WebCore::SVGFontData::~SVGFontData): Deleted.
(WebCore::SVGFontData::svgFontFaceElement): Deleted.
(WebCore::SVGFontData::horizontalOriginX): Deleted.
(WebCore::SVGFontData::horizontalOriginY): Deleted.
(WebCore::SVGFontData::horizontalAdvanceX): Deleted.
(WebCore::SVGFontData::verticalOriginX): Deleted.
(WebCore::SVGFontData::verticalOriginY): Deleted.
(WebCore::SVGFontData::verticalAdvanceY): Deleted.

  • svg/SVGFontElement.cpp:

(WebCore::SVGFontElement::SVGFontElement): Deleted.
(WebCore::SVGFontElement::invalidateGlyphCache): Deleted.
(WebCore::SVGFontElement::firstMissingGlyphElement): Deleted.
(WebCore::SVGFontElement::registerLigaturesInGlyphCache): Deleted.
(WebCore::SVGFontElement::ensureGlyphCache): Deleted.
(WebCore::SVGKerningMap::clear): Deleted.
(WebCore::SVGKerningMap::insert): Deleted.
(WebCore::stringMatchesUnicodeRange): Deleted.
(WebCore::stringMatchesGlyphName): Deleted.
(WebCore::stringMatchesUnicodeName): Deleted.
(WebCore::matches): Deleted.
(WebCore::kerningForPairOfStringsAndGlyphs): Deleted.
(WebCore::SVGFontElement::horizontalKerningForPairOfStringsAndGlyphs): Deleted.
(WebCore::SVGFontElement::verticalKerningForPairOfStringsAndGlyphs): Deleted.
(WebCore::SVGFontElement::collectGlyphsForString): Deleted.
(WebCore::SVGFontElement::collectGlyphsForGlyphName): Deleted.
(WebCore::SVGFontElement::svgGlyphForGlyph): Deleted.
(WebCore::SVGFontElement::missingGlyph): Deleted.

  • svg/SVGFontElement.h:

(WebCore::SVGKerning::SVGKerning): Deleted.
(WebCore::SVGKerningMap::isEmpty): Deleted.

  • svg/SVGGlyphElement.cpp:

(WebCore::SVGGlyphElement::invalidateGlyphCache): Deleted.
(WebCore::SVGGlyphElement::parseAttribute): Deleted.
(WebCore::SVGGlyphElement::insertedInto): Deleted.
(WebCore::SVGGlyphElement::removedFrom): Deleted.
(WebCore::parseArabicForm): Deleted.
(WebCore::parseOrientation): Deleted.
(WebCore::SVGGlyphElement::inheritUnspecifiedAttributes): Deleted.
(WebCore::parseSVGGlyphAttribute): Deleted.
(WebCore::SVGGlyphElement::buildGenericGlyphIdentifier): Deleted.
(WebCore::SVGGlyphElement::buildGlyphIdentifier): Deleted.

  • svg/SVGGlyphElement.h:
  • svg/SVGGlyphMap.h: Removed.

(WebCore::GlyphMapNode::GlyphMapNode): Deleted.
(WebCore::GlyphMapNode::create): Deleted.
(WebCore::SVGGlyphMap::SVGGlyphMap): Deleted.
(WebCore::SVGGlyphMap::addGlyph): Deleted.
(WebCore::SVGGlyphMap::appendToGlyphTable): Deleted.
(WebCore::SVGGlyphMap::compareGlyphPriority): Deleted.
(WebCore::SVGGlyphMap::collectGlyphsForString): Deleted.
(WebCore::SVGGlyphMap::clear): Deleted.
(WebCore::SVGGlyphMap::svgGlyphForGlyph): Deleted.
(WebCore::SVGGlyphMap::glyphIdentifierForGlyphName): Deleted.

  • svg/SVGHKernElement.cpp:

(WebCore::SVGHKernElement::insertedInto): Deleted.
(WebCore::SVGHKernElement::removedFrom): Deleted.

  • svg/SVGHKernElement.h:
  • svg/SVGToOTFFontConversion.cpp:
  • svg/SVGToOTFFontConversion.h:
  • svg/SVGVKernElement.cpp:

(WebCore::SVGVKernElement::insertedInto): Deleted.
(WebCore::SVGVKernElement::removedFrom): Deleted.

  • svg/SVGVKernElement.h:

Source/WebKit/mac:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

  • Configurations/FeatureDefines.xcconfig:
4:22 PM Changeset in webkit [198073] by bshafiei@apple.com
  • 4 edits in tags/Safari-602.1.22.1/Source

Roll out r197572. rdar://problem/25114544

4:02 PM Changeset in webkit [198072] by bshafiei@apple.com
  • 5 edits in tags/Safari-602.1.22.1/Source

Versioning.

3:59 PM Changeset in webkit [198071] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.22.1

New tag.

3:15 PM Changeset in webkit [198070] by Beth Dakin
  • 7 edits
    11 moves in trunk/Source/WebKit2

Make preview inline navigation work API
https://bugs.webkit.org/show_bug.cgi?id=155383
-and corresponding-
rdar://problem/25117985

Reviewed by Dan Bernstein.

With this patch:
_WKElementInfo is now WKElementInfo in file and class names. Header is now
public.

_WKPreviewElementInfo is now WKPreviewElementInfo in file and class names.
Header is now public.

_WKPreviewAction is now WKPreviewActionItem in filenames (header is now
public), the protocol _WKPreviewActionItem is now WKPreviewActionItem, and
the _WKPreviewAction class is now WKPreviewAction. (The internal header is
still project, of course.)
and
WKPreviewActionIdentifiersPrivate.h/mm is now
WKPreviewActionItemIdentifiers.h/mm and all the the identifiers have been
updated. Header is now public.

  • Shared/API/Cocoa/WebKit.h:
  • UIProcess/API/Cocoa/WKElementInfo.h: Copied from UIProcess/API/Cocoa/_WKElementInfo.h.
  • UIProcess/API/Cocoa/WKElementInfo.mm: Copied from UIProcess/API/Cocoa/_WKElementInfo.mm.

(-[WKElementInfo copyWithZone:]):
(-[_WKElementInfo copyWithZone:]): Deleted.

  • UIProcess/API/Cocoa/WKElementInfoInternal.h: Copied from UIProcess/API/Cocoa/_WKElementInfoInternal.h.
  • UIProcess/API/Cocoa/WKPreviewActionIdentifiersPrivate.h: Removed.
  • UIProcess/API/Cocoa/WKPreviewActionIdentifiersPrivate.mm: Removed.
  • UIProcess/API/Cocoa/WKPreviewActionItem.h: Copied from UIProcess/API/Cocoa/_WKPreviewAction.h.
  • UIProcess/API/Cocoa/WKPreviewActionItem.mm: Copied from UIProcess/API/Cocoa/_WKPreviewAction.mm.
  • UIProcess/API/Cocoa/WKPreviewActionItemIdentifiers.h: Copied from UIProcess/API/Cocoa/WKPreviewActionIdentifiersPrivate.h.
  • UIProcess/API/Cocoa/WKPreviewActionItemIdentifiers.mm: Copied from UIProcess/API/Cocoa/WKPreviewActionIdentifiersPrivate.mm.
  • UIProcess/API/Cocoa/WKPreviewActionItemInternal.h: Copied from UIProcess/API/Cocoa/_WKPreviewActionInternal.h.
  • UIProcess/API/Cocoa/WKPreviewElementInfo.h: Copied from UIProcess/API/Cocoa/_WKPreviewElementInfo.h.
  • UIProcess/API/Cocoa/WKPreviewElementInfo.mm: Copied from UIProcess/API/Cocoa/_WKPreviewElementInfo.mm.

(-[WKPreviewElementInfo _initWithLinkURL:]):
(-[_WKPreviewElementInfo _initWithLinkURL:]): Deleted.

  • UIProcess/API/Cocoa/WKPreviewElementInfoInternal.h: Copied from UIProcess/API/Cocoa/_WKPreviewElementInfoInternal.h.
  • UIProcess/API/Cocoa/WKUIDelegate.h:
  • UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
  • UIProcess/API/Cocoa/_WKContextMenuElementInfo.h:
  • UIProcess/API/Cocoa/_WKElementInfo.h: Removed.
  • UIProcess/API/Cocoa/_WKElementInfo.mm: Removed.
  • UIProcess/API/Cocoa/_WKElementInfoInternal.h: Removed.
  • UIProcess/API/Cocoa/_WKPreviewAction.h: Removed.
  • UIProcess/API/Cocoa/_WKPreviewAction.mm: Removed.
  • UIProcess/API/Cocoa/_WKPreviewActionInternal.h: Removed.
  • UIProcess/API/Cocoa/_WKPreviewElementInfo.h: Removed.
  • UIProcess/API/Cocoa/_WKPreviewElementInfo.mm: Removed.
  • UIProcess/API/Cocoa/_WKPreviewElementInfoInternal.h: Removed.
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _interactionShouldBeginFromPreviewItemController:forPosition:]):
(previewIdentifierForElementAction):
(-[WKContentView _presentedViewControllerForPreviewItemController:]):
(-[WKContentView _previewItemController:commitPreview:]):

  • WebKit2.xcodeproj/project.pbxproj:
1:18 PM Changeset in webkit [198069] by mmaxfield@apple.com
  • 14 edits
    10 adds in trunk

[OS X] Scrollbars of overflow:scroll divs should appear on the left on RTL systems
https://bugs.webkit.org/show_bug.cgi?id=155385

Reviewed by Simon Fraser.

Source/WebCore:

There is already some existing setup for RTL scrollbars. This patch hooks up this
existing support to the OS X triggering mechanism introduced in r197956. It also
fixes up the existing support to function even when the direction of the
RTL-scrollbar div is LTR (this means the contents of the div must be pushed
over by the width of the scrollbar).

Tests: fast/scrolling/rtl-scrollbars-overflow-contents.html

fast/scrolling/rtl-scrollbars-overflow-dir-rtl.html
fast/scrolling/rtl-scrollbars-overflow-padding.html
fast/scrolling/rtl-scrollbars-overflow-simple.html
fast/scrolling/rtl-scrollbars-overflow.html

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::addOverflowFromPositionedObjects):
(WebCore::RenderBlock::logicalLeftOffsetForContent):
(WebCore::RenderBlock::logicalRightOffsetForContent):

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::determineLogicalLeftPositionForChild):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::overflowClipRect):
(WebCore::RenderBox::layoutOverflowRectForPropagation):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::computeScrollDimensions):

  • rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::shouldPlaceBlockDirectionScrollbarOnLogicalLeft):

  • rendering/style/RenderStyle.h:

LayoutTests:

  • platform/mac-wk1/TestExpectations:
  • platform/mac/TestExpectations:
  • platform/efl/TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/ios-simulator/TestExpectations:
  • platform/win/TestExpectations:
  • fast/scrolling/rtl-scrollbars-overflow-contents-expected.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow-contents.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow-dir-rtl-expected.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow-dir-rtl.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow-expected.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow-padding-expected.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow-padding.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow-simple-expected-mismatch.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow-simple.html: Added.
  • fast/scrolling/rtl-scrollbars-overflow.html: Added.
12:59 PM Changeset in webkit [198068] by bshafiei@apple.com
  • 1 copy in tags/Safari-601.6.8

New tag.

12:58 PM Changeset in webkit [198067] by ddkilzer@apple.com
  • 2 edits in trunk/Tools

REGRESSION (r178615): Fix incorrect case in included header for WeakPtr.cpp

  • TestWebKitAPI/Tests/WTF/WeakPtr.cpp: Change "test.h" to

"Test.h" to fix incorrect case. This was discovered when adding
WeakPtr.cpp to CMakeLists.txt for the patch on Bug 155394.

11:59 AM Changeset in webkit [198066] by ddkilzer@apple.com
  • 4 edits in trunk/Tools

run-webkit-tests: handle Darwin framework/library environment variables more consistently
<http://webkit.org/b/155392>

Reviewed by Daniel Bates.

These changes will make it possible to pass through environment
variables from the run-webkit-tests command-line.

  • Scripts/webkitpy/port/base.py:

(Port.to.setup_environ_for_server): Add DYLD_FRAMEWORK_PATH,
XPC_DYLD_FRAMEWORK_PATH and XPC_DYLD_LIBRARY_PATH to the
list of variables to keep from the run-webkit-test environment.

  • Scripts/webkitpy/port/driver.py:

(Driver._append_environment_variable_path): Add method to append
a path to an environment variable, or set the path if the
variable doesn't exist.
(Driver._setup_environ_for_driver): Extract build_root_path into
a local variable. Use Driver._append_environment_variable_path
to extend DYLD_LIBRARY_PATH, XPC_DYLD_LIBRARY_PATH,
DYLD_FRAMEWORK_PATH and
XPC_DYLD_FRAMEWORK_PATH instead of
overwriting them.

  • Scripts/webkitpy/port/driver_unittest.py:

(DriverTest.testappend_environment_variable_path): Add test
method to test Driver._append_environment_variable_path.

10:16 AM Changeset in webkit [198065] by Nikita Vasilyev
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: Convert toolbar and tab bar to position absolute to reduce repaint areas
https://bugs.webkit.org/show_bug.cgi?id=155386

Reviewed by Timothy Hatcher.

Using CSS flexbox causes unnecessary large repaints.
Convert top level elements (.toolbar, .tab-bar, #main)
from flexbox to "position: absolute".

  • UserInterface/Views/Main.css:

(#main):

  • UserInterface/Views/TabBar.css:

(.tab-bar):

  • UserInterface/Views/Toolbar.css:

(.toolbar):
(body.mac-platform:not(.docked, .mavericks) .toolbar):
(body.mac-platform:not(.docked, .mavericks)):
(body.window-inactive:not(.mavericks) .toolbar): Deleted.

  • UserInterface/Views/Variables.css:

(:root):

9:30 AM Changeset in webkit [198064] by bshafiei@apple.com
  • 5 edits in tags/Safari-602.1.22.0.1/Source

Versioning.

9:27 AM Changeset in webkit [198063] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.22.0.1

New tag.

9:24 AM Changeset in webkit [198062] by Alan Bujtas
  • 9 edits
    8 adds in trunk

[Forms: focus] focus rings around text fields do not follow contour (border-radius)
https://bugs.webkit.org/show_bug.cgi?id=154099
rdar://problem/9988429

Reviewed by Tim Horton.

Source/WebCore:

This patch enables outline-style: auto to follow the curve of border-radius.
When both border-radius and outline-style: auto are set, the native focusring painting will take the border-radius values
into account. This is only for outline-style: auto, other non-auto outline styles paint as if there
was no border-radius set.
It supports both single and multiline content with joint rectangles.
However in case of disjoint rectangles, we fallback to the non-radius drawing.

Tests: fast/inline/hidpi-outline-auto-with-border-radius-horizontal-ltr.html

fast/inline/hidpi-outline-auto-with-border-radius-horizontal-rtl.html
fast/inline/hidpi-outline-auto-with-border-radius-vertical-ltr.html
fast/inline/hidpi-outline-auto-with-border-radius-vertical-rtl.html

  • platform/graphics/GraphicsContext.h:
  • platform/graphics/Path.cpp:

(WebCore::Path::addBeziersForRoundedRect):

  • platform/graphics/Path.h:

(WebCore::Path::circleControlPoint):

  • platform/graphics/PathUtilities.cpp:

(WebCore::polygonsForRect):
(WebCore::PathUtilities::pathsWithShrinkWrappedRects):
(WebCore::startAndEndPointsForCorner):
(WebCore::cornerType):
(WebCore::controlPointsForBezierCurve):
(WebCore::adjustedtRadiiForHuggingCurve):
(WebCore::PathUtilities::pathWithShrinkWrappedRectsForOutline):

  • platform/graphics/PathUtilities.h:
  • platform/graphics/mac/GraphicsContextMac.mm:

(WebCore::GraphicsContext::drawFocusRing):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::paintFocusRing):

LayoutTests:

Unfortunately there's no proper way to test native focusring drawing.
These tests attempt to verify that we don't end up painting sharp corners.

  • fast/inline/hidpi-outline-auto-with-border-radius-horizontal-ltr-expected.html: Added.
  • fast/inline/hidpi-outline-auto-with-border-radius-horizontal-ltr.html: Added.
  • fast/inline/hidpi-outline-auto-with-border-radius-horizontal-rtl-expected.html: Added.
  • fast/inline/hidpi-outline-auto-with-border-radius-horizontal-rtl.html: Added.
  • fast/inline/hidpi-outline-auto-with-border-radius-vertical-ltr-expected.html: Added.
  • fast/inline/hidpi-outline-auto-with-border-radius-vertical-ltr.html: Added.
  • fast/inline/hidpi-outline-auto-with-border-radius-vertical-rtl-expected.html: Added.
  • fast/inline/hidpi-outline-auto-with-border-radius-vertical-rtl.html: Added.
7:22 AM WebKitGTK/2.12.x edited by Michael Catanzaro
(diff)
2:51 AM Changeset in webkit [198061] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.4/Source/JavaScriptCore

Merge r173886 - [CLoop] - Fix CLoop on the 32-bit Big-Endians
https://bugs.webkit.org/show_bug.cgi?id=137020

Patch by Tomas Popela <tpopela@redhat.com> on 2016-03-12
Reviewed by Mark Lam.

  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter32_64.asm:
2:50 AM Changeset in webkit [198060] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.4/Source/JavaScriptCore

LLINT op_put_to_scope and op_get_from_scope should use loadpFromInstruction to get operand from instruction
https://bugs.webkit.org/show_bug.cgi?id=132333

Unreviewed.

When loading operand variable from instruction in
_llint_op_get_from_scope and _llint_op_put_to_scope use
loadpFromInstruction instead of loadisFromInstruction. Also when
saving the operand in LLIntSlowPaths.cpp use the same way as in
CodeBlock.cpp.

Patch by Tomas Popela <tpopela@redhat.com> on 2016-03-12

  • llint/LLIntSlowPaths.cpp:
  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
2:50 AM Changeset in webkit [198059] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.4/Source/JavaScriptCore

Revert "Merge r173886 - [CLoop] - Fix CLoop on the 32-bit Big-Endians"

This reverts commit 5eed35f00c8f26efa2bd5084dc5009563c307e7f.

2:23 AM Changeset in webkit [198058] by commit-queue@webkit.org
  • 4 edits in trunk

.:
[GTK][Mac] Don't force ENABLE_INTROSPECTION=OFF on Mac
https://bugs.webkit.org/show_bug.cgi?id=152650

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-12
Reviewed by Carlos Garcia Campos.

  • Source/cmake/OptionsGTK.cmake:

Source/WebKit2:
[GTK][Mac] Use DYLD_LIBRARY_PATH on OSX rather then LD_LIBRARY_PATH
https://bugs.webkit.org/show_bug.cgi?id=152650

Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com> on 2016-03-12
Reviewed by Carlos Garcia Campos.

  • PlatformGTK.cmake:
Note: See TracTimeline for information about the timeline view.