Timeline

View changes from
going back days
by author

Repository changesets Wiki changes

Mar 24, 2016:

11:46 PM Changeset in webkit [198661] by Gyuyoung Kim

• 2 edits in trunk/LayoutTests

Unreviewed EFL gardening. Mark crash tests in proper category.

• platform/efl/TestExpectations:

10:14 PM Changeset in webkit [198660] by commit-queue@webkit.org

• 2 edits in trunk

Determine architecture for running jsc stress tests on windows
​https://bugs.webkit.org/show_bug.cgi?id=155840

Patch by Bill Ming <​mbbill@gmail.com> on 2016-03-24
Reviewed by Alex Christensen.

• Tools/Scripts/run-jsc-stress-tests:

8:59 PM Changeset in webkit [198659] by achristensen@apple.com

• 7 edits in trunk/Source

Fix Mac CMake build.

Source/JavaScriptCore:

• PlatformMac.cmake:

Link to Security framework.

Source/WebCore:

• PlatformMac.cmake:

Add new file and directory.

Source/WebKit2:

• CMakeLists.txt:

Temporarily add DERIVED_SOURCES_JAVASCRIPTCORE_DIR after DERIVED_SOURCES_WEBCORE_DIR,
because both contain a unique header named InspectorBackendDispatchers.h and this include
order includes the correct one for WebKit2 first.

• PlatformMac.cmake:

Add new files. Optionally link to AVFAudio.

7:24 PM Changeset in webkit [198658] by Chris Dumez

• 3 edits in trunk/Source/WebCore

Unreviewed, rolling out r198500.

Roll back in r197552 as it did not seem to cause a PLT
regression after all

Reverted changeset:

"Unreviewed, rolling out r197552."
​https://bugs.webkit.org/show_bug.cgi?id=154986
​http://trac.webkit.org/changeset/198500

7:14 PM Changeset in webkit [198657] by dbates@webkit.org

• 17 edits
  3 adds in trunk

CSP: Move logic for reporting a violation from ContentSecurityPolicyDirectiveList to ContentSecurityPolicy
​https://bugs.webkit.org/show_bug.cgi?id=155842
<rdar://problem/25340377>
And
​https://bugs.webkit.org/show_bug.cgi?id=155133

Reviewed by Brent Fulgham.

Source/WebCore:

Towards associating source file, line-, and column- numbers (​https://bugs.webkit.org/show_bug.cgi?id=114317)
with a CSP console message we should move the logic for logging the console message/reporting the violation
from class ContentSecurityPolicyDirectiveList to class ContentSecurityPolicy so that it is closer to the
script execution context that can access such information.

The responsibilities of the class ContentSecurityPolicyDirectiveList have been reduced. It is responsible
for parsing a string representation of the Content Security Policy and providing functions to determine
the violated directive (if any) for a given source (e.g. URL). ContentSecurityPolicyDirectiveList no longer
takes responsibility logging a console message or sending a violation report (if applicable). Falling out
from this decrease in responsibility is the removal of enum ContentSecurityPolicyDirectiveList::ReportingStatus
and the need to pass a enumerator of this enum to each ContentSecurityPolicyDirectiveList to suppress
the sending of a violation report. The caller of ContentSecurityPolicyDirectiveList is responsible for
making this determination.

With the exception of a change to the error message for an inline event handler violation, there are no
other functional changes. When an inline event handler violation occurs we will emit either:

Refused to execute a script for an inline event handler because 'unsafe-inline' does not appear in the
script-src directive of the Content Security Policy.

Or:

Refused to execute a script for an inline event handler because 'unsafe-inline' appears in neither the
script-src directive nor the default-src directive of the Content Security Policy.

depending on whether the Content Security Policy contains a script-src directive or not.

• CMakeLists.txt: Add files ContentSecurityPolicyDirective.cpp and ContentSecurityPolicyDirectiveNames.cpp.
• WebCore.xcodeproj/project.pbxproj: Add files ContentSecurityPolicyDirective.cpp and ContentSecurityPolicyDirectiveNames.{cpp, h}.
• page/csp/ContentSecurityPolicy.cpp:

(WebCore::consoleMessageForViolation): Moved from file ContentSecurityPolicyDirectiveList.cpp and
incorporates the functionality of ContentSecurityPolicyDirectiveList::reportViolation(). Modified
to take a reference to the violated directive (ContentSecurityPolicyDirective object) and removed
the boolean parameter violatesDefaultSrc as we can deduce this from the violated directive.
(WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to call ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeEval().
(WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Renamed; Formerly named allPoliciesAllowHashFromContent.
Modified to early return if either no algorithms are given or the specified content to hash is
the empty string.
(WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Moved logic for reporting a violation from
ContentSecurityPolicyDirectiveList member function of the same name to here.
(WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Moved logic for reporting a violation from
ContentSecurityPolicyDirectiveList member function of the same name to here. Additionally, changed the
error message text to better describe the reason for the violation.
(WebCore::ContentSecurityPolicy::allowScriptWithNonce): Ditto.
(WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
(WebCore::ContentSecurityPolicy::allowInlineScript): Ditto.
(WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
(WebCore::ContentSecurityPolicy::allowEval): Ditto.
(WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
(WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
(WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
(WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
(WebCore::ContentSecurityPolicy::reportViolation): Simplified signature by having it take a reference to
a ContentSecurityPolicyDirective object. Also split functionality into two variants: one variant takes a
pointer to a JSC::ExecState, one variant takes a source file, and line and column positions.
(WebCore::ContentSecurityPolicy::allPoliciesAllowHashFromContent): Deleted.
(WebCore::ContentSecurityPolicy::gatherReportURIs): Deleted.

• page/csp/ContentSecurityPolicy.h:

(WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Formerly named allPoliciesAllow. Modified
to return the violated directive.
(WebCore::ContentSecurityPolicy::allPoliciesAllow): Deleted.

• page/csp/ContentSecurityPolicyDirective.cpp: Added.
• page/csp/ContentSecurityPolicyDirective.h: Added.

(WebCore::ContentSecurityPolicyDirective::ContentSecurityPolicyDirective): Modified to take a reference to the
directive list that contains this directive instead of pointer to a ContentSecurityPolicy object.
(WebCore::ContentSecurityPolicyDirective::name): Added.
(WebCore::ContentSecurityPolicyDirective::directiveList): Added.
(WebCore::ContentSecurityPolicyDirective::isDefaultSrc): Added.
(WebCore::ContentSecurityPolicyDirective::policy): Deleted.

• page/csp/ContentSecurityPolicyDirectiveList.cpp: Remove unused header <wtf/Optional.h>. Also remove header wtf/text/StringBuilder.h

as the function that made use of it, consoleMessageForViolation, was moved to file ContentSecurityPolicy.cpp.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeEval): Formerly named allowEval.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeInlineScript): Formerly named allowInlineScript.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeInlineStyle): Formerly named allowInlineStyle.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForScriptHash): Formerly named allowInlineScriptWithHash.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForStyleHash): Formerly named allowInlineStyleWithHash.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForScriptNonce): Formerly named allowScriptWithNonce.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForStyleNonce): Formerly named allowStyleWithNonce.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForBaseURI): Formerly named allowBaseURI.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForChildContext): Formerly named allowChildContextFromSource.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForConnectSource): Formerly named allowConnectToSource.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFont): Formerly named allowFontFromSource.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFormAction): Formerly named allowFormAction.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrame): Formerly named allowChildFrameFromSource.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestor): Formerly named allowFrameAncestors.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForImage): Formerly named allowImageFromSource.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForMedia): Formerly named allowMediaFromSource.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForObjectSource): Formerly named allowObjectFromSource.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForPluginType): Formerly named allowPluginType.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForScript): Formerly named allowScriptFromSource.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForStyle): Formerly named allowStyleFromSource.
(WebCore::ContentSecurityPolicyDirectiveList::parse): Update code to make use of ContentSecurityPolicyDirectiveNames constants.
(WebCore::ContentSecurityPolicyDirectiveList::setCSPDirective): Pass |this| instead of the ContentSecurityPolicy object.
(WebCore::ContentSecurityPolicyDirectiveList::addDirective): Update code to make use of ContentSecurityPolicyDirectiveNames constants.
(WebCore::isExperimentalDirectiveName): Deleted.
(WebCore::isCSPDirectiveName): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::reportViolation): Deleted.
(WebCore::consoleMessageForViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowJavaScriptURLs): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineEventHandlers): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineScript): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineScriptWithHash): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowScriptWithNonce): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineStyle): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineStyleWithHash): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowStyleWithNonce): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowEval): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowPluginType): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowScriptFromSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowObjectFromSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowChildContextFromSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowChildFrameFromSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowImageFromSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowStyleFromSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowFontFromSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowMediaFromSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowConnectToSource): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowFormAction): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowBaseURI): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::allowFrameAncestors): Deleted.

• page/csp/ContentSecurityPolicyDirectiveList.h:

(WebCore::ContentSecurityPolicyDirectiveList::defaultSrc): Added.
(WebCore::ContentSecurityPolicyDirectiveList::policy): Added. Also added FIXME comment to remove this function. This
function is only used by ContentSecurityPolicyMediaListDirective so that it can log a console message on a parsing error.
(WebCore::ContentSecurityPolicyDirectiveList::denyIfEnforcingPolicy): Deleted.

• page/csp/ContentSecurityPolicyDirectiveNames.cpp: Added.
• page/csp/ContentSecurityPolicyDirectiveNames.h: Added.
• page/csp/ContentSecurityPolicyMediaListDirective.cpp:

(WebCore::ContentSecurityPolicyMediaListDirective::ContentSecurityPolicyMediaListDirective): Modified to take a reference to the
directive list that contains this directive instead of pointer to a ContentSecurityPolicy object.
(WebCore::ContentSecurityPolicyMediaListDirective::parse): Updated code to use ContentSecurityPolicyDirectiveList::policy() instead
of ContentSecurityPolicyDirective::policy() as the latter was removed. Ideally this class should not need to use the ContentSecurityPolicy
object to log a console message.

• page/csp/ContentSecurityPolicyMediaListDirective.h:
• page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::isExperimentalDirectiveName): Moved from file ContentSecurityPolicyDirectiveList.cpp because this function is only used
in this file.
(WebCore::isCSPDirectiveName): Ditto.
(WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar): Update code to make use of ContentSecurityPolicyDirectiveNames constants.

• page/csp/ContentSecurityPolicySourceListDirective.cpp:

(WebCore::ContentSecurityPolicySourceListDirective::ContentSecurityPolicySourceListDirective): Modified to take a reference to
the directive list that contains this directive instead of pointer to a ContentSecurityPolicy object.

• page/csp/ContentSecurityPolicySourceListDirective.h:

LayoutTests:

Update expected results to reflect new error message text for an inline event handler violation.

• http/tests/security/contentSecurityPolicy/inline-event-handler-blocked-after-injecting-meta-expected.txt:
• http/tests/security/contentSecurityPolicy/inline-script-blocked-goofy-expected.txt:
• http/tests/security/contentSecurityPolicy/script-src-none-inline-event-expected.txt:

7:03 PM Changeset in webkit [198656] by mmaxfield@apple.com

• 7 edits in trunk/Source/WebCore

[OS X] Overflow:scroll scrollbars do not obey overlay/always-on system preference changes
​https://bugs.webkit.org/show_bug.cgi?id=155830

Reviewed by Simon Fraser.

When the scrollbar style changes, the available width of all ScrollableAreas change,
and therefore a relayout must occur.

Each ScrollableArea owns its own ScrollAnimator (if necessary). Upon creation, the
ScrollAnimator will start listening for changes to the system preference for
overlay / always-on scrollbars. When notified, the ScrollAnimator tells its owning
ScrollableArea that scrollbarStyleChanged().

For main-frame scrolling, FrameView overrides scrollbarStyleChanged and causes a
relayout. However, for overflow:scroll elements, no relayout is triggered. This
patch overrides availableContentSizeChanged() for RenderLayer (which is used for
overflow:scroll elements). This override triggers a relayout.

It also updates the mechanism in RenderBlock::recomputeLogicalWidth() to ensure that
a change in scrollbar size causes RenderBlockFlow::layoutBlock() to relayout its
children. This is appropriate because block child positioning is affected by
scrollbar size.

No new tests (for now). Presumably we could mock the message we receive when the
system preference is changed. However, I haven't implemented that yet.

• rendering/RenderBlock.cpp: Rename setHasBorderOrPaddingLogicalWidthChanged().

(WebCore::RenderBlock::styleDidChange):
(WebCore::RenderBlock::recomputeLogicalWidth):

• rendering/RenderBlock.h: Ditto.

(WebCore::RenderBlock::setShouldForceRelayoutChildren):
(WebCore::RenderBlock::shouldForceRelayoutChildren):

• rendering/RenderElement.cpp: Ditto.

(WebCore::RenderElement::RenderElement):

• rendering/RenderElement.h: Ditto.

(WebCore::RenderElement::setRenderBlockShouldForceRelayoutChildren):
(WebCore::RenderElement::renderBlockShouldForceRelayoutChildren):

• rendering/RenderLayer.cpp:

(WebCore::RenderLayer::availableContentSizeChanged): Cause a relayout to occur.

• rendering/RenderLayer.h:

6:13 PM Changeset in webkit [198655] by commit-queue@webkit.org

• 75 edits in trunk/Source

Change NativeImagePtr for CG to be RetainPtr<CGImageRef>
​https://bugs.webkit.org/show_bug.cgi?id=155412

Patch by Said Abou-Hallawa <sabouhallawa@apple,com> on 2016-03-24
Reviewed by Darin Adler.

Source/WebCore:

Having NativeImagePtr as a raw pointer makes managing the life cycle of
the returned CGImageRef hard. A lot of work was done to ensure the CG
pointer is refcounted correctly. It was also not possible to move a
FrameData since calling the destructor was releasing the CGImageRef.

With this change, PassNativeImagePtr is not needed anymore. So all the
instance of PassNativeImagePtr can be replaced by NativeImagePtr.

• html/HTMLVideoElement.cpp:

(WebCore::HTMLVideoElement::nativeImageForCurrentTime):

• html/HTMLVideoElement.h: Replace PassNativeImagePtr with NativeImagePtr.

• html/canvas/CanvasRenderingContext2D.cpp:

(WebCore::CanvasRenderingContext2D::drawImage): Replace PassNativeImagePtr
with NativeImagePtr.

• loader/cache/MemoryCache.cpp:

(WebCore::MemoryCache::addImageToCache):

• loader/cache/MemoryCache.h: Remove USE(CG) and CFRetain(image) since

this code can compile on all platforms. The image refcount will be
incremented when the image is assigned to FrameData.m_image in the
BitmapImage constructor.

• loader/icon/IconDatabase.cpp:

(WebCore::IconDatabase::synchronousNativeIconForPageURL):

• loader/icon/IconDatabase.h:
• loader/icon/IconDatabaseBase.h: Replace PassNativeImagePtr with NativeImagePtr.

• platform/graphics/BitmapImage.cpp:

(WebCore::BitmapImage::haveFrameImageAtIndex):
(WebCore::BitmapImage::cacheFrame):
(WebCore::BitmapImage::ensureFrameIsCached):
(WebCore::BitmapImage::frameImageAtIndex):
(WebCore::BitmapImage::nativeImageForCurrentFrame):
(WebCore::BitmapImage::haveFrameAtIndex): Deleted.
(WebCore::BitmapImage::frameAtIndex): Deleted.
Replace PassNativeImagePtr with NativeImagePtr, m_frame with m_image and
*Frame* with *FrameImage*.

• platform/graphics/BitmapImage.h:

(WebCore::FrameData::FrameData):
A BitmapImage can have one or more FrameData. A FrameData member can be
named for shortness as "frame", "m_frames", etc. A FrameData can have
zero or one NativeImagePtr. A NativeImagePtr can be named as "image",
"m_image", etc.

• platform/graphics/GraphicsContext.h: Replace PassNativeImagePtr with

NativeImagePtr.

• platform/graphics/GraphicsContext3D.h:
• platform/graphics/Icon.h:

Change the members of type CGImageRef to be RetainPtr<CGImageRef>.

• platform/graphics/Image.h:

(WebCore::Image::nativeImageForCurrentFrame):
(WebCore::Image::getNSImage):
(WebCore::Image::getTIFFRepresentation):
(WebCore::Image::getCGImageRef):
(WebCore::Image::getFirstCGImageRefOfSize):
(WebCore::Image::getCGImageArray):
(WebCore::Image::getGdkPixbuf):
(WebCore::Image::getEvasObject):

• platform/graphics/ImageBuffer.h:
• platform/graphics/ImageSource.cpp:

(WebCore::ImageSource::createFrameImageAtIndex):
(WebCore::ImageSource::createFrameAtIndex): Deleted.

• platform/graphics/ImageSource.h:

Change 0 to nullptr, PassRefPtr to RefPtr and PassNativeImagePtr to
NativeImagePtr.

• platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::nativeImageForCurrentTime):

• platform/graphics/MediaPlayer.h:
• platform/graphics/MediaPlayerPrivate.h:

(WebCore::MediaPlayerPrivateInterface::nativeImageForCurrentTime):
Replace PassNativeImagePtr with NativeImagePtr.

• platform/graphics/NativeImagePtr.h:

Make NativeImagePtr a smart pointer for CG. Get rid of PassNativeImagePtr
since NativeImagePtr is now a smart pointer on all platforms.

• platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
• platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::nativeImageForCurrentTime):
Replace PassNativeImagePtr with NativeImagePtr.

• platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::setContentsToImage):
Since Image::nativeImageForCurrentFrame() returns a RetainPtr, move it
to m_pendingContentsImage to remove the refcount churn.

• platform/graphics/cairo/BitmapImageCairo.cpp:

(WebCore::BitmapImage::BitmapImage):
(WebCore::BitmapImage::draw):
(WebCore::BitmapImage::checkForSolidColor):
(WebCore::FrameData::clear):
Replace m_frame with m_image and frame* with frameImage*.

• platform/graphics/cairo/CairoUtilities.cpp:

(WebCore::copyCairoImageSurface):

• platform/graphics/cairo/CairoUtilities.h:

Replace PassRefPtr with RefPtr.

• platform/graphics/cairo/GraphicsContext3DCairo.cpp:

(WebCore::GraphicsContext3D::ImageExtractor::extractImage):
Replace *Frame* with *FrameImage*.

• platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::drawNativeImage):
Replace PassNativeImagePtr with NativeImagePtr.

• platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::ImageBuffer::copyImage): Create a new NativeImagePtr so it can
be moved to the BitmapImage::create().
(WebCore::copySurfaceToImageAndAdjustRect):
(WebCore::getImageData):
(WebCore::ImageBuffer::getUnmultipliedImageData):
(WebCore::ImageBuffer::getPremultipliedImageData):
Replace PassRefPtr with RefPtr.

• platform/graphics/cg/BitmapImageCG.cpp:

(WebCore::FrameData::clear): No need to call CGImageRelease(). Just assign
m_image to nullptr and CGImageRelease() will be called from the RetainPtr
destructor.

(WebCore::BitmapImage::BitmapImage):
(WebCore::BitmapImage::checkForSolidColor):
(WebCore::BitmapImage::getCGImageRef):
(WebCore::BitmapImage::getFirstCGImageRefOfSize):
(WebCore::BitmapImage::getCGImageArray):
(WebCore::BitmapImage::draw):
(WebCore::BitmapImage::copyUnscaledFrameImageAtIndex):
(WebCore::BitmapImage::copyUnscaledFrameAtIndex): Deleted.
Replace CGImageRef with RetainPtr<CGImageRef>. Replace *Frame* with
*FrameImage*.

• platform/graphics/cg/GraphicsContext3DCG.cpp:

(WebCore::GraphicsContext3D::ImageExtractor::extractImage):
(WebCore::GraphicsContext3D::paintToCanvas):
Use m_cgImage.get() instead of m_cgImage when calling CG functions.

• platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::GraphicsContext::drawNativeImage):
(WebCore::GraphicsContext::drawPattern):
Replace PassNativeImagePtr with NativeImagePtr. Get the raw CGImageRef
from the NativeImagePtr when calling the CG functions.

• platform/graphics/cg/ImageBufferCG.cpp:

(WebCore::createBitmapImageAfterScalingIfNeeded): Move the image argument
when calling BitmapImage::create().

(WebCore::ImageBuffer::getUnmultipliedImageData):
(WebCore::ImageBuffer::getPremultipliedImageData):
Replace PassRefPtr with RefPtr.

• platform/graphics/cg/ImageSourceCG.cpp:

(WebCore::ImageSource::createFrameImageAtIndex):
(WebCore::ImageSource::createFrameAtIndex): Deleted.
Rename the function and simplify the code since the local variable
and the return value are both smart pointers.

• platform/graphics/displaylists/DisplayListItems.cpp:

(WebCore::DisplayList::DrawNativeImage::DrawNativeImage):
(WebCore::DisplayList::DrawNativeImage::apply):

• platform/graphics/displaylists/DisplayListItems.h:

(WebCore::DisplayList::DrawNativeImage::create):

• platform/graphics/displaylists/DisplayListRecorder.cpp:

(WebCore::DisplayList::Recorder::drawNativeImage):

• platform/graphics/displaylists/DisplayListRecorder.h:

Replace PassNativeImagePtr with NativeImagePtr and use constant reference.

• platform/graphics/efl/GraphicsContext3DEfl.cpp:

(WebCore::GraphicsContext3D::ImageExtractor::extractImage):
Call a function with its new name.

• platform/graphics/efl/IconEfl.cpp:

(WebCore::Icon::createIconForFiles):

• platform/graphics/gstreamer/ImageGStreamerCairo.cpp:

(ImageGStreamer::ImageGStreamer):

• platform/graphics/gtk/IconGtk.cpp:

(WebCore::Icon::createIconForFiles):

• platform/graphics/ios/IconIOS.mm:

(WebCore::Icon::Icon):
(WebCore::Icon::createIconForFiles):
(WebCore::Icon::createIconForImage):

• platform/graphics/mac/IconMac.mm:

(WebCore::Icon::createIconForFiles):
Use smart pointers RetainPtr<CGImageRef> instead of raw pointers CGImageRef.
And change PassRefPtr to RefPtr and 0 to nullptr.

• platform/graphics/mac/ImageMac.mm:

(WebCore::BitmapImage::getTIFFRepresentation): Get the raw pointer from the
returned smart pointer.

• platform/graphics/texmap/coordinated/CoordinatedSurface.cpp:

(WebCore::CoordinatedSurface::create):

• platform/graphics/texmap/coordinated/CoordinatedSurface.h:

Replace PassRefPtr with RefPtr.

• platform/graphics/win/IconWin.cpp:

(WebCore::Icon::createIconForFiles): Change PassRefPtr to RefPtr.

• platform/graphics/win/ImageCGWin.cpp:

(WebCore::BitmapImage::create): Replace PassRefPtr with RefPtr.
(WebCore::BitmapImage::drawFrameMatchingSourceSize): Call the function
with its new name and get the raw pointer from the returned smart pointer.

• platform/graphics/win/ImageCairoWin.cpp:

(WebCore::BitmapImage::create): Replace PassRefPtr with ReftPtr and use
the move semantics for passing the argument to BitmapImage::create().
(WebCore::BitmapImage::drawFrameMatchingSourceSize): Call the function
with its new name.

• platform/image-decoders/ImageDecoder.h:
• platform/image-decoders/cairo/ImageDecoderCairo.cpp:

(WebCore::ImageFrame::asNewNativeImage):

• platform/win/DragImageCGWin.cpp:

(WebCore::createDragImageFromImage):

• svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::nativeImageForCurrentFrame):

• svg/graphics/SVGImage.h:
• svg/graphics/SVGImageForContainer.cpp:

(WebCore::SVGImageForContainer::nativeImageForCurrentFrame):

• svg/graphics/SVGImageForContainer.h:

Replace PassNativeImagePtr with NativeImagePtr.

Source/WebKit/mac:

• Misc/WebCache.mm:

(+[WebCache addImageToCache:forURL:forFrame:]):
WebCore::MemoryCache() is taking an rvalue NativeImagePtr. We need to create
NativeImagePtr from the image raw pointer when calling this function.

Source/WebKit/win:

• Plugins/PluginView.h:
• Plugins/PluginViewWin.cpp:

(WebCore::PluginView::snapshot):
Replace PassRefPtr with RefPtr.

Source/WebKit2:

• Shared/CoordinatedGraphics/WebCoordinatedSurface.cpp:

(WebKit::WebCoordinatedSurface::createWithSurface):
(WebKit::WebCoordinatedSurface::create):
(WebKit::WebCoordinatedSurface::WebCoordinatedSurface):
(WebKit::WebCoordinatedSurface::copyToTexture):

• Shared/CoordinatedGraphics/WebCoordinatedSurface.h:
• Shared/ShareableBitmap.cpp:

(WebKit::ShareableBitmap::create):
(WebKit::ShareableBitmap::createShareable):
(WebKit::ShareableBitmap::ShareableBitmap):

• Shared/ShareableBitmap.h:

Replace PassRefPtr with RefPtr and use WTFMove() instead of RefPtr::release()
when passing the RefPtr.

• Shared/cairo/ShareableBitmapCairo.cpp:

(WebKit::createSurfaceFromData):
(WebKit::ShareableBitmap::createCairoSurface):
Replace PassRefPtr with RefPtr.

(WebKit::ShareableBitmap::createImage):

• Shared/cg/ShareableBitmapCG.cpp:

(WebKit::ShareableBitmap::createImage):
Replace PassRefPtr with RefPtr and use the move semantics when calling
BitmapImage::create().

• WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp:

(WebKit::CoordinatedLayerTreeHost::createCoordinatedSurface):

• WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.h:
• WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:

(WebKit::ThreadedCoordinatedLayerTreeHost::createCoordinatedSurface):

• WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:

Replace PassRefPtr with RefPtr

5:52 PM Changeset in webkit [198654] by jer.noble@apple.com

• 3 edits in trunk/Source/WebCore

Safari Crashes if audio.src is changed while connected to AudioAnalyserNode
​https://bugs.webkit.org/show_bug.cgi?id=153593
<rdar://problem/23648082>

Reviewed by Eric Carlson.

m_ringBuffer is accessed on the high-priority WebAudio thread after it has been cleared (a
null-deref). Protect against unsafe access on multiple threads of a non-refcounted object by
a simple try_lock.

Additionally, limit the use of variables in use by both the separate WebAudio thread method
(provideInput()) and AVAudioMix thread method (process()) where possible, and convert to
std::atomic<> where ivars must be acessed by both threads. m_writeCount is entirely superfluous,
as it is a synonym for the endTime returned by m_ringBuffer->getCurrentFrameBounds().

• platform/graphics/avfoundation/AudioSourceProviderAVFObjC.h:
• platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:

(WebCore::AudioSourceProviderAVFObjC::provideInput):
(WebCore::AudioSourceProviderAVFObjC::prepare):
(WebCore::AudioSourceProviderAVFObjC::unprepare):
(WebCore::AudioSourceProviderAVFObjC::process):

5:36 PM WebInspectorDebugging edited by Joseph Pecoraro

Added WebKitDebug prefix to log to system console. (diff)

5:31 PM WebInspectorDebugging edited by Joseph Pecoraro

Added new WebKitDebug prefix for local inspector debugging. (diff)

4:56 PM Changeset in webkit [198653] by enrica@apple.com

• 8 edits in trunk/Source

Adopt new SPI from DataDetectorsCore to decide link behavior.
​https://bugs.webkit.org/show_bug.cgi?id=155780
rdar://problem/25303631

Reviewed by Sam Weinig.

Source/WebCore:

isDataDetectorLink and shouldCancelDefaultAction now
use the SPI provided by DataDetectorsCore to decide
what is the link behavior when the user taps on it.

• editing/cocoa/DataDetection.h:
• editing/cocoa/DataDetection.mm:

(WebCore::detectItemAtPositionWithRange):
(WebCore::DataDetection::isDataDetectorLink):
(WebCore::DataDetection::requiresExtendedContext):
(WebCore::DataDetection::dataDetectorIdentifier):
(WebCore::DataDetection::shouldCancelDefaultAction):

• platform/cocoa/DataDetectorsCoreSoftLink.h:
• platform/cocoa/DataDetectorsCoreSoftLink.mm:
• platform/spi/cocoa/DataDetectorsCoreSPI.h:

Source/WebKit2:

Changed use of data detection functions to take
a reference to Element instead of a pointer.

• WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::handleTap):
(WebKit::WebPage::commitPotentialTap):
(WebKit::WebPage::getPositionInformation):

4:18 PM Changeset in webkit [198652] by sbarati@apple.com

• 6 edits
  4 adds in trunk

ES6: Implement IsRegExp function and use where needed in String.prototype.* methods
​https://bugs.webkit.org/show_bug.cgi?id=155854

Reviewed by Mark Lam.

Source/JavaScriptCore:

This patch is a straight forward implementation of IsRegExp
in the ES6 spec:
​https://tc39.github.io/ecma262/#sec-isregexp
We now use this IsRegExp function inside String.prototype.(startsWith | endsWith | includes)
as is dictated by the spec.

• runtime/RegExpConstructor.h:

(JSC::RegExpConstructor::recordMatch):
(JSC::isRegExp):

• runtime/StringPrototype.cpp:

(JSC::stringProtoFuncStartsWith):
(JSC::stringProtoFuncEndsWith):
(JSC::stringProtoFuncIncludes):

• tests/es6.yaml:
• tests/es6/well-known_symbols_Symbol.match_String.prototype.endsWith.js: Added.

(test):

• tests/es6/well-known_symbols_Symbol.match_String.prototype.includes.js: Added.

(test):

• tests/es6/well-known_symbols_Symbol.match_String.prototype.startsWith.js: Added.

(test):

• tests/stress/string-prototype-methods-endsWith-startsWith-includes-correctness.js: Added.

(assert):
(test):
(test.get let):
(get let):

LayoutTests:

• js/string-includes-expected.txt:

4:16 PM Changeset in webkit [198651] by Chris Dumez

• 2 edits in trunk/Source/WebKit2

[WK2] Disable network cache speculative validation by default
​https://bugs.webkit.org/show_bug.cgi?id=155857
<rdar://problem/25233210>

Reviewed by Alex Christensen.

Disable network cache speculative validation by default. Clients such
as Safari now use the API added in r198544 to enable if they want.

• UIProcess/API/APIProcessPoolConfiguration.h:

4:09 PM Changeset in webkit [198650] by enrica@apple.com

• 2 edits in trunk/Source/WebCore

DataDetection creates links that are longer than the actual result.
​https://bugs.webkit.org/show_bug.cgi?id=155850
rdar://problem/25280740

Reviewed by Anders Carlsson.

When a data detection result is composed of multiple fragments,
the range for the last fragment should take into account the end
offset of the query range structure, since there could be additional
content in that range that is not part of the result.

• editing/cocoa/DataDetection.mm:

(WebCore::DataDetection::detectContentInRange):

4:01 PM Changeset in webkit [198649] by commit-queue@webkit.org

• 32 edits
  3 deletes in trunk

Unreviewed, rolling out r198627.
​https://bugs.webkit.org/show_bug.cgi?id=155856

Caused use-after-free (Requested by ap on #webkit).

Reverted changeset:

"[Fetch API] Add basic loading of resources"
​https://bugs.webkit.org/show_bug.cgi?id=155637
​http://trac.webkit.org/changeset/198627

3:43 PM Changeset in webkit [198648] by sbarati@apple.com

• 15 edits in trunk

Web Inspector: Separate Debugger enable state from the debugger breakpoints enabled state
​https://bugs.webkit.org/show_bug.cgi?id=152193
<rdar://problem/23867520>

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

When all breakpoints are disabled, we can recompile all JS
code and remove the necessary debugging code that is emitted.
This allows for the code that is executing to be almost as fast
as it is with the debugger completely disabled. This is in preparation for:
​https://bugs.webkit.org/show_bug.cgi?id=155809
which will introduce a high fidelity profiler. That profiler
could be built off the principle that breakpoints are disabled
when we're performing a high fidelity profile. Doing so, for example,
allows the sampling profiler to better measure the real performance
of the JS of a particular application.

• debugger/Debugger.cpp:

(JSC::Debugger::setBreakpointsActivated):
(JSC::Debugger::setPauseOnExceptionsState):

• debugger/Debugger.h:
• dfg/DFGGraph.cpp:

(JSC::DFG::Graph::Graph):

• inspector/JSGlobalObjectScriptDebugServer.cpp:

(Inspector::JSGlobalObjectScriptDebugServer::attachDebugger):
(Inspector::JSGlobalObjectScriptDebugServer::detachDebugger):

• inspector/agents/InspectorDebuggerAgent.cpp:

(Inspector::InspectorDebuggerAgent::enable):

• runtime/Executable.cpp:

(JSC::ScriptExecutable::newCodeBlockFor):

• runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::createProgramCodeBlock):
(JSC::JSGlobalObject::createEvalCodeBlock):
(JSC::JSGlobalObject::createModuleProgramCodeBlock):
(JSC::JSGlobalObject::queueMicrotask):
(JSC::JSGlobalObject::hasDebugger):
(JSC::JSGlobalObject::hasInteractiveDebugger):

• runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::runtimeFlags):
(JSC::JSGlobalObject::hasDebugger): Deleted.

Source/WebCore:

No new tests because this is already tested by inspector tests.

• inspector/PageScriptDebugServer.cpp:

(WebCore::PageScriptDebugServer::attachDebugger):
(WebCore::PageScriptDebugServer::detachDebugger):

LayoutTests:

• inspector/script-profiler/event-type-API.html:
• inspector/script-profiler/event-type-Microtask.html:
• inspector/script-profiler/event-type-Other.html:

3:35 PM Changeset in webkit [198647] by msaboff@apple.com

• 3 edits in trunk/Source/JavaScriptCore

Create private builtin helper advanceStringIndexUnicode() for use by RegExp builtins
​https://bugs.webkit.org/show_bug.cgi?id=155855

Reviewed by Mark Lam.

Moved advanceStringIndexUnicode() as a separate helper. Added it as a private builtin
to the GlobalObject like other private builtins.

• builtins/RegExpPrototype.js:

(advanceStringIndexUnicode):
(match):
(match.advanceStringIndexUnicode): Deleted.

• runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

3:27 PM Changeset in webkit [198646] by jer.noble@apple.com

• 7 edits in trunk/Source/WebCore

[MSE] Make calling HTMLMediaElement.buffered less expensive
​https://bugs.webkit.org/show_bug.cgi?id=155846

Reviewed by Eric Carlson.

The MSE specification requires a new TimeRanges object be returned when calling
HTMLMediaElement.buffered. Additionally, the requirements for generating the buffered time
ranges for MediaSource and its constituent SourceBuffers are specific and expensive. Rather
than perform all these steps each time HTMLMediaElement.buffered is queried, cache the final
result and only regenerate the cached value if the buffered ranges of the consituent
SourceBuffers has changed.

Also, make copying a PlatformTimeRanges more efficient by doing a straight vector-to-vector
copy of the PlatformTimeRange's data.

• Modules/mediasource/MediaSource.cpp:

(WebCore::MediaSource::buffered):
(WebCore::MediaSource::regenerateActiveSourceBuffers):

• Modules/mediasource/MediaSource.h:
• Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::removeCodedFrames):
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):

• Modules/mediasource/SourceBuffer.h:
• platform/graphics/PlatformTimeRanges.cpp:

(WebCore::PlatformTimeRanges::PlatformTimeRanges): Deleted.
(WebCore::PlatformTimeRanges::operator=): Deleted.
(WebCore::PlatformTimeRanges::copy): Deleted.

• platform/graphics/PlatformTimeRanges.h:

3:20 PM Changeset in webkit [198645] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Reduce forced layouts
​https://bugs.webkit.org/show_bug.cgi?id=155852
<rdar://problem/25345197>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-24
Reviewed by Timothy Hatcher.

• UserInterface/Views/DataGrid.js:

(WebInspector.DataGrid.prototype.layout):
(WebInspector.DataGrid.prototype._positionResizerElements):
(WebInspector.DataGrid.prototype._positionHeaderViews):
In loops, force layout once, calculate values, then set styles.

• UserInterface/Views/RadioButtonNavigationItem.js:

(WebInspector.RadioButtonNavigationItem):
(WebInspector.RadioButtonNavigationItem.prototype.updateLayout):
Force layout once to calculate the min-width, then never again.

3:18 PM Changeset in webkit [198644] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Open Resource Dialog should not system beep when using Enter to select an item
​https://bugs.webkit.org/show_bug.cgi?id=155853

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-24
Reviewed by Timothy Hatcher.

• UserInterface/Views/OpenResourceDialog.js:

(WebInspector.OpenResourceDialog.prototype._handleKeydownEvent):
Prevent default when handling Enter with a selected result.

3:14 PM Changeset in webkit [198643] by dbates@webkit.org

• 3 edits in trunk/LayoutTests

Update expected results following <​http://trac.webkit.org/changeset/198591>
(​https://bugs.webkit.org/show_bug.cgi?id=155777)

• http/tests/security/contentSecurityPolicy/audio-redirect-blocked-expected.txt:
• http/tests/security/contentSecurityPolicy/video-redirect-blocked-expected.txt:

1:17 PM Changeset in webkit [198642] by rniwa@webkit.org

• 10 edits
  6 adds in trunk/Websites/perf.webkit.org

Add mocha server tests for /api/build-requests
​https://bugs.webkit.org/show_bug.cgi?id=155831

Reviewed by Chris Dumez.

Added the new mocha.js based server-tests for /api/build-requests. The new harness automatically:

• starts a new Apache instance
• switches the database during testing via setting an environmental variable
• backups and restores public/data directory during testing

As a result, developer no longer has to manually setup Apache, edit config.json manually to use
a testing database, or run /api/manifest.php to re-generate the manifest file after testing.

This patch also makes ID resolution optional on /api/build-requests so that v3 model based syncing
scripts can re-use the same code as the v3 UI to process the JSON. tools/sync-with-buildbot.py has
been modified to use this option (useLegacyIdResolution).

• config.json: Added configurations for the test httpd server.
• init-database.sql: Don't error when tables and types don't exist (when database is empty).
• public/api/build-requests.php:

(main): Made the ID resolution optional with useLegacyIdResolution. Also removed "updates" from the
results JSON since it's never used.

• public/include/build-requests-fetcher.php:

(BuildRequestsFetcher::construct):
(BuildRequestsFetcher::fetch_roots_for_set_if_needed): Fixed the bug that we would include the same
commit multiple times for each root set.

• public/include/db.php:

(config): If present, use ORG_WEBKIT_PERF_CONFIG_PATH instead of Websites/perf.webkit.org/config.json.

• server-tests: Added.
• server-tests/api-build-requests-tests.js: Added. Tests for /api/build-requests.

(.addMockData):

• server-tests/resources: Added.
• server-tests/resources/test-server.conf: Added. Apache configuration file for testing.
• server-tests/resources/test-server.js: Added.

(TestSever): Added.
(TestSever.prototype.start): Added.
(TestSever.prototype.stop): Added.
(TestSever.prototype.remoteAPI): Added. Configures RemoteAPI to be used with the test sever.
(TestSever.prototype.database): Added. Returns Database configured to use the test database.
(TestSever.prototype._constructTestConfig): Creates config.json for testing. The file is generated by
_start and db.php's config() reads it from the environmental variable: ORG_WEBKIT_PERF_CONFIG_PATH.
(TestSever.prototype._ensureDataDirectory): Renames public/data to public/original-data if exists,
and creates a new empty public/data.
(TestSever.prototype._restoreDataDirectory): Deletes public/data and renames public/original-data
back to public/data.
(TestSever.prototype._ensureTestDatabase): Drops the test database if exists and creates a new one.
(TestSever.prototype.initDatabase): Run init-database.sql to start each test with a consistent state.
(TestSever.prototype._executePgsqlCommand): Executes a postgres command line tool such as psql.
(TestSever.prototype._determinePgsqlDirectory): Finds the directory that contains psql.
(TestSever.prototype._startApache): Starts an Apache instance for testing.
(TestSever.prototype._stopApache): Stops the Apache instance for testing.
(TestSever.prototype._waitForPid): Waits for the Apache pid file to appear or disappear.
(before): Start the test server at the beginning.
(beforeEach): Re-initialize all tables before each test.
(after): Stop the test server at the end.

• tools/js/config.js:

(Config.prototype.path):
(Config.prototype.serverRoot): Added. The path to Websites/perf.webkit.org/public/.
(Config.prototype.pathFromRoot): Added. Resolves a path from Websites/perf.webkit.org.

• tools/js/database.js:

(Database): Now optionally takes the database name to use a different database during testing.
(Database.prototype.connect):
(Database.prototype.query): Added.
(Database.prototype.insert): Added.
(tableToPrefixMap): Maps table name to its prefix. Used by Database.insert.

• tools/js/remote.js: Added.

(RemoteAPI): Added. This is node.js equivalent of RemoteAPI in public/v3/remote.js.
(RemoteAPI.prototype.configure): Added.
(RemoteAPI.prototype.fetchJSON): Added.
(RemoteAPI.prototype.fetchJSONWithStatus): Added.
(RemoteAPI.prototype.sendHttpRequest): Added.

• tools/sync-with-buildbot.py:

(main): Use useLegacyIdResolution as this script relies on the legacy behavior.

• unit-tests/checkconfig.js: pg was never directly used in this test.

12:56 PM Changeset in webkit [198641] by Chris Dumez

• 2 edits in trunk/Source/WTF

Fix iOS9 performance regression after r197572
​https://bugs.webkit.org/show_bug.cgi?id=155845
<rdar://problem/25144924>

Patch by Alex Christensen <​achristensen@webkit.org> on 2016-03-24
Reviewed by Chris Dumez.

• wtf/Platform.h:

Use CFURLConnection instead of NSURLConnection on internal iOS9 builds.

12:05 PM Changeset in webkit [198640] by timothy_horton@apple.com

• 3 edits in trunk/Source/WebKit/mac

Fix some new PDFKit-related warnings
​https://bugs.webkit.org/show_bug.cgi?id=155847
<rdar://problem/25340312>

Reviewed by Anders Carlsson.

• WebView/WebPDFView.mm:

(-[WebPDFView setViewState:]):

• WebView/WebPreferences.mm:

(-[WebPreferences PDFDisplayMode]):
PDFDisplayMode is now a real enum.

11:56 AM Changeset in webkit [198639] by matthew_hanson@apple.com

• 4 edits
  3 adds in branches/safari-601-branch

Merge r198592. rdar://problem/25332806

11:42 AM Changeset in webkit [198638] by commit-queue@webkit.org

• 3 edits in trunk/Tools

Improve update-webkit-dependency script.
​https://bugs.webkit.org/show_bug.cgi?id=155576

Patch by Jeremy Zerfas <WebKit@JeremyZerfas.com> on 2016-03-24
Reviewed by Brent Fulgham.

• Scripts/update-webkit-dependency:

-Updated script to also use ETags for helping to determine whether dependency is up to date.
-Updated script so it usually won't need to download the entire dependency each time it is

ran.

-Updated script to ensure zip file contains expected directories before trying to install.
-Added some more error checking and improved error messages.
(lastModifiedToUnixTime): Deleted.

• Scripts/update-webkit-wincairo-libs:

-Corrected comment about what script does.

11:42 AM Changeset in webkit [198637] by jer.noble@apple.com

• 2 edits in trunk/Source/WebCore

REGRESSION(r189129): <audio> elements do not have playback controls on iOS.
​https://bugs.webkit.org/show_bug.cgi?id=155808
<rdar://problem/23822457>

Reviewed by Eric Carlson.

Audio elements should never require fullscreen for playback.

• html/MediaElementSession.cpp:

(WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):

11:14 AM Changeset in webkit [198636] by matthew_hanson@apple.com

• 2 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge custom patch. rdar://problem/25152415.

11:14 AM Changeset in webkit [198635] by matthew_hanson@apple.com

• 4 edits
  3 adds in branches/safari-601.1.46-branch

Merge r198592. rdar://problem/25271136

11:14 AM Changeset in webkit [198634] by matthew_hanson@apple.com

• 2 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r198157. rdar://problem/25271134

11:14 AM Changeset in webkit [198633] by matthew_hanson@apple.com

• 8 edits
  8 adds in branches/safari-601.1.46-branch

Merge r195614. rdar://problem/24850429

11:04 AM Changeset in webkit [198632] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

Clean up cookie jar after r198195
​https://bugs.webkit.org/show_bug.cgi?id=155484

Patch by Alex Christensen <​achristensen@webkit.org> on 2016-03-24
Reviewed by Tim Horton.

Get rid of a now unneeded macro.

• loader/CookieJar.cpp:

(WebCore::storageSession):
(WebCore::cookies):
(WebCore::setCookies):
(WebCore::cookiesEnabled):
(WebCore::cookieRequestHeaderFieldValue):
(WebCore::getRawCookies):
(WebCore::deleteCookie):

10:54 AM Changeset in webkit [198631] by bshafiei@apple.com

• 5 edits in tags/Safari-602.1.25.0.1/Source

Versioning.

10:51 AM Changeset in webkit [198630] by bshafiei@apple.com

• 1 copy in tags/Safari-602.1.25.0.1

New tag.

10:07 AM Changeset in webkit [198629] by achristensen@apple.com

• 2 edits in trunk/Source/WebKit2

Fix null dereferencing in NetworkLoad::continueCanAuthenticateAgainstProtectionSpace
​https://bugs.webkit.org/show_bug.cgi?id=155799
rdar://25289012

Reviewed by Tim Horton.

• NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::continueCanAuthenticateAgainstProtectionSpace):
Null-check all the things!

10:01 AM Changeset in webkit [198628] by achristensen@apple.com

• 2 edits in trunk/Tools

Fix webkitpy tests after r198617
​https://bugs.webkit.org/show_bug.cgi?id=155827

Patch by Bill Ming <​mbbill@gmail.com> on 2016-03-24
Reviewed by Alex Christensen.

• Scripts/webkitpy/tool/steps/confirmdiff.py:

(ConfirmDiff._show_pretty_diff):

9:53 AM Changeset in webkit [198627] by youenn.fablet@crf.canon.fr

• 32 edits
  12 adds in trunk

[Fetch API] Add basic loading of resources
​https://bugs.webkit.org/show_bug.cgi?id=155637

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebasing test expectations.
Updating scheme-blob.js to ensure generated test names are stable run after run.

• web-platform-tests/fetch/api/basic/accept-header-expected.txt:
• web-platform-tests/fetch/api/basic/integrity-expected.txt:
• web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt:
• web-platform-tests/fetch/api/basic/mode-same-origin-expected.txt:
• web-platform-tests/fetch/api/basic/request-forbidden-headers-expected.txt:
• web-platform-tests/fetch/api/basic/request-headers-expected.txt:
• web-platform-tests/fetch/api/basic/scheme-about-expected.txt:
• web-platform-tests/fetch/api/basic/scheme-blob-expected.txt:
• web-platform-tests/fetch/api/basic/scheme-blob-worker-expected.txt:
• web-platform-tests/fetch/api/basic/scheme-blob.js:

(checkFetchResponse): Deleted.
(checkKoUrl): Deleted.

• web-platform-tests/fetch/api/basic/scheme-data-expected.txt:
• web-platform-tests/fetch/api/basic/scheme-others-expected.txt:
• web-platform-tests/fetch/api/basic/stream-response-expected.txt:

Source/WebCore:

Adding support for basic fetch for Window (no support for Worker yet).
A FetchResponse object is created for every fetch task.
But it will only be exposed to JS at promise fulfillment time, i.e. once initial response headers are retrieved.

Updating Blob resource handle to add Content-Type and Content-Length header and notifying of error in case of erroneous HTTP method.

Fetch is limited to same origin requests currently due to some WPT tests that would timeout otherwise.

Tests: http/tests/fetch/closing-while-fetching.html

http/tests/fetch/get-response-body-while-loading.html

Also covered by rebased tests.

• Modules/fetch/DOMWindowFetch.cpp: Creating a FetchResponse to start fetching.

(WebCore::DOMWindowFetch::fetch):

• Modules/fetch/DOMWindowFetch.h:
• Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::consume):
(WebCore::FetchBody::consumeArrayBuffer): Handling of body promises in case of data stored as a buffer.
(WebCore::FetchBody::consumeText): Passing the promise as a reference.
(WebCore::blobFromArrayBuffer): Helper routine.
(WebCore::FetchBody::fulfillTextPromise): Helper routine.
(WebCore::FetchBody::loadedAsArrayBuffer): Updated to handle storing of data as a buffer.
(WebCore::FetchBody::loadedAsText):
(WebCore::FetchBody::bodyForInternalRequest): Helper routine to generate the request body data to be sent as part of the fetch request.
(WebCore::FetchBody::extractFromText):

• Modules/fetch/FetchBody.h:

(WebCore::FetchBody::loadingBody):
(WebCore::FetchBody::FetchBody):

• Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::loadBlob): Updated to cope with the change that FetchLoader::start does not return a boolean anymore
but will directly call failure callbacks.
(WebCore::FetchBodyOwner::loadedBlobAsText): Moving it closer to other blob loading routines.
(WebCore::FetchBodyOwner::finishBlobLoading):

• Modules/fetch/FetchBodyOwner.h:

(WebCore::FetchBodyOwner::body):
(WebCore::FetchBodyOwner::loadedBlobAsArrayBuffer):

• Modules/fetch/FetchHeaders.cpp:

(WebCore::FetchHeaders::fill):
(WebCore::FetchHeaders::filterAndFill): Helper routine to fill headers from a HTTPHeaderMap after being filtered.

• Modules/fetch/FetchHeaders.h:

(WebCore::FetchHeaders::internalHeaders):

• Modules/fetch/FetchLoader.cpp:

(WebCore::FetchLoader::start):
(WebCore::FetchLoader::didFailRedirectCheck):

• Modules/fetch/FetchLoader.h:
• Modules/fetch/FetchRequest.cpp:

(WebCore::FetchRequest::internalRequest): Routine used to create the ResourceRequest transmitted to ThreadableLoader.

• Modules/fetch/FetchRequest.h:

• Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::fetch): Start fetching by creating a FetchLoader based on passed request.
(WebCore::FetchResponse::BodyLoader::didSucceed): FetchLoader callback.
(WebCore::FetchResponse::BodyLoader::didFail): Ditto.
(WebCore::FetchResponse::BodyLoader::BodyLoader): Ditto.
(WebCore::FetchResponse::BodyLoader::didReceiveResponse): Ditto.
(WebCore::FetchResponse::BodyLoader::didFinishLoadingAsArrayBuffer): Ditto.
(WebCore::FetchResponse::BodyLoader::start): Starting fetch loader.
(WebCore::FetchResponse::BodyLoader::stop): Stopping fetch loader.
(WebCore::FetchResponse::stop): Stop loader if any.

• Modules/fetch/FetchResponse.h:
• platform/network/BlobResourceHandle.cpp:

(WebCore::BlobResourceHandle::doStart: Notifying the loader with an error if verb is not GET.
(WebCore::BlobResourceHandle::notifyResponseOnSuccess): Adding support for Content-Type and Content-Lenth headers.
(WebCore::BlobResourceHandle::createAsync): Removing GET verb check.

LayoutTests:

• TestExpectations: Removed flaky test expectations.
• http/tests/fetch/closing-while-fetching-expected.txt: Added.
• http/tests/fetch/closing-while-fetching.html: Added.
• http/tests/fetch/get-response-body-while-loading-expected.txt: Added.
• http/tests/fetch/get-response-body-while-loading.html: Added.
• http/tests/resources/download-json-with-delay.php: Added.
• platform/gtk/imported/w3c/web-platform-tests/fetch/api/basic/request-headers-expected.txt: Added.

9:20 AM Changeset in webkit [198626] by akling@apple.com

• 2 edits in trunk/Source/WebCore

Remove virtual inheritance from SVGTransformable.
<​https://webkit.org/b/155837>

Reviewed by Anders Carlsson.

Nothing else inherits SVGLocatable, so make the inheritance non-virtual.

• svg/SVGTransformable.h:

9:13 AM Changeset in webkit [198625] by msaboff@apple.com

• 3 edits
  1 add in trunk/Source/JavaScriptCore

[ES6] Add Proxy based tests for RegExp.prototype[@@match]
​https://bugs.webkit.org/show_bug.cgi?id=155807

Reviewed by Saam Barati.

Added new test that uses Proxy to verify RegExp.prototype[@@match] processing
conforms to the ES6 standard

Modified builtin RegExp.prototype[@@match] to be ES6 spec conformant.

Updated es6.yaml as Proxy_internal_get_calls_RegExp.prototype[Symbol.match].js now passes.

• builtins/RegExpPrototype.js:

(match):

• tests/es6.yaml: Updated.
• tests/stress/regexp-match-proxy.js: Added.

(assert):
(let.getProxyNullExec.new.Proxy):
(let.getSetProxyNullExec.new.Proxy):
(get resetTracking):
(let.getSetProxyMatches_s.new.Proxy):
(set get getSetProxyNullExec):
(let.getSetProxyMatches_tx_Greedy.new.Proxy):
(set get getSetProxyMatches_s):
(let.getSetProxyMatchesUnicode_digit_nonGreedy.new.Proxy):
(set get getSetProxyMatches_tx_Greedy):

7:19 AM Changeset in webkit [198624] by msaboff@apple.com

• 7 edits in trunk

[ES6] Greedy unicode RegExp's don't properly backtrack past non BMP characters
​https://bugs.webkit.org/show_bug.cgi?id=155829

Reviewed by Saam Barati.

Source/JavaScriptCore:

When we backup when matching part of a unicode pattern, we can't just backup one character.
Instead we need to save our start position before trying to match a character and
restore the position if the match fails. This was done in other places, but wasn't
done for all greedy types.

Fixed matchGlobal() to properly handle advancing past non BMP characters.

• runtime/RegExpObject.cpp:

(JSC::RegExpObject::matchGlobal):

• runtime/RegExpObjectInlines.h:

(JSC::RegExpObject::advanceStringUnicode):

• yarr/YarrInterpreter.cpp:

(JSC::Yarr::Interpreter::matchCharacterClass):
(JSC::Yarr::Interpreter::matchDisjunction):

LayoutTests:

Added new test cases.

• js/regexp-unicode-expected.txt:
• js/script-tests/regexp-unicode.js:

6:27 AM Changeset in webkit [198623] by Gyuyoung Kim

• 2 edits in trunk/LayoutTests

Unreviewed EFL gardening.

Unskip passing tests, which have been passed a long time ago.
Failed to track correct revision on EFL buildbot.

• platform/efl/TestExpectations:

3:36 AM Changeset in webkit [198622] by youenn.fablet@crf.canon.fr

• 5 edits in trunk/Source/WebCore

Remove DeferredWrapper::resolve<Vector<unsigned char>>
​https://bugs.webkit.org/show_bug.cgi?id=154849

Reviewed by Darin Adler.

Adding fulfillPromiseWithArrayBuffer to resolve a promise with an ArrayBuffer.
If the ArrayBuffer is null, the promise is rejected with an OutOfMemory exception.

Not covered by tests since we would need to make tryCreate return null on failing allocation.

• Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::processIfEmptyOrDisturbed):
(WebCore::FetchBody::loadedAsArrayBuffer):

• bindings/js/JSDOMPromise.cpp:

(WebCore::fulfillPromiseWithArrayBuffer):

• bindings/js/JSDOMPromise.h:

(WebCore::DeferredWrapper::resolve<JSC::JSValue>): Deleted.
(WebCore::DeferredWrapper::resolve): Deleted.

• bindings/js/JSSubtleCryptoCustom.cpp:

(WebCore::JSSubtleCrypto::encrypt):
(WebCore::JSSubtleCrypto::decrypt):
(WebCore::JSSubtleCrypto::sign):
(WebCore::JSSubtleCrypto::digest):
(WebCore::JSSubtleCrypto::exportKey):
(WebCore::JSSubtleCrypto::wrapKey):

2:02 AM Changeset in webkit [198621] by commit-queue@webkit.org

• 2 edits
  2 adds in trunk/Source/JavaScriptCore

[JSC] In some cases, the integer range optimization phase never converges
​https://bugs.webkit.org/show_bug.cgi?id=155828
rdar://problem/25155460

Patch by Benjamin Poulain <​bpoulain@apple.com> on 2016-03-24
Reviewed by Filip Pizlo.

In certain conditions, the integer range optimization phase continuously
changes the representation of the same truth, preventing it from
converging to a stable state.

The bug starts by having the same ground truth incomming into a block
in different valid forms. For example, you can have x < 42 coming as:

1) x < 42
2) x < 41 + 1
3) x < 43 - 1

Having those 3 alone coming from predecessors would be okay, we would
just accumulate them. The problem is when you have a combination
of rule that filter out the previously obtained truth, then add a new
form of the same truth.

Let's use the test case as an example. We have two incoming blocks:

Block #1:

-i < 42
-i != 41

Block #2:

-i < 41
-i == 42 - 42 (i == 0 refining the rule above).

Let say that our conditions at head are now [i < 41, i < 42 - 1].

If we merge block #2:

-i < 42 and i < 41 -> i < 42
-i < 42 and i < 42 - 1 -> i < 42
-i != 41 and i < 41 -> i < 41
-i != 41 and i < 42 - 1 -> nothing

The new head is: [i < 41, i < 42]

If we merge block #1:

-i < 41 and i < 41 -> i < 41
-i < 41 and i < 42 -> i < 42
-i == 42 - 42 and i < 41 -> (i < 41 and i < 42 - 1)
-i == 42 - 42 and i < 42 -> i < 42

After filter, we are back to [i < 41, i < 42 - 1].

There are several variations of this idea where the same truth
rotate different forms with each merge().

One possible solution is to make filter() more aggressive
to avoid the better form occuring at merge(). I'll probably
do that at some point but that seems fragile since the same
problem could reappear if merge() is later improved.

For this patch, I went with a more generic solution after
merge(): if the generated form is equivalent to one that
previously existed at head, pick the existing form.

In the previous example, what happens is we only have
either [i < 41] or [i < 42 - 1] but never both simultaneously.

• dfg/DFGIntegerRangeOptimizationPhase.cpp:
• tests/stress/integer-range-optimization-constant-representation-1.js: Added.
• tests/stress/integer-range-optimization-constant-representation-2.js: Added.

Two variation. One timeout in release because of the additional flags.
The other is gets more type of run but only assert in debug.

1:10 AM Changeset in webkit [198620] by commit-queue@webkit.org

• 13 edits in trunk/Source/WebInspectorUI

Web Inspector: Miscellaneous performance fixes in Timeline recording
​https://bugs.webkit.org/show_bug.cgi?id=155832

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-24
Reviewed by Timothy Hatcher.

• UserInterface/Models/CallingContextTree.js:

(WebInspector.CCTNode.prototype.hasChildren):
No need to allocate an array with all of the properties, we can just
check if there is at least one property using a short circuit for..in.
Performance was always faster for empty, small, and large objects
in micro benchmarks.

• UserInterface/Views/DataGrid.js:

(WebInspector.DataGrid.prototype.layout):
Avoid causing DOM layout when positioning resizers. They only need
a layout if we are resizing the DataGrid, or the initial layout.

• UserInterface/Views/NavigationBar.js:

(WebInspector.NavigationBar):
(WebInspector.NavigationBar.prototype.needsLayout):
(WebInspector.NavigationBar.prototype.layout):
Avoid causing DOM layout every View layout. In fact, only do a
DOM layout when someone has triggered a needsLayout on this
navigation bar. A basic dirty layout (triggered by a parent)
should not have caused us to resize.

• UserInterface/Views/HeapAllocationsTimelineOverviewGraph.js:
• UserInterface/Views/LayoutTimelineOverviewGraph.js:

(WebInspector.LayoutTimelineOverviewGraph.prototype.layout):

• UserInterface/Views/MemoryTimelineOverviewGraph.js:

(WebInspector.MemoryTimelineOverviewGraph.prototype.reset):
(WebInspector.MemoryTimelineOverviewGraph.prototype._updateLegend):

• UserInterface/Views/NetworkTimelineOverviewGraph.js:
• UserInterface/Views/RenderingFrameTimelineOverviewGraph.js:

(WebInspector.RenderingFrameTimelineOverviewGraph.prototype.layout):

• UserInterface/Views/ScriptTimelineOverviewGraph.js:

Avoid doing any work in non-visible graphs. This was very common
because the RenderingFrameTimelineOverviewGraph is never visible
when the other timeline graphs are, but was performing lots of work.

• UserInterface/Views/MemoryCategoryView.js:

(WebInspector.MemoryCategoryView.prototype.clear):
(WebInspector.MemoryCategoryView.prototype._updateDetails):
(WebInspector.MemoryCategoryView):

• UserInterface/Views/MemoryTimelineView.js:

(WebInspector.MemoryTimelineView.prototype.reset):
(WebInspector.MemoryTimelineView.prototype._updateUsageLegend):
(WebInspector.MemoryTimelineView.prototype._updateMaxComparisonLegend):
Cache values to avoid textContent calls even if the content did not change.
This reduces unnecessary work when the values wouldn't change.

• UserInterface/Views/TimelineRecordBar.js:

(WebInspector.TimelineRecordBar.createCombinedBars):
(WebInspector.TimelineRecordBar.prototype.set records):
Revert to fast loop and as this code path is very hot and for..of iteration
was showing up in profiles. Remove assert which seems rather pointless but
showed up in profiles.

12:13 AM Changeset in webkit [198619] by Nikita Vasilyev

• 4 edits in trunk/Source/WebInspectorUI

Web Inspector: Large repaints while typing in the console tab
​https://bugs.webkit.org/show_bug.cgi?id=155627
<rdar://problem/25234875>

Reviewed by Timothy Hatcher.

Use a position: absolute workaround to reduce large repaint areas caused by flexbox.

• UserInterface/Views/LogContentView.css:

(body.selected-tab-console #content):
This selector must only affect the console tab as it breaks sidebars in other tabs.

• UserInterface/Base/Main.js:

(WebInspector.contentLoaded):
(WebInspector._tabBarItemSelected):

• UserInterface/Views/TabBar.js:

(WebInspector.TabBar.prototype.set selectedTabBarItem):
Add "selected-tab-console" class to <body> when the console tab is selected.

Mar 23, 2016:

11:32 PM Changeset in webkit [198618] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Timeline range selection changes with ProfileView should not cause navigation bar items to flicker
​https://bugs.webkit.org/show_bug.cgi?id=155834

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-23
Reviewed by Timothy Hatcher.

• UserInterface/Views/ProfileView.js:

(WebInspector.ProfileView.prototype._recreate):
The only reason our selection path components would change is if we
had focus nodes before and do not anymore.

10:16 PM Changeset in webkit [198617] by commit-queue@webkit.org

• 2 edits in trunk/Tools

webkit-patch failed to open pretty diff on Windows
​https://bugs.webkit.org/show_bug.cgi?id=155827

Patch by Bill Ming <​mbbill@gmail.com> on 2016-03-23
Reviewed by Alex Christensen.

• Scripts/webkitpy/tool/steps/confirmdiff.py:

(ConfirmDiff._show_pretty_diff):

10:13 PM Changeset in webkit [198616] by commit-queue@webkit.org

• 2 edits in trunk

Fixed ninja build path.
​https://bugs.webkit.org/show_bug.cgi?id=155796

Patch by Bill Ming <​mbbill@gmail.com> on 2016-03-23
Reviewed by Alex Christensen.

• Tools/Scripts/build-webkit:

8:31 PM Changeset in webkit [198615] by rniwa@webkit.org

• 1 edit
  1 delete in trunk/Websites/perf.webkit.org

Delete a file that was supposed to be removed in r198614 for real.

• unit-tests/resources/v3-models.js: Removed.

8:25 PM Changeset in webkit [198614] by rniwa@webkit.org

• 6 edits
  2 copies
  2 adds in trunk/Websites/perf.webkit.org

Add a model for parsing buildbot JSON with unit tests
​https://bugs.webkit.org/show_bug.cgi?id=155814

Reviewed by Joseph Pecoraro.

Added BuildbotSyncer and BuildbotBuildEntry classes to parse buildbot JSON files with unit tests.
They will be used in the new syncing scripts to improve A/B testing.

• public/v3/models/build-request.js:

(BuildRequest):

• tools/js/buildbot-syncer.js: Added.

(BuildbotBuildEntry): Added.
(BuildbotBuildEntry.prototype.slaveName): Added.
(BuildbotBuildEntry.prototype.buildRequestId): Added.
(BuildbotBuildEntry.prototype.isInProgress): Added.
(BuildbotSyncer): Added.
(BuildbotSyncer.prototype.testPath): Added.
(BuildbotSyncer.prototype.builderName): Added.
(BuildbotSyncer.prototype.platformName): Added.
(BuildbotSyncer.prototype.fetchPendingRequests): Added.
(BuildbotSyncer.prototype._propertiesForBuildRequest): Added.
(BuildbotSyncer.prototype._revisionSetFromRootSetWithExclusionList): Added.
(BuildbotSyncer._loadConfig): Added.
(BuildbotSyncer._validateAndMergeConfig): Added.
(BuildbotSyncer._validateAndMergeProperties): Added.

• tools/js/v3-models.js: Copied from unit-tests/resources/v3-models.js.

(beforeEach): Deleted since this only defined inside mocha.

• unit-tests/analysis-task-tests.js:
• unit-tests/buildbot-syncer-tests.js: Added.

(sampleiOSConfig):
(createSampleBuildRequest):
(.smallConfiguration):

• unit-tests/measurement-adaptor-tests.js:
• unit-tests/measurement-set-tests.js:
• unit-tests/resources/mock-v3-models.js: Renamed from unit-tests/resources/v3-models.js.

(beforeEach):

• unit-tests/test-groups-tests.js:

(sampleTestGroup):

7:41 PM Changeset in webkit [198613] by dbates@webkit.org

• 3 edits in trunk/Source/WebCore

CSP: Simplify logic for checking policies
​https://bugs.webkit.org/show_bug.cgi?id=155817
<rdar://problem/25326546>

Reviewed by Zalan Bujtas.

Consolidate the various static template functions into a single function called ContentSecurityPolicy::allPoliciesAllow()
that tests whether a resource request when evaluated with respect to a directive (given as a ContentSecurityPolicyDirectiveList
pointer-to-member function) violates any of the CSPs that were delivered with the document.

No functionality changed. So, no new tests.

• page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::allPoliciesAllowHashFromContent): Formerly name isAllowedByAllWithHash. Made it
a member function so that we query for the document encoding instead of taking it as an argument. Modified
it to take a predicate function to pass it to allPoliciesAllow().
(WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Modified to use ContentSecurityPolicy::allPoliciesAllow().
(WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
(WebCore::ContentSecurityPolicy::allowScriptWithNonce): Ditto.
(WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
(WebCore::ContentSecurityPolicy::allowInlineScript): Modified to use ContentSecurityPolicy::allPoliciesAllow() and
ContentSecurityPolicy::allPoliciesAllowHashFromContent().
(WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
(WebCore::ContentSecurityPolicy::allowEval): Modified to use ContentSecurityPolicy::allPoliciesAllow().
(WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
(WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
(WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
(WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
(WebCore::isAllowedByAllWithFrame): Deleted.
(WebCore::isAllowedByAll): Deleted.
(WebCore::isAllowedByAllWithState): Deleted.
(WebCore::isAllowedByAllWithContext): Deleted.
(WebCore::isAllowedByAllWithNonce): Deleted.
(WebCore::isAllowedByAllWithHash): Deleted.
(WebCore::isAllowedByAllWithHashFromContent): Deleted.
(WebCore::isAllowedByAllWithURL): Deleted.
(WebCore::ContentSecurityPolicy::documentEncoding): Deleted. Incorporated its functionality into ContentSecurityPolicy::allPoliciesAllowHashFromContent().
(WebCore::ContentSecurityPolicy::isActive): Deleted. This function has been unused since the removal of the CSP script
interface in <​http://trac.webkit.org/changeset/197142>.

• page/csp/ContentSecurityPolicy.h:

(WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the predicate function evaluates to true
for all CSP policies.

7:40 PM Changeset in webkit [198612] by jonlee@apple.com

• 5 edits in trunk/PerformanceTests

Update focus and leaves tests
​https://bugs.webkit.org/show_bug.cgi?id=155825

Reviewed by Simon Fraser.

Particles would improperly disappear, before they were fully off stage. Update the calculation.

• Animometer/tests/dom/resources/leaves.js:
• Animometer/tests/master/resources/leaves.js:

• Animometer/tests/master/focus.html: Update the center element styling.
• Animometer/tests/master/resources/focus.js:

(FocusElement.Utilities.createClass): Give enough space in the container for each particle for the blur
to spread. It should be about 3x more space than the blur radius on each side.
(Stage.call.initialize): Ditto for the center element.

7:40 PM Changeset in webkit [198611] by jonlee@apple.com

• 11 edits
  1 delete in trunk/PerformanceTests

Update support for other platforms
​https://bugs.webkit.org/show_bug.cgi?id=155824

Reviewed by Simon Fraser.

• Animometer/resources/debug-runner/animometer.css: Remove extraneous media query. All of it should

be handled in the release stylesheet.

• Animometer/resources/debug-runner/animometer.js: Add support for browsers that return an HTMLCollection

when retrieving radio elements with a name, instead of the selected value.

• Animometer/resources/runner/animometer.css: Adjust the queries for devices of varying widths.

(.frame-container): Move overflow:hidden to #stage.

• Animometer/tests/master/resources/stage.css: Consolidate into tests/resources/stage.css.
• Animometer/tests/resources/stage.css:

(body): Remove overflow:hidden.
(#stage): Set overflow:hidden here.
(#center-text): Moved from master/resources/stage.css.

Update stylesheet hrefs.

• Animometer/tests/master/canvas-stage.html:
• Animometer/tests/master/focus.html:
• Animometer/tests/master/leaves.html:
• Animometer/tests/master/multiply.html:
• Animometer/tests/master/particles.html:
• Animometer/tests/master/text.html: Adjust text size to fit in the device screen.

7:08 PM Changeset in webkit [198610] by jonlee@apple.com

• 7 edits in trunk/PerformanceTests

Make the benchmark require device to be in landscape orientation
​https://bugs.webkit.org/show_bug.cgi?id=155822
rdar://problem/25258650

Reviewed by Ryosuke Niwa.

Check that the device is in landscape orientation. If not, disable the button to start it,
and show a warning message.

• Animometer/developer.html: Add a message about how the browser should be set up. Include a

warning message that appears if the orientation is incorrect on mobile devices.

• Animometer/index.html: Ditto.

• Animometer/resources/debug-runner/animometer.css: Migrate the .hidden rule into the release

stylesheet. Update the style to accommodate the new UI.

• Animometer/resources/runner/animometer.css:

• Animometer/resources/runner/animometer.js:

(window.benchmarkController.initialize): Add the orientation listener is needed.
(window.benchmarkController.addOrientationListenerIfNecessary): Only mobile devices need this. Check
to see for support of window.orientation.
(window.benchmarkController._orientationChanged): Toggle the warning based on whether we match the
landscape query. Set a state variable, which is needed for the debug harness. Call updateStartButtonState.
(window.benchmarkController.updateStartButtonState):

• Animometer/resources/debug-runner/animometer.js: Change _updateStartButtonState to return

a boolean about whether at least one test is selected. That will be used in
benchmarkController.updateStartButtonState(). Move the load event listener to the release version.
(window.benchmarkController.updateStartButtonState): Override the release version, and also check
that at least one test is selected.

5:43 PM Changeset in webkit [198609] by jer.noble@apple.com

• 2 edits
  2 adds in trunk

Media elements allowed to play without a user gesture, but requiring fullscreen playback, should not be allowed to autoplay.
​https://bugs.webkit.org/show_bug.cgi?id=155599

Reviewed by Darin Adler.

Test: media/video-autoplay-allowed-but-fullscreen-required.html

Entering fullscreen should always require a user gesture.

• html/MediaElementSession.cpp:

(WebCore::MediaElementSession::playbackPermitted):

5:42 PM Changeset in webkit [198608] by jer.noble@apple.com

• 2 edits in trunk/Tools

[ios-sim] RequiresUserActionForPlaybackTest.DoesNotRequireUserActionForMediaPlayback and RequiresUserActionForVideoButNotAudioPlayback failing
​https://bugs.webkit.org/show_bug.cgi?id=155764

Reviewed by Eric Carlson.

Remove the requirement for media elements to have webkit-playsinline attributes on iOS.

• TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:

(RequiresUserActionForPlaybackTest::SetUp):

5:13 PM Changeset in webkit [198607] by commit-queue@webkit.org

• 3 edits
  2 deletes in trunk

Unreviewed, rolling out r198538.
​https://bugs.webkit.org/show_bug.cgi?id=155819

Broke two API tests on iOS simulator (Requested by ap on
#webkit).

Reverted changeset:

"Media elements allowed to play without a user gesture, but
requiring fullscreen playback, should not be allowed to
autoplay."
​https://bugs.webkit.org/show_bug.cgi?id=155599
​http://trac.webkit.org/changeset/198538

5:12 PM Changeset in webkit [198606] by ggaren@apple.com

• 9 edits
  1 add in trunk/Source/bmalloc

bmalloc: Added an Object helper class
​https://bugs.webkit.org/show_bug.cgi?id=155818

Reviewed by Gavin Barraclough.

Object is an abstraction that breaks out a void* into its component
metadata pointers.

This is slightly faster than recomputing them, and it enables a future
patch in which Object will tell us whether it is small or large.

• bmalloc.xcodeproj/project.pbxproj: Added to the project.

• bmalloc/Allocator.cpp:

(bmalloc::Allocator::reallocate): Use Object to compute size.

• bmalloc/Deallocator.cpp:

(bmalloc::Deallocator::processObjectLog):

• bmalloc/Heap.cpp:

(bmalloc::Heap::allocateSmallPage):
(bmalloc::Heap::deallocateSmallLine):

• bmalloc/Heap.h:

(bmalloc::Heap::derefSmallLine): Use Object to deallocate.

• bmalloc/Object.h: Added.

(bmalloc::Object::Object):
(bmalloc::Object::chunk):
(bmalloc::Object::line):
(bmalloc::Object::page): Helper class to break out a void* into its
component metadata pointers.

• bmalloc/SmallChunk.h:

(bmalloc::SmallChunk::SmallChunk): SmallPage::get doesn't exist anymore
so we use our new helper functions instead.

(bmalloc::SmallChunk::offset):
(bmalloc::SmallChunk::object):
(bmalloc::SmallChunk::page):
(bmalloc::SmallChunk::line):
(bmalloc::SmallLine::begin):
(bmalloc::SmallLine::end):
(bmalloc::SmallPage::begin): New helpers that operate on the data
stored in Object.

(bmalloc::SmallLine::get): Deleted.
(bmalloc::SmallPage::get): Deleted.

• bmalloc/SmallLine.h:

(bmalloc::SmallLine::refCount): Added a default ref value for convenience.

• bmalloc/SmallPage.h:

(bmalloc::SmallPage::SmallPage):

4:47 PM Changeset in webkit [198605] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Allow clicking the Timeline in Editing Mode to toggle the checkbox
​https://bugs.webkit.org/show_bug.cgi?id=155815

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-23
Reviewed by Timothy Hatcher.

• UserInterface/Views/TimelineOverview.js:

(WebInspector.TimelineOverview.prototype._startEditingInstruments):
Remove unused variable.

• UserInterface/Views/TimelineTreeElement.js:

(WebInspector.TimelineTreeElement.prototype.onattach):
(WebInspector.TimelineTreeElement.prototype._clickHandler):
Make clicking on the tree element toggle the checkbox.

4:47 PM Changeset in webkit [198604] by andersca@apple.com

• 5 edits
  1 add in trunk

Crash when using KVO from within -[WebView initWithCoder:]
​https://bugs.webkit.org/show_bug.cgi?id=155816
rdar://problem/17073265

Reviewed by Dan Bernstein.

Source/WebKit/mac:

Get rid of the observationInfo getter and setter. It's not clear why they were added (in 2003),
and the methods on NSObject are good enough for us.

• WebView/WebView.mm:

(-[WebView setObservationInfo:]): Deleted.
(-[WebView observationInfo]): Deleted.

• WebView/WebViewData.h:

Tools:

Add test.

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/mac/EarlyKVOCrash.mm: Added.

(-[EarlyKVOCrashResponder initWithWebView:]):
(-[EarlyKVOCrashResponder initWithCoder:]):
(-[EarlyKVOCrashResponder dealloc]):
(-[EarlyKVOCrashResponder encodeWithCoder:]):
(TestWebKitAPI::TEST):

4:42 PM Changeset in webkit [198603] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Timeline Tab sometimes restores as blank
​https://bugs.webkit.org/show_bug.cgi?id=155811

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-23
Reviewed by Timothy Hatcher.

• UserInterface/Views/TimelineTabContentView.js:

(WebInspector.TimelineTabContentView.prototype.restoreFromCookie):
When early bailing in restore, if there is no content view to restore,
then at least fallback to showing the Overview.

3:45 PM Changeset in webkit [198602] by commit-queue@webkit.org

• 4 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Timeline Reset does not clear datagrids
​https://bugs.webkit.org/show_bug.cgi?id=155804

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-23
Reviewed by Timothy Hatcher.

• UserInterface/Views/HeapAllocationsTimelineView.js:

(WebInspector.HeapAllocationsTimelineView.prototype.shown):
(WebInspector.HeapAllocationsTimelineView.prototype.hidden):
(WebInspector.HeapAllocationsTimelineView.prototype.closed):
(WebInspector.HeapAllocationsTimelineView.prototype.reset):
Although we don't use the popover features of TimelineDataGrid,
be a good citizen and call methods on the datagrid.

• UserInterface/Views/OverviewTimelineView.js:

(WebInspector.OverviewTimelineView.prototype.reset):
Clear the datagrid on reset.

• UserInterface/Views/TimelineDataGrid.js:

(WebInspector.TimelineDataGrid.prototype.reset):
Clear the datagrid on reset.

3:45 PM Changeset in webkit [198601] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Uncaught exceptions closing Timeline tab
​https://bugs.webkit.org/show_bug.cgi?id=155805

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-23
Reviewed by Timothy Hatcher.

• UserInterface/Views/ScriptClusterTimelineView.js:

(WebInspector.ScriptClusterTimelineView.prototype._scriptClusterViewCurrentContentViewDidChange):
Gracefully handle if there is no content view.

• UserInterface/Views/TimelineRecordingContentView.js:

(WebInspector.TimelineRecordingContentView.prototype.closed): Deleted.
Fix typo.

3:33 PM Changeset in webkit [198600] by commit-queue@webkit.org

• 8 edits
  2 deletes in trunk

Unreviewed, rolling out r198582.
​https://bugs.webkit.org/show_bug.cgi?id=155812

"It broke debugging in the web inspector" (Requested by
saamyjoon on #webkit).

Reverted changeset:

"We should not disable inlining when the debugger is enabled"
​https://bugs.webkit.org/show_bug.cgi?id=155741
​http://trac.webkit.org/changeset/198582

3:27 PM Changeset in webkit [198599] by Simon Fraser

• 2 edits in trunk/Source/WebCore

Change the paint count indicator to indicate whether a layer is opaque
​https://bugs.webkit.org/show_bug.cgi?id=155810

Reviewed by Tim Horton.

In non-opaque layers, give the paint count indicator a diagonal top left corner. Being
able to see layer opaqueness helps diagnose bugs.

Also use CGContextStateSaver, and move the indicator in by a pixel to overlap less
with the layer border.

• platform/graphics/ca/PlatformCALayer.cpp:

(WebCore::PlatformCALayer::drawRepaintIndicator):

2:55 PM Changeset in webkit [198598] by rniwa@webkit.org

• 6 edits
  1 add in trunk/Websites/perf.webkit.org

Add unit tests for test-group.js
​https://bugs.webkit.org/show_bug.cgi?id=155781

Reviewed by Joseph Pecoraro.

Added unit tests for test-group.js that would have caught regressions fixed in r198503.

• public/v3/components/chart-pane-base.js:

(ChartPaneBase.prototype._renderAnnotations): Added a forgotten break statement.

• public/v3/models/build-request.js:

(BuildRequest.prototype.setResult):
(BuildRequest):

• public/v3/models/test-group.js:
• unit-tests/measurement-set-tests.js: Use ./resources/v3-models.js to reduce the code duplication.
• unit-tests/resources/v3-models.js: Import more stuff from v3 models.

(beforeEach):

• unit-tests/test-groups-tests.js: Added. Added some unit tests for TestGroup.

(sampleTestGroup):
(.testGroupWithStatusList):

2:40 PM Changeset in webkit [198597] by Alan Bujtas

• 3 edits
  2 adds in trunk

ASSERTION FAILED: y2 >= y1 in WebCore::RenderElement::drawLineForBoxSide
​https://bugs.webkit.org/show_bug.cgi?id=155791

Reviewed by Simon Fraser.

With certain combination of border rect and adjacent width, we could end up with an empty final rect.
This patch ensures that we don't try to paint this empty rect.

Source/WebCore:

Test: fast/borders/empty-outline-border-assert.html

• rendering/RenderElement.cpp:

(WebCore::RenderElement::drawLineForBoxSide):

LayoutTests:

• fast/borders/empty-outline-border-assert-expected.txt: Added.
• fast/borders/empty-outline-border-assert.html: Added.

2:29 PM Changeset in webkit [198596] by Lucas Forschler

• 2 edits in trunk/Tools

Teach kill-old-processes about perl 5.18.

Reviewed by Alexey Proskuryakov

• BuildSlaveSupport/kill-old-processes:

(main):

2:20 PM Changeset in webkit [198595] by dino@apple.com

• 2 edits in trunk/Source/WebCore

Screen queries should query the exact screen, not a default
​https://bugs.webkit.org/show_bug.cgi?id=155806
<rdar://problem/25322916>

Reviewed by Simon Fraser.

Some of our media queries were using helper functions that
would query the capabilities of the deepest screen, rather
than the currently used screen. I changed them to use
the existing helper function (that works with WebKit 2)
and comment in some other helpers why a generic check is
ok.

Covered by the existing tests.

• platform/mac/PlatformScreenMac.mm:

(WebCore::screenDepth): Use the helper function.
(WebCore::screenDepthPerComponent):
(WebCore::screenIsMonochrome): Move these and make a comment.
(WebCore::screenHasInvertedColors):

2:07 PM Changeset in webkit [198594] by ggaren@apple.com

• 6 edits in trunk/Source/bmalloc

bmalloc: process the object log before asking for new memory
​https://bugs.webkit.org/show_bug.cgi?id=155801

Reviewed by Gavin Barraclough.

This is a step toward merging large and small objects: In future, if we
have large objects in the log, we need to process them right away to
avoid pushing up peak memory use.

But it also appears to be a speedup and memory use improvement now.

• bmalloc/Allocator.cpp:

(bmalloc::Allocator::allocate):
(bmalloc::Allocator::refillAllocatorSlowCase):
(bmalloc::Allocator::allocateLarge): Process the log before asking for
more memory.

• bmalloc/Deallocator.cpp:

(bmalloc::Deallocator::processObjectLog):
(bmalloc::Deallocator::deallocateSlowCase):

• bmalloc/Deallocator.h: Provide a public API for processing the object log.

• bmalloc/Heap.cpp:

(bmalloc::Heap::allocateSmallPage): Pop fragmented pages from the front
instead of from the back. This resolves a regression on tree_churn
--parallel. Popping from the front gives us the oldest pages. The oldest
pages have had the most time to accumulate free lines. They are therefore
the least fragmented on average.

• bmalloc/List.h:

(bmalloc::List::popFront):
(bmalloc::List::insertAfter): New API to pop from front.

2:06 PM Changeset in webkit [198593] by timothy_horton@apple.com

• 2 edits in trunk/Source/WebKit2

MiniBrowser doesn't use accelerated drawing in WebKit2 windows if a WebKit1 window was opened first
​https://bugs.webkit.org/show_bug.cgi?id=141576
<rdar://problem/25304548>

Reviewed by Simon Fraser.

• UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences init]):
Make the NSUserDefaults key prefix for debug preferences (the only ones read
from NSUserDefaults) "WebKitDebug" instead of just "WebKit" so that they
don't conflict with the names that WebKit1 registers default values for.

2:03 PM Changeset in webkit [198592] by msaboff@apple.com

• 4 edits
  3 adds in trunk

JavaScriptCore ArrayPrototype::join shouldn't cache butterfly when it makes effectful calls
​https://bugs.webkit.org/show_bug.cgi?id=155776

Reviewed by Saam Barati.

Source/JavaScriptCore:

Array.join ends up calling toString, possibly on some object. Since these calls
could be effectful and could change the array itself, we can't hold the butterfly
pointer while making effectful calls. Changed the code to fall back to the general
case when an effectful toString() call might be made.

• runtime/ArrayPrototype.cpp:

(JSC::join):

• runtime/JSStringJoiner.h:

(JSC::JSStringJoiner::appendWithoutSideEffects): New helper that doesn't make effectful
toString() calls.
(JSC::JSStringJoiner::append): Built upon appendWithoutSideEffects.

LayoutTests:

New test.

• js/regress-155776-expected.txt: Added.
• js/regress-155776.html: Added.
• js/script-tests/regress-155776.js: Added.

(fillBigArrayViaToString):
(Function.prototype.toString):

1:58 PM Changeset in webkit [198591] by dbates@webkit.org

• 168 edits in trunk

CSP: Make violation console messages concise and consistent
​https://bugs.webkit.org/show_bug.cgi?id=155777
<rdar://problem/25304031>

Reviewed by Darin Adler.

Source/WebCore:

As a first step towards making the log messages that are emitted by the ContentSecurityPolicy object
concise and consistent with the language and formatting used in other WebKit console messages, including
other Content Security Policy messages, make the violation error messages concise and consistent.
Being concise and consistent will help make it straightforward for a person to understand the reason
for the violation by taking advantage of their familiarity with the language and formatting seen in
other WebKit console messages.

• page/csp/ContentSecurityPolicyDirectiveList.cpp:

(WebCore::consoleMessageForViolation): Added. Builds up a console message for violation.
(WebCore::ContentSecurityPolicyDirectiveList::allowJavaScriptURLs): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkInlineAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineEventHandlers): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineScript): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineStyle): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowEval): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkEvalAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::allowPluginType): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkMediaTypeAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::allowScriptFromSource): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkSourceAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::allowObjectFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowChildContextFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowChildFrameFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowImageFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowStyleFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowFontFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowMediaFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowConnectToSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowFormAction): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowBaseURI): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowFrameAncestors): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkFrameAncestorsAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::addDirective): Add FIXME comment to log that the frame-src directive is
deprecated. See <​https://bugs.webkit.org/show_bug.cgi?id=155773> for more details.
(WebCore::ContentSecurityPolicyDirectiveList::checkEvalAndReportViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::checkMediaTypeAndReportViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::checkInlineAndReportViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::checkSourceAndReportViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::checkFrameAncestorsAndReportViolation): Deleted.

• page/csp/ContentSecurityPolicyDirectiveList.h:

LayoutTests:

Update expected results to reflect new violation message text.

• fast/workers/worker-inherits-csp-blocks-xhr-expected.txt:
• http/tests/contentextensions/block-cookies-in-csp-report-expected.txt:
• http/tests/contentextensions/block-csp-report-expected.txt:
• http/tests/contentextensions/hide-on-csp-report-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/base-uri-deny-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/child-src/frame-blocked-expected.txt:

...

• http/tests/security/contentSecurityPolicy/xsl-blocked-expected.txt:
• http/tests/security/contentSecurityPolicy/xsl-img-blocked-expected.txt:
• http/tests/security/contentSecurityPolicy/xsl-redirect-blocked-expected.txt:
• http/tests/security/contentSecurityPolicy/xsl-unaffected-by-style-src-1-expected.txt:
• http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-expected.txt:
• http/tests/security/isolatedWorld/image-load-should-not-bypass-main-world-csp-expected.txt:
• media/csp-blocks-video-expected.txt:

1:08 PM Changeset in webkit [198590] by Matt Baker

• 2 edits
  18 adds in trunk/Source/WebInspectorUI

Web Inspector: Quick Open dialog has fuzzy icons at 1x
​https://bugs.webkit.org/show_bug.cgi?id=155557
<rdar://problem/25200217>

Reviewed by Timothy Hatcher.

New resource icons (documents and clippings) for large tree items,
for use in the Quick Open dialog's tree outline.

• UserInterface/Images/ClippingCSSLarge.png: Added.
• UserInterface/Images/​ClippingCSSLarge@2x.png: Added.
• UserInterface/Images/ClippingGenericLarge.png: Added.
• UserInterface/Images/ClippingGenericLarge@2x.png: Added.
• UserInterface/Images/ClippingJSLarge.png: Added.
• UserInterface/Images/​ClippingJSLarge@2x.png: Added.
• UserInterface/Images/DocumentCSSLarge.png: Added.
• UserInterface/Images/​DocumentCSSLarge@2x.png: Added.
• UserInterface/Images/DocumentFontLarge.png: Added.
• UserInterface/Images/DocumentFontLarge@2x.png: Added.
• UserInterface/Images/DocumentGenericLarge.png: Added.
• UserInterface/Images/DocumentGenericLarge@2x.png: Added.
• UserInterface/Images/DocumentImageLarge.png: Added.
• UserInterface/Images/DocumentImageLarge@2x.png: Added.
• UserInterface/Images/DocumentJSLarge.png: Added.
• UserInterface/Images/​DocumentJSLarge@2x.png: Added.
• UserInterface/Images/DocumentMarkupLarge.png: Added.
• UserInterface/Images/DocumentMarkupLarge@2x.png: Added.

32px icons at 1x and 2x.

• UserInterface/Views/ResourceIcons.css:

(.large .resource-icon .icon):
(.large .resource-icon.resource-type-document .icon):
(.large .resource-icon.resource-type-image .icon):
(.large .resource-icon.resource-type-font .icon):
(.large .resource-icon.resource-type-stylesheet .icon):
(.large .resource-icon.resource-type-script .icon):
(.large .anonymous-script-icon .icon):
(.large .source-map-resource.resource-icon .icon):
(.large .source-map-resource.resource-icon.resource-type-stylesheet .icon):
(.large .source-map-resource.resource-icon.resource-type-script .icon):
Large icon styles.

12:42 PM Changeset in webkit [198589] by keith_miller@apple.com

• 4 edits in trunk/Source/JavaScriptCore

Array.prototype native functions' species constructors should work with proxies
​https://bugs.webkit.org/show_bug.cgi?id=155798

Reviewed by Mark Lam.

Before native the species constructors were checking if the this value was a JSArray.
Instead they should look check that the this value returns true on Array.isArray.

• runtime/ArrayPrototype.cpp:

(JSC::speciesConstructArray):

• tests/es6.yaml:
• tests/stress/proxy-array-prototype-methods.js:

12:21 PM Changeset in webkit [198588] by Brent Fulgham

• 4 edits
  2 adds in trunk

[WebGL] Non-power-of-two texture optimization
​https://bugs.webkit.org/show_bug.cgi?id=118409

Reviewed by Dean Jackson.

Source/WebCore:

Based on a patch by Przemyslaw Szymanski <​p.szymanski3@samsung.com>

This patch optimizes usage of handleNPOTTextures. We do not need to
iterate over each texture unit if no black textures were set. This
optimization provides a few more frames per seconds for certain
draw calls.

Tested by:
(1) Existing tests: webgl/resources/webgl_test_files/conformance/textures/texture-npot.html
(2) New test case: fast/canvas/webgl/texture-alternating-npot.html

• html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::compressedTexImage2D): Use new helper method.
(WebCore::WebGLRenderingContextBase::validateNPOTTextureLevel): Added.
(WebCore::WebGLRenderingContextBase::drawArrays): Only check texture completeness
if a black texture was used.
(WebCore::WebGLRenderingContextBase::drawElements): Ditto.
(WebCore::WebGLRenderingContextBase::texImage2DBase): Use new helper method.
(WebCore::WebGLRenderingContextBase::validateTexFunc): Ditto.
(WebCore::WebGLRenderingContextBase::checkTextureCompleteness): Return flag to indicate
if a black fallbacktexture was used.

• html/canvas/WebGLRenderingContextBase.h:

LayoutTests:

• fast/canvas/webgl/texture-alternating-npot-expected.txt: Added.
• fast/canvas/webgl/texture-alternating-npot.html: Added.

11:00 AM Changeset in webkit [198587] by ap@apple.com

• 2 edits in trunk/Source/WebCore

Build fix for a new warning.

• editing/VisibleSelection.cpp: (WebCore::makeSearchRange): Don't move when returning,

as that prevents copy elision.

9:48 AM Changeset in webkit [198586] by Keith Rollin

• 2 edits in trunk/Tools

Unreviewed: add Keith Rollin to the committers list.

• Scripts/webkitpy/common/config/contributors.json:

8:53 AM Changeset in webkit [198585] by timothy@apple.com

• 3 edits in trunk/Source/WebInspectorUI

Web Inspector: String double quoting in the console and elsewhere needs to escape backslash too

​https://bugs.webkit.org/show_bug.cgi?id=155752
rdar://problem/25293141

Reviewed by Joseph Pecoraro.

• UserInterface/Base/Utilities.js:

(doubleQuotedString): Escape backslashes too.

• UserInterface/Views/FormattedValue.js:

(WebInspector.FormattedValue.createLinkifiedElementString): Ditto.

8:39 AM WebKitNightlyElCapWorkaround edited by timothy@apple.com

(diff)

8:36 AM WebKitNightlyElCapWorkaround edited by timothy@apple.com

Update to the latest workaround. (diff)

7:16 AM Changeset in webkit [198584] by Antti Koivisto

• 5 edits in trunk/Source/WebCore

Share style by sharing RenderStyle substructures not the object itself
​https://bugs.webkit.org/show_bug.cgi?id=155787

Reviewed by Anreas Kling.

The current approach where we share RenderStyle objects between elements leads to lot of awkward and bug-prone code.
Most of the RenderStyle consists of shareable substructures. It is better to just share those.

With this patch we create shared styles with RenderStyle::clone(). Sharing is traced as state in Style::SharingResolver
instead of relying on RenderStyle equality to locate potential sharing cousins.

• rendering/style/StyleRareNonInheritedData.cpp:

(WebCore::StyleRareNonInheritedData::operator==):

m_altText was missing from operator==
This was exposed by TreeResolver::resolveElement change, tested by fast/css/alt-inherit-initial.html

• style/StyleSharingResolver.cpp:

(WebCore::Style::elementHasDirectionAuto):
(WebCore::Style::SharingResolver::resolve):

Save share results to a map.

(WebCore::Style::SharingResolver::findSibling):
(WebCore::Style::SharingResolver::locateCousinList):

Instead of traversing we can now just do a hash lookup to locate a candidate cousin list.
There is no need for recursion anymore, the map covers sharing beyond immediate siblings too.
Remove most tests here as they have been already covered when sharing occured.

(WebCore::Style::canShareStyleWithControl):

• style/StyleSharingResolver.h:
• style/StyleTreeResolver.cpp:

(WebCore::Style::TreeResolver::styleForElement):
(WebCore::Style::TreeResolver::resolveElement):

No need to do forced setting anymore just to support style sharing.

7:05 AM Changeset in webkit [198583] by Gyuyoung Kim

• 23 edits in trunk/Source/WebCore

Reduce PassRefPtr uses in editing
​https://bugs.webkit.org/show_bug.cgi?id=155743

Reviewed by Darin Adler.

Use RefPtr<>&&, raw pointer, or reference in arugments instead of PassRefPtr.
Besides RefPtr is used if function may be able to return nullptr.

• dom/Element.cpp:

(WebCore::Element::setOuterHTML):
(WebCore::Element::setInnerHTML):

• dom/Range.cpp:

(WebCore::Range::createContextualFragment):

• dom/ShadowRoot.cpp:

(WebCore::ShadowRoot::setInnerHTML):

• editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::wrapContentsInDummySpan):

• editing/CompositeEditCommand.h:
• editing/DictationCommand.cpp:

(WebCore::DictationCommand::insertText):

• editing/SplitTextNodeContainingElementCommand.cpp:

(WebCore::SplitTextNodeContainingElementCommand::doApply):

• editing/TextInsertionBaseCommand.cpp:

(WebCore::TextInsertionBaseCommand::applyTextInsertionCommand):

• editing/TextInsertionBaseCommand.h:
• editing/TypingCommand.cpp:

(WebCore::TypingCommand::deleteSelection):
(WebCore::TypingCommand::deleteKeyPressed):
(WebCore::TypingCommand::forwardDeleteKeyPressed):
(WebCore::TypingCommand::insertText):
(WebCore::TypingCommand::insertLineBreak):
(WebCore::TypingCommand::insertParagraphSeparatorInQuotedContent):
(WebCore::TypingCommand::insertParagraphSeparator):
(WebCore::TypingCommand::lastTypingCommandIfStillOpenForTyping):
(WebCore::TypingCommand::closeTyping):
(WebCore::TypingCommand::ensureLastEditCommandHasCurrentSelectionIfOpenForMoreTyping):

• editing/TypingCommand.h:
• editing/VisibleSelection.cpp:

(WebCore::VisibleSelection::firstRange):
(WebCore::makeSearchRange):

• editing/VisibleSelection.h:
• editing/WrapContentsInDummySpanCommand.cpp:

(WebCore::WrapContentsInDummySpanCommand::WrapContentsInDummySpanCommand):

• editing/WrapContentsInDummySpanCommand.h:

(WebCore::WrapContentsInDummySpanCommand::create):

• editing/atk/FrameSelectionAtk.cpp:

(WebCore::maybeEmitTextFocusChange):
(WebCore::FrameSelection::notifyAccessibilityForSelectionChange):

• editing/htmlediting.cpp:

(WebCore::createOrderedListElement):
(WebCore::createUnorderedListElement):
(WebCore::createListItemElement):
(WebCore::createTabSpanElement):

• editing/htmlediting.h:
• editing/markup.cpp:

(WebCore::AttributeChange::AttributeChange):
(WebCore::ancestorToRetainStructureAndAppearanceForBlock):
(WebCore::styleFromMatchedRulesAndInlineDecl):
(WebCore::createFragmentForInnerOuterHTML):
(WebCore::createFragmentForTransformToFragment):
(WebCore::createContextualFragment):

• editing/markup.h:
• html/HTMLElement.cpp:

(WebCore::HTMLElement::insertAdjacentHTML):

• xml/XSLTProcessor.cpp:

(WebCore::XSLTProcessor::transformToFragment):

2:15 AM Changeset in webkit [198582] by sbarati@apple.com

• 8 edits
  2 adds in trunk

We should not disable inlining when the debugger is enabled
​https://bugs.webkit.org/show_bug.cgi?id=155741

Reviewed by Oliver Hunt.

Source/JavaScriptCore:

We can enable inlining when the debugger is enabled as long
as we make sure we still jettison the proper CodeBlocks when
a breakpoint is set. This means that for any optimized CodeBlock,
we must ask if any of its inlinees contain the breakpoint that
is being set. If any inlinees do contain the breakpoint, we must
jettison the machine code block that they are a part of.

• debugger/Debugger.cpp:

(JSC::Debugger::toggleBreakpoint):
(JSC::Debugger::applyBreakpoints):

• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::ByteCodeParser):
(JSC::DFG::ByteCodeParser::setLocal):
(JSC::DFG::ByteCodeParser::flush):
(JSC::DFG::ByteCodeParser::flushForTerminal):
(JSC::DFG::ByteCodeParser::inliningCost):

• dfg/DFGGraph.cpp:

(JSC::DFG::Graph::Graph):
(JSC::DFG::Graph::~Graph):

• dfg/DFGGraph.h:

(JSC::DFG::Graph::hasDebuggerEnabled): Deleted.

• dfg/DFGStackLayoutPhase.cpp:

(JSC::DFG::StackLayoutPhase::run):

• ftl/FTLCompile.cpp:

(JSC::FTL::compile):

LayoutTests:

• inspector/debugger/breakpoint-with-inlining-expected.txt: Added.
• inspector/debugger/breakpoint-with-inlining.html: Added.

2:11 AM Changeset in webkit [198581] by Yusuke Suzuki

• 2 edits
  1 add in trunk/Source/JavaScriptCore

[ES6] Allow undefined/null for Symbol.search and Symbol.match
​https://bugs.webkit.org/show_bug.cgi?id=155785

Reviewed by Saam Barati.

Undefined and null for Symbol.search and Symbol.match properties of the given RegExp (like) object are allowed.
When they are specified, we go to the fallback path; creating the RegExp with the given object and matching.

• builtins/StringPrototype.js:

(match):
(search):

• tests/stress/string-symbol-customization.js: Added.

(shouldBe):
(shouldThrow):

1:51 AM Changeset in webkit [198580] by Carlos Garcia Campos

• 16 edits in trunk/Source

Use Region instead of IntRect in PageClient and WebPageProxy setViewNeedsDisplay method
​https://bugs.webkit.org/show_bug.cgi?id=155747

Reviewed by Darin Adler.

Source/WebCore:

Add helper function to make cairo region out of a WebCore::Region.

• platform/graphics/cairo/CairoUtilities.cpp:

(WebCore::toCairoRegion):

• platform/graphics/cairo/CairoUtilities.h:

Source/WebKit2:

This way instead of calling setViewNeedsDisplay() for every
rectangle in the damage area, we can build a region and call
setViewNeedsDisplay() once. GTK+ has API to queue a redraw for a
given region, so we also avoid scheduling multiple redraws in GTK+
port.

• UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::setViewNeedsDisplay): Convert the Region
into a cairo_region_t and use gtk_widget_queue_draw_region()
instyead of gtk_widget_queue_draw_area().

• UIProcess/API/gtk/PageClientImpl.h:
• UIProcess/DrawingAreaProxyImpl.cpp:

(WebKit::DrawingAreaProxyImpl::incorporateUpdate): Build a Region
with the damage rectangles and call
WebPageProxy::setViewNeedsDisplay() once.

• UIProcess/PageClient.h:
• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::setViewNeedsDisplay):

• UIProcess/WebPageProxy.h:
• UIProcess/efl/WebView.cpp:

(WebKit::WebView::setViewNeedsDisplay):

• UIProcess/efl/WebView.h:
• UIProcess/ios/PageClientImplIOS.h:
• UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::setViewNeedsDisplay):

• UIProcess/mac/PageClientImpl.h:
• UIProcess/mac/PageClientImpl.mm:

(WebKit::PageClientImpl::setViewNeedsDisplay):

1:21 AM Changeset in webkit [198579] by sbarati@apple.com

• 2 edits in trunk/Source/WTF

SmallPtrSet leaks memory in its move assignment operator when !this->isSmall()
​https://bugs.webkit.org/show_bug.cgi?id=155701

Reviewed by Darin Adler.

• wtf/SmallPtrSet.h:

(WTF::SmallPtrSet::SmallPtrSet):
(WTF::SmallPtrSet::operator=):

Mar 22, 2016:

10:46 PM Changeset in webkit [198578] by timothy_horton@apple.com

• 6 edits in trunk/Source

Invoking a link preview on a complex link (e.g. an image) results in an empty TextIndicator
​https://bugs.webkit.org/show_bug.cgi?id=155779
<rdar://problem/22408793>

Reviewed by Simon Fraser.

• page/FrameSnapshotting.cpp:

(WebCore::snapshotFrameRect):
(WebCore::snapshotFrameRectWithClip):

• page/FrameSnapshotting.h:
• page/TextIndicator.cpp:

(WebCore::takeSnapshot):
(WebCore::takeSnapshots):
(WebCore::initializeIndicator):
When snapshotting, clip to the indicated range's rects. This is important
to avoid painting into the margins in the non-selection-only painting case.
This didn't come up with normal selection-only painting because the text
didn't intersect the margin, and the background doesn't paint.

• WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::dictionaryPopupInfoForRange):
(WebKit::WebPage::performImmediateActionHitTestAtLocation):
Use the TextIndicator mode where we give up on selection-only snapshotting
and just paint all content on Mac, similar to what we do for 3D Touch indicators.

9:29 PM Changeset in webkit [198577] by Darin Adler

• 3 edits in trunk/LayoutTests

Tiny tweak to test I just landed.

• http/tests/security/cross-origin-modal-dialog-base-expected.txt:

Fix expected result now that I fixed the less than sign.

• http/tests/security/cross-origin-modal-dialog-base.html:

9:19 PM Changeset in webkit [198576] by Darin Adler

• 2 edits in trunk

straighten quotes in ChangeLog

9:16 PM Changeset in webkit [198575] by Darin Adler

• 4 edits
  4 adds in trunk

showModalDialog code runs with “first window” set to wrong window
​https://bugs.webkit.org/show_bug.cgi?id=155710

Source/WebCore:

Reviewed by Brent Fulgham.

Test: http/tests/security/cross-origin-modal-dialog-base.html

• page/Chrome.cpp:

(WebCore::Chrome::runModal): Null out entryScope so that the "first window"
checks inside the modal dialog won't run in the context of the original window
that presented the dialog.

LayoutTests:

Test by John Wilander.

Reviewed by Brent Fulgham.

• http/tests/security/cross-origin-modal-dialog-base-expected.txt: Added.
• http/tests/security/cross-origin-modal-dialog-base.html: Added.
• http/tests/security/resources/cross-origin-modal-dialog-base-1.html: Added.
• http/tests/security/resources/cross-origin-modal-dialog-base-2.html: Added.
• platform/wk2/TestExpectations: Skip test until we get better showModalDialog support.

8:28 PM Changeset in webkit [198574] by commit-queue@webkit.org

• 3 edits
  2 adds in trunk

userSpaceOnUse patterns are not stroked for empty object bounding box elements
​https://bugs.webkit.org/show_bug.cgi?id=109758

Patch by Said Abou-Hallawa <​sabouhallawa@apple.com> on 2016-03-22
Reviewed by Brent Fulgham.
Source/WebCore:

Checking whether the patternUnits is objectBoundingBox needs to be done
after calling collectPatternAttributes(). Otherwise the default value
will be always checked which is 'objectBoundingBox'.

Tests: svg/custom/pattern-units-fill-stroke.svg

• rendering/svg/RenderSVGResourcePattern.cpp:

(WebCore::RenderSVGResourcePattern::buildPattern):
(WebCore::RenderSVGResourcePattern::applyResource):

LayoutTests:

Ensure the SVG pattern is drawn correctly if it is used as a stroke for
empty objectBoundingBox elements.

• svg/custom/pattern-units-fill-stroke-expected.svg: Added.
• svg/custom/pattern-units-fill-stroke.svg: Added.

7:30 PM Changeset in webkit [198573] by rniwa@webkit.org

• 2 edits in trunk/Websites/perf.webkit.org

Fix a typo.

• config.json:

7:12 PM Changeset in webkit [198572] by commit-queue@webkit.org

• 4 edits in trunk/Source/JavaScriptCore

[JSC] correctly handle indexed properties in Object.getOwnPropertyDescriptors
​https://bugs.webkit.org/show_bug.cgi?id=155563

Patch by Caitlin Potter <​caitp@igalia.com> on 2016-03-22
Reviewed by Saam Barati.

• runtime/JSObject.h:

(JSC::JSObject::putOwnDataPropertyMayBeIndex):

• runtime/ObjectConstructor.cpp:

(JSC::objectConstructorGetOwnPropertyDescriptors):

6:39 PM Changeset in webkit [198571] by ggaren@apple.com

• 11 edits in trunk/Source/bmalloc

bmalloc: use a log scale for large-ish size classes
​https://bugs.webkit.org/show_bug.cgi?id=155770

Reviewed by Michael Saboff.

At larger sizes, precise allocation sizes don't save much memory -- and
they can cost memory when objects of distinct size classes can't
allocate together.

This is a small savings up to our current allocation limits, and it may
enable changing those limits in the long term.

• bmalloc/Algorithm.h:

(bmalloc::log2): We use this to compute large-ish size classes.

• bmalloc/Allocator.cpp:

(bmalloc::Allocator::Allocator): Iterate by size class instead of by
object size so we can change object size limits without breaking stuff.

(bmalloc::Allocator::scavenge): Ditto.

(bmalloc::Allocator::allocateLogSizeClass): New helper function for
allocating based on log size classes.

(bmalloc::Allocator::allocateSlowCase): Account for extra size class
possibilities.

• bmalloc/Allocator.h:

(bmalloc::Allocator::allocateFastCase): We only handle up to 512b on
the fastest fast path now.

• bmalloc/BumpAllocator.h:

(bmalloc::BumpAllocator::validate): Deleted. I noticed that this function
had been refactored not to do anything anymore.

• bmalloc/Heap.cpp:

(bmalloc::Heap::initializeLineMetadata): Iterate by size class. (See
Allocator::Allocator.)

• bmalloc/Heap.h: Use the sizeClassCount constant instead of hard coding

things.

• bmalloc/Sizes.h:

(bmalloc::Sizes::maskSizeClass):
(bmalloc::Sizes::maskObjectSize):
(bmalloc::Sizes::logSizeClass):
(bmalloc::Sizes::logObjectSize):
(bmalloc::Sizes::sizeClass):
(bmalloc::Sizes::objectSize): Separate size class calculation between
simple size classes that can be computed with a mask and are 8-byte-precise
and complex size classes that require more math and are less precise.

• bmalloc/SmallLine.h:

(bmalloc::SmallLine::ref):

• bmalloc/SmallPage.h:

(bmalloc::SmallPage::SmallPage):
(bmalloc::SmallPage::ref):
(bmalloc::SmallPage::deref): Cleaned up some ASSERTs that triggered
while working on this patch.

• bmalloc/Zone.cpp:

(bmalloc::statistics):
(bmalloc::zoneSize):
(bmalloc::Zone::Zone):
(bmalloc::size): Deleted. Renamed these symbols to work around an lldb
bug that makes it impossible to print out variables named 'size' -- which
can be a problem when working on malloc.

6:38 PM Changeset in webkit [198570] by sbarati@apple.com

• 11 edits in trunk/Source/JavaScriptCore

We should FTL compile code when the debugger is enabled
​https://bugs.webkit.org/show_bug.cgi?id=155740

Reviewed by Oliver Hunt.

There was no fundamental reason why we didn't support debugging
with the FTL. It looks like this was just an oversight. We had
a Breakpoint node in the DFG that amounted to a nop. By removing
this node, we now support debugging in the FTL. Anytime a breakpoint
is set, we will jettison any DFG/FTL CodeBlocks that contain the breakpoint
that was set.

• dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

• dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

• dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

• dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

• dfg/DFGNodeType.h:
• dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

• dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

• dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

• dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

6:19 PM Changeset in webkit [198569] by bshafiei@apple.com

• 2 edits in tags/Safari-602.1.25/Source/WebKit2

Merged r198562. rdar://problem/25301027

5:58 PM Changeset in webkit [198568] by mmaxfield@apple.com

• 9 edits in trunk/Source/WebCore

Use references instead of pointers for absolute positioning code
​https://bugs.webkit.org/show_bug.cgi?id=155775

Reviewed by Simon Fraser.

There are many pointers which will never be null in this code. This patch
migrates them to use references.

No new tests because there is no behavior change.

• rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::layoutBlockChild):
(WebCore::RenderBlockFlow::marginBeforeEstimateForChild):
(WebCore::RenderBlockFlow::insertFloatingObject):

• rendering/RenderBox.cpp:

(WebCore::RenderBox::constrainLogicalWidthInRegionByMinMax):
(WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats):
(WebCore::RenderBox::computeLogicalWidthInRegion):
(WebCore::RenderBox::computeLogicalWidthInRegionUsing):
(WebCore::RenderBox::computeInlineDirectionMargins):
(WebCore::RenderBox::renderBoxRegionInfo):
(WebCore::RenderBox::computeLogicalHeight):
(WebCore::RenderBox::skipContainingBlockForPercentHeightCalculation):
(WebCore::RenderBox::computePercentageLogicalHeight):
(WebCore::RenderBox::computeReplacedLogicalWidthUsing):
(WebCore::RenderBox::computeReplacedLogicalHeightUsing):
(WebCore::RenderBox::availableLogicalHeightUsing):
(WebCore::RenderBox::computeBlockDirectionMargins):
(WebCore::RenderBox::computeAndSetBlockDirectionMargins):
(WebCore::RenderBox::containingBlockLogicalWidthForPositioned):
(WebCore::RenderBox::containingBlockLogicalHeightForPositioned):
(WebCore::computeInlineStaticDistance):
(WebCore::RenderBox::computePositionedLogicalWidth):
(WebCore::computeLogicalLeftPositionedOffset):
(WebCore::RenderBox::computePositionedLogicalWidthUsing):
(WebCore::computeBlockStaticDistance):
(WebCore::RenderBox::computePositionedLogicalHeight):
(WebCore::computeLogicalTopPositionedOffset):
(WebCore::RenderBox::computePositionedLogicalHeightUsing):
(WebCore::RenderBox::computePositionedLogicalWidthReplaced):
(WebCore::RenderBox::computePositionedLogicalHeightReplaced):
(WebCore::percentageLogicalHeightIsResolvable):
(WebCore::RenderBox::percentageLogicalHeightIsResolvableFromBlock):
(WebCore::RenderBox::hasDefiniteLogicalHeight):
(WebCore::RenderBox::hasUnsplittableScrollingOverflow):

• rendering/RenderBox.h:
• rendering/RenderDeprecatedFlexibleBox.cpp:

(WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
(WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):

• rendering/RenderFlexibleBox.cpp:

(WebCore::RenderFlexibleBox::computeMainAxisExtentForChild):
(WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):

• rendering/RenderGrid.cpp:

(WebCore::RenderGrid::minSizeForChild):
(WebCore::RenderGrid::computeMarginLogicalHeightForChild):

• rendering/RenderTable.cpp:

(WebCore::RenderTable::updateLogicalWidth):

• rendering/RenderTableRow.cpp:

(WebCore::RenderTableRow::layout):

5:49 PM Changeset in webkit [198567] by Jon Davis

• 2 edits in trunk/Source/WebCore

Add Download Attribute to the Feature Status page
​https://bugs.webkit.org/show_bug.cgi?id=155772

Reviewed by Timothy Hatcher.

• features.json:

5:47 PM Changeset in webkit [198566] by jer.noble@apple.com

• 3 edits in trunk/Source/WebCore

CachedResource::MediaResource types shouldn't be blocked due to mixed-content.
​https://bugs.webkit.org/show_bug.cgi?id=155588
<rdar://problem/25177795>

Reviewed by Brent Fulgham.

Follow-up to address crashes caused by r198549. Rather than destroy MediaResourceLoader on a background thread,
migrate the Ref to the main thread before releasing.

• platform/graphics/PlatformMediaResourceLoader.h:
• platform/network/cocoa/WebCoreNSURLSession.mm:

(-[WebCoreNSURLSession dealloc]):

5:19 PM Changeset in webkit [198565] by keith_miller@apple.com

• 4 edits in trunk/Source/JavaScriptCore

REGRESSION(r197543): Use-after-free on storage/indexeddb/transaction-abort-private.html
​https://bugs.webkit.org/show_bug.cgi?id=155067

Reviewed by Filip Pizlo.

GCIncommingRefCountedSets need to be finalized before we start
destructing members of the Heap object. Previously, we would
clear all our ArrayBuffer objects when the GCIncommingRefCountedSet
holding them was destroyed. However, ArrayBuffers have a weak
reference to their wrappers. When we would attempt to destroy the
ArrayBuffer object we would end up accessing the WeakImpl for
the weak reference, which had already been freed as we destroyed
our weak block. The solution to this is to move the old
GCIncommingRefCountedSet destructor functionality to a new
function lastChanceToFinalize. This function is called when
we finalize our other objects on Heap destruction.

• heap/GCIncomingRefCountedSet.h:
• heap/GCIncomingRefCountedSetInlines.h:

(JSC::GCIncomingRefCountedSet<T>::lastChanceToFinalize):
(JSC::GCIncomingRefCountedSet<T>::~GCIncomingRefCountedSet): Deleted.

• heap/Heap.cpp:

(JSC::Heap::lastChanceToFinalize):

5:19 PM WebKitNightlyElCapWorkaround edited by beidson@apple.com

(diff)

5:12 PM Changeset in webkit [198564] by mmaxfield@apple.com

• 3 edits in trunk/LayoutTests

Post-review test update after r198560
​https://bugs.webkit.org/show_bug.cgi?id=155533

Unreviewed.

• fast/scrolling/rtl-scrollbars-positioning-expected.html:
• fast/scrolling/rtl-scrollbars-positioning.html:

4:47 PM Changeset in webkit [198563] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Switching Timelines via Path Component does not work
​https://bugs.webkit.org/show_bug.cgi?id=155767
<rdar://problem/25298945>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-22
Reviewed by Timothy Hatcher.

• UserInterface/Views/TimelineRecordingContentView.js:

(WebInspector.TimelineRecordingContentView.prototype._timelinePathComponentSelected):
(WebInspector.TimelineRecordingContentView.prototype._instrumentAdded):

4:33 PM Changeset in webkit [198562] by achristensen@apple.com

• 2 edits in trunk/Source/WebKit2

Fix HTTPS on Mac using NSURLSession after r198457
​https://bugs.webkit.org/show_bug.cgi?id=155774
<rdar://problem/25301027>

Reviewed by Anders Carlsson.

• NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSession::NetworkSession):
r198457 was intended to fix an issue on iOS and have no change in behavior on Mac.
It did have a subtle change in behavior, setting the source application bundle identifier
on iOS and was causing problems with HTTPS connections using NSURLSession, so this patch
reverts that change.

3:27 PM Changeset in webkit [198561] by commit-queue@webkit.org

• 7 edits
  1 copy
  2 moves
  21 adds in trunk

Restrict WebSockets header parsing according to RFC6455 and RFC7230. Based on Lamarque V. Souza's original patch.
​https://bugs.webkit.org/show_bug.cgi?id=82714

Patch by John Wilander <​wilander@apple.com> on 2016-03-22
Reviewed by Brent Fulgham.

Source/WebCore:

Tests: http/tests/websocket/tests/hybi/error-event-ready-state-non-existent-url-with-server-responding-404.html

http/tests/websocket/tests/hybi/handshake-fail-by-invalid-http-version.html
http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-accept.html
http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-extensions.html
http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-protocol.html
http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-status-line.html
http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status.html
http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1.html

• Modules/websockets/WebSocketHandshake.cpp:

(WebCore::WebSocketHandshake::httpURLForAuthenticationAndCookies):
(WebCore::headerHasValidHTTPVersion):

• Check for HTTP version 1.1 and above.

(WebCore::WebSocketHandshake::readStatusLine):

• Only allow ASCII characters in status line.
• Only allow HTTP version 1.1 and above in status line.

(WebCore::WebSocketHandshake::readHTTPHeaders):

• Only allow ASCII characters in values for new HTTP headers.

LayoutTests:

• http/tests/websocket/tests/hybi/error-event-ready-state-expected.txt: Removed.
  • See comment below on the associated HTML file.
• http/tests/websocket/tests/hybi/error-event-ready-state-non-existent-url-with-server-responding-404-expected.txt: Added.
• http/tests/websocket/tests/hybi/error-event-ready-state-non-existent-url-with-server-responding-404.html: Added.
  • Uses PHP to respond with an HTTP 1.1 404. The old (now removed) test case failed once we restricted WebSockets to HTTP 1.1 and above because the test server responded with an HTTP 1.0 404 for non-existing files.
• http/tests/websocket/tests/hybi/error-event-ready-state.html: Removed.
  • This test case was renamed "error-event-ready-state-non-existent-url-with-server-responding-404" to make it clear it now relies on a server responding with HTTP 1.1 404.
• http/tests/websocket/tests/hybi/handshake-fail-by-invalid-http-version-expected.txt: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-invalid-http-version.html: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-invalid-http-version_wsh.py: Added.

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

• Test case for lower than HTTP 1.1 versions.

• http/tests/websocket/tests/hybi/handshake-fail-by-more-accept-header-expected.txt:
• http/tests/websocket/tests/hybi/handshake-fail-by-more-extensions-header-expected.txt:
• http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header-expected.txt:
  • Updated to pass with lowercase 'must not' in the failure reason.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-accept-expected.txt: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-accept.html: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-accept_wsh.py: Added.

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

• Test case for non-ASCII characters in new HTTP header Sec-WebSocket-Accept.

• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-extensions-expected.txt: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-extensions.html: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-extensions_wsh.py: Added.

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

• Test case for non-ASCII characters in new HTTP header Sec-WebSocket-Extensions.

• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-protocol-expected.txt: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-protocol.html: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-protocol_wsh.py: Added.

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

• Test case for non-ASCII characters in new HTTP header Sec-WebSocket-Protocol.

• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-status-line-expected.txt: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-status-line.html: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-status-line_wsh.py: Added.

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

• Test case for non-ASCII characters in HTTP status line.

• http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status-expected.txt: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status.html: Added.
• http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status_wsh.py: Added.

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

• Test case for null character in the middle of the HTTP status line.

• http/tests/websocket/tests/hybi/handshake-fail-by-prepended-null_wsh.py:

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

• This test case was changed to prepend a null character to the actual status line. Previously it used a WebSockets frame with a prepended null before the status line. The Python WebSockets lib uses non-ASCII characters in that frame which meant the test case hit the non-ASCII check before the null check. It was confusing to me that the description and intent of the test was to run with a null in the status line, not in a frame before the status line. I believe the changed test case better reflects the intention of the test.

• http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
• http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1.html: Added.
• http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1_wsh.py: Added.

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

• Test case for HTTP versions higher than 1.1.

• http/tests/websocket/tests/hybi/resources/status-404-without-body.php: Added.
  • To use with the error-event-ready-state-non-existent-url-with-server-responding-404.html test described above.

3:15 PM Changeset in webkit [198560] by mmaxfield@apple.com

• 9 edits
  2 adds in trunk

[RTL Scrollbars] Position: absolute divs are covered by vertical scrollbar
​https://bugs.webkit.org/show_bug.cgi?id=155533

Reviewed by Darin Adler.

Source/WebCore:

This patch changes the behavior of position: absolute elements when their
containing block has overflow: scroll in RTL scrollbar mode. Previously, we
were only adjusting the overflow calculation for such elements (but not
their position calculation). This patch updates the position calculation,
which automatically makes the overflow calculation work propertly, so the
old calculation is no longer necessary.

This patch also updates iframes to appropriately move their dirty rects
and their painting CTM by the scrollbar width when traversing frame
boundaries. This fixes all our existing RTL scrollbar RTL tests.

The RTL scrollbar tests are only marked as passing on certain OSes, so these
tests are transitioning from failing to passing in that other repository.

Test: fast/scrolling/rtl-scrollbars-positioning.html

fast/scrolling/rtl-scrollbars-overflow-elementFromPoint.html
fast/scrolling/rtl-scrollbars-overflow-position-absolute.html
fast/scrolling/rtl-scrollbars-iframe-offset.html
fast/scrolling/rtl-scrollbars-iframe-position-absolute.html
fast/scrolling/rtl-scrollbars-iframe-scrolled.html
fast/scrolling/rtl-scrollbars-iframe.html

• platform/ScrollView.cpp:

(WebCore::ScrollView::paint):
(WebCore::ScrollView::locationOfContents):

• platform/ScrollView.h:
• platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::repaintLayerDirtyRects):

• rendering/RenderBlock.cpp:

(WebCore::RenderBlock::addOverflowFromPositionedObjects):

• rendering/RenderBox.cpp:

(WebCore::RenderBox::computePositionedLogicalWidth):

• rendering/RenderView.cpp:

(WebCore::RenderView::repaintViewRectangle):

LayoutTests:

• TestExpectations:
• fast/scrolling/rtl-scrollbars-positioning-expected.html: Added.
• fast/scrolling/rtl-scrollbars-positioning.html: Added.

3:14 PM Changeset in webkit [198559] by peavo@outlook.com

• 16 edits
  1 delete in trunk

[Win] [64-bit] Remove MSVC 2013 FMA3 Bug Workaround
​https://bugs.webkit.org/show_bug.cgi?id=141499

Reviewed by Brent Fulgham.

As we have moved on to VS2015, this workaround is no longer needed.

Source/JavaScriptCore:

• API/tests/testapi.c:

(main):

• JavaScriptCore.vcxproj/jsc/DLLLauncherMain.cpp:

(wWinMain):

• jsc.cpp:

(main):

• testRegExp.cpp:

(main):

Source/WebKit/win:

• WebKitDLL.cpp:

(DllMain):

Source/WTF:

• wtf/PlatformWin.cmake:
• wtf/win/WTFDLL.cpp: Removed.

Tools:

• DumpRenderTree/cg/ImageDiffCG.cpp:

(main):

• DumpRenderTree/win/DumpRenderTree.cpp:

(main):

• DumpRenderTree/win/ImageDiffCairo.cpp:

(main):

• MiniBrowser/win/Common.cpp:

(DllMain):

• TestWebKitAPI/win/main.cpp:

(main):

• win/DLLLauncher/DLLLauncherMain.cpp:

(wWinMain):

3:13 PM Changeset in webkit [198558] by Ryan Haddad

• 2 edits in trunk/LayoutTests

Marking inspector/console/console-api.html as flaky on Mac
​https://bugs.webkit.org/show_bug.cgi?id=143719

Unreviewed test gardening.

• platform/mac/TestExpectations:

3:05 PM Changeset in webkit [198557] by Jon Davis

• 2 edits in trunk/Websites/webkit.org

Allow the use of custom styles and scripts for blog posts
​https://bugs.webkit.org/show_bug.cgi?id=155768

Reviewed by Timothy Hatcher.

• wp-content/themes/webkit/functions.php:

2:49 PM Changeset in webkit [198556] by Ryan Haddad

• 2 edits in trunk/LayoutTests

Fixing a typo in the Mac TestExpectations file.

Unreviewed test gardening.

• platform/mac/TestExpectations:

2:44 PM Changeset in webkit [198555] by timothy@apple.com

• 4 edits in trunk/Source/WebInspectorUI

Web Inspector: Consider Automation script names as internal and hide them

​https://bugs.webkit.org/show_bug.cgi?id=155753
rdar://problem/25293310

Reviewed by Joseph Pecoraro.

• UserInterface/Base/Utilities.js:

(isWebKitInternalScript): Renamed from isWebInspectorDebugScript.
Check for "Web" prefix and "" suffix.

• UserInterface/Controllers/DebuggerManager.js:

(WebInspector.DebuggerManager):
(WebInspector.DebuggerManager.prototype.get knownNonResourceScripts):
(WebInspector.DebuggerManager.prototype.reset):
(WebInspector.DebuggerManager.prototype.debuggerDidPause):
(WebInspector.DebuggerManager.prototype.scriptDidParse):
(WebInspector.DebuggerManager.prototype._debugUIEnabledDidChange):
Renamed _inspectorDebugScripts to _internalWebKitScripts. And renamed
isWebInspectorDebugScript to isWebKitInternalScript.

• UserInterface/Protocol/RemoteObject.js:

(WebInspector.RemoteObject.prototype.findFunctionSourceCodeLocation):
Renamed isWebInspectorDebugScript to isWebKitInternalScript.

2:42 PM Changeset in webkit [198554] by msaboff@apple.com

• 20 edits
  2 adds in trunk

[ES6] Implement RegExp.prototype[@@match]
​https://bugs.webkit.org/show_bug.cgi?id=155711

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

Implemented ES6 spec for String.prototype.match and RegExp.prototype[@@match].
Implemented both as builtins, with String.prototype.match calling
RegExp.prototype[@@match].

For performance reasons, RegExp.prototype[@@match] has a C++ fast path when
RegExp.prototype.exec has not been overridden. This fast path,
RegExpObject::matchGlobal, was taken from the prior StringPrototype::match.
It only handles global matches.

Added new test, stress/regexp-match.js.

Updated various tests for changes exception string and now passing ES6 behavior.

• CMakeLists.txt:
• DerivedSources.make:
• JavaScriptCore.xcodeproj/project.pbxproj:

Added builtins/RegExpPrototype.js and eliminated RegExpPrototype.lut.h.

• builtins/RegExpPrototype.js: Added.

(match.advanceStringIndexUnicode): Helper.
(match): Implements RegExp.prototype[@@match].

• builtins/StringPrototype.js:

(match): Implements String.prototype.match.

• bytecode/BytecodeIntrinsicRegistry.cpp:

(JSC::BytecodeIntrinsicRegistry::BytecodeIntrinsicRegistry):
(JSC::BytecodeIntrinsicRegistry::lookup):

• bytecode/BytecodeIntrinsicRegistry.h:
• runtime/CommonIdentifiers.h:

Added Symbol.match and builtins @match and @exec.

• runtime/RegExpObject.cpp:
• runtime/RegExpObject.h:
• runtime/RegExpObjectInlines.h:

(JSC::RegExpObject::matchGlobal): Added.
(JSC::RegExpObject::advanceStringUnicode): Added helper.

• runtime/RegExpPrototype.cpp:
• runtime/RegExpPrototype.h:

(JSC::RegExpPrototype::RegExpPrototype):
(JSC::RegExpPrototype::finishCreation):
(JSC::RegExpPrototype::visitChildren):
(JSC::regExpProtoFuncMatchPrivate):
(JSC::RegExpPrototype::getOwnPropertySlot): Deleted.
(JSC::RegExpPrototype::create):
Restructured to create properties explicitly due to having two names for native regExpProtoFuncExec.

• runtime/StringPrototype.cpp:

(JSC::StringPrototype::finishCreation):
Made match a builtin.
Removed unused declaration of stringProtoFuncSearch() since it was made a builtin.

• tests/es6.yaml:
• tests/stress/regexp-match.js: Added.

(shouldBe):
(shouldThrow):
(errorKey.toString):
(primitive.of.primitives.shouldThrow):
(testRegExpMatch):
(testMatch):
(testBoth):
(alwaysUnmatch):

LayoutTests:

Updated tests for exception string changes and added Symbol.match.

• js/Object-getOwnPropertyNames-expected.txt:
• js/dom/string-prototype-properties-expected.txt:
• js/script-tests/Object-getOwnPropertyNames.js:
• sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.10_String.prototype.match/S15.5.4.10_A1_T3-expected.txt:

2:31 PM Changeset in webkit [198553] by Antti Koivisto

• 3 edits in trunk/Source/WebCore

Non-const DocumentRuleSets::features() does not check default style version
​https://bugs.webkit.org/show_bug.cgi?id=155766

Reviewed by Andreas Kling.

This may leave it out of date when the default stylesheet expands.

No test, don't know how to hit this with current codebase. With some further optimizations
it starts affecting some tests involving UA media control stylesheets.

• css/DocumentRuleSets.h:

(WebCore::DocumentRuleSets::mutableFeatures):

Check the default style version number in non-const case too.

2:28 PM Changeset in webkit [198552] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Shift + Click on record button should create a new recording
​https://bugs.webkit.org/show_bug.cgi?id=155763

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-22
Reviewed by Timothy Hatcher.

• UserInterface/Views/TimelineTabContentView.js:

(WebInspector.TimelineTabContentView.prototype._recordButtonClicked):
Use the shiftKey from the DOM Event.

2:27 PM Changeset in webkit [198551] by dbates@webkit.org

• 4 edits
  4 adds in trunk

CSP: Should only execute <script> or apply <style> if its hash appears in all policies
​https://bugs.webkit.org/show_bug.cgi?id=155709
<rdar://problem/25263368>

Reviewed by Darin Adler.

Source/WebCore:

Fixes an issue where a <script>/<style> was allowed to execute/be applied if its hash is listed
in at least one Content Security Policy (CSP) delivered with the page. We should only execute/apply
such a script/stylesheet if its hash is listed in all CSPs delivered with the page.

Tests: http/tests/security/contentSecurityPolicy/1.1/scripthash-multiple-policies.html

http/tests/security/contentSecurityPolicy/1.1/stylehash-multiple-policies.html

• page/csp/ContentSecurityPolicy.cpp:

(WebCore::isAllowedByAllWithHash): Added. Checks if the specified hash is allowed by all policies.
(WebCore::isAllowedByAllWithHashFromContent): Modified to call WebCore::isAllowedByAllWithHash()
to determine if the <script>/<style> is allowed by all CSPs delivered with the page.

LayoutTests:

Add tests to ensure that we only execute/apply a <script>/<style> if its hash is listed in all CSPs
delivered with the page.

• TestExpectations: Mark added tests as PASS so that we run them.
• http/tests/security/contentSecurityPolicy/1.1/scripthash-multiple-policies-expected.txt: Added.
• http/tests/security/contentSecurityPolicy/1.1/scripthash-multiple-policies.html: Added.
• http/tests/security/contentSecurityPolicy/1.1/stylehash-multiple-policies-expected.html: Added.
• http/tests/security/contentSecurityPolicy/1.1/stylehash-multiple-policies.html: Added.

2:15 PM Changeset in webkit [198550] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Switching Away and Back to Timelines Tab may select a different Timeline
​https://bugs.webkit.org/show_bug.cgi?id=155742
<rdar://problem/25284330>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-22
Reviewed by Timothy Hatcher.

When switching to the Timeline tab, or switching recordings within the
the Timeline tab, the TimelineTabContentView does work to correctly
save/restore its view state.

When switching to the Timeline tab, the TimelineTabContentView correctly
restores the state of the tab, but when showing the RecordingContentView
the RecordingContentView restores its state from a stale cookie.

Since TimelineTabContentView already seems to handle correctly restoring
RecordingContentViews on its own. Removing the RecordingContentView's
implementation of save/restore made everything work as expected.

• UserInterface/Views/TimelineRecordingContentView.js:

(WebInspector.TimelineRecordingContentView.prototype.saveToCookie): Deleted.
(WebInspector.TimelineRecordingContentView.prototype.restoreFromCookie): Deleted.

1:56 PM Changeset in webkit [198549] by jer.noble@apple.com

• 3 edits in trunk/Source/WebCore

CRASH in WebCore::MediaResourceLoader::requestResource + 698
​https://bugs.webkit.org/show_bug.cgi?id=155651
<rdar://problem/25130582>

Reviewed by Eric Carlson.

No new tests, fixes existing tests running under GuardMalloc.

Protect against the Document passed into MediaResourceLoader being destroyed during the MediaResourceLoader's lifetime.

• loader/MediaResourceLoader.cpp:

(WebCore::MediaResourceLoader::MediaResourceLoader):
(WebCore::MediaResourceLoader::contextDestroyed):
(WebCore::MediaResourceLoader::requestResource):
(WebCore::MediaResource::responseReceived):

• loader/MediaResourceLoader.h:

1:29 PM Changeset in webkit [198548] by Matt Baker

• 6 edits in trunk/Source/WebInspectorUI

Web Inspector: remove the remaining TimelineSidebarPanel references
​https://bugs.webkit.org/show_bug.cgi?id=155765
<rdar://problem/25296980>

Reviewed by Timothy Hatcher.

Remove dead code from TimelineView and TimelineTabContentView.

• UserInterface/Views/OverviewTimelineView.js:

(WebInspector.OverviewTimelineView.prototype.canShowContentViewForTreeElement): Deleted.
(WebInspector.OverviewTimelineView.prototype.showContentViewForTreeElement): Deleted.

• UserInterface/Views/RenderingFrameTimelineView.js:

(WebInspector.RenderingFrameTimelineView.prototype.canShowContentViewForTreeElement): Deleted.
(WebInspector.RenderingFrameTimelineView.prototype.showContentViewForTreeElement): Deleted.

• UserInterface/Views/ScriptDetailsTimelineView.js:

(WebInspector.ScriptDetailsTimelineView.prototype.canShowContentViewForTreeElement): Deleted.
(WebInspector.ScriptDetailsTimelineView.prototype.showContentViewForTreeElement): Deleted.

• UserInterface/Views/TimelineTabContentView.js:

(WebInspector.TimelineTabContentView):

• UserInterface/Views/TimelineView.js:

(WebInspector.TimelineView.prototype.canShowContentViewForTreeElement): Deleted.
(WebInspector.TimelineView.prototype.showContentViewForTreeElement): Deleted.

1:21 PM Changeset in webkit [198547] by Beth Dakin

• 11 edits in trunk/Source

Advanced spell checking should be guarded behind
HAVE(ADVANCED_SPELL_CHECKING)
​https://bugs.webkit.org/show_bug.cgi?id=155738

Reviewed by Geoff Garen.

Source/WebCore:

• config.h:

(WebCore::ScrollableArea::systemLanguageIsRTL):

• platform/spi/mac/NSSpellCheckerSPI.h:

Source/WebKit/mac:

• WebCoreSupport/WebEditorClient.mm:

(insertionPointFromCurrentSelection):
(WebEditorClient::checkTextOfParagraph):
(WebEditorClient::getGuessesForWord):
(WebEditorClient::requestCandidatesForSelection):
(WebEditorClient::handleRequestedCandidates):
(WebEditorClient::requestCheckingOfString):

• WebKitPrefix.h:
• WebView/WebHTMLView.mm:

(-[WebHTMLView insertText:]):

Source/WebKit2:

• UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::requestCandidatesForSelectionIfNeeded):
(WebKit::WebViewImpl::handleRequestedCandidates):
(WebKit::WebViewImpl::insertText):

• UIProcess/mac/TextCheckerMac.mm:

(WebKit::TextChecker::checkTextOfParagraph):
(WebKit::TextChecker::getGuessesForWord):

• config.h:

12:39 PM Changeset in webkit [198546] by ggaren@apple.com

• 4 edits
  2 deletes in trunk/PerformanceTests

MallocBench: consolidate regression testing for aligned allocation
​https://bugs.webkit.org/show_bug.cgi?id=155762

Reviewed by Michael Saboff.

• MallocBench/MallocBench.xcodeproj/project.pbxproj:
• MallocBench/MallocBench/Benchmark.cpp:
• MallocBench/MallocBench/memalign.cpp: Removed.
• MallocBench/MallocBench/memalign.h: Removed. The stress_aligned test

covers this and much more.

• MallocBench/MallocBench/stress_aligned.cpp:

(benchmark_stress_aligned): Include specific tests for extreme sizes
and alignments.

12:39 PM Changeset in webkit [198545] by ggaren@apple.com

• 5 edits in trunk/Source/bmalloc

bmalloc: shrink largeMax
​https://bugs.webkit.org/show_bug.cgi?id=155759

Reviewed by Michael Saboff.

If a largeChunk contains N bytes and we allocate objects of size
N / 2 + 8 bytes, then we waste 50% of physical memory at peak.

This patch sets largeMax to N / 2, reducing maximum waste to 25%.

• bmalloc/BoundaryTag.h:
• bmalloc/LargeChunk.h:

(bmalloc::LargeChunk::LargeChunk):

• bmalloc/SegregatedFreeList.cpp:

(bmalloc::SegregatedFreeList::SegregatedFreeList):
(bmalloc::SegregatedFreeList::insert): Honor largeMax vs largeObjectMax.

• bmalloc/Sizes.h: Distinguish between the largest thing we can store

in a free list (largeObjectMax) and the largest thing we're willing to
allocate (largeMax).

12:21 PM Changeset in webkit [198544] by Chris Dumez

• 2 edits in trunk/Source/WebKit2

Add a setting to let the client toggle support for network cache speculative validation
​https://bugs.webkit.org/show_bug.cgi?id=155622
<rdar://problem/25233209>

Reviewed by Antti Koivisto.

Copy new m_diskCacheSpeculativeValidationEnabled member introduced
in r198470 in ProcessPoolConfiguration::copy().

• UIProcess/API/APIProcessPoolConfiguration.cpp:

(API::ProcessPoolConfiguration::copy):

12:17 PM Changeset in webkit [198543] by n_wang@apple.com

• 5 edits in trunk

AX: Change "dialog" role description to "web dialog" so users can distinguish from native alerts
​https://bugs.webkit.org/show_bug.cgi?id=154292

Reviewed by Chris Fleizach.

Source/WebCore:

Changed role descriptions for "dialog" and "alert dialog" roles as required.

No new tests needed.

• English.lproj/Localizable.strings:

LayoutTests:

• platform/mac-mavericks/accessibility/roles-exposed-expected.txt:
• platform/mac/accessibility/roles-exposed-expected.txt:

12:12 PM Changeset in webkit [198542] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

Add null check in CachedResourceLoader::determineRevalidationPolicy
​https://bugs.webkit.org/show_bug.cgi?id=155758
rdar://problem/25108408

Patch by Alex Christensen <​achristensen@webkit.org> on 2016-03-22
Reviewed by Jer Noble.

• loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::frame):
(WebCore::CachedResourceLoader::determineRevalidationPolicy):
Null-check frame() before dereferencing it.

12:09 PM FiveYearPlanFall2015 edited by Simon Fraser

(diff)

12:08 PM Changeset in webkit [198541] by dbates@webkit.org

• 8 edits in trunk

CSP: Check inline event handlers on each run, not only the first
​https://bugs.webkit.org/show_bug.cgi?id=115700
<rdar://problem/24211159>

Reviewed by Andy Estes.

Source/WebCore:

Fixes an issue where an inline event handler would always be allowed to execute if it
executed at least once.

Currently we query whether the Content Security Policy (CSP) of the page permits inline event
handlers each time we register a new handler for an event. And a handler is registered exactly
once the first time the event associated with it is dispatched. Once a handler is registered
as a listener for an event E then we will always invoke the handler when event E is dispatched
regardless of whether the CSP of the page changes (say, as a result of programmatically inserting
a <meta http-equiv="Content-Security-Policy">). Instead we should always check the
CSP of the page whenever we are going to invoke an event handler.

• bindings/js/JSEventListener.cpp:

(WebCore::JSEventListener::handleEvent): Check the CSP of the page and bail out if the
policy does not permit execution of an inline event handler.

• bindings/js/JSEventListener.h:

(WebCore::JSEventListener::sourceURL): Added. Default implementation that returns an empty string.
(WebCore::JSEventListener::sourcePosition): Added. Default implementation that returns a default position.

• bindings/js/JSLazyEventListener.cpp:

(WebCore::JSLazyEventListener::JSLazyEventListener): Update code following instance variable
renaming in JSLazyEventListener.h.
(WebCore::JSLazyEventListener::initializeJSFunction): Ditto.

• bindings/js/JSLazyEventListener.h: Override JSEventListener::sourceURL() and JSEventListener::sourcePosition().

Changed all mutable instance variables to immutable ones as we do not modify these variables
in any const member functions. Also renamed instance variable m_position to m_sourcePosition
to better describe that it represents the source code position where the event handler was defined.

LayoutTests:

Update expected result for test http/tests/security/contentSecurityPolicy/inline-event-handler-blocked-after-injecting-meta.html
and remove its entry from file LayoutTests/TestExpectations now that it passes.

• TestExpectations:
• http/tests/security/contentSecurityPolicy/inline-event-handler-blocked-after-injecting-meta-expected.txt:

11:53 AM FiveYearPlanFall2015 edited by Simon Fraser

(diff)

11:28 AM Changeset in webkit [198540] by Ryan Haddad

• 2 edits in trunk/LayoutTests

Skipping media/media-document-audio-repaint.html on El Capitan Debug WK2
​https://bugs.webkit.org/show_bug.cgi?id=155757

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

11:08 AM Changeset in webkit [198539] by bshafiei@apple.com

• 3 edits
  1 copy in tags/Safari-602.1.25/Source/WebKit2

Roll out r198352. rdar://problem/25203492

11:03 AM Changeset in webkit [198538] by jer.noble@apple.com

• 2 edits
  2 adds in trunk

Media elements allowed to play without a user gesture, but requiring fullscreen playback, should not be allowed to autoplay.
​https://bugs.webkit.org/show_bug.cgi?id=155599

Reviewed by Darin Adler.

Test: media/video-autoplay-allowed-but-fullscreen-required.html

Entering fullscreen should always require a user gesture.

• html/MediaElementSession.cpp:

(WebCore::MediaElementSession::playbackPermitted):

10:59 AM Changeset in webkit [198537] by Matt Baker

• 11 edits
  1 add in trunk/Source/WebInspectorUI

Web Inspector: Timelines UI redesign: Provide a way to configure which instruments to use
​https://bugs.webkit.org/show_bug.cgi?id=153672
<rdar://problem/24417575>

Reviewed by Timothy Hatcher.

Adds UI for configuring a timeline recording's instrument list. TimelineManager
maintains the list of supported timeline types, and tracks the subset
of user-configured timelines which are used to create the instrument list
that is passed to new recordings.

• Localizations/en.lproj/localizedStrings.js:

New strings for "Edit" Timelines button.

• UserInterface/Controllers/TimelineManager.js:

(WebInspector.TimelineManager):
Added setting for user-configured (enabled) timeline types.
Initialized to the default timeline types.

(WebInspector.TimelineManager.defaultTimelineTypes):
(WebInspector.TimelineManager.availableTimelineTypes):
Get the list of all supported timeline types, which is a superset
of the list of default timeline types.

(WebInspector.TimelineManager.prototype.get enabledTimelineTypes):
(WebInspector.TimelineManager.prototype.set enabledTimelineTypes):
List of user-configured timeline types, backed by a Setting.
(WebInspector.TimelineManager.prototype._loadNewRecording):
Create new recordings with the current user-configured instrument list.
(WebInspector.TimelineManager.defaultInstruments): Deleted.
Renamed defaultTimelineTypes.

• UserInterface/Main.html:

New class, TimelineTreeElement.

• UserInterface/Models/Instrument.js:

(WebInspector.Instrument.createForTimelineType):
Factory method for creating Instruments.

• UserInterface/Models/TimelineRecording.js:

(WebInspector.TimelineRecording):
Replace fixed instrument list with TimelineManager's list.
(WebInspector.TimelineRecording.prototype.instrumentForTimeline):
Get the instrument in the recording for a given timeline.
(WebInspector.TimelineRecording.prototype.addInstrument):
(WebInspector.TimelineRecording.prototype.removeInstrument):
Drive-by syntax error fixes: Array.prototype.contains doesn't exist.

• UserInterface/Views/TimelineOverview.css:

(.timeline-overview > .navigation-bar.timelines):
(.navigation-bar.timelines .item.button.toggle-edit-instruments:not(.disabled):matches(:focus, .activate.activated, .radio.selected)):
(.navigation-bar.timelines .item.button.toggle-edit-instruments:not(.disabled):active:matches(:focus, .activate.activated, .radio.selected)):
(.navigation-bar.timelines .item.button.toggle-edit-instruments.disabled):
(.navigation-bar.timelines .toggle-edit-instruments:not(.disabled):active):
(.timeline-overview > .tree-outline.timelines):
(.timeline-overview.edit-instruments > .tree-outline.timelines):
(.timeline-overview.edit-instruments > .tree-outline.timelines .item.selected):
(.timeline-overview > .tree-outline.timelines input[type=checkbox].status-button):
(.timeline-overview.frames > :matches(.tree-outline.timelines, .navigation-bar.timelines)):
(.timeline-overview > .tree-outline.timelines::before): Deleted.
(.timeline-overview.frames > .tree-outline.timelines): Deleted.
Styles for the "Edit" navigation bar above the timelines tree outline,
and tree element styles for showing checkboxes and hiding the current
selection while in edit mode.

• UserInterface/Views/TimelineOverview.js:

(WebInspector.TimelineOverview):
Create "Edit" button and navigation bar and add event handlers for
capturing events, so that timeline editing can be closed and
disabled when capturing begins.

(WebInspector.TimelineOverview.prototype.set selectedTimeline):
Prevent timeline selection while in edit mode.
(WebInspector.TimelineOverview.prototype.get editingInstruments):
(WebInspector.TimelineOverview.prototype.set viewMode):
Prevent view mode change while in edit mode.

(WebInspector.TimelineOverview.prototype._instrumentAdded):
Create a TimelineTreeElement, and insert into the tree outline and graph
container in sorted order instead of appending timeline elements.

(WebInspector.TimelineOverview.prototype._toggleEditingInstruments):
Handler for Edit button click event.
(WebInspector.TimelineOverview.prototype._editingInstrumentsDidChange):
Update UI in response to editing mode change: toggle CSS, enable/disable
the timeline ruler and wheel/gesture events, and update Edit button appearance.

(WebInspector.TimelineOverview.prototype._updateEditInstrumentsButton):
Update label text and button state.
(WebInspector.TimelineOverview.prototype._updateWheelAndGestureHandlers):
Add/remove event handlers based on editing state.

(WebInspector.TimelineOverview.prototype._startEditingInstruments):
Enable edit mode UI. Placeholder elements are added for timelines that
aren't included in the recording, and all tree elements have checkboxes
for toggling their associated timelines.

(WebInspector.TimelineOverview.prototype._stopEditingInstruments):
Disable edit mode UI. Unchecked instruments are first removed from the
recording, then placeholder tree elements are removed, and their instruments
added, as needed. TimelineManager's list of user-configured timeline types
is then updated.

(WebInspector.TimelineOverview.prototype._capturingStarted):
(WebInspector.TimelineOverview.prototype._capturingStopped):
Enable/disable the Edit button. Quit editing mode when capturing starts.
(WebInspector.TimelineOverview.prototype._compareTimelineTreeElements):
Special sorting for the timelines tree outline. The sort order is:

1. Instruments that are in the recording, except Rendering Frames.
2. Instruments that aren't in the recording (placeholders).
3. Rendering Frames.

Timelines in groups 1 & 2 are sorted based on the order of the list returned
by TimelineManager.availableTimelineTypes(). The Rendering Frames tree
element must be last, since it's always hidden and would otherwise interfere
with the alternating tree element CSS styles.

• UserInterface/Views/TimelineRecordingContentView.css:

(.content-view.timeline-recording.edit-instruments > .timeline-overview):
(.content-view.timeline-recording.edit-instruments > .content-browser):
Hide lower content browser and extend timelines tree height in edit mode.

• UserInterface/Views/TimelineRecordingContentView.js:

(WebInspector.TimelineRecordingContentView):
Listen for edit mode changes on TimelineOverview.
(WebInspector.TimelineRecordingContentView.prototype.contentBrowserTreeElementForRepresentedObject):
(WebInspector.TimelineRecordingContentView.prototype._updateTimelineOverviewHeight):
When in edit mode, remove inline style rule for TimelineOverview height.
(WebInspector.TimelineRecordingContentView.prototype._instrumentAdded):
(WebInspector.TimelineRecordingContentView.prototype._editingInstrumentsDidChange):
Update CSS and TimelineOverview height when edit mode changes.
(WebInspector.TimelineRecordingContentView.prototype.get timelineOverviewHeight): Deleted.
No longer used.

• UserInterface/Views/TimelineTabContentView.js:

(WebInspector.TimelineTabContentView.displayNameForTimelineType):
(WebInspector.TimelineTabContentView.iconClassNameForTimelineType):
(WebInspector.TimelineTabContentView.genericClassNameForTimelineType):
(WebInspector.TimelineTabContentView.displayNameForTimeline): Deleted.
(WebInspector.TimelineTabContentView.iconClassNameForTimeline): Deleted.
(WebInspector.TimelineTabContentView.genericClassNameForTimeline): Deleted.
Helper functions now take a timeline type instead of a timeline object.

• UserInterface/Views/TimelineTreeElement.js: Added.

New tree element class to encapsulate behavior specific to the timelines
tree outline, such as status element changes and disabling selection
when editing.

(WebInspector.TimelineTreeElement):
(WebInspector.TimelineTreeElement.prototype.get placeholder):
(WebInspector.TimelineTreeElement.prototype.get editing):
(WebInspector.TimelineTreeElement.prototype.set editing):
(WebInspector.TimelineTreeElement.prototype._showCloseButton):
(WebInspector.TimelineTreeElement.prototype._showCheckbox):
(WebInspector.TimelineTreeElement.prototype._updateStatusButton):

10:58 AM Changeset in webkit [198536] by bshafiei@apple.com

• 5 edits in trunk/Source

Versioning.

10:56 AM Changeset in webkit [198535] by bshafiei@apple.com

• 1 copy in tags/Safari-602.1.25

New tag.

10:49 AM Changeset in webkit [198534] by Yusuke Suzuki

• 2 edits in trunk/Tools

[JSC] ASMBench cannot be run without JSBENCH_PATH
​https://bugs.webkit.org/show_bug.cgi?id=155751

Reviewed by Saam Barati.

Check ASMBENCH_PATH instead of JSBENCH_PATH for ASMBench files.

• Scripts/run-jsc-benchmarks:

10:30 AM Changeset in webkit [198533] by Ryan Haddad

• 2 edits in trunk/LayoutTests

Marking perf/document-contains.html as flaky on ios-simulator-wk2
​https://bugs.webkit.org/show_bug.cgi?id=155755

Unreviewed test gardening.

• platform/ios-simulator-wk2/TestExpectations:

10:26 AM Changeset in webkit [198532] by commit-queue@webkit.org

• 6 edits in trunk/Source

[GTK] WebInspector broken after r197620
​https://bugs.webkit.org/show_bug.cgi?id=155497
<rdar://problem/25171910>

Patch by Carlos Garcia Campos <​cgarcia@igalia.com> on 2016-03-22
Reviewed by Philippe Normand.

Source/WebCore:

Add resource scheme to the list of secure protocols.

• platform/SchemeRegistry.cpp:

(WebCore::secureSchemes):

Source/WebKit2:

Stop registering resource:// URLs as local, because they are not
like a local file at all. Compare also the URL protocols when
checking whether requested URL is main or test inspector page
instead of checking that the protocol is registered as local.

• UIProcess/WebInspectorProxy.cpp:

(WebKit::isMainOrTestInspectorPage): Compare also the URL protocols.

• UIProcess/WebInspectorProxy.h:
• UIProcess/gtk/WebInspectorProxyGtk.cpp:

(WebKit::WebInspectorProxy::platformCreateInspectorPage): Do not
set setAllowFileAccessFromFileURLs setting to true.

• UIProcess/gtk/WebProcessPoolGtk.cpp:

(WebKit::WebProcessPool::platformInitializeWebProcess): Do not
register resource:// URLS as local.

10:01 AM Changeset in webkit [198531] by commit-queue@webkit.org

• 5 edits
  1 add in trunk/Source/JavaScriptCore

[JSC] allow duplicate property names returned from Proxy ownKeys() trap
​https://bugs.webkit.org/show_bug.cgi?id=155560

Patch by Caitlin Potter <​caitp@igalia.com> on 2016-03-22
Reviewed by Darin Adler.

Specification allows duplicate property names to be reported by the
Proxy ownKeys() trap --- and this is observable in any API which
operates on the returned list, such as Object.keys(),
Object.getOwnPropertyNames(), Object.getOwnPropertySymbols(), or
Object.getOwnPropertyDescriptors().

• runtime/PropertyNameArray.h:

(JSC::PropertyNameArray::addUnchecked):
(JSC::PropertyNameArray::add):
(JSC::PropertyNameArray::addKnownUnique): Deleted.

• runtime/ProxyObject.cpp:

(JSC::ProxyObject::performGetOwnPropertyNames):

• runtime/Structure.cpp:

(JSC::Structure::getPropertyNamesFromStructure):

9:02 AM Changeset in webkit [198530] by Brent Fulgham

• 4 edits in trunk

Source/WebCore:
SharedBuffer::copy() can cause a segmentation fault.
​https://bugs.webkit.org/show_bug.cgi?id=155739

Reviewed by Ryosuke Niwa.

Based on a Blink patch by Huang Dongsung <​luxtella@company100.net>.
<​https://src.chromium.org/viewvc/blink?revision=153850&view=revision>

After SharedBuffer::copy(), SharedBuffer::append() can cause segmentation fault,
because copy() calls clone->m_buffer.append(m_segments[i], segmentSize) even if
'i' is the last index. The data size of m_segments.last() is often less than
segmentSize. So, in the cloned instance m_size < (m_buffer.size() + SUM(m_segments[i].size())).
This patch appends the exact size of the last segment instead of segmentSize.

Tested by TestWebKitAPI SharedBufferTest::copy

• platform/SharedBuffer.cpp:

(SharedBuffer::copy):

Tools:
[Win] SharedBuffer::copy() can cause a segmentation fault.
​https://bugs.webkit.org/show_bug.cgi?id=155739

Reviewed by Ryosuke Niwa.

• TestWebKitAPI/PlatformWin.cmake: Build and run the

SharedBuffer tests.

8:29 AM Changeset in webkit [198529] by Csaba Osztrogonác

• 5 edits in trunk/Tools

[buildbot] Move ARM Linux bots to JSCOnly port
​https://bugs.webkit.org/show_bug.cgi?id=155655

Reviewed by Lucas Forschler.

• BuildSlaveSupport/build.webkit.org-config/config.json:
• BuildSlaveSupport/build.webkit.org-config/master.cfg:

(ConfigureBuild.init):
(appendCustomBuildFlags):
(CompileJSCOnly):
(Factory.init):
(BuildAndRemoteJSCTestsFactory):
(BuildAndRemoteJSCTestsFactory.init):

• BuildSlaveSupport/build.webkit.org-config/mastercfg_unittest.py:
• BuildSlaveSupport/clean-build:

(main):

7:27 AM Changeset in webkit [198528] by eric.carlson@apple.com

• 3 edits
  1 add in trunk/LayoutTests

[OSX] Rebase media/media-document-audio-repaint.html
​https://bugs.webkit.org/show_bug.cgi?id=155733

Reviewed by Darin Adler.

• platform/mac/TestExpectations:
• platform/mac/media/media-document-audio-repaint-expected.png:
• platform/mac/media/media-document-audio-repaint-expected.txt: Added.

6:47 AM Changeset in webkit [198527] by berto@igalia.com

• 33 edits in trunk/Source

Source/ThirdParty/ANGLE:
Unreviewed typo fix.

• src/compiler/translator/InfoSink.cpp:

(TInfoSinkBase::prefix): "UNKOWN" => "UNKOWN".

Source/WebCore:
Unreviewed typo fix.

• platform/gtk/LocalizedStringsGtk.cpp:

(WebCore::textTrackAutomaticMenuItemText): "choosen" => "chosen"

Source/WebCore/platform/gtk/po:
Unreviewed typo fix "choosen" => "chosen"

• as.po:
• bg.po:
• ca.po:
• de.po:
• en_GB.po:
• es.po:
• fr.po:
• gl.po:
• gu.po:
• he.po:
• hi.po:
• it.po:
• ja.po:
• kn.po:
• mr.po:
• nl.po:
• or.po:
• pl.po:
• pt_BR.po:
• sl.po:
• sv.po:
• ta.po:
• te.po:
• tr.po:

Source/WebKit2:
Unreviewed typo fixes.

• Shared/linux/WebMemorySamplerLinux.cpp:

(WebKit::WebMemorySampler::sampleWebKit): "Commited" => "Committed"

• UIProcess/API/gtk/WebKitFileChooserRequest.cpp:

(webkit_file_chooser_request_select_files): "choosen" => "chosen"

• UIProcess/API/gtk/WebKitUserMediaPermissionRequest.cpp:

(webkit_user_media_permission_request_class_init): "Wether" => "Whether"

6:22 AM Changeset in webkit [198526] by Carlos Garcia Campos

• 13 edits in trunk/Source/WebKit2

Remove unused display and scroll view methods from PageClient and WebPageProxy
​https://bugs.webkit.org/show_bug.cgi?id=155744

Reviewed by Andreas Kling.

We have displayView(), canScrollView() and scrollView() that are
used by DrawingAreaProxyImpl which is only used by GTK+ port that
doesn't implement those methods.

• UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::displayView): Deleted.
(WebKit::PageClientImpl::scrollView): Deleted.

• UIProcess/API/gtk/PageClientImpl.h:
• UIProcess/DrawingAreaProxyImpl.cpp:

(WebKit::DrawingAreaProxyImpl::incorporateUpdate): Update the
whole view when scrolling, or the damage area otherwise.

• UIProcess/PageClient.h:
• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::displayView): Deleted.
(WebKit::WebPageProxy::canScrollView): Deleted.
(WebKit::WebPageProxy::scrollView): Deleted.

• UIProcess/WebPageProxy.h:
• UIProcess/efl/WebView.cpp:

(WebKit::WebView::displayView): Deleted.
(WebKit::WebView::scrollView): Deleted.

• UIProcess/efl/WebView.h:
• UIProcess/ios/PageClientImplIOS.h:
• UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::displayView): Deleted.
(WebKit::PageClientImpl::canScrollView): Deleted.
(WebKit::PageClientImpl::scrollView): Deleted.

• UIProcess/mac/PageClientImpl.h:
• UIProcess/mac/PageClientImpl.mm:

(WebKit::PageClientImpl::displayView): Deleted.
(WebKit::PageClientImpl::canScrollView): Deleted.
(WebKit::PageClientImpl::scrollView): Deleted.

2:44 AM Changeset in webkit [198525] by zandobersek@gmail.com

• 5 edits in trunk/Source/WebKit2

[CoordinatedGraphics] Polish std::function<> usage in ThreadedCompositor, CoordinatedGraphicsScene
​https://bugs.webkit.org/show_bug.cgi?id=155726

Reviewed by Darin Adler.

Adjust the methods in ThreadedCompositor and CoordinatedGraphicsScene
classes to accept std::function<> arguments via rvalue references. This
should prevent both unnecessary copies and moves.

Fix lambda expressions that are most commonly used to construct the
std::function<> objects so that they don't capture-by-value by default,
but instead list the captured values verbosely. This part alone exposed
an issue in ThreadedCompositor::didChangeVisibleRect() where we were
capturing the `this' value by default, instead of a protector RefPtr.

• Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:

(WebKit::CoordinatedGraphicsScene::dispatchOnMainThread):
(WebKit::CoordinatedGraphicsScene::dispatchOnClientRunLoop):
(WebKit::CoordinatedGraphicsScene::paintToCurrentGLContext):
(WebKit::CoordinatedGraphicsScene::onNewBufferAvailable):
(WebKit::CoordinatedGraphicsScene::commitSceneState):
(WebKit::CoordinatedGraphicsScene::purgeGLResources):
(WebKit::CoordinatedGraphicsScene::commitScrollOffset):
(WebKit::CoordinatedGraphicsScene::appendUpdate):
(WebKit::CoordinatedGraphicsScene::setActive):

• Shared/CoordinatedGraphics/CoordinatedGraphicsScene.h:
• Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::CompositingRunLoop::CompositingRunLoop):
(WebKit::CompositingRunLoop::callOnCompositingRunLoop):
(WebKit::ThreadedCompositor::setNeedsDisplay):
(WebKit::ThreadedCompositor::setNativeSurfaceHandleForCompositing):
(WebKit::ThreadedCompositor::setDeviceScaleFactor):
(WebKit::ThreadedCompositor::didChangeViewportSize):
(WebKit::ThreadedCompositor::didChangeViewportAttribute):
(WebKit::ThreadedCompositor::didChangeContentsSize):
(WebKit::ThreadedCompositor::scrollTo):
(WebKit::ThreadedCompositor::scrollBy):
(WebKit::ThreadedCompositor::didChangeVisibleRect):
(WebKit::ThreadedCompositor::callOnCompositingThread):

• Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:

2:38 AM Changeset in webkit [198524] by Carlos Garcia Campos

• 1 copy in releases/WebKitGTK/webkit-2.12.0

WebKitGTK+ 2.12.0

2:37 AM Changeset in webkit [198523] by Carlos Garcia Campos

• 4 edits in releases/WebKitGTK/webkit-2.12

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.12.0 release.

.:

• Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit2:

• gtk/NEWS: Add release notes for 2.12.0.

12:28 AM Changeset in webkit [198522] by zandobersek@gmail.com

• 3 edits in trunk/Source/WebKit2

[CoordinatedGraphics] Prefer RunLoop::main().dispatch() over callOnMainThread()
​https://bugs.webkit.org/show_bug.cgi?id=155725

Reviewed by Darin Adler.

Unify the CoordinatedGraphics code in the WebKit2 layer to use RunLoop
for dispatching tasks on either the main thread or the composition thread
in case of using the threaded compositor. The latter is already the default,
so this patch just replaces calls to callOnMainThread() with calls to
RunLoop::main().dispatch().

• Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:

(WebKit::CoordinatedGraphicsScene::dispatchOnMainThread):

• Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::didChangeVisibleRect):

12:26 AM Changeset in webkit [198521] by zandobersek@gmail.com

• 2 edits in trunk/Source/WebCore

[TextureMapper] Destructing TextureMapperLayer should clean up its effect target
​https://bugs.webkit.org/show_bug.cgi?id=155718

Reviewed by Darin Adler.

TextureMapperLayer destructor should, in case of non-null effect target,
null out the effect target's mask and replica layer pointers if those
pointers point to the TextureMapperLayer object that's being destroyed,
avoiding use-after-free occurrences.

• platform/graphics/texmap/TextureMapperLayer.cpp:

(WebCore::TextureMapperLayer::~TextureMapperLayer):

12:21 AM Changeset in webkit [198520] by zandobersek@gmail.com

• 2 edits in trunk/Source/WebCore

[TexMap] Shrink-to-fit the CompositingCoordinator's update atlases vector after cleanup
​https://bugs.webkit.org/show_bug.cgi?id=155719

Reviewed by Carlos Garcia Campos.

Shrink the Vector object containing the cached UpdateAtlas objects
after the inactive ones are removed. This way the capacity of the
Vector is kept under control, preventing unnecessary waste of memory.

• platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:

(WebCore::CompositingCoordinator::releaseInactiveAtlasesTimerFired):

Mar 21, 2016:

8:48 PM Changeset in webkit [198519] by Joseph Pecoraro

• 2 edits in trunk/LayoutTests

Skip HeapSnapshot test on WebKit1. Shared VM skews the data.

Rubber-stamped by Timothy Hatcher.

In this case, snapshots with snapshots with snapshots in the same VM
causes the test to run out of memory. This does not happen in WebKit2.

• platform/mac-wk1/TestExpectations:

7:58 PM Changeset in webkit [198518] by rniwa@webkit.org

• 4 edits in trunk/Websites/perf.webkit.org

Commit log viewer repaints too frequently after r198499
​https://bugs.webkit.org/show_bug.cgi?id=155732

Reviewed by Joseph Pecoraro.

The bug was caused by InteractiveTimeSeriesChart invoking onchange callback whenever mouse moved even
if the current point didn't change. Fixed the bug by avoiding the work if the indicator hadn't changed
and avoiding work in the commit log viewer when the requested repository and the revision range were
the same as those of the last request.

• public/v3/components/commit-log-viewer.js:

(CommitLogViewer):
(CommitLogViewer.prototype.currentRepository): Exit early when repository and the revision range are
identical to the one we already have to avoid repaints and issuing multiple network requests.

• public/v3/components/interactive-time-series-chart.js:

(InteractiveTimeSeriesChart.prototype._mouseMove): Don't invoke _notifyIndicatorChanged if the current
indicator hadn't changed.

• public/v3/pages/chart-pane.js:

(ChartPane.prototype._indicatorDidChange): Fixed the bug that unlocking the indicator wouldn't update
the URL. We need to check whether the lock state had changed. The old condition was also redundant
since _mainChartIndicatorWasLocked is always identically equal to isLocked per the prior assignment.

6:53 PM Changeset in webkit [198517] by matthew_hanson@apple.com

• 5 edits in tags/Safari-601.6.12/Source

Versioning

6:47 PM Changeset in webkit [198516] by matthew_hanson@apple.com

• 5 edits in tags/Safari-601.1.46.122/Source

Versioning.

6:39 PM Changeset in webkit [198515] by matthew_hanson@apple.com

• 5 edits in branches/safari-601.1.46-branch/Source

Versioning.

6:36 PM Changeset in webkit [198514] by matthew_hanson@apple.com

• 5 edits in branches/safari-601-branch/Source

Versioning.

6:35 PM Changeset in webkit [198513] by Yusuke Suzuki

• 2 edits in trunk/Source/JavaScriptCore

[JSC] Clean up Math.floor thunk and use SSE round instruction
​https://bugs.webkit.org/show_bug.cgi?id=155705

Reviewed by Geoffrey Garen.

SSE now allow us to use round instruction to implement Math.floor.
MacroAssembler's floorDouble is now only used in ARM64, but it can be allowed in x86 SSE.

• jit/ThunkGenerators.cpp:

(JSC::floorThunkGenerator):

6:21 PM Changeset in webkit [198512] by matthew_hanson@apple.com

• 1 copy in tags/Safari-601.1.46.122

New Tag.

5:51 PM Changeset in webkit [198511] by Matt Baker

• 3 edits
  1 add in trunk/Source/WebInspectorUI

Web Inspector: New icon for Heap Allocations timeline
​https://bugs.webkit.org/show_bug.cgi?id=155731
<rdar://problem/25275494>

Reviewed by Joseph Pecoraro and Timothy Hatcher.

• UserInterface/Images/HeapAllocationsInstrument.svg: Added.

New artwork from Jon Davis.

• UserInterface/Views/TimelineIcons.css:

(.heap-allocations-icon .icon):
(body:not(.mac-platform, .windows-platform) .memory-icon .icon):
(body:not(.mac-platform, .windows-platform) .heap-allocations-icon .icon):
New icon styles/fallbacks for GTK.

• UserInterface/Views/TimelineTabContentView.js:

(WebInspector.TimelineTabContentView.iconClassNameForTimeline):
Add new icon class to UI helper method.

5:51 PM Changeset in webkit [198510] by matthew_hanson@apple.com

• 1 copy in tags/Safari-601.6.12

New Tag.

5:30 PM Changeset in webkit [198509] by jonlee@apple.com

• 14 edits
  2 copies
  2 deletes in trunk/PerformanceTests

Update benchmark tests
​https://bugs.webkit.org/show_bug.cgi?id=155723

Reviewed by Darin Adler.
Provisionally reviewed by Said Abou-Hallawa.

Add quadratic and bezier segments to the canvas path test.

• Animometer/resources/runner/tests.js: Some of the query strings are unnecessary.

Rename the test.

• Animometer/tests/master/resources/canvas-stage.js:

(tune): Update to be able to take an array of possible constructors. Choose one randomly.

• Animometer/tests/master/resources/canvas-tests.js:

(CanvasLinePoint.Utilities.createClass): Move the point selection out to a separate
function called randomPoint() for reuse. Move X_LOOPS, Y_LOOPS, and offsets into the
class definition.
(randomPoint): Scale the grid down a little bit so that the lines along the edge of the
canvas are not cut off when the stroke size is thick.
(CanvasQuadraticSegment): Added.
(CanvasBezierSegment): Added.
(SimpleCanvasStage): Pass in an array of the different segment types. Since line segments
are short compared to the curved ones, make it twice as likely to render a line segment.
(SimpleCanvasStage.animate): Update the drawing code so that we render all line segments.

Add a helper method that selects a random element from an array.

• Animometer/tests/resources/main.js:

(Stage.randomElementInArray): Select a random element from the provided array.

• Animometer/tests/bouncing-particles/resources/bouncing-tagged-images.js: Refactor.
• Animometer/tests/dom/resources/leaves.js: Ditto.
• Animometer/tests/master/resources/dom-particles.js: Ditto.
• Animometer/tests/master/resources/image-data.js: Ditto.
• Animometer/tests/master/resources/leaves.js: Ditto.
• Animometer/tests/simple/resources/simple-canvas-paths.js: Ditto.

Add canvas tests that includes all stroke and fill paths. This makes it possible to avoid having to
include the full simple canvas suite for perf testing.

• Animometer/resources/debug-runner/tests.js: Add new tests. Move the canvas test into the Canvas

suite.

• Animometer/tests/simple/resources/simple-canvas-paths.js: Add a CanvasStroke and CanvasFill particle

that random selects an object to render.

• Animometer/resources/debug-runner/tests.js: Move 3D suite before basic canvas suite.

When updating the perf bot script, we will include the suites up to this one, but exclude
the basic canvas suite.

Move compositing transforms test to HTML suite and remove the empty Miscellaneous suite.

• Animometer/resources/debug-runner/tests.js:
• Animometer/tests/dom/compositing-transforms.html: Renamed from PerformanceTests/Animometer/tests/misc/compositing-transforms.html.
• Animometer/tests/dom/resources/compositing-transforms.js: Renamed from PerformanceTests/Animometer/tests/misc/resources/compositing-transforms.js.

Clean up miscellaneous test suite. Add a canvas ellipse test, and remove the other
canvas tests.

• Animometer/resources/debug-runner/tests.js: Add ellipse tests to the simple suite.
• Animometer/tests/misc/canvas-electrons.html: Removed.
• Animometer/tests/misc/canvas-stars.html: Removed.
• Animometer/tests/misc/resources/canvas-electrons.js: Removed.
• Animometer/tests/misc/resources/canvas-stars.js: Removed.
• Animometer/tests/simple/resources/simple-canvas-paths.js: Add ellipse primitives.

Merge text tests together into one.

• Animometer/resources/runner/tests.js: Remove international.html.
• Animometer/tests/master/international.html: Removed.
• Animometer/tests/master/resources/text.js:

(animate): Update styling. Manually calculate gradients for the shadow particles.
Reduce the step size for y direction to avoid cutting text off at the margins. Increase
step for x since there will be a little more room.

• Animometer/tests/master/text.html: Add more translations and lay it out in a table.

5:22 PM Changeset in webkit [198508] by rniwa@webkit.org

• 2 edits in trunk/Websites/perf.webkit.org

Fix A/B testing after r198503.

• public/include/build-requests-fetcher.php:

5:06 PM Changeset in webkit [198507] by Brent Fulgham

• 4 edits in trunk

Improve SharedBuffer testing
​https://bugs.webkit.org/show_bug.cgi?id=93078
<rdar://problem/25277829>

Reviewed by Ryosuke Niwa.

Source/WebCore:

• platform/SharedBuffer.h: Mark a few methods as WEBCORE_EXPORT so they

can be used by TestWebKitAPI.

Tools:

Based on a Blink patch by Huang Dongsung <​luxtella@company100.net>.
<​https://src.chromium.org/viewvc/blink?revision=153850&view=revision,
and a Blink patch by <​tyoshino@chromium.org>
<​https://src.chromium.org/viewvc/blink?view=rev&revision=151617>

Add three test cases from the Blink project that cover various append,
copy, and createArrayBuffer calls.

• TestWebKitAPI/Tests/WebCore/SharedBuffer.cpp:

(TestWebKitAPI::TEST_F):

4:29 PM Changeset in webkit [198506] by Alan Bujtas

• 3 edits
  2 adds in trunk

WebCore::RenderTableCell::setCol should put a cap on the column value.
​https://bugs.webkit.org/show_bug.cgi?id=155642
<rdar://problem/15895201>

Reviewed by Simon Fraser.

This patch ensures that we don't crash when the column number is large enough.
see webkit.org/b/71135 for more information.

Source/WebCore:

Test: tables/colspan-with-large-value-crash.html

• rendering/RenderTableCell.h:

(WebCore::RenderTableCell::setCol):

LayoutTests:

• tables/colspan-with-large-value-crash-expected.txt: Added.
• tables/colspan-with-large-value-crash.html: Added.

4:05 PM Changeset in webkit [198505] by matthew_hanson@apple.com

• 8 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r197967. rdar://problem/25271137

3:57 PM Changeset in webkit [198504] by beidson@apple.com

• 5 edits in trunk/LayoutTests

storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange.html flaky on mac-wk2.
​https://bugs.webkit.org/show_bug.cgi?id=154748

Reviewed by Alex Christensen.

• platform/mac/TestExpectations:
• storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-expected.txt:
• storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-private-expected.txt:
• storage/indexeddb/resources/deletedatabase-delayed-by-open-and-versionchange.js:

3:27 PM Changeset in webkit [198503] by rniwa@webkit.org

• 6 edits in trunk/Websites/perf.webkit.org

Analysis task page is broken after r198479
​https://bugs.webkit.org/show_bug.cgi?id=155735

Rubber-stamped by Chris Dumez.

• public/api/measurement-set.php:

(AnalysisResultsFetcher::fetch_commits): We need to emit the commit ID as done for regular data.

• public/include/build-requests-fetcher.php:

(BuildRequestsFetcher::fetch_roots_for_set_if_needed): Ditto. Don't use a fake ID after r198479.

• public/v3/models/commit-log.js:

(CommitLog): Assert that all commit log IDs are integers to catch regressions like this in future.

• public/v3/models/root-set.js:

(RootSet): Don't resolve Repository here as doing so would modify the shared "root" entry in the JSON
we fetched, and subsequent construction of RootSet would fail since this line would blow up trying to
find the repository with "[object]" as the ID.

• public/v3/models/test-group.js:

(TestGroup._createModelsFromFetchedTestGroups): Resolve Repository here.

3:25 PM Changeset in webkit [198502] by Simon Fraser

• 7 edits
  3 adds in trunk

[iOS WK2] Use larger tiles when possible to reduce per-tile painting overhead
​https://bugs.webkit.org/show_bug.cgi?id=155734
rdar://problem/24968144

Reviewed by Tim Horton.

Source/WebCore:

The existing tile size logic is wired to adjustScrollbars, which doesn't fire
when scrolling is delegated. For iOS WK2, key off of a new unobscuredContentSizeChanged()
function that runs when the UI process tells told WebCore that the unobscured size
has changed. In addition, contentsResized() is used to update scrollability when
page changes size.

• page/FrameView.cpp:

(WebCore::FrameView::contentsResized):
(WebCore::FrameView::addedOrRemovedScrollbar):
(WebCore::FrameView::adjustTiledBackingScrollability): Handle both delegated and non-delegated
scrolling; the former looks at the visible size (based on the unobscuredVisibleContentRect),
the latter at the presence of scrollbars.
(WebCore::FrameView::unobscuredContentSizeChanged):

• page/FrameView.h:
• platform/ScrollView.h:

(WebCore::ScrollView::unobscuredContentSizeChanged):

• platform/graphics/ca/TileController.cpp:

(WebCore::TileController::adjustTileCoverageRect): Use kDefaultTileSize rather than the
tile size, to retain the old amount of overdraw.
(WebCore::TileController::tileSize): There was a bug in the not-scrollable case; we need
to scale.

• platform/ios/ScrollViewIOS.mm:

(WebCore::ScrollView::setUnobscuredContentSize):

LayoutTests:

New results with larger page tiles in WK2.

• platform/ios-simulator-wk2/compositing/tiling/rotated-tiled-clamped-expected.txt: Added.
• platform/ios-simulator-wk2/compositing/tiling/rotated-tiled-preserve3d-clamped-expected.txt: Added.
• platform/ios-simulator-wk2/compositing/tiling/transform-origin-tiled-expected.txt: Added.

3:22 PM Changeset in webkit [198501] by Brent Fulgham

• 8 edits
  2 adds in trunk

Source/WebKit/win:
[Win] Connect layoutTestController.findString() to support testing
​https://bugs.webkit.org/show_bug.cgi?id=50234

Patch by Hyungwook Lee <​hyungwook.lee@navercorp.com> on 2016-03-21
Reviewed by Alex Christensen.

Implement WebView::findString to support testing efforts.

• Interfaces/IWebViewPrivate.idl: Add API declaration.
• WebView.cpp:
• WebView.h:

Tools:
[Win] Connect layoutTestController.findString() to support testing
​https://bugs.webkit.org/show_bug.cgi?id=50234

Patch by Hyungwook Lee <​hyungwook.lee@navercorp.com> on 2016-03-21
Reviewed by Alex Christensen.

Implement TestRunner::findString().

• DumpRenderTree/win/TestRunnerWin.cpp:

(TestRunner::findString):

LayoutTests:
[Win] Connect layoutTestController.findString() to support testing
​https://bugs.webkit.org/show_bug.cgi?id=50234

Patch by Hyungwook Lee <​hyungwook.lee@navercorp.com> on 2016-03-21
Reviewed by Alex Christensen.

• platform/win/TestExpectations: Unskip test.
• platform/win/editing/text-iterator/findString-expected.txt: Added.

3:07 PM Changeset in webkit [198500] by Chris Dumez

• 3 edits in trunk/Source/WebCore

Unreviewed, rolling out r197552.

May have caused a ~2% PLT regression on iOS

Reverted changeset:

"Drop DocumentSharedObjectPool immediately when going into
PageCache."
​https://bugs.webkit.org/show_bug.cgi?id=154986
​http://trac.webkit.org/changeset/197552

1:54 PM Changeset in webkit [198499] by rniwa@webkit.org

• 11 edits in trunk/Websites/perf.webkit.org

v3 UI sometimes don't update the list of revisions on the commit log viewer
​https://bugs.webkit.org/show_bug.cgi?id=155729

Rubber-stamped by Chris Dumez.

Fixed multiple bugs that were affecting the list of blame range and commit logs for the range weren't
updated in some cases on v3 UI. Also, the commit log viewer state is now a part of the URL state so
opening and closing the commit log viewer will persist across page loads.

Also fixed a regression from r198479 that Test object can't be created for a top level test.

• public/v3/components/chart-pane-base.js:

(ChartPaneBase.prototype.configure):
(ChartPaneBase.prototype._mainSelectionDidChange): Fixed the bug that the list of blame range nor the
commit log viewer don't get updated when the selected range changes.
(ChartPaneBase.prototype._indicatorDidChange):
(ChartPaneBase.prototype._didFetchData):
(ChartPaneBase.prototype._updateStatus): Extracted from _indicatorDidChange and _didFetchData.
(ChartPaneBase.prototype._requestOpeningCommitViewer): Renamed from _openCommitViewer.

• public/v3/components/chart-status-view.js:

(ChartStatusView.prototype.updateStatusIfNeeded): Fixed the bug that the blame range doesn't get set
on the initial page load when the selection range is set but the chart data hadn't been fetched yet.

• public/v3/components/commit-log-viewer.js:

(CommitLogViewer.prototype.view): Fixed the bug that we don't clear out the old list of commits while
loading the next set of commits to show as it looked as if the list was never updated.
(CommitLogViewer.prototype.render): Fixed the bug that the view always show the last repository name
even if there were nothing being fetched or commits to show.

• public/v3/components/pane-selector.js:

(PaneSelector.prototype.focus): Removed superfluous call to console.log.

• public/v3/models/data-model.js:

(DataModelObject.listForStaticMap): Generalized the code for all to fix the bug in Test.
(DataModelObject.all):

• public/v3/models/test.js:

(Test): Fixed the bug that this code was relying on the static map to be an array.
(Test.topLevelTests): Use newly added listForStaticMap to convert the dictionary to an array.

• public/v3/pages/chart-pane-status-view.js:

(ChartPaneStatusView): Always initialize _usedRevisionRange as a triple to simplify code elsewhere.
(ChartPaneStatusView.prototype.render): Invoke _revisionCallback when user clicks on a repository
expansion mark (>>). Also fixed click handler from the row since this made selecting revision range
on the view cumbersome. Now user has to explicitly click on the expansion mark (>>).
(ChartPaneStatusView.prototype._setRevisionRange): Now takes shouldNotify, from, and to as arguments
as this function must not invoke_revisionCallback inside _updateRevisionListForNewCurrentRepository.
(ChartPaneStatusView.prototype.moveRepositoryWithNotification): Use newly added setCurrentRepository
instead of manually invoking setCurrentRepository and updateRevisionListWithNotification.
(ChartPaneStatusView.prototype.setCurrentRepository): Fixed the bug that we weren't updating the
blame list here.
(ChartPaneStatusView.prototype.updateRevisionList): Renamed from updateRevisionListWithNotification
since we no longer call _revisionCallback. In general, callbacks are only meant to communicate user
initiated actions, and not program induced updates like this API so this was a bad pattern anyway.
ChartPane now explicitly updates the commit log viewer instead of relying on this function calling
_requestOpeningCommitViewer implicitly.
(ChartPaneStatusView.prototype._updateRevisionListForNewCurrentRepository): Extracted from
updateRevisionListWithNotification so that setCurrentRepository can also call this function.

• public/v3/pages/chart-pane.js:

(ChartPane.prototype._requestOpeningCommitViewer): Overrides ChartPaneBase's method. Open the same
repository in other panes via ChartsPage.setOpenRepository.
(ChartPane.prototype.setOpenRepository): This method is called when the user selected a repository in
another pane. Open the same repository in this pane if it wasn't already open.

• public/v3/pages/charts-page.js:

(ChartsPage): Added this._currentRepositoryId.
(ChartsPage.prototype.serializeState): Serialize _currentRepositoryId.
(ChartsPage.prototype.updateFromSerializedState): Set the commit log viewer's
(ChartsPage.prototype.setOpenRepository): Added.

• tests/api-measurement-set.js: Fixed a test after r198479.

1:23 PM Changeset in webkit [198498] by Simon Fraser

• 4 edits in trunk/Source/WebCore

Very flashy scrolling on ​http://quellish.tumblr.com page
​https://bugs.webkit.org/show_bug.cgi?id=155728
rdar://problem/22299375

Reviewed by Zalan Bujtas.

​http://quellish.tumblr.com/post/126712999812/how-on-earth-the-facebook-ios-application-is-so
has many elements that are nested inside elements with non-equal corner radius clipping.
This requires building bezier paths for the rounded-rect clip which is expensive.

For many rows of the table, we can avoid the rounded-rect clipping because the intersection
of the paintDirtyRect and the clip is actually rectangular.

• platform/graphics/FloatRoundedRect.cpp:

(WebCore::FloatRoundedRect::intersectionIsRectangular):

• platform/graphics/FloatRoundedRect.h:
• rendering/RenderLayer.cpp:

(WebCore::RenderLayer::clipToRect):

1:13 PM Changeset in webkit [198497] by Alan Bujtas

• 21 edits in trunk

Web Inspector search icon does not fit when zoomed in.
​https://bugs.webkit.org/show_bug.cgi?id=155708

Reviewed by Simon Fraser.

Adjusts the paint rect for the magnifier icon so that it fits even when zoomed in.

Source/WebCore:

Covered by existing tests.

• rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::resultsButtonSizes):
(WebCore::RenderThemeMac::paintSearchFieldResultsButton):

LayoutTests:

• fast/forms/search/search-padding-cancel-results-buttons-expected.txt:
• platform/mac/fast/css/focus-ring-exists-for-search-field-expected.txt:
• platform/mac/fast/css/text-input-with-webkit-border-radius-expected.txt:
• platform/mac/fast/css/text-overflow-input-expected.txt:
• platform/mac/fast/forms/box-shadow-override-expected.txt:
• platform/mac/fast/forms/control-restrict-line-height-expected.txt:
• platform/mac/fast/forms/input-appearance-height-expected.txt:
• platform/mac/fast/forms/placeholder-position-expected.txt:
• platform/mac/fast/forms/placeholder-pseudo-style-expected.txt:
• platform/mac/fast/forms/search-cancel-button-style-sharing-expected.txt:
• platform/mac/fast/forms/search-display-none-cancel-button-expected.txt:
• platform/mac/fast/forms/search-rtl-expected.txt:
• platform/mac/fast/forms/search-styled-expected.txt:
• platform/mac/fast/forms/search-vertical-alignment-expected.txt:
• platform/mac/fast/forms/search/search-size-with-decorations-expected.txt:
• platform/mac/fast/forms/searchfield-heights-expected.txt:
• platform/mac/fast/repaint/search-field-cancel-expected.txt:
• platform/mac/fast/replaced/width100percent-searchfield-expected.txt:

12:28 PM Changeset in webkit [198496] by enrica@apple.com

• 2 edits in trunk/Source/WebKit2

Enable preview of images as attachments.
​https://bugs.webkit.org/show_bug.cgi?id=155674
rdar://problem/25242656

Reviewed by Darin Adler.

If the client cannot handle image preview, but can handle attachments,
let them handle images as attachments.

• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _dataForPreviewItemController:atPosition:type:]):

12:22 PM Changeset in webkit [198495] by rniwa@webkit.org

• 2 edits in trunk/Websites/perf.webkit.org

V3 Perf Dashboard should automatically select initial range when creating a new task
​https://bugs.webkit.org/show_bug.cgi?id=155677

Reviewed by Joseph Pecoraro.

Select the entire range of points for which the analysis task is created by default so that creating
a test group to confirm the regression / progression is easy.

• public/v3/pages/analysis-task-page.js:

(AnalysisTaskPage): Added a boolean flag which indicates the user had modified main chart's selection.

• public/v3/pages/analysis-task-page.js:

(AnalysisTaskPage.prototype.render): Set the main chart's selection to the entire range of points in
the analysis task if the user had never modified selection.
(AnalysisTaskPage.prototype._chartSelectionDidChange): This callback is invoked only when the user had
modified the selection so set _selectionWasModifiedByUser true here unconditionally.

11:09 AM Changeset in webkit [198494] by jonlee@apple.com

• 3 edits in trunk/PerformanceTests

Add a link to show debug data
​https://bugs.webkit.org/show_bug.cgi?id=155724

Reviewed by Simon Fraser.

• Animometer/developer.html: Attach the onclick handler to the score.
• Animometer/index.html: Ditto.

10:54 AM Changeset in webkit [198493] by peavo@outlook.com

• 2 edits in trunk/Source/WebCore

[WinCairo][MediaFoundation] Crash when media player is destroyed.
​https://bugs.webkit.org/show_bug.cgi?id=155716

Reviewed by Alex Christensen.

Increase the reference count on the video presenter object in the ActivateObject method
to avoid referencing a deleted object when the media player is destroyed.

• platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:

(WebCore::MediaPlayerPrivateMediaFoundation::CustomVideoPresenter::ActivateObject):

10:52 AM Changeset in webkit [198492] by eric.carlson@apple.com

• 119 edits in trunk

Add a WebRTC specific compile flag
​https://bugs.webkit.org/show_bug.cgi?id=155663

.:

Reviewed by Jer Noble.

• Source/cmake/OptionsEfl.cmake:
• Source/cmake/OptionsGTK.cmake:
• Source/cmake/WebKitFeatures.cmake:

Source/WebCore:

Guard WebRTC-only files with ENABLE(WEB_RTC) rather than ENABLE(MEDIA_STREAM).

Reviewed by Jer Noble.

• Modules/mediastream/MediaEndpointPeerConnection.cpp:
• Modules/mediastream/MediaEndpointPeerConnection.h:
• Modules/mediastream/PeerConnectionBackend.h:
• Modules/mediastream/PeerConnectionStates.h:
• Modules/mediastream/RTCConfiguration.cpp:
• Modules/mediastream/RTCConfiguration.h:
• Modules/mediastream/RTCConfiguration.idl:
• Modules/mediastream/RTCDTMFSender.cpp:
• Modules/mediastream/RTCDTMFSender.h:
• Modules/mediastream/RTCDTMFSender.idl:
• Modules/mediastream/RTCDTMFToneChangeEvent.cpp:
• Modules/mediastream/RTCDTMFToneChangeEvent.h:
• Modules/mediastream/RTCDTMFToneChangeEvent.idl:
• Modules/mediastream/RTCDataChannel.cpp:
• Modules/mediastream/RTCDataChannel.h:
• Modules/mediastream/RTCDataChannel.idl:
• Modules/mediastream/RTCDataChannelEvent.cpp:
• Modules/mediastream/RTCDataChannelEvent.h:
• Modules/mediastream/RTCDataChannelEvent.idl:
• Modules/mediastream/RTCIceCandidate.cpp:
• Modules/mediastream/RTCIceCandidate.h:
• Modules/mediastream/RTCIceCandidate.idl:
• Modules/mediastream/RTCIceCandidateEvent.cpp:
• Modules/mediastream/RTCIceCandidateEvent.h:
• Modules/mediastream/RTCIceCandidateEvent.idl:
• Modules/mediastream/RTCIceServer.h:
• Modules/mediastream/RTCIceServer.idl:
• Modules/mediastream/RTCOfferAnswerOptions.cpp:
• Modules/mediastream/RTCOfferAnswerOptions.h:
• Modules/mediastream/RTCPeerConnection.cpp:
• Modules/mediastream/RTCPeerConnection.h:
• Modules/mediastream/RTCPeerConnection.idl:
• Modules/mediastream/RTCPeerConnection.js:

(createOffer):

• Modules/mediastream/RTCPeerConnectionInternals.js:
• Modules/mediastream/RTCRtpReceiver.cpp:
• Modules/mediastream/RTCRtpReceiver.h:
• Modules/mediastream/RTCRtpReceiver.idl:
• Modules/mediastream/RTCRtpSender.cpp:
• Modules/mediastream/RTCRtpSender.h:
• Modules/mediastream/RTCRtpSender.idl:
• Modules/mediastream/RTCRtpSenderReceiverBase.h:
• Modules/mediastream/RTCSessionDescription.cpp:
• Modules/mediastream/RTCSessionDescription.h:
• Modules/mediastream/RTCSessionDescription.idl:
• Modules/mediastream/RTCStatsReport.cpp:
• Modules/mediastream/RTCStatsReport.idl:
• Modules/mediastream/RTCStatsResponse.cpp:
• Modules/mediastream/RTCStatsResponse.idl:
• Modules/mediastream/RTCTrackEvent.cpp:
• Modules/mediastream/RTCTrackEvent.h:
• Modules/mediastream/RTCTrackEvent.idl:
• Modules/mediastream/SDPProcessor.cpp:
• Modules/mediastream/SDPProcessor.h:
• bindings/generic/RuntimeEnabledFeatures.cpp:

(WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures):

• bindings/generic/RuntimeEnabledFeatures.h:

(WebCore::RuntimeEnabledFeatures::setMediaStreamEnabled):
(WebCore::RuntimeEnabledFeatures::webkitGetUserMediaEnabled):
(WebCore::RuntimeEnabledFeatures::webkitMediaStreamEnabled):
(WebCore::RuntimeEnabledFeatures::peerConnectionEnabled):
(WebCore::RuntimeEnabledFeatures::setPeerConnectionEnabled):
(WebCore::RuntimeEnabledFeatures::webkitRTCPeerConnectionEnabled):

• bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSDOMGlobalObject::addBuiltinGlobals):

• bindings/js/JSDictionary.cpp:

(WebCore::JSDictionary::convertValue):

• bindings/js/JSDictionary.h:
• bindings/js/JSRTCIceCandidateCustom.cpp:
• bindings/js/JSRTCPeerConnectionCustom.cpp:
• bindings/js/JSRTCSessionDescriptionCustom.cpp:
• bindings/js/JSRTCStatsResponseCustom.cpp:
• bindings/js/WebCoreJSBuiltinInternals.cpp:

(WebCore::JSBuiltinInternalFunctions::JSBuiltinInternalFunctions):
(WebCore::JSBuiltinInternalFunctions::visit):
(WebCore::JSBuiltinInternalFunctions::initialize):

• bindings/js/WebCoreJSBuiltinInternals.h:

(WebCore::JSBuiltinInternalFunctions::rtcPeerConnectionInternals):

• bindings/js/WebCoreJSBuiltins.h:

(WebCore::JSBuiltinFunctions::JSBuiltinFunctions):
(WebCore::JSBuiltinFunctions::mediaDevicesBuiltins):
(WebCore::JSBuiltinFunctions::navigatorUserMediaBuiltins):
(WebCore::JSBuiltinFunctions::rtcPeerConnectionBuiltins):
(WebCore::JSBuiltinFunctions::rtcPeerConnectionInternalsBuiltins):

• dom/EventNames.in:
• dom/EventTargetFactory.in:
• loader/FrameLoaderClient.h:
• platform/mediastream/IceCandidate.h:
• platform/mediastream/MediaEndpoint.cpp:
• platform/mediastream/MediaEndpoint.h:
• platform/mediastream/MediaEndpointConfiguration.cpp:
• platform/mediastream/MediaEndpointConfiguration.h:
• platform/mediastream/MediaEndpointSessionConfiguration.h:
• platform/mediastream/MediaPayload.h:
• platform/mediastream/PeerMediaDescription.h:
• platform/mediastream/RTCConfigurationPrivate.h:
• platform/mediastream/RTCDTMFSenderHandler.h:
• platform/mediastream/RTCDTMFSenderHandlerClient.h:
• platform/mediastream/RTCDataChannelHandler.h:
• platform/mediastream/RTCDataChannelHandlerClient.h:
• platform/mediastream/RTCIceCandidateDescriptor.cpp:
• platform/mediastream/RTCIceCandidateDescriptor.h:
• platform/mediastream/RTCIceServerPrivate.h:
• platform/mediastream/RTCPeerConnectionHandler.cpp:
• platform/mediastream/RTCPeerConnectionHandler.h:
• platform/mediastream/RTCPeerConnectionHandlerClient.h:
• platform/mediastream/RTCSessionDescriptionDescriptor.cpp:
• platform/mediastream/RTCSessionDescriptionDescriptor.h:
• platform/mediastream/RTCSessionDescriptionRequest.h:
• platform/mediastream/RTCStatsRequest.h:
• platform/mediastream/RTCStatsResponseBase.h:
• platform/mediastream/RTCVoidRequest.h:
• platform/mediastream/SDPProcessorScriptResource.cpp:
• platform/mediastream/SDPProcessorScriptResource.h:
• platform/mock/MockMediaEndpoint.cpp:
• platform/mock/MockMediaEndpoint.h:
• platform/mock/RTCDTMFSenderHandlerMock.cpp:
• platform/mock/RTCDTMFSenderHandlerMock.h:
• platform/mock/RTCDataChannelHandlerMock.cpp:
• platform/mock/RTCDataChannelHandlerMock.h:
• platform/mock/RTCNotifiersMock.cpp:
• platform/mock/RTCNotifiersMock.h:
• platform/mock/RTCPeerConnectionHandlerMock.cpp:
• platform/mock/RTCPeerConnectionHandlerMock.h:
• platform/mock/TimerEventBasedMock.h:

(WebCore::RenderLayerBacking::paintIntoLayer):

• testing/Internals.cpp:

(WebCore::Internals::Internals):
(WebCore::Internals::enableMockSpeechSynthesizer):
(WebCore::Internals::enableMockMediaEndpoint):
(WebCore::Internals::enableMockRTCPeerConnectionHandler):
(WebCore::Internals::setMockMediaCaptureDevicesEnabled):

• testing/Internals.h:

LayoutTests:

Reviewed by Jer Noble.

• platform/mac-mavericks/js/dom/global-constructors-attributes-expected.txt:
• platform/mac-yosemite/js/dom/global-constructors-attributes-expected.txt:
• platform/mac/js/dom/global-constructors-attributes-expected.txt:

10:47 AM Changeset in webkit [198491] by Ryan Haddad

• 1 edit
  1 move in trunk/LayoutTests

Moving the -expected.txt file for accessibility/radio-button-group-members.html

Unreviewed test gardening.

• accessibility/radio-button-group-members-expected.txt: Renamed from LayoutTests/accessibility/mac/radio-button-group-members-expected.txt.

10:17 AM Changeset in webkit [198490] by commit-queue@webkit.org

• 2 edits in trunk/Source/JavaScriptCore

Fixed compilation with GCC 4.8.
​https://bugs.webkit.org/show_bug.cgi?id=155698

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-21
Reviewed by Alexey Proskuryakov.

GCC 4.8 does not allow aggregate initialization for type with deleted
constructor, see ​https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52707.

• dfg/DFGCSEPhase.cpp: Added ctor for ImpureDataSlot.

10:10 AM Changeset in webkit [198489] by Ryan Haddad

• 2 edits in trunk/LayoutTests

Marking two inspector tests as flaky timeouts on Mac.
​https://bugs.webkit.org/show_bug.cgi?id=155607

Unreviewed test gardening.

• platform/mac/TestExpectations:

8:59 AM Changeset in webkit [198488] by jh718.park@samsung.com

• 17 edits in trunk/Source

[JSC] Add ArrayBuffer::tryCreate and change the callsites where it is needed
​https://bugs.webkit.org/show_bug.cgi?id=155328

Reviewed by Darin Adler.

Source/JavaScriptCore:

• API/JSTypedArray.cpp:

(JSObjectMakeTypedArray):
(JSObjectMakeArrayBufferWithBytesNoCopy):

• runtime/ArrayBuffer.h:

(JSC::ArrayBuffer::create):
(JSC::ArrayBuffer::tryCreate):
(JSC::ArrayBuffer::createUninitialized):
(JSC::ArrayBuffer::tryCreateUninitialized):
(JSC::ArrayBuffer::createInternal):

• runtime/GenericTypedArrayViewInlines.h:

(JSC::GenericTypedArrayView<Adaptor>::create):
(JSC::GenericTypedArrayView<Adaptor>::createUninitialized):

• runtime/JSArrayBufferConstructor.cpp:

(JSC::constructArrayBuffer):

Source/WebCore:

No new tests, no new behaviours.

• Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::processIfEmptyOrDisturbed):
(WebCore::FetchBody::consumeText):

• Modules/fetch/FetchLoader.cpp:

(WebCore::FetchLoader::didFinishLoading):

• bindings/js/JSDOMPromise.h:

(WebCore::char>>):

• dom/MessageEvent.cpp:

(WebCore::MessageEvent::MessageEvent):

• dom/MessageEvent.h:
• fileapi/FileReaderLoader.cpp:

(WebCore::FileReaderLoader::didReceiveResponse):
(WebCore::FileReaderLoader::didReceiveData):
(WebCore::FileReaderLoader::arrayBufferResult):

• html/canvas/WebGLBuffer.cpp:

(WebCore::WebGLBuffer::associateBufferDataImpl):

• html/track/DataCue.cpp:

(WebCore::DataCue::DataCue):
(WebCore::DataCue::data):
(WebCore::DataCue::setData):
(WebCore::DataCue::cueContentsMatch):

• html/track/DataCue.h:
• html/track/InbandDataTextTrack.cpp:

(WebCore::InbandDataTextTrack::addDataCue):
(WebCore::InbandDataTextTrack::removeCue):

• platform/mac/SerializedPlatformRepresentationMac.mm:

(WebCore::jsValueWithDataInContext):

5:58 AM Changeset in webkit [198487] by youenn.fablet@crf.canon.fr

• 1 edit in trunk/LayoutTests/platform/mac/TestExpectations

Unreviewed.
Marking imported/w3c/web-platform-tests/streams/readable-streams/garbage-collection-2.html as flaky (Pass, Crash)

3:42 AM Changeset in webkit [198486] by svillar@igalia.com

• 7 edits in trunk

[css-grid] Fix percentage tracks' size computation in grids with gutters
​https://bugs.webkit.org/show_bug.cgi?id=153825

Reviewed by Darin Adler.

Source/WebCore:

The track sizing algorithm is passed an available size
(freeSpace in the code) where to size the tracks. The total size of the grid
gutters was pre-removed from that available size because we cannot use it to size
the tracks. However that available size is also used to compute the size of
percentage tracks. As we're removing the size of the gutters, the base size for
percentage computations is smaller than it should be.

• rendering/RenderGrid.cpp:

(WebCore::RenderGrid::computeUsedBreadthOfGridTracks):

LayoutTests:

• fast/css-grid-layout/grid-gutters-and-flex-content-expected.txt:
• fast/css-grid-layout/grid-gutters-and-flex-content.html:
• fast/css-grid-layout/grid-gutters-and-tracks-expected.txt:
• fast/css-grid-layout/grid-gutters-and-tracks.html:

2:46 AM Changeset in webkit [198485] by Carlos Garcia Campos

• 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore

Merge r198484 - [GTK] scrollbar thumb clipped in 2.11.92
​https://bugs.webkit.org/show_bug.cgi?id=155586

Reviewed by Michael Catanzaro.

In the current version of Adwaita, the scrollbar itself also has a
one pixel border that we are not taking into account.

• platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::paintThumb): Use the scrollbar size
in indicator mode, instead of only the thumb size, to correctly
position the thumb in indicator mode.

2:18 AM Changeset in webkit [198484] by Carlos Garcia Campos

• 2 edits in trunk/Source/WebCore

[GTK] scrollbar thumb clipped in 2.11.92
​https://bugs.webkit.org/show_bug.cgi?id=155586

Reviewed by Michael Catanzaro.

In the current version of Adwaita, the scrollbar itself also has a
one pixel border that we are not taking into account.

• platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::paintThumb): Use the scrollbar size
in indicator mode, instead of only the thumb size, to correctly
position the thumb in indicator mode.

Mar 20, 2016:

11:05 PM Changeset in webkit [198483] by Gyuyoung Kim

• 14 edits in trunk/Source/WebCore

Reduce uses of PassRefPtr in WebCore/dom - 6
​https://bugs.webkit.org/show_bug.cgi?id=155579

Reviewed by Darin Adler.

• dom/MessagePortChannel.h:
• dom/default/PlatformMessagePortChannel.cpp:

(WebCore::PlatformMessagePortChannel::EventData::EventData):
(WebCore::MessagePortChannel::createChannel):
(WebCore::MessagePortChannel::MessagePortChannel):
(WebCore::MessagePortChannel::postMessageToRemote):
(WebCore::PlatformMessagePortChannel::create):
(WebCore::PlatformMessagePortChannel::PlatformMessagePortChannel):

• dom/default/PlatformMessagePortChannel.h:

(WebCore::PlatformMessagePortChannel::EventData::message):

10:28 PM Changeset in webkit [198482] by commit-queue@webkit.org

• 7 edits in trunk

The setter of binaryType attribute in WebSocket should raise the exception.
​https://bugs.webkit.org/show_bug.cgi?id=135874

Patch by Jinwoo Jeong <​jw00.jeong@samsung.com> on 2016-03-20
Reviewed by Antonio Gomes.

Source/WebCore:

According to W3C WebSocket Specification, <​https://www.w3.org/TR/2012/CR-websockets-20120920/>
when an invalid value is set on binaryType of WebSocket, a SyntaxError should be raised.

• Modules/websockets/WebSocket.cpp:

(WebCore::WebSocket::setBinaryType): Add a parameter to set an exception.

• Modules/websockets/WebSocket.h: Ditto.
• Modules/websockets/WebSocket.idl: Update that setter of binaryType could raise an exception.

LayoutTests:

According to W3C WebSocket Specification, <​https://www.w3.org/TR/2012/CR-websockets-20120920/>,
when an invalid value is set on binaryType of WebSocket, a SyntaxError should be raised.

• http/tests/websocket/tests/hybi/binary-type.html: Catch a syntax exception when binary type is set with invalid values.

10:11 PM Changeset in webkit [198481] by mitz@apple.com

• 39 edits in trunk

[Mac] Determine TARGET_MAC_OS_X_VERSION_MAJOR from MACOSX_DEPLOYMENT_TARGET rather than from MAC_OS_X_VERSION_MAJOR
​https://bugs.webkit.org/show_bug.cgi?id=155707
<rdar://problem/24980691>

Reviewed by Darin Adler.

Source/bmalloc:

• Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Source/JavaScriptCore:

• Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Source/ThirdParty/ANGLE:

• Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Source/WebCore:

• Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Source/WebInspectorUI:

• Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Source/WebKit/mac:

• Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Source/WebKit2:

• Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Source/WTF:

• Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Tools:

• ContentExtensionTester/Configurations/Base.xcconfig: Set TARGET_MAC_OS_X_VERSION_MAJOR based on the last component of MACOSX_DEPLOYMENT_TARGET.
• ContentExtensionTester/Configurations/DebugRelease.xcconfig: For engineering builds, preserve the behavior of TARGET_MAC_OS_X_VERSION_MAJOR being the host’s OS version.

Similarly for these projects:

• DumpRenderTree/mac/Configurations/Base.xcconfig:
• DumpRenderTree/mac/Configurations/DebugRelease.xcconfig:
• LayoutTestRelay/Configurations/Base.xcconfig:
• LayoutTestRelay/Configurations/DebugRelease.xcconfig:
• MiniBrowser/Configurations/Base.xcconfig:
• MiniBrowser/Configurations/DebugRelease.xcconfig:
• TestWebKitAPI/Configurations/Base.xcconfig:
• TestWebKitAPI/Configurations/DebugRelease.xcconfig:
• WebEditingTester/Configurations/Base.xcconfig:
• WebEditingTester/Configurations/DebugRelease.xcconfig:
• WebKitTestRunner/Configurations/Base.xcconfig:
• WebKitTestRunner/Configurations/DebugRelease.xcconfig:

6:26 PM Changeset in webkit [198480] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

Added implementations of AXObjectCache methods for !HAVE(ACCESSIBILITY).
​https://bugs.webkit.org/show_bug.cgi?id=155697

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-20
Reviewed by Darin Adler.

No new tests needed.

• accessibility/AXObjectCache.h:

(WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets):
(WebCore::AXObjectCache::absoluteCaretBoundsForCharacterOffset):
(WebCore::AXObjectCache::characterOffsetForIndex):
(WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
(WebCore::AXObjectCache::endCharacterOffsetOfLine):
(WebCore::AXObjectCache::nextCharacterOffset):
(WebCore::AXObjectCache::previousCharacterOffset):

5:57 PM Changeset in webkit [198479] by rniwa@webkit.org

• 13 edits
  4 adds in trunk/Websites/perf.webkit.org

Associated commits don't immediately show up on an analysis task page
​https://bugs.webkit.org/show_bug.cgi?id=155692

Reviewed by Darin Adler.

The bug was caused by resolveCommits in AnalysisTask._constructAnalysisTasksFromRawData not being
able to find the matching commit log if the commit log had been created by the charts which don't
set the remote identifiers on each CommitLog objects.

Fixed the bug by modifying /api/measurement-set to include the commit ID, and making CommitLog
use the real database ID as its ID instead of a fake ID we create from repository and revision.

Also added a bunch of Mocha unit tests for AnalysisTask.fetchAll.

• public/api/measurement-set.php:

(MeasurementSetFetcher::execute_query): Fetch commit_id.
(MeasurementSetFetcher::format_run): Use pass-by-reference to avoid making a copy of the row.
(MeasurementSetFetcher::parse_revisions_array): Include commit_id as the first item in the result.

• public/v3/instrumentation.js:
• public/v3/models/analysis-task.js:

(AnalysisTask): Fixed a bug that _buildRequestCount and _finishedBuildRequestCount could be kept
as strings and hasPendingRequests() could return a wrong result because it would perform string
inequality instead of numerical inequality.
(AnalysisTask.prototype.updateSingleton): Ditto.
(AnalysisTask.prototype.dissociateCommit):
(AnalysisTask._constructAnalysisTasksFromRawData):
(AnalysisTask._constructAnalysisTasksFromRawData.resolveCommits): Use findById now that CommitLog
objects all use the same id as the database id.

• public/v3/models/commit-log.js:

(CommitLog):
(CommitLog.prototype.remoteId): Deleted since we no longer create a fake id for commit logs for
measurement sets.
(CommitLog.findByRemoteId): Deleted.
(CommitLog.ensureSingleton): Deleted.
(CommitLog.fetchBetweenRevisions):

• public/v3/models/data-model.js:

(DataModelObject.clearStaticMap): Added to aid unit testing.
(DataModelObject.ensureNamedStaticMap): Fixed a typo. Each map is a dictionary, not an array.

• public/v3/models/metric.js:
• public/v3/models/platform.js:
• public/v3/models/root-set.js:

(RootSet): Updated per the interface change in CommitLog.ensureSingleton.
(MeasurementRootSet): Updated per /api/measurement-set change. Use the first value as the id.

• public/v3/models/test.js:
• unit-tests/analysis-task-tests.js: Added.

(sampleAnalysisTask):
(measurementCluster):

• unit-tests/checkconfig.js: Added some assertion message to help aid diagnosing the failure.
• unit-tests/measurement-adaptor-tests.js: Updated the sample data per the API change in

/api/measurement-set and also added assertions for commit log ids.

• unit-tests/measurement-set-tests.js:

(beforeEach):

• unit-tests/resources: Added.
• unit-tests/resources/mock-remote-api.js: Added. Extracted from measurement-set-tests.js to be

used in analysis-task-tests.js.
(assert.notReached.assert.notReached):
(global.RemoteAPI.getJSON):
(global.RemoteAPI.getJSONWithStatus):
(beforeEach):

• unit-tests/resources/v3-models.js: Added. Extracted from measurement-set-tests.js to be used in

analysis-task-tests.js and added more imports as needed.
(importFromV3):
(beforeEach):

4:08 PM Changeset in webkit [198478] by msaboff@apple.com

• 2 edits in trunk/Source/JavaScriptCore

Crash in stress/regexp-matches-array-slow-put.js due to stomping on memory when having bad time
​https://bugs.webkit.org/show_bug.cgi?id=155679

Reviewed by Saam Barati.

Allocate out of line storage based on what the structure says it needs
in JSArray::tryCreateUninitialized.

• runtime/JSArray.h:

(JSC::JSArray::tryCreateUninitialized):

3:42 PM Changeset in webkit [198477] by Joseph Pecoraro

• 2 edits in trunk/Source/JavaScriptCore

Crash on DFG::WorkList thread in JSC::Heap::isCollecting for destroyed Web Worker
​https://bugs.webkit.org/show_bug.cgi?id=155678
<rdar://problem/25251439>

Reviewed by Filip Pizlo.

This fixes a crash that we saw with GuardMalloc. If the Plan was
Cancelled it may not be safe to access the VM. If the Plan was
cancelled we are just going to bail anyways, so keep the ASSERT but
short-circuit if the plan was Cancelled.

• dfg/DFGWorklist.cpp:

(JSC::DFG::Worklist::runThread):

1:08 PM Changeset in webkit [198476] by Darin Adler

• 22 edits in trunk/Source

Disable Caches in Safari's Develop menu does not disable caches.
​https://bugs.webkit.org/show_bug.cgi?id=64483

Reviewed by Antti Koivisto.

Source/WebCore:

Moved feature from Settings to Page.

• history/PageCache.cpp:

(WebCore::canCachePage): Use function on Page instead of Settings.
(WebCore::PageCache::take): Ditto.
(WebCore::PageCache::get): Ditto.

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::subresourceCachePolicy): Ditto.
(WebCore::FrameLoader::addExtraFieldsToRequest): Ditto.

• loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::cachePolicy): Ditto.

• page/Page.h:

(WebCore::Page::isResourceCachingDisabled): Added.
(WebCore::Page::setResourceCachingDisabled): Added.

• page/Settings.in: Removed resourceCachingDisabled.

Source/WebKit/mac:

Removed unneeded WebPreferences property; we don't need this for Legacy WebKit.

• WebView/WebPreferenceKeysPrivate.h: Removed

WebKitResourceCachingDisabledPreferenceKey.

• WebView/WebPreferences.mm:

(-[WebPreferences isResourceCachingDisabled]): Deleted.
(-[WebPreferences setResourceCachingDisabled:]): Deleted.

• WebView/WebPreferencesPrivate.h: Removed resourceCachingDisabled property.
• WebView/WebView.mm:

(-[WebView _preferencesChanged:]): Removed code to update resourceCachingDisabled.

Source/WebKit2:

Moved functions from WKPreferences to WKPage.

• Shared/WebPreferencesDefinitions.h: Removed ResourceCachingDisabled.

• UIProcess/API/C/WKPage.cpp:

(WKPageGetResourceCachingDisabled): Added.
(WKPageSetResourceCachingDisabled): Added.

• UIProcess/API/C/WKPagePrivate.h: Added above functions.
• UIProcess/API/C/WKPreferences.cpp:

(WKPreferencesSetResourceCachingDisabled): Deleted.
(WKPreferencesGetResourceCachingDisabled): Deleted.

• UIProcess/API/C/WKPreferencesRefPrivate.h: Deleted above functions.

• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::setResourceCachingDisabled): Added.

• UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::isResourceCachingDisabled): Added.

• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences): Removed code to set the setting
for resourceCachingDisabled..
(WebKit::WebPage::setResourceCachingDisabled): Added.

• WebProcess/WebPage/WebPage.h: Declared setResourceCachingDisabled.
• WebProcess/WebPage/WebPage.messages.in: Added SetResourceCachingDisabled.

10:20 AM Changeset in webkit [198475] by mitz@apple.com

• 35 edits in trunk

Update build settings

Rubber-stamped by Andy Estes.

Source/bmalloc:

• Configurations/DebugRelease.xcconfig:

Source/JavaScriptCore:

• Configurations/DebugRelease.xcconfig:
• Configurations/FeatureDefines.xcconfig:
• Configurations/Version.xcconfig:

Source/ThirdParty/ANGLE:

• Configurations/DebugRelease.xcconfig:

Source/WebCore:

• Configurations/DebugRelease.xcconfig:
• Configurations/FeatureDefines.xcconfig:
• Configurations/Version.xcconfig:

Source/WebInspectorUI:

• Configurations/DebugRelease.xcconfig:
• Configurations/Version.xcconfig:

Source/WebKit/mac:

• Configurations/DebugRelease.xcconfig:
• Configurations/FeatureDefines.xcconfig:
• Configurations/Version.xcconfig:

Source/WebKit2:

• Configurations/DebugRelease.xcconfig:
• Configurations/FeatureDefines.xcconfig:
• Configurations/Version.xcconfig:

Source/WTF:

• Configurations/DebugRelease.xcconfig:

Tools:

• ContentExtensionTester/Configurations/DebugRelease.xcconfig:
• DumpRenderTree/mac/Configurations/DebugRelease.xcconfig:
• LayoutTestRelay/Configurations/DebugRelease.xcconfig:
• MiniBrowser/Configurations/DebugRelease.xcconfig:
• TestWebKitAPI/Configurations/DebugRelease.xcconfig:
• TestWebKitAPI/Configurations/FeatureDefines.xcconfig: Synced up to the ones in ../Source.
• WebEditingTester/Configurations/DebugRelease.xcconfig:
• WebKitTestRunner/Configurations/DebugRelease.xcconfig:
• asan/asan.xcconfig:

8:21 AM Changeset in webkit [198474] by Chris Fleizach

• 5 edits
  1 move in trunk

AX: Radio button members are not identified together in all cases
​https://bugs.webkit.org/show_bug.cgi?id=155604
<rdar://problem/21186992>

Reviewed by Darin Adler.

Source/WebCore:

Allow aria radio buttons to be grouped together as linked ui elements even if they're not input types of radio button.

Modified test: accessibility/radio-button-group-members.html

• accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::speakProperty):
(WebCore::AccessibilityRenderObject::addRadioButtonGroupChildren):
(WebCore::AccessibilityRenderObject::addRadioButtonGroupMembers):

• accessibility/AccessibilityRenderObject.h:

LayoutTests:

• accessibility/mac/radio-button-group-members-expected.txt: Added.
• accessibility/radio-button-group-members.html:
• platform/mac/accessibility/radio-button-group-members-expected.txt: Removed.