WebKit-https.git
5 years agoAdd a model for parsing buildbot JSON with unit tests
rniwa@webkit.org [Thu, 24 Mar 2016 03:25:10 +0000 (03:25 +0000)]
Add a model for parsing buildbot JSON with unit tests
https://bugs.webkit.org/show_bug.cgi?id=155814

Reviewed by Joseph Pecoraro.

Added BuildbotSyncer and BuildbotBuildEntry classes to parse buildbot JSON files with unit tests.
They will be used in the new syncing scripts to improve A/B testing.

* public/v3/models/build-request.js:
(BuildRequest):
* tools/js/buildbot-syncer.js: Added.
(BuildbotBuildEntry): Added.
(BuildbotBuildEntry.prototype.slaveName): Added.
(BuildbotBuildEntry.prototype.buildRequestId): Added.
(BuildbotBuildEntry.prototype.isInProgress): Added.
(BuildbotSyncer): Added.
(BuildbotSyncer.prototype.testPath): Added.
(BuildbotSyncer.prototype.builderName): Added.
(BuildbotSyncer.prototype.platformName): Added.
(BuildbotSyncer.prototype.fetchPendingRequests): Added.
(BuildbotSyncer.prototype._propertiesForBuildRequest): Added.
(BuildbotSyncer.prototype._revisionSetFromRootSetWithExclusionList): Added.
(BuildbotSyncer._loadConfig): Added.
(BuildbotSyncer._validateAndMergeConfig): Added.
(BuildbotSyncer._validateAndMergeProperties): Added.
* tools/js/v3-models.js: Copied from unit-tests/resources/v3-models.js.
(beforeEach): Deleted since this only defined inside mocha.
* unit-tests/analysis-task-tests.js:
* unit-tests/buildbot-syncer-tests.js: Added.
(sampleiOSConfig):
(createSampleBuildRequest):
(.smallConfiguration):
* unit-tests/measurement-adaptor-tests.js:
* unit-tests/measurement-set-tests.js:
* unit-tests/resources/mock-v3-models.js: Renamed from unit-tests/resources/v3-models.js.
(beforeEach):
* unit-tests/test-groups-tests.js:
(sampleTestGroup):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198614 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCSP: Simplify logic for checking policies
dbates@webkit.org [Thu, 24 Mar 2016 02:41:28 +0000 (02:41 +0000)]
CSP: Simplify logic for checking policies
https://bugs.webkit.org/show_bug.cgi?id=155817
<rdar://problem/25326546>

Reviewed by Zalan Bujtas.

Consolidate the various static template functions into a single function called ContentSecurityPolicy::allPoliciesAllow()
that tests whether a resource request when evaluated with respect to a directive (given as a ContentSecurityPolicyDirectiveList
pointer-to-member function) violates any of the CSPs that were delivered with the document.

No functionality changed. So, no new tests.

* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::allPoliciesAllowHashFromContent): Formerly name isAllowedByAllWithHash. Made it
a member function so that we query for the document encoding instead of taking it as an argument. Modified
it to take a predicate function to pass it to allPoliciesAllow().
(WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Modified to use ContentSecurityPolicy::allPoliciesAllow().
(WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
(WebCore::ContentSecurityPolicy::allowScriptWithNonce): Ditto.
(WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
(WebCore::ContentSecurityPolicy::allowInlineScript): Modified to use ContentSecurityPolicy::allPoliciesAllow() and
ContentSecurityPolicy::allPoliciesAllowHashFromContent().
(WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
(WebCore::ContentSecurityPolicy::allowEval): Modified to use ContentSecurityPolicy::allPoliciesAllow().
(WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
(WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
(WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
(WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
(WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
(WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
(WebCore::isAllowedByAllWithFrame): Deleted.
(WebCore::isAllowedByAll): Deleted.
(WebCore::isAllowedByAllWithState): Deleted.
(WebCore::isAllowedByAllWithContext): Deleted.
(WebCore::isAllowedByAllWithNonce): Deleted.
(WebCore::isAllowedByAllWithHash): Deleted.
(WebCore::isAllowedByAllWithHashFromContent): Deleted.
(WebCore::isAllowedByAllWithURL): Deleted.
(WebCore::ContentSecurityPolicy::documentEncoding): Deleted. Incorporated its functionality into ContentSecurityPolicy::allPoliciesAllowHashFromContent().
(WebCore::ContentSecurityPolicy::isActive): Deleted. This function has been unused since the removal of the CSP script
interface in <http://trac.webkit.org/changeset/197142>.
* page/csp/ContentSecurityPolicy.h:
(WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the predicate function evaluates to true
for all CSP policies.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198613 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUpdate focus and leaves tests
jonlee@apple.com [Thu, 24 Mar 2016 02:40:36 +0000 (02:40 +0000)]
Update focus and leaves tests
https://bugs.webkit.org/show_bug.cgi?id=155825

Reviewed by Simon Fraser.

Particles would improperly disappear, before they were fully off stage. Update the calculation.
* Animometer/tests/dom/resources/leaves.js:
* Animometer/tests/master/resources/leaves.js:

* Animometer/tests/master/focus.html: Update the center element styling.
* Animometer/tests/master/resources/focus.js:
(FocusElement.Utilities.createClass): Give enough space in the container for each particle for the blur
to spread. It should be about 3x more space than the blur radius on each side.
(Stage.call.initialize): Ditto for the center element.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198612 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUpdate support for other platforms
jonlee@apple.com [Thu, 24 Mar 2016 02:40:03 +0000 (02:40 +0000)]
Update support for other platforms
https://bugs.webkit.org/show_bug.cgi?id=155824

Reviewed by Simon Fraser.

* Animometer/resources/debug-runner/animometer.css: Remove extraneous media query. All of it should
be handled in the release stylesheet.
* Animometer/resources/debug-runner/animometer.js: Add support for browsers that return an HTMLCollection
when retrieving radio elements with a name, instead of the selected value.
* Animometer/resources/runner/animometer.css: Adjust the queries for devices of varying widths.
(.frame-container): Move overflow:hidden to #stage.
* Animometer/tests/master/resources/stage.css: Consolidate into tests/resources/stage.css.
* Animometer/tests/resources/stage.css:
(body): Remove overflow:hidden.
(#stage): Set overflow:hidden here.
(#center-text): Moved from master/resources/stage.css.

Update stylesheet hrefs.
* Animometer/tests/master/canvas-stage.html:
* Animometer/tests/master/focus.html:
* Animometer/tests/master/leaves.html:
* Animometer/tests/master/multiply.html:
* Animometer/tests/master/particles.html:
* Animometer/tests/master/text.html: Adjust text size to fit in the device screen.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198611 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMake the benchmark require device to be in landscape orientation
jonlee@apple.com [Thu, 24 Mar 2016 02:08:13 +0000 (02:08 +0000)]
Make the benchmark require device to be in landscape orientation
https://bugs.webkit.org/show_bug.cgi?id=155822
rdar://problem/25258650

Reviewed by Ryosuke Niwa.

Check that the device is in landscape orientation. If not, disable the button to start it,
and show a warning message.

* Animometer/developer.html: Add a message about how the browser should be set up. Include a
warning message that appears if the orientation is incorrect on mobile devices.
* Animometer/index.html: Ditto.

* Animometer/resources/debug-runner/animometer.css: Migrate the .hidden rule into the release
stylesheet. Update the style to accommodate the new UI.
* Animometer/resources/runner/animometer.css:

* Animometer/resources/runner/animometer.js:
(window.benchmarkController.initialize): Add the orientation listener is needed.
(window.benchmarkController.addOrientationListenerIfNecessary): Only mobile devices need this. Check
to see for support of window.orientation.
(window.benchmarkController._orientationChanged): Toggle the warning based on whether we match the
landscape query. Set a state variable, which is needed for the debug harness. Call updateStartButtonState.
(window.benchmarkController.updateStartButtonState):
* Animometer/resources/debug-runner/animometer.js: Change _updateStartButtonState to return
a boolean about whether at least one test is selected. That will be used in
benchmarkController.updateStartButtonState(). Move the load event listener to the release version.
(window.benchmarkController.updateStartButtonState): Override the release version, and also check
that at least one test is selected.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198610 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMedia elements allowed to play without a user gesture, but requiring fullscreen playb...
jer.noble@apple.com [Thu, 24 Mar 2016 00:43:39 +0000 (00:43 +0000)]
Media elements allowed to play without a user gesture, but requiring fullscreen playback, should not be allowed to autoplay.
https://bugs.webkit.org/show_bug.cgi?id=155599

Reviewed by Darin Adler.

Test: media/video-autoplay-allowed-but-fullscreen-required.html

Entering fullscreen should always require a user gesture.

* html/MediaElementSession.cpp:
(WebCore::MediaElementSession::playbackPermitted):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198609 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ios-sim] RequiresUserActionForPlaybackTest.DoesNotRequireUserActionForMediaPlayback...
jer.noble@apple.com [Thu, 24 Mar 2016 00:42:04 +0000 (00:42 +0000)]
[ios-sim] RequiresUserActionForPlaybackTest.DoesNotRequireUserActionForMediaPlayback and RequiresUserActionForVideoButNotAudioPlayback failing
https://bugs.webkit.org/show_bug.cgi?id=155764

Reviewed by Eric Carlson.

Remove the requirement for media elements to have webkit-playsinline attributes on iOS.

* TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:
(RequiresUserActionForPlaybackTest::SetUp):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198608 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, rolling out r198538.
commit-queue@webkit.org [Thu, 24 Mar 2016 00:13:24 +0000 (00:13 +0000)]
Unreviewed, rolling out r198538.
https://bugs.webkit.org/show_bug.cgi?id=155819

Broke two API tests on iOS simulator (Requested by ap on
#webkit).

Reverted changeset:

"Media elements allowed to play without a user gesture, but
requiring fullscreen playback, should not be allowed to
autoplay."
https://bugs.webkit.org/show_bug.cgi?id=155599
http://trac.webkit.org/changeset/198538

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198607 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agobmalloc: Added an Object helper class
ggaren@apple.com [Thu, 24 Mar 2016 00:12:05 +0000 (00:12 +0000)]
bmalloc: Added an Object helper class
https://bugs.webkit.org/show_bug.cgi?id=155818

Reviewed by Gavin Barraclough.

Object is an abstraction that breaks out a void* into its component
metadata pointers.

This is slightly faster than recomputing them, and it enables a future
patch in which Object will tell us whether it is small or large.

* bmalloc.xcodeproj/project.pbxproj: Added to the project.

* bmalloc/Allocator.cpp:
(bmalloc::Allocator::reallocate): Use Object to compute size.

* bmalloc/Deallocator.cpp:
(bmalloc::Deallocator::processObjectLog):
* bmalloc/Heap.cpp:
(bmalloc::Heap::allocateSmallPage):
(bmalloc::Heap::deallocateSmallLine):
* bmalloc/Heap.h:
(bmalloc::Heap::derefSmallLine): Use Object to deallocate.

* bmalloc/Object.h: Added.
(bmalloc::Object::Object):
(bmalloc::Object::chunk):
(bmalloc::Object::line):
(bmalloc::Object::page): Helper class to break out a void* into its
component metadata pointers.

* bmalloc/SmallChunk.h:
(bmalloc::SmallChunk::SmallChunk): SmallPage::get doesn't exist anymore
so we use our new helper functions instead.

(bmalloc::SmallChunk::offset):
(bmalloc::SmallChunk::object):
(bmalloc::SmallChunk::page):
(bmalloc::SmallChunk::line):
(bmalloc::SmallLine::begin):
(bmalloc::SmallLine::end):
(bmalloc::SmallPage::begin): New helpers that operate on the data
stored in Object.

(bmalloc::SmallLine::get): Deleted.
(bmalloc::SmallPage::get): Deleted.

* bmalloc/SmallLine.h:
(bmalloc::SmallLine::refCount): Added a default ref value for convenience.

* bmalloc/SmallPage.h:
(bmalloc::SmallPage::SmallPage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Allow clicking the Timeline in Editing Mode to toggle the checkbox
commit-queue@webkit.org [Wed, 23 Mar 2016 23:47:35 +0000 (23:47 +0000)]
Web Inspector: Allow clicking the Timeline in Editing Mode to toggle the checkbox
https://bugs.webkit.org/show_bug.cgi?id=155815

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-03-23
Reviewed by Timothy Hatcher.

* UserInterface/Views/TimelineOverview.js:
(WebInspector.TimelineOverview.prototype._startEditingInstruments):
Remove unused variable.

* UserInterface/Views/TimelineTreeElement.js:
(WebInspector.TimelineTreeElement.prototype.onattach):
(WebInspector.TimelineTreeElement.prototype._clickHandler):
Make clicking on the tree element toggle the checkbox.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198605 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCrash when using KVO from within -[WebView initWithCoder:]
andersca@apple.com [Wed, 23 Mar 2016 23:47:29 +0000 (23:47 +0000)]
Crash when using KVO from within -[WebView initWithCoder:]
https://bugs.webkit.org/show_bug.cgi?id=155816
rdar://problem/17073265

Reviewed by Dan Bernstein.

Source/WebKit/mac:

Get rid of the observationInfo getter and setter. It's not clear why they were added (in 2003),
and the methods on NSObject are good enough for us.

* WebView/WebView.mm:
(-[WebView setObservationInfo:]): Deleted.
(-[WebView observationInfo]): Deleted.
* WebView/WebViewData.h:

Tools:

Add test.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/mac/EarlyKVOCrash.mm: Added.
(-[EarlyKVOCrashResponder initWithWebView:]):
(-[EarlyKVOCrashResponder initWithCoder:]):
(-[EarlyKVOCrashResponder dealloc]):
(-[EarlyKVOCrashResponder encodeWithCoder:]):
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198604 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Timeline Tab sometimes restores as blank
commit-queue@webkit.org [Wed, 23 Mar 2016 23:42:18 +0000 (23:42 +0000)]
Web Inspector: Timeline Tab sometimes restores as blank
https://bugs.webkit.org/show_bug.cgi?id=155811

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-03-23
Reviewed by Timothy Hatcher.

* UserInterface/Views/TimelineTabContentView.js:
(WebInspector.TimelineTabContentView.prototype.restoreFromCookie):
When early bailing in restore, if there is no content view to restore,
then at least fallback to showing the Overview.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198603 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: REGRESSION: Timeline Reset does not clear datagrids
commit-queue@webkit.org [Wed, 23 Mar 2016 22:45:55 +0000 (22:45 +0000)]
Web Inspector: REGRESSION: Timeline Reset does not clear datagrids
https://bugs.webkit.org/show_bug.cgi?id=155804

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-03-23
Reviewed by Timothy Hatcher.

* UserInterface/Views/HeapAllocationsTimelineView.js:
(WebInspector.HeapAllocationsTimelineView.prototype.shown):
(WebInspector.HeapAllocationsTimelineView.prototype.hidden):
(WebInspector.HeapAllocationsTimelineView.prototype.closed):
(WebInspector.HeapAllocationsTimelineView.prototype.reset):
Although we don't use the popover features of TimelineDataGrid,
be a good citizen and call methods on the datagrid.

* UserInterface/Views/OverviewTimelineView.js:
(WebInspector.OverviewTimelineView.prototype.reset):
Clear the datagrid on reset.

* UserInterface/Views/TimelineDataGrid.js:
(WebInspector.TimelineDataGrid.prototype.reset):
Clear the datagrid on reset.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198602 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Uncaught exceptions closing Timeline tab
commit-queue@webkit.org [Wed, 23 Mar 2016 22:45:15 +0000 (22:45 +0000)]
Web Inspector: Uncaught exceptions closing Timeline tab
https://bugs.webkit.org/show_bug.cgi?id=155805

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-03-23
Reviewed by Timothy Hatcher.

* UserInterface/Views/ScriptClusterTimelineView.js:
(WebInspector.ScriptClusterTimelineView.prototype._scriptClusterViewCurrentContentViewDidChange):
Gracefully handle if there is no content view.

* UserInterface/Views/TimelineRecordingContentView.js:
(WebInspector.TimelineRecordingContentView.prototype.closed): Deleted.
Fix typo.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198601 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, rolling out r198582.
commit-queue@webkit.org [Wed, 23 Mar 2016 22:33:17 +0000 (22:33 +0000)]
Unreviewed, rolling out r198582.
https://bugs.webkit.org/show_bug.cgi?id=155812

"It broke debugging in the web inspector" (Requested by
saamyjoon on #webkit).

Reverted changeset:

"We should not disable inlining when the debugger is enabled"
https://bugs.webkit.org/show_bug.cgi?id=155741
http://trac.webkit.org/changeset/198582

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198600 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoChange the paint count indicator to indicate whether a layer is opaque
simon.fraser@apple.com [Wed, 23 Mar 2016 22:27:42 +0000 (22:27 +0000)]
Change the paint count indicator to indicate whether a layer is opaque
https://bugs.webkit.org/show_bug.cgi?id=155810

Reviewed by Tim Horton.

In non-opaque layers, give the paint count indicator a diagonal top left corner. Being
able to see layer opaqueness helps diagnose bugs.

Also use CGContextStateSaver, and move the indicator in by a pixel to overlap less
with the layer border.

* platform/graphics/ca/PlatformCALayer.cpp:
(WebCore::PlatformCALayer::drawRepaintIndicator):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198599 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd unit tests for test-group.js
rniwa@webkit.org [Wed, 23 Mar 2016 21:55:55 +0000 (21:55 +0000)]
Add unit tests for test-group.js
https://bugs.webkit.org/show_bug.cgi?id=155781

Reviewed by Joseph Pecoraro.

Added unit tests for test-group.js that would have caught regressions fixed in r198503.

* public/v3/components/chart-pane-base.js:
(ChartPaneBase.prototype._renderAnnotations): Added a forgotten break statement.
* public/v3/models/build-request.js:
(BuildRequest.prototype.setResult):
(BuildRequest):
* public/v3/models/test-group.js:
* unit-tests/measurement-set-tests.js: Use ./resources/v3-models.js to reduce the code duplication.
* unit-tests/resources/v3-models.js: Import more stuff from v3 models.
(beforeEach):
* unit-tests/test-groups-tests.js: Added. Added some unit tests for TestGroup.
(sampleTestGroup):
(.testGroupWithStatusList):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198598 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoASSERTION FAILED: y2 >= y1 in WebCore::RenderElement::drawLineForBoxSide
zalan@apple.com [Wed, 23 Mar 2016 21:40:40 +0000 (21:40 +0000)]
ASSERTION FAILED: y2 >= y1 in WebCore::RenderElement::drawLineForBoxSide
https://bugs.webkit.org/show_bug.cgi?id=155791

Reviewed by Simon Fraser.

With certain combination of border rect and adjacent width, we could end up with an empty final rect.
This patch ensures that we don't try to paint this empty rect.

Source/WebCore:

Test: fast/borders/empty-outline-border-assert.html

* rendering/RenderElement.cpp:
(WebCore::RenderElement::drawLineForBoxSide):

LayoutTests:

* fast/borders/empty-outline-border-assert-expected.txt: Added.
* fast/borders/empty-outline-border-assert.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198597 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoTeach kill-old-processes about perl 5.18.
lforschler@apple.com [Wed, 23 Mar 2016 21:29:33 +0000 (21:29 +0000)]
Teach kill-old-processes about perl 5.18.

Reviewed by Alexey Proskuryakov

* BuildSlaveSupport/kill-old-processes:
(main):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198596 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoScreen queries should query the exact screen, not a default
dino@apple.com [Wed, 23 Mar 2016 21:20:38 +0000 (21:20 +0000)]
Screen queries should query the exact screen, not a default
https://bugs.webkit.org/show_bug.cgi?id=155806
<rdar://problem/25322916>

Reviewed by Simon Fraser.

Some of our media queries were using helper functions that
would query the capabilities of the deepest screen, rather
than the currently used screen. I changed them to use
the existing helper function (that works with WebKit 2)
and comment in some other helpers why a generic check is
ok.

Covered by the existing tests.

* platform/mac/PlatformScreenMac.mm:
(WebCore::screenDepth): Use the helper function.
(WebCore::screenDepthPerComponent):
(WebCore::screenIsMonochrome): Move these and make a comment.
(WebCore::screenHasInvertedColors):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198595 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agobmalloc: process the object log before asking for new memory
ggaren@apple.com [Wed, 23 Mar 2016 21:07:35 +0000 (21:07 +0000)]
bmalloc: process the object log before asking for new memory
https://bugs.webkit.org/show_bug.cgi?id=155801

Reviewed by Gavin Barraclough.

This is a step toward merging large and small objects: In future, if we
have large objects in the log, we need to process them right away to
avoid pushing up peak memory use.

But it also appears to be a speedup and memory use improvement now.

* bmalloc/Allocator.cpp:
(bmalloc::Allocator::allocate):
(bmalloc::Allocator::refillAllocatorSlowCase):
(bmalloc::Allocator::allocateLarge): Process the log before asking for
more memory.

* bmalloc/Deallocator.cpp:
(bmalloc::Deallocator::processObjectLog):
(bmalloc::Deallocator::deallocateSlowCase):
* bmalloc/Deallocator.h: Provide a public API for processing the object log.

* bmalloc/Heap.cpp:
(bmalloc::Heap::allocateSmallPage): Pop fragmented pages from the front
instead of from the back. This resolves a regression on tree_churn
--parallel. Popping from the front gives us the oldest pages. The oldest
pages have had the most time to accumulate free lines. They are therefore
the least fragmented on average.

* bmalloc/List.h:
(bmalloc::List::popFront):
(bmalloc::List::insertAfter): New API to pop from front.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198594 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMiniBrowser doesn't use accelerated drawing in WebKit2 windows if a WebKit1 window...
timothy_horton@apple.com [Wed, 23 Mar 2016 21:06:36 +0000 (21:06 +0000)]
MiniBrowser doesn't use accelerated drawing in WebKit2 windows if a WebKit1 window was opened first
https://bugs.webkit.org/show_bug.cgi?id=141576
<rdar://problem/25304548>

Reviewed by Simon Fraser.

* UIProcess/API/Cocoa/WKPreferences.mm:
(-[WKPreferences init]):
Make the NSUserDefaults key prefix for debug preferences (the only ones read
from NSUserDefaults) "WebKitDebug" instead of just "WebKit" so that they
don't conflict with the names that WebKit1 registers default values for.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198593 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoJavaScriptCore ArrayPrototype::join shouldn't cache butterfly when it makes effectful...
msaboff@apple.com [Wed, 23 Mar 2016 21:03:02 +0000 (21:03 +0000)]
JavaScriptCore ArrayPrototype::join shouldn't cache butterfly when it makes effectful calls
https://bugs.webkit.org/show_bug.cgi?id=155776

Reviewed by Saam Barati.

Source/JavaScriptCore:

Array.join ends up calling toString, possibly on some object.  Since these calls
could be effectful and could change the array itself, we can't hold the butterfly
pointer while making effectful calls.  Changed the code to fall back to the general
case when an effectful toString() call might be made.

* runtime/ArrayPrototype.cpp:
(JSC::join):
* runtime/JSStringJoiner.h:
(JSC::JSStringJoiner::appendWithoutSideEffects): New helper that doesn't make effectful
toString() calls.
(JSC::JSStringJoiner::append): Built upon appendWithoutSideEffects.

LayoutTests:

New test.

* js/regress-155776-expected.txt: Added.
* js/regress-155776.html: Added.
* js/script-tests/regress-155776.js: Added.
(fillBigArrayViaToString):
(Function.prototype.toString):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198592 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCSP: Make violation console messages concise and consistent
dbates@webkit.org [Wed, 23 Mar 2016 20:58:40 +0000 (20:58 +0000)]
CSP: Make violation console messages concise and consistent
https://bugs.webkit.org/show_bug.cgi?id=155777
<rdar://problem/25304031>

Reviewed by Darin Adler.

Source/WebCore:

As a first step towards making the log messages that are emitted by the ContentSecurityPolicy object
concise and consistent with the language and formatting used in other WebKit console messages, including
other Content Security Policy messages, make the violation error messages concise and consistent.
Being concise and consistent will help make it straightforward for a person to understand the reason
for the violation by taking advantage of their familiarity with the language and formatting seen in
other WebKit console messages.

* page/csp/ContentSecurityPolicyDirectiveList.cpp:
(WebCore::consoleMessageForViolation): Added. Builds up a console message for violation.
(WebCore::ContentSecurityPolicyDirectiveList::allowJavaScriptURLs): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkInlineAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineEventHandlers): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineScript): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowInlineStyle): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowEval): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkEvalAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::allowPluginType): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkMediaTypeAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::allowScriptFromSource): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkSourceAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::allowObjectFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowChildContextFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowChildFrameFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowImageFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowStyleFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowFontFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowMediaFromSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowConnectToSource): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowFormAction): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowBaseURI): Ditto.
(WebCore::ContentSecurityPolicyDirectiveList::allowFrameAncestors): Extract logic for logging a console message/reporting
a violation from ContentSecurityPolicyDirectiveList::checkFrameAncestorsAndReportViolation() to here and make use of WebCore::consoleMessageForViolation()
to build the actual console message.
(WebCore::ContentSecurityPolicyDirectiveList::addDirective): Add FIXME comment to log that the frame-src directive is
deprecated. See <https://bugs.webkit.org/show_bug.cgi?id=155773> for more details.
(WebCore::ContentSecurityPolicyDirectiveList::checkEvalAndReportViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::checkMediaTypeAndReportViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::checkInlineAndReportViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::checkSourceAndReportViolation): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::checkFrameAncestorsAndReportViolation): Deleted.
* page/csp/ContentSecurityPolicyDirectiveList.h:

LayoutTests:

Update expected results to reflect new violation message text.

* fast/workers/worker-inherits-csp-blocks-xhr-expected.txt:
* http/tests/contentextensions/block-cookies-in-csp-report-expected.txt:
* http/tests/contentextensions/block-csp-report-expected.txt:
* http/tests/contentextensions/hide-on-csp-report-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/base-uri-deny-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/child-src/frame-blocked-expected.txt:
...
* http/tests/security/contentSecurityPolicy/xsl-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/xsl-img-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/xsl-redirect-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/xsl-unaffected-by-style-src-1-expected.txt:
* http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-expected.txt:
* http/tests/security/isolatedWorld/image-load-should-not-bypass-main-world-csp-expected.txt:
* media/csp-blocks-video-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198591 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Quick Open dialog has fuzzy icons at 1x
mattbaker@apple.com [Wed, 23 Mar 2016 20:08:47 +0000 (20:08 +0000)]
Web Inspector: Quick Open dialog has fuzzy icons at 1x
https://bugs.webkit.org/show_bug.cgi?id=155557
<rdar://problem/25200217>

Reviewed by Timothy Hatcher.

New resource icons (documents and clippings) for large  tree items,
for use in the Quick Open dialog's tree outline.

* UserInterface/Images/ClippingCSSLarge.png: Added.
* UserInterface/Images/ClippingCSSLarge@2x.png: Added.
* UserInterface/Images/ClippingGenericLarge.png: Added.
* UserInterface/Images/ClippingGenericLarge@2x.png: Added.
* UserInterface/Images/ClippingJSLarge.png: Added.
* UserInterface/Images/ClippingJSLarge@2x.png: Added.
* UserInterface/Images/DocumentCSSLarge.png: Added.
* UserInterface/Images/DocumentCSSLarge@2x.png: Added.
* UserInterface/Images/DocumentFontLarge.png: Added.
* UserInterface/Images/DocumentFontLarge@2x.png: Added.
* UserInterface/Images/DocumentGenericLarge.png: Added.
* UserInterface/Images/DocumentGenericLarge@2x.png: Added.
* UserInterface/Images/DocumentImageLarge.png: Added.
* UserInterface/Images/DocumentImageLarge@2x.png: Added.
* UserInterface/Images/DocumentJSLarge.png: Added.
* UserInterface/Images/DocumentJSLarge@2x.png: Added.
* UserInterface/Images/DocumentMarkupLarge.png: Added.
* UserInterface/Images/DocumentMarkupLarge@2x.png: Added.
32px icons at 1x and 2x.

* UserInterface/Views/ResourceIcons.css:
(.large .resource-icon .icon):
(.large .resource-icon.resource-type-document .icon):
(.large .resource-icon.resource-type-image .icon):
(.large .resource-icon.resource-type-font .icon):
(.large .resource-icon.resource-type-stylesheet .icon):
(.large .resource-icon.resource-type-script .icon):
(.large .anonymous-script-icon .icon):
(.large .source-map-resource.resource-icon .icon):
(.large .source-map-resource.resource-icon.resource-type-stylesheet .icon):
(.large .source-map-resource.resource-icon.resource-type-script .icon):
Large icon styles.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198590 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoArray.prototype native functions' species constructors should work with proxies
keith_miller@apple.com [Wed, 23 Mar 2016 19:42:32 +0000 (19:42 +0000)]
Array.prototype native functions' species constructors should work with proxies
https://bugs.webkit.org/show_bug.cgi?id=155798

Reviewed by Mark Lam.

Before native the species constructors were checking if the this value was a JSArray.
Instead they should look check that the this value returns true on Array.isArray.

* runtime/ArrayPrototype.cpp:
(JSC::speciesConstructArray):
* tests/es6.yaml:
* tests/stress/proxy-array-prototype-methods.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198589 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[WebGL] Non-power-of-two texture optimization
bfulgham@apple.com [Wed, 23 Mar 2016 19:21:11 +0000 (19:21 +0000)]
[WebGL] Non-power-of-two texture optimization
https://bugs.webkit.org/show_bug.cgi?id=118409

Reviewed by Dean Jackson.

Source/WebCore:

Based on a patch by Przemyslaw Szymanski  <p.szymanski3@samsung.com>

This patch optimizes usage of handleNPOTTextures. We do not need to
iterate over each texture unit if no black textures were set. This
optimization provides a few more frames per seconds for certain
draw calls.

Tested by:
(1) Existing tests: webgl/resources/webgl_test_files/conformance/textures/texture-npot.html
(2) New test case: fast/canvas/webgl/texture-alternating-npot.html

* html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::compressedTexImage2D): Use new helper method.
(WebCore::WebGLRenderingContextBase::validateNPOTTextureLevel): Added.
(WebCore::WebGLRenderingContextBase::drawArrays): Only check texture completeness
if a black texture was used.
(WebCore::WebGLRenderingContextBase::drawElements): Ditto.
(WebCore::WebGLRenderingContextBase::texImage2DBase): Use new helper method.
(WebCore::WebGLRenderingContextBase::validateTexFunc): Ditto.
(WebCore::WebGLRenderingContextBase::checkTextureCompleteness): Return flag to indicate
if a black fallbacktexture was used.
* html/canvas/WebGLRenderingContextBase.h:

LayoutTests:

* fast/canvas/webgl/texture-alternating-npot-expected.txt: Added.
* fast/canvas/webgl/texture-alternating-npot.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198588 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoBuild fix for a new warning.
ap@apple.com [Wed, 23 Mar 2016 18:00:43 +0000 (18:00 +0000)]
Build fix for a new warning.

* editing/VisibleSelection.cpp: (WebCore::makeSearchRange): Don't move when returning,
as that prevents copy elision.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198587 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed: add Keith Rollin to the committers list.
krollin@apple.com [Wed, 23 Mar 2016 16:48:31 +0000 (16:48 +0000)]
Unreviewed: add Keith Rollin to the committers list.

* Scripts/webkitpy/common/config/contributors.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198586 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: String double quoting in the console and elsewhere needs to escape...
timothy@apple.com [Wed, 23 Mar 2016 15:53:52 +0000 (15:53 +0000)]
Web Inspector: String double quoting in the console and elsewhere needs to escape backslash too

https://bugs.webkit.org/show_bug.cgi?id=155752
rdar://problem/25293141

Reviewed by Joseph Pecoraro.

* UserInterface/Base/Utilities.js:
(doubleQuotedString): Escape backslashes too.
* UserInterface/Views/FormattedValue.js:
(WebInspector.FormattedValue.createLinkifiedElementString): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198585 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoShare style by sharing RenderStyle substructures not the object itself
antti@apple.com [Wed, 23 Mar 2016 14:16:17 +0000 (14:16 +0000)]
Share style by sharing RenderStyle substructures not the object itself
https://bugs.webkit.org/show_bug.cgi?id=155787

Reviewed by Anreas Kling.

The current approach where we share RenderStyle objects between elements leads to lot of awkward and bug-prone code.
Most of the RenderStyle consists of shareable substructures. It is better to just share those.

With this patch we create shared styles with RenderStyle::clone(). Sharing is traced as state in Style::SharingResolver
instead of relying on RenderStyle equality to locate potential sharing cousins.

* rendering/style/StyleRareNonInheritedData.cpp:
(WebCore::StyleRareNonInheritedData::operator==):

    m_altText was missing from operator==
    This was exposed by TreeResolver::resolveElement change, tested by fast/css/alt-inherit-initial.html

* style/StyleSharingResolver.cpp:
(WebCore::Style::elementHasDirectionAuto):
(WebCore::Style::SharingResolver::resolve):

    Save share results to a map.

(WebCore::Style::SharingResolver::findSibling):
(WebCore::Style::SharingResolver::locateCousinList):

    Instead of traversing we can now just do a hash lookup to locate a candidate cousin list.
    There is no need for recursion anymore, the map covers sharing beyond immediate siblings too.
    Remove most tests here as they have been already covered when sharing occured.

(WebCore::Style::canShareStyleWithControl):
* style/StyleSharingResolver.h:
* style/StyleTreeResolver.cpp:
(WebCore::Style::TreeResolver::styleForElement):
(WebCore::Style::TreeResolver::resolveElement):

    No need to do forced setting anymore just to support style sharing.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198584 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoReduce PassRefPtr uses in editing
gyuyoung.kim@webkit.org [Wed, 23 Mar 2016 14:05:54 +0000 (14:05 +0000)]
Reduce PassRefPtr uses in editing
https://bugs.webkit.org/show_bug.cgi?id=155743

Reviewed by Darin Adler.

Use RefPtr<>&&, raw pointer, or reference in arugments instead of PassRefPtr.
Besides RefPtr is used if function may be able to return nullptr.

* dom/Element.cpp:
(WebCore::Element::setOuterHTML):
(WebCore::Element::setInnerHTML):
* dom/Range.cpp:
(WebCore::Range::createContextualFragment):
* dom/ShadowRoot.cpp:
(WebCore::ShadowRoot::setInnerHTML):
* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::wrapContentsInDummySpan):
* editing/CompositeEditCommand.h:
* editing/DictationCommand.cpp:
(WebCore::DictationCommand::insertText):
* editing/SplitTextNodeContainingElementCommand.cpp:
(WebCore::SplitTextNodeContainingElementCommand::doApply):
* editing/TextInsertionBaseCommand.cpp:
(WebCore::TextInsertionBaseCommand::applyTextInsertionCommand):
* editing/TextInsertionBaseCommand.h:
* editing/TypingCommand.cpp:
(WebCore::TypingCommand::deleteSelection):
(WebCore::TypingCommand::deleteKeyPressed):
(WebCore::TypingCommand::forwardDeleteKeyPressed):
(WebCore::TypingCommand::insertText):
(WebCore::TypingCommand::insertLineBreak):
(WebCore::TypingCommand::insertParagraphSeparatorInQuotedContent):
(WebCore::TypingCommand::insertParagraphSeparator):
(WebCore::TypingCommand::lastTypingCommandIfStillOpenForTyping):
(WebCore::TypingCommand::closeTyping):
(WebCore::TypingCommand::ensureLastEditCommandHasCurrentSelectionIfOpenForMoreTyping):
* editing/TypingCommand.h:
* editing/VisibleSelection.cpp:
(WebCore::VisibleSelection::firstRange):
(WebCore::makeSearchRange):
* editing/VisibleSelection.h:
* editing/WrapContentsInDummySpanCommand.cpp:
(WebCore::WrapContentsInDummySpanCommand::WrapContentsInDummySpanCommand):
* editing/WrapContentsInDummySpanCommand.h:
(WebCore::WrapContentsInDummySpanCommand::create):
* editing/atk/FrameSelectionAtk.cpp:
(WebCore::maybeEmitTextFocusChange):
(WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
* editing/htmlediting.cpp:
(WebCore::createOrderedListElement):
(WebCore::createUnorderedListElement):
(WebCore::createListItemElement):
(WebCore::createTabSpanElement):
* editing/htmlediting.h:
* editing/markup.cpp:
(WebCore::AttributeChange::AttributeChange):
(WebCore::ancestorToRetainStructureAndAppearanceForBlock):
(WebCore::styleFromMatchedRulesAndInlineDecl):
(WebCore::createFragmentForInnerOuterHTML):
(WebCore::createFragmentForTransformToFragment):
(WebCore::createContextualFragment):
* editing/markup.h:
* html/HTMLElement.cpp:
(WebCore::HTMLElement::insertAdjacentHTML):
* xml/XSLTProcessor.cpp:
(WebCore::XSLTProcessor::transformToFragment):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198583 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWe should not disable inlining when the debugger is enabled
sbarati@apple.com [Wed, 23 Mar 2016 09:15:43 +0000 (09:15 +0000)]
We should not disable inlining when the debugger is enabled
https://bugs.webkit.org/show_bug.cgi?id=155741

Reviewed by Oliver Hunt.

Source/JavaScriptCore:

We can enable inlining when the debugger is enabled as long
as we make sure we still jettison the proper CodeBlocks when
a breakpoint is set. This means that for any optimized CodeBlock,
we must ask if any of its inlinees contain the breakpoint that
is being set. If any inlinees do contain the breakpoint, we must
jettison the machine code block that they are a part of.

* debugger/Debugger.cpp:
(JSC::Debugger::toggleBreakpoint):
(JSC::Debugger::applyBreakpoints):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::ByteCodeParser):
(JSC::DFG::ByteCodeParser::setLocal):
(JSC::DFG::ByteCodeParser::flush):
(JSC::DFG::ByteCodeParser::flushForTerminal):
(JSC::DFG::ByteCodeParser::inliningCost):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::Graph):
(JSC::DFG::Graph::~Graph):
* dfg/DFGGraph.h:
(JSC::DFG::Graph::hasDebuggerEnabled): Deleted.
* dfg/DFGStackLayoutPhase.cpp:
(JSC::DFG::StackLayoutPhase::run):
* ftl/FTLCompile.cpp:
(JSC::FTL::compile):

LayoutTests:

* inspector/debugger/breakpoint-with-inlining-expected.txt: Added.
* inspector/debugger/breakpoint-with-inlining.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198582 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ES6] Allow undefined/null for Symbol.search and Symbol.match
utatane.tea@gmail.com [Wed, 23 Mar 2016 09:11:56 +0000 (09:11 +0000)]
[ES6] Allow undefined/null for Symbol.search and Symbol.match
https://bugs.webkit.org/show_bug.cgi?id=155785

Reviewed by Saam Barati.

Undefined and null for Symbol.search and Symbol.match properties of the given RegExp (like) object are allowed.
When they are specified, we go to the fallback path; creating the RegExp with the given object and matching.

* builtins/StringPrototype.js:
(match):
(search):
* tests/stress/string-symbol-customization.js: Added.
(shouldBe):
(shouldThrow):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198581 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUse Region instead of IntRect in PageClient and WebPageProxy setViewNeedsDisplay...
carlosgc@webkit.org [Wed, 23 Mar 2016 08:51:59 +0000 (08:51 +0000)]
Use Region instead of IntRect in PageClient and WebPageProxy setViewNeedsDisplay method
https://bugs.webkit.org/show_bug.cgi?id=155747

Reviewed by Darin Adler.

Source/WebCore:

Add helper function to make cairo region out of a WebCore::Region.

* platform/graphics/cairo/CairoUtilities.cpp:
(WebCore::toCairoRegion):
* platform/graphics/cairo/CairoUtilities.h:

Source/WebKit2:

This way instead of calling setViewNeedsDisplay() for every
rectangle in the damage area, we can build a region and call
setViewNeedsDisplay() once. GTK+ has API to queue a redraw for a
given region, so we also avoid scheduling multiple redraws in GTK+
port.

* UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::PageClientImpl::setViewNeedsDisplay): Convert the Region
into a cairo_region_t and use gtk_widget_queue_draw_region()
instyead of gtk_widget_queue_draw_area().
* UIProcess/API/gtk/PageClientImpl.h:
* UIProcess/DrawingAreaProxyImpl.cpp:
(WebKit::DrawingAreaProxyImpl::incorporateUpdate): Build a Region
with the damage rectangles and call
WebPageProxy::setViewNeedsDisplay() once.
* UIProcess/PageClient.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::setViewNeedsDisplay):
* UIProcess/WebPageProxy.h:
* UIProcess/efl/WebView.cpp:
(WebKit::WebView::setViewNeedsDisplay):
* UIProcess/efl/WebView.h:
* UIProcess/ios/PageClientImplIOS.h:
* UIProcess/ios/PageClientImplIOS.mm:
(WebKit::PageClientImpl::setViewNeedsDisplay):
* UIProcess/mac/PageClientImpl.h:
* UIProcess/mac/PageClientImpl.mm:
(WebKit::PageClientImpl::setViewNeedsDisplay):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198580 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSmallPtrSet leaks memory in its move assignment operator when !this->isSmall()
sbarati@apple.com [Wed, 23 Mar 2016 08:21:03 +0000 (08:21 +0000)]
SmallPtrSet leaks memory in its move assignment operator when !this->isSmall()
https://bugs.webkit.org/show_bug.cgi?id=155701

Reviewed by Darin Adler.

* wtf/SmallPtrSet.h:
(WTF::SmallPtrSet::SmallPtrSet):
(WTF::SmallPtrSet::operator=):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198579 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoInvoking a link preview on a complex link (e.g. an image) results in an empty TextInd...
timothy_horton@apple.com [Wed, 23 Mar 2016 05:46:00 +0000 (05:46 +0000)]
Invoking a link preview on a complex link (e.g. an image) results in an empty TextIndicator
https://bugs.webkit.org/show_bug.cgi?id=155779
<rdar://problem/22408793>

Reviewed by Simon Fraser.

* page/FrameSnapshotting.cpp:
(WebCore::snapshotFrameRect):
(WebCore::snapshotFrameRectWithClip):
* page/FrameSnapshotting.h:
* page/TextIndicator.cpp:
(WebCore::takeSnapshot):
(WebCore::takeSnapshots):
(WebCore::initializeIndicator):
When snapshotting, clip to the indicated range's rects. This is important
to avoid painting into the margins in the non-selection-only painting case.
This didn't come up with normal selection-only painting because the text
didn't intersect the margin, and the background doesn't paint.

* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::dictionaryPopupInfoForRange):
(WebKit::WebPage::performImmediateActionHitTestAtLocation):
Use the TextIndicator mode where we give up on selection-only snapshotting
and just paint all content on Mac, similar to what we do for 3D Touch indicators.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198578 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoTiny tweak to test I just landed.
darin@apple.com [Wed, 23 Mar 2016 04:29:19 +0000 (04:29 +0000)]
Tiny tweak to test I just landed.

* http/tests/security/cross-origin-modal-dialog-base-expected.txt:
Fix expected result now that I fixed the less than sign.
* http/tests/security/cross-origin-modal-dialog-base.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198577 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agostraighten quotes in ChangeLog
darin@apple.com [Wed, 23 Mar 2016 04:19:21 +0000 (04:19 +0000)]
straighten quotes in ChangeLog

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198576 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoshowModalDialog code runs with “first window” set to wrong window
darin@apple.com [Wed, 23 Mar 2016 04:16:44 +0000 (04:16 +0000)]
showModalDialog code runs with “first window” set to wrong window
https://bugs.webkit.org/show_bug.cgi?id=155710

Source/WebCore:

Reviewed by Brent Fulgham.

Test: http/tests/security/cross-origin-modal-dialog-base.html

* page/Chrome.cpp:
(WebCore::Chrome::runModal): Null out entryScope so that the "first window"
checks inside the modal dialog won't run in the context of the original window
that presented the dialog.

LayoutTests:

Test by John Wilander.

Reviewed by Brent Fulgham.

* http/tests/security/cross-origin-modal-dialog-base-expected.txt: Added.
* http/tests/security/cross-origin-modal-dialog-base.html: Added.
* http/tests/security/resources/cross-origin-modal-dialog-base-1.html: Added.
* http/tests/security/resources/cross-origin-modal-dialog-base-2.html: Added.
* platform/wk2/TestExpectations: Skip test until we get better showModalDialog support.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198575 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agouserSpaceOnUse patterns are not stroked for empty object bounding box elements
commit-queue@webkit.org [Wed, 23 Mar 2016 03:28:09 +0000 (03:28 +0000)]
userSpaceOnUse patterns are not stroked for empty object bounding box elements
https://bugs.webkit.org/show_bug.cgi?id=109758

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-03-22
Reviewed by Brent Fulgham.
Source/WebCore:

Checking whether the patternUnits is objectBoundingBox needs to be done
after calling collectPatternAttributes(). Otherwise the default value
will be always checked which is 'objectBoundingBox'.

Tests: svg/custom/pattern-units-fill-stroke.svg

* rendering/svg/RenderSVGResourcePattern.cpp:
(WebCore::RenderSVGResourcePattern::buildPattern):
(WebCore::RenderSVGResourcePattern::applyResource):

LayoutTests:

Ensure the SVG pattern is drawn correctly if it is used as a stroke for
empty objectBoundingBox elements.

* svg/custom/pattern-units-fill-stroke-expected.svg: Added.
* svg/custom/pattern-units-fill-stroke.svg: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198574 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix a typo.
rniwa@webkit.org [Wed, 23 Mar 2016 02:30:57 +0000 (02:30 +0000)]
Fix a typo.

* config.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198573 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] correctly handle indexed properties in Object.getOwnPropertyDescriptors
commit-queue@webkit.org [Wed, 23 Mar 2016 02:12:17 +0000 (02:12 +0000)]
[JSC] correctly handle indexed properties in Object.getOwnPropertyDescriptors
https://bugs.webkit.org/show_bug.cgi?id=155563

Patch by Caitlin Potter <caitp@igalia.com> on 2016-03-22
Reviewed by Saam Barati.

* runtime/JSObject.h:
(JSC::JSObject::putOwnDataPropertyMayBeIndex):
* runtime/ObjectConstructor.cpp:
(JSC::objectConstructorGetOwnPropertyDescriptors):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198572 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agobmalloc: use a log scale for large-ish size classes
ggaren@apple.com [Wed, 23 Mar 2016 01:39:36 +0000 (01:39 +0000)]
bmalloc: use a log scale for large-ish size classes
https://bugs.webkit.org/show_bug.cgi?id=155770

Reviewed by Michael Saboff.

At larger sizes, precise allocation sizes don't save much memory -- and
they can cost memory when objects of distinct size classes can't
allocate together.

This is a small savings up to our current allocation limits, and it may
enable changing those limits in the long term.

* bmalloc/Algorithm.h:
(bmalloc::log2): We use this to compute large-ish size classes.

* bmalloc/Allocator.cpp:
(bmalloc::Allocator::Allocator): Iterate by size class instead of by
object size so we can change object size limits without breaking stuff.

(bmalloc::Allocator::scavenge): Ditto.

(bmalloc::Allocator::allocateLogSizeClass): New helper function for
allocating based on log size classes.

(bmalloc::Allocator::allocateSlowCase): Account for extra size class
possibilities.

* bmalloc/Allocator.h:
(bmalloc::Allocator::allocateFastCase): We only handle up to 512b on
the fastest fast path now.

* bmalloc/BumpAllocator.h:
(bmalloc::BumpAllocator::validate): Deleted. I noticed that this function
had been refactored not to do anything anymore.

* bmalloc/Heap.cpp:
(bmalloc::Heap::initializeLineMetadata): Iterate by size class. (See
Allocator::Allocator.)

* bmalloc/Heap.h: Use the sizeClassCount constant instead of hard coding
things.

* bmalloc/Sizes.h:
(bmalloc::Sizes::maskSizeClass):
(bmalloc::Sizes::maskObjectSize):
(bmalloc::Sizes::logSizeClass):
(bmalloc::Sizes::logObjectSize):
(bmalloc::Sizes::sizeClass):
(bmalloc::Sizes::objectSize): Separate size class calculation between
simple size classes that can be computed with a mask and are 8-byte-precise
and complex size classes that require more math and are less precise.

* bmalloc/SmallLine.h:
(bmalloc::SmallLine::ref):
* bmalloc/SmallPage.h:
(bmalloc::SmallPage::SmallPage):
(bmalloc::SmallPage::ref):
(bmalloc::SmallPage::deref): Cleaned up some ASSERTs that triggered
while working on this patch.

* bmalloc/Zone.cpp:
(bmalloc::statistics):
(bmalloc::zoneSize):
(bmalloc::Zone::Zone):
(bmalloc::size): Deleted. Renamed these symbols to work around an lldb
bug that makes it impossible to print out variables named 'size' -- which
can be a problem when working on malloc.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198571 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWe should FTL compile code when the debugger is enabled
sbarati@apple.com [Wed, 23 Mar 2016 01:38:49 +0000 (01:38 +0000)]
We should FTL compile code when the debugger is enabled
https://bugs.webkit.org/show_bug.cgi?id=155740

Reviewed by Oliver Hunt.

There was no fundamental reason why we didn't support debugging
with the FTL. It looks like this was just an oversight. We had
a Breakpoint node in the DFG that amounted to a nop. By removing
this node, we now support debugging in the FTL. Anytime a breakpoint
is set, we will jettison any DFG/FTL CodeBlocks that contain the breakpoint
that was set.

* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198570 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUse references instead of pointers for absolute positioning code
mmaxfield@apple.com [Wed, 23 Mar 2016 00:58:34 +0000 (00:58 +0000)]
Use references instead of pointers for absolute positioning code
https://bugs.webkit.org/show_bug.cgi?id=155775

Reviewed by Simon Fraser.

There are many pointers which will never be null in this code. This patch
migrates them to use references.

No new tests because there is no behavior change.

* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::layoutBlockChild):
(WebCore::RenderBlockFlow::marginBeforeEstimateForChild):
(WebCore::RenderBlockFlow::insertFloatingObject):
* rendering/RenderBox.cpp:
(WebCore::RenderBox::constrainLogicalWidthInRegionByMinMax):
(WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats):
(WebCore::RenderBox::computeLogicalWidthInRegion):
(WebCore::RenderBox::computeLogicalWidthInRegionUsing):
(WebCore::RenderBox::computeInlineDirectionMargins):
(WebCore::RenderBox::renderBoxRegionInfo):
(WebCore::RenderBox::computeLogicalHeight):
(WebCore::RenderBox::skipContainingBlockForPercentHeightCalculation):
(WebCore::RenderBox::computePercentageLogicalHeight):
(WebCore::RenderBox::computeReplacedLogicalWidthUsing):
(WebCore::RenderBox::computeReplacedLogicalHeightUsing):
(WebCore::RenderBox::availableLogicalHeightUsing):
(WebCore::RenderBox::computeBlockDirectionMargins):
(WebCore::RenderBox::computeAndSetBlockDirectionMargins):
(WebCore::RenderBox::containingBlockLogicalWidthForPositioned):
(WebCore::RenderBox::containingBlockLogicalHeightForPositioned):
(WebCore::computeInlineStaticDistance):
(WebCore::RenderBox::computePositionedLogicalWidth):
(WebCore::computeLogicalLeftPositionedOffset):
(WebCore::RenderBox::computePositionedLogicalWidthUsing):
(WebCore::computeBlockStaticDistance):
(WebCore::RenderBox::computePositionedLogicalHeight):
(WebCore::computeLogicalTopPositionedOffset):
(WebCore::RenderBox::computePositionedLogicalHeightUsing):
(WebCore::RenderBox::computePositionedLogicalWidthReplaced):
(WebCore::RenderBox::computePositionedLogicalHeightReplaced):
(WebCore::percentageLogicalHeightIsResolvable):
(WebCore::RenderBox::percentageLogicalHeightIsResolvableFromBlock):
(WebCore::RenderBox::hasDefiniteLogicalHeight):
(WebCore::RenderBox::hasUnsplittableScrollingOverflow):
* rendering/RenderBox.h:
* rendering/RenderDeprecatedFlexibleBox.cpp:
(WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
(WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
* rendering/RenderFlexibleBox.cpp:
(WebCore::RenderFlexibleBox::computeMainAxisExtentForChild):
(WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
* rendering/RenderGrid.cpp:
(WebCore::RenderGrid::minSizeForChild):
(WebCore::RenderGrid::computeMarginLogicalHeightForChild):
* rendering/RenderTable.cpp:
(WebCore::RenderTable::updateLogicalWidth):
* rendering/RenderTableRow.cpp:
(WebCore::RenderTableRow::layout):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198568 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd Download Attribute to the Feature Status page
jond@apple.com [Wed, 23 Mar 2016 00:49:30 +0000 (00:49 +0000)]
Add Download Attribute to the Feature Status page
https://bugs.webkit.org/show_bug.cgi?id=155772

Reviewed by Timothy Hatcher.

* features.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198567 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCachedResource::MediaResource types shouldn't be blocked due to mixed-content.
jer.noble@apple.com [Wed, 23 Mar 2016 00:47:41 +0000 (00:47 +0000)]
CachedResource::MediaResource types shouldn't be blocked due to mixed-content.
https://bugs.webkit.org/show_bug.cgi?id=155588
<rdar://problem/25177795>

Reviewed by Brent Fulgham.

Follow-up to address crashes caused by r198549. Rather than destroy MediaResourceLoader on a background thread,
migrate the Ref to the main thread before releasing.

* platform/graphics/PlatformMediaResourceLoader.h:
* platform/network/cocoa/WebCoreNSURLSession.mm:
(-[WebCoreNSURLSession dealloc]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198566 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION(r197543): Use-after-free on storage/indexeddb/transaction-abort-private...
keith_miller@apple.com [Wed, 23 Mar 2016 00:19:47 +0000 (00:19 +0000)]
REGRESSION(r197543): Use-after-free on storage/indexeddb/transaction-abort-private.html
https://bugs.webkit.org/show_bug.cgi?id=155067

Reviewed by Filip Pizlo.

GCIncommingRefCountedSets need to be finalized before we start
destructing members of the Heap object. Previously, we would
clear all our ArrayBuffer objects when the GCIncommingRefCountedSet
holding them was destroyed. However, ArrayBuffers have a weak
reference to their wrappers. When we would attempt to destroy the
ArrayBuffer object we would end up accessing the WeakImpl for
the weak reference, which had already been freed as we destroyed
our weak block. The solution to this is to move the old
GCIncommingRefCountedSet destructor functionality to a new
function lastChanceToFinalize. This function is called when
we finalize our other objects on Heap destruction.

* heap/GCIncomingRefCountedSet.h:
* heap/GCIncomingRefCountedSetInlines.h:
(JSC::GCIncomingRefCountedSet<T>::lastChanceToFinalize):
(JSC::GCIncomingRefCountedSet<T>::~GCIncomingRefCountedSet): Deleted.
* heap/Heap.cpp:
(JSC::Heap::lastChanceToFinalize):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198565 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoPost-review test update after r198560
mmaxfield@apple.com [Wed, 23 Mar 2016 00:12:23 +0000 (00:12 +0000)]
Post-review test update after r198560
https://bugs.webkit.org/show_bug.cgi?id=155533

Unreviewed.

* fast/scrolling/rtl-scrollbars-positioning-expected.html:
* fast/scrolling/rtl-scrollbars-positioning.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198564 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: REGRESSION: Switching Timelines via Path Component does not work
commit-queue@webkit.org [Tue, 22 Mar 2016 23:47:12 +0000 (23:47 +0000)]
Web Inspector: REGRESSION: Switching Timelines via Path Component does not work
https://bugs.webkit.org/show_bug.cgi?id=155767
<rdar://problem/25298945>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-03-22
Reviewed by Timothy Hatcher.

* UserInterface/Views/TimelineRecordingContentView.js:
(WebInspector.TimelineRecordingContentView.prototype._timelinePathComponentSelected):
(WebInspector.TimelineRecordingContentView.prototype._instrumentAdded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198563 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix HTTPS on Mac using NSURLSession after r198457
achristensen@apple.com [Tue, 22 Mar 2016 23:33:30 +0000 (23:33 +0000)]
Fix HTTPS on Mac using NSURLSession after r198457
https://bugs.webkit.org/show_bug.cgi?id=155774
<rdar://problem/25301027>

Reviewed by Anders Carlsson.

* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(WebKit::NetworkSession::NetworkSession):
r198457 was intended to fix an issue on iOS and have no change in behavior on Mac.
It did have a subtle change in behavior, setting the source application bundle identifier
on iOS and was causing problems with HTTPS connections using NSURLSession, so this patch
reverts that change.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198562 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRestrict WebSockets header parsing according to RFC6455 and RFC7230. Based on Lamarqu...
commit-queue@webkit.org [Tue, 22 Mar 2016 22:27:25 +0000 (22:27 +0000)]
Restrict WebSockets header parsing according to RFC6455 and RFC7230. Based on Lamarque V. Souza's original patch.
https://bugs.webkit.org/show_bug.cgi?id=82714

Patch by John Wilander <wilander@apple.com> on 2016-03-22
Reviewed by Brent Fulgham.

Source/WebCore:

Tests: http/tests/websocket/tests/hybi/error-event-ready-state-non-existent-url-with-server-responding-404.html
       http/tests/websocket/tests/hybi/handshake-fail-by-invalid-http-version.html
       http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-accept.html
       http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-extensions.html
       http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-protocol.html
       http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-status-line.html
       http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status.html
       http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1.html

* Modules/websockets/WebSocketHandshake.cpp:
(WebCore::WebSocketHandshake::httpURLForAuthenticationAndCookies):
(WebCore::headerHasValidHTTPVersion):
    - Check for HTTP version 1.1 and above.
(WebCore::WebSocketHandshake::readStatusLine):
    - Only allow ASCII characters in status line.
    - Only allow HTTP version 1.1 and above in status line.
(WebCore::WebSocketHandshake::readHTTPHeaders):
    - Only allow ASCII characters in values for new HTTP headers.

LayoutTests:

* http/tests/websocket/tests/hybi/error-event-ready-state-expected.txt: Removed.
    - See comment below on the associated HTML file.
* http/tests/websocket/tests/hybi/error-event-ready-state-non-existent-url-with-server-responding-404-expected.txt: Added.
* http/tests/websocket/tests/hybi/error-event-ready-state-non-existent-url-with-server-responding-404.html: Added.
    - Uses PHP to respond with an HTTP 1.1 404. The old (now removed) test case failed once we restricted WebSockets to HTTP 1.1 and above because the test server responded with an HTTP 1.0 404 for non-existing files.
* http/tests/websocket/tests/hybi/error-event-ready-state.html: Removed.
    - This test case was renamed "error-event-ready-state-non-existent-url-with-server-responding-404" to make it clear it now relies on a server responding with HTTP 1.1 404.
* http/tests/websocket/tests/hybi/handshake-fail-by-invalid-http-version-expected.txt: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-invalid-http-version.html: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-invalid-http-version_wsh.py: Added.
(web_socket_do_extra_handshake):
(web_socket_transfer_data):
    - Test case for lower than HTTP 1.1 versions.
* http/tests/websocket/tests/hybi/handshake-fail-by-more-accept-header-expected.txt:
* http/tests/websocket/tests/hybi/handshake-fail-by-more-extensions-header-expected.txt:
* http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header-expected.txt:
    - Updated to pass with lowercase 'must not' in the failure reason.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-accept-expected.txt: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-accept.html: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-accept_wsh.py: Added.
(web_socket_do_extra_handshake):
(web_socket_transfer_data):
    - Test case for non-ASCII characters in new HTTP header Sec-WebSocket-Accept.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-extensions-expected.txt: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-extensions.html: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-extensions_wsh.py: Added.
(web_socket_do_extra_handshake):
(web_socket_transfer_data):
    - Test case for non-ASCII characters in new HTTP header Sec-WebSocket-Extensions.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-protocol-expected.txt: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-protocol.html: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-header-value-sec-websocket-protocol_wsh.py: Added.
(web_socket_do_extra_handshake):
(web_socket_transfer_data):
    - Test case for non-ASCII characters in new HTTP header Sec-WebSocket-Protocol.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-status-line-expected.txt: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-status-line.html: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-non-ascii-status-line_wsh.py: Added.
(web_socket_do_extra_handshake):
(web_socket_transfer_data):
    - Test case for non-ASCII characters in HTTP status line.
* http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status-expected.txt: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status.html: Added.
* http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status_wsh.py: Added.
(web_socket_do_extra_handshake):
(web_socket_transfer_data):
    - Test case for null character in the middle of the HTTP status line.
* http/tests/websocket/tests/hybi/handshake-fail-by-prepended-null_wsh.py:
(web_socket_do_extra_handshake):
(web_socket_transfer_data):
    - This test case was changed to prepend a null character to the actual status line. Previously it used a WebSockets frame with a prepended null before the status line. The Python WebSockets lib uses non-ASCII characters in that frame which meant the test case hit the non-ASCII check before the null check. It was confusing to me that the description and intent of the test was to run with a null in the status line, not in a frame before the status line. I believe the changed test case better reflects the intention of the test.
* http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
* http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1.html: Added.
* http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1_wsh.py: Added.
(web_socket_do_extra_handshake):
(web_socket_transfer_data):
    - Test case for HTTP versions higher than 1.1.
* http/tests/websocket/tests/hybi/resources/status-404-without-body.php: Added.
    - To use with the error-event-ready-state-non-existent-url-with-server-responding-404.html test described above.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198561 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[RTL Scrollbars] Position: absolute divs are covered by vertical scrollbar
mmaxfield@apple.com [Tue, 22 Mar 2016 22:15:45 +0000 (22:15 +0000)]
[RTL Scrollbars] Position: absolute divs are covered by vertical scrollbar
https://bugs.webkit.org/show_bug.cgi?id=155533

Reviewed by Darin Adler.

Source/WebCore:

This patch changes the behavior of position: absolute elements when their
containing block has overflow: scroll in RTL scrollbar mode. Previously, we
were only adjusting the overflow calculation for such elements (but not
their position calculation). This patch updates the position calculation,
which automatically makes the overflow calculation work propertly, so the
old calculation is no longer necessary.

This patch also updates iframes to appropriately move their dirty rects
and their painting CTM by the scrollbar width when traversing frame
boundaries. This fixes all our existing RTL scrollbar RTL tests.

The RTL scrollbar tests are only marked as passing on certain OSes, so these
tests are transitioning from failing to passing in that other repository.

Test: fast/scrolling/rtl-scrollbars-positioning.html
      fast/scrolling/rtl-scrollbars-overflow-elementFromPoint.html
      fast/scrolling/rtl-scrollbars-overflow-position-absolute.html
      fast/scrolling/rtl-scrollbars-iframe-offset.html
      fast/scrolling/rtl-scrollbars-iframe-position-absolute.html
      fast/scrolling/rtl-scrollbars-iframe-scrolled.html
      fast/scrolling/rtl-scrollbars-iframe.html

* platform/ScrollView.cpp:
(WebCore::ScrollView::paint):
(WebCore::ScrollView::locationOfContents):
* platform/ScrollView.h:
* platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayerCA::repaintLayerDirtyRects):
* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::addOverflowFromPositionedObjects):
* rendering/RenderBox.cpp:
(WebCore::RenderBox::computePositionedLogicalWidth):
* rendering/RenderView.cpp:
(WebCore::RenderView::repaintViewRectangle):

LayoutTests:

* TestExpectations:
* fast/scrolling/rtl-scrollbars-positioning-expected.html: Added.
* fast/scrolling/rtl-scrollbars-positioning.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198560 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Win] [64-bit] Remove MSVC 2013 FMA3 Bug Workaround
peavo@outlook.com [Tue, 22 Mar 2016 22:14:38 +0000 (22:14 +0000)]
[Win] [64-bit] Remove MSVC 2013 FMA3 Bug Workaround
https://bugs.webkit.org/show_bug.cgi?id=141499

Reviewed by Brent Fulgham.

As we have moved on to VS2015, this workaround is no longer needed.

Source/JavaScriptCore:

* API/tests/testapi.c:
(main):
* JavaScriptCore.vcxproj/jsc/DLLLauncherMain.cpp:
(wWinMain):
* jsc.cpp:
(main):
* testRegExp.cpp:
(main):

Source/WebKit/win:

* WebKitDLL.cpp:
(DllMain):

Source/WTF:

* wtf/PlatformWin.cmake:
* wtf/win/WTFDLL.cpp: Removed.

Tools:

* DumpRenderTree/cg/ImageDiffCG.cpp:
(main):
* DumpRenderTree/win/DumpRenderTree.cpp:
(main):
* DumpRenderTree/win/ImageDiffCairo.cpp:
(main):
* MiniBrowser/win/Common.cpp:
(DllMain):
* TestWebKitAPI/win/main.cpp:
(main):
* win/DLLLauncher/DLLLauncherMain.cpp:
(wWinMain):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198559 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMarking inspector/console/console-api.html as flaky on Mac
ryanhaddad@apple.com [Tue, 22 Mar 2016 22:13:29 +0000 (22:13 +0000)]
Marking inspector/console/console-api.html as flaky on Mac
https://bugs.webkit.org/show_bug.cgi?id=143719

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198558 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAllow the use of custom styles and scripts for blog posts
jond@apple.com [Tue, 22 Mar 2016 22:05:27 +0000 (22:05 +0000)]
Allow the use of custom styles and scripts for blog posts
https://bugs.webkit.org/show_bug.cgi?id=155768

Reviewed by Timothy Hatcher.

* wp-content/themes/webkit/functions.php:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198557 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFixing a typo in the Mac TestExpectations file.
ryanhaddad@apple.com [Tue, 22 Mar 2016 21:49:45 +0000 (21:49 +0000)]
Fixing a typo in the Mac TestExpectations file.

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198556 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Consider Automation script names as internal and hide them
timothy@apple.com [Tue, 22 Mar 2016 21:44:19 +0000 (21:44 +0000)]
Web Inspector: Consider Automation script names as internal and hide them

https://bugs.webkit.org/show_bug.cgi?id=155753
rdar://problem/25293310

Reviewed by Joseph Pecoraro.

* UserInterface/Base/Utilities.js:
(isWebKitInternalScript): Renamed from isWebInspectorDebugScript.
Check for "__Web" prefix and "__" suffix.

* UserInterface/Controllers/DebuggerManager.js:
(WebInspector.DebuggerManager):
(WebInspector.DebuggerManager.prototype.get knownNonResourceScripts):
(WebInspector.DebuggerManager.prototype.reset):
(WebInspector.DebuggerManager.prototype.debuggerDidPause):
(WebInspector.DebuggerManager.prototype.scriptDidParse):
(WebInspector.DebuggerManager.prototype._debugUIEnabledDidChange):
Renamed _inspectorDebugScripts to _internalWebKitScripts. And renamed
isWebInspectorDebugScript to isWebKitInternalScript.

* UserInterface/Protocol/RemoteObject.js:
(WebInspector.RemoteObject.prototype.findFunctionSourceCodeLocation):
Renamed isWebInspectorDebugScript to isWebKitInternalScript.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198555 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ES6] Implement RegExp.prototype[@@match]
msaboff@apple.com [Tue, 22 Mar 2016 21:42:06 +0000 (21:42 +0000)]
[ES6] Implement RegExp.prototype[@@match]
https://bugs.webkit.org/show_bug.cgi?id=155711

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

Implemented ES6 spec for String.prototype.match and RegExp.prototype[@@match].
Implemented both as builtins, with String.prototype.match calling
RegExp.prototype[@@match].

For performance reasons, RegExp.prototype[@@match] has a C++ fast path when
RegExp.prototype.exec has not been overridden.  This fast path,
RegExpObject::matchGlobal, was taken from the prior StringPrototype::match.
It only handles global matches.

Added new test, stress/regexp-match.js.

Updated various tests for changes exception string and now passing ES6 behavior.

* CMakeLists.txt:
* DerivedSources.make:
* JavaScriptCore.xcodeproj/project.pbxproj:
Added builtins/RegExpPrototype.js and eliminated RegExpPrototype.lut.h.

* builtins/RegExpPrototype.js: Added.
(match.advanceStringIndexUnicode): Helper.
(match): Implements RegExp.prototype[@@match].
* builtins/StringPrototype.js:
(match): Implements String.prototype.match.

* bytecode/BytecodeIntrinsicRegistry.cpp:
(JSC::BytecodeIntrinsicRegistry::BytecodeIntrinsicRegistry):
(JSC::BytecodeIntrinsicRegistry::lookup):
* bytecode/BytecodeIntrinsicRegistry.h:
* runtime/CommonIdentifiers.h:
Added Symbol.match and builtins @match and @exec.

* runtime/RegExpObject.cpp:
* runtime/RegExpObject.h:
* runtime/RegExpObjectInlines.h:
(JSC::RegExpObject::matchGlobal): Added.
(JSC::RegExpObject::advanceStringUnicode): Added helper.

* runtime/RegExpPrototype.cpp:
* runtime/RegExpPrototype.h:
(JSC::RegExpPrototype::RegExpPrototype):
(JSC::RegExpPrototype::finishCreation):
(JSC::RegExpPrototype::visitChildren):
(JSC::regExpProtoFuncMatchPrivate):
(JSC::RegExpPrototype::getOwnPropertySlot): Deleted.
(JSC::RegExpPrototype::create):
Restructured to create properties explicitly due to having two names for native regExpProtoFuncExec.

* runtime/StringPrototype.cpp:
(JSC::StringPrototype::finishCreation):
Made match a builtin.
Removed unused declaration of stringProtoFuncSearch() since it was made a builtin.

* tests/es6.yaml:
* tests/stress/regexp-match.js: Added.
(shouldBe):
(shouldThrow):
(errorKey.toString):
(primitive.of.primitives.shouldThrow):
(testRegExpMatch):
(testMatch):
(testBoth):
(alwaysUnmatch):

LayoutTests:

Updated tests for exception string changes and added Symbol.match.

* js/Object-getOwnPropertyNames-expected.txt:
* js/dom/string-prototype-properties-expected.txt:
* js/script-tests/Object-getOwnPropertyNames.js:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.10_String.prototype.match/S15.5.4.10_A1_T3-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198554 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoNon-const DocumentRuleSets::features() does not check default style version
antti@apple.com [Tue, 22 Mar 2016 21:31:16 +0000 (21:31 +0000)]
Non-const DocumentRuleSets::features() does not check default style version
https://bugs.webkit.org/show_bug.cgi?id=155766

Reviewed by Andreas Kling.

This may leave it out of date when the default stylesheet expands.

No test, don't know how to hit this with current codebase. With some further optimizations
it starts affecting some tests involving UA media control stylesheets.

* css/DocumentRuleSets.h:
(WebCore::DocumentRuleSets::mutableFeatures):

    Check the default style version number in non-const case too.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198553 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: REGRESSION: Shift + Click on record button should create a new recording
commit-queue@webkit.org [Tue, 22 Mar 2016 21:28:43 +0000 (21:28 +0000)]
Web Inspector: REGRESSION: Shift + Click on record button should create a new recording
https://bugs.webkit.org/show_bug.cgi?id=155763

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-03-22
Reviewed by Timothy Hatcher.

* UserInterface/Views/TimelineTabContentView.js:
(WebInspector.TimelineTabContentView.prototype._recordButtonClicked):
Use the shiftKey from the DOM Event.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198552 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCSP: Should only execute <script> or apply <style> if its hash appears in all policies
dbates@webkit.org [Tue, 22 Mar 2016 21:27:07 +0000 (21:27 +0000)]
CSP: Should only execute <script> or apply <style> if its hash appears in all policies
https://bugs.webkit.org/show_bug.cgi?id=155709
<rdar://problem/25263368>

Reviewed by Darin Adler.

Source/WebCore:

Fixes an issue where a <script>/<style> was allowed to execute/be applied if its hash is listed
in at least one Content Security Policy (CSP) delivered with the page. We should only execute/apply
such a script/stylesheet if its hash is listed in all CSPs delivered with the page.

Tests: http/tests/security/contentSecurityPolicy/1.1/scripthash-multiple-policies.html
       http/tests/security/contentSecurityPolicy/1.1/stylehash-multiple-policies.html

* page/csp/ContentSecurityPolicy.cpp:
(WebCore::isAllowedByAllWithHash): Added. Checks if the specified hash is allowed by all policies.
(WebCore::isAllowedByAllWithHashFromContent): Modified to call WebCore::isAllowedByAllWithHash()
to determine if the <script>/<style> is allowed by all CSPs delivered with the page.

LayoutTests:

Add tests to ensure that we only execute/apply a <script>/<style> if its hash is listed in all CSPs
delivered with the page.

* TestExpectations: Mark added tests as PASS so that we run them.
* http/tests/security/contentSecurityPolicy/1.1/scripthash-multiple-policies-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/1.1/scripthash-multiple-policies.html: Added.
* http/tests/security/contentSecurityPolicy/1.1/stylehash-multiple-policies-expected.html: Added.
* http/tests/security/contentSecurityPolicy/1.1/stylehash-multiple-policies.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198551 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Switching Away and Back to Timelines Tab may select a different Timeline
commit-queue@webkit.org [Tue, 22 Mar 2016 21:15:37 +0000 (21:15 +0000)]
Web Inspector: Switching Away and Back to Timelines Tab may select a different Timeline
https://bugs.webkit.org/show_bug.cgi?id=155742
<rdar://problem/25284330>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-03-22
Reviewed by Timothy Hatcher.

When switching to the Timeline tab, or switching recordings within the
the Timeline tab, the TimelineTabContentView does work to correctly
save/restore its view state.

When switching to the Timeline tab, the TimelineTabContentView correctly
restores the state of the tab, but when showing the RecordingContentView
the RecordingContentView restores its state from a stale cookie.

Since TimelineTabContentView already seems to handle correctly restoring
RecordingContentViews on its own. Removing the RecordingContentView's
implementation of save/restore made everything work as expected.

* UserInterface/Views/TimelineRecordingContentView.js:
(WebInspector.TimelineRecordingContentView.prototype.saveToCookie): Deleted.
(WebInspector.TimelineRecordingContentView.prototype.restoreFromCookie): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198550 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCRASH in WebCore::MediaResourceLoader::requestResource + 698
jer.noble@apple.com [Tue, 22 Mar 2016 20:56:38 +0000 (20:56 +0000)]
CRASH in WebCore::MediaResourceLoader::requestResource + 698
https://bugs.webkit.org/show_bug.cgi?id=155651
<rdar://problem/25130582>

Reviewed by Eric Carlson.

No new tests, fixes existing tests running under GuardMalloc.

Protect against the Document passed into MediaResourceLoader being destroyed during the MediaResourceLoader's lifetime.

* loader/MediaResourceLoader.cpp:
(WebCore::MediaResourceLoader::MediaResourceLoader):
(WebCore::MediaResourceLoader::contextDestroyed):
(WebCore::MediaResourceLoader::requestResource):
(WebCore::MediaResource::responseReceived):
* loader/MediaResourceLoader.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198549 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: remove the remaining TimelineSidebarPanel references
mattbaker@apple.com [Tue, 22 Mar 2016 20:29:40 +0000 (20:29 +0000)]
Web Inspector: remove the remaining TimelineSidebarPanel references
https://bugs.webkit.org/show_bug.cgi?id=155765
<rdar://problem/25296980>

Reviewed by Timothy Hatcher.

Remove dead code from TimelineView and TimelineTabContentView.

* UserInterface/Views/OverviewTimelineView.js:
(WebInspector.OverviewTimelineView.prototype.canShowContentViewForTreeElement): Deleted.
(WebInspector.OverviewTimelineView.prototype.showContentViewForTreeElement): Deleted.

* UserInterface/Views/RenderingFrameTimelineView.js:
(WebInspector.RenderingFrameTimelineView.prototype.canShowContentViewForTreeElement): Deleted.
(WebInspector.RenderingFrameTimelineView.prototype.showContentViewForTreeElement): Deleted.

* UserInterface/Views/ScriptDetailsTimelineView.js:
(WebInspector.ScriptDetailsTimelineView.prototype.canShowContentViewForTreeElement): Deleted.
(WebInspector.ScriptDetailsTimelineView.prototype.showContentViewForTreeElement): Deleted.

* UserInterface/Views/TimelineTabContentView.js:
(WebInspector.TimelineTabContentView):

* UserInterface/Views/TimelineView.js:
(WebInspector.TimelineView.prototype.canShowContentViewForTreeElement): Deleted.
(WebInspector.TimelineView.prototype.showContentViewForTreeElement): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198548 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdvanced spell checking should be guarded behind
bdakin@apple.com [Tue, 22 Mar 2016 20:21:28 +0000 (20:21 +0000)]
Advanced spell checking should be guarded behind
HAVE(ADVANCED_SPELL_CHECKING)
https://bugs.webkit.org/show_bug.cgi?id=155738

Reviewed by Geoff Garen.

Source/WebCore:

* config.h:
(WebCore::ScrollableArea::systemLanguageIsRTL):
* platform/spi/mac/NSSpellCheckerSPI.h:

Source/WebKit/mac:

* WebCoreSupport/WebEditorClient.mm:
(insertionPointFromCurrentSelection):
(WebEditorClient::checkTextOfParagraph):
(WebEditorClient::getGuessesForWord):
(WebEditorClient::requestCandidatesForSelection):
(WebEditorClient::handleRequestedCandidates):
(WebEditorClient::requestCheckingOfString):
* WebKitPrefix.h:
* WebView/WebHTMLView.mm:
(-[WebHTMLView insertText:]):

Source/WebKit2:

* UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::requestCandidatesForSelectionIfNeeded):
(WebKit::WebViewImpl::handleRequestedCandidates):
(WebKit::WebViewImpl::insertText):
* UIProcess/mac/TextCheckerMac.mm:
(WebKit::TextChecker::checkTextOfParagraph):
(WebKit::TextChecker::getGuessesForWord):
* config.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198547 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMallocBench: consolidate regression testing for aligned allocation
ggaren@apple.com [Tue, 22 Mar 2016 19:39:38 +0000 (19:39 +0000)]
MallocBench: consolidate regression testing for aligned allocation
https://bugs.webkit.org/show_bug.cgi?id=155762

Reviewed by Michael Saboff.

* MallocBench/MallocBench.xcodeproj/project.pbxproj:
* MallocBench/MallocBench/Benchmark.cpp:
* MallocBench/MallocBench/memalign.cpp: Removed.
* MallocBench/MallocBench/memalign.h: Removed. The stress_aligned test
covers this and much more.

* MallocBench/MallocBench/stress_aligned.cpp:
(benchmark_stress_aligned): Include specific tests for extreme sizes
and alignments.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198546 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agobmalloc: shrink largeMax
ggaren@apple.com [Tue, 22 Mar 2016 19:39:12 +0000 (19:39 +0000)]
bmalloc: shrink largeMax
https://bugs.webkit.org/show_bug.cgi?id=155759

Reviewed by Michael Saboff.

If a largeChunk contains N bytes and we allocate objects of size
N / 2 + 8 bytes, then we waste 50% of physical memory at peak.

This patch sets largeMax to N / 2, reducing maximum waste to 25%.

* bmalloc/BoundaryTag.h:
* bmalloc/LargeChunk.h:
(bmalloc::LargeChunk::LargeChunk):
* bmalloc/SegregatedFreeList.cpp:
(bmalloc::SegregatedFreeList::SegregatedFreeList):
(bmalloc::SegregatedFreeList::insert): Honor largeMax vs largeObjectMax.

* bmalloc/Sizes.h: Distinguish between the largest thing we can store
in a free list (largeObjectMax) and the largest thing we're willing to
allocate (largeMax).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198545 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd a setting to let the client toggle support for network cache speculative validation
cdumez@apple.com [Tue, 22 Mar 2016 19:21:53 +0000 (19:21 +0000)]
Add a setting to let the client toggle support for network cache speculative validation
https://bugs.webkit.org/show_bug.cgi?id=155622
<rdar://problem/25233209>

Reviewed by Antti Koivisto.

Copy new m_diskCacheSpeculativeValidationEnabled member introduced
in r198470 in ProcessPoolConfiguration::copy().

* UIProcess/API/APIProcessPoolConfiguration.cpp:
(API::ProcessPoolConfiguration::copy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198544 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAX: Change "dialog" role description to "web dialog" so users can distinguish from...
n_wang@apple.com [Tue, 22 Mar 2016 19:17:37 +0000 (19:17 +0000)]
AX: Change "dialog" role description to "web dialog" so users can distinguish from native alerts
https://bugs.webkit.org/show_bug.cgi?id=154292

Reviewed by Chris Fleizach.

Source/WebCore:

Changed role descriptions for "dialog" and "alert dialog" roles as required.

No new tests needed.

* English.lproj/Localizable.strings:

LayoutTests:

* platform/mac-mavericks/accessibility/roles-exposed-expected.txt:
* platform/mac/accessibility/roles-exposed-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198543 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd null check in CachedResourceLoader::determineRevalidationPolicy
commit-queue@webkit.org [Tue, 22 Mar 2016 19:12:32 +0000 (19:12 +0000)]
Add null check in CachedResourceLoader::determineRevalidationPolicy
https://bugs.webkit.org/show_bug.cgi?id=155758
rdar://problem/25108408

Patch by Alex Christensen <achristensen@webkit.org> on 2016-03-22
Reviewed by Jer Noble.

* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::frame):
(WebCore::CachedResourceLoader::determineRevalidationPolicy):
Null-check frame() before dereferencing it.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198542 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCSP: Check inline event handlers on each run, not only the first
dbates@webkit.org [Tue, 22 Mar 2016 19:08:43 +0000 (19:08 +0000)]
CSP: Check inline event handlers on each run, not only the first
https://bugs.webkit.org/show_bug.cgi?id=115700
<rdar://problem/24211159>

Reviewed by Andy Estes.

Source/WebCore:

Fixes an issue where an inline event handler would always be allowed to execute if it
executed at least once.

Currently we query whether the Content Security Policy (CSP) of the page permits inline event
handlers each time we register a new handler for an event. And a handler is registered exactly
once the first time the event associated with it is dispatched. Once a handler is registered
as a listener for an event E then we will always invoke the handler when event E is dispatched
regardless of whether the CSP of the page changes (say, as a result of programmatically inserting
a <meta http-equiv="Content-Security-Policy">). Instead we should always check the
CSP of the page whenever we are going to invoke an event handler.

* bindings/js/JSEventListener.cpp:
(WebCore::JSEventListener::handleEvent): Check the CSP of the page and bail out if the
policy does not permit execution of an inline event handler.
* bindings/js/JSEventListener.h:
(WebCore::JSEventListener::sourceURL): Added. Default implementation that returns an empty string.
(WebCore::JSEventListener::sourcePosition): Added. Default implementation that returns a default position.
* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::JSLazyEventListener): Update code following instance variable
renaming in JSLazyEventListener.h.
(WebCore::JSLazyEventListener::initializeJSFunction): Ditto.
* bindings/js/JSLazyEventListener.h: Override JSEventListener::sourceURL() and JSEventListener::sourcePosition().
Changed all mutable instance variables to immutable ones as we do not modify these variables
in any const member functions. Also renamed instance variable m_position to m_sourcePosition
to better describe that it represents the source code position where the event handler was defined.

LayoutTests:

Update expected result for test http/tests/security/contentSecurityPolicy/inline-event-handler-blocked-after-injecting-meta.html
and remove its entry from file LayoutTests/TestExpectations now that it passes.

* TestExpectations:
* http/tests/security/contentSecurityPolicy/inline-event-handler-blocked-after-injecting-meta-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198541 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSkipping media/media-document-audio-repaint.html on El Capitan Debug WK2
ryanhaddad@apple.com [Tue, 22 Mar 2016 18:28:53 +0000 (18:28 +0000)]
Skipping media/media-document-audio-repaint.html on El Capitan Debug WK2
https://bugs.webkit.org/show_bug.cgi?id=155757

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198540 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMedia elements allowed to play without a user gesture, but requiring fullscreen playb...
jer.noble@apple.com [Tue, 22 Mar 2016 18:03:59 +0000 (18:03 +0000)]
Media elements allowed to play without a user gesture, but requiring fullscreen playback, should not be allowed to autoplay.
https://bugs.webkit.org/show_bug.cgi?id=155599

Reviewed by Darin Adler.

Test: media/video-autoplay-allowed-but-fullscreen-required.html

Entering fullscreen should always require a user gesture.

* html/MediaElementSession.cpp:
(WebCore::MediaElementSession::playbackPermitted):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198538 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Timelines UI redesign: Provide a way to configure which instruments...
mattbaker@apple.com [Tue, 22 Mar 2016 17:59:51 +0000 (17:59 +0000)]
Web Inspector: Timelines UI redesign: Provide a way to configure which instruments to use
https://bugs.webkit.org/show_bug.cgi?id=153672
<rdar://problem/24417575>

Reviewed by Timothy Hatcher.

Adds UI for configuring a timeline recording's instrument list. TimelineManager
maintains the list of supported timeline types, and tracks the subset
of user-configured timelines which are used to create the instrument list
that is passed to new recordings.

* Localizations/en.lproj/localizedStrings.js:
New strings for "Edit" Timelines button.

* UserInterface/Controllers/TimelineManager.js:
(WebInspector.TimelineManager):
Added setting for user-configured (enabled) timeline types.
Initialized to the default timeline types.

(WebInspector.TimelineManager.defaultTimelineTypes):
(WebInspector.TimelineManager.availableTimelineTypes):
Get the list of all supported timeline types, which is a superset
of the list of default timeline types.

(WebInspector.TimelineManager.prototype.get enabledTimelineTypes):
(WebInspector.TimelineManager.prototype.set enabledTimelineTypes):
List of user-configured timeline types, backed by a Setting.
(WebInspector.TimelineManager.prototype._loadNewRecording):
Create new recordings with the current user-configured instrument list.
(WebInspector.TimelineManager.defaultInstruments): Deleted.
Renamed defaultTimelineTypes.

* UserInterface/Main.html:
New class, TimelineTreeElement.

* UserInterface/Models/Instrument.js:
(WebInspector.Instrument.createForTimelineType):
Factory method for creating Instruments.

* UserInterface/Models/TimelineRecording.js:
(WebInspector.TimelineRecording):
Replace fixed instrument list with TimelineManager's list.
(WebInspector.TimelineRecording.prototype.instrumentForTimeline):
Get the instrument in the recording for a given timeline.
(WebInspector.TimelineRecording.prototype.addInstrument):
(WebInspector.TimelineRecording.prototype.removeInstrument):
Drive-by syntax error fixes: Array.prototype.contains doesn't exist.

* UserInterface/Views/TimelineOverview.css:
(.timeline-overview > .navigation-bar.timelines):
(.navigation-bar.timelines .item.button.toggle-edit-instruments:not(.disabled):matches(:focus, .activate.activated, .radio.selected)):
(.navigation-bar.timelines .item.button.toggle-edit-instruments:not(.disabled):active:matches(:focus, .activate.activated, .radio.selected)):
(.navigation-bar.timelines .item.button.toggle-edit-instruments.disabled):
(.navigation-bar.timelines .toggle-edit-instruments:not(.disabled):active):
(.timeline-overview > .tree-outline.timelines):
(.timeline-overview.edit-instruments > .tree-outline.timelines):
(.timeline-overview.edit-instruments > .tree-outline.timelines .item.selected):
(.timeline-overview > .tree-outline.timelines input[type=checkbox].status-button):
(.timeline-overview.frames > :matches(.tree-outline.timelines, .navigation-bar.timelines)):
(.timeline-overview > .tree-outline.timelines::before): Deleted.
(.timeline-overview.frames > .tree-outline.timelines): Deleted.
Styles for the "Edit" navigation bar above the timelines tree outline,
and tree element styles for showing checkboxes and hiding the current
selection while in edit mode.

* UserInterface/Views/TimelineOverview.js:
(WebInspector.TimelineOverview):
Create "Edit" button and navigation bar and add event handlers for
capturing events, so that timeline editing can be closed and
disabled when capturing begins.

(WebInspector.TimelineOverview.prototype.set selectedTimeline):
Prevent timeline selection while in edit mode.
(WebInspector.TimelineOverview.prototype.get editingInstruments):
(WebInspector.TimelineOverview.prototype.set viewMode):
Prevent view mode change while in edit mode.

(WebInspector.TimelineOverview.prototype._instrumentAdded):
Create a TimelineTreeElement, and insert into the tree outline and graph
container in sorted order instead of appending timeline elements.

(WebInspector.TimelineOverview.prototype._toggleEditingInstruments):
Handler for Edit button click event.
(WebInspector.TimelineOverview.prototype._editingInstrumentsDidChange):
Update UI in response to editing mode change: toggle CSS, enable/disable
the timeline ruler and wheel/gesture events, and update Edit button appearance.

(WebInspector.TimelineOverview.prototype._updateEditInstrumentsButton):
Update label text and button state.
(WebInspector.TimelineOverview.prototype._updateWheelAndGestureHandlers):
Add/remove event handlers based on editing state.

(WebInspector.TimelineOverview.prototype._startEditingInstruments):
Enable edit mode UI. Placeholder elements are added for timelines that
aren't included in the recording, and all tree elements have checkboxes
for toggling their associated timelines.

(WebInspector.TimelineOverview.prototype._stopEditingInstruments):
Disable edit mode UI. Unchecked instruments are first removed from the
recording, then placeholder tree elements are removed, and their instruments
added, as needed. TimelineManager's list of user-configured timeline types
is then updated.

(WebInspector.TimelineOverview.prototype._capturingStarted):
(WebInspector.TimelineOverview.prototype._capturingStopped):
Enable/disable the Edit button. Quit editing mode when capturing starts.
(WebInspector.TimelineOverview.prototype._compareTimelineTreeElements):
Special sorting for the timelines tree outline. The sort order is:
    1. Instruments that are in the recording, except Rendering Frames.
    2. Instruments that aren't in the recording (placeholders).
    3. Rendering Frames.

Timelines in groups 1 & 2 are sorted based on the order of the list returned
by TimelineManager.availableTimelineTypes(). The Rendering Frames tree
element must be last, since it's always hidden and would otherwise interfere
with the alternating tree element CSS styles.

* UserInterface/Views/TimelineRecordingContentView.css:
(.content-view.timeline-recording.edit-instruments > .timeline-overview):
(.content-view.timeline-recording.edit-instruments > .content-browser):
Hide lower content browser and extend timelines tree height in edit mode.

* UserInterface/Views/TimelineRecordingContentView.js:
(WebInspector.TimelineRecordingContentView):
Listen for edit mode changes on TimelineOverview.
(WebInspector.TimelineRecordingContentView.prototype.contentBrowserTreeElementForRepresentedObject):
(WebInspector.TimelineRecordingContentView.prototype._updateTimelineOverviewHeight):
When in edit mode, remove inline style rule for TimelineOverview height.
(WebInspector.TimelineRecordingContentView.prototype._instrumentAdded):
(WebInspector.TimelineRecordingContentView.prototype._editingInstrumentsDidChange):
Update CSS and TimelineOverview height when edit mode changes.
(WebInspector.TimelineRecordingContentView.prototype.get timelineOverviewHeight): Deleted.
No longer used.

* UserInterface/Views/TimelineTabContentView.js:
(WebInspector.TimelineTabContentView.displayNameForTimelineType):
(WebInspector.TimelineTabContentView.iconClassNameForTimelineType):
(WebInspector.TimelineTabContentView.genericClassNameForTimelineType):
(WebInspector.TimelineTabContentView.displayNameForTimeline): Deleted.
(WebInspector.TimelineTabContentView.iconClassNameForTimeline): Deleted.
(WebInspector.TimelineTabContentView.genericClassNameForTimeline): Deleted.
Helper functions now take a timeline type instead of a timeline object.

* UserInterface/Views/TimelineTreeElement.js: Added.
New tree element class to encapsulate behavior specific to the timelines
tree outline, such as status element changes and disabling selection
when editing.

(WebInspector.TimelineTreeElement):
(WebInspector.TimelineTreeElement.prototype.get placeholder):
(WebInspector.TimelineTreeElement.prototype.get editing):
(WebInspector.TimelineTreeElement.prototype.set editing):
(WebInspector.TimelineTreeElement.prototype._showCloseButton):
(WebInspector.TimelineTreeElement.prototype._showCheckbox):
(WebInspector.TimelineTreeElement.prototype._updateStatusButton):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198537 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoVersioning.
bshafiei@apple.com [Tue, 22 Mar 2016 17:58:54 +0000 (17:58 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198536 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] ASMBench cannot be run without JSBENCH_PATH
utatane.tea@gmail.com [Tue, 22 Mar 2016 17:49:40 +0000 (17:49 +0000)]
[JSC] ASMBench cannot be run without JSBENCH_PATH
https://bugs.webkit.org/show_bug.cgi?id=155751

Reviewed by Saam Barati.

Check ASMBENCH_PATH instead of JSBENCH_PATH for ASMBench files.

* Scripts/run-jsc-benchmarks:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198534 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMarking perf/document-contains.html as flaky on ios-simulator-wk2
ryanhaddad@apple.com [Tue, 22 Mar 2016 17:30:23 +0000 (17:30 +0000)]
Marking perf/document-contains.html as flaky on ios-simulator-wk2
https://bugs.webkit.org/show_bug.cgi?id=155755

Unreviewed test gardening.

* platform/ios-simulator-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198533 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[GTK] WebInspector broken after r197620
commit-queue@webkit.org [Tue, 22 Mar 2016 17:26:03 +0000 (17:26 +0000)]
[GTK] WebInspector broken after r197620
https://bugs.webkit.org/show_bug.cgi?id=155497
<rdar://problem/25171910>

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-03-22
Reviewed by Philippe Normand.

Source/WebCore:

Add resource scheme to the list of secure protocols.

* platform/SchemeRegistry.cpp:
(WebCore::secureSchemes):

Source/WebKit2:

Stop registering resource:// URLs as local, because they are not
like a local file at all. Compare also the URL protocols when
checking whether requested URL is main or test inspector page
instead of checking that the protocol is registered as local.

* UIProcess/WebInspectorProxy.cpp:
(WebKit::isMainOrTestInspectorPage): Compare also the URL protocols.
* UIProcess/WebInspectorProxy.h:
* UIProcess/gtk/WebInspectorProxyGtk.cpp:
(WebKit::WebInspectorProxy::platformCreateInspectorPage): Do not
set setAllowFileAccessFromFileURLs setting to true.
* UIProcess/gtk/WebProcessPoolGtk.cpp:
(WebKit::WebProcessPool::platformInitializeWebProcess): Do not
register resource:// URLS as local.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198532 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] allow duplicate property names returned from Proxy ownKeys() trap
commit-queue@webkit.org [Tue, 22 Mar 2016 17:01:04 +0000 (17:01 +0000)]
[JSC] allow duplicate property names returned from Proxy ownKeys() trap
https://bugs.webkit.org/show_bug.cgi?id=155560

Patch by Caitlin Potter <caitp@igalia.com> on 2016-03-22
Reviewed by Darin Adler.

Specification allows duplicate property names to be reported by the
Proxy ownKeys() trap --- and this is observable in any API which
operates on the returned list, such as Object.keys(),
Object.getOwnPropertyNames(), Object.getOwnPropertySymbols(), or
Object.getOwnPropertyDescriptors().

* runtime/PropertyNameArray.h:
(JSC::PropertyNameArray::addUnchecked):
(JSC::PropertyNameArray::add):
(JSC::PropertyNameArray::addKnownUnique): Deleted.
* runtime/ProxyObject.cpp:
(JSC::ProxyObject::performGetOwnPropertyNames):
* runtime/Structure.cpp:
(JSC::Structure::getPropertyNamesFromStructure):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198531 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSource/WebCore:
bfulgham@apple.com [Tue, 22 Mar 2016 16:02:22 +0000 (16:02 +0000)]
Source/WebCore:
SharedBuffer::copy() can cause a segmentation fault.
https://bugs.webkit.org/show_bug.cgi?id=155739

Reviewed by Ryosuke Niwa.

Based on a Blink patch by Huang Dongsung <luxtella@company100.net>.
<https://src.chromium.org/viewvc/blink?revision=153850&view=revision>

After SharedBuffer::copy(), SharedBuffer::append() can cause segmentation fault,
because copy() calls clone->m_buffer.append(m_segments[i], segmentSize) even if
'i' is the last index. The data size of m_segments.last() is often less than
segmentSize. So, in the cloned instance m_size < (m_buffer.size() + SUM(m_segments[i].size())).
This patch appends the exact size of the last segment instead of segmentSize.

Tested by TestWebKitAPI SharedBufferTest::copy

* platform/SharedBuffer.cpp:
(SharedBuffer::copy):

Tools:
[Win] SharedBuffer::copy() can cause a segmentation fault.
https://bugs.webkit.org/show_bug.cgi?id=155739

Reviewed by Ryosuke Niwa.

* TestWebKitAPI/PlatformWin.cmake: Build and run the
SharedBuffer tests.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198530 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[buildbot] Move ARM Linux bots to JSCOnly port
ossy@webkit.org [Tue, 22 Mar 2016 15:29:15 +0000 (15:29 +0000)]
[buildbot] Move ARM Linux bots to JSCOnly port
https://bugs.webkit.org/show_bug.cgi?id=155655

Reviewed by Lucas Forschler.

* BuildSlaveSupport/build.webkit.org-config/config.json:
* BuildSlaveSupport/build.webkit.org-config/master.cfg:
(ConfigureBuild.__init__):
(appendCustomBuildFlags):
(CompileJSCOnly):
(Factory.__init__):
(BuildAndRemoteJSCTestsFactory):
(BuildAndRemoteJSCTestsFactory.__init__):
* BuildSlaveSupport/build.webkit.org-config/mastercfg_unittest.py:
* BuildSlaveSupport/clean-build:
(main):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198529 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[OSX] Rebase media/media-document-audio-repaint.html
eric.carlson@apple.com [Tue, 22 Mar 2016 14:27:41 +0000 (14:27 +0000)]
[OSX] Rebase media/media-document-audio-repaint.html
https://bugs.webkit.org/show_bug.cgi?id=155733

Reviewed by Darin Adler.

* platform/mac/TestExpectations:
* platform/mac/media/media-document-audio-repaint-expected.png:
* platform/mac/media/media-document-audio-repaint-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198528 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSource/ThirdParty/ANGLE:
berto@igalia.com [Tue, 22 Mar 2016 13:47:30 +0000 (13:47 +0000)]
Source/ThirdParty/ANGLE:
Unreviewed typo fix.

* src/compiler/translator/InfoSink.cpp:
(TInfoSinkBase::prefix): "UNKOWN" => "UNKOWN".

Source/WebCore:
Unreviewed typo fix.

* platform/gtk/LocalizedStringsGtk.cpp:
(WebCore::textTrackAutomaticMenuItemText): "choosen" => "chosen"

Source/WebCore/platform/gtk/po:
Unreviewed typo fix "choosen" => "chosen"

* as.po:
* bg.po:
* ca.po:
* de.po:
* en_GB.po:
* es.po:
* fr.po:
* gl.po:
* gu.po:
* he.po:
* hi.po:
* it.po:
* ja.po:
* kn.po:
* mr.po:
* nl.po:
* or.po:
* pl.po:
* pt_BR.po:
* sl.po:
* sv.po:
* ta.po:
* te.po:
* tr.po:

Source/WebKit2:
Unreviewed typo fixes.

* Shared/linux/WebMemorySamplerLinux.cpp:
(WebKit::WebMemorySampler::sampleWebKit): "Commited" => "Committed"
* UIProcess/API/gtk/WebKitFileChooserRequest.cpp:
(webkit_file_chooser_request_select_files): "choosen" => "chosen"
* UIProcess/API/gtk/WebKitUserMediaPermissionRequest.cpp:
(webkit_user_media_permission_request_class_init): "Wether" => "Whether"

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198527 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemove unused display and scroll view methods from PageClient and WebPageProxy
carlosgc@webkit.org [Tue, 22 Mar 2016 13:22:37 +0000 (13:22 +0000)]
Remove unused display and scroll view methods from PageClient and WebPageProxy
https://bugs.webkit.org/show_bug.cgi?id=155744

Reviewed by Andreas Kling.

We have displayView(), canScrollView() and scrollView() that are
used by DrawingAreaProxyImpl which is only used by GTK+ port that
doesn't implement those methods.

* UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::PageClientImpl::displayView): Deleted.
(WebKit::PageClientImpl::scrollView): Deleted.
* UIProcess/API/gtk/PageClientImpl.h:
* UIProcess/DrawingAreaProxyImpl.cpp:
(WebKit::DrawingAreaProxyImpl::incorporateUpdate): Update the
whole view when scrolling, or the damage area otherwise.
* UIProcess/PageClient.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::displayView): Deleted.
(WebKit::WebPageProxy::canScrollView): Deleted.
(WebKit::WebPageProxy::scrollView): Deleted.
* UIProcess/WebPageProxy.h:
* UIProcess/efl/WebView.cpp:
(WebKit::WebView::displayView): Deleted.
(WebKit::WebView::scrollView): Deleted.
* UIProcess/efl/WebView.h:
* UIProcess/ios/PageClientImplIOS.h:
* UIProcess/ios/PageClientImplIOS.mm:
(WebKit::PageClientImpl::displayView): Deleted.
(WebKit::PageClientImpl::canScrollView): Deleted.
(WebKit::PageClientImpl::scrollView): Deleted.
* UIProcess/mac/PageClientImpl.h:
* UIProcess/mac/PageClientImpl.mm:
(WebKit::PageClientImpl::displayView): Deleted.
(WebKit::PageClientImpl::canScrollView): Deleted.
(WebKit::PageClientImpl::scrollView): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198526 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[CoordinatedGraphics] Polish std::function<> usage in ThreadedCompositor, Coordinated...
zandobersek@gmail.com [Tue, 22 Mar 2016 09:44:47 +0000 (09:44 +0000)]
[CoordinatedGraphics] Polish std::function<> usage in ThreadedCompositor, CoordinatedGraphicsScene
https://bugs.webkit.org/show_bug.cgi?id=155726

Reviewed by Darin Adler.

Adjust the methods in ThreadedCompositor and CoordinatedGraphicsScene
classes to accept std::function<> arguments via rvalue references. This
should prevent both unnecessary copies and moves.

Fix lambda expressions that are most commonly used to construct the
std::function<> objects so that they don't capture-by-value by default,
but instead list the captured values verbosely. This part alone exposed
an issue in ThreadedCompositor::didChangeVisibleRect() where we were
capturing the `this' value by default, instead of a protector RefPtr.

* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:
(WebKit::CoordinatedGraphicsScene::dispatchOnMainThread):
(WebKit::CoordinatedGraphicsScene::dispatchOnClientRunLoop):
(WebKit::CoordinatedGraphicsScene::paintToCurrentGLContext):
(WebKit::CoordinatedGraphicsScene::onNewBufferAvailable):
(WebKit::CoordinatedGraphicsScene::commitSceneState):
(WebKit::CoordinatedGraphicsScene::purgeGLResources):
(WebKit::CoordinatedGraphicsScene::commitScrollOffset):
(WebKit::CoordinatedGraphicsScene::appendUpdate):
(WebKit::CoordinatedGraphicsScene::setActive):
* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.h:
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::CompositingRunLoop::CompositingRunLoop):
(WebKit::CompositingRunLoop::callOnCompositingRunLoop):
(WebKit::ThreadedCompositor::setNeedsDisplay):
(WebKit::ThreadedCompositor::setNativeSurfaceHandleForCompositing):
(WebKit::ThreadedCompositor::setDeviceScaleFactor):
(WebKit::ThreadedCompositor::didChangeViewportSize):
(WebKit::ThreadedCompositor::didChangeViewportAttribute):
(WebKit::ThreadedCompositor::didChangeContentsSize):
(WebKit::ThreadedCompositor::scrollTo):
(WebKit::ThreadedCompositor::scrollBy):
(WebKit::ThreadedCompositor::didChangeVisibleRect):
(WebKit::ThreadedCompositor::callOnCompositingThread):
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198525 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[CoordinatedGraphics] Prefer RunLoop::main().dispatch() over callOnMainThread()
zandobersek@gmail.com [Tue, 22 Mar 2016 07:28:06 +0000 (07:28 +0000)]
[CoordinatedGraphics] Prefer RunLoop::main().dispatch() over callOnMainThread()
https://bugs.webkit.org/show_bug.cgi?id=155725

Reviewed by Darin Adler.

Unify the CoordinatedGraphics code in the WebKit2 layer to use RunLoop
for dispatching tasks on either the main thread or the composition thread
in case of using the threaded compositor. The latter is already the default,
so this patch just replaces calls to callOnMainThread() with calls to
RunLoop::main().dispatch().

* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:
(WebKit::CoordinatedGraphicsScene::dispatchOnMainThread):
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::didChangeVisibleRect):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198522 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[TextureMapper] Destructing TextureMapperLayer should clean up its effect target
zandobersek@gmail.com [Tue, 22 Mar 2016 07:26:21 +0000 (07:26 +0000)]
[TextureMapper] Destructing TextureMapperLayer should clean up its effect target
https://bugs.webkit.org/show_bug.cgi?id=155718

Reviewed by Darin Adler.

TextureMapperLayer destructor should, in case of non-null effect target,
null out the effect target's mask and replica layer pointers if those
pointers point to the TextureMapperLayer object that's being destroyed,
avoiding use-after-free occurrences.

* platform/graphics/texmap/TextureMapperLayer.cpp:
(WebCore::TextureMapperLayer::~TextureMapperLayer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198521 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[TexMap] Shrink-to-fit the CompositingCoordinator's update atlases vector after cleanup
zandobersek@gmail.com [Tue, 22 Mar 2016 07:21:13 +0000 (07:21 +0000)]
[TexMap] Shrink-to-fit the CompositingCoordinator's update atlases vector after cleanup
https://bugs.webkit.org/show_bug.cgi?id=155719

Reviewed by Carlos Garcia Campos.

Shrink the Vector object containing the cached UpdateAtlas objects
after the inactive ones are removed. This way the capacity of the
Vector is kept under control, preventing unnecessary waste of memory.

* platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
(WebCore::CompositingCoordinator::releaseInactiveAtlasesTimerFired):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198520 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSkip HeapSnapshot test on WebKit1. Shared VM skews the data.
joepeck@webkit.org [Tue, 22 Mar 2016 03:48:28 +0000 (03:48 +0000)]
Skip HeapSnapshot test on WebKit1. Shared VM skews the data.

Rubber-stamped by Timothy Hatcher.

In this case, snapshots with snapshots with snapshots in the same VM
causes the test to run out of memory. This does not happen in WebKit2.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198519 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCommit log viewer repaints too frequently after r198499
rniwa@webkit.org [Tue, 22 Mar 2016 02:58:19 +0000 (02:58 +0000)]
Commit log viewer repaints too frequently after r198499
https://bugs.webkit.org/show_bug.cgi?id=155732

Reviewed by Joseph Pecoraro.

The bug was caused by InteractiveTimeSeriesChart invoking onchange callback whenever mouse moved even
if the current point didn't change. Fixed the bug by avoiding the work if the indicator hadn't changed
and avoiding work in the commit log viewer when the requested repository and the revision range were
the same as those of the last request.

* public/v3/components/commit-log-viewer.js:
(CommitLogViewer):
(CommitLogViewer.prototype.currentRepository): Exit early when repository and the revision range are
identical to the one we already have to avoid repaints and issuing multiple network requests.
* public/v3/components/interactive-time-series-chart.js:
(InteractiveTimeSeriesChart.prototype._mouseMove): Don't invoke _notifyIndicatorChanged if the current
indicator hadn't changed.
* public/v3/pages/chart-pane.js:
(ChartPane.prototype._indicatorDidChange): Fixed the bug that unlocking the indicator wouldn't update
the URL. We need to check whether the lock state had changed. The old condition was also redundant
since _mainChartIndicatorWasLocked is always identically equal to isLocked per the prior assignment.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198518 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Clean up Math.floor thunk and use SSE round instruction
utatane.tea@gmail.com [Tue, 22 Mar 2016 01:35:04 +0000 (01:35 +0000)]
[JSC] Clean up Math.floor thunk and use SSE round instruction
https://bugs.webkit.org/show_bug.cgi?id=155705

Reviewed by Geoffrey Garen.

SSE now allow us to use round instruction to implement Math.floor.
MacroAssembler's floorDouble is now only used in ARM64, but it can be allowed in x86 SSE.

* jit/ThunkGenerators.cpp:
(JSC::floorThunkGenerator):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198513 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: New icon for Heap Allocations timeline
mattbaker@apple.com [Tue, 22 Mar 2016 00:51:43 +0000 (00:51 +0000)]
Web Inspector: New icon for Heap Allocations timeline
https://bugs.webkit.org/show_bug.cgi?id=155731
<rdar://problem/25275494>

Reviewed by Joseph Pecoraro and Timothy Hatcher.

* UserInterface/Images/HeapAllocationsInstrument.svg: Added.
New artwork from Jon Davis.

* UserInterface/Views/TimelineIcons.css:
(.heap-allocations-icon .icon):
(body:not(.mac-platform, .windows-platform) .memory-icon .icon):
(body:not(.mac-platform, .windows-platform) .heap-allocations-icon .icon):
New icon styles/fallbacks for GTK.

* UserInterface/Views/TimelineTabContentView.js:
(WebInspector.TimelineTabContentView.iconClassNameForTimeline):
Add new icon class to UI helper method.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198511 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUpdate benchmark tests
jonlee@apple.com [Tue, 22 Mar 2016 00:30:44 +0000 (00:30 +0000)]
Update benchmark tests
https://bugs.webkit.org/show_bug.cgi?id=155723

Reviewed by Darin Adler.
Provisionally reviewed by Said Abou-Hallawa.

Add quadratic and bezier segments to the canvas path test.

* Animometer/resources/runner/tests.js: Some of the query strings are unnecessary.
Rename the test.
* Animometer/tests/master/resources/canvas-stage.js:
(tune): Update to be able to take an array of possible constructors. Choose one randomly.
* Animometer/tests/master/resources/canvas-tests.js:
(CanvasLinePoint.Utilities.createClass): Move the point selection out to a separate
function called randomPoint() for reuse. Move X_LOOPS, Y_LOOPS, and offsets into the
class definition.
(randomPoint): Scale the grid down a little bit so that the lines along the edge of the
canvas are not cut off when the stroke size is thick.
(CanvasQuadraticSegment): Added.
(CanvasBezierSegment): Added.
(SimpleCanvasStage): Pass in an array of the different segment types. Since line segments
are short compared to the curved ones, make it twice as likely to render a line segment.
(SimpleCanvasStage.animate): Update the drawing code so that we render all line segments.

Add a helper method that selects a random element from an array.

* Animometer/tests/resources/main.js:
(Stage.randomElementInArray): Select a random element from the provided array.

* Animometer/tests/bouncing-particles/resources/bouncing-tagged-images.js: Refactor.
* Animometer/tests/dom/resources/leaves.js: Ditto.
* Animometer/tests/master/resources/dom-particles.js: Ditto.
* Animometer/tests/master/resources/image-data.js: Ditto.
* Animometer/tests/master/resources/leaves.js: Ditto.
* Animometer/tests/simple/resources/simple-canvas-paths.js: Ditto.

Add canvas tests that includes all stroke and fill paths. This makes it possible to avoid having to
include the full simple canvas suite for perf testing.

* Animometer/resources/debug-runner/tests.js: Add new tests. Move the canvas test into the Canvas
suite.
* Animometer/tests/simple/resources/simple-canvas-paths.js: Add a CanvasStroke and CanvasFill particle
that random selects an object to render.

* Animometer/resources/debug-runner/tests.js: Move 3D suite before basic canvas suite.
When updating the perf bot script, we will include the suites up to this one, but exclude
the basic canvas suite.

Move compositing transforms test to HTML suite and remove the empty Miscellaneous suite.

* Animometer/resources/debug-runner/tests.js:
* Animometer/tests/dom/compositing-transforms.html: Renamed from PerformanceTests/Animometer/tests/misc/compositing-transforms.html.
* Animometer/tests/dom/resources/compositing-transforms.js: Renamed from PerformanceTests/Animometer/tests/misc/resources/compositing-transforms.js.

Clean up miscellaneous test suite. Add a canvas ellipse test, and remove the other
canvas tests.

* Animometer/resources/debug-runner/tests.js: Add ellipse tests to the simple suite.
* Animometer/tests/misc/canvas-electrons.html: Removed.
* Animometer/tests/misc/canvas-stars.html: Removed.
* Animometer/tests/misc/resources/canvas-electrons.js: Removed.
* Animometer/tests/misc/resources/canvas-stars.js: Removed.
* Animometer/tests/simple/resources/simple-canvas-paths.js: Add ellipse primitives.

Merge text tests together into one.

* Animometer/resources/runner/tests.js: Remove international.html.
* Animometer/tests/master/international.html: Removed.
* Animometer/tests/master/resources/text.js:
(animate): Update styling. Manually calculate gradients for the shadow particles.
Reduce the step size for y direction to avoid cutting text off at the margins. Increase
step for x since there will be a little more room.
* Animometer/tests/master/text.html: Add more translations and lay it out in a table.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198509 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix A/B testing after r198503.
rniwa@webkit.org [Tue, 22 Mar 2016 00:22:14 +0000 (00:22 +0000)]
Fix A/B testing after r198503.

* public/include/build-requests-fetcher.php:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198508 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoImprove SharedBuffer testing
bfulgham@apple.com [Tue, 22 Mar 2016 00:06:53 +0000 (00:06 +0000)]
Improve SharedBuffer testing
https://bugs.webkit.org/show_bug.cgi?id=93078
<rdar://problem/25277829>

Reviewed by Ryosuke Niwa.

Source/WebCore:

* platform/SharedBuffer.h: Mark a few methods as WEBCORE_EXPORT so they
can be used by TestWebKitAPI.

Tools:

Based on a Blink patch by Huang Dongsung <luxtella@company100.net>.
<https://src.chromium.org/viewvc/blink?revision=153850&view=revision,
and a Blink patch by <tyoshino@chromium.org>
<https://src.chromium.org/viewvc/blink?view=rev&revision=151617>

Add three test cases from the Blink project that cover various append,
copy, and createArrayBuffer calls.

* TestWebKitAPI/Tests/WebCore/SharedBuffer.cpp:
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198507 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWebCore::RenderTableCell::setCol should put a cap on the column value.
zalan@apple.com [Mon, 21 Mar 2016 23:29:58 +0000 (23:29 +0000)]
WebCore::RenderTableCell::setCol should put a cap on the column value.
https://bugs.webkit.org/show_bug.cgi?id=155642
<rdar://problem/15895201>

Reviewed by Simon Fraser.

This patch ensures that we don't crash when the column number is large enough.
see webkit.org/b/71135 for more information.

Source/WebCore:

Test: tables/colspan-with-large-value-crash.html

* rendering/RenderTableCell.h:
(WebCore::RenderTableCell::setCol):

LayoutTests:

* tables/colspan-with-large-value-crash-expected.txt: Added.
* tables/colspan-with-large-value-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198506 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agostorage/indexeddb/deletedatabase-delayed-by-open-and-versionchange.html flaky on...
beidson@apple.com [Mon, 21 Mar 2016 22:57:43 +0000 (22:57 +0000)]
storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange.html flaky on mac-wk2.
https://bugs.webkit.org/show_bug.cgi?id=154748

Reviewed by Alex Christensen.

* platform/mac/TestExpectations:
* storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-expected.txt:
* storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-private-expected.txt:
* storage/indexeddb/resources/deletedatabase-delayed-by-open-and-versionchange.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198504 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAnalysis task page is broken after r198479
rniwa@webkit.org [Mon, 21 Mar 2016 22:27:34 +0000 (22:27 +0000)]
Analysis task page is broken after r198479
https://bugs.webkit.org/show_bug.cgi?id=155735

Rubber-stamped by Chris Dumez.

* public/api/measurement-set.php:
(AnalysisResultsFetcher::fetch_commits): We need to emit the commit ID as done for regular data.
* public/include/build-requests-fetcher.php:
(BuildRequestsFetcher::fetch_roots_for_set_if_needed): Ditto. Don't use a fake ID after r198479.
* public/v3/models/commit-log.js:
(CommitLog): Assert that all commit log IDs are integers to catch regressions like this in future.
* public/v3/models/root-set.js:
(RootSet): Don't resolve Repository here as doing so would modify the shared "root" entry in the JSON
we fetched, and subsequent construction of RootSet would fail since this line would blow up trying to
find the repository with "[object]" as the ID.
* public/v3/models/test-group.js:
(TestGroup._createModelsFromFetchedTestGroups): Resolve Repository here.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198503 268f45cc-cd09-0410-ab3c-d52691b4dbfc