WebKit-https.git
7 years agoCopying and pasting trivial H2 content causes a crash in firstPositionInNode
mmaxfield@apple.com [Wed, 23 Jul 2014 02:19:55 +0000 (02:19 +0000)]
Copying and pasting trivial H2 content causes a crash in firstPositionInNode
https://bugs.webkit.org/show_bug.cgi?id=134897

Reviewed by Ryosuke Niwa.

Source/WebCore:
ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder() attempts
to move pasted headings out of existed headings, with out regard to if the existing
heading is the contenteditable root.

Test: editing/pasteboard/heading-crash.html

* editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder):

LayoutTests:
Copy and paste text from one heading to another. Make sure there is no crash.

* editing/pasteboard/heading-crash-expected.txt: Added.
* editing/pasteboard/heading-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171383 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix Windows.
fpizlo@apple.com [Wed, 23 Jul 2014 02:19:26 +0000 (02:19 +0000)]
Fix Windows.

* jsc.cpp:
(WTF::jscExit):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171382 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix 32-bit.
fpizlo@apple.com [Wed, 23 Jul 2014 01:43:35 +0000 (01:43 +0000)]
Fix 32-bit.

* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171381 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoMerge r169148, r169185, r169188, r169578, r169582, r169584, r169588, r169753 from...
fpizlo@apple.com [Wed, 23 Jul 2014 01:19:50 +0000 (01:19 +0000)]
Merge r169148, r169185, r169188, r169578, r169582, r169584, r169588, r169753 from ftlopt.

Source/JavaScriptCore:

Note that r169753 is merged out of order because it fixes a bug in r169588.

    2014-06-10  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] Structure::dfgShouldWatchIfPossible() is unsound
    https://bugs.webkit.org/show_bug.cgi?id=133624

    Reviewed by Mark Hahnenberg.

    * runtime/Structure.h:
    (JSC::Structure::dfgShouldWatchIfPossible): Make it sound and add some verbiage.

    2014-06-04  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] AI should be able track structure sets larger than 1
    https://bugs.webkit.org/show_bug.cgi?id=128073

    Reviewed by Oliver Hunt.

    This makes two major changes to how AI (abstract interpreter) proves that a value has
    some structure:

    - StructureAbstractValue can now track an arbitrary number of structures. A set whose
      size is greater than one means that the value may have any of the structures, and we
      don't know which - but we do know that it cannot be any structure not in the set. The
      structure abstract value can still be TOP, which means the set of all structures. We
      artificially limit the set size to StructureAbstractValue::polymorphismLimit to guard
      memory explosion on pathological programs. This limit is big enough that it wouldn't
      kick in for normal code, since we have other heuristics that limit the number of
      structures that we would allow an inline cache to know about.

    - We eagerly set watchpoints on all watchable structures and then we assume that
      watchable structures are being watched, and that the watchpoint will jettison the code.
      This allows tracking of watchable structures to be far simpler than before. Previously,
      a structure being tracked as "future possible" was predicated on it being watchable but
      we might not actually watch it. This makes algebra over sets of future possible
      structures quite weird. But watching all watchable structures means that we simple say
      that a structure set can be in the following states: unclobbered, which means it's just
      a set of structures and it doesn't matter what is watchable or what isn't because we've
      proven that the value must have one of these structures right now; and clobbered, which
      means that we have a set of structures, plus all possible structures temporarily, with
      invalidation removing the "plus all possible structures". Clobbering a set means that
      if any of its structures are unwatchable, the set just becomes TOP; but if all
      structures in the set are watchable then we just set the clobbered bit to add the "plus
      all possible structures temporarily" thing. This precisely tracks the exact meaning of
      watchability and invalidation points.

    Slight SunSpider slow-down, neutral on Octane, slight AsmBench speed-up. I believe that
    we will ultimately undo the SunSpider slow-down by making further improvements to the set
    representation. I believe that Octane perfromance will ultimately improve once we remove
    remaining singleton special-cases. The ultimate goal of this is to remove the need to
    try quite so desperately hard to make everything monomorphic as we do currently.

    * CMakeLists.txt:
    * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
    * JavaScriptCore.xcodeproj/project.pbxproj:
    * bytecode/StructureSet.cpp:
    (JSC::StructureSet::clear):
    (JSC::StructureSet::remove):
    (JSC::StructureSet::filter):
    (JSC::StructureSet::copyFromOutOfLine):
    (JSC::StructureSet::StructureSet): Deleted.
    (JSC::StructureSet::operator=): Deleted.
    (JSC::StructureSet::copyFrom): Deleted.
    * bytecode/StructureSet.h:
    (JSC::StructureSet::StructureSet):
    (JSC::StructureSet::operator=):
    (JSC::StructureSet::isEmpty):
    (JSC::StructureSet::genericFilter):
    (JSC::StructureSet::ContainsOutOfLine::ContainsOutOfLine):
    (JSC::StructureSet::ContainsOutOfLine::operator()):
    (JSC::StructureSet::copyFrom):
    (JSC::StructureSet::deleteStructureListIfNecessary):
    (JSC::StructureSet::setEmpty):
    (JSC::StructureSet::getReservedFlag):
    (JSC::StructureSet::setReservedFlag):
    * dfg/DFGAbstractInterpreter.h:
    (JSC::DFG::AbstractInterpreter::setBuiltInConstant):
    * dfg/DFGAbstractInterpreterInlines.h:
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::booleanResult):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::verifyEdge):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::clobberCapturedVars):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::forAllValues):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::clobberStructures):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::observeTransition):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::observeTransitions):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::setDidClobber):
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::dump):
    * dfg/DFGAbstractValue.cpp:
    (JSC::DFG::AbstractValue::observeTransitions):
    (JSC::DFG::AbstractValue::setMostSpecific):
    (JSC::DFG::AbstractValue::set):
    (JSC::DFG::AbstractValue::filter):
    (JSC::DFG::AbstractValue::shouldBeClear):
    (JSC::DFG::AbstractValue::normalizeClarity):
    (JSC::DFG::AbstractValue::checkConsistency):
    (JSC::DFG::AbstractValue::assertIsWatched):
    (JSC::DFG::AbstractValue::dumpInContext):
    (JSC::DFG::AbstractValue::setFuturePossibleStructure): Deleted.
    * dfg/DFGAbstractValue.h:
    (JSC::DFG::AbstractValue::clear):
    (JSC::DFG::AbstractValue::clobberStructures):
    (JSC::DFG::AbstractValue::clobberStructuresFor):
    (JSC::DFG::AbstractValue::observeInvalidationPoint):
    (JSC::DFG::AbstractValue::observeInvalidationPointFor):
    (JSC::DFG::AbstractValue::observeTransition):
    (JSC::DFG::AbstractValue::TransitionObserver::TransitionObserver):
    (JSC::DFG::AbstractValue::TransitionObserver::operator()):
    (JSC::DFG::AbstractValue::TransitionsObserver::TransitionsObserver):
    (JSC::DFG::AbstractValue::TransitionsObserver::operator()):
    (JSC::DFG::AbstractValue::isHeapTop):
    (JSC::DFG::AbstractValue::setType):
    (JSC::DFG::AbstractValue::operator==):
    (JSC::DFG::AbstractValue::merge):
    (JSC::DFG::AbstractValue::validate):
    (JSC::DFG::AbstractValue::hasClobberableState):
    (JSC::DFG::AbstractValue::assertIsWatched):
    (JSC::DFG::AbstractValue::observeIndexingTypeTransition):
    (JSC::DFG::AbstractValue::makeTop):
    (JSC::DFG::AbstractValue::bestProvenStructure): Deleted.
    * dfg/DFGAllocator.h:
    * dfg/DFGArgumentsSimplificationPhase.cpp:
    (JSC::DFG::ArgumentsSimplificationPhase::run):
    * dfg/DFGArrayMode.cpp:
    (JSC::DFG::ArrayMode::alreadyChecked):
    * dfg/DFGAtTailAbstractState.h:
    (JSC::DFG::AtTailAbstractState::structureClobberState):
    (JSC::DFG::AtTailAbstractState::setStructureClobberState):
    (JSC::DFG::AtTailAbstractState::setFoundConstants):
    (JSC::DFG::AtTailAbstractState::haveStructures): Deleted.
    (JSC::DFG::AtTailAbstractState::setHaveStructures): Deleted.
    * dfg/DFGBasicBlock.cpp:
    (JSC::DFG::BasicBlock::BasicBlock):
    * dfg/DFGBasicBlock.h:
    * dfg/DFGBranchDirection.h:
    (JSC::DFG::branchDirectionToString):
    (WTF::printInternal):
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::handlePutById):
    * dfg/DFGCFAPhase.cpp:
    (JSC::DFG::CFAPhase::performBlockCFA):
    * dfg/DFGCSEPhase.cpp:
    (JSC::DFG::CSEPhase::checkStructureElimination):
    (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination):
    (JSC::DFG::CSEPhase::performNodeCSE):
    * dfg/DFGClobberize.h:
    (JSC::DFG::clobberize):
    * dfg/DFGCommon.cpp:
    (JSC::DFG::startCrashing):
    (JSC::DFG::isCrashing):
    * dfg/DFGCommon.h:
    * dfg/DFGCommonData.cpp:
    (JSC::DFG::CommonData::notifyCompilingStructureTransition):
    * dfg/DFGConstantFoldingPhase.cpp:
    (JSC::DFG::ConstantFoldingPhase::foldConstants):
    (JSC::DFG::ConstantFoldingPhase::emitGetByOffset):
    (JSC::DFG::ConstantFoldingPhase::emitPutByOffset):
    (JSC::DFG::ConstantFoldingPhase::addStructureTransitionCheck):
    * dfg/DFGDesiredWatchpoints.cpp:
    (JSC::DFG::DesiredWatchpoints::consider):
    (JSC::DFG::DesiredWatchpoints::addLazily): Deleted.
    * dfg/DFGDesiredWatchpoints.h:
    (JSC::DFG::GenericDesiredWatchpoints::reallyAdd):
    (JSC::DFG::GenericDesiredWatchpoints::areStillValid):
    (JSC::DFG::GenericDesiredWatchpoints::isWatched):
    (JSC::DFG::DesiredWatchpoints::isWatched):
    (JSC::DFG::WatchpointForGenericWatchpointSet::WatchpointForGenericWatchpointSet): Deleted.
    (JSC::DFG::GenericDesiredWatchpoints::addLazily): Deleted.
    (JSC::DFG::GenericDesiredWatchpoints::isStillValid): Deleted.
    (JSC::DFG::GenericDesiredWatchpoints::shouldAssumeMixedState): Deleted.
    (JSC::DFG::GenericDesiredWatchpoints::isValidOrMixed): Deleted.
    (JSC::DFG::DesiredWatchpoints::isStillValid): Deleted.
    (JSC::DFG::DesiredWatchpoints::shouldAssumeMixedState): Deleted.
    (JSC::DFG::DesiredWatchpoints::isValidOrMixed): Deleted.
    * dfg/DFGDoesGC.cpp:
    (JSC::DFG::doesGC):
    * dfg/DFGFixupPhase.cpp:
    (JSC::DFG::FixupPhase::fixupNode):
    (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess):
    (JSC::DFG::FixupPhase::injectTypeConversionsForEdge):
    * dfg/DFGGraph.cpp:
    (JSC::DFG::Graph::~Graph):
    (JSC::DFG::Graph::dump):
    (JSC::DFG::Graph::dumpBlockHeader):
    (JSC::DFG::Graph::tryGetFoldableView):
    (JSC::DFG::Graph::visitChildren):
    (JSC::DFG::Graph::assertIsWatched):
    (JSC::DFG::Graph::handleAssertionFailure):
    * dfg/DFGGraph.h:
    (JSC::DFG::Graph::convertToConstant):
    (JSC::DFG::Graph::masqueradesAsUndefinedWatchpointIsStillValid):
    (JSC::DFG::Graph::addStructureTransitionData): Deleted.
    * dfg/DFGInPlaceAbstractState.cpp:
    (JSC::DFG::InPlaceAbstractState::beginBasicBlock):
    (JSC::DFG::InPlaceAbstractState::initialize):
    (JSC::DFG::InPlaceAbstractState::endBasicBlock):
    (JSC::DFG::InPlaceAbstractState::reset):
    (JSC::DFG::InPlaceAbstractState::merge):
    * dfg/DFGInPlaceAbstractState.h:
    (JSC::DFG::InPlaceAbstractState::structureClobberState):
    (JSC::DFG::InPlaceAbstractState::setStructureClobberState):
    (JSC::DFG::InPlaceAbstractState::setFoundConstants):
    (JSC::DFG::InPlaceAbstractState::haveStructures): Deleted.
    (JSC::DFG::InPlaceAbstractState::setHaveStructures): Deleted.
    * dfg/DFGLivenessAnalysisPhase.cpp:
    (JSC::DFG::LivenessAnalysisPhase::run):
    * dfg/DFGNode.h:
    (JSC::DFG::Node::hasTransition):
    (JSC::DFG::Node::transition):
    (JSC::DFG::Node::hasStructure):
    (JSC::DFG::StructureTransitionData::StructureTransitionData): Deleted.
    (JSC::DFG::Node::convertToStructureTransitionWatchpoint): Deleted.
    (JSC::DFG::Node::hasStructureTransitionData): Deleted.
    (JSC::DFG::Node::structureTransitionData): Deleted.
    * dfg/DFGNodeType.h:
    * dfg/DFGPlan.cpp:
    (JSC::DFG::Plan::compileInThreadImpl):
    * dfg/DFGPredictionPropagationPhase.cpp:
    (JSC::DFG::PredictionPropagationPhase::propagate):
    * dfg/DFGSafeToExecute.h:
    (JSC::DFG::safeToExecute):
    * dfg/DFGSpeculativeJIT.cpp:
    (JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage):
    (JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage):
    * dfg/DFGSpeculativeJIT.h:
    (JSC::DFG::SpeculativeJIT::speculateStringObjectForStructure):
    * dfg/DFGSpeculativeJIT32_64.cpp:
    (JSC::DFG::SpeculativeJIT::compile):
    * dfg/DFGSpeculativeJIT64.cpp:
    (JSC::DFG::SpeculativeJIT::compile):
    * dfg/DFGStructureAbstractValue.cpp: Added.
    (JSC::DFG::StructureAbstractValue::assertIsWatched):
    (JSC::DFG::StructureAbstractValue::clobber):
    (JSC::DFG::StructureAbstractValue::observeTransition):
    (JSC::DFG::StructureAbstractValue::observeTransitions):
    (JSC::DFG::StructureAbstractValue::add):
    (JSC::DFG::StructureAbstractValue::merge):
    (JSC::DFG::StructureAbstractValue::mergeSlow):
    (JSC::DFG::StructureAbstractValue::mergeNotTop):
    (JSC::DFG::StructureAbstractValue::filter):
    (JSC::DFG::StructureAbstractValue::filterSlow):
    (JSC::DFG::StructureAbstractValue::contains):
    (JSC::DFG::StructureAbstractValue::isSubsetOf):
    (JSC::DFG::StructureAbstractValue::isSupersetOf):
    (JSC::DFG::StructureAbstractValue::overlaps):
    (JSC::DFG::StructureAbstractValue::equalsSlow):
    (JSC::DFG::StructureAbstractValue::dumpInContext):
    (JSC::DFG::StructureAbstractValue::dump):
    * dfg/DFGStructureAbstractValue.h:
    (JSC::DFG::StructureAbstractValue::StructureAbstractValue):
    (JSC::DFG::StructureAbstractValue::operator=):
    (JSC::DFG::StructureAbstractValue::clear):
    (JSC::DFG::StructureAbstractValue::makeTop):
    (JSC::DFG::StructureAbstractValue::assertIsWatched):
    (JSC::DFG::StructureAbstractValue::observeInvalidationPoint):
    (JSC::DFG::StructureAbstractValue::top):
    (JSC::DFG::StructureAbstractValue::isClear):
    (JSC::DFG::StructureAbstractValue::isTop):
    (JSC::DFG::StructureAbstractValue::isNeitherClearNorTop):
    (JSC::DFG::StructureAbstractValue::isClobbered):
    (JSC::DFG::StructureAbstractValue::merge):
    (JSC::DFG::StructureAbstractValue::filter):
    (JSC::DFG::StructureAbstractValue::operator==):
    (JSC::DFG::StructureAbstractValue::size):
    (JSC::DFG::StructureAbstractValue::at):
    (JSC::DFG::StructureAbstractValue::operator[]):
    (JSC::DFG::StructureAbstractValue::onlyStructure):
    (JSC::DFG::StructureAbstractValue::isSupersetOf):
    (JSC::DFG::StructureAbstractValue::makeTopWhenThin):
    (JSC::DFG::StructureAbstractValue::setClobbered):
    (JSC::DFG::StructureAbstractValue::add): Deleted.
    (JSC::DFG::StructureAbstractValue::addAll): Deleted.
    (JSC::DFG::StructureAbstractValue::contains): Deleted.
    (JSC::DFG::StructureAbstractValue::isSubsetOf): Deleted.
    (JSC::DFG::StructureAbstractValue::doesNotContainAnyOtherThan): Deleted.
    (JSC::DFG::StructureAbstractValue::isClearOrTop): Deleted.
    (JSC::DFG::StructureAbstractValue::last): Deleted.
    (JSC::DFG::StructureAbstractValue::speculationFromStructures): Deleted.
    (JSC::DFG::StructureAbstractValue::isValidOffset): Deleted.
    (JSC::DFG::StructureAbstractValue::hasSingleton): Deleted.
    (JSC::DFG::StructureAbstractValue::singleton): Deleted.
    (JSC::DFG::StructureAbstractValue::dumpInContext): Deleted.
    (JSC::DFG::StructureAbstractValue::dump): Deleted.
    (JSC::DFG::StructureAbstractValue::topValue): Deleted.
    * dfg/DFGStructureClobberState.h: Added.
    (JSC::DFG::merge):
    (WTF::printInternal):
    * dfg/DFGTransition.cpp: Added.
    (JSC::DFG::Transition::dumpInContext):
    (JSC::DFG::Transition::dump):
    * dfg/DFGTransition.h: Added.
    (JSC::DFG::Transition::Transition):
    * dfg/DFGTypeCheckHoistingPhase.cpp:
    (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
    (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):
    * dfg/DFGWatchableStructureWatchingPhase.cpp: Added.
    (JSC::DFG::WatchableStructureWatchingPhase::WatchableStructureWatchingPhase):
    (JSC::DFG::WatchableStructureWatchingPhase::run):
    (JSC::DFG::WatchableStructureWatchingPhase::tryWatch):
    (JSC::DFG::performWatchableStructureWatching):
    * dfg/DFGWatchableStructureWatchingPhase.h: Added.
    * dfg/DFGWatchpointCollectionPhase.cpp:
    (JSC::DFG::WatchpointCollectionPhase::handle):
    (JSC::DFG::WatchpointCollectionPhase::handleEdge): Deleted.
    * ftl/FTLCapabilities.cpp:
    (JSC::FTL::canCompile):
    * ftl/FTLIntrinsicRepository.h:
    * ftl/FTLLowerDFGToLLVM.cpp:
    (JSC::FTL::ftlUnreachable):
    (JSC::FTL::LowerDFGToLLVM::createPhiVariables):
    (JSC::FTL::LowerDFGToLLVM::compileBlock):
    (JSC::FTL::LowerDFGToLLVM::compileNode):
    (JSC::FTL::LowerDFGToLLVM::compileUpsilon):
    (JSC::FTL::LowerDFGToLLVM::compilePhi):
    (JSC::FTL::LowerDFGToLLVM::compileDoubleRep):
    (JSC::FTL::LowerDFGToLLVM::compileValueRep):
    (JSC::FTL::LowerDFGToLLVM::compileValueToInt32):
    (JSC::FTL::LowerDFGToLLVM::compileGetArgument):
    (JSC::FTL::LowerDFGToLLVM::compileGetLocal):
    (JSC::FTL::LowerDFGToLLVM::compileSetLocal):
    (JSC::FTL::LowerDFGToLLVM::compileArithAddOrSub):
    (JSC::FTL::LowerDFGToLLVM::compileArithMul):
    (JSC::FTL::LowerDFGToLLVM::compileArithDiv):
    (JSC::FTL::LowerDFGToLLVM::compileArithMod):
    (JSC::FTL::LowerDFGToLLVM::compileArithMinOrMax):
    (JSC::FTL::LowerDFGToLLVM::compileArithAbs):
    (JSC::FTL::LowerDFGToLLVM::compileArithNegate):
    (JSC::FTL::LowerDFGToLLVM::compileArrayifyToStructure):
    (JSC::FTL::LowerDFGToLLVM::compilePutStructure):
    (JSC::FTL::LowerDFGToLLVM::compileGetById):
    (JSC::FTL::LowerDFGToLLVM::compileGetMyArgumentsLength):
    (JSC::FTL::LowerDFGToLLVM::compileGetMyArgumentByVal):
    (JSC::FTL::LowerDFGToLLVM::compileGetArrayLength):
    (JSC::FTL::LowerDFGToLLVM::compileGetByVal):
    (JSC::FTL::LowerDFGToLLVM::compilePutByVal):
    (JSC::FTL::LowerDFGToLLVM::compileArrayPush):
    (JSC::FTL::LowerDFGToLLVM::compileArrayPop):
    (JSC::FTL::LowerDFGToLLVM::compileNewArray):
    (JSC::FTL::LowerDFGToLLVM::compileNewArrayBuffer):
    (JSC::FTL::LowerDFGToLLVM::compileAllocatePropertyStorage):
    (JSC::FTL::LowerDFGToLLVM::compileReallocatePropertyStorage):
    (JSC::FTL::LowerDFGToLLVM::compileToString):
    (JSC::FTL::LowerDFGToLLVM::compileMakeRope):
    (JSC::FTL::LowerDFGToLLVM::compileMultiGetByOffset):
    (JSC::FTL::LowerDFGToLLVM::compileMultiPutByOffset):
    (JSC::FTL::LowerDFGToLLVM::compileCompareEq):
    (JSC::FTL::LowerDFGToLLVM::compileCompareStrictEq):
    (JSC::FTL::LowerDFGToLLVM::compileSwitch):
    (JSC::FTL::LowerDFGToLLVM::compare):
    (JSC::FTL::LowerDFGToLLVM::boolify):
    (JSC::FTL::LowerDFGToLLVM::terminate):
    (JSC::FTL::LowerDFGToLLVM::lowInt32):
    (JSC::FTL::LowerDFGToLLVM::lowInt52):
    (JSC::FTL::LowerDFGToLLVM::opposite):
    (JSC::FTL::LowerDFGToLLVM::lowCell):
    (JSC::FTL::LowerDFGToLLVM::lowBoolean):
    (JSC::FTL::LowerDFGToLLVM::lowDouble):
    (JSC::FTL::LowerDFGToLLVM::lowJSValue):
    (JSC::FTL::LowerDFGToLLVM::speculate):
    (JSC::FTL::LowerDFGToLLVM::isArrayType):
    (JSC::FTL::LowerDFGToLLVM::speculateStringObjectForStructureID):
    (JSC::FTL::LowerDFGToLLVM::callCheck):
    (JSC::FTL::LowerDFGToLLVM::buildExitArguments):
    (JSC::FTL::LowerDFGToLLVM::addExitArgumentForNode):
    (JSC::FTL::LowerDFGToLLVM::setInt52):
    (JSC::FTL::LowerDFGToLLVM::crash):
    (JSC::FTL::LowerDFGToLLVM::compileStructureTransitionWatchpoint): Deleted.
    * ftl/FTLOutput.cpp:
    (JSC::FTL::Output::crashNonTerminal): Deleted.
    * ftl/FTLOutput.h:
    (JSC::FTL::Output::crash): Deleted.
    * jit/JITOperations.h:
    * jsc.cpp:
    (WTF::jscExit):
    (functionQuit):
    (main):
    (printUsageStatement):
    (CommandLine::parseArguments):
    * runtime/Structure.h:
    (JSC::Structure::dfgShouldWatchIfPossible):
    (JSC::Structure::dfgShouldWatch):
    * tests/stress/arrayify-to-structure-contradiction.js: Added.
    (foo):
    * tests/stress/ftl-getmyargumentslength-inline.js: Added.
    (foo):
    * tests/stress/multi-put-by-offset-multiple-transitions.js: Added.
    (foo):
    (Foo):
    * tests/stress/throw-from-ftl-in-loop.js: Added.
    * tests/stress/throw-from-ftl.js: Added.
    (foo):

    2014-06-03  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] Unreviewed, roll out r169578. The build system needs some more love.

    * InlineRuntimeSymbolTable.h: Removed.
    * JavaScriptCore.xcodeproj/project.pbxproj:
    * build-symbol-table-index.py:
    * build-symbol-table-index.sh:
    * copy-llvm-ir-to-derived-sources.sh:
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::handleCall):
    * dfg/DFGNode.h:
    (JSC::DFG::Node::canBeKnownFunction): Deleted.
    (JSC::DFG::Node::hasKnownFunction): Deleted.
    (JSC::DFG::Node::knownFunction): Deleted.
    (JSC::DFG::Node::giveKnownFunction): Deleted.
    * ftl/FTLAbbreviatedTypes.h:
    * ftl/FTLCompile.cpp:
    (JSC::FTL::compile):
    * ftl/FTLLowerDFGToLLVM.cpp:
    (JSC::FTL::LowerDFGToLLVM::LowerDFGToLLVM):
    (JSC::FTL::LowerDFGToLLVM::lower):
    (JSC::FTL::LowerDFGToLLVM::compileCallOrConstruct):
    (JSC::FTL::LowerDFGToLLVM::possiblyCompileInlineableNativeCall): Deleted.
    (JSC::FTL::LowerDFGToLLVM::getFunctionBySymbol): Deleted.
    (JSC::FTL::LowerDFGToLLVM::getModuleByPathForSymbol): Deleted.
    (JSC::FTL::LowerDFGToLLVM::isInlinableSize): Deleted.
    * ftl/FTLState.cpp:
    (JSC::FTL::State::State):
    * ftl/FTLState.h:
    * heap/HandleStack.h:
    * llvm/InitializeLLVM.h:
    * llvm/InitializeLLVMMac.cpp: Removed.
    * llvm/InitializeLLVMMac.mm: Added.
    (JSC::initializeLLVMImpl):
    * llvm/LLVMAPIFunctions.h:
    * llvm/LLVMHeaders.h:
    * runtime/BundlePath.h: Removed.
    * runtime/BundlePath.mm: Removed.
    * runtime/DateConversion.h:
    * runtime/DateInstance.h:
    * runtime/ExceptionHelpers.h:
    * runtime/JSArray.h:
    * runtime/JSCJSValue.h:
    (JSC::JSValue::toFloat):
    * runtime/JSDateMath.h:
    * runtime/JSObject.h:
    * runtime/JSWrapperObject.h:
    * runtime/Options.h:
    * runtime/RegExp.h:
    * runtime/StringObject.h:
    * runtime/Structure.h:
    * tested-symbols.symlst: Removed.

    2014-06-03  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] FTL native inlining tests take far too long
    https://bugs.webkit.org/show_bug.cgi?id=133498

    Unreviewed test gardening.

    Added a new exceptions test since the other one appears to not work.

    * tests/stress/ftl-library-exception.js:
    * tests/stress/ftl-library-inline-gettimezoneoffset.js: Added.
    (foo):
    * tests/stress/ftl-library-inlining-exceptions-dataview.js: Added.
    (foo):
    * tests/stress/ftl-library-inlining-exceptions.js: Copied from LayoutTests/js/regress/script-tests/ftl-library-inlining-exceptions.js.
    * tests/stress/ftl-library-inlining-loops.js: Copied from LayoutTests/js/regress/script-tests/ftl-library-inlining-loops.js.
    * tests/stress/ftl-library-inlining-random.js:
    * tests/stress/ftl-library-substring.js:

    2014-06-03  Matthew Mirman  <mmirman@apple.com>

    [ftlopt] Added system for inlining native functions via the FTL.
    https://bugs.webkit.org/show_bug.cgi?id=131515

    Reviewed by Filip Pizlo.

    Also fixed the build to not compress the bitcode and to
    include all of the relevant runtime. With GCC_GENERATE_DEBUGGING_SYMBOLS = NO,
    the produced bitcode files are a 100th the size they were before.
    Now we can include all of the relevant runtime files with only a 3mb overhead.
    This is the same overhead as for two compressed files before,
    but done more efficiently (on both ends) and with less code.

    Deciding whether to inline native functions is left up to LLVM.
    The entire module containing the function is linked into the current
    compiled JS so that inlining the native functions shouldn't make them smaller.

    Rather than loading Runtime.symtbl at runtime FTLState.cpp now includes a file
    InlineRuntimeSymbolTable.h which statically builds the symbol table hash table.
    Currently build-symbol-table-index.py updates this file from the
    contents of tested-symbols.symlst when done building as a matter of convenience.
    However, in order to include the new contents of the file in the build
    you'd need to build twice.  This will be fixed in future versions.

    * JavaScriptCore.xcodeproj/project.pbxproj: Added back runtime files to compile.
    * build-symbol-table-index.py: Changed bitcode suffix.
    Added inclusion of only tested symbols.
    Added output to InlineRuntimeSymbolTable.h.
    * build-symbol-table-index.sh: Changed bitcode suffix.
    * copy-llvm-ir-to-derived-sources.sh: Removed gzip compression.
    * tested-symbols.symlst: Added.
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::handleCall):
    Now sets the knownFunction of the call node if such a function exists
    and emits a check that during runtime the callee is in fact known.
    * dfg/DFGNode.h:
    Added functions to set the known function of a call node.
    (JSC::DFG::Node::canBeKnownFunction): Added.
    (JSC::DFG::Node::hasKnownFunction): Added.
    (JSC::DFG::Node::knownFunction): Added.
    (JSC::DFG::Node::giveKnownFunction): Added.
    * ftl/FTLAbbreviatedTypes.h: Added a typedef for LLVMMemoryBufferRef
    * ftl/FTLLowerDFGToLLVM.cpp:
    (JSC::FTL::LowerDFGToLLVM::isInlinableSize): Added. Hardcoded threshold to 275.
    (JSC::FTL::LowerDFGToLLVM::getModuleByPathForSymbol): Added.
    (JSC::FTL::LowerDFGToLLVM::getFunctionBySymbol): Added.
    (JSC::FTL::LowerDFGToLLVM::possiblyCompileInlineableNativeCall): Added.
    (JSC::FTL::LowerDFGToLLVM::compileCallOrConstruct):
    Added call to possiblyCompileInlineableNativeCall
    * ftl/FTLOutput.h:
    (JSC::FTL::Output::allocaName):  Added. Useful for debugging.
    * ftl/FTLState.cpp:
    (JSC::FTL::State::State): Added an include for InlineRuntimeSymbolTable.h
    * ftl/FTLState.h: Added symbol table hash table.
    * ftl/FTLCompile.cpp:
    (JSC::FTL::compile): Added inlining and dead function elimination passes.
    * heap/HandleStack.h: Added JS_EXPORT_PRIVATE to a few functions to get inlining to compile.
    * InlineRuntimeSymbolTable.h: Added.
    * llvm/InitializeLLVMMac.mm: Deleted.
    * llvm/InitializeLLVMMac.cpp: Added.
    * llvm/LLVMAPIFunctions.h: Added macros to include Bitcode parsing and linking functions.
    * llvm/LLVMHeaders.h: Added includes for Bitcode parsing and linking.
    * runtime/BundlePath.h: Added.
    * runtime/BundlePath.mm: Added.
    * runtime/DateInstance.h: Added JS_EXPORT_PRIVATE to a few functions to get inlining to compile.
    * runtime/DateInstance.h: ditto.
    * runtime/DateConversion.h: ditto.
    * runtime/ExceptionHelpers.h: ditto.
    * runtime/JSCJSValue.h: ditto.
    * runtime/JSArray.h: ditto.
    * runtime/JSDateMath.h: ditto.
    * runtime/JSObject.h: ditto.
    * runtime/JSObject.h: ditto.
    * runtime/RegExp.h: ditto.
    * runtime/Structure.h: ditto.
    * runtime/Options.h:  Added maximumLLVMInstructionCountForNativeInlining.
    * tests/stress/ftl-library-inlining-random.js: Added.
    * tests/stress/ftl-library-substring.js: Added.

    2014-05-21  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] DFG::clobberize should be blind to the effects of GC
    https://bugs.webkit.org/show_bug.cgi?id=133166

    Reviewed by Goeffrey Garen.

    Move the computation of where GCs happen to DFG::doesGC().

    Large (>5x) speed-up on programs that do loop-invariant string concatenations.

    * CMakeLists.txt:
    * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
    * JavaScriptCore.xcodeproj/project.pbxproj:
    * dfg/DFGAbstractHeap.h:
    * dfg/DFGClobberize.h:
    (JSC::DFG::clobberize):
    (JSC::DFG::clobberizeForAllocation): Deleted.
    * dfg/DFGDoesGC.cpp: Added.
    (JSC::DFG::doesGC):
    * dfg/DFGDoesGC.h: Added.
    * dfg/DFGStoreBarrierElisionPhase.cpp:
    (JSC::DFG::StoreBarrierElisionPhase::handleNode):
    (JSC::DFG::StoreBarrierElisionPhase::couldCauseGC): Deleted.

    2014-05-16  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] A StructureSet with one element should only require one word and no allocation
    https://bugs.webkit.org/show_bug.cgi?id=133014

    Reviewed by Oliver Hunt.

    This makes it more efficient to use StructureSet in situations where the common case is
    just one structure.

    I also took the opportunity to use the same set terminology we use in BitVector: merge,
    filter, exclude, contains, etc.

    Eventually, this will be used to implement StructureAbstractValue as well.

    * CMakeLists.txt:
    * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
    * JavaScriptCore.xcodeproj/project.pbxproj:
    * bytecode/StructureSet.cpp: Added.
    (JSC::StructureSet::StructureSet):
    (JSC::StructureSet::operator=):
    (JSC::StructureSet::clear):
    (JSC::StructureSet::add):
    (JSC::StructureSet::remove):
    (JSC::StructureSet::contains):
    (JSC::StructureSet::merge):
    (JSC::StructureSet::filter):
    (JSC::StructureSet::exclude):
    (JSC::StructureSet::isSubsetOf):
    (JSC::StructureSet::overlaps):
    (JSC::StructureSet::operator==):
    (JSC::StructureSet::speculationFromStructures):
    (JSC::StructureSet::arrayModesFromStructures):
    (JSC::StructureSet::dumpInContext):
    (JSC::StructureSet::dump):
    (JSC::StructureSet::addOutOfLine):
    (JSC::StructureSet::containsOutOfLine):
    (JSC::StructureSet::copyFrom):
    (JSC::StructureSet::OutOfLineList::create):
    (JSC::StructureSet::OutOfLineList::destroy):
    * bytecode/StructureSet.h:
    (JSC::StructureSet::StructureSet):
    (JSC::StructureSet::~StructureSet):
    (JSC::StructureSet::onlyStructure):
    (JSC::StructureSet::isEmpty):
    (JSC::StructureSet::size):
    (JSC::StructureSet::at):
    (JSC::StructureSet::operator[]):
    (JSC::StructureSet::last):
    (JSC::StructureSet::OutOfLineList::list):
    (JSC::StructureSet::OutOfLineList::OutOfLineList):
    (JSC::StructureSet::deleteStructureListIfNecessary):
    (JSC::StructureSet::isThin):
    (JSC::StructureSet::pointer):
    (JSC::StructureSet::singleStructure):
    (JSC::StructureSet::structureList):
    (JSC::StructureSet::set):
    (JSC::StructureSet::clear): Deleted.
    (JSC::StructureSet::add): Deleted.
    (JSC::StructureSet::addAll): Deleted.
    (JSC::StructureSet::remove): Deleted.
    (JSC::StructureSet::contains): Deleted.
    (JSC::StructureSet::containsOnly): Deleted.
    (JSC::StructureSet::isSubsetOf): Deleted.
    (JSC::StructureSet::overlaps): Deleted.
    (JSC::StructureSet::singletonStructure): Deleted.
    (JSC::StructureSet::speculationFromStructures): Deleted.
    (JSC::StructureSet::arrayModesFromStructures): Deleted.
    (JSC::StructureSet::operator==): Deleted.
    (JSC::StructureSet::dumpInContext): Deleted.
    (JSC::StructureSet::dump): Deleted.
    * dfg/DFGAbstractInterpreterInlines.h:
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::emitPrototypeChecks):
    (JSC::DFG::ByteCodeParser::handleGetById):
    (JSC::DFG::ByteCodeParser::parseBlock):
    * dfg/DFGCSEPhase.cpp:
    (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination):
    * dfg/DFGNode.h:
    (JSC::DFG::Node::convertToStructureTransitionWatchpoint):
    * dfg/DFGTypeCheckHoistingPhase.cpp:
    (JSC::DFG::TypeCheckHoistingPhase::noticeStructureCheck):

Source/WTF:

    2014-06-04  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] AI should be able track structure sets larger than 1
    https://bugs.webkit.org/show_bug.cgi?id=128073

    Reviewed by Oliver Hunt.

    * wtf/Bag.h:
    (WTF::Bag::Node::Node):
    (WTF::Bag::add):

LayoutTests:

    2014-06-04  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] AI should be able track structure sets larger than 1
    https://bugs.webkit.org/show_bug.cgi?id=128073

    Reviewed by Oliver Hunt.

    * js/regress/get-by-id-bimorphic-check-structure-elimination-expected.txt: Added.
    * js/regress/get-by-id-bimorphic-check-structure-elimination-simple-expected.txt: Added.
    * js/regress/get-by-id-bimorphic-check-structure-elimination-simple.html: Added.
    * js/regress/get-by-id-bimorphic-check-structure-elimination.html: Added.
    * js/regress/get-by-id-check-structure-elimination-expected.txt: Added.
    * js/regress/get-by-id-check-structure-elimination.html: Added.
    * js/regress/get-by-id-quadmorphic-check-structure-elimination-simple-expected.txt: Added.
    * js/regress/get-by-id-quadmorphic-check-structure-elimination-simple.html: Added.
    * js/regress/script-tests/get-by-id-bimorphic-check-structure-elimination-simple.js: Added.
    * js/regress/script-tests/get-by-id-bimorphic-check-structure-elimination.js: Added.
    * js/regress/script-tests/get-by-id-check-structure-elimination.js: Added.
    * js/regress/script-tests/get-by-id-quadmorphic-check-structure-elimination-simple.js: Added.

    2014-06-03  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] FTL native inlining tests take far too long
    https://bugs.webkit.org/show_bug.cgi?id=133498

    Unreviewed test gardening.

    Move long-running tests that focus on correctness into JSC/tests/stress.
    Speed up the performance tests by reducing allocation and call overhead.

    * js/regress/ftl-library-inlining-exceptions-expected.txt: Removed.
    * js/regress/ftl-library-inlining-exceptions.html: Removed.
    * js/regress/ftl-library-inlining-folding-expected.txt: Removed.
    * js/regress/ftl-library-inlining-folding.html: Removed.
    * js/regress/ftl-library-inlining-loops-expected.txt: Removed.
    * js/regress/ftl-library-inlining-loops.html: Removed.
    * js/regress/script-tests/ftl-library-inlining-dataview.js:
    (foo): Deleted.
    * js/regress/script-tests/ftl-library-inlining-exceptions.js: Removed.
    * js/regress/script-tests/ftl-library-inlining-folding.js: Removed.
    * js/regress/script-tests/ftl-library-inlining-loops.js: Removed.
    * js/regress/script-tests/ftl-library-inlining.js:
    (foo): Deleted.

    2014-06-03  Matthew Mirman  <mmirman@apple.com>

    [ftlopt] Added system for inlining native functions via the FTL.
    https://bugs.webkit.org/show_bug.cgi?id=131515

    Reviewed by Filip Pizlo.

    Adds microbenchmarks.

    * js/regress/script-tests/ftl-library-inlining.js: Added.
    * js/regress/ftl-library-inlining-expected.txt: Added.
    * js/regress/ftl-library-inlining.html: Added.
    * js/regress/script-tests/ftl-library-inlining-dataview.js: Added.
    * js/regress/ftl-library-inlining-dataview-expected.txt: Added.
    * js/regress/ftl-library-inlining-dataview.html: Added.
    * js/regress/script-tests/ftl-library-inlining-exceptions.js: Added.
    * js/regress/ftl-library-inlining-exceptions-expected.txt: Added.
    * js/regress/ftl-library-inlining-exceptions.html: Added.
    * js/regress/script-tests/ftl-library-inlining-folding.js: Added.
    * js/regress/ftl-library-inlining-folding-expected.txt: Added.
    * js/regress/ftl-library-inlining-folding-expected.html: Added.
    * js/regress/script-tests/ftl-library-inlining-loops.js: Added.
    * js/regress/ftl-library-inlining-loops-expected.txt: Added.
    * js/regress/ftl-library-inlining-loops.html: Added.

    2014-05-21  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] DFG::clobberize should be blind to the effects of GC
    https://bugs.webkit.org/show_bug.cgi?id=133166

    Reviewed by Geoffrey Garen.

    * js/regress/hoist-make-rope-expected.txt: Added.
    * js/regress/hoist-make-rope.html: Added.
    * js/regress/script-tests/hoist-make-rope.js: Added.
    (foo):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171380 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoRemove dead APIs from TiledBackingStore
ryuan.choi@samsung.com [Wed, 23 Jul 2014 01:12:32 +0000 (01:12 +0000)]
Remove dead APIs from TiledBackingStore
https://bugs.webkit.org/show_bug.cgi?id=135158

Reviewed by Gyuyoung Kim.

setContentsFrozen and related code of TiledBackingStore are not used since Qt port is removed.

* platform/graphics/TiledBackingStore.cpp:
(WebCore::TiledBackingStore::TiledBackingStore):
(WebCore::TiledBackingStore::updateTileBuffers):
(WebCore::TiledBackingStore::setContentsScale):
(WebCore::TiledBackingStore::createTiles):
(WebCore::TiledBackingStore::startTileBufferUpdateTimer):
(WebCore::TiledBackingStore::startBackingStoreUpdateTimer):
(WebCore::TiledBackingStore::commitScaleChange): Deleted.
(WebCore::TiledBackingStore::isBackingStoreUpdatesSuspended): Deleted.
(WebCore::TiledBackingStore::isTileBufferUpdatesSuspended): Deleted.
(WebCore::TiledBackingStore::setContentsFrozen): Deleted.
* platform/graphics/TiledBackingStore.h:
(WebCore::TiledBackingStore::contentsFrozen): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171379 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix window-inactive css selectors when using querySelector.
commit-queue@webkit.org [Wed, 23 Jul 2014 01:01:55 +0000 (01:01 +0000)]
Fix window-inactive css selectors when using querySelector.
https://bugs.webkit.org/show_bug.cgi?id=135149

Patch by Alex Christensen <achristensen@webkit.org> on 2014-07-22
Reviewed by Tim Horton.

Source/WebCore:
Test: fast/selectors/querySelector-window-inactive.html

* css/SelectorChecker.cpp:
(WebCore::SelectorChecker::checkOne):
Removed default and implemented case PseudoClassWindowInactive.

LayoutTests:
* fast/selectors/querySelector-window-inactive-expected.txt: Added.
* fast/selectors/querySelector-window-inactive.html: Added.
* platform/wk2/TestExpectations:
Added querySelector-window-inactive.html to list of tests that do not work in WK2 because of setWindowIsKey.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171378 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION (r171016): Reproducible infinite spin selecting phone number
timothy_horton@apple.com [Wed, 23 Jul 2014 00:36:13 +0000 (00:36 +0000)]
REGRESSION (r171016): Reproducible infinite spin selecting phone number
https://bugs.webkit.org/show_bug.cgi?id=135183
<rdar://problem/17727342>

Reviewed by Ryosuke Niwa.

* editing/Editor.cpp:
(WebCore::Editor::scanRangeForTelephoneNumbers):
Make use of TextIterator::subrange, which knows how to make a subrange from character positions,
instead of assuming that our character positions translate directly to positions in the incoming range.
Make use of DocumentMarkerController::addMarker, which takes a range and applies the marker to
all text nodes inside the range as appropriate.
Fix naming of the shadowed 'length' local.
Fix a typo in the comment.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171376 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS] [OSX] Don't transcode WOFF on platforms that support it natively
mmaxfield@apple.com [Wed, 23 Jul 2014 00:35:27 +0000 (00:35 +0000)]
[iOS] [OSX] Don't transcode WOFF on platforms that support it natively
https://bugs.webkit.org/show_bug.cgi?id=134904

Reviewed by Andreas Kling.

No new tests because there is no behavior change.

* loader/cache/CachedFont.cpp:
(WebCore::CachedFont::ensureCustomFontData):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171375 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed build fix on EFL port after r171356.
jinwoo7.song@samsung.com [Wed, 23 Jul 2014 00:14:06 +0000 (00:14 +0000)]
Unreviewed build fix on EFL port after r171356.

Implement a dummy platformMediaCacheDirectory() to avoid undefined reference error.

* UIProcess/efl/WebContextEfl.cpp:
(WebKit::WebContext::platformMediaCacheDirectory):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171373 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed build fix attempt on the EFL port after r171362.
ryuan.choi@samsung.com [Tue, 22 Jul 2014 23:52:08 +0000 (23:52 +0000)]
Unreviewed build fix attempt on the EFL port after r171362.

Build break because of -Werror=return-type

* bytecode/GetByIdStatus.cpp:
(JSC::GetByIdStatus::makesCalls):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171372 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Win] Crash after plugin is unloaded.
commit-queue@webkit.org [Tue, 22 Jul 2014 23:33:09 +0000 (23:33 +0000)]
[Win] Crash after plugin is unloaded.
https://bugs.webkit.org/show_bug.cgi?id=119044

Patch by peavo@outlook.com <peavo@outlook.com> on 2014-07-22
Reviewed by Darin Adler.

We need to invalidate all runtime objects when a plugin view is destroyed, in case the plugin is unloaded,
and one of these runtime objects accesses the plugin function table upon destruction afterwards, which will cause a crash.
If we use the weak pointer to the runtime object when invalidating, it will be null if it's in the WeakImpl::Dead state.
This means the runtime object will not be invalidated, possibly causing a crash if the plugin is unloaded.
It should be safe to use the raw pointer to the runtime object when invalidating, since finalized runtime objects
will be removed from the set of runtime objects in the method RootObject::finalize().

* bridge/runtime_root.cpp:
(JSC::Bindings::RootObject::invalidate): Make sure all runtime objects are invalidated by getting the raw runtime object pointer from the hash key.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171371 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION (WebKit2): Selection inside accelerated overflow:scroll doesn't track...
enrica@apple.com [Tue, 22 Jul 2014 23:28:37 +0000 (23:28 +0000)]
REGRESSION (WebKit2): Selection inside accelerated overflow:scroll doesn't track scrolling.
https://bugs.webkit.org/show_bug.cgi?id=135180
<rdar://problem/16721055>

Reviewed by Simon Fraser.

Source/WebCore:
AsyncScrollingCoordinator will force a selection update on iOS
when scrolling terminates in an overflow scroll.

* loader/EmptyClients.h:
* page/EditorClient.h:
* page/scrolling/AsyncScrollingCoordinator.cpp:
(WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
* page/scrolling/ScrollingTree.h:
(WebCore::ScrollingTree::scrollingTreeNodeWillStartScroll):
(WebCore::ScrollingTree::scrollingTreeNodeDidEndScroll):

Source/WebKit/mac:
* WebCoreSupport/WebEditorClient.h:

Source/WebKit2:
Adds notifications to the WKContentView to know when scrolling starts and ends
in an overflow scroll. When scrolling starts, we hide the selection and we restore
it when scrolling ends, though not before the selection information in the editor
state has been updated.
It also adds a new method to the EditorClient class to force the
selection update when scrolling is completed.

* UIProcess/PageClient.h:
* UIProcess/Scrolling/RemoteScrollingCoordinatorProxy.h:
* UIProcess/Scrolling/RemoteScrollingTree.cpp:
(WebKit::RemoteScrollingTree::scrollingTreeNodeWillStartScroll):
(WebKit::RemoteScrollingTree::scrollingTreeNodeDidEndScroll):
* UIProcess/Scrolling/RemoteScrollingTree.h:
* UIProcess/Scrolling/ios/ScrollingTreeOverflowScrollingNodeIOS.h:
* UIProcess/Scrolling/ios/ScrollingTreeOverflowScrollingNodeIOS.mm:
(-[WKOverflowScrollViewDelegate scrollViewWillBeginDragging:]):
(-[WKOverflowScrollViewDelegate scrollViewDidEndDragging:willDecelerate:]):
(-[WKOverflowScrollViewDelegate scrollViewDidEndDecelerating:]):
(WebKit::ScrollingTreeOverflowScrollingNodeIOS::overflowScrollWillStart):
(WebKit::ScrollingTreeOverflowScrollingNodeIOS::overflowScrollDidEnd):
* UIProcess/WebPageProxy.h:
* UIProcess/ios/PageClientImplIOS.h:
* UIProcess/ios/PageClientImplIOS.mm:
(WebKit::PageClientImpl::overflowScrollWillStartScroll):
(WebKit::PageClientImpl::overflowScrollDidEndScroll):
* UIProcess/ios/RemoteScrollingCoordinatorProxyIOS.mm:
(WebKit::RemoteScrollingCoordinatorProxy::scrollingTreeNodeWillStartScroll):
(WebKit::RemoteScrollingCoordinatorProxy::scrollingTreeNodeDidEndScroll):
* UIProcess/ios/WKContentViewInteraction.h:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _overflowScrollingWillBegin]):
(-[WKContentView _overflowScrollingDidEnd]):
(-[WKContentView _updateChangedSelection]):
* UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::overflowScrollWillStartScroll):
(WebKit::WebPageProxy::overflowScrollDidEndScroll):
* WebProcess/WebCoreSupport/WebEditorClient.h:
* WebProcess/WebCoreSupport/WebEditorClient.cpp:
* WebProcess/WebCoreSupport/ios/WebEditorClientIOS.mm:
(WebKit::WebEditorClient::updateSelection):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171370 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS][WK2] WebPageProxy should not do anything when responding to an animated resize...
benjamin@webkit.org [Tue, 22 Jul 2014 22:32:40 +0000 (22:32 +0000)]
[iOS][WK2] WebPageProxy should not do anything when responding to an animated resize is the page is not in a valid state
https://bugs.webkit.org/show_bug.cgi?id=135169
<rdar://problem/17740149>

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-07-22
Reviewed by Tim Horton.

* UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::dynamicViewportSizeUpdate):
Neither m_dynamicViewportSizeUpdateWaitingForTarget nor m_dynamicViewportSizeUpdateWaitingForLayerTreeCommit should
be modified if there is not WebProcess to respond to DynamicViewportSizeUpdate.

(WebKit::WebPageProxy::synchronizeDynamicViewportUpdate):
We should not attempt to synchronize anything if the page was closed before the end of the dynamic viewport
update.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171368 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoJSLock release should only modify the AtomicStringTable if it modified in acquire
joepeck@webkit.org [Tue, 22 Jul 2014 22:09:34 +0000 (22:09 +0000)]
JSLock release should only modify the AtomicStringTable if it modified in acquire
https://bugs.webkit.org/show_bug.cgi?id=135143

Reviewed by Pratik Solanki.

* runtime/JSLock.cpp:
(JSC::JSLock::willDestroyVM):
(JSC::JSLock::willReleaseLock):
Only set the AtomicStringTable when there was a VM, to balance JSLock::didAcquireLock.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171367 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION (r171239): Much more time spent taking snapshots during the PLT
timothy_horton@apple.com [Tue, 22 Jul 2014 21:46:43 +0000 (21:46 +0000)]
REGRESSION (r171239): Much more time spent taking snapshots during the PLT
https://bugs.webkit.org/show_bug.cgi?id=135177
<rdar://problem/17764847>

Reviewed by Dan Bernstein.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::willChangeCurrentHistoryItemForMainFrame):
(WebKit::WebPageProxy::willChangeCurrentHistoryItem): Deleted.
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::willChangeCurrentHistoryItem):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::willChangeCurrentHistoryItemForMainFrame):
(WebKit::WebPage::willChangeCurrentHistoryItem): Deleted.
* WebProcess/WebPage/WebPage.h:
Rename WillChangeCurrentHistoryItem to WillChangeCurrentHistoryItemForMainFrame.
Only send it when the current history item for the main frame changes.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171366 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAdd accountsd access to network sandbox profile
oliver@apple.com [Tue, 22 Jul 2014 21:32:28 +0000 (21:32 +0000)]
Add accountsd access to network sandbox profile
https://bugs.webkit.org/show_bug.cgi?id=135176
<rdar://17656487>

Reviewed by Anders Carlsson.

This is available to the webcontent process already, but is also
needed for the networking process.

* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171365 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix cloop build.
fpizlo@apple.com [Tue, 22 Jul 2014 21:30:48 +0000 (21:30 +0000)]
Fix cloop build.

* bytecode/CallLinkStatus.cpp:
(JSC::CallLinkStatus::computeExitSiteData):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171364 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoRemove unused com.apple.webkit.* rules from profiles
oliver@apple.com [Tue, 22 Jul 2014 21:25:24 +0000 (21:25 +0000)]
Remove unused com.apple.webkit.* rules from profiles
https://bugs.webkit.org/show_bug.cgi?id=135174
<rdar://17755931>

Reviewed by Anders Carlsson.

We never send these rules so we should just remove use of them
from the profiles.

* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171363 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoMerge r168635, r168780, r169005, r169014, and r169143 from ftlopt.
fpizlo@apple.com [Tue, 22 Jul 2014 21:08:50 +0000 (21:08 +0000)]
Merge r168635, r168780, r169005, r169014, and r169143 from ftlopt.

    2014-05-20  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] DFG bytecode parser should turn GetById with nothing but a Getter stub as stuff+handleCall, and handleCall should be allowed to inline if it wants to
    https://bugs.webkit.org/show_bug.cgi?id=133105

    Reviewed by Michael Saboff.

Source/JavaScriptCore:

    - GetByIdStatus now knows about getters and can report intelligent things about them.
      As is usually the case with how we do these things, GetByIdStatus knows more about
      getters than the DFG can actually handle: it'll report details about polymorphic
      getter calls even though the DFG won't be able to handle those. This is fine; the DFG
      will see those statuses and bail to a generic slow path.

    - The DFG::ByteCodeParser now knows how to set up and do handleCall() for a getter call.
      This can, and usually does, result in inlining of getters!

    - CodeOrigin and OSR exit know about inlined getter calls. When you OSR out of an
      inlined getter, we set the return PC to a getter return thunk that fixes up the stack.
      We use the usual offset-true-return-PC trick, where OSR exit places the true return PC
      of the getter's caller as a phony argument that only the thunk knows how to find.

    - Removed a bunch of dead monomorphic chain support from StructureStubInfo.

    - A large chunk of this change is dragging GetGetterSetterByOffset, GetGetter, and
      GetSetter through the DFG and FTL. GetGetterSetterByOffset is like GetByOffset except
      that we know that we're returning a GetterSetter cell. GetGetter and GetSetter extract
      the getter, or setter, from the GetterSetter.

    This is a ~2.5x speed-up on the getter microbenchmarks that we already had. So far none
    of the "real" benchmarks exercise getters enough for this to matter. But I noticed that
    some of the variants of the Richards benchmark in other languages - for example
    Wolczko's Java translation of a C++ translation of Deutsch's Smalltalk version - use
    getters and setters extensively. So, I created a getter/setter JavaScript version of
    Richards and put it in regress/script-tests/getter-richards.js. That sees about a 2.4x
    speed-up from this patch, which is very reassuring.

    * bytecode/CodeBlock.cpp:
    (JSC::CodeBlock::printGetByIdCacheStatus):
    (JSC::CodeBlock::findStubInfo):
    * bytecode/CodeBlock.h:
    * bytecode/CodeOrigin.cpp:
    (WTF::printInternal):
    * bytecode/CodeOrigin.h:
    (JSC::InlineCallFrame::specializationKindFor):
    * bytecode/GetByIdStatus.cpp:
    (JSC::GetByIdStatus::computeFor):
    (JSC::GetByIdStatus::computeForStubInfo):
    (JSC::GetByIdStatus::makesCalls):
    (JSC::GetByIdStatus::computeForChain): Deleted.
    * bytecode/GetByIdStatus.h:
    (JSC::GetByIdStatus::makesCalls): Deleted.
    * bytecode/GetByIdVariant.cpp:
    (JSC::GetByIdVariant::~GetByIdVariant):
    (JSC::GetByIdVariant::GetByIdVariant):
    (JSC::GetByIdVariant::operator=):
    (JSC::GetByIdVariant::dumpInContext):
    * bytecode/GetByIdVariant.h:
    (JSC::GetByIdVariant::GetByIdVariant):
    (JSC::GetByIdVariant::callLinkStatus):
    * bytecode/PolymorphicGetByIdList.cpp:
    (JSC::GetByIdAccess::fromStructureStubInfo):
    (JSC::PolymorphicGetByIdList::from):
    * bytecode/SpeculatedType.h:
    * bytecode/StructureStubInfo.cpp:
    (JSC::StructureStubInfo::deref):
    (JSC::StructureStubInfo::visitWeakReferences):
    * bytecode/StructureStubInfo.h:
    (JSC::isGetByIdAccess):
    (JSC::StructureStubInfo::initGetByIdChain): Deleted.
    * dfg/DFGAbstractHeap.h:
    * dfg/DFGAbstractInterpreterInlines.h:
    (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::addCall):
    (JSC::DFG::ByteCodeParser::handleCall):
    (JSC::DFG::ByteCodeParser::handleInlining):
    (JSC::DFG::ByteCodeParser::handleGetByOffset):
    (JSC::DFG::ByteCodeParser::handleGetById):
    (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
    (JSC::DFG::ByteCodeParser::parse):
    * dfg/DFGCSEPhase.cpp:
    (JSC::DFG::CSEPhase::getGetterSetterByOffsetLoadElimination):
    (JSC::DFG::CSEPhase::getInternalFieldLoadElimination):
    (JSC::DFG::CSEPhase::performNodeCSE):
    (JSC::DFG::CSEPhase::getTypedArrayByteOffsetLoadElimination): Deleted.
    * dfg/DFGClobberize.h:
    (JSC::DFG::clobberize):
    * dfg/DFGFixupPhase.cpp:
    (JSC::DFG::FixupPhase::fixupNode):
    * dfg/DFGJITCompiler.cpp:
    (JSC::DFG::JITCompiler::linkFunction):
    * dfg/DFGNode.h:
    (JSC::DFG::Node::hasStorageAccessData):
    * dfg/DFGNodeType.h:
    * dfg/DFGOSRExitCompilerCommon.cpp:
    (JSC::DFG::reifyInlinedCallFrames):
    * dfg/DFGPredictionPropagationPhase.cpp:
    (JSC::DFG::PredictionPropagationPhase::propagate):
    * dfg/DFGSafeToExecute.h:
    (JSC::DFG::safeToExecute):
    * dfg/DFGSpeculativeJIT32_64.cpp:
    (JSC::DFG::SpeculativeJIT::compile):
    * dfg/DFGSpeculativeJIT64.cpp:
    (JSC::DFG::SpeculativeJIT::compile):
    * ftl/FTLAbstractHeapRepository.cpp:
    * ftl/FTLAbstractHeapRepository.h:
    * ftl/FTLCapabilities.cpp:
    (JSC::FTL::canCompile):
    * ftl/FTLLink.cpp:
    (JSC::FTL::link):
    * ftl/FTLLowerDFGToLLVM.cpp:
    (JSC::FTL::LowerDFGToLLVM::compileNode):
    (JSC::FTL::LowerDFGToLLVM::compileGetGetter):
    (JSC::FTL::LowerDFGToLLVM::compileGetSetter):
    * jit/AccessorCallJITStubRoutine.h:
    * jit/JIT.cpp:
    (JSC::JIT::assertStackPointerOffset):
    (JSC::JIT::privateCompile):
    * jit/JIT.h:
    * jit/JITPropertyAccess.cpp:
    (JSC::JIT::emit_op_get_by_id):
    * jit/ThunkGenerators.cpp:
    (JSC::arityFixupGenerator):
    (JSC::baselineGetterReturnThunkGenerator):
    (JSC::baselineSetterReturnThunkGenerator):
    (JSC::arityFixup): Deleted.
    * jit/ThunkGenerators.h:
    * runtime/CommonSlowPaths.cpp:
    (JSC::setupArityCheckData):
    * tests/stress/exit-from-getter.js: Added.
    * tests/stress/poly-chain-getter.js: Added.
    (Cons):
    (foo):
    (test):
    * tests/stress/poly-chain-then-getter.js: Added.
    (Cons1):
    (Cons2):
    (foo):
    (test):
    * tests/stress/poly-getter-combo.js: Added.
    (Cons1):
    (Cons2):
    (foo):
    (test):
    (.test):
    * tests/stress/poly-getter-then-chain.js: Added.
    (Cons1):
    (Cons2):
    (foo):
    (test):
    * tests/stress/poly-getter-then-self.js: Added.
    (foo):
    (test):
    (.test):
    * tests/stress/poly-self-getter.js: Added.
    (foo):
    (test):
    (getter):
    * tests/stress/poly-self-then-getter.js: Added.
    (foo):
    (test):
    * tests/stress/weird-getter-counter.js: Added.
    (foo):
    (test):

    2014-05-17  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] Factor out how CallLinkStatus uses exit site data
    https://bugs.webkit.org/show_bug.cgi?id=133042

    Reviewed by Anders Carlsson.

    This makes it easier to use CallLinkStatus from clients that are calling into after
    already holding some of the relevant locks. This is necessary because we use a "one lock
    at a time" policy for CodeBlock locks: if you hold one then you're not allowed to acquire
    any of the others. So, any code that needs to lock multiple CodeBlock locks needs to sort
    of lock one, do some stuff, release it, then lock another, and then do more stuff. The
    exit site data corresponds to the stuff you do while holding the baseline lock, while the
    CallLinkInfo method corresponds to the stuff you do while holding the CallLinkInfo owner's
    lock.

    * bytecode/CallLinkStatus.cpp:
    (JSC::CallLinkStatus::computeFor):
    (JSC::CallLinkStatus::computeExitSiteData):
    (JSC::CallLinkStatus::computeDFGStatuses):
    * bytecode/CallLinkStatus.h:
    (JSC::CallLinkStatus::ExitSiteData::ExitSiteData):

    2014-05-17  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] InlineCallFrame::isCall should be an enumeration
    https://bugs.webkit.org/show_bug.cgi?id=133034

    Reviewed by Sam Weinig.

    Once we start inlining getters and setters, we'll want InlineCallFrame to be able to tell
    us that the inlined call was a getter call or a setter call. Initially I thought I would
    have a new field called "kind" that would have components NormalCall, GetterCall, and
    SetterCall. But that doesn't make sense, because for GetterCall and SetterCall, isCall
    would have to be true. Hence, It makes more sense to have one enumeration that is Call,
    Construct, GetterCall, or SetterCall. This patch is a first step towards this.

    It's interesting that isClosureCall should probably still be separate, since getter and
    setter inlining could inline closure calls.

    * bytecode/CodeBlock.h:
    (JSC::baselineCodeBlockForInlineCallFrame):
    * bytecode/CodeOrigin.cpp:
    (JSC::InlineCallFrame::dumpInContext):
    (WTF::printInternal):
    * bytecode/CodeOrigin.h:
    (JSC::InlineCallFrame::kindFor):
    (JSC::InlineCallFrame::specializationKindFor):
    (JSC::InlineCallFrame::InlineCallFrame):
    (JSC::InlineCallFrame::specializationKind):
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
    * dfg/DFGOSRExitPreparation.cpp:
    (JSC::DFG::prepareCodeOriginForOSRExit):
    * runtime/Arguments.h:
    (JSC::Arguments::finishCreation):

    2014-05-13  Filip Pizlo  <fpizlo@apple.com>

    [ftlopt] DFG should not exit due to inadequate profiling coverage when it can trivially fill in the profiling coverage due to variable constant inference and the better prediction modeling of typed array GetByVals
    https://bugs.webkit.org/show_bug.cgi?id=132896

    Reviewed by Geoffrey Garen.

    This is a slight win on SunSpider, but it's meant to ultimately help us on
    embenchen/lua. We already do well on that benchmark but our convergence is slower than
    I'd like.

    * dfg/DFGArrayMode.cpp:
    (JSC::DFG::ArrayMode::refine):
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::parseBlock):
    * dfg/DFGFixupPhase.cpp:
    (JSC::DFG::FixupPhase::fixupNode):
    * dfg/DFGPredictionPropagationPhase.cpp:
    (JSC::DFG::PredictionPropagationPhase::propagate):

    2014-05-08  Filip Pizlo  <fpizlo@apple.com>

    jsSubstring() should be lazy
    https://bugs.webkit.org/show_bug.cgi?id=132556

    Reviewed by Andreas Kling.

    jsSubstring() is now lazy by using a special rope that is a substring instead of a
    concatenation. To make this patch super simple, we require that a substring's base is
    never a rope. Hence, when resolving a rope, we either go down a non-recursive substring
    path, or we go down a concatenation path which may see exactly one level of substrings in
    its fibers.

    This is up to a 50% speed-up on microbenchmarks and a 10% speed-up on Octane/regexp.

    Relanding this with assertion fixes.

    * heap/MarkedBlock.cpp:
    (JSC::MarkedBlock::specializedSweep):
    * runtime/JSString.cpp:
    (JSC::JSRopeString::visitFibers):
    (JSC::JSRopeString::resolveRopeInternal8):
    (JSC::JSRopeString::resolveRopeInternal16):
    (JSC::JSRopeString::clearFibers):
    (JSC::JSRopeString::resolveRope):
    (JSC::JSRopeString::resolveRopeSlowCase8):
    (JSC::JSRopeString::resolveRopeSlowCase):
    * runtime/JSString.h:
    (JSC::JSRopeString::finishCreation):
    (JSC::JSRopeString::append):
    (JSC::JSRopeString::create):
    (JSC::JSRopeString::offsetOfFibers):
    (JSC::JSRopeString::fiber):
    (JSC::JSRopeString::substringBase):
    (JSC::JSRopeString::substringOffset):
    (JSC::JSRopeString::notSubstringSentinel):
    (JSC::JSRopeString::substringSentinel):
    (JSC::JSRopeString::isSubstring):
    (JSC::JSRopeString::setIsSubstring):
    (JSC::jsSubstring):
    * runtime/RegExpMatchesArray.cpp:
    (JSC::RegExpMatchesArray::reifyAllProperties):
    * runtime/StringPrototype.cpp:
    (JSC::stringProtoFuncSubstring):

Source/WTF:

    * wtf/Bag.h:
    (WTF::Bag::iterator::operator!=):

LayoutTests:

    * js/regress/getter-no-activation-expected.txt: Added.
    * js/regress/getter-no-activation.html: Added.
    * js/regress/script-tests/getter-no-activation.js: Added.
    * js/regress/getter-richards-expected.txt: Added.
    * js/regress/getter-richards.html: Added.
    * js/regress/script-tests/getter-richards.js: Added.

    2014-05-08  Filip Pizlo  <fpizlo@apple.com>

    jsSubstring() should be lazy
    https://bugs.webkit.org/show_bug.cgi?id=132556

    Reviewed by Andreas Kling.

    These tests get 35-50% faster.

    * js/regress/script-tests/substring-concat-weird.js: Added.
    (foo):
    * js/regress/script-tests/substring-concat.js: Added.
    (foo):
    * js/regress/script-tests/substring.js: Added.
    (foo):
    * js/regress/substring-concat-expected.txt: Added.
    * js/regress/substring-concat-weird-expected.txt: Added.
    * js/regress/substring-concat-weird.html: Added.
    * js/regress/substring-concat.html: Added.
    * js/regress/substring-expected.txt: Added.
    * js/regress/substring.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171362 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoPerf dashboard spends 2s processing JSON data during the page loads
rniwa@webkit.org [Tue, 22 Jul 2014 20:57:54 +0000 (20:57 +0000)]
Perf dashboard spends 2s processing JSON data during the page loads
https://bugs.webkit.org/show_bug.cgi?id=135152

Reviewed by Andreas Kling.

In the Apple internal dashboard, we were spending as much as 2 seconds
converting raw JSON data into proper JS objects while loading the dashboard.

This caused the apparent unresponsiveness of the dashboard despite of the fact
charts themselves updated almost instantaneously.

* public/index.html:
* public/js/helper-classes.js:
(TestBuild): Compute the return values of formattedTime and formattedBuildTime
lazily as creating new Date objects and running string replace is expensive.
(TestBuild.formattedTime):
(TestBuild.formattedBuildTime):
(PerfTestRuns.setResults): Added. Pushing each result was the biggest bottle neck.
(PerfTestRuns.addResult): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171361 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Mac] Cocoa throws exception when the return type of NSAccessibilityLinkedUIElementsA...
mmaxfield@apple.com [Tue, 22 Jul 2014 20:51:13 +0000 (20:51 +0000)]
[Mac] Cocoa throws exception when the return type of NSAccessibilityLinkedUIElementsAttribute is not an array
https://bugs.webkit.org/show_bug.cgi?id=135165

Reviewed by Simon Fraser.

Source/WebCore:
Return an empty array instead of nil.

Updated tests.

* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

LayoutTests:
Updating tests.

* accessibility/parent-delete-expected.txt:
* accessibility/transformed-element-expected.txt:
* platform/mac/accessibility/aria-columnrowheaders-expected.txt:
* platform/mac/accessibility/bounds-for-range-expected.txt:
* platform/mac/accessibility/document-attributes-expected.txt:
* platform/mac/accessibility/document-links-expected.txt:
* platform/mac/accessibility/image-link-expected.txt:
* platform/mac/accessibility/image-map2-expected.txt:
* platform/mac/accessibility/internal-link-anchors-expected.txt:
* platform/mac/accessibility/internal-link-anchors2-expected.txt:
* platform/mac/accessibility/lists-expected.txt:
* platform/mac/accessibility/plugin-expected.txt:
* platform/mac/accessibility/table-attributes-expected.txt:
* platform/mac/accessibility/table-cell-spans-expected.txt:
* platform/mac/accessibility/table-cells-expected.txt:
* platform/mac/accessibility/table-detection-expected.txt:
* platform/mac/accessibility/table-one-cell-expected.txt:
* platform/mac/accessibility/table-sections-expected.txt:
* platform/mac/accessibility/table-with-rules-expected.txt:
* platform/mac-mountainlion/accessibility/lists-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171360 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed, rolling out r171357.
commit-queue@webkit.org [Tue, 22 Jul 2014 20:28:40 +0000 (20:28 +0000)]
Unreviewed, rolling out r171357.
https://bugs.webkit.org/show_bug.cgi?id=135173

broke Windows build. (Requested by bfulgham on #webkit).

Reverted changeset:

"[Win] Fix Crash when handling Legible Output callbacks"
https://bugs.webkit.org/show_bug.cgi?id=134946
http://trac.webkit.org/changeset/171357

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171359 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Mac] accessibility/aria-columnrowheaders.html doesn't test lengths of arrays
mmaxfield@apple.com [Tue, 22 Jul 2014 20:22:40 +0000 (20:22 +0000)]
[Mac] accessibility/aria-columnrowheaders.html doesn't test lengths of arrays
https://bugs.webkit.org/show_bug.cgi?id=135166

Reviewed by Chris Fleizach.

Using debug() interprets strings like "<array of size 0>" as markup, thereby not
showing it in the expected output. Instead, we should use innerText (which is
what all the other accessibility tests use).

* platform/mac/accessibility/aria-columnrowheaders-expected.txt:
* platform/mac/accessibility/aria-columnrowheaders.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171358 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Win] Fix Crash when handling Legible Output callbacks
bfulgham@apple.com [Tue, 22 Jul 2014 20:00:26 +0000 (20:00 +0000)]
[Win] Fix Crash when handling Legible Output callbacks
https://bugs.webkit.org/show_bug.cgi?id=134946

Reviewed by Dean Jackson.

* platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
(WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Remove
Windows-specific 'ASSERT_NOT_REACHED' code path.
* platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
(WebCore::createLegibleOutputSubtypes): Added.
(WebCore::AVFWrapper::createPlayerItem): Updated to request native
samples from AVFoundationCF.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171357 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoProvide networking process with access to its HSTS db
oliver@apple.com [Tue, 22 Jul 2014 19:58:25 +0000 (19:58 +0000)]
Provide networking process with access to its HSTS db
https://bugs.webkit.org/show_bug.cgi?id=135121
<rdar://17654369>

Reviewed by Alexey Proskuryakov.

Add an extension parameter to pass the hsts database file.
This requires us to create the Caches/com.apple.WebKit.Networking
directory in the UI process, as the network sandbox
does not allow it to create the containing directory.

* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):
* Shared/Network/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode):
(WebKit::NetworkProcessCreationParameters::decode):
* Shared/Network/NetworkProcessCreationParameters.h:
* UIProcess/WebContext.cpp:
(WebKit::WebContext::ensureNetworkProcess):
(WebKit::WebContext::networkingHSTSDatabasePath):
* UIProcess/WebContext.h:
* UIProcess/mac/WebContextMac.mm:
(WebKit::WebContext::platformDefaultNetworkingHSTSDatabasePath):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171356 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Cocoa] WKScriptMessageHandlers don't seem to function properly after navigating
weinig@apple.com [Tue, 22 Jul 2014 19:48:24 +0000 (19:48 +0000)]
[Cocoa] WKScriptMessageHandlers don't seem to function properly after navigating
https://bugs.webkit.org/show_bug.cgi?id=135148

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:
* runtime/CommonIdentifiers.h:
Add a common identifier for the string "webkit".

Source/WebCore:
The "webkit" property on the window was not getting installed for subsequent
loads due to intricate dance playing setting the JSDOMWindow where the DOMWindow
object is not yet in a Frame when the JSDOMWindow is created. Since we were
adding the "webkit" property on construction, the property was returning null
thinking it had no Frame and was in a bad state. We can fix this by making the
"webkit" property behave like all the other window properties moving its getting
to JSDOMWindow::getOwnPropertySlot.

Added API test (WebKit2Cocoa/UserContentController).

* bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::finishCreation):
* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::jsDOMWindowWebKit):
(WebCore::JSDOMWindow::getOwnPropertySlot):

Tools:
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit2Cocoa/UserContentController.mm: Added.
(-[SimpleNavigationDelegate webView:didFinishNavigation:]):
(-[ScriptMessageHandler userContentController:didReceiveScriptMessage:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171355 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoASSERTION FAILED: info.spillFormat() & DataFormatJS in JSC::DFG::SpeculativeJIT:...
fpizlo@apple.com [Tue, 22 Jul 2014 19:46:41 +0000 (19:46 +0000)]
ASSERTION FAILED: info.spillFormat() & DataFormatJS in JSC::DFG::SpeculativeJIT::fillSpeculateCell
https://bugs.webkit.org/show_bug.cgi?id=135155
<rdar://problem/17763909>

Reviewed by Oliver Hunt.

The DFG fillSpeculate code paths all need to be mindful of the fact that they may be stumbling upon a
contradiction, and that this is OK. In this case, we were speculating cell on an int.

* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::fillSpeculateCell):
* tests/stress/regress-135155.js: Added.
(run.t.length):
(run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171354 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Win] Fix Leak in WebCore::createGlobalImageFileDescriptor
bfulgham@apple.com [Tue, 22 Jul 2014 19:36:46 +0000 (19:36 +0000)]
[Win] Fix Leak in WebCore::createGlobalImageFileDescriptor
https://bugs.webkit.org/show_bug.cgi?id=134423
<rdar://problem/17492758>

Reviewed by Geoffrey Garen.

* platform/win/PasteboardWin.cpp:
(WebCore::createGlobalImageFileDescriptor): Unlock and release the
HGLOBAL when exiting early.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171353 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS][WK2] UI helpers that zoom on an element ignore the viewport's allowsUserScaling
benjamin@webkit.org [Tue, 22 Jul 2014 19:25:45 +0000 (19:25 +0000)]
[iOS][WK2] UI helpers that zoom on an element ignore the viewport's allowsUserScaling
https://bugs.webkit.org/show_bug.cgi?id=135140
<rdar://problem/17754921>

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-07-22
Reviewed by Tim Horton.

UIScrollView makes a difference between min/max zoom and allowUserScaling. To express that,
everything is set up on the LayerTransaction.

For zooming related helpers (find on page, double tap to zoom, etc), the min and max zoom
should be the actual min/max for the current page state.

This patch split the two explicitely.
For layer transactions, the values are taken from the viewport configuration directly.
For everything else, we should use minimumPageScaleFactor/maximumPageScaleFactor. Those two methods
have been updated to take into account allowsUserScaling.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::willCommitLayerTree):
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::minimumPageScaleFactor):
(WebKit::WebPage::maximumPageScaleFactor):
(WebKit::WebPage::getAssistedNodeInformation):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171352 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoCorrect handling of __VERSION_TEXT__ for 4+-tuple versions
bfulgham@apple.com [Tue, 22 Jul 2014 18:35:32 +0000 (18:35 +0000)]
Correct handling of __VERSION_TEXT__ for 4+-tuple versions
https://bugs.webkit.org/show_bug.cgi?id=135161
<rdar://problem/17763546>

Reviewed by David Kilzer.

Tools:
* Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl:
Add additional test cases to catch errors in multiple-tuple
version string handling.

WebKitLibraries:
Revise the auto-version.pl script to properly handle version
strings with 4 (or more) version tuples. Previously these were
being truncated from the version.

* win/tools/scripts/auto-version.pl:
(splitVersion): Return truncated version of
overall version string.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171351 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoExtend exception fuzzing to the LLInt
fpizlo@apple.com [Tue, 22 Jul 2014 18:27:17 +0000 (18:27 +0000)]
Extend exception fuzzing to the LLInt
https://bugs.webkit.org/show_bug.cgi?id=135076

Reviewed by Oliver Hunt.

Source/JavaScriptCore:
* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* jit/JITOperations.cpp:
(JSC::numberOfExceptionFuzzChecks): Deleted.
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::setUpCall):
* runtime/CommonSlowPaths.cpp:
* runtime/ExceptionFuzz.cpp: Added.
(JSC::numberOfExceptionFuzzChecks):
(JSC::doExceptionFuzzing):
* runtime/ExceptionFuzz.h: Added.
(JSC::doExceptionFuzzingIfEnabled):

Tools:
* Scripts/jsc-stress-test-helpers/js-exception-fuzz:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171350 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWeb Inspector: Fix unused parameter build warning
commit-queue@webkit.org [Tue, 22 Jul 2014 18:13:46 +0000 (18:13 +0000)]
Web Inspector: Fix unused parameter build warning
https://bugs.webkit.org/show_bug.cgi?id=135151

Patch by Shivakumar JM <shiva.jm@samsung.com> on 2014-07-22
Reviewed by Joseph Pecoraro.

Fix unused parameter build warning by removing the parameter name

* WebProcess/WebPage/WebInspector.cpp:
(WebKit::WebInspector::setJavaScriptProfilingEnabled):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171349 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Mac] [WK2] selection-gap-fixed-child.html and selection-gap-flipped-fixed-child...
ap@apple.com [Tue, 22 Jul 2014 18:01:03 +0000 (18:01 +0000)]
[Mac] [WK2] selection-gap-fixed-child.html and selection-gap-flipped-fixed-child.html
have been failing since they were added in r148258
https://bugs.webkit.org/show_bug.cgi?id=114573

Landing actual results as expected for WK2. This test isn't meaningful for WK2, because of layers.

* platform/mac-wk2/TestExpectations:
* platform/mac-wk2/fast/repaint/selection-gap-fixed-child-expected.txt: Added.
* platform/mac-wk2/fast/repaint/selection-gap-flipped-fixed-child-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171348 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoSource/WebCore: Clicking on links while accessibility is enabled sometimes crashes
mmaxfield@apple.com [Tue, 22 Jul 2014 17:50:31 +0000 (17:50 +0000)]
Source/WebCore: Clicking on links while accessibility is enabled sometimes crashes
https://bugs.webkit.org/show_bug.cgi?id=135074

Reviewed by Chris Fleizach.

When an accessibility request comes in from the system, we call updateBackingStore() on the
relevant AccessibilityObject, which triggers a relayout of the entire document. This relayout
might delete that accessibility node and its parent, which would cause the node to be deleted.
After the stack unwinds, we then call a member function on the node without checking for this
condition.

Test: accessibility/parent-delete.html

* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::updateBackingStore): Retain the node for the duration of the
function.

LayoutTests: Clicking on links while accessibility is enabled does not render as expected
https://bugs.webkit.org/show_bug.cgi?id=135074

Reviewed by Chris Fleizach.

Delete a node and its parent, then call allAttributes() on the accessibility representation of
the deleted child and make sure there is no crash.

* accessibility/parent-delete-expected.txt: Added
* accessibility/parent-delete.html: Added

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171347 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix unused parameter build warning in UIProcess module
commit-queue@webkit.org [Tue, 22 Jul 2014 17:32:38 +0000 (17:32 +0000)]
Fix unused parameter build warning in UIProcess module
https://bugs.webkit.org/show_bug.cgi?id=135154

Patch by Shivakumar JM <shiva.jm@samsung.com> on 2014-07-22
Reviewed by Alexey Proskuryakov.

Fix unused parameter build warning in UIProcess module by using UNUSED_PARAM macro.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::viewStateDidChange):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171346 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoDon't create new UIWindow for video fullscreen.
commit-queue@webkit.org [Tue, 22 Jul 2014 17:19:21 +0000 (17:19 +0000)]
Don't create new UIWindow for video fullscreen.
https://bugs.webkit.org/show_bug.cgi?id=135038

Patch by Jeremy Jones <jeremyj@apple.com> on 2014-07-22
Reviewed by Darin Adler.

Source/WebCore:
* WebCore.exp.in:
* platform/ios/WebVideoFullscreenControllerAVKit.h: use UIView instead of UIScreen.
* platform/ios/WebVideoFullscreenControllerAVKit.mm:
(-[WebVideoFullscreenController enterFullscreen:]): provide parent UIView.
* platform/ios/WebVideoFullscreenInterfaceAVKit.h: remove UIWindow.
* platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
(WebVideoFullscreenInterfaceAVKit::setupFullscreen): ditto
(WebVideoFullscreenInterfaceAVKit::cleanupFullscreen): ditto
(WebVideoFullscreenInterfaceAVKit::invalidate): ditto
(WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): ditto

Source/WebKit/mac:
Provide UIView to WebVideoFullscreenController

* WebView/WebView.mm:
(-[WebView _enterFullscreenForNode:]): pass UIView instead of nil

Source/WebKit2:
Use root UIView to parent fullscreen interface.

* UIProcess/ios/WebVideoFullscreenManagerProxy.mm:
(WebKit::WebVideoFullscreenManagerProxy::setupFullscreenWithID): pass parent UIView
* WebProcess/ios/WebVideoFullscreenManager.mm:
(WebKit::screenRectForNode): Use client rect instead of screen rect.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171345 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agomedia/track/track-in-band-subtitles-too-large.html and
ap@apple.com [Tue, 22 Jul 2014 16:38:48 +0000 (16:38 +0000)]
media/track/track-in-band-subtitles-too-large.html and
media/track/track-long-word-container-sizing.html fail on Mac (dependent on other tests?)
https://bugs.webkit.org/show_bug.cgi?id=135160

Correcting test expectations - the failures are not WK1 only.

* platform/mac-wk1/TestExpectations:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171344 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[GTK] Rollout r170529 due to ~10% performance regression on the
clopez@igalia.com [Tue, 22 Jul 2014 15:02:12 +0000 (15:02 +0000)]
[GTK] Rollout r170529 due to ~10% performance regression on the
perf test Animation/balls.
https://bugs.webkit.org/show_bug.cgi?id=134972

Reviewed by Martin Robinson.

Reverted changeset:
"Increase priority on SharedTimer source."
https://trac.webkit.org/r170529

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171343 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed EFL gardening
m.pakula@samsung.com [Tue, 22 Jul 2014 13:47:49 +0000 (13:47 +0000)]
Unreviewed EFL gardening

* platform/efl/TestExpectations: Update incorrect test expectations for passing and crashing tests.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171342 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoTurn width/height to presentation attributes
krit@webkit.org [Tue, 22 Jul 2014 13:27:38 +0000 (13:27 +0000)]
Turn width/height to presentation attributes
https://bugs.webkit.org/show_bug.cgi?id=135046

Patch by Dirk Schulze <krit@webkit.org> on 2014-07-18
Reviewed by Dean Jackson.

Source/WebCore:
The elements <svg>, <image>, <pattern>, <mask> and <foreignObject> have the
'width' and 'height' attributes. So far they can just be set by SVG DOM or
setAttribute. Furthermore, animations just work with SVG Animation - No support
for CSS Animations and CSS Transitions. We started to turn the width and height
attributes on SVG roots to presentation attributes already. A presentation
attribute is a CSS property that can also be set by DOM (or now by SVG DOM).

This patch turns all width and height attributes to presentation attributes. It
basically allows authors to style width and height with CSS as well. Width and
height can now be set with CSS style sheets and can be animated with CSS.

To some degree it made it possible to remove code duplication. However, since
SVG DOM requires us to use SVGLength types and since we did not turn all
SVG attributes to the CSS length values (and our internal Length struct) yet,
we still need a hybrid - a bridge between SVGLength (for SVG DOM) and Length (for
RenderStyle). Once we move all attributes to use the Length struct, we can make SVGLength
a wrapper for Length and can move more code to the render tree.

The current challenge is to synchronize SVG DOM, normal DOM and RenderStyle.
With this patch we handle most part in RenderStyle. SVG DOM changes are
synchronized to DOM and RenderStyle will call needsStyleRecalc. Furthermore,
SVG Animations will continue to animate the SVG DOM (and synchronize the changes
back to RenderStyle) if the element has a JS property for the currently animated
attribute.

Short example:

    <rect>
        <animate attributeName="width">
    </rect>

The <rect> element has the SVG DOM property 'width'. Therefore, we animate the SVG DOM
property and synchronize RenderStyle.

    <ellipse>
        <animate attributeName="width">
    </ellipse>

The <ellipse> element does NOT have the SVG DOM property 'width'. Therefore, we
animate the CSS property directly. With synchronizing RenderStyle in all cases, we
make sure that the CSS cascade works even on animating on multiple SVG hierarchy
levels (animation of 'width' on <g> and inheriting the property value on a child
<rect>).

With using presentation attributes, we also inherit the CSS property parsing for
SVG attributes. <rect width="  100px  "> is possible now. (Note the trailing whitespaces.)
This follows a recent resolution of the SVG WG.

Since we turned width and height to presentation attributes, the layout optimization
selfHasRelativeLengths() in the DOM can't be used anymore. selfHasRelativeLengths() was
intended to solve a problem where we did not layout relatively position/sized elements
when the parent changes its size. However, as a side effect it did not call layout
for absolutely positioned/sized elements since the layout does not change. I run
all performance tests that we have and even wrote a test with hundreds of elements
that would be affected by this optimization. The differences were inside the sigma
of a normal test run. (Means I couldn't measure a performance difference.)
Therefore, it is not worth it to keep the "optimization" around and I will probably
remove it entirely for all basic shapes but <path> and <polygon> in future patches.

Tests: svg/css/parse-height.html
       svg/css/parse-width.html
       svg/css/width-height-presentation-attribute-expected.svg
       svg/css/width-height-presentation-attribute.svg

* css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::propertyValue): We never calculated the computed
    value of width/height for SVG elements and returned auto instead. This is based
    on a rule of CSS 2 and needs to be fixed in CSS3.
* css/DeprecatedStyleBuilder.cpp:
(WebCore::ApplyPropertyLength::applyValue): Length always incorporates the zoom level.
    In SVG we still apply the zoom after all operations by scaling the context. We need
    to take this in account for Length and don't apply zoom on SVG inline elements.
* css/StyleResolver.cpp:
(WebCore::StyleResolver::useSVGZoomRulesForLength):
    See above.
* css/StyleResolver.h:
* rendering/svg/RenderSVGRect.cpp:
(WebCore::RenderSVGRect::updateShapeFromElement): Do not call width() and height() on
    SVG DOM but use the values of RenderStyle instead.
* rendering/svg/SVGPathData.cpp:
(WebCore::updatePathFromRectElement): Ditto.
* svg/SVGAnimateElement.cpp:
(WebCore::SVGAnimateElement::resetAnimatedType): We need to differ between CSS properties
    with and without SVG DOM on the current element. In the later case we animate the
    SVG DOM and need to synch RenderStyle.
(WebCore::SVGAnimateElement::clearAnimatedType): Ditto.
(WebCore::SVGAnimateElement::applyResultsToTarget): Ditto.
* svg/SVGAnimationElement.cpp:
(WebCore::SVGAnimationElement::isTargetAttributeCSSProperty): This checks if the CSS property
    has to be synched with SVG DOM.
(WebCore::SVGAnimationElement::shouldApplyAnimation): Ditto.
* svg/SVGAnimationElement.h:
* svg/SVGElement.cpp:
(WebCore::populateAttributeNameToCSSPropertyIDMap): Add width and heigth to the CSS property
    list for presentation attributes.
(WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): CSS properties with
    SVG DOM synchronization need to be treated differently. Collect them in a separate map.
(WebCore::cssPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): Caller for the map.
(WebCore::SVGElement::animatedPropertyTypeForAttribute): We need to check both maps here:
    CSS properties and CSS properties with SVG DOM synch.
(WebCore::SVGElement::isAnimatableCSSProperty): Ditto.
(WebCore::SVGElement::isPresentationAttributeWithSVGDOM): Just return true if the property name
    is in the map of properties with SVG DOM for the current element.
* svg/SVGElement.h:
(WebCore::SVGElement::invalidateSVGPresentationAttributeStyle): Call needsStyleRecalc.
* svg/SVGFilterElement.cpp: Make width/height presentation attribute.
(WebCore::SVGFilterElement::svgAttributeChanged):
(WebCore::SVGFilterElement::selfHasRelativeLengths): Deleted.
* svg/SVGFilterElement.h: Ditto.
* svg/SVGForeignObjectElement.cpp:
(WebCore::SVGForeignObjectElement::svgAttributeChanged):
(WebCore::SVGForeignObjectElement::selfHasRelativeLengths): Deleted.
* svg/SVGForeignObjectElement.h:
* svg/SVGImageElement.cpp: Ditto.
(WebCore::SVGImageElement::svgAttributeChanged):
(WebCore::SVGImageElement::isPresentationAttribute): Deleted.
(WebCore::SVGImageElement::collectStyleForPresentationAttribute): Deleted.
(WebCore::SVGImageElement::selfHasRelativeLengths): Deleted.
* svg/SVGImageElement.h:
* svg/SVGLength.h: Transform an Length value to an absolute value by taking the SVG viewport
    into account. (An SVG viewport is not the same as the CSS viewport.)
* svg/SVGLengthContext.cpp: Ditto.
(WebCore::SVGLengthContext::valueForLength):
* svg/SVGLengthContext.h:
* svg/SVGMaskElement.cpp: Make width/height presentation attribute.
(WebCore::SVGMaskElement::svgAttributeChanged):
(WebCore::SVGMaskElement::selfHasRelativeLengths): Deleted.
* svg/SVGMaskElement.h:
* svg/SVGPatternElement.cpp: Ditto.
(WebCore::SVGPatternElement::svgAttributeChanged):
(WebCore::SVGPatternElement::selfHasRelativeLengths): Deleted.
* svg/SVGPatternElement.h:
* svg/SVGRectElement.cpp: Ditto.
(WebCore::SVGRectElement::svgAttributeChanged):
(WebCore::SVGRectElement::selfHasRelativeLengths): Deleted.
* svg/SVGRectElement.h:
* svg/SVGSVGElement.cpp: Ditto.
(WebCore::SVGSVGElement::svgAttributeChanged): Clean up redundant layout calls.
(WebCore::SVGSVGElement::isPresentationAttribute): Deleted.
(WebCore::SVGSVGElement::collectStyleForPresentationAttribute): Deleted.
* svg/SVGSVGElement.h:
* svg/properties/SVGAnimatedProperty.cpp: Synchronize SVG DOM with DOM.
(WebCore::SVGAnimatedProperty::commitChange):

LayoutTests:
We already had a lot of tests for animating width/height as property.
So far they assumed that this is not possible. They simply needed to
be updated.

Furthermore, I added reference tests to test different inheritance
scenarios of CSS properties and setting them to elements.

A parsing test makes sure that the global property values inherit is
supported as well as CSS parsing rules for SVG attributes.
Negative tests test not-allowed behavior.

* platform/mac/svg/W3C-SVG-1.1/coords-units-03-b-expected.txt:
* svg/animations/attributeTypes-expected.txt:
* svg/animations/resources/attributeTypes.svg:
* svg/animations/script-tests/attributeTypes.js:
(sample1):
(sample2):
(sample3):
* svg/css/getComputedStyle-basic-expected.txt:
* svg/css/parse-height-expected.txt: Added.
* svg/css/parse-height.html: Added.
* svg/css/parse-width-expected.txt: Added.
* svg/css/parse-width.html: Added.
* svg/css/width-height-presentation-attribute-expected.svg: Added.
* svg/css/width-height-presentation-attribute.svg: Added.
* svg/custom/mask-excessive-malloc-expected.txt:
* svg/hixie/error/015-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171341 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix my email address in contributors.json
jochen@chromium.org [Tue, 22 Jul 2014 09:48:29 +0000 (09:48 +0000)]
Fix my email address in contributors.json
https://bugs.webkit.org/show_bug.cgi?id=135156

Reviewed by Gyuyoung Kim.

* Scripts/webkitpy/common/config/contributors.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171340 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[GStreamer] [GTK] WebKit does not build with GStreamer 1.4
commit-queue@webkit.org [Tue, 22 Jul 2014 08:50:51 +0000 (08:50 +0000)]
[GStreamer] [GTK] WebKit does not build with GStreamer 1.4
https://bugs.webkit.org/show_bug.cgi?id=135114

.:
Fix build with GStreamer 1.4

Patch by Adrian Perez de Castro <aperez@igalia.com> on 2014-07-22
Reviewed by Philippe Normand.

* Source/cmake/FindGStreamer.cmake: Check version 1.4.0 for the
gst-mpegts component instead of the unstable 1.3.x verstions.

Source/WebCore:
Patch by Adrian Perez de Castro <aperez@igalia.com> on 2014-07-22
Reviewed by Philippe Normand.

Fix build with GStreamer 1.4

* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
Change GstMpegTs-prefixed types to use the GstMpegts prefix.
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::processMpegTsSection):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171339 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed iOS build fix after r171321.
psolanki@apple.com [Tue, 22 Jul 2014 06:12:13 +0000 (06:12 +0000)]
Unreviewed iOS build fix after r171321.

* WebView/WebView.mm:
(-[WebView _preferencesChanged:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171338 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[EFL] Add Ewk prefix to enums of ewk_navigation_policy
ryuan.choi@samsung.com [Tue, 22 Jul 2014 04:35:30 +0000 (04:35 +0000)]
[EFL] Add Ewk prefix to enums of ewk_navigation_policy
https://bugs.webkit.org/show_bug.cgi?id=135144

Reviewed by Gyuyoung Kim.

All public enums of ewebkit should start with Ewk prefix.
This patch added Ewk prefix to Ewk_Event_Mouse_Button and Ewk_Event_Modifiers.
In addition, added missing description and default value for Ewk_Event_Modifier.

* UIProcess/API/efl/ewk_navigation_policy_decision.cpp:
(toEwkEventMouseButton):
(toEwkEventModifiers):
(EwkNavigationPolicyDecision::mouseButton):
(EwkNavigationPolicyDecision::modifiers):
(ewk_navigation_policy_mouse_button_get):
(ewk_navigation_policy_modifiers_get):
(toEventMouseButton): Deleted.
(toEventModifierKeys): Deleted.
* UIProcess/API/efl/ewk_navigation_policy_decision.h:
* UIProcess/API/efl/ewk_navigation_policy_decision_private.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171337 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS][WK2] Improve event throttling for Scroll Events
benjamin@webkit.org [Tue, 22 Jul 2014 03:59:34 +0000 (03:59 +0000)]
[iOS][WK2] Improve event throttling for Scroll Events
https://bugs.webkit.org/show_bug.cgi?id=135082
<rdar://problem/17445266>

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-07-21
Reviewed by Simon Fraser.

Source/WebCore:
This patch is composed of two parts. The first part in the WebKit layer
track an approximate measurement of the main thread responsiveness.
The second part in WebCore use that information to avoid sending events
if a page is unresponsive.

In WebCore, this patch only consider scroll events so far. Hopefully the concept
should be easy to generalize.

* loader/EmptyClients.h:
* page/ChromeClient.h:
Chrome client provides us with one information: how long an incoming event should be delayed.
Every port is free to implement whatever logic is suitable for them.

* page/FrameView.cpp:
(WebCore::FrameView::FrameView):
(WebCore::FrameView::reset):
(WebCore::FrameView::delayedScrollEventTimerFired):
(WebCore::FrameView::scrollPositionChanged):
(WebCore::FrameView::sendScrollEvent):
* page/FrameView.h:
Scroll events do not have any associated information so they can be coalesced by just skipping
all input hapenning during the throttling delay.

The implementation is done by using a timer to delay the events.

Source/WebKit2:
In the WebKit layer, we want a measure that is representative of the responsiveness.

In this patch, I use the total delay between a VisibleContentRectUpdate being dispatched
by the UIProcess, and the time RemoteLayerTreeDrawingArea flushes the layer tree.

The value used for eventThrottlingDelay() is computed by averaging the new value with
the old values with a 80/20 split, favoring the old data. Favoring historical data
over the last timing avoid excessively throttling for a single slow frame.

The computation of m_estimatedMainThreadLatency can be improved in the future, this is
a first cut keeping things simple.

With m_estimatedMainThreadLatency in our hands, we can compute our eventThrottlingDelay().
If m_estimatedMainThreadLatency is smaller than a single frame timespan, we have a fast page
and nothing is throttled.

If is it more than a frame, we throttle such that we can at least render two frames
per event dispatch based on the historical data.

The exact values will need some tweaking, but this set ensures well written pages get
60 events per seconds, while slow pages do not waste too much time on events.

* WebProcess/WebCoreSupport/WebChromeClient.h:
* WebProcess/WebCoreSupport/ios/WebChromeClientIOS.mm:
(WebKit::WebChromeClient::eventThrottlingDelay):
* WebProcess/WebPage/ViewUpdateDispatcher.cpp:
(WebKit::ViewUpdateDispatcher::visibleContentRectUpdate):
(WebKit::ViewUpdateDispatcher::dispatchVisibleContentRectUpdate):
* WebProcess/WebPage/ViewUpdateDispatcher.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::WebPage):
(WebKit::WebPage::didFlushLayerTreeAtTime):
(WebKit::WebPage::didCommitLoad):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::eventThrottlingDelay):
(WebKit::WebPage::updateVisibleContentRects):
* WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.mm:
(WebKit::RemoteLayerTreeDrawingArea::flushLayers):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171336 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed test fix.
bfulgham@apple.com [Tue, 22 Jul 2014 03:32:42 +0000 (03:32 +0000)]
Unreviewed test fix.

* Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl: Revert
to older Perl 5.8 syntax for iterating over hashes to allow tests to
run on Mountain Lion bots.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171335 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWeb Inspector: Add esprima to the WebInspector.
commit-queue@webkit.org [Tue, 22 Jul 2014 02:36:35 +0000 (02:36 +0000)]
Web Inspector: Add esprima to the WebInspector.
https://bugs.webkit.org/show_bug.cgi?id=135098

Patch by Saam Barati <sbarati@apple.com> on 2014-07-21
Reviewed by Joseph Pecoraro.

This patch includes Esprima into the WebInspector and attaches its
exported function onto the WebInspector namespace object.

* UserInterface/External/Esprima: Added.
* UserInterface/External/Esprima/esprima.js: Added.
(.):
* UserInterface/Main.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171334 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agohttps://bugs.webkit.org/show_bug.cgi?id=135137
ap@apple.com [Tue, 22 Jul 2014 02:15:46 +0000 (02:15 +0000)]
https://bugs.webkit.org/show_bug.cgi?id=135137
build.webkit.org/dashboard: webkitperl failures show up as yellow, not red

Reviewed by Darin Adler.

webkitperl results are binary, handle them the same way we handle bindings test results.

* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotTesterQueueView.js:
(BuildbotTesterQueueView.prototype.update.appendBuilderQueueStatus):
(BuildbotTesterQueueView.prototype._presentPopoverForMultipleFailureKinds):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171333 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAvoid putting empty-sized surfaces into IOSurfacePool
timothy_horton@apple.com [Tue, 22 Jul 2014 01:26:24 +0000 (01:26 +0000)]
Avoid putting empty-sized surfaces into IOSurfacePool
https://bugs.webkit.org/show_bug.cgi?id=135136
<rdar://problem/17478407>

Reviewed by Simon Fraser.

* platform/graphics/cg/IOSurfacePool.cpp:
(WebCore::IOSurfacePool::addSurface):
Avoid adding 0x0 surfaces to the pool, because they will wreak havoc
when their size is used as the key in the CachedSurfaceMap.
Additionally, avoid any empty sizes, because they're just pointless.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171332 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION (r170361): In landscape with UI hidden, fixed position elements at top...
simon.fraser@apple.com [Tue, 22 Jul 2014 00:58:40 +0000 (00:58 +0000)]
REGRESSION (r170361): In landscape with UI hidden, fixed position elements at top of screen are too low
https://bugs.webkit.org/show_bug.cgi?id=135141
<rdar://problem/17627525>

Reviewed by Benjamin Poulain.

We can't use the WKWebView's UIScrollView contentInsets to determine the unobscured rect
in MobileSafari, because contentInsets can't be changed dynamically while scrolling.
To get around this, MobileSafari sets obscured insets instead (but also sets a fixed
contentInset).

So if the client calls _setObscuredInsets:, always use _obscuredInsets to compute the
content insets.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _computedContentInset]):
(-[WKWebView _setObscuredInsets:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171329 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoRefactor ArrayPrototype to use getLength() and putLength() utility functions.
mark.lam@apple.com [Tue, 22 Jul 2014 00:58:11 +0000 (00:58 +0000)]
Refactor ArrayPrototype to use getLength() and putLength() utility functions.
https://bugs.webkit.org/show_bug.cgi?id=135139.

Reviewed by Oliver Hunt.

- Specialize putProperty() to putLength() because it is only used for setting
  the length property.
- Added a getLength() utility function to get the value of the length property.
- Use these getLength() and putLength() functions instead of the existing code
  to get and put the length property.  Less code to read, easier to understand.

* runtime/ArrayPrototype.cpp:
(JSC::getLength):
(JSC::putLength):
(JSC::arrayProtoFuncToString):
(JSC::arrayProtoFuncToLocaleString):
(JSC::arrayProtoFuncJoin):
(JSC::arrayProtoFuncPop):
(JSC::arrayProtoFuncPush):
(JSC::arrayProtoFuncReverse):
(JSC::arrayProtoFuncShift):
(JSC::arrayProtoFuncSlice):
(JSC::arrayProtoFuncSort):
(JSC::arrayProtoFuncSplice):
(JSC::arrayProtoFuncUnShift):
(JSC::arrayProtoFuncReduce):
(JSC::arrayProtoFuncReduceRight):
(JSC::arrayProtoFuncIndexOf):
(JSC::arrayProtoFuncLastIndexOf):
(JSC::putProperty): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171328 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoRemove global cookie workaround from sandbox profiles
oliver@apple.com [Tue, 22 Jul 2014 00:38:38 +0000 (00:38 +0000)]
Remove global cookie workaround from sandbox profiles
https://bugs.webkit.org/show_bug.cgi?id=135138
<rdar://17513375>

Reviewed by Alexey Proskuryakov.

Remove the workaround needed for global cookie access, and silencing
of the associated sandbox violation.

* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* UIProcess/mac/WebContextMac.mm:
(WebKit::WebContext::platformDefaultCookieStorageDirectory):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171326 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Win] Follow-up for r171324.
bfulgham@apple.com [Tue, 22 Jul 2014 00:37:13 +0000 (00:37 +0000)]
[Win] Follow-up for r171324.

* Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl: Cygwin
perl reports itself as 'cygwin'; native Windows Perl reports as
'MSWin32'. We need to handle both cases.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171325 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed build fix after r171319.
bfulgham@apple.com [Tue, 22 Jul 2014 00:29:24 +0000 (00:29 +0000)]
Unreviewed build fix after r171319.

* Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl: This test should
only execute on Windows. It will fail on other platforms, so give it a way to
successfully exit.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171324 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agonew Int32Array(new ArrayBuffer(100), 1, 1) shouldn't throw an error that says "RangeE...
commit-queue@webkit.org [Tue, 22 Jul 2014 00:26:19 +0000 (00:26 +0000)]
new Int32Array(new ArrayBuffer(100), 1, 1) shouldn't throw an error that says "RangeError: Byte offset and length out of range of buffer"
https://bugs.webkit.org/show_bug.cgi?id=125391

Patch by Diego Pino Garcia <dpino@igalia.com> on 2014-07-21
Reviewed by Darin Adler.

Source/JavaScriptCore:
Create own method for verifying byte offset alignment.

* runtime/ArrayBufferView.h:
(JSC::ArrayBufferView::verifyByteOffsetAlignment):
(JSC::ArrayBufferView::verifySubRangeLength):
(JSC::ArrayBufferView::verifySubRange): Deleted.
* runtime/GenericTypedArrayViewInlines.h:
(JSC::GenericTypedArrayView<Adaptor>::create):
* runtime/JSDataView.cpp:
(JSC::JSDataView::create):
* runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::create):

LayoutTests:
* fast/canvas/webgl/data-view-crash-expected.txt:
* fast/canvas/webgl/data-view-test-expected.txt:
* fast/canvas/webgl/data-view-test.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171323 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoCorrect sandbox profiles to fix some excess privileges
oliver@apple.com [Tue, 22 Jul 2014 00:10:11 +0000 (00:10 +0000)]
Correct sandbox profiles to fix some excess privileges
https://bugs.webkit.org/show_bug.cgi?id=135134
<rdar://problem/17741886>
<rdar://problem/17739080>

Reviewed by Alexey Proskuryakov.

This cleans up our sandbox profiles to fix a few issues - the profiles
no longer allow us to issue file extension we have the ability to consume,
and tightens some of the other file access rules.

This means we have to addd some rules to allow us to access things
that we previously had access to due to lax file system restrictions.

Some of the features were fixable simply by using entitlements on the
process rather than custom rules.

* Configurations/WebContent-iOS.entitlements:
* Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171322 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWK1 should always setAcceleratedCompositingForFixedPositionEnabled(true) on
bdakin@apple.com [Tue, 22 Jul 2014 00:09:19 +0000 (00:09 +0000)]
WK1 should always setAcceleratedCompositingForFixedPositionEnabled(true) on
Yosemite
https://bugs.webkit.org/show_bug.cgi?id=135135

Reviewed by Darin Adler.

Source/WebCore:
This patch gets rid of the ChromeClient function that was introduced with
http://trac.webkit.org/changeset/171308 We’ll just enable the Setting instead.
* css/StyleResolver.cpp:
(WebCore::StyleResolver::adjustRenderStyle):
(WebCore::fixedPositionCreatesStackingContext): Deleted.
* page/ChromeClient.h:
(WebCore::ChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition): Deleted.
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::requiresCompositingForPosition):

Source/WebKit/mac:
Get rid of the ChromeClient function, and enable the Setting instead.
* WebCoreSupport/WebChromeClient.h:
* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition): Deleted.
* WebView/WebView.mm:
(-[WebView _preferencesChanged:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171321 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS WK2] Turn off position:fixed behavior when the keyboard is up
simon.fraser@apple.com [Mon, 21 Jul 2014 23:44:33 +0000 (23:44 +0000)]
[iOS WK2] Turn off position:fixed behavior when the keyboard is up
https://bugs.webkit.org/show_bug.cgi?id=132537

Reviewed by Benjamin Poulain.

Source/WebCore:

Export RenderObject::localToContainerPoint().

* WebCore.exp.in:

Source/WebKit2:

Make interaction with form elements inside position:fixed less terrible by re-laying out
fixed elements relative to the document while we have an assisted node. This ensures
that all parts of a position:fixed are accessible (e.g. inputs on the right side
of a fixed-width top bar).

* Shared/AssistedNodeInformation.cpp: Add a flag for being inside postion:fixed,
and encode/decode it.
(WebKit::AssistedNodeInformation::encode):
(WebKit::AssistedNodeInformation::decode):
* Shared/AssistedNodeInformation.h:
(WebKit::AssistedNodeInformation::AssistedNodeInformation):
* UIProcess/PageClient.h: Add isAssistingNode().
* UIProcess/ios/PageClientImplIOS.h:
* UIProcess/ios/PageClientImplIOS.mm:
(WebKit::PageClientImpl::isAssistingNode):
* UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::computeCustomFixedPositionRect): If we have an assisted
node, just use the document rect as the custom fixed position rect.
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::getAssistedNodeInformation): Get the selection rect first,
since we have to fix it up for position:fixed. If the element is inside fixed
position in the main frame, re-set the fixed position rect to the document rect
(which forces a layout), re-fetch elementRect, then set it back. This ensures
that the UI process gets an elementRect which it can zoom to correctly.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171320 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoTools: [Win] Extend auto-version.pl to support 5-tuple versions
bfulgham@apple.com [Mon, 21 Jul 2014 23:10:44 +0000 (23:10 +0000)]
Tools: [Win] Extend auto-version.pl to support 5-tuple versions
https://bugs.webkit.org/show_bug.cgi?id=135124
<rdar://problem/17750334>

Reviewed by David Kilzer.

Add test cases for auto-version.pl.

* Scripts/webkitperl/auto-version_unittest: Added.
* Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl: Added.

WebKitLibraries: [Win] Extend auto-version.pl to handle 5-tuple versions
https://bugs.webkit.org/show_bug.cgi?id=135124
<rdar://problem/17750334>

Reviewed by David Kilzer.

Extend tuple parsing to handle up to five tuples, and as
few as a single tuple. On Windows, the two additional
tuples are unused.

Also corrected regular expression capture logic to use local
blocks, preventing later capture expressions from reusing
previous capture results when the current expression failed
to find a match (GRRR, Perl!).

Clean up code by putting logic into a couple of subroutines.

* win/tools/scripts/auto-version.pl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171319 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION: fast/layers/no-clipping-overflow-hidden-added-after-transform.html is...
ap@apple.com [Mon, 21 Jul 2014 23:07:32 +0000 (23:07 +0000)]
REGRESSION: fast/layers/no-clipping-overflow-hidden-added-after-transform.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=135133

* platform/mac/TestExpectations: Marked it as such.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171318 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoRandom crashes on the Web Thread due to Timers firing on the wrong thread in the...
timothy_horton@apple.com [Mon, 21 Jul 2014 22:17:24 +0000 (22:17 +0000)]
Random crashes on the Web Thread due to Timers firing on the wrong thread in the UI process
https://bugs.webkit.org/show_bug.cgi?id=135132
<rdar://problem/17719832>

Reviewed by Simon Fraser.

* UIProcess/ProcessThrottler.cpp:
(WebKit::ProcessThrottler::ProcessThrottler):
(WebKit::ProcessThrottler::suspendTimerFired):
* UIProcess/ProcessThrottler.h:
* UIProcess/ios/ViewGestureControllerIOS.mm:
(WebKit::ViewGestureController::ViewGestureController):
(WebKit::ViewGestureController::swipeSnapshotWatchdogTimerFired):
* UIProcess/mac/ViewGestureController.h:
* UIProcess/mac/ViewGestureControllerMac.mm:
(WebKit::ViewGestureController::ViewGestureController):
(WebKit::ViewGestureController::swipeSnapshotWatchdogTimerFired):
We can't use WebCore timers in the UI process because of coexistence concerns
(they fire on the Web Thread if there is one!), so use RunLoop::Timer instead.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171317 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[MSE] YouTube video decode error when variant-switching
jer.noble@apple.com [Mon, 21 Jul 2014 20:47:03 +0000 (20:47 +0000)]
[MSE] YouTube video decode error when variant-switching
https://bugs.webkit.org/show_bug.cgi?id=135128

Reviewed by Brent Fulgham.

Source/WebCore:
Test: media/media-source/media-source-overlapping-decodetime.html

When variant-switching, the situation can arise where an existing sample with a presentation
timestamp of N and a decode timestamp of M, and a new sample with a presentation timestamp > N
and the same decode timestamp of M, will keep the new sample from being added to the SampleMap.
This can result in a decode error when samples depending on that new, missing sample are enqueued.

The MSE spec is silent on the issue of overlapping decode timestamps. However, it guarantees that
presentation timestamps are non-overlapping. So instead of using just the decode timestamp as a key
for storing the samples in decode order, use both the decode timestamp and the presentation timestamp.
That ensures that samples with different presentation times but equal decode times are both inserted
into the decode queue, and in the correct order.

* Modules/mediasource/SampleMap.cpp:
(WebCore::SampleIsRandomAccess::operator()): Update the parameter type to match the new KeyType.
(WebCore::SampleMap::addSample): Pass both decodeTime and presentationTime as the key to decodeOrder.
(WebCore::SampleMap::removeSample): Ditto.
(WebCore::DecodeOrderSampleMap::findSampleWithDecodeKey): Renamed from findSampleWithDecodeTime.
(WebCore::DecodeOrderSampleMap::reverseFindSampleWithDecodeKey): renamed from reverseFindSampleWithDecodeTime.
(WebCore::DecodeOrderSampleMap::findSyncSamplePriorToPresentationTime): Use renamed version of above.
(WebCore::DecodeOrderSampleMap::findSyncSampleAfterPresentationTime): Ditto.
(WebCore::DecodeOrderSampleMap::findDependentSamples): Ditto.
(WebCore::DecodeOrderSampleMap::findSampleWithDecodeTime): Deleted.
(WebCore::DecodeOrderSampleMap::reverseFindSampleWithDecodeTime): Deleted.
* Modules/mediasource/SampleMap.h:
* Modules/mediasource/SourceBuffer.cpp:
(WebCore::SourceBuffer::removeCodedFrames): Ditto.
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample): Ditto.
(WebCore::SourceBuffer::reenqueueMediaForTime): Ditto.

LayoutTests:
* media/media-source/media-source-overlapping-decodetime-expected.txt: Added.
* media/media-source/media-source-overlapping-decodetime.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171316 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAllow MiniBrowser WK1 to do element fullscreen
dino@apple.com [Mon, 21 Jul 2014 19:26:15 +0000 (19:26 +0000)]
Allow MiniBrowser WK1 to do element fullscreen
https://bugs.webkit.org/show_bug.cgi?id=135125

Reviewed by Simon Fraser.

Allow WK1 windows to go fullscreen using the DOM API.

* MiniBrowser/mac/WK1BrowserWindowController.m:
(-[WK1BrowserWindowController awakeFromNib]): Enable the preference for
fullscreen.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171315 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS] Handle QuickLook ResourceLoaders in the web process
aestes@apple.com [Mon, 21 Jul 2014 19:20:33 +0000 (19:20 +0000)]
[iOS] Handle QuickLook ResourceLoaders in the web process
https://bugs.webkit.org/show_bug.cgi?id=135113

Reviewed by David Kilzer.

Source/WebCore:
No new tests. QuickLook is not testable from WebKit.

* WebCore.exp.in:
* loader/ResourceLoadScheduler.cpp:
(WebCore::ResourceLoadScheduler::maybeLoadQuickLookResource): Start loading the ResourceLoader if it is for a QuickLook resource.
* loader/ResourceLoadScheduler.h:

Source/WebKit2:
The QuickLook framework registers a NSURLProtocol to handle loading subresources of the HTML documents it
generates. In order for these loads to succeed, we need to start them in the same process in which QuickLook
generated the main resource.

* WebProcess/Network/WebResourceLoadScheduler.cpp:
(WebKit::WebResourceLoadScheduler::scheduleLoad):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171314 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agofast/canvas/canvas-putImageData-zero-alpha.html is flaky
ap@apple.com [Mon, 21 Jul 2014 19:20:00 +0000 (19:20 +0000)]
fast/canvas/canvas-putImageData-zero-alpha.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=131787

* platform/mac/TestExpectations: Mark it as such.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171313 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoBack/Forward arrows (modern) are too large.
jonowells@apple.com [Mon, 21 Jul 2014 19:16:28 +0000 (19:16 +0000)]
Back/Forward arrows (modern) are too large.
https://bugs.webkit.org/show_bug.cgi?id=135073

Reviewed by Joseph Pecoraro.

Changes to adjust new forward and back arrow sizes to be more consistent with the
universal design language. Moved WebInspector.Platform definition to its own file.
Refactored handling of image versions inside ImageUtilities.js.

* UserInterface/Base/ImageUtilities.js:
(.restoreImage):
(.generateImage):
(generateColoredImagesForCSS):
Make the default image versioning smarter.

* UserInterface/Base/Main.js:
(WebInspector.contentLoaded):
(WebInspector.contentLoaded.WebInspector.Platform.version.toString): Deleted.
(WebInspector.contentLoaded.WebInspector.Platform.toString): Deleted.
* UserInterface/Base/Platform.js: Added.
Move platform information definition into Platform.js.

* UserInterface/Main.html: Include Platform.js.

* UserInterface/Views/ContentBrowser.js:
(WebInspector.ContentBrowser):
* UserInterface/Views/FindBanner.css:
(.find-banner > button > .glyph):
(body.mac-platform.legacy .find-banner > button > .glyph):
(.find-banner > button.segmented.left > .glyph):
(body.mac-platform.legacy .find-banner > button.segmented.left > .glyph):
(.find-banner > button.segmented.right > .glyph):
(body.mac-platform.legacy .find-banner > button.segmented.right > .glyph):
(.find-banner > button.segmented):
(body.mac-platform.legacy .find-banner > button.segmented):
* UserInterface/Views/FindBanner.js:
(WebInspector.FindBanner.prototype._generateButtonsGlyphsIfNeeded):
Size of forward and back arrows adjusted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171312 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoCase sensitive file system build fix.
ap@apple.com [Mon, 21 Jul 2014 19:15:34 +0000 (19:15 +0000)]
Case sensitive file system build fix.

* page/scrolling/ScrollingStateTree.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171311 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoBuild fix.
bdakin@apple.com [Mon, 21 Jul 2014 19:04:14 +0000 (19:04 +0000)]
Build fix.

* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171310 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed hidpi test gardening.
zalan@apple.com [Mon, 21 Jul 2014 18:34:02 +0000 (18:34 +0000)]
Unreviewed hidpi test gardening.

Use Ahem font to ensure font size predictability.

* fast/forms/hidpi-fieldset-on-subpixel-position-when-legend-is-present-expected.html:
* fast/forms/hidpi-fieldset-on-subpixel-position-when-legend-is-present.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171309 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoPut position:fixed elements into layers when a WK1 view is layer-backed
bdakin@apple.com [Mon, 21 Jul 2014 18:31:53 +0000 (18:31 +0000)]
Put position:fixed elements into layers when a WK1 view is layer-backed
https://bugs.webkit.org/show_bug.cgi?id=135075

Reviewed by Darin Adler.

Source/WebCore:
This patch adds a new ChromeClient function called
requiresAcceleratedCompositingForViewportConstrainedPosition(). Since a view can
go in and out of layer backing, we need a ChromeClient method that can be
dynamically re-evaluated rather than using the existing settings for enabling
accelerated fixed and fixed that creates a stacking context.

Ensure that fixed elements create a stacking context when
requiresAcceleratedCompositingForViewportConstrainedPosition is true.
* css/StyleResolver.cpp:
(WebCore::StyleResolver::adjustRenderStyle):

New ChromeClient function.
* page/ChromeClient.h:

Source/WebKit/mac:
Returns true when the WebHTMLView has a layer.

* WebCoreSupport/WebChromeClient.h:
* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171308 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAdd helper functions to dump the scrolling state tree from the debugger
simon.fraser@apple.com [Mon, 21 Jul 2014 18:26:45 +0000 (18:26 +0000)]
Add helper functions to dump the scrolling state tree from the debugger
https://bugs.webkit.org/show_bug.cgi?id=135101

Reviewed by Darin Adler.

Add debug-only showScrollingStateTree() functions that take a ScrollingStateTree* and ScrollingStateNode*
for use while debugging.

* page/scrolling/ScrollingStateTree.cpp:
(showScrollingStateTree):
* page/scrolling/ScrollingStateTree.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171307 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS WK1] Single touch div scrolling doesn't work in framesets (breaks Word previews)
simon.fraser@apple.com [Mon, 21 Jul 2014 18:26:43 +0000 (18:26 +0000)]
[iOS WK1] Single touch div scrolling doesn't work in framesets (breaks Word previews)
https://bugs.webkit.org/show_bug.cgi?id=135103
<rdar://problem/11830219>

Reviewed by Darin Adler.

After r166117 all layer flushing starts on the root frame; we no longer flush layers
for each frame during painting. However, flushing GraphicsLayers can set some state
on a subframe RenderLayerCompositor that is now never processed, which breaks scroll
layer registration.

Fix by doing a walk of the Frame tree, and calling didFlushLayers() on subframe RenderLayerCompositors
before calling didFlushLayers() on self.

* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::flushPendingLayerChanges):
(WebCore::RenderLayerCompositor::didFlushLayers):
(WebCore::RenderLayerCompositor::notifySubframesAfterLayerFlush):
(WebCore::RenderLayerCompositor::enclosingCompositorFlushingLayers): Drive-by nullptr.
* rendering/RenderLayerCompositor.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171306 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Win] Correct auto-version.pl script for two-digit version numbers
bfulgham@apple.com [Mon, 21 Jul 2014 17:44:26 +0000 (17:44 +0000)]
[Win] Correct auto-version.pl script for two-digit version numbers
https://bugs.webkit.org/show_bug.cgi?id=135119
<rdar://problem/17743959>

Reviewed by David Kilzer.

The $MAJOR_VERSION must be the first digit of $BUILD_MAJOR_VERSION,
and $MINOR_VERSION must be the remaining digits.

Also correct regexp (line 90) that was allowing version numbers
larger than three digits to be processed.

* win/tools/scripts/auto-version.pl: Correct regular expression.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171305 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed hidpi test gardening.
zalan@apple.com [Mon, 21 Jul 2014 17:30:29 +0000 (17:30 +0000)]
Unreviewed hidpi test gardening.

* fast/inline/hidpi-selection-gap-on-subpixel-position-expected.html:
* fast/inline/hidpi-selection-gap-on-subpixel-position.html: Speculative fix.
* fast/inline/hidpi-selection-gap-overlaps-inline-selection-expected.html:
* fast/inline/hidpi-selection-gap-overlaps-inline-selection.html: Use Ahem.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171304 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoDatabaseProcess doesn't relaunch after crashing.
beidson@apple.com [Mon, 21 Jul 2014 17:14:15 +0000 (17:14 +0000)]
DatabaseProcess doesn't relaunch after crashing.
<rdar://problem/17717343> and https://bugs.webkit.org/show_bug.cgi?id=135117

Reviewed by Alexey Proskuryakov.

* UIProcess/Databases/DatabaseProcessProxy.cpp:
(WebKit::DatabaseProcessProxy::didClose): Tell the WebContext.

* UIProcess/WebContext.cpp:
(WebKit::WebContext::databaseProcessCrashed): Notify supplements, then clear the DatabaseProcessProxy pointer.
* UIProcess/WebContext.h:

* UIProcess/WebContextSupplement.h:
(WebKit::WebContextSupplement::processDidClose): Added. No users right now, but the patch in bug 135035 will need this.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171303 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION(r150169): http/tests/cache/willsendrequest-returns-null-for-memory-cache...
ap@apple.com [Mon, 21 Jul 2014 16:50:23 +0000 (16:50 +0000)]
REGRESSION(r150169): http/tests/cache/willsendrequest-returns-null-for-memory-cache-load.html fails
https://bugs.webkit.org/show_bug.cgi?id=116259

Updating expectations to acknowledge that the test is flaky on WK1 too (it depends
on preceding tests).

* platform/mac-wk2/TestExpectations:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171302 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed hidpi test gardening.
zalan@apple.com [Mon, 21 Jul 2014 16:41:20 +0000 (16:41 +0000)]
Unreviewed hidpi test gardening.

Use Ahem font to ensure font size predictability.

* fast/inline/hidpi-selection-gap-and-inline-selection-have-gap-rtl-expected.html:
* fast/inline/hidpi-selection-gap-and-inline-selection-have-gap-rtl.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171301 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed EFL gardening
m.pakula@samsung.com [Mon, 21 Jul 2014 15:14:33 +0000 (15:14 +0000)]
Unreviewed EFL gardening

Remove passing tests from TestExpectations file.

* platform/efl/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171300 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS] a Paused media session is not active
eric.carlson@apple.com [Mon, 21 Jul 2014 15:03:11 +0000 (15:03 +0000)]
[iOS] a Paused media session is not active
https://bugs.webkit.org/show_bug.cgi?id=135108

Reviewed by Darin Adler.

Activating the shared AudioSession will pause audio playing in another application,
so only report a Playing media sessions as active.

* platform/audio/MediaSessionManager.cpp:
* platform/audio/MediaSessionManager.h:
(WebCore::MediaSessionManager::activeAudioSessionRequired): Renamed from hasActive to make
clear what it does. Only return true for a session that is Playing.

* platform/audio/mac/MediaSessionManagerMac.cpp:
(MediaSessionManager::updateSessionState): hasActive renamed to activeAudioSessionRequired.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171299 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[GTK] Documentation files are added twice to the tarball
carlosgc@webkit.org [Mon, 21 Jul 2014 09:38:26 +0000 (09:38 +0000)]
[GTK] Documentation files are added twice to the tarball
https://bugs.webkit.org/show_bug.cgi?id=135115

Reviewed by Sergio Villar Senin.

* gtk/manifest.txt: Remove duplicated rules.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171298 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[GTK] Simplify make-dist command line arguments
carlosgc@webkit.org [Mon, 21 Jul 2014 09:04:59 +0000 (09:04 +0000)]
[GTK] Simplify make-dist command line arguments
https://bugs.webkit.org/show_bug.cgi?id=134832

Reviewed by Martin Robinson.

.:
* Source/PlatformGTK.cmake: Use --version instead of
--tarball-root when running make-dist.py.

Tools:
Remove --tarball-root and -o command line options and add
--version, since the version can be used to build both, the
tarball root and the output filename. When the version it's not
provided, the pkg-config file is used to get the version. Also
change the default value of build-dir to the current directory,
since it's very common to call make-dist.py from the build dir.

* gtk/make-dist.py:
(get_tarball_root_and_output_filename_from_arguments):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171297 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[GTK] Reduce the size of the tarball generated by distcheck
carlosgc@webkit.org [Mon, 21 Jul 2014 08:30:12 +0000 (08:30 +0000)]
[GTK] Reduce the size of the tarball generated by distcheck
https://bugs.webkit.org/show_bug.cgi?id=134802

Reviewed by Martin Robinson.

Add more rules to the manifest to decide what files to add:

  - Do not include platform specific directories of other ports.
  - Do not include port specific cmake files.
  - Do not include Objective-C sources.
  - Do not include .orig and .rej files.
  - Do not include mac specific sandbox files.
  - Only include the resources we actually build.

* gtk/manifest.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171296 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[CSS Blending] Cleanup tests in css3/blending
rosca@adobe.com [Mon, 21 Jul 2014 08:26:37 +0000 (08:26 +0000)]
[CSS Blending] Cleanup tests in css3/blending
https://bugs.webkit.org/show_bug.cgi?id=132600

Reviewed by Mihnea Ovidenie.

Summary of changes:
- move common stylesheet classes to blending-style.css.
- remove trailing white spaces.
- replace tabs with spaces.
- remove the 'html' tags for consistency with the most of blending tests.

This patch does not change the txt and png test expectations.

* css3/blending/background-blend-mode-background-attachement-fixed-expected.html:
* css3/blending/background-blend-mode-background-attachement-fixed.html:
* css3/blending/background-blend-mode-background-clip-content-box-expected.html:
* css3/blending/background-blend-mode-background-clip-content-box.html:
* css3/blending/background-blend-mode-background-clip-padding-box-expected.html:
* css3/blending/background-blend-mode-background-clip-padding-box.html:
* css3/blending/background-blend-mode-background-origin-border-box-expected.html:
* css3/blending/background-blend-mode-background-origin-border-box.html:
* css3/blending/background-blend-mode-background-position-percentage-expected.html:
* css3/blending/background-blend-mode-background-position-percentage.html:
* css3/blending/background-blend-mode-background-repeat-no-repeat-expected.html:
* css3/blending/background-blend-mode-background-repeat-no-repeat.html:
* css3/blending/background-blend-mode-background-size-contain-expected.html:
* css3/blending/background-blend-mode-background-size-contain.html:
* css3/blending/background-blend-mode-background-size-cover-expected.html:
* css3/blending/background-blend-mode-background-size-cover.html:
* css3/blending/background-blend-mode-body-image-expected.html:
* css3/blending/background-blend-mode-body-image.html:
* css3/blending/background-blend-mode-body-transparent-color-and-image-expected.html:
* css3/blending/background-blend-mode-body-transparent-color-and-image.html:
* css3/blending/background-blend-mode-body-transparent-image-expected.html:
* css3/blending/background-blend-mode-body-transparent-image.html:
* css3/blending/background-blend-mode-crossfade-image-expected.html:
* css3/blending/background-blend-mode-crossfade-image.html:
* css3/blending/background-blend-mode-data-uri-svg-image-expected.html:
* css3/blending/background-blend-mode-data-uri-svg-image.html:
* css3/blending/background-blend-mode-default-value.html:
* css3/blending/background-blend-mode-different-image-formats.html:
* css3/blending/background-blend-mode-gif-color-2.html:
* css3/blending/background-blend-mode-gif-color.html:
* css3/blending/background-blend-mode-gradient-color.html:
* css3/blending/background-blend-mode-gradient-gradient.html:
* css3/blending/background-blend-mode-gradient-image.html:
* css3/blending/background-blend-mode-image-color-dynamic-expected.html:
* css3/blending/background-blend-mode-image-color-dynamic.html:
* css3/blending/background-blend-mode-image-color.html:
* css3/blending/background-blend-mode-image-image.html:
* css3/blending/background-blend-mode-image-svg.html:
* css3/blending/background-blend-mode-multiple-background-layers.html:
* css3/blending/background-blend-mode-separate-layer-declaration-expected.html:
* css3/blending/background-blend-mode-separate-layer-declaration.html:
* css3/blending/background-blend-mode-single-layer-no-blending.html:
* css3/blending/background-blend-mode-svg-color.html:
* css3/blending/background-blend-mode-svg-expected.html:
* css3/blending/background-blend-mode-svg.html:
* css3/blending/background-blend-mode-tiled-layers.html:
* css3/blending/blend-mode-accelerated-parent-overflow-hidden-expected.html:
* css3/blending/blend-mode-accelerated-parent-overflow-hidden.html:
* css3/blending/blend-mode-accelerated-with-multiple-stacking-contexts.html:
* css3/blending/blend-mode-ancestor-clipping-layer.html:
* css3/blending/blend-mode-background.html:
* css3/blending/blend-mode-blended-element-overlapping-composited-sibling-should-have-compositing-layer.html:
* css3/blending/blend-mode-body-child-background-color-expected.html:
* css3/blending/blend-mode-body-child-background-color.html:
* css3/blending/blend-mode-body-child-isolate-background-color-expected.html:
* css3/blending/blend-mode-body-child-isolate-background-color.html:
* css3/blending/blend-mode-body-child-isolate-html-background-color-expected.html:
* css3/blending/blend-mode-body-child-isolate-html-background-color.html:
* css3/blending/blend-mode-body-child.html:
* css3/blending/blend-mode-body-element-expected.html:
* css3/blending/blend-mode-body-element.html:
* css3/blending/blend-mode-clip-accelerated-blending-canvas.html:
* css3/blending/blend-mode-clip-accelerated-blending-child-expected.html:
* css3/blending/blend-mode-clip-accelerated-blending-child.html:
* css3/blending/blend-mode-clip-accelerated-blending-double-expected.html:
* css3/blending/blend-mode-clip-accelerated-blending-double.html:
* css3/blending/blend-mode-clip-accelerated-blending-with-siblings-expected.html:
* css3/blending/blend-mode-clip-accelerated-blending-with-siblings.html:
* css3/blending/blend-mode-clip-accelerated-transformed-blending-expected.html:
* css3/blending/blend-mode-clip-accelerated-transformed-blending.html:
* css3/blending/blend-mode-clip-rect-accelerated-blending-expected.html:
* css3/blending/blend-mode-clip-rect-accelerated-blending.html:
* css3/blending/blend-mode-html-element-screen.html:
* css3/blending/blend-mode-isolated-group-1.html:
* css3/blending/blend-mode-isolated-group-2.html:
* css3/blending/blend-mode-isolated-group-3.html:
* css3/blending/blend-mode-isolation-accelerated-overflow-hidden.html:
* css3/blending/blend-mode-isolation-flags-append-non-stacking-context-blending.html:
* css3/blending/blend-mode-isolation-flags-append-stacking-context-blending.html:
* css3/blending/blend-mode-isolation-flags-remove-non-stacking-context-blending.html:
* css3/blending/blend-mode-isolation-flags-remove-stacking-context-blending.html:
* css3/blending/blend-mode-isolation-flags-turn-off-blending-no-isolation.html:
* css3/blending/blend-mode-isolation-flags-turn-off-blending.html:
* css3/blending/blend-mode-isolation-flags-turn-off-stacking-context.html:
* css3/blending/blend-mode-isolation-flags-turn-on-blending.html:
* css3/blending/blend-mode-isolation-flags-turn-on-stacking-context.html:
* css3/blending/blend-mode-isolation-overflow-hidden-expected.html:
* css3/blending/blend-mode-isolation-overflow-hidden.html:
* css3/blending/blend-mode-isolation-turn-off-self-painting-layer.html:
* css3/blending/blend-mode-isolation-turn-off-self-painting-layer1.html:
* css3/blending/blend-mode-isolation-turn-off-self-painting-layer2.html:
* css3/blending/blend-mode-isolation-turn-on-self-painting-layer.html:
* css3/blending/blend-mode-layers.html:
* css3/blending/blend-mode-overflow.html:
* css3/blending/blend-mode-parent-of-composited-blended-has-layer.html:
* css3/blending/blend-mode-reflection.html:
* css3/blending/blend-mode-simple-composited.html:
* css3/blending/blend-mode-transform-style.html:
* css3/blending/blend-mode-with-accelerated-sibling.html:
* css3/blending/blend-mode-with-body-expected.html:
* css3/blending/blend-mode-with-body.html:
* css3/blending/blend-mode-with-composited-descendant-should-have-layer.html:
* css3/blending/effect-background-blend-mode-stacking.html:
* css3/blending/isolation-isolate-blended-child-expected.html:
* css3/blending/isolation-isolate-blended-child.html:
* css3/blending/repaint/blend-mode-isolate-stacking-context.html:
* css3/blending/repaint/blend-mode-turn-off-isolation-no-effect.html:
* css3/blending/repaint/blend-mode-turn-off-isolation.html:
* css3/blending/resources/blending-style.css: Added.
This file contains classes shared by multiple blending tests.

* css3/blending/resources/dump-layer-tree.js: Added.
* css3/blending/script-tests/background-blend-mode-property-parsing.js:
* css3/blending/script-tests/blend-mode-property-parsing-invalid.js:
* css3/blending/script-tests/blend-mode-property-parsing.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171295 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed. Update GObject DOM bindings test results after r171285.
carlosgc@webkit.org [Mon, 21 Jul 2014 08:18:10 +0000 (08:18 +0000)]
Unreviewed. Update GObject DOM bindings test results after r171285.

* bindings/scripts/test/GObject/WebKitDOMTestActiveDOMObject.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestCustomNamedGetter.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestEventConstructor.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestEventTarget.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestException.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestGenerateIsReachable.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestMediaQueryListListener.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestNamedConstructor.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestNondeterministic.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestOverloadedConstructors.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestSerializedScriptValueInterface.cpp:
* bindings/scripts/test/GObject/WebKitDOMTestTypedefs.cpp:
* bindings/scripts/test/GObject/WebKitDOMattribute.cpp:
* bindings/scripts/test/GObject/WebKitDOMreadonly.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171294 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[CSS Grid Layout] Rename gridAutoFlow[Row|Column] to gridAutoFlow[Row|Column]Sparse
rego@igalia.com [Mon, 21 Jul 2014 07:46:35 +0000 (07:46 +0000)]
[CSS Grid Layout] Rename gridAutoFlow[Row|Column] to gridAutoFlow[Row|Column]Sparse
https://bugs.webkit.org/show_bug.cgi?id=135013

Rename CSS styles in grid layout tests to make the name more explicit.
As the default mode for auto-placement algorithm is "sparse".

Reviewed by Darin Adler.

* fast/css-grid-layout/grid-auto-columns-rows-auto-flow-resolution.html:
* fast/css-grid-layout/grid-auto-flow-get-set-expected.txt:
* fast/css-grid-layout/grid-auto-flow-get-set.html:
* fast/css-grid-layout/grid-auto-flow-resolution.html:
* fast/css-grid-layout/grid-auto-flow-sparse.html:
* fast/css-grid-layout/grid-item-addition-auto-placement-update.html:
* fast/css-grid-layout/grid-item-auto-placement-automatic-span.html:
* fast/css-grid-layout/grid-item-auto-placement-definite-span.html:
* fast/css-grid-layout/grid-item-order-auto-flow-resolution.html:
* fast/css-grid-layout/grid-item-removal-auto-placement-update.html:
* fast/css-grid-layout/resources/grid.css:
(.gridAutoFlowColumnSparse):
(.gridAutoFlowRowSparse):
(.gridAutoFlowColumn): Deleted.
(.gridAutoFlowRow): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171293 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed Fix test crashes when cloning video layer since r171286
jeremyj-wk@apple.com [Mon, 21 Jul 2014 06:16:44 +0000 (06:16 +0000)]
Unreviewed Fix test crashes when cloning video layer since r171286
https://bugs.webkit.org/show_bug.cgi?id=135112

Unreviewed. Fix crashing tests by conditionalizing inline video layer change.
compositing/video/video-reflection.html [ Crash ]
media/video-layer-crash.html [ Crash ]

* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: add conditional
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): ditto
(WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto
(WebCore::MediaPlayerPrivateAVFoundationObjC::platformLayer): ditto

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171292 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix warnings caused by unused parameter.
commit-queue@webkit.org [Mon, 21 Jul 2014 05:36:59 +0000 (05:36 +0000)]
Fix warnings caused by unused parameter.
https://bugs.webkit.org/show_bug.cgi?id=134975

Patch by KwangHyuk Kim <hyuki.kim@samsung.com> on 2014-07-20
Reviewed by Gyuyoung Kim.

Fix warnings on EwkView.cpp and LegacySessionStateCodingNone.cpp that are caused by unused parameter data.

* UIProcess/API/efl/EwkView.cpp:
(EwkViewEventHandler<EVAS_CALLBACK_MOUSE_IN>::handleEvent):
* UIProcess/LegacySessionStateCodingNone.cpp:
(WebKit::decodeLegacySessionState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171291 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[EFL] Enable mpg123 feature for gst-plugin-bad.
commit-queue@webkit.org [Mon, 21 Jul 2014 05:34:22 +0000 (05:34 +0000)]
[EFL] Enable mpg123 feature for gst-plugin-bad.
https://bugs.webkit.org/show_bug.cgi?id=135016

Patch by KwangHyuk Kim <hyuki.kim@samsung.com> on 2014-07-20
Reviewed by Laszlo Gombos.

enable-mpg123 feature is added to jhbuild in order to support playback of mp3 format.

* efl/install-dependencies:
* efl/jhbuild.modules:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171290 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoReduce the chances of a race condition when sharing SharedBuffer
psolanki@apple.com [Mon, 21 Jul 2014 04:30:19 +0000 (04:30 +0000)]
Reduce the chances of a race condition when sharing SharedBuffer
https://bugs.webkit.org/show_bug.cgi?id=135060
<rdar://problem/17729444>

Reviewed by Darin Adler.

We currently pass a SharedBuffer wrapped in WebCoreSharedBufferData to ImageIO for image
decoding. This is not thread safe since ImageIO will access this buffer on a separate
thread. We access SharedBuffer::buffer() on the other thread which resizes the Vector
m_buffer if m_size is greater than the vector size. Since the code in SharedBuffer::append()
sets m_size before appending the data to the buffer, m_size is out of sync with the m_buffer
size for the entire duration of the Vector append which could be doing a lot of copying if
the resource is large. While this change does not fix the race condition, we can at least
reduce the chances of SharedBuffer::buffer() calling resize() by setting m_size after the
cector has finished appending.

No new tests because no functional changes.

* platform/SharedBuffer.cpp:
(WebCore::SharedBuffer::append):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171289 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoDisable ff/rw based on canPlayFastForward and canPlayFastRewind.
commit-queue@webkit.org [Mon, 21 Jul 2014 03:08:25 +0000 (03:08 +0000)]
Disable ff/rw based on canPlayFastForward and canPlayFastRewind.
https://bugs.webkit.org/show_bug.cgi?id=134894

Patch by Jeremy Jones <jeremyj@apple.com> on 2014-07-20
Reviewed by Darin Adler.

Source/WebCore:
* WebCore.exp.in: add symbol for canPlayFastReverse
* html/HTMLMediaElement.cpp: Add two new accessors
(WebCore::HTMLMediaElement::nextScanRate): possibly limit scanRate
(WebCore::HTMLMediaElement::canPlayFastForward): added
(WebCore::HTMLMediaElement::canPlayFastReverse): added
* html/HTMLMediaElement.h: declare two new methods
* platform/graphics/MediaPlayer.cpp: Plumb through two new accessors
(WebCore::MediaPlayer::maxFastForwardRate): added
(WebCore::MediaPlayer::minFastReverseRate): added
* platform/graphics/MediaPlayer.h: Declare new methods
* platform/graphics/MediaPlayerPrivate.h: Added two new methods.
(WebCore::MediaPlayerPrivateInterface::maxFastForwardRate): added
(WebCore::MediaPlayerPrivateInterface::minFastReverseRate): added
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: member to cache ff/rw enabled state
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): observe on item canPlayFastForward canPlayFastReverse
(WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayFastForwardDidChange): added
(WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayFastReverseDidChange): added
(WebCore::itemKVOProperties): observe canPlayFastForward canPlayFastRewind
(-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]): ditto
* platform/ios/WebVideoFullscreenInterface.h: add new method
* platform/ios/WebVideoFullscreenInterfaceAVKit.h: ditto
* platform/ios/WebVideoFullscreenInterfaceAVKit.mm: ditto
(WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse): Set value on WebAVPlayerController.
(-[WebAVPlayerController canScanBackward]): Deleted.
(+[WebAVPlayerController keyPathsForValuesAffectingCanScanBackward]): Deleted.
* platform/ios/WebVideoFullscreenModelMediaElement.mm:
(WebVideoFullscreenModelMediaElement::updateForEventName): update canPlayFastReverse.

Source/WebKit2:
Add setCanPlayFastReverse

* UIProcess/ios/WebVideoFullscreenManagerProxy.messages.in: ditto
* WebProcess/ios/WebVideoFullscreenManager.h: ditto
* WebProcess/ios/WebVideoFullscreenManager.mm: ditto
(WebKit::WebVideoFullscreenManager::setCanPlayFastReverse): ditto

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171288 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoHTMLMediaElement should registerWithDocument on iOS
barraclough@apple.com [Mon, 21 Jul 2014 02:34:09 +0000 (02:34 +0000)]
HTMLMediaElement should registerWithDocument on iOS
https://bugs.webkit.org/show_bug.cgi?id=135084
<rdar://problem/17702531>

Reviewed by Andreas Kling.

Otherwise it won't know when the visibility changes!

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::registerWithDocument):
(WebCore::HTMLMediaElement::unregisterWithDocument):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171287 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoDecrease flicker when enter and exit fullscreen.
commit-queue@webkit.org [Mon, 21 Jul 2014 02:30:24 +0000 (02:30 +0000)]
Decrease flicker when enter and exit fullscreen.
https://bugs.webkit.org/show_bug.cgi?id=134919

Patch by Jeremy Jones <jeremyj@apple.com> on 2014-07-20
Reviewed by Simon Fraser.

Source/WebCore:
Put AVPlayerLayer in a container layer so moving it between inline and fullscreen
is as easy as adding and removing it from a containter layer; no need to do a layout.

Make sure fullscreen layers are transparent before moving moving the AVPlayerLayer
between inline and fullscreen so you don't briefly see the empty fullscreen layers.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::platformLayer): remove fullscreen special case.
(WebCore::HTMLMediaElement::setVideoFullscreenLayer): no need to recalc style
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: add inline container layer
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
add WebVideoContainerLayer to contain AVPlayerLayer and keep layout correct.
(-[WebVideoContainerLayer setBounds:]): forward setbounds to set child frame.
(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): create the video container layer
(WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): destroy the video container layer
(WebCore::MediaPlayerPrivateAVFoundationObjC::platformLayer): use container layer instead of video layer
(WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer): use transactions to prevent unwanted animation.
(WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame): ditto
* platform/graphics/ca/mac/PlatformCALayerMac.mm:
(PlatformCALayerMac::layerTypeForPlatformLayer): WebVideoContainerLayer is a kind of AVPlayerLayer
* platform/ios/WebVideoFullscreenControllerAVKit.mm:
(-[WebVideoFullscreenController didCleanupFullscreen]): remove video fullscreen layer first
* platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
(WebVideoFullscreenInterfaceAVKit::setupFullscreen): make background transparent during transition.
   dispatch_async to allow CATransaction to complete before calling didSetupFullscreen()

Source/WebKit2:
Change the sequence of tear down and use transparency to prevent flicker when entering and exiting fullscreen.

* UIProcess/ios/WebVideoFullscreenManagerProxy.mm: wait to remove layerHost until didCleanupFullscreen
(WebKit::WebVideoFullscreenManagerProxy::didExitFullscreen): removed from here
(WebKit::WebVideoFullscreenManagerProxy::didCleanupFullscreen): added here
* WebProcess/ios/WebVideoFullscreenManager.mm:
(WebKit::WebVideoFullscreenManager::didSetupFullscreen): use transparent background during transition

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171286 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoMove ExceptionCodeDescription.h into the files that actually need it
ryuan.choi@samsung.com [Mon, 21 Jul 2014 02:19:48 +0000 (02:19 +0000)]
Move ExceptionCodeDescription.h into the files that actually need it
https://bugs.webkit.org/show_bug.cgi?id=134968

Reviewed by Darin Adler.

No new tests because no functional changes.

* Modules/indexeddb/IDBDatabaseException.cpp:
* Modules/webdatabase/SQLException.cpp:
* bindings/js/JSDOMBinding.cpp:
* bindings/objc/ExceptionHandlers.mm:
* bindings/scripts/CodeGeneratorGObject.pm:
(Generate):
* dom/DOMCoreException.cpp:
* dom/EventException.cpp:
* dom/ExceptionBase.cpp:
* dom/ExceptionCode.h:
* dom/RangeException.cpp:
* fileapi/FileException.cpp:
* inspector/DOMEditor.cpp:
* inspector/InspectorDOMAgent.cpp:
* svg/SVGException.cpp:
* xml/XMLHttpRequestException.cpp:
* xml/XPathException.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171285 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoSource/WebCore: <rdar://problems/17742611> -[_WKActivatedElementInfo image] is often...
mitz@apple.com [Mon, 21 Jul 2014 00:34:18 +0000 (00:34 +0000)]
Source/WebCore: <rdar://problems/17742611> -[_WKActivatedElementInfo image] is often empty
https://bugs.webkit.org/show_bug.cgi?id=135107

Reviewed by Sam Weinig.

Test: TestWebKitAPI/Tests/mac/RenderedImageFromDOMNode.mm

* page/FrameView.cpp:
(WebCore::FrameView::paintContents): To work around http://webkit.org/b/135106, replace the
paint root with its nearest ancestor that isn’t an inline with culled line boxes, if needed.

Tools: Test for <rdar://problems/17742611> -[_WKActivatedElementInfo image] is often empty
https://bugs.webkit.org/show_bug.cgi?id=135107

Reviewed by Sam Weinig.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/mac/RenderedImageFromDOMNode.mm: Added.
(-[RenderedImageFromDOMNodeFrameLoadDelegate webView:didFinishLoadForFrame:]):
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171284 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoCrashes seen in wheel event handling
darin@apple.com [Sun, 20 Jul 2014 20:11:57 +0000 (20:11 +0000)]
Crashes seen in wheel event handling
https://bugs.webkit.org/show_bug.cgi?id=135102

Reviewed by Beth Dakin.

Speculative fix based on guesses about what could be crashing.
The crash seems to be calling ref on an event target, and my guess is that this
has something to do with latching.

* page/EventHandler.cpp:
(WebCore::EventHandler::platformPrepareForWheelEvents): Updated argument types.
(WebCore::EventHandler::handleWheelEvent): Refactored a little and made some local
variables use RefPtr instead of raw pointers. Also added some comments.

* page/EventHandler.h: Changed argument types to RefPtr.

* page/mac/EventHandlerMac.mm:
(WebCore::EventHandler::platformPrepareForWheelEvents): Updated argument types.
Also added a FIXME.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171283 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoPrint layerIDs in GraphicsLayer dumps
simon.fraser@apple.com [Sun, 20 Jul 2014 18:00:52 +0000 (18:00 +0000)]
Print layerIDs in GraphicsLayer dumps
https://bugs.webkit.org/show_bug.cgi?id=135100

Reviewed by Darin Adler.

When calling showGraphicsLayerTree() from the debugger, it's useful to show
layerIDs so they can be correlated with remote layer tree transactions. So
when dumping with debug info, dump the primary layer ID.

* platform/graphics/GraphicsLayer.cpp:
(WebCore::GraphicsLayer::dumpProperties):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171282 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUpdated Radar link
mitz@apple.com [Sun, 20 Jul 2014 16:49:40 +0000 (16:49 +0000)]
Updated Radar link

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171281 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago<rdar://problem/17739804> REGRESSION (r171057): Crash in WebPage::getPositionInformat...
mitz@apple.com [Sun, 20 Jul 2014 16:48:35 +0000 (16:48 +0000)]
<rdar://problem/17739804> REGRESSION (r171057): Crash in WebPage::getPositionInformation()
https://bugs.webkit.org/show_bug.cgi?id=135099

Reviewed by David Kilzer.

* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::getPositionInformation): Added a null check.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171280 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[iOS] ignore requests to set volume
eric.carlson@apple.com [Sun, 20 Jul 2014 16:45:34 +0000 (16:45 +0000)]
[iOS] ignore requests to set volume
https://bugs.webkit.org/show_bug.cgi?id=135081

Applied post-review comments from Darin Adler.

* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Don't include unreachable
    code on iOS.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171279 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoES6: Implement Math.sign()
commit-queue@webkit.org [Sun, 20 Jul 2014 16:16:57 +0000 (16:16 +0000)]
ES6: Implement Math.sign()
https://bugs.webkit.org/show_bug.cgi?id=134980

Patch by Diego Pino Garcia <dpino@igalia.com> on 2014-07-20
Reviewed by Darin Adler.

Source/JavaScriptCore:
* runtime/MathObject.cpp:
(JSC::MathObject::finishCreation):
(JSC::mathProtoFuncSign):

LayoutTests:
* js/script-tests/Object-getOwnPropertyNames.js:
* js/script-tests/math.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171278 268f45cc-cd09-0410-ab3c-d52691b4dbfc