WebKit-https.git
4 years agoDFG::StoreBarrierInsertionPhase should assume that any epoch increment may make objec...
fpizlo@apple.com [Tue, 20 Sep 2016 22:57:16 +0000 (22:57 +0000)]
DFG::StoreBarrierInsertionPhase should assume that any epoch increment may make objects older
https://bugs.webkit.org/show_bug.cgi?id=162319

Reviewed by Saam Barati.

The store barrier phase needs to be aware of the fact that an object that is not in the
OldBlack state may be concurrently brought into that state. That means that:

- We cannot reason about the relative ages of objects. An object is either new, in which
  case we can store to it without barriers, or it's not in which case it needs a barrier.

- After we insert a barrier on an object, the object is no longer new, because now the GC
  knows about it and the GC may do things to it, like make it OldBlack.

This is a perf-neutral change. These optimizations were never particularly profitable.

* dfg/DFGStoreBarrierInsertionPhase.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206183 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUse a hardcoded patch for sRGB color profile
ap@apple.com [Tue, 20 Sep 2016 22:36:02 +0000 (22:36 +0000)]
Use a hardcoded patch for sRGB color profile
https://bugs.webkit.org/show_bug.cgi?id=162320
rdar://problem/28387318

Reviewed by Simon Fraser.

This is a workaround for rdar://problem/28392768

* DumpRenderTree/mac/LayoutTestHelper.m:
(installLayoutTestColorProfile):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206182 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove "in-store" from "-apple-pay-button-type"
andersca@apple.com [Tue, 20 Sep 2016 22:30:49 +0000 (22:30 +0000)]
Remove "in-store" from "-apple-pay-button-type"
https://bugs.webkit.org/show_bug.cgi?id=162321
rdar://problem/28394581

Reviewed by Beth Dakin.

* css/CSSPrimitiveValueMappings.h:
(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::operator ApplePayButtonType):
* css/CSSValueKeywords.in:
* css/parser/CSSParser.cpp:
(WebCore::isValidKeywordPropertyAndValue):
* css/parser/CSSParserFastPaths.cpp:
(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
* rendering/RenderThemeCocoa.mm:
(WebCore::toPKPaymentButtonType):
* rendering/style/RenderStyleConstants.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206181 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r206178.
ryanhaddad@apple.com [Tue, 20 Sep 2016 22:30:29 +0000 (22:30 +0000)]
Unreviewed, rolling out r206178.

This change caused buildbot config issues.

Reverted changeset:

"Add Sierra bots to buildbot and dashboard."
https://bugs.webkit.org/show_bug.cgi?id=162249
http://trac.webkit.org/changeset/206178

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206180 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix occasional using uninitialized memory crashes after r206168.
achristensen@apple.com [Tue, 20 Sep 2016 22:19:16 +0000 (22:19 +0000)]
Fix occasional using uninitialized memory crashes after r206168.
https://bugs.webkit.org/show_bug.cgi?id=162247

This fixes a crash in imported/w3c/web-platform-tests/url/urlsearchparams-constructor.html
I could reproduce about 10% of the time.

* html/URLSearchParams.h:
Initialize the pointer to nullptr.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206179 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd Sierra bots to buildbot and dashboard.
commit-queue@webkit.org [Tue, 20 Sep 2016 22:16:31 +0000 (22:16 +0000)]
Add Sierra bots to buildbot and dashboard.
https://bugs.webkit.org/show_bug.cgi?id=162249

Patch by Dean Johnson <dean_johnson@apple.com> on 2016-09-20
Reviewed by Alexey Proskuryakov.

* BuildSlaveSupport/build.webkit.org-config/config.json:
* BuildSlaveSupport/build.webkit.org-config/mastercfg_unittest.py:
* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/WebKitBuildbot.js:
(WebKitBuildbot):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206178 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoReduce allocations in URLParser
achristensen@apple.com [Tue, 20 Sep 2016 21:50:30 +0000 (21:50 +0000)]
Reduce allocations in URLParser
https://bugs.webkit.org/show_bug.cgi?id=162241

Reviewed by Chris Dumez.

Source/WebCore:

Use Vectors instead of StringBuilders.  This allows us to use the inline capacity on the stack
for short URLs (<2KB) and also allows us to skip branches because we know whether the
contained type is UChar or LChar at compile time.  It also allows us to use uncheckedAppend.

Added new API tests for parts that were less tested, but there is
no change in behavior except for a performance improvement.

* platform/URLParser.cpp:
(WebCore::appendCodePoint):
(WebCore::encodeQuery):
(WebCore::URLParser::failure):
(WebCore::URLParser::parse):
(WebCore::percentDecode):
(WebCore::domainToASCII):
(WebCore::hasInvalidDomainCharacter):
(WebCore::URLParser::parseHost):
(WebCore::formURLDecode):
(WebCore::isC0Control): Deleted.
* platform/URLParser.h:

Tools:

* TestWebKitAPI/Tests/WebCore/URLParser.cpp:
(TestWebKitAPI::TEST_F):
(TestWebKitAPI::checkURL):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206177 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCan't present a payment sheet if a sheet is already active in another window
andersca@apple.com [Tue, 20 Sep 2016 21:43:26 +0000 (21:43 +0000)]
Can't present a payment sheet if a sheet is already active in another window
https://bugs.webkit.org/show_bug.cgi?id=162314
rdar://problem/27643511

Reviewed by Tim Horton.

Instead of keeping track of whether a sheet is active or not, keep track of its underlying payment coordinator proxy,
so we can hide it and send a cancel event to WebCore if another sheet is being presented.

* UIProcess/ApplePay/WebPaymentCoordinatorProxy.cpp:
(WebKit::WebPaymentCoordinatorProxy::~WebPaymentCoordinatorProxy):
(WebKit::WebPaymentCoordinatorProxy::showPaymentUI):
(WebKit::WebPaymentCoordinatorProxy::didReachFinalState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206176 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRename MarkedSpace::version/MarkedBlock::version to MarkedSpace::markingVersion/Marke...
fpizlo@apple.com [Tue, 20 Sep 2016 21:04:06 +0000 (21:04 +0000)]
Rename MarkedSpace::version/MarkedBlock::version to MarkedSpace::markingVersion/MarkedBlock::markingVersion
https://bugs.webkit.org/show_bug.cgi?id=162310

Reviewed by Geoffrey Garen.

In bug 162309, which is part of my concurrent GC work, I'll need to introduce a second
version-based flip. This one will be for newlyAllocated bits. This will allow me to
cheaply preserve per-object live state during marking. MarkedBlock::aboutToMarkSlow() will
do this instead of clearMarks():

    - Walk the mark bits, simultaneously counting the number of set bits and clearing
      them.
    - If the count is zero, then we're done.
    - If the count is equal to the max number of cells in the block, then set the
      allocated bit for the block.
    - If the count is something else, create a newlyAllocated vector.

The hope is that the last mode is going to be rare, since most blocks are not fragmented
at end of GC. Usually, we will fill them in with objects by allocating! But if we do
create newlyAllocated bits then we need to have some way of blowing them away later.

This is where a second version comes in. We can have a version for newlyAllocated bits,
which we increment at the end of marking, at around the same time that we clear all
allocated bits.

This means that the MarkedBlock will have two different version-based flips, so terms like
"flip" and "version" aren't enough.

This patch gets rid of the term "flip" entirely. It's a term of art in GCs that refers to
the state change at the beginning or end of GC. It refers to the logical state change, not
the physical one. It doesn't actually make sense to speak of a block being flipped
independently of other blocks. It's true that our implementation of the flip makes some
state updates happen lazily, but the block updating itself in some way (like clearing mark
bits) isn't the flip - the flip already happened when the version was incremented.

We no longer refer to a version without qualifying what kind of version it is. The type is
HeapVersion. All of the version members were renamed to markingVersion, to reflect the
fact that this version is just used for doing things to marking state. Instead of asking
if the block needsFlip(), we ask if areMarksStale().

This will let us introduce a second version for newlyAllocated, and will let us speak of
the two versions unambiguously.

* heap/CellContainer.h:
* heap/CellContainerInlines.h:
(JSC::CellContainer::isMarked):
(JSC::CellContainer::isMarkedOrNewlyAllocated):
(JSC::CellContainer::aboutToMark):
(JSC::CellContainer::areMarksStale):
(JSC::CellContainer::needsFlip): Deleted.
* heap/ConservativeRoots.cpp:
(JSC::ConservativeRoots::genericAddPointer):
(JSC::ConservativeRoots::genericAddSpan):
* heap/HeapInlines.h:
(JSC::Heap::isMarked):
(JSC::Heap::isMarkedConcurrently):
(JSC::Heap::testAndSetMarked):
* heap/HeapUtil.h:
(JSC::HeapUtil::findGCObjectPointersForMarking):
* heap/MarkedAllocator.cpp:
(JSC::MarkedAllocator::isPagedOut):
* heap/MarkedBlock.cpp:
(JSC::MarkedBlock::MarkedBlock):
(JSC::MarkedBlock::Handle::specializedSweep):
(JSC::MarkedBlock::Handle::sweepHelperSelectSweepMode):
(JSC::MarkedBlock::Handle::sweepHelperSelectMarksMode):
(JSC::MarkedBlock::aboutToMarkSlow):
(JSC::MarkedBlock::clearMarks):
(JSC::MarkedBlock::assertMarksNotStale):
(JSC::MarkedBlock::areMarksStale):
(JSC::MarkedBlock::Handle::areMarksStale):
(JSC::MarkedBlock::isMarked):
(JSC::MarkedBlock::Handle::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::markCount):
(JSC::MarkedBlock::Handle::isLive):
(JSC::MarkedBlock::Handle::isLiveCell):
(JSC::MarkedBlock::Handle::sweepHelperSelectFlipMode): Deleted.
(JSC::MarkedBlock::assertFlipped): Deleted.
(JSC::MarkedBlock::needsFlip): Deleted.
(JSC::MarkedBlock::Handle::needsFlip): Deleted.
* heap/MarkedBlock.h:
(JSC::MarkedBlock::areMarksStale):
(JSC::MarkedBlock::aboutToMark):
(JSC::MarkedBlock::assertMarksNotStale):
(JSC::MarkedBlock::Handle::assertMarksNotStale):
(JSC::MarkedBlock::isMarked):
(JSC::MarkedBlock::isMarkedConcurrently):
(JSC::MarkedBlock::testAndSetMarked):
(JSC::MarkedBlock::Handle::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::needsFlip): Deleted.
(JSC::MarkedBlock::assertFlipped): Deleted.
(JSC::MarkedBlock::Handle::assertFlipped): Deleted.
* heap/MarkedBlockInlines.h:
(JSC::MarkedBlock::Handle::isLive):
(JSC::MarkedBlock::Handle::isLiveCell):
(JSC::MarkedBlock::resetMarkingVersion):
(JSC::MarkedBlock::resetVersion): Deleted.
* heap/MarkedSpace.cpp:
(JSC::MarkedSpace::beginMarking):
* heap/MarkedSpace.h:
(JSC::MarkedSpace::markingVersion):
(JSC::MarkedSpace::version): Deleted.
* heap/SlotVisitor.cpp:
(JSC::SlotVisitor::SlotVisitor):
(JSC::SlotVisitor::didStartMarking):
(JSC::SlotVisitor::appendJSCellOrAuxiliary):
(JSC::SlotVisitor::setMarkedAndAppendToMarkStack):
(JSC::SlotVisitor::markAuxiliary):
* heap/SlotVisitor.h:
(JSC::SlotVisitor::markingVersion):
(JSC::SlotVisitor::version): Deleted.
* heap/WeakBlock.cpp:
(JSC::WeakBlock::specializedVisit):
(JSC::WeakBlock::reap):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206172 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] Do not use EagerRun on tests counting recompilation
commit-queue@webkit.org [Tue, 20 Sep 2016 20:57:31 +0000 (20:57 +0000)]
[JSC] Do not use EagerRun on tests counting recompilation
https://bugs.webkit.org/show_bug.cgi?id=162248

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-09-20
Reviewed by Geoffrey Garen.

This patch adds defaultNoEagerRun to all the tests
for which recompilation is the symptom of a bug.
The reason is that an OSR Exit can be unrelated to the tested
nodes when we are running in Eager mode.

* stress/arith-abs-on-various-types.js:
* stress/arith-ceil-on-various-types.js:
* stress/arith-clz32-on-various-types.js:
* stress/arith-cos-on-various-types.js:
* stress/arith-floor-on-various-types.js:
* stress/arith-fround-on-various-types.js:
* stress/arith-log-on-various-types.js:
* stress/arith-round-on-various-types.js:
* stress/arith-sin-on-various-types.js:
* stress/arith-sqrt-on-various-types.js:
* stress/arith-tan-on-various-types.js:
* stress/arith-trunc-on-various-types.js:

* stress/compare-strict-eq-on-various-types.js:
(testAllTypesCall):
The value 2 came from the other tests.
CompareStrictEq supports many more cases, the worst case
is bool->int->int52->number->polymorphic.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206171 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAX: voiceover does not read contents of input role="spinbutton"
n_wang@apple.com [Tue, 20 Sep 2016 20:44:26 +0000 (20:44 +0000)]
AX: voiceover does not read contents of input role="spinbutton"
https://bugs.webkit.org/show_bug.cgi?id=162137

Reviewed by Chris Fleizach.

Source/WebCore:

The aria-valuenow attribute value on the spinbutton is not exposed
on iOS. We should expose aria-valuenow attribute for range controls
based on https://www.w3.org/TR/wai-aria/states_and_properties#aria-valuenow

Changes are covered in the modified test.

* accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper accessibilityValue]):

LayoutTests:

* accessibility/ios-simulator/spinbutton-expected.txt:
* accessibility/ios-simulator/spinbutton.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206170 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoURLParser: uidna_IDNToASCII_56 is deprecated
achristensen@apple.com [Tue, 20 Sep 2016 20:25:03 +0000 (20:25 +0000)]
URLParser: uidna_IDNToASCII_56 is deprecated
https://bugs.webkit.org/show_bug.cgi?id=161841

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2016-09-20
Reviewed by Alex Christensen.

Add pragmas to silence the warning, plus a FIXME.

* platform/URLParser.cpp:
(WebCore::domainToASCII):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206169 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMake URLSearchParams spec-compliant
achristensen@apple.com [Tue, 20 Sep 2016 20:11:54 +0000 (20:11 +0000)]
Make URLSearchParams spec-compliant
https://bugs.webkit.org/show_bug.cgi?id=162247

Reviewed by Chris Dumez and Sam Weinig.

LayoutTests/imported/w3c:

* web-platform-tests/url/url-constructor-expected.txt:

Source/WebCore:

Covered by newly-passing web platform tests.

* html/DOMURL.cpp:
(WebCore::DOMURL::~DOMURL):
(WebCore::DOMURL::setHref):
(WebCore::DOMURL::setQuery):
Update any associated URLSearchParams object when the query could change.
(WebCore::DOMURL::searchParams):
The lifetime of the URLSearchParams was wrong.  We were creating a new URLSearchParams each time
URL.searchParams was called, and we should have been creating one the first time and returning the
same instance for subsequent calls.  This means the DOMURL must own the URLSearchParams if it is associated,
but if it is not associated, then a URLSearchParams can live on its own.
* html/DOMURL.h:
* html/URLSearchParams.h:
(WebCore::URLSearchParams::URLDestroyed):
(WebCore::URLSearchParams::setContents):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206168 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove AuthorStyleSheets::m_hadActiveLoadingStylesheet bit
antti@apple.com [Tue, 20 Sep 2016 20:05:31 +0000 (20:05 +0000)]
Remove AuthorStyleSheets::m_hadActiveLoadingStylesheet bit
https://bugs.webkit.org/show_bug.cgi?id=162312

Reviewed by Chris Dumez.

* dom/AuthorStyleSheets.cpp:
(WebCore::AuthorStyleSheets::analyzeStyleSheetChange):

    We can handle loading sheets with the normal stylesheet change logic. Remove the special case.

(WebCore::filterEnabledNonemptyCSSStyleSheets):

    Filter out loading stylesheets.

* dom/AuthorStyleSheets.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206167 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdjust current networking logging
krollin@apple.com [Tue, 20 Sep 2016 20:03:45 +0000 (20:03 +0000)]
Adjust current networking logging
https://bugs.webkit.org/show_bug.cgi?id=162235

Reviewed by Antti Koivisto.

Update the "always on" network logging in order to better track the
loading of a particular resource and to better bind together the
resources downloaded for a particular page and frame. Do this by
consistently logging pageID, frameID, and resourceID.

Source/WebCore:

No new tests -- there are no tests for logging.

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::checkLoadCompleteForThisFrame):
* loader/ResourceLoader.h:
(WebCore::ResourceLoader::frame):

Source/WebKit2:

* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::didFinishLoading):
(WebKit::NetworkResourceLoader::didFailLoading):
(WebKit::NetworkResourceLoader::continueWillSendRequest):
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoad):
(WebKit::WebLoaderStrategy::startLocalLoad):
* WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::create):
(WebKit::WebResourceLoader::WebResourceLoader):
(WebKit::WebResourceLoader::willSendRequest):
(WebKit::WebResourceLoader::didReceiveResponse):
(WebKit::WebResourceLoader::didReceiveData):
(WebKit::WebResourceLoader::didFinishResourceLoad):
(WebKit::WebResourceLoader::didFailResourceLoad):
(WebKit::WebResourceLoader::didReceiveResource):
* WebProcess/Network/WebResourceLoader.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206166 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoNon-special URLs should have an opaque origin
achristensen@apple.com [Tue, 20 Sep 2016 20:01:08 +0000 (20:01 +0000)]
Non-special URLs should have an opaque origin
https://bugs.webkit.org/show_bug.cgi?id=162254

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

* web-platform-tests/url/a-element-expected.txt:
* web-platform-tests/url/a-element-xhtml-expected.txt:
* web-platform-tests/url/url-constructor-expected.txt:

Source/WebCore:

Covered by newly passing web platform tests.

* page/SecurityOrigin.cpp:
(WebCore::shouldTreatAsUniqueOrigin):
According to https://url.spec.whatwg.org/#origin all URLs with non-special protocols
should have a unique SecurityOrigin whose serialization is "null".

LayoutTests:

* http/tests/security/postMessage/invalid-origin-throws-exception-expected.txt:
* http/tests/security/postMessage/invalid-origin-throws-exception.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206165 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRebaseline builtins generator tests after r206155.
ryanhaddad@apple.com [Tue, 20 Sep 2016 19:31:30 +0000 (19:31 +0000)]
Rebaseline builtins generator tests after r206155.

Unreviewed test gardening.

* Scripts/tests/builtins/expected/WebCoreJSBuiltins.h-result:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206164 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[WinCairo] Not building since 206044
commit-queue@webkit.org [Tue, 20 Sep 2016 19:11:37 +0000 (19:11 +0000)]
[WinCairo]  Not building since 206044
https://bugs.webkit.org/show_bug.cgi?id=162246

Patch by Christopher Reid <Christopher.Reid@am.sony.com> on 2016-09-20
Reviewed by Alex Christensen.

No new tests. No change in behaviour.

* bindings/js/JSWebGLRenderingContextCustom.cpp:
* platform/network/curl/CookieJarCurl.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206163 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAlign URLParser with web platform tests when parsing non-special relative URLs ending...
achristensen@apple.com [Tue, 20 Sep 2016 18:46:26 +0000 (18:46 +0000)]
Align URLParser with web platform tests when parsing non-special relative URLs ending in AuthorityOrHost state
https://bugs.webkit.org/show_bug.cgi?id=162251

Reviewed by Tim Horton.

Source/WebCore:

Covered by new and updated API tests.

* platform/URLParser.cpp:
(WebCore::URLParser::parse):
Fix parsing of non-special URLs that end after scheme:// with no authority.
We used to assume that parsing non-special schemes would never end with just scheme:// but a string can indeed end right there.
When a non-special relative URL contains just scheme:// we need the resulting URL to be valid to conform with the web platform tests.
(WebCore::URLParser::parseHostAndPort):
Renamed to reflect what the function actually does.
(WebCore::URLParser::internalValuesConsistent):
Add utility function for testing.
(WebCore::URLParser::parseHost): Deleted.
* platform/URLParser.h:

Tools:

* TestWebKitAPI/Tests/WebCore/URLParser.cpp:
(TestWebKitAPI::checkURL):
(TestWebKitAPI::TEST_F):
(TestWebKitAPI::checkRelativeURL):
(TestWebKitAPI::checkURLDifferences):
(TestWebKitAPI::checkRelativeURLDifferences):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206162 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[css-grid] The 'grid' shorthand has a new syntax.
jfernandez@igalia.com [Tue, 20 Sep 2016 18:41:43 +0000 (18:41 +0000)]
[css-grid] The 'grid' shorthand has a new syntax.
https://bugs.webkit.org/show_bug.cgi?id=161954

Reviewed by Darin Adler.

Source/WebCore:

Implementation of the new CSS syntax for the 'grid' shorthand, as
defined in the CSS Grid Layout specification:
- https://drafts.csswg.org/css-grid/#grid-shorthand

No new tests, just adapted the ones we already have and added a few additional test cases.

* css/CSSValueKeywords.in:
* css/parser/CSSParser.cpp:
(WebCore::CSSParser::parseImplicitAutoFlow): Added. Similar to parseGridAutoFlow, but using the new 'auto-flow' keyword.
(WebCore::CSSParser::parseGridShorthand): New syntax of the 'grid' shorthand.
* css/parser/CSSParser.h:

LayoutTests:

Adapted the already defined test cases to the new syntax of the
'grid' shorthand. Also added a few additional test cases.

* fast/css-grid-layout/grid-shorthand-get-set-expected.txt:
* fast/css-grid-layout/grid-shorthand-get-set.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206161 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, fix cloop build.
fpizlo@apple.com [Tue, 20 Sep 2016 18:35:24 +0000 (18:35 +0000)]
Unreviewed, fix cloop build.

* runtime/VM.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206160 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoURLParser should allow '@' in user
achristensen@apple.com [Tue, 20 Sep 2016 18:34:19 +0000 (18:34 +0000)]
URLParser should allow '@' in user
https://bugs.webkit.org/show_bug.cgi?id=162272

Reviewed by Tim Horton.

Source/WebCore:

Covered by a new API test.

* platform/URLParser.cpp:
(WebCore::URLParser::parse):
The spec describes using an "@ flag" and rewinding iterators.  I've implemented the authority parsing
and host parsing a little differently, but this makes it equivalent.

Tools:

* TestWebKitAPI/Tests/WebCore/URLParser.cpp:
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206159 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoURLParser: Fix parsing relative URLs with one slash after the scheme:
achristensen@apple.com [Tue, 20 Sep 2016 18:31:27 +0000 (18:31 +0000)]
URLParser: Fix parsing relative URLs with one slash after the scheme:
https://bugs.webkit.org/show_bug.cgi?id=162294

Reviewed by Tim Horton.

Source/WebCore:

This fixes the relatively-obscure case where a relative URL has the same special scheme as the base,
but there is only one slash after the scheme: at the beginning of the relative URL.  According to spec,
this should be interpreted the same as if the scheme: were not there.
For example, parsing "http:/example.com/" relative to "http://example.org/foo/bar" should be the same as
parsing "/example.com/" relative to "http://example.org/foo/bar".

Covered by a new API test.

* platform/URLParser.cpp:
(WebCore::URLParser::parse):

Tools:

* TestWebKitAPI/Tests/WebCore/URLParser.cpp:
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206158 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix Windows file URL quirks in URLParser
achristensen@apple.com [Tue, 20 Sep 2016 18:27:37 +0000 (18:27 +0000)]
Fix Windows file URL quirks in URLParser
https://bugs.webkit.org/show_bug.cgi?id=162303

Reviewed by Tim Horton.

Source/WebCore:

Windows file urls allow c:\ and c|\ to have the same meaning, but when serialized they should both be c:/.
This is now standardized to allow cross-platform uniform behavior of URLs.

Covered by new API tests and progress on web platform tests when URLParser is enabled.

* platform/URLParser.cpp:
(WebCore::incrementIteratorSkippingTabAndNewLine):
(WebCore::isWindowsDriveLetter):
(WebCore::checkWindowsDriveLetter):
(WebCore::shouldCopyFileURL):
(WebCore::URLParser::parseSerializedURL):
(WebCore::URLParser::parse):

Tools:

* TestWebKitAPI/Tests/WebCore/URLParser.cpp:
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206157 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRename FrameData to ImageFrame, move it to a separate file and use it for all ports
commit-queue@webkit.org [Tue, 20 Sep 2016 18:24:41 +0000 (18:24 +0000)]
Rename FrameData to ImageFrame, move it to a separate file and use it for all ports
https://bugs.webkit.org/show_bug.cgi?id=159819

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-09-20
Reviewed by Simon Fraser.

Rename FrameData to ImageFrame and move it to a separate file so caching
it can be managed outside the BitmapImage object. Make the data members
of FrameData be private and add getters to return their values. Add backing
store and disposalMethod members, getter and setters to ImageFrame so it can
replace the non-CG ImageFrame class.

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:
Add ImageFrame class to WebCore project.

* platform/graphics/BitmapImage.cpp:
(WebCore::BitmapImage::BitmapImage): The metadata for the non-decoder case is now calculated in the ImageFrame::initialize().
(WebCore::BitmapImage::haveFrameImageAtIndex): Call ImageFrame's getters instead of access private members.
(WebCore::BitmapImage::destroyDecodedData): Pass ImageFrame::Caching::Metadata to ImageFrame::clear() to clear the image only.
(WebCore::BitmapImage::destroyDecodedDataIfNecessary): ImageFrame::usedFrameBytes() is now renamed to ImageFrame::frameBytes().
(WebCore::BitmapImage::cacheFrame): Call ImageFrame::initialize() to set the image and cache the frame's metadata.
(WebCore::BitmapImage::dataChanged): Pass ImageFrame::Caching::Empty to ImageFrame::clear() to clear the frame's image and metadata.
(WebCore::BitmapImage::ensureFrameAtIndexIsCached): Call ImageFrame's getters instead of access private members.
(WebCore::BitmapImage::frameImageAtIndex): Call ImageFrame's getters instead of access private members.
(WebCore::BitmapImage::frameIsCompleteAtIndex): Pass ImageFrame::Caching::Metadata to ensureFrameAtIndexIsCached() to ensure the frame's metadata is cached.
(WebCore::BitmapImage::frameDurationAtIndex): Pass ImageFrame::Caching::Metadata to ensureFrameAtIndexIsCached() to ensure the frame's metadata is cached.
(WebCore::BitmapImage::frameHasAlphaAtIndex): Pass ImageFrame::Caching::Metadata to ensureFrameAtIndexIsCached() to ensure the frame's metadata is cached.
(WebCore::BitmapImage::frameOrientationAtIndex): Pass ImageFrame::Caching::Metadata to ensureFrameAtIndexIsCached() to ensure the frame's metadata is cached.
(WebCore::BitmapImage::singlePixelSolidColor): Call ImageFrame's getters instead of access private members.
(WebCore::BitmapImage::repetitionCount): Change the return type to be RepetitionCount instead of int.
(WebCore::BitmapImage::shouldAnimate): Use a simpler condition since RepetitionCountNone is equal to zero.
(WebCore::BitmapImage::startAnimation): Replace the cAnimation* constants by the new RepetitionCount* enum.
(WebCore::BitmapImage::internalAdvanceAnimation): Replace the cAnimation* constants by the new RepetitionCount* enum.

* platform/graphics/BitmapImage.h: FrameData is renamed to ImageFrame and moved to a separate file named ImageFrame.h.
(WebCore::FrameData::FrameData): Deleted.
(WebCore::FrameData::~FrameData): Deleted.
(WebCore::FrameData::clear): Deleted.
(WebCore::FrameData::usedFrameBytes): Deleted.

* platform/graphics/ImageBackingStore.h:
(WebCore::ImageBackingStore::fillRect): Make it efficient to fill a rect in the ImageBackingStore with the same color.
(WebCore::ImageBackingStore::pixelAt): Asserts the point is in the bounds of the ImageBackingStore size.
(WebCore::ImageBackingStore::setPixel): Use pixelValue().
(WebCore::ImageBackingStore::inBounds): Private functions check whether a point or a rect is in the bounds of the ImageBackingStore size.
(WebCore::ImageBackingStore::pixelValue): Calculate the RGBA value form red, green, blue and alpha values.

* platform/graphics/ImageFrame.cpp: Added.
(WebCore::ImageFrame::ImageFrame):
(WebCore::ImageFrame::~ImageFrame):
(WebCore::ImageFrame::operator=):
(WebCore::ImageFrame::fillMetaData): Caches the ImageFrame's metadata.
(WebCore::ImageFrame::clearImage): Deletes all the allocated memory by ImageFrame which can be the ImageBackingStore or the NativeImagePtr.
(WebCore::ImageFrame::clear): Deletes the allocated memory and may or may not clears the metadata also.
(WebCore::ImageFrame::initialize): Sets a new ImageBackingStore or a new NativeImagePtr in the ImageFrame.
(WebCore::ImageFrame::size): Returns the size of the ImageFrame which can be the size of ImageBackingStore or the size of NativeImagePtr.
(WebCore::ImageFrame::singlePixelSolidColor): Returns whether the ImageFrame can be drawn by filling the image rectangle with a solid color.

* platform/graphics/ImageFrame.h: Added.
(WebCore::operator++): SubsamplingLevel is strongly typed but RepetitionCount is not since it can be any unsigned value in addition to -1.
(WebCore::ImageFrame::ImageFrame):
(WebCore::ImageFrame::setDecoding):
(WebCore::ImageFrame::decoding):
(WebCore::ImageFrame::isEmpty):
(WebCore::ImageFrame::isPartial):
(WebCore::ImageFrame::isComplete):
(WebCore::ImageFrame::sizeRespectingOrientation):
(WebCore::ImageFrame::frameBytes):
(WebCore::ImageFrame::subsamplingLevel):
(WebCore::ImageFrame::setDisposalMethod):
(WebCore::ImageFrame::disposalMethod):
(WebCore::ImageFrame::image):
(WebCore::ImageFrame::setOrientation):
(WebCore::ImageFrame::orientation):
(WebCore::ImageFrame::setDuration):
(WebCore::ImageFrame::duration):
(WebCore::ImageFrame::setHasAlpha):
(WebCore::ImageFrame::hasAlpha):
(WebCore::ImageFrame::hasImage):
(WebCore::ImageFrame::hasInvalidImage):
(WebCore::ImageFrame::hasMetadata):
(WebCore::ImageFrame::backingStore):
(WebCore::ImageFrame::hasBackingStore):
Setters and getters for the private members.

* platform/graphics/ImageSource.cpp:
(WebCore::ImageSource::calculateMaximumSubsamplingLevel): allowSubsamplingOfFrameAtIndex() is renamed to frameAllowSubsamplingAtIndex().
(WebCore::ImageSource::subsamplingLevelForScale): Use the values of the enum class SubsamplingLevel.
(WebCore::ImageSource::size): Use the values of the enum class SubsamplingLevel.
(WebCore::ImageSource::sizeRespectingOrientation): Use the values of the enum class SubsamplingLevel.
(WebCore::ImageSource::repetitionCount): Replace the constants cAnimation* by the enum RepetitionCount*.
(WebCore::ImageSource::frameAllowSubsamplingAtIndex): Rename allowSubsamplingOfFrameAtIndex() to frameAllowSubsamplingAtIndex().
(WebCore::ImageSource::frameSizeAtIndex): Replace the call to orientationAtIndex() by frameOrientationAtIndex().
(WebCore::ImageSource::frameOrientationAtIndex): Rename orientationAtIndex() to frameOrientationAtIndex().
(WebCore::ImageSource::dump): Replace the call to orientationAtIndex() by frameOrientationAtIndex().
(WebCore::ImageSource::allowSubsamplingOfFrameAtIndex): Deleted.
(WebCore::ImageSource::orientationAtIndex): Deleted.

* platform/graphics/ImageSource.h:
(WebCore::ImageSource::decoder): We need this function temporarily till we move caching the frames outside BitmapImage.

* platform/graphics/NativeImage.h: Change SubImages() to Subimages(). See Darin's comment in https://bugs.webkit.org/show_bug.cgi?id=159819#c6.
* platform/graphics/cairo/NativeImageCairo.cpp:
(WebCore::clearNativeImageSubimages):
(WebCore::clearNativeImageSubImages): Deleted.

* platform/graphics/cg/ImageDecoderCG.cpp:
(WebCore::createImageSourceOptions): Use the values of the enum class SubsamplingLevel.
(WebCore::imageSourceOptions): Use the values of the enum class SubsamplingLevel.
(WebCore::ImageDecoder::repetitionCount): Change the return type to be RepetitionCount instead of int.
(WebCore::ImageDecoder::frameOrientationAtIndex): orientationAtIndex() is renamed to frameOrientationAtIndex().
(WebCore::ImageDecoder::frameAllowSubsamplingAtIndex): allowSubsamplingOfFrameAtIndex() is renamed to frameAllowSubsamplingAtIndex().
(WebCore::ImageDecoder::orientationAtIndex): Deleted.
(WebCore::ImageDecoder::allowSubsamplingOfFrameAtIndex): Deleted.
* platform/graphics/cg/ImageDecoderCG.h:

* platform/graphics/cg/NativeImageCG.cpp:
(WebCore::clearNativeImageSubimages): Change SubImages() to Subimages().
(WebCore::clearNativeImageSubImages): Deleted.

* platform/image-decoders/ImageDecoder.cpp:
(WebCore::ImageDecoder::frameIsCompleteAtIndex): Use ImageFrame::isComplete() instead of checking the value of the decoding status().
(WebCore::ImageDecoder::frameHasAlphaAtIndex): Use ImageFrame::isComplete() instead of checking the value of the decoding status().
(WebCore::ImageDecoder::frameDurationAtIndex): Use ImageFrame::isEmpty() instead of checking the value of the decoding status().
(WebCore::ImageDecoder::createFrameImageAtIndex): Access the ImageBackingStore::image() function directly.
(WebCore::ImageFrame::ImageFrame): Deleted.
(WebCore::ImageFrame::operator=): Deleted.
(WebCore::ImageFrame::clearPixelData): Deleted.
(WebCore::ImageFrame::zeroFillPixelData): Deleted.
(WebCore::ImageFrame::zeroFillFrameRect): Deleted.
(WebCore::ImageFrame::initializeBackingStore): Deleted.
(WebCore::ImageFrame::hasAlpha): Deleted.
(WebCore::ImageFrame::setHasAlpha): Deleted.
(WebCore::ImageFrame::setOriginalFrameRect): Deleted.
(WebCore::ImageFrame::setStatus): Deleted.

* platform/image-decoders/ImageDecoder.h:
(WebCore::ImageDecoder::repetitionCount): Use the type RepetitionCount and the enum RepetitionCount* values.
(WebCore::ImageDecoder::frameOrientationAtIndex): Rename orientationAtIndex() to frameOrientationAtIndex().
(WebCore::ImageDecoder::frameAllowSubsamplingAtIndex): Rename allowSubsamplingOfFrameAtIndex() to frameAllowSubsamplingAtIndex().
(WebCore::ImageDecoder::subsamplingLevelForScale): Use the enum class SubsamplingLevel value instead of integer values.
(WebCore::ImageFrame::ImageFrame): Deleted.
(WebCore::ImageFrame::copyRowNTimes): Deleted.
(WebCore::ImageFrame::size): Deleted.
(WebCore::ImageFrame::asNewNativeImage): Deleted.
(WebCore::ImageFrame::backingStore): Deleted.
(WebCore::ImageFrame::hasBackingStore): Deleted.
(WebCore::ImageFrame::originalFrameRect): Deleted.
(WebCore::ImageFrame::status): Deleted.
(WebCore::ImageFrame::duration): Deleted.
(WebCore::ImageFrame::disposalMethod): Deleted.
(WebCore::ImageFrame::setDuration): Deleted.
(WebCore::ImageFrame::setDisposalMethod): Deleted.
(WebCore::ImageFrame::pixelAt): Deleted.
(WebCore::ImageFrame::setPixel): Deleted.
(WebCore::ImageFrame::blendPixel): Deleted.
(WebCore::ImageDecoder::orientationAtIndex): Deleted.
(WebCore::ImageDecoder::allowSubsamplingOfFrameAtIndex): Deleted.

* platform/image-decoders/bmp/BMPImageDecoder.cpp:
(WebCore::BMPImageDecoder::frameBufferAtIndex): Call ImageFrame::isComplete() instead of checking the value of the decoding status().
(WebCore::BMPImageDecoder::decode): Ditto.

* platform/image-decoders/bmp/BMPImageReader.cpp:
(WebCore::BMPImageReader::decodeBMP): Call ImageFrame::isEmpty(). ImageBuffer::initializeBackingStore() is renamed to initialize().
(WebCore::BMPImageReader::processNonRLEData): Replace ImageFrame::zeroFillPixelData() by ImageBackingStore::clear() and ImageFrame::setAlpha().

* platform/image-decoders/bmp/BMPImageReader.h:
(WebCore::BMPImageReader::setPixel): Call ImageBackingStore::setPixel() directly.
(WebCore::BMPImageReader::fillRGBA): Replace an efficient loop to call setPixel() by ImageBackingStore::fillRect().

* platform/image-decoders/gif/GIFImageDecoder.cpp:
(WebCore::GIFImageDecoder::GIFImageDecoder): Move the initialization of m_repetitionCount to the header file.
(WebCore::GIFImageDecoder::repetitionCount): Change the return type.
(WebCore::GIFImageDecoder::frameBufferAtIndex): Call ImageFrame::isComplete() instead of checking the value of the decoding status().
(WebCore::GIFImageDecoder::clearFrameBufferCache): Use the values of the new enum class ImageFrame::DisposalMethod.
(WebCore::GIFImageDecoder::haveDecodedRow): Call the ImageBackingStore API's directly.
(WebCore::GIFImageDecoder::frameComplete): Use the values of the new enum class ImageFrame::DisposalMethod.
(WebCore::GIFImageDecoder::initFrameBuffer): Move calling ImageBackingStore::setFrameRect() to be after initializing the ImageBackingStore itself.

* platform/image-decoders/gif/GIFImageDecoder.h: Make repetitionCount() returns RepetitionCount and use the new enum class ImageFrame::DisposalMethod.

* platform/image-decoders/gif/GIFImageReader.cpp:
(GIFImageReader::parse):

* platform/image-decoders/gif/GIFImageReader.h:
(GIFFrameContext::GIFFrameContext): Use new enum class ImageFrame::DisposalMethod.

* platform/image-decoders/ico/ICOImageDecoder.cpp:
(WebCore::ICOImageDecoder::frameBufferAtIndex): Call ImageFrame::isComplete() instead of checking the value of the decoding status().
(WebCore::ICOImageDecoder::decode): Ditto.

* platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
(WebCore::JPEGImageDecoder::frameBufferAtIndex): Call ImageFrame::isComplete() instead of checking the value of the decoding status().
(WebCore::setPixel): Call ImageBackingStore::setPixel() directly.
(WebCore::JPEGImageDecoder::outputScanlines): ImageFrame::initializeBackingStore() is renamed to initialize().
(WebCore::JPEGImageDecoder::jpegComplete): ImageFrame::setStatus() is renamed to ImageFrame::setDecoding().
(WebCore::JPEGImageDecoder::decode): Call ImageFrame::isComplete() instead of checking the value of the decoding status().

* platform/image-decoders/png/PNGImageDecoder.cpp:
(WebCore::PNGImageDecoder::frameBufferAtIndex): Call ImageFrame::isComplete() instead of checking the value of the decoding status().
(WebCore::PNGImageDecoder::rowAvailable): Call the ImageBackingStore APIs directly.
(WebCore::PNGImageDecoder::pngComplete): ImageFrame::setStatus() is renamed to setDecoding().
(WebCore::PNGImageDecoder::readChunks): Use the values of the new enum class ImageFrame::DisposalMethod.
(WebCore::PNGImageDecoder::clearFrameBufferCache): Replace the call to ImageFrame::clearPixelData() by  ImageFrame::clear().
(WebCore::PNGImageDecoder::initFrameBuffer): Move calling ImageBackingStore::setFrameRect() to be after initializing the ImageBackingStore itself.
(WebCore::PNGImageDecoder::frameComplete): Call the ImageBackingStore APIs directly.

* platform/image-decoders/png/PNGImageDecoder.h: Call ImageFrame::isComplete() instead of checking the value of the decoding status().

* platform/image-decoders/webp/WEBPImageDecoder.cpp:
(WebCore::WEBPImageDecoder::frameBufferAtIndex): Call ImageFrame::isComplete() instead of checking the value of the decoding status().
(WebCore::WEBPImageDecoder::decode): ImageFrame::setStatus() is renamed to setDecoding(). And initializeBackingStore() is renamed to initialize().

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206156 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMarking js/regress-139548.html as a flaky timeout on mac-wk2 debug.
ryanhaddad@apple.com [Tue, 20 Sep 2016 18:12:54 +0000 (18:12 +0000)]
Marking js/regress-139548.html as a flaky timeout on mac-wk2 debug.
https://bugs.webkit.org/show_bug.cgi?id=160017

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206155 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMake MarkedBlock state tracking support overlapped allocation and marking state
fpizlo@apple.com [Tue, 20 Sep 2016 18:12:18 +0000 (18:12 +0000)]
Make MarkedBlock state tracking support overlapped allocation and marking state
https://bugs.webkit.org/show_bug.cgi?id=161581

Reviewed by Geoffrey Garen.

JSTests:

Add a microbenchmark for why we want to reclaim empty blocks from other allocators.

* microbenchmarks/switching-size-classes.js: Added.

Source/JavaScriptCore:

Concurrent GCs must allow for mutation and allocation during collection. We already know
how to mutate during collection. We have a write barrier for that. Allocation during
collection is more involved: the collector modifies the the mark bits, as well as other
kinds of MarkedBlock state, in-place during a collection. The allocator uses that same
MarkedBlock state to decide which regions of memory are free. This works if the allocator
never runs while the collector is running, but if we want to allow them to run at the same
time, then we need to have two versions of the state: one version built up by the
collector and another consumed by the allocator. We clear the collector state at the
beginning of collection, and splat the collector state onto the allocator state after
collection.

This could be super expensive, but we can make it cheap with some cleverness. The biggest
observation is just that most of the state is a handful of bits per block: is the block
free-listed? is it completely full? completely empty? in the incremental sweeper's
snapshot? is it retired? is it in eden? There is also state inside blocks, like the mark
bits, but I have a solid plan there and I'll save it for another patch. Once we view the
state of blocks as bits, we can put that state into bitvectors, so that if the collector
needs to transform the state of some blocks, it can do it with a single operation over
bitvectors. I like to think of this as 32-way parallelizing block operations, since
doing one operation on a 32-bit word in one of those bitvectors instantly affects 32
blocks.

This change converts all previous collections of MarkedBlocks, along with the MarkedBlock
state, into 8 bitvectors (live, empty, allocated, canAllocateButNotEmpty, eden, unswept,
markingNotEmpty, and markingRetired). The bitvectors separate allocator state (empty,
allocated, canAllocateButNotEmpty) from marking state (markingNotEmpty, markingRetired).

As a nice side-effect of switching to bitvectors, we get size class rebalancing for free.
It used to be that if a MarkedAllocator had an empty block, we would only allow that
memory to be reused by a different MarkedAllocator if we did an incremental sweep or a
full eager sweep. Now we hunt down all destructorless empty blocks before allocating new
MarkedBlocks. It would be relatively easy to also hunt down destructor empty blocks, but
the theory is that those might be expensive to sweep, so it might still be better to leave
those to the incremental sweeper.

This change is perf-neutral all around. I did some tests with two different kinds of
allocation strategies - something that is somewhat easier to do now that you can look for
blocks that are candidates for allocation by just scanning some bitvectors. I tried two
variants:

- Allocate out of non-empty blocks first, leaving empty blocks for last in case a
  different allocator needed them. This is sort of a best-fit strategy. I tried this
  first, and it can be expressed as:

  m_allocationCursor = m_canAllocateButNotEmpty.findBit(m_allocationCursor, true)

- Allocate out of lower-indexed blocks first, treating empty and canAllocateButNotEmpty
  blocks equally. This is sort of a first-fit strategy. This is what I ended up settling
  on, and it can be expressed as:

  m_allocationCursor = (m_canAllocateButNotEmpty | m_empty).findBit(m_allocationCursor, true)

The best-fit strategy meant 1% regressions in LongSpider and Octane overall, and a 11%
regression on Octane/earley. First-fit means perf-neutrality. Most great allocators skew
towards first-fit because it's empirically better, so this result is not surprising.

Overall, the performance of this patch on my machine is as follows, where "neutral" means
less than 1% and not statistically significant.

run-jsc-benchmarks:
    SunSpider: neutral
    LongSpider: 0.6% slower
    V8Spider: neutral
    Octane: neutral
    Kraken: neutral
    Microbenchmarks: 0.37% slower
    AsmBench: neutral
    CompressionBench: maybe 1% faster

For browser benchmarks, I report the ratio of means (bigger / smaller) along with a T-test
from Mathematica reported as % chance of not [sic] the null hypothesis. Note that we
normally consider anything less than 95% confidence to be inconclusive.

Browser benchmarks:
    PLT3: 0.3% faster with 67% confidence
    membuster:
        Snap2FinishedLoadingPost: 0.68% more memory with 50% confidence
        Snap3EndPost: 2.4% more memory with 61% confidence
    JetStream: 0.2% slower with 32% confidence
    Speedometer: 0.7% faster with 82% confidence

Additionally, Octane/splay's heap capacity goes down to ~180KB from ~200KB, so about a 10%
progression. This is due to the allocator rebalancing feature.

Finally, this breaks --useImmortalObjects. It was already broken as far as I can tell. I
filed a bug to reimplement it (bug 162296). Unless someone urgently needs this internal
tool, it's probably best to reimplement it after I'm done refactoring MarkedSpace.

* JavaScriptCore.xcodeproj/project.pbxproj:
* debugger/Debugger.cpp:
* heap/CellContainer.h:
* heap/CellContainerInlines.h:
(JSC::CellContainer::vm):
(JSC::CellContainer::heap):
(JSC::CellContainer::isMarkedOrNewlyAllocated):
(JSC::CellContainer::aboutToMark):
(JSC::CellContainer::isMarked): Deleted.
(JSC::CellContainer::flipIfNecessary): Deleted.
* heap/ConservativeRoots.cpp:
* heap/Heap.cpp:
(JSC::Heap::beginMarking):
(JSC::Heap::endMarking):
(JSC::Heap::collectAllGarbage):
(JSC::Heap::collectImpl):
(JSC::Heap::snapshotMarkedSpace):
(JSC::Heap::prepareForAllocation):
(JSC::Heap::zombifyDeadObjects):
(JSC::MarkedBlockSnapshotFunctor::MarkedBlockSnapshotFunctor): Deleted.
(JSC::MarkedBlockSnapshotFunctor::operator()): Deleted.
(JSC::Heap::resetAllocators): Deleted.
* heap/Heap.h:
* heap/HeapInlines.h:
(JSC::Heap::isMarked):
(JSC::Heap::isMarkedConcurrently):
(JSC::Heap::testAndSetMarked):
* heap/HeapStatistics.cpp:
* heap/HeapUtil.h:
(JSC::HeapUtil::findGCObjectPointersForMarking):
(JSC::HeapUtil::isPointerGCObjectJSCell):
* heap/HeapVerifier.cpp:
* heap/IncrementalSweeper.cpp:
(JSC::IncrementalSweeper::IncrementalSweeper):
(JSC::IncrementalSweeper::doSweep):
(JSC::IncrementalSweeper::sweepNextBlock):
(JSC::IncrementalSweeper::startSweeping):
(JSC::IncrementalSweeper::willFinishSweeping):
* heap/IncrementalSweeper.h:
* heap/LargeAllocation.h:
(JSC::LargeAllocation::isMarked):
(JSC::LargeAllocation::isMarkedConcurrently):
(JSC::LargeAllocation::isMarkedOrNewlyAllocated):
(JSC::LargeAllocation::aboutToMark):
(JSC::LargeAllocation::isMarkedDuringWeakVisiting): Deleted.
(JSC::LargeAllocation::flipIfNecessary): Deleted.
(JSC::LargeAllocation::flipIfNecessaryDuringMarking): Deleted.
* heap/MarkedAllocator.cpp:
(JSC::MarkedAllocator::MarkedAllocator):
(JSC::MarkedAllocator::isPagedOut):
(JSC::MarkedAllocator::findEmptyBlock):
(JSC::MarkedAllocator::tryAllocateWithoutCollectingImpl):
(JSC::MarkedAllocator::allocateIn):
(JSC::MarkedAllocator::tryAllocateIn):
(JSC::MarkedAllocator::allocateSlowCaseImpl):
(JSC::MarkedAllocator::tryAllocateBlock):
(JSC::MarkedAllocator::addBlock):
(JSC::MarkedAllocator::removeBlock):
(JSC::MarkedAllocator::stopAllocating):
(JSC::MarkedAllocator::prepareForAllocation):
(JSC::MarkedAllocator::lastChanceToFinalize):
(JSC::MarkedAllocator::resumeAllocating):
(JSC::MarkedAllocator::beginMarkingForFullCollection):
(JSC::MarkedAllocator::endMarking):
(JSC::MarkedAllocator::snapshotForEdenCollection):
(JSC::MarkedAllocator::snapshotForFullCollection):
(JSC::MarkedAllocator::findBlockToSweep):
(JSC::MarkedAllocator::sweep):
(JSC::MarkedAllocator::shrink):
(JSC::MarkedAllocator::assertSnapshotEmpty):
(JSC::MarkedAllocator::dump):
(JSC::MarkedAllocator::dumpBits):
(JSC::MarkedAllocator::retire): Deleted.
(JSC::MarkedAllocator::filterNextBlock): Deleted.
(JSC::MarkedAllocator::setNextBlockToSweep): Deleted.
(JSC::MarkedAllocator::reset): Deleted.
* heap/MarkedAllocator.h:
(JSC::MarkedAllocator::forEachBitVector):
(JSC::MarkedAllocator::forEachBitVectorWithName):
(JSC::MarkedAllocator::nextAllocator):
(JSC::MarkedAllocator::setNextAllocator):
(JSC::MarkedAllocator::forEachBlock):
(JSC::MarkedAllocator::resumeAllocating): Deleted.
* heap/MarkedBlock.cpp:
(JSC::MarkedBlock::tryCreate):
(JSC::MarkedBlock::Handle::Handle):
(JSC::MarkedBlock::Handle::~Handle):
(JSC::MarkedBlock::MarkedBlock):
(JSC::MarkedBlock::Handle::specializedSweep):
(JSC::MarkedBlock::Handle::sweep):
(JSC::MarkedBlock::Handle::sweepHelperSelectScribbleMode):
(JSC::MarkedBlock::Handle::sweepHelperSelectEmptyMode):
(JSC::MarkedBlock::Handle::sweepHelperSelectHasNewlyAllocated):
(JSC::MarkedBlock::Handle::sweepHelperSelectSweepMode):
(JSC::MarkedBlock::Handle::sweepHelperSelectFlipMode):
(JSC::MarkedBlock::Handle::unsweepWithNoNewlyAllocated):
(JSC::MarkedBlock::Handle::setIsFreeListed):
(JSC::MarkedBlock::Handle::stopAllocating):
(JSC::MarkedBlock::Handle::lastChanceToFinalize):
(JSC::MarkedBlock::Handle::resumeAllocating):
(JSC::MarkedBlock::aboutToMarkSlow):
(JSC::MarkedBlock::clearMarks):
(JSC::MarkedBlock::isMarked):
(JSC::MarkedBlock::Handle::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::Handle::didConsumeFreeList):
(JSC::MarkedBlock::markCount):
(JSC::MarkedBlock::Handle::isEmpty):
(JSC::MarkedBlock::noteMarkedSlow):
(JSC::MarkedBlock::Handle::removeFromAllocator):
(JSC::MarkedBlock::Handle::didAddToAllocator):
(JSC::MarkedBlock::Handle::didRemoveFromAllocator):
(JSC::MarkedBlock::Handle::isLive):
(JSC::MarkedBlock::Handle::isLiveCell):
(JSC::MarkedBlock::Handle::sweepHelperSelectStateAndSweepMode): Deleted.
(JSC::MarkedBlock::flipIfNecessary): Deleted.
(JSC::MarkedBlock::Handle::flipIfNecessary): Deleted.
(JSC::MarkedBlock::flipIfNecessarySlow): Deleted.
(JSC::MarkedBlock::flipIfNecessaryDuringMarkingSlow): Deleted.
(JSC::MarkedBlock::Handle::willRemoveBlock): Deleted.
(WTF::printInternal): Deleted.
* heap/MarkedBlock.h:
(JSC::MarkedBlock::Handle::isFreeListed):
(JSC::MarkedBlock::Handle::index):
(JSC::MarkedBlock::aboutToMark):
(JSC::MarkedBlock::isMarked):
(JSC::MarkedBlock::isMarkedConcurrently):
(JSC::MarkedBlock::Handle::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::isMarkedOrNewlyAllocated):
(JSC::MarkedBlock::Handle::isOnBlocksToSweep): Deleted.
(JSC::MarkedBlock::Handle::setIsOnBlocksToSweep): Deleted.
(JSC::MarkedBlock::Handle::state): Deleted.
(JSC::MarkedBlock::flipIfNecessary): Deleted.
(JSC::MarkedBlock::flipIfNecessaryDuringMarking): Deleted.
(JSC::MarkedBlock::Handle::flipIfNecessary): Deleted.
(JSC::MarkedBlock::Handle::flipIfNecessaryDuringMarking): Deleted.
(JSC::MarkedBlock::Handle::flipForEdenCollection): Deleted.
(JSC::MarkedBlock::isMarkedDuringWeakVisiting): Deleted.
(JSC::MarkedBlock::Handle::isLive): Deleted.
(JSC::MarkedBlock::Handle::isLiveCell): Deleted.
(JSC::MarkedBlock::Handle::forEachLiveCell): Deleted.
(JSC::MarkedBlock::Handle::forEachDeadCell): Deleted.
(JSC::MarkedBlock::Handle::needsSweeping): Deleted.
(JSC::MarkedBlock::Handle::isAllocated): Deleted.
(JSC::MarkedBlock::Handle::isMarked): Deleted.
* heap/MarkedBlockInlines.h: Added.
(JSC::MarkedBlock::Handle::isLive):
(JSC::MarkedBlock::Handle::isLiveCell):
(JSC::MarkedBlock::Handle::forEachLiveCell):
(JSC::MarkedBlock::Handle::forEachDeadCell):
(JSC::MarkedBlock::resetVersion):
* heap/MarkedSpace.cpp:
(JSC::MarkedSpace::MarkedSpace):
(JSC::MarkedSpace::allocate):
(JSC::MarkedSpace::tryAllocate):
(JSC::MarkedSpace::sweep):
(JSC::MarkedSpace::prepareForAllocation):
(JSC::MarkedSpace::shrink):
(JSC::MarkedSpace::clearNewlyAllocated):
(JSC::MarkedSpace::beginMarking):
(JSC::MarkedSpace::endMarking):
(JSC::MarkedSpace::didAllocateInBlock):
(JSC::MarkedSpace::findEmptyBlock):
(JSC::MarkedSpace::snapshot):
(JSC::MarkedSpace::assertSnapshotEmpty):
(JSC::MarkedSpace::dumpBits):
(JSC::MarkedSpace::zombifySweep): Deleted.
(JSC::MarkedSpace::resetAllocators): Deleted.
(JSC::VerifyMarked::operator()): Deleted.
(JSC::MarkedSpace::flip): Deleted.
* heap/MarkedSpace.h:
(JSC::MarkedSpace::nextVersion):
(JSC::MarkedSpace::firstAllocator):
(JSC::MarkedSpace::allocatorForEmptyAllocation):
(JSC::MarkedSpace::forEachAllocator):
(JSC::MarkedSpace::blocksWithNewObjects): Deleted.
(JSC::MarkedSpace::setIsMarking): Deleted.
(JSC::MarkedSpace::forEachLiveCell): Deleted.
(JSC::MarkedSpace::forEachDeadCell): Deleted.
* heap/MarkedSpaceInlines.h: Added.
(JSC::MarkedSpace::forEachLiveCell):
(JSC::MarkedSpace::forEachDeadCell):
* heap/SlotVisitor.cpp:
(JSC::SlotVisitor::setMarkedAndAppendToMarkStack):
(JSC::SlotVisitor::markAuxiliary):
(JSC::SlotVisitor::visitChildren):
* heap/Weak.h:
(WTF::HashTraits<JSC::Weak<T>>::emptyValue):
(WTF::HashTraits<JSC::Weak<T>>::peek):
* heap/WeakBlock.cpp:
(JSC::WeakBlock::specializedVisit):
(JSC::WeakBlock::reap):
* heap/WeakInlines.h:
(WTF::HashTraits<JSC::Weak<T>>::emptyValue): Deleted.
(WTF::HashTraits<JSC::Weak<T>>::peek): Deleted.
* jit/JITThunks.h:
* runtime/JSGlobalObject.cpp:
* runtime/PrototypeMap.h:
* runtime/SamplingProfiler.cpp:
* runtime/WeakGCMap.h:
* tools/JSDollarVMPrototype.cpp:

Source/WTF:

The main change here is to bring back FastBitVector.cpp, so that I could outline some
large slow path functions. This also adds some utilities, like atomicSetAndCheck() and
isEmpty(). The GC uses these.

* WTF.xcodeproj/project.pbxproj:
* wtf/CMakeLists.txt:
* wtf/FastBitVector.cpp: Added.
(WTF::FastBitVectorWordOwner::setEqualsSlow):
(WTF::FastBitVectorWordOwner::resizeSlow):
* wtf/FastBitVector.h:
(WTF::FastBitVectorWordOwner::operator=):
(WTF::FastBitVectorWordOwner::resize):
(WTF::FastBitVectorImpl::isEmpty):
(WTF::FastBitVector::atomicSetAndCheck):
(WTF::FastBitVector::operator[]): Deleted.

Tools:

Remove the always-trigger-copy-phase configuration.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206154 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[WinCairo] Use find_package cairo in build
commit-queue@webkit.org [Tue, 20 Sep 2016 18:07:48 +0000 (18:07 +0000)]
[WinCairo] Use find_package cairo in build
https://bugs.webkit.org/show_bug.cgi?id=162239

Patch by Don Olmstead <don.olmstead@am.sony.com> on 2016-09-20
Reviewed by Alex Christensen.

.:

* Source/cmake/FindCairo.cmake:
* Source/cmake/OptionsWinCairo.cmake:

Source/WebCore:

No new tests. No change in behavior.

* PlatformWinCairo.cmake:

Source/WebKit:

* PlatformWin.cmake:

Tools:

* DumpRenderTree/PlatformWin.cmake:
* TestWebKitAPI/PlatformWin.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206153 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/model
commit-queue@webkit.org [Tue, 20 Sep 2016 17:28:51 +0000 (17:28 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/model
https://bugs.webkit.org/show_bug.cgi?id=162074

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-20
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/model/frame-extra-scripts.html:
* inspector/model/scope-chain-node.html:
* inspector/model/script-resource-relationship-expected.txt:
* inspector/model/script-resource-relationship.html:
* inspector/model/stack-trace.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206152 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUndefined behavior: Left shift negative number
jbedard@apple.com [Tue, 20 Sep 2016 17:14:00 +0000 (17:14 +0000)]
Undefined behavior: Left shift negative number
https://bugs.webkit.org/show_bug.cgi?id=161866

Reviewed by Keith Miller.

Left shifting a negative number is undefined behavior in C/C++, although most implementations do define it. Explicitly clarifying the intended behavior due to shifting negative number in some cases.

Source/JavaScriptCore:

* dfg/DFGAbstractHeap.h:
(JSC::DFG::AbstractHeap::encode): Explicitly cast signed integer for left shift.

Source/WTF:

* wtf/text/Base64.cpp:
(WTF::base64EncodeInternal): Changed signed character to unsigned when shifting.
(WTF::base64Encode): Ditto.
(WTF::base64URLEncode): Ditto.
(WTF::base64DecodeInternal): Ditto.
* wtf/text/Base64.h: Ditto.
(WTF::SignedOrUnsignedCharVectorAdapter): Rebuilt to stop using union as a bitwise_cast.
(WTF::ConstSignedOrUnsignedCharVectorAdapter): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206151 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed build fix on 10.10 bots.
wenson_hsieh@apple.com [Tue, 20 Sep 2016 15:58:37 +0000 (15:58 +0000)]
Unreviewed build fix on 10.10 bots.

* TestWebKitAPI/mac/TestWKWebViewMac.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206150 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoJSTests:
sbarati@apple.com [Tue, 20 Sep 2016 15:56:42 +0000 (15:56 +0000)]
JSTests:
Unreviewed, added test for x86 32-bit failure for HasOwnProperty node in DFG.

* stress/has-own-property-called-on-non-object.js: Added.
(let.objs):
(new.String):
(foo):

Source/JavaScriptCore:
Unreviewed fix for 32-bit DFG x86 implementation of HasOwnProperty.

Fixup phase is always setting ObjectUse on child1() of HasOwnProperty.
However, on x86 32-bit, I omitted a call to speculateObject() on child1().

* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206149 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoVideoControlsManager.VideoControlsManagerSingleLargeVideo fails intermittently on...
wenson_hsieh@apple.com [Tue, 20 Sep 2016 15:47:12 +0000 (15:47 +0000)]
VideoControlsManager.VideoControlsManagerSingleLargeVideo fails intermittently on the Mac WK2 bot
https://bugs.webkit.org/show_bug.cgi?id=162255

Reviewed by Jer Noble.

This is reproducible by running the test repeatedly in a for loop (locally, I observed that running the test
back-to-back would result in the second one failing). This suggests that even on the runloop after the video
starts playing, the state of the playback controls manager may not be up to date in the UI process. Instead, we
can just spin the runloop until the playback controls are shown, which makes back-to-back tests to succeed and
will probably address flakiness on the bots for this test.

* TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:
(TestWebKitAPI::TEST):
* TestWebKitAPI/Tests/WebKit2Cocoa/large-video-with-audio.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206148 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] Add `typeof value === "symbol"` handling to bytecode compiler
utatane.tea@gmail.com [Tue, 20 Sep 2016 15:45:43 +0000 (15:45 +0000)]
[JSC] Add `typeof value === "symbol"` handling to bytecode compiler
https://bugs.webkit.org/show_bug.cgi?id=162253

Reviewed by Sam Weinig.

JSTests:

* microbenchmarks/is-symbol-mixed.js: Added.
(isSymbol):
(i.let.pair.of.list.String):
* microbenchmarks/is-symbol.js: Added.
(isSymbol):

Source/JavaScriptCore:

Add `typeof value === "symbol"` handling to the bytecode compiler.
The effect is tiny, but it keeps consistency since the bytecode compiler
already has the similar optimization for "string" case.

* bytecode/SpeculatedType.cpp:
(JSC::speculationFromJSType):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitEqualityOp):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206147 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[media-source] Support MediaSource.setLiveSeekableRanges()
jer.noble@apple.com [Tue, 20 Sep 2016 15:26:19 +0000 (15:26 +0000)]
[media-source] Support MediaSource.setLiveSeekableRanges()
https://bugs.webkit.org/show_bug.cgi?id=162252

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

* web-platform-tests/media-source/interfaces-expected.txt:

Source/WebCore:

Fixes tests: imported/w3c/web-platform-tests/media-source/interfaces.html
             imported/w3c/web-platform-tests/media-source/mediasource-liveseekable.html

Add support for a new part of the Media Source specification, the ability for clients to
specify the seekable ranges for a MediaSource-backed HTMLMediaElement.

Adding the live-seekable methods to MediaSource fixes a large number of the interfaces.html
tests, and the rest are fixed by adding on<event> handlers to MediaSource, SourceBuffer,
and SourceBufferList.

* Modules/mediasource/MediaSource.cpp:
(WebCore::MediaSource::seekable):
(WebCore::MediaSource::setLiveSeekableRange):
(WebCore::MediaSource::clearLiveSeekableRange):
* Modules/mediasource/MediaSource.h:
* Modules/mediasource/MediaSource.idl:
* Modules/mediasource/SourceBuffer.idl:
* Modules/mediasource/SourceBufferList.idl:
* Modules/mediasource/VideoPlaybackQuality.idl:
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::seekable):

LayoutTests:

* platform/mac/TestExpectations:
* platform/mac/imported/w3c/web-platform-tests/media-source/interfaces-expected.txt:
* platform/mac-wk1/js/dom/global-constructors-attributes-expected.txt:
* platform/mac-yosemite/js/dom/global-constructors-attributes-expected.txt:
* platform/mac/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206146 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Win] Unreviewed warning fix.
pvollan@apple.com [Tue, 20 Sep 2016 09:08:42 +0000 (09:08 +0000)]
[Win] Unreviewed warning fix.

* page/CaptionUserPreferencesMediaAF.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206145 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Win] Run layout tests in parallel.
pvollan@apple.com [Tue, 20 Sep 2016 08:29:49 +0000 (08:29 +0000)]
[Win] Run layout tests in parallel.
https://bugs.webkit.org/show_bug.cgi?id=162145

Reviewed by Brent Fulgham.

To speed up layout tests, try running them in parallel.

* Scripts/webkitpy/port/win.py:
(WinPort.default_child_processes): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206144 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd support for HTMLSourceElement.prototype.sizes / HTMLSourceElement.prototype.srcset
cdumez@apple.com [Tue, 20 Sep 2016 04:22:31 +0000 (04:22 +0000)]
Add support for HTMLSourceElement.prototype.sizes / HTMLSourceElement.prototype.srcset
https://bugs.webkit.org/show_bug.cgi?id=162244

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Rebaseline now that more checks are passing.

* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Add support for HTMLPrototype.prototype.sizes / HTMLPrototype.prototype.srcset:
- https://html.spec.whatwg.org/#the-source-element

We already support the corresponding content attributes internally. However, we
are missing the corresponding IDL attributes that are supposed to reflect them.

Chrome and Firefox support them. We already had those IDL attributes on
HTMLImageElement.

No new tests, rebaselined existing test.

* html/HTMLSourceElement.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206140 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed build fix after r206135
wenson_hsieh@apple.com [Tue, 20 Sep 2016 02:00:10 +0000 (02:00 +0000)]
Unreviewed build fix after r206135

NSEventMaskLeftMouseDown and friends are only available on 10.12.

* TestWebKitAPI/mac/TestWKWebViewMac.mm:
(__simulated_forceClickAssociatedEventsMask):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206137 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMake HasOwnProperty faster
sbarati@apple.com [Tue, 20 Sep 2016 01:05:50 +0000 (01:05 +0000)]
Make HasOwnProperty faster
https://bugs.webkit.org/show_bug.cgi?id=161708

Reviewed by Geoffrey Garen.

JSTests:

* microbenchmarks/has-own-property-name-cache.js: Added.
(foo):
* stress/has-own-property-cache-basics.js: Added.
(assert):
(foo):
* stress/has-own-property-name-cache-string-keys.js: Added.
(assert):
(foo):
* stress/has-own-property-name-cache-symbol-keys.js: Added.
(assert):
(foo):
* stress/has-own-property-name-cache-symbols-and-strings.js: Added.
(assert):
(foo):

Source/JavaScriptCore:

This patch adds a cache for HasOwnProperty. The cache holds tuples
of {StructureID, UniquedStringImpl*, boolean} where the boolean indicates
the result of performing hasOwnProperty on an object with StructureID and
UniquedStringImpl*. If the cache contains an item, we can be guaranteed
that it contains the same result as performing hasOwnProperty on an
object O with a given structure and key. To guarantee this, we only add
items into the cache when the Structure of the given item is cacheable.

The caching strategy is simple: when adding new items into the cache,
we will evict any item that was in the location that the new item
is hashed into. We also clear the cache on every GC. This strategy
proves to be successful on speedometer, which sees a cache hit rate
over 90%. This caching strategy is now inlined into the DFG/FTL JITs
by now recognizing hasOwnProperty as an intrinsic with the corresponding
HasOwnProperty node. The goal of the node is to emit inlined code for
the cache lookup to prevent the overhead of the call for the common
case where we get a cache hit.

I'm seeing around a 1% to 1.5% percent improvement on Speedometer on
my machine. Hopefully the perf bots agree with my machine.

This patch also speeds up the microbenchmark I added by 2.5x.

* JavaScriptCore.xcodeproj/project.pbxproj:
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGNodeType.h:
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
(JSC::DFG::SpeculateCellOperand::SpeculateCellOperand):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGValidate.cpp:
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileHasOwnProperty):
* heap/Heap.cpp:
(JSC::Heap::collectImpl):
* jit/JITOperations.h:
* runtime/HasOwnPropertyCache.h: Added.
(JSC::HasOwnPropertyCache::Entry::offsetOfStructureID):
(JSC::HasOwnPropertyCache::Entry::offsetOfImpl):
(JSC::HasOwnPropertyCache::Entry::offsetOfResult):
(JSC::HasOwnPropertyCache::operator delete):
(JSC::HasOwnPropertyCache::create):
(JSC::HasOwnPropertyCache::hash):
(JSC::HasOwnPropertyCache::get):
(JSC::HasOwnPropertyCache::tryAdd):
(JSC::HasOwnPropertyCache::clear):
(JSC::VM::ensureHasOwnPropertyCache):
* runtime/Intrinsic.h:
* runtime/JSObject.h:
* runtime/JSObjectInlines.h:
(JSC::JSObject::hasOwnProperty):
* runtime/ObjectPrototype.cpp:
(JSC::ObjectPrototype::finishCreation):
(JSC::objectProtoFuncHasOwnProperty):
* runtime/Symbol.h:
* runtime/VM.cpp:
* runtime/VM.h:
(JSC::VM::hasOwnPropertyCache):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206136 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd a unit test covering <https://trac.webkit.org/changeset/205983>
wenson_hsieh@apple.com [Tue, 20 Sep 2016 01:02:40 +0000 (01:02 +0000)]
Add a unit test covering <https://trac.webkit.org/changeset/205983>
https://bugs.webkit.org/show_bug.cgi?id=162112

Reviewed by Beth Dakin.

Source/WebKit2:

Adds some a test support method as SPI on WKWebView to determine whether to request candidates. See
Tools/ChangeLog for more details.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _shouldRequestCandidates]):
(-[WKWebView _forceRequestCandidates]): Deleted.
* UIProcess/API/Cocoa/WKWebViewPrivate.h:

Tools:

Adds a new unit test covering the changes in r205983 along with the infrastructure needed to support it. Also
further refactors the TestWKWebView used by VideoControlsManager and WKWebViewCandidateTests so that in both
cases, we add the WKWebView to a visible key window, and when sending a mouse down event, we propagate the event
at the window level rather than the view level, allowing greater flexibility to simulate behaviors such as
pressure-sensitive events that are needed for the new test.

Also rewrites currently disabled unit tests in CandidateTests as WebKit2 unit tests in WKWebViewCandidateTests,
checking whether or not to should be requesting candidates in password and non-password fields.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:
(TestWebKitAPI::setUpWebViewForTestingVideoControlsManager):
(TestWebKitAPI::TEST):
* TestWebKitAPI/Tests/WebKit2Cocoa/WKWebViewCandidateTests.mm:
(-[CandidateTestWebView typeString:inputMessage:]):
(+[CandidateTestWebView setUpWithFrame:testPage:]):
* TestWebKitAPI/Tests/WebKit2Cocoa/large-input-field-focus-onload.html: Added.
* TestWebKitAPI/Tests/WebKit2Cocoa/text-and-password-inputs.html: Added.
* TestWebKitAPI/mac/TestWKWebViewMac.h:
* TestWebKitAPI/mac/TestWKWebViewMac.mm:
(__simulated_forceClickAssociatedEventsMask):
(-[TestWKWebViewHostWindow _mouseDownAtPoint:simulatePressure:]):
(-[TestWKWebView initWithFrame:]):
(-[TestWKWebView initWithFrame:configuration:]):
(-[TestWKWebView _setUpTestWindow:]):
(-[TestWKWebView mouseDownAtPoint:simulatePressure:]):
(-[TestWKWebView typeCharacter:]):
(-[TestWKWebView mouseDownAtPoint:]): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206135 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] Make the rounding-related nodes support any type
commit-queue@webkit.org [Tue, 20 Sep 2016 00:48:39 +0000 (00:48 +0000)]
[JSC] Make the rounding-related nodes support any type
https://bugs.webkit.org/show_bug.cgi?id=161895

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-09-19
Reviewed by Geoffrey Garen.

JSTests:

* stress/arith-ceil-on-various-types.js: Added.
* stress/arith-floor-on-various-types.js: Added.
* stress/arith-round-on-various-types.js: Added.
* stress/arith-trunc-on-various-types.js: Added.

Source/JavaScriptCore:

This patch changes ArithRound, ArithFloor, ArithCeil and ArithTrunc
to support polymorphic input without exiting on entry.

* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
The 4 functions ignore any input past the first argument. It is okay
to use the nodes with the first argument and let the Phantoms keep
the remaining arguments live.

* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
Our fixup had the issue we have seen on previous nodes: unaryArithShouldSpeculateInt32()
prevents us from picking a good type if we do not see any double.

* dfg/DFGNodeType.h:
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGPredictionPropagationPhase.cpp:
Prediction propagation of those nodes are fully determined
from their flags and results's prediction. They are moved
to the invariant processing.

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArithRounding):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileArithRound):
(JSC::FTL::DFG::LowerDFGToB3::compileArithFloor):
(JSC::FTL::DFG::LowerDFGToB3::compileArithCeil):
(JSC::FTL::DFG::LowerDFGToB3::compileArithTrunc):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206134 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/css
commit-queue@webkit.org [Mon, 19 Sep 2016 23:51:00 +0000 (23:51 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/css
https://bugs.webkit.org/show_bug.cgi?id=162071

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/css/createStyleSheet.html:
* inspector/css/generate-css-rule-string.html:
* inspector/css/manager-preferredInspectorStyleSheetForFrame-expected.txt:
* inspector/css/manager-preferredInspectorStyleSheetForFrame.html:
* inspector/css/stylesheet-events-basic.html:
* inspector/css/stylesheet-events-inspector-stylesheet.html:
* inspector/css/stylesheet-events-multiple-documents.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206133 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoSuppress JavaScript prompts early on in certain cases
andersca@apple.com [Mon, 19 Sep 2016 23:46:59 +0000 (23:46 +0000)]
Suppress JavaScript prompts early on in certain cases
https://bugs.webkit.org/show_bug.cgi?id=162243
rdar://problem/27661602

Reviewed by Geoffrey Garen.

Source/WebCore:

Export symbols needed by WebKit2.

* loader/FrameLoader.h:
* loader/FrameLoaderStateMachine.h:

Source/WebKit2:

* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::shouldSuppressJavaScriptDialogs):
Add helper function.

(WebKit::WebChromeClient::runJavaScriptAlert):
(WebKit::WebChromeClient::runJavaScriptConfirm):
(WebKit::WebChromeClient::runJavaScriptPrompt):
Call helper function and return early if we should supress dialogs.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206132 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAlign HTMLAppletElement with the specification
cdumez@apple.com [Mon, 19 Sep 2016 23:45:24 +0000 (23:45 +0000)]
Align HTMLAppletElement with the specification
https://bugs.webkit.org/show_bug.cgi?id=162240

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Rebaseline W3C test now that all checks are passing.

* web-platform-tests/html/dom/reflection-obsolete-expected.txt:

Source/WebCore:

Align HTMLAppletElement with the specification:
- https://html.spec.whatwg.org/#htmlappletelement

In particular:
- space / vspace should be of type "unsigned long", not DOMString
- codeBase and object should reflect as URLs

Firefox agree with the specification. Chrome does not have
HTMLAppletElement anymore.

No new tests, rebaselined existing test.

* html/HTMLAppletElement.cpp:
(WebCore::HTMLAppletElement::isURLAttribute):
* html/HTMLAppletElement.h:
* html/HTMLAppletElement.idl:

LayoutTests:

Drop outdated tests. Update existing tests to reflect behavior change.

* dom/html/level2/html/HTMLAppletElement11-expected.txt: Removed.
* dom/html/level2/html/HTMLAppletElement11.html: Removed.
* dom/html/level2/html/HTMLAppletElement11.js: Removed.
* dom/xhtml/level2/html/HTMLAppletElement11-expected.txt: Removed.
* dom/xhtml/level2/html/HTMLAppletElement11.js: Removed.
* dom/xhtml/level2/html/HTMLAppletElement11.xhtml: Removed.
* fast/dom/element-attribute-js-null-expected.txt:
* fast/dom/element-attribute-js-null.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206131 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/http/tests/inspector
commit-queue@webkit.org [Mon, 19 Sep 2016 23:36:26 +0000 (23:36 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/http/tests/inspector
https://bugs.webkit.org/show_bug.cgi?id=162069

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* http/tests/inspector/dom/disconnect-dom-tree-after-main-frame-navigation.html:
* http/tests/inspector/network/copy-as-curl.html:
* http/tests/inspector/network/resource-timing-expected.txt:
* http/tests/inspector/network/resource-timing.html:
* http/tests/inspector/network/xhr-request-data-encoded-correctly.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206130 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed gardening; update LayoutTests/media-source to the most recent version...
jer.noble@apple.com [Mon, 19 Sep 2016 23:30:53 +0000 (23:30 +0000)]
Unreviewed gardening; update LayoutTests/media-source to the most recent version (5a011ca).

* resources/TestRepositories:
* web-platform-tests/media-source/OWNERS:
* web-platform-tests/media-source/interfaces.html:
* web-platform-tests/media-source/manifest.txt:
* web-platform-tests/media-source/mediasource-appendbuffer-quota-exceeded.html:
* web-platform-tests/media-source/mediasource-attach-stops-delaying-load-event.html: Added.
* web-platform-tests/media-source/mediasource-avtracks.html:
* web-platform-tests/media-source/mediasource-detach.html:
* web-platform-tests/media-source/mediasource-duration-expected.txt:
* web-platform-tests/media-source/mediasource-duration.html:
* web-platform-tests/media-source/mediasource-endofstream.html:
* web-platform-tests/media-source/mediasource-errors.html:
* web-platform-tests/media-source/mediasource-getvideoplaybackquality-expected.txt:
* web-platform-tests/media-source/mediasource-getvideoplaybackquality.html:
* web-platform-tests/media-source/mediasource-is-type-supported.html:
* web-platform-tests/media-source/mediasource-liveseekable.html:
* web-platform-tests/media-source/mediasource-remove-expected.txt:
* web-platform-tests/media-source/mediasource-remove.html:
* web-platform-tests/media-source/mediasource-removesourcebuffer.html:
* web-platform-tests/media-source/mediasource-seekable.html:
* web-platform-tests/media-source/mediasource-sourcebuffer-mode-timestamps.html: Added.
* web-platform-tests/media-source/mediasource-sourcebuffer-mode.html:
* web-platform-tests/media-source/mediasource-sourcebuffer-trackdefaults.html:
* web-platform-tests/media-source/mediasource-timestamp-offset.html:
* web-platform-tests/media-source/mediasource-trackdefault.html:
* web-platform-tests/media-source/mediasource-trackdefaultlist.html:
* web-platform-tests/media-source/mediasource-util.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206129 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, build fix for Win64
utatane.tea@gmail.com [Mon, 19 Sep 2016 23:27:26 +0000 (23:27 +0000)]
Unreviewed, build fix for Win64
https://bugs.webkit.org/show_bug.cgi?id=162132

In Windows 64bit, t3 register in LLInt is not r[a-d]x.
It means that this cannot be used for byte operation.

* llint/LowLevelInterpreter64.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206128 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[media-source] Fix imported/w3c/web-platform-tests/media-source/mediasource-avtracks...
jer.noble@apple.com [Mon, 19 Sep 2016 23:24:15 +0000 (23:24 +0000)]
[media-source] Fix imported/w3c/web-platform-tests/media-source/mediasource-avtracks.html
https://bugs.webkit.org/show_bug.cgi?id=162104

Reviewed by Eric Carlson.

Source/WebCore:

Fixes test: imported/w3c/web-platform-tests/media-source/mediasource-avtracks.html

Multiple overlapping issues are causing this test to fail:

- When a MediaSource object is not attached from a HTMLMediaElement, it's SourceBuffer
  objects will return `null` from .videoTracks and .audioTracks, foiling the tests ability
  to assert that sourceBuffer.videoTracks.length == 0.

- When a MediaSource object is detached from a HTMLMediaElement, it's tracks are removed
  but do not generate 'removedtrack' events.

When these bugs were fixed, a few more popped up:

- The HTMLMediaElement removes its tracks before it closes the MediaSource, which causes an
  assertion when the MediaSource tells the HTMLMediaElement to remove its copy of the
  source's tracks (which have already been removed).

- When the HTMLMediaElement is stop()-ed due to its ScriptExecutionContext being destroyed,
  it tries to close its MediaSource, which has itself already been stop()-ed and thus asserts.

To eliminate all these bugs and make the code more self explanatory, we will rename the
HTMLMediaElement's closeMediaSource() method to detachMediaSource(), and the MediaSource's
close() method to detachFromElement(). The only way to close a MediaSource is now by calling
detachMediaSource() from the HTMLMediaElement.  The parts of the "Detaching from a media
element" algorithm which were previously spread across setReadyState() and onReadyStateChange()
are now unified in the newly renamed detachFromElement() method. The HTMLMediaElement will
first detach its MediaSource, and only after that remove all its tracks.

* Modules/mediasource/MediaSource.cpp:
(WebCore::MediaSource::setReadyState): Move steps into detachFromElement().
(WebCore::MediaSource::onReadyStateChange): Ditto.
(WebCore::MediaSource::detachFromElement): Perform the steps as specified.
(WebCore::MediaSource::attachToElement): Takes a reference rather than a bare pointer.
(WebCore::MediaSource::stop): Ask the media elemnet to detach.
(WebCore::MediaSource::close): Renamed to detachFromElement().
* Modules/mediasource/MediaSource.h:
* Modules/mediasource/SourceBuffer.cpp:
(WebCore::SourceBuffer::videoTracks): Always return a valid TrackList object.
(WebCore::SourceBuffer::audioTracks): Ditto.
(WebCore::SourceBuffer::textTracks): Ditto.
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::~HTMLMediaElement): Renamed closeMediaSource() -> detachMediaSource().
(WebCore::HTMLMediaElement::prepareForLoad): Ditto.
(WebCore::HTMLMediaElement::loadResource): Ditto.
(WebCore::HTMLMediaElement::noneSupported): Ditto.
(WebCore::HTMLMediaElement::mediaLoadingFailedFatally): Ditto.
(WebCore::HTMLMediaElement::detachMediaSource): Ditto.
(WebCore::HTMLMediaElement::userCancelledLoad): Ditto.
(WebCore::HTMLMediaElement::createMediaPlayer): Ditto.
(WebCore::HTMLMediaElement::clearMediaPlayer): Ditto. Also, detach from the MediaSource before
    removing tracks.
(WebCore::HTMLMediaElement::closeMediaSource): Deleted.
* html/HTMLMediaElement.h:
* html/track/TrackListBase.cpp:
(TrackListBase::remove): Only try to clear the media element from Tracks that have one.

LayoutTests:

* imported/w3c/web-platform-tests/media-source/mediasource-avtracks-expected.txt
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206127 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoURLParser can read memory out of bounds
achristensen@apple.com [Mon, 19 Sep 2016 23:05:11 +0000 (23:05 +0000)]
URLParser can read memory out of bounds
https://bugs.webkit.org/show_bug.cgi?id=162206

Reviewed by Geoff Garen.

Source/WebCore:

Covered by new API tests.
URLParser is disabled by default still.

* platform/URLParser.cpp:
(WebCore::parseIPv4Host):
If there are fewer than two numbers in an ipv4 address, we would subtract two from the Vector's size,
causing us to read memory up to std::numeric_limits<size_t>::max() - 2.  Added a bounds check and many tests.

Tools:

* TestWebKitAPI/Tests/WebCore/URLParser.cpp:
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206126 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoURLParser should parse serialized valid URLs faster than unknown input
achristensen@apple.com [Mon, 19 Sep 2016 23:03:02 +0000 (23:03 +0000)]
URLParser should parse serialized valid URLs faster than unknown input
https://bugs.webkit.org/show_bug.cgi?id=162228

Reviewed by Chris Dumez.

The URL constructor with ParsedURLStringTag is almost twice as fast as the other URL constructors.
Assuming there are no tabs or newlines, and assuming characters are already encoded decreases the URLParser
runtime by over 25% and adds infrastructure for more optimizations.

No new tests. No change in behaviour.

* platform/URL.cpp:
(WebCore::URL::URL):
* platform/URLParser.cpp:
(WebCore::utf8PercentEncode):
(WebCore::utf8PercentEncodeQuery):
(WebCore::URLParser::parse):
(WebCore::URLParser::parseSerializedURL):
(WebCore::incrementIterator):
(WebCore::URLParser::parseAuthority):
(WebCore::URLParser::parsePort):
(WebCore::URLParser::parseHost):
* platform/URLParser.h:
(WebCore::URLParser::parse): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206125 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoReduce logging from WebResourceLoader::didReceiveData
krollin@apple.com [Mon, 19 Sep 2016 22:53:12 +0000 (22:53 +0000)]
Reduce logging from WebResourceLoader::didReceiveData
https://bugs.webkit.org/show_bug.cgi?id=162233

Reviewed by Antti Koivisto.

Only log once even if called multiple times for a single resource.

* WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::didReceiveData):
* WebProcess/Network/WebResourceLoader.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206123 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCleanup: Remove an extraneous copy of SecurityOrigin
dbates@webkit.org [Mon, 19 Sep 2016 22:33:56 +0000 (22:33 +0000)]
Cleanup: Remove an extraneous copy of SecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=162118

Reviewed by Youenn Fablet.

Share one isolated copy of the SecurityOrigin between the ContentSecurityPolicy and
LoaderTaskOptions objects instead of creating two isolated copies of the SecurityOrigin.
This is safe because both ContentSecurityPolicy and LoaderTaskOptions are instantiated
in WorkerThreadableLoader::MainThreadBridge for use on the main thread only.

* loader/WorkerThreadableLoader.cpp:
(WebCore::LoaderTaskOptions::LoaderTaskOptions):
(WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206122 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd size assert for RenderElement
antti@apple.com [Mon, 19 Sep 2016 22:12:08 +0000 (22:12 +0000)]
Add size assert for RenderElement
https://bugs.webkit.org/show_bug.cgi?id=162096

Reviewed by Simon Fraser.

Also remove the unused m_visibleInViewportState field.

* rendering/RenderElement.cpp:
(WebCore::RenderElement::unregisterForVisibleInViewportCallback):
* rendering/RenderElement.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206121 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION (r205275): LOG_WITH_STREAM() macros are all compiled in release builds now
krollin@apple.com [Mon, 19 Sep 2016 21:59:28 +0000 (21:59 +0000)]
REGRESSION (r205275): LOG_WITH_STREAM() macros are all compiled in release builds now
https://bugs.webkit.org/show_bug.cgi?id=162180

Reviewed by Simon Fraser.

Disable LOG_WITH_STREAM in release mode. Along with this, remove a
local variable in GraphcsContextCG.cpp in release mode that's no
longer referenced. And adjust logFunctionResult so that it gets
defined only in debug mode, too, to match its declaration in
LogMacros.h.

No new tests -- there are no tests for logging.

* platform/LogMacros.h:
* platform/Logging.cpp:
* platform/graphics/cg/GraphicsContextCG.cpp:
(WebCore::GraphicsContext::drawNativeImage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206120 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove ENABLE(TEXT_AUTOSIZING) automatic text size adjustment code
dbates@webkit.org [Mon, 19 Sep 2016 21:25:15 +0000 (21:25 +0000)]
Remove ENABLE(TEXT_AUTOSIZING) automatic text size adjustment code
https://bugs.webkit.org/show_bug.cgi?id=162167

Reviewed by Simon Fraser.

.:

* Source/cmake/OptionsMac.cmake:
* Source/cmake/OptionsWin.cmake:
* Source/cmake/WebKitFeatures.cmake:

Source/JavaScriptCore:

* Configurations/FeatureDefines.xcconfig:

Source/WebCore:

Remove the automatic text size adjustment code guarded by ENABLE(TEXT_AUTOSIZING)
because it is not used by any port. On Mac and iOS, analogous code guarded by
ENABLE(IOS_TEXT_AUTOSIZING) is used.

* CMakeLists.txt:
* Configurations/FeatureDefines.xcconfig:
* dom/Document.cpp:
(WebCore::Document::Document):
* dom/Document.h:
(WebCore::Document::textAutosizer): Deleted.
* page/FrameView.cpp:
(WebCore::FrameView::setFrameRect):
(WebCore::FrameView::layout):
* page/Settings.cpp:
(WebCore::Settings::Settings):
(WebCore::Settings::setTextAutosizingFontScaleFactor): Deleted.
* page/Settings.h:
(WebCore::Settings::textAutosizingFontScaleFactor): Deleted.
* page/animation/CSSPropertyAnimation.cpp:
(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
* rendering/RenderingAllInOne.cpp:
* rendering/TextAutosizer.cpp: Removed.
* rendering/TextAutosizer.h: Removed.
* rendering/style/RenderStyle.cpp:
(WebCore::RenderStyle::changeRequiresLayout):
(WebCore::RenderStyle::lineHeight):
(WebCore::RenderStyle::setFontSize):
* rendering/style/RenderStyle.h:
(WebCore::RenderStyle::textAutosizingMultiplier): Deleted.
(WebCore::RenderStyle::setTextAutosizingMultiplier): Deleted.
* rendering/style/StyleVisualData.cpp:
(WebCore::StyleVisualData::StyleVisualData):
* rendering/style/StyleVisualData.h:
* testing/InternalSettings.cpp:
(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setTextAutosizingEnabled):
(WebCore::InternalSettings::setTextAutosizingWindowSizeOverride):
(WebCore::InternalSettings::setTextAutosizingFontScaleFactor): Deleted.
* testing/InternalSettings.h:
* testing/InternalSettings.idl:

Source/WebKit/mac:

* Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

* Configurations/FeatureDefines.xcconfig:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):

Source/WTF:

* wtf/FeatureDefines.h:

Tools:

* Scripts/webkitperl/FeatureList.pm:
* TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

LayoutTests:

* TestExpectations:
* fast/text-autosizing/cluster-inline-block-or-table-expected.html: Removed.
* fast/text-autosizing/cluster-inline-block-or-table.html: Removed.
* fast/text-autosizing/cluster-inline-grid-flex-box-expected.html: Removed.
* fast/text-autosizing/cluster-inline-grid-flex-box.html: Removed.
* fast/text-autosizing/cluster-list-item-expected.html: Removed.
* fast/text-autosizing/cluster-list-item.html: Removed.
* fast/text-autosizing/cluster-narrow-in-wide-expected.html: Removed.
* fast/text-autosizing/cluster-narrow-in-wide-ohidden-expected.html: Removed.
* fast/text-autosizing/cluster-narrow-in-wide-ohidden.html: Removed.
* fast/text-autosizing/cluster-narrow-in-wide.html: Removed.
* fast/text-autosizing/cluster-wide-in-narrow-expected.html: Removed.
* fast/text-autosizing/cluster-wide-in-narrow.html: Removed.
* fast/text-autosizing/cluster-with-narrow-lca-and-cluster-expected.html: Removed.
* fast/text-autosizing/cluster-with-narrow-lca-and-cluster.html: Removed.
* fast/text-autosizing/cluster-with-narrow-lca-expected.html: Removed.
* fast/text-autosizing/cluster-with-narrow-lca.html: Removed.
* fast/text-autosizing/cluster-with-wide-lca-expected.html: Removed.
* fast/text-autosizing/cluster-with-wide-lca.html: Removed.
* fast/text-autosizing/clusters-insufficient-text-expected.html: Removed.
* fast/text-autosizing/clusters-insufficient-text.html: Removed.
* fast/text-autosizing/clusters-insufficient-width-expected.html: Removed.
* fast/text-autosizing/clusters-insufficient-width.html: Removed.
* fast/text-autosizing/clusters-sufficient-text-except-in-root-expected.html: Removed.
* fast/text-autosizing/clusters-sufficient-text-except-in-root.html: Removed.
* fast/text-autosizing/clusters-sufficient-width-expected.html: Removed.
* fast/text-autosizing/clusters-sufficient-width.html: Removed.
* fast/text-autosizing/constrained-and-overflow-auto-ancestor-expected.html: Removed.
* fast/text-autosizing/constrained-and-overflow-auto-ancestor.html: Removed.
* fast/text-autosizing/constrained-and-overflow-hidden-ancestor-expected.html: Removed.
* fast/text-autosizing/constrained-and-overflow-hidden-ancestor.html: Removed.
* fast/text-autosizing/constrained-and-overflow-paged-x-ancestor-expected.html: Removed.
* fast/text-autosizing/constrained-and-overflow-paged-x-ancestor.html: Removed.
* fast/text-autosizing/constrained-and-overflow-scroll-ancestor-expected.html: Removed.
* fast/text-autosizing/constrained-and-overflow-scroll-ancestor.html: Removed.
* fast/text-autosizing/constrained-height-ancestor-expected.html: Removed.
* fast/text-autosizing/constrained-height-ancestor.html: Removed.
* fast/text-autosizing/constrained-height-body-expected.html: Removed.
* fast/text-autosizing/constrained-height-body.html: Removed.
* fast/text-autosizing/constrained-maxheight-ancestor-expected.html: Removed.
* fast/text-autosizing/constrained-maxheight-ancestor.html: Removed.
* fast/text-autosizing/constrained-maxheight-expected.html: Removed.
* fast/text-autosizing/constrained-maxheight.html: Removed.
* fast/text-autosizing/constrained-out-of-flow-expected.html: Removed.
* fast/text-autosizing/constrained-out-of-flow.html: Removed.
* fast/text-autosizing/constrained-percent-maxheight-expected.html: Removed.
* fast/text-autosizing/constrained-percent-maxheight.html: Removed.
* fast/text-autosizing/constrained-percent-of-viewport-maxheight-expected.html: Removed.
* fast/text-autosizing/constrained-percent-of-viewport-maxheight.html: Removed.
* fast/text-autosizing/constrained-then-float-ancestors-expected.html: Removed.
* fast/text-autosizing/constrained-then-float-ancestors.html: Removed.
* fast/text-autosizing/constrained-then-overflow-ancestors-expected.html: Removed.
* fast/text-autosizing/constrained-then-overflow-ancestors.html: Removed.
* fast/text-autosizing/constrained-then-position-absolute-ancestors-expected.html: Removed.
* fast/text-autosizing/constrained-then-position-absolute-ancestors.html: Removed.
* fast/text-autosizing/constrained-then-position-fixed-ancestors-expected.html: Removed.
* fast/text-autosizing/constrained-then-position-fixed-ancestors.html: Removed.
* fast/text-autosizing/constrained-within-overflow-ancestor-expected.html: Removed.
* fast/text-autosizing/constrained-within-overflow-ancestor.html: Removed.
* fast/text-autosizing/em-margin-border-padding-expected.html: Removed.
* fast/text-autosizing/em-margin-border-padding.html: Removed.
* fast/text-autosizing/font-scale-factor-expected.html: Removed.
* fast/text-autosizing/font-scale-factor.html: Removed.
* fast/text-autosizing/form-controls-autosizing-button-input-elements-expected.html: Removed.
* fast/text-autosizing/form-controls-autosizing-button-input-elements.html: Removed.
* fast/text-autosizing/form-controls-autosizing-checkbox-input-element-expected.html: Removed.
* fast/text-autosizing/form-controls-autosizing-checkbox-input-element.html: Removed.
* fast/text-autosizing/form-controls-autosizing-radio-input-element-expected.html: Removed.
* fast/text-autosizing/form-controls-autosizing-radio-input-element.html: Removed.
* fast/text-autosizing/form-controls-autosizing-select-element-expected.html: Removed.
* fast/text-autosizing/form-controls-autosizing-select-element.html: Removed.
* fast/text-autosizing/form-controls-autosizing-textfield-input-elements-expected.html: Removed.
* fast/text-autosizing/form-controls-autosizing-textfield-input-elements.html: Removed.
* fast/text-autosizing/header-li-links-autosizing-expected.html: Removed.
* fast/text-autosizing/header-li-links-autosizing.html: Removed.
* fast/text-autosizing/header-links-autosizing-different-fontsize-expected.html: Removed.
* fast/text-autosizing/header-links-autosizing-different-fontsize.html: Removed.
* fast/text-autosizing/header-links-autosizing-expected.html: Removed.
* fast/text-autosizing/header-links-autosizing.html: Removed.
* fast/text-autosizing/narrow-child-expected.html: Removed.
* fast/text-autosizing/narrow-child.html: Removed.
* fast/text-autosizing/narrow-descendants-combined-expected.html: Removed.
* fast/text-autosizing/narrow-descendants-combined.html: Removed.
* fast/text-autosizing/narrow-iframe-expected.html: Removed.
* fast/text-autosizing/narrow-iframe-flattened-expected.html: Removed.
* fast/text-autosizing/narrow-iframe-flattened.html: Removed.
* fast/text-autosizing/narrow-iframe.html: Removed.
* fast/text-autosizing/nested-child-expected.html: Removed.
* fast/text-autosizing/nested-child.html: Removed.
* fast/text-autosizing/nested-em-line-height-expected.html: Removed.
* fast/text-autosizing/nested-em-line-height.html: Removed.
* fast/text-autosizing/oscillation-javascript-fontsize-change-expected.html: Removed.
* fast/text-autosizing/oscillation-javascript-fontsize-change.html: Removed.
* fast/text-autosizing/simple-paragraph-expected.html: Removed.
* fast/text-autosizing/simple-paragraph.html: Removed.
* fast/text-autosizing/span-child-expected.html: Removed.
* fast/text-autosizing/span-child.html: Removed.
* fast/text-autosizing/unwrappable-blocks-expected.html: Removed.
* fast/text-autosizing/unwrappable-blocks.html: Removed.
* fast/text-autosizing/unwrappable-inlines-expected.html: Removed.
* fast/text-autosizing/unwrappable-inlines.html: Removed.
* fast/text-autosizing/various-font-sizes-expected.html: Removed.
* fast/text-autosizing/various-font-sizes.html: Removed.
* fast/text-autosizing/wide-block-expected.html: Removed.
* fast/text-autosizing/wide-block.html: Removed.
* fast/text-autosizing/wide-child-expected.html: Removed.
* fast/text-autosizing/wide-child.html: Removed.
* fast/text-autosizing/wide-iframe-expected.html: Removed.
* fast/text-autosizing/wide-iframe.html: Removed.
* fast/text-autosizing/wide-in-narrow-overflow-scroll-expected.html: Removed.
* fast/text-autosizing/wide-in-narrow-overflow-scroll.html: Removed.
* platform/efl/TestExpectations:
* platform/gtk/TestExpectations:
* platform/ios-simulator-wk1/TestExpectations: Move Failure entry for test
fast/text-autosizing/ios/line-height-text-autosizing.html from here to platform/ios-simulator/TestExpectations.
* platform/ios-simulator-wk2/TestExpectations: Ditto.
* platform/ios-simulator/TestExpectations: Associated failure of test
fast/text-autosizing/ios/line-height-text-autosizing.html with <https://bugs.webkit.org/show_bug.cgi?id=162236>.
* platform/mac-wk2/TestExpectations:
* platform/mac/TestExpectations:
* platform/win/TestExpectations:
* platform/wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206119 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUpdate XHTMLParser to recognize "-//W3C//DTD MathML 2.0//EN" public identifier
cdumez@apple.com [Mon, 19 Sep 2016 21:10:31 +0000 (21:10 +0000)]
Update XHTMLParser to recognize "-//W3C//DTD MathML 2.0//EN" public identifier
https://bugs.webkit.org/show_bug.cgi?id=162166

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Import test coverage from W3C web-platform-tests.

* web-platform-tests/html/the-xhtml-syntax/parsing-xhtml-documents/w3c-import.log: Added.
* web-platform-tests/html/the-xhtml-syntax/parsing-xhtml-documents/xhtml-mathml-dtd-entity-support-expected.txt: Added.
* web-platform-tests/html/the-xhtml-syntax/parsing-xhtml-documents/xhtml-mathml-dtd-entity-support.htm: Added.

Source/WebCore:

Update XHTMLParser to recognize "-//W3C//DTD MathML 2.0//EN" public identifier as
per the latest HTML specification.
- https://html.spec.whatwg.org/#parsing-xhtml-documents

Firefox already recognizes it properly.

Test: imported/w3c/web-platform-tests/html/the-xhtml-syntax/parsing-xhtml-documents/xhtml-mathml-dtd-entity-support.htm

* xml/parser/XMLDocumentParserLibxml2.cpp:
(WebCore::convertUTF16EntityToUTF8):
Fix assertion that was causing the new test to crash in debug. The input '\u0026'
gets converted to '&' which is only 1 character. However, the assertion wrongly
expected WTF::Unicode::convertUTF16ToUTF8() to generate more than 1 character.

(WebCore::externalSubsetHandler):
Add "-//W3C//DTD MathML 2.0//EN" to the list.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206118 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/unit-tests
commit-queue@webkit.org [Mon, 19 Sep 2016 21:07:31 +0000 (21:07 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/unit-tests
https://bugs.webkit.org/show_bug.cgi?id=162103

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/unit-tests/inspector-test-dispatch-event-to-frontend.html:
* inspector/unit-tests/protocol-test-dispatch-event-to-frontend.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206117 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/console
commit-queue@webkit.org [Mon, 19 Sep 2016 20:49:32 +0000 (20:49 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/console
https://bugs.webkit.org/show_bug.cgi?id=162070

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/console/clearMessages.html:
* inspector/console/command-line-api.html:
* inspector/console/console-time.html:
* inspector/console/messageAdded-from-named-evaluations.html:
* inspector/console/messageAdded-from-worker.html:
* inspector/console/messageRepeatCountUpdated.html:
* inspector/console/messagesCleared.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206116 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/script-profiler
commit-queue@webkit.org [Mon, 19 Sep 2016 20:47:18 +0000 (20:47 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/script-profiler
https://bugs.webkit.org/show_bug.cgi?id=162101

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/script-profiler/event-type-Other.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206115 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/page
commit-queue@webkit.org [Mon, 19 Sep 2016 20:46:42 +0000 (20:46 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/page
https://bugs.webkit.org/show_bug.cgi?id=162100

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/page/searchInResources.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206114 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/storage
commit-queue@webkit.org [Mon, 19 Sep 2016 20:45:52 +0000 (20:45 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/storage
https://bugs.webkit.org/show_bug.cgi?id=162102

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/storage/domStorage-events.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206113 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/network
commit-queue@webkit.org [Mon, 19 Sep 2016 20:45:17 +0000 (20:45 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/network
https://bugs.webkit.org/show_bug.cgi?id=162099

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/network/client-blocked-load-expected.txt:
* inspector/network/client-blocked-load.html:
* inspector/network/xhr-json-blob-has-content.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206112 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: adopt Object.awaitEvent in LayoutTests/inspector/indexeddb
commit-queue@webkit.org [Mon, 19 Sep 2016 20:41:28 +0000 (20:41 +0000)]
Web Inspector: adopt Object.awaitEvent in LayoutTests/inspector/indexeddb
https://bugs.webkit.org/show_bug.cgi?id=162073

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-09-19
Reviewed by Brian Burg.

Replace instances of singleFireEventListener with awaitEvent and use promise logic to make
tests more readable.

* inspector/indexeddb/clearObjectStore.html:
* inspector/indexeddb/deleteDatabaseNamesWithSpace.html:
* inspector/indexeddb/requestDatabase.html:
* inspector/indexeddb/requestDatabaseNames.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206111 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUpdate WASM towards 0xc
keith_miller@apple.com [Mon, 19 Sep 2016 20:39:55 +0000 (20:39 +0000)]
Update WASM towards 0xc
https://bugs.webkit.org/show_bug.cgi?id=162067

Reviewed by Geoffrey Garen.

This patch updates some of the core parts of the WASM frontend to the 0xc standard.
First, it changes the section names from strings to bytecodes. It also adds support
for inline block signatures. This is a change from the old version that used to have
each branch indicate the arity. Finally, this patch updates all the tests and deletes
a duplicate test.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* testWASM.cpp:
(runWASMTests):
* wasm/WASMB3IRGenerator.cpp:
* wasm/WASMFormat.h:
* wasm/WASMFunctionParser.h:
(JSC::WASM::FunctionParser<Context>::FunctionParser):
(JSC::WASM::FunctionParser<Context>::parseBlock):
(JSC::WASM::FunctionParser<Context>::parseExpression):
* wasm/WASMModuleParser.cpp:
(JSC::WASM::ModuleParser::parse):
* wasm/WASMSections.cpp: Removed.
(JSC::WASM::Sections::lookup): Deleted.
* wasm/WASMSections.h:
(JSC::WASM::Sections::validateOrder):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206110 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWindow's pageXOffset / pageYOffset attributes should be replaceable
cdumez@apple.com [Mon, 19 Sep 2016 20:35:47 +0000 (20:35 +0000)]
Window's pageXOffset / pageYOffset attributes should be replaceable
https://bugs.webkit.org/show_bug.cgi?id=162046

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

* web-platform-tests/html/browsers/the-window-object/window-properties-expected.txt:

Source/WebCore:

Window's pageXOffset / pageYOffset attributes should be replaceable as per:
- https://drafts.csswg.org/cssom-view/#extensions-to-the-window-interface

Firefox agrees with the specification.

No new tests, rebaselined existing test.

* page/DOMWindow.h:
* page/DOMWindow.idl:

LayoutTests:

Update existing tests to reflect behavior change.

* fast/dom/Window/get-set-properties-expected.txt:
* fast/dom/Window/get-set-properties.html:
* js/dom/var-declarations-shadowing-expected.txt:
* js/dom/var-declarations-shadowing.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206109 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r206107.
commit-queue@webkit.org [Mon, 19 Sep 2016 20:22:16 +0000 (20:22 +0000)]
Unreviewed, rolling out r206107.
https://bugs.webkit.org/show_bug.cgi?id=162229

still failing on armv7 for some reason (Requested by anttik on
#webkit).

Reverted changeset:

"Add size assert for RenderElement"
https://bugs.webkit.org/show_bug.cgi?id=162096
http://trac.webkit.org/changeset/206107

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206108 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd size assert for RenderElement
antti@apple.com [Mon, 19 Sep 2016 19:26:31 +0000 (19:26 +0000)]
Add size assert for RenderElement
https://bugs.webkit.org/show_bug.cgi?id=162096

Reviewed by Simon Fraser.

Also remove the unused m_visibleInViewportState field.

* rendering/RenderElement.cpp:
(WebCore::RenderElement::unregisterForVisibleInViewportCallback):
* rendering/RenderElement.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206107 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, reverting changeset https://trac.webkit.org/changeset/206101.
mattbaker@apple.com [Mon, 19 Sep 2016 19:08:45 +0000 (19:08 +0000)]
Unreviewed, reverting changeset https://trac.webkit.org/changeset/206101.

Revert https://bugs.webkit.org/show_bug.cgi?id=162165:
Web Inspector: Make it easier to create a view from an existing DOM element.

* UserInterface/Base/Main.js:
(WebInspector.contentLoaded):
* UserInterface/Views/View.js:
(WebInspector.View):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206106 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Scope sidebar shows "Closure" instead of "Local" when paused in anonym...
commit-queue@webkit.org [Mon, 19 Sep 2016 18:59:22 +0000 (18:59 +0000)]
Web Inspector: Scope sidebar shows "Closure" instead of "Local" when paused in anonymous function
https://bugs.webkit.org/show_bug.cgi?id=162113
<rdar://problem/28348954>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-09-19
Reviewed by Brian Burg.

Source/WebInspectorUI:

* UserInterface/Models/CallFrame.js:
(WebInspector.CallFrame):
Default the functionName to the empty string. This will compare
favorably against other empty function names instead of null.

LayoutTests:

* inspector/debugger/paused-scopes-expected.txt:
* inspector/debugger/paused-scopes.html:
* inspector/debugger/resources/paused-scopes.js:
Add a third pause to test behavior paused inside an
unnamed anonymous function.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206105 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] Use is_cell_with_type for @isRegExpObject, @isMap, and @isSet
utatane.tea@gmail.com [Mon, 19 Sep 2016 18:46:07 +0000 (18:46 +0000)]
[JSC] Use is_cell_with_type for @isRegExpObject, @isMap, and @isSet
https://bugs.webkit.org/show_bug.cgi?id=162142

Reviewed by Michael Saboff.

Use is_cell_with_type for @isRegExpObject, @isMap and @isSet.
Previously, they were implemented as functions and only @isRegExpObject was handled in the DFG and FTL.
The recently added op_is_cell_with_type bytecode and DFG IsCellWithType node allows us to simplify the above checks in all JIT tiers.
Changed these checks to bytecode intrinsics using op_is_cell_with_type.

* builtins/BuiltinNames.h:
* bytecode/BytecodeIntrinsicRegistry.h:
* bytecode/SpeculatedType.cpp:
(JSC::speculationFromJSType):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitIsRegExpObject):
(JSC::BytecodeGenerator::emitIsMap):
(JSC::BytecodeGenerator::emitIsSet):
(JSC::BytecodeGenerator::emitIsProxyObject): Deleted.
* bytecompiler/NodesCodegen.cpp:
(JSC::BytecodeIntrinsicNode::emit_intrinsic_isRegExpObject):
(JSC::BytecodeIntrinsicNode::emit_intrinsic_isMap):
(JSC::BytecodeIntrinsicNode::emit_intrinsic_isSet):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
* runtime/ECMAScriptSpecInternalFunctions.cpp:
(JSC::esSpecIsRegExpObject): Deleted.
* runtime/ECMAScriptSpecInternalFunctions.h:
* runtime/Intrinsic.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
* runtime/MapPrototype.cpp:
(JSC::privateFuncIsMap): Deleted.
* runtime/MapPrototype.h:
* runtime/SetPrototype.cpp:
(JSC::privateFuncIsSet): Deleted.
* runtime/SetPrototype.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206104 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAX: Add accessibility support for details element on iOS
n_wang@apple.com [Mon, 19 Sep 2016 18:32:21 +0000 (18:32 +0000)]
AX: Add accessibility support for details element on iOS
https://bugs.webkit.org/show_bug.cgi?id=162041

Reviewed by Chris Fleizach.

Source/WebCore:

The details and summary elements are poorly supported on iOS.
Two major issues:
    1. Assistive technologies taking focus onto details/summary elements will cause unexpected behavior.
    2. VoiceOver is not speaking the expanded status of the details element.
Fixed them by not setting focus onto elements inside details and exposing the details element's expanded
status to its summary's accessible children.

Test: accessibility/ios-simulator/detail-summary-ios.html

* accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(matchedParent):
(-[WebAccessibilityObjectWrapper _accessibilityListAncestor]):
(-[WebAccessibilityObjectWrapper _accessibilityLandmarkAncestor]):
(-[WebAccessibilityObjectWrapper _accessibilityTableAncestor]):
(-[WebAccessibilityObjectWrapper _accessibilityFieldsetAncestor]):
(-[WebAccessibilityObjectWrapper tableCellParent]):
(-[WebAccessibilityObjectWrapper tableParent]):
(-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
(-[WebAccessibilityObjectWrapper convertRectToScreenSpace:]):
(-[WebAccessibilityObjectWrapper detailParentForSummaryObject:]):
(-[WebAccessibilityObjectWrapper detailParentForObject:]):
(-[WebAccessibilityObjectWrapper accessibilityElementDidBecomeFocused]):
(-[WebAccessibilityObjectWrapper accessibilitySupportsARIAExpanded]):
(-[WebAccessibilityObjectWrapper accessibilityIsExpanded]):

Tools:

* DumpRenderTree/ios/AccessibilityUIElementIOS.mm:
(AccessibilityUIElement::isExpanded):
* WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:
(WTR::AccessibilityUIElement::isExpanded):

LayoutTests:

* accessibility/ios-simulator/detail-summary-ios-expected.txt: Added.
* accessibility/ios-simulator/detail-summary-ios.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206102 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Make it easier to create a view from an existing DOM element
mattbaker@apple.com [Mon, 19 Sep 2016 17:53:37 +0000 (17:53 +0000)]
Web Inspector: Make it easier to create a view from an existing DOM element
https://bugs.webkit.org/show_bug.cgi?id=162165
<rdar://problem/28365848>

Reviewed by Timothy Hatcher.

* UserInterface/Base/Main.js:
(WebInspector.contentLoaded):
Pass id string for views created from existing DOM elements.

* UserInterface/Views/View.js:
(WebInspector.View):
Change `element` to `elementOrIdentifier`. If the value is a string,
treat it as an element identifier. If the identifier is invalid, create
a default element.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206101 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoASSERTION FAILED: clipRectsContext.rootLayer == m_clipRectsCache->m_clipRectsRoot...
zalan@apple.com [Mon, 19 Sep 2016 17:36:58 +0000 (17:36 +0000)]
ASSERTION FAILED: clipRectsContext.rootLayer == m_clipRectsCache->m_clipRectsRoot[clipRectsType] while loading guardian.co.uk
https://bugs.webkit.org/show_bug.cgi?id=162129
<rdar://problem/28353350>

Reviewed by Antti Koivisto.

Source/WebCore:

Neither ::localClipRect() nor ::selfClipRect() accounts for paginated context while computing the cliprects (See FIXMEs).
This patch ensures that we don't end up caching these invalid cliprects.

Test: fast/multicol/assert-on-cliprect-caching-when-paginated.html

* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::calculateClipRects):

LayoutTests:

* fast/multicol/assert-on-cliprect-caching-when-paginated-expected.txt: Added.
* fast/multicol/assert-on-cliprect-caching-when-paginated.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206100 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Replay: teach the replay inputs generator to encode and decode OptionSet<T>
bburg@apple.com [Mon, 19 Sep 2016 17:16:32 +0000 (17:16 +0000)]
Web Replay: teach the replay inputs generator to encode and decode OptionSet<T>
https://bugs.webkit.org/show_bug.cgi?id=162107

Reviewed by Anders Carlsson.

Add a new type flag OPTION_SET. This means that the type is a typechecked enum class
declaration, but it's stored in an OptionSet object and can contain multiple
distinct enumeration values like an untyped enum declaration.

Do some cleanup since the generator now supports three different enumerable types:
'enum', 'enum class', and 'OptionSet<T>' where T is an enum class.

Also clean up some sloppy variable names. Using an 'enum_' prefix is really confusing now.

* replay/scripts/CodeGeneratorReplayInputs.py:
(Type.is_enum_declaration):
(Type.is_enum_class_declaration):
(Type.is_option_set):
(Type):
(Type.is_enumerable):
When we want all enumerable types, this property includes all three variants.

(Type.declaration_kind): Forward-declare OptionSet's type parameter as an enum class.
(VectorType.is_enum_declaration): Renamed from is_enum().
(VectorType.is_enum_class_declaration): Renamed from is_enum_class().
(VectorType.is_option_set): Added.
(InputsModel.enumerable_types): Added.
(InputsModel.parse_type_with_framework):
(Generator.generate_header):
(Generator.generate_implementation):
(Generator.generate_includes):
(Generator.generate_type_forward_declarations):
(Generator.generate_enumerable_type_trait_declaration):
(Generator.generate_enum_trait_declaration): Renamed.
(Generator.generate_enum_trait_implementation): Renamed.

* replay/scripts/CodeGeneratorReplayInputsTemplates.py:
Add new templates for OptionSet types. Clean up parameter names and simplify the
enumerable type declaration template, which is the same for all enumerable type variants.

* replay/scripts/tests/expected/fail-on-c-style-enum-no-storage.json-error:
* replay/scripts/tests/expected/generate-enum-encoding-helpers.json-TestReplayInputs.cpp:
(JSC::EncodingTraits<Test::PlatformEvent::OtherType>::encodeValue):
(JSC::EncodingTraits<Test::PlatformEvent::OtherType>::decodeValue):
* replay/scripts/tests/expected/generate-enum-encoding-helpers.json-TestReplayInputs.h:
* replay/scripts/tests/expected/generate-enum-with-guard.json-TestReplayInputs.h:
Rebaseline test results.

* replay/scripts/tests/generate-enum-encoding-helpers.json:
Add a new type for OptionSet<PlatformEvent::Modifier> to capture generated encode/decode methods.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206099 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC][LLInt] Introduce is_cell_with_type
utatane.tea@gmail.com [Mon, 19 Sep 2016 17:00:25 +0000 (17:00 +0000)]
[JSC][LLInt] Introduce is_cell_with_type
https://bugs.webkit.org/show_bug.cgi?id=162132

Reviewed by Sam Weinig.

In this patch, we introduce is_cell_with_type bytecode. This bytecode can unify the following predicates,
op_is_string, op_is_jsarray, op_is_proxy_object, and op_is_derived_array!
And we now drop DFG node IsString since we can use IsCellWithType instead.
This automatically offers optimization to previous IsString node: dropping cell check by using CellUse edge filter.

Later, we are planning to use this is_cell_with_type to optimize @isRegExpObject, @isSet, and @isMap[1].

The performance results are neutral.

[1]: https://bugs.webkit.org/show_bug.cgi?id=162142

* bytecode/BytecodeList.json:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
* bytecode/SpeculatedType.cpp:
(JSC::speculationFromJSType):
* bytecode/SpeculatedType.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitEqualityOp):
(JSC::BytecodeGenerator::emitIsCellWithType):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitIsJSArray):
(JSC::BytecodeGenerator::emitIsProxyObject):
(JSC::BytecodeGenerator::emitIsDerivedArray):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::fixupIsCellWithType):
* dfg/DFGNode.h:
(JSC::DFG::Node::speculatedTypeForQuery):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileIsString): Deleted.
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
* jit/JIT.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_is_cell_with_type):
(JSC::JIT::emitIsCellWithType): Deleted.
(JSC::JIT::emit_op_is_string): Deleted.
(JSC::JIT::emit_op_is_jsarray): Deleted.
(JSC::JIT::emit_op_is_proxy_object): Deleted.
(JSC::JIT::emit_op_is_derived_array): Deleted.
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_is_cell_with_type):
(JSC::JIT::emitIsCellWithType): Deleted.
(JSC::JIT::emit_op_is_string): Deleted.
(JSC::JIT::emit_op_is_jsarray): Deleted.
(JSC::JIT::emit_op_is_proxy_object): Deleted.
(JSC::JIT::emit_op_is_derived_array): Deleted.
* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206098 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoOnly override URLParser::enabled if NSUserDefaults object exists
commit-queue@webkit.org [Mon, 19 Sep 2016 16:01:08 +0000 (16:01 +0000)]
Only override URLParser::enabled if NSUserDefaults object exists
https://bugs.webkit.org/show_bug.cgi?id=162131

Patch by Alex Christensen <achristensen@webkit.org> on 2016-09-19
Reviewed by Sam Weinig.

* Shared/Cocoa/WebKit2InitializeCocoa.mm:
(WebKit::platformInitializeWebKit2):
* Shared/WebKit2Initialize.cpp:
When I enable URLParser by default, I will want the default to only be overwritten if there is a
NSUserDefaults key for URLParserEnabled.  Right now it is setting URLParser::enabled to false always,
which isn't a problem because the default is also false.  When the default is true, that will overwrite the default.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206097 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoClean-up after r206014
commit-queue@webkit.org [Mon, 19 Sep 2016 14:31:16 +0000 (14:31 +0000)]
Clean-up after r206014
https://bugs.webkit.org/show_bug.cgi?id=162140

Patch by Youenn Fablet <youenn@apple.com> on 2016-09-19
Reviewed by Sam Weinig.

Covered by existing tests.

* platform/network/HTTPHeaderMap.cpp:
(WebCore::HTTPHeaderMap::add):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206096 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Make ENABLE_THREADED_COMPOSITOR a public option
mcatanzaro@igalia.com [Mon, 19 Sep 2016 13:30:13 +0000 (13:30 +0000)]
[GTK] Make ENABLE_THREADED_COMPOSITOR a public option
https://bugs.webkit.org/show_bug.cgi?id=162148

Reviewed by Carlos Garcia Campos.

* Source/cmake/OptionsGTK.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206095 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoIf a host object is only used as a variadic argument, its bindings header isn't prope...
nael.ouedraogo@crf.canon.fr [Mon, 19 Sep 2016 12:30:53 +0000 (12:30 +0000)]
If a host object is only used as a variadic argument, its bindings header isn't properly included
https://bugs.webkit.org/show_bug.cgi?id=150121

Reviewed by Youenn Fablet.

Modify JS binding generator to include binding headers of objects passed
as variadic argument.

* Modules/mediastream/RTCPeerConnection.h: Remove workaround.
* bindings/scripts/CodeGeneratorJS.pm:
(AddVariadicToImplIncludes):
(GenerateParametersCheck):
* bindings/scripts/test/JS/JSTestObj.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206094 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: ⇧⌘C should highlight node under cursor without re-moving mouse
commit-queue@webkit.org [Mon, 19 Sep 2016 11:30:28 +0000 (11:30 +0000)]
Web Inspector: ⇧⌘C should highlight node under cursor without re-moving mouse
https://bugs.webkit.org/show_bug.cgi?id=162128

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-09-19
Reviewed by Brian Burg.

* inspector/InspectorDOMAgent.h:
* inspector/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::willDestroyFrontendAndBackend):
(WebCore::InspectorDOMAgent::mouseDidMoveOverElement):
(WebCore::InspectorDOMAgent::highlightMousedOverNode):
(WebCore::InspectorDOMAgent::setSearchingForNode):
When the inspector is connected, remember the last moused over node.
This produces far more consistent results of highlighting under
the cursor when pressing and releasing the keyboard shortcut keys,
without having to move the mouse. Even when using the shortcut to
first connect the inspector this produces far more consistent
results because releasing the keys for the shortcut produce new
mouseDidMoveOverElement events.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206093 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Color picker in Style sidebar stops working after 1st color change
commit-queue@webkit.org [Mon, 19 Sep 2016 11:29:36 +0000 (11:29 +0000)]
Web Inspector: Color picker in Style sidebar stops working after 1st color change
https://bugs.webkit.org/show_bug.cgi?id=162115
<rdar://problem/28349875>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-09-19
Reviewed by Brian Burg.

* UserInterface/Views/CSSStyleDeclarationTextEditor.js:
(WebInspector.CSSStyleDeclarationTextEditor):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._updateTextMarkers):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._updateTextMarkers.createSwatch):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._inlineSwatchActivated):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._inlineSwatchDeactivated):
Listen for swatch activated / inactivated events to set some state.

(WebInspector.CSSStyleDeclarationTextEditor.prototype._propertiesChanged):
Do not wipe markers if there is an active inline swatch. That
would break behavior for that active swatch.

(WebInspector.CSSStyleDeclarationTextEditor.prototype._inlineSwatchValueChanged):
Eliminate old, incorrect, and now unnecessary code for trying to recover
a textMarker for an inline swatch if the textMarker went away. Besides being
incorrect, if an inline swatch's textMarker goes away, then we will already
have issues, because any active popover will still be connected to the
original marker and swatch element that no longer appear in the editor.

* UserInterface/Views/ColorPicker.js:
(WebInspector.ColorPicker):
(WebInspector.ColorPicker.prototype.set color):
* UserInterface/Views/InlineSwatch.js:
(WebInspector.InlineSwatch.prototype.didDismissPopover):
(WebInspector.InlineSwatch.prototype._swatchElementClicked):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206092 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Bring the inspected page's window forward when activating element...
commit-queue@webkit.org [Mon, 19 Sep 2016 09:39:56 +0000 (09:39 +0000)]
Web Inspector: Bring the inspected page's window forward when activating element search
https://bugs.webkit.org/show_bug.cgi?id=162114
<rdar://problem/28349357>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-09-19
Reviewed by Brian Burg.

Source/WebKit/mac:

* WebCoreSupport/WebInspectorClient.mm:
(WebInspectorClient::didSetSearchingForNode):
When element search is activated bring the window
containing the inspected page to the foreground.

Source/WebKit2:

* UIProcess/WebInspectorProxy.h:
* UIProcess/WebInspectorProxy.cpp:
(WebKit::WebInspectorProxy::elementSelectionChanged):
When element search is activated allow the platform to bring
the window containing the inspected page to the foreground.

(WebKit::WebInspectorProxy::platformBringInspectedPageToFront):
* UIProcess/efl/WebInspectorProxyEfl.cpp:
(WebKit::WebInspectorProxy::platformBringInspectedPageToFront):
* UIProcess/gtk/WebInspectorProxyGtk.cpp:
(WebKit::WebInspectorProxy::platformBringInspectedPageToFront):
Default empty implementation for ports.

* UIProcess/mac/WebInspectorProxyMac.mm:
(WebKit::WebInspectorProxy::platformBringInspectedPageToFront):
Bring the window containing the inspected page to the foreground.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206091 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoJSDOMBindings' toArguments() should return a more descriptive object
nael.ouedraogo@crf.canon.fr [Mon, 19 Sep 2016 09:00:38 +0000 (09:00 +0000)]
JSDOMBindings' toArguments() should return a more descriptive object
https://bugs.webkit.org/show_bug.cgi?id=161793

Reviewed by Youenn Fablet.

Replace std::pair with new VariadicHelperResult class with more
readable members names.

No additional tests required.

* bindings/js/JSDOMBinding.h:
(WebCore::VariadicHelper::Result::Result):
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateParametersCheck):
* bindings/scripts/test/JS/JSTestObj.cpp:
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod12):
(WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
(WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod):
(WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206090 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Empty referer header after WebKit session state restoration trips Bad Behavior...
mcatanzaro@igalia.com [Mon, 19 Sep 2016 06:51:23 +0000 (06:51 +0000)]
[GTK] Empty referer header after WebKit session state restoration trips Bad Behavior Wordpress plugin
https://bugs.webkit.org/show_bug.cgi?id=159606

Reviewed by Carlos Garcia Campos.

Leave the referrer member of FrameState unset when restoring from session state, unless
there is actually a nonempty referrer saved in the state. If we set it to an empty string,
then an empty referrer gets sent to the server, which some servers do not accept. It
triggers the Bad Behavior plugin on my WordPress blog, for instance. It also breaks vox.com.

* UIProcess/API/gtk/WebKitWebViewSessionState.cpp:
(decodeFrameState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206086 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Add test coverage for all array utility functions
mattbaker@apple.com [Sun, 18 Sep 2016 19:49:28 +0000 (19:49 +0000)]
Web Inspector: Add test coverage for all array utility functions
https://bugs.webkit.org/show_bug.cgi?id=162044
<rdar://problem/28330846>

Reviewed by Joseph Pecoraro.

New test cases and expectations for Array utility functions.

* inspector/unit-tests/array-utilities-expected.txt:
* inspector/unit-tests/array-utilities.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206085 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[iOS] Remove unused methods from _WKInputDelegate
commit-queue@webkit.org [Sun, 18 Sep 2016 19:04:58 +0000 (19:04 +0000)]
[iOS] Remove unused methods from _WKInputDelegate
https://bugs.webkit.org/show_bug.cgi?id=162098

Patch by Chelsea Pugh <cpugh@apple.com> on 2016-09-18
Reviewed by Anders Carlsson.

* UIProcess/API/Cocoa/_WKInputDelegate.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206084 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] Assert length of LLInt opcodes using isCellWithType is 3
utatane.tea@gmail.com [Sun, 18 Sep 2016 18:03:38 +0000 (18:03 +0000)]
[JSC] Assert length of LLInt opcodes using isCellWithType is 3
https://bugs.webkit.org/show_bug.cgi?id=162134

Reviewed by Saam Barati.

* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206083 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] Do not need to use defineProperty to define methods for object literals
utatane.tea@gmail.com [Sun, 18 Sep 2016 17:40:11 +0000 (17:40 +0000)]
[JSC] Do not need to use defineProperty to define methods for object literals
https://bugs.webkit.org/show_bug.cgi?id=162111

Reviewed by Saam Barati.

JSTests:

* stress/object-literal-methods.js: Added.
(shouldBe):
(throw.new.Error.let.object.get name):
(throw.new.Error):
(shouldBe.let.object.get name):
(shouldBe.let.object.get prototype):
(shouldBe.let.object.get 42):

Source/JavaScriptCore:

When we receive the following code,

    var object = { method() { } };

currently, we use defineProperty to define "method" function for "object".
This patch replaces it with the ordinary put_by_id_direct / put_by_val_direct
because the following 2 conditions are met.

1. While methods in classes have special attributes ({configurable: true, writable: true, enumerable: false}),
   the attributes of methods in object literals is just the same to the other normal properties ({configurable: true, writable: true, enumerable: true}).
   This means that we can use the usual put_by_id_direct / put_by_val_direct to define method properties for object literals.

2. Furthermore, all the own properties that can reside in objects created by object literals have {configurable: true}.
   So there is no need to check conflict by defineProperty. Always overwriting is OK.

        let name = 'method';
        var object = { get [name]() { }, method() { } };
        // Latter method wins.

    On the other hand, in class syntax, conflict check is necessary since "prototype" own property is defined as {configurable: false}.

        class Hello { static prototype() { } }  // Should throw error by defineProperty's check.

    This means that conflict check done in defneProperty is not necessary for object literals' properties.

* bytecompiler/NodesCodegen.cpp:
(JSC::PropertyListNode::emitPutConstantProperty):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206082 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUncaught Exception: null is not an object (evaluating 'this.listItemElement.classList')
commit-queue@webkit.org [Sun, 18 Sep 2016 17:36:31 +0000 (17:36 +0000)]
Uncaught Exception: null is not an object (evaluating 'this.listItemElement.classList')
https://bugs.webkit.org/show_bug.cgi?id=162123
<rdar://problem/28352900>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-09-18
Reviewed by Matt Baker.

* UserInterface/Views/DOMTreeElement.js:
(WebInspector.DOMTreeElement.prototype.onexpand):
If not attached yet, don't update title. We will update title
when attaching, so this avoids work and avoids doing that
work when the tree element is not fully setup.

(WebInspector.DOMTreeElement.prototype._startEditing):
(WebInspector.DOMTreeElement.prototype._nodeTitleInfo):
(WebInspector.DOMTreeElement.prototype._nodePseudoClassesDidChange):
Switch to the public name instead of the private name.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206081 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Stop using glReadPixels() to blit AC surfaces in the UIProcess under Wayland
gns@gnome.org [Sun, 18 Sep 2016 15:10:39 +0000 (15:10 +0000)]
[GTK] Stop using glReadPixels() to blit AC surfaces in the UIProcess under Wayland
https://bugs.webkit.org/show_bug.cgi?id=161530

Reviewed by Carlos Garcia Campos.

Use gdk_cairo_draw_from_gl when all necessary conditions exist.

* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::create): take TextureMapper::PaintFlags as optional argument.
(WebKit::ThreadedCompositor::ThreadedCompositor): ditto.
(WebKit::ThreadedCompositor::renderLayerTree): relay paint flags to TextureMapper::beginPaint.
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
* UIProcess/gtk/AcceleratedBackingStoreWayland.cpp:
(WebKit::AcceleratedBackingStoreWayland::paint): use the faster gdk_cairo_draw_from_gl when a new
enough GTK+ is in use.
* WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:
(WebKit::ThreadedCoordinatedLayerTreeHost::ThreadedCoordinatedLayerTreeHost): create compositor
with PaintingMirrored flag if we have recent GTK+ and are running under Wayland.
* WebProcess/WebPage/gtk/AcceleratedSurfaceX11.h: implement shouldPaintMirrored by always
returning false.
* WebProcess/WebPage/gtk/AcceleratedSurfaceWayland.h: implement shouldPaintMirrored by always
returning true.
* WebProcess/WebPage/gtk/LayerTreeHostGtk.cpp:
(WebKit::LayerTreeHostGtk::compositeLayersToContext): pass PaintingMirror flag to TextureMapper
when under a recent enough GTK+ and Wayland.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206080 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] [l10n] Updated Ukrainian translation of WebKitGTK+
mcatanzaro@igalia.com [Sun, 18 Sep 2016 14:03:13 +0000 (14:03 +0000)]
[GTK] [l10n] Updated Ukrainian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=162136

Patch by Yuri Chornoivan <yurchor@ukr.net> on 2016-09-18
Rubber-stamped by Michael Catanzaro.

* uk.po:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206079 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[EFL] Bump efl library to 1.18.1
gyuyoung.kim@webkit.org [Sun, 18 Sep 2016 13:47:31 +0000 (13:47 +0000)]
[EFL] Bump efl library to 1.18.1
https://bugs.webkit.org/show_bug.cgi?id=162120

Patch by Gyuyoung Kim <gyuyoung.kim@navercorp.com> on 2016-09-18
Reviewed by Michael Catanzaro.

.:

* Source/cmake/OptionsEfl.cmake: Use efl-1.18.1 instead of 1.18.

Tools:

* efl/jhbuild.modules: Use efl-1.18.1 instead of 1.18.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206078 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[EFL] Adjust EFL coding style to EFL MiniBrowser
gyuyoung.kim@webkit.org [Sun, 18 Sep 2016 13:13:47 +0000 (13:13 +0000)]
[EFL] Adjust EFL coding style to EFL MiniBrowser
https://bugs.webkit.org/show_bug.cgi?id=162119

Reviewed by Michael Catanzaro.

Apply EFL coding style to main.c for MiniBrowser.
  - Use _foo_cb instead of on_foo for callback function
  - Use 3 spaces and use 2 spaces in keywords.

- EFL coding style.
  https://phab.enlightenment.org/w/coding_convention/

Additionally this patch adds an exception rule that style checker doesn't
check indentation rule in EFL MiniBrowser.

* MiniBrowser/efl/main.c:
(miniBrowserViewSmartClass):
(window_find_with_ewk_view):
(_tooltip_show):
(window_tooltip_hide):
(window_tooltip_update):
(_mouse_in_cb):
(_mouse_move_cb):
(_mouse_out_cb):
(_mouse_wheel_cb):
(_window_resize_cb):
(update_view_favicon):
(_icon_changed_cb):
(window_free):
(window_close):
(search_icon_show):
(search_box_show):
(search_box_hide):
(history_list_hide):
(save_page_contents_callback):
(script_execute_callback):
(toggle_window_fullscreen):
(_key_down_cb):
(_mouse_down_cb):
(_title_changed_cb):
(_url_changed_cb):
(_back_forward_list_changed_cb):
(_progress_cb):
(_error_cb):
(_download_request_cb):
(close_file_picker):
(_filepicker_parent_deletion_cb):
(_filepicker_deletion_cb):
(_fileselector_done_cb):
(_file_chooser_request_cb):
(_download_finished_cb):
(_download_failed_cb):
(_color_changed_cb):
(_color_item_selected_cb):
(_color_picker_ok_clicked_cb):
(_color_picker_cancel_clicked_cb):
(_color_picker_dismiss_cb):
(_color_picker_request_cb):
(_url_bar_activated_cb):
(_url_bar_clicked_cb):
(_search_field_aborted_cb):
(_search_field_activated_cb):
(_search_field_clicked_cb):
(_back_button_clicked_cb):
(_forward_button_clicked_cb):
(_search_backward_button_clicked_cb):
(_search_forward_button_clicked_cb):
(_search_case_option_changed):
(_search_word_start_option_changed_cb):
(_search_close_button_clicked_cb):
(_refresh_button_clicked_cb):
(_stop_button_clicked_cb):
(_list_item_select_cb):
(navigation_button_longpress_process):
(_forward_button_longpress_cb):
(_back_button_longpress_cb):
(_ok_clicked_cb):
(_file_entry_dialog_show):
(_javascript_alert_cb):
(_javascript_confirm_cb):
(_javascript_prompt_cb):
(_javascript_before_unload_confirm_cb):
(_popup_menu_item_clicked_cb):
(popup_menu_populate):
(_popup_menu_show):
(_popup_menu_hide):
(_window_geometry_get):
(_window_geometry_set):
(_fullscreen_accept_cb):
(_fullscreen_deny_cb):
(_fullscreen_enter_cb):
(_fullscreen_exit_cb):
(_window_create_cb):
(_window_close_cb):
(_context_menu_item_selected_cb):
(context_menu_populate):
(_context_menu_show):
(_context_menu_hide):
(auth_popup_close):
(_auth_cancel_cb):
(_auth_ok_cb):
(_authentication_request_cb):
(_search_text_found_cb):
(_tooltip_text_set):
(_tooltip_text_unset):
(_navigation_policy_decision_cb):
(_home_button_clicked_cb):
(_window_deletion_cb):
(create_toolbar_button):
(window_create):
(configuration):
(parse_cookies_policy):
(parse_window_size):
(elm_main):
(on_tooltip_show): Deleted.
(on_mouse_in): Deleted.
(on_mouse_move): Deleted.
(on_mouse_out): Deleted.
(on_mouse_wheel): Deleted.
(on_window_resize): Deleted.
(on_icon_changed_cb): Deleted.
(on_key_down): Deleted.
(on_mouse_down): Deleted.
(on_title_changed): Deleted.
(on_url_changed): Deleted.
(on_back_forward_list_changed): Deleted.
(on_progress): Deleted.
(on_error): Deleted.
(on_download_request): Deleted.
(on_filepicker_parent_deletion): Deleted.
(on_filepicker_deletion): Deleted.
(on_fileselector_done): Deleted.
(on_file_chooser_request): Deleted.
(on_download_finished): Deleted.
(on_download_failed): Deleted.
(on_color_changed): Deleted.
(on_color_item_selected): Deleted.
(on_color_picker_ok_clicked): Deleted.
(on_color_picker_cancel_clicked): Deleted.
(on_color_picker_dismiss): Deleted.
(on_color_picker_request): Deleted.
(on_url_bar_activated): Deleted.
(on_url_bar_clicked): Deleted.
(on_search_field_aborted): Deleted.
(on_search_field_activated): Deleted.
(on_search_field_clicked): Deleted.
(on_back_button_clicked): Deleted.
(on_forward_button_clicked): Deleted.
(on_search_backward_button_clicked): Deleted.
(on_search_forward_button_clicked): Deleted.
(on_search_case_option_changed): Deleted.
(on_search_word_start_option_changed): Deleted.
(on_search_close_button_clicked): Deleted.
(on_refresh_button_clicked): Deleted.
(on_stop_button_clicked): Deleted.
(on_list_item_select): Deleted.
(on_forward_button_longpress): Deleted.
(on_back_button_longpress): Deleted.
(on_ok_clicked): Deleted.
(show_file_entry_dialog): Deleted.
(on_javascript_alert): Deleted.
(on_javascript_confirm): Deleted.
(on_javascript_prompt): Deleted.
(on_javascript_before_unload_confirm): Deleted.
(on_popup_menu_item_clicked): Deleted.
(on_popup_menu_show): Deleted.
(on_popup_menu_hide): Deleted.
(on_window_geometry_get): Deleted.
(on_window_geometry_set): Deleted.
(on_fullscreen_accept): Deleted.
(on_fullscreen_deny): Deleted.
(on_fullscreen_enter): Deleted.
(on_fullscreen_exit): Deleted.
(on_window_create): Deleted.
(on_window_close): Deleted.
(context_menu_item_selected_cb): Deleted.
(on_context_menu_show): Deleted.
(on_context_menu_hide): Deleted.
(on_auth_cancel): Deleted.
(on_auth_ok): Deleted.
(on_authentication_request): Deleted.
(on_search_text_found): Deleted.
(on_tooltip_text_set): Deleted.
(on_tooltip_text_unset): Deleted.
(on_navigation_policy_decision): Deleted.
(on_home_button_clicked): Deleted.
(on_window_deletion): Deleted.
* Scripts/webkitpy/style/checker.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206077 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove unnecessary String allocations in URLParser
achristensen@apple.com [Sun, 18 Sep 2016 08:01:11 +0000 (08:01 +0000)]
Remove unnecessary String allocations in URLParser
https://bugs.webkit.org/show_bug.cgi?id=162089

Reviewed by Chris Dumez.

No change in behavior except a performance improvement.

* platform/URL.cpp:
(WebCore::assertProtocolIsGood):
(WebCore::URL::protocolIs):
(WebCore::protocolIs):
* platform/URL.h:
Added a new protocolIs for non-null-terminated strings from user input.
* platform/URLParser.cpp:
(WebCore::URLParser::parse):
Don't make a String to compare protocols.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206076 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoInline functions in URLParser
achristensen@apple.com [Sun, 18 Sep 2016 05:38:24 +0000 (05:38 +0000)]
Inline functions in URLParser
https://bugs.webkit.org/show_bug.cgi?id=162106

Reviewed by Antti Koivisto.

No change in behavior. Just make URLParser faster.

* platform/URLParser.cpp:
(WebCore::isC0Control):
(WebCore::isC0ControlOrSpace):
(WebCore::isTabOrNewline):
(WebCore::isInSimpleEncodeSet):
(WebCore::isInDefaultEncodeSet):
(WebCore::isInUserInfoEncodeSet):
(WebCore::isInvalidDomainCharacter):
(WebCore::isPercentOrNonASCII):
(WebCore::isSlashQuestionOrHash):
(WebCore::isWindowsDriveLetter):
(WebCore::shouldCopyFileURL):
(WebCore::percentEncode):
(WebCore::utf8PercentEncode):
(WebCore::utf8PercentEncodeQuery):
(WebCore::encodeQuery):
(WebCore::isDefaultPort):
(WebCore::isSpecialScheme):
(WebCore::copyASCIIStringUntil):
(WebCore::isPercentEncodedDot):
(WebCore::isSingleDotPathSegment):
(WebCore::isDoubleDotPathSegment):
(WebCore::consumeSingleDotPathSegment):
(WebCore::consumeDoubleDotPathSegment):
(WebCore::serializeIPv4):
(WebCore::zeroSequenceLength):
(WebCore::findLongestZeroSequence):
(WebCore::serializeIPv6Piece):
(WebCore::serializeIPv6):
(WebCore::parseIPv4Number):
(WebCore::pow256):
(WebCore::parseIPv4Host):
(WebCore::parseIPv6Host):
(WebCore::percentDecode):
(WebCore::containsOnlyASCII):
(WebCore::domainToASCII):
(WebCore::hasInvalidDomainCharacter):
(WebCore::formURLDecode):
(WebCore::serializeURLEncodedForm):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206075 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMainThreadBridge needs an isolatedCopy() of SecurityOrigin
ddkilzer@apple.com [Sat, 17 Sep 2016 11:14:38 +0000 (11:14 +0000)]
MainThreadBridge needs an isolatedCopy() of SecurityOrigin
<https://webkit.org/b/162116>
<rdar://problem/27525870>

Reviewed by Carlos Garcia Campos.

Covered by existing tests.

* loader/WorkerThreadableLoader.cpp:
(WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
Make an isolatedCopy() of SecurityOrigin here since that's the
correct idiom to use when the object is passed from a worker
thread back to the main thread.  Fix suggested by Daniel Bates.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206074 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Move the rendering of auth dialog shadow to the auth dialog widget
carlosgc@webkit.org [Sat, 17 Sep 2016 08:34:20 +0000 (08:34 +0000)]
[GTK] Move the rendering of auth dialog shadow to the auth dialog widget
https://bugs.webkit.org/show_bug.cgi?id=162061

Reviewed by Michael Catanzaro.

Instead of rendering the shadow in the web view, we can let the auth dialog do it. This fixes the rendering of
the shadow in Wayland when using gdk_cairo_draw_from_gl().

* UIProcess/API/gtk/WebKitAuthenticationDialog.cpp:
(webkitAuthenticationDialogDraw): Draw the shadow before rendering the child.
(webkitAuthenticationDialogSizeAllocate): Center the child on the allocated space.
(webkit_authentication_dialog_class_init): Add size_allocate implementation.
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseDraw): Do not draw the shadow when auth dialog is present.
(webkitWebViewBaseSizeAllocate): Give the whole web view allocation to the auth dialog.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206067 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[ThreadedCompositor] Scrolling artifacts on accelerated subframes
carlosgc@webkit.org [Sat, 17 Sep 2016 08:32:15 +0000 (08:32 +0000)]
[ThreadedCompositor] Scrolling artifacts on accelerated subframes
https://bugs.webkit.org/show_bug.cgi?id=149060

Reviewed by Michael Catanzaro.

The problem is that we are scrolling the main frame even when scrolling is not delegated.

* WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:
(WebKit::ThreadedCoordinatedLayerTreeHost::scrollNonCompositedContents): Return early if main frame view doesn't
delegate scrolling.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[DFG] Introduce IsCellWithType node and unify IsJSArray, IsRegExpObject and newly...
utatane.tea@gmail.com [Sat, 17 Sep 2016 06:32:50 +0000 (06:32 +0000)]
[DFG] Introduce IsCellWithType node and unify IsJSArray, IsRegExpObject and newly added IsProxyObject
https://bugs.webkit.org/show_bug.cgi?id=162000

Reviewed by Filip Pizlo.

JSTests:

* microbenchmarks/is-array-for-array.js: Added.
(isArray):
* microbenchmarks/is-array-for-mixed-case.js: Added.
(isArray):
* microbenchmarks/is-array-for-non-array-object.js: Added.
(isArray):
* microbenchmarks/is-array-for-proxy.js: Added.
(isArray):
(isArray.proxy.throw.new.Error.isArray):
(isArray.proxy.throw.new.Error):

Source/JavaScriptCore:

Sampling profiler tells that ES6SampleBench/Basic frequently calls Array.isArray(). This function is introduced in
ES5 and it is well-used to distinguish Array from the other objects. Moreover, this function is used in Array.prototype.xxx
methods as @isArray. So it's worth optimizing.

The difference between Array.isArray and @isJSArray is that Array.isArray need to consider about ProxyObject while
@isJSArray builtin intrinsic does not. So in this patch, we leverage the existing @isJSArray to implement Array.isArray.
Array.isArray is written in builtin JS code using @isJSArray and newly added @isProxyObject(). That allow us to inline
Array.isArray() code and the inlined code uses existing DFG nodes well.

Another problem is RuntimeArray and ArrayPrototype. They inherit JSArray and their JSType is ObjectType. But Array.isArray need
to return true for those types. While optimizing type checking in generic way by type display is nice, RuntimeArray and
ArrayPrototype are a bit tricky and it is super rare that these functions are passed to Array.isArray(). So instead of introducing
type display in this patch, we just introduce a new JSType, DerivedArrayType and use it in the above 2 use classes. Since
Array.isArray is specially handled in the spec (while we don't have any Date.isDate() like functions, only Array.isArray
is specified in the spec because we frequently want to distinguish Arrays from other Objects), optimizing Array.isArray specially
by introducing special DerivedArrayType is reasonable.

In LLInt level, we add a new opcode, op_is_proxy_object and op_is_derived_array. This works similar to op_is_jsarray.
And we also perform LLInt code cleanup by introducing a macro isCellWithType.

In baseline, we perform some clean up for op_is_proxy_object etc. Now duplicate code is reduced.

In DFG, we unify IsJSArray, IsRegExpObject, IsProxyObject, and IsDerivedArray into one IsCellWithType node. And we clean up
some AI code related to IsJSArray and IsRegExpObject since SpeculatedType now recognizes ProxyObject. IsJSArray and IsRegExpObject
does not do anything special for proxy objects.

The above change simplify things to create a new IsXXX DFG handling and paves the way for optimizing @isMap & @isSet in DFG.
Furthermore, introducing @isProxyObject() is nice for the first step to optimize ProxyObject handling.

Here is microbenchmark result. We can see stable performance improvement (Even if we use Proxies!).

                                            baseline                  patched

    is-array-for-array                   2.5156+-0.0288     ^      2.0668+-0.0285        ^ definitely 1.2171x faster
    is-array-for-mixed-case              4.7787+-0.0755     ^      4.4722+-0.0789        ^ definitely 1.0686x faster
    is-array-for-non-array-object        2.3596+-0.0368     ^      1.8178+-0.0262        ^ definitely 1.2980x faster
    is-array-for-proxy                   4.0469+-0.0437     ^      3.3845+-0.0404        ^ definitely 1.1957x faster

And ES6SampleBench/Basic reports 5.2% perf improvement. And now sampling result in ES6SampleBench/Basic does not pose Array.isArray.

    Benchmark             First Iteration        Worst 2%               Steady State
    baseline:Basic        28.59 ms +- 1.03 ms    15.08 ms +- 0.28 ms    1656.96 ms +- 18.02 ms
    patched:Basic         27.82 ms +- 0.44 ms    14.59 ms +- 0.16 ms    1574.65 ms +- 8.44 ms

* builtins/ArrayConstructor.js:
(isArray):
(from): Deleted.
* builtins/BuiltinNames.h:
* bytecode/BytecodeIntrinsicRegistry.h:
* bytecode/BytecodeList.json:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
* bytecode/SpeculatedType.cpp:
(JSC::dumpSpeculation):
(JSC::speculationFromClassInfo):
(JSC::speculationFromStructure):
* bytecode/SpeculatedType.h:
(JSC::isProxyObjectSpeculation):
(JSC::isDerivedArraySpeculation):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitIsProxyObject):
(JSC::BytecodeGenerator::emitIsDerivedArray):
(JSC::BytecodeGenerator::emitIsJSArray): Deleted.
* bytecompiler/NodesCodegen.cpp:
(JSC::BytecodeIntrinsicNode::emit_intrinsic_isProxyObject):
(JSC::BytecodeIntrinsicNode::emit_intrinsic_isDerivedArray):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::fixupIsCellWithType):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
* dfg/DFGNode.h:
(JSC::DFG::Node::hasQueriedType):
(JSC::DFG::Node::queriedType):
(JSC::DFG::Node::hasSpeculatedTypeForQuery):
(JSC::DFG::Node::speculatedTypeForQuery):
(JSC::DFG::Node::shouldSpeculateProxyObject):
(JSC::DFG::Node::shouldSpeculateDerivedArray):
(JSC::DFG::Node::loadVarargsData): Deleted.
(JSC::DFG::Node::shouldSpeculateArray): Deleted.
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::SafeToExecuteEdge::operator()):
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileIsCellWithType):
(JSC::DFG::SpeculativeJIT::speculateProxyObject):
(JSC::DFG::SpeculativeJIT::speculateDerivedArray):
(JSC::DFG::SpeculativeJIT::speculate):
(JSC::DFG::SpeculativeJIT::compileIsJSArray): Deleted.
(JSC::DFG::SpeculativeJIT::compileIsRegExpObject): Deleted.
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGUseKind.cpp:
(WTF::printInternal):
* dfg/DFGUseKind.h:
(JSC::DFG::typeFilterFor):
(JSC::DFG::isCell):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileIsCellWithType):
(JSC::FTL::DFG::LowerDFGToB3::speculate):
(JSC::FTL::DFG::LowerDFGToB3::isCellWithType):
(JSC::FTL::DFG::LowerDFGToB3::speculateProxyObject):
(JSC::FTL::DFG::LowerDFGToB3::speculateDerivedArray):
(JSC::FTL::DFG::LowerDFGToB3::compileIsJSArray): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::compileIsRegExpObject): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::isArray): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::isRegExpObject): Deleted.
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
* jit/JIT.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emitIsCellWithType):
(JSC::JIT::emit_op_is_string):
(JSC::JIT::emit_op_is_jsarray):
(JSC::JIT::emit_op_is_proxy_object):
(JSC::JIT::emit_op_is_derived_array):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emitIsCellWithType):
(JSC::JIT::emit_op_is_string):
(JSC::JIT::emit_op_is_jsarray):
(JSC::JIT::emit_op_is_proxy_object):
(JSC::JIT::emit_op_is_derived_array):
* jsc.cpp:
(WTF::RuntimeArray::createStructure):
* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/ArrayConstructor.cpp:
(JSC::ArrayConstructor::finishCreation):
(JSC::isArraySlowInline):
(JSC::isArraySlow):
(JSC::arrayConstructorPrivateFuncIsArraySlow):
(JSC::arrayConstructorIsArray): Deleted.
* runtime/ArrayConstructor.h:
(JSC::isArray):
* runtime/ArrayPrototype.h:
(JSC::ArrayPrototype::createStructure):
* runtime/JSArray.h:
(JSC::JSArray::finishCreation):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
* runtime/JSType.h:

Source/WebCore:

* bridge/runtime_array.h:
(JSC::RuntimeArray::createStructure):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206065 268f45cc-cd09-0410-ab3c-d52691b4dbfc