WebKit-https.git
22 months agoBlank page except for inner iframes because pending stylesheets cause style.isNotFina...
antti@apple.com [Tue, 9 Jan 2018 19:27:34 +0000 (19:27 +0000)]
Blank page except for inner iframes because pending stylesheets cause style.isNotFinal() to be true
https://bugs.webkit.org/show_bug.cgi?id=180940
<rdar://problem/36116507>

Reviewed by Darin Adler.

Source/WebCore:

Test: http/tests/local/loading-stylesheet-import-remove.html

If a <link> referencing a stylesheet containing an @import that was still loading was removed
from the document, the loading state was never cleared. For head stylesheets this blocked
rendering permanently.

Test reduction by Justin Ridgewell.

* html/HTMLLinkElement.cpp:
(WebCore::HTMLLinkElement::removedFromAncestor):

Test if the stylesheet it loading before clearing the pointer.

LayoutTests:

* http/tests/local/loading-stylesheet-import-remove.html: Added.
* http/tests/local/loading-stylesheet-import-remove-expected.html: Added.
* http/tests/local/resources/slow-import.css: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226653 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[webkitpy] PlatformInfo should have default argument for casual use
ddkilzer@apple.com [Tue, 9 Jan 2018 19:14:32 +0000 (19:14 +0000)]
[webkitpy] PlatformInfo should have default argument for casual use
https://bugs.webkit.org/show_bug.cgi?id=180827

Patch by Basuke Suzuki <Basuke.Suzuki@sony.com> on 2018-01-09
Reviewed by David Kilzer.

PlatformInfo should be the only way to check platform specific thing instead
of sys.platform or other various checks. If there is something you want to check,
it should be placed in PlatformInfo.

Currently to instantiate PlatformInfo, it requires arguments, which is usually
sys, platform and Executive(). They are straight forward and should be handled
by default arguments. Then we can instantiate PlatformInfo more casual.

* Scripts/webkitpy/common/system/platforminfo.py:
(PlatformInfo): Use relative module path import
(PlatformInfo.__init__):
(PlatformInfo.executive): Lazy instantiation of Executive()
(PlatformInfo.total_bytes_memory): Accessing via above property
(PlatformInfo.xcode_sdk_version): Ditto
(PlatformInfo.xcode_simctl_list): Ditto
(PlatformInfo.xcode_version): Ditto
(PlatformInfo._win_version_str): Ditto
* Scripts/webkitpy/common/system/systemhost.py:
(SystemHost.__init__):
* Scripts/webkitpy/common/system/user.py:
(User.__init__):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226652 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoMake imported/w3c/web-platform-tests/service-workers/service-worker/fetch-canvas...
commit-queue@webkit.org [Tue, 9 Jan 2018 19:10:02 +0000 (19:10 +0000)]
Make imported/w3c/web-platform-tests/service-workers/service-worker/fetch-canvas-tainting-cache.https.html robust to quota error
https://bugs.webkit.org/show_bug.cgi?id=181404

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-09
Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Ensure fetch event promise is resolved in case cache is used.
Ensure each cache entry is deleted to not hit any cache quota error.
Test was previously deleting the whole cache, but in WebKit, the quota
in such a case will only be updated when the cache is garbaged collected, which is not deterministic.
Make tests output more results to improve debugability.

* web-platform-tests/service-workers/service-worker/fetch-canvas-tainting-cache.https.html:
* web-platform-tests/service-workers/service-worker/fetch-canvas-tainting.https-expected.txt:
* web-platform-tests/service-workers/service-worker/fetch-canvas-tainting.https.html:
* web-platform-tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html:

LayoutTests:

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226651 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoASSERTION FAILED: pair.second->m_type & PropertyNode::Getter
mark.lam@apple.com [Tue, 9 Jan 2018 18:49:25 +0000 (18:49 +0000)]
ASSERTION FAILED: pair.second->m_type & PropertyNode::Getter
https://bugs.webkit.org/show_bug.cgi?id=181388
<rdar://problem/36349351>

Reviewed by Saam Barati.

JSTests:

* stress/regress-181388.js: Added.

Source/JavaScriptCore:

When there are duplicate setters or getters, we may end up overwriting a getter
with a setter, or vice versa.  This patch adds tracking for getters/setters that
have been overwritten with duplicates and ignore them.

* bytecompiler/NodesCodegen.cpp:
(JSC::PropertyListNode::emitBytecode):
* parser/NodeConstructors.h:
(JSC::PropertyNode::PropertyNode):
* parser/Nodes.h:
(JSC::PropertyNode::isOverriddenByDuplicate const):
(JSC::PropertyNode::setIsOverriddenByDuplicate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226650 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoRemoved some empty directories that were left behind
mitz@apple.com [Tue, 9 Jan 2018 18:29:18 +0000 (18:29 +0000)]
Removed some empty directories that were left behind

Source/ThirdParty/ANGLE:

* src/third_party/murmurhash: Removed.
* third_party: Removed.
* third_party/deqp: Removed.

Source/WebCore:

* Modules/indieui: Removed.
* Modules/vibration: Removed.
* platform/graphics/ca/mac: Removed.
* platform/mediastream/gstreamer: Removed.

Source/WebKit:

* WebProcess/Cookies/cf: Removed.
* WebProcess/ios: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226647 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[iOS Debug WK2] Layout Test imported/w3c/web-platform-tests/service-workers/service...
commit-queue@webkit.org [Tue, 9 Jan 2018 18:24:55 +0000 (18:24 +0000)]
[iOS Debug WK2] Layout Test imported/w3c/web-platform-tests/service-workers/service-worker/register-closed-window.https.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=181087
<rdar://problem/36188109>

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-09
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

Updated test to get a more deterministic output.

* web-platform-tests/service-workers/service-worker/register-closed-window.https-expected.txt:
* web-platform-tests/service-workers/service-worker/resources/register-closed-window-iframe.html:

LayoutTests:

* platform/ios-wk2/TestExpectations: Removed flaky expectation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226646 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoRefactor timing function solving code
graouts@webkit.org [Tue, 9 Jan 2018 17:55:22 +0000 (17:55 +0000)]
Refactor timing function solving code
https://bugs.webkit.org/show_bug.cgi?id=181428

Reviewed by Dean Jackson.

We have duplicated code to solve "cubic" and "steps" timing functions in AnimationBase and TextureMapperAnimation,
and we will soon need similar code to deal with timing functions in Web Animations. We move this code into TimingFunction
with a single transformTime() function that can be called directly on the timing function rather than having callers
figure out what type timing functions are to solve them.

No test as there shouldn't be any behavior change.

* page/animation/AnimationBase.cpp:
(WebCore::AnimationBase::progress const):
(WebCore::solveEpsilon): Deleted.
(WebCore::solveCubicBezierFunction): Deleted.
(WebCore::solveStepsFunction): Deleted.
(WebCore::solveSpringFunction): Deleted.
* platform/animation/TimingFunction.cpp:
(WebCore::TimingFunction::transformTime const):
* platform/animation/TimingFunction.h:
* platform/graphics/texmap/TextureMapperAnimation.cpp:
(WebCore::TextureMapperAnimation::apply):
(WebCore::solveEpsilon): Deleted.
(WebCore::solveCubicBezierFunction): Deleted.
(WebCore::solveStepsFunction): Deleted.
(WebCore::applyTimingFunction): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226645 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoDon't record dynamic spelling corrections while in an ephemeral browsing session
timothy_horton@apple.com [Tue, 9 Jan 2018 17:54:50 +0000 (17:54 +0000)]
Don't record dynamic spelling corrections while in an ephemeral browsing session
https://bugs.webkit.org/show_bug.cgi?id=181417
<rdar://problem/33309104>

Dynamic spelling correction responses are kept on disk. Avoid recording
these responses when in an ephemeral session.

Reviewed by Tim Horton and Wenson Hsieh.

* UIProcess/mac/CorrectionPanel.h:
* UIProcess/mac/CorrectionPanel.mm:
(WebKit::CorrectionPanel::recordAutocorrectionResponse):
    Add a WebViewImpl parameter so we can query the current session.
    Return early before recording the response if the session is
    ephemeral.
(WebKit::CorrectionPanel::handleAcceptedReplacement):
    Update a caller to include the new parameter.
* UIProcess/mac/PageClientImplMac.mm:
(WebKit::PageClientImpl::recordAutocorrectionResponse):
    Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226644 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUnreviewed, silence -Wunused-parameter warning
mcatanzaro@igalia.com [Tue, 9 Jan 2018 17:13:19 +0000 (17:13 +0000)]
Unreviewed, silence -Wunused-parameter warning

* testing/js/WebCoreTestSupport.cpp:
(WebCoreTestSupport::setupNewlyCreatedServiceWorker):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226640 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[EME] Add layout test for clearKey CENC message event
commit-queue@webkit.org [Tue, 9 Jan 2018 16:50:18 +0000 (16:50 +0000)]
[EME] Add layout test for clearKey CENC message event
https://bugs.webkit.org/show_bug.cgi?id=180928

Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-01-09
Reviewed by Xabier Rodriguez-Calvar.

Tests the reception of clearKey message event after the encrypted event and checks its KeyID.
There are two tests: one with MSE playback and another with regular playback.

* media/encrypted-media/clearKey/clearKey-message-cenc-event-expected.txt: Added.
* media/encrypted-media/clearKey/clearKey-message-cenc-event-mse-expected.txt: Added.
* media/encrypted-media/clearKey/clearKey-message-cenc-event-mse.html: Added.
    Test with MSE playback.
* media/encrypted-media/clearKey/clearKey-message-cenc-event.html: Added.
    Test with regular playback.
* media/encrypted-media/clearKey/encrypted-media-clearKey-handler.js: Added.
    This JavaScript file provides a simple clearKey EME implementation, checks the EME support, handles the "encrypted", "message" and
    "keystatuseschange" events, and updates the CDM session with the right keys.
    This implementation allows to play an encrypted media (video or audio or both), it is used in this test by overloading the "onMessage" callback
    by an other function that checks the 'message' event and stops the test.
* media/encrypted-media/medias-enc.js:
    I take this opportunity to introduce some fixes:
    Rename "mimetype" field to "mimeType", this field is only used in "clearKey-encrypted-cenc-event-mse.html",
    thus it is easy to change it now.
    Change the KeyID of the encrypted video with the right value, it is used for first time in this test.
* media/media-source/media-source-loader-simple.js:
    Use "mimeType" instead of "mimetype" as it is modified in "medias-enc.js".
* platform/gtk/TestExpectations:
* platform/mac/TestExpectations:
* platform/wpe/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226639 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoCheck Image::m_image is not null in ImageLoader::decode()
commit-queue@webkit.org [Tue, 9 Jan 2018 16:44:44 +0000 (16:44 +0000)]
Check Image::m_image is not null in ImageLoader::decode()
https://bugs.webkit.org/show_bug.cgi?id=180386
<rdar://problem/34634483>

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-01-09
Reviewed by Tim Horton.

Source/WebCore:

Ensure ImageLoader::m_image is not null before referencing it.

* loader/ImageLoader.cpp:
(WebCore::ImageLoader::decode):

LayoutTests:

Add a new rejected case for decoding an image with an invalid URL.

* fast/images/decode-static-image-reject-expected.txt:
* fast/images/decode-static-image-reject.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226638 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUnreviewed. Update OptionsGTK.cmake and NEWS for 2.19.5 release.
carlosgc@webkit.org [Tue, 9 Jan 2018 16:29:45 +0000 (16:29 +0000)]
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.19.5 release.

.:

* Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

* gtk/NEWS: Add release notes for 2.19.5.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226636 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[FreeType] Use FastMalloc for FreeType
utatane.tea@gmail.com [Tue, 9 Jan 2018 16:23:54 +0000 (16:23 +0000)]
[FreeType] Use FastMalloc for FreeType
https://bugs.webkit.org/show_bug.cgi?id=181387

Reviewed by Michael Catanzaro.

Add custom memory allocator for FreeType to use FastMalloc.

* platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
(WebCore::initializeFreeTypeLibrary):
(WebCore::createFontCustomPlatformData):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226635 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[RenderTreeBuilder] Move RenderTable* addChild mutation logic to RenderTreeBuilder
zalan@apple.com [Tue, 9 Jan 2018 16:15:23 +0000 (16:15 +0000)]
[RenderTreeBuilder] Move RenderTable* addChild mutation logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181424
<rdar://problem/36368628>

Reviewed by Antti Koivisto.

This is about moving code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

Covered by existing tests.

* rendering/RenderTable.cpp:
(WebCore::RenderTable::addChild):
* rendering/RenderTableRow.cpp:
(WebCore::RenderTableRow::addChild):
* rendering/RenderTableSection.cpp:
(WebCore::RenderTableSection::addChild):
* rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::insertChildToRenderTable):
(WebCore::RenderTreeBuilder::insertChildToRenderTableSection):
(WebCore::RenderTreeBuilder::insertChildToRenderTableRow):
* rendering/updating/RenderTreeBuilder.h:
* rendering/updating/RenderTreeBuilderTable.cpp:
(WebCore::RenderTreeBuilder::Table::insertChild):
* rendering/updating/RenderTreeBuilderTable.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226634 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[GTK] Missing symbols exported in 2.19.4
carlosgc@webkit.org [Tue, 9 Jan 2018 15:53:38 +0000 (15:53 +0000)]
[GTK] Missing symbols exported in 2.19.4
https://bugs.webkit.org/show_bug.cgi?id=181433

Reviewed by Michael Catanzaro.

Add missing WEBKIT_API to webkit_dom_dom_window_webkit_message_handlers_post_message().

* WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDOMWindow.h:
* webkitglib-symbols.map: Remove webkit_media_player_debug from local.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226633 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[RenderTreeBuilder] Transition Render*::addChild() calls to RenderTreeBuilder::insert...
zalan@apple.com [Tue, 9 Jan 2018 15:22:13 +0000 (15:22 +0000)]
[RenderTreeBuilder] Transition Render*::addChild() calls to RenderTreeBuilder::insertChildToRender*()
https://bugs.webkit.org/show_bug.cgi?id=181407
<rdar://problem/36361176>

Reviewed by Antti Koivisto.

Eventually all mutation will be going through the RenderTreeBuilder.

No change in functionality.

* rendering/RenderGrid.cpp:
(WebCore::RenderGrid::addChild):
* rendering/RenderMultiColumnFlow.cpp:
(WebCore::RenderMultiColumnFlow::processPossibleSpannerDescendant):
* rendering/RenderRubyRun.cpp:
(WebCore::RenderRubyRun::rubyBaseSafe):
* rendering/updating/RenderTreeBuilderBlockFlow.cpp:
(WebCore::RenderTreeBuilder::BlockFlow::insertChild):
* rendering/updating/RenderTreeBuilderMultiColumn.cpp:
(WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
* rendering/updating/RenderTreeBuilderRuby.cpp:
(WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226632 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoMark imported/w3c/web-platform-tests/viewport/viewport-resize-event-on-load-overflowi...
commit-queue@webkit.org [Tue, 9 Jan 2018 15:05:25 +0000 (15:05 +0000)]
Mark imported/w3c/web-platform-tests/viewport/viewport-resize-event-on-load-overflowing-page.html as flaky
https://bugs.webkit.org/show_bug.cgi?id=181436

Patch by Ali Juma <ajuma@chromium.org> on 2018-01-09
Reviewed by Frédéric Wang.

Test gardening.

* TestExpectations:
Mark test that seems to have timing issues as flaky.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226631 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[GStreamer] Ensure SleepDisabler is not held by pages in page cache
philn@webkit.org [Tue, 9 Jan 2018 14:43:28 +0000 (14:43 +0000)]
[GStreamer] Ensure SleepDisabler is not held by pages in page cache
https://bugs.webkit.org/show_bug.cgi?id=180197

Reviewed by Eric Carlson.

The sleep disabler is now checked again whenever the media player
playback state or other characteristic has changed in the media
engine.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::mediaPlayerPlaybackStateChanged):
Check if the sleep disabler state needs to be updated or not.
(WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged): Ditto.
(WebCore::HTMLMediaElement::shouldDisableSleep const): Enable
sleep disabler for GTK and WPE ports.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226630 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[GStreamer] Missing notifications to player client
philn@webkit.org [Tue, 9 Jan 2018 13:59:47 +0000 (13:59 +0000)]
[GStreamer] Missing notifications to player client
https://bugs.webkit.org/show_bug.cgi?id=181432

Reviewed by Carlos Garcia Campos.

We now properly emit playback state changes and characteristic
updates to the client when the pipeline state changes and when
audio/video tracks changes are detected.

* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::playbackPosition const):
This debug message appears too often in logs. Demote.
(WebCore::MediaPlayerPrivateGStreamer::durationMediaTime const): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo): Emit
charasteristicChanged notification.
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::updateStates): Keep track
of old and current pipeline state.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226629 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAdd CSP support to service workers
commit-queue@webkit.org [Tue, 9 Jan 2018 13:57:25 +0000 (13:57 +0000)]
Add CSP support to service workers
https://bugs.webkit.org/show_bug.cgi?id=181385

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-09
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

* web-platform-tests/service-workers/service-worker/service-worker-csp-connect.https-expected.txt:
* web-platform-tests/service-workers/service-worker/service-worker-csp-default.https-expected.txt:
* web-platform-tests/service-workers/service-worker/service-worker-csp-script.https-expected.txt:

Source/WebCore:

Covered by rebased tests.

Added recovery of CSP information from WorkerScriptLoader.
Added plumbing to pass the CSP information to Service Workers.
Did not add persistency support for the CSP information as this requires changing the SQL database schema.
This will be done in a follow-up.

* workers/WorkerScriptLoader.cpp:
(WebCore::WorkerScriptLoader::loadAsynchronously):
(WebCore::WorkerScriptLoader::didReceiveResponse):
* workers/WorkerScriptLoader.h:
(WebCore::WorkerScriptLoader::contentSecurityPolicy const):
* workers/service/SWClientConnection.cpp:
(WebCore::SWClientConnection::finishedFetchingScript):
(WebCore::SWClientConnection::failedFetchingScript):
* workers/service/SWClientConnection.h:
* workers/service/ServiceWorkerContainer.cpp:
(WebCore::ServiceWorkerContainer::addRegistration):
(WebCore::ServiceWorkerContainer::jobFailedWithException):
(WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
(WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
* workers/service/ServiceWorkerContainer.h:
* workers/service/ServiceWorkerContextData.cpp:
(WebCore::ServiceWorkerContextData::isolatedCopy const):
* workers/service/ServiceWorkerContextData.h:
(WebCore::ServiceWorkerContextData::encode const):
(WebCore::ServiceWorkerContextData::decode):
* workers/service/ServiceWorkerFetchResult.h:
(WebCore::ServiceWorkerFetchResult::encode const):
(WebCore::ServiceWorkerFetchResult::decode):
* workers/service/ServiceWorkerGlobalScope.cpp:
(WebCore::ServiceWorkerGlobalScope::create):
* workers/service/ServiceWorkerGlobalScope.h:
* workers/service/ServiceWorkerJob.cpp:
(WebCore::ServiceWorkerJob::notifyFinished):
* workers/service/ServiceWorkerJobClient.h:
* workers/service/context/ServiceWorkerThread.cpp:
(WebCore::ServiceWorkerThread::ServiceWorkerThread):
(WebCore::ServiceWorkerThread::createWorkerGlobalScope):
* workers/service/server/RegistrationDatabase.cpp:
(WebCore::v1RecordsTableSchema):
(WebCore::RegistrationDatabase::importRecords):
* workers/service/server/SWServer.cpp:
(WebCore::SWServer::updateWorker):
(WebCore::SWServer::installContextData):
* workers/service/server/SWServer.h:
* workers/service/server/SWServerJobQueue.cpp:
(WebCore::SWServerJobQueue::scriptFetchFinished):
* workers/service/server/SWServerWorker.cpp:
(WebCore::SWServerWorker::SWServerWorker):
(WebCore::m_contentSecurityPolicy):
(WebCore::SWServerWorker::contextData const):
* workers/service/server/SWServerWorker.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226628 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoProvide a method to obtain a CSS value from a RenderStyle by CSSPropertyID
commit-queue@webkit.org [Tue, 9 Jan 2018 13:11:53 +0000 (13:11 +0000)]
Provide a method to obtain a CSS value from a RenderStyle by CSSPropertyID
https://bugs.webkit.org/show_bug.cgi?id=181429

Patch by Antoine Quint <graouts@apple.com> on 2018-01-09
Reviewed by Antti Koivisto.

The KeyframeEffect.getKeyframes() method from Web Animations requires that we return all styles applied at a given
animation effect keyframe. When we parse keyframes, we create RenderStyle objects that are stored in a KeyframeList,
as well as a list of CSSPropertyIDs that are animated. In order to provide the list of animated properties and their
values when calling getKeyframes(), we need to be able to read back from the RenderStyle we create. As a first step
towards this goal, we factor some code in ComputedStyleExtractor::propertyValue() out into a new method
ComputedStyleExtractor::valueForPropertyinStyle() which takes in an explicit RenderStyle.

No test as this is simply refactoring that doesn't change or add behavior.

* css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::propertyValue):
(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
* css/CSSComputedStyleDeclaration.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226627 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoSWClientConnection should not keep references to service worker jobs
commit-queue@webkit.org [Tue, 9 Jan 2018 12:48:34 +0000 (12:48 +0000)]
SWClientConnection should not keep references to service worker jobs
https://bugs.webkit.org/show_bug.cgi?id=181381

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-09
Reviewed by Chris Dumez.

Source/WebCore:

Difficult to test determiniscally but corresponding crash log should no longer happen in debug builds.

Stopped passing ServiceWorkerJob references from ServiceWorkerContainer (potentially in service worker thread) to SWClientConnection (main thread).
Instead pass job identifiers and related data to the main thread.

Minor refactoring to use ServiceWorkerJobIdentifier instead of ServiceWorkerJobDataIdentifier which contains more data than needed.

* workers/service/SWClientConnection.cpp:
(WebCore::SWClientConnection::scheduleJob):
(WebCore::SWClientConnection::failedFetchingScript):
(WebCore::SWClientConnection::postTaskForJob):
(WebCore::SWClientConnection::jobRejectedInServer):
(WebCore::SWClientConnection::registrationJobResolvedInServer):
(WebCore::SWClientConnection::unregistrationJobResolvedInServer):
(WebCore::SWClientConnection::startScriptFetchForServer):
(WebCore::SWClientConnection::clearPendingJobs):
(WebCore::SWClientConnection::finishedFetchingScript): Deleted.
* workers/service/SWClientConnection.h:
* workers/service/ServiceWorkerContainer.cpp:
(WebCore::ServiceWorkerContainer::scheduleJob):
(WebCore::ServiceWorkerContainer::startScriptFetchForJob):
(WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
(WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
* workers/service/ServiceWorkerContainer.h:
* workers/service/server/SWServer.cpp:
(WebCore::SWServer::rejectJob):
(WebCore::SWServer::resolveRegistrationJob):
(WebCore::SWServer::resolveUnregistrationJob):
(WebCore::SWServer::startScriptFetch):
* workers/service/server/SWServer.h:

Source/WebKit:

Updated IPC handling based on WebCore refactoring.

* Scripts/webkit/messages.py:
(forward_declarations_and_headers):
(headers_for_type):
* StorageProcess/ServiceWorker/WebSWServerConnection.cpp:
(WebKit::WebSWServerConnection::rejectJobInClient):
(WebKit::WebSWServerConnection::resolveRegistrationJobInClient):
(WebKit::WebSWServerConnection::resolveUnregistrationJobInClient):
(WebKit::WebSWServerConnection::startScriptFetchInClient):
* StorageProcess/ServiceWorker/WebSWServerConnection.h:
* WebProcess/Storage/WebSWClientConnection.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226626 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUnreviewed. Update OptionsGTK.cmake and NEWS for 2.19.4 release.
carlosgc@webkit.org [Tue, 9 Jan 2018 11:55:51 +0000 (11:55 +0000)]
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.19.4 release.

.:

* Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

* gtk/NEWS: Add release notes for 2.19.4.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226624 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoREGRESSION(r224460): Text fields sometimes get "messed up"
carlosgc@webkit.org [Tue, 9 Jan 2018 10:57:02 +0000 (10:57 +0000)]
REGRESSION(r224460): Text fields sometimes get "messed up"
https://bugs.webkit.org/show_bug.cgi?id=181115

Reviewed by Zalan Bujtas.

Add the scroll position to paint offset before computing the clip rectangle. Before r224460, scroll position was
substracted after the clip rectangle was computed.

* rendering/LayoutState.cpp:
(WebCore::LayoutState::computeClipRect):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226623 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoImplement VisualViewport API events
commit-queue@webkit.org [Tue, 9 Jan 2018 10:53:12 +0000 (10:53 +0000)]
Implement VisualViewport API events
https://bugs.webkit.org/show_bug.cgi?id=179386

Patch by Ali Juma <ajuma@chromium.org> on 2018-01-09
Reviewed by Frédéric Wang.

LayoutTests/imported/w3c:

Update expectation for a viewport WPT that now passes.

* web-platform-tests/viewport/viewport-resize-event-on-load-overflowing-page-expected.txt:

Source/WebCore:

Implement the events (resize and scroll) defined by the Visual Viewport API
(https://wicg.github.io/visual-viewport/#events).

This is behind the VisualViewportAPI experimental feature flag.

In order to detect when events need to be fired, change the computation of
Visual Viewport attributes to happen whenever the layout viewport is updated
rather than only on-demand.

Tests: fast/visual-viewport/resize-event-fired-window-resized.html
       fast/visual-viewport/resize-event-fired.html
       fast/visual-viewport/scroll-event-fired.html

* dom/Document.cpp:
(WebCore::Document::addListenerTypeIfNeeded):
Add support for tracking resize event listeners.
* dom/Document.h:
* dom/DocumentEventQueue.cpp:
(WebCore::DocumentEventQueue::enqueueOrDispatchScrollEvent):
(WebCore::DocumentEventQueue::enqueueScrollEvent):
Factored out of enqueueOrDispatchScrollEvent so that this logic can be reused
for Visual Viewport scroll events.
(WebCore::DocumentEventQueue::enqueueResizeEvent):
(WebCore::DocumentEventQueue::pendingEventTimerFired):
* dom/DocumentEventQueue.h:
* page/FrameView.cpp:
(WebCore::FrameView::updateLayoutViewport):
* page/VisualViewport.cpp:
(WebCore::VisualViewport::addEventListener):
(WebCore::layoutIfNonNull):
(WebCore::VisualViewport::offsetLeft const):
Remove attribute computation logic since this now happens during update().
(WebCore::VisualViewport::offsetTop const): Ditto.
(WebCore::VisualViewport::pageLeft const): Ditto.
(WebCore::VisualViewport::pageTop const): Ditto.
(WebCore::VisualViewport::width const): Ditto.
(WebCore::VisualViewport::height const): Ditto.
(WebCore::VisualViewport::scale const):
(WebCore::VisualViewport::update):
Added. Computes all of the Visual Viewport attributes and determines
whether events need to be fired.
(WebCore::VisualViewport::enqueueResizeEvent):
(WebCore::VisualViewport::enqueueScrollEvent):
(WebCore::getFrameViewAndLayoutIfNonNull): Deleted.
* page/VisualViewport.h:

Source/WebKit:

Change the default value of the VisualViewportAPI experimental feature flag to
DEFAULT_EXPERIMENTAL_FEATURES_ENABLED. This patch completes the implementation
of this feature as specified by https://wicg.github.io/visual-viewport/, so this
feature is now ready for wider testing.

* Shared/WebPreferences.yaml:

LayoutTests:

Add tests for Visual Viewport API events. Test that a resize event is fired after
pinch zoom and after window resize, and test that a scroll event is fired when the
visual viewport is scrolled.

* fast/visual-viewport/resize-event-fired-expected.txt: Added.
* fast/visual-viewport/resize-event-fired-window-resized-expected.txt: Added.
* fast/visual-viewport/resize-event-fired-window-resized.html: Added.
* fast/visual-viewport/resize-event-fired.html: Added.
* fast/visual-viewport/scroll-event-fired-expected.txt: Added.
* fast/visual-viewport/scroll-event-fired.html: Added.
* platform/gtk/TestExpectations:
Skipped tests that use UIScriptController::zoomToScale, since this isn't implemented on GTK.
* platform/ios/TestExpectations:
Skipped test that resizes a window, since this isn't supported on iOS.
* platform/win/TestExpectations:
Skipped tests that use UIScriptController::zoomToScale, since this isn't implemented on Windows.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226622 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[EME] Add the CENC initData support in ClearKey CDM
commit-queue@webkit.org [Tue, 9 Jan 2018 10:02:46 +0000 (10:02 +0000)]
[EME] Add the CENC initData support in ClearKey CDM
https://bugs.webkit.org/show_bug.cgi?id=180081

Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-01-09
Reviewed by Xabier Rodriguez-Calvar.

Add the "cenc" initDataType support in ClearKey CDM.
Parse the CENC initData and extract the KIDs by following the W3C spec
https://www.w3.org/TR/eme-initdata-cenc/#common-system

Tests: media/encrypted-media/clearKey/clearKey-message-cenc-event.html
       media/encrypted-media/clearKey/clearKey-message-cenc-event-mse.html

* platform/encryptedmedia/clearkey/CDMClearKey.cpp:
(WebCore::extractKeyidsLocationFromCencInitData):
(WebCore::isCencInitData):
(WebCore::extractKeyidsFromCencInitData):
(WebCore::CDMPrivateClearKey::supportsInitDataType const):
(WebCore::CDMPrivateClearKey::supportsInitData const):
(WebCore::CDMInstanceClearKey::requestLicense):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226621 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[Cairo] Pass state values directly to Cairo operations
zandobersek@gmail.com [Tue, 9 Jan 2018 09:52:13 +0000 (09:52 +0000)]
[Cairo] Pass state values directly to Cairo operations
https://bugs.webkit.org/show_bug.cgi?id=181389

Reviewed by Carlos Garcia Campos.

Instead of passing reference to the GraphicsContextState object to
various Cairo operations, only pass the required state values. This
makes it explicit what state values are used in these operations, at the
expense of some long parameter lists, but this will be better addressed
by future refactoring of this code into more concise functions.

No new tests -- no change in functionality.

* platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::drawGlyphsShadow):
(WebCore::Cairo::dashedLineCornerWidthForStrokeWidth):
(WebCore::Cairo::dashedLinePatternWidthForStrokeWidth):
(WebCore::Cairo::drawGlyphs):
(WebCore::Cairo::drawRect):
(WebCore::Cairo::drawLine):
(WebCore::Cairo::drawEllipse):
* platform/graphics/cairo/CairoOperations.h:
* platform/graphics/cairo/FontCairo.cpp:
(WebCore::FontCascade::drawGlyphs):
* platform/graphics/cairo/GraphicsContextCairo.cpp:
(WebCore::GraphicsContext::drawRect):
(WebCore::GraphicsContext::drawLine):
(WebCore::GraphicsContext::drawEllipse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226620 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[Win] Remove workaround for Bug 176442 after stopping MSVC 2015 support
commit-queue@webkit.org [Tue, 9 Jan 2018 09:29:52 +0000 (09:29 +0000)]
[Win] Remove workaround for Bug 176442 after stopping MSVC 2015 support
https://bugs.webkit.org/show_bug.cgi?id=176443

Patch by Yoshiaki Jitsukawa <Yoshiaki.Jitsukawa@sony.com> on 2018-01-09
Reviewed by Darin Adler.

* TestWebKitAPI/Tests/WTF/PriorityQueue.cpp:
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226619 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agocheck-webkit-style: Verify syntax for WK_API_AVAILABLE
fred.wang@free.fr [Tue, 9 Jan 2018 09:05:34 +0000 (09:05 +0000)]
check-webkit-style: Verify syntax for WK_API_AVAILABLE
https://bugs.webkit.org/show_bug.cgi?id=181394

Patch by Frederic Wang <fwang@igalia.com.fr> on 2018-01-09
Reviewed by Darin Adler.

A common syntax error for WK_API_AVAILABLE is to write ios(WK_MAC_TBA)
as the second parameter instead of ios(WK_IOS_TBA). This generally
builds for iOS on EWS but not when using the public SDK. See r224057,
r223207 and r226211 for example. This patch adds a basic style check
for that macro to prevent this kind of mistake.

* Scripts/webkitpy/style/checkers/cpp.py:
(check_min_versions_of_wk_api_available): New function to verify the parameters of WX_API_AVAILABLE.
(check_style): Run new style check.
(CppChecker): Add build type for the new style check.
* Scripts/webkitpy/style/checkers/cpp_unittest.py:
(WebKitStyleTest.test_min_versions_of_wk_api_available): Add tests for the new style check.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226618 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoRelease assert in addResourceTiming when a cache resource is requested during style...
rniwa@webkit.org [Tue, 9 Jan 2018 08:34:34 +0000 (08:34 +0000)]
Release assert in addResourceTiming when a cache resource is requested during style recalc
https://bugs.webkit.org/show_bug.cgi?id=181137
<rdar://problem/35666574>

Reviewed by Simon Fraser.

Source/WebCore:

Make the dispatching of resourcetimingbufferfull event asynchronous to avoid dispatching it
synchronously during a style resolution when CachedResourceLoader::requestImage requests
a previously loaded image.

We now schedule a timer when the resource timing buffer becomes full, and dispatch the event
when the timer fires. Meanwhile, we have a backup buffer to which additional resource timing
entries would be added. Once the event is dispatched, we refill the buffer exposed to author
scripts. When refilling the buffer results in it becoming full again, we keep repeating the
process of firing resourcetimingbufferfull and re-filling the buffer until either we stop
making progress (i.e. the script didn't increase the number of empty entires in the buffer)
or the backup buffer (at the time we started this process) becomes empty.

Also fixed a bug that we were firing resourcetimingbufferfull event when the last entry that
fits within the buffer size was added instead of when an entry is being added to an already
full buffer. To make this work, the patch introduces m_resourceTimingBufferFullFlag,
representing the concept "resource timing buffer full" flag in the resource timing specification.

Test: http/tests/performance/performance-resource-timing-resourcetimingbufferfull-crash.html

* page/Performance.cpp:
(WebCore::Performance::Performance):
(WebCore::Performance::clearResourceTimings):
(WebCore::Performance::setResourceTimingBufferSize):
(WebCore::Performance::addResourceTiming):
(WebCore::Performance::resourceTimingBufferFullTimerFired):
* page/Performance.h:

LayoutTests:

Added a regression test for the crash.

Also fixed test cases in rt-performance-extensions.js which were incorrectly asserting and assuming that
resourcetimingbufferfull event will be fired when there are exactly the same number of entries as the buffer size.

* http/tests/performance/performance-resource-timing-resourcetimingbufferfull -crash-expected.txt: Added.
* http/tests/performance/performance-resource-timing-resourcetimingbufferfull-crash.html: Added.
* http/wpt/resource-timing/rt-performance-extensions.js: Fixed the test cases.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226617 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoREGRESSION(r225913): about 30 JSC test failures on ARMv7
zandobersek@gmail.com [Tue, 9 Jan 2018 07:17:06 +0000 (07:17 +0000)]
REGRESSION(r225913): about 30 JSC test failures on ARMv7
https://bugs.webkit.org/show_bug.cgi?id=181162
<rdar://problem/36261349>

Unreviewed follow-up to r226298. Enable the fast case in
DFG::SpeculativeJIT::compileArraySlice() for any 64-bit platform,
assuming in good faith that enough GP registers are available on any
such configuration. The accompanying comment is adjusted to describe
this assumption.

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArraySlice):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226616 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoWebAssembly: mask indexed accesses to Table
jfbastien@apple.com [Tue, 9 Jan 2018 07:10:36 +0000 (07:10 +0000)]
WebAssembly: mask indexed accesses to Table
https://bugs.webkit.org/show_bug.cgi?id=181412
<rdar://problem/36363236>

Reviewed by Saam Barati.

JSTests:

Update error messages.

* wasm/js-api/table.js:
(assert.throws.WebAssembly.Table.prototype.grow):

Source/JavaScriptCore:

WebAssembly Table indexed accesses are user-controlled and
bounds-checked. Force allocations of Table data to be a
power-of-two, and explicitly mask accesses after bounds-check
branches.

Rename misleading usage of "size" when "length" of a Table was
intended.

Rename the Spectre option from "disable" to "enable".

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::SpeculativeJIT):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::LowerDFGToB3):
* jit/JIT.cpp:
(JSC::JIT::JIT):
* runtime/Options.h:
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::emitCheckAndPreparePointer):
(JSC::Wasm::B3IRGenerator::addCallIndirect):
* wasm/WasmTable.cpp:
(JSC::Wasm::Table::allocatedLength):
(JSC::Wasm::Table::setLength):
(JSC::Wasm::Table::create):
(JSC::Wasm::Table::Table):
(JSC::Wasm::Table::grow):
(JSC::Wasm::Table::clearFunction):
(JSC::Wasm::Table::setFunction):
* wasm/WasmTable.h:
(JSC::Wasm::Table::length const):
(JSC::Wasm::Table::offsetOfLength):
(JSC::Wasm::Table::offsetOfMask):
(JSC::Wasm::Table::mask const):
(JSC::Wasm::Table::isValidLength):
* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::create):
* wasm/js/JSWebAssemblyTable.cpp:
(JSC::JSWebAssemblyTable::JSWebAssemblyTable):
(JSC::JSWebAssemblyTable::visitChildren):
(JSC::JSWebAssemblyTable::grow):
(JSC::JSWebAssemblyTable::getFunction):
(JSC::JSWebAssemblyTable::clearFunction):
(JSC::JSWebAssemblyTable::setFunction):
* wasm/js/JSWebAssemblyTable.h:
(JSC::JSWebAssemblyTable::isValidLength):
(JSC::JSWebAssemblyTable::length const):
(JSC::JSWebAssemblyTable::allocatedLength const):
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::evaluate):
* wasm/js/WebAssemblyTablePrototype.cpp:
(JSC::webAssemblyTableProtoFuncLength):
(JSC::webAssemblyTableProtoFuncGrow):
(JSC::webAssemblyTableProtoFuncGet):
(JSC::webAssemblyTableProtoFuncSet):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226615 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago::first-letter incorrectly selects grapheme pairs
commit-queue@webkit.org [Tue, 9 Jan 2018 06:41:18 +0000 (06:41 +0000)]
::first-letter incorrectly selects grapheme pairs
https://bugs.webkit.org/show_bug.cgi?id=181315

Patch by Chris Nardi <csnardi1@gmail.com> on 2018-01-08
Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Updated css-pseudo-4 to latest WPT revision and added first-letter-004.html.

* web-platform-tests/css/css-pseudo-4/first-letter-004-expected.html: Added.
* web-platform-tests/css/css-pseudo-4/first-letter-004.html: Added.
* web-platform-tests/css/css-pseudo-4/marker-color-expected.html:
* web-platform-tests/css/css-pseudo-4/marker-color.html:
* web-platform-tests/css/css-pseudo-4/marker-font-properties.html:
* web-platform-tests/css/css-pseudo-4/w3c-import.log:

Source/WebCore:

Grapheme pairs were incorrectly selected by ::first-letter. This
change fixes their selection.

Tests: Updated fast/css/first-letter-punctuation.html and imported
LayoutTests/imported/w3c/web-platform-tests/css/css-pseudo-4/first-letter-004.html

* rendering/updating/RenderTreeBuilderFirstLetter.cpp:
(WebCore::isPunctuationForFirstLetter):
(WebCore::shouldSkipForFirstLetter):
(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

LayoutTests:

* fast/css/first-letter-punctuation-expected.html: Added.
* fast/css/first-letter-punctuation.html:
* platform/gtk/fast/css/first-letter-punctuation-expected.png: Removed.
* platform/gtk/fast/css/first-letter-punctuation-expected.txt: Removed.
* platform/ios/fast/css/first-letter-punctuation-expected.txt: Removed.
* platform/mac/fast/css/first-letter-punctuation-expected.png: Removed.
* platform/mac/fast/css/first-letter-punctuation-expected.txt: Removed.
* platform/win/fast/css/first-letter-punctuation-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226614 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoSpecial list-item counter starts from an incorrect number for ::before and ::after
darin@apple.com [Tue, 9 Jan 2018 06:19:20 +0000 (06:19 +0000)]
Special list-item counter starts from an incorrect number for ::before and ::after
https://bugs.webkit.org/show_bug.cgi?id=181084

Reviewed by Zalan Bujtas.

Source/WebCore:

Test: fast/css/counters/counter-list-item.html

* Sources.txt: Removed CounterDirectives.cpp.
* WebCore.xcodeproj/project.pbxproj: Ditto.

* css/CSSComputedStyleDeclaration.cpp:
(WebCore::counterToCSSValue): Updated for changes to the CounterDirectives struct.
* css/StyleBuilderCustom.h:
(WebCore::StyleBuilderCustom::applyInheritCounter): Ditto.
(WebCore::StyleBuilderCustom::applyValueCounter): Ditto.

* html/HTMLLIElement.cpp:
(WebCore::HTMLLIElement::parseValue): Call setExplicitValue(std::nullopt) instead
of clearExplicitValue since we are using std::optional now.

* rendering/RenderCounter.cpp:
(WebCore::listItemCounterDirectives): Added. Computes the counter directives that
express the effects on the list-item counter from list item and list elements.
Used something as close to what the CSS 3 draft says as possible. This uses a
negative increment when creating a list to counteract the positive increment done
by a list element, except in the case of an unordered list. This is where the bug
fix actually lies. Also fixed handling of reversed ordered lists at the same time.
(WebCore::planCounter): Refactored to use the function above. Also changed the
code to pay attention to both the counter directives and the implicit ones from
list item and list elements, getting as close as possible to what the specification
seems to call for.

* rendering/RenderListItem.cpp:
(WebCore::RenderListItem::RenderListItem): Since we are using std::optional and no
longer using bit fields, simplified the constructor for each list item.
(WebCore::RenderListItem::calcValue const): Deleted.
(WebCore::RenderListItem::updateValueNow const): Merged in all the code from the
old calcValue function, but it is also simpler now since m_value is std::optional.
(WebCore::RenderListItem::updateValue): Updated to use std::optional.
(WebCore::RenderListItem::setExplicitValue): Ditto.
(WebCore::RenderListItem::clearExplicitValue): Deleted.
(WebCore::RenderListItem::updateListMarkerNumbers): Updated to use std::optional.
(WebCore::RenderListItem::isInReversedOrderedList const): Added. This is used by
the counter code so it can decrement instead of incrementing.

* rendering/RenderListItem.h: Updated to use std::optional. Also marked functions
final instead of override and initialized m_notInList after making it not be a
bitfield any more.

* rendering/style/CounterDirectives.cpp: Removed.
* rendering/style/CounterDirectives.h: Removed most of the CounterDirectives
class and replaced it with a struct with two std::optional. Added an addClamped
function so the counter code can share it with the addIncrementValue function.
If we want to make a faster version that doesn't use double, we can come back
and do that. Also moved the == function to the header since the implementation
is so trivial.

* rendering/style/StyleAllInOne.cpp: Removed CounterDirectives.cpp.

* rendering/style/StyleRareNonInheritedData.cpp:
(WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): Updated to
use std::make_unique directly instead of using a clone function.

LayoutTests:

* fast/css/counters/counter-list-item-expected.html: Added.
* fast/css/counters/counter-list-item.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226613 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[Attachment Support] Expose HTMLAttachmentElement.uniqueIdentifier to bindings
wenson_hsieh@apple.com [Tue, 9 Jan 2018 04:08:21 +0000 (04:08 +0000)]
[Attachment Support] Expose HTMLAttachmentElement.uniqueIdentifier to bindings
https://bugs.webkit.org/show_bug.cgi?id=181420
<rdar://problem/36365827>

Reviewed by Alex Christensen.

Source/WebCore:

Add a new IDL definition for uniqueIdentifier on HTMLAttachmentElement. This allows clients to relate attachment
elements in the DOM to _WKAttachments delivered via Objective-C SPI.

Adjusted existing tests in WKAttachmentTests.

* html/HTMLAttachmentElement.idl:

Tools:

Adjusts some existing API tests to verify that attachment elements' uniqueIdentifiers match the uniqueIdentifier
of corresponding _WKAttachments.

* TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226612 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoVersioning.
jmarcell@apple.com [Tue, 9 Jan 2018 03:52:49 +0000 (03:52 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226611 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAdd WKNavigationDelegate SPI exposing WebProcess crash reason
achristensen@apple.com [Tue, 9 Jan 2018 03:27:20 +0000 (03:27 +0000)]
Add WKNavigationDelegate SPI exposing WebProcess crash reason
https://bugs.webkit.org/show_bug.cgi?id=181410
<rdar://problem/36167199>

Reviewed by Wenson Hsieh.

Source/WebKit:

We exposed it in the C SPI.

* UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h:
* UIProcess/Cocoa/NavigationState.h:
* UIProcess/Cocoa/NavigationState.mm:
(WebKit::NavigationState::setNavigationDelegate):
(WebKit::toWKProcessTerminationReason):
(WebKit::NavigationState::NavigationClient::processDidTerminate):

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm:
(-[CrashReasonDelegate _webView:webContentProcessDidTerminateWithReason:]):
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226610 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoMake ObjC SPI equivalent to WKPageNavigationClient.decidePolicyForPluginLoad
achristensen@apple.com [Tue, 9 Jan 2018 03:26:18 +0000 (03:26 +0000)]
Make ObjC SPI equivalent to WKPageNavigationClient.decidePolicyForPluginLoad
https://bugs.webkit.org/show_bug.cgi?id=181413
<rdar://problem/36169005>

Reviewed by Wenson Hsieh.

* UIProcess/API/APINavigationClient.h:
(API::NavigationClient::decidePolicyForPluginLoad):
* UIProcess/API/C/WKPage.cpp:
(WKPageSetPageNavigationClient):
* UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h:
* UIProcess/Cocoa/NavigationState.h:
* UIProcess/Cocoa/NavigationState.mm:
(WebKit::NavigationState::setNavigationDelegate):
(WebKit::toPluginModuleLoadPolicy):
(WebKit::toWKPluginModuleLoadPolicy):
(WebKit::NavigationState::NavigationClient::decidePolicyForPluginLoad):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::findPlugin):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226609 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoiOS build fix attempt after r226602.
rniwa@webkit.org [Tue, 9 Jan 2018 03:08:47 +0000 (03:08 +0000)]
iOS build fix attempt after r226602.

* UIProcess/API/C/WKContextMenuListener.cpp:
(WKContextMenuListenerUseContextMenuItems):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226608 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAdd SPI for WKOpenPanelParameters._acceptedMIMETypes and _acceptedFileExtensions
achristensen@apple.com [Tue, 9 Jan 2018 02:56:05 +0000 (02:56 +0000)]
Add SPI for WKOpenPanelParameters._acceptedMIMETypes and _acceptedFileExtensions
https://bugs.webkit.org/show_bug.cgi?id=181408
<rdar://problem/35884960>

Reviewed by Tim Horton.

Source/WebKit:

* UIProcess/API/Cocoa/WKOpenPanelParameters.mm:
(-[WKOpenPanelParameters _acceptedMIMETypes]):
(-[WKOpenPanelParameters _acceptedFileExtensions]):
* UIProcess/API/Cocoa/WKOpenPanelParametersInternal.h:
* UIProcess/API/Cocoa/WKOpenPanelParametersPrivate.h: Added.
* WebKit.xcodeproj/project.pbxproj:

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/RunOpenPanel.mm:
(-[RunOpenPanelUIDelegate webView:runOpenPanelWithParameters:initiatedByFrame:completionHandler:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226607 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAccessibilityARIAGrid does not compile when accessibility is disabled
don.olmstead@sony.com [Tue, 9 Jan 2018 02:16:16 +0000 (02:16 +0000)]
AccessibilityARIAGrid does not compile when accessibility is disabled
https://bugs.webkit.org/show_bug.cgi?id=181418
<rdar://problem/36365398>

Reviewed by Chris Fleizach.

No new tests. No change in behavior.

* accessibility/AccessibilityARIAGrid.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUnreviewed, rolling out r226532 and r226540.
commit-queue@webkit.org [Tue, 9 Jan 2018 02:07:53 +0000 (02:07 +0000)]
Unreviewed, rolling out r226532 and r226540.
https://bugs.webkit.org/show_bug.cgi?id=181422

jessie says basic browsing does not seem to work (Requested by
alexchristensen on #webkit).

Reverted changesets:

"Add CSP support to service workers"
https://bugs.webkit.org/show_bug.cgi?id=181385
https://trac.webkit.org/changeset/226532

"SWClientConnection should not keep references to service
worker jobs"
https://bugs.webkit.org/show_bug.cgi?id=181381
https://trac.webkit.org/changeset/226540

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226605 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[Attachment Support] Expose file name and content type of WKAttachment
wenson_hsieh@apple.com [Tue, 9 Jan 2018 02:05:48 +0000 (02:05 +0000)]
[Attachment Support] Expose file name and content type of WKAttachment
https://bugs.webkit.org/show_bug.cgi?id=181390
<rdar://problem/36336837>

Reviewed by Tim Horton.

Source/WebCore:

Add new structs in AttachmentTypes.h and refactor HTMLAttachmentElement::requestData to requestInfo. See below
for more details. Augmented existing API tests in WKAttachmentTests.

* html/AttachmentTypes.h:

Add a struct to represent a snapshot of information about an attachment element.

* html/HTMLAttachmentElement.cpp:
(WebCore::HTMLAttachmentElement::requestInfo):
(WebCore::HTMLAttachmentElement::requestData): Deleted.
* html/HTMLAttachmentElement.h:

Change requestData to requestInfo. Instead of fetching and delivering data via callback, requestInfo returns an
AttachmentInfo.

* rendering/RenderThemeIOS.mm:
(WebCore::RenderAttachmentInfo::addLine):
(WebCore::RenderAttachmentInfo::buildWrappedLines):
(WebCore::RenderAttachmentInfo::buildSingleLine):
(WebCore::RenderAttachmentInfo::RenderAttachmentInfo):
(WebCore::RenderThemeIOS::attachmentBaseline const):
(WebCore::paintAttachmentIcon):
(WebCore::paintAttachmentText):
(WebCore::paintAttachmentProgress):
(WebCore::attachmentBorderPath):
(WebCore::RenderThemeIOS::paintAttachment):
(WebCore::AttachmentInfo::addLine): Deleted.
(WebCore::AttachmentInfo::buildWrappedLines): Deleted.
(WebCore::AttachmentInfo::buildSingleLine): Deleted.
(WebCore::AttachmentInfo::AttachmentInfo): Deleted.

Rename AttachmentInfo to RenderAttachmentInfo to resolve a name conflict with the new AttachmentInfo struct.

Source/WebKit:

Add support for -[_WKAttachment requestInfo:], which fetches a snapshot of the attachment's state. This API is
meant to be a replacement for -requestData: that provides additional metadata about the attachment.

* Scripts/webkit/messages.py:
(headers_for_type):
* Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<AttachmentInfo>::encode):
(IPC::ArgumentCoder<AttachmentInfo>::decode):
* Shared/WebCoreArgumentCoders.h:

Add IPC support for AttachmentInfo. Note that instead of using (encode|decode)SharedBuffer, we send and receive
data references to the shared buffer.

* UIProcess/API/APIAttachment.cpp:
(API::Attachment::requestInfo):
(API::Attachment::requestData): Deleted.
* UIProcess/API/APIAttachment.h:

Change requestData to requestInfo.

* UIProcess/API/Cocoa/_WKAttachment.h:
* UIProcess/API/Cocoa/_WKAttachment.mm:
(-[_WKAttachmentInfo initWithInfo:]):
(-[_WKAttachmentInfo data]):
(-[_WKAttachmentInfo name]):
(-[_WKAttachmentInfo filePath]):
(-[_WKAttachmentInfo contentType]):
(-[_WKAttachment requestInfo:]):
(-[_WKAttachment requestData:]):

Implement -requestInfo: by calling into APIAttachment, and reimplement -requestData: in terms of -requestInfo:.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::attachmentInfoCallback):
(WebKit::WebPageProxy::requestAttachmentInfo):
(WebKit::WebPageProxy::sharedBufferCallback): Deleted.
(WebKit::WebPageProxy::requestAttachmentData): Deleted.
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:

Rename the SharedBufferCallback IPC message to AttachmentInfoCallback, and make it conditional on
ATTACHMENT_ELEMENT. Rename requestAttachmentData to requestAttachmentInfo.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::requestAttachmentInfo):
(WebKit::WebPage::invokeSharedBufferCallback): Deleted.
(WebKit::WebPage::requestAttachmentData): Deleted.

Rename requestAttachmentData to requestAttachmentInfo and adopt HTMLAttachmentElement::requestInfo.

* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

Tools:

Adjusts some existing tests in WKAttachmentTests to exercise -requestInfo:.

* TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:
(-[_WKAttachment synchronouslyRequestInfo:]):
(-[_WKAttachment synchronouslyRequestData:]):

Reimplement this in terms of -synchronouslyRequestInfo:.

(-[_WKAttachment expectRequestedDataToBe:]):
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226604 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoSpeculative build fix after r226600. We only use clflush on x86 and the `asm volatile...
sbarati@apple.com [Tue, 9 Jan 2018 01:55:40 +0000 (01:55 +0000)]
Speculative build fix after r226600. We only use clflush on x86 and the `asm volatile` syntax is not available in the Windows build.

No new tests because this is a build fix.

* dom/Comment.cpp:
(WebCore::Comment::clflushReadLength):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226603 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoPass around Vector<Ref<WebContextMenuItem>> instead of WKArrayRef or Vector<WebContex...
achristensen@apple.com [Tue, 9 Jan 2018 01:53:29 +0000 (01:53 +0000)]
Pass around Vector<Ref<WebContextMenuItem>> instead of WKArrayRef or Vector<WebContextMenuItemData>
https://bugs.webkit.org/show_bug.cgi?id=181419

Reviewed by Tim Horton.

Passing a WKArrayRef to an API object is messy and was preventing me from moving things around and making ObjC SPI.
No change in behavior.  Just using different layering abstractions for the same data.

* UIProcess/API/C/WKContextMenuListener.cpp:
(WKContextMenuListenerUseContextMenuItems):
* UIProcess/WebContextMenuListenerProxy.cpp:
(WebKit::WebContextMenuListenerProxy::useContextMenuItems):
* UIProcess/WebContextMenuListenerProxy.h:
* UIProcess/WebContextMenuProxy.h:
* UIProcess/mac/WebContextMenuProxyMac.h:
* UIProcess/mac/WebContextMenuProxyMac.mm:
(WebKit::WebContextMenuProxyMac::showContextMenuWithItems):
(WebKit::WebContextMenuProxyMac::showContextMenu):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226602 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAdd WTF_EXPORTs to UniStdExtras
don.olmstead@sony.com [Tue, 9 Jan 2018 01:21:04 +0000 (01:21 +0000)]
Add WTF_EXPORTs to UniStdExtras
https://bugs.webkit.org/show_bug.cgi?id=181415

Reviewed by Alex Christensen.

* wtf/UniStdExtras.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226601 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAdd a DOM gadget for Spectre testing
msaboff@apple.com [Tue, 9 Jan 2018 01:07:29 +0000 (01:07 +0000)]
Add a DOM gadget for Spectre testing
https://bugs.webkit.org/show_bug.cgi?id=181351

Source/JavaScriptCore:

Reviewed by Michael Saboff.

Added a new JSC::Option named enableSpectreGadgets to enable any gadgets added to test
Spectre mitigations.

* runtime/Options.h:

Source/WebCore:

Reviewed by Saam Barati.

This change is used to test Spectre mitigations.

Added a side data array to the Comment DOM node to test for Spectre issues in
the DOM layer.  This additional functionality is disabled by default and must
be enabled through the JSC option "enableSpectreGadgets".

* dom/Comment.cpp:
(WebCore::Comment::Comment):
(WebCore::Comment::setReadLength):
(WebCore::Comment::charCodeAt):
(WebCore::Comment::clflushReadLength):
* dom/Comment.h:
* dom/Comment.idl:
* page/RuntimeEnabledFeatures.cpp:
(WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const):
* page/RuntimeEnabledFeatures.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226600 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoA canvas should not be tainted if it draws a data URL SVGImage with a <foreignObject>
commit-queue@webkit.org [Tue, 9 Jan 2018 00:35:35 +0000 (00:35 +0000)]
A canvas should not be tainted if it draws a data URL SVGImage with a <foreignObject>
https://bugs.webkit.org/show_bug.cgi?id=180301

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-01-08
Reviewed by Dean Jackson.

Source/WebCore:

Don't taint the canvas if it draws a data URL SVGImage with a <foreignObject>.
There should not be a cross-origin data leak in this case.

Tests: svg/as-image/svg-canvas-data-url-svg-with-feimage-not-tainted.html
       svg/as-image/svg-canvas-data-url-svg-with-foreign-object-not-tainted.html
       svg/as-image/svg-canvas-data-url-svg-with-image-not-tainted.html

* html/ImageBitmap.cpp:
(WebCore::taintsOrigin):
* html/canvas/CanvasRenderingContext.cpp:
(WebCore::CanvasRenderingContext::wouldTaintOrigin):

LayoutTests:

* svg/as-image/svg-canvas-data-url-svg-with-feimage-not-tainted-expected.txt: Added.
* svg/as-image/svg-canvas-data-url-svg-with-feimage-not-tainted.html: Added.
* svg/as-image/svg-canvas-data-url-svg-with-foreign-object-not-tainted-expected.txt: Added.
* svg/as-image/svg-canvas-data-url-svg-with-foreign-object-not-tainted.html: Added.
* svg/as-image/svg-canvas-data-url-svg-with-image-not-tainted-expected.txt: Added.
* svg/as-image/svg-canvas-data-url-svg-with-image-not-tainted.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226599 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoSimplify platform checks in Graphics Context
don.olmstead@sony.com [Mon, 8 Jan 2018 23:27:52 +0000 (23:27 +0000)]
Simplify platform checks in Graphics Context
https://bugs.webkit.org/show_bug.cgi?id=181344

Reviewed by Alex Christensen.

No new tests. No change in behavior.

* platform/graphics/ANGLEWebKitBridge.h:
* platform/graphics/GLContext.h:
* platform/graphics/GraphicsContext3D.h:
* platform/graphics/OpenGLESShims.h:
* platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
(WebCore::GraphicsContext3D::checkVaryingsPacking const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226581 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoMarked imported/w3c/web-platform-tests/service-workers/service-worker/register-closed...
jlewis3@apple.com [Mon, 8 Jan 2018 23:16:58 +0000 (23:16 +0000)]
Marked imported/w3c/web-platform-tests/service-workers/service-worker/register-closed-window.https.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=181087

Unreviewed test gardening.

* platform/ios-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226578 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[RenderTreeBuilder] Move SVG addChild logic to RenderTreeBuilder
zalan@apple.com [Mon, 8 Jan 2018 23:14:11 +0000 (23:14 +0000)]
[RenderTreeBuilder] Move SVG addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181405
<rdar://problem/36360476>

Reviewed by Antti Koivisto.

This is about moving the code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

No change in functionality.

* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* rendering/svg/RenderSVGContainer.cpp:
(WebCore::RenderSVGContainer::addChild):
* rendering/svg/RenderSVGInline.cpp:
(WebCore::RenderSVGInline::addChild):
* rendering/svg/RenderSVGRoot.cpp:
(WebCore::RenderSVGRoot::addChild):
* rendering/svg/RenderSVGText.cpp:
(WebCore::RenderSVGText::addChild):
* rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::insertChildToSVGContainer):
(WebCore::RenderTreeBuilder::insertChildToSVGInline):
(WebCore::RenderTreeBuilder::insertChildToSVGRoot):
(WebCore::RenderTreeBuilder::insertChildToSVGText):
* rendering/updating/RenderTreeBuilder.h:
(WebCore::RenderTreeBuilder::SVGBuilder):
* rendering/updating/RenderTreeBuilderSVG.cpp: Added.
(WebCore::RenderTreeBuilder::SVG::SVG):
(WebCore::RenderTreeBuilder::SVG::insertChild):
* rendering/updating/RenderTreeBuilderSVG.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226568 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoRename CodeBlock::m_vm to CodeBlock::m_poisonedVM.
mark.lam@apple.com [Mon, 8 Jan 2018 22:59:10 +0000 (22:59 +0000)]
Rename CodeBlock::m_vm to CodeBlock::m_poisonedVM.
https://bugs.webkit.org/show_bug.cgi?id=181403
<rdar://problem/36359789>

Rubber-stamped by JF Bastien.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::~CodeBlock):
(JSC::CodeBlock::setConstantRegisters):
(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::finalizeLLIntInlineCaches):
(JSC::CodeBlock::jettison):
(JSC::CodeBlock::predictedMachineCodeSize):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::vm const):
(JSC::CodeBlock::addConstant):
(JSC::CodeBlock::heap const):
(JSC::CodeBlock::replaceConstant):
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226556 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoStorage Access API: Remove access for all frames under a page when the page is closed
wilander@apple.com [Mon, 8 Jan 2018 22:41:07 +0000 (22:41 +0000)]
Storage Access API: Remove access for all frames under a page when the page is closed
https://bugs.webkit.org/show_bug.cgi?id=181398
<rdar://problem/36357879>

Reviewed by Alex Christensen.

Source/WebCore:

No new tests. Discussed with Alex Christensen and we concluded that
both a layout test and an API test would require a lot of work and
we have existing tests for clearing out storage access for frames.

* platform/network/NetworkStorageSession.h:
* platform/network/cf/NetworkStorageSessionCFNet.cpp:
(WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage):

Source/WebKit:

* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::removeStorageAccessForAllFramesOnPage):
* NetworkProcess/NetworkConnectionToWebProcess.h:
* NetworkProcess/NetworkConnectionToWebProcess.messages.in:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::close):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226542 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUnreviewed, rolling out r226385.
jlewis3@apple.com [Mon, 8 Jan 2018 22:35:59 +0000 (22:35 +0000)]
Unreviewed, rolling out r226385.

The test introduced with this was a flaky since being added.

Reverted changeset:

"AX: when invert colors is on, double-invert certain media
elements in UserAgentStyleSheet"
https://bugs.webkit.org/show_bug.cgi?id=168447
https://trac.webkit.org/changeset/226385

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226541 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoSWClientConnection should not keep references to service worker jobs
commit-queue@webkit.org [Mon, 8 Jan 2018 22:33:23 +0000 (22:33 +0000)]
SWClientConnection should not keep references to service worker jobs
https://bugs.webkit.org/show_bug.cgi?id=181381

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Chris Dumez.

Source/WebCore:

Difficult to test determiniscally but corresponding crash log should no longer happen in debug builds.

Stopped passing ServiceWorkerJob references from ServiceWorkerContainer (potentially in service worker thread) to SWClientConnection (main thread).
Instead pass job identifiers and related data to the main thread.

Minor refactoring to use ServiceWorkerJobIdentifier instead of ServiceWorkerJobDataIdentifier which contains more data than needed.

* workers/service/SWClientConnection.cpp:
(WebCore::SWClientConnection::scheduleJob):
(WebCore::SWClientConnection::failedFetchingScript):
(WebCore::SWClientConnection::postTaskForJob):
(WebCore::SWClientConnection::jobRejectedInServer):
(WebCore::SWClientConnection::registrationJobResolvedInServer):
(WebCore::SWClientConnection::unregistrationJobResolvedInServer):
(WebCore::SWClientConnection::startScriptFetchForServer):
(WebCore::SWClientConnection::clearPendingJobs):
(WebCore::SWClientConnection::finishedFetchingScript): Deleted.
* workers/service/SWClientConnection.h:
* workers/service/ServiceWorkerContainer.cpp:
(WebCore::ServiceWorkerContainer::scheduleJob):
(WebCore::ServiceWorkerContainer::startScriptFetchForJob):
(WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
(WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
* workers/service/ServiceWorkerContainer.h:
* workers/service/server/SWServer.cpp:
(WebCore::SWServer::rejectJob):
(WebCore::SWServer::resolveRegistrationJob):
(WebCore::SWServer::resolveUnregistrationJob):
(WebCore::SWServer::startScriptFetch):
* workers/service/server/SWServer.h:

Source/WebKit:

Updated IPC handling based on WebCore refactoring.

* Scripts/webkit/messages.py:
(forward_declarations_and_headers):
(headers_for_type):
* StorageProcess/ServiceWorker/WebSWServerConnection.cpp:
(WebKit::WebSWServerConnection::rejectJobInClient):
(WebKit::WebSWServerConnection::resolveRegistrationJobInClient):
(WebKit::WebSWServerConnection::resolveUnregistrationJobInClient):
(WebKit::WebSWServerConnection::startScriptFetchInClient):
* StorageProcess/ServiceWorker/WebSWServerConnection.h:
* WebProcess/Storage/WebSWClientConnection.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226540 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoCopying, pasting, and then deleting an attachment element breaks attachment data...
wenson_hsieh@apple.com [Mon, 8 Jan 2018 22:19:15 +0000 (22:19 +0000)]
Copying, pasting, and then deleting an attachment element breaks attachment data requests
https://bugs.webkit.org/show_bug.cgi?id=181365
<rdar://problem/36340647>

Reviewed by Tim Horton.

Source/WebCore:

Currently, copying and pasting an attachment element within the same document and then deleting backwards to
remove the pasted attachment element causes the original attachment element to be inaccessible via SPI. This is
because there are now two different attachment elements with the same unique identifier, such that Document,
which keeps a map of all unique attachment identifiers to attachment elements, will lose track of the original
attachment element.

To fix this, we ensure that attachment elements should always have unique identifiers when they are inserted
into the document. We make several small adjustments to accomplish this:

1.  First, refactor HTMLAttachmentElement's unique identifier so that it no longer depends on the value of the
    "webkitattachmentid" attribute, and is instead just a member of HTMLAttachmentElement that is not exposed to
    DOM bindings. This means setting and querying an attachment element's uniqueIdentifier can be done without
    triggering any side effects, such as layout or mutation events.

2.  Next, make "webkitattachmentid" a temporary attribute similar to "webkitattachmentpath" and
    "webkitattachmentbloburl", so that it is added only when generating a markup fragment for editing, and
    removed upon deserialization.

3.  Lastly, shift the responsibility of assigning a unique identifier to an attachment away from places where we
    create attachment elements, and instead have Document enforce this when an attachment element is inserted.

Tests:  WKAttachmentTests.InsertAndRemoveDuplicateAttachment
        WKAttachmentTests.InsertDuplicateAttachmentAndUpdateData

* dom/Document.cpp:
(WebCore::Document::didInsertAttachmentElement):

Assign the unique identifier of an attachment element that has been inserted. If the identifier already tracks
an existing attachment element in the document or is missing, reassign the identifier to a new value.

* editing/cocoa/WebContentReaderCocoa.mm:
(WebCore::createFragmentForImageAttachment):
(WebCore::replaceRichContentWithAttachments):
(WebCore::WebContentReader::readFilePaths):

Remove calls to setUniqueIdentifier here, since Document will assign a unique identifier upon insertion.

* editing/markup.cpp:
(WebCore::StyledMarkupAccumulator::appendCustomAttributes):
(WebCore::createFragmentFromMarkup):

Set the attachment's unique identifier to the value of the "webkitattachmentid" attribute. When moving existing
attachments around in the DOM without duplication, this ensures that the attachment will be removed and
reinserted in the document without triggering removal and insertion client delegate methods.

When pasting an attachment element that has the same identifier as an existing attachment, we let Document
realize that the attachment identifier already exists, and reassign it to a unique value.

* html/HTMLAttachmentElement.cpp:
(WebCore::HTMLAttachmentElement::uniqueIdentifier const): Deleted.
(WebCore::HTMLAttachmentElement::setUniqueIdentifier): Deleted.
* html/HTMLAttachmentElement.h:

Tools:

Adds two new attachment API tests to verify that copying and pasting an existing attachment inserts an
attachment element that may be edited independently of the original attachment. See WebCore/ChangeLog for more
detail.

* TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226539 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoSkip http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html
ryanhaddad@apple.com [Mon, 8 Jan 2018 22:13:40 +0000 (22:13 +0000)]
Skip http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html
https://bugs.webkit.org/show_bug.cgi?id=181223

Unreviewed test gardening.

* platform/wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226538 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[RenderTreeBuilder] Move RenderBlockFlow addChild logic to RenderTreeBuilder
zalan@apple.com [Mon, 8 Jan 2018 22:04:02 +0000 (22:04 +0000)]
[RenderTreeBuilder] Move RenderBlockFlow addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181348
<rdar://problem/36328117>

Reviewed by Antti Koivisto.

This is about moving the code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

No change in functionality.

* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::addChild):
* rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::insertChildToRenderBlockFlow):
* rendering/updating/RenderTreeBuilder.h:
(WebCore::RenderTreeBuilder::blockFlowBuilder):
* rendering/updating/RenderTreeBuilderBlockFlow.cpp: Added.
(WebCore::RenderTreeBuilder::BlockFlow::BlockFlow):
(WebCore::RenderTreeBuilder::BlockFlow::insertChild):
* rendering/updating/RenderTreeBuilderBlockFlow.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226537 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[Cocoa] Web Inspector: Provide a way for clients to check if an NSWindow is a Web...
commit-queue@webkit.org [Mon, 8 Jan 2018 22:01:13 +0000 (22:01 +0000)]
[Cocoa] Web Inspector: Provide a way for clients to check if an NSWindow is a Web Inspector window
https://bugs.webkit.org/show_bug.cgi?id=181361
<rdar://problem/36332865>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2018-01-08
Reviewed by Darin Adler.

* WebKit.xcodeproj/project.pbxproj:
New files.

* Shared/API/Cocoa/_WKNSWindowExtras.h: Added.
* Shared/API/Cocoa/_WKNSWindowExtras.mm: Added.
(-[NSWindow _web_isWebInspectorWindow]):
Method to determing if a window is being used for Web Inspector content.

* UIProcess/mac/WKInspectorWindow.h: Added.
* UIProcess/mac/WKInspectorWindow.mm: Added.
Named subclass so we can use isKindOfClass.

* UIProcess/mac/WebInspectorProxyMac.mm:
(WebKit::WebInspectorProxy::createFrontendWindow):
Use the named subclass.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226536 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoDisable SharedArrayBuffer tests missed in r226386.
ryanhaddad@apple.com [Mon, 8 Jan 2018 21:54:24 +0000 (21:54 +0000)]
Disable SharedArrayBuffer tests missed in r226386.
https://bugs.webkit.org/show_bug.cgi?id=181266

Unreviewed test gardening.

* test262.yaml:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226535 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoMarked http/wpt/cache-storage/cache-put-stream.https.any.html as flaky on macOS WK2.
jlewis3@apple.com [Mon, 8 Jan 2018 21:53:57 +0000 (21:53 +0000)]
Marked http/wpt/cache-storage/cache-put-stream.https.any.html as flaky on macOS WK2.
https://bugs.webkit.org/show_bug.cgi?id=181107

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226534 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoBuild fix for WKPDFView
timothy_horton@apple.com [Mon, 8 Jan 2018 21:48:02 +0000 (21:48 +0000)]
Build fix for WKPDFView
https://bugs.webkit.org/show_bug.cgi?id=181399
<rdar://problem/36311915>

Reviewed by Simon Fraser.

* UIProcess/ios/WKPDFView.mm:
Disable deprecation warnings in this whole file.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226533 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAdd CSP support to service workers
commit-queue@webkit.org [Mon, 8 Jan 2018 21:19:24 +0000 (21:19 +0000)]
Add CSP support to service workers
https://bugs.webkit.org/show_bug.cgi?id=181385

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

* web-platform-tests/service-workers/service-worker/service-worker-csp-connect.https-expected.txt:
* web-platform-tests/service-workers/service-worker/service-worker-csp-default.https-expected.txt:
* web-platform-tests/service-workers/service-worker/service-worker-csp-script.https-expected.txt:

Source/WebCore:

Covered by rebased tests.

Added recovery of CSP information from WorkerScriptLoader.
Added plumbing to pass the CSP information to Service Workers.
Added persistency support for the CSP information.

* workers/WorkerScriptLoader.cpp:
(WebCore::WorkerScriptLoader::loadAsynchronously):
(WebCore::WorkerScriptLoader::didReceiveResponse):
* workers/WorkerScriptLoader.h:
(WebCore::WorkerScriptLoader::contentSecurityPolicy const):
* workers/service/SWClientConnection.cpp:
(WebCore::SWClientConnection::finishedFetchingScript):
(WebCore::SWClientConnection::failedFetchingScript):
* workers/service/SWClientConnection.h:
* workers/service/ServiceWorkerContainer.cpp:
(WebCore::ServiceWorkerContainer::addRegistration):
(WebCore::ServiceWorkerContainer::jobFailedWithException):
(WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
(WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
* workers/service/ServiceWorkerContainer.h:
* workers/service/ServiceWorkerContextData.cpp:
(WebCore::ServiceWorkerContextData::isolatedCopy const):
* workers/service/ServiceWorkerContextData.h:
(WebCore::ServiceWorkerContextData::encode const):
(WebCore::ServiceWorkerContextData::decode):
* workers/service/ServiceWorkerFetchResult.h:
(WebCore::ServiceWorkerFetchResult::encode const):
(WebCore::ServiceWorkerFetchResult::decode):
* workers/service/ServiceWorkerGlobalScope.cpp:
(WebCore::ServiceWorkerGlobalScope::create):
* workers/service/ServiceWorkerGlobalScope.h:
* workers/service/ServiceWorkerJob.cpp:
(WebCore::ServiceWorkerJob::notifyFinished):
* workers/service/ServiceWorkerJobClient.h:
* workers/service/context/ServiceWorkerThread.cpp:
(WebCore::ServiceWorkerThread::ServiceWorkerThread):
(WebCore::ServiceWorkerThread::createWorkerGlobalScope):
* workers/service/server/RegistrationDatabase.cpp:
(WebCore::v1RecordsTableSchema):
(WebCore::RegistrationDatabase::openSQLiteDatabase):
(WebCore::RegistrationDatabase::doPushChanges):
(WebCore::RegistrationDatabase::importRecords):
* workers/service/server/SWServer.cpp:
(WebCore::SWServer::updateWorker):
(WebCore::SWServer::installContextData):
* workers/service/server/SWServer.h:
* workers/service/server/SWServerJobQueue.cpp:
(WebCore::SWServerJobQueue::scriptFetchFinished):
* workers/service/server/SWServerWorker.cpp:
(WebCore::SWServerWorker::SWServerWorker):
(WebCore::m_contentSecurityPolicy):
(WebCore::SWServerWorker::contextData const):
* workers/service/server/SWServerWorker.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226532 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUse no-cache fetch mode when loading main documents with location.reload()
commit-queue@webkit.org [Mon, 8 Jan 2018 21:06:49 +0000 (21:06 +0000)]
Use no-cache fetch mode when loading main documents with location.reload()
https://bugs.webkit.org/show_bug.cgi?id=181285

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

* web-platform-tests/service-workers/service-worker/fetch-event.https-expected.txt:

Source/WebCore:

Covered by rebased tests.

Start to translate cache policy used for navigation as FetchOptions::Cache.
This allows ensuring service workers receive the right cache mode when intercepting navigation loads.
To not change current navigation behavior, ReturnCacheDataElseLoad and ReturnCacheDataDontLoad still trigger default fetch cache mode.

For Reload and ReloadExpiredOnly frame load types, using no-cache mode is more efficient than reload mode,
as a conditional request will be sent if possible. This applies to location.reload which is consistent with other browsers.
Keep reload mode for ReloadFromOrigin.

* loader/DocumentLoader.cpp:
(WebCore::toFetchOptionsCache):
(WebCore::DocumentLoader::loadMainResource):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadFrameRequest):
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::reload):
(WebCore::FrameLoader::defaultRequestCachingPolicy):
(WebCore::FrameLoader::loadDifferentDocumentItem):
* loader/NavigationScheduler.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226531 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoApply poisoning to more pointers in JSC.
mark.lam@apple.com [Mon, 8 Jan 2018 21:05:17 +0000 (21:05 +0000)]
Apply poisoning to more pointers in JSC.
https://bugs.webkit.org/show_bug.cgi?id=181096
<rdar://problem/36182970>

Reviewed by JF Bastien.

Source/JavaScriptCore:

* assembler/MacroAssembler.h:
(JSC::MacroAssembler::xorPtr):
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::xor64):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::xor64):
- Add xorPtr implementation.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::inferredName const):
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::~CodeBlock):
(JSC::CodeBlock::setConstantRegisters):
(JSC::CodeBlock::visitWeakly):
(JSC::CodeBlock::visitChildren):
(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::WeakReferenceHarvester::visitWeakReferences):
(JSC::CodeBlock::finalizeLLIntInlineCaches):
(JSC::CodeBlock::finalizeBaselineJITInlineCaches):
(JSC::CodeBlock::UnconditionalFinalizer::finalizeUnconditionally):
(JSC::CodeBlock::jettison):
(JSC::CodeBlock::predictedMachineCodeSize):
(JSC::CodeBlock::findPC):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::UnconditionalFinalizer::UnconditionalFinalizer):
(JSC::CodeBlock::WeakReferenceHarvester::WeakReferenceHarvester):
(JSC::CodeBlock::stubInfoBegin):
(JSC::CodeBlock::stubInfoEnd):
(JSC::CodeBlock::callLinkInfosBegin):
(JSC::CodeBlock::callLinkInfosEnd):
(JSC::CodeBlock::instructions):
(JSC::CodeBlock::instructions const):
(JSC::CodeBlock::vm const):
* dfg/DFGOSRExitCompilerCommon.h:
(JSC::DFG::adjustFrameAndStackInOSRExitCompilerThunk):
* jit/JIT.h:
* llint/LLIntOfflineAsmConfig.h:
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter64.asm:
* parser/UnlinkedSourceCode.h:
* runtime/JSCPoison.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
* runtime/JSGlobalObject.h:
* runtime/JSScriptFetchParameters.h:
* runtime/JSScriptFetcher.h:
* runtime/StructureTransitionTable.h:
* wasm/js/JSWebAssemblyCodeBlock.cpp:
(JSC::JSWebAssemblyCodeBlock::JSWebAssemblyCodeBlock):
(JSC::JSWebAssemblyCodeBlock::visitChildren):
(JSC::JSWebAssemblyCodeBlock::UnconditionalFinalizer::finalizeUnconditionally):
* wasm/js/JSWebAssemblyCodeBlock.h:

Source/WTF:

Added support for PoisonedBag and PoisonedRefCountedArray.

* wtf/Bag.h:
(WTF::Private::BagNode::BagNode):
(WTF::Bag::Bag):
(WTF::Bag::operator=):
(WTF::Bag::clear):
(WTF::Bag::add):
(WTF::Bag::begin):
(WTF::Bag::unwrappedHead):
(WTF::Bag::Node::Node): Deleted.
* wtf/BagToHashMap.h:
(WTF::toHashMap):
* wtf/Poisoned.h:
(WTF::constExprPoisonRandom):
(WTF::makeConstExprPoison):
* wtf/RefCountedArray.h:
(WTF::RefCountedArray::RefCountedArray):
(WTF::RefCountedArray::clone const):
(WTF::RefCountedArray::operator=):
(WTF::RefCountedArray::~RefCountedArray):
(WTF::RefCountedArray::refCount const):
(WTF::RefCountedArray::size const):
(WTF::RefCountedArray::data):
(WTF::RefCountedArray::begin):
(WTF::RefCountedArray::end):
(WTF::RefCountedArray::data const):
(WTF::RefCountedArray::begin const):
(WTF::RefCountedArray::operator== const):
(WTF::RefCountedArray::Header::fromPayload):
* wtf/WTFAssertions.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226530 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoFix check-webkit-style issues with WebNSDataExtras.mm
ddkilzer@apple.com [Mon, 8 Jan 2018 21:02:06 +0000 (21:02 +0000)]
Fix check-webkit-style issues with WebNSDataExtras.mm
<https://webkit.org/b/181369>

Reviewed by Alex Christensen.

* Misc/WebNSDataExtras.mm:
(-[NSString _web_capitalizeRFC822HeaderFieldName]):
(-[NSData _webkit_guessedMIMETypeForXML]):
(-[NSData _webkit_guessedMIMEType]):
(-[NSData _web_isCaseInsensitiveEqualToCString:]):
(_findEOL):
(-[NSData _webkit_parseRFC822HeaderFields]):
(-[NSData _web_locationAfterFirstBlankLine]):
- Fix all the check-webkit-style warnings.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226529 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoCaches::writeCachesToDisk should assert that it is initialized
commit-queue@webkit.org [Mon, 8 Jan 2018 20:47:48 +0000 (20:47 +0000)]
Caches::writeCachesToDisk should assert that it is initialized
https://bugs.webkit.org/show_bug.cgi?id=181383

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Alex Christensen.

Add assertion to ensure caches is initialized

* NetworkProcess/cache/CacheStorageEngineCaches.cpp:
(WebKit::CacheStorage::Caches::writeCachesToDisk):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226528 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[WinCairo] Add default port TestExpectations for wincairo
commit-queue@webkit.org [Mon, 8 Jan 2018 20:45:45 +0000 (20:45 +0000)]
[WinCairo] Add default port TestExpectations for wincairo
https://bugs.webkit.org/show_bug.cgi?id=179221

Patch by Basuke Suzuki <Basuke.Suzuki@sony.com> on 2018-01-08
Reviewed by Alex Christensen.

* platform/wincairo-win10/TestExpectations: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226527 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoStop exposing fetch and extendable events to window
commit-queue@webkit.org [Mon, 8 Jan 2018 18:58:32 +0000 (18:58 +0000)]
Stop exposing fetch and extendable events to window
https://bugs.webkit.org/show_bug.cgi?id=181325

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Chris Dumez.

Source/WebCore:

Covered by updated tests.

Marked FetchEvent and ExtendableEvent as visible in ServiceWorker environments only.
Moved related Internals testing routines to ServiceWorkerInternals.

* testing/Internals.cpp:
(WebCore::Internals::waitForFetchEventToFinish): Deleted.
(WebCore::Internals::createBeingDispatchedFetchEvent): Deleted.
* testing/Internals.h:
* testing/Internals.idl:
* testing/ServiceWorkerInternals.cpp:
(WebCore::ServiceWorkerInternals::waitForFetchEventToFinish):
(WebCore::ServiceWorkerInternals::createBeingDispatchedFetchEvent):
* testing/ServiceWorkerInternals.h:
* testing/ServiceWorkerInternals.idl:
* workers/service/ExtendableEvent.idl:
* workers/service/FetchEvent.idl:

LayoutTests:

* http/wpt/service-workers/extendableEvent.https-expected.txt:
* http/wpt/service-workers/extendableEvent.https.html:
* http/wpt/service-workers/fetchEvent.https-expected.txt:
* http/wpt/service-workers/fetchEvent.https.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226526 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoREGRESSION (r219145): Toggling layer borders on a static document no longer works...
antti@apple.com [Mon, 8 Jan 2018 18:47:26 +0000 (18:47 +0000)]
REGRESSION (r219145): Toggling layer borders on a static document no longer works immediately
https://bugs.webkit.org/show_bug.cgi?id=176260
<rdar://problem/34219966>

Reviewed by Simon Fraser.

Source/WebCore:

Optimization reveled bugs in debug indicator painting.

Test: compositing/debug-borders-dynamic.html

* platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
(WebCore::GraphicsLayerCA::updateDebugIndicators):
(WebCore::GraphicsLayerCA::updateDebugBorder): Deleted.

- Rename to indicate this is not just about debug borders.
- Trigger display so repaint counters get painted. This helper is only called when the indicators change.

* platform/graphics/ca/GraphicsLayerCA.h:
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::cacheAcceleratedCompositingFlags):

Ensure we do compositing update on debug border change even when there is no layout.

LayoutTests:

* compositing/debug-borders-dynamic-expected.html: Added.
* compositing/debug-borders-dynamic.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226521 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[RenderTreeBuilder] Move RenderInline addChild logic to RenderTreeBuilder
zalan@apple.com [Mon, 8 Jan 2018 18:38:31 +0000 (18:38 +0000)]
[RenderTreeBuilder] Move RenderInline addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181336
<rdar://problem/36324693>

Reviewed by Antti Koivisto.

This is about moving the code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

No change in functionality.

* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* rendering/RenderInline.cpp:
(WebCore::RenderInline::addChild):
(WebCore::RenderInline::addChildIgnoringContinuation):
(WebCore::RenderInline::childBecameNonInline):
(WebCore::nextContinuation): Deleted.
(WebCore::RenderInline::continuationBefore): Deleted.
(WebCore::newChildIsInline): Deleted.
(WebCore::RenderInline::cloneAsContinuation const): Deleted.
(WebCore::RenderInline::splitInlines): Deleted.
(WebCore::RenderInline::splitFlow): Deleted.
(WebCore::canUseAsParentForContinuation): Deleted.
(WebCore::RenderInline::addChildToContinuation): Deleted.
* rendering/RenderInline.h:
* rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::insertChildToRenderInline):
(WebCore::RenderTreeBuilder::insertChildToRenderInlineIgnoringContinuation):
(WebCore::RenderTreeBuilder::splitFlow):
* rendering/updating/RenderTreeBuilder.h:
(WebCore::RenderTreeBuilder::inlineBuilder):
* rendering/updating/RenderTreeBuilderInline.cpp: Added.
(WebCore::canUseAsParentForContinuation):
(WebCore::nextContinuation):
(WebCore::continuationBefore):
(WebCore::cloneAsContinuation):
(WebCore::newChildIsInline):
(WebCore::inFlowPositionedInlineAncestor):
(WebCore::RenderTreeBuilder::Inline::Inline):
(WebCore::RenderTreeBuilder::Inline::insertChild):
(WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
(WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
(WebCore::RenderTreeBuilder::Inline::splitFlow):
(WebCore::RenderTreeBuilder::Inline::splitInlines):
* rendering/updating/RenderTreeBuilderInline.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226520 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoWebProcessPool::terminateServiceWorkerProcess should protect itself in debug builds
commit-queue@webkit.org [Mon, 8 Jan 2018 18:37:37 +0000 (18:37 +0000)]
WebProcessPool::terminateServiceWorkerProcess should protect itself in debug builds
https://bugs.webkit.org/show_bug.cgi?id=181384

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Chris Dumez.

* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::terminateServiceWorkerProcess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226519 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[EME] Add layout test for InitData and InitDataType in CENC encrypted event
commit-queue@webkit.org [Mon, 8 Jan 2018 18:33:24 +0000 (18:33 +0000)]
[EME] Add layout test for InitData and InitDataType in CENC encrypted event
https://bugs.webkit.org/show_bug.cgi?id=180430

Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-01-08
Reviewed by Xabier Rodriguez-Calvar.

* TestExpectations:
* media/content/encrypted/VideoClearKeyCenc.mp4: Added.
    This is a simple encrypted video file used for regular playback.
    It has been encrypted with BENTO4. https://www.bento4.com/

* media/content/encrypted/segments/VideoClearKeyCenc-seg-0.mp4: Added.
    This is a simple encrypted video fragment used in MSE playback.
    It has been fragmented and encrypted with BENTO4. https://www.bento4.com/

* media/encrypted-media/clearKey/clearKey-encrypted-cenc-event-expected.txt: Added.
* media/encrypted-media/clearKey/clearKey-encrypted-cenc-event-mse-expected.txt: Added.
* media/encrypted-media/clearKey/clearKey-encrypted-cenc-event-mse.html: Added.
    This is a test with MSE.

* media/encrypted-media/clearKey/clearKey-encrypted-cenc-event.html: Added.
    This is a test with a regular playback.

* media/encrypted-media/medias-enc.js: Added.
    This JavaScrit file lists the encrypted media wich will be used in encrypted-media tests.
    It gives all necessary informations about the encrypted media: path of the file or
    the path of the segments in MSE case, mimeType, initDataType and the encryption keys.

* media/media-source/media-source-loader-simple.js: Added.
    This JavaScript file provides a simple MSE implementation, reads the segments of the media and appends them
    in the appropriate SourceBuffer.

* platform/wpe/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226518 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoWeb Inspector: Find next / previous within a resource content view does not have...
commit-queue@webkit.org [Mon, 8 Jan 2018 17:42:17 +0000 (17:42 +0000)]
Web Inspector: Find next / previous within a resource content view does not have bouncy highlight when editor scrolls
https://bugs.webkit.org/show_bug.cgi?id=181279
<rdar://problem/36291097>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2018-01-08
Reviewed by Brian Burg.

* UserInterface/Views/TextEditor.js:
(WI.TextEditor.prototype._revealSearchResult):
Reposition the bouncy highlight on scroll based on the CodeMirror
line/ch position of the search result.

(WI.TextEditor.prototype._removeBouncyHighlightElementIfNeeded):
Track the bouncy highlight scroll handler in a member variable so that
we always remember to remove it and don't leak scroll handlers.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226517 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[RenderTreeBuilder] Move RenderBlock addChild logic to RenderTreeBuilder
zalan@apple.com [Mon, 8 Jan 2018 17:40:21 +0000 (17:40 +0000)]
[RenderTreeBuilder] Move RenderBlock addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181319
<rdar://problem/36313464>

Reviewed by Antti Koivisto.

This is about moving the code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

No change in functionality.

* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::addChild):
(WebCore::RenderBlock::addChildIgnoringContinuation):
(WebCore::RenderBlock::childBecameNonInline):
(WebCore::RenderBlock::continuationBefore): Deleted.
(WebCore::RenderBlock::addChildToContinuation): Deleted.
(WebCore::getInlineRun): Deleted.
(WebCore::RenderBlock::makeChildrenNonInline): Deleted.
* rendering/RenderBlock.h:
* rendering/RenderBox.cpp:
(WebCore::markBoxForRelayoutAfterSplit): Deleted.
(WebCore::RenderBox::splitAnonymousBoxesAroundChild): Deleted.
* rendering/RenderBox.h:
* rendering/RenderRubyBase.cpp:
(WebCore::RenderRubyBase::moveChildren):
(WebCore::RenderRubyBase::moveBlockChildren):
* rendering/RenderTable.cpp:
(WebCore::RenderTable::addChild):
* rendering/RenderTableRow.cpp:
(WebCore::RenderTableRow::addChild):
* rendering/RenderTableSection.cpp:
(WebCore::RenderTableSection::addChild):
* rendering/updating/RenderTreeBuilder.cpp:
(WebCore::markBoxForRelayoutAfterSplit):
(WebCore::getInlineRun):
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::insertChildToRenderBlock):
(WebCore::RenderTreeBuilder::insertChildToRenderBlockIgnoringContinuation):
(WebCore::RenderTreeBuilder::makeChildrenNonInline):
(WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
* rendering/updating/RenderTreeBuilder.h:
(WebCore::RenderTreeBuilder::blockBuilder):
* rendering/updating/RenderTreeBuilderBlock.cpp: Added.
(WebCore::continuationBefore):
(WebCore::RenderTreeBuilder::Block::Block):
(WebCore::RenderTreeBuilder::Block::insertChild):
(WebCore::RenderTreeBuilder::Block::insertChildToContinuation):
(WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
* rendering/updating/RenderTreeBuilderBlock.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226516 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoStandard controls sometimes say video is in pip when it isnt.
commit-queue@webkit.org [Mon, 8 Jan 2018 17:02:33 +0000 (17:02 +0000)]
Standard controls sometimes say video is in pip when it isnt.
https://bugs.webkit.org/show_bug.cgi?id=181095
rdar://problem/36182687

Patch by Jeremy Jones <jeremyj@apple.com> on 2018-01-08
Reviewed by Eric Carlson.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::exitFullscreen):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226515 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoREGRESSION: [iOS] ASSERTION FAILED: !node.isConnected() in WebCore::notifyNodeInserte...
jer.noble@apple.com [Mon, 8 Jan 2018 16:46:15 +0000 (16:46 +0000)]
REGRESSION: [iOS] ASSERTION FAILED: !node.isConnected() in WebCore::notifyNodeInsertedIntoDocument
https://bugs.webkit.org/show_bug.cgi?id=181091

Reviewed by Darin Adler.

Move the work previously performed in insertedIntoAncestor() into didFinishInsertingNode().

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::prepareForLoad):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226514 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUnreviewed build fix after r226211.
fred.wang@free.fr [Mon, 8 Jan 2018 16:14:02 +0000 (16:14 +0000)]
Unreviewed build fix after r226211.

Patch by Frederic Wang <fwang@igalia.com> on 2018-01-08

* UIProcess/API/Cocoa/WKPreferencesPrivate.h: Use WK_IOS_TBA for iOS.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226513 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUpdate imagebitmap tests.
Ms2ger@igalia.com [Mon, 8 Jan 2018 15:55:14 +0000 (15:55 +0000)]
Update imagebitmap tests.
https://bugs.webkit.org/show_bug.cgi?id=181379

Unreviewed test gardening.

LayoutTests/imported/w3c:

* web-platform-tests/2dcontext/imagebitmap/common.js:
* web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt:
* web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html:
* web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
* web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args.html:

LayoutTests:

* platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt:
* platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
* platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt:
* platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226512 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[Cairo] Use isolated fill and stroke source containers
zandobersek@gmail.com [Mon, 8 Jan 2018 15:00:38 +0000 (15:00 +0000)]
[Cairo] Use isolated fill and stroke source containers
https://bugs.webkit.org/show_bug.cgi?id=181386

Reviewed by Carlos Garcia Campos.

Generate fill and stroke source objects upon invocation of various Cairo
operations, initializing necessary data from the GraphicsContextState
object.

Cairo::FillSource and Cairo::StrokeSource structs are introduced, both
being default-constructible as well as providing a constructor that
accepts a GraphicsContextState object from which the appropriate
resources are created.

The FillSource and StrokeSource objects are then passed to
PlatformContextCairo's prepareForFilling() and prepareForStroking()
methods. Here the helper prepareCairoContextSource() function is now
invoked with cairo_pattern_t objects as pattern or gradient sources, or
the source color if neither cairo_pattern_t object is specified.

The FillSource and StrokeSource constructors mimic the previous behavior
of prepareCairoContextSource(). In case the source is a Pattern object,
a cairo_pattern_t object is created from that. In case of FillSource,
we also retrieve pattern size, transform and repetition information. In
case the source os a Gradient object, we create a 'base' cairo_pattern_t
object for a completely opaque alpha channel. Additionally, if the alpha
value on the state is not 1, we create an alpha-adjusted cairo_pattern_t
that is potentially used for any filling or stroking operation that has
to preserve transparency. If neither Pattern or Gradient objects are set
on the GraphicsContextState, we default to the current fill or stroke
color.

Overall, there's no change in behavior, this is simply a refactoring
that enables us to construct Cairo objects for filling and stroking
sources at the time of Cairo operation dispatch, instead of pulling down
GraphicsContextState deeper into the Cairo-specific code.

No new tests -- no change in functionality.

* platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::drawPathShadow):
(WebCore::Cairo::fillCurrentCairoPath):
(WebCore::Cairo::FillSource::FillSource):
(WebCore::Cairo::StrokeSource::StrokeSource):
(WebCore::Cairo::fillRect):
(WebCore::Cairo::fillRectWithRoundedHole):
(WebCore::Cairo::fillPath):
(WebCore::Cairo::strokeRect):
(WebCore::Cairo::strokePath):
(WebCore::Cairo::drawGlyphs):
* platform/graphics/cairo/CairoOperations.h:
* platform/graphics/cairo/FontCairo.cpp:
(WebCore::FontCascade::drawGlyphs):
* platform/graphics/cairo/GraphicsContextCairo.cpp:
(WebCore::GraphicsContext::fillPath):
(WebCore::GraphicsContext::strokePath):
(WebCore::GraphicsContext::fillRect):
(WebCore::GraphicsContext::strokeRect):
(WebCore::GraphicsContext::fillRectWithRoundedHole):
* platform/graphics/cairo/PlatformContextCairo.cpp:
(WebCore::prepareCairoContextSource):
(WebCore::PlatformContextCairo::prepareForFilling):
(WebCore::PlatformContextCairo::prepareForStroking):
(WebCore::PlatformContextCairo::clipForPatternFilling):
* platform/graphics/cairo/PlatformContextCairo.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226511 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agonavigator.onLine does not work inside service workers
commit-queue@webkit.org [Mon, 8 Jan 2018 14:43:50 +0000 (14:43 +0000)]
navigator.onLine does not work inside service workers
https://bugs.webkit.org/show_bug.cgi?id=181079
<rdar://problem/36178606>

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Darin Adler.

Source/WebCore:

Test: http/wpt/service-workers/online.https.html

Added support for onLine by reusing a similar implementation as regular workers.
Added ServiceWorkerInternals as an interface for an object exposed as self.internals in WTR.
This object has currently one method to trigger change in the online/offline status.
This allows writing a test for the onLine feature.

Note that self.internals is inserted asynchronously after the script was evaluated.
When writing a worker script using self.internals, one must make sure to use self.internals when initialized.
online-worker.js for instance makes use of self.internals in a postMessage callback.

* CMakeLists.txt:
* DerivedSources.make:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/WorkerScriptController.h:
* dom/ScriptExecutionContext.h:
* testing/ServiceWorkerInternals.cpp: Added.
(WebCore::ServiceWorkerInternals::ServiceWorkerInternals):
(WebCore::ServiceWorkerInternals::setOnline):
* testing/ServiceWorkerInternals.h: Added.
* testing/ServiceWorkerInternals.idl: Added.
* testing/js/WebCoreTestSupport.cpp:
(WebCoreTestSupport::setupNewlyCreateServiceWorker):
* testing/js/WebCoreTestSupport.h:
* workers/service/context/SWContextManager.cpp:
(WebCore::SWContextManager::registerServiceWorkerThreadForInstall):
(WebCore::SWContextManager::startedServiceWorker):
* workers/service/context/SWContextManager.h:
(WebCore::SWContextManager::setServiceWorkerCreationCallback):
(WebCore::SWContextManager::workerByID):
* workers/service/context/ServiceWorkerThread.cpp:
(WebCore::ServiceWorkerThread::ServiceWorkerThread):
* workers/service/context/ServiceWorkerThreadProxy.cpp:
(WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy):
(WebCore::ServiceWorkerThreadProxy::~ServiceWorkerThreadProxy):
(WebCore::ServiceWorkerThreadProxy::networkStateChanged):
(WebCore::ServiceWorkerThreadProxy::notifyNetworkStateChange):
* workers/service/context/ServiceWorkerThreadProxy.h:

Source/WebKit:

Added support for a callback called for each service worker proxy creation.
Callback is used by WTR to inject a self.internals object used for testing.

* WebProcess/InjectedBundle/API/c/WKBundle.cpp:
(WKBundleSetServiceWorkerProxyCreationCallback):
* WebProcess/InjectedBundle/API/c/WKBundle.h:
* WebProcess/InjectedBundle/InjectedBundle.cpp:
(WebKit::InjectedBundle::setServiceWorkerProxyCreationCallback):
* WebProcess/InjectedBundle/InjectedBundle.h:

Tools:

* WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::initialize): Setting service worker creation callback to inject ServiceWorkerInternals object.

LayoutTests:

* http/wpt/service-workers/online-worker.js: Added.
(async.waitForOnlineEvent):
(async.doTest):
* http/wpt/service-workers/online.https-expected.txt: Added.
* http/wpt/service-workers/online.https.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226510 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[Cairo] Contain shadow blur requirement state in a separate object
zandobersek@gmail.com [Mon, 8 Jan 2018 14:38:23 +0000 (14:38 +0000)]
[Cairo] Contain shadow blur requirement state in a separate object
https://bugs.webkit.org/show_bug.cgi?id=181380

Reviewed by Carlos Garcia Campos.

Instead of picking up the necessary state parameters from a
GraphicsContextState object, store the necessary parameters in a helper
ShadowBlurUsage struct. Mimicking the mustUseShadowBlur() function that
is being removed, values of the shadow color, shadow blur, and shadow
transform ignorance are stored there. Additionally, the required()
method accepts a PlatformContextCairo object through which it can
retrieve the current CTM and determine whether it's an identity, finally
deciding whether shadow blur can or cannot be ignored.

Goal of this change is to limit usage of GraphicsContextState directly
in operations implemented inside the Cairo namespace. Instead, the
state parameters should be passed directly, or an equivalent but limited
state object should be constructed for invocation of such operations.

This is likely only an intermediate solution. It's possible it will be
replaced by a more complete shadow state struct that would be used for
any operation that is required to draw shadows, if necessary.

No new tests -- no change in functionality.

* platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::drawGlyphsShadow):
(WebCore::Cairo::ShadowBlurUsage::ShadowBlurUsage):
(WebCore::Cairo::ShadowBlurUsage::required const):
(WebCore::Cairo::fillRectWithRoundedHole):
(WebCore::Cairo::drawGlyphs):
(WebCore::Cairo::mustUseShadowBlur): Deleted.
* platform/graphics/cairo/CairoOperations.h:
* platform/graphics/cairo/FontCairo.cpp:
(WebCore::FontCascade::drawGlyphs):
* platform/graphics/cairo/GraphicsContextCairo.cpp:
(WebCore::GraphicsContext::fillRectWithRoundedHole):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226509 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[GStreamer][Soup] Remove dead getCreateOrReadBuffer code path
philn@webkit.org [Mon, 8 Jan 2018 13:53:10 +0000 (13:53 +0000)]
[GStreamer][Soup] Remove dead getCreateOrReadBuffer code path
https://bugs.webkit.org/show_bug.cgi?id=181376

Reviewed by Carlos Garcia Campos.

This code path is no longer used now that the GStreamer HTTP
source element uses data coming directly from the network process.

* SourcesGTK.txt:
* SourcesWPE.txt:
* loader/MediaResourceLoader.cpp:
(WebCore::MediaResource::getOrCreateReadBuffer): Deleted.
* loader/MediaResourceLoader.h:
* loader/SubresourceLoader.h:
* loader/cache/CachedRawResource.h:
* loader/cache/CachedRawResourceClient.h:
(WebCore::CachedRawResourceClient::finishedTimingForWorkerLoad):
(WebCore::CachedRawResourceClient::getOrCreateReadBuffer): Deleted.
* loader/cache/CachedResource.h:
(WebCore::CachedResource::getOrCreateReadBuffer): Deleted.
* loader/soup/CachedRawResourceSoup.cpp: Removed.
* loader/soup/SubresourceLoaderSoup.cpp: Removed.
* platform/graphics/PlatformMediaResourceLoader.h:
(WebCore::PlatformMediaResourceClient::loadFinished):
(WebCore::PlatformMediaResourceClient::getOrCreateReadBuffer): Deleted.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(CachedResourceStreamingClient::getOrCreateReadBuffer): Deleted.
* platform/network/ResourceHandleClient.h:
(WebCore::ResourceHandleClient::getOrCreateReadBuffer): Deleted.
* platform/network/soup/ResourceHandleSoup.cpp:
(WebCore::ResourceHandle::ensureReadBuffer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226508 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoimported/w3c/web-platform-tests/service-workers/service-worker/interfaces-sw.https...
commit-queue@webkit.org [Mon, 8 Jan 2018 12:32:49 +0000 (12:32 +0000)]
imported/w3c/web-platform-tests/service-workers/service-worker/interfaces-sw.https.html is slow in Debug
https://bugs.webkit.org/show_bug.cgi?id=181382

Unreviewed.

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226507 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agolibwebrtc: Fix 'ld: warning: cannot export hidden symbol' messages
ddkilzer@apple.com [Mon, 8 Jan 2018 11:33:14 +0000 (11:33 +0000)]
libwebrtc: Fix 'ld: warning: cannot export hidden symbol' messages
<https://webkit.org/b/181378>

Reviewed by Youenn Fablet.

* Configurations/libwebrtc.iOS.exp:
* Configurations/libwebrtc.iOSsim.exp:
* Configurations/libwebrtc.mac.exp:
- Remove 117 symbols that are not currently exported.  These
  warnings only appear in Release and Production builds.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226506 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUnreviewed GTK gardening. Rebaseline test again after r226500.
carlosgc@webkit.org [Mon, 8 Jan 2018 09:38:38 +0000 (09:38 +0000)]
Unreviewed GTK gardening. Rebaseline test again after r226500.

* platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226505 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[GStreamer] use FastMalloc-based GstAllocator
carlosgc@webkit.org [Mon, 8 Jan 2018 09:34:36 +0000 (09:34 +0000)]
[GStreamer] use FastMalloc-based GstAllocator
https://bugs.webkit.org/show_bug.cgi?id=165793

Reviewed by Philippe Normand.

Add GstAllocatorFastMalloc, a GstAllocator implementation using fast malloc. It's only used when fast malloc is
enabled and can be disabled using an environment variable for debugging purposes.

* platform/GStreamer.cmake:
* platform/graphics/gstreamer/GStreamerUtilities.cpp:
(WebCore::initializeGStreamer):
* platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp: Added.
(gstMemoryFastMallocNew):
(gstAllocatorFastMallocAlloc):
(gstAllocatorFastMallocFree):
(gstAllocatorFastMallocMemMap):
(gstAllocatorFastMallocMemUnmap):
(gstAllocatorFastMallocMemCopy):
(gstAllocatorFastMallocMemShare):
(gstAllocatorFastMallocMemIsSpan):
(gst_allocator_fast_malloc_class_init):
(gst_allocator_fast_malloc_init):
* platform/graphics/gstreamer/GstAllocatorFastMalloc.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226504 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoBuild fix #2: Enable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
ddkilzer@apple.com [Mon, 8 Jan 2018 09:22:49 +0000 (09:22 +0000)]
Build fix #2: Enable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
<https://webkit.org/b/181256>
<rdar://problem/36281730>

* Plugins/WebNetscapePluginEventHandlerCocoa.mm:
(WebNetscapePluginEventHandlerCocoa::handleTSMEvent):
- Use reinterpret_cast<NPNSString*>(const_cast<CFMutableStringRef>())
  to avoid warnings from casting CFStringRef to NPNSString*.
  Note that CFMutableStringRef is the same as CFStringRef
  without the const modifier, hence its use in the const_cast<>
  above.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226503 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUnreviewed GTK gardening. Partially revert r224460.
carlosgc@webkit.org [Mon, 8 Jan 2018 09:16:58 +0000 (09:16 +0000)]
Unreviewed GTK gardening. Partially revert r224460.

Two tests were incorrectly rebaselined in r224460.

* platform/gtk/fast/forms/auto-fill-button/input-strong-confirmation-password-auto-fill-button-expected.txt:
* platform/gtk/fast/forms/auto-fill-button/input-strong-password-auto-fill-button-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226502 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoBuild fix: Enable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
ddkilzer@apple.com [Mon, 8 Jan 2018 09:08:45 +0000 (09:08 +0000)]
Build fix: Enable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
<https://webkit.org/b/181256>
<rdar://problem/36281730>

* Carbon/HIWebView.mm:
(StartUpdateObserver): Include TypeCastsCF.h from WTF, and use
checked_cf_cast<CFRunLoopRef>() to fix warning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226501 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoImplement createImageBitmap(ImageBitmap)
Ms2ger@igalia.com [Mon, 8 Jan 2018 07:23:30 +0000 (07:23 +0000)]
Implement createImageBitmap(ImageBitmap)
https://bugs.webkit.org/show_bug.cgi?id=181287

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

* web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt: rebaseline.

Source/WebCore:

Tests: imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
       imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args.html

* html/ImageBitmap.cpp:
(WebCore::ImageBitmap::createPromise):

LayoutTests:

* platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt: rebaseline.
* platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt: rebaseline.
* platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt: rebaseline.
* platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt: rebaseline.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226500 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoEnable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
ddkilzer@apple.com [Mon, 8 Jan 2018 06:00:43 +0000 (06:00 +0000)]
Enable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
<https://webkit.org/b/181256>
<rdar://problem/36281730>

Reviewed by Darin Adler.

Source/WebInspectorUI:

* Configurations/Base.xcconfig:
(WARNING_CFLAGS): Add -Wcast-qual.

Source/WebKit:

* Configurations/Base.xcconfig:
(WARNING_CFLAGS): Add -Wcast-qual.
* NetworkProcess/cache/NetworkCacheCodersCocoa.cpp:
(WTF::Persistence::encodeCertificateChain): Include
TypeCastsCF.h from WTF, and use
checked_cf_cast<SecCertificateRef>() to fix warning.
* Platform/cocoa/WKCrashReporter.mm:
(WebKit::setCrashReportApplicationSpecificInformation):
- Move `oldMessage` check above nullptr check to fix a leak when
  passing in nullptr after previously setting the crash string.
- Change C-style cast to const_cast<char*>() to fix warning.
* PluginProcess/mac/PluginProcessShim.mm:
(WebKit::shim_shmat): Change C-style cast to
const_cast<void*>() to fix warning.
* Shared/Authentication/mac/AuthenticationManager.mac.mm:
(WebKit::leafCertificate): Include TypeCastsCF.h from
WTF, and use checked_cf_cast<SecCertificateRef>() to fix
warning.
* Shared/cf/ArgumentCodersCF.cpp:
(IPC::encode): Use static_cast<>(const_cast<void*>() to
fix warnings since the CFTypeID has already been
checked.
* Shared/mac/WebCoreArgumentCodersMac.mm:
(IPC::decodeNSError): Use an `auto` variable to hold the
CFMutableDictionaryRef, then WTFMove() to assign it back to
`userInfo`.
* UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::takeWindowSnapshot): Include TypeCastsCF.h from
WTF, and use checked_cf_cast<CGImageRef>() to fix
warning.

Source/WebKitLegacy:

* PlatformMac.cmake:
* WebKitLegacy.xcodeproj/project.pbxproj:
- Rename WebNSDataExtras.m to WebNSDataExtras.mm and change file
  type to Objective-C++.

Source/WebKitLegacy/mac:

* Carbon/CarbonUtils.m:
(PoolCleaner):
- Use #pragmas to ignore -Wcast-qual warnings when using a
  C-style cast from CFTypeRef to CFRunloopRef.
* Carbon/CarbonWindowFrame.m:
(-[CarbonWindowFrame title]):
- Use #pragmas to ignore -Wcast-qual warnings when using a
  C-style cast from CFStringRef to NSString *.
* Carbon/HIViewAdapter.m:
(+[HIViewAdapter getHIViewForNSView:]):
- Use #pragmas to ignore -Wcast-qual warnings when using a
  C-style cast from CFTypeRef to HIViewRef.
* Configurations/Base.xcconfig:
(WARNING_CFLAGS): Add -Wcast-qual.
* Misc/WebElementDictionary.mm:
(-[WebElementDictionary objectForKey:]):
- Use static_cast<SEL>(const_cast<void*>()) to fix
  warning.
* Misc/WebNSDataExtras.mm: Renamed from Source/WebKitLegacy/mac/Misc/WebNSDataExtras.m.
(-[NSString _web_capitalizeRFC822HeaderFieldName]):
(-[NSData _webkit_guessedMIMETypeForXML]):
(-[NSData _webkit_guessedMIMEType]):
(-[NSData _web_isCaseInsensitiveEqualToCString:]):
(_findEOL):
(-[NSData _webkit_parseRFC822HeaderFields]):
(-[NSData _web_startsWithBlankLine]):
(-[NSData _web_locationAfterFirstBlankLine]):
- Rename WebNSDataExtras.m to WebNSDataExtras.mm and change file
  type to Objective-C++.  This fixes the warnings about
  discarding the `const` modifier when casing from CFStringRef
  to NSString * because in older clang versions, -Wcast-qual was
  completely broken when compiling C++ and Objective-C++ source
  files.  In newer clang versions, discarding the `const`
  modifier for toll-free bridged types is ignored when compiling
  Objective-C++ source.
- Update copyright and license header.
- Use reinterpret_cast<> and static_cast<> to fix warnings
  unrelated to (NSString *) C-style casts.
- Replace use of MIN() macro with std::min<> template functions.
- Fix location of `*` for local variables modified above.
* Plugins/Hosted/NetscapePluginHostManager.mm:
(WebKit::NetscapePluginHostManager::spawnPluginHost):
(WebKit::NetscapePluginHostManager::initializeVendorPort):
(WebKit::NetscapePluginHostManager::instantiatePlugin):
- Use static_cast<uint8_t*>(const_cast<void*>()) to fix
  warnings.
* Plugins/Hosted/NetscapePluginHostProxy.mm:
(WebKit::NetscapePluginHostProxy::NetscapePluginHostProxy):
- Use reinterpret_cast<mig_subsystem_t>(const_cast<struct WKWebKitPluginClient_subsystem*>())
  to fix warning.
* Plugins/Hosted/ProxyInstance.mm:
(WebKit::ProxyInstance::invoke):
- Use static_cast<char*>(const_cast<void*>()) to fix
  warning when using -[NSData bytes].
(WebKit::ProxyInstance::fieldValue const):
- Use reinterpret_cast<char*>(const_cast<unsigned char*>())
  to fix warning when using CFDataGetBytePtr().
* Plugins/Hosted/WebTextInputWindowController.m:
(-[WebTextInputPanel _interpretKeyEvent:string:]):
- Use #pragma to ignore -Wcast-qual warning since there
  is not a good way to avoid this warning in Objective-C.
* Plugins/WebNetscapePluginStream.mm:
(WebNetscapePluginStream::deliverData):
- Use const_cast<void*>() to fix warning when using
  -[NSData bytes].
* Plugins/WebNetscapePluginView.mm:
(-[WebNetscapePluginView _createPlugin]):
- Change C-style cast to const_cast<char*>() to fix
  warning.
* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::wrapCryptoKey const):
(WebChromeClient::unwrapCryptoKey const):
- Change C-style cast to
  static_cast<uint8_t*>(const_cast<void*>() to fix
  warning.
* WebView/WebPDFView.mm:
(_applicationInfoForMIMEType):
- Change local variable type from 'NSURL *' to
  'CFURLRef' to fix warning.  Cast back to 'NSURL *'
  when calling -[NSURL path].

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226499 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoReduce the precision of "high" resolution time to 1ms
rniwa@webkit.org [Mon, 8 Jan 2018 01:22:20 +0000 (01:22 +0000)]
Reduce the precision of "high" resolution time to 1ms
https://bugs.webkit.org/show_bug.cgi?id=180910
<rdar://problem/36085943>

Reviewed by Saam Barati.

Source/WebCore:

Reduced the high prevision time's resolution to 1ms, the same precision as Date.now().

Also fixed the bug in fillRTCStats that we weren't reducing the time resolution in RTCStats dictionaries.

* Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
(WebCore::fillRTCStats):
* page/Performance.cpp:
(WebCore::Performance::reduceTimeResolution):

LayoutTests:

Add a flaky test expectation to imported/w3c/web-platform-tests/workers/worker-performance.worker.html
due to a test bug. The test fix is tracked in https://github.com/w3c/web-platform-tests/pull/8711

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226495 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months ago[cmake] Unset CMAKE_REQUIRED_LIBRARIES after check_function_exists test
annulen@yandex.ru [Sun, 7 Jan 2018 22:50:14 +0000 (22:50 +0000)]
[cmake] Unset CMAKE_REQUIRED_LIBRARIES after check_function_exists test
https://bugs.webkit.org/show_bug.cgi?id=181371

Reviewed by Michael Catanzaro.

This variable is used by check_function_exists internally, its value
should be never used for anything else.

* CMakeLists.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226494 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAdd total exits and total compilations sorting mode to the "full" command in display...
sbarati@apple.com [Sun, 7 Jan 2018 22:22:52 +0000 (22:22 +0000)]
Add total exits and total compilations sorting mode to the "full" command in display-profiler-output
https://bugs.webkit.org/show_bug.cgi?id=181372

Reviewed by Filip Pizlo.

Adding these sorting modes makes it easier to analyze functions
that recompile a lot and exit a lot.

* Scripts/display-profiler-output:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226493 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoPossible crash computing event regions
simon.fraser@apple.com [Sun, 7 Jan 2018 06:31:14 +0000 (06:31 +0000)]
Possible crash computing event regions
https://bugs.webkit.org/show_bug.cgi?id=181368
rdar://problem/34847081

Reviewed by Zalan Bujtas.

Source/WebCore:

Don't trigger layout in Element::absoluteEventHandlerBounds(), since this can run arbirary script
which might delete elements or re-enter Document::absoluteRegionForEventTargets().

It's OK to not trigger layout, because if layout is dirty, the next layout will update event regions again.

Add a LayoutDisallowedScope to check that Document::absoluteRegionForEventTargets() doesn't
trigger layout, and move the check for LayoutDisallowedScope::isLayoutAllowed() from Document::updateLayout()
to LayoutContext::layout(), since some layouts don't happen via the former (e.g. the one being removed here).

The test checks that the assertion does not fire. I was not able to get a reliable test for any crash.

Test: fast/events/event-handler-regions-layout.html

* dom/Document.cpp:
(WebCore::Document::updateLayout):
(WebCore::Document::absoluteRegionForEventTargets):
* dom/Element.cpp:
(WebCore::Element::absoluteEventHandlerBounds):
* page/LayoutContext.cpp:
(WebCore::LayoutContext::layout):
* rendering/LayoutDisallowedScope.h: Move the #ifdefs around to avoid defining the enum twice.
(WebCore::LayoutDisallowedScope::LayoutDisallowedScope):
(WebCore::LayoutDisallowedScope::isLayoutAllowed):

LayoutTests:

* fast/events/event-handler-regions-layout-expected.txt: Added.
* fast/events/event-handler-regions-layout.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226492 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoCrash under RenderLayer::scrollTo() with marquee
simon.fraser@apple.com [Sun, 7 Jan 2018 05:48:47 +0000 (05:48 +0000)]
Crash under RenderLayer::scrollTo() with marquee
https://bugs.webkit.org/show_bug.cgi?id=181349
rdar://problem/36190168

Reviewed by Zalan Bujtas.

Source/WebCore:

Don't call updateWidgetPositions() synchonously during RenderLayer scrolling, because it
can run arbitrary script which may trigger destruction of this RenderLayer.

Instead, queue up updateWidgetPositions() on a zero-delay timer.

Under some circumstances this may allow a paint to occur before the widgets have been
updated (which could be fixed with a more invasive change), but in practice I saw no
painting issues with plug-ins or iframes inside overflow scroll, in WebKit or LegacyWebKit.

Test: fast/scrolling/marquee-scroll-crash.html

* page/FrameView.cpp:
(WebCore::FrameView::FrameView):
(WebCore::FrameView::updateWidgetPositions):
(WebCore::FrameView::scheduleUpdateWidgetPositions):
(WebCore::FrameView::updateWidgetPositionsTimerFired):
* page/FrameView.h:
* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::scrollTo):

LayoutTests:

* fast/scrolling/marquee-scroll-crash-expected.txt: Added.
* fast/scrolling/marquee-scroll-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226491 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoAccurately clip copyTexImage2D and copyTexSubImage2D
dino@apple.com [Sun, 7 Jan 2018 05:18:47 +0000 (05:18 +0000)]
Accurately clip copyTexImage2D and copyTexSubImage2D
https://bugs.webkit.org/show_bug.cgi?id=181356
<rdar://problem/35083877>

Reviewed by Eric Carlson.

Source/WebCore:

The code to make sure copyTexSubImage2D and copyTexImage2D will not try to read
out of bounds had a bad bug introduced here:
https://bugs.webkit.org/show_bug.cgi?id=51421

With appropriate parameters, it would produce a rectangle with
negative dimensions. Most GL drivers just ignored this, but some
are not happy.

Test: fast/canvas/webgl/copy-tex-image-and-sub-image-2d-bad-input.html

* html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::clip2D): Reimplement this in a more sane manner, and use
checked arithmetic while here.
* html/canvas/WebGLRenderingContextBase.h:
(WebCore::clip1D): Deleted.
(WebCore::clip2D): Deleted.

LayoutTests:

* fast/canvas/webgl/copy-tex-image-and-sub-image-2d-bad-input-expected.txt: Added.
* fast/canvas/webgl/copy-tex-image-and-sub-image-2d-bad-input.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226490 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoObject.getOwnPropertyNames includes "arguments" and "caller" for bound functions
utatane.tea@gmail.com [Sun, 7 Jan 2018 00:15:21 +0000 (00:15 +0000)]
Object.getOwnPropertyNames includes "arguments" and "caller" for bound functions
https://bugs.webkit.org/show_bug.cgi?id=181321

Reviewed by Saam Barati.

JSTests:

* stress/bound-function-does-not-have-caller-and-arguments.js: Added.
(shouldBe):
(testFunction):
* test262.yaml:

Source/JavaScriptCore:

According to ECMA262 16.2[1], functions created using the bind method must not have
"caller" and "arguments" own properties.

[1]: https://tc39.github.io/ecma262/#sec-forbidden-extensions

* runtime/JSBoundFunction.cpp:
(JSC::JSBoundFunction::finishCreation):

LayoutTests:

* inspector/model/remote-object-get-properties-expected.txt:
* inspector/runtime/getProperties-expected.txt:
* js/script-tests/strict-throw-type-error.js:
* js/strict-throw-type-error-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226489 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 months agoUse WeakPtr for RenderTreePosition::m_nextSibling
antti@apple.com [Sat, 6 Jan 2018 21:01:19 +0000 (21:01 +0000)]
Use WeakPtr for RenderTreePosition::m_nextSibling
https://bugs.webkit.org/show_bug.cgi?id=181363

Reviewed by Zalan Bujtas.

For safety. In most cases it is null and won't cause us to instantiate WeakReferences for
many new objects.

* rendering/updating/RenderTreePosition.cpp:
(WebCore::RenderTreePosition::computeNextSibling):
* rendering/updating/RenderTreePosition.h:
(WebCore::RenderTreePosition::RenderTreePosition):
(WebCore::RenderTreePosition::nextSibling const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226488 268f45cc-cd09-0410-ab3c-d52691b4dbfc