WebKit-https.git
4 years agoAdd specialization for encoding/decoding WebCore::CertificateInfos in the Network...
weinig@apple.com [Mon, 25 Jul 2016 00:48:51 +0000 (00:48 +0000)]
Add specialization for encoding/decoding WebCore::CertificateInfos in the Network Cache
<rdar://problem/27409315>
https://bugs.webkit.org/show_bug.cgi?id=160144

Reviewed by Chris Dumez.

* NetworkProcess/cache/NetworkCacheCoders.cpp:
(WebKit::NetworkCache::encodeCFData):
(WebKit::NetworkCache::decodeCFData):
(WebKit::NetworkCache::encodeSecTrustRef):
(WebKit::NetworkCache::decodeSecTrustRef):
(WebKit::NetworkCache::encodeCertificateChain):
(WebKit::NetworkCache::decodeCertificateChain):
(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::encode):
(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::decode):

* NetworkProcess/cache/NetworkCacheStorage.h:
(WebKit::NetworkCache::Storage::version):
Bump the version and lastStableVersion to account for the format change.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203671 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoB3 should support multiple entrypoints
fpizlo@apple.com [Sun, 24 Jul 2016 20:33:40 +0000 (20:33 +0000)]
B3 should support multiple entrypoints
https://bugs.webkit.org/show_bug.cgi?id=159391

Reviewed by Saam Barati.
Source/JavaScriptCore:

This teaches B3 how to compile procedures with multiple entrypoints in the best way ever.

Multiple entrypoints are useful. We could use them to reduce the cost of compiling OSR
entrypoints. We could use them to implement better try/catch.

Multiple entrypoints are hard to support. All of the code that assumed that the root block
is the entrypoint would have to be changed. Transformations like moveConstants() would have
to do crazy things if the existence of multiple entrypoints prevented it from finding a
single common dominator.

Therefore, we want to add multiple entrypoints without actually teaching the compiler that
there is such a thing. That's sort of what this change does.

This adds a new opcode to both B3 and Air called EntrySwitch. It's a terminal that takes
one or more successors and no value children. The number of successors must match
Procedure::numEntrypoints(), which could be arbitrarily large. The semantics of EntrySwitch
are:

- Each of the entrypoints sets a hidden Entry variable to that entrypoint's index and jumps
  to the procedure's root block.

- An EntrySwitch is a switch statement over this hidden Entry variable.

The way that we actually implement this is that Air has a very late phase - after all
register and stack layout - that clones all code where the Entry variable is live; i.e all
code in the closure over predecessors of all blocks that do EntrySwitch.

Usually, you would use this by creating an EntrySwitch in the root block, but you don't
have to do that. Just remember that the code before EntrySwitch gets cloned for each
entrypoint. We allow cloning of an arbitrarily large amount of code because restricting it,
and so restricing the placement of EntrySwitches, would be unelegant. It would be hard to
preserve this invariant. For example we wouldn't be able to lower any value before an
EntrySwitch to a control flow diamond.

This patch gives us an easy-to-use way to use B3 to compile code with multiple entrypoints.
Inside the compiler, only code that runs very late in Air has to know about this feature.
We get the best of both worlds!

Also, I finally got rid of the requirement that you explicitly cast BasicBlock* to
FrequentedBlock. I can no longer remember why I thought that was a good idea. Removing it
doesn't cause any problems and it makes code easier to write.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* b3/B3BasicBlockUtils.h:
(JSC::B3::updatePredecessorsAfter):
(JSC::B3::clearPredecessors):
(JSC::B3::recomputePredecessors):
* b3/B3FrequencyClass.h:
(JSC::B3::maxFrequency):
* b3/B3Generate.h:
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
* b3/B3MoveConstants.cpp:
* b3/B3Opcode.cpp:
(WTF::printInternal):
* b3/B3Opcode.h:
* b3/B3Procedure.cpp:
(JSC::B3::Procedure::isFastConstant):
(JSC::B3::Procedure::entrypointLabel):
(JSC::B3::Procedure::addDataSection):
* b3/B3Procedure.h:
(JSC::B3::Procedure::numEntrypoints):
(JSC::B3::Procedure::setNumEntrypoints):
(JSC::B3::Procedure::setLastPhaseName):
* b3/B3Validate.cpp:
* b3/B3Value.cpp:
(JSC::B3::Value::effects):
(JSC::B3::Value::typeFor):
* b3/B3Value.h:
* b3/air/AirCode.cpp:
(JSC::B3::Air::Code::cCallSpecial):
(JSC::B3::Air::Code::isEntrypoint):
(JSC::B3::Air::Code::resetReachability):
(JSC::B3::Air::Code::dump):
* b3/air/AirCode.h:
(JSC::B3::Air::Code::setFrameSize):
(JSC::B3::Air::Code::numEntrypoints):
(JSC::B3::Air::Code::entrypoints):
(JSC::B3::Air::Code::entrypoint):
(JSC::B3::Air::Code::setEntrypoints):
(JSC::B3::Air::Code::entrypointLabel):
(JSC::B3::Air::Code::setEntrypointLabels):
(JSC::B3::Air::Code::calleeSaveRegisters):
* b3/air/AirCustom.h:
(JSC::B3::Air::PatchCustom::isTerminal):
(JSC::B3::Air::PatchCustom::hasNonArgEffects):
(JSC::B3::Air::PatchCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::PatchCustom::generate):
(JSC::B3::Air::CommonCustomBase::hasNonArgEffects):
(JSC::B3::Air::CCallCustom::forEachArg):
(JSC::B3::Air::ColdCCallCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::forEachArg):
(JSC::B3::Air::EntrySwitchCustom::forEachArg):
(JSC::B3::Air::EntrySwitchCustom::isValidFormStatic):
(JSC::B3::Air::EntrySwitchCustom::isValidForm):
(JSC::B3::Air::EntrySwitchCustom::admitsStack):
(JSC::B3::Air::EntrySwitchCustom::isTerminal):
(JSC::B3::Air::EntrySwitchCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::EntrySwitchCustom::generate):
* b3/air/AirGenerate.cpp:
(JSC::B3::Air::prepareForGeneration):
(JSC::B3::Air::generate):
* b3/air/AirLowerEntrySwitch.cpp: Added.
(JSC::B3::Air::lowerEntrySwitch):
* b3/air/AirLowerEntrySwitch.h: Added.
* b3/air/AirOpcode.opcodes:
* b3/air/AirOptimizeBlockOrder.cpp:
(JSC::B3::Air::blocksInOptimizedOrder):
* b3/air/AirSpecial.cpp:
(JSC::B3::Air::Special::isTerminal):
(JSC::B3::Air::Special::hasNonArgEffects):
(JSC::B3::Air::Special::hasNonArgNonControlEffects):
* b3/air/AirSpecial.h:
* b3/air/AirValidate.cpp:
* b3/air/opcode_generator.rb:
* b3/testb3.cpp:

Source/WTF:

* wtf/GraphNodeWorklist.h: Expose some handy functionality.
(WTF::GraphNodeWorklist::pop):
(WTF::GraphNodeWorklist::saw):
(WTF::GraphNodeWorklist::seen):
* wtf/VectorTraits.h: Fix a bug! Otherwise filling a vector of byte-sized enum classes doesn't work.

Websites/webkit.org:

Update some statements about ControlValue (which doesn't exist anymore) and add a blurb
about EntrySwitch.

* docs/b3/index.html:
* docs/b3/intermediate-representation.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203670 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAX: Video Controls: Volume cannot be adjusted using VO.
n_wang@apple.com [Sun, 24 Jul 2016 19:53:53 +0000 (19:53 +0000)]
AX: Video Controls: Volume cannot be adjusted using VO.
https://bugs.webkit.org/show_bug.cgi?id=160107

Reviewed by Dean Jackson.

Source/WebCore:

The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
is spoken in percentage.

Test: accessibility/mac/video-volume-slider-accessibility.html

* Modules/mediacontrols/mediaControlsApple.js:
(Controller.prototype.createControls):
(Controller.prototype.handleVolumeSliderInput):
(Controller.prototype.updateVolume):

LayoutTests:

* accessibility/mac/video-volume-slider-accessibility-expected.txt: Added.
* accessibility/mac/video-volume-slider-accessibility.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203669 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, fix broken test. I don't know why I goofed this up without seeing it...
fpizlo@apple.com [Sun, 24 Jul 2016 18:59:29 +0000 (18:59 +0000)]
Unreviewed, fix broken test. I don't know why I goofed this up without seeing it before landing.

* b3/air/AirOpcode.opcodes:
* b3/testb3.cpp:
(JSC::B3::run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203668 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
ddkilzer@apple.com [Sun, 24 Jul 2016 17:47:39 +0000 (17:47 +0000)]
REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
<https://webkit.org/b/160111>
<rdar://problem/27506489>

Reviewed by Chris Dumez.

Source/WebCore:

Test: mathml/mpadded-crash.html

* mathml/MathMLElement.cpp:
(WebCore::skipLeadingAndTrailingWhitespace): Change to take
StringView parameter instead of String to avoid creating a
temporary String that's released on return.

LayoutTests:

* mathml/mpadded-crash-expected.txt: Added.
* mathml/mpadded-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203667 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[B3] Fusing immediates into test instructions should work again
fpizlo@apple.com [Sun, 24 Jul 2016 17:36:43 +0000 (17:36 +0000)]
[B3] Fusing immediates into test instructions should work again
https://bugs.webkit.org/show_bug.cgi?id=160073

Reviewed by Sam Weinig.

When we introduced BitImm, we forgot to change the Branch(BitAnd(value, constant))
fusion.  This emits test instructions, so it should use BitImm for the constant.  But it
was still using Imm!  This meant that isValidForm() always returned false.

This fixes the code path to use BitImm, and turns off our use of BitImm64 on x86 since
it provides no benefit on x86 and has some risk (the code appears to play fast and loose
with the scratch register).

This is not an obvious progression on anything, so I added comprehensive tests to
testb3, which check that we selected the optimal instruction in a variety of situations.
We should add more tests like this!

* b3/B3BasicBlock.h:
(JSC::B3::BasicBlock::successorBlock):
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::createGenericCompare):
* b3/B3LowerToAir.h:
* b3/air/AirArg.cpp:
(JSC::B3::Air::Arg::isRepresentableAs):
(JSC::B3::Air::Arg::usesTmp):
* b3/air/AirArg.h:
(JSC::B3::Air::Arg::isRepresentableAs):
(JSC::B3::Air::Arg::castToType):
(JSC::B3::Air::Arg::asNumber):
* b3/air/AirCode.h:
(JSC::B3::Air::Code::size):
(JSC::B3::Air::Code::at):
* b3/air/AirOpcode.opcodes:
* b3/air/AirValidate.h:
* b3/air/opcode_generator.rb:
* b3/testb3.cpp:
(JSC::B3::compile):
(JSC::B3::compileAndRun):
(JSC::B3::lowerToAirForTesting):
(JSC::B3::testSomeEarlyRegister):
(JSC::B3::testBranchBitAndImmFusion):
(JSC::B3::zero):
(JSC::B3::run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203666 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoTest gardening after r203626.
mmaxfield@apple.com [Sun, 24 Jul 2016 17:25:37 +0000 (17:25 +0000)]
Test gardening after r203626.
https://bugs.webkit.org/show_bug.cgi?id=160102
<rdar://problem/27453479>

Unreviewed.

* platform/ios-simulator/editing/deleting/delete-emoji-expected.txt:
* platform/mac-yosemite/editing/deleting/delete-emoji-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203665 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, update the exponentiation expression error message
utatane.tea@gmail.com [Sun, 24 Jul 2016 15:53:43 +0000 (15:53 +0000)]
Unreviewed, update the exponentiation expression error message
https://bugs.webkit.org/show_bug.cgi?id=159969

Follow up patch for r203499.

* parser/Parser.cpp:
(JSC::Parser<LexerType>::parseBinaryExpression):
* tests/stress/pow-expects-update-expression-on-lhs.js:
(throw.new.Error):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203664 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation...
commit-queue@webkit.org [Sun, 24 Jul 2016 13:08:12 +0000 (13:08 +0000)]
[Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
https://bugs.webkit.org/show_bug.cgi?id=160142

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-07-24
Reviewed by Michael Catanzaro.

This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
returns early. This normally works because the coodinator is the one starting the layer flush, so that when
RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
that moment the coordinator is not flusing layers, what causes that
CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
that schedules a new flush while flusing layers causing the
assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
never need to call RenderLayerCompositor::notifyFlushRequired() from there.

* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
(WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
(WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203663 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Layout test security/contentSecurityPolicy/plugins-types-allows-quicktime-plugi...
mcatanzaro@igalia.com [Sun, 24 Jul 2016 13:04:22 +0000 (13:04 +0000)]
[GTK] Layout test security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html timing out
https://bugs.webkit.org/show_bug.cgi?id=160128

Unreviewed, skip the tests.

* platform/efl/TestExpectations:
* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203662 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdding a new WebCore JavaScript built-in source file does not trigger rebuild of...
darin@apple.com [Sun, 24 Jul 2016 11:10:02 +0000 (11:10 +0000)]
Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
https://bugs.webkit.org/show_bug.cgi?id=160115

Reviewed by Youenn Fablet.

Source/JavaScriptCore:

* make-generated-sources.sh: Removed. Was unused.

Source/WebCore:

* DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS
kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.

* make-generated-sources.sh: Removed. Was unused.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203661 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoStop isEmpty() from leaking out of SVG.
zalan@apple.com [Sun, 24 Jul 2016 03:11:55 +0000 (03:11 +0000)]
Stop isEmpty() from leaking out of SVG.
https://bugs.webkit.org/show_bug.cgi?id=160121

Reviewed by Simon Fraser.

It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.

No change in functionality.

* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
* rendering/RenderElement.h:
* rendering/RenderListItem.cpp:
(WebCore::RenderListItem::isEmpty): Deleted.
* rendering/RenderListItem.h:
* rendering/RenderObject.h:
(WebCore::RenderObject::isEmpty): Deleted.
* rendering/RenderRubyRun.cpp:
(WebCore::RenderRubyRun::removeChild):
(WebCore::RenderRubyRun::isEmpty): Deleted.
* rendering/RenderRubyRun.h:
* rendering/mathml/RenderMathMLFenced.cpp:
(WebCore::RenderMathMLFenced::updateFromElement):
(WebCore::RenderMathMLFenced::addChild):
* rendering/mathml/RenderMathMLRoot.cpp:
(WebCore::RenderMathMLRoot::paint):
* rendering/svg/RenderSVGShape.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203660 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed GTK test expectations fixups
mcatanzaro@igalia.com [Sun, 24 Jul 2016 02:15:25 +0000 (02:15 +0000)]
Unreviewed GTK test expectations fixups

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203659 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoEven more unreviewed flaky GTK test gardening
mcatanzaro@igalia.com [Sun, 24 Jul 2016 02:11:11 +0000 (02:11 +0000)]
Even more unreviewed flaky GTK test gardening

* TestExpectations:
* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203658 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agotable*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead...
zalan@apple.com [Sun, 24 Jul 2016 01:39:13 +0000 (01:39 +0000)]
table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
https://bugs.webkit.org/show_bug.cgi?id=160123

Reviewed by Simon Fraser.

No change in functionality.

* rendering/RenderTable.cpp:
(WebCore::RenderTable::tableStartBorderAdjoiningCell):
(WebCore::RenderTable::tableEndBorderAdjoiningCell):
* rendering/RenderTable.h:
* rendering/RenderTableCell.cpp:
(WebCore::RenderTableCell::computeCollapsedStartBorder):
(WebCore::RenderTableCell::computeCollapsedEndBorder):
* rendering/RenderTableCell.h:
(WebCore::RenderTableCell::borderAdjoiningCellBefore):
(WebCore::RenderTableCell::borderAdjoiningCellAfter):
* rendering/RenderTableCol.cpp:
(WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
(WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
(WebCore::RenderTableCol::borderAdjoiningCellBefore):
(WebCore::RenderTableCol::borderAdjoiningCellAfter):
* rendering/RenderTableCol.h:
* rendering/RenderTableRow.cpp:
(WebCore::RenderTableRow::borderAdjoiningStartCell):
(WebCore::RenderTableRow::borderAdjoiningEndCell):
* rendering/RenderTableRow.h:
* rendering/RenderTableSection.cpp:
(WebCore::RenderTableSection::borderAdjoiningStartCell):
(WebCore::RenderTableSection::borderAdjoiningEndCell):
* rendering/RenderTableSection.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203657 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove unused enum and stale comment from RenderObject.
zalan@apple.com [Sun, 24 Jul 2016 01:38:24 +0000 (01:38 +0000)]
Remove unused enum and stale comment from RenderObject.
https://bugs.webkit.org/show_bug.cgi?id=160122

Reviewed by Simon Fraser.

No change in functionality.

* rendering/RenderBox.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203656 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed flaky test gardening for GTK
mcatanzaro@igalia.com [Sat, 23 Jul 2016 23:10:21 +0000 (23:10 +0000)]
Unreviewed flaky test gardening for GTK

Mostly more fallout from threaded compositor

* TestExpectations:
* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203655 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMore unreviewed GTK gardening
mcatanzaro@igalia.com [Sat, 23 Jul 2016 22:02:54 +0000 (22:02 +0000)]
More unreviewed GTK gardening

Update expectations for tests timing out

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203654 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMore unreviewed GTK gardening
mcatanzaro@igalia.com [Sat, 23 Jul 2016 21:47:42 +0000 (21:47 +0000)]
More unreviewed GTK gardening

Mark more flaky crashes after enabling threaded compositor

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203653 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMore unreviewed GTK gardening, mark even more new passes after enabling threaded...
mcatanzaro@igalia.com [Sat, 23 Jul 2016 21:32:22 +0000 (21:32 +0000)]
More unreviewed GTK gardening, mark even more new passes after enabling threaded compositor

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203652 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, fix Windows build after r203623.
cdumez@apple.com [Sat, 23 Jul 2016 21:09:20 +0000 (21:09 +0000)]
Unreviewed, fix Windows build after r203623.

* DOMCoreClasses.cpp:
(DOMDocument::getComputedStyle):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203651 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed GTK gardening, mark many emoji gender tests passing
mcatanzaro@igalia.com [Sat, 23 Jul 2016 18:14:10 +0000 (18:14 +0000)]
Unreviewed GTK gardening, mark many emoji gender tests passing

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203650 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed test gardening
mcatanzaro@igalia.com [Sat, 23 Jul 2016 18:05:12 +0000 (18:05 +0000)]
Unreviewed test gardening

These tests are flaky now on GTK, passing about half the time.

* TestExpectations:
* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203649 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed GTK gardening new passes after enabling threaded compositor
mcatanzaro@igalia.com [Sat, 23 Jul 2016 17:51:46 +0000 (17:51 +0000)]
Unreviewed GTK gardening new passes after enabling threaded compositor

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203648 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed test expectation gardening
mcatanzaro@igalia.com [Sat, 23 Jul 2016 16:41:43 +0000 (16:41 +0000)]
Unreviewed test expectation gardening

Skip layout test editing/deleting/delete-emoji.html

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203647 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, move some GTK expectations to more appropriate locations
mcatanzaro@igalia.com [Sat, 23 Jul 2016 16:31:13 +0000 (16:31 +0000)]
Unreviewed, move some GTK expectations to more appropriate locations

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203646 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, add GTK expectations for threaded compositor regressions
mcatanzaro@igalia.com [Sat, 23 Jul 2016 16:28:18 +0000 (16:28 +0000)]
Unreviewed, add GTK expectations for threaded compositor regressions

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203645 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Coordinated Graphics] Lots of flaky tests
commit-queue@webkit.org [Sat, 23 Jul 2016 15:25:42 +0000 (15:25 +0000)]
[Coordinated Graphics] Lots of flaky tests
https://bugs.webkit.org/show_bug.cgi?id=160118

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-07-23
Reviewed by Michael Catanzaro.

Source/WebCore:

Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
bots. In manu of the cases the diff shows a different size in the FrameView layer.

This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:

 1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
 2.- When it finishes TestController::resetStateToConsistentValues() is called.
 3.- Blank URL is loaded after state has been updated
 4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
     layout state and size.
 5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
     layout to true and size to 400x400 again.
 6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.

In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.

* platform/ScrollView.cpp:
(WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
fixed layout is enabled.
(WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
(WebCore::ScrollView::visibleContentRectInternal): Ditto.
* testing/Internals.cpp:
(WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.

LayoutTests:

* fast/fixed-layout/fixed-layout.html: Remove the onresize handler when the test finishes to ensure it can't be
called later affecting other tests.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203644 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html...
commit-queue@webkit.org [Sat, 23 Jul 2016 15:23:53 +0000 (15:23 +0000)]
[Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
https://bugs.webkit.org/show_bug.cgi?id=160078

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-07-23
Reviewed by Michael Catanzaro.

Source/WebCore:

This is a merge of Blink r155373.
https://chromiumcodereview.appspot.com/20789004

Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.

Fixes imported/blink/svg/custom/svg-image-layers-crash.html.

* svg/graphics/SVGImage.cpp:
(WebCore::SVGImage::dataChanged):

LayoutTests:

* platform/efl/TestExpectations: Remove imported/blink/svg/custom/svg-image-layers-crash.html.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203643 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r203641.
commit-queue@webkit.org [Sat, 23 Jul 2016 09:58:15 +0000 (09:58 +0000)]
Unreviewed, rolling out r203641.
https://bugs.webkit.org/show_bug.cgi?id=160116

It broke make-based builds (Requested by youenn on #webkit).

Reverted changeset:

"[Fetch API] Request should be created with any HeadersInit
data"
https://bugs.webkit.org/show_bug.cgi?id=159672
http://trac.webkit.org/changeset/203641

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203642 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Fetch API] Request should be created with any HeadersInit data
commit-queue@webkit.org [Sat, 23 Jul 2016 08:55:38 +0000 (08:55 +0000)]
[Fetch API] Request should be created with any HeadersInit data
https://bugs.webkit.org/show_bug.cgi?id=159672

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-23
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

* imported/w3c/web-platform-tests/fetch/api/credentials/authentication-basic-expected.txt: Test was previously
failing due to lack of support for HeadersInit data in Request constructor.
* platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/credentials/authentication-basic-expected.txt: Removed.
* web-platform-tests/fetch/api/request/request-headers-expected.txt:
* web-platform-tests/fetch/api/request/request-headers.html: Adding new test.

Source/JavaScriptCore:

* Scripts/builtins/builtins_generator.py:
(WK_lcfirst): Synchronized with CodeGenerator.pm version.

Source/WebCore:

Made Request use JSBuiltinConstructor.
This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
Future effort should be made to migrate more initialization code in initializeFetchRequest.

Made window and worker fetch function as a JS built-in.
This becomes more handy as these new functions can construct the Request object.
They can then call a single private function that takes a Request object as input.
Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.

To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
private functions atttached to global objects.

Covered by existing and modified tests.
Binding generator test covered by updated binding tests.

* CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
* DerivedSources.make: Ditto.
* Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
(WebCore::DOMWindowFetch::fetch):
* Modules/fetch/DOMWindowFetch.h: Ditto.
* Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
* Modules/fetch/DOMWindowFetch.js: Added.
(fetch):
* Modules/fetch/FetchHeaders.h:
(WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
* Modules/fetch/FetchRequest.cpp:
(WebCore::buildHeaders): Removed as implemented in JS.
(WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
(WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
(WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
(WebCore::buildBody): Deleted.
* Modules/fetch/FetchRequest.h:
* Modules/fetch/FetchRequest.idl:
* Modules/fetch/FetchRequest.js: Added.
(initializeFetchRequest): Implements fetch Request(input, init) constructor.
* Modules/fetch/FetchResponse.cpp:
(WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
* Modules/fetch/FetchResponse.h:
* Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
(WebCore::WorkerGlobalScopeFetch::fetch):
* Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
* Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
* Modules/fetch/WorkerGlobalScopeFetch.js: Added.
(fetch):
* bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
* bindings/scripts/CodeGenerator.pm:
(WK_lcfirst): Replacing dOM by dom.
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
* bindings/scripts/test/JS/JSTestGlobalObject.cpp:
(WebCore::JSTestGlobalObject::finishCreation):
(WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
* bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
(-[DOMTestGlobalObject testJSBuiltinFunction]):
* bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203641 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoReset font-style on the <math> element
commit-queue@webkit.org [Sat, 23 Jul 2016 08:39:02 +0000 (08:39 +0000)]
Reset font-style on the <math> element
https://bugs.webkit.org/show_bug.cgi?id=160074

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-23
Reviewed by Darin Adler.

Source/WebCore:

Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
'normal' by default. This addresses the concrete use case of formula inside theorem or
proposition statements, which are often written in italic.

Test: mathml/presentation/math-font-style.html

* css/mathml.css:
(math): Reset the font-style to normal.

LayoutTests:

* mathml/presentation/math-font-style-expected.html: Added.
* mathml/presentation/math-font-style.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203640 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoSource/WebCore:
commit-queue@webkit.org [Sat, 23 Jul 2016 08:19:57 +0000 (08:19 +0000)]
Source/WebCore:
[MathML] PaintInfo state is not properly restored after applyTransform.
https://bugs.webkit.org/show_bug.cgi?id=160077

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-23
Reviewed by Simon Fraser.

PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
original PaintInfo before applying the transform.

Test: mathml/presentation/bug160077.html

* rendering/mathml/MathOperator.cpp:
(WebCore::MathOperator::paint):
* rendering/mathml/RenderMathMLMenclose.cpp:
(WebCore::RenderMathMLMenclose::paint):

LayoutTests:
[MathML] PaintInfo state not properly restored after applyTransform.
https://bugs.webkit.org/show_bug.cgi?id=160077

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-23
Reviewed by Simon Fraser.

* mathml/presentation/bug160077-expected-mismatch.html: Added.
* mathml/presentation/bug160077.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203639 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWPT stash server should be kept running when launching wpt server
commit-queue@webkit.org [Sat, 23 Jul 2016 08:07:58 +0000 (08:07 +0000)]
WPT stash server should be kept running when launching wpt server
https://bugs.webkit.org/show_bug.cgi?id=160052

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-23
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

* web-platform-tests/XMLHttpRequest/send-authentication-basic-setrequestheader-and-arguments-expected.txt:
* web-platform-tests/fetch/api/cors/cors-preflight-expected.txt:
* web-platform-tests/fetch/api/cors/cors-preflight-referrer-expected.txt:
* web-platform-tests/html/semantics/document-metadata/the-link-element/document-without-browsing-context-expected.txt:
* web-platform-tests/html/semantics/embedded-content/the-iframe-element/cross_origin_parentage-expected.txt:
* web-platform-tests/html/semantics/embedded-content/the-iframe-element/same_origin_parentage-expected.txt:

Tools:

* Scripts/webkitpy/layout_tests/servers/web_platform_test_launcher.py:
(main): waiting to read stdin while stash server is started.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203638 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Fetch API] Fetch response stream should enqueue Uint8Array
commit-queue@webkit.org [Sat, 23 Jul 2016 07:46:44 +0000 (07:46 +0000)]
[Fetch API] Fetch response stream should enqueue Uint8Array
https://bugs.webkit.org/show_bug.cgi?id=160083

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-23
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

* web-platform-tests/fetch/api/resources/utils.js:

Source/WebCore:

Covered by updated tests.

Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
It also returns a boolean whether the operation is successful or not.

If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.

Updated the code to remove templated enqueuing as Fetch has no use of it.

* Modules/fetch/FetchBody.cpp:
(WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
* Modules/fetch/FetchBodyOwner.cpp:
(WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
* Modules/fetch/FetchResponse.cpp:
(WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
(WebCore::FetchResponse::consumeBodyAsStream): Ditto.
* Modules/fetch/FetchResponseSource.h:
* bindings/js/ReadableStreamController.h:
(WebCore::ReadableStreamController::enqueue):
(WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203637 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION (r202876): Web Inspector: Switching away from Console tab with a lot of...
nvasilyev@apple.com [Sat, 23 Jul 2016 07:17:37 +0000 (07:17 +0000)]
REGRESSION (r202876): Web Inspector: Switching away from Console tab with a lot of messages is slow
https://bugs.webkit.org/show_bug.cgi?id=160112

Reviewed by Joseph Pecoraro.

Showing NavigationSidebar before removing previous TabContentView can be very slow when
TabContentView is ConsoleTabContentView with a lot of messages. The order of operations
(show sidebar, change content view, show sidebar) caused more forced layouts. This patch
reduces the number of forced layouts by changes the order to: show content view, show sidebar,
show sidebar.

* UserInterface/Views/TabBrowser.js:
(WebInspector.TabBrowser.prototype._tabBarItemSelected):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203636 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Automation: All key events should be processed before sending response
joepeck@webkit.org [Sat, 23 Jul 2016 06:15:22 +0000 (06:15 +0000)]
Web Automation: All key events should be processed before sending response
https://bugs.webkit.org/show_bug.cgi?id=160114
<rdar://problem/27505943>

Reviewed by Darin Adler.

When evaluating performKeyboardInteractions, we were sending all
NSEvents synchronously, but because WebPageProxy was doing its
own queueing and asynchronous processing of those key events, we
would receive and respond to the next Automation command before
having completed all of the key events.

This change makes performKeyboardInteractions asynchronous. It
will be notified only after WebPageProxy has exhausted its queue
of key events.

* UIProcess/Automation/Automation.json:
* UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::keyboardEventsFlushedForPage):
(WebKit::WebAutomationSession::evaluateJavaScriptFunction):
(WebKit::WebAutomationSession::performKeyboardInteractions):
* UIProcess/Automation/WebAutomationSession.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didReceiveEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203635 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Automation: WebAutomationSession::deleteAllCookies never calls callback, hangs...
joepeck@webkit.org [Sat, 23 Jul 2016 06:15:19 +0000 (06:15 +0000)]
Web Automation: WebAutomationSession::deleteAllCookies never calls callback, hangs automation session
https://bugs.webkit.org/show_bug.cgi?id=160113
<rdar://problem/27308124>

Reviewed by Darin Adler.

Delete all cookies appears to be a straightforward action
where we don't need to wait for a callback. So drop the
async altogether and implicitly complete the action.

* UIProcess/Automation/Automation.json:
* UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::deleteAllCookies):
* UIProcess/Automation/WebAutomationSession.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203634 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION(r203035): Marking points as an outlier no longer updates charts
rniwa@webkit.org [Sat, 23 Jul 2016 06:11:33 +0000 (06:11 +0000)]
REGRESSION(r203035): Marking points as an outlier no longer updates charts
https://bugs.webkit.org/show_bug.cgi?id=160106

Reviewed by Darin Adler.

The bug was caused by MeasurementSet's fetchBetween clearing previously registered callbacks when noCache
option is specified.

* public/v3/components/time-series-chart.js:
(TimeSeriesChart.prototype.setSourceList): Clear this._fetchedTimeSeries when changing chart options.
e.g. need to start including or excluding outliers.
(TimeSeriesChart.prototype.fetchMeasurementSets): Don't skip the fetching when noCache is true.

* public/v3/models/measurement-set.js:
(MeasurementSet): Added this._callbackMap as an instance variable to keep track of all callbacks on every
cluster since we may need to call each callback multiple times per cluster when noCache option is used.
(MeasurementSet.prototype.fetchBetween): Moved the code to add _primaryClusterPromise to _allFetches here
so that now this function and _ensureClusterPromise are only functions that touch _allFetches.
(MeasurementSet.prototype._ensureClusterPromise): Extracted out of fetchBetween. Queue up all callbacks
for each cluster when creating a new promise.
(MeasurementSet.prototype._fetchPrimaryCluster): Removed the code to add _primaryClusterPromise now that
it's done in fetchBetween.

* public/v3/remote.js:
(RemoteAPI.postJSONWithStatus): Removed superfluous call to console.log.

* unit-tests/measurement-set-tests.js: Updated the test case for noCache. The callback registered before
fetchBetween is called with noCache=true is now invoked so callCount must be 3 instead of 2.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203633 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUse a private property to implement FetchResponse.body getter
commit-queue@webkit.org [Sat, 23 Jul 2016 06:01:15 +0000 (06:01 +0000)]
Use a private property to implement FetchResponse.body getter
https://bugs.webkit.org/show_bug.cgi?id=159808

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-22
Reviewed by Sam Weinig.

Covered by existing test sets.

Previously, body was handled as a CachedAttribute.
Using a private property will allow direct use of this property from JS built-ins which will allow easier
handling of ReadableStream cloning in Response.clone.
Also, this allows removing some binding custom code.

Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
Ditto for createReadableStreamSource.

* CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
* Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
Making body getter a JSBuiltin.
* Modules/fetch/FetchResponse.js:
(body): Adding getter which will call createReadableStreamSource if needed.
* WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
* bindings/js/JSFetchResponseCustom.cpp: Removed.
* bindings/js/ReadableStreamController.cpp:
(WebCore::createReadableStream): Deleted.
(WebCore::getReadableStreamReader): Deleted.
* bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
handled within JS built-in code.
* bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203632 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoHandle cases when IOSurface initialization fails.
zalan@apple.com [Sat, 23 Jul 2016 01:56:28 +0000 (01:56 +0000)]
Handle cases when IOSurface initialization fails.
https://bugs.webkit.org/show_bug.cgi?id=160006
<rdar://problem/27495102>

Reviewed by Tim Horton and Simon Fraser.

This is an additional fix to r203514 to check if IOSurface initialization was successful.

Unable to test.

Source/WebCore:

* platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::ImageBuffer::ImageBuffer):
* platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
* platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.
(WebCore::IOSurface::create):
(WebCore::IOSurface::createFromImage):
(WebCore::IOSurface::IOSurface):
(WebCore::IOSurface::convertToFormat):

Source/WebKit2:

* Shared/mac/RemoteLayerBackingStore.mm:
(WebKit::RemoteLayerBackingStore::encode):
(WebKit::RemoteLayerBackingStore::display):
(WebKit::RemoteLayerBackingStore::applyBackingStoreToLayer):
* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _takeViewSnapshot]):
(-[WKWebView _snapshotRect:intoImageOfWidth:completionHandler:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203631 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[iOS] Clients should be able to decide if they want secure text entry in a form field
commit-queue@webkit.org [Sat, 23 Jul 2016 01:19:50 +0000 (01:19 +0000)]
[iOS] Clients should be able to decide if they want secure text entry in a form field
https://bugs.webkit.org/show_bug.cgi?id=160109
rdar://problem/27504958

Patch by Chelsea Pugh <cpugh@apple.com> on 2016-07-22
Reviewed by Dan Bernstein.

* UIProcess/API/Cocoa/_WKFormInputSession.h:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKFormInputSession forceSecureTextEntry]): Getter.
(-[WKFormInputSession setForceSecureTextEntry:]): Setter.
(-[WKContentView textInputTraits]): If the form input session has specified that secure text
entry is desired, we should use secure text entry.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203630 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMedia controls should be displayed for media in media documents
wenson_hsieh@apple.com [Sat, 23 Jul 2016 00:47:32 +0000 (00:47 +0000)]
Media controls should be displayed for media in media documents
https://bugs.webkit.org/show_bug.cgi?id=160104
<rdar://problem/27438936>

Reviewed by Myles C. Maxfield.

Source/WebCore:

Make videos that would otherwise not have been large enough or have the right
aspect ratio cause media controls to appear. This is because media elements in
a media document are implied to be main content.

Added a new API test.

* html/MediaElementSession.cpp:
(WebCore::MediaElementSession::canControlControlsManager):

Tools:

Verifies that even a small video with audio in a media document gets media controls.

* TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203629 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAll dancers with bunny ears are female
mmaxfield@apple.com [Fri, 22 Jul 2016 23:45:52 +0000 (23:45 +0000)]
All dancers with bunny ears are female
https://bugs.webkit.org/show_bug.cgi?id=160102
<rdar://problem/27453479>

Reviewed by Simon Fraser.

Source/WebCore:

In r203330 I added support for new emoji group candidates. I accidentally
missed one of the new emoji code points.

Tests: editing/deleting/delete-emoji.html:
       fast/text/emoji-gender-2-9.html:
       fast/text/emoji-gender-9.html:
       fast/text/emoji-gender-fe0f-9.html:

* platform/text/CharacterProperties.h:
(WebCore::isEmojiGroupCandidate):

LayoutTests:

* editing/deleting/delete-emoji.html:
* platform/mac/editing/deleting/delete-emoji-expected.txt:
* fast/text/emoji-gender-2-9-expected.html:
* fast/text/emoji-gender-2-9.html:
* fast/text/emoji-gender-9-expected.html:
* fast/text/emoji-gender-9.html:
* fast/text/emoji-gender-fe0f-9-expected.html:
* fast/text/emoji-gender-fe0f-9.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203626 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION(203616): no FTL testing was inadvertently removed
msaboff@apple.com [Fri, 22 Jul 2016 23:17:13 +0000 (23:17 +0000)]
REGRESSION(203616): no FTL testing was inadvertently removed
https://bugs.webkit.org/show_bug.cgi?id=160100

Rubber-stamped by Filip Pizlo.

Added runNoFTL back into the set of tests we run on FTL enabled platforms.
Renamed runLayoutTestNoFTL to runLayoutTestDefault.  Restructured the test
logic for the runLayout and runNoisy variants to match the run test logic,
that is we always invoke runXXXDefault and invoke runXXXNoFTL for FTL
enabled platforms.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203625 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoParameter to HTMLCollection.item() / namedItem() should be mandatory
cdumez@apple.com [Fri, 22 Jul 2016 23:13:40 +0000 (23:13 +0000)]
Parameter to HTMLCollection.item() / namedItem() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160099

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to HTMLCollection.item() / namedItem() should be mandatory:
- https://dom.spec.whatwg.org/#interface-htmlcollection
- https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
- https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface

Firefox and Chrome agree with the specification.

No new tests, rebaselined existing tests.

* bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
(WebCore::JSHTMLFormControlsCollection::namedItem):
* html/HTMLCollection.idl:
* html/HTMLFormControlsCollection.idl:
* html/HTMLOptionsCollection.idl:

LayoutTests:

Update existing test to reflect behavior change.

* fast/dom/non-numeric-values-numeric-parameters-expected.txt:
* fast/dom/script-tests/non-numeric-values-numeric-parameters.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203624 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFirst parameter to Window.getComputedStyle() should be mandatory and non-nullable
cdumez@apple.com [Fri, 22 Jul 2016 22:56:15 +0000 (22:56 +0000)]
First parameter to Window.getComputedStyle() should be mandatory and non-nullable
https://bugs.webkit.org/show_bug.cgi?id=160097

Reviewed by Ryosuke Niwa.

Source/WebCore:

First parameter to Window.getComputedStyle() should be mandatory and
non-nullable:
- https://drafts.csswg.org/cssom/#extensions-to-the-window-interface

Firefox and Chrome agree with the specification.

Test: fast/dom/Window/getComputedStyle-missing-parameter.html

* css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
(WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
(WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
(WebCore::CSSComputedStyleDeclaration::copyProperties):
(WebCore::CSSComputedStyleDeclaration::length):
(WebCore::CSSComputedStyleDeclaration::item):
(WebCore::CSSComputedStyleDeclaration::getPropertyValue):
* css/CSSComputedStyleDeclaration.h:
* dom/Document.idl:
* inspector/InspectorCSSAgent.cpp:
(WebCore::InspectorCSSAgent::getComputedStyleForNode):
* page/DOMWindow.cpp:
(WebCore::DOMWindow::getComputedStyle):
* page/DOMWindow.h:
* page/DOMWindow.idl:
* testing/Internals.cpp:
(WebCore::Internals::computedStyleIncludingVisitedInfo):
* testing/Internals.h:
* testing/Internals.idl:

LayoutTests:

Add test coverage.

* fast/dom/Window/getComputedStyle-missing-parameter-expected.txt: Added.
* fast/dom/Window/getComputedStyle-missing-parameter.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203623 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemoving IndexedDatabases that have stored blobs doesn't remove the blob files.
beidson@apple.com [Fri, 22 Jul 2016 22:32:01 +0000 (22:32 +0000)]
Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
https://bugs.webkit.org/show_bug.cgi?id=160089

Reviewed by Darin Adler.

Source/WebCore:

Tested by API test IndexedDB.StoreBlobThenDelete.

Blob filenames exist in the IDB directory with the name "[0-9]+.blob".

That is, one or more digits, followed by ".blob".

So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.

* Modules/indexeddb/server/IDBServer.cpp:
(WebCore::IDBServer::removeAllDatabasesForOriginPath):

Tools:

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit2Cocoa/StoreBlobThenDelete.mm: Added.
* TestWebKitAPI/Tests/WebKit2Cocoa/StoreBlobToBeDeleted.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203622 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoTeach MarkedSpace how to allocate auxiliary storage
fpizlo@apple.com [Fri, 22 Jul 2016 22:14:44 +0000 (22:14 +0000)]
Teach MarkedSpace how to allocate auxiliary storage
https://bugs.webkit.org/show_bug.cgi?id=160053

Reviewed by Sam Weinig.

Previously, we had two kinds of subspaces in MarkedSpace: destructor and non-destructor. This
was described using "bool needsDestruction" that would get passed around. We'd iterate over
these spaces using duplicated code - one loop for destructors and one for non-destructors, or
a single loop that does one thing for destructors and one for non-destructors.

But now we want a third subspace: non-destructor non-JSCell, aka Auxiliary.

So, this changes all of the reflection and iteration over subspaces to use functors, so that
the looping is written once and reused. Most places don't even have to know that there is a
third subspace; they just know that they must do things for each subspace, for each
allocator, or for each block - and the functor magic handles it for you.

To make this somewhat nice, this change also fixes how we describe subspaces. Instead of a
bool, we now have AllocatorAttributes, which is a struct. If we ever add more subspaces, we
can add fields to AllocatorAttributes to describe how those subspaces differ. For now it just
contains two properties: a DestructionMode and a HeapCell::Kind. The DesctructionMode
replaces bool needsDestruction. I deliberately used a non-class enum to avoid tautologies.
DestructionMode has two members: NeedsDestruction and DoesNotNeedDestruction. I almost went
with DestructionMode::Needed and DestructionMode::NotNeeded, but I felt like that involves
more typing and doesn't actually avoid any kind of namespace issues.

This is intended to have no behavior change other than the addition of a totally unused
space, which should always be empty. So hopefully it doesn't cost anything.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* heap/AllocatorAttributes.cpp: Added.
(JSC::AllocatorAttributes::dump):
* heap/AllocatorAttributes.h: Added.
(JSC::AllocatorAttributes::AllocatorAttributes):
* heap/DestructionMode.cpp: Added.
(WTF::printInternal):
* heap/DestructionMode.h: Added.
* heap/Heap.h:
* heap/MarkedAllocator.cpp:
(JSC::MarkedAllocator::allocateBlock):
(JSC::MarkedAllocator::addBlock):
* heap/MarkedAllocator.h:
(JSC::MarkedAllocator::cellSize):
(JSC::MarkedAllocator::attributes):
(JSC::MarkedAllocator::needsDestruction):
(JSC::MarkedAllocator::destruction):
(JSC::MarkedAllocator::cellKind):
(JSC::MarkedAllocator::heap):
(JSC::MarkedAllocator::takeLastActiveBlock):
(JSC::MarkedAllocator::MarkedAllocator):
(JSC::MarkedAllocator::init):
(JSC::MarkedAllocator::allocate):
* heap/MarkedBlock.cpp:
(JSC::MarkedBlock::create):
(JSC::MarkedBlock::destroy):
(JSC::MarkedBlock::MarkedBlock):
(JSC::MarkedBlock::callDestructor):
(JSC::MarkedBlock::sweep):
(JSC::MarkedBlock::stopAllocating):
(JSC::MarkedBlock::didRetireBlock):
* heap/MarkedBlock.h:
(JSC::MarkedBlock::cellSize):
(JSC::MarkedBlock::attributes):
(JSC::MarkedBlock::needsDestruction):
(JSC::MarkedBlock::destruction):
(JSC::MarkedBlock::cellKind):
(JSC::MarkedBlock::size):
(JSC::MarkedBlock::forEachCell):
(JSC::MarkedBlock::forEachLiveCell):
(JSC::MarkedBlock::forEachDeadCell):
* heap/MarkedSpace.cpp:
(JSC::MarkedSpace::MarkedSpace):
(JSC::MarkedSpace::~MarkedSpace):
(JSC::MarkedSpace::lastChanceToFinalize):
(JSC::MarkedSpace::resetAllocators):
(JSC::MarkedSpace::forEachAllocator):
(JSC::MarkedSpace::stopAllocating):
(JSC::MarkedSpace::resumeAllocating):
(JSC::MarkedSpace::isPagedOut):
(JSC::MarkedSpace::freeBlock):
(JSC::MarkedSpace::shrink):
(JSC::MarkedSpace::clearNewlyAllocated):
(JSC::clearNewlyAllocatedInBlock): Deleted.
* heap/MarkedSpace.h:
(JSC::MarkedSpace::subspaceForObjectsWithDestructor):
(JSC::MarkedSpace::subspaceForObjectsWithoutDestructor):
(JSC::MarkedSpace::subspaceForAuxiliaryData):
(JSC::MarkedSpace::allocatorFor):
(JSC::MarkedSpace::destructorAllocatorFor):
(JSC::MarkedSpace::auxiliaryAllocatorFor):
(JSC::MarkedSpace::allocateWithoutDestructor):
(JSC::MarkedSpace::allocateWithDestructor):
(JSC::MarkedSpace::allocateAuxiliary):
(JSC::MarkedSpace::forEachBlock):
(JSC::MarkedSpace::didAddBlock):
(JSC::MarkedSpace::capacity):
(JSC::MarkedSpace::forEachSubspace):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203621 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Improved exclusion patterns in make-dist.py manifest.
annulen@yandex.ru [Fri, 22 Jul 2016 22:14:19 +0000 (22:14 +0000)]
[GTK] Improved exclusion patterns in make-dist.py manifest.
https://bugs.webkit.org/show_bug.cgi?id=160094

Reviewed by Michael Catanzaro.

* gtk/manifest.txt.in:
Exclude Platform*.cmake files for more ports.
Removed obsolete .gyp and .pro.user patterns.
Exclude 'Configurations' and 'spi' directories.
Exclude CMakeLists.txt.user (Qt Creator IDE).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203620 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMarking webaudio/audionode-connect-order.html as a flaky crash on mac-wk1 debug
ryanhaddad@apple.com [Fri, 22 Jul 2016 22:07:22 +0000 (22:07 +0000)]
Marking webaudio/audionode-connect-order.html as a flaky crash on mac-wk1 debug
https://bugs.webkit.org/show_bug.cgi?id=105870

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203619 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoGet rid of an unused API typedef
andersca@apple.com [Fri, 22 Jul 2016 22:06:11 +0000 (22:06 +0000)]
Get rid of an unused API typedef
https://bugs.webkit.org/show_bug.cgi?id=160103

Reviewed by Sam Weinig.

* Shared/API/c/WKSharedAPICast.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203618 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMarking userscripts/window-onerror-for-isolated-world-3.html as a flaky failure on...
ryanhaddad@apple.com [Fri, 22 Jul 2016 21:58:32 +0000 (21:58 +0000)]
Marking userscripts/window-onerror-for-isolated-world-3.html as a flaky failure on mac-wk1
https://bugs.webkit.org/show_bug.cgi?id=160101

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203617 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoDon't run FTL related JSC stress tests on non-FTL platforms
msaboff@apple.com [Fri, 22 Jul 2016 20:53:41 +0000 (20:53 +0000)]
Don't run FTL related JSC stress tests on non-FTL platforms
https://bugs.webkit.org/show_bug.cgi?id=160033

Reviewed by Mark Lam.

Added check for running tests on platforms that don't enable FTL to not run FTL tests.
Refactored several of the runXXX test methods to always runXXXDefault and made those
runXXXDefault to pass FTL_OPTIONS.  For platforms that don't enable the FTL, FTL_OPTIONS
doesn't cause a problem.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203616 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION(r203537): It made many tests crash on ARMv7 Linux platforms
sbarati@apple.com [Fri, 22 Jul 2016 20:38:28 +0000 (20:38 +0000)]
REGRESSION(r203537): It made many tests crash on ARMv7 Linux platforms
https://bugs.webkit.org/show_bug.cgi?id=160082

Reviewed by Keith Miller.

We were improperly linking the Jump in the link buffer.
It caused us to be linking against the executable address
which always has bit 0 set. We shouldn't be doing that.
This patch fixes this, by using the same idiom that
PolymorphicAccess uses to link a jump to out of line code.

* jit/JITMathIC.h:
(JSC::JITMathIC::generateOutOfLine):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203615 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Remove unused code from Debounce layout test
mattbaker@apple.com [Fri, 22 Jul 2016 20:36:31 +0000 (20:36 +0000)]
Web Inspector: Remove unused code from Debounce layout test
https://bugs.webkit.org/show_bug.cgi?id=160049
<rdar://problem/27479713>

Reviewed by Joseph Pecoraro.

* inspector/unit-tests/debounce-expected.txt:
Updated with new delay times.

* inspector/unit-tests/debounce.html:
Remove unused code that was copy-pasted from other tests, and reduced
delay times from 100ms to 10ms to speed up test.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203614 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r203603.
commit-queue@webkit.org [Fri, 22 Jul 2016 20:35:07 +0000 (20:35 +0000)]
Unreviewed, rolling out r203603.
https://bugs.webkit.org/show_bug.cgi?id=160096

Caused CLoop tests to fail with assertions (Requested by
perarne on #webkit).

Reverted changeset:

"[Win] jsc.exe sometimes never exits."
https://bugs.webkit.org/show_bug.cgi?id=158073
http://trac.webkit.org/changeset/203603

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203613 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix default parameter values for window.alert() / prompt() / confirm()
cdumez@apple.com [Fri, 22 Jul 2016 20:34:18 +0000 (20:34 +0000)]
Fix default parameter values for window.alert() / prompt() / confirm()
https://bugs.webkit.org/show_bug.cgi?id=160085

Reviewed by Ryosuke Niwa.

Source/WebCore:

Fix default parameter values for window.alert() / prompt() / confirm() to
match the specification:
- https://html.spec.whatwg.org/multipage/browsers.html#the-window-object

They should default to the empty string, not the string "undefined".

Firefox and chrome agree with the specification.

No new tests, updated existing test.

* page/DOMWindow.h:
* page/DOMWindow.idl:

LayoutTests:

Update existing test to reflect behavior change.

* fast/dom/Window/alert-undefined-expected.txt:
* fast/dom/Window/alert-undefined.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203612 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCSP: object-src and plugin-types directives are not respected for plugin replacements
dbates@webkit.org [Fri, 22 Jul 2016 20:33:11 +0000 (20:33 +0000)]
CSP: object-src and plugin-types directives are not respected for plugin replacements
https://bugs.webkit.org/show_bug.cgi?id=159761
<rdar://problem/27365724>

Reviewed by Brent Fulgham.

Source/WebCore:

Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
load with a plugin replacement.

Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
       security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
       security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
       security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
       security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
       security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
       security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
       security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html

* html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
(WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
are allowed to load such content.
* html/HTMLPlugInImageElement.h:
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
earlier in HTMLPlugInImageElement::requestObject().
(WebCore::SubframeLoader::requestPlugin): Ditto.
(WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
to HTMLPlugInImageElement::allowedToLoadPluginContent().
(WebCore::SubframeLoader::requestObject): Deleted.
* loader/SubframeLoader.h:
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
function to a const function since these functions do not modify |this|.
* page/csp/ContentSecurityPolicy.h:

LayoutTests:

Add layout tests to ensure that we apply the CSP object-src and plugin-types directives to content
that loads with either the QuickTime plugin replacement or YouTube plugin replacement.

* security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement-expected.txt: Added.
* security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html: Added.
* security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement-expected.txt: Added.
* security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html: Added.
* security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement-expected.txt: Added.
* security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html: Added.
* security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement-expected.txt: Added.
* security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html: Added.
* security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-expected.txt: Added.
* security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type-expected.txt: Added.
* security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html: Added.
* security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html: Added.
* security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-expected.txt: Added.
* security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type-expected.txt: Added.
* security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html: Added.
* security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203611 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoParameters to Node.replaceChild() / insertBefore() should be mandatory
cdumez@apple.com [Fri, 22 Jul 2016 19:54:13 +0000 (19:54 +0000)]
Parameters to Node.replaceChild() / insertBefore() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160091

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameters to Node.replaceChild() / insertBefore() should be mandatory:
- https://dom.spec.whatwg.org/#node

The compatibility risk should be low since Firefox and Chrome both agree
with the specification and because it does not make much sense to omit
parameters when using this API.

No new tests, rebaselined existing tests.

* bindings/js/JSNodeCustom.cpp:
(WebCore::JSNode::insertBefore):
(WebCore::JSNode::replaceChild):

LayoutTests:

Update existing tests due to the behavior change.

* fast/block/basic/empty-anonymous-block-remove-crash.html:
* fast/html/details-summary-document-child.html:
* fast/repaint/focus-ring-with-negative-offset-repaint.html:
* svg/animations/mpath-remove-from-dependents-on-delete-crash.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203610 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoParameter to Node.contains() should be mandatory
cdumez@apple.com [Fri, 22 Jul 2016 19:34:58 +0000 (19:34 +0000)]
Parameter to Node.contains() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160084

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Node.contains() should be mandatory as per the
specification:
- https://dom.spec.whatwg.org/#node

The compatibility risk should be low because both Firefox and Chrome
both agree with the specification. Also, it does not make much sense
to call this API without parameter.

No new tests, rebaselined existing tests.

* dom/Node.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203609 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the...
commit-queue@webkit.org [Fri, 22 Jul 2016 18:45:40 +0000 (18:45 +0000)]
[iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
https://bugs.webkit.org/show_bug.cgi?id=159933

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-07-22
Reviewed by Simon Fraser.

We need to use the scaled size when deciding whether to cache the PDF image
or not. This is because ImageBuffer takes the display resolution into account
which gives higher resolution for the image when zooming.

* platform/graphics/cg/PDFDocumentImage.cpp:
(WebCore::PDFDocumentImage::updateCachedImageIfNeeded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFirst parameter to getElementById() should be mandatory
cdumez@apple.com [Fri, 22 Jul 2016 18:39:47 +0000 (18:39 +0000)]
First parameter to getElementById() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160087

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

First parameter to getElementById() should be mandatory:
- https://dom.spec.whatwg.org/#nonelementparentnode
- https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement

Both Firefox and Chrome agree with the specification.

Test: svg/dom/SVGSVGElement-getElementById.html

* dom/NonElementParentNode.idl:
* svg/SVGSVGElement.idl:

LayoutTests:

Add layout test coverage for SVGSVGElement.getElementById().

* svg/dom/SVGSVGElement-getElementById-expected.txt: Added.
* svg/dom/SVGSVGElement-getElementById.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203605 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoParameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should...
cdumez@apple.com [Fri, 22 Jul 2016 18:34:56 +0000 (18:34 +0000)]
Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160086

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
should be mandatory:
- https://dom.spec.whatwg.org/#node

Firefox and Chrome both agree with the specification.

No new tests, rebaselined existing tests.

* dom/Node.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203604 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Win] jsc.exe sometimes never exits.
pvollan@apple.com [Fri, 22 Jul 2016 18:26:04 +0000 (18:26 +0000)]
[Win] jsc.exe sometimes never exits.
https://bugs.webkit.org/show_bug.cgi?id=158073

Reviewed by Mark Lam.

Make sure the VM is deleted after the test has finished. This will gracefully stop the sampling profiler thread,
and give the thread the opportunity to release the machine thread lock aquired in SamplingProfiler::takeSample.
If the sampling profiler thread was terminated while holding the machine thread lock, the machine thread will
not be able to grab the lock afterwards.

* jsc.cpp:
(jscmain):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203603 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCorrect a TestExpectation by changing it from Failure to ImageOnlyFailure
ryanhaddad@apple.com [Fri, 22 Jul 2016 16:57:53 +0000 (16:57 +0000)]
Correct a TestExpectation by changing it from Failure to ImageOnlyFailure

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203602 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoParameter to Node.compareDocumentPosition() should be mandatory and non-nullable
cdumez@apple.com [Fri, 22 Jul 2016 16:01:48 +0000 (16:01 +0000)]
Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
https://bugs.webkit.org/show_bug.cgi?id=160071

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Node.compareDocumentPosition() should be mandatory and
non-nullable:
- https://dom.spec.whatwg.org/#interface-node

Firefox and Chrome agree with the specification so the compatibility
risk should be low. Also, it does not make much sense to call this
operation without parameter.

No new tests, rebaselined existing tests.

* accessibility/AccessibilityObject.cpp:
(WebCore::rangeClosestToRange):
* dom/AuthorStyleSheets.cpp:
(WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
* dom/Node.cpp:
(WebCore::compareDetachedElementsPosition):
(WebCore::Node::compareDocumentPosition):
* dom/Node.h:
* dom/Node.idl:
* dom/Position.h:
(WebCore::operator<):
* html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
(WebCore::HTMLFormElement::formElementIndex):
* rendering/RenderNamedFlowThread.cpp:
(WebCore::RenderNamedFlowThread::nextRendererForElement):
(WebCore::compareRenderNamedFlowFragments):
(WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203601 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix the Windows 64-bit build after r203537
pvollan@apple.com [Fri, 22 Jul 2016 15:55:20 +0000 (15:55 +0000)]
Fix the Windows 64-bit build after r203537
https://bugs.webkit.org/show_bug.cgi?id=160080

Reviewed by Csaba Osztrogonác.

Added new version of setupArgumentsWithExecState method.

* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203600 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[cmake] Removed obsolete plugins/win directory
annulen@yandex.ru [Fri, 22 Jul 2016 15:52:52 +0000 (15:52 +0000)]
[cmake] Removed obsolete plugins/win directory
https://bugs.webkit.org/show_bug.cgi?id=160081

Reviewed by Per Arne Vollan.

It was removed in r178219.

No new tests needed.

* PlatformWin.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203599 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agorun-safari doesn't work with Safari 10 on 10.11
mitz@apple.com [Fri, 22 Jul 2016 15:11:50 +0000 (15:11 +0000)]
run-safari doesn't work with Safari 10 on 10.11
https://bugs.webkit.org/show_bug.cgi?id=159958
<rdar://problem/27422805>

Reviewed by Alexey Proskuryakov.

Safari’s injected bundle may depend on the newer versions of frameworks installed in a
staging location. Have the engineering builds of the Web Content service look for newer
versions in that location.

* Configurations/BaseTarget.xcconfig: Shortened a linker flag.

* Configurations/BaseXPCService.xcconfig: Increased Mach-O header padding in production
  builds to allow for more dyld environment commands to be added after the fact.

* Configurations/DebugRelease.xcconfig: Have the new
  WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG set to YES for macOS
  engineering builds.

* Configurations/WebContentService.xcconfig: Include the versioned frameworks whenever
  WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG is set to YES. Have the
  value of WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG default to
  the value of USE_STAGING_INSTALL_PATH, while letting DebugRelease.xcconfig override it.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203598 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoIWebView::mainFrame crashes if called after IWebView::close
pvollan@apple.com [Fri, 22 Jul 2016 12:40:26 +0000 (12:40 +0000)]
IWebView::mainFrame crashes if called after IWebView::close
https://bugs.webkit.org/show_bug.cgi?id=32868

Reviewed by Brent Fulgham.

Source/WebKit/win:

After deleting the page in WebView::close the mainframe object may be deleted.

Test: Tools/TestWebKitAPI/Tests/WebKit/win/WebViewDestruction.cpp (CloseThenGetMainFrame).

* WebView.cpp:
(WebView::close): set mainframe pointer member to null.

Tools:

* TestWebKitAPI/Tests/WebKit/win/WebViewDestruction.cpp:
(TestWebKitAPI::TEST_F): Added test.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203597 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Enable threaded compositor by default
carlosgc@webkit.org [Fri, 22 Jul 2016 10:24:03 +0000 (10:24 +0000)]
[GTK] Enable threaded compositor by default
https://bugs.webkit.org/show_bug.cgi?id=160079

Reviewed by Žan Doberšek.

.:

* Source/cmake/OptionsGTK.cmake:

Tools:

* Scripts/webkitperl/FeatureList.pm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203596 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[ARM] Unreviewed EABI buildfix after r203537.
ossy@webkit.org [Fri, 22 Jul 2016 10:00:58 +0000 (10:00 +0000)]
[ARM] Unreviewed EABI buildfix after r203537.

* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState): Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203595 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agorun-builtins-generator-tests should be able to test WebCore builtins wrapper with...
commit-queue@webkit.org [Fri, 22 Jul 2016 08:32:12 +0000 (08:32 +0000)]
run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
https://bugs.webkit.org/show_bug.cgi?id=159921

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-22
Reviewed by Brian Burg.

Source/JavaScriptCore:

Updated built-in generator to generate only wrapper files when passed the --wrappers-only option.
When this option is used, wrapper files are generated but no individual file is generated.
When this option is not used, individual files are generated but not wrapper file is generated.
This allows the builtin generator test runner to generate a single WebCore-Wrappers.h-result generated for all
WebCore test files, like used for real in WebCore.
Previously wrapper code was generated individually for each WebCore test file.

Added new built-in test file to cover the case of concatenating several guards in generated WebCore wrapper files.

* Scripts/generate-js-builtins.py:
(concatenated_output_filename): Compute a decent name for wrapper files in case of test mode.
(generate_bindings_for_builtins_files): When --wrappers-only is activated, this generates only the wrapper files, not the individual files.
* Scripts/tests/builtins/WebCore-AnotherGuardedInternalBuiltin-Separate.js: Added.
* Scripts/tests/builtins/expected/WebCore-AnotherGuardedInternalBuiltin-Separate.js-result: Added.
* Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result: Removed wrapper code.
* Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result: Ditto.
* Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result: Ditto.
* Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result: Ditto.
* Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result: Removed wrapper code.
* Scripts/tests/builtins/expected/WebCoreJSBuiltins.h-result: Added, contains wrapper code for all WebCore valid test cases.

Source/WebCore:

Covered by existing and added built-ins tests.

Updating built system according ---wrappers-only new meaning.
builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
WebCore wrapper files allow handling things like conditionally guarded features.
They also remove the need to use built-ins macros outside generated code.

* CMakeLists.txt:
* DerivedSources.make:

Tools:

Updated builtin generator test runner to generate WebCore wrapper files based on all WebCore valid separate files.

* Scripts/webkitpy/codegen/main.py:
(BuiltinsGeneratorTests.generate_from_js_builtins): Passing a list of builtin files to the script.
(BuiltinsGeneratorTests):
(BuiltinsGeneratorTests.single_builtin_test): Added to handle the case of single builtin generation.
(BuiltinsGeneratorTests.wrappers_builtin_test): Added to handle the case of WebCore wrappers builtin generation.
(BuiltinsGeneratorTests.run_test): Helper routine to run a test in reset mode or normal check mode.
(BuiltinsGeneratorTests.run_tests): Updated to add WebCore wrappers builtin generation test.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203554 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMove parsing of accentunder and accent attributes from renderer to element classes
fred.wang@free.fr [Fri, 22 Jul 2016 05:33:01 +0000 (05:33 +0000)]
Move parsing of accentunder and accent attributes from renderer to element classes
https://bugs.webkit.org/show_bug.cgi?id=159625

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-21
Reviewed by Brent Fulgham.

We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
accent and accentunder attributes. This is one more step toward moving MathML attribute
parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
and constructors can take a more accurate element type.

No new tests, already covered by existing test.

* CMakeLists.txt: Add MathMLUnderOverElement files.
* WebCore.xcodeproj/project.pbxproj: Ditto.
* mathml/MathMLAllInOne.cpp: Ditto.
* mathml/MathMLElement.cpp:
(WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
* mathml/MathMLElement.h: New type and helper functions for boolean attributes.
* mathml/MathMLInlineContainerElement.cpp:
(WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
under/over/underover elements.
* mathml/MathMLScriptsElement.cpp:
(WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
errors now that MathMLUnderOverElement overrides that class.
* mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
* mathml/MathMLUnderOverElement.cpp:
(WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
(WebCore::MathMLUnderOverElement::create):
(WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
(WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
(WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
(WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
* mathml/MathMLUnderOverElement.h:
* mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
* rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
take a MathMLFractionElement.
(WebCore::RenderMathMLFraction::RenderMathMLFraction):
* rendering/mathml/RenderMathMLFraction.h:
* rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
take a MathMLPaddedElement.
(WebCore::RenderMathMLPadded::RenderMathMLPadded):
* rendering/mathml/RenderMathMLPadded.h:
* rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
take a MathMLScriptsElement. Also rename scriptsElement() to element().
(WebCore::RenderMathMLScripts::RenderMathMLScripts):
(WebCore::RenderMathMLScripts::element):
(WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
(WebCore::RenderMathMLScripts::scriptsElement): Deleted.
* rendering/mathml/RenderMathMLScripts.h:
* rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
take a RenderMathMLUnderOver.
(WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
(WebCore::RenderMathMLUnderOver::element):
(WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
* rendering/mathml/RenderMathMLUnderOver.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203553 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoParameter to Node.isSameNode() / isEqualNode() should be mandatory
cdumez@apple.com [Fri, 22 Jul 2016 04:51:28 +0000 (04:51 +0000)]
Parameter to Node.isSameNode() / isEqualNode() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160070

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
per the specification:
- https://dom.spec.whatwg.org/#interface-node

Chrome and Firefox agree with the specification (although Firefox does
not support isSameNode()).

No new tests, rebaselined existing tests.

* dom/Node.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203552 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Mac] webkitdirs.pm contains unused code to support outdated OS X and Xcode versions
mitz@apple.com [Fri, 22 Jul 2016 04:45:20 +0000 (04:45 +0000)]
[Mac] webkitdirs.pm contains unused code to support outdated OS X and Xcode versions
https://bugs.webkit.org/show_bug.cgi?id=160072

Reviewed by Andy Estes.

* Scripts/webkitdirs.pm:
(readXcodeUserDefault): Changed to take a defaults key rather than a suffix. Removed support
  for old Xcode versions.
(determineBaseProductDir): Removed support for old Xcode versions. Updated for the change
  to readXcodeUserDefault.
(debugger): Deleted. This was only used for Darwin, where LLDB is now the only supported
  debugger.
(determineDebugger): Ditto.
(checkRequiredSystemConfig): Updated to require at least OS X Yosemite v10.10.5 and Xcode
  7.0.
(printHelpAndExitForRunAndDebugWebKitAppIfNeeded): Removed --use-gdb and --use-lldb
  switches.
(execMacWebKitAppForDebugging): Removed support for GDB.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203551 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoParameter to Document.createEvent() should be mandatory
cdumez@apple.com [Fri, 22 Jul 2016 03:29:16 +0000 (03:29 +0000)]
Parameter to Document.createEvent() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160065

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Document.createEvent() should be mandatory as per the
specification:
- https://dom.spec.whatwg.org/#document

We already throw anyway when the parameter is omitted because we use
"undefined" as event type, which is invalid. However, we throw the
wrong exception.

Firefox and Chrome agree with the specification here.

No new tests, rebaselined existing tests.

* dom/Document.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203550 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGe...
bburg@apple.com [Fri, 22 Jul 2016 03:00:07 +0000 (03:00 +0000)]
REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
https://bugs.webkit.org/show_bug.cgi?id=160031

Reviewed by Darin Adler.

This bug was caused by a refactoring 6 years ago. Not all uses of a variable
were renamed, so the ObjC bindings target pattern was not specifying any
build scripts as target dependencies.

* DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203549 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove unneeded content attribute name "playsinline"
darin@apple.com [Fri, 22 Jul 2016 02:43:10 +0000 (02:43 +0000)]
Remove unneeded content attribute name "playsinline"
https://bugs.webkit.org/show_bug.cgi?id=160069

Reviewed by Chris Dumez.

* html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
attribute since it is the same as the name that the code generator will generate.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203548 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMake parameters to Element.getElementsBy*() operations mandatory
cdumez@apple.com [Fri, 22 Jul 2016 02:42:27 +0000 (02:42 +0000)]
Make parameters to Element.getElementsBy*() operations mandatory
https://bugs.webkit.org/show_bug.cgi?id=160060

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Make parameters to Element.getElementsBy*() operations mandatory to
match the specification:
- https://dom.spec.whatwg.org/#interface-element

Firefox and Chrome agree with the specification so the compatibility
risk should be low.

It makes very little sense to call these operations without parameter,
especially considering WebKit uses the string "undefined" if the
parameter is omitted.

No new tests, rebaselined existing tests.

* dom/Element.idl:

LayoutTests:

Drop cases that were calling the operation without parameter.

* fast/dom/getElementsByClassName/dumpHTMLCollection-expected.txt:
* fast/dom/getElementsByClassName/dumpHTMLCollection.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203547 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMake parameters mandatory for attribute-related API on Element
cdumez@apple.com [Fri, 22 Jul 2016 02:21:23 +0000 (02:21 +0000)]
Make parameters mandatory for attribute-related API on Element
https://bugs.webkit.org/show_bug.cgi?id=160059

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Make parameters mandatory for attribute-related API on Element to match
the specification:
- https://dom.spec.whatwg.org/#element

Firefox and Chrome agree with the specification. Calling this API
without the parameters does not make much sense, especially considering
WebKit uses the string "undefined" when the parameter is omitted.

No new tests, rebaselined existing tests.

* dom/Element.idl:

LayoutTests:

Update existing layout tests to reflect the behavior change.

* fast/dom/Element/script-tests/setAttributeNS-namespace-err.js:
* fast/dom/Element/setAttributeNS-namespace-err-expected.txt:
* fast/dom/HTMLHrElement/hr-color-noshade-attribute.html:
* fast/dom/attribute-downcast-right.html:
* fast/images/style-access-during-imageChanged-style-freeze.html:
* fast/selectors/read-only-read-write-input-basics.html:
* fast/selectors/read-only-read-write-textarea-basics.html:
* media/video-playsinline-expected.txt:
* media/video-playsinline.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203546 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
mmaxfield@apple.com [Fri, 22 Jul 2016 01:40:22 +0000 (01:40 +0000)]
Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
https://bugs.webkit.org/show_bug.cgi?id=160066

Reviewed by Dean Jackson.

Source/WebCore:

r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
allowsInlineMediaPlaybackWithPlaysInlineAttribute and
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
to the public. Therefore, it can be removed safely.

No new tests because there is no behavior change.

* page/Settings.cpp:
* page/Settings.in:
* testing/InternalSettings.cpp:
(WebCore::InternalSettings::Backup::Backup): Deleted.
(WebCore::InternalSettings::Backup::restoreTo): Deleted.
(WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
* testing/InternalSettings.h:
* testing/InternalSettings.idl:

Source/WebKit/mac:

* WebView/WebPreferenceKeysPrivate.h:
* WebView/WebPreferences.mm:
(+[WebPreferences initialize]): Deleted.
(-[WebPreferences inlineMediaPlaybackRequiresPlaysInlineAttribute]): Deleted.
(-[WebPreferences setInlineMediaPlaybackRequiresPlaysInlineAttribute:]): Deleted.
* WebView/WebPreferencesPrivate.h:
* WebView/WebView.mm:
(-[WebView _preferencesChanged:]): Deleted.

Source/WebKit2:

* Shared/WebPreferencesDefinitions.h:
* UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
(WKPreferencesGetInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
* UIProcess/API/C/WKPreferencesRefPrivate.h:
* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]): Deleted.
* UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]): Deleted.
(-[WKWebViewConfiguration copyWithZone:]): Deleted.
(-[WKWebViewConfiguration _inlineMediaPlaybackRequiresPlaysInlineAttribute]): Deleted.
(-[WKWebViewConfiguration _setInlineMediaPlaybackRequiresPlaysInlineAttribute:]): Deleted.
* UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences): Deleted.

Tools:

* DumpRenderTree/mac/DumpRenderTree.mm:
(setDefaultsToConsistentValuesForTesting): Deleted.
* TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:
(RequiresUserActionForPlaybackTest::SetUp): Deleted.
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetPreferencesToConsistentValues): Deleted.
* WebKitTestRunner/cocoa/TestControllerCocoa.mm:
(WTR::initializeWebViewConfiguration): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203545 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agocallOperation(.) variants in the DFG that explicitly take a tag/payload register...
sbarati@apple.com [Fri, 22 Jul 2016 01:01:14 +0000 (01:01 +0000)]
callOperation(.) variants in the DFG that explicitly take a tag/payload register should take a JSValueRegs instead
https://bugs.webkit.org/show_bug.cgi?id=160007

Reviewed by Filip Pizlo.

This patch is the first step in my plan to remove all callOperation(.) variants
in the various JITs and to unify them using a couple template variations.
The steps are as follows:
1. Replace all explicit tag/payload pairs with JSValueRegs in the DFG
2. Replace all explicit tag/payload pairs with JSValueRegs in the baseline
3. remove callOperation(.) variants and teach setupArgumentsWithExecState
   about JSValueRegs.

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
(JSC::DFG::SpeculativeJIT::compileValueAdd):
(JSC::DFG::SpeculativeJIT::compileGetDynamicVar):
(JSC::DFG::SpeculativeJIT::compilePutDynamicVar):
(JSC::DFG::SpeculativeJIT::compilePutAccessorByVal):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
(JSC::DFG::CompareAndBoxBooleanSlowPathGenerator::generateInternal):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompare):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
(JSC::DFG::SpeculativeJIT::compile):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203544 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the...
dino@apple.com [Fri, 22 Jul 2016 00:48:02 +0000 (00:48 +0000)]
REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
https://bugs.webkit.org/show_bug.cgi?id=159981
<rdar://problem/27429465>

Reviewed by Myles Maxfield.

Source/WebCore:

The change to propagate color spaces through ImageBuffers created an
alternate version of createCompatibleBuffer. This version accidentally
attempted to take the display resolution (i.e. hidpi) into account
when creating the buffer, which meant it was being applied twice.

The fix is simply to remove that logic. The caller of the method
will take the resolution into account, the same way they did
with the old createCompatibleBuffer method.

Test: fast/hidpi/pdf-image-scaled.html

* platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
a resolution - just use the value of 1.0.

LayoutTests:

* fast/hidpi/pdf-image-scaled-expected.html: Added.
* fast/hidpi/pdf-image-scaled.html: Added.
* fast/hidpi/resources/circle.pdf: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203543 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoBlock mixed content synchronous XHR
wilander@apple.com [Fri, 22 Jul 2016 00:44:27 +0000 (00:44 +0000)]
Block mixed content synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=105462
<rdar://problem/13666424>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html

* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::loadRequest):

LayoutTests:

* http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame-expected.txt: Added.
* http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html: Added.
* http/tests/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203542 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[iOS] Apps using WKWebView will crash if they set the scroll view's delegate and...
commit-queue@webkit.org [Fri, 22 Jul 2016 00:11:14 +0000 (00:11 +0000)]
[iOS] Apps using WKWebView will crash if they set the scroll view's delegate and don't nil it out later
https://bugs.webkit.org/show_bug.cgi?id=159980
rdar://problem/27450825

Patch by Chelsea Pugh <cpugh@apple.com> on 2016-07-21
Reviewed by Dan Bernstein.

Source/WebKit2:

The root cause of this crash is that we are not abiding the UIScrollView API that the scroll view
delegate property should be weak. If setters of this delegate do not know that, since the WKWebView
exposes the scroll view as a UIScrollView, they may forget to nil out the delegate they set and will
then crash.

* UIProcess/ios/WKScrollView.mm:
(-[WKScrollViewDelegateForwarder methodSignatureForSelector:]): Get a RetainPtr holding the
external delegate and use where needed.
(-[WKScrollViewDelegateForwarder respondsToSelector:]): Ditto.
(-[WKScrollViewDelegateForwarder forwardInvocation:]): Ditto.
(-[WKScrollViewDelegateForwarder forwardingTargetForSelector:]): Ditto. When returning a reference
to the external delegate, get a retained and autoreleased reference so the caller needn't release
the object when done.
(-[WKScrollView delegate]): Ditto.
(-[WKScrollView _updateDelegate]): Get a RetainPtr holding the external delegate that can be
used throughout this method. Use the RetainPtr to get the external delegate for setting super's
delegate as well as creating the delegate forwarder.
(-[WKScrollView setDelegate:]): Get a RetainPtr holding the external delegate and use its value for
comparison to the object we are setting the external delegate to.

Tools:

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/ios/WKScrollViewDelegateCrash.mm: Added.
(-[TestDelegateForScrollView dealloc]): Update delegateIsDeallocated to true so that we can tell
when our delegate has hit -dealloc.
(TestWebKitAPI::TEST): Ensure that after an object has been set as the scroll view's delegate,
and has then been deallocated, that the scroll view's delegate is nil and the deallocated delegate
will not be messaged.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203541 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFollow-up patch to r203520
mmaxfield@apple.com [Thu, 21 Jul 2016 23:55:40 +0000 (23:55 +0000)]
Follow-up patch to r203520
https://bugs.webkit.org/show_bug.cgi?id=159967
<rdar://problem/26964090>

Unreviewed.

* DumpRenderTree/mac/DumpRenderTree.mm:
(setDefaultsToConsistentValuesForTesting):
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetPreferencesToConsistentValues):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203540 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMake parameters to Document.getElementsBy*() operations mandatory
cdumez@apple.com [Thu, 21 Jul 2016 23:52:35 +0000 (23:52 +0000)]
Make parameters to Document.getElementsBy*() operations mandatory
https://bugs.webkit.org/show_bug.cgi?id=160050

Reviewed by Daniel Bates.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Make parameters to Document.getElementsBy*() operations mandatory to
match the specification:
- https://dom.spec.whatwg.org/#interface-document

Firefox and Chrome agree with the specification so the compatibility
risk should be low.

It makes very little sense to call these operations without parameter,
especially considering WebKit uses the string "undefined" if the
parameter is omitted.

No new tests, rebaselined existing tests.

* dom/Document.idl:

LayoutTests:

Drop cases that were calling the operation without parameter.

* fast/dom/getElementsByClassName/dumpHTMLCollection-expected.txt:
* fast/dom/getElementsByClassName/dumpHTMLCollection.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203539 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAX: aria-label not being used correctly in accessible name calculation of heading
n_wang@apple.com [Thu, 21 Jul 2016 23:47:53 +0000 (23:47 +0000)]
AX: aria-label not being used correctly in accessible name calculation of heading
https://bugs.webkit.org/show_bug.cgi?id=160009

Reviewed by Chris Fleizach.

Source/WebCore:

Actually we are exposing the correct information for heading objects. On macOS,
VoiceOver should handle the logic that picks the right information to speak.
On iOS, VoiceOver is speaking the static text child instead of the heading object.
So we should set the accessibilityLabel of the static text based on the parent's
alternate label.

Test: accessibility/ios-simulator/heading-with-aria-label.html

* accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):

LayoutTests:

* accessibility/ios-simulator/heading-with-aria-label-expected.txt: Added.
* accessibility/ios-simulator/heading-with-aria-label.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203538 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoop_add/ValueAdd should be an IC in all JIT tiers
sbarati@apple.com [Thu, 21 Jul 2016 23:41:44 +0000 (23:41 +0000)]
op_add/ValueAdd should be an IC in all JIT tiers
https://bugs.webkit.org/show_bug.cgi?id=159649

Reviewed by Benjamin Poulain.

Source/JavaScriptCore:

This patch makes Add an IC inside all JIT tiers. It does so in a
simple, but effective, way. We will try to generate an int+int add
that will repatch itself if its type checks fail. Sometimes though,
we have runtime type data saying that the add won't be int+int.
In those cases, we will just generate a full snippet that doesn't patch itself.
Other times, we may generate no inline code and defer to making a C call. A lot
of this patch is just refactoring ResultProfile into what we're now calling ArithProfile.
ArithProfile does everything ResultProfile used to do, and more. It records simple type
data about the LHS/RHS operands it sees. This allows us to determine if an op_add
has only seen int+int operands, etc. ArithProfile will also contain the ResultType
for the LHS/RHS that the parser feeds into op_add. ArithProfile now fits into 32-bits.
This means instead of having a side table like we did for ResultProfile, we just
inject the ArithProfile into the bytecode instruction stream. This makes asking
for ArithProfile faster; we no longer need to lock around this operation.

The size of an Add has gone down on average, but we can still do better.
We still generate a lot of code because we generate calls to the slow path.
I think we can make this better by moving the slow path to a shared thunk
system. This patch mostly lays the foundation for future improvements to Add,
and a framework to move all other arithmetic operations to be typed-based ICs.

Here is some data I took on the average op_add/ValueAdd size on various benchmarks:
           |   JetStream  |  Speedometer |  Unity 3D  |
     ------| -------------|-----------------------------
      Old  |  189 bytes   |  169 bytes   |  192 bytes |
     ------| -------------|-----------------------------
      New  |  148 bytes   |  124 bytes   |  143 bytes |
     ---------------------------------------------------

Making an arithmetic IC is now easy. The JITMathIC class will hold a snippet
generator as a member variable. To make a snippet an IC, you need to implement
a generateInline(.) method, which generates the inline IC. Then, you need to
generate the IC where you used to generate the snippet. When generating the
IC, we need to inform JITMathIC of various data like we do with StructureStubInfo.
We need to tell it about where the slow path starts, where the slow path call is, etc.
When generating a JITMathIC, it may tell you that it didn't generate any code inline.
This is a request to the user of JITMathIC to just generate a C call along the
fast path. JITMathIC may also have the snippet tell it to just generate the full
snippet instead of the int+int path along the fast path.

In subsequent patches, we can improve upon how we decide to generate int+int or
the full snippet. I tried to get clever by having double+double, double+int, int+double,
fast paths, but they didn't work out nearly as well as the int+int fast path. I ended up
generating a lot of code when I did this and ended up using more memory than just generating
the full snippet. There is probably some way we can be clever and generate specialized fast
paths that are more successful than what I tried implementing, but I think that's worth deferring
this to follow up patches once the JITMathIC foundation has landed.

This patch also fixes a bug inside the slow path lambdas in the DFG.
Before, it was not legal to emit an exception check inside them. Now,
it is. So it's now easy to define arbitrary late paths using the DFG
slow path lambda API.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/ArithProfile.cpp: Added.
(JSC::ArithProfile::emitObserveResult):
(JSC::ArithProfile::shouldEmitSetDouble):
(JSC::ArithProfile::emitSetDouble):
(JSC::ArithProfile::shouldEmitSetNonNumber):
(JSC::ArithProfile::emitSetNonNumber):
(WTF::printInternal):
* bytecode/ArithProfile.h: Added.
(JSC::ObservedType::ObservedType):
(JSC::ObservedType::sawInt32):
(JSC::ObservedType::isOnlyInt32):
(JSC::ObservedType::sawNumber):
(JSC::ObservedType::isOnlyNumber):
(JSC::ObservedType::sawNonNumber):
(JSC::ObservedType::isOnlyNonNumber):
(JSC::ObservedType::isEmpty):
(JSC::ObservedType::bits):
(JSC::ObservedType::withInt32):
(JSC::ObservedType::withNumber):
(JSC::ObservedType::withNonNumber):
(JSC::ObservedType::withoutNonNumber):
(JSC::ObservedType::operator==):
(JSC::ArithProfile::ArithProfile):
(JSC::ArithProfile::fromInt):
(JSC::ArithProfile::lhsResultType):
(JSC::ArithProfile::rhsResultType):
(JSC::ArithProfile::lhsObservedType):
(JSC::ArithProfile::rhsObservedType):
(JSC::ArithProfile::setLhsObservedType):
(JSC::ArithProfile::setRhsObservedType):
(JSC::ArithProfile::tookSpecialFastPath):
(JSC::ArithProfile::didObserveNonInt32):
(JSC::ArithProfile::didObserveDouble):
(JSC::ArithProfile::didObserveNonNegZeroDouble):
(JSC::ArithProfile::didObserveNegZeroDouble):
(JSC::ArithProfile::didObserveNonNumber):
(JSC::ArithProfile::didObserveInt32Overflow):
(JSC::ArithProfile::didObserveInt52Overflow):
(JSC::ArithProfile::setObservedNonNegZeroDouble):
(JSC::ArithProfile::setObservedNegZeroDouble):
(JSC::ArithProfile::setObservedNonNumber):
(JSC::ArithProfile::setObservedInt32Overflow):
(JSC::ArithProfile::setObservedInt52Overflow):
(JSC::ArithProfile::addressOfBits):
(JSC::ArithProfile::observeResult):
(JSC::ArithProfile::lhsSawInt32):
(JSC::ArithProfile::lhsSawNumber):
(JSC::ArithProfile::lhsSawNonNumber):
(JSC::ArithProfile::rhsSawInt32):
(JSC::ArithProfile::rhsSawNumber):
(JSC::ArithProfile::rhsSawNonNumber):
(JSC::ArithProfile::observeLHSAndRHS):
(JSC::ArithProfile::bits):
(JSC::ArithProfile::hasBits):
(JSC::ArithProfile::setBit):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpRareCaseProfile):
(JSC::CodeBlock::dumpArithProfile):
(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::addStubInfo):
(JSC::CodeBlock::addJITAddIC):
(JSC::CodeBlock::findStubInfo):
(JSC::CodeBlock::resetJITData):
(JSC::CodeBlock::shrinkToFit):
(JSC::CodeBlock::dumpValueProfiles):
(JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset):
(JSC::CodeBlock::arithProfileForBytecodeOffset):
(JSC::CodeBlock::arithProfileForPC):
(JSC::CodeBlock::couldTakeSpecialFastCase):
(JSC::CodeBlock::dumpResultProfile): Deleted.
(JSC::CodeBlock::resultProfileForBytecodeOffset): Deleted.
(JSC::CodeBlock::specialFastCaseProfileCountForBytecodeOffset): Deleted.
(JSC::CodeBlock::ensureResultProfile): Deleted.
* bytecode/CodeBlock.h:
(JSC::CodeBlock::stubInfoBegin):
(JSC::CodeBlock::stubInfoEnd):
(JSC::CodeBlock::couldTakeSlowCase):
(JSC::CodeBlock::numberOfResultProfiles): Deleted.
* bytecode/MethodOfGettingAValueProfile.cpp:
(JSC::MethodOfGettingAValueProfile::emitReportValue):
* bytecode/MethodOfGettingAValueProfile.h:
(JSC::MethodOfGettingAValueProfile::MethodOfGettingAValueProfile):
* bytecode/ValueProfile.cpp:
(JSC::ResultProfile::emitDetectNumericness): Deleted.
(JSC::ResultProfile::emitSetDouble): Deleted.
(JSC::ResultProfile::emitSetNonNumber): Deleted.
(WTF::printInternal): Deleted.
* bytecode/ValueProfile.h:
(JSC::getRareCaseProfileBytecodeOffset):
(JSC::ResultProfile::ResultProfile): Deleted.
(JSC::ResultProfile::bytecodeOffset): Deleted.
(JSC::ResultProfile::specialFastPathCount): Deleted.
(JSC::ResultProfile::didObserveNonInt32): Deleted.
(JSC::ResultProfile::didObserveDouble): Deleted.
(JSC::ResultProfile::didObserveNonNegZeroDouble): Deleted.
(JSC::ResultProfile::didObserveNegZeroDouble): Deleted.
(JSC::ResultProfile::didObserveNonNumber): Deleted.
(JSC::ResultProfile::didObserveInt32Overflow): Deleted.
(JSC::ResultProfile::didObserveInt52Overflow): Deleted.
(JSC::ResultProfile::setObservedNonNegZeroDouble): Deleted.
(JSC::ResultProfile::setObservedNegZeroDouble): Deleted.
(JSC::ResultProfile::setObservedNonNumber): Deleted.
(JSC::ResultProfile::setObservedInt32Overflow): Deleted.
(JSC::ResultProfile::setObservedInt52Overflow): Deleted.
(JSC::ResultProfile::addressOfFlags): Deleted.
(JSC::ResultProfile::addressOfSpecialFastPathCount): Deleted.
(JSC::ResultProfile::detectNumericness): Deleted.
(JSC::ResultProfile::hasBits): Deleted.
(JSC::ResultProfile::setBit): Deleted.
(JSC::getResultProfileBytecodeOffset): Deleted.
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitBinaryOp):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::makeSafe):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::methodOfGettingAValueProfileFor):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::exceptionCheck):
* dfg/DFGSlowPathGenerator.h:
(JSC::DFG::SlowPathGenerator::generate):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::addSlowPathGenerator):
(JSC::DFG::SpeculativeJIT::runSlowPathGenerators):
(JSC::DFG::SpeculativeJIT::compileValueAdd):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::silentSpillAllRegistersImpl):
(JSC::DFG::SpeculativeJIT::silentSpillAllRegisters):
(JSC::DFG::SpeculativeJIT::callOperation):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileValueAdd):
(JSC::FTL::DFG::LowerDFGToB3::compileStrCat):
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):
(JSC::CCallHelpers::setupArguments):
* jit/JIT.h:
* jit/JITAddGenerator.cpp:
(JSC::JITAddGenerator::generateInline):
(JSC::JITAddGenerator::generateFastPath):
* jit/JITAddGenerator.h:
(JSC::JITAddGenerator::JITAddGenerator):
(JSC::JITAddGenerator::didEmitFastPath): Deleted.
(JSC::JITAddGenerator::endJumpList): Deleted.
(JSC::JITAddGenerator::slowPathJumpList): Deleted.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jless):
(JSC::JIT::emitSlow_op_urshift):
(JSC::getOperandTypes):
(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emit_op_div):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSlow_op_sub):
* jit/JITDivGenerator.cpp:
(JSC::JITDivGenerator::generateFastPath):
* jit/JITDivGenerator.h:
(JSC::JITDivGenerator::JITDivGenerator):
* jit/JITInlines.h:
(JSC::JIT::callOperation):
* jit/JITMathIC.h: Added.
(JSC::JITMathIC::doneLocation):
(JSC::JITMathIC::slowPathStartLocation):
(JSC::JITMathIC::slowPathCallLocation):
(JSC::JITMathIC::generateInline):
(JSC::JITMathIC::generateOutOfLine):
(JSC::JITMathIC::finalizeInlineCode):
* jit/JITMathICForwards.h: Added.
* jit/JITMathICInlineResult.h: Added.
* jit/JITMulGenerator.cpp:
(JSC::JITMulGenerator::generateFastPath):
* jit/JITMulGenerator.h:
(JSC::JITMulGenerator::JITMulGenerator):
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* jit/JITSubGenerator.cpp:
(JSC::JITSubGenerator::generateFastPath):
* jit/JITSubGenerator.h:
(JSC::JITSubGenerator::JITSubGenerator):
* jit/Repatch.cpp:
(JSC::readCallTarget):
(JSC::ftlThunkAwareRepatchCall):
(JSC::tryCacheGetByID):
(JSC::repatchGetByID):
(JSC::appropriateGenericPutByIdFunction):
(JSC::tryCachePutByID):
(JSC::repatchPutByID):
(JSC::tryRepatchIn):
(JSC::repatchIn):
(JSC::linkSlowFor):
(JSC::resetGetByID):
(JSC::resetPutByID):
(JSC::repatchCall): Deleted.
* jit/Repatch.h:
* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* parser/ResultType.h:
(JSC::ResultType::ResultType):
(JSC::ResultType::isInt32):
(JSC::ResultType::definitelyIsNumber):
(JSC::ResultType::definitelyIsString):
(JSC::ResultType::definitelyIsBoolean):
(JSC::ResultType::mightBeNumber):
(JSC::ResultType::isNotNumber):
(JSC::ResultType::forBitOp):
(JSC::ResultType::bits):
(JSC::OperandTypes::OperandTypes):
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
(JSC::updateArithProfileForBinaryArithOp):
(JSC::updateResultProfileForBinaryArithOp): Deleted.
* tests/stress/op-add-exceptions.js: Added.
(assert):
(f1):
(f2):
(f3):
(let.oException.valueOf):
(foo):
(ident):
(bar):

Source/WebCore:

* ForwardingHeaders/jit/JITMathICForwards.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203537 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMove expected.txt file for editing/deleting/delete-emoji.html from mac-elcapitan...
ryanhaddad@apple.com [Thu, 21 Jul 2016 23:32:56 +0000 (23:32 +0000)]
Move expected.txt file for editing/deleting/delete-emoji.html from mac-elcapitan to mac-yosemite

Unreviewed test gardening.

* platform/mac-yosemite/editing/deleting/delete-emoji-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/editing/deleting/delete-emoji-expected.txt.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203536 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMake parameters mandatory for Document.create*() operations
cdumez@apple.com [Thu, 21 Jul 2016 22:56:53 +0000 (22:56 +0000)]
Make parameters mandatory for Document.create*() operations
https://bugs.webkit.org/show_bug.cgi?id=160047

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

* web-platform-tests/dom/interfaces-expected.txt:
* web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Make parameters mandatory for Document.create*() operations:
createTextNode(), createComment(), createCDataSection(),
createAttribute() and createProcessingInstruction().

This matches the specification:
- https://dom.spec.whatwg.org/#interface-document

Firefox and Chrome both agree with the specification so the
compatibility risk should be low. Also WebKit uses the string
"undefined" when the parameter is omitted, which is not very
helpful.

No new tests, rebaselined existing tests.

* dom/Document.idl:

LayoutTests:

Update existing tests to reflect the behavior change.

* compositing/geometry/assert-marquee-timer.html:
* editing/style/bold-with-dom-changes.html:
* fast/dom/MutationObserver/observe-characterdata.html:
* fast/dom/normalize-attributes-mutation-event-crash.html:
* fast/dom/null-chardata-crash.html:
* fast/dom/wrapper-classes-expected.txt:
* fast/dom/wrapper-classes.html:
* fast/forms/basic-textareas.html:
* fast/inspector-support/uncaught-dom1-exception-expected.txt:
* fast/inspector-support/uncaught-dom1-exception.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203535 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMarking imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight.html as flaky...
ryanhaddad@apple.com [Thu, 21 Jul 2016 22:49:37 +0000 (22:49 +0000)]
Marking imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight.html as flaky on mac
https://bugs.webkit.org/show_bug.cgi?id=160056

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203534 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[macOS] Caret placement occurs in the middle of new emoji group candidates
mmaxfield@apple.com [Thu, 21 Jul 2016 22:34:50 +0000 (22:34 +0000)]
[macOS] Caret placement occurs in the middle of new emoji group candidates
https://bugs.webkit.org/show_bug.cgi?id=160008
<rdar://problem/27430111>

Reviewed by Simon Fraser.

Source/WTF:

r203330 added support for new emoji group candidates. This patch updates the rules
governing caret placement around these new emoji groups.

* wtf/text/TextBreakIterator.cpp:
(WTF::cursorMovementIterator):

LayoutTests:

Update expected results.

The new emoji support is behind the ADDITIONAL_EMOJI_SUPPORT guard, which
means it only occurs on El Capitan and higher. Similarly, these new rules
are not used for iOS.

* editing/deleting/delete-emoji-expected.txt: Deleted.
* platform/mac/editing/deleting/delete-emoji-expected.txt: Added.
* platform/mac-elcapitan/editing/deleting/delete-emoji-expected.txt: Added.
* platform/ios-simulator/editing/deleting/delete-emoji-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203533 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoLand test expectations for rdar://problem/27475162.
ryanhaddad@apple.com [Thu, 21 Jul 2016 22:16:07 +0000 (22:16 +0000)]
Land test expectations for rdar://problem/27475162.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203532 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix null handling of SVGAngle/SVGLength.valueAsString attribute
cdumez@apple.com [Thu, 21 Jul 2016 21:31:16 +0000 (21:31 +0000)]
Fix null handling of SVGAngle/SVGLength.valueAsString attribute
https://bugs.webkit.org/show_bug.cgi?id=160025

Reviewed by Ryosuke Niwa.

Source/WebCore:

Fix null handling of SVGAngle/SVGLength.valueAsString attribute
to match the specification:
- https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
- https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength

In particular, this patch drops [TreatNullAs=EmptyString] IDL
extended attribute from this attribute. This is not supposed
to change behavior given that both "" and "null" are invalid
numbers and the specification says to throw a SYNTAX_ERR in
this case.

However, WebKit currently ignores assignments to "" instead
of throwing. As a result, assigning to null will now throw
instead of being ignored. The compatibility risk should be
low because both Firefox and Chrome throw when assigning
null.

I did not change the behavior when assigning to "" because
it is a bit out of scope for this patch and browsers to not
seem to agree:
- Firefox throws
- Chrome set value to "0"
- WebKit ignores the assignment

The specification seems to agree with Firefox as far as I
can tell given that "" is not a valid number as per:
- https://www.w3.org/TR/css3-values/#numbers

Test: svg/dom/valueAsString-null.html

* svg/SVGAngle.idl:
* svg/SVGLength.idl:

LayoutTests:

Add test coverage.

* svg/dom/svg-element-attribute-js-null-expected.txt:
* svg/dom/svg-element-attribute-js-null.xhtml:
* svg/dom/valueAsString-null-expected.txt: Added.
* svg/dom/valueAsString-null.html: Added.
There are a couple of failures in this test because WebKit ignores
assignments to "" instead of throwing. Firefox passes all the checks.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203531 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix null handling of HTMLFontElement.color
cdumez@apple.com [Thu, 21 Jul 2016 21:25:45 +0000 (21:25 +0000)]
Fix null handling of HTMLFontElement.color
https://bugs.webkit.org/show_bug.cgi?id=160036

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

* web-platform-tests/html/dom/reflection-obsolete-expected.txt:

Source/WebCore:

Fix null handling of HTMLFontElement.color to match the specification:
- https://html.spec.whatwg.org/#htmlfontelement

We are supposed to treat null as the empty string. Both Firefox and
Chrome agree with the specification.

No new tests, rebaselined existing tests.

* html/HTMLFontElement.idl:

LayoutTests:

Update existing test to reflect behavior change.

* fast/dom/element-attribute-js-null-expected.txt:
* fast/dom/element-attribute-js-null.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203530 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix null handling for several HTMLTableElement attributes
cdumez@apple.com [Thu, 21 Jul 2016 21:25:10 +0000 (21:25 +0000)]
Fix null handling for several HTMLTableElement attributes
https://bugs.webkit.org/show_bug.cgi?id=160041

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

* web-platform-tests/html/dom/reflection-tabular-expected.txt:

Source/WebCore:

Fix null handling for several HTMLTableElement attributes to match the
specification:
- https://html.spec.whatwg.org/#HTMLTableElement-partial

The attributes in question are 'bicolor', 'cellSpacing' and
'cellPadding'. We are supposed to treat null as the empty string for
these attributes.

Firefox and Chrome both agree with the specification.

No new tests, rebaselined existing tests.

* html/HTMLTableElement.idl:

LayoutTests:

Update existing test to reflect the behavior change.

* fast/dom/element-attribute-js-null-expected.txt:
* fast/dom/element-attribute-js-null.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203529 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix null handling for HTMLObjectElement.border
cdumez@apple.com [Thu, 21 Jul 2016 21:23:28 +0000 (21:23 +0000)]
Fix null handling for HTMLObjectElement.border
https://bugs.webkit.org/show_bug.cgi?id=160040

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

* web-platform-tests/html/dom/reflection-embedded-expected.txt:

Source/WebCore:

Fix null handling for HTMLObjectElement.border to match the specification:
- https://html.spec.whatwg.org/#HTMLObjectElement-partial

We are supposed to treat null as the empty string.

Both Firefox and Chrome agree with the specification.

No new tests, rebaselined existing tests.

* html/HTMLObjectElement.idl:

LayoutTests:

Update existing test to reflect the behavior change.

* fast/dom/element-attribute-js-null-expected.txt:
* fast/dom/element-attribute-js-null.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@203528 268f45cc-cd09-0410-ab3c-d52691b4dbfc