WebKit-https.git
5 years agoAdd a benchmark for string transcoding.
fpizlo@apple.com [Wed, 2 Mar 2016 22:30:49 +0000 (22:30 +0000)]
Add a benchmark for string transcoding.

Rubber stamped by Saam Barati.

I wrote some code like this while working on
https://github.com/WebAssembly/design/pull/573. I thought I'd add it as a benchmark since
it stresses things that we may not have good bench coverage for.

* js/regress/script-tests/string-transcoding.js: Added.
(decodeUTF8):
(encodeUTF8):
(arraysEqual):
(arrayToString):
(setHeader):
(print):
(tryArray):
(doSteps):
* js/regress/string-transcoding-expected.txt: Added.
* js/regress/string-transcoding.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197465 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd support for the "first" value of the hanging-punctuation property.
hyatt@apple.com [Wed, 2 Mar 2016 22:29:26 +0000 (22:29 +0000)]
Add support for the "first" value of the hanging-punctuation property.
https://bugs.webkit.org/show_bug.cgi?id=154919

Reviewed by Simon Fraser.

Source/WebCore:

New tests added in fast/text.

Implement the "first" value for hanging-punctuation as described here:
https://drafts.csswg.org/css-text-3/#propdef-hanging-punctuation

* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths):
Update the preferred logical width computation to factor in hanging punctuation.
This check is similar to the text-indent logic in that we only want to do it for
the first formatted line.

* rendering/RenderBlockFlow.h:
(WebCore::RenderBlockFlow::simpleLineLayout):
Make sure to turn off simple line layout when hanging punctuation is present. Eventually
it should be feasible to support this in simple line layout, but since the full line
layout model has to work with it anyway, we are starting there.

* rendering/RenderBlockLineLayout.cpp:
(WebCore::inlineAncestorHasStartBorderPaddingOrMargin):
(WebCore::isLastInFlowRun):
Helper functions that are needed to determine whether or not we're allowed to apply
hanging punctuation "first" to a text run.

(WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):
This function manipulates logicalLeft and availableWidth when hanging punctuation
is present to shift the line as needed and to expand the availableWidth of the line.

* rendering/RenderText.cpp:
(WebCore::isHangablePunctuationAtLineStart):
(WebCore::isHangablePunctuationAtLineEnd):
(WebCore::RenderText::hangablePunctuationStartWidth):
(WebCore::RenderText::trimmedPrefWidths):
* rendering/RenderText.h:
RenderText has a helper function for handing back the hangable punctuation width. This
is used everywhere line layout wants to apply that offset. There are also helper functions
that detect whether the character is a hangable punctuation character.

* rendering/SimpleLineLayout.cpp:
(WebCore::SimpleLineLayout::canUseForWithReason):
(WebCore::SimpleLineLayout::printReason):
Turn off simple line layout when hanging punctuation is enabled.

* rendering/line/BreakingContext.h:
(WebCore::BreakingContext::handleText):
Modified to expand the available width when hanging punctuation is present so that we
know we have more room on the line.

* rendering/line/LineWidth.h:
(WebCore::LineWidth::isFirstLine):
Add an accessor for whether or not we're the first line.

LayoutTests:

* fast/text/hanging-punctuation-first-expected.html: Added.
* fast/text/hanging-punctuation-first-rtl-expected.html: Added.
* fast/text/hanging-punctuation-first-rtl.html: Added.
* fast/text/hanging-punctuation-first.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197464 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMake HTML parser construct custom elements
rniwa@webkit.org [Wed, 2 Mar 2016 21:56:47 +0000 (21:56 +0000)]
Make HTML parser construct custom elements
https://bugs.webkit.org/show_bug.cgi?id=154908
Source/WebCore:

<rdar://problem/24923735>

Reviewed by Antti Koivisto.

Added the support for instantiating custom elements inside the parser. Based on Jan F2F discussion,
the HTML parser is going to synchronously construct custom elements. When a custom element constructor
throws, the HTML parser creates a HTMLUnknownElement instead.

In our implementation, we pause the parser completely and construct custom elements using the same
mechanism used to run author scripts. It's possible that we may want to apply some optimizations to
to make custom element construction but it's probably a good idea to get semantics right first.

Tests: fast/custom-elements/parser/parser-constructs-custom-elements.html
       fast/custom-elements/parser/parser-fallsback-to-unknown-element.html
       fast/custom-elements/parser/parser-sets-attributes-and-children.html
       fast/custom-elements/parser/parser-uses-constructed-element.html

* bindings/js/JSCustomElementInterface.cpp:
(WebCore::JSCustomElementInterface::constructElement): Added ShouldClearException as an argument
to be used by the HTML parser since the parser can't re-throw to anywhere or fail parsing.

* bindings/js/JSCustomElementInterface.h:
(WebCore::JSCustomElementInterface::ShouldClearException): Added.

* dom/Document.cpp:
(WebCore::createHTMLElementWithNameValidation): Do not clear the exception here since createElement
must re-throw the exception thrown by a custom element constructor.
(WebCore::Document::createElementForBindings):

* dom/make_names.pl:
(printFactoryCppFile): Added ConstructorFunctionMapEntry which contains the constructor function
as well as the qualified name.
(printFactoryHeaderFile): Added a variant of createKnownElement and createElement that takes
AtomicString instead of QualifiedName.

* html/parser/HTMLConstructionSite.cpp:
(WebCore::setAttributes): Added a variant that takes Vector<Attribute>.
(WebCore::HTMLConstructionSite::insertHTMLElementOrFindCustomElementInterface): Added. Returns a
custom element interface when the element doesn't match any builtin element and there is a custom
element definition that matches the specified name.
(WebCore::HTMLConstructionSite::insertCustomElement): Added. Like insertElement but also sets the
attributes on the newly created custom element.
(WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface): Extracted from
createHTMLElement. When customElementInterface is not nullptr, we optionally find the custom
element interface and return nullptr.
(WebCore::HTMLConstructionSite::createHTMLElement):
* html/parser/HTMLConstructionSite.h:

* html/parser/HTMLDocumentParser.cpp:
(WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder): Create a custom element when there
is a pending custom element to create (i.e. m_customElementToConstruct is not empty).
(WebCore::HTMLDocumentParser::isWaitingForScripts):

* html/parser/HTMLStackItem.h:
(WebCore::HTMLStackItem::create): Added a variant used for custom elements.
(WebCore::HTMLStackItem::HTMLStackItem): Ditto.

* html/parser/HTMLTreeBuilder.cpp:
(WebCore::CustomElementConstructionData::CustomElementConstructionData): Added. It needs to be in
the cpp file to avoid introducing more header dependencies in HTMLTreeBuilder.h.
(WebCore::CustomElementConstructionData::~CustomElementConstructionData): Ditto.
(WebCore::HTMLTreeBuilder::processStartTagForInBody): Use insertGenericHTMLElement when creating
a generic element that could be custom elements.
(WebCore::HTMLTreeBuilder::insertGenericHTMLElement): Added. Create and insert a new element
or set m_customElementToConstruct so that the HTMLDocumentParser will create a custom element later.
(WebCore::HTMLTreeBuilder::didCreateCustomOrCallbackElement): Added. Called by HTMLDocumentParser
when it finishes creating a new custom element.

* html/parser/HTMLTreeBuilder.h:
(WebCore::HTMLTreeBuilder::takeCustomElementConstructionData): Added.
(WebCore::HTMLTreeBuilder::hasParserBlockingScriptWork): Renamed from hasParserBlockingScript.
Checks the existence of m_customElementToConstruct as well as m_scriptToProcess.

LayoutTests:

Reviewed by Antti Koivisto.

Added W3C testharness.js based tests for instantiating custom elements inside the HTML parser.

* fast/custom-elements/parser: Added.
* fast/custom-elements/parser/parser-constructs-custom-elements-expected.txt: Added.
* fast/custom-elements/parser/parser-constructs-custom-elements.html: Added.
* fast/custom-elements/parser/parser-fallsback-to-unknown-element-expected.txt: Added.
* fast/custom-elements/parser/parser-fallsback-to-unknown-element.html: Added.
* fast/custom-elements/parser/parser-sets-attributes-and-children-expected.txt: Added.
* fast/custom-elements/parser/parser-sets-attributes-and-children.html: Added.
* fast/custom-elements/parser/parser-uses-constructed-element-expected.txt: Added.
* fast/custom-elements/parser/parser-uses-constructed-element.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197463 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUse IndentTextOrNot instead of passing isFirstLine/shouldIndentText as bool.
zalan@apple.com [Wed, 2 Mar 2016 21:42:22 +0000 (21:42 +0000)]
Use IndentTextOrNot instead of passing isFirstLine/shouldIndentText as bool.
https://bugs.webkit.org/show_bug.cgi?id=154628

Reviewed by Simon Fraser.

No change in behaviour.

* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::computeStartPositionDeltaForChildAvoidingFloats):
(WebCore::RenderBlock::logicalLeftSelectionOffset):
(WebCore::RenderBlock::logicalRightSelectionOffset):
* rendering/RenderBlock.h:
(WebCore::RenderBlock::availableLogicalWidthForLineInRegion):
(WebCore::RenderBlock::logicalRightOffsetForLineInRegion):
(WebCore::RenderBlock::logicalLeftOffsetForLineInRegion):
(WebCore::RenderBlock::startOffsetForLineInRegion):
(WebCore::RenderBlock::endOffsetForLineInRegion):
(WebCore::RenderBlock::availableLogicalWidthForLine):
(WebCore::RenderBlock::logicalRightOffsetForLine):
(WebCore::RenderBlock::logicalLeftOffsetForLine):
(WebCore::RenderBlock::startOffsetForLine):
(WebCore::RenderBlock::endOffsetForLine):
* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::getClearDelta):
* rendering/RenderBlockLineLayout.cpp:
(WebCore::updateLogicalInlinePositions):
(WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange):
(WebCore::RenderBlockFlow::deleteEllipsisLineBoxes):
(WebCore::RenderBlockFlow::checkLinesForTextOverflow):
(WebCore::RenderBlockFlow::startAlignedOffsetForLine):
* rendering/RenderBox.cpp:
(WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats):
(WebCore::RenderBox::containingBlockAvailableLineWidthInRegion):
* rendering/RenderDeprecatedFlexibleBox.cpp:
(WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
* rendering/RenderListItem.cpp:
(WebCore::RenderListItem::positionListMarker):
* rendering/RootInlineBox.cpp:
(WebCore::RootInlineBox::selectionTop):
(WebCore::RootInlineBox::selectionBottom):
* rendering/SimpleLineLayout.cpp:
(WebCore::SimpleLineLayout::canUseForWithReason):
(WebCore::SimpleLineLayout::updateLineConstrains):
* rendering/line/LineBreaker.cpp:
(WebCore::LineBreaker::skipLeadingWhitespace):
* rendering/line/LineWidth.cpp:
(WebCore::LineWidth::shrinkAvailableWidthForNewFloatIfNeeded):
(WebCore::availableWidthAtOffset):
* rendering/line/LineWidth.h:
(WebCore::LineWidth::shouldIndentText):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197462 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd support for playbackControlsManager
bdakin@apple.com [Wed, 2 Mar 2016 20:59:28 +0000 (20:59 +0000)]
Add support for playbackControlsManager
https://bugs.webkit.org/show_bug.cgi?id=154742
-and corresponding-
rdar://problem/23833753

Reviewed by Jer Noble.

Source/WebCore:

Make AVKitSPI.h private so that it can be used from other projects.
* WebCore.xcodeproj/project.pbxproj:

Right now, set up a controls manager for a video when it starts playing. In
the future, this is something that should be handled by the
PlatformMediaSessionManager since we only want a controls for the
currentSession.
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::playInternal):

New function setUpVideoControlsManager.
* page/ChromeClient.h:

Make these CoreMedia functions available on Mac and iOS instead of just iOS.
* platform/cf/CoreMediaSoftLink.cpp:
* platform/cf/CoreMediaSoftLink.h:

This patch fleshes out an implementation for a bunch of these interface
functions since they need to communicate to the playbackControlsManager. This
is also where the playbackControlsManager lives.
* platform/mac/WebVideoFullscreenInterfaceMac.h:

Define an interface and implementation for WebPlaybackControlsManager.
* platform/mac/WebVideoFullscreenInterfaceMac.mm:
(-[WebPlaybackControlsManager initWithWebVideoFullscreenInterfaceMac:]):
(-[WebPlaybackControlsManager isSeeking]):
(-[WebPlaybackControlsManager seekToTime:toleranceBefore:toleranceAfter:]):
(-[WebPlaybackControlsManager audioMediaSelectionOptions]):
(-[WebPlaybackControlsManager currentAudioMediaSelectionOption]):
(-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
(-[WebPlaybackControlsManager legibleMediaSelectionOptions]):
(-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]):
(-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):
(-[WebPlaybackControlsManager cancelThumbnailAndAudioAmplitudeSampleGeneration]):

Relay this information to the playbackControlsManager.
(WebCore::WebVideoFullscreenInterfaceMac::setDuration):
(WebCore::WebVideoFullscreenInterfaceMac::setCurrentTime):
(WebCore::WebVideoFullscreenInterfaceMac::setRate):
(WebCore::WebVideoFullscreenInterfaceMac::setSeekableRanges):
(WebCore::WebVideoFullscreenInterfaceMac::ensureControlsManager):
(WebCore::WebVideoFullscreenInterfaceMac::playBackControlsManager):
(WebCore::WebVideoFullscreenInterfaceMac::setupFullscreen):

New SPI needed.
* platform/spi/cocoa/AVKitSPI.h:
* platform/spi/mac/AVFoundationSPI.h:

Source/WebKit2:

WebVideoFullscreenManagerProxy ensures the model and interface for the
UIProcess side of the playbackControlsManager. It also caches the
m_controlsManagerContextId so that it can return the
controlsManagerInterface.
* UIProcess/Cocoa/WebVideoFullscreenManagerProxy.h:
* UIProcess/Cocoa/WebVideoFullscreenManagerProxy.messages.in:
* UIProcess/Cocoa/WebVideoFullscreenManagerProxy.mm:
(WebKit::WebVideoFullscreenManagerProxy::setUpVideoControlsManagerWithID):
(WebKit::WebVideoFullscreenManagerProxy::controlsManagerInterface):

Pipe isPlayingMediaDidChange() to WebViewImpl, and use that information to
update WebViewImplAdditions.
* UIProcess/Cocoa/WebViewImpl.h:
* UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::isPlayingMediaDidChange):
* UIProcess/PageClient.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::isPlayingMediaDidChange):
(WebKit::WebPageProxy::isPlayingVideoWithAudio):
* UIProcess/WebPageProxy.h:
(WebKit::WebPageProxy::isPlayingAudio):
* UIProcess/mac/PageClientImpl.h:
* UIProcess/mac/PageClientImpl.mm:
(WebKit::PageClientImpl::isPlayingMediaDidChange):

Pipe setUpVideoControlsManager to the WebVideoFullscreenManager.
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::setUpVideoControlsManager):
* WebProcess/WebCoreSupport/WebChromeClient.h:

Ensure the model an interface for the playbackControlsManager on the
WebProcess side and pass the message to the UIProcess to do the same.
* WebProcess/cocoa/WebVideoFullscreenManager.h:
* WebProcess/cocoa/WebVideoFullscreenManager.mm:
(WebKit::WebVideoFullscreenManager::setUpVideoControlsManager):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197461 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd Page::TimerThrottlingState
barraclough@apple.com [Wed, 2 Mar 2016 20:39:37 +0000 (20:39 +0000)]
Add Page::TimerThrottlingState
https://bugs.webkit.org/show_bug.cgi?id=154926

Reviewed by Chris Dumez.

Hidden page timer throttling is currently a boolean state, indicated by whether the Optional
m_timerThrottlingEnabledTime is in a set/unset state. When enabled, the increasing mechanism
may or may not be enabled, this is controlled directly by the setting.

Refactor to add an enum tracking timer throttling being in one of three states - disabled,
enabled, or enabled-increasing. This cleans things up, and will enabled up to introduce a
dynamic policy for when enabled-throttling is enabled. (Behavior is unchanged in this patch.)

* page/Page.cpp:
(WebCore::Page::Page):
(WebCore::Page::setIsVisuallyIdleInternal):
(WebCore::Page::hiddenPageDOMTimerThrottlingStateChanged):
    - setTimerThrottlingEnabled -> updateTimerThrottlingState.
(WebCore::Page::updateTimerThrottlingState):
    - policy decision (currently enabled if visually-idle) was scattered across
      all call sites to setTimerThrottlingState. Unify in one place.
(WebCore::Page::setTimerThrottlingState):
    - Was setTimerThrottlingEnabled.
(WebCore::Page::setTimerAlignmentIntervalIncreaseLimit):
(WebCore::Page::setDOMTimerAlignmentInterval):
(WebCore::Page::timerAlignmentIntervalIncreaseTimerFired):
    - updated to check m_timerThrottlingState.
(WebCore::Page::setTimerThrottlingEnabled): Deleted.
    - This became updateTimerThrottlingState.
* page/Page.h:
(WebCore::Page::timerThrottlingEnabled): Deleted.
    - Removed, it's easy enough now to just check m_timerThrottlingState.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197459 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAlign HTMLInputElement.maxLength with the specification
cdumez@apple.com [Wed, 2 Mar 2016 20:38:23 +0000 (20:38 +0000)]
Align HTMLInputElement.maxLength with the specification
https://bugs.webkit.org/show_bug.cgi?id=154906

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C tests now that more checks are passing.

* web-platform-tests/html/dom/reflection-forms-expected.txt:
* web-platform-tests/html/semantics/forms/the-input-element/maxlength-expected.txt:

Source/WebCore:

Align HTMLInputElement.maxLength with the specification:
- https://html.spec.whatwg.org/multipage/forms.html#dom-input-maxlength
- https://html.spec.whatwg.org/multipage/forms.html#attr-input-maxlength

In particular, the following Web-facing change was made:
- HTMLInputElement.maxLength returns -1 instead of 524288 when
  the corresponding content attribute is missing, cannot be parsed
  or out of range (i.e. negative), as per:
  - https://html.spec.whatwg.org/multipage/infrastructure.html#limited-to-only-non-negative-numbers

Note that HTMLTextAreaElement.maxLength was already returning -1 in
this case.

The new behavior matches Firefox. Chrome however, still seems to
return 524288.

Note that we keep using 524288 as a maximum maxLength internally for
performance reasons. However, we stop exposing this arbitrary value to
the Web as this is an internal limitation.

No new tests, already covered by existing tests.

* html/HTMLInputElement.cpp:
(WebCore::HTMLInputElement::HTMLInputElement):
Initialize m_maxLength to -1 initially, instead of 524288.

(WebCore::HTMLInputElement::tooLong):
Call effectiveMaxLength() instead of maxLength(), which no longer
exists. effectiveMaxLength() makes sure of returning a value in
the range [0, 524288].

(WebCore::HTMLInputElement::parseAttribute):

(WebCore::HTMLInputElement::effectiveMaxLength):
Split maxLength() into maxLengthForBindings() and effectiveMaxLength().
effectiveMaxLength() returns a value in the range [0, 524288], while
maxLengthForBindings() returns values in the range [-1, 2147483647].

(WebCore::HTMLInputElement::setMaxLength): Deleted.
The implementation was moved to the parent class so that it can be
shared with HTMLTextAreaElement.

(WebCore::HTMLInputElement::maxLengthAttributeChanged):
Rename for clarity.

* html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::parseAttribute):
(WebCore::HTMLTextAreaElement::maxLengthAttributeChanged):
Cache the parsed maxLength when the content attribute changes, similarly
to what is already done in HTMLInputElement.

(WebCore::HTMLTextAreaElement::handleBeforeTextInsertedEvent):
(WebCore::HTMLTextAreaElement::validationMessage):
(WebCore::HTMLTextAreaElement::tooLong):
Call effectiveMaxLength() instead of maxLength() which no longer exists.
effectiveMaxLength() returns a cached value and is therefore a lot more
efficient.

* html/HTMLTextAreaElement.h:
* html/HTMLTextAreaElement.idl:
* html/HTMLTextFormControlElement.cpp:
(WebCore::HTMLTextFormControlElement::setMaxLengthForBindings):
This was moved up from HTMLInputElement / HTMLTextAreaElement to avoid code
duplication.

* html/HTMLTextFormControlElement.h:

* html/InputType.cpp:
(WebCore::InputType::validationMessage):
* html/TextFieldInputType.cpp:
(WebCore::TextFieldInputType::handleBeforeTextInsertedEvent):
Call HTMLInputElement::effectiveMaxLength() instead of
HTMLInputElement::maxLength() which no longer exists.

LayoutTests:

Update test now that input.maxLength initially returns -1
instead of 524288.

* fast/forms/input-maxlength-expected.txt:
* fast/forms/input-maxlength.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197458 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSIGSEGV in Proxy [[Get]] and [[Set]] recursion
sbarati@apple.com [Wed, 2 Mar 2016 19:17:18 +0000 (19:17 +0000)]
SIGSEGV in Proxy [[Get]] and [[Set]] recursion
https://bugs.webkit.org/show_bug.cgi?id=154854

Reviewed by Yusuke Suzuki.

We need to be aware of the possibility that the VM
may recurse and that we can stack overflow.

* runtime/ProxyObject.cpp:
(JSC::performProxyGet):
(JSC::ProxyObject::performPut):
* tests/stress/proxy-get-and-set-recursion-stack-overflow.js: Added.
(assert):
(testStackOverflowGet):
(testStackOverflowIndexedGet):
(testStackOverflowSet):
(testStackOverflowIndexedSet):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197457 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, rolling out r197434 and r197436.
commit-queue@webkit.org [Wed, 2 Mar 2016 18:54:03 +0000 (18:54 +0000)]
Unreviewed, rolling out r197434 and r197436.
https://bugs.webkit.org/show_bug.cgi?id=154921

This change caused a LayoutTest assertion in debug (Requested
by ryanhaddad on #webkit).

Reverted changesets:

"Extend CSSFontSelector's lifetime to be longer than the
Document's lifetime"
https://bugs.webkit.org/show_bug.cgi?id=154101
http://trac.webkit.org/changeset/197434

"Unreviewed build fix after r197434."
http://trac.webkit.org/changeset/197436

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197456 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoVersioning.
bshafiei@apple.com [Wed, 2 Mar 2016 18:31:22 +0000 (18:31 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197455 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION(r197409): [GTK] Web process always crashes on WebPage construction after...
carlosgc@webkit.org [Wed, 2 Mar 2016 17:59:34 +0000 (17:59 +0000)]
REGRESSION(r197409): [GTK] Web process always crashes on WebPage construction after r197409
https://bugs.webkit.org/show_bug.cgi?id=154918

Reviewed by Žan Doberšek.

We have an incorrect check in DrawingAreaImpl constructor that has
never actually worked because it uses the page settings before
they were initialized. But that has been fixed in r197409 and now
we are always forcing accelerated compositing mode incorrectly,
because m_alwaysUseCompositing is set in the constructor and never
changed again.

* WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::DrawingAreaImpl): Remove code to set
settings and m_alwaysUseCompositing, since that should be done in
updatePreferences().
(WebKit::DrawingAreaImpl::updatePreferences): Update the settings
accordingly and always update m_alwaysUseCompositing when AC is
enabled and forced in the settings.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::WebPage): WebPage::updatePreferences() calls
DrawingArea::updatePreferences(), but since r197409 it happens
before the drawing area has been created. So, call
DrawingArea::updatePreferences() in the constructor right after
the main frame has been created, since
DrawingArea::updatePreferences() uses the main frame.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197452 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSubpixel layout: Enable vertical/horizontal subpixel spacing for tables.
zalan@apple.com [Wed, 2 Mar 2016 17:16:05 +0000 (17:16 +0000)]
Subpixel layout: Enable vertical/horizontal subpixel spacing for tables.
https://bugs.webkit.org/show_bug.cgi?id=154899

Reviewed by Simon Fraser.

This patch enables authors to specify device pixel values for table border spacing.
(see border-spacing)

Source/WebCore:

Test: fast/table/hidpi-vertical-and-horizontal-spacing.html

* css/CSSPropertyNames.in:
* page/animation/CSSPropertyAnimation.cpp:
(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
* rendering/RenderTable.cpp:
(WebCore::RenderTable::offsetLeftForColumn):
(WebCore::RenderTable::offsetWidthForColumn):
(WebCore::RenderTable::RenderTable): Deleted.
* rendering/RenderTable.h:
* rendering/style/RenderStyle.cpp:
(WebCore::RenderStyle::horizontalBorderSpacing):
(WebCore::RenderStyle::verticalBorderSpacing):
(WebCore::RenderStyle::setHorizontalBorderSpacing):
(WebCore::RenderStyle::setVerticalBorderSpacing):
* rendering/style/RenderStyle.h:
* rendering/style/StyleInheritedData.h:

LayoutTests:

* fast/table/hidpi-vertical-and-horizontal-spacing-expected.html: Added.
* fast/table/hidpi-vertical-and-horizontal-spacing.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197450 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoHave parseHTMLInteger() / parseHTMLNonNegativeInteger() use WTF::Optional
cdumez@apple.com [Wed, 2 Mar 2016 17:12:37 +0000 (17:12 +0000)]
Have parseHTMLInteger() / parseHTMLNonNegativeInteger() use WTF::Optional
https://bugs.webkit.org/show_bug.cgi?id=154845

Reviewed by Darin Adler.

Take into consideration review comments made after landing r197389.

* html/HTMLElement.cpp:
(WebCore::HTMLElement::parseBorderWidthAttribute):
(WebCore::HTMLElement::parseAttribute):
* html/HTMLInputElement.cpp:
* html/HTMLInputElement.h:
* html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::maxLength):
* html/ImageInputType.cpp:
(WebCore::ImageInputType::height):
(WebCore::ImageInputType::width):
* html/parser/HTMLParserIdioms.cpp:
(WebCore::parseHTMLNonNegativeInteger):
* html/parser/HTMLParserIdioms.h:
(WebCore::limitToOnlyHTMLNonNegativeNumbersGreaterThanZero):
(WebCore::limitToOnlyHTMLNonNegative):
* svg/SVGElement.cpp:
(WebCore::SVGElement::parseAttribute):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197449 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[AX][GTK] Position-related tests need new baseline after r196439
jdiggs@igalia.com [Wed, 2 Mar 2016 17:08:08 +0000 (17:08 +0000)]
[AX][GTK] Position-related tests need new baseline after r196439
https://bugs.webkit.org/show_bug.cgi?id=154917

The tests in question include the position accessed via the component
interface. The result changed by one pixel after r196439.

Unreviewed gardening.

* platform/gtk/accessibility/image-link-expected.txt: new baseline
* platform/gtk/accessibility/math-multiscript-attributes-expected.txt: new baseline
* platform/gtk/accessibility/table-attributes-expected.txt: new baseline
* platform/gtk/accessibility/table-cell-spans-expected.txt: new baseline
* platform/gtk/accessibility/table-cells-expected.txt: new baseline
* platform/gtk/accessibility/table-detection-expected.txt: new baseline
* platform/gtk/accessibility/table-sections-expected.txt: new baseline

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197448 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed build fix for media-stream after r197114.
alex@webkit.org [Wed, 2 Mar 2016 13:40:32 +0000 (13:40 +0000)]
Unreviewed build fix for media-stream after r197114.

* TestWebKitAPI/Tests/WebKit2/UserMedia.cpp:
(TestWebKitAPI::decidePolicyForUserMediaPermissionRequestCallBack):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197447 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Use a Move without REX byte when possible
commit-queue@webkit.org [Wed, 2 Mar 2016 10:22:27 +0000 (10:22 +0000)]
[JSC] Use a Move without REX byte when possible
https://bugs.webkit.org/show_bug.cgi?id=154801

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-02
Reviewed by Alex Christensen.

Filip wrote an optimization in the register allocator
to use 32bit "Move" when we don't care about the top bytes.

When I moved the commutative ops to the fake 3 operands instruction
I largely destroyed this since all the "Moves" became full register.

In this patch, I switch back to 32bit "Moves" for 32bit operations.

* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::and32):
(JSC::MacroAssemblerX86Common::lshift32):
(JSC::MacroAssemblerX86Common::mul32):
(JSC::MacroAssemblerX86Common::or32):
(JSC::MacroAssemblerX86Common::rshift32):
(JSC::MacroAssemblerX86Common::urshift32):
(JSC::MacroAssemblerX86Common::xor32):
(JSC::MacroAssemblerX86Common::branchAdd32):
(JSC::MacroAssemblerX86Common::branchMul32):
(JSC::MacroAssemblerX86Common::branchSub32):
(JSC::MacroAssemblerX86Common::move32IfNeeded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197446 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Simplify ArithMod(ArithMod(x, const1), const2) if const2 >= const1
benjamin@webkit.org [Wed, 2 Mar 2016 07:53:20 +0000 (07:53 +0000)]
[JSC] Simplify ArithMod(ArithMod(x, const1), const2) if const2 >= const1
https://bugs.webkit.org/show_bug.cgi?id=154904

Reviewed by Saam Barati.

The ASM test "ubench" has a "x % 10 % 255".
The second modulo should be eliminated.

This is a 15% improvement on ASMJS' ubench.

* dfg/DFGStrengthReductionPhase.cpp:
(JSC::DFG::StrengthReductionPhase::handleNode):
* tests/stress/arith-modulo-twice.js: Added.
(opaqueModuloSmaller):
(opaqueModuloEqual):
(opaqueModuloLarger):
(opaqueModuloSmallerNeg):
(opaqueModuloEqualNeg):
(opaqueModuloLargerNeg):
(opaqueExpectedOther):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197445 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed. Update the status of Proxy objects to "In Development".
rniwa@webkit.org [Wed, 2 Mar 2016 07:12:08 +0000 (07:12 +0000)]
Unreviewed. Update the status of Proxy objects to "In Development".

* features.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197444 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed. Remove the "Partial Support" status from web components since shadow...
rniwa@webkit.org [Wed, 2 Mar 2016 07:06:41 +0000 (07:06 +0000)]
Unreviewed. Remove the "Partial Support" status from web components since shadow DOM and custom elements
are in active development.

* features.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197443 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoDisable FTL JIT testing on 32-bit JSC tester bots
ossy@webkit.org [Wed, 2 Mar 2016 06:58:31 +0000 (06:58 +0000)]
Disable FTL JIT testing on 32-bit JSC tester bots
https://bugs.webkit.org/show_bug.cgi?id=154858

Reviewed by Saam Barati.

* BuildSlaveSupport/build.webkit.org-config/master.cfg:
(Run32bitJSCTests):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197442 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, rolling out r197226 and r197256.
commit-queue@webkit.org [Wed, 2 Mar 2016 06:56:36 +0000 (06:56 +0000)]
Unreviewed, rolling out r197226 and r197256.
https://bugs.webkit.org/show_bug.cgi?id=154910

Caused crashes on Mac 32-bit and on ARM (Requested by ap on
#webkit).

Reverted changesets:

"Remove the on demand executable allocator"
https://bugs.webkit.org/show_bug.cgi?id=154749
http://trac.webkit.org/changeset/197226

"CLoop build fix."
http://trac.webkit.org/changeset/197256

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197441 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed. Update the feature status for custom elements API.
rniwa@webkit.org [Wed, 2 Mar 2016 06:53:50 +0000 (06:53 +0000)]
Unreviewed. Update the feature status for custom elements API.

* features.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197440 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoContents inside a shadow host with a negative tabindex should not be tab focusable
rniwa@webkit.org [Wed, 2 Mar 2016 05:31:28 +0000 (05:31 +0000)]
Contents inside a shadow host with a negative tabindex should not be tab focusable
https://bugs.webkit.org/show_bug.cgi?id=154769

Reviewed by Antti Koivisto.

Source/WebCore:

Contents inside a shadow host with a negative tabindex content attribute should not be included in
the sequential focus navigation order as discussed on https://github.com/w3c/webcomponents/issues/399.

Test: fast/shadow-dom/negative-tabindex-on-shadow-host.html

* dom/Element.cpp:
(WebCore::Element::tabIndexSetExplicitly): Added.
* dom/Element.h:
* page/FocusController.cpp:
(WebCore::shadowAdjustedTabIndex): Renamed from adjustedTabIndex. Return 0 when tabindex content attribute
is not explicitly set since element.tabIndex() would return -1 for HTML elements in such case.
(WebCore::isFocusableOrHasShadowTreeWithoutCustomFocusLogic): Renamed from shouldVisit.
(WebCore::FocusController::findElementWithExactTabIndex):
(WebCore::nextElementWithGreaterTabIndex):
(WebCore::previousElementWithLowerTabIndex):
(WebCore::FocusController::nextFocusableElement):
(WebCore::FocusController::previousFocusableElement):

LayoutTests:

Added a test for navigating across shadow boundaries.

* fast/shadow-dom/negative-tabindex-on-shadow-host-expected.txt: Added.
* fast/shadow-dom/negative-tabindex-on-shadow-host.html: Added.
* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197439 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSimplify some StringBuilder appends
commit-queue@webkit.org [Wed, 2 Mar 2016 04:30:45 +0000 (04:30 +0000)]
Simplify some StringBuilder appends
https://bugs.webkit.org/show_bug.cgi?id=154902

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-03-01
Reviewed by Mark Lam.

* runtime/ExceptionHelpers.cpp:
(JSC::notAFunctionSourceAppender):
* runtime/SamplingProfiler.cpp:
(JSC::SamplingProfiler::stackTracesAsJSON):
Use StringBuilder::append(char) instead of append(char*) where possible.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197438 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION (r197426): Missed adding unicode parameter to call to Yarr::parse() in...
msaboff@apple.com [Wed, 2 Mar 2016 03:22:29 +0000 (03:22 +0000)]
REGRESSION (r197426): Missed adding unicode parameter to call to Yarr::parse() in URLFilterParser::addPattern()
https://bugs.webkit.org/show_bug.cgi?id=154898

Reviewed by Saam Barati.

This is a fix for the API tests after r197426.

Added missing bool unicode parameter of "false".

* contentextensions/URLFilterParser.cpp:
(WebCore::ContentExtensions::URLFilterParser::addPattern):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197437 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed build fix after r197434.
mmaxfield@apple.com [Wed, 2 Mar 2016 02:53:42 +0000 (02:53 +0000)]
Unreviewed build fix after r197434.

Unreviewed

* css/SourceSizeList.cpp:
(WebCore::parseSizesAttribute):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197436 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSmall-caps non-BMP characters are garbled in the complex text codepath
mmaxfield@apple.com [Wed, 2 Mar 2016 02:50:25 +0000 (02:50 +0000)]
Small-caps non-BMP characters are garbled in the complex text codepath
https://bugs.webkit.org/show_bug.cgi?id=154875

Reviewed by Michael Saboff.

Source/WebCore:

We were assuming that all characters able to be capitalized are in BMP. This is not true.

Test: fast/text/complex-small-caps-non-bmp-capitalize.html

* platform/graphics/mac/ComplexTextController.cpp:
(WebCore::capitalized):
(WebCore::ComplexTextController::collectComplexTextRuns):

LayoutTests:

* fast/text/complex-small-caps-non-bmp-capitalize-expected.html: Added.
* fast/text/complex-small-caps-non-bmp-capitalize.html: Added.
* fast/text/regress-154875-expected.txt: Deleted
* fast/text/regress-154875.html: Deleted

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197435 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoExtend CSSFontSelector's lifetime to be longer than the Document's lifetime
mmaxfield@apple.com [Wed, 2 Mar 2016 02:34:50 +0000 (02:34 +0000)]
Extend CSSFontSelector's lifetime to be longer than the Document's lifetime
https://bugs.webkit.org/show_bug.cgi?id=154101

Reviewed by Darin Adler.

Rather than destroying the Document's CSSFontSelector, instead, the object should
live for the lifetime of the document, and it should instead be asked to clear its
contents.

This is important for the CSS Font Loading API, where the identity of objects the
CSSFontSelector references needs to persist throughout the lifetime of the
Document. This patch represents the first step to implementing this correctly.
The second step is for the CSSFontSelector to perform a diff instead of a
wholesale clear of its contents. Once this is done, font loading objects can
survive through a call to Document::clearStyleResolver().

This patch gives the CSSFontSelector two states: building underway and building not
underway. The state is building underway in between calls to clearStyleResolver()
and when the style resolver gets built back up. Otherwise, the state is building
not underway. Because of this new design, creation of all FontFace objects can be
postponed until a state transition from building underway to building not underway.
A subsequent patch will perform the diff at this point. An ASSERT() makes sure that
we never service a font lookup request while Building.

No new tests because there is no behavior change.

* css/CSSFontFaceSet.cpp:
(WebCore::CSSFontFaceSet::clear):
* css/CSSFontSelector.cpp:
(WebCore::CSSFontSelector::buildStarted):
(WebCore::CSSFontSelector::buildCompleted):
(WebCore::CSSFontSelector::addFontFaceRule):
(WebCore::CSSFontSelector::fontRangesForFamily):
(WebCore::CSSFontSelector::CSSFontSelector): Deleted.
(WebCore::CSSFontSelector::clearDocument): Deleted.
* css/CSSFontSelector.h:
* css/StyleResolver.cpp:
(WebCore::StyleResolver::appendAuthorStyleSheets):
* dom/Document.cpp:
(WebCore::Document::Document):
(WebCore::Document::~Document):
(WebCore::Document::clearStyleResolver):
(WebCore::Document::fontSelector): Deleted.
* dom/Document.h:
(WebCore::Document::fontSelector):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197434 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUpdate Xcode project for InstallAPI
ap@apple.com [Wed, 2 Mar 2016 02:28:12 +0000 (02:28 +0000)]
Update Xcode project for InstallAPI
https://bugs.webkit.org/show_bug.cgi?id=154896
rdar://problem/24825992

Patch by Daniel Dunbar, reviewed by me.

* Configurations/WebCore.xcconfig:
* WebCore.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197433 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoOne more attempt to fix the build.
adachan@apple.com [Wed, 2 Mar 2016 02:16:12 +0000 (02:16 +0000)]
One more attempt to fix the build.

* platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
(WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197432 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAttempt to fix the internal build.
adachan@apple.com [Wed, 2 Mar 2016 02:07:20 +0000 (02:07 +0000)]
Attempt to fix the internal build.

* platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
(WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197431 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix iOS EWS.
commit-queue@webkit.org [Wed, 2 Mar 2016 01:43:03 +0000 (01:43 +0000)]
Fix iOS EWS.
https://bugs.webkit.org/show_bug.cgi?id=154880

Patch by Dean Johnson <dean_johnson@apple.com> on 2016-03-01
Reviewed by Alexey Proskuryakov.

* Scripts/copy-webkitlibraries-to-product-directory:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197430 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdopt the new version of AVOutputDeviceMenuController's showMenuForRect method.
adachan@apple.com [Wed, 2 Mar 2016 01:15:09 +0000 (01:15 +0000)]
Adopt the new version of AVOutputDeviceMenuController's showMenuForRect method.
https://bugs.webkit.org/show_bug.cgi?id=154823

Reviewed by Tim Horton.

Source/WebCore:

* Modules/mediasession/WebMediaSessionManager.cpp:
(WebCore::WebMediaSessionManager::showPlaybackTargetPicker):
(WebCore::WebMediaSessionManager::customPlaybackActionSelected):
Call customPlaybackActionSelected() on the client that requested the picker.
* Modules/mediasession/WebMediaSessionManager.h:
* Modules/mediasession/WebMediaSessionManagerClient.h:
* dom/Document.cpp:
(WebCore::Document::showPlaybackTargetPicker):
(WebCore::Document::customPlaybackActionSelected):
* dom/Document.h:
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::customPlaybackActionSelected):
(WebCore::HTMLMediaElement::playbackTargetPickerCustomActionName):
* html/HTMLMediaElement.h:
* html/MediaElementSession.cpp:
(WebCore::MediaElementSession::showPlaybackTargetPicker):
(WebCore::MediaElementSession::customPlaybackActionSelected):
* html/MediaElementSession.h:
* page/ChromeClient.h:
* page/Page.cpp:
(WebCore::Page::showPlaybackTargetPicker):
(WebCore::Page::customPlaybackActionSelected):
* page/Page.h:
* platform/audio/PlatformMediaSession.h:
(WebCore::PlatformMediaSessionClient::customPlaybackActionSelected):
* platform/graphics/MediaPlaybackTargetClient.h:
* platform/graphics/MediaPlaybackTargetPicker.cpp:
(WebCore::MediaPlaybackTargetPicker::pendingActionTimerFired):
(WebCore::MediaPlaybackTargetPicker::showPlaybackTargetPicker):
* platform/graphics/MediaPlaybackTargetPicker.h:
(WebCore::MediaPlaybackTargetPicker::Client::customPlaybackActionSelected):
(WebCore::MediaPlaybackTargetPicker::customPlaybackActionSelected):
* platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:
* platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
Update the forward declaration of AVOutputDeviceMenuController's showMenuForRect method.
(WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker):
Call the new version of showMenuForRect if available.
* platform/mac/WebVideoFullscreenInterfaceMac.h:
* platform/mac/WebVideoFullscreenInterfaceMac.mm:
(WebCore::WebVideoFullscreenInterfaceMac::setExternalPlayback):
* platform/mock/MediaPlaybackTargetPickerMock.cpp:
(WebCore::MediaPlaybackTargetPickerMock::showPlaybackTargetPicker):
* platform/mock/MediaPlaybackTargetPickerMock.h:
* platform/spi/cocoa/AVKitSPI.h:
Updated with the new version of showMenuForRect.

Source/WebKit/mac:

* WebCoreSupport/WebChromeClient.h:
* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::showPlaybackTargetPicker):
* WebView/WebMediaPlaybackTargetPicker.h:
* WebView/WebMediaPlaybackTargetPicker.mm:
(WebMediaPlaybackTargetPicker::showPlaybackTargetPicker):
(WebMediaPlaybackTargetPicker::customPlaybackActionSelected):
* WebView/WebView.mm:
(-[WebView _showPlaybackTargetPicker:location:hasVideo:]):

Source/WebKit2:

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::showPlaybackTargetPicker):
(WebKit::WebPageProxy::customPlaybackActionSelected):
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::showPlaybackTargetPicker):
* WebProcess/WebCoreSupport/WebChromeClient.h:
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::customPlaybackActionSelected):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197429 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoPromise.prototype.then should use Symbol.species to construct the return Promise
keith_miller@apple.com [Wed, 2 Mar 2016 01:08:53 +0000 (01:08 +0000)]
Promise.prototype.then should use Symbol.species to construct the return Promise
https://bugs.webkit.org/show_bug.cgi?id=154862

Reviewed by Saam Barati.

* builtins/PromisePrototype.js:
* tests/stress/promise-species-functions.js: Added.
(Symbol.species):
(id):
(funcThrows):
(makeC):
(test.species):
(test.speciesThrows):
(test):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197428 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[WK2] Stub support for WebsiteDataTypeResourceLoadStatistics
bfulgham@apple.com [Wed, 2 Mar 2016 01:02:13 +0000 (01:02 +0000)]
[WK2] Stub support for WebsiteDataTypeResourceLoadStatistics
https://bugs.webkit.org/show_bug.cgi?id=154689
<rdar://problem/24702576>

Reviewed by Sam Weinig.

* Shared/WebsiteData/WebsiteDataType.h: Add new WebsiteDataTypeResourceLoadStatistics.
* UIProcess/API/Cocoa/WKWebsiteDataRecord.mm:
(dataTypesToString): Handle new type.
* UIProcess/API/Cocoa/WKWebsiteDataRecordInternal.h:
(WebKit::toWebsiteDataTypes): Ditto.
(WebKit::toWKWebsiteDataTypes): Ditto.
* UIProcess/API/Cocoa/WKWebsiteDataRecordPrivate.h: Add new _WebsiteDataTypeResourceLoadStatistics.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197427 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ES6] Add support for Unicode regular expressions
msaboff@apple.com [Wed, 2 Mar 2016 00:39:01 +0000 (00:39 +0000)]
[ES6] Add support for Unicode regular expressions
https://bugs.webkit.org/show_bug.cgi?id=154842

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

Added processing of Unicode regular expressions to the Yarr interpreter.

Changed parsing of regular expression patterns and PatternTerms to process characters as
UChar32 in the Yarr code.  The parser converts matched surrogate pairs into the appropriate
Unicode character when the expression is parsed.  When matching a unicode expression and
reading source characters, we convert proper surrogate pair into a Unicode character and
advance the source cursor, "pos", one more position.  The exception to this is when we
know when generating a fixed character atom that we need to match a unicode character
that doesn't fit in 16 bits.  The code calls this an extendedUnicodeCharacter and has a
helper to determine this.

Added 'u' flag and 'unicode' identifier to regular expression classes.  Added an "isUnicode"
parameter to YarrPattern pattern() and internal users of that function.

Updated the generation of the canonicalization tables to include a new set a tables that
follow the ES 6.0, 21.2.2.8.2 Step 2.  Renamed the YarrCanonicalizeUCS2.* files to
YarrCanonicalizeUnicode.*.

Added a new Layout/js test that tests the added functionality.  Updated other tests that
have minor es6 unicode checks and look for valid flags.

Ran the ChakraCore Unicode regular expression tests as well.

* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* JavaScriptCore.xcodeproj/project.pbxproj:

* inspector/ContentSearchUtilities.cpp:
(Inspector::ContentSearchUtilities::findMagicComment):
* yarr/RegularExpression.cpp:
(JSC::Yarr::RegularExpression::Private::compile):
Updated use of pattern().

* runtime/CommonIdentifiers.h:
* runtime/RegExp.cpp:
(JSC::regExpFlags):
(JSC::RegExpFunctionalTestCollector::outputOneTest):
(JSC::RegExp::finishCreation):
(JSC::RegExp::compile):
(JSC::RegExp::compileMatchOnly):
* runtime/RegExp.h:
* runtime/RegExpKey.h:
* runtime/RegExpPrototype.cpp:
(JSC::regExpProtoFuncCompile):
(JSC::flagsString):
(JSC::regExpProtoGetterMultiline):
(JSC::regExpProtoGetterUnicode):
(JSC::regExpProtoGetterFlags):
Updated for new 'y' (unicode) flag.  Add check to use the interpreter for unicode regular expressions.

* tests/es6.yaml:
* tests/stress/static-getter-in-names.js:
Updated tests for new flag and for passing the minimal es6 regular expression processing.

* yarr/Yarr.h: Updated the size of information now kept for backtracking.

* yarr/YarrCanonicalizeUCS2.cpp: Removed.
* yarr/YarrCanonicalizeUCS2.h: Removed.
* yarr/YarrCanonicalizeUCS2.js: Removed.
* yarr/YarrCanonicalizeUnicode.cpp: Copied from Source/JavaScriptCore/yarr/YarrCanonicalizeUCS2.cpp.
* yarr/YarrCanonicalizeUnicode.h: Copied from Source/JavaScriptCore/yarr/YarrCanonicalizeUCS2.h.
(JSC::Yarr::canonicalCharacterSetInfo):
(JSC::Yarr::canonicalRangeInfoFor):
(JSC::Yarr::getCanonicalPair):
(JSC::Yarr::isCanonicallyUnique):
(JSC::Yarr::areCanonicallyEquivalent):
(JSC::Yarr::rangeInfoFor): Deleted.
* yarr/YarrCanonicalizeUnicode.js: Copied from Source/JavaScriptCore/yarr/YarrCanonicalizeUCS2.js.
(printHeader):
(printFooter):
(hex):
(canonicalize):
(canonicalizeUnicode):
(createUCS2CanonicalGroups):
(createUnicodeCanonicalGroups):
(cu.in.groupedCanonically.characters.sort): Deleted.
(cu.in.groupedCanonically.else): Deleted.
Refactored to output two sets of tables, one for UCS2 and one for Unicode.  The UCS2 tables follow
the legacy canonicalization rules now specified in ES 6.0, 21.2.2.8.2 Step 3.  The new Unicode
tables follow the rules specified in ES 6.0, 21.2.2.8.2 Step 2.  Eliminated the unused Latin1 tables.

* yarr/YarrInterpreter.cpp:
(JSC::Yarr::Interpreter::InputStream::InputStream):
(JSC::Yarr::Interpreter::InputStream::readChecked):
(JSC::Yarr::Interpreter::InputStream::readSurrogatePairChecked):
(JSC::Yarr::Interpreter::InputStream::reread):
(JSC::Yarr::Interpreter::InputStream::prev):
(JSC::Yarr::Interpreter::testCharacterClass):
(JSC::Yarr::Interpreter::checkCharacter):
(JSC::Yarr::Interpreter::checkSurrogatePair):
(JSC::Yarr::Interpreter::checkCasedCharacter):
(JSC::Yarr::Interpreter::tryConsumeBackReference):
(JSC::Yarr::Interpreter::backtrackPatternCharacter):
(JSC::Yarr::Interpreter::matchCharacterClass):
(JSC::Yarr::Interpreter::backtrackCharacterClass):
(JSC::Yarr::Interpreter::matchParenthesesTerminalEnd):
(JSC::Yarr::Interpreter::matchDisjunction):
(JSC::Yarr::Interpreter::Interpreter):
(JSC::Yarr::ByteCompiler::assertionWordBoundary):
(JSC::Yarr::ByteCompiler::atomPatternCharacter):
* yarr/YarrInterpreter.h:
(JSC::Yarr::ByteTerm::ByteTerm):
(JSC::Yarr::BytecodePattern::BytecodePattern):
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::optimizeAlternative):
(JSC::Yarr::YarrGenerator::matchCharacterClassRange):
(JSC::Yarr::YarrGenerator::matchCharacterClass):
(JSC::Yarr::YarrGenerator::notAtEndOfInput):
(JSC::Yarr::YarrGenerator::jumpIfCharNotEquals):
(JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
(JSC::Yarr::YarrGenerator::generatePatternCharacterFixed):
(JSC::Yarr::YarrGenerator::generatePatternCharacterGreedy):
(JSC::Yarr::YarrGenerator::backtrackPatternCharacterNonGreedy):
* yarr/YarrParser.h:
(JSC::Yarr::Parser::CharacterClassParserDelegate::atomPatternCharacter):
(JSC::Yarr::Parser::Parser):
(JSC::Yarr::Parser::parseEscape):
(JSC::Yarr::Parser::consumePossibleSurrogatePair):
(JSC::Yarr::Parser::parseCharacterClass):
(JSC::Yarr::Parser::parseTokens):
(JSC::Yarr::Parser::parse):
(JSC::Yarr::Parser::atEndOfPattern):
(JSC::Yarr::Parser::patternRemaining):
(JSC::Yarr::Parser::peek):
(JSC::Yarr::parse):
* yarr/YarrPattern.cpp:
(JSC::Yarr::CharacterClassConstructor::CharacterClassConstructor):
(JSC::Yarr::CharacterClassConstructor::append):
(JSC::Yarr::CharacterClassConstructor::putChar):
(JSC::Yarr::CharacterClassConstructor::putUnicodeIgnoreCase):
(JSC::Yarr::CharacterClassConstructor::putRange):
(JSC::Yarr::CharacterClassConstructor::charClass):
(JSC::Yarr::CharacterClassConstructor::addSorted):
(JSC::Yarr::CharacterClassConstructor::addSortedRange):
(JSC::Yarr::YarrPatternConstructor::YarrPatternConstructor):
(JSC::Yarr::YarrPatternConstructor::assertionWordBoundary):
(JSC::Yarr::YarrPatternConstructor::atomPatternCharacter):
(JSC::Yarr::YarrPatternConstructor::atomCharacterClassBegin):
(JSC::Yarr::YarrPatternConstructor::atomCharacterClassAtom):
(JSC::Yarr::YarrPatternConstructor::atomCharacterClassRange):
(JSC::Yarr::YarrPatternConstructor::setupAlternativeOffsets):
(JSC::Yarr::YarrPattern::compile):
(JSC::Yarr::YarrPattern::YarrPattern):
* yarr/YarrPattern.h:
(JSC::Yarr::CharacterRange::CharacterRange):
(JSC::Yarr::CharacterClass::CharacterClass):
(JSC::Yarr::PatternTerm::PatternTerm):
(JSC::Yarr::YarrPattern::reset):
* yarr/YarrSyntaxChecker.cpp:
(JSC::Yarr::SyntaxChecker::assertionBOL):
(JSC::Yarr::SyntaxChecker::assertionEOL):
(JSC::Yarr::SyntaxChecker::assertionWordBoundary):
(JSC::Yarr::SyntaxChecker::atomPatternCharacter):
(JSC::Yarr::SyntaxChecker::atomBuiltInCharacterClass):
(JSC::Yarr::SyntaxChecker::atomCharacterClassBegin):
(JSC::Yarr::SyntaxChecker::atomCharacterClassAtom):
(JSC::Yarr::checkSyntax):

LayoutTests:

Added a new test for the added unicode regular expression processing.

Updated several tests for the y flag changes and "unicode" property.

* js/regexp-unicode-expected.txt: Added.
* js/regexp-unicode.html: Added.
* js/script-tests/regexp-unicode.js: Added.
New test.

* js/Object-getOwnPropertyNames-expected.txt:
* js/regexp-flags-expected.txt:
* js/script-tests/Object-getOwnPropertyNames.js:
* js/script-tests/regexp-flags.js:
(RegExp.prototype.hasOwnProperty):
Updated tests.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197426 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMarking fast/text/crash-complex-text-surrogate.html as flaky on mac
ryanhaddad@apple.com [Wed, 2 Mar 2016 00:31:47 +0000 (00:31 +0000)]
Marking fast/text/crash-complex-text-surrogate.html as flaky on mac
https://bugs.webkit.org/show_bug.cgi?id=154709

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197425 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agocom.apple.WebKit.Networking.Development crashes in WebCore::formOpen()
dbates@webkit.org [Wed, 2 Mar 2016 00:01:31 +0000 (00:01 +0000)]
com.apple.WebKit.Networking.Development crashes in WebCore::formOpen()
https://bugs.webkit.org/show_bug.cgi?id=154682
<rdar://problem/23550269>

Reviewed by Brent Fulgham.

Speculative fix for a race condition when opening the stream for the next form data element.
Calling CFReadStreamOpen(s) in WebCore::openNextStream() can cause stream s to be closed and
deallocated before CFReadStreamOpen(s) returns.

When WebCore::openNextStream() is called it closes and deallocates the current stream and
then opens a new stream for the next form data element. Calling CFReadStreamOpen() in
WebCore::openNextStream() can lead to WebCore::openNextStream() being re-entered via
WebCore::formEventCallback() from another thread. One example when this can occur is when
the stream being opened has no data (i.e. WebCore::formEventCallback() is called
back with event type kCFStreamEventEndEncountered).

I have been unable to reproduce this crash. We know that it occurs from crash reports.

* platform/network/cf/FormDataStreamCFNet.cpp:
(WebCore::closeCurrentStream): Assert that we had acquired a lock to close the stream.
(WebCore::advanceCurrentStream): Assert that we had acquired a lock to advance the stream.
(WebCore::openNextStream): Acquire a lock before we open the next stream to ensure that
exactly one thread executes this critical section at a time.
(WebCore::formFinalize): Acquire a lock before we close the current stream.
(WebCore::formClose): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197424 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoASSERT in platform/graphics/mac/ComplexTextController.cpp::capitalize()
msaboff@apple.com [Wed, 2 Mar 2016 00:00:02 +0000 (00:00 +0000)]
ASSERT in platform/graphics/mac/ComplexTextController.cpp::capitalize()
https://bugs.webkit.org/show_bug.cgi?id=154875

Reviewed by Myles C. Maxfield.

Source/WebCore:

Change an ASSERT to verify that uper casing a character doesn't change its size.

Test: fast/text/regress-154875.html

* platform/graphics/mac/ComplexTextController.cpp:
(WebCore::capitalized):

LayoutTests:

New test.

* fast/text/regress-154875-expected.txt: Added.
* fast/text/regress-154875.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197423 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemove FIXMEs and add valid test cases after necessary patch has landed.
sbarati@apple.com [Tue, 1 Mar 2016 23:58:11 +0000 (23:58 +0000)]
Remove FIXMEs and add valid test cases after necessary patch has landed.

Rubber stamped by Mark Lam.

* tests/stress/proxy-prevent-extensions.js:
(assert.Object.isSealed):
(assert):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197422 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ES6] Implement Proxy.[[IsExtensible]]
sbarati@apple.com [Tue, 1 Mar 2016 23:51:53 +0000 (23:51 +0000)]
[ES6] Implement Proxy.[[IsExtensible]]
https://bugs.webkit.org/show_bug.cgi?id=154872

Reviewed by Oliver Hunt.

This patch is a direct implementation of Proxy.[[IsExtensible]] with respect to section 9.5.3
of the ECMAScript 6 spec.
https://tc39.github.io/ecma262/#sec-proxy-object-internal-methods-and-internal-slots-isextensible

* runtime/ProxyObject.cpp:
(JSC::ProxyObject::preventExtensions):
(JSC::ProxyObject::performIsExtensible):
(JSC::ProxyObject::isExtensible):
(JSC::ProxyObject::visitChildren):
* runtime/ProxyObject.h:
* tests/es6.yaml:
* tests/stress/proxy-is-extensible.js: Added.
(assert):
(throw.new.Error.let.handler.get isExtensible):
(throw.new.Error):
(assert.let.handler.isExtensible):
(assert.):
(let.handler.isExtensible):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197420 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ES6] Implement Proxy.[[PreventExtensions]]
sbarati@apple.com [Tue, 1 Mar 2016 23:42:33 +0000 (23:42 +0000)]
[ES6] Implement Proxy.[[PreventExtensions]]
https://bugs.webkit.org/show_bug.cgi?id=154873

Reviewed by Oliver Hunt.

This patch is a direct implementation of Proxy.[[PreventExtensions]] with respect to section 9.5.4
of the ECMAScript 6 spec.
https://tc39.github.io/ecma262/#sec-proxy-object-internal-methods-and-internal-slots-preventextensions

* runtime/ProxyObject.cpp:
(JSC::ProxyObject::deletePropertyByIndex):
(JSC::ProxyObject::performPreventExtensions):
(JSC::ProxyObject::preventExtensions):
(JSC::ProxyObject::visitChildren):
* runtime/ProxyObject.h:
* tests/es6.yaml:
* tests/stress/proxy-prevent-extensions.js: Added.
(assert):
(throw.new.Error.let.handler.get preventExtensions):
(throw.new.Error):
(assert.let.handler.preventExtensions):
(assert.):
(let.handler.preventExtensions):
(assert.Object.isSealed.let.handler.preventExtensions):
(assert.Object.isSealed):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197418 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFTL should simplify StringReplace with an empty replacement string
fpizlo@apple.com [Tue, 1 Mar 2016 23:40:46 +0000 (23:40 +0000)]
FTL should simplify StringReplace with an empty replacement string
https://bugs.webkit.org/show_bug.cgi?id=154871

Reviewed by Michael Saboff.

Really add this new test.

* js/regress/script-tests/string-replace-empty.js: Added.
* js/regress/string-replace-empty-expected.txt: Added.
* js/regress/string-replace-empty.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197417 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFTL should simplify StringReplace with an empty replacement string
fpizlo@apple.com [Tue, 1 Mar 2016 23:35:05 +0000 (23:35 +0000)]
FTL should simplify StringReplace with an empty replacement string
https://bugs.webkit.org/show_bug.cgi?id=154871

Reviewed by Michael Saboff.

This is a simple and hugely profitable change. If we do a string.replace(/things/, ""), then
this calls directly into StringPrototype's replace-with-empty-string logic instead of going
through stuff that does checks before reaching that same conclusion.

This speeds up Octane/regexp by about 6-10%. It also speeds up the attached microbenchmark by
about 7%.

* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileStringReplace):
* runtime/StringPrototype.cpp:
(JSC::jsSpliceSubstringsWithSeparators):
(JSC::removeUsingRegExpSearch):
(JSC::replaceUsingRegExpSearch):
(JSC::operationStringProtoFuncReplaceRegExpEmptyStr):
(JSC::operationStringProtoFuncReplaceRegExpString):
* runtime/StringPrototype.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197416 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoTimer alignment in separate web processes should not all sync up to the same point.
barraclough@apple.com [Tue, 1 Mar 2016 23:33:36 +0000 (23:33 +0000)]
Timer alignment in separate web processes should not all sync up to the same point.
https://bugs.webkit.org/show_bug.cgi?id=154878

Reviewed by Chris Dumez.

For any given WebContent process it is desirable that timers are synchronized to a single
alignment point, but if all WebContent processes align to the same point then there may
be a thundering herd of processes waking up.

* page/DOMTimer.cpp:
(WebCore::DOMTimer::alignedFireTime):
    - align to a randomized point.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197415 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoReduce size of internal windows build output
commit-queue@webkit.org [Tue, 1 Mar 2016 22:29:39 +0000 (22:29 +0000)]
Reduce size of internal windows build output
https://bugs.webkit.org/show_bug.cgi?id=154763

Patch by Alex Christensen <achristensen@webkit.org> on 2016-03-01
Reviewed by Brent Fulgham.

.:

* Source/cmake/OptionsWin.cmake:

Source/JavaScriptCore:

* JavaScriptCore.vcxproj/JavaScriptCore.proj:

Source/WebCore:

* WebCore.vcxproj/WebCore.proj:

Source/WebKit:

* WebKit.vcxproj/WebKit.proj:

Source/WTF:

* WTF.vcxproj/WTF.proj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197414 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCorrectly keep track of NetworkDataTasks with and without credentials when using...
achristensen@apple.com [Tue, 1 Mar 2016 22:13:00 +0000 (22:13 +0000)]
Correctly keep track of NetworkDataTasks with and without credentials when using NetworkSession
https://bugs.webkit.org/show_bug.cgi?id=154876

Reviewed by Brady Eidson.

I was seeing an assertion failure from ASSERT(!m_session.m_dataTaskMap.contains(taskIdentifier()))
in the NetworkDataTask constructor sometimes.  This is because a task identifier is not enough information
to uniquely find a NetworkDataTask in a NetworkSession since r196034 because there are two NSURLSessions
in a NetworkSession, one with credentials and one without.  The assertion would fire in a case like if we
made the first NetworkDataTask with credentials (taskIdentifier is 1) and the first NetworkDataTask
without credentials before the first NetworkDataTask with credentials was finished.  In that case, the
taskIdentifier would also be 1, which would conflict with the other taskIdentifier.  That taskIdentifier
would uniquely identify the task in the correct NSURLSession, though, so the solution is to keep a map
for each NSURLSession in the NetworkSession.

* NetworkProcess/NetworkDataTask.h:
* NetworkProcess/NetworkSession.h:
* NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
(WebKit::NetworkDataTask::NetworkDataTask):
(WebKit::NetworkDataTask::~NetworkDataTask):
(WebKit::NetworkDataTask::suspend):
(WebKit::serverTrustCredential):
* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(-[WKNetworkSessionDelegate URLSession:task:didSendBodyData:totalBytesSent:totalBytesExpectedToSend:]):
(-[WKNetworkSessionDelegate URLSession:task:willPerformHTTPRedirection:newRequest:completionHandler:]):
(-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
(-[WKNetworkSessionDelegate URLSession:task:didCompleteWithError:]):
(-[WKNetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]):
(-[WKNetworkSessionDelegate URLSession:dataTask:didReceiveData:]):
(-[WKNetworkSessionDelegate URLSession:downloadTask:didWriteData:totalBytesWritten:totalBytesExpectedToWrite:]):
(-[WKNetworkSessionDelegate URLSession:dataTask:didBecomeDownloadTask:]):
(WebKit::NetworkSession::clearCredentials):
(WebKit::NetworkSession::dataTaskForIdentifier):
(WebKit::NetworkSession::addDownloadID):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197413 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[[IsExtensible]] should be a virtual method in the method table
sbarati@apple.com [Tue, 1 Mar 2016 21:45:16 +0000 (21:45 +0000)]
[[IsExtensible]] should be a virtual method in the method table
https://bugs.webkit.org/show_bug.cgi?id=154799

Reviewed by Mark Lam.

This patch makes us more consistent with how the ES6 specification models the
[[IsExtensible]] trap. Moving this method into ClassInfo::methodTable
is a prerequisite for implementing Proxy.[[IsExtensible]].

* runtime/ClassInfo.h:
* runtime/JSCell.cpp:
(JSC::JSCell::preventExtensions):
(JSC::JSCell::isExtensible):
* runtime/JSCell.h:
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncProtoSetter):
* runtime/JSObject.cpp:
(JSC::JSObject::preventExtensions):
(JSC::JSObject::isExtensible):
(JSC::JSObject::reifyAllStaticProperties):
(JSC::JSObject::defineOwnIndexedProperty):
(JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
(JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
(JSC::JSObject::defineOwnNonIndexProperty):
(JSC::JSObject::defineOwnProperty):
* runtime/JSObject.h:
(JSC::JSObject::isSealed):
(JSC::JSObject::isFrozen):
(JSC::JSObject::isExtensibleImpl):
(JSC::JSObject::isStructureExtensible):
(JSC::JSObject::isExtensibleInline):
(JSC::JSObject::indexingShouldBeSparse):
(JSC::JSObject::putDirectInternal):
(JSC::JSObject::isExtensible): Deleted.
* runtime/ObjectConstructor.cpp:
(JSC::objectConstructorSetPrototypeOf):
(JSC::objectConstructorIsSealed):
(JSC::objectConstructorIsFrozen):
(JSC::objectConstructorIsExtensible):
(JSC::objectConstructorIs):
* runtime/ProxyObject.cpp:
(JSC::ProxyObject::performInternalMethodGetOwnProperty):
(JSC::ProxyObject::performHasProperty):
* runtime/ReflectObject.cpp:
(JSC::reflectObjectIsExtensible):
(JSC::reflectObjectSetPrototypeOf):
* runtime/SparseArrayValueMap.cpp:
(JSC::SparseArrayValueMap::putEntry):
(JSC::SparseArrayValueMap::putDirect):
* runtime/StringObject.cpp:
(JSC::StringObject::defineOwnProperty):
* runtime/Structure.cpp:
(JSC::Structure::isSealed):
(JSC::Structure::isFrozen):
* runtime/Structure.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197412 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, fix CLOOP build.
fpizlo@apple.com [Tue, 1 Mar 2016 21:40:38 +0000 (21:40 +0000)]
Unreviewed, fix CLOOP build.

* jit/JITOperations.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197411 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ES6] Arrow function. Some not used byte code is emited
gskachkov@gmail.com [Tue, 1 Mar 2016 21:28:45 +0000 (21:28 +0000)]
[ES6] Arrow function. Some not used byte code is emited
https://bugs.webkit.org/show_bug.cgi?id=154639

Reviewed by Saam Barati.

Currently bytecode that is generated for arrow function is not optimal.
Current fix removed following unnecessary bytecode:
1.create_lexical_environment not emited always for arrow function, only if some of
features(this/super/arguments/eval) is used inside of the arrow function.
2.load 'this' from arrow function scope in constructor is done only if super
contains in arrow function

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::isSuperCallUsedInInnerArrowFunction):
* bytecompiler/BytecodeGenerator.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::ThisNode::emitBytecode):
(JSC::FunctionNode::emitBytecode):
* parser/Nodes.h:
(JSC::ScopeNode::doAnyInnerArrowFunctionsUseAnyFeature):
* tests/stress/arrowfunction-lexical-bind-supercall-4.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197410 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION (r154616): Accelerated drawing is off during the initial load
akling@apple.com [Tue, 1 Mar 2016 21:20:46 +0000 (21:20 +0000)]
REGRESSION (r154616): Accelerated drawing is off during the initial load
<https://webkit.org/b/123812>

Reviewed by Tim Horton.

Source/WebCore:

Robustify the hey-the-Settings-changed callbacks in Page to handle document-less frames.
This is needed because now Settings are changed even before the main Frame has a Document.

* page/Page.cpp:
(WebCore::networkStateChanged):
(WebCore::Page::updateStyleForAllPagesAfterGlobalChangeInEnvironment):
(WebCore::Page::takeAnyMediaCanStartListener):
(WebCore::Page::setMediaVolume):
(WebCore::Page::setPageScaleFactor):
(WebCore::Page::invalidateStylesForAllLinks):
(WebCore::Page::invalidateStylesForLink):
(WebCore::Page::dnsPrefetchingStateChanged):
(WebCore::Page::storageBlockingStateChanged):
(WebCore::Page::setMuted):
(WebCore::Page::captionPreferencesChanged):
(WebCore::Page::setSessionID):
(WebCore::Page::setPlaybackTarget):
(WebCore::Page::playbackTargetAvailabilityDidChange):
(WebCore::Page::setShouldPlayToPlaybackTarget):
* page/Settings.cpp:
(WebCore::setImageLoadingSettings):

Source/WebKit2:

Load preferences before instantiating the first DrawingArea. This ensures that we do the
initial paint using accelerated drawing, and avoids allocating persistent data structures
only needed by the software rendering path.

* WebProcess/WebPage/WebPage.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197409 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoTurn String.prototype.replace into an intrinsic
fpizlo@apple.com [Tue, 1 Mar 2016 21:18:42 +0000 (21:18 +0000)]
Turn String.prototype.replace into an intrinsic
https://bugs.webkit.org/show_bug.cgi?id=154835

Reviewed by Michael Saboff.

Source/JavaScriptCore:

Octane/regexp spends a lot of time in String.prototype.replace(). That function does a lot
of checks to see if the parameters are what they are likely to often be (a string, a
regexp, and a string). The intuition of this patch is that it's good to remove those checks
and it's good to call the native function as directly as possible.

This yields a 10% speed-up on a replace microbenchmark and a 3% speed-up on Octane/regexp.
It also improves Octane/jquery.

This is only the beginning of what I want to do with replace optimizations. The other
optimizations will rely on StringReplace being revealed as a construct in DFG IR.

* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/SpeculatedType.cpp:
(JSC::dumpSpeculation):
(JSC::speculationToAbbreviatedString):
(JSC::speculationFromClassInfo):
* bytecode/SpeculatedType.h:
(JSC::isStringOrStringObjectSpeculation):
(JSC::isRegExpObjectSpeculation):
(JSC::isBoolInt32Speculation):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGNode.h:
(JSC::DFG::Node::shouldSpeculateStringOrStringObject):
(JSC::DFG::Node::shouldSpeculateRegExpObject):
(JSC::DFG::Node::shouldSpeculateSymbol):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::SafeToExecuteEdge::operator()):
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::speculateFinalObject):
(JSC::DFG::SpeculativeJIT::speculateRegExpObject):
(JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
(JSC::DFG::SpeculativeJIT::speculate):
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGUseKind.cpp:
(WTF::printInternal):
* dfg/DFGUseKind.h:
(JSC::DFG::typeFilterFor):
(JSC::DFG::isCell):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileNewRegexp):
(JSC::FTL::DFG::LowerDFGToB3::compileStringReplace):
(JSC::FTL::DFG::LowerDFGToB3::didOverflowStack):
(JSC::FTL::DFG::LowerDFGToB3::speculate):
(JSC::FTL::DFG::LowerDFGToB3::speculateFinalObject):
(JSC::FTL::DFG::LowerDFGToB3::speculateRegExpObject):
(JSC::FTL::DFG::LowerDFGToB3::speculateString):
* jit/JITOperations.h:
* runtime/Intrinsic.h:
* runtime/JSType.h:
* runtime/RegExpObject.h:
(JSC::RegExpObject::createStructure):
* runtime/StringPrototype.cpp:
(JSC::StringPrototype::finishCreation):
(JSC::removeUsingRegExpSearch):
(JSC::replaceUsingRegExpSearch):
(JSC::operationStringProtoFuncReplaceRegExpString):
(JSC::replaceUsingStringSearch):
(JSC::stringProtoFuncRepeat):
(JSC::replace):
(JSC::stringProtoFuncReplace):
(JSC::operationStringProtoFuncReplaceGeneric):
(JSC::stringProtoFuncToString):
* runtime/StringPrototype.h:

LayoutTests:

* js/regress/script-tests/string-replace.js: Added.
* js/regress/string-replace-expected.txt: Added.
* js/regress/string-replace.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197408 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix tests when using NetworkSession
achristensen@apple.com [Tue, 1 Mar 2016 20:00:58 +0000 (20:00 +0000)]
Fix tests when using NetworkSession
https://bugs.webkit.org/show_bug.cgi?id=154866

Reviewed by Brady Eidson.

* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(WebKit::globalCustomProtocolManager):
(WebKit::NetworkSession::setCustomProtocolManager):

Use a static NeverDestroyed instead of a local NeverDestroyed.
This fix was suggested by Darin after I broke the custom protocol tests in r197362.

(WebKit::NetworkSession::clearCredentials):

In r197223 I added code that I thought cleared the credentials of a session, but it was
actually trying (and failing) to remove the credentials from the NSURLCredentialStorage that
were stored with NSURLCredentialPersistencePermanent.
This was causing credentials stored in an NSURLSession with NSURLCredentialPersistenceForSession
to remain for the next tests, and was causing credentials from previous tests, usually from
http/tests/loading/basic-credentials-sent-automatically.html, to be used in future tests.
Creating a new NSURLSession is the equivalent of CredentialStorage::clearCredentials because it
removes all credentials stored with NSURLCredentialPersistenceForSession.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197407 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, rolling out r197056.
commit-queue@webkit.org [Tue, 1 Mar 2016 19:47:31 +0000 (19:47 +0000)]
Unreviewed, rolling out r197056.
https://bugs.webkit.org/show_bug.cgi?id=154870

broke win ews (Requested by alexchristensen on #webkit).

Reverted changeset:

"[cmake] Moved PRE/POST_BUILD_COMMAND to WEBKIT_FRAMEWORK."
https://bugs.webkit.org/show_bug.cgi?id=154651
http://trac.webkit.org/changeset/197056

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197406 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: Possible crash deallocating IDBDatabaseInfo/IDBObjectStoreInfo/IDBIndexInfo.
beidson@apple.com [Tue, 1 Mar 2016 19:41:46 +0000 (19:41 +0000)]
Modern IDB: Possible crash deallocating IDBDatabaseInfo/IDBObjectStoreInfo/IDBIndexInfo.
https://bugs.webkit.org/show_bug.cgi?id=154860

Reviewed by Alex Christensen.

Covered by existing tests.

* Modules/indexeddb/shared/IDBDatabaseInfo.cpp:
(WebCore::IDBDatabaseInfo::IDBDatabaseInfo):
(WebCore::IDBDatabaseInfo::isolatedCopy):
* Modules/indexeddb/shared/IDBDatabaseInfo.h:

* Modules/indexeddb/shared/IDBTransactionInfo.cpp:
(WebCore::IDBTransactionInfo::isolatedCopy): If there's an IDBDatabaseInfo to copy,  that
  copy needs to be isolated.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197405 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoExpose MediaElement and VideoElement to the Objective-C DOM bindings
timothy_horton@apple.com [Tue, 1 Mar 2016 18:49:42 +0000 (18:49 +0000)]
Expose MediaElement and VideoElement to the Objective-C DOM bindings
https://bugs.webkit.org/show_bug.cgi?id=154830

Reviewed by Sam Weinig.

Source/WebCore:

* Modules/mediasession/HTMLMediaElementMediaSession.idl:
* Modules/mediastream/HTMLMediaElementMediaStream.idl:
* html/HTMLMediaElement.idl:
* html/HTMLVideoElement.idl:
Avoid Objective-C bindings for various extraneous bits, like MediaSource and MediaSession,
to avoid exposing way more than we need to.

* WebCore.xcodeproj/project.pbxproj:
Add a bunch of Derived Sources.

Source/WebKit/mac:

* MigrateHeaders.make:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197404 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRebaseline isplaylists/extent-includes tests for mac-wk1
ryanhaddad@apple.com [Tue, 1 Mar 2016 18:33:41 +0000 (18:33 +0000)]
Rebaseline isplaylists/extent-includes tests for mac-wk1

Unreviewed test gardening.

* platform/mac-wk1/displaylists/extent-includes-shadow-expected.txt:
* platform/mac-wk1/displaylists/extent-includes-transforms-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197403 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoNetworkCache: Web process leaks resource buffer when using shareable reasources
carlosgc@webkit.org [Tue, 1 Mar 2016 17:42:35 +0000 (17:42 +0000)]
NetworkCache: Web process leaks resource buffer when using shareable reasources
https://bugs.webkit.org/show_bug.cgi?id=154852

Reviewed by Darin Adler.

ResourceLoader::didReceiveBuffer() expects a PassRefPtr, but we
are passing a raw pointer making PassRefPtr to take another
reference instead of transfering the ownership as expected.

* WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::didReceiveResource):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197402 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoText control shadow element style shouldn't depend on renderers
antti@apple.com [Tue, 1 Mar 2016 17:33:47 +0000 (17:33 +0000)]
Text control shadow element style shouldn't depend on renderers
https://bugs.webkit.org/show_bug.cgi?id=154855

Reviewed by Andreas Kling.

Currently the code for computing style for text control shadow elements lives in render tree.
Style is the input for building a render tree and should be computable without having one.

Fix by moving virtual createInnerTextStyle() from RenderTextControl hierarchy to the DOM side
HTMLTextFormControlElement hierarchy.

* dom/Element.cpp:
(WebCore::Element::didDetachRenderers):
(WebCore::Element::customStyleForRenderer):

    Also pass shadow host style as it is needed for text controls.

* dom/Element.h:
* dom/PseudoElement.cpp:
(WebCore::PseudoElement::clearHostElement):
(WebCore::PseudoElement::customStyleForRenderer):
* dom/PseudoElement.h:
* html/HTMLInputElement.cpp:
(WebCore::HTMLInputElement::setRangeText):
(WebCore::HTMLInputElement::createInnerTextStyle):
(WebCore::HTMLInputElement::setupDateTimeChooserParameters):
* html/HTMLInputElement.h:
* html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::willRespondToMouseClickEvents):
(WebCore::HTMLTextAreaElement::createInnerTextStyle):
* html/HTMLTextAreaElement.h:
* html/HTMLTextFormControlElement.cpp:
(WebCore::HTMLTextFormControlElement::directionForFormData):
(WebCore::HTMLTextFormControlElement::adjustInnerTextStyle):
* html/HTMLTextFormControlElement.h:
(WebCore::HTMLTextFormControlElement::cachedSelectionDirection):
* html/shadow/TextControlInnerElements.cpp:
(WebCore::TextControlInnerElement::create):
(WebCore::TextControlInnerElement::customStyleForRenderer):
(WebCore::TextControlInnerTextElement::renderer):
(WebCore::TextControlInnerTextElement::customStyleForRenderer):
* html/shadow/TextControlInnerElements.h:
* rendering/RenderTextControl.cpp:
(WebCore::RenderTextControl::styleDidChange):
(WebCore::RenderTextControl::textBlockLogicalHeight):
(WebCore::RenderTextControl::adjustInnerTextStyle): Deleted.
* rendering/RenderTextControl.h:
* rendering/RenderTextControlMultiLine.cpp:
(WebCore::RenderTextControlMultiLine::baselinePosition):
(WebCore::RenderTextControlMultiLine::layoutSpecialExcludedChild):
(WebCore::RenderTextControlMultiLine::createInnerTextStyle): Deleted.

    createInnerTextStyle moves to HTMLTextAreaElement::createInnerTextStyle

* rendering/RenderTextControlMultiLine.h:
* rendering/RenderTextControlSingleLine.cpp:
(WebCore::RenderTextControlSingleLine::RenderTextControlSingleLine):

    Remove m_desiredInnerTextLogicalHeight cache. It doesn't work, it is never valid when hit.

(WebCore::RenderTextControlSingleLine::layout):
(WebCore::RenderTextControlSingleLine::styleDidChange):
(WebCore::RenderTextControlSingleLine::computeControlLogicalHeight):
(WebCore::RenderTextControlSingleLine::textShouldBeTruncated):
(WebCore::RenderTextControlSingleLine::createInnerTextStyle): Deleted.
(WebCore::RenderTextControlSingleLine::createInnerBlockStyle): Deleted.

    - createInnerTextStyle moves to HTMLInputElement::createInnerTextStyle
    - createInnerBlockStyle moves to TextControlInnerElement::customStyleForRenderer

* rendering/RenderTextControlSingleLine.h:
(WebCore::RenderTextControlSingleLine::centerContainerIfNeeded):
(WebCore::RenderTextControlSingleLine::containerElement):
* style/StyleTreeResolver.cpp:
(WebCore::Style::TreeResolver::styleForElement):
* svg/SVGElement.cpp:
(WebCore::SVGElement::synchronizeSystemLanguage):
(WebCore::SVGElement::customStyleForRenderer):
* svg/SVGElement.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197401 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[css-grid] Get rid of GridResolvedPosition
rego@igalia.com [Tue, 1 Mar 2016 16:54:19 +0000 (16:54 +0000)]
[css-grid] Get rid of GridResolvedPosition
https://bugs.webkit.org/show_bug.cgi?id=154818

Reviewed by Darin Adler.

GridResolvedPosition was a small class just wrapping a unsigned.
In the future it should actually wrap an integer,
as we want to support implicit tracks before the explicit grid.

The class itself is not providing any benefit,
so we can get rid of it and store directly 2 unsigned in GridSpan.

This will make simpler future changes related to this task.

We keep the class just as a utility for the methods
that deal with the positions resolution.
But it should be renamed in a follow-up patch.

No new tests, no change of behavior.

* css/CSSGridTemplateAreasValue.cpp:
(WebCore::stringForPosition):
* css/CSSParser.cpp:
(WebCore::CSSParser::parseGridTemplateAreasRow):
* css/StyleBuilderConverter.h:
(WebCore::StyleBuilderConverter::createImplicitNamedGridLinesFromGridArea):
* rendering/RenderGrid.cpp:
(WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
(WebCore::RenderGrid::findFlexFactorUnitSize):
(WebCore::RenderGrid::spanningItemCrossesFlexibleSizedTracks):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
(WebCore::RenderGrid::insertItemIntoGrid):
(WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
(WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
(WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
(WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
(WebCore::RenderGrid::gridAreaBreadthForChild):
(WebCore::RenderGrid::gridAreaBreadthForChildIncludingAlignmentOffsets):
(WebCore::RenderGrid::columnAxisOffsetForChild):
(WebCore::RenderGrid::rowAxisOffsetForChild):
* rendering/style/GridCoordinate.h:
(WebCore::GridSpan::definiteGridSpan):
(WebCore::GridSpan::integerSpan):
(WebCore::GridSpan::resolvedInitialPosition):
(WebCore::GridSpan::resolvedFinalPosition):
(WebCore::GridSpan::GridSpanIterator::GridSpanIterator):
(WebCore::GridSpan::GridSpanIterator::operator*):
(WebCore::GridSpan::GridSpanIterator::operator++):
(WebCore::GridSpan::GridSpanIterator::operator!=):
(WebCore::GridSpan::begin):
(WebCore::GridSpan::end):
(WebCore::GridSpan::GridSpan):
* rendering/style/GridResolvedPosition.cpp:
(WebCore::resolveNamedGridLinePositionFromStyle):
(WebCore::resolveRowStartColumnStartNamedGridLinePositionAgainstOppositePosition):
(WebCore::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
(WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
(WebCore::resolveGridPositionAgainstOppositePosition):
(WebCore::GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition):
(WebCore::resolveGridPositionFromStyle):
(WebCore::GridResolvedPosition::resolveGridPositionsFromStyle):
* rendering/style/GridResolvedPosition.h:
(WebCore::GridResolvedPosition::GridResolvedPosition): Deleted.
(WebCore::GridResolvedPosition::operator*): Deleted.
(WebCore::GridResolvedPosition::operator++): Deleted.
(WebCore::GridResolvedPosition::operator==): Deleted.
(WebCore::GridResolvedPosition::operator!=): Deleted.
(WebCore::GridResolvedPosition::operator<): Deleted.
(WebCore::GridResolvedPosition::operator>): Deleted.
(WebCore::GridResolvedPosition::operator<=): Deleted.
(WebCore::GridResolvedPosition::operator>=): Deleted.
(WebCore::GridResolvedPosition::toInt): Deleted.
(WebCore::GridResolvedPosition::next): Deleted.
(WebCore::GridResolvedPosition::prev): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197400 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMemoryCache::forEachResource() should guard resources across function invocation.
akling@apple.com [Tue, 1 Mar 2016 14:29:18 +0000 (14:29 +0000)]
MemoryCache::forEachResource() should guard resources across function invocation.
<https://webkit.org/b/154846>

Reviewed by Antti Koivisto.

It occurred to me that we should protect the CachedResources from being
deleted while invoking the custom function here, lest we create a giant footgun.

* loader/cache/MemoryCache.cpp:
(WebCore::MemoryCache::forEachResource):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197399 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Mac][cmake] One more unreviewed speculative buildfix after r197375. Just for fun.
ossy@webkit.org [Tue, 1 Mar 2016 11:58:59 +0000 (11:58 +0000)]
[Mac][cmake] One more unreviewed speculative buildfix after r197375. Just for fun.

* PlatformMac.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197398 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Mac][cmake] Unreviewed speculative buildfix after r197375. Just for fun.
ossy@webkit.org [Tue, 1 Mar 2016 11:17:19 +0000 (11:17 +0000)]
[Mac][cmake] Unreviewed speculative buildfix after r197375. Just for fun.

* PlatformMac.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197397 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Fetch API] Support Request and Response blob() when body data is a blob
youenn.fablet@crf.canon.fr [Tue, 1 Mar 2016 10:34:17 +0000 (10:34 +0000)]
[Fetch API] Support Request and Response blob() when body data is a blob
https://bugs.webkit.org/show_bug.cgi?id=154820

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Adding blob specific tests. New tests are not covered yet as they require converting data from a blob into another form (JSON, text...).
Rebasing expectations with test that is now passing and new failing tests.
Fixing typos in test (Json -> JSON and removing TextDecoder use).

* web-platform-tests/fetch/api/request/request-consume-expected.txt:
* web-platform-tests/fetch/api/request/request-consume.html:
* web-platform-tests/fetch/api/response/response-consume-expected.txt:
* web-platform-tests/fetch/api/response/response-consume.html:

Source/WebCore:

Adding support for returning the same Blob that is stored in Body in case JS blob() is called.
Adding support for Blob creation when data is stored as text.
Updated JSDOMBinding and JSDOMPromise to return a JS ArrayBuffer for Vector<char> as well as Vector<unsigned char>.

Covered by added tests.

* Modules/fetch/FetchBody.cpp:
(WebCore::FetchBody::arrayBuffer):
(WebCore::FetchBody::blob):
(WebCore::FetchBody::extractFromText):
* Modules/fetch/FetchBody.h:
* bindings/js/JSDOMBinding.h:
(WebCore::toJS):
* bindings/js/JSDOMPromise.h:
(WebCore::DeferredWrapper::resolve): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197396 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[[PreventExtensions]] should be a virtual method in the method table.
sbarati@apple.com [Tue, 1 Mar 2016 08:11:20 +0000 (08:11 +0000)]
[[PreventExtensions]] should be a virtual method in the method table.
https://bugs.webkit.org/show_bug.cgi?id=154800

Reviewed by Yusuke Suzuki.

This patch makes us more consistent with how the ES6 specification models the
[[PreventExtensions]] trap. Moving this method into ClassInfo::methodTable
is a prerequisite for implementing Proxy.[[PreventExtensions]].

* runtime/ClassInfo.h:
* runtime/JSCell.cpp:
(JSC::JSCell::getGenericPropertyNames):
(JSC::JSCell::preventExtensions):
* runtime/JSCell.h:
* runtime/JSModuleNamespaceObject.cpp:
(JSC::JSModuleNamespaceObject::JSModuleNamespaceObject):
(JSC::JSModuleNamespaceObject::finishCreation):
(JSC::JSModuleNamespaceObject::destroy):
* runtime/JSModuleNamespaceObject.h:
(JSC::JSModuleNamespaceObject::create):
(JSC::JSModuleNamespaceObject::moduleRecord):
* runtime/JSObject.cpp:
(JSC::JSObject::freeze):
(JSC::JSObject::preventExtensions):
(JSC::JSObject::reifyAllStaticProperties):
* runtime/JSObject.h:
(JSC::JSObject::isSealed):
(JSC::JSObject::isFrozen):
(JSC::JSObject::isExtensible):
* runtime/ObjectConstructor.cpp:
(JSC::objectConstructorSeal):
(JSC::objectConstructorFreeze):
(JSC::objectConstructorPreventExtensions):
(JSC::objectConstructorIsSealed):
* runtime/ReflectObject.cpp:
(JSC::reflectObjectPreventExtensions):
* runtime/Structure.cpp:
(JSC::Structure::Structure):
(JSC::Structure::preventExtensionsTransition):
* runtime/Structure.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197391 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoThreadedCompositor: clean up composition-specific resources before shutting down...
zandobersek@gmail.com [Tue, 1 Mar 2016 07:39:23 +0000 (07:39 +0000)]
ThreadedCompositor: clean up composition-specific resources before shutting down the thread
https://bugs.webkit.org/show_bug.cgi?id=154793

Reviewed by Carlos Garcia Campos.

* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::runCompositingThread): Before concluding the
compositing thread run, clean up all the resources that were allocated at
the start, and in the reverse order. Specifically, we now also deallocate
the CoordinatedGraphicsScene and the SimpleViewportController objects. This
way these are not deallocated on the main thread when the ThreadedCompositor
destructor would otherwise clean them up.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197390 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoHave parseHTMLInteger() / parseHTMLNonNegativeInteger() use WTF::Optional
cdumez@apple.com [Tue, 1 Mar 2016 07:37:16 +0000 (07:37 +0000)]
Have parseHTMLInteger() / parseHTMLNonNegativeInteger() use WTF::Optional
https://bugs.webkit.org/show_bug.cgi?id=154845

Reviewed by Ryosuke Niwa.

Source/WebCore:

Have parseHTMLInteger() / parseHTMLNonNegativeInteger() use
WTF::Optional.

* dom/Element.cpp:
(WebCore::Element::getIntegralAttribute):
(WebCore::Element::getUnsignedIntegralAttribute):
(WebCore::Element::setUnsignedIntegralAttribute): Deleted.
* html/HTMLElement.cpp:
(WebCore::HTMLElement::parseBorderWidthAttribute):
(WebCore::HTMLElement::parseAttribute):
* html/HTMLInputElement.cpp:
(WebCore::HTMLInputElement::parseMaxLengthAttribute):
* html/HTMLInputElement.h:
* html/HTMLOListElement.cpp:
(WebCore::HTMLOListElement::parseAttribute):
* html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::maxLength):
* html/ImageInputType.cpp:
(WebCore::ImageInputType::height):
(WebCore::ImageInputType::width):
* html/parser/HTMLParserIdioms.cpp:
(WebCore::parseHTMLIntegerInternal):
(WebCore::parseHTMLInteger):
(WebCore::parseHTMLNonNegativeInteger):
* html/parser/HTMLParserIdioms.h:
(WebCore::limitToOnlyHTMLNonNegativeNumbersGreaterThanZero):
(WebCore::limitToOnlyHTMLNonNegative):
* svg/SVGElement.cpp:
(WebCore::SVGElement::parseAttribute):

Tools:

Update API tests accordingly.

* TestWebKitAPI/Tests/WebCore/HTMLParserIdioms.cpp:
(TestWebKitAPI::testParseHTMLInteger):
(TestWebKitAPI::parseHTMLIntegerFails):
(TestWebKitAPI::testParseHTMLNonNegativeInteger):
(TestWebKitAPI::parseHTMLNonNegativeIntegerFails):
(TestWebKitAPI::TEST): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197389 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoThreadSafeCoordinatedSurface: remove the unused private create() static method
zandobersek@gmail.com [Tue, 1 Mar 2016 07:36:02 +0000 (07:36 +0000)]
ThreadSafeCoordinatedSurface: remove the unused private create() static method
https://bugs.webkit.org/show_bug.cgi?id=154792

Reviewed by Carlos Garcia Campos.

Remove the static ThreadSafeCoordinatedSurface::create() method that accepted
a std::unique_ptr<ImageBuffer> object as its third parameter. This was not used
anywhere.

* Shared/CoordinatedGraphics/threadedcompositor/ThreadSafeCoordinatedSurface.cpp:
(WebKit::ThreadSafeCoordinatedSurface::create): Deleted.
* Shared/CoordinatedGraphics/threadedcompositor/ThreadSafeCoordinatedSurface.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197388 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoTextureMapperGL: simplify TransformationMatrix copies in draw(), beginClip()
zandobersek@gmail.com [Tue, 1 Mar 2016 07:32:29 +0000 (07:32 +0000)]
TextureMapperGL: simplify TransformationMatrix copies in draw(), beginClip()
https://bugs.webkit.org/show_bug.cgi?id=154791

Reviewed by Carlos Garcia Campos.

In both functions, the passed-in model-view matrix is first copied, multiplied
against a rect-to-rect TransformationMatrix, and then assigned into a local
TransformationMatrix variable, which causes another copy due to the multiply()
function returning a reference to the modified object.

To avoid the last copy, first copy the model-view matrix into a local variable,
and multiply the rect-to-rect TransformationMatrix into the new object afterwards.

* platform/graphics/texmap/TextureMapperGL.cpp:
(WebCore::TextureMapperGL::draw):
(WebCore::TextureMapperGL::beginClip):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197387 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoImageBufferCairo should support OpenGL ES 2 configurations
zandobersek@gmail.com [Tue, 1 Mar 2016 07:31:44 +0000 (07:31 +0000)]
ImageBufferCairo should support OpenGL ES 2 configurations
https://bugs.webkit.org/show_bug.cgi?id=154790

Reviewed by Carlos Garcia Campos.

When building with OpenGL ES 2 and with accelerated 2D canvas support,
the GLES2 header should be included instead of the OpenGLShims.h header.

The glTexParameterf() calls targeting GL_TEXTURE_WRAP_S and
GL_TEXTURE_WRAP_T parameters should use the GL_CLAMP_TO_EDGE value.
GL_CLAMP isn't available in OpenGL ES 2 and was dropped in OpenGL 3.

* platform/graphics/cairo/ImageBufferCairo.cpp:
(WebCore::ImageBufferData::createCairoGLSurface):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197386 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoTextureMapperGL: beginPainting() should handle the PaintingMirrored value in PaintFlags
zandobersek@gmail.com [Tue, 1 Mar 2016 07:30:18 +0000 (07:30 +0000)]
TextureMapperGL: beginPainting() should handle the PaintingMirrored value in PaintFlags
https://bugs.webkit.org/show_bug.cgi?id=154789

Reviewed by Carlos Garcia Campos.

* platform/graphics/texmap/TextureMapperGL.cpp:
(WebCore::TextureMapperGL::beginPainting): The ClipStack should be reset with
a Y-axis mode that corresponds to the presence of the PaintingMirrored value in
the passed-in PaintFlags argument. If present, the default Y-axis mode should be
used, and the inverted Y-axis otherwise.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197385 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCoordinatedGraphicsLayer should override the inherited TextureMapperPlatformLayer...
zandobersek@gmail.com [Tue, 1 Mar 2016 07:28:42 +0000 (07:28 +0000)]
CoordinatedGraphicsLayer should override the inherited TextureMapperPlatformLayer::Client methods
https://bugs.webkit.org/show_bug.cgi?id=154788

Reviewed by Carlos Garcia Campos.

* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
Add the override specifiers for the two methods that are inherited
from the TextureMapperPlatformLayer::Client interface.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197384 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Private symbols should not be trapped by proxy handler
utatane.tea@gmail.com [Tue, 1 Mar 2016 03:48:36 +0000 (03:48 +0000)]
[JSC] Private symbols should not be trapped by proxy handler
https://bugs.webkit.org/show_bug.cgi?id=154817

Reviewed by Mark Lam.

Since the runtime has some assumptions on the properties associated with the private symbols, ES6 Proxy should not trap these property operations.
For example, in ArrayIteratorPrototype.js

    var itemKind = this.@arrayIterationKind;
    if (itemKind === @undefined)
        throw new @TypeError("%ArrayIteratorPrototype%.next requires that |this| be an Array Iterator instance");

Here, we assume that only the array iterator has the @arrayIterationKind property that value is non-undefined.
But If we implement Proxy with the get handler, that returns a non-undefined value for every operations, we accidentally assumes that the given value is an array iterator.

To avoid these situation, we perform the default operations onto property operations with private symbols.

* runtime/ProxyObject.cpp:
(JSC::performProxyGet):
(JSC::ProxyObject::performInternalMethodGetOwnProperty):
(JSC::ProxyObject::performHasProperty):
(JSC::ProxyObject::performPut):
(JSC::ProxyObject::performDelete):
(JSC::ProxyObject::deleteProperty):
(JSC::ProxyObject::deletePropertyByIndex):
* tests/stress/proxy-basic.js:
* tests/stress/proxy-with-private-symbols.js: Added.
(assert):
(let.handler.getOwnPropertyDescriptor):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197383 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemove the experimental feature of antialiased font dilation
simon.fraser@apple.com [Tue, 1 Mar 2016 03:42:41 +0000 (03:42 +0000)]
Remove the experimental feature of antialiased font dilation
https://bugs.webkit.org/show_bug.cgi?id=154843

Reviewed by Zalan Bujtas.
Source/WebCore:

Remove the "antialiased font dilation" code path, and related prefs.

* page/Settings.cpp:
(WebCore::Settings::Settings): Deleted.
(WebCore::Settings::setAntialiasedFontDilationEnabled): Deleted.
* page/Settings.h:
(WebCore::Settings::antialiasedFontDilationEnabled): Deleted.
* platform/graphics/FontCascade.cpp:
(WebCore::FontCascade::setAntialiasedFontDilationEnabled): Deleted.
(WebCore::FontCascade::antialiasedFontDilationEnabled): Deleted.
* platform/graphics/FontCascade.h:
* platform/graphics/GraphicsContext.cpp:
(WebCore::GraphicsContextStateChange::changesFromState): Deleted.
(WebCore::GraphicsContextStateChange::accumulate): Deleted.
(WebCore::GraphicsContextStateChange::apply): Deleted.
(WebCore::GraphicsContextStateChange::dump): Deleted.
(WebCore::GraphicsContext::setAntialiasedFontDilationEnabled): Deleted.
* platform/graphics/GraphicsContext.h:
(WebCore::GraphicsContextState::GraphicsContextState): Deleted.
(WebCore::GraphicsContext::antialiasedFontDilationEnabled): Deleted.
* platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
(PlatformCALayer::drawLayerContents): Deleted.
* platform/graphics/cocoa/FontCascadeCocoa.mm:
(WebCore::dilationSizeForTextColor): Deleted.
(WebCore::FontCascade::drawGlyphs): Deleted.
* platform/graphics/displaylists/DisplayList.cpp:
(WebCore::DisplayList::DisplayList::shouldDumpForFlags): Deleted.

Source/WebKit/mac:

Remove the "antialiased font dilation" code path, and related prefs.

* WebView/WebPreferenceKeysPrivate.h:
* WebView/WebPreferences.mm:
(+[WebPreferences initialize]): Deleted.
(-[WebPreferences setAntialiasedFontDilationEnabled:]): Deleted.
(-[WebPreferences antialiasedFontDilationEnabled]): Deleted.
* WebView/WebPreferencesPrivate.h:
* WebView/WebView.mm:
(-[WebView _preferencesChanged:]): Deleted.

Source/WebKit2:

Remove the "antialiased font dilation" code path, and related prefs.

* Shared/WebPreferencesDefinitions.h:
* UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetAntialiasedFontDilationEnabled):
(WKPreferencesGetAntialiasedFontDilationEnabled):
* UIProcess/API/C/WKPreferencesRefPrivate.h:
* UIProcess/API/Cocoa/WKPreferences.mm:
(-[WKPreferences _antialiasedFontDilationEnabled]): Deleted.
(-[WKPreferences _setAntialiasedFontDilationEnabled:]): Deleted.
* UIProcess/API/Cocoa/WKPreferencesPrivate.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences): Deleted.

Tools:

Remove the "antialiased font dilation" code path, and related prefs.

* DumpRenderTree/mac/DumpRenderTree.mm:
(resetWebPreferencesToConsistentValues): Deleted.
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetPreferencesToConsistentValues): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197382 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoregress/script-tests/double-pollution-putbyoffset.js.ftl-eager timed out because...
fpizlo@apple.com [Tue, 1 Mar 2016 03:18:59 +0000 (03:18 +0000)]
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager timed out because of a lock ordering deadlock involving InferredType and CodeBlock
https://bugs.webkit.org/show_bug.cgi?id=154841

Reviewed by Benjamin Poulain.

Here's the deadlock:

Main thread:
    1) Change an InferredType.  This acquires InferredType::m_lock.
    2) Fire watchpoint set.  This triggers CodeBlock invalidation, which acquires
       CodeBlock::m_lock.

DFG thread:
    1) Iterate over the information in a CodeBlock.  This acquires CodeBlock::m_lock.
    2) Ask an InferredType for its descriptor().  This acquires InferredType::m_lock.

I think that the DFG thread's ordering should be legal, because the best logic for lock
hierarchies is that locks that protect the largest set of stuff should be acquired first.

This means that the main thread shouldn't be holding the InferredType::m_lock when firing
watchpoint sets.  That's what this patch ensures.

At the time of writing, this test was deadlocking for me on trunk 100% of the time.  With
this change I cannot get it to deadlock.

* runtime/InferredType.cpp:
(JSC::InferredType::willStoreValueSlow):
(JSC::InferredType::makeTopSlow):
(JSC::InferredType::set):
(JSC::InferredType::removeStructure):
(JSC::InferredType::InferredStructureWatchpoint::fireInternal):
* runtime/InferredType.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197381 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[DFG][FTL][B3] Support floor and ceil
utatane.tea@gmail.com [Tue, 1 Mar 2016 02:30:46 +0000 (02:30 +0000)]
[DFG][FTL][B3] Support floor and ceil
https://bugs.webkit.org/show_bug.cgi?id=154683

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

This patch implements and fixes the following things.

1. Implement Ceil and Floor in DFG, FTL and B3

x86 SSE 4.2 and ARM64 have round instructions that can directly perform Ceil or Floor.
This patch leverages this functionality. We introduce ArithFloor and ArithCeil.
During DFG phase, these nodes attempt to convert itself to Identity (in Fixup phase).
As the same to ArithRound, it tracks arith rounding mode.
And if these nodes are required to emit machine codes, we emit rounding machine code
if it is supported in the current machine. For example, in x86, we emit `round`.

This `Floor` functionality is nice for @toInteger in builtin.
That is used for Array.prototype.{forEach, map, every, some, reduce...}
And according to the benchmark results, Kraken audio-oscillator is slightly improved
due to its frequent Math.round and Math.floor calls.

2. Implement Floor in B3 and Air

As the same to Ceil in B3, we add a new B3 IR and Air opcode, Floor.
This Floor is leveraged to implement ArithFloor in DFG.

3. Fix ArithRound operation

Currently, we used cvtsd2si (in x86) to convert double value to int32.
And we also used this to implement Math.round, like, cvtsd2si(value + 0.5).
However, this implementation is not correct. Because cvtsd2si is not floor operation.
It is trucate operation. This is OK for positive numbers. But NG for negative numbers.
For example, the current implementation accidentally rounds `-0.6` to `-0.0`. This should be `-1.0`.
Using Ceil and Floor instructions, we implement correct ArithRound.

* assembler/MacroAssemblerARM.h:
(JSC::MacroAssemblerARM::supportsFloatingPointRounding):
(JSC::MacroAssemblerARM::ceilDouble):
(JSC::MacroAssemblerARM::floorDouble):
(JSC::MacroAssemblerARM::supportsFloatingPointCeil): Deleted.
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::supportsFloatingPointRounding):
(JSC::MacroAssemblerARM64::floorFloat):
(JSC::MacroAssemblerARM64::supportsFloatingPointCeil): Deleted.
* assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::supportsFloatingPointRounding):
(JSC::MacroAssemblerARMv7::ceilDouble):
(JSC::MacroAssemblerARMv7::floorDouble):
(JSC::MacroAssemblerARMv7::supportsFloatingPointCeil): Deleted.
* assembler/MacroAssemblerMIPS.h:
(JSC::MacroAssemblerMIPS::ceilDouble):
(JSC::MacroAssemblerMIPS::floorDouble):
(JSC::MacroAssemblerMIPS::supportsFloatingPointRounding):
(JSC::MacroAssemblerMIPS::supportsFloatingPointCeil): Deleted.
* assembler/MacroAssemblerSH4.h:
(JSC::MacroAssemblerSH4::supportsFloatingPointRounding):
(JSC::MacroAssemblerSH4::ceilDouble):
(JSC::MacroAssemblerSH4::floorDouble):
(JSC::MacroAssemblerSH4::supportsFloatingPointCeil): Deleted.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::floorDouble):
(JSC::MacroAssemblerX86Common::floorFloat):
(JSC::MacroAssemblerX86Common::supportsFloatingPointRounding):
(JSC::MacroAssemblerX86Common::supportsFloatingPointCeil): Deleted.
* b3/B3ConstDoubleValue.cpp:
(JSC::B3::ConstDoubleValue::floorConstant):
* b3/B3ConstDoubleValue.h:
* b3/B3ConstFloatValue.cpp:
(JSC::B3::ConstFloatValue::floorConstant):
* b3/B3ConstFloatValue.h:
* b3/B3LowerMacrosAfterOptimizations.cpp:
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
* b3/B3Opcode.cpp:
(WTF::printInternal):
* b3/B3Opcode.h:
* b3/B3ReduceDoubleToFloat.cpp:
* b3/B3ReduceStrength.cpp:
* b3/B3Validate.cpp:
* b3/B3Value.cpp:
(JSC::B3::Value::floorConstant):
(JSC::B3::Value::isRounded):
(JSC::B3::Value::effects):
(JSC::B3::Value::key):
(JSC::B3::Value::typeFor):
* b3/B3Value.h:
* b3/air/AirFixPartialRegisterStalls.cpp:
* b3/air/AirOpcode.opcodes:
* b3/testb3.cpp:
(JSC::B3::testFloorCeilArg):
(JSC::B3::testFloorArg):
(JSC::B3::testFloorImm):
(JSC::B3::testFloorMem):
(JSC::B3::testFloorFloorArg):
(JSC::B3::testCeilFloorArg):
(JSC::B3::testFloorIToD64):
(JSC::B3::testFloorIToD32):
(JSC::B3::testFloorArgWithUselessDoubleConversion):
(JSC::B3::testFloorArgWithEffectfulDoubleConversion):
(JSC::B3::run):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGArithMode.cpp:
(WTF::printInternal):
* dfg/DFGArithMode.h:
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
* dfg/DFGGraph.h:
(JSC::DFG::Graph::roundShouldSpeculateInt32):
* dfg/DFGNode.h:
(JSC::DFG::Node::arithNodeFlags):
(JSC::DFG::Node::hasHeapPrediction):
(JSC::DFG::Node::hasArithRoundingMode):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArithRounding):
(JSC::DFG::SpeculativeJIT::compileArithRound): Deleted.
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileArithRound):
(JSC::FTL::DFG::LowerDFGToB3::compileArithFloor):
(JSC::FTL::DFG::LowerDFGToB3::compileArithCeil):
* ftl/FTLOutput.h:
(JSC::FTL::Output::doubleFloor):
* jit/ThunkGenerators.cpp:
(JSC::ceilThunkGenerator):
* tests/stress/math-ceil-arith-rounding-mode.js: Added.
(firstCareAboutZeroSecondDoesNot):
(firstDoNotCareAboutZeroSecondDoes):
(warmup):
(verifyNegativeZeroIsPreserved):
* tests/stress/math-ceil-basics.js: Added.
(mathCeilOnIntegers):
(mathCeilOnDoubles):
(mathCeilOnBooleans):
(uselessMathCeil):
(mathCeilWithOverflow):
(mathCeilConsumedAsDouble):
(mathCeilDoesNotCareAboutMinusZero):
(mathCeilNoArguments):
(mathCeilTooManyArguments):
(testMathCeilOnConstants):
(mathCeilStructTransition):
(Math.ceil):
* tests/stress/math-floor-arith-rounding-mode.js: Added.
(firstCareAboutZeroSecondDoesNot):
(firstDoNotCareAboutZeroSecondDoes):
(warmup):
(verifyNegativeZeroIsPreserved):
* tests/stress/math-floor-basics.js: Added.
(mathFloorOnIntegers):
(mathFloorOnDoubles):
(mathFloorOnBooleans):
(uselessMathFloor):
(mathFloorWithOverflow):
(mathFloorConsumedAsDouble):
(mathFloorDoesNotCareAboutMinusZero):
(mathFloorNoArguments):
(mathFloorTooManyArguments):
(testMathFloorOnConstants):
(mathFloorStructTransition):
(Math.floor):
* tests/stress/math-round-should-not-use-truncate.js: Added.
(mathRoundDoesNotCareAboutMinusZero):
* tests/stress/math-rounding-infinity.js: Added.
(shouldBe):
(testRound):
(testFloor):
(testCeil):
* tests/stress/math-rounding-nan.js: Added.
(shouldBe):
(testRound):
(testFloor):
(testCeil):
* tests/stress/math-rounding-negative-zero.js: Added.
(shouldBe):
(testRound):
(testFloor):
(testCeil):
(testRoundNonNegativeZero):
(testRoundNonNegativeZero2):

Websites/webkit.org:

* docs/b3/intermediate-representation.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197380 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd new MethodTable method to get an estimated size for a cell
commit-queue@webkit.org [Tue, 1 Mar 2016 02:07:12 +0000 (02:07 +0000)]
Add new MethodTable method to get an estimated size for a cell
https://bugs.webkit.org/show_bug.cgi?id=154838

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-02-29
Reviewed by Filip Pizlo.

The new class method estimatedSize(JSCell*) estimates the size for a single cell.
As the name implies, this is meant to be an approximation. It is more important
that big objects report a large size, then to get perfect size information for
all objects in the heap.

    Base implementation (JSCell):
      - returns the MarkedBlock bucket size for this cell.
      - This gets us the object size include inline storage. Basically a better sizeof.

    Subclasses with "Extra Memory Cost":
      - Any class that reports extra memory (reportExtraMemoryVisited) should include that in the estimated size.
      - E.g. CodeBlock, JSGenericTypedArrayView, WeakMapData, etc.

    Subclasses with "Copied Space" storage:
      - Any class with data in copied space (copyBackingStore) should include that in the estimated size.
      - E.g. JSObject, JSGenericTypedArrayView, JSMap, JSSet, DirectArguments, etc.

Add reportExtraMemoryVisited for UnlinkedCodeBlock's compressed unlinked
instructions because this can be larger than 1kb, which is significant.

This has one special case for RegExp generated bytecode / JIT code, which
does not currently fall into the extra memory cost or copied space storage.
In practice I haven't seen this grow to a significant cost.

* runtime/ClassInfo.h:
Add the new estimatedSize method to the table.

* bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::visitChildren):
(JSC::UnlinkedCodeBlock::estimatedSize):
(JSC::UnlinkedCodeBlock::setInstructions):
* bytecode/UnlinkedCodeBlock.h:
Report an extra memory cost for unlinked code blocks like
we do for linked code blocks.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::estimatedSize):
* bytecode/CodeBlock.h:
* bytecode/UnlinkedInstructionStream.cpp:
(JSC::UnlinkedInstructionStream::sizeInBytes):
* bytecode/UnlinkedInstructionStream.h:
* runtime/DirectArguments.cpp:
(JSC::DirectArguments::estimatedSize):
* runtime/DirectArguments.h:
* runtime/JSCell.cpp:
(JSC::JSCell::estimatedSizeInBytes):
(JSC::JSCell::estimatedSize):
* runtime/JSCell.h:
* runtime/JSGenericTypedArrayView.h:
* runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::estimatedSize):
* runtime/JSMap.cpp:
(JSC::JSMap::estimatedSize):
* runtime/JSMap.h:
* runtime/JSObject.cpp:
(JSC::JSObject::visitButterfly):
* runtime/JSObject.h:
* runtime/JSSet.cpp:
(JSC::JSSet::estimatedSize):
* runtime/JSSet.h:
* runtime/JSString.cpp:
(JSC::JSString::estimatedSize):
* runtime/JSString.h:
* runtime/MapData.h:
(JSC::MapDataImpl::capacityInBytes):
* runtime/WeakMapData.cpp:
(JSC::WeakMapData::estimatedSize):
(JSC::WeakMapData::visitChildren):
* runtime/WeakMapData.h:
Implement estimated size following the pattern of reporting
extra visited size, or copy space memory.

* runtime/RegExp.cpp:
(JSC::RegExp::estimatedSize):
* runtime/RegExp.h:
* yarr/YarrInterpreter.h:
(JSC::Yarr::ByteDisjunction::estimatedSizeInBytes):
(JSC::Yarr::BytecodePattern::estimatedSizeInBytes):
* yarr/YarrJIT.h:
(JSC::Yarr::YarrCodeBlock::size):
Include generated bytecode / JITCode to a RegExp's size.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197379 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMarking webgl/1.0.2/conformance/extensions/get-extension.html as flaky on mac, removi...
ryanhaddad@apple.com [Tue, 1 Mar 2016 01:36:09 +0000 (01:36 +0000)]
Marking webgl/1.0.2/conformance/extensions/get-extension.html as flaky on mac, removing wk1 specific flakiness expectation.
https://bugs.webkit.org/show_bug.cgi?id=152506

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197378 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMarking storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange.html as...
ryanhaddad@apple.com [Tue, 1 Mar 2016 01:16:45 +0000 (01:16 +0000)]
Marking storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange.html as flaky on mac
https://bugs.webkit.org/show_bug.cgi?id=154748

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197377 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRe-enable passing fast/multicol/newmulticol tests on ios-simulator
ryanhaddad@apple.com [Tue, 1 Mar 2016 00:54:15 +0000 (00:54 +0000)]
Re-enable passing fast/multicol/newmulticol tests on ios-simulator

Unreviewed test gardening.

* platform/ios-simulator-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197376 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRefactor CoreVideo API access into their own classes so code can be re-used.
jer.noble@apple.com [Tue, 1 Mar 2016 00:44:53 +0000 (00:44 +0000)]
Refactor CoreVideo API access into their own classes so code can be re-used.
https://bugs.webkit.org/show_bug.cgi?id=154544

Reviewed by Eric Carlson.

In order for common CoreVideo code paths to be re-used in other classes, pull those paths
out of MediaPlayerPrivateAVFoundationObjC and into re-usable clasess.

* WebCore.xcodeproj/project.pbxproj:
* platform/cf/CoreMediaSoftLink.cpp:
* platform/cf/CoreMediaSoftLink.h:
* platform/cocoa/CoreVideoSoftLink.cpp: Added.
* platform/cocoa/CoreVideoSoftLink.h: Added.
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::createPixelBuffer):
(WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage):
(WebCore::MediaPlayerPrivateAVFoundationObjC::copyVideoTextureToPlatformTexture):
(WebCore::CVPixelBufferGetBytePointerCallback): Deleted.
(WebCore::CVPixelBufferReleaseBytePointerCallback): Deleted.
(WebCore::CVPixelBufferReleaseInfoCallback): Deleted.
(WebCore::createImageFromPixelBuffer): Deleted.
(WebCore::enumToStringMap): Deleted.
* platform/graphics/cv/PixelBufferConformerCV.cpp: Added.
(WebCore::PixelBufferConformerCV::PixelBufferConformerCV):
(WebCore::CVPixelBufferGetBytePointerCallback):
(WebCore::CVPixelBufferReleaseBytePointerCallback):
(WebCore::CVPixelBufferReleaseInfoCallback):
(WebCore::PixelBufferConformerCV::createImageFromPixelBuffer):
* platform/graphics/cv/PixelBufferConformerCV.h: Added.
* platform/graphics/cv/TextureCacheCV.h: Added.
(WebCore::TextureCacheCV::context):
* platform/graphics/cv/TextureCacheCV.mm: Added.
(WebCore::TextureCacheCV::create):
(WebCore::TextureCacheCV::TextureCacheCV):
(WebCore::TextureCacheCV::textureFromImage):
* platform/graphics/cv/VideoTextureCopierCV.cpp: Added.
(WebCore::VideoTextureCopierCV::VideoTextureCopierCV):
(WebCore::VideoTextureCopierCV::~VideoTextureCopierCV):
(WebCore::enumToStringMap):
(WebCore::VideoTextureCopierCV::copyVideoTextureToPlatformTexture):
* platform/graphics/cv/VideoTextureCopierCV.h: Added.
(WebCore::VideoTextureCopierCV::context):
* platform/mediastream/mac/AVVideoCaptureSource.mm: Move SOFT_LINK declarations into CoreVideoSoftLink.h/cpp.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197375 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSpeculatedType should be easier to edit
fpizlo@apple.com [Tue, 1 Mar 2016 00:39:20 +0000 (00:39 +0000)]
SpeculatedType should be easier to edit
https://bugs.webkit.org/show_bug.cgi?id=154840

Reviewed by Mark Lam.

We used to specify the bitmasks in SpeculatedType.h using hex codes. This used to work
great because we didn't have so many masks and you could use the mask to visually see
which ones overlapped. It also made it easy to visualize subset relationships.

But now we have a lot of masks with a lot of confusing overlaps, and it's no longer
possible to just see their relationship by looking at hex codes. Worse, the use of hex
codes makes it super annoying to move the bits around. For example, right now we have two
bits free, but if we wanted to reclaim them by editing the old hex masks, it would be a
nightmare.

So this patch replaces the hex masks with shift expressions (1u << 15 for example) and it
makes any derived masks (i.e. masks that are the bit-or of other masks) be expressed using
an or expression (SpecFoo | SpecBar | SpecBaz for example).

This makes it easier to see the relationships and it makes it easier to take bits for new
types.

* bytecode/SpeculatedType.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197374 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix timing flakiness in test I added in http://trac.webkit.org/changeset/197372
beidson@apple.com [Tue, 1 Mar 2016 00:08:27 +0000 (00:08 +0000)]
Fix timing flakiness in test I added in trac.webkit.org/changeset/197372

Unreviewed.

* TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess-1.html:
* TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess-2.html:
* TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess.mm:
(TEST): Sometimes a third message from the first html file was leaking through. The message is expected
  so we should always wait for it and make sure we got it.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197373 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: WebKit 2 IPC layer easily confused about multiple web processes being...
beidson@apple.com [Mon, 29 Feb 2016 23:13:35 +0000 (23:13 +0000)]
Modern IDB: WebKit 2 IPC layer easily confused about multiple web processes being connected.
https://bugs.webkit.org/show_bug.cgi?id=154837

Reviewed by Alex Christensen.

Source/WebKit2:

The crux of the bug is that WebProcesses cannot assign themselves server-unique identifiers...
The server must do that for them.

A once-per-session-per-WebProcess sync message and a few updates to connection management fix this.

* DatabaseProcess/DatabaseToWebProcessConnection.cpp:
(WebKit::DatabaseToWebProcessConnection::didReceiveSyncMessage):
(WebKit::generateConnectionToServerIdentifier):
(WebKit::DatabaseToWebProcessConnection::establishIDBConnectionToServer):
* DatabaseProcess/DatabaseToWebProcessConnection.h:
* DatabaseProcess/DatabaseToWebProcessConnection.messages.in:

* WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp:
(WebKit::WebIDBConnectionToServer::WebIDBConnectionToServer):
(WebKit::generateConnectionToServerIdentifier): Deleted.

* WebProcess/Databases/WebToDatabaseProcessConnection.cpp:
(WebKit::WebToDatabaseProcessConnection::didReceiveMessage):
(WebKit::WebToDatabaseProcessConnection::idbConnectionToServerForSession):
* WebProcess/Databases/WebToDatabaseProcessConnection.h:

Tools:

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess-1.html: Added.
* TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess-2.html: Added.
* TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess.mm: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197372 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Add direct number inputs to Bezier editor
commit-queue@webkit.org [Mon, 29 Feb 2016 23:06:58 +0000 (23:06 +0000)]
Web Inspector: Add direct number inputs to Bezier editor
https://bugs.webkit.org/show_bug.cgi?id=154809
<rdar://problem/24881465>

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-02-29
Reviewed by Timothy Hatcher.

* UserInterface/Base/Main.js:
(WebInspector._updateWindowKeydownListener):
Now only adds the shared event listener when the first keydown listener
is added via WebInspector.addWindowKeydownListener

* UserInterface/Controllers/CodeMirrorBezierEditingController.js:
(WebInspector.CodeMirrorBezierEditingController.prototype.popoverDidDismiss):

* UserInterface/Controllers/CodeMirrorEditingController.js:
(WebInspector.CodeMirrorEditingController.prototype.popoverDidDismiss):
(WebInspector.CodeMirrorEditingController.prototype.didDismissPopover):
Added function that is called when the popover is dismissed so that
removing event listeners is possible.

* UserInterface/Views/BezierEditor.css:
(.bezier-editor):
(.bezier-editor > .number-input-container):
(.bezier-editor > .number-input-container > input):

* UserInterface/Views/BezierEditor.js:
(WebInspector.BezierEditor.createControl):
(WebInspector.BezierEditor.createBezierInput):
(WebInspector.BezierEditor):
Added usage of Element.prototype.createChild for ease of readability.
Also added input elements for manually changing the values of each bezier
point's x and y values.

(WebInspector.BezierEditor.prototype.set bezier):
(WebInspector.BezierEditor.prototype.removeListeners):
(WebInspector.BezierEditor.prototype._handleMousedown):
(WebInspector.BezierEditor.prototype._updateBezier):
(WebInspector.BezierEditor.prototype._updateBezierPreview):
(WebInspector.BezierEditor.prototype._triggerPreviewAnimation):
(WebInspector.BezierEditor.prototype._handleNumberInputInput):
(WebInspector.BezierEditor.prototype._handleNumberInputKeydown):
(WebInspector.BezierEditor.prototype._changeBezierForInput):
Refactored code to make it more reusable, as well as adding event listeners
to the newly created inputs, including value chaning from the arrow keys.

* UserInterface/Views/CSSStyleDeclarationTextEditor.js:
(WebInspector.CSSStyleDeclarationTextEditor.prototype.didDismissPopover): Deleted.
Removed unused code.

* UserInterface/Views/InlineSwatch.js:
(WebInspector.InlineSwatch):
(WebInspector.InlineSwatch.prototype.didDismissPopover):
Removes any global event listeners added by the current editor if able.

(WebInspector.InlineSwatch.prototype._swatchElementClicked):
Now saves the current editor object as a member variable.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197371 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoOverridesHasInstance constant folding is wrong
keith_miller@apple.com [Mon, 29 Feb 2016 22:45:16 +0000 (22:45 +0000)]
OverridesHasInstance constant folding is wrong
https://bugs.webkit.org/show_bug.cgi?id=154833

Reviewed by Filip Pizlo.

The current implementation of OverridesHasInstance constant folding
is incorrect. Since it relies on OSR exit information it has been
moved to the StrengthReductionPhase. Normally, such an optimazation would be
put in FixupPhase, however, there are a number of cases where we don't
determine an edge of OverridesHasInstance is a constant until after fixup.
Performing the optimization during StrengthReductionPhase means we can defer
our decision until later.

In the future we should consider creating a version of this optimization
that does not depend on OSR exit information and move the optimization back
to ConstantFoldingPhase.

* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants): Deleted.
* dfg/DFGStrengthReductionPhase.cpp:
(JSC::DFG::StrengthReductionPhase::handleNode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197370 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemoving unnecessary ios-simulator-wk2 expectation file.
ryanhaddad@apple.com [Mon, 29 Feb 2016 22:41:06 +0000 (22:41 +0000)]
Removing unnecessary ios-simulator-wk2 expectation file.

Unreviewed test gardening.

* platform/ios-simulator-wk2/imported/w3c/web-platform-tests/html/semantics/forms/the-input-element/type-change-state-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197369 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRebaseline imported/w3c/web-platform-tests/html/dom/reflection-forms.html after r197355
ryanhaddad@apple.com [Mon, 29 Feb 2016 22:37:10 +0000 (22:37 +0000)]
Rebaseline imported/w3c/web-platform-tests/html/dom/reflection-forms.html after r197355

Unreviewed test gardening.

* platform/ios-simulator/imported/w3c/web-platform-tests/html/dom/reflection-forms-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197368 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRebaseline imported/w3c/web-platform-tests/html/dom/reflection-embedded.html for...
ryanhaddad@apple.com [Mon, 29 Feb 2016 22:37:08 +0000 (22:37 +0000)]
Rebaseline imported/w3c/web-platform-tests/html/dom/reflection-embedded.html for ios-simulator after r197237

Unreviewed test gardening.

* platform/ios-simulator/imported/w3c/web-platform-tests/html/dom/reflection-embedded-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197367 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoB3 should have global store elimination
fpizlo@apple.com [Mon, 29 Feb 2016 22:33:58 +0000 (22:33 +0000)]
B3 should have global store elimination
https://bugs.webkit.org/show_bug.cgi?id=154658

Reviewed by Benjamin Poulain.

Source/JavaScriptCore:

Implements fairly comprehensive global store elimination:

1) If you store the result of a load with no interference in between, remove the store.

2) If you store the same thing you stored previously, remove the store.

3) If you store something that you either loaded previously or stored previously along
   arbitrarily many paths, remove the store.

4) If you store to something that is stored to again in the future with no interference in
   between, remove the store.

Rule (4) is super relevant to FTL since the DFG does not eliminate redundant PutStructures.
A constructor that produces a large object will have many redundant stores to the same base
pointer, offset, and heap range, with no code to observe that heap raneg in between.

This doesn't have a decisive effect on major benchmarks, but it's an enormous win for
microbenchmarks:

- 30% faster to construct an object with many fields.

- 5x faster to do many stores to a global variable.

The compile time cost should be very small. Although the optimization is global, it aborts as
soon as it sees anything that would confound store elimination. For rules (1)-(3), we
piggy-back the existing load elimination, which gives up on interfering stores. For rule (4),
we search forward through the current block and then globally a block at a time (skipping
block contents thanks to summary data), which could be expensive. But rule (4) aborts as soon
as it sees a read, write, or end block (Return or Oops). Any Check will claim to read TOP. Any
Patchpoint that results from an InvalidationPoint will claim to read TOP, as will any
Patchpoints for ICs. Those are usually sprinkled all over the program.

In other words, this optimization rarely kicks in. When it does kick in, it makes programs run
faster. When it doesn't kick in, it's usually O(1) because there are reasons for aborting all
over a "normal" program so the search will halt almost immediately. This of course raises the
question: how much more in compile time do we pay when the optimization does kick in? The
optimization kicks in the most for the microbenchmarks I wrote for this patch. Amazingly, the
effect of the optimization a wash for compile time: whatever cost we pay doing the O(n^2)
searches is balanced by the massive reduction in work in the backend. On one of the two
microbenchmarks, overall compile time actually shrank with this optimization even though CSE
itself cost more. That's not too surprising - the backend costs much more per instruction, so
things that remove instructions before we get to the backend tend to be a good idea.

We could consider adding a more aggressive version of this in the future, which could sink
stores into checks. That could be crazy fun: https://bugs.webkit.org/show_bug.cgi?id=152162#c3

But mainly, I'm adding this optimization because it was super fun to implement during the
WebAssembly CG summit.

* b3/B3EliminateCommonSubexpressions.cpp:
* b3/B3MemoryValue.h:
* b3/B3SuccessorCollection.h:
(JSC::B3::SuccessorCollection::begin):
(JSC::B3::SuccessorCollection::end):
(JSC::B3::SuccessorCollection::const_iterator::const_iterator):
(JSC::B3::SuccessorCollection::const_iterator::operator*):
(JSC::B3::SuccessorCollection::const_iterator::operator++):
(JSC::B3::SuccessorCollection::const_iterator::operator==):
(JSC::B3::SuccessorCollection::const_iterator::operator!=):

LayoutTests:

These two benchmarks both speed up significantly with this change.

* js/regress/build-large-object-expected.txt: Added.
* js/regress/build-large-object.html: Added.
* js/regress/many-repeat-stores-expected.txt: Added.
* js/regress/many-repeat-stores.html: Added.
* js/regress/script-tests/build-large-object.js: Added.
* js/regress/script-tests/many-repeat-stores.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197366 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMake it cheap to #include "JITOperations.h"
fpizlo@apple.com [Mon, 29 Feb 2016 22:14:59 +0000 (22:14 +0000)]
Make it cheap to #include "JITOperations.h"
https://bugs.webkit.org/show_bug.cgi?id=154836

Reviewed by Mark Lam.

Prior to this change, this header included the whole world even though it did't have any
definitions. This patch turns almost all of the includes into forward declarations. Right
now this header is very cheap to include.

* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* JavaScriptCore.xcodeproj/project.pbxproj:
* dfg/DFGSpeculativeJIT.h:
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* jit/Repatch.h:
* runtime/CommonSlowPaths.h:
(JSC::encodeResult): Deleted.
(JSC::decodeResult): Deleted.
* runtime/SlowPathReturnType.h: Added.
(JSC::encodeResult):
(JSC::decodeResult):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197365 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUse WTF::Optional for HTMLOListElement::m_start
cdumez@apple.com [Mon, 29 Feb 2016 21:32:28 +0000 (21:32 +0000)]
Use WTF::Optional for HTMLOListElement::m_start
https://bugs.webkit.org/show_bug.cgi?id=154824

Reviewed by Andreas Kling.

Use WTF::Optional for HTMLOListElement::m_start.

* html/HTMLOListElement.cpp:
(WebCore::HTMLOListElement::parseAttribute):
* html/HTMLOListElement.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197364 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[GTK][jhbuild] GLib build fails with GCC 6.0
jdiggs@igalia.com [Mon, 29 Feb 2016 21:14:51 +0000 (21:14 +0000)]
[GTK][jhbuild] GLib build fails with GCC 6.0
https://bugs.webkit.org/show_bug.cgi?id=154825

Use the upstream work-around. https://bugzilla.gnome.org/show_bug.cgi?id=761550

Reviewed by Csaba Osztrogonác.

* gtk/jhbuild.modules: Apply upstream path.
* gtk/patches/gdate-suppress-string-format-literal-warning.patch: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197363 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoDon't call NetworkProcess::singleton from WebProcess when using NetworkSession
achristensen@apple.com [Mon, 29 Feb 2016 20:46:13 +0000 (20:46 +0000)]
Don't call NetworkProcess::singleton from WebProcess when using NetworkSession
https://bugs.webkit.org/show_bug.cgi?id=154829

Reviewed by Anders Carlsson.

We were calling NetworkProcess::singleton when making the default session in the
WebProcess, which caused bad things to happen.  We also were never clearing the
credentials in the WebProcess between tests because it used to always call
NetworkProcess::singleton, which caused flaky tests.

This fixes repeatable crashes in http/tests/media/media-document-referer.html and
http/tests/media/media-document.html when using NetworkSession.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::NetworkProcess):
(WebKit::NetworkProcess::~NetworkProcess):
* NetworkProcess/NetworkSession.h:
* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(WebKit::configurationForType):
(WebKit::globalCustomProtocolManager):
(WebKit::NetworkSession::setCustomProtocolManager):
(WebKit::NetworkSession::defaultSession):
* WebProcess/WebProcess.cpp:
(WebKit::WebProcess::clearCachedCredentials):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197362 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWe've been running Octane/regexp all wrong in run-jsc-benchmarks
fpizlo@apple.com [Mon, 29 Feb 2016 19:35:17 +0000 (19:35 +0000)]
We've been running Octane/regexp all wrong in run-jsc-benchmarks
https://bugs.webkit.org/show_bug.cgi?id=154827

Reviewed by Andreas Kling.

Octane v.2 and JetStream v.1.1 run this benchmark with warmup. This script was running
it without warmup. This patches fixes this by making this script run it with warmup.

This fix shows that my last patch, which added FTL support for regexp, was actually a 3%
speed-up on Octane/regexp, not a slow-down as the ChangeLog claimed.

It discovered this bug because for each Octane test that I want to debug, I usually make
a standalone .js file that contains the whole test along with a miniharness - usually
a plain loop - that runs it almost like it would for real but with whatever hacks I'm
using for debugging. When I wrote such a thing for regexp, I used a ~20 iteration warmup
to match the one second of warmup that this benchmark gets in Octane. To my surprise,
this quite faithful regexp runner did not see the regression that run-jsc-benchmarks
saw. That's when I found out that run-jsc-benchmarks was running it wrong.

The reason for the no-warmup slow-down is that the FTL is actually fairly expensive to
run on some of these very large functions in the regexp benchmark. I don't think we can
do anything about that, and I'd argue that the speed-up we see after the compilation is
done suggests that it was worth it.

* Scripts/run-jsc-benchmarks:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197361 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRefCounter<T>::Event -> RefCounterEvent
barraclough@apple.com [Mon, 29 Feb 2016 18:55:21 +0000 (18:55 +0000)]
RefCounter<T>::Event -> RefCounterEvent
https://bugs.webkit.org/show_bug.cgi?id=154767

Reviewed by Darin Adler.

RefCounter<T>::Event is kinda verbose to use, and there is no need for this
to be specific to a particular typeof RefCounter. Move the enum class up to
the top level & rename to RefCounterEvent.

Source/WebCore:

* page/PageThrottler.cpp:
(WebCore::PageThrottler::PageThrottler):
(WebCore::m_audiblePluginHysteresis):
(WebCore::m_mediaActivityCounter):
(WebCore::m_pageLoadActivityCounter):
* platform/VNodeTracker.cpp:
(WebCore::VNodeTracker::singleton):
(WebCore::VNodeTracker::VNodeTracker):
(WebCore::m_lastWarningTime):

Source/WebKit2:

Also remove UserObservablePageToken - this is vestigial & not really offering
anything over just using UserObservablePageCounter::Token directly.

* UIProcess/Plugins/PluginProcessManager.cpp:
(WebKit::PluginProcessManager::PluginProcessManager):
* UIProcess/Plugins/PluginProcessManager.h:
* UIProcess/Plugins/mac/PluginProcessManagerMac.mm:
(WebKit::PluginProcessManager::updateProcessSuppressionDisabled):
* UIProcess/ProcessThrottler.cpp:
(WebKit::ProcessThrottler::ProcessThrottler):
(WebKit::m_backgroundCounter):
(WebKit::m_suspendMessageCount):
* UIProcess/ProcessThrottler.h:
* UIProcess/WebPageProxy.h:
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::WebProcessPool):
(WebKit::m_processSuppressionDisabledForPageCounter):
(WebKit::m_hiddenPageThrottlingAutoIncreasesCounter):
* UIProcess/WebProcessPool.h:

Source/WTF:

* wtf/RefCounter.h:
(WTF::RefCounter<T>::Count::ref):
(WTF::RefCounter<T>::Count::deref):

Tools:

* TestWebKitAPI/Tests/WTF/RefCounter.cpp:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197360 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agostreams/pipe-to.html flaky on mac-wk1 debug
youenn.fablet@crf.canon.fr [Mon, 29 Feb 2016 18:51:28 +0000 (18:51 +0000)]
streams/pipe-to.html flaky on mac-wk1 debug
https://bugs.webkit.org/show_bug.cgi?id=154687

Reviewed by Darin Adler.

* TestExpectations: Marking streams/pipe-to.html as slow.
* streams/pipe-to.html: Increasing the timeout value.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197359 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemove more LLVM related cruft
ossy@webkit.org [Mon, 29 Feb 2016 18:33:24 +0000 (18:33 +0000)]
Remove more LLVM related cruft
https://bugs.webkit.org/show_bug.cgi?id=154821

Reviewed by Darin Adler.

* Scripts/build-jsc:
* Scripts/build-webkit:
* Scripts/copy-webkitlibraries-to-product-directory:
* Scripts/export-llvm-build: Removed.
* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197358 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFTL should be able to run everything in Octane/regexp
fpizlo@apple.com [Mon, 29 Feb 2016 18:05:17 +0000 (18:05 +0000)]
FTL should be able to run everything in Octane/regexp
https://bugs.webkit.org/show_bug.cgi?id=154266

Reviewed by Saam Barati.

Adds FTL support for NewRegexp, RegExpTest, and RegExpExec. I couldn't figure out how to
make the RegExpExec peephole optimization work in FTL. This optimizations shouldn't be a
DFG backend optimization anyway - if we need this optimization then it should be a
strength reduction rule over IR. That way, it can be shared by all backends.

I measured whether removing that optimization had any effect on performance separately
from measuring the performance of this patch. Removing that optimization did not change
our score on any benchmarks.

This patch does have an overall negative effect on the Octane/regexp score. This is
presumably because tiering up to the FTL has no value to the code in the regexp test. Or
maybe it's something else. No matter - the overall effect on the Octane score is not
statistically significant and we don't want this kind of coverage blocked by the fact
that adding coverage hurts a benchmark.

* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGNode.h:
(JSC::DFG::Node::setIndexingType):
(JSC::DFG::Node::hasRegexpIndex):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileNotifyWrite):
(JSC::DFG::SpeculativeJIT::compileIsObjectOrNull):
(JSC::DFG::SpeculativeJIT::compileRegExpExec): Deleted.
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckWatchdogTimer):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpExec):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpTest):
(JSC::FTL::DFG::LowerDFGToB3::compileNewRegexp):
(JSC::FTL::DFG::LowerDFGToB3::didOverflowStack):
* tests/stress/ftl-regexp-exec.js: Added.
* tests/stress/ftl-regexp-test.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197357 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUse HTML parsing rules for textarea.maxLength
cdumez@apple.com [Mon, 29 Feb 2016 17:36:51 +0000 (17:36 +0000)]
Use HTML parsing rules for textarea.maxLength
https://bugs.webkit.org/show_bug.cgi?id=154805

Reviewed by Andreas Kling.

LayoutTests/imported/w3c:

Rebaseline now that more checks are passing.

* web-platform-tests/html/dom/reflection-forms-expected.txt:

Source/WebCore:

Use HTML parsing rules for textarea.maxLength:
- https://html.spec.whatwg.org/multipage/forms.html#dom-textarea-maxlength
- https://html.spec.whatwg.org/multipage/infrastructure.html#limited-to-only-non-negative-numbers

No new tests, already covered by existing test.

* html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::maxLength):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197355 268f45cc-cd09-0410-ab3c-d52691b4dbfc