WebKit-https.git
16 months agoAdd a bisect button to automatically schedule bisecting A/B tasks.
dewei_zhu@apple.com [Thu, 19 Apr 2018 22:16:23 +0000 (22:16 +0000)]
Add a bisect button to automatically schedule bisecting A/B tasks.
https://bugs.webkit.org/show_bug.cgi?id=183888

Reviewed by Ryosuke Niwa.

Extended AnalysisTask's ability to figure out bisecting A/B tasks based on existing data points and test groups.
Updated analysis page UI to show bisect button which will only appear when the middle commit set of the range in
test group can be found.

Finding middle commit set algorithm is described as follows:
1. Find all commits from multiple repositories among the ranges specified by two commit sets in test group. In
the meanwhile, merge all commits that have commit time into a single list. For commits only have commit order,
put those commits into separate lists.
2. Filter all the available commit sets in current analysis task by keeping the ones have exact repositories
as the two commit sets in specified test group, and every commit of a commit set is in side the commit range.
After filtering the commit sets, sort the remaining ones and only keep one commit set if multiple commit sets
are equal to each other.
3. Among commits processed by step 2, find the commit sets that have the commit which is closest to the middle of
all commits that have commit time created from step 1.
4. Among commits processed by step 3, find the commit sets that have the commit which is closest to the middle of
commits that only have commit order and categorized by repository. We have to iterate through repository as commit
order is not granted to be comparable between different repositories.
5. If more than one commit sets are found, choose the middle commit set.

* public/v3/commit-set-range-bisector.js: Added.
(CommitSetRangeBisector.async.commitSetClosestToMiddleOfAllCommits): Instead of naively returning the middle of
existing commit set array, this function selects a bisect bisection points that is closest to actually middle of
the revision range based on all revisions reported to performance dashboard.
(CommitSetRangeBisector._findCommitSetsWithinRange): Helper function to find commit sets those are in specified range.
(CommitSetRangeBisector._orderCommitSetsByTimeAndOrderThenDeduplicate): Helper function to sort and deduplicate commit sets.
(CommitSetRangeBisector._closestCommitSetsToBisectingCommitByTime): Helper function to find the commit sets those
are closest to the middle of among all the commits in the range that have commit time.
(CommitSetRangeBisector._findCommitSetsClosestToMiddleOfCommitsWithOrder): Helper function which goes through all
repositories the commit of which has commit order, and find the commit sets those are closest to the middle of
commits for each repository.
(CommitSetRangeBisector._buildCommitToCommitSetMap): Helper function to builder mapping from a commit to commit
sets those contain this commit.
(CommitSetRangeBisector._findCommitClosestToMiddleIndex): Helper function to find closest commit to the middle of index.
(CommitSetRangeBisector):
* public/v3/index.html: Imports 'public/v3/commit-set-range-bisector.js'.
* public/v3/models/analysis-task.js:
(AnalysisTask.prototype.async.commitSetsFromTestGroupsAndMeasurementSet): Aggregates all existing commit sets in
test groups of current analysis tasks.
* public/v3/models/commit-log.js:
(CommitLog.prototype.hasCommitTime): A helper function determine whether a commit has a commit time. For commit
that does not have time, server will return commit time as zero. As it is unrealistic for a commit has commit time
0, it would be safe to assume a valid commit time is greater than 0.
(CommitLog.prototype.hasCommitOrder): Returns whether a commit has a commit oder.
(CommitLog.hasOrdering): Determine whether we can order two commits by commit time or commit order.
(CommitLog.orderTwoCommits): Order two commits incrementally.
* public/v3/models/commit-set.js:
(CommitSet.prototype.hasSameRepositories): A helper function to determine whether a commit set has same repositories
as current repository.
(CommitSet.containsRootOrPatchOrOwnedCommit): A helper function to determine whether current commit set has root,
patch or owned commit.
(CommitSet.commitForRepository): This function defined twice identically, remove one of them.
* public/v3/models/test-group.js: Make '_computeRequestedCommitSets' a static function as it does not use any
instance variables.
* public/v3/pages/analysis-task-page.js: Added bisect button.
(AnalysisTaskTestGroupPane):
(AnalysisTaskTestGroupPane.prototype.didConstructShadowTree):
(AnalysisTaskTestGroupPane.prototype.setTestGroups): Update 'setTestGroups' to update _bisectingCommitSetByTestGroup
when the test groups changes.
(AnalysisTaskTestGroupPane.prototype._renderCurrentTestGroup): Added code to conditionally show bisect button.
Bisect button will only show when there is a middle commit set for that test group.
(AnalysisTaskTestGroupPane.htmlTemplate):
(AnalysisTaskTestGroupPane.cssTemplate):
(AnalysisTaskPage.prototype.didConstructShadowTree):
(AnalysisTaskPage.prototype._retryCurrentTestGroup):
(AnalysisTaskPage.prototype.async._bisectCurrentTestGroup): A callback when bisect button is clicked.
* tools/js/v3-models.js:
* unit-tests/commit-log-tests.js: Added unit tests for 'CommitLog.hasCommitTime', 'CommitLog.hasCommitOrder',
'CommitLog.orderTwoCommits', 'CommitLog.hasOrdering'.
* unit-tests/commit-set-range-bisector-tests.js: Unit tests for 'CommitSetRangeBisector.commitSetClosestToMiddleOfAllCommits'.
* unit-tests/commit-set-tests.js: Added unit tests for 'CommitSet.hasSameRepositories' and 'CommitSet.containsRootOrPatchOrOwnedCommit'.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230821 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWeb Inspector backend should get headers & cookies from network process separately...
youenn@apple.com [Thu, 19 Apr 2018 21:27:02 +0000 (21:27 +0000)]
Web Inspector backend should get headers & cookies from network process separately from resource requests
https://bugs.webkit.org/show_bug.cgi?id=184396
<rdar://problem/38877384>

Reviewed by Brian Burg.

Source/WebCore:

Add two new loader strategies to get response and network metrics directly from
NetworkProcess based on resource loader identifier.
Use these methods in InspectorNetworkAgent when response/metrics might be filtered.

Covered by existing tests, in particular http/tests/inspector/network/fetch-network-data.html which would fail
without this since we are now setting the sourceOrigin for NetworkResourceLoader, which is used to sanitize response headers.

* inspector/agents/InspectorNetworkAgent.cpp:
(WebCore::InspectorNetworkAgent::didReceiveResponse):
(WebCore::InspectorNetworkAgent::didFinishLoading):
* loader/LoaderStrategy.cpp:
(WebCore::LoaderStrategy::responseFromResourceLoaIdentifier):
(WebCore::LoaderStrategy::networkMetricsFromResourceLoaIdentifier):
* loader/LoaderStrategy.h:

Source/WebKit:

Add support for storing response and network metrics for every resource load.
This is made conditional on inspector being activated.
NetworkConnectionToWebProcess keeps a response and network metrics for every load.
This is cleared when inspector is going away or when a web process requests
the data.

WebLoaderStrategy gets this data through synchronous IPC.
Synchronous IPC is a temporary implementation until Inspector code gets refactored.

Updated WebLoaderStrategy to pass the sourceOrigin for every NetworkResourceLoader.
This activates additional sanitization based on cross origin status.

* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::setCaptureExtraNetworkLoadMetricsEnabled):
* NetworkProcess/NetworkConnectionToWebProcess.h:
(WebKit::NetworkConnectionToWebProcess::takeNetworkLoadInformationResponse):
(WebKit::NetworkConnectionToWebProcess::takeNetworkLoadInformationMetrics):
(WebKit::NetworkConnectionToWebProcess::addNetworkLoadInformationResponse):
(WebKit::NetworkConnectionToWebProcess::addNetworkLoadInformationMetrics):
(WebKit::NetworkConnectionToWebProcess::removeNetworkLoadInformation):
* NetworkProcess/NetworkConnectionToWebProcess.messages.in:
* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::didReceiveResponse):
(WebKit::NetworkResourceLoader::didFinishLoading):
(WebKit::NetworkResourceLoader::didFailLoading):
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::responseFromResourceLoadIdentifier):
(WebKit::WebLoaderStrategy::networkMetricsFromResourceLoadIdentifier):
* WebProcess/Network/WebLoaderStrategy.h:
* WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::didReceiveResponse):

LayoutTests:

* http/wpt/service-workers/header-filtering.https-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230820 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Extra zoom mode] Add a mechanism to extend the height of the layout viewport in...
wenson_hsieh@apple.com [Thu, 19 Apr 2018 21:00:50 +0000 (21:00 +0000)]
[Extra zoom mode] Add a mechanism to extend the height of the layout viewport in extra zoom mode
https://bugs.webkit.org/show_bug.cgi?id=184782
<rdar://problem/38346712>

Reviewed by Tim Horton.

Source/WebCore:

Add a new helper on FrameView to compute an expanded layout viewport size, as well as a new setting for the
height expansion factor when computing visual viewport dimensions. See WebKit/ChangeLog for more detail.

Test: fast/visual-viewport/extrazoom/layout-viewport-after-scrolling-and-resizing.html

* page/FrameView.cpp:
(WebCore::FrameView::expandedLayoutViewportSize):
* page/FrameView.h:
* page/Settings.yaml:

Source/WebKit:

In extra zoom mode, at initial scale, fixed position elements may take up a large portion of the viewport. This
leaves little room for non-fixed-position elements; to improve this experience, we introduce a mechanism to
extend the height of the layout viewport. By default, the layout viewport size is determined by the FrameView's
baseLayoutViewportSize, and passed into FrameView::computeUpdatedLayoutViewportRect in the client layer; in
extra zoom mode, if the layout viewport is shorter than the document width, we try to double the height of the
layout viewport and clamp to the document height if necessary.

* Shared/WebPreferences.yaml:

Add a new preference to determine the factor by which we should expand the height of the layout viewport. By
default, this is 0 (no increase in layout viewport height); in extra zoom mode, this is 1, which means we'll
increase the layout viewport's height by 1x the default height.

* Shared/WebPreferencesDefaultValues.h:
* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView activeMinimumLayoutSizes:]):

Fixes a bug when computing the active minimum layout size. If a minimum allowed layout width is specified, we
clamp the active layout width (normally the view size) so that it is no less than the minimum allowed layout
width. However, the height is currently unaffected, which causes FrameView::baseLayoutViewportSize to return a
bogus size, where the width is scaled to 320px but the height isn't. Instead, we should scale the layout height
to match the new width here.

* UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::computeCustomFixedPositionRect const):

Expand the base viewport layout size if necessary, given the expansion factor in WebPreferences.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::dynamicViewportSizeUpdate):

Expand the base viewport layout size if necessary, given the expansion factor in Settings.

LayoutTests:

Add a new layout test to exercise the following scenarios:
•   The layout viewport should be fully extended when the document is much taller than the viewport.
•   Programmatically shrinking the document height to less than the viewport height causes the layout viewport
    to shrink to the viewport height.
•   Programmatically extending the document height to a little more than the viewport height causes the layout
    viewport to also expand, but this time, only to the new document height.

* TestExpectations:

Skip tests in fast/visual-viewport/extrazoom by default.

* fast/visual-viewport/extrazoom/layout-viewport-after-scrolling-and-resizing-expected.txt: Added.
* fast/visual-viewport/extrazoom/layout-viewport-after-scrolling-and-resizing.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230819 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION (r229133): decidePolicyForNavigationAction not called for loading an HTML...
cdumez@apple.com [Thu, 19 Apr 2018 20:57:52 +0000 (20:57 +0000)]
REGRESSION (r229133): decidePolicyForNavigationAction not called for loading an HTML string
https://bugs.webkit.org/show_bug.cgi?id=184209
<rdar://problem/39145306>

Reviewed by Ryosuke Niwa.

Source/WebCore:

In r229133, we stopped doing navigation policy checks for about:blank because about:blank
loads need to happen synchronously for Web-compatibility. However, this regressed loading
an HTML string in a WebView because in such cases, the URL is also about:blank with
substitute data.

In this patch, we take a more conservative approach and restore policy checking for
'about:blank' but using synchronous IPC.

* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy):

Tools:

Add API test coverage.

* TestWebKitAPI/Tests/WebKitCocoa/DecidePolicyForNavigationAction.mm:
(TEST):

LayoutTests:

Rebaseline existing layout tests. Their output is back to what it was before r229133.

* fast/loader/iframe-src-invalid-url-expected.txt:
* fast/loader/policy-delegate-action-hit-test-zoomed-expected.txt:
* loader/navigation-policy/should-open-external-urls/subframe-click-target-self-expected.txt:
* loader/navigation-policy/should-open-external-urls/subframe-click-target-top-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230818 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWeb Automation: simulated mouse interactions should not be done until associated...
bburg@apple.com [Thu, 19 Apr 2018 20:37:31 +0000 (20:37 +0000)]
Web Automation: simulated mouse interactions should not be done until associated DOM events have been dispatched
https://bugs.webkit.org/show_bug.cgi?id=184462
<rdar://problem/39323336>

Reviewed by Carlos Garcia Campos and Tim Horton.

Covered by existing layout tests and actions endpoints in WebDriver test suite.

In preparation for implementing the W3C WebDriver command "Perform Actions", we need a way to
know when a simulated mouse event has been fully processed by WebProcess and it is okay to continue
to dispatch more simulated events.

This patch makes mouse events go through a queue as they are delivered to WebPageProxy. The approach
is very similar to how key events are handled. In the key event case, lots of WebEvents can come out
of typing one keystroke, so these need to be queued up and retired one by one when the WebProcess has
finished handling each event. In some mouse event cases---particularly fake mouse moves---there can
also be more than one mouse event waiting to be handled by WebProcess.

In the past, these queued mouse events were tracked with several member variables as different
use cases emerged. These are all replaced with ordinary deque operations, such as peeking or
checking the queue length.

* Platform/Logging.h: Add logging channel for mouse events.
* UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::AutomationCommandError::toProtocolString): Add type-safe helper class for command errors.
In future patches we can hide knowledge of how this is sent over the protocol by relying more on
the convenience constructors and .toProtocolString() method.

(WebKit::WebAutomationSession::willShowJavaScriptDialog):
This section needs adjustments. Since performMouseInteraction now depends on key events being processed
prior to returning from the command, we need to abort any key event callbacks that are pending if an
alert pops up as a result of sending a mousedown event. Any mouse events that are still queued will
be handled when the alert is dismissed and the nested run loop exits.

(WebKit::WebAutomationSession::mouseEventsFlushedForPage):
(WebKit::WebAutomationSession::keyboardEventsFlushedForPage):
Modernize this a bit. Don't spread knowledge about how commands are sent back out into event handling code.
Our wrapper callbacks in performXXXInteraction handle the protocol-specific details of the response.

(WebKit::WebAutomationSession::performMouseInteraction):
Add code similar to performKeyboardInteractions so that the command doesn't finish until the mouse
event has been fully handled. Unlike keyboards, sometimes mouse interactions don't turn into WebEvents
so we also need to handle the case where there is nothing to be waited on because hit testing did
not return a target to deliver the event to.

(WebKit::WebAutomationSession::performKeyboardInteractions):
Modernize a little bit to use generic callbacks rather than protocol-generated callbacks in the
event waiting/handling code. Now it matches the types used for the mouse event case.

* UIProcess/Automation/WebAutomationSession.h:
(WebKit::AutomationCommandError::AutomationCommandError):
Add a helper struct to hold an enumerated error name and an optional free-form error message.

* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::webMouseEventTypeString):
(WebKit::webKeyboardEventTypeString):
(WebKit::WebPageProxy::handleMouseEvent):
(WebKit::WebPageProxy::processNextQueuedMouseEvent):
Split the old method into handleMouseEvent (called by other code) and processNextQueuedMouseEvent.
The latter sends the next mouse event to WebProcess, and can be triggered in didReceiveEvent
if there are more mouse events to be sent to WebProcess.

(WebKit::WebPageProxy::isProcessingMouseEvents const): Added.
(WebKit::WebPageProxy::currentlyProcessedMouseDownEvent): Reimplemented on top of the deque.
(WebKit::WebPageProxy::didReceiveEvent):
Unify the code paths for different mouse event types to all use the deque. They also will
notify the automation session if there are no more mouse events to send (i.e., interaction is over).

(WebKit::WebPageProxy::resetStateAfterProcessExited): Add handling for new map.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230817 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoSupport calc() in webkit-gradient and cross-fade
commit-queue@webkit.org [Thu, 19 Apr 2018 20:25:55 +0000 (20:25 +0000)]
Support calc() in webkit-gradient and cross-fade
https://bugs.webkit.org/show_bug.cgi?id=182225

Patch by Chris Nardi <cnardi@chromium.org> on 2018-04-19
Reviewed by Simon Fraser.

Source/WebCore:

calc() was previously unsupported in webkit-gradient and webkit-cross-fade, but both should take calc() values.
Update the code to support calc() values.

Tests: LayoutTests/css3/calc/cross-fade-calc.html
       LayoutTests/css3/calc/webkit-gradient-calc.html

* css/parser/CSSPropertyParserHelpers.cpp:
(WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradientColorStop):
(WebCore::CSSPropertyParserHelpers::consumeCrossFade):

LayoutTests:

Add new test cases.

* css3/calc/cross-fade-calc.html: Added.
* css3/calc/cross-fade-calc-expected.txt: Added.
* css3/calc/webkit-gradient-calc.html: Added.
* css3/calc/webkit-gradient-calc-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230816 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] Implement find-in-page in the new WKPDFView
aestes@apple.com [Thu, 19 Apr 2018 19:33:59 +0000 (19:33 +0000)]
[iOS] Implement find-in-page in the new WKPDFView
https://bugs.webkit.org/show_bug.cgi?id=184654
<rdar://problem/39331654>

Reviewed by Tim Horton.

This is theoretically covered by existing WKPDFView API tests, but that's currently blocked
by <rdar://problem/39475542>.

* UIProcess/ios/WKPDFView.mm:
(stringCompareOptions):

Mapped _WKFindOptions to NSStringCompareOptions.

(-[WKPDFView _resetFind]):

Cancelled an in-progress search and reset the search state.

(-[WKPDFView _findString:withOptions:maxCount:completion:]):

Stored the completion block, find string, and max count, then called
-[PDFHostViewController findString:withOptions:].

(-[WKPDFView web_countStringMatches:options:maxCount:]):

Called -_findString:withOptions:maxCount:completion: with a completion block that calls
FindClient::didCountStringMatches() with _findStringCount.

(-[WKPDFView _computeFocusedSearchResultIndexWithOptions:didWrapAround:]):

Computed the focused search result index, taking _findStringCount and wrap-around into
account. There are two interesting cases to mention here:

1. We can't change focus while a search is in progress, because we can't properly handle
wrap-around without a _findStringCount. If a search is in progress, store the requested
focus change in _focusedSearchResultPendingOffset, which will be applied once the search
finishes.

2. If wrap-around is about to happen but the find options do not allow it, we need to call
FindClient::didFailToFindString(). Handle this by returning NO, which will tell
-_focusOnSearchResultWithOptions: to call didFailToFindString() if a search is not in
progress.

(-[WKPDFView _focusOnSearchResultWithOptions:]):

If -_computeFocusedSearchResultIndexWithOptions:didWrapAround: failed while a search is in
progress, just return early. Otherwise, call FindClient::didFailToFindString(). If
computing the index did not fail, call -[PDFHostViewController focusOnSearchResultAtIndex:]
to change focus and then call FindClient::didFindString() to inform the client.

(-[WKPDFView web_findString:options:maxCount:]):

If the find string is equal to _findString, change focus. Otherwise, start a new search.

(-[WKPDFView web_hideFindUI]):

Called -_resetFind.

(-[WKPDFView pdfHostViewController:findStringUpdate:done:]):

Stored the count in _findStringCount and called _findCompletion once the search is done.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230814 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoThe InternalFunction hierarchy should be in IsoSubspaces
fpizlo@apple.com [Thu, 19 Apr 2018 19:33:03 +0000 (19:33 +0000)]
The InternalFunction hierarchy should be in IsoSubspaces
https://bugs.webkit.org/show_bug.cgi?id=184721

Reviewed by Saam Barati.
Source/JavaScriptCore:

This moves InternalFunction into a IsoSubspace. It also moves all subclasses into IsoSubspaces,
but subclasses that are the same size as InternalFunction share its subspace. I did this
because the subclasses appear to just override methods, which are called dynamically via the
structure or class of the object. So, I don't see a type confusion risk if UAF is used to
allocate one kind of InternalFunction over another.

* API/JSBase.h:
* API/JSCallbackFunction.h:
* API/ObjCCallbackFunction.h:
(JSC::ObjCCallbackFunction::subspaceFor):
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* heap/IsoSubspacePerVM.cpp: Added.
(JSC::IsoSubspacePerVM::AutoremovingIsoSubspace::AutoremovingIsoSubspace):
(JSC::IsoSubspacePerVM::AutoremovingIsoSubspace::~AutoremovingIsoSubspace):
(JSC::IsoSubspacePerVM::IsoSubspacePerVM):
(JSC::IsoSubspacePerVM::~IsoSubspacePerVM):
(JSC::IsoSubspacePerVM::forVM):
* heap/IsoSubspacePerVM.h: Added.
(JSC::IsoSubspacePerVM::SubspaceParameters::SubspaceParameters):
* runtime/Error.h:
* runtime/ErrorConstructor.h:
* runtime/InternalFunction.h:
(JSC::InternalFunction::subspaceFor):
* runtime/IntlCollatorConstructor.h:
* runtime/IntlDateTimeFormatConstructor.h:
* runtime/IntlNumberFormatConstructor.h:
* runtime/JSArrayBufferConstructor.h:
* runtime/NativeErrorConstructor.h:
* runtime/ProxyRevoke.h:
* runtime/RegExpConstructor.h:
* runtime/VM.cpp:
(JSC::VM::VM):
* runtime/VM.h:

Source/WebCore:

No new tests because no new behavior.

* bindings/js/WebCoreJSClientData.cpp:
(WebCore::JSVMClientData::JSVMClientData):
* bindings/js/WebCoreJSClientData.h:
(WebCore::JSVMClientData::runtimeMethodSpace):
* bridge/runtime_method.cpp:
(JSC::RuntimeMethod::subspaceForImpl):
* bridge/runtime_method.h:

Source/WebKit:

* WebProcess/Plugins/Netscape/JSNPMethod.cpp:
(WebKit::JSNPMethod::subspaceForImpl):
* WebProcess/Plugins/Netscape/JSNPMethod.h:
(WebKit::JSNPMethod::create): Deleted.
(WebKit::JSNPMethod::npIdentifier const): Deleted.
(WebKit::JSNPMethod::createStructure): Deleted.
* WebProcess/Plugins/Netscape/JSNPObject.cpp:
(WebKit::JSNPObject::subspaceForImpl):
* WebProcess/Plugins/Netscape/JSNPObject.h:
(WebKit::JSNPObject::create): Deleted.
(WebKit::JSNPObject::npObject const): Deleted.
(WebKit::JSNPObject::createStructure): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230813 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd globally-unique HistoryItem identifiers (and have WebKit2 adopt them).
beidson@apple.com [Thu, 19 Apr 2018 18:45:40 +0000 (18:45 +0000)]
Add globally-unique HistoryItem identifiers (and have WebKit2 adopt them).
<rdar://problem/39533949> and https://bugs.webkit.org/show_bug.cgi?id=184750

Reviewed by Ryosuke Niwa.

Source/WebCore:

No new tests (Refactor, no behavior change).

In WebCore, we:
- Add a process-unique "BackForwardItemIdentifier"
- Make all HistoryItems have such an identifier as a member

* WebCore.xcodeproj/project.pbxproj:

* history/BackForwardItemIdentifier.h: Added.
(WebCore::BackForwardItemIdentifier::logString const):
(WebCore::operator==):
(WebCore::BackForwardItemIdentifier::encode const):
(WebCore::BackForwardItemIdentifier::decode):
(WebCore::BackForwardItemIdentifier::hash const):
(WTF::BackForwardItemIdentifierHash::hash):
(WTF::BackForwardItemIdentifierHash::equal):
(WTF::HashTraits<WebCore::BackForwardItemIdentifier>::emptyValue):
(WTF::HashTraits<WebCore::BackForwardItemIdentifier>::constructDeletedValue):
(WTF::HashTraits<WebCore::BackForwardItemIdentifier>::isDeletedValue):

* history/HistoryItem.cpp:
(WebCore::HistoryItem::generateSequenceNumber):
(WebCore::HistoryItem::HistoryItem):
(WebCore::generateSequenceNumber): Deleted.

* history/HistoryItem.h:
(WebCore::HistoryItem::create):
(WebCore::HistoryItem::identifier const):

Source/WebKit:

With process swapping, the assumption that "back/forward items belong to a process" is invalid.

All HistoryItem/WebBackForwardListItems now need to be uniquely identified across all processes,
no matter which process they originated from, so there will never be a collision in the UIProcess.

This allows us to:
- Have the UIProcess to keep a single process-wide map of all WebBackForwardListItems
- Get rid of the per-WebProcess WebBackForwardListItem map
- Simplify a lot of WebBackForwardList(Proxy) code that no longer needs to keep that per-process
  map in sync
- Get rid of a lot of other ancillary code

* Shared/SessionState.cpp:
(WebKit::BackForwardListItemState::decode):
* Shared/SessionState.h:

* Shared/WebBackForwardListItem.cpp:
(WebKit::WebBackForwardListItem::WebBackForwardListItem):
(WebKit::WebBackForwardListItem::~WebBackForwardListItem):
(WebKit::WebBackForwardListItem::itemForID):
(WebKit::WebBackForwardListItem::highestUsedItemID): Deleted.
* Shared/WebBackForwardListItem.h:
(WebKit::WebBackForwardListItem::itemID const):

* Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):
* Shared/WebPageCreationParameters.h:

* UIProcess/WebBackForwardList.cpp:
(WebKit::WebBackForwardList::itemForID):
(WebKit::WebBackForwardList::pageClosed):
(WebKit::WebBackForwardList::addItem):
(WebKit::WebBackForwardList::restoreFromState):
(WebKit::generateWebBackForwardItemID): Deleted.
* UIProcess/WebBackForwardList.h:

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::maybeCreateSuspendedPage):
(WebKit::WebPageProxy::initializeWebPage):
(WebKit::WebPageProxy::willGoToBackForwardListItem):
(WebKit::WebPageProxy::restoreFromSessionState):
(WebKit::WebPageProxy::backForwardAddItem):
(WebKit::WebPageProxy::backForwardGoToItem):
(WebKit::WebPageProxy::backForwardItemAtIndex):
(WebKit::WebPageProxy::creationParameters):
(WebKit::WebPageProxy::backForwardRemovedItem):
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:

* UIProcess/WebProcessPool.cpp: Explicitly set the UIProcess Process::Identifier so it starts
  at "1" and then the first child process starts at "2", etc etc.

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::removeWebPage):
(WebKit::WebProcessProxy::checkURLReceivedFromWebProcess):
(WebKit::WebProcessProxy::updateBackForwardItem):
(WebKit::WebProcessProxy::webBackForwardItem const): Deleted.
(WebKit::WebProcessProxy::registerNewWebBackForwardListItem): Deleted.
(WebKit::WebProcessProxy::removeBackForwardItem): Deleted.
(WebKit::WebProcessProxy::addOrUpdateBackForwardItem): Deleted.
* UIProcess/WebProcessProxy.h:
* UIProcess/WebProcessProxy.messages.in:

* WebProcess/WebCoreSupport/SessionStateConversion.cpp:
(WebKit::toBackForwardListItemState):
(WebKit::applyFrameState):
(WebKit::toHistoryItem):
(WebKit::toPageState): Deleted.
* WebProcess/WebCoreSupport/SessionStateConversion.h:

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::shouldGoToHistoryItem const):

* WebProcess/WebPage/WebBackForwardListProxy.cpp:
(WebKit::WebBackForwardListProxy::addItemFromUIProcess):
(WebKit::WK2NotifyHistoryItemChanged):
(WebKit::WebBackForwardListProxy::itemForID):
(WebKit::WebBackForwardListProxy::removeItem):
(WebKit::WebBackForwardListProxy::addItem): Previously this was a two-step process of adding an item
  to the process and then associating it with the page. Now it's just directly adding it to the page,
  so we don't need to call updateBackForwardItem first.
(WebKit::WebBackForwardListProxy::goToItem):
(WebKit::WebBackForwardListProxy::itemAtIndex):
(WebKit::WebBackForwardListProxy::close):
(WebKit::historyItemToIDMap): Deleted.
(WebKit::generateHistoryItemID): Deleted.
(WebKit::WebBackForwardListProxy::setHighestItemIDFromUIProcess): Deleted.
(WebKit::updateBackForwardItem): Deleted.
(WebKit::WebBackForwardListProxy::idForItem): Deleted.
* WebProcess/WebPage/WebBackForwardListProxy.h:

* WebProcess/WebPage/WebPage.cpp:
(WebKit::m_credentialsMessenger):
(WebKit::WebPage::goToBackForwardItem):
(WebKit::WebPage::restoreSessionInternal):
(WebKit::WebPage::didRemoveBackForwardItem):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

Source/WTF:

* wtf/DebugUtilities.h:
(WTF::debugString):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230812 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rolling out r230677.
pvollan@apple.com [Thu, 19 Apr 2018 18:25:36 +0000 (18:25 +0000)]
Unreviewed, rolling out r230677.

Introduced Netflix problems.

Reverted changeset:

"Deactivate the WindowServer connection for the WebContent process."
https://bugs.webkit.org/show_bug.cgi?id=184451
https://trac.webkit.org/changeset/230677

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230811 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoNetworkProcess should use CSP/content blockers for sync XHR
youenn@apple.com [Thu, 19 Apr 2018 17:54:35 +0000 (17:54 +0000)]
NetworkProcess should use CSP/content blockers for sync XHR
https://bugs.webkit.org/show_bug.cgi?id=184760

Reviewed by Chris Dumez.

Source/WebKit:

Setting CSP/ContentBlockers parameters for sync XHR loads.
* NetworkProcess/NetworkResourceLoader.cpp:

LayoutTests:

* http/tests/contentextensions/sync-xhr-redirection-blocked-expected.txt: Added.
* http/tests/contentextensions/sync-xhr-redirection-blocked.html: Added.
* http/tests/contentextensions/sync-xhr-redirection-blocked.html.json: Added.
* http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/insecure-sync-xhr-in-main-frame-window.html: Added.
* http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-sync-xhr-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-sync-xhr-in-main-frame.html: Added.
* platform/mac-wk1/TestExpectations:
* platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230810 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed test gardening for iOS simulator.
ryanhaddad@apple.com [Thu, 19 Apr 2018 17:49:21 +0000 (17:49 +0000)]
Unreviewed test gardening for iOS simulator.

* platform/ios-wk2/TestExpectations:
* platform/ios-wk2/imported/w3c/web-platform-tests/beacon/headers/header-content-type-expected.txt: Removed.
* platform/ios/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230809 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAX: AOM: respect the accessibility setting for dispatching the accessible events
n_wang@apple.com [Thu, 19 Apr 2018 17:36:40 +0000 (17:36 +0000)]
AX: AOM: respect the accessibility setting for dispatching the accessible events
https://bugs.webkit.org/show_bug.cgi?id=184619

Reviewed by Ryosuke Niwa.

Source/WebCore:

Added accessibilityEventsEnabled as a setting on the page.

Test: accessibility/ios-simulator/accessibility-events-setting.html

* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::shouldDispatchAccessibilityEvent const):
* page/Settings.yaml:
* testing/InternalSettings.cpp:
(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setAccessibilityEventsEnabled):
* testing/InternalSettings.h:
* testing/InternalSettings.idl:

Source/WebKit:

Linked libAccessibility on iOS and macOS to use the platform accessibility settings
for allowing dispatching the accessibility events.

* Configurations/WebKit.xcconfig:
* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]):
(accessibilityEventsEnabledChangedCallback):
(-[WKWebView _updateAccessibilityEventsEnabled]):
* UIProcess/API/Cocoa/WKWebViewInternal.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::updateAccessibilityEventsEnabled):
* UIProcess/WebPageProxy.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updateAccessibilityEventsEnabled):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

Source/WTF:

* wtf/Platform.h:

LayoutTests:

* accessibility/ios-simulator/accessibility-events-setting-expected.txt: Added.
* accessibility/ios-simulator/accessibility-events-setting.html: Added.
* platform/ios-wk1/TestExpectations:
* platform/ios-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230808 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix build when WK_ALTERNATE_FRAMEWORKS_DIR is set to non-empty value
jer.noble@apple.com [Thu, 19 Apr 2018 17:14:19 +0000 (17:14 +0000)]
Fix build when WK_ALTERNATE_FRAMEWORKS_DIR is set to non-empty value
https://bugs.webkit.org/show_bug.cgi?id=184693
<rdar://problem/39491884>

Reviewed by Tim Horton.

* Configurations/WebCore.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230807 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix flakiness in worker-to-worker test
commit-queue@webkit.org [Thu, 19 Apr 2018 17:02:38 +0000 (17:02 +0000)]
Fix flakiness in worker-to-worker test
https://bugs.webkit.org/show_bug.cgi?id=184769
<rdar://problem/39552333>

Patch by Tadeu Zagallo <tzagallo@apple.com> on 2018-04-19
Reviewed by Alexey Proskuryakov.

* workers/worker-to-worker-expected.txt:
* workers/worker-to-worker.html:
* workers/worker-to-worker.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230806 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoChange MediaSource WebCore to return NewObject for SourceBuffers
commit-queue@webkit.org [Thu, 19 Apr 2018 16:01:09 +0000 (16:01 +0000)]
Change MediaSource WebCore to return NewObject for SourceBuffers
https://bugs.webkit.org/show_bug.cgi?id=184642

Patch by Eric Stobbart <ericstobbart@gmail.com> on 2018-04-19
Reviewed by Chris Dumez.

Minor change inline with IDL documentation

* Modules/mediasource/MediaSource.cpp:
(WebCore::MediaSource::addSourceBuffer):
(): Deleted.
* Modules/mediasource/MediaSource.h:
* Modules/mediasource/MediaSource.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230805 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rebaseline tests for iOS simulator.
ryanhaddad@apple.com [Thu, 19 Apr 2018 15:58:30 +0000 (15:58 +0000)]
Unreviewed, rebaseline tests for iOS simulator.

* platform/ios/TestExpectations:
* platform/ios/editing/deleting/delete-emoji-9-expected.txt:
* platform/ios/http/tests/blink/sendbeacon/beacon-same-origin-expected.txt: Added.
* platform/ios/imported/w3c/web-platform-tests/beacon/headers/header-content-type-expected.txt: Added.
* platform/ios/quicklook/excel-expected.txt:
* platform/ios/quicklook/excel-legacy-expected.txt:
* platform/ios/quicklook/excel-macro-enabled-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230804 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoSkip legacy-animation-engine/media/track/opera directory on iOS.
ryanhaddad@apple.com [Thu, 19 Apr 2018 15:58:26 +0000 (15:58 +0000)]
Skip legacy-animation-engine/media/track/opera directory on iOS.
https://bugs.webkit.org/show_bug.cgi?id=184420

Unreviewed test gardening.

The media/track/opera directory is already skipped on iOS, so skip this duplicated directory.

* platform/ios/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230803 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMark imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-transfer...
ryanhaddad@apple.com [Thu, 19 Apr 2018 15:58:24 +0000 (15:58 +0000)]
Mark imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-transfer.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=182833

Unreviewed test gardening.

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230802 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMark media/video-aspect-ratio.html as flaky.
ryanhaddad@apple.com [Thu, 19 Apr 2018 15:58:21 +0000 (15:58 +0000)]
Mark media/video-aspect-ratio.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=184457

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230801 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed GTK+ gardening after r230796.
magomez@igalia.com [Thu, 19 Apr 2018 15:00:41 +0000 (15:00 +0000)]
Unreviewed GTK+ gardening after r230796.

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230800 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, build fix for Ubuntu LTS GCC
utatane.tea@gmail.com [Thu, 19 Apr 2018 12:47:33 +0000 (12:47 +0000)]
Unreviewed, build fix for Ubuntu LTS GCC
https://bugs.webkit.org/show_bug.cgi?id=184756

The variable name "windowProxy" (with auto&) conflicts with the function name "windowProxy".

* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::updateDocument):
(WebCore::ScriptController::collectIsolatedContexts):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230799 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, Fix jsc shell
utatane.tea@gmail.com [Thu, 19 Apr 2018 12:35:40 +0000 (12:35 +0000)]
Unreviewed, Fix jsc shell
https://bugs.webkit.org/show_bug.cgi?id=184600

WebAssembly module loading does not finish with drainMicrotasks().
So JSNativeStdFunction's capturing variables become invalid.
This patch fixes this issue.

* jsc.cpp:
(functionDollarAgentStart):
(runWithOptions):
(runJSC):
(jscmain):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230798 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoCaret rendered at incorrect location inside empty table cell
rego@igalia.com [Thu, 19 Apr 2018 07:10:48 +0000 (07:10 +0000)]
Caret rendered at incorrect location inside empty table cell
https://bugs.webkit.org/show_bug.cgi?id=85385

Reviewed by Zalan Bujtas.

Source/WebCore:

This is based on a previous patch by Shezan Baig <shezbaig.wk@gmail.com>.

This fixes the position of the caret in empty cells,
that was painted lower than expected
(and then modified when you start to edit the cell).

Ensures that editable table cells have at least one line when
they are laid out. This ensures that the cell's intrinsic before/after
padding is calculated correctly, which results in the caret location
being calculated correctly.

Test: editing/caret/caret-in-empty-cell.html

* rendering/RenderTableCell.cpp:
(WebCore::RenderTableCell::hasLineIfEmpty): Override method to consider
that it has an an empty line if the table cell is editable.
* rendering/RenderTableCell.h:

LayoutTests:

* editing/caret/caret-in-empty-cell-expected.html: Added.
* editing/caret/caret-in-empty-cell.html: Added.
* editing/deleting/5206311-2-expected.txt:
* editing/deleting/5433862-1-expected.txt:
* platform/gtk/editing/deleting/5126166-expected.png:
* platform/gtk/editing/deleting/5126166-expected.txt:
* platform/gtk/editing/deleting/5206311-1-expected.png:
* platform/gtk/editing/deleting/5206311-1-expected.txt:
* platform/gtk/editing/deleting/5433862-2-expected.png:
* platform/gtk/editing/deleting/5433862-2-expected.txt:
* platform/gtk/editing/deleting/5483370-expected.png:
* platform/gtk/editing/deleting/5483370-expected.txt:
* platform/gtk/editing/selection/move-by-line-001-expected.png:
* platform/gtk/editing/selection/move-by-line-001-expected.txt:
* platform/gtk/editing/selection/select-all-004-expected.txt:
* platform/ios-simulator/editing/deleting/5126166-expected.txt:
* platform/ios-simulator/editing/deleting/5206311-1-expected.txt:
* platform/ios-simulator/editing/deleting/5433862-2-expected.txt:
* platform/ios-simulator/editing/deleting/5483370-expected.txt:
* platform/mac/editing/deleting/5126166-expected.png:
* platform/mac/editing/deleting/5126166-expected.txt:
* platform/mac/editing/deleting/5206311-1-expected.png:
* platform/mac/editing/deleting/5206311-1-expected.txt:
* platform/mac/editing/deleting/5433862-2-expected.png:
* platform/mac/editing/deleting/5433862-2-expected.txt:
* platform/mac/editing/deleting/5483370-expected.png:
* platform/mac/editing/deleting/5483370-expected.txt:
* platform/mac/editing/selection/move-by-line-001-expected.txt:
* platform/mac/editing/selection/select-all-004-expected.txt:
* platform/win/editing/deleting/5126166-expected.png: Added.
* platform/win/editing/deleting/5126166-expected.txt:
* platform/win/editing/deleting/5206311-1-expected.png: Added.
* platform/win/editing/deleting/5206311-1-expected.txt:
* platform/win/editing/deleting/5433862-2-expected.png: Added.
* platform/win/editing/deleting/5433862-2-expected.txt:
* platform/win/editing/deleting/5483370-expected.png: Added.
* platform/win/editing/deleting/5483370-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230797 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WinCairo][EWS] Build bot should clean user temp directory each time.
ross.kirsling@sony.com [Thu, 19 Apr 2018 05:38:53 +0000 (05:38 +0000)]
[WinCairo][EWS] Build bot should clean user temp directory each time.
https://bugs.webkit.org/show_bug.cgi?id=184761

Reviewed by Lucas Forschler.

* EWSTools/Start-Queue.ps1:
Clean user's temp directory before each build, so that Windows git doesn't fill it up over time.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230796 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoCleanup TextControlInnerElements
dbates@webkit.org [Thu, 19 Apr 2018 04:19:50 +0000 (04:19 +0000)]
Cleanup TextControlInnerElements
https://bugs.webkit.org/show_bug.cgi?id=184475

Reviewed by Antti Koivisto.

Clean up TextControlInnerElement::resolveCustomStyle(), move the implementation of
TextControlPlaceholderElement::create() from the header to the cpp file, replace
fancy comments to demarcate classes with MARK: so that they show up in Xcode's
function menu.

* html/shadow/TextControlInnerElements.cpp:
(WebCore::TextControlInnerElement::resolveCustomStyle):
(WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
(WebCore::TextControlPlaceholderElement::create):
* html/shadow/TextControlInnerElements.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230795 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRename WindowProxyController to WindowProxy
cdumez@apple.com [Thu, 19 Apr 2018 04:02:30 +0000 (04:02 +0000)]
Rename WindowProxyController to WindowProxy
https://bugs.webkit.org/show_bug.cgi?id=184756

Reviewed by Sam Weinig.

Rename WindowProxyController to WindowProxy for clarity. When the IDL uses WindowProxy, the implementation
needed use WindowProxyController type, which was a bit confusing.

Source/WebCore:

* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/DOMWrapperWorld.cpp:
(WebCore::DOMWrapperWorld::~DOMWrapperWorld):
(WebCore::DOMWrapperWorld::clearWrappers):
* bindings/js/DOMWrapperWorld.h:
(WebCore::DOMWrapperWorld::didCreateWindowProxy):
(WebCore::DOMWrapperWorld::didDestroyWindowProxy):
* bindings/js/JSBindingsAllInOne.cpp:
* bindings/js/JSDOMWindowBase.cpp:
(WebCore::toJS):
* bindings/js/JSDOMWindowProxy.cpp:
(WebCore::toJS):
(WebCore::toJSDOMWindowProxy):
* bindings/js/JSDOMWindowProxy.h:
(WebCore::toJS):
(WebCore::toJSDOMWindowProxy):
* bindings/js/ScriptCachedFrameData.cpp:
(WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
(WebCore::ScriptCachedFrameData::restore):
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::evaluateInWorld):
(WebCore::ScriptController::loadModuleScriptInWorld):
(WebCore::ScriptController::linkAndEvaluateModuleScriptInWorld):
(WebCore::ScriptController::evaluateModule):
(WebCore::ScriptController::setupModuleScriptHandlers):
(WebCore::ScriptController::windowProxy):
(WebCore::ScriptController::enableEval):
(WebCore::ScriptController::enableWebAssembly):
(WebCore::ScriptController::disableEval):
(WebCore::ScriptController::disableWebAssembly):
(WebCore::ScriptController::updateDocument):
(WebCore::ScriptController::collectIsolatedContexts):
(WebCore::ScriptController::windowScriptNPObject):
(WebCore::ScriptController::executeIfJavaScriptURL):
* bindings/js/ScriptController.h:
(WebCore::ScriptController::globalObject):
* bindings/js/ScriptControllerMac.mm:
(WebCore::ScriptController::windowScriptObject):
* bindings/js/ScriptState.cpp:
(WebCore::mainWorldExecState):
* bindings/js/WindowProxy.cpp: Renamed from Source/WebCore/bindings/js/WindowProxyController.cpp.
(WebCore::WindowProxy::WindowProxy):
(WebCore::WindowProxy::~WindowProxy):
(WebCore::WindowProxy::destroyJSWindowProxy):
(WebCore::WindowProxy::createJSWindowProxy):
(WebCore::WindowProxy::jsWindowProxiesAsVector const):
(WebCore::WindowProxy::createJSWindowProxyWithInitializedScript):
(WebCore::WindowProxy::clearJSWindowProxiesNotMatchingDOMWindow):
(WebCore::WindowProxy::setDOMWindow):
(WebCore::WindowProxy::attachDebugger):
* bindings/js/WindowProxy.h: Renamed from Source/WebCore/bindings/js/WindowProxyController.h.
(WebCore::WindowProxy::jsWindowProxies const):
(WebCore::WindowProxy::releaseJSWindowProxies):
(WebCore::WindowProxy::setJSWindowProxies):
(WebCore::WindowProxy::jsWindowProxy):
(WebCore::WindowProxy::existingJSWindowProxy const):
(WebCore::WindowProxy::globalObject):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::clear):
(WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):
* page/AbstractFrame.cpp:
(WebCore::AbstractFrame::AbstractFrame):
* page/AbstractFrame.h:
(WebCore::AbstractFrame::windowProxy):
(WebCore::AbstractFrame::windowProxy const):
* page/Page.cpp:
(WebCore::Page::setDebugger):
* page/RemoteDOMWindow.cpp:
(WebCore::RemoteDOMWindow::self const):
(WebCore::RemoteDOMWindow::top const):
(WebCore::RemoteDOMWindow::opener const):
(WebCore::RemoteDOMWindow::parent const):
* page/RemoteDOMWindow.h:

Source/WebKit:

* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::windowScriptNPObject):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::frameBecameRemote):

Source/WebKitLegacy/mac:

* Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::getWindowNPObject):
* WebView/WebFrame.mm:
(-[WebFrame _attachScriptDebugger]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230794 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoLayoutTests/imported/w3c:
youenn@apple.com [Thu, 19 Apr 2018 00:47:20 +0000 (00:47 +0000)]
LayoutTests/imported/w3c:
Allow cross-origin redirections for synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=184723

Reviewed by Alex Christensen.

* web-platform-tests/XMLHttpRequest/access-control-and-redirects-expected.txt:

Source/WebKit:
Allow SameOrigin credentials handling for synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=184723

Reviewed by Alex Christensen.

In case of SameOrigin credentials, we need to stop the current load
in case of cross origin redirection to restart a load with a different session.
Covered by updated WK2 tests.
Rebased WK1 tests since this is Wk1 only.

* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::startNetworkLoad):
(WebKit::NetworkResourceLoader::willSendRedirectedRequest):
* NetworkProcess/NetworkResourceLoader.h:

LayoutTests:
Allow SameOrigin credentials handling for synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=184723

Reviewed by Alex Christensen.

* http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
* http/tests/xmlhttprequest/access-control-and-redirects.html:
* http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt:
* http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt:
* http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt:
* platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
* platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt.
* platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt.
* platform/mac-wk1/http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt.
* platform/win/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
* platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt.
* platform/win/http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt.
* platform/win/http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230791 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoBuildbots using Python zipfile should enable compression
ross.kirsling@sony.com [Wed, 18 Apr 2018 23:40:36 +0000 (23:40 +0000)]
Buildbots using Python zipfile should enable compression
https://bugs.webkit.org/show_bug.cgi?id=184759

Reviewed by Lucas Forschler.

* BuildSlaveSupport/built-product-archive:
(createZipManually):
Default is to archive without compressing, so tell it to compress as well.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230790 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoSet RemoteDOMWindow's initial opener
cdumez@apple.com [Wed, 18 Apr 2018 22:27:20 +0000 (22:27 +0000)]
Set RemoteDOMWindow's initial opener
https://bugs.webkit.org/show_bug.cgi?id=184716

Reviewed by Sam Weinig.

Source/WebCore:

Add support for WindowProxy type in the IDL. The implementation should
return a WindowProxyController and toJS() will take care of converting
this into a JSValue via JSDOMWindowProxy.

No new tests, rebaselined existing test.

* WebCore.xcodeproj/project.pbxproj:
* bindings/IDLTypes.h:
* bindings/js/JSDOMConvertWindowProxy.h: Added.
(WebCore::JSConverter<IDLWindowProxy>::convert):
* bindings/js/JSDOMWindowBase.cpp:
(WebCore::toJS):
* bindings/js/JSDOMWindowBase.h:
(WebCore::toJS):
* bindings/js/JSDOMWindowProxy.cpp:
(WebCore::toJS):
(WebCore::toJSDOMWindowProxy):
* bindings/js/JSDOMWindowProxy.h:
(WebCore::toJS):
(WebCore::toJSDOMWindowProxy):
* bindings/js/JSRemoteDOMWindowBase.cpp:
* bindings/js/JSRemoteDOMWindowBase.h:
* bindings/scripts/CodeGenerator.pm:
(IsBuiltinType):
* bindings/scripts/CodeGeneratorJS.pm:
(AddToIncludesForIDLType):
(GetBaseIDLType):
* page/RemoteDOMWindow.cpp:
(WebCore::RemoteDOMWindow::self const):
(WebCore::RemoteDOMWindow::top const):
(WebCore::RemoteDOMWindow::opener const):
(WebCore::RemoteDOMWindow::parent const):
* page/RemoteDOMWindow.h:
* page/RemoteDOMWindow.idl:
* page/RemoteFrame.h:

Source/WebKit:

When a frame becomes remote, transfer the frame opener from the old
frame to the new remote one.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::frameBecameRemote):

LayoutTests:

Rebaseline existing test now that remoteWindow.opener now returns
its initial opener.

* http/tests/navigation/process-swap-window-open-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230789 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDetect system preview links
dino@apple.com [Wed, 18 Apr 2018 22:13:50 +0000 (22:13 +0000)]
Detect system preview links
https://bugs.webkit.org/show_bug.cgi?id=184753
<rdar://problem/39500514>

Reviewed by Antoine Quint.

Source/WebCore:

Detect a special type of link anchor, which we're calling System Previews.
Ultimately this will allow WebKit to present such links in a special
way.

A System Preview link is an <a> element, with a rel attribute that
includes "system-preview". It has a single element child, which is
either an <img> or a <picture>.

Test: system-preview/detection.html

* html/HTMLAnchorElement.cpp:
(WebCore::HTMLAnchorElement::relList): Add braces.
(WebCore::HTMLAnchorElement::isSystemPreviewLink const): New
function.
* html/HTMLAnchorElement.h:

* html/HTMLImageElement.cpp:
(WebCore::HTMLImageElement::isSystemPreviewImage const): Ask the
parent if it is a system preview link.
* html/HTMLImageElement.h:
* html/HTMLPictureElement.cpp:
(WebCore::HTMLPictureElement::isSystemPreviewImage const): Ditto.
* html/HTMLPictureElement.h:

* testing/Internals.cpp: Testing helpers.
(WebCore::Internals::systemPreviewRelType):
(WebCore::Internals::isSystemPreviewLink const):
(WebCore::Internals::isSystemPreviewImage const):
* testing/Internals.h:
* testing/Internals.idl:

LayoutTests:

* system-preview/detection-expected.txt: Added.
* system-preview/detection.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230788 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoSkip animations/missing-from-to.html on mac-wk1 debug.
ryanhaddad@apple.com [Wed, 18 Apr 2018 22:03:44 +0000 (22:03 +0000)]
Skip animations/missing-from-to.html on mac-wk1 debug.
https://bugs.webkit.org/show_bug.cgi?id=184569

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230787 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago:active pseudo class doesn't deactivate when using pressure sensitive trackpad
antti@apple.com [Wed, 18 Apr 2018 22:01:27 +0000 (22:01 +0000)]
:active pseudo class doesn't deactivate when using pressure sensitive trackpad
https://bugs.webkit.org/show_bug.cgi?id=181680

Reviewed by Beth Dakin.

Trackpad sends a mouse force event with force of zero after mouse up event. This causes the element under cursor
activate again.

Even a fake event test doesn't appear to be currently possible as TestRunner crashes if you try to send mouseForceChanged.
All the tests using it are skipped.

* page/EventHandler.cpp:
(WebCore::EventHandler::handleMouseForceEvent):

Don't add HitTestRequest::Active if the force of the force event is zero.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230786 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoEnsure correct screen sizes
megan_gardner@apple.com [Wed, 18 Apr 2018 21:54:52 +0000 (21:54 +0000)]
Ensure correct screen sizes
https://bugs.webkit.org/show_bug.cgi?id=184757

Reviewed by Wenson Hsieh.

Make sure that the screen sizes are actually correct.

Not currently testable, will add tests when it is.

* platform/ios/PlatformScreenIOS.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230785 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoNetworkResourceLoader should not clean itself inside didReceiveResponse
youenn@apple.com [Wed, 18 Apr 2018 21:26:05 +0000 (21:26 +0000)]
NetworkResourceLoader should not clean itself inside didReceiveResponse
https://bugs.webkit.org/show_bug.cgi?id=184754

Reviewed by Chris Dumez.

Delay the cleanup to after the didReceiveResponse call so that NetworkLoad can terminate its work.
Covered by XHR sync tests no longer crashing on GuardMalloc bots.

* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::didReceiveResponse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230783 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAX: [macOS] WebKit hangs when triggering an alert from an AOM increment event
n_wang@apple.com [Wed, 18 Apr 2018 21:21:50 +0000 (21:21 +0000)]
AX: [macOS] WebKit hangs when triggering an alert from an AOM increment event
https://bugs.webkit.org/show_bug.cgi?id=184742

Reviewed by Chris Fleizach.

Source/WebCore:

Made increment and decrement actions on the macOS to be async. So that VoiceOver
won't hang indefinitely if performing the actions causes an alert or other modal
behaviors.

Test: accessibility/mac/async-increment-decrement-action.html

* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper accessibilityPerformIncrementAction]):
(-[WebAccessibilityObjectWrapper _accessibilityPerformIncrementAction]):
(-[WebAccessibilityObjectWrapper accessibilityPerformDecrementAction]):
(-[WebAccessibilityObjectWrapper _accessibilityPerformDecrementAction]):
(-[WebAccessibilityObjectWrapper accessibilityPerformAction:]):

Tools:

* DumpRenderTree/mac/AccessibilityUIElementMac.mm:
(AccessibilityUIElement::increment):
(AccessibilityUIElement::decrement):
* WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
(WTR::AccessibilityUIElement::asyncIncrement):
(WTR::AccessibilityUIElement::asyncDecrement):
* WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
* WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:
(WTR::AccessibilityUIElement::increment):
(WTR::AccessibilityUIElement::decrement):
(WTR::AccessibilityUIElement::asyncIncrement):
(WTR::AccessibilityUIElement::asyncDecrement):

LayoutTests:

* accessibility/mac/async-increment-decrement-action-expected.txt: Added.
* accessibility/mac/async-increment-decrement-action.html: Added.
* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230782 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMediaResourceLoader should set its fetch destination
youenn@apple.com [Wed, 18 Apr 2018 21:21:17 +0000 (21:21 +0000)]
MediaResourceLoader should set its fetch destination
https://bugs.webkit.org/show_bug.cgi?id=184746

Reviewed by Eric Carlson.

LayoutTests/imported/w3c:

* web-platform-tests/service-workers/service-worker/fetch-request-resources.https-expected.txt:
* web-platform-tests/service-workers/service-worker/fetch-request-resources.https.html:
* web-platform-tests/service-workers/service-worker/resources/fetch-request-resources-iframe.https.html:
* web-platform-tests/service-workers/service-worker/resources/fetch-request-resources-worker.js:

Source/WebCore:

Covered by updated test.

* loader/MediaResourceLoader.cpp:
(WebCore::MediaResourceLoader::requestResource):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230781 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix rendering of WKRemoteView layers in the simulator
jer.noble@apple.com [Wed, 18 Apr 2018 21:17:37 +0000 (21:17 +0000)]
Fix rendering of WKRemoteView layers in the simulator
https://bugs.webkit.org/show_bug.cgi?id=184752

Reviewed by Tim Horton.

* Platform/mac/LayerHostingContext.mm:
(WebKit::LayerHostingContext::createForExternalHostingProcess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230780 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix runtime errors in simulator while playing media
jer.noble@apple.com [Wed, 18 Apr 2018 21:17:18 +0000 (21:17 +0000)]
Fix runtime errors in simulator while playing media
https://bugs.webkit.org/show_bug.cgi?id=184751

Reviewed by Eric Carlson.

AVURLAssetHTTPCookiesKey may not be present, and AVPlayer may not respond to certain methods.

* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
(WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):
(WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230779 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix entitlements and sandboxing for iphoneminimalsimulator
jer.noble@apple.com [Wed, 18 Apr 2018 21:06:50 +0000 (21:06 +0000)]
Fix entitlements and sandboxing for iphoneminimalsimulator
https://bugs.webkit.org/show_bug.cgi?id=184692

Reviewed by Tim Horton.

Use the correct implementations for ChildProcess and NetworkProcess
when building for iphoneminimalsimulator. Stub out imlementations
which rely on methods not available in the iphoneminimalsimulator SDK.

* Configurations/Network-OSX.entitlements: Added.
* Configurations/NetworkService.xcconfig:
* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::sourceApplicationAuditData const):
* NetworkProcess/ios/NetworkProcessIOS.mm:
* NetworkProcess/mac/NetworkProcessMac.mm:
(WebKit::NetworkProcess::initializeProcessName):
(WebKit::overrideSystemProxies):
* Shared/ios/ChildProcessIOS.mm:
(WebKit::ChildProcess::initializeSandbox):
* Shared/mac/ChildProcessMac.mm:
(WebKit::ChildProcess::setApplicationIsDaemon):
(WebKit::enableSandboxStyleFileQuarantine):
(WebKit::ChildProcess::initializeSandbox):
(WebKit::ChildProcess::platformStopRunLoop):
* Shared/mac/CodeSigning.mm:
* WebKit.xcodeproj/project.pbxproj:
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::initializeSandbox):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230778 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION(r230748) [WinCairo] 'JSC::JIT::appendCallWithSlowPathReturnType': function...
ross.kirsling@sony.com [Wed, 18 Apr 2018 20:19:55 +0000 (20:19 +0000)]
REGRESSION(r230748) [WinCairo] 'JSC::JIT::appendCallWithSlowPathReturnType': function does not take 1 arguments
https://bugs.webkit.org/show_bug.cgi?id=184725

Reviewed by Mark Lam.

* jit/JIT.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230776 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoIgnore ASSERT when setting AVAudioSessionCategory returns an error on simulator.
jer.noble@apple.com [Wed, 18 Apr 2018 20:13:44 +0000 (20:13 +0000)]
Ignore ASSERT when setting AVAudioSessionCategory returns an error on simulator.
https://bugs.webkit.org/show_bug.cgi?id=184698

Reviewed by Eric Carlson.

* platform/audio/ios/AudioSessionIOS.mm:
* platform/audio/mac/AudioSessionMac.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230775 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Win] Layout Test js/date-constructor.html is failing
ross.kirsling@sony.com [Wed, 18 Apr 2018 20:09:24 +0000 (20:09 +0000)]
[Win] Layout Test js/date-constructor.html is failing
https://bugs.webkit.org/show_bug.cgi?id=140945

Reviewed by Per Arne Vollan.

Source/WTF:

* wtf/DateMath.cpp:
(WTF::calculateDSTOffset):
Move all shared calculations outside of the #if -- including the "jump forward a day" case that had been overlooked.

LayoutTests:

* platform/win/TestExpectations:
* platform/wincairo/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230774 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rolling out r230743.
bburg@apple.com [Wed, 18 Apr 2018 19:17:08 +0000 (19:17 +0000)]
Unreviewed, rolling out r230743.
https://bugs.webkit.org/show_bug.cgi?id=184747

causes mouse clicks to not work on some platforms (Requested
by brrian on #webkit).

Reverted changeset:

"Web Automation: simulated mouse interactions should not be
done until associated DOM events have been dispatched"
https://bugs.webkit.org/show_bug.cgi?id=184462
https://trac.webkit.org/changeset/230743

Patch by Commit Queue <commit-queue@webkit.org> on 2018-04-18

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230773 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix archive step for WinCairo build bot.
ross.kirsling@sony.com [Wed, 18 Apr 2018 19:04:07 +0000 (19:04 +0000)]
Fix archive step for WinCairo build bot.
https://bugs.webkit.org/show_bug.cgi?id=184715

Reviewed by Lucas Forschler.

* BuildSlaveSupport/built-product-archive:
(archiveBuiltProduct):
(extractBuiltProduct):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230772 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAvoid crash if ITP Debug mode is on, but ResourceLoadStatistics are not being used
bfulgham@apple.com [Wed, 18 Apr 2018 18:55:59 +0000 (18:55 +0000)]
Avoid crash if ITP Debug mode is on, but ResourceLoadStatistics are not being used
https://bugs.webkit.org/show_bug.cgi?id=184739
<rdar://problem/39287964>

Reviewed by David Kilzer.

If a user has the ResourceLoadStatistics logic turned off, but has the ITP Debug experimental
flag turned on, you can cause a crash.

This is because the WebsiteDataStore for the process doesn't bother creating a ResourceLoadStatisticsStore
if the statistics machinery is not running. The ITP debug flag was being blindly set without checking
if the statistics store exists or not, which can cause a crash.

* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::setResourceLoadStatisticsDebugMode): Check if the statistics store exists
before calling functions on it.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230771 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WebAssembly][Modules] Import tables in wasm modules
utatane.tea@gmail.com [Wed, 18 Apr 2018 17:55:15 +0000 (17:55 +0000)]
[WebAssembly][Modules] Import tables in wasm modules
https://bugs.webkit.org/show_bug.cgi?id=184738

Reviewed by JF Bastien.

JSTests:

* wasm/modules/wasm-imports-js-re-exports-wasm-exports.js:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wasm:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wat:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/re-export.js:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wasm:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wat:
* wasm/modules/wasm-imports-wasm-exports.js:
* wasm/modules/wasm-imports-wasm-exports/imports.wasm:
* wasm/modules/wasm-imports-wasm-exports/imports.wat:
* wasm/modules/wasm-imports-wasm-exports/sum.wasm:
* wasm/modules/wasm-imports-wasm-exports/sum.wat:

Source/JavaScriptCore:

This patch simply allows wasm modules to import table from wasm modules / js re-exporting.
Basically moving JSWebAssemblyInstance's table linking code to WebAssemblyModuleRecord::link
just works.

* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::create):
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230768 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION: Using the reload button while offline pushes identical pages onto the...
commit-queue@webkit.org [Wed, 18 Apr 2018 17:50:15 +0000 (17:50 +0000)]
REGRESSION: Using the reload button while offline pushes identical pages onto the back/forward list
https://bugs.webkit.org/show_bug.cgi?id=184570
<rdar://problem/34807323>

Patch by Sihui Liu <sihui_liu@apple.com> on 2018-04-18
Reviewed by Chris Dumez.

Source/WebCore:

Set FrameLoadType properly when error occurs in reload.

tests: Tools/TestWebKitAPI/Tests/WebKitCocoa/LoadAlternateHTMLString.mm

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::load):

Tools:

Add API test coverage.

* TestWebKitAPI/Tests/WebKitCocoa/LoadAlternateHTMLString.mm:
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230767 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd -[_WKInputDelegateDelegate willStartInputSession:] for clients that want to confi...
commit-queue@webkit.org [Wed, 18 Apr 2018 17:31:41 +0000 (17:31 +0000)]
Add -[_WKInputDelegateDelegate willStartInputSession:] for clients that want to configure input session before assisting form node
https://bugs.webkit.org/show_bug.cgi?id=184662

Patch by Paul Knight <pknight@apple.com> on 2018-04-18
Reviewed by Beth Dakin.

Clients may wish to configure a WKInputSession before we start assisting
a node. Add a -[_WKInputDelegateDelegate _webView:willStartInputSession:]
callback.

For example, clients that wish to present a custom input view will want
to configure the WKFormInputSession's customInputView before the
keyboard is presented. Otherwise the standard keyboard will begin to
animate and then the custom input view will swap in later.

* UIProcess/API/Cocoa/_WKInputDelegate.h:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _startAssistingNode:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):
    Call -_webView:willStartInputSession: before assisting the node.
    Only create the form session if the delegate implements either
    the willStart or didStartInputSession callbacks.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230766 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ARM] Fix build error and crash after PtrTag change
commit-queue@webkit.org [Wed, 18 Apr 2018 17:16:05 +0000 (17:16 +0000)]
[ARM] Fix build error and crash after PtrTag change
https://bugs.webkit.org/show_bug.cgi?id=184732

Patch by Dominik Infuehr <dinfuehr@igalia.com> on 2018-04-18
Reviewed by Mark Lam.

Do not pass NoPtrTag in callOperation and fix misspelled JSEntryPtrTag. Use
MacroAssemblerCodePtr::createFromExecutableAddress to avoid tagging a pointer
twice with ARM-Thumb2.

* assembler/MacroAssemblerCodeRef.h:
(JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emitSlow_op_put_by_val):
* jit/Repatch.cpp:
(JSC::linkPolymorphicCall):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230765 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd support for converting a local window to a remote window
cdumez@apple.com [Wed, 18 Apr 2018 16:50:36 +0000 (16:50 +0000)]
Add support for converting a local window to a remote window
https://bugs.webkit.org/show_bug.cgi?id=184515
<rdar://problem/39011318>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Add initial support for process-swapping when navigating cross-origin as a result
of a window.open(). The window object returned by window.open() is initially same
origin and is for about:blank. The navigation cross-origin then happens and the
JS wrappers for the window then point to a cross-origin window which is remote (i.e.
hosted in another WebProcess).

The RemoteDOMWindow exposed to JS looks like a regular cross-origin Window with a few
exceptions due to our incomplete implementation (e.g. w.location returns null) and
most of its API is currently not functional. The RemoteDOMWindow API will be implemented
in a follow-up by relying on IPC.

Test: http/tests/navigation/process-swap-window-open.html

* bindings/js/JSDOMGlobalObject.cpp:
(WebCore::JSDOMGlobalObject::scriptExecutionContext const):
* bindings/js/JSDOMPromiseDeferred.h:
* bindings/js/JSDOMWindowProperties.cpp:
(WebCore::JSDOMWindowProperties::getOwnPropertySlot):
* bindings/js/JSDOMWindowProxy.cpp:
(WebCore::JSDOMWindowProxy::finishCreation):
(WebCore::JSDOMWindowProxy::create):
* bindings/js/JSDOMWindowProxy.h:
* bindings/js/JSDOMWrapper.cpp:
(WebCore::JSDOMObject::JSDOMObject):
* bindings/js/JSDOMWrapper.h:
* bindings/js/WindowProxyController.cpp:
(WebCore::WindowProxyController::createWindowProxy):
(WebCore::WindowProxyController::setDOMWindowForWindowProxy):
* bridge/objc/WebScriptObject.mm:
(-[WebScriptObject _isSafeScript]):
Teach more of our bindings code about RemoteDOMWindows.

* dom/Document.cpp:
(WebCore::Document::createDOMWindow):
* loader/FrameLoaderClient.h:
Add FrameLoaderClient function to notify the client when a DOMWindow is constructed in
the frame. This is needed for WebKit2 to link the old window to its new representation
in the new WebProcess.

Source/WebKit:

Add initial support for process-swapping when navigating cross-origin as a result
of a window.open(). The window object returned by window.open() is initially same
origin and is for about:blank. The navigation cross-origin then happens and the
JS wrappers for the window then point to a cross-origin window which is remote (i.e.
hosted in another WebProcess).

The RemoteDOMWindow exposed to JS looks like a regular cross-origin Window with a few
exceptions due to our incomplete implementation (e.g. w.location returns null) and
most of its API is currently not functional. The RemoteDOMWindow API will be implemented
in a follow-up by relying on IPC.

* UIProcess/API/APIProcessPoolConfiguration.cpp:
(API::ProcessPoolConfiguration::copy):
* UIProcess/API/APIProcessPoolConfiguration.h:
* UIProcess/API/C/WKContextConfigurationRef.cpp:
(WKContextConfigurationProcessSwapsOnWindowOpenWithOpener):
(WKContextConfigurationSetProcessSwapsOnWindowOpenWithOpener):
* UIProcess/API/C/WKContextConfigurationRef.h:
* UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
* UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:
(-[_WKProcessPoolConfiguration setProcessSwapsOnWindowOpenWithOpener:]):
(-[_WKProcessPoolConfiguration processSwapsOnWindowOpenWithOpener]):
Add ProcessPool configuration flag to turn on processSwap on window.open(), even
if there is an opener.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::continueNavigationInNewProcess):
If the navigation was triggered via window.open(), then set up on handler for when
a DOMWindow is constructed for the main frame in the new process.

(WebKit::WebPageProxy::didCreateWindow):
When a Window is constructed for the main frame in a new process on process swap,
notify the old process that its representation of the window should become remote
and provide it with the Frame / Window identifiers it needs.

* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:

* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::processForNavigation):
Do process swapping on cross-origin window.open() if the corresponding setting is
enabled.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::didCreateWindow):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::frameBecameRemote):
This is called when process swapping has happened due to a window.open() navigation
cross-origin, when a Frame / Window has been constructed in the new process. We do
the following:
- Construct a RemoteFrame / RemoteWindow using the provided global identifiers to
  represent the Frame / Window in the new process.
- We transfer the WindowProxies from the old Frame's WindowProxyController to the
  new RemoteFrame's WindowProxyController.
- We update the window proxied by those WindowProxies to be the new RemoteWindow.
- We detach the old Frame as it is now remote and represented by the new RemoteFrame
  object we constructed.
- If the old frame was the main frame (always the case currently), we close the page
  as it is no longer needed. The new RemoteFrame is currently owned by the RemoteWindow
  which is kept alive by its JS wrappers.

* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

Tools:

* MiniBrowser/mac/AppDelegate.m:
(defaultConfiguration):
* MiniBrowser/mac/SettingsController.h:
* MiniBrowser/mac/SettingsController.m:
(-[SettingsController _populateMenu]):
(-[SettingsController validateMenuItem:]):
(-[SettingsController processSwapOnWindowOpenWithOpenerEnabled]):
(-[SettingsController toggleProcessSwapOnWindowOpenWithOpener:]):
Add menu entry in minibrowser to turn on process swap on cross-origin window.open().

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
Turn on process swap on cross-origin window.open() for corresponding test and update
test to expect that a new WebProcess is created.

* WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
(WTR::InjectedBundlePage::decidePolicyForResponse):
Add null checks for injectedBundle.testRunner(). When we swap process on navigation,
the InjectedBundlePage::decidePolicyForResponse() gets called in the new process.
In this new process, we have constructed a InjectedBundlePage for the page but we
have not initialized the InjectedBundle members such as testRunner.

* WebKitTestRunner/TestController.cpp:
(WTR::TestController::createWebViewWithOptions):
(WTR::updateTestOptionsFromTestHeader):
* WebKitTestRunner/TestOptions.h:
(WTR::TestOptions::hasSameInitializationOptions const):
Add a way for layout tests to turn on process swap on navigation via a test header.

LayoutTests:

Add layout test coverage a cross-origin window.open() to check that the
returned window looks like a regular cross-origin window after being
navigated cross-origin. We are still failing some of the checks because
our implementation is still incomplete. However, it mostly works as
expected.

* TestExpectations:
* http/tests/navigation/process-swap-window-open-expected.txt: Added.
* http/tests/navigation/process-swap-window-open.html: Added.
* platform/wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230764 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WebAssembly][Modules] Import globals from wasm modules
utatane.tea@gmail.com [Wed, 18 Apr 2018 16:33:33 +0000 (16:33 +0000)]
[WebAssembly][Modules] Import globals from wasm modules
https://bugs.webkit.org/show_bug.cgi?id=184736

Reviewed by JF Bastien.

JSTests:

* wasm.yaml:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports.js:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wasm:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wat:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/re-export.js:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wasm:
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wat:
* wasm/modules/wasm-imports-wasm-exports.js:
* wasm/modules/wasm-imports-wasm-exports/imports.wasm:
* wasm/modules/wasm-imports-wasm-exports/imports.wat:
* wasm/modules/wasm-imports-wasm-exports/sum.wasm:
* wasm/modules/wasm-imports-wasm-exports/sum.wat:

Source/JavaScriptCore:

This patch implements a feature importing globals to/from wasm modules.
Since we are not supporting mutable globals now, we can just copy the
global data when importing. Currently we do not support importing/exporting
i64 globals. This will be supported once (1) mutable global bindings are
specified and (2) BigInt based i64 importing/exporting is specified.

* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::create):
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230763 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, fix build on ARM
tpopela@redhat.com [Wed, 18 Apr 2018 13:01:51 +0000 (13:01 +0000)]
Unreviewed, fix build on ARM

* assembler/MacroAssemblerARM.h:
(JSC::MacroAssemblerARM::readCallTarget):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230762 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, fix build with GCC
tpopela@redhat.com [Wed, 18 Apr 2018 11:09:14 +0000 (11:09 +0000)]
Unreviewed, fix build with GCC

* assembler/LinkBuffer.h:
(JSC::LinkBuffer::finalizeCodeWithDisassembly):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230761 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoTest gardening.
Ms2ger@igalia.com [Wed, 18 Apr 2018 10:42:58 +0000 (10:42 +0000)]
Test gardening.
https://bugs.webkit.org/show_bug.cgi?id=184726

Unreviewed test gardening.

LayoutTests/imported/w3c:

* web-platform-tests/touch-events/historical-expected.txt: update expectation to test change

LayoutTests:

Update expectations.

* platform/gtk/TestExpectations:
* platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
* platform/wpe/TestExpectations:
* platform/wpe/imported/w3c/web-platform-tests/html/dom/interfaces-expected.txt:
* platform/wpe/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
* platform/wpe/js/dom/dom-static-property-for-in-iteration-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230760 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, reland r230697, r230720, and r230724.
utatane.tea@gmail.com [Wed, 18 Apr 2018 09:47:19 +0000 (09:47 +0000)]
Unreviewed, reland r230697, r230720, and r230724.
https://bugs.webkit.org/show_bug.cgi?id=184600

JSTests:

* wasm.yaml:
* wasm/modules/constant.wasm: Added.
* wasm/modules/constant.wat: Added.
* wasm/modules/default-import-star-error.js: Added.
(then):
* wasm/modules/default-import-star-error/entry.wasm: Added.
* wasm/modules/default-import-star-error/entry.wat: Added.
* wasm/modules/default-import-star-error/t0.js: Added.
* wasm/modules/default-import-star-error/t1.js: Added.
* wasm/modules/default-import-star-error/t2.js: Added.
(export.default.Cocoa):
* wasm/modules/js-wasm-cycle.js: Added.
* wasm/modules/js-wasm-cycle/entry.js: Added.
(from.string_appeared_here.export.return42):
* wasm/modules/js-wasm-cycle/sum.wasm: Added.
* wasm/modules/js-wasm-cycle/sum.wat: Added.
* wasm/modules/js-wasm-function-namespace.js: Added.
(assert.throws):
* wasm/modules/js-wasm-function.js: Added.
(assert.throws):
* wasm/modules/js-wasm-global-namespace.js: Added.
(assert.throws):
* wasm/modules/js-wasm-global.js: Added.
(assert.throws):
* wasm/modules/js-wasm-memory-namespace.js: Added.
(assert.throws):
* wasm/modules/js-wasm-memory.js: Added.
(assert.throws):
* wasm/modules/js-wasm-start.js: Added.
(then):
* wasm/modules/js-wasm-table-namespace.js: Added.
(assert.throws):
* wasm/modules/js-wasm-table.js: Added.
(assert.throws):
* wasm/modules/memory.wasm: Added.
* wasm/modules/memory.wat: Added.
* wasm/modules/run-from-wasm.wasm: Added.
* wasm/modules/run-from-wasm.wat: Added.
* wasm/modules/run-from-wasm/check.js: Added.
(export.check):
* wasm/modules/start.wasm: Added.
* wasm/modules/start.wat: Added.
* wasm/modules/sum.wasm: Added.
* wasm/modules/sum.wat: Added.
* wasm/modules/table.wasm: Added.
* wasm/modules/table.wat: Added.
* wasm/modules/wasm-imports-js-exports.js: Added.
* wasm/modules/wasm-imports-js-exports/imports.wasm: Added.
* wasm/modules/wasm-imports-js-exports/imports.wat: Added.
* wasm/modules/wasm-imports-js-exports/sum.js: Added.
(export.sum):
* wasm/modules/wasm-imports-js-re-exports-wasm-exports.js: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wasm: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wat: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/re-export.js: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wasm: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wat: Added.
* wasm/modules/wasm-imports-wasm-exports.js: Added.
* wasm/modules/wasm-imports-wasm-exports/imports.wasm: Added.
* wasm/modules/wasm-imports-wasm-exports/imports.wat: Added.
* wasm/modules/wasm-imports-wasm-exports/sum.wasm: Added.
* wasm/modules/wasm-imports-wasm-exports/sum.wat: Added.
* wasm/modules/wasm-js-cycle.js: Added.
* wasm/modules/wasm-js-cycle/entry.wasm: Added.
* wasm/modules/wasm-js-cycle/entry.wat: Added.
* wasm/modules/wasm-js-cycle/sum.js: Added.
(from.string_appeared_here.export.sum):
* wasm/modules/wasm-wasm-cycle.js: Added.
* wasm/modules/wasm-wasm-cycle/entry.wasm: Added.
* wasm/modules/wasm-wasm-cycle/entry.wat: Added.
* wasm/modules/wasm-wasm-cycle/sum.wasm: Added.
* wasm/modules/wasm-wasm-cycle/sum.wat: Added.

Source/JavaScriptCore:

With CatchScope check.

* JavaScriptCore.xcodeproj/project.pbxproj:
* builtins/ModuleLoaderPrototype.js:
(globalPrivate.newRegistryEntry):
(requestInstantiate):
(link):
* jsc.cpp:
(convertShebangToJSComment):
(fillBufferWithContentsOfFile):
(fetchModuleFromLocalFileSystem):
(GlobalObject::moduleLoaderFetch):
(functionDollarAgentStart):
(checkException):
(runWithOptions):
* parser/NodesAnalyzeModule.cpp:
(JSC::ImportDeclarationNode::analyzeModule):
* parser/SourceProvider.h:
(JSC::WebAssemblySourceProvider::create):
(JSC::WebAssemblySourceProvider::WebAssemblySourceProvider):
* runtime/AbstractModuleRecord.cpp:
(JSC::AbstractModuleRecord::hostResolveImportedModule):
(JSC::AbstractModuleRecord::resolveImport):
(JSC::AbstractModuleRecord::link):
(JSC::AbstractModuleRecord::evaluate):
(JSC::identifierToJSValue): Deleted.
* runtime/AbstractModuleRecord.h:
(JSC::AbstractModuleRecord::moduleEnvironmentMayBeNull):
(JSC::AbstractModuleRecord::ImportEntry::isNamespace const): Deleted.
* runtime/JSModuleEnvironment.cpp:
(JSC::JSModuleEnvironment::getOwnNonIndexPropertyNames):
* runtime/JSModuleLoader.cpp:
(JSC::JSModuleLoader::evaluate):
* runtime/JSModuleRecord.cpp:
(JSC::JSModuleRecord::link):
(JSC::JSModuleRecord::instantiateDeclarations):
* runtime/JSModuleRecord.h:
* runtime/ModuleLoaderPrototype.cpp:
(JSC::moduleLoaderPrototypeParseModule):
(JSC::moduleLoaderPrototypeRequestedModules):
(JSC::moduleLoaderPrototypeModuleDeclarationInstantiation):
* wasm/WasmCreationMode.h: Copied from Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.h.
* wasm/js/JSWebAssemblyHelpers.h:
(JSC::getWasmBufferFromValue):
(JSC::createSourceBufferFromValue):
* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::finalizeCreation):
(JSC::JSWebAssemblyInstance::createPrivateModuleKey):
(JSC::JSWebAssemblyInstance::create):
* wasm/js/JSWebAssemblyInstance.h:
* wasm/js/WebAssemblyInstanceConstructor.cpp:
(JSC::constructJSWebAssemblyInstance):
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::prepareLink):
(JSC::WebAssemblyModuleRecord::link):
* wasm/js/WebAssemblyModuleRecord.h:
* wasm/js/WebAssemblyPrototype.cpp:
(JSC::resolve):
(JSC::instantiate):
(JSC::compileAndInstantiate):
(JSC::WebAssemblyPrototype::instantiate):
(JSC::webAssemblyInstantiateFunc):
(JSC::webAssemblyValidateFunc):
* wasm/js/WebAssemblyPrototype.h:

Tools:

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230759 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed. Update OptionsGTK.cmake and NEWS for 2.21.1 release.
carlosgc@webkit.org [Wed, 18 Apr 2018 08:35:07 +0000 (08:35 +0000)]
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.21.1 release.

.:

* Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

* gtk/NEWS: Add release notes for 2.21.1.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230757 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed. Remove symbols from webkitglib-symbols.map.
carlosgc@webkit.org [Wed, 18 Apr 2018 08:33:17 +0000 (08:33 +0000)]
Unreviewed. Remove symbols from webkitglib-symbols.map.

Remove symbols not present in WebKit.

* webkitglib-symbols.map:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230756 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed. Add missing symbols to webkitglib-symbols.map.
carlosgc@webkit.org [Wed, 18 Apr 2018 07:42:36 +0000 (07:42 +0000)]
Unreviewed. Add missing symbols to webkitglib-symbols.map.

Add symbols global in JSC and present in WebKit.

* webkitglib-symbols.map:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230755 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Win][WebKit] Implement InjectedBundleWin.cpp
Hironori.Fujii@sony.com [Wed, 18 Apr 2018 07:33:40 +0000 (07:33 +0000)]
[Win][WebKit] Implement InjectedBundleWin.cpp
https://bugs.webkit.org/show_bug.cgi?id=184525

Reviewed by Konstantin Tokarev.

* WebProcess/InjectedBundle/win/InjectedBundleWin.cpp:
(WebKit::InjectedBundle::initialize):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230754 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GLIB] Make it possible to handle JSCClass external properties not added to the prototype
carlosgc@webkit.org [Wed, 18 Apr 2018 06:51:33 +0000 (06:51 +0000)]
[GLIB] Make it possible to handle JSCClass external properties not added to the prototype
https://bugs.webkit.org/show_bug.cgi?id=184687

Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

Add JSCClassVTable that can be optionally passed to jsc_context_register_class() to provide implmentations for
JSClassDefinition. This is required to implement dynamic properties that can't be added with
jsc_class_add_property() for example to implement something like imports object in seed/gjs.

* API/glib/JSCClass.cpp:
(VTableExceptionHandler::VTableExceptionHandler): Helper class to handle the exceptions in vtable functions that
can throw exceptions.
(VTableExceptionHandler::~VTableExceptionHandler):
(getProperty): Iterate the class chain to call get_property function.
(setProperty): Iterate the class chain to call set_property function.
(hasProperty): Iterate the class chain to call has_property function.
(deleteProperty): Iterate the class chain to call delete_property function.
(getPropertyNames): Iterate the class chain to call enumerate_properties function.
(jsc_class_class_init): Remove constructed implementation, since we need to initialize the JSClassDefinition in
jscClassCreate now.
(jscClassCreate): Receive an optional JSCClassVTable that is used to initialize the JSClassDefinition.
* API/glib/JSCClass.h:
* API/glib/JSCClassPrivate.h:
* API/glib/JSCContext.cpp:
(jscContextGetRegisteredClass): Helper to get the JSCClass for a given JSClassRef.
(jsc_context_register_class): Add JSCClassVTable parameter.
* API/glib/JSCContext.h:
* API/glib/JSCContextPrivate.h:
* API/glib/JSCWrapperMap.cpp:
(JSC::WrapperMap::registeredClass const): Get the JSCClass for a given JSClassRef.
* API/glib/JSCWrapperMap.h:
* API/glib/docs/jsc-glib-4.0-sections.txt: Add new symbols.

Tools:

Add test cases for the new API.

* TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:
(fooCreate):
(fooFree):
(fooGetProperty):
(fooSetProperty):
(testJSCPromises):
(testJSCGarbageCollector):
(testsJSCVirtualMachine):
* TestWebKitAPI/Tests/WebKitGLib/WebProcessTest.cpp:
(windowObjectClearedCallback):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230753 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Extra zoom mode] Programmatically changing focus when an element already has focus...
wenson_hsieh@apple.com [Wed, 18 Apr 2018 06:03:06 +0000 (06:03 +0000)]
[Extra zoom mode] Programmatically changing focus when an element already has focus is a confusing experience
https://bugs.webkit.org/show_bug.cgi?id=184635
<rdar://problem/39440642>

Reviewed by Tim Horton.

Source/WebKit:

Currently on iOS, we allow element focus to present UI if the keyboard is already shown. In extra zoom mode,
this would lead to a confusing experience when the focus form control overlay is disabled, since fullscreen
input view controllers are swapped out from underneath the user. Currently, this also puts the UI process into a
bad state where the focused form control overlay is active, but still hidden. This patch makes some tweaks to
input view controller handling in the UI process to address these issues, and also adds WebKitTestRunner support
for simulating interactions with select menus in extra zoom mode. See comments below for more detail.

Test: fast/events/extrazoom/change-focus-during-change-event.html

* UIProcess/API/Cocoa/WKUIDelegatePrivate.h:

Add new SPI delegate hooks to notify the UI delegate when view controllers are presented or dismissed in extra
zoom mode. See -presentViewControllerForCurrentAssistedNode and -dismissAllInputViewControllers.

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::takeBackgroundActivityTokenForFullscreenInput):
(WebKit::WebProcessProxy::releaseBackgroundActivityTokenForFullscreenInput):

See the comment below -dismissAllInputViewControllers.

* UIProcess/WebProcessProxy.h:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _startAssistingNode:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):

In extra zoom mode, when changing focus from one assisted node to another, only allow the second node to be
assisted if the focused form control overlay is being shown. Otherwise, (i.e. when a fullscreen input view
controller is being presented), don't allow focus to start an input session.

Additionally, make a minor tweak to allow the previous node to blur, even if we are not showing the keyboard for
the new focused element. Without this adjustment, in the case where the page has programmatically focused
another element while a fullscreen input view controller is presented, we'll show the old view controller for
the new focused element.

(-[WKContentView presentViewControllerForCurrentAssistedNode]):
(-[WKContentView dismissAllInputViewControllers:]):

Currently, when a fullscreen input view controller is presented, the web process gets backgrounded. This
prevents event handlers from executing, which leads to strange behaviors in many cases (for instance: if we
have a multiple select, and the "change" event handler blurs the select, the user may check or uncheck multiple
items, but only the first change will actually take effect).

To fix this, we maintain a background activity token while presenting an input view controller.

(-[WKContentView focusedFormControlViewDidBeginEditing:]):

Start hiding the focused form overlay when re-presenting an input view controller. This allows us to bail from
showing fullscreen input UI for another focused element if focus programmatically changes while the current
fullscreen input view controller is presented, due to the -isHidden check in -_startAssistingNode:.

(-[WKContentView selectFormAccessoryPickerRow:]):

Simulate tapping a given row in select menu UI in extra zoom mode.

Tools:

Add plumbing to support invoking `didHideKeyboardCallback` and `didShowKeyboardCallback` when (respectively)
dismissing or presenting fullscreen input view controllers in extra zoom mode.

* WebKitTestRunner/cocoa/TestRunnerWKWebView.mm:
(-[TestRunnerWKWebView initWithFrame:configuration:]):
(-[TestRunnerWKWebView dealloc]):
(-[TestRunnerWKWebView _invokeShowKeyboardCallbackIfNecessary]):
(-[TestRunnerWKWebView _invokeHideKeyboardCallbackIfNecessary]):
(-[TestRunnerWKWebView _keyboardDidShow:]):
(-[TestRunnerWKWebView _keyboardDidHide:]):
(-[TestRunnerWKWebView _webView:didPresentFocusedElementViewController:]):
(-[TestRunnerWKWebView _webView:didDismissFocusedElementViewController:]):

LayoutTests:

Add a new layout test to exercise the following sequence of events in extra zoom mode:

1. Focus select element #1.
2. Choose an unselected option.
3. Programmatically focus select element #2 in the "change" event handler.
4. Choose an unselected option.
5. Programmatically blur select element #2 in the "change" event handler.

* fast/events/extrazoom/change-focus-during-change-event-expected.txt: Added.
* fast/events/extrazoom/change-focus-during-change-event.html: Added.
* resources/ui-helper.js:
(window.UIHelper.waitForKeyboardToHide.return.new.Promise):
(window.UIHelper.waitForKeyboardToHide):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230752 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[CMake] Add and enable the ENABLE_CSS_ANIMATIONS_LEVEL_2 feature define
zandobersek@gmail.com [Wed, 18 Apr 2018 05:45:22 +0000 (05:45 +0000)]
[CMake] Add and enable the ENABLE_CSS_ANIMATIONS_LEVEL_2 feature define
https://bugs.webkit.org/show_bug.cgi?id=184681

Reviewed by Carlos Garcia Campos.

.:

* Source/cmake/WebKitFeatures.cmake: Add the ENABLE_CSS_ANIMATIONS_LEVEL_2
feature define. Follow Cocoa ports and enable it by default.

Source/WebCore:

* Sources.txt: Include CSSAnimationTriggerScrollValue.cpp in the build.
* WebCore.xcodeproj/project.pbxproj: Remove CSSAnimationTriggerScrollValue.cpp
build target now that it's built via Sources.txt.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230751 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[CoordGraphics] CoordinatedImageBacking can simplify image drawing
zandobersek@gmail.com [Wed, 18 Apr 2018 05:43:26 +0000 (05:43 +0000)]
[CoordGraphics] CoordinatedImageBacking can simplify image drawing
https://bugs.webkit.org/show_bug.cgi?id=183986

Reviewed by Michael Catanzaro.

In CoordinatedImageBacking::update(), when drawing the image into a
freshly-created image backing, we can avoid save-and-restoring the
painting context. We also don't have to clip it, since the clipping area
is the same as the image (and buffer) bounds. Since the buffer is
initialized to transparent color, we can use the CompositeCopy operator
to just copy image data into the destination since there's nothing to
paint the source over.

No new tests -- no change in functionality.

* platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
(WebCore::CoordinatedImageBacking::update):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230750 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK] Webkit should spoof as Safari on a Mac for Outlook.com
mcatanzaro@igalia.com [Wed, 18 Apr 2018 05:05:25 +0000 (05:05 +0000)]
[GTK] Webkit should spoof as Safari on a Mac for Outlook.com
https://bugs.webkit.org/show_bug.cgi?id=184573

Reviewed by Carlos Alberto Lopez Perez.

Source/WebCore:

Add quirk for outlook.live.com.

* platform/UserAgentQuirks.cpp:
(WebCore::urlRequiresMacintoshPlatform):

Tools:

* TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230749 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoTemplatize CodePtr/Refs/FunctionPtrs with PtrTags.
mark.lam@apple.com [Wed, 18 Apr 2018 03:31:09 +0000 (03:31 +0000)]
Templatize CodePtr/Refs/FunctionPtrs with PtrTags.
https://bugs.webkit.org/show_bug.cgi?id=184702
<rdar://problem/35391681>

Reviewed by Filip Pizlo and Saam Barati.

Source/JavaScriptCore:

1. Templatized MacroAssemblerCodePtr/Ref, FunctionPtr, and CodeLocation variants
   to take a PtrTag template argument.
2. Replaced some uses of raw pointers with the equivalent CodePtr / FunctionPtr.

* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::differenceBetweenCodePtr):
(JSC::AbstractMacroAssembler::linkJump):
(JSC::AbstractMacroAssembler::linkPointer):
(JSC::AbstractMacroAssembler::getLinkerAddress):
(JSC::AbstractMacroAssembler::repatchJump):
(JSC::AbstractMacroAssembler::repatchJumpToNop):
(JSC::AbstractMacroAssembler::repatchNearCall):
(JSC::AbstractMacroAssembler::repatchCompact):
(JSC::AbstractMacroAssembler::repatchInt32):
(JSC::AbstractMacroAssembler::repatchPointer):
(JSC::AbstractMacroAssembler::readPointer):
(JSC::AbstractMacroAssembler::replaceWithLoad):
(JSC::AbstractMacroAssembler::replaceWithAddressComputation):
* assembler/CodeLocation.h:
(JSC::CodeLocationCommon:: const):
(JSC::CodeLocationCommon::CodeLocationCommon):
(JSC::CodeLocationInstruction::CodeLocationInstruction):
(JSC::CodeLocationLabel::CodeLocationLabel):
(JSC::CodeLocationLabel::retagged):
(JSC::CodeLocationLabel:: const):
(JSC::CodeLocationJump::CodeLocationJump):
(JSC::CodeLocationJump::retagged):
(JSC::CodeLocationCall::CodeLocationCall):
(JSC::CodeLocationCall::retagged):
(JSC::CodeLocationNearCall::CodeLocationNearCall):
(JSC::CodeLocationDataLabel32::CodeLocationDataLabel32):
(JSC::CodeLocationDataLabelCompact::CodeLocationDataLabelCompact):
(JSC::CodeLocationDataLabelPtr::CodeLocationDataLabelPtr):
(JSC::CodeLocationConvertibleLoad::CodeLocationConvertibleLoad):
(JSC::CodeLocationCommon<tag>::instructionAtOffset):
(JSC::CodeLocationCommon<tag>::labelAtOffset):
(JSC::CodeLocationCommon<tag>::jumpAtOffset):
(JSC::CodeLocationCommon<tag>::callAtOffset):
(JSC::CodeLocationCommon<tag>::nearCallAtOffset):
(JSC::CodeLocationCommon<tag>::dataLabelPtrAtOffset):
(JSC::CodeLocationCommon<tag>::dataLabel32AtOffset):
(JSC::CodeLocationCommon<tag>::dataLabelCompactAtOffset):
(JSC::CodeLocationCommon<tag>::convertibleLoadAtOffset):
(JSC::CodeLocationCommon::instructionAtOffset): Deleted.
(JSC::CodeLocationCommon::labelAtOffset): Deleted.
(JSC::CodeLocationCommon::jumpAtOffset): Deleted.
(JSC::CodeLocationCommon::callAtOffset): Deleted.
(JSC::CodeLocationCommon::nearCallAtOffset): Deleted.
(JSC::CodeLocationCommon::dataLabelPtrAtOffset): Deleted.
(JSC::CodeLocationCommon::dataLabel32AtOffset): Deleted.
(JSC::CodeLocationCommon::dataLabelCompactAtOffset): Deleted.
(JSC::CodeLocationCommon::convertibleLoadAtOffset): Deleted.
* assembler/LinkBuffer.cpp:
(JSC::LinkBuffer::finalizeCodeWithoutDisassemblyImpl):
(JSC::LinkBuffer::finalizeCodeWithDisassemblyImpl):
(JSC::LinkBuffer::finalizeCodeWithoutDisassembly): Deleted.
(JSC::LinkBuffer::finalizeCodeWithDisassembly): Deleted.
* assembler/LinkBuffer.h:
(JSC::LinkBuffer::link):
(JSC::LinkBuffer::patch):
(JSC::LinkBuffer::entrypoint):
(JSC::LinkBuffer::locationOf):
(JSC::LinkBuffer::locationOfNearCall):
(JSC::LinkBuffer::finalizeCodeWithoutDisassembly):
(JSC::LinkBuffer::finalizeCodeWithDisassembly):
(JSC::LinkBuffer::trampolineAt):
* assembler/MacroAssemblerARM.h:
(JSC::MacroAssemblerARM::readCallTarget):
(JSC::MacroAssemblerARM::replaceWithJump):
(JSC::MacroAssemblerARM::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerARM::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerARM::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerARM::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerARM::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerARM::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerARM::repatchCall):
(JSC::MacroAssemblerARM::linkCall):
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::readCallTarget):
(JSC::MacroAssemblerARM64::replaceWithVMHalt):
(JSC::MacroAssemblerARM64::replaceWithJump):
(JSC::MacroAssemblerARM64::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerARM64::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerARM64::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerARM64::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerARM64::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerARM64::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerARM64::repatchCall):
(JSC::MacroAssemblerARM64::linkCall):
* assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::replaceWithJump):
(JSC::MacroAssemblerARMv7::readCallTarget):
(JSC::MacroAssemblerARMv7::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerARMv7::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerARMv7::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerARMv7::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerARMv7::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerARMv7::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerARMv7::repatchCall):
(JSC::MacroAssemblerARMv7::linkCall):
* assembler/MacroAssemblerCodeRef.cpp:
(JSC::MacroAssemblerCodePtrBase::dumpWithName):
(JSC::MacroAssemblerCodeRefBase::tryToDisassemble):
(JSC::MacroAssemblerCodeRefBase::disassembly):
(JSC::MacroAssemblerCodePtr::createLLIntCodePtr): Deleted.
(JSC::MacroAssemblerCodePtr::dumpWithName const): Deleted.
(JSC::MacroAssemblerCodePtr::dump const): Deleted.
(JSC::MacroAssemblerCodeRef::createLLIntCodeRef): Deleted.
(JSC::MacroAssemblerCodeRef::tryToDisassemble const): Deleted.
(JSC::MacroAssemblerCodeRef::disassembly const): Deleted.
(JSC::MacroAssemblerCodeRef::dump const): Deleted.
* assembler/MacroAssemblerCodeRef.h:
(JSC::FunctionPtr::FunctionPtr):
(JSC::FunctionPtr::retagged const):
(JSC::FunctionPtr::retaggedExecutableAddress const):
(JSC::FunctionPtr::operator== const):
(JSC::FunctionPtr::operator!= const):
(JSC::ReturnAddressPtr::ReturnAddressPtr):
(JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
(JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
(JSC::MacroAssemblerCodePtr::retagged const):
(JSC::MacroAssemblerCodePtr:: const):
(JSC::MacroAssemblerCodePtr::dumpWithName const):
(JSC::MacroAssemblerCodePtr::dump const):
(JSC::MacroAssemblerCodePtrHash::hash):
(JSC::MacroAssemblerCodePtrHash::equal):
(JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):
(JSC::MacroAssemblerCodeRef::createSelfManagedCodeRef):
(JSC::MacroAssemblerCodeRef::code const):
(JSC::MacroAssemblerCodeRef::retaggedCode const):
(JSC::MacroAssemblerCodeRef::retagged const):
(JSC::MacroAssemblerCodeRef::tryToDisassemble const):
(JSC::MacroAssemblerCodeRef::disassembly const):
(JSC::MacroAssemblerCodeRef::dump const):
(JSC::FunctionPtr<tag>::FunctionPtr):
* assembler/MacroAssemblerMIPS.h:
(JSC::MacroAssemblerMIPS::readCallTarget):
(JSC::MacroAssemblerMIPS::replaceWithJump):
(JSC::MacroAssemblerMIPS::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerMIPS::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerMIPS::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerMIPS::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerMIPS::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerMIPS::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerMIPS::repatchCall):
(JSC::MacroAssemblerMIPS::linkCall):
* assembler/MacroAssemblerX86.h:
(JSC::MacroAssemblerX86::readCallTarget):
(JSC::MacroAssemblerX86::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerX86::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerX86::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerX86::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerX86::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerX86::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerX86::repatchCall):
(JSC::MacroAssemblerX86::linkCall):
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::repatchCompact):
(JSC::MacroAssemblerX86Common::replaceWithVMHalt):
(JSC::MacroAssemblerX86Common::replaceWithJump):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::readCallTarget):
(JSC::MacroAssemblerX86_64::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerX86_64::startOfBranch32WithPatchOnRegister):
(JSC::MacroAssemblerX86_64::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerX86_64::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerX86_64::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerX86_64::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerX86_64::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerX86_64::repatchCall):
(JSC::MacroAssemblerX86_64::linkCall):
* assembler/testmasm.cpp:
(JSC::compile):
(JSC::invoke):
(JSC::testProbeModifiesProgramCounter):
* b3/B3Compilation.cpp:
(JSC::B3::Compilation::Compilation):
* b3/B3Compilation.h:
(JSC::B3::Compilation::code const):
(JSC::B3::Compilation::codeRef const):
* b3/B3Compile.cpp:
(JSC::B3::compile):
* b3/B3LowerMacros.cpp:
* b3/air/AirDisassembler.cpp:
(JSC::B3::Air::Disassembler::dump):
* b3/air/testair.cpp:
* b3/testb3.cpp:
(JSC::B3::invoke):
(JSC::B3::testInterpreter):
(JSC::B3::testEntrySwitchSimple):
(JSC::B3::testEntrySwitchNoEntrySwitch):
(JSC::B3::testEntrySwitchWithCommonPaths):
(JSC::B3::testEntrySwitchWithCommonPathsAndNonTrivialEntrypoint):
(JSC::B3::testEntrySwitchLoop):
* bytecode/AccessCase.cpp:
(JSC::AccessCase::generateImpl):
* bytecode/AccessCaseSnippetParams.cpp:
(JSC::SlowPathCallGeneratorWithArguments::generateImpl):
* bytecode/ByValInfo.h:
(JSC::ByValInfo::ByValInfo):
* bytecode/CallLinkInfo.cpp:
(JSC::CallLinkInfo::callReturnLocation):
(JSC::CallLinkInfo::patchableJump):
(JSC::CallLinkInfo::hotPathBegin):
(JSC::CallLinkInfo::slowPathStart):
* bytecode/CallLinkInfo.h:
(JSC::CallLinkInfo::setCallLocations):
(JSC::CallLinkInfo::hotPathOther):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finishCreation):
* bytecode/GetByIdStatus.cpp:
(JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback):
* bytecode/GetByIdVariant.cpp:
(JSC::GetByIdVariant::GetByIdVariant):
(JSC::GetByIdVariant::dumpInContext const):
* bytecode/GetByIdVariant.h:
(JSC::GetByIdVariant::customAccessorGetter const):
* bytecode/GetterSetterAccessCase.cpp:
(JSC::GetterSetterAccessCase::create):
(JSC::GetterSetterAccessCase::GetterSetterAccessCase):
(JSC::GetterSetterAccessCase::dumpImpl const):
* bytecode/GetterSetterAccessCase.h:
(JSC::GetterSetterAccessCase::customAccessor const):
(): Deleted.
* bytecode/HandlerInfo.h:
(JSC::HandlerInfo::initialize):
* bytecode/InlineAccess.cpp:
(JSC::linkCodeInline):
(JSC::InlineAccess::rewireStubAsJump):
* bytecode/InlineAccess.h:
* bytecode/JumpTable.h:
(JSC::StringJumpTable::ctiForValue):
(JSC::SimpleJumpTable::ctiForValue):
* bytecode/LLIntCallLinkInfo.h:
(JSC::LLIntCallLinkInfo::unlink):
* bytecode/PolymorphicAccess.cpp:
(JSC::AccessGenerationState::emitExplicitExceptionHandler):
(JSC::PolymorphicAccess::regenerate):
* bytecode/PolymorphicAccess.h:
(JSC::AccessGenerationResult::AccessGenerationResult):
(JSC::AccessGenerationResult::code const):
* bytecode/StructureStubInfo.h:
(JSC::StructureStubInfo::slowPathCallLocation):
(JSC::StructureStubInfo::doneLocation):
(JSC::StructureStubInfo::slowPathStartLocation):
(JSC::StructureStubInfo::patchableJumpForIn):
* dfg/DFGCommonData.h:
(JSC::DFG::CommonData::appendCatchEntrypoint):
* dfg/DFGDisassembler.cpp:
(JSC::DFG::Disassembler::dumpDisassembly):
* dfg/DFGDriver.h:
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::linkOSRExits):
(JSC::DFG::JITCompiler::compileExceptionHandlers):
(JSC::DFG::JITCompiler::link):
(JSC::DFG::JITCompiler::compileFunction):
(JSC::DFG::JITCompiler::noticeCatchEntrypoint):
* dfg/DFGJITCompiler.h:
(JSC::DFG::CallLinkRecord::CallLinkRecord):
(JSC::DFG::JITCompiler::appendCall):
(JSC::DFG::JITCompiler::JSCallRecord::JSCallRecord):
(JSC::DFG::JITCompiler::JSDirectCallRecord::JSDirectCallRecord):
(JSC::DFG::JITCompiler::JSDirectTailCallRecord::JSDirectTailCallRecord):
* dfg/DFGJITFinalizer.cpp:
(JSC::DFG::JITFinalizer::JITFinalizer):
(JSC::DFG::JITFinalizer::finalize):
(JSC::DFG::JITFinalizer::finalizeFunction):
* dfg/DFGJITFinalizer.h:
* dfg/DFGJumpReplacement.h:
(JSC::DFG::JumpReplacement::JumpReplacement):
* dfg/DFGNode.h:
* dfg/DFGOSREntry.cpp:
(JSC::DFG::prepareOSREntry):
(JSC::DFG::prepareCatchOSREntry):
* dfg/DFGOSREntry.h:
(JSC::DFG::prepareOSREntry):
* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::executeOSRExit):
(JSC::DFG::reifyInlinedCallFrames):
(JSC::DFG::adjustAndJumpToTarget):
(JSC::DFG::OSRExit::codeLocationForRepatch const):
(JSC::DFG::OSRExit::emitRestoreArguments):
(JSC::DFG::OSRExit::compileOSRExit):
* dfg/DFGOSRExit.h:
* dfg/DFGOSRExitCompilerCommon.cpp:
(JSC::DFG::handleExitCounts):
(JSC::DFG::reifyInlinedCallFrames):
(JSC::DFG::osrWriteBarrier):
(JSC::DFG::adjustAndJumpToTarget):
* dfg/DFGOperations.cpp:
* dfg/DFGSlowPathGenerator.h:
(JSC::DFG::CallResultAndArgumentsSlowPathGenerator::CallResultAndArgumentsSlowPathGenerator):
(JSC::DFG::CallResultAndArgumentsSlowPathGenerator::unpackAndGenerate):
(JSC::DFG::slowPathCall):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileMathIC):
(JSC::DFG::SpeculativeJIT::compileCallDOM):
(JSC::DFG::SpeculativeJIT::compileCallDOMGetter):
(JSC::DFG::SpeculativeJIT::emitSwitchIntJump):
(JSC::DFG::SpeculativeJIT::emitSwitchImm):
(JSC::DFG::SpeculativeJIT::emitSwitchStringOnString):
(JSC::DFG::SpeculativeJIT::compileHasIndexedProperty):
(JSC::DFG::SpeculativeJIT::compileGetDirectPname):
(JSC::DFG::SpeculativeJIT::cachedPutById):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
(JSC::DFG::SpeculativeJIT::appendCall):
(JSC::DFG::SpeculativeJIT::appendCallWithCallFrameRollbackOnException):
(JSC::DFG::SpeculativeJIT::appendCallWithCallFrameRollbackOnExceptionSetResult):
(JSC::DFG::SpeculativeJIT::appendCallSetResult):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedGetByIdWithThis):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGThunks.cpp:
(JSC::DFG::osrExitThunkGenerator):
(JSC::DFG::osrExitGenerationThunkGenerator):
(JSC::DFG::osrEntryThunkGenerator):
* dfg/DFGThunks.h:
* disassembler/ARM64Disassembler.cpp:
(JSC::tryToDisassemble):
* disassembler/ARMv7Disassembler.cpp:
(JSC::tryToDisassemble):
* disassembler/Disassembler.cpp:
(JSC::disassemble):
(JSC::disassembleAsynchronously):
* disassembler/Disassembler.h:
(JSC::tryToDisassemble):
* disassembler/UDis86Disassembler.cpp:
(JSC::tryToDisassembleWithUDis86):
* disassembler/UDis86Disassembler.h:
(JSC::tryToDisassembleWithUDis86):
* disassembler/X86Disassembler.cpp:
(JSC::tryToDisassemble):
* ftl/FTLCompile.cpp:
(JSC::FTL::compile):
* ftl/FTLExceptionTarget.cpp:
(JSC::FTL::ExceptionTarget::label):
(JSC::FTL::ExceptionTarget::jumps):
* ftl/FTLExceptionTarget.h:
* ftl/FTLGeneratedFunction.h:
* ftl/FTLJITCode.cpp:
(JSC::FTL::JITCode::initializeB3Code):
(JSC::FTL::JITCode::initializeAddressForCall):
(JSC::FTL::JITCode::initializeArityCheckEntrypoint):
(JSC::FTL::JITCode::addressForCall):
(JSC::FTL::JITCode::executableAddressAtOffset):
* ftl/FTLJITCode.h:
(JSC::FTL::JITCode::b3Code const):
* ftl/FTLJITFinalizer.cpp:
(JSC::FTL::JITFinalizer::finalizeCommon):
* ftl/FTLLazySlowPath.cpp:
(JSC::FTL::LazySlowPath::initialize):
(JSC::FTL::LazySlowPath::generate):
* ftl/FTLLazySlowPath.h:
(JSC::FTL::LazySlowPath::patchableJump const):
(JSC::FTL::LazySlowPath::done const):
(JSC::FTL::LazySlowPath::stub const):
* ftl/FTLLazySlowPathCall.h:
(JSC::FTL::createLazyCallGenerator):
* ftl/FTLLink.cpp:
(JSC::FTL::link):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::lower):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstruct):
(JSC::FTL::DFG::LowerDFGToB3::compileDirectCallOrConstruct):
(JSC::FTL::DFG::LowerDFGToB3::compileTailCall):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
(JSC::FTL::DFG::LowerDFGToB3::compileCallEval):
(JSC::FTL::DFG::LowerDFGToB3::compileInvalidationPoint):
(JSC::FTL::DFG::LowerDFGToB3::compileIn):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOMGetter):
(JSC::FTL::DFG::LowerDFGToB3::lazySlowPath):
* ftl/FTLOSRExit.cpp:
(JSC::FTL::OSRExit::codeLocationForRepatch const):
* ftl/FTLOSRExit.h:
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
(JSC::FTL::compileFTLOSRExit):
* ftl/FTLOSRExitHandle.cpp:
(JSC::FTL::OSRExitHandle::emitExitThunk):
* ftl/FTLOperations.cpp:
(JSC::FTL::compileFTLLazySlowPath):
* ftl/FTLPatchpointExceptionHandle.cpp:
(JSC::FTL::PatchpointExceptionHandle::scheduleExitCreationForUnwind):
* ftl/FTLSlowPathCall.cpp:
(JSC::FTL::SlowPathCallContext::keyWithTarget const):
(JSC::FTL::SlowPathCallContext::makeCall):
* ftl/FTLSlowPathCall.h:
(JSC::FTL::callOperation):
* ftl/FTLSlowPathCallKey.cpp:
(JSC::FTL::SlowPathCallKey::dump const):
* ftl/FTLSlowPathCallKey.h:
(JSC::FTL::SlowPathCallKey::SlowPathCallKey):
(JSC::FTL::SlowPathCallKey::callTarget const):
(JSC::FTL::SlowPathCallKey::withCallTarget):
(JSC::FTL::SlowPathCallKey::hash const):
(JSC::FTL::SlowPathCallKey::callPtrTag const): Deleted.
* ftl/FTLState.cpp:
(JSC::FTL::State::State):
* ftl/FTLThunks.cpp:
(JSC::FTL::genericGenerationThunkGenerator):
(JSC::FTL::osrExitGenerationThunkGenerator):
(JSC::FTL::lazySlowPathGenerationThunkGenerator):
(JSC::FTL::slowPathCallThunkGenerator):
* ftl/FTLThunks.h:
(JSC::FTL::generateIfNecessary):
(JSC::FTL::keyForThunk):
(JSC::FTL::Thunks::getSlowPathCallThunk):
(JSC::FTL::Thunks::keyForSlowPathCallThunk):
* interpreter/InterpreterInlines.h:
(JSC::Interpreter::getOpcodeID):
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::callExceptionFuzz):
(JSC::AssemblyHelpers::emitDumbVirtualCall):
(JSC::AssemblyHelpers::debugCall):
* jit/CCallHelpers.cpp:
(JSC::CCallHelpers::ensureShadowChickenPacket):
* jit/ExecutableAllocator.cpp:
(JSC::FixedVMPoolExecutableAllocator::initializeSeparatedWXHeaps):
(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):
* jit/ExecutableAllocator.h:
(JSC::performJITMemcpy):
* jit/GCAwareJITStubRoutine.cpp:
(JSC::GCAwareJITStubRoutine::GCAwareJITStubRoutine):
(JSC::MarkingGCAwareJITStubRoutine::MarkingGCAwareJITStubRoutine):
(JSC::GCAwareJITStubRoutineWithExceptionHandler::GCAwareJITStubRoutineWithExceptionHandler):
(JSC::createJITStubRoutine):
* jit/GCAwareJITStubRoutine.h:
(JSC::createJITStubRoutine):
* jit/JIT.cpp:
(JSC::ctiPatchCallByReturnAddress):
(JSC::JIT::compileWithoutLinking):
(JSC::JIT::link):
(JSC::JIT::privateCompileExceptionHandlers):
* jit/JIT.h:
(JSC::CallRecord::CallRecord):
* jit/JITArithmetic.cpp:
(JSC::JIT::emitMathICFast):
(JSC::JIT::emitMathICSlow):
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallSlowCase):
* jit/JITCall32_64.cpp:
(JSC::JIT::compileOpCallSlowCase):
* jit/JITCode.cpp:
(JSC::JITCodeWithCodeRef::JITCodeWithCodeRef):
(JSC::JITCodeWithCodeRef::executableAddressAtOffset):
(JSC::DirectJITCode::DirectJITCode):
(JSC::DirectJITCode::initializeCodeRef):
(JSC::DirectJITCode::addressForCall):
(JSC::NativeJITCode::NativeJITCode):
(JSC::NativeJITCode::initializeCodeRef):
(JSC::NativeJITCode::addressForCall):
* jit/JITCode.h:
* jit/JITCodeMap.h:
(JSC::JITCodeMap::Entry::Entry):
(JSC::JITCodeMap::Entry::codeLocation):
(JSC::JITCodeMap::append):
(JSC::JITCodeMap::find const):
* jit/JITDisassembler.cpp:
(JSC::JITDisassembler::dumpDisassembly):
* jit/JITExceptions.cpp:
(JSC::genericUnwind):
* jit/JITInlineCacheGenerator.cpp:
(JSC::JITByIdGenerator::finalize):
* jit/JITInlines.h:
(JSC::JIT::emitNakedCall):
(JSC::JIT::emitNakedTailCall):
(JSC::JIT::appendCallWithExceptionCheck):
(JSC::JIT::appendCallWithExceptionCheckAndSlowPathReturnType):
(JSC::JIT::appendCallWithCallFrameRollbackOnException):
(JSC::JIT::appendCallWithExceptionCheckSetJSValueResult):
(JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile):
* jit/JITMathIC.h:
(JSC::isProfileEmpty):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_switch_imm):
(JSC::JIT::emit_op_switch_char):
(JSC::JIT::emit_op_switch_string):
(JSC::JIT::privateCompileHasIndexedProperty):
(JSC::JIT::emitSlow_op_has_indexed_property):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::privateCompileHasIndexedProperty):
* jit/JITOperations.cpp:
(JSC::getByVal):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::stringGetByValStubGenerator):
(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitPutByValWithCachedId):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id_direct):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id_with_this):
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::privateCompileGetByVal):
(JSC::JIT::privateCompileGetByValWithCachedId):
(JSC::JIT::privateCompilePutByVal):
(JSC::JIT::privateCompilePutByValWithCachedId):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::stringGetByValStubGenerator):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
* jit/JITStubRoutine.h:
(JSC::JITStubRoutine::JITStubRoutine):
(JSC::JITStubRoutine::createSelfManagedRoutine):
(JSC::JITStubRoutine::code const):
(JSC::JITStubRoutine::asCodePtr):
* jit/JITThunks.cpp:
(JSC::JITThunks::ctiNativeCall):
(JSC::JITThunks::ctiNativeConstruct):
(JSC::JITThunks::ctiNativeTailCall):
(JSC::JITThunks::ctiNativeTailCallWithoutSavedTags):
(JSC::JITThunks::ctiInternalFunctionCall):
(JSC::JITThunks::ctiInternalFunctionConstruct):
(JSC::JITThunks::ctiStub):
(JSC::JITThunks::existingCTIStub):
(JSC::JITThunks::hostFunctionStub):
* jit/JITThunks.h:
* jit/PCToCodeOriginMap.cpp:
(JSC::PCToCodeOriginMap::PCToCodeOriginMap):
* jit/PCToCodeOriginMap.h:
* jit/PolymorphicCallStubRoutine.cpp:
(JSC::PolymorphicCallStubRoutine::PolymorphicCallStubRoutine):
* jit/PolymorphicCallStubRoutine.h:
* jit/Repatch.cpp:
(JSC::readPutICCallTarget):
(JSC::ftlThunkAwareRepatchCall):
(JSC::appropriateOptimizingGetByIdFunction):
(JSC::appropriateGetByIdFunction):
(JSC::tryCacheGetByID):
(JSC::repatchGetByID):
(JSC::tryCachePutByID):
(JSC::repatchPutByID):
(JSC::tryCacheIn):
(JSC::repatchIn):
(JSC::linkSlowFor):
(JSC::linkFor):
(JSC::linkDirectFor):
(JSC::revertCall):
(JSC::unlinkFor):
(JSC::linkVirtualFor):
(JSC::linkPolymorphicCall):
(JSC::resetGetByID):
(JSC::resetPutByID):
* jit/Repatch.h:
* jit/SlowPathCall.h:
(JSC::JITSlowPathCall::call):
* jit/SpecializedThunkJIT.h:
(JSC::SpecializedThunkJIT::finalize):
(JSC::SpecializedThunkJIT::callDoubleToDouble):
(JSC::SpecializedThunkJIT::callDoubleToDoublePreservingReturn):
* jit/ThunkGenerator.h:
* jit/ThunkGenerators.cpp:
(JSC::throwExceptionFromCallSlowPathGenerator):
(JSC::slowPathFor):
(JSC::linkCallThunkGenerator):
(JSC::linkPolymorphicCallThunkGenerator):
(JSC::virtualThunkFor):
(JSC::nativeForGenerator):
(JSC::nativeCallGenerator):
(JSC::nativeTailCallGenerator):
(JSC::nativeTailCallWithoutSavedTagsGenerator):
(JSC::nativeConstructGenerator):
(JSC::internalFunctionCallGenerator):
(JSC::internalFunctionConstructGenerator):
(JSC::arityFixupGenerator):
(JSC::unreachableGenerator):
(JSC::charCodeAtThunkGenerator):
(JSC::charAtThunkGenerator):
(JSC::fromCharCodeThunkGenerator):
(JSC::clz32ThunkGenerator):
(JSC::sqrtThunkGenerator):
(JSC::floorThunkGenerator):
(JSC::ceilThunkGenerator):
(JSC::truncThunkGenerator):
(JSC::roundThunkGenerator):
(JSC::expThunkGenerator):
(JSC::logThunkGenerator):
(JSC::absThunkGenerator):
(JSC::imulThunkGenerator):
(JSC::randomThunkGenerator):
(JSC::boundThisNoArgsFunctionCallGenerator):
* jit/ThunkGenerators.h:
* llint/LLIntData.cpp:
(JSC::LLInt::initialize):
* llint/LLIntData.h:
(JSC::LLInt::getExecutableAddress):
(JSC::LLInt::getCodePtr):
(JSC::LLInt::getCodeRef):
(JSC::LLInt::getCodeFunctionPtr):
* llint/LLIntEntrypoint.cpp:
(JSC::LLInt::setFunctionEntrypoint):
(JSC::LLInt::setEvalEntrypoint):
(JSC::LLInt::setProgramEntrypoint):
(JSC::LLInt::setModuleProgramEntrypoint):
* llint/LLIntExceptions.cpp:
(JSC::LLInt::callToThrow):
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::setUpCall):
* llint/LLIntThunks.cpp:
(JSC::vmEntryToWasm):
(JSC::LLInt::generateThunkWithJumpTo):
(JSC::LLInt::functionForCallEntryThunkGenerator):
(JSC::LLInt::functionForConstructEntryThunkGenerator):
(JSC::LLInt::functionForCallArityCheckThunkGenerator):
(JSC::LLInt::functionForConstructArityCheckThunkGenerator):
(JSC::LLInt::evalEntryThunkGenerator):
(JSC::LLInt::programEntryThunkGenerator):
(JSC::LLInt::moduleProgramEntryThunkGenerator):
* llint/LLIntThunks.h:
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* profiler/ProfilerCompilation.cpp:
(JSC::Profiler::Compilation::addOSRExitSite):
* profiler/ProfilerCompilation.h:
* profiler/ProfilerOSRExitSite.cpp:
(JSC::Profiler::OSRExitSite::toJS const):
* profiler/ProfilerOSRExitSite.h:
(JSC::Profiler::OSRExitSite::OSRExitSite):
(JSC::Profiler::OSRExitSite::codeAddress const):
(JSC::Profiler::OSRExitSite:: const): Deleted.
* runtime/ExecutableBase.cpp:
(JSC::ExecutableBase::clearCode):
* runtime/ExecutableBase.h:
(JSC::ExecutableBase::entrypointFor):
* runtime/NativeExecutable.cpp:
(JSC::NativeExecutable::finishCreation):
* runtime/NativeFunction.h:
(JSC::TaggedNativeFunction::TaggedNativeFunction):
(JSC::TaggedNativeFunction::operator NativeFunction):
* runtime/PtrTag.h:
(JSC::tagCodePtr):
(JSC::untagCodePtr):
(JSC::retagCodePtr):
(JSC::tagCFunctionPtr):
(JSC::untagCFunctionPtr):
(JSC::nextPtrTagID): Deleted.
* runtime/PutPropertySlot.h:
(JSC::PutPropertySlot::PutPropertySlot):
(JSC::PutPropertySlot::setCustomValue):
(JSC::PutPropertySlot::setCustomAccessor):
(JSC::PutPropertySlot::customSetter const):
* runtime/ScriptExecutable.cpp:
(JSC::ScriptExecutable::installCode):
* runtime/VM.cpp:
(JSC::VM::getHostFunction):
(JSC::VM::getCTIInternalFunctionTrampolineFor):
* runtime/VM.h:
(JSC::VM::getCTIStub):
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::emitExceptionCheck):
(JSC::Wasm::B3IRGenerator::emitTierUpCheck):
(JSC::Wasm::B3IRGenerator::addCall):
(JSC::Wasm::B3IRGenerator::addCallIndirect):
* wasm/WasmBBQPlan.cpp:
(JSC::Wasm::BBQPlan::prepare):
(JSC::Wasm::BBQPlan::complete):
* wasm/WasmBBQPlan.h:
* wasm/WasmBinding.cpp:
(JSC::Wasm::wasmToWasm):
* wasm/WasmBinding.h:
* wasm/WasmCallee.h:
(JSC::Wasm::Callee::entrypoint const):
* wasm/WasmCallingConvention.h:
(JSC::Wasm::CallingConvention::setupFrameInPrologue const):
* wasm/WasmCodeBlock.h:
(JSC::Wasm::CodeBlock::entrypointLoadLocationFromFunctionIndexSpace):
* wasm/WasmFaultSignalHandler.cpp:
(JSC::Wasm::trapHandler):
* wasm/WasmFormat.h:
* wasm/WasmInstance.h:
* wasm/WasmOMGPlan.cpp:
(JSC::Wasm::OMGPlan::work):
* wasm/WasmThunks.cpp:
(JSC::Wasm::throwExceptionFromWasmThunkGenerator):
(JSC::Wasm::throwStackOverflowFromWasmThunkGenerator):
(JSC::Wasm::triggerOMGTierUpThunkGenerator):
(JSC::Wasm::Thunks::stub):
(JSC::Wasm::Thunks::existingStub):
* wasm/WasmThunks.h:
* wasm/js/JSToWasm.cpp:
(JSC::Wasm::createJSToWasmWrapper):
* wasm/js/JSWebAssemblyCodeBlock.h:
* wasm/js/WasmToJS.cpp:
(JSC::Wasm::handleBadI64Use):
(JSC::Wasm::wasmToJS):
* wasm/js/WasmToJS.h:
* wasm/js/WebAssemblyFunction.h:
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::loadFromFrameAndJump):
(JSC::Yarr::YarrGenerator::BacktrackingState::linkDataLabels):
(JSC::Yarr::YarrGenerator::compile):
* yarr/YarrJIT.h:
(JSC::Yarr::YarrCodeBlock::set8BitCode):
(JSC::Yarr::YarrCodeBlock::set16BitCode):
(JSC::Yarr::YarrCodeBlock::set8BitCodeMatchOnly):
(JSC::Yarr::YarrCodeBlock::set16BitCodeMatchOnly):
(JSC::Yarr::YarrCodeBlock::execute):
(JSC::Yarr::YarrCodeBlock::clear):

Source/WebCore:

No new tests. This is covered by existing tests.

* WebCore.xcodeproj/project.pbxproj:
* css/ElementRuleCollector.cpp:
(WebCore::ElementRuleCollector::ruleMatches):
* cssjit/CSSPtrTag.h: Added.
* cssjit/CompiledSelector.h:
* cssjit/FunctionCall.h:
(WebCore::FunctionCall::FunctionCall):
(WebCore::FunctionCall::setFunctionAddress):
(WebCore::FunctionCall::prepareAndCall):
* cssjit/SelectorCompiler.cpp:
(WebCore::SelectorCompiler::compileSelector):
(WebCore::SelectorCompiler::SelectorFragment::appendUnoptimizedPseudoClassWithContext):
(WebCore::SelectorCompiler::addPseudoClassType):
(WebCore::SelectorCompiler::SelectorCodeGenerator::compile):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeFunctionCallValueMatching):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementFunctionCallTest):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateContextFunctionCallTest):
* cssjit/SelectorCompiler.h:
(WebCore::SelectorCompiler::ruleCollectorSimpleSelectorCheckerFunction):
(WebCore::SelectorCompiler::querySelectorSimpleSelectorCheckerFunction):
(WebCore::SelectorCompiler::ruleCollectorSelectorCheckerFunctionWithCheckingContext):
(WebCore::SelectorCompiler::querySelectorSelectorCheckerFunctionWithCheckingContext):
* dom/SelectorQuery.cpp:
(WebCore::SelectorDataList::executeCompiledSingleMultiSelectorData const):
(WebCore::SelectorDataList::execute const):
* dom/SelectorQuery.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230748 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWebKit::DisplayLink maintains a strong reference to WebPageProxy, creating a referenc...
conrad_shultz@apple.com [Wed, 18 Apr 2018 03:07:10 +0000 (03:07 +0000)]
WebKit::DisplayLink maintains a strong reference to WebPageProxy, creating a reference cycle
https://bugs.webkit.org/show_bug.cgi?id=184718

Reviewed by Tim Horton.

It turns out that the m_webPageProxy back-reference in DisplayLink, which was creating a
reference cycle, wasn't ever read, so we can just remove it.

* UIProcess/mac/DisplayLink.cpp:
(WebKit::DisplayLink::DisplayLink):
* UIProcess/mac/DisplayLink.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230747 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Extra zoom mode] Double tap to zoom should account for text legibility in extra...
wenson_hsieh@apple.com [Wed, 18 Apr 2018 02:50:25 +0000 (02:50 +0000)]
[Extra zoom mode] Double tap to zoom should account for text legibility in extra zoom mode
https://bugs.webkit.org/show_bug.cgi?id=184631
<rdar://problem/39303706>

Reviewed by Tim Horton.

Source/WebKit:

Implement the text legibility heuristic alluded to in r230506 by iterating through text runs in the document (up
to a maximum of 200) and building a histogram of font sizes that appear in the document, where each tally
represents a character.

The first and second text legibility zoom scales are then computed based on the zoom scales needed to
make 50% and 90% of the text legible, respectively. Here, a zoom scale that makes text legible is such that the
text would have an apparent font size of a hard-coded constant (currently, 12) after zooming. This means the
first and second text legibility scales may end up being close to one another, or even the same (in the case
where there is only a single font size in the entire document). In this case, we just snap the first scale to
the second, so that double tapping will only toggle between two zoom scales. In another case where the document
has no text (e.g. an image document), we just fall back to a zoom scale of 1.

Test: fast/events/extrazoom/double-tap-to-zoom-on-full-width-text.html

* WebProcess/WebPage/ViewGestureGeometryCollector.cpp:
(WebKit::ViewGestureGeometryCollector::computeTextLegibilityScales):

LayoutTests:

Add a layout test to check that double tap to zoom works in extra zoom mode, even when text spans the entire
width of the document.

* TestExpectations:
* fast/events/extrazoom/double-tap-to-zoom-on-full-width-text-expected.txt: Added.
* fast/events/extrazoom/double-tap-to-zoom-on-full-width-text.html: Added.
* resources/basic-gestures.js:

Add a helper method to double tap at a given location, and wait for zooming to finish.

(return.new.Promise):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230746 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDon't activate selection on become first responder
megan_gardner@apple.com [Wed, 18 Apr 2018 01:03:22 +0000 (01:03 +0000)]
Don't activate selection on become first responder
https://bugs.webkit.org/show_bug.cgi?id=184719

Reviewed by Tim Horton.

If we activate the selection immediately on becoming first responder, we cause the selection view to delete itself
since it is not guaranteed to have selection rects immediately due to async/two process architecture. The selection
is activated already when the selection rects change, so there is no reason to activate it now. This has likely worked
in the past because this selection assistant was only for editable text, which would immediately set a caret, which
is a selection. Now that this is for non-editable text as well, activating the selection is problematic.

* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView becomeFirstResponderForWebView]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230745 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WinCairo][TestWebKitAPI] Implement PlatformWebView for TestWebKit
Hironori.Fujii@sony.com [Wed, 18 Apr 2018 01:01:09 +0000 (01:01 +0000)]
[WinCairo][TestWebKitAPI] Implement PlatformWebView for TestWebKit
https://bugs.webkit.org/show_bug.cgi?id=184524

Reviewed by Alex Christensen.

Resurrect PlatformWebView for Windows port which was removed in Bug 104607.

* TestWebKitAPI/PlatformWebView.h:
* TestWebKitAPI/PlatformWin.cmake:
* TestWebKitAPI/win/InjectedBundleControllerWin.cpp: Added.
(TestWebKitAPI::InjectedBundleController::platformInitialize):
* TestWebKitAPI/win/PlatformUtilitiesWin.cpp: Added.
(TestWebKitAPI::Util::moduleDirectory):
(TestWebKitAPI::Util::createInjectedBundlePath):
(TestWebKitAPI::Util::createURLForResource):
(TestWebKitAPI::Util::URLForNonExistentResource):
(TestWebKitAPI::Util::isKeyDown):
* TestWebKitAPI/win/PlatformWebViewWin.cpp: Added.
(TestWebKitAPI::PlatformWebView::registerWindowClass):
(TestWebKitAPI::PlatformWebView::PlatformWebView):
(TestWebKitAPI::PlatformWebView::initialize):
(TestWebKitAPI::PlatformWebView::~PlatformWebView):
(TestWebKitAPI::PlatformWebView::page const):
(TestWebKitAPI::PlatformWebView::resizeTo):
(TestWebKitAPI::PlatformWebView::simulateSpacebarKeyPress):
(TestWebKitAPI::PlatformWebView::simulateAltKeyPress):
(TestWebKitAPI::PlatformWebView::simulateRightClick):
(TestWebKitAPI::PlatformWebView::simulateMouseMove):
(TestWebKitAPI::PlatformWebView::wndProc):
* TestWebKitAPI/win/UtilitiesWin.cpp: Added.
(TestWebKitAPI::Util::run):
(TestWebKitAPI::Util::spinRunLoop):
(TestWebKitAPI::Util::sleep):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230744 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWeb Automation: simulated mouse interactions should not be done until associated...
bburg@apple.com [Wed, 18 Apr 2018 00:46:06 +0000 (00:46 +0000)]
Web Automation: simulated mouse interactions should not be done until associated DOM events have been dispatched
https://bugs.webkit.org/show_bug.cgi?id=184462
<rdar://problem/39323336>

Reviewed by Carlos Garcia Campos and Tim Horton.

Covered by existing layout tests and actions endpoints in WebDriver test suite.

In preparation for implementing the W3C WebDriver command "Perform Actions", we need a way to
know when a simulated mouse event has been fully processed by WebProcess and it is okay to continue
to dispatch more simulated events.

This patch makes mouse events go through a queue as they are delivered to WebPageProxy. The approach
is very similar to how key events are handled. In the key event case, lots of WebEvents can come out
of typing one keystroke, so these need to be queued up and retired one by one when the WebProcess has
finished handling each event. In some mouse event cases---particularly fake mouse moves---there can
also be more than one mouse event waiting to be handled by WebProcess.

In the past, these queued mouse events were tracked with several member variables as different
use cases emerged. These are all replaced with ordinary deque operations, such as peeking or
checking the queue length.

* Platform/Logging.h: Add logging channel for mouse events.
* UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::AutomationCommandError::toProtocolString): Add type-safe helper class for command errors.
In future patches we can hide knowledge of how this is sent over the protocol by relying more on
the convenience constructors and .toProtocolString() method.

(WebKit::WebAutomationSession::willShowJavaScriptDialog):
This section needs adjustments. Since performMouseInteraction now depends on key events being processed
prior to returning from the command, we need to abort any key event callbacks that are pending if an
alert pops up as a result of sending a mousedown event. Any mouse events that are still queued will
be handled when the alert is dismissed and the nested run loop exits.

(WebKit::WebAutomationSession::mouseEventsFlushedForPage):
(WebKit::WebAutomationSession::keyboardEventsFlushedForPage):
Modernize this a bit. Don't spread knowledge about how commands are sent back out into event handling code.
Our wrapper callbacks in performXXXInteraction handle the protocol-specific details of the response.

(WebKit::WebAutomationSession::performMouseInteraction):
Add code similar to performKeyboardInteractions so that the command doesn't finish until the mouse
event has been fully handled. Unlike keyboards, sometimes mouse interactions don't turn into WebEvents
so we also need to handle the case where there is nothing to be waited on because hit testing did
not return a target to deliver the event to.

(WebKit::WebAutomationSession::performKeyboardInteractions):
Modernize a little bit to use generic callbacks rather than protocol-generated callbacks in the
event waiting/handling code. Now it matches the types used for the mouse event case.

* UIProcess/Automation/WebAutomationSession.h:
(WebKit::AutomationCommandError::AutomationCommandError):
Add a helper struct to hold an enumerated error name and an optional free-form error message.

* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::webMouseEventTypeString):
(WebKit::webKeyboardEventTypeString):
(WebKit::WebPageProxy::handleMouseEvent):
(WebKit::WebPageProxy::processNextQueuedMouseEvent):
Split the old method into handleMouseEvent (called by other code) and processNextQueuedMouseEvent.
The latter sends the next mouse event to WebProcess, and can be triggered in didReceiveEvent
if there are more mouse events to be sent to WebProcess.

(WebKit::WebPageProxy::isProcessingMouseEvents const): Added.
(WebKit::WebPageProxy::currentlyProcessedMouseDownEvent): Reimplemented on top of the deque.
(WebKit::WebPageProxy::didReceiveEvent):
Unify the code paths for different mouse event types to all use the deque. They also will
notify the automation session if there are no more mouse events to send (i.e., interaction is over).

(WebKit::WebPageProxy::resetStateAfterProcessExited): Add handling for new map.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230743 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix hasher tests for system with 32 bit longs
jbedard@apple.com [Wed, 18 Apr 2018 00:42:32 +0000 (00:42 +0000)]
Fix hasher tests for system with 32 bit longs
https://bugs.webkit.org/show_bug.cgi?id=184708
<rdar://problem/39459977>

Reviewed by Mark Lam.

Some systems have 32 bit longs. The Hasher WTF tests should handle this case.

* TestWebKitAPI/Tests/WTF/Hasher.cpp:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230742 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rolling out r230697, r230720, and r230724.
jlewis3@apple.com [Wed, 18 Apr 2018 00:05:07 +0000 (00:05 +0000)]
Unreviewed, rolling out r230697, r230720, and r230724.
https://bugs.webkit.org/show_bug.cgi?id=184717

These caused multiple failures on the Test262 testers.
(Requested by mlewis13 on #webkit).

Reverted changesets:

"[WebAssembly][Modules] Prototype wasm import"
https://bugs.webkit.org/show_bug.cgi?id=184600
https://trac.webkit.org/changeset/230697

"[WebAssembly][Modules] Implement function import from wasm
modules"
https://bugs.webkit.org/show_bug.cgi?id=184689
https://trac.webkit.org/changeset/230720

"[JSC] Rename runWebAssembly to runWebAssemblySuite"
https://bugs.webkit.org/show_bug.cgi?id=184703
https://trac.webkit.org/changeset/230724

Patch by Commit Queue <commit-queue@webkit.org> on 2018-04-17

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230741 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoA put is not an ExistingProperty put when we transition a structure because of an...
jfbastien@apple.com [Tue, 17 Apr 2018 23:48:00 +0000 (23:48 +0000)]
A put is not an ExistingProperty put when we transition a structure because of an attributes change
https://bugs.webkit.org/show_bug.cgi?id=184706
<rdar://problem/38871451>

Reviewed by Saam Barati.

JSTests:

* stress/put-by-id-direct-strict-transition.js: Added.
(const.foo):
(j.const.obj.set hello):
* stress/put-by-id-direct-transition.js: Added.
(const.foo):
(j.const.obj.set hello):
* stress/put-getter-setter-by-id-strict-transition.js: Added.
(const.foo):
(j.const.obj.set hello):
* stress/put-getter-setter-by-id-transition.js: Added.
(const.foo):
(j.const.obj.set hello):

Source/JavaScriptCore:

When putting a property on a structure and the slot is a different
type, the slot can't be said to have already been existing.

* runtime/JSObjectInlines.h:
(JSC::JSObject::putDirectInternal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230740 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK][WPE] Build failure due to presence of Avahi's <dns_sd.h> header
aperez@igalia.com [Tue, 17 Apr 2018 23:41:09 +0000 (23:41 +0000)]
[GTK][WPE] Build failure due to presence of Avahi's <dns_sd.h> header
https://bugs.webkit.org/show_bug.cgi?id=184711

Unreviewed build fix.

* NetworkProcess/webrtc/NetworkMDNSRegister.h: Set ENABLE_MDNS only for PLATFORM(COCOA).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230739 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRetain MessagePortChannel for transfer when disentangling ports
commit-queue@webkit.org [Tue, 17 Apr 2018 23:38:46 +0000 (23:38 +0000)]
Retain MessagePortChannel for transfer when disentangling ports
https://bugs.webkit.org/show_bug.cgi?id=184502
<rdar://problem/39372771>

Patch by Tadeu Zagallo <tzagallo@apple.com> on 2018-04-17
Reviewed by Geoffrey Garen.

Source/WebCore:

MessagePortChannels should be retained while ports are being transferred, but that was only
happening when sending a port through another port, but not when sending it through a worker.

Test: workers/worker-to-worker.html

* dom/messageports/MessagePortChannel.cpp:
(WebCore::MessagePortChannel::entanglePortWithProcess):
(WebCore::MessagePortChannel::disentanglePort):
(WebCore::MessagePortChannel::postMessageToRemote):
(WebCore::MessagePortChannel::takeAllMessagesForPort):

LayoutTests:

Check that the MessageChannel does not get eagerly deallocated when transferring both of its
ports. Original test case provided with the bug report by Ashley Gullen <ashley@scirra.com>

* workers/worker-to-worker-expected.txt: Added.
* workers/worker-to-worker.html: Added.
* workers/worker-to-worker.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230738 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoReferences from CSSStyleDeclaration to CSSValues should be weak
commit-queue@webkit.org [Tue, 17 Apr 2018 23:33:02 +0000 (23:33 +0000)]
References from CSSStyleDeclaration to CSSValues should be weak
https://bugs.webkit.org/show_bug.cgi?id=180280
<rdar://problem/35804869>

Patch by Tadeu Zagallo <tzagallo@apple.com> on 2018-04-17
Reviewed by Geoffrey Garen.

No new tests - used the existing test to verify the leak

* css/DeprecatedCSSOMValue.h:
(WebCore::DeprecatedCSSOMValue::weakPtrFactory):
* css/PropertySetCSSStyleDeclaration.cpp:
(WebCore::PropertySetCSSStyleDeclaration::wrapForDeprecatedCSSOM):
* css/PropertySetCSSStyleDeclaration.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230737 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed rollout of r230632. Regression in memory usage.
jbedard@apple.com [Tue, 17 Apr 2018 23:08:31 +0000 (23:08 +0000)]
Unreviewed rollout of r230632. Regression in memory usage.

That bug tracked in https://bugs.webkit.org/show_bug.cgi?id=184569.

LayoutTests/imported/w3c:

* web-platform-tests/web-animations/interfaces/Animatable/animate-expected.txt:

Source/WebCore:

Tests: animations/animation-internals-api-multiple-keyframes.html
       animations/animation-internals-api.html
       transitions/transition-drt-api-delay.html
       transitions/transition-drt-api.html

* page/RuntimeEnabledFeatures.h:
* testing/Internals.cpp:
(WebCore::Internals::pseudoElement): Deleted.
* testing/Internals.h:
* testing/Internals.idl:

Source/WebKit:

* Shared/WebPreferences.yaml:

Source/WebKitLegacy/mac:

* WebView/WebPreferences.mm:
(+[WebPreferences initialize]):

Source/WebKitLegacy/win:

* WebPreferences.cpp:
(WebPreferences::initializeDefaultSettings):

Tools:

* DumpRenderTree/TestOptions.h:
* DumpRenderTree/mac/DumpRenderTree.mm:
(runTest):
(shouldOverrideAndDisableCSSAnimationsAndCSSTransitionsBackedByWebAnimationsPreference): Deleted.
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetPreferencesToConsistentValues):
* WebKitTestRunner/TestOptions.cpp:
(WTR::TestOptions::TestOptions):
(WTR::isLegacyAnimationEngineTestPath): Deleted.
* WebKitTestRunner/TestOptions.h:

LayoutTests:

* TestExpectations:
* animations/animation-direction-alternate-reverse-expected.txt:
* animations/animation-direction-alternate-reverse.html:
* animations/animation-hit-test-transform.html:
* animations/animation-internals-api-expected.txt: Copied from LayoutTests/animations/animation-internals-api-expected.txt.
* animations/animation-internals-api-multiple-keyframes-expected.txt: Copied from LayoutTests/animations/animation-internals-api-multiple-keyframes-expected.txt.
* animations/animation-internals-api-multiple-keyframes.html: Copied from LayoutTests/animations/animation-internals-api-multiple-keyframes.html.
* animations/animation-internals-api.html: Copied from LayoutTests/animations/animation-internals-api.html.
* animations/big-rotation-expected.txt:
* animations/big-rotation.html:
* animations/duplicated-keyframes-name.html:
* animations/fill-forwards-end-state.html:
* animations/fill-mode-forwards-zero-duration-expected.txt:
* animations/fill-mode-forwards-zero-duration.html:
* fast/css-generated-content/pseudo-animation.html:
* fast/css-generated-content/pseudo-transition.html:
* platform/ios/TestExpectations:
* platform/win/TestExpectations:
* transitions/remove-transition-style.html:
* transitions/transition-drt-api-delay-expected.txt: Copied from LayoutTests/transitions/transition-drt-api-delay-expected.txt.
* transitions/transition-drt-api-delay.html: Copied from LayoutTests/transitions/transition-drt-api-delay.html.
* transitions/transition-drt-api-expected.txt: Copied from LayoutTests/transitions/transition-drt-api-expected.txt.
* transitions/transition-drt-api.html: Copied from LayoutTests/transitions/transition-drt-api.html.
* transitions/transition-hit-test-transform.html:
* transitions/zero-duration-with-non-zero-delay-end.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230736 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDo not unregister MessagePorts on deallocation if it has been disentangled
commit-queue@webkit.org [Tue, 17 Apr 2018 22:57:29 +0000 (22:57 +0000)]
Do not unregister MessagePorts on deallocation if it has been disentangled
https://bugs.webkit.org/show_bug.cgi?id=184285
<rdar://problem/39256714>

Patch by Tadeu Zagallo <tzagallo@apple.com> on 2018-04-17
Reviewed by Darin Adler.

Source/WebCore:

Test: workers/message-port-gc.html

* dom/MessagePort.cpp:
(WebCore::MessagePort::deref const):

LayoutTests:

Original test provided as part of the bug report by Yann Cabon <ycabon@esri.com>

* workers/message-port-gc-expected.txt: Added.
* workers/message-port-gc.html: Added.
* workers/message-port-gc.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230735 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Curl] Fix timing of reporting error to the client
commit-queue@webkit.org [Tue, 17 Apr 2018 22:21:22 +0000 (22:21 +0000)]
[Curl] Fix timing of reporting error to the client
https://bugs.webkit.org/show_bug.cgi?id=184707

Before checking the result code, check the status of callback invocation and
do the right thing.

Patch by Basuke Suzuki <Basuke.Suzuki@sony.com> on 2018-04-17
Reviewed by Youenn Fablet.

No new tests because there's no new behavior.

* platform/network/curl/CurlRequest.cpp:
(WebCore::CurlRequest::didCompleteTransfer):
* platform/network/curl/CurlRequest.h:
(WebCore::CurlRequest::needToInvokeDidReceiveResponse const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230734 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAlways use LayerContentsType::IOSurface in minimal simulator mode
timothy@apple.com [Tue, 17 Apr 2018 22:13:28 +0000 (22:13 +0000)]
Always use LayerContentsType::IOSurface in minimal simulator mode
https://bugs.webkit.org/show_bug.cgi?id=184710

Reviewed by Simon Fraser.

* UIProcess/RemoteLayerTree/RemoteLayerTreeHost.mm:
(WebKit::RemoteLayerTreeHost::updateLayerTree):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230730 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRelease assert in InjectedBundle::postSynchronousMessage
rniwa@webkit.org [Tue, 17 Apr 2018 21:54:43 +0000 (21:54 +0000)]
Release assert in InjectedBundle::postSynchronousMessage
https://bugs.webkit.org/show_bug.cgi?id=184683

Reviewed by Wenson Hsieh.

Some injected bundles sends sync message when it's not safe to execute scripts.

Use DoNotProcessIncomingMessagesWhenWaitingForSyncReply option in InjectedBundle::postSynchronousMessage
to avoid processing incoming sync IPC messages so that we don't execute arbitrary scripts in those cases.

* WebProcess/InjectedBundle/InjectedBundle.cpp:
(WebKit::InjectedBundle::postSynchronousMessage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230729 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Curl] Export authentication information to be used by the client.
commit-queue@webkit.org [Tue, 17 Apr 2018 21:42:32 +0000 (21:42 +0000)]
[Curl] Export authentication information to be used by the client.
https://bugs.webkit.org/show_bug.cgi?id=184709

Just added getters for username and password member variables.

Patch by Basuke Suzuki <Basuke.Suzuki@sony.com> on 2018-04-17
Reviewed by Alex Christensen.

No new tests because there's no new behavior.

* platform/network/curl/CurlRequest.h:
(WebCore::CurlRequest::user const):
(WebCore::CurlRequest::password const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230728 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed attempt to fix the Windows build after r230721
cdumez@apple.com [Tue, 17 Apr 2018 20:15:39 +0000 (20:15 +0000)]
Unreviewed attempt to fix the Windows build after r230721

* WebCoreSupport/WebFrameLoaderClient.cpp:
(WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230727 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoJSGenericTypedArrayView<>::visitChildren has a race condition reading m_mode and...
fpizlo@apple.com [Tue, 17 Apr 2018 19:56:33 +0000 (19:56 +0000)]
JSGenericTypedArrayView<>::visitChildren has a race condition reading m_mode and m_vector
https://bugs.webkit.org/show_bug.cgi?id=184705

Reviewed by Michael Saboff.

My old multisocket Mac Pro is amazing at catching race conditions in the GC. Earlier today
while testing an unrelated patch, a concurrent GC thread crashed inside
JSGenericTypedArrayView<>::visitChildren() calling markAuxiliary(). I'm pretty sure it's
because a typed array became wasteful concurrently to the GC. So, visitChildren() read one
mode and another vector.

The fix is to lock inside visitChildren and anyone who changes those fields.

I'm not even going to try to write a test. I think it's super lucky that my Mac Pro caught
this.

* runtime/JSArrayBufferView.cpp:
(JSC::JSArrayBufferView::neuter):
* runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren):
(JSC::JSGenericTypedArrayView<Adaptor>::slowDownAndWasteMemory):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230726 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoPutStackSinkingPhase should know that KillStack means ConflictingFlush
fpizlo@apple.com [Tue, 17 Apr 2018 19:53:30 +0000 (19:53 +0000)]
PutStackSinkingPhase should know that KillStack means ConflictingFlush
https://bugs.webkit.org/show_bug.cgi?id=184672

Reviewed by Michael Saboff.

JSTests:

* stress/sink-put-stack-over-kill-stack.js: Added.
(avocado_1):
(apricot_0):
(__c_0):
(banana_2):

Source/JavaScriptCore:

We've had a long history of KillStack and PutStackSinkingPhase having problems. We kept changing the meaning of
KillStack, and at some point we removed reasoning about KillStack from PutStackSinkingPhase. I tried doing some
archeology - but I'm still not sure why that phase ignores KillStack entirely. Maybe it's an oversight or maybe it's
intentional - I don't know.

Whatever the history, it's clear from the attached test case that ignoring KillStack is not correct. The outcome of
doing so is that we will sometimes sink a PutStack below a KillStack. That's wrong because then, OSR exit will use
the value from the PutStack instead of using the value from the MovHint that is associated with the KillStack. So,
KillStack must be seen as a special kind of clobber of the stack slot. OSRAvailabiity uses ConflictingFlush. I think
that's correct here, too. If we used DeadFlush and that was merged with another control flow path that had a
specific flush format, then we would think that we could sink the flush from that path. That's not right, since that
could still lead to sinking a PutStack past the KillStack in the sense that a PutStack will appear after the
KillStack along one path through the CFG. Also, the definition of DeadFlush and ConflictingFlush in the comment
inside PutStackSinkingPhase seems to suggest that KillStack is a ConflictingFlush, since DeadFlush means that we
have done some PutStack and their values are still valid. KillStack is not a PutStack and it means that previous
values are not valid. The definition of ConflictingFlush is that "we know, via forward flow, that there isn't any
value in the given local that anyone should have been relying on" - which exactly matches KillStack's definition.

This also means that we cannot eliminate arguments allocations that are live over KillStacks, since if we eliminated
them then we would have a GetStack after a KillStack. One easy way to fix this is to say that KillStack writes to
its stack slot for the purpose of clobberize.

* dfg/DFGClobberize.h: KillStack "writes" to its stack slot.
* dfg/DFGPutStackSinkingPhase.cpp: Fix the bug.
* ftl/FTLLowerDFGToB3.cpp: Add better assertion failure.
(JSC::FTL::DFG::LowerDFGToB3::buildExitArguments):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230725 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[JSC] Rename runWebAssembly to runWebAssemblySuite
utatane.tea@gmail.com [Tue, 17 Apr 2018 19:13:10 +0000 (19:13 +0000)]
[JSC] Rename runWebAssembly to runWebAssemblySuite
https://bugs.webkit.org/show_bug.cgi?id=184703

Reviewed by JF Bastien.

JSTests:

And add runWebAssembly as a command to simplely run wasm modules.

* wasm.yaml:

Tools:

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230724 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoJSWebAssemblyCodeBlock should be in an IsoSubspace
fpizlo@apple.com [Tue, 17 Apr 2018 18:59:00 +0000 (18:59 +0000)]
JSWebAssemblyCodeBlock should be in an IsoSubspace
https://bugs.webkit.org/show_bug.cgi?id=184704

Reviewed by Mark Lam.

Previously it was in a CompleteSubspace, which is pretty good, but also quite wasteful.
CompleteSubspace means about 4KB of data to track the size-allocator mapping. IsoSubspace
shortcircuits this. Also, IsoSubspace uses the iso allocator, so it provides stronger UAF
protection.

* runtime/VM.cpp:
(JSC::VM::VM):
* runtime/VM.h:
* wasm/js/JSWebAssemblyCodeBlock.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230723 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoOnly enable useSeparatedWXHeap on ARM64.
jer.noble@apple.com [Tue, 17 Apr 2018 18:33:36 +0000 (18:33 +0000)]
Only enable useSeparatedWXHeap on ARM64.
https://bugs.webkit.org/show_bug.cgi?id=184697

Reviewed by Saam Barati.

* runtime/Options.cpp:
(JSC::recomputeDependentOptions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230722 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION (r229831): CMD-clicking an iCloud web app link unexpectedly opens that...
cdumez@apple.com [Tue, 17 Apr 2018 18:13:49 +0000 (18:13 +0000)]
REGRESSION (r229831): CMD-clicking an iCloud web app link unexpectedly opens that link in a new tab and the current tab
https://bugs.webkit.org/show_bug.cgi?id=184678
<rdar://problem/39422122>

Reviewed by Alex Christensen.

Source/WebCore:

Frament navigations need to happen synchronously for Web-compatibility. Because of this,
r225657 added code to make sure that if the client does not make the navigation policy
decision synchronously for frament navigations, then we'll stop waiting for the client
and proceed with the navigation. However, r229831 make the navigation policy decision
IPC decision, meaning that even if the client responds synchronously, it would be
asynchronously from WebCore's point of view. As a result, we would always ignore the
client's policy decision when doing a fragment navigation.

This is an issue on iclould.com because the web-app links are fragment URLs. When you
CMD+click one of these link, we do the navigation policy check. As a result of this
check, Safari responds IGNORE to the policy decision and instead decides to load the
link in a new tab (because CMD key is pressed). Due to the bug mentioned above, we
would not obey the IGNORE policy decision from Safari and load the link in the current
tab, even though Safari would already be loading it in a new tab.

To address the issue, I reintroduced a synchronous code path for navigation policy
decision making, backed by synchronous IPC. This synchronous code path is now used for
fragment navigations to restore pre-r229831 behavior. If the client does not answer
synchronously, we'll proceed with the navigation anyway, as was happening pre-r229831.

Test: http/tests/navigation/fragment-navigation-policy-ignore.html

* loader/EmptyClients.cpp:
(WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
* loader/EmptyFrameLoaderClient.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::loadWithDocumentLoader):
* loader/FrameLoaderClient.h:
* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy):
* loader/PolicyChecker.h:

Source/WebKit:

Re-introduce synchronous code path which existed pre-r229831 and use it for fragment navigations.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::receivedPolicyDecision):
(WebKit::WebPageProxy::decidePolicyForNavigationActionSync):
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

Source/WebKitLegacy/mac:

Add new parameter to dispatchDecidePolicyForNavigationAction.

* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

Source/WebKitLegacy/win:

Add new parameter to dispatchDecidePolicyForNavigationAction.

* WebCoreSupport/WebFrameLoaderClient.cpp:
(WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
* WebCoreSupport/WebFrameLoaderClient.h:

LayoutTests:

Add layout test coverage.

* http/tests/navigation/fragment-navigation-policy-ignore-expected.txt: Added.
* http/tests/navigation/fragment-navigation-policy-ignore.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230721 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WebAssembly][Modules] Implement function import from wasm modules
utatane.tea@gmail.com [Tue, 17 Apr 2018 18:00:07 +0000 (18:00 +0000)]
[WebAssembly][Modules] Implement function import from wasm modules
https://bugs.webkit.org/show_bug.cgi?id=184689

Reviewed by JF Bastien.

JSTests:

* wasm.yaml:
* wasm/modules/js-wasm-cycle.js: Added.
* wasm/modules/js-wasm-cycle/entry.js: Added.
(from.string_appeared_here.export.return42):
* wasm/modules/js-wasm-cycle/sum.wasm: Added.
* wasm/modules/js-wasm-cycle/sum.wat: Added.
* wasm/modules/run-from-wasm.wasm: Added.
* wasm/modules/run-from-wasm.wat: Added.
* wasm/modules/run-from-wasm/check.js: Added.
(export.check):
* wasm/modules/wasm-imports-js-exports.js: Added.
* wasm/modules/wasm-imports-js-exports/imports.wasm: Added.
* wasm/modules/wasm-imports-js-exports/imports.wat: Added.
* wasm/modules/wasm-imports-js-exports/sum.js: Added.
(export.sum):
* wasm/modules/wasm-imports-js-re-exports-wasm-exports.js: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wasm: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wat: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/re-export.js: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wasm: Added.
* wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wat: Added.
* wasm/modules/wasm-imports-wasm-exports.js: Added.
* wasm/modules/wasm-imports-wasm-exports/imports.wasm: Added.
* wasm/modules/wasm-imports-wasm-exports/imports.wat: Added.
* wasm/modules/wasm-imports-wasm-exports/sum.wasm: Added.
* wasm/modules/wasm-imports-wasm-exports/sum.wat: Added.
* wasm/modules/wasm-js-cycle.js: Added.
* wasm/modules/wasm-js-cycle/entry.wasm: Added.
* wasm/modules/wasm-js-cycle/entry.wat: Added.
* wasm/modules/wasm-js-cycle/sum.js: Added.
(from.string_appeared_here.export.sum):
* wasm/modules/wasm-wasm-cycle.js: Added.
* wasm/modules/wasm-wasm-cycle/entry.wasm: Added.
* wasm/modules/wasm-wasm-cycle/entry.wat: Added.
* wasm/modules/wasm-wasm-cycle/sum.wasm: Added.
* wasm/modules/wasm-wasm-cycle/sum.wat: Added.

Source/JavaScriptCore:

This patch implements function import from wasm modules. We move function importing part
from JSWebAssemblyInstance's creation function to WebAssemblyModuleRecord::link. This
is because linking these functions requires that all the dependent modules are created.
While we want to move all the linking functionality from JSWebAssemblyInstance to
WebAssemblyModuleRecord::link, we do not that in this patch.  In this patch, we move only
function importing part because efficient compilation of WebAssembly needs to know
the type of WebAssemblyMemory (signaling or bound checking). This needs to know imported
or attached WebAssembly memory object. So we cannot defer this linking to
WebAssemblyModuleRecord::link now.

The largest difference from JS module linking is that WebAssembly module linking links
function from the module by snapshotting. When you have a cyclic module graph like this,

-> JS1 (export "fun") -> Wasm1 (import "fun from JS1) -+
    ^                                                  |
    +--------------------------------------------------+

we fail to link this since "fun" is not instantiated when Wasm1 is first linked. This behavior
is described in [1], and tested in this patch.

[1]: https://github.com/WebAssembly/esm-integration/tree/master/proposals/esm-integration#js---wasm-cycle-where-js-is-higher-in-the-module-graph

* JavaScriptCore.xcodeproj/project.pbxproj:
* jsc.cpp:
(functionDollarAgentStart):
(checkException):
(runWithOptions):
Small fixes for wasm module loading.

* parser/NodesAnalyzeModule.cpp:
(JSC::ImportDeclarationNode::analyzeModule):
* runtime/AbstractModuleRecord.cpp:
(JSC::AbstractModuleRecord::resolveImport):
(JSC::AbstractModuleRecord::link):
* runtime/AbstractModuleRecord.h:
(JSC::AbstractModuleRecord::moduleEnvironmentMayBeNull):
(JSC::AbstractModuleRecord::ImportEntry::isNamespace const): Deleted.
Now, wasm modules can have import which is named "*". So this function does not work.
Since wasm modules never have namespace importing, we check this in JS's module analyzer.

* runtime/JSModuleEnvironment.cpp:
(JSC::JSModuleEnvironment::getOwnNonIndexPropertyNames):
* runtime/JSModuleRecord.cpp:
(JSC::JSModuleRecord::instantiateDeclarations):
* wasm/WasmCreationMode.h: Added.
* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::finalizeCreation):
(JSC::JSWebAssemblyInstance::create):
* wasm/js/JSWebAssemblyInstance.h:
* wasm/js/WebAssemblyInstanceConstructor.cpp:
(JSC::constructJSWebAssemblyInstance):
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):
* wasm/js/WebAssemblyModuleRecord.h:
* wasm/js/WebAssemblyPrototype.cpp:
(JSC::resolve):
(JSC::instantiate):
(JSC::compileAndInstantiate):
(JSC::WebAssemblyPrototype::instantiate):
(JSC::webAssemblyInstantiateFunc):

Tools:

Add runWebAssemblyDirect, which runs wasm file directly.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230720 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoCommit order should always be returned by api.
dewei_zhu@apple.com [Tue, 17 Apr 2018 17:23:18 +0000 (17:23 +0000)]
Commit order should always be returned by api.
https://bugs.webkit.org/show_bug.cgi?id=184674

Reviewed by Ryosuke Niwa.

Commit order sometimes missing in CommitLog object before this change.
This makes ordering commits logic become unnecessarily complicate.
This change will ensure commit order is always fetched for a CommitLog object.
Change measurement-set API to contain commit order information.
Change commits API to contain commit order information.

* public/api/measurement-set.php: Includes commit order information.
* public/include/commit-log-fetcher.php:
* public/v3/models/commit-log.js: Added a function to return order information.
(CommitLog.prototype.updateSingleton): This function should update commit order.
(CommitLog.prototype.order): Returns the order of commit.
* public/v3/models/commit-set.js:
(MeasurementCommitSet): Update MeasurementCommitSet to contain commit order information when creating CommitLog object.
* server-tests/api-measurement-set-tests.js: Updated unit tests.
* unit-tests/analysis-task-tests.js: Update unit tests to contain commit order information in mock data.
(measurementCluster):
* unit-tests/commit-log-tests.js: Added unit tests for CommitLog.order.
* unit-tests/commit-set-tests.js: Added commit order in MeasurementCommitSet.
* unit-tests/measurement-adaptor-tests.js: Updated unit tests to contain commit order information in mock data.
* unit-tests/measurement-set-tests.js: Updated unit tests to contain commit order information in mock data.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230719 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE][GTK] GObject introspection annotation fixes: BackForwardList, NetworkProxySettings
mcatanzaro@igalia.com [Tue, 17 Apr 2018 17:13:01 +0000 (17:13 +0000)]
[WPE][GTK] GObject introspection annotation fixes: BackForwardList, NetworkProxySettings
https://bugs.webkit.org/show_bug.cgi?id=184658

Reviewed by Carlos Garcia Campos.

Thanks to Dylan Simon for recommending these annotation fixes.

* UIProcess/API/glib/WebKitBackForwardList.cpp:
* UIProcess/API/glib/WebKitNetworkProxySettings.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230718 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoImplement setupArgumentsImpl for ARM and MIPS
commit-queue@webkit.org [Tue, 17 Apr 2018 17:05:21 +0000 (17:05 +0000)]
Implement setupArgumentsImpl for ARM and MIPS
https://bugs.webkit.org/show_bug.cgi?id=183786

Patch by Dominik Infuehr <dinfuehr@igalia.com> on 2018-04-17
Reviewed by Yusuke Suzuki.

Implement setupArgumentsImpl for ARM (hardfp and softfp) and MIPS calling convention. Added
numCrossSources and extraGPRArgs to ArgCollection to keep track of extra
registers used for 64-bit values on 32-bit architectures. numCrossSources
keeps track of assignments from FPR to GPR registers as happens e.g. on MIPS.

* assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::moveDouble):
* assembler/MacroAssemblerMIPS.h:
(JSC::MacroAssemblerMIPS::moveDouble):
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupStubCrossArgs):
(JSC::CCallHelpers::ArgCollection::ArgCollection):
(JSC::CCallHelpers::ArgCollection::pushRegArg):
(JSC::CCallHelpers::ArgCollection::pushExtraRegArg):
(JSC::CCallHelpers::ArgCollection::addGPRArg):
(JSC::CCallHelpers::ArgCollection::addGPRExtraArg):
(JSC::CCallHelpers::ArgCollection::addStackArg):
(JSC::CCallHelpers::ArgCollection::addPoke):
(JSC::CCallHelpers::ArgCollection::argCount):
(JSC::CCallHelpers::calculatePokeOffset):
(JSC::CCallHelpers::pokeForArgument):
(JSC::CCallHelpers::stackAligned):
(JSC::CCallHelpers::marshallArgumentRegister):
(JSC::CCallHelpers::setupArgumentsImpl):
(JSC::CCallHelpers::pokeArgumentsAligned):
(JSC::CCallHelpers::std::is_integral<CURRENT_ARGUMENT_TYPE>::value):
(JSC::CCallHelpers::std::is_pointer<CURRENT_ARGUMENT_TYPE>::value):
(JSC::CCallHelpers::setupArguments):
* jit/FPRInfo.h:
(JSC::FPRInfo::toArgumentRegister):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230717 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rolling out r230713.
jlewis3@apple.com [Tue, 17 Apr 2018 17:02:00 +0000 (17:02 +0000)]
Unreviewed, rolling out r230713.

This caused internal build failures.

Reverted changeset:

"Implement checked cast for DDResultRef once
DDResultGetTypeID() is available"
https://bugs.webkit.org/show_bug.cgi?id=184554
https://trac.webkit.org/changeset/230713

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230716 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd bindings code for RemoteDOMWindow
cdumez@apple.com [Tue, 17 Apr 2018 16:59:34 +0000 (16:59 +0000)]
Add bindings code for RemoteDOMWindow
https://bugs.webkit.org/show_bug.cgi?id=184653

Reviewed by Ryosuke Niwa.

Add bindings code for RemoteDOMWindow. A RemoteDOMWindow behaves exactly like a cross-origin
DOMWindow, which is backed by a RemoteDOMWindow object instead of a DOMWindow one. Since
a RemoteDOMWindow is always cross origin, we do not need cross-origin checks and the bindings
code is identical to the DOMWindow code paths from cross-origin handling.

No new tests, this code will be used and tested via Bug 184515.

* CMakeLists.txt:
* DerivedSources.make:
* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSBindingsAllInOne.cpp:
* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
(WebCore::JSDOMWindow::getOwnPropertySlot):
(WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
(WebCore::addCrossOriginWindowOwnPropertyNames):
* bindings/js/JSDOMWindowCustom.h:

* bindings/js/JSRemoteDOMWindowBase.cpp: Added.
(WebCore::JSRemoteDOMWindowBase::JSRemoteDOMWindowBase):
(WebCore::JSRemoteDOMWindowBase::destroy):
(WebCore::JSRemoteDOMWindowBase::javaScriptRuntimeFlags):
(WebCore::toJS):
(WebCore::toJSRemoteDOMWindow):
* bindings/js/JSRemoteDOMWindowBase.h: Added.
JSRemoteDOMWindow unfortunately currently needs to be a global object because of:
1. a JSProxy's target needs to be a JSGlobalObject currently
2. The 'structure()->setGlobalObject(vm, &window);' call in
   JSDOMWindowProxy::setWindow(VM&, JSDOMGlobalObject&) which requires a JSGlobalObject.
Ideally, this wouldn't be the case in the future but this would require some code refactoring.
Our DOM global objects normally subclass JSDOMGlobalObject so I decided to subclass JSDOMGlobalObject,
which brings some things our bindings code expect. However, subclassing JSDOMGlobalObject directly is
problematic because it does not hold the m_wrapped implementation pointer. To address this issue, all
our our DOM global objects have a JS*Base base class which subclasses JSDOMGlobalObject and stores the
m_wrapped implementation pointer. I followed the same pattern here.

(WebCore::toJS):
* bindings/js/JSRemoteDOMWindowCustom.cpp: Added.
(WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
(WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
(WebCore::JSRemoteDOMWindow::put):
(WebCore::JSRemoteDOMWindow::putByIndex):
(WebCore::JSRemoteDOMWindow::deleteProperty):
(WebCore::JSRemoteDOMWindow::deletePropertyByIndex):
(WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
(WebCore::JSRemoteDOMWindow::defineOwnProperty):
(WebCore::JSRemoteDOMWindow::getPrototype):
(WebCore::JSRemoteDOMWindow::preventExtensions):
(WebCore::JSRemoteDOMWindow::toStringName):
* bindings/scripts/CodeGeneratorJS.pm:
(IsDOMGlobalObject):
(GenerateHeader):
(GenerateOverloadDispatcher):
(GenerateImplementation):
* page/RemoteDOMWindow.idl: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230715 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[macOS] Don't establish unneeded Dock connections (Follow-up)
bfulgham@apple.com [Tue, 17 Apr 2018 16:40:42 +0000 (16:40 +0000)]
[macOS] Don't establish unneeded Dock connections (Follow-up)
https://bugs.webkit.org/show_bug.cgi?id=184664
<rdar://problem/16863698>

Reviewed by Per Arne Vollan.

Because the Plugin process is driven by NSApplication's run loop, we aren't
setting the 'don't connect to the dock' setting early enough.

This patch sets the flag in XPCServiceMain for those services that
are linked to AppKit.

* PluginProcess/mac/PluginProcessMac.mm:
(WebKit::PluginProcess::platformInitializeProcess): Remove unneeded code.
* Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.mm:
(main):
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess): Remove unneeded code.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230714 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoImplement checked cast for DDResultRef once DDResultGetTypeID() is available
ddkilzer@apple.com [Tue, 17 Apr 2018 16:28:33 +0000 (16:28 +0000)]
Implement checked cast for DDResultRef once DDResultGetTypeID() is available
<https://webkit.org/b/184554>
<rdar://problem/36241894>

Reviewed by Brent Fulgham.

* editing/cocoa/DataDetection.mm:
(WebCore::detectItemAtPositionWithRange): Implement checked cast
for DDResultRef.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230713 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAnimated GIF imagery with finite looping are falling one loop short
commit-queue@webkit.org [Tue, 17 Apr 2018 16:22:49 +0000 (16:22 +0000)]
Animated GIF imagery with finite looping are falling one loop short
https://bugs.webkit.org/show_bug.cgi?id=183153

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-04-17
Reviewed by Simon Fraser.

Source/WebCore:

The Netscape Looping Application Extension is a block which may be added
to a GIF file to tell the viewer to loop through the entire GIF frames.
This is communicated through two bytes designated for the "loopCount" in
this block.

The entire block may not be found in the GIF, in which case the GIF is
supposed to animate its entire frames only once.

If the block exists and loopCount = 0, this means the image has to loop
through its frames indefinitely.

If the block exist and loopCount > 0, this should mean the image has to
loop through its frames loopCount + 1 times. The extra loop seems to be
the consensus among most of the GIF generators and viewers. For example,
if the image designer wants the image to loop through its frames n times:
-- The GIF generator (e.g. Adobe Photoshop and https://ezgif.com/maker)
   will write n - 1 for loopCount. However http://gifmaker.me and
   http://gifmaker.org write n for loopCount.
-- The browser (e.g. Chrome 65.0.3325 181 and FireFox Quantum 59.0.2) will
   translate loopCount = n - 1 to: animate GIF once + loop n - 1, which
   means loop the GIF n times.

Because the specs are not really clear about this, we are going to consider
the agreed-upon behavior among most of the web browsers the specs here.

* platform/graphics/cg/ImageDecoderCG.cpp:
(WebCore::ImageDecoderCG::repetitionCount const):
* platform/image-decoders/gif/GIFImageDecoder.cpp:
(WebCore::GIFImageDecoder::repetitionCount const):

LayoutTests:

This layout test tests GIF when it has to loop its entire frames a specific
number of times. There are three cases for the loopCount field:
-- loopCount is missing: This means the GIF should animate only once. This
   is covered by animated-red-green-blue-repeat-1.gif.
-- loopCount = 0: This means the image has to animate indefinatly. This
   case is covered by the new GIF animated-red-green-blue-repeat-infinite.gif.
-- loopCount > 0: This will loop the GIF entire frames for (loopCount + 1)
   times. To fix the test with the extra loop, loopCount in
   animated-red-green-blue-repeat-2.gif was changed to 1 instead of 2.

* fast/images/animated-image-loop-count-expected.html:
* fast/images/animated-image-loop-count.html:
* fast/images/resources/animated-red-green-blue-repeat-2.gif:
* fast/images/resources/animated-red-green-blue-repeat-infinite.gif:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230712 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd system trace points for process launch and for initializeWebProcess
sbarati@apple.com [Tue, 17 Apr 2018 15:57:32 +0000 (15:57 +0000)]
Add system trace points for process launch and for initializeWebProcess
https://bugs.webkit.org/show_bug.cgi?id=184669

Reviewed by Simon Fraser.

Source/JavaScriptCore:

* runtime/VMEntryScope.cpp:
(JSC::VMEntryScope::VMEntryScope):
(JSC::VMEntryScope::~VMEntryScope):

Source/WebCore:

No testing needed because there is no new functionality here.

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::provisionalLoadStarted):
(WebCore::FrameLoader::checkLoadCompleteForThisFrame):
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::willSendRequestInternal):
(WebCore::SubresourceLoader::didFinishLoading):
(WebCore::SubresourceLoader::didFail):
(WebCore::SubresourceLoader::didCancel):

Source/WebKit:

* UIProcess/Launcher/ProcessLauncher.cpp:
(WebKit::ProcessLauncher::ProcessLauncher):
(WebKit::ProcessLauncher::didFinishLaunchingProcess):
* WebProcess/WebProcess.cpp:
(WebKit::WebProcess::initializeWebProcess):

Source/WTF:

This patch adds TracePointCodes to measure process launch time and
WebProcess::initializeWebProcess time.

It also renames the TracePoint function to tracePoint since WebKit style
does not capitalize the first letter in function names.

* wtf/SystemTracing.h:
(WTF::tracePoint):
(WTF::TraceScope::TraceScope):
(WTF::TraceScope::~TraceScope):
(WTF::TracePoint): Deleted.

Tools:

* Tracing/SystemTracePoints.plist:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230711 268f45cc-cd09-0410-ab3c-d52691b4dbfc