WebKit-https.git
3 years agoWebAssembly: implement data section
jfbastien@apple.com [Sat, 10 Dec 2016 07:08:31 +0000 (07:08 +0000)]
WebAssembly: implement data section
https://bugs.webkit.org/show_bug.cgi?id=165696

Reviewed by Keith Miller.

As specified in https://github.com/WebAssembly/design/blob/master/BinaryEncoding.md#data-section
Note that some of the interesting corner cases are ill-defined by the spec: https://github.com/WebAssembly/design/issues/897

JSTests:

* wasm/Builder.js: create a data section from JavaScript
* wasm/Builder_WebAssemblyBinary.js: assemble the data section into the proper binary encoding
(const.emitters.Data):
* wasm/js-api/test_Data.js: Added.
(DataSection):
(DataSectionOffTheEnd):
(DataSectionPartlyOffTheEnd):
(DataSectionEmptyOffTheEnd):
(DataSectionSeenByStart):
* wasm/self-test/test_BuilderJSON.js: make sure the JSON structure is fine (this sanity checks before going to binary)

Source/JavaScriptCore:

* wasm/WasmFormat.h: segments are what represent sections of memory to initialize (similar to ELF's non-zero intializer data / rodata)
(JSC::Wasm::Segment::make):
(JSC::Wasm::Segment::destroy):
(JSC::Wasm::Segment::byte):
(JSC::Wasm::Segment::makePtr):
* wasm/WasmModuleParser.cpp: parse the data section, and prevent a few overflows if a user passes in UINT_MAX (the loops would overflow)
(JSC::Wasm::ModuleParser::parseType):
(JSC::Wasm::ModuleParser::parseImport):
(JSC::Wasm::ModuleParser::parseFunction):
(JSC::Wasm::ModuleParser::parseExport):
(JSC::Wasm::ModuleParser::parseCode):
(JSC::Wasm::ModuleParser::parseData):
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::evaluate): the only sensible time to initialize the data section is after linking, but before calling start, I test for this but the spec isn't clear it's correct yet

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209651 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoIt is okay to turn undefined into null because we are producing values for a
commit-queue@webkit.org [Sat, 10 Dec 2016 06:04:28 +0000 (06:04 +0000)]
It is okay to turn undefined into null because we are producing values for a
JSON representation (InspectorValue) and JSON has a `null` value and no
`undefined` value.
https://bugs.webkit.org/show_bug.cgi?id=165506

Patch by Karim H <karim@karhm.com> on 2016-12-09
Reviewed by Darin Adler.

* bindings/ScriptValue.cpp:
(Inspector::jsToInspectorValue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209650 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[Readable Streams API] Implement ReadableByteStreamController desiredSize
commit-queue@webkit.org [Sat, 10 Dec 2016 05:56:13 +0000 (05:56 +0000)]
[Readable Streams API] Implement ReadableByteStreamController desiredSize
https://bugs.webkit.org/show_bug.cgi?id=165599

Patch by Romain Bellessort <romain.bellessort@crf.canon.fr> on 2016-12-09
Reviewed by Darin Adler.

Source/WebCore:

Implemented ReadableByteStreamController attribute desiredSize.

Added test to check desiredSize value.

* Modules/streams/ReadableByteStreamController.js:
(desiredSize):
* Modules/streams/ReadableByteStreamInternals.js:
(readableByteStreamControllerGetDesiredSize):

LayoutTests:

Added test to check ReadableByteStreamController desiredSize value.

* streams/readable-byte-stream-controller-expected.txt: Added expectation for new test.
* streams/readable-byte-stream-controller.js: Added new test for desiredSize.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209649 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agodocument.pointerLockElement exposes a node inside a shadow tree
rniwa@webkit.org [Sat, 10 Dec 2016 05:18:33 +0000 (05:18 +0000)]
document.pointerLockElement exposes a node inside a shadow tree
https://bugs.webkit.org/show_bug.cgi?id=165702

Reviewed by Simon Fraser.

Source/WebCore:

Expose pointerLockElement on ShadowRoot as spec'ed (DocumentOrShadowRoot):
https://w3c.github.io/pointerlock/#extensions-to-the-documentorshadowroot-mixin

Use ancestorElementInThisScope to find the correct node in pointerLockElement.

Tests: fast/shadow-dom/pointerlockelement-in-shadow-tree.html
       fast/shadow-dom/pointerlockelement-in-slot.html

* dom/Document.cpp:
(WebCore::Document::pointerLockElement): Moved to TreeScope.
* dom/Document.h:
* dom/Document.idl: Moved ointerLockElement to DocumentOrShadowRoot.idl.
* dom/DocumentOrShadowRoot.idl: Ditto.
* dom/TreeScope.cpp:
(WebCore::TreeScope::focusedElementInScope): Use documentScope instead of acessing it via m_rootNode.
(WebCore::TreeScope::pointerLockElement): Moved from Document.
* dom/TreeScope.h:

LayoutTests:

Added tests for pointer locks inside a shadow root as well as one assigned to a slot.

* fast/shadow-dom/pointerlockelement-in-shadow-tree-expected.txt: Added.
* fast/shadow-dom/pointerlockelement-in-shadow-tree.html: Added.
* fast/shadow-dom/pointerlockelement-in-slot-expected.txt: Added.
* fast/shadow-dom/pointerlockelement-in-slot.html: Added.
* platform/efl/TestExpectations:
* platform/gtk/TestExpectations:
* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209648 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoREGRESSION (r209554-209571): stress/poly-setter-combo crashing
fpizlo@apple.com [Sat, 10 Dec 2016 04:27:26 +0000 (04:27 +0000)]
REGRESSION (r209554-209571): stress/poly-setter-combo crashing
https://bugs.webkit.org/show_bug.cgi?id=165669

Reviewed by Geoffrey Garen.

We now rely on objects being zero-filled in a bunch of places, not just concurrent GC.
So, we need 32-bit to do it too.

* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_new_object):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209647 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebCore::Timer is not compatible with UIProcess
bfulgham@apple.com [Sat, 10 Dec 2016 03:25:40 +0000 (03:25 +0000)]
WebCore::Timer is not compatible with UIProcess
https://bugs.webkit.org/show_bug.cgi?id=165706
<rdar://problem/29360564>

Reviewed by Andy Estes.

Anders has explained to me (at least twice) that WebCore::Timer must not
be used in UIProcess code. A recent bug fix introduced a WebCore::Timer,
which led to another crash.

This patch switches from WebCore::Timer to WTF::RunLoop::Timer to avoid
the problem.

* UIProcess/Cocoa/NavigationState.h:
* UIProcess/Cocoa/NavigationState.mm:
(WebKit::NavigationState::NavigationState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209646 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoIgnore LayoutTests/imported/w3c/web-platform-tests/config.json
commit-queue@webkit.org [Sat, 10 Dec 2016 03:07:01 +0000 (03:07 +0000)]
Ignore LayoutTests/imported/w3c/web-platform-tests/config.json
https://bugs.webkit.org/show_bug.cgi?id=165685

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-12-09
Reviewed by Ryosuke Niwa.

* web-platform-tests/.gitignore:
Ignore generated user-specific config.json file.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209645 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAdd reflected nonce attribute to HTML Link element IDL
dbates@webkit.org [Sat, 10 Dec 2016 02:53:40 +0000 (02:53 +0000)]
Add reflected nonce attribute to HTML Link element IDL
https://bugs.webkit.org/show_bug.cgi?id=165709

Reviewed by Ryosuke Niwa.

Source/WebCore:

Add the reflected nonce attribute to the HTML Link element IDL definition
as per the HTML standard <https://html.spec.whatwg.org/multipage/semantics.html#the-link-element> (9 December 2016).

Test: fast/dom/nonce-attribute-reflection.html

* html/HTMLLinkElement.idl:

LayoutTests:

Add a test to ensure that we reflect the nonce attribute for the HTML link, script,
and style elements.

* fast/dom/nonce-attribute-reflection-expected.txt: Added.
* fast/dom/nonce-attribute-reflection.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209644 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAnnotate MediaStream and WebRTC idl with EnabledAtRuntime flag
eric.carlson@apple.com [Sat, 10 Dec 2016 02:46:31 +0000 (02:46 +0000)]
Annotate MediaStream and WebRTC idl with EnabledAtRuntime flag
https://bugs.webkit.org/show_bug.cgi?id=165251

Reviewed by Dean Jackson.

Based on a patch by Dr Alex Gouaillard <agouaillard@gmail.com>
Source/JavaScriptCore:

* runtime/CommonIdentifiers.h: Add WebRTC and MediaStream identifiers.

Source/WebCore:

No new tests, covered by existing tests.

* Modules/mediastream/MediaStreamEvent.idl: Add "EnabledAtRuntime".
* Modules/mediastream/NavigatorMediaDevices.idl: Ditto.
* Modules/mediastream/NavigatorUserMedia.idl: Ditto.
* Modules/mediastream/RTCDTMFToneChangeEvent.idl: Ditto.
* Modules/mediastream/RTCIceCandidate.idl: Ditto.
* Modules/mediastream/RTCPeerConnection.idl: Ditto.
* Modules/mediastream/RTCRtpReceiver.idl: Ditto.
* Modules/mediastream/RTCRtpSender.idl: Ditto.
* Modules/mediastream/RTCRtpTransceiver.idl: Ditto.
* Modules/mediastream/RTCSessionDescription.idl: Ditto.
* Modules/mediastream/RTCTrackEvent.idl: Ditto.

* bindings/generic/RuntimeEnabledFeatures.cpp:
(WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures): Set m_isMediaStreamEnabled in the
  constructor instead of in reset() because the later is called by the Internals constructor,
  making it impossible to override the runtime flag from WTR or DRT.
(WebCore::RuntimeEnabledFeatures::reset): Don't set m_isMediaStreamEnabled.
* page/Settings.in: Add peerConnectionEnabled.

Source/WebKit/mac:

* WebView/WebPreferenceKeysPrivate.h: Add MediaStream and PeerConnection preferences.
* WebView/WebPreferences.mm:
(+[WebPreferences initialize]):
(-[WebPreferences mediaStreamEnabled]):
(-[WebPreferences setMediaStreamEnabled:]):
(-[WebPreferences peerConnectionEnabled]):
(-[WebPreferences setPeerConnectionEnabled:]):
* WebView/WebPreferencesPrivate.h:
* WebView/WebView.mm:
(-[WebView _preferencesChanged:]):

Source/WebKit2:

* Shared/WebPreferencesDefinitions.h: Add peerConnectionEnabled.

* UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetPeerConnectionEnabled): Added.
(WKPreferencesGetPeerConnectionEnabled): Added.
* UIProcess/API/C/WKPreferencesRef.h:

* WebProcess/InjectedBundle/InjectedBundle.cpp:
(WebKit::InjectedBundle::overrideBoolPreferenceForTestRunner): Add WebKitMediaStreamEnabled
  and WebKitPeerConnectionEnabled.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences): Initialize the peerConnection preference.

Tools:

* DumpRenderTree/mac/DumpRenderTree.mm:
(resetWebPreferencesToConsistentValues): Enable MediaStream and PeerConnection.

* WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::beginTesting): Ditto.

* WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::setMediaStreamEnabled): New.
(WTR::TestRunner::setPeerConnectionEnabled): New.
* WebKitTestRunner/InjectedBundle/TestRunner.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209643 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly JS API: implement start function
jfbastien@apple.com [Sat, 10 Dec 2016 02:34:02 +0000 (02:34 +0000)]
WebAssembly JS API: implement start function
https://bugs.webkit.org/show_bug.cgi?id=165150

Reviewed by Saam Barati.

JSTests:

* wasm/Builder.js: allow building a .Start()
* wasm/Builder_WebAssemblyBinary.js:
* wasm/js-api/test_Start.js: Added.
(const.emitters.Start): serialize a start section
* wasm/self-test/test_BuilderJSON.js: validate the start section's content

Source/JavaScriptCore:

* wasm/WasmFormat.h: pass the start function around
* wasm/WasmModuleParser.cpp:
(JSC::Wasm::ModuleParser::parseTable): mark unreachable code
(JSC::Wasm::ModuleParser::parseGlobal): mark unreachable code
(JSC::Wasm::ModuleParser::parseStart): mark unreachable code
(JSC::Wasm::ModuleParser::parseElement): mark unreachable code
(JSC::Wasm::ModuleParser::parseData): mark unreachable code
* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction): NFC: call the new function below
(JSC::WebAssemblyFunction::call): separate this out so that the start function can use it
* wasm/js/WebAssemblyFunction.h:
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::visitChildren): visit the start function
(JSC::WebAssemblyModuleRecord::link): handle start function
(JSC::WebAssemblyModuleRecord::evaluate): call the start function, if present
* wasm/js/WebAssemblyModuleRecord.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209642 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRemove QuickLook scheme from the list of secure schemes
dbates@webkit.org [Sat, 10 Dec 2016 02:03:45 +0000 (02:03 +0000)]
Remove QuickLook scheme from the list of secure schemes
https://bugs.webkit.org/show_bug.cgi?id=165699

Reviewed by Andy Estes.

Following r207155 we use a unique origin for QuickLook documents. Unique origins are not
subject to mixed content restrictions. Prior to r207155 QuickLook documents used the
origin from which they were served. We added the QuickLook scheme to the list of secure
schemes as a workaround to avoid mixed content errors when loading subresources in a
QuickLook document served over HTTPS. Now that we use a unique origin for QuickLook
documents we no longer need this workaround.

* platform/SchemeRegistry.cpp:
(WebCore::secureSchemes):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209641 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRe-landing:
beidson@apple.com [Sat, 10 Dec 2016 01:25:53 +0000 (01:25 +0000)]
Re-landing:
Source/WebCore:

Add _WKIconLoadingDelegate SPI.
https://bugs.webkit.org/show_bug.cgi?id=164894

Reviewed by Alex Christensen.

No new tests (Manual testing possible in MiniBrowser now, WKTR tests coming soon in https://bugs.webkit.org/show_bug.cgi?id=164895).

With this client, WebCore will ask the FrameLoaderClient about each icon found in the <head>.

WebKit2 will then ask the embedding app - for each icon - if it wants that icon to load.

For icons the app decides to load, WebKit will pass the data to the app without storing locally.

* WebCore.xcodeproj/project.pbxproj:

* dom/Document.cpp:
(WebCore::Document::implicitClose):

* html/LinkIconCollector.cpp:
(WebCore::iconSize):
(WebCore::compareIcons):
* html/LinkIconCollector.h:

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::startIconLoading):
(WebCore::DocumentLoader::didGetLoadDecisionForIcon):
(WebCore::DocumentLoader::finishedLoadingIcon):
* loader/DocumentLoader.h:

* loader/FrameLoaderClient.h:

* loader/icon/IconLoader.cpp:
(WebCore::IconLoader::IconLoader):
(WebCore::IconLoader::startLoading):
(WebCore::IconLoader::notifyFinished):
* loader/icon/IconLoader.h:

* platform/LinkIcon.h: Copied from Source/WebCore/html/LinkIconCollector.h.
(WebCore::LinkIcon::encode):
(WebCore::LinkIcon::decode):

Source/WebKit2:

Add _WKIconLoadingDelegate SPI.
https://bugs.webkit.org/show_bug.cgi?id=164894

Reviewed by Alex Christensen.

With this client, WebCore will ask the FrameLoaderClient about each icon found in the <head>.

WebKit2 will then ask the embedding app - for each icon - if it wants that icon to load.

For icons the app decides to load, WebKit will pass the data to the app without storing locally.

* UIProcess/API/APIIconLoadingClient.h: Copied from Source/WebCore/html/LinkIconCollector.h.
(API::IconLoadingClient::~IconLoadingClient):
(API::IconLoadingClient::getLoadDecisionForIcon):

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]):
(-[WKWebView _iconLoadingDelegate]):
(-[WKWebView _setIconLoadingDelegate:]):
* UIProcess/API/Cocoa/WKWebViewPrivate.h:

* UIProcess/API/Cocoa/_WKIconLoadingDelegate.h: Copied from Source/WebCore/html/LinkIconCollector.h.

* UIProcess/API/Cocoa/_WKLinkIconParameters.h: Copied from Source/WebCore/html/LinkIconCollector.h.
* UIProcess/API/Cocoa/_WKLinkIconParameters.mm: Copied from Source/WebCore/html/LinkIconCollector.h.
(-[_WKLinkIconParameters _initWithLinkIcon:]):
(-[_WKLinkIconParameters url]):
(-[_WKLinkIconParameters mimeType]):
(-[_WKLinkIconParameters size]):
(-[_WKLinkIconParameters iconType]):
* UIProcess/API/Cocoa/_WKLinkIconParametersInternal.h: Copied from Source/WebCore/html/LinkIconCollector.h.

* UIProcess/Cocoa/IconLoadingDelegate.h: Copied from Source/WebCore/html/LinkIconCollector.h.
* UIProcess/Cocoa/IconLoadingDelegate.mm: Added.
(WebKit::IconLoadingDelegate::IconLoadingDelegate):
(WebKit::IconLoadingDelegate::~IconLoadingDelegate):
(WebKit::IconLoadingDelegate::createIconLoadingClient):
(WebKit::IconLoadingDelegate::delegate):
(WebKit::IconLoadingDelegate::setDelegate):
(WebKit::IconLoadingDelegate::IconLoadingClient::IconLoadingClient):
(WebKit::IconLoadingDelegate::IconLoadingClient::~IconLoadingClient):
(WebKit::IconLoadingDelegate::IconLoadingClient::getLoadDecisionForIcon):

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::setIconLoadingClient):
(WebKit::WebPageProxy::getLoadDecisionForIcon):
(WebKit::WebPageProxy::finishedLoadingIcon):
* UIProcess/WebPageProxy.h:
(WebKit::WebPageProxy::iconLoadingClient):
* UIProcess/WebPageProxy.messages.in:

* WebKit2.xcodeproj/project.pbxproj:

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::useIconLoadingClient):
(WebKit::WebFrameLoaderClient::getLoadDecisionForIcon):
(WebKit::WebFrameLoaderClient::finishedLoadingIcon):
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
(WebKit::WebFrameLoaderClient::setUseIconLoadingClient):

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::didGetLoadDecisionForIcon):
(WebKit::WebPage::setUseIconLoadingClient):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

Tools:

Add _WKIconLoadingDelegate SPI.
https://bugs.webkit.org/show_bug.cgi?id=164894

Reviewed by Alex Christensen.

Add MiniBrowser support for this new SPI, configurable with a setting.

* MiniBrowser/mac/SettingsController.h:
* MiniBrowser/mac/SettingsController.m:
(-[SettingsController _populateMenu]):
(-[SettingsController validateMenuItem:]):
(-[SettingsController loadsAllSiteIcons]):
(-[SettingsController toggleLoadsAllSiteIcons:]):
* MiniBrowser/mac/WK2BrowserWindowController.m:
(-[WK2BrowserWindowController awakeFromNib]):
(-[WK2BrowserWindowController webView:shouldLoadIconWithParameters:completionHandler:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209640 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoFix initialization of contentUpdateFrequency
simon.fraser@apple.com [Sat, 10 Dec 2016 01:24:59 +0000 (01:24 +0000)]
Fix initialization of contentUpdateFrequency
https://bugs.webkit.org/show_bug.cgi?id=165705
rdar://problem/29602039

Reviewed by Tim Horton.

The value that controls web content update frequency was not being initialized.

* UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209639 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoGC might be forced to look at a nuked object due to ordering of AllocatePropertyStora...
fpizlo@apple.com [Sat, 10 Dec 2016 01:22:15 +0000 (01:22 +0000)]
GC might be forced to look at a nuked object due to ordering of AllocatePropertyStorage, MaterializeNewObject, and PutStructure
https://bugs.webkit.org/show_bug.cgi?id=165672

Reviewed by Geoffrey Garen.

We need to make sure that the shady stuff in a property put happens after the
PutByOffset, since the PutByOffset is the place where we materialize. More generally, we
should strive to not have any fenceposts between Nodes where a GC would be illegal.

This gets us most of the way there by separating NukeStructureAndSetButterfly from
[Re]AllocatePropertyStorage. A transitioning put will now look something like:

    GetButterfly
    ReallocatePropertyStorage
    PutByOffset
    NukeStructureAndSetButterfly
    PutStructure

Previously the structure would get nuked by ReallocatePropertyStorage, so if we placed
an object materialization just after it (before the PutByOffset) then any GC that
completed at that safepoint would encounter an unresolved visit race due to seeing a
nuked structure. We cannot have nuked structures at safepoints, and this change makes
sure that we don't - at least until someone tries to sink to the PutStructure. We will
eventually have to create a combined SetStructureAndButterfly node, but we don't need it
yet.

This also fixes a goof where the DFG's AllocatePropertyStorage was nulling the structure
instead of nuking it. This could easily have caused many crashes in GC.

* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handlePutById):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGClobbersExitState.cpp:
(JSC::DFG::clobbersExitState):
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::emitPutByOffset):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGMayExit.cpp:
* dfg/DFGNodeType.h:
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage):
(JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage):
(JSC::DFG::SpeculativeJIT::compileNukeStructureAndSetButterfly):
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGStoreBarrierInsertionPhase.cpp:
* dfg/DFGTypeCheckHoistingPhase.cpp:
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileNukeStructureAndSetButterfly):
(JSC::FTL::DFG::LowerDFGToB3::storageForTransition):
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::reallocatePropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorageWithSizeImpl):
* runtime/Options.cpp:
(JSC::recomputeDependentOptions):
* runtime/Options.h: Fix a bug - make it possible to turn on concurrent GC optionally again.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209638 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDon’t expose pointer lock in WebKit1 Objective-C API
rniwa@webkit.org [Sat, 10 Dec 2016 00:06:10 +0000 (00:06 +0000)]
Don’t expose pointer lock in WebKit1 Objective-C API
https://bugs.webkit.org/show_bug.cgi?id=165692

Reviewed by Simon Fraser.

* DOM/DOMDocument.mm:
(-[DOMDocument pointerLockElement]): Deleted.
(-[DOMDocument exitPointerLock]): Deleted.
* DOM/DOMElement.mm:
(-[DOMElement requestPointerLock]): Deleted.
* DOM/DOMMouseEvent.mm:
(-[DOMMouseEvent movementX]): Deleted.
(-[DOMMouseEvent movementY]): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209637 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoInline JSCell::toObject()
cdumez@apple.com [Fri, 9 Dec 2016 23:37:00 +0000 (23:37 +0000)]
Inline JSCell::toObject()
https://bugs.webkit.org/show_bug.cgi?id=165679

Reviewed by Geoffrey Garen.

Inline JSCell::toObject() as it shows on Speedometer profiles.

* runtime/JSCell.cpp:
(JSC::JSCell::toObjectSlow):
(JSC::JSCell::toObject): Deleted.
* runtime/JSCell.h:
* runtime/JSCellInlines.h:
(JSC::JSCell::toObject):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209636 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoOnce we can send Mach messages again, make sure to send any pending outgoing messages
andersca@apple.com [Fri, 9 Dec 2016 23:30:43 +0000 (23:30 +0000)]
Once we can send Mach messages again, make sure to send any pending outgoing messages
https://bugs.webkit.org/show_bug.cgi?id=165693

Reviewed by Brady Eidson.

* Platform/IPC/mac/ConnectionMac.mm:
(IPC::Connection::initializeSendSource):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209635 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMarking inspector/debugger/csp-exceptions.html as flaky on mac-wk2.
ryanhaddad@apple.com [Fri, 9 Dec 2016 23:22:31 +0000 (23:22 +0000)]
Marking inspector/debugger/csp-exceptions.html as flaky on mac-wk2.
https://bugs.webkit.org/show_bug.cgi?id=165292

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209634 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[Part 2 of 2] Add support for PKCS8 format while doing SubtleCrypto.importKey/exportKey
jiewen_tan@apple.com [Fri, 9 Dec 2016 23:05:29 +0000 (23:05 +0000)]
[Part 2 of 2] Add support for PKCS8 format while doing SubtleCrypto.importKey/exportKey
https://bugs.webkit.org/show_bug.cgi?id=129978
<rdar://problem/21799829>

Reviewed by Brent Fulgham.

LayoutTests/imported/w3c:

* WebCryptoAPI/encrypt_decrypt/test_rsa_oaep-expected.txt:

Source/WebCore:

This is part 2 of Bug 129978. In this patch, it adds the PKCS8 format support for
SubtleCrypto.importKey/exportKey. Currently support algorithms are RSAES-PKCS1-v1_5,
RSASSA-PKCS1-v1_5 and RSA-OAEP.

Tests: crypto/subtle/rsa-import-jwk-key-export-pkcs8-key.html
       crypto/subtle/rsa-import-pkcs8-key-export-jwk-key.html
       crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key.html
       crypto/subtle/rsa-oaep-generate-export-key-pkcs8.html
       crypto/subtle/rsa-oaep-import-pkcs8-key.html
       crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8.html
       crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key.html
       crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8.html
       crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key.html
       crypto/workers/subtle/rsa-export-pkcs8-key.html
       crypto/workers/subtle/rsa-import-pkcs8-key.html

* bindings/js/JSSubtleCryptoCustom.cpp:
(WebCore::toKeyData):
* crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp:
(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey):
(WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::exportKey):
* crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey):
(WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::exportKey):
* crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp:
(WebCore::CryptoAlgorithmRSA_OAEP::importKey):
(WebCore::CryptoAlgorithmRSA_OAEP::exportKey):
* crypto/gnutls/CryptoKeyRSAGnuTLS.cpp:
(WebCore::CryptoKeyRSA::importPkcs8):
(WebCore::CryptoKeyRSA::exportPkcs8):
* crypto/keys/CryptoKeyRSA.h:
* crypto/mac/CryptoKeyRSAMac.cpp:
(WebCore::CryptoKeyRSA::importSpki):
(WebCore::CryptoKeyRSA::importPkcs8):
(WebCore::CryptoKeyRSA::exportPkcs8):

LayoutTests:

* crypto/subtle/import-key-malformed-parameters-expected.txt:
* crypto/subtle/import-key-malformed-parameters.html:
* crypto/subtle/rsa-export-key-malformed-parameters-expected.txt:
* crypto/subtle/rsa-export-key-malformed-parameters.html:
* crypto/subtle/rsa-import-jwk-key-export-pkcs8-key-expected.txt: Added.
* crypto/subtle/rsa-import-jwk-key-export-pkcs8-key.html: Added.
* crypto/subtle/rsa-import-jwk-key-export-spki-key-expected.txt:
* crypto/subtle/rsa-import-jwk-key-export-spki-key.html:
* crypto/subtle/rsa-import-key-malformed-parameters-expected.txt:
* crypto/subtle/rsa-import-key-malformed-parameters.html:
* crypto/subtle/rsa-import-pkcs8-key-export-jwk-key-expected.txt: Added.
* crypto/subtle/rsa-import-pkcs8-key-export-jwk-key.html: Added.
* crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key-expected.txt: Added.
* crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key.html: Added.
* crypto/subtle/rsa-oaep-generate-export-key-pkcs8-expected.txt: Added.
* crypto/subtle/rsa-oaep-generate-export-key-pkcs8.html: Added.
* crypto/subtle/rsa-oaep-import-pkcs8-key-expected.txt: Added.
* crypto/subtle/rsa-oaep-import-pkcs8-key.html: Added.
* crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8-expected.txt: Added.
* crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8.html: Added.
* crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key-expected.txt: Added.
* crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key.html: Added.
* crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8-expected.txt: Added.
* crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8.html: Added.
* crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key-expected.txt: Added.
* crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key.html: Added.
* crypto/workers/subtle/resources/rsa-export-pkcs8-key.js: Added.
* crypto/workers/subtle/resources/rsa-import-pkcs8-key.js: Added.
* crypto/workers/subtle/rsa-export-pkcs8-key-expected.txt: Added.
* crypto/workers/subtle/rsa-export-pkcs8-key.html: Added.
* crypto/workers/subtle/rsa-import-pkcs8-key-expected.txt: Added.
* crypto/workers/subtle/rsa-import-pkcs8-key.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209633 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDeploy OrdinalNumber in JSC::SourceCode
ggaren@apple.com [Fri, 9 Dec 2016 22:59:52 +0000 (22:59 +0000)]
Deploy OrdinalNumber in JSC::SourceCode
https://bugs.webkit.org/show_bug.cgi?id=165687

Reviewed by Michael Saboff.

Source/JavaScriptCore:

We have a lot of confusion between 1-based and 0-based counting in line
and column numbers. Let's use OrdinalNumber to clear up the confusion.

* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
(JSC::UnlinkedFunctionExecutable::link):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitExpressionInfo):
* inspector/JSInjectedScriptHost.cpp:
(Inspector::JSInjectedScriptHost::functionDetails):
* parser/Lexer.cpp:
(JSC::Lexer<T>::setCode):
* parser/Parser.cpp:
(JSC::Parser<LexerType>::Parser):
* parser/Parser.h:
(JSC::Parser<LexerType>::parse):
* parser/SourceCode.h:
(JSC::SourceCode::SourceCode):
(JSC::SourceCode::firstLine):
(JSC::SourceCode::startColumn):
* runtime/CodeCache.cpp:
(JSC::CodeCache::getUnlinkedGlobalCodeBlock):
* runtime/ScriptExecutable.h:
(JSC::ScriptExecutable::firstLine):
(JSC::ScriptExecutable::startColumn):
* tools/CodeProfile.h:
(JSC::CodeProfile::CodeProfile):

Source/WebCore:

Updated for interface changes.

* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::evaluateModule):
* bindings/js/ScriptSourceCode.h:
(WebCore::ScriptSourceCode::startLine):

Source/WTF:

* wtf/text/OrdinalNumber.h:
(WTF::OrdinalNumber::operator>): Added a >.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209632 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWeb Inspector: Frontend should not be resetting TypeProfiler state when switching...
commit-queue@webkit.org [Fri, 9 Dec 2016 22:43:54 +0000 (22:43 +0000)]
Web Inspector: Frontend should not be resetting TypeProfiler state when switching between ContentViews
https://bugs.webkit.org/show_bug.cgi?id=165648

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-12-09
Reviewed by Brian Burg.

* UserInterface/Base/Main.js:
(WebInspector.loaded):
Update all backends when the state changes.

* UserInterface/Views/SourceCodeTextEditor.js:
(WebInspector.SourceCodeTextEditor.prototype._setTypeTokenAnnotatorEnabledState):
(WebInspector.SourceCodeTextEditor.prototype.set _basicBlockAnnotatorEnabled):
Moved this code to when the global Setting (which affects all editors) changes.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209631 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly JS API: implement importing and defining Memory
sbarati@apple.com [Fri, 9 Dec 2016 22:38:39 +0000 (22:38 +0000)]
WebAssembly JS API: implement importing and defining Memory
https://bugs.webkit.org/show_bug.cgi?id=164134

Reviewed by Keith Miller.

JSTests:

* wasm/Builder.js:
(const._importMemoryContinuation.section):
(const._importMemoryContinuation.assert):
(const._importMemoryContinuation):
(const._exportFunctionContinuation.const): Deleted.
(const._exportFunctionContinuation): Deleted.
* wasm/Builder_WebAssemblyBinary.js:
(const.emitters.Import):
* wasm/js-api/test_basic_api.js:
(const.c.in.constructorProperties.switch):
* wasm/js-api/test_memory.js: Added.
(assert):
(binaryShouldNotParse):
(test):
(test.testMemImportError):
* wasm/js-api/test_memory_constructor.js: Added.
(assert):
(throw.new.Error):
(testInvalidSize):
(assert.testInvalidInitial):
(testInvalidInitial.testInvalidMaximum):
(testInvalidInitial):
(testInvalidMaximum):
* wasm/self-test/test_BuilderJSON.js:

Source/JavaScriptCore:

This patch implements the WebAssembly.Memory object. It refactors
the code to now associate a Memory with the instance instead of
the Module.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* jsc.cpp:
(functionTestWasmModuleFunctions):
* runtime/VM.h:
* shell/CMakeLists.txt:
* testWasm.cpp: Removed.
This has bitrotted. I'm removing it.

* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::sizeOfLoadOp):
(JSC::Wasm::createJSToWasmWrapper):
(JSC::Wasm::parseAndCompile):
* wasm/WasmB3IRGenerator.h:
* wasm/WasmFormat.cpp:
(JSC::Wasm::ModuleInformation::~ModuleInformation): Deleted.
* wasm/WasmFormat.h:
* wasm/WasmMemory.cpp:
(JSC::Wasm::Memory::Memory):
* wasm/WasmMemory.h:
(JSC::Wasm::Memory::size):
(JSC::Wasm::Memory::initial):
(JSC::Wasm::Memory::maximum):
(JSC::Wasm::Memory::pinnedRegisters): Deleted.
* wasm/WasmMemoryInformation.cpp: Added.
(JSC::Wasm::MemoryInformation::MemoryInformation):
* wasm/WasmMemoryInformation.h: Added.
(JSC::Wasm::MemoryInformation::MemoryInformation):
(JSC::Wasm::MemoryInformation::pinnedRegisters):
(JSC::Wasm::MemoryInformation::initial):
(JSC::Wasm::MemoryInformation::maximum):
(JSC::Wasm::MemoryInformation::isImport):
(JSC::Wasm::MemoryInformation::operator bool):
* wasm/WasmModuleParser.cpp:
(JSC::Wasm::ModuleParser::parseImport):
(JSC::Wasm::ModuleParser::parseMemoryHelper):
(JSC::Wasm::ModuleParser::parseMemory):
(JSC::Wasm::ModuleParser::parseExport):
* wasm/WasmModuleParser.h:
* wasm/WasmPageCount.h: Added. Implement a new way of describing Wasm
pages and then asking for how many bytes a quantity of pages is. This
class also makes it clear when we're talking about bytes or pages.

(JSC::Wasm::PageCount::PageCount):
(JSC::Wasm::PageCount::bytes):
(JSC::Wasm::PageCount::isValid):
(JSC::Wasm::PageCount::max):
(JSC::Wasm::PageCount::operator bool):
(JSC::Wasm::PageCount::operator<):
(JSC::Wasm::PageCount::operator>):
(JSC::Wasm::PageCount::operator>=):
* wasm/WasmPlan.cpp:
(JSC::Wasm::Plan::run):
* wasm/WasmPlan.h:
(JSC::Wasm::Plan::memory): Deleted.
* wasm/WasmValidate.cpp:
(JSC::Wasm::Validate::hasMemory):
(JSC::Wasm::Validate::Validate):
(JSC::Wasm::validateFunction):
* wasm/WasmValidate.h:
* wasm/generateWasmValidateInlinesHeader.py:
* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::visitChildren):
* wasm/js/JSWebAssemblyInstance.h:
(JSC::JSWebAssemblyInstance::memory):
(JSC::JSWebAssemblyInstance::setMemory):
(JSC::JSWebAssemblyInstance::offsetOfImportFunctions):
(JSC::JSWebAssemblyInstance::allocationSize):
* wasm/js/JSWebAssemblyMemory.cpp:
(JSC::JSWebAssemblyMemory::create):
(JSC::JSWebAssemblyMemory::JSWebAssemblyMemory):
(JSC::JSWebAssemblyMemory::buffer):
(JSC::JSWebAssemblyMemory::visitChildren):
* wasm/js/JSWebAssemblyMemory.h:
(JSC::JSWebAssemblyMemory::memory):
* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction):
* wasm/js/WebAssemblyInstanceConstructor.cpp:
Handle importing and creating of memory according
to the spec. This also does the needed validation
of making sure the memory defined in the module
is compatible with the imported memory.

(JSC::constructJSWebAssemblyInstance):
* wasm/js/WebAssemblyMemoryConstructor.cpp:
(JSC::constructJSWebAssemblyMemory):
(JSC::callJSWebAssemblyMemory):
* wasm/js/WebAssemblyMemoryPrototype.cpp:
(JSC::webAssemblyMemoryProtoFuncBuffer):
(JSC::WebAssemblyMemoryPrototype::create):
(JSC::WebAssemblyMemoryPrototype::finishCreation):
* wasm/js/WebAssemblyMemoryPrototype.h:
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::finishCreation):
(JSC::WebAssemblyModuleRecord::link):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209630 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWeb Inspector: Some resources fetched via Fetch API do not have data
joepeck@webkit.org [Fri, 9 Dec 2016 22:12:08 +0000 (22:12 +0000)]
Web Inspector: Some resources fetched via Fetch API do not have data
https://bugs.webkit.org/show_bug.cgi?id=165230
<rdar://problem/29449220>

Reviewed by Alex Christensen.

Source/JavaScriptCore:

* inspector/protocol/Page.json:
Add new Fetch Page.ResourceType.

Source/WebCore:

Tests: http/tests/inspector/network/fetch-response-body.html
       http/tests/inspector/network/xhr-response-body.html

* platform/network/ResourceRequestBase.h:
Distinguish Fetch requests.

* Modules/fetch/FetchRequest.cpp:
(WebCore::FetchRequest::initializeWith):
Set the requester type as Fetch.

* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::didReceiveResponse):
* loader/DocumentThreadableLoader.h:
* inspector/InspectorInstrumentation.cpp:
(WebCore::InspectorInstrumentation::didReceiveThreadableLoaderResponseImpl):
(WebCore::InspectorInstrumentation::didReceiveXHRResponseImpl): Deleted.
* inspector/InspectorInstrumentation.h:
(WebCore::InspectorInstrumentation::didReceiveResourceResponse):
(WebCore::InspectorInstrumentation::didReceiveThreadableLoaderResponse):
(WebCore::InspectorInstrumentation::didReceiveXHRResponse): Deleted.
* inspector/InspectorNetworkAgent.cpp:
(WebCore::InspectorNetworkAgent::didReceiveThreadableLoaderResponse):
(WebCore::InspectorNetworkAgent::didFinishXHRLoading):
(WebCore::InspectorNetworkAgent::didReceiveXHRResponse): Deleted.
Add a generic way for a ThreadableLoader load to update the type of a network request.
This will include both XHR and Fetch requests.

* inspector/InspectorPageAgent.cpp:
(WebCore::hasTextContent):
(WebCore::createXHRTextDecoder):
(WebCore::InspectorPageAgent::resourceTypeJson):
(WebCore::InspectorPageAgent::cachedResourceType):
(WebCore::InspectorPageAgent::createTextDecoder):
(WebCore::textContentForCachedResource):
* inspector/InspectorPageAgent.h:
* inspector/NetworkResourcesData.cpp:
(WebCore::createOtherResourceTextDecoder): Deleted.
Share the logic that creates a Text Decoders for XHR with other non-buffered requests
(like Fetch). This moves us to identical behavior for now.

* platform/MIMETypeRegistry.cpp:
(WebCore::MIMETypeRegistry::isSupportedJSONMIMEType):
(WebCore::MIMETypeRegistry::isTextMIMEType):
* platform/MIMETypeRegistry.h:
Better detect different JSON content based on MIME Type.

Source/WebInspectorUI:

* Localizations/en.lproj/localizedStrings.js:
New "Fetch" and "Fetches" localized strings.

* UserInterface/Models/Resource.js:
(WebInspector.Resource.displayNameForType):
* UserInterface/Models/ResourceCollection.js:
(WebInspector.ResourceCollection.verifierForType):
* UserInterface/Views/CollectionContentView.js:
(WebInspector.CollectionContentView):
* UserInterface/Views/ResourceClusterContentView.js:
(WebInspector.ResourceClusterContentView.prototype.get responseContentView):
* UserInterface/Views/ResourceTreeElement.js:
(WebInspector.ResourceTreeElement.compareResourceTreeElements):
New ResourceType.Fetch. Behave like XHR in most places.

LayoutTests:

* http/tests/inspector/network/fetch-response-body-expected.txt: Added.
* http/tests/inspector/network/fetch-response-body.html: Added.
* http/tests/inspector/network/resources/data.html: Added.
* http/tests/inspector/network/resources/data.json: Added.
* http/tests/inspector/network/resources/data.svg: Added.
* http/tests/inspector/network/resources/data.txt: Added.
* http/tests/inspector/network/resources/echo.php: Added.
* http/tests/inspector/network/xhr-response-body-expected.txt: Added.
* http/tests/inspector/network/xhr-response-body.html: Added.
Tests for viewing content of XHR and Fetch requested resources
with different kinds of content.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209629 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agodocument.webkitFullscreenElement leaks elements inside a shadow tree
rniwa@webkit.org [Fri, 9 Dec 2016 22:06:29 +0000 (22:06 +0000)]
document.webkitFullscreenElement leaks elements inside a shadow tree
https://bugs.webkit.org/show_bug.cgi?id=158471

Reviewed by Chris Dumez.

Source/WebCore:

Fixed the bug by calling the newly added ancestorElementInThisScope in webkitCurrentFullScreenElementForBindings
and webkitFullscreenElementForBinding.

The specification (https://fullscreen.spec.whatwg.org/#dom-document-fullscreenelement) uses "the result of
retargeting fullscreen element" and returns null if the result is not in the same tree as the context object.

This is equivalent to the algorithm implemented by ancestorElementInThisScope. Observe that the retargeting
algorithm (https://dom.spec.whatwg.org/#retarget) finds the lowest common tree scope of the retargetee and
the context object. There are two cases to consider.

1. The context object's tree scope is the lowest common tree scope: In this case, an ancestor shadow host or
the retargetee itself is in this tree scope. It's sufficient traverse every shadow host to find the one that
resides in the same tree scope as the context object. This is precisely what ancestorElementInThisScope does.

2. The context object's tree scope is not the lowest common tree scope: In this case, the context object is
inside a shadow tree whose ancestor shadow host is in the lowest common tree scope. In this case, retargeting
algorithm finds a node which is not in the same tree as the context object. Thus, the result is null.
ancestorElementInThisScope traveres ancestor shadow hosts and returns null if no shadow host's tree scope
matches that of the context object's tree scope. Thus, it would return null in this case as desired.

Also renamed TreeScope::focusedElement to focusedElementInScope for clarity since Document which inherits
from TreeScope also has a distinct member function named focusedElement called by TreeScope::focusedElement,
and used ancestorElementInThisScope since it uses the same algorithm.

Tests: fast/shadow-dom/activeElement-for-focused-element-in-another-shadow.html
       fast/shadow-dom/blur-on-shadow-host-with-focused-shadow-content.html
       fast/shadow-dom/fullscreen-in-shadow-fullscreenElement.html
       fast/shadow-dom/fullscreen-in-shadow-webkitCurrentFullScreenElement.html
       fast/shadow-dom/fullscreen-in-slot-fullscreenElement.html
       fast/shadow-dom/fullscreen-in-slot-webkitCurrentFullScreenElement.html

* dom/Document.cpp:
(WebCore::Document::removeFocusedNodeOfSubtree):
(WebCore::Document::activeElement):
* dom/Document.h:
(WebCore::Document::webkitCurrentFullScreenElementForBindings): Added.
(WebCore::Document::webkitFullscreenElementForBindings): Added.
* dom/Document.idl:
* dom/Element.cpp:
(WebCore::Element::blur):
* dom/ShadowRoot.h:
(WebCore::ShadowRoot::activeElement):
* dom/TreeScope.cpp:
(WebCore::TreeScope::ancestorNodeInThisScope): Renamed from ancestorInThisScope for clarity.
(WebCore::TreeScope::ancestorElementInThisScope):
(WebCore::TreeScope::focusedElementInScope): Renamed from focusedElement to disambiguate it from Document's
focusedElement.
* dom/TreeScope.h:
* editing/VisibleSelection.cpp:
(WebCore::adjustPositionForEnd):
(WebCore::adjustPositionForStart):
* editing/htmlediting.cpp:
(WebCore::comparePositions):
(WebCore::firstEditablePositionAfterPositionInRoot):
(WebCore::lastEditablePositionBeforePositionInRoot):
* page/DOMSelection.cpp:
(WebCore::selectionShadowAncestor):
(WebCore::DOMSelection::shadowAdjustedNode):
(WebCore::DOMSelection::shadowAdjustedOffset):
* rendering/HitTestResult.cpp:
(WebCore::HitTestResult::addNodeToRectBasedTestResult): Added a FIXME here since this is clearly wrong for
shadow trees created by author scripts.

Source/WebKit/mac:

Use the API for bindings to avoid exposing nodes inside a shadow tree.

* DOM/DOMDocument.mm:
(-[DOMDocument webkitCurrentFullScreenElement]):
(-[DOMDocument webkitFullscreenElement]):

LayoutTests:

Added tests for calling webkitFullscreenElement and webkitCurrentFullScreenElement on a fullscreened element
to make sure they return the shadow host instead.

Also added two unrelated test cases for temporal regressions I introduced while working on this patch.

Skip the fullscreen tests on iOS WK2 since eventSender doesn't work there.

* fast/shadow-dom/activeElement-for-focused-element-in-another-shadow-expected.txt: Added.
* fast/shadow-dom/activeElement-for-focused-element-in-another-shadow.html: Added.
* fast/shadow-dom/blur-on-shadow-host-with-focused-shadow-content-expected.txt: Added.
* fast/shadow-dom/blur-on-shadow-host-with-focused-shadow-content.html: Added.
* fast/shadow-dom/fullscreen-in-shadow-fullscreenElement-expected.txt: Added.
* fast/shadow-dom/fullscreen-in-shadow-fullscreenElement.html: Added.
* fast/shadow-dom/fullscreen-in-shadow-webkitCurrentFullScreenElement-expected.txt: Added.
* fast/shadow-dom/fullscreen-in-shadow-webkitCurrentFullScreenElement.html: Added.
* fast/shadow-dom/fullscreen-in-slot-fullscreenElement-expected.txt: Added.
* fast/shadow-dom/fullscreen-in-slot-fullscreenElement.html: Added.
* fast/shadow-dom/fullscreen-in-slot-webkitCurrentFullScreenElement-expected.txt: Added.
* fast/shadow-dom/fullscreen-in-slot-webkitCurrentFullScreenElement.html: Added.
* platform/ios-simulator-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209628 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoTextPosition and OrdinalNumber should be more like idiomatic numbers
ggaren@apple.com [Fri, 9 Dec 2016 22:04:14 +0000 (22:04 +0000)]
TextPosition and OrdinalNumber should be more like idiomatic numbers
https://bugs.webkit.org/show_bug.cgi?id=165678

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

Adopt default constructor.

* API/JSBase.cpp:
(JSEvaluateScript):
(JSCheckScriptSyntax):
* API/JSObjectRef.cpp:
(JSObjectMakeFunction):
* API/JSScriptRef.cpp:
(OpaqueJSScript::OpaqueJSScript):
* jsc.cpp:
(functionCheckModuleSyntax):
* parser/SourceCode.h:
(JSC::makeSource):
* parser/SourceProvider.h:
(JSC::StringSourceProvider::create):
(JSC::WebAssemblySourceProvider::WebAssemblySourceProvider):
* runtime/FunctionConstructor.cpp:
(JSC::constructFunction):
* runtime/ModuleLoaderPrototype.cpp:
(JSC::moduleLoaderPrototypeParseModule):

Source/WebCore:

* bindings/js/CachedScriptSourceProvider.h:
(WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):
* bindings/js/JSEventListener.h:
(WebCore::JSEventListener::sourcePosition):
* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::JSLazyEventListener):
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::eventHandlerPosition):
* bindings/js/ScriptSourceCode.h:
(WebCore::ScriptSourceCode::ScriptSourceCode):
* css/CSSStyleSheet.cpp:
(WebCore::CSSStyleSheet::create):
* dom/ScriptElement.h:
* html/parser/HTMLTreeBuilder.cpp:
(WebCore::uninitializedPositionValue1):
* inspector/InspectorStyleSheet.cpp:
(WebCore::InspectorStyleSheet::buildObjectForStyleSheetInfo): Adopt
default construtor.

* xml/XMLErrors.cpp:
(WebCore::XMLErrors::XMLErrors):
(WebCore::XMLErrors::handleError):
* xml/XMLErrors.h: Use std::optional instead of belowRangePosition()
because in-band signaling is harder to reason about.

* xml/parser/XMLDocumentParserLibxml2.cpp:
(WebCore::XMLDocumentParser::textPosition): Adopt default constructor.

Source/WebKit/win:

Adopt default constructor.

* Plugins/PluginPackage.cpp:
(WebCore::makeSource):

Source/WTF:

* wtf/text/TextPosition.h:
(WTF::TextPosition::minimumPosition): Deleted. Just use the default
constructor. Other numbers use their default constructors to mean zero.

Any time you need a comment that says "used as a default value", that's
a pretty good indicator that it should be the default constructor.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209627 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoPassword fields should not show the emoji button in TouchBar
bdakin@apple.com [Fri, 9 Dec 2016 22:00:28 +0000 (22:00 +0000)]
Password fields should not show the emoji button in TouchBar
https://bugs.webkit.org/show_bug.cgi?id=165673
-and corresponding-
rdar://problem/29235739

Reviewed by Wenson Hsieh.

Source/WebKit/mac:

This patch adds a new ivar for the password touch bar and password
candidateListTouchBarItem. Since this TouchBar will actually have a different set
of identifiers than the plain text TouchBar, it should just have its own variable.

The candidate list should be the only item for passwords.
* WebView/WebView.mm:
(-[WebView _passwordTextTouchBarDefaultItemIdentifiers]):

Account for _passwordTextTouchBar.
(-[WebView didChangeAutomaticTextCompletion:]):
(-[WebView setUpTextTouchBar:]):
(-[WebView textTouchBar]):

The empty candidates array is not needed. We can just set @[ ] as the candidates
for the _passwordTextCandidateListTouchBarItem. Safe guards already exist in the
other parts of the code to prevent us from requesting or setting other candidates
when in a password field.
(-[WebView updateTextTouchBar]):

Account for _passwordTextTouchBar.
(-[WebView candidateList]):
* WebView/WebViewData.h:

Source/WebKit2:

This patch adds a new member variable for the password touch bar and password
candidateListTouchBarItem. Since this TouchBar will actually have a different set
of identifiers than the plain text TouchBar, it should just have its own variable.
* UIProcess/Cocoa/WebViewImpl.h:
* UIProcess/Cocoa/WebViewImpl.mm:

Return m_passwordTextCandidateListTouchBarItem when appropriate.
(WebKit::WebViewImpl::candidateListTouchBarItem):

The candidate list should be the only item for passwords.
(WebKit::passwordTextTouchBarDefaultItemIdentifiers):

Account for m_passwordTextTouchBar.
(WebKit::WebViewImpl::updateTouchBarAndRefreshTextBarIdentifiers):
(WebKit::WebViewImpl::setUpTextTouchBar):
(WebKit::WebViewImpl::textTouchBar):

The empty candidates array is not needed. We can just set @[ ] as the candidates
for the m_passwordTextCandidateListTouchBarItem. Safe guards already exist in the
other parts of the code to prevent us from requesting or setting other candidates
when in a password field.
(WebKit::WebViewImpl::updateTextTouchBar):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209626 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoFix string specification in print format
krollin@apple.com [Fri, 9 Dec 2016 21:59:21 +0000 (21:59 +0000)]
Fix string specification in print format
https://bugs.webkit.org/show_bug.cgi?id=165650

Reviewed by Alex Christensen.

Change "%{public}s" string specifier to something that can be changed
to "%s" at compile time when the build environment doesn't support the
former.

* NetworkProcess/capture/NetworkCaptureLogging.h:
* NetworkProcess/capture/NetworkCaptureManager.cpp:
(WebKit::NetworkCapture::Manager::initialize):
(WebKit::NetworkCapture::Manager::findMatch):
(WebKit::NetworkCapture::Manager::findExactMatch):
(WebKit::NetworkCapture::Manager::findBestFuzzyMatch):
(WebKit::NetworkCapture::Manager::fuzzyMatchURLs):
(WebKit::NetworkCapture::Manager::logPlayedBackResource):
(WebKit::NetworkCapture::Manager::openCacheFile):
(WebKit::NetworkCapture::Manager::getLine):
* NetworkProcess/capture/NetworkCaptureRecorder.cpp:
(WebKit::NetworkCapture::Recorder::recordRequestSent):
(WebKit::NetworkCapture::Recorder::recordResponseReceived):
(WebKit::NetworkCapture::Recorder::recordRedirectReceived):
(WebKit::NetworkCapture::Recorder::recordRedirectSent):
(WebKit::NetworkCapture::Recorder::writeEvents):
* NetworkProcess/capture/NetworkCaptureResource.cpp:
(WebKit::NetworkCapture::Resource::url):
(WebKit::NetworkCapture::Resource::EventStream::nextEvent):
* NetworkProcess/capture/NetworkDataTaskReplay.cpp:
(WebKit::NetworkCapture::NetworkDataTaskReplay::NetworkDataTaskReplay):
(WebKit::NetworkCapture::NetworkDataTaskReplay::~NetworkDataTaskReplay):
(WebKit::NetworkCapture::NetworkDataTaskReplay::resume):
(WebKit::NetworkCapture::NetworkDataTaskReplay::suspend):
(WebKit::NetworkCapture::NetworkDataTaskReplay::complete):
(WebKit::NetworkCapture::NetworkDataTaskReplay::invalidateAndCancel):
(WebKit::NetworkCapture::NetworkDataTaskReplay::enqueueEventHandler):
(WebKit::NetworkCapture::NetworkDataTaskReplay::replayRequestSent):
(WebKit::NetworkCapture::NetworkDataTaskReplay::replayResponseReceived):
(WebKit::NetworkCapture::NetworkDataTaskReplay::replayRedirectReceived):
(WebKit::NetworkCapture::NetworkDataTaskReplay::replayRedirectSent):
(WebKit::NetworkCapture::NetworkDataTaskReplay::replayDataReceived):
(WebKit::NetworkCapture::NetworkDataTaskReplay::replayFinished):
(WebKit::NetworkCapture::NetworkDataTaskReplay::didReceiveResponse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209625 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebView doesn't become first responder in element fullscreen.
commit-queue@webkit.org [Fri, 9 Dec 2016 20:54:16 +0000 (20:54 +0000)]
WebView doesn't become first responder in element fullscreen.
https://bugs.webkit.org/show_bug.cgi?id=165664
rdar://problem/28927252

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-12-09
Reviewed by Tim Horton.

WebView was being set as the first responder while the contentView was still hidden.
A view can not become first responder while it or its ancestor is hidden.

This change waits until after the contentView is visible to make the web view the first responder.

* UIProcess/mac/WKFullScreenWindowController.mm:
(-[WKFullScreenWindowController enterFullScreen:]):
(-[WKFullScreenWindowController _startEnterFullScreenAnimationWithDuration:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209624 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, disable concurrent GC for real.
fpizlo@apple.com [Fri, 9 Dec 2016 19:49:50 +0000 (19:49 +0000)]
Unreviewed, disable concurrent GC for real.

* runtime/Options.cpp:
(JSC::recomputeDependentOptions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209623 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, disable concurrent GC while crashes get investigated.
fpizlo@apple.com [Fri, 9 Dec 2016 19:49:07 +0000 (19:49 +0000)]
Unreviewed, disable concurrent GC while crashes get investigated.

* runtime/Options.cpp:
(JSC::recomputeDependentOptions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209622 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoJSSegmentedVariableObject should keep its state private
fpizlo@apple.com [Fri, 9 Dec 2016 19:48:12 +0000 (19:48 +0000)]
JSSegmentedVariableObject should keep its state private

Rubber stamped by Michael Saboff.

Its state fields were protected for no reason. They really should be private because
you have to know to obey a particular concurrency protocol when accessing them.

* runtime/JSSegmentedVariableObject.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209621 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[Cocoa] Validation message for required checkbox doesn’t conform the the Apple Style...
cdumez@apple.com [Fri, 9 Dec 2016 19:42:43 +0000 (19:42 +0000)]
[Cocoa] Validation message for required checkbox doesn’t conform the the Apple Style Guide
https://bugs.webkit.org/show_bug.cgi?id=165661

Reviewed by Dan Bernstein.

Source/WebCore:

Update validation message as per Apple Style Guide.

* English.lproj/Localizable.strings:
* platform/LocalizedStrings.cpp:
(WebCore::validationMessageValueMissingForCheckboxText):

LayoutTests:

Update / rebaseline tests.

* fast/forms/ios/validation-bubble-dismiss-on-tap-expected.txt:
* fast/forms/ios/validation-bubble-dismiss-on-tap.html:
* fast/forms/validation-messages-expected.txt:
* fast/forms/validation-messages.html:
* platform/ios-simulator-wk2/fast/forms/validation-messages-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209620 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, followup after r209598.
jiewen_tan@apple.com [Fri, 9 Dec 2016 19:41:53 +0000 (19:41 +0000)]
Unreviewed, followup after r209598.

* platform/mac-wk1/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209619 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMoved OrdinalNumber into its own file
ggaren@apple.com [Fri, 9 Dec 2016 19:22:44 +0000 (19:22 +0000)]
Moved OrdinalNumber into its own file
https://bugs.webkit.org/show_bug.cgi?id=165663

Reviewed by Saam Barati.

* WTF.xcodeproj/project.pbxproj:
* wtf/text/OrdinalNumber.h: Copied from Source/WTF/wtf/text/TextPosition.h.
(WTF::TextPosition::TextPosition): Deleted.
(WTF::TextPosition::operator==): Deleted.
(WTF::TextPosition::operator!=): Deleted.
(WTF::TextPosition::minimumPosition): Deleted.
(WTF::TextPosition::belowRangePosition): Deleted.
* wtf/text/TextPosition.h:
(WTF::OrdinalNumber::fromZeroBasedInt): Deleted.
(WTF::OrdinalNumber::fromOneBasedInt): Deleted.
(WTF::OrdinalNumber::OrdinalNumber): Deleted.
(WTF::OrdinalNumber::zeroBasedInt): Deleted.
(WTF::OrdinalNumber::oneBasedInt): Deleted.
(WTF::OrdinalNumber::operator==): Deleted.
(WTF::OrdinalNumber::operator!=): Deleted.
(WTF::OrdinalNumber::first): Deleted.
(WTF::OrdinalNumber::beforeFirst): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209618 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoASSERTION FAILED: !beforeChild->isRubyRun() in WebCore::RenderRubyAsBlock::addChild
zalan@apple.com [Fri, 9 Dec 2016 18:50:34 +0000 (18:50 +0000)]
ASSERTION FAILED: !beforeChild->isRubyRun() in WebCore::RenderRubyAsBlock::addChild
https://bugs.webkit.org/show_bug.cgi?id=141433
<rdar://problem/27711351>

Reviewed by Dean Jackson.

Source/WebCore:

Do not try to inject the list marker into a block ruby subtree. Have it as the sibling
of the ruby instead (with an anonymous block wrapper ofc).

Test: fast/ruby/assert-with-listitem-and-block-ruby.html

* rendering/RenderListItem.cpp:
(WebCore::getParentOfFirstLineBox):

LayoutTests:

* fast/ruby/assert-with-listitem-and-block-ruby-expected.txt: Added.
* fast/ruby/assert-with-listitem-and-block-ruby.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209617 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoFix the 32-bit build.
ryanhaddad@apple.com [Fri, 9 Dec 2016 18:29:42 +0000 (18:29 +0000)]
Fix the 32-bit build.

Unreviewed build fix.

* MiniBrowser/mac/SettingsController.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209616 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[Modern Media Controls] Implement the pageScaleFactor property
graouts@webkit.org [Fri, 9 Dec 2016 18:28:21 +0000 (18:28 +0000)]
[Modern Media Controls] Implement the pageScaleFactor property
https://bugs.webkit.org/show_bug.cgi?id=165660

Reviewed by Dean Jackson.

Source/WebCore:

We implement the pageScaleFactor property on MediaController. This property is set
by the HTMLMediaElement when the page scale factor changes, and we only choose to handle
it on iOS by setting controlsDependOnPageScaleFactor to true on the MediaControlsHost.

To do so, we now size the media controls by multiplying the layout size of the media by
the page scale factor, and apply an inverse CSS zoom on the media controls themselves.

Test: media/modern-media-controls/media-controller/media-controller-scale-factor.html

* Modules/modern-media-controls/controls/media-controls.css:
(.media-controls-container,):
* Modules/modern-media-controls/controls/media-controls.js:
(MediaControls.prototype.get scaleFactor):
(MediaControls.prototype.set scaleFactor):
(MediaControls.prototype.commitProperty):
* Modules/modern-media-controls/media/media-controller.js:
(MediaController):
(MediaController.prototype.set pageScaleFactor):
(MediaController.prototype._updateControlsSize):
* html/HTMLMediaElement.cpp:
(WebCore::controllerJSValue):
(WebCore::HTMLMediaElement::setControllerJSProperty):

We no longer hit a JSC assertion when trying to set the pageScaleFactor property before
the JS controller was actually created.

LayoutTests:

Add a new test to check that we correctly zoom and size the media controls when the page
scale factor is a value other than 1.

* media/modern-media-controls/media-controller/media-controller-scale-factor-expected.txt: Added.
* media/modern-media-controls/media-controller/media-controller-scale-factor.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209615 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAttempt to fix the Mac CMake build following <http://trac.webkit.org/changeset/209549>
dbates@webkit.org [Fri, 9 Dec 2016 18:27:50 +0000 (18:27 +0000)]
Attempt to fix the Mac CMake build following <trac.webkit.org/changeset/209549>
(https://bugs.webkit.org/show_bug.cgi?id=165572)

Add directory html/canvas to the list of forwarding headers directories so that
the Legacy WebKit Objective-C DOM binding DOMHTMLCanvasElement.mm can ultimately
include header WebGLContextAttributes.h.

* PlatformMac.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209614 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoLinkIconCollector refactoring.
beidson@apple.com [Fri, 9 Dec 2016 18:21:30 +0000 (18:21 +0000)]
LinkIconCollector refactoring.
https://bugs.webkit.org/show_bug.cgi?id=165657

Reviewed by Dean Jackson.

No new tests (Refactor, no behavior change)

* WebCore.xcodeproj/project.pbxproj:

* html/LinkIconCollector.cpp:
(WebCore::iconSize):
(WebCore::compareIcons):
* html/LinkIconCollector.h:

* platform/LinkIcon.h: Move outside of LinkIconCollector for future expandability.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209613 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, rolling out r209574.
ryanhaddad@apple.com [Fri, 9 Dec 2016 18:12:31 +0000 (18:12 +0000)]
Unreviewed, rolling out r209574.

This change broke the Windows build.

Reverted changeset:

"[WebIDL] Remove custom bindings for Geolocation"
https://bugs.webkit.org/show_bug.cgi?id=165625
http://trac.webkit.org/changeset/209574

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209612 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoFedora also needs a PHP7 config file alternative
commit-queue@webkit.org [Fri, 9 Dec 2016 17:57:39 +0000 (17:57 +0000)]
Fedora also needs a PHP7 config file alternative
https://bugs.webkit.org/show_bug.cgi?id=165606

Patch by Gustavo Noronha Silva <gustavo.noronha@collabora.co.uk> on 2016-12-09
Reviewed by Michael Catanzaro.

Tools:

* Scripts/webkitpy/port/base.py:
(Port._is_fedora_php_version_7): check for the php7 library.
(Port._fedora_php_version): get the appropriate filename for Fedora.
(Port._apache_config_file_name_for_platform):

LayoutTests:

* http/conf/fedora-httpd-2.4-php7.conf: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209611 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoCustom Elements from a different document are not customized when created with innerHTML
rniwa@webkit.org [Fri, 9 Dec 2016 17:54:56 +0000 (17:54 +0000)]
Custom Elements from a different document are not customized when created with innerHTML
https://bugs.webkit.org/show_bug.cgi?id=165617

Reviewed by Antti Koivisto.

Source/WebCore:

The bug was caused by a superflous null check on window in createHTMLElementOrFindCustomElementInterface.
Removed the nullcheck to fix the bug.

Test: fast/custom-elements/adopting-from-frameless-document.html

* html/parser/HTMLConstructionSite.cpp:
(WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):

LayoutTests:

Added a W3C style testharness.js test.

* fast/custom-elements/adopting-from-frameless-document-expected.txt: Added.
* fast/custom-elements/adopting-from-frameless-document.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209610 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoComplete the revert of r208865.
ryanhaddad@apple.com [Fri, 9 Dec 2016 17:45:29 +0000 (17:45 +0000)]
Complete the revert of r208865.
https://bugs.webkit.org/show_bug.cgi?id=164894

Unreviewed build fix.

* MiniBrowser/mac/SettingsController.h:
* MiniBrowser/mac/SettingsController.m:
(-[SettingsController _populateMenu]):
(-[SettingsController validateMenuItem:]):
(-[SettingsController loadsAllSiteIcons]): Deleted.
(-[SettingsController toggleLoadsAllSiteIcons:]): Deleted.
* MiniBrowser/mac/WK2BrowserWindowController.m:
(-[WK2BrowserWindowController awakeFromNib]):
(-[WK2BrowserWindowController webView:shouldLoadIconWithParameters:completionHandler:]): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209609 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[CSP] Policy of window opener not applied to about:blank window
dbates@webkit.org [Fri, 9 Dec 2016 17:27:25 +0000 (17:27 +0000)]
[CSP] Policy of window opener not applied to about:blank window
https://bugs.webkit.org/show_bug.cgi?id=165531
<rdar://problem/29426639>

Reviewed by Brent Fulgham.

Source/WebCore:

Fixes an issue where the content security policy of the opener document was not applied to
an about:blank window.

An about:blank window inherits its security origin from its opener document. It should also
copy (inherit) the ContentSecurityPolicy from its opener document. When copying the ContentSecurityPolicy
state from the opener document to the about:blank document we must take care to avoid copying
any upgrade-insecure-request directive because new windows should not inherit it by definition.
With respect to upgrade-insecure-requests, new windows should only inherit the insecure navigation set
from their opener document.

Test: http/tests/security/contentSecurityPolicy/image-blocked-in-about-blank-window.html

* dom/Document.cpp:
(WebCore::Document::initContentSecurityPolicy): Copy the ContentSecurityPolicy state from the
owner document to this document when it inherits its security origin from its owner. An about:blank
window is one example of a document that inherits its security origin from its owner.
* loader/WorkerThreadableLoader.cpp:
(WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Call ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom()
to copy the upgrade insecure requests state from the owner document to the worker now that
ContentSecurityPolicy::copyStateFrom() no longer does this.
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::copyStateFrom): Do not copy the upgrade insecure request state.
Callers are now responsible for calling ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom()
to copy this state.
* page/csp/ContentSecurityPolicyDirectiveList.cpp:
(WebCore::ContentSecurityPolicyDirectiveList::parse): Ignore directive upgrade-insecure-requests when
inheriting ContentSecurityPolicy state as this directive as the Upgrade Insecure Requests feature has
its own inheritance semantics that differ from the semantics of copying a ContentSecurityPolicy object.
* xml/XSLTProcessor.cpp:
(WebCore::XSLTProcessor::createDocumentFromSource): Call ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom()
to copy the upgrade insecure requests state from the original document to the transformed document now
that ContentSecurityPolicy::copyStateFrom() no longer does this.

LayoutTests:

Add a test to ensure that an about:blank window inherits the CSP policy of its
opener document.

* http/tests/security/contentSecurityPolicy/image-blocked-in-about-blank-window-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/image-blocked-in-about-blank-window-blocked.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209608 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[Modern Media Controls] Remaining time label first appears way to the left
graouts@webkit.org [Fri, 9 Dec 2016 15:31:24 +0000 (15:31 +0000)]
[Modern Media Controls] Remaining time label first appears way to the left
https://bugs.webkit.org/show_bug.cgi?id=165637

Reviewed by Dean Jackson.

Source/WebCore:

We would sometimes see the remaining time label be laid out in an incorrect position
when a video would start playing. This happened because the time label was being committed
from a previous value before, in the same frame, we would call the layout() function
of MacOSInlineMediaControls. This would set the newly computed location for the
remaining time label, but because we would reset the list of dirty properties after
calling all layout functions, the new value set in MacOSInlineMediaControls.layout()
would be disregarded and the wrong, committed value would persist until it was reset
in a much later frame.

We now correctly clear the list of dirty nodes before laying them out, giving all nodes
a chance to become dirty again during layout, and updated again in the next frame.

Test: media/modern-media-controls/layout-node/node-made-dirty-during-layout.html

* Modules/modern-media-controls/controls/layout-node.js:
(performScheduledLayout):

LayoutTests:

Add a new test that checks that marking a property as dirty during a layout correctly commits
that property on the next frame.

* media/modern-media-controls/layout-node/node-made-dirty-during-layout-expected.txt: Added.
* media/modern-media-controls/layout-node/node-made-dirty-during-layout.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209607 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] Force GDK backend to x11 when running with XvfbDriver
gns@gnome.org [Fri, 9 Dec 2016 15:30:34 +0000 (15:30 +0000)]
[GTK] Force GDK backend to x11 when running with XvfbDriver
https://bugs.webkit.org/show_bug.cgi?id=165612

Reviewed by Michael Catanzaro.

When the developer is running a Wayland session, GDK may get confused
and try to use its Wayland backend (which is higher priority) instead.
This ensures it will use the appropriate backend when running under
Xvfb.

* Scripts/webkitpy/port/gtk.py:
(GtkPort.setup_environ_for_server): when running with XvfbDriver,
force GDK_BACKEND to x11.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed build fix. Thanks to Konstantin Tokarev and Csaba Osztrogonác
gns@gnome.org [Fri, 9 Dec 2016 15:23:14 +0000 (15:23 +0000)]
Unreviewed build fix. Thanks to Konstantin Tokarev and Csaba Osztrogonác
for pointing out the fix.

* CMakeLists.txt: add WebCore/html/canvas to include paths.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209605 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] Fix build after r209558
gns@gnome.org [Fri, 9 Dec 2016 14:05:03 +0000 (14:05 +0000)]
[GTK] Fix build after r209558
https://bugs.webkit.org/show_bug.cgi?id=165653

Unreviewed build fix.

* UIProcess/API/APIPolicyClient.h: include WebsitePolicies.h.
* UIProcess/API/gtk/WebKitPolicyClient.cpp: ditto.
* UIProcess/API/gtk/WebKitPolicyDecision.cpp:
(webkit_policy_decision_use):  pass empty structure to new required argument.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209604 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoFix compile errors on Windows when building with .proj files.
pvollan@apple.com [Fri, 9 Dec 2016 11:13:32 +0000 (11:13 +0000)]
Fix compile errors on Windows when building with .proj files.

Unreviewed build fix.

Fix include paths.

* platform/graphics/win/IntPointWin.cpp:
* platform/graphics/win/IntRectWin.cpp:
* platform/graphics/win/IntSizeWin.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209603 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed buildfix after r209570.
ossy@webkit.org [Fri, 9 Dec 2016 10:50:47 +0000 (10:50 +0000)]
Unreviewed buildfix after r209570.

* bindings/js/JSDOMGlobalObject.cpp:
(WebCore::JSDOMGlobalObject::addBuiltinGlobals):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209602 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[css-grid] Pass Grid as argument to items' placement methods
svillar@igalia.com [Fri, 9 Dec 2016 10:32:22 +0000 (10:32 +0000)]
[css-grid] Pass Grid as argument to items' placement methods
https://bugs.webkit.org/show_bug.cgi?id=165250

Reviewed by Darin Adler.

In order to constify computeIntrinsicLogicalWidths() it is required to constify
placeItemsOnGrid() first, which is the base method of the grid items' positioning logic. The
first step is to constify all the methods invoked by the latter, which basically means to
pass the Grid as argument to all of them instead of directly using the m_grid attribute from
RenderGrid. As this is an intermediate step, a new const_cast<> was required in the
intrinsic size computation. However it will be promptly removed after the const-ification of
placeItemsOnGrid().

After this, only the methods used by the track sizing algorithm will directly access
m_grid. All those would get a reference to the Grid via GridSizingData, but that's a matter
of a follow up patch.

Apart from that, m_gridIsDirty was removed because it was always too confusing. It was
replaced by Grid's m_needsItemsPlacement which is much more concise. The clearGrid() call
was indeed only forcing a new placement of the grid items.

No new tests as this is a refactoring.

* rendering/RenderGrid.cpp:
(WebCore::RenderGrid::Grid::setNeedsItemsPlacement): New method to flag the Grid whenever
grid items' placement algorithm needs to be run.
(WebCore::RenderGrid::canPerformSimplifiedLayout):
(WebCore::RenderGrid::layoutBlock):
(WebCore::RenderGrid::computeIntrinsicLogicalWidths):
(WebCore::RenderGrid::computeEmptyTracksForAutoRepeat):
(WebCore::RenderGrid::placeItemsOnGrid):
(WebCore::RenderGrid::populateExplicitGridAndOrderIterator): Constified. Got Grid as
argument.
(WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid): Ditto.
(WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid): Ditto.
(WebCore::RenderGrid::placeAutoMajorAxisItemsOnGrid): Ditto.
(WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid): Ditto.
(WebCore::RenderGrid::clearGrid):
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
(WebCore::RenderGrid::numTracks):
* rendering/RenderGrid.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209601 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed ARM buildfix after 209570.
ossy@webkit.org [Fri, 9 Dec 2016 09:50:17 +0000 (09:50 +0000)]
Unreviewed ARM buildfix after 209570.

* assembler/MacroAssemblerARM.h:
(JSC::MacroAssemblerARM::or32): Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209600 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRevert - Add _WKIconLoadingDelegate SPI
barraclough@apple.com [Fri, 9 Dec 2016 08:08:41 +0000 (08:08 +0000)]
Revert - Add _WKIconLoadingDelegate SPI
https://bugs.webkit.org/show_bug.cgi?id=164894

Unreviewed rollout due to performance regression.

Source/WebCore:

* WebCore.xcodeproj/project.pbxproj:
* dom/Document.cpp:
(WebCore::Document::implicitClose):
* html/LinkIconCollector.cpp:
(WebCore::iconSize):
(WebCore::compareIcons):
* html/LinkIconCollector.h:
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::startIconLoading): Deleted.
(WebCore::DocumentLoader::didGetLoadDecisionForIcon): Deleted.
(WebCore::DocumentLoader::finishedLoadingIcon): Deleted.
* loader/DocumentLoader.h:
* loader/FrameLoaderClient.h:
* loader/icon/IconLoader.cpp:
(WebCore::IconLoader::IconLoader):
(WebCore::IconLoader::startLoading):
(WebCore::IconLoader::notifyFinished):
* loader/icon/IconLoader.h:
* platform/LinkIcon.h: Removed.

Source/WebKit2:

* PlatformMac.cmake:
* UIProcess/API/APIIconLoadingClient.h: Removed.
* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]):
(-[WKWebView _iconLoadingDelegate]): Deleted.
(-[WKWebView _setIconLoadingDelegate:]): Deleted.
* UIProcess/API/Cocoa/WKWebViewPrivate.h:
* UIProcess/API/Cocoa/_WKIconLoadingDelegate.h: Removed.
* UIProcess/API/Cocoa/_WKLinkIconParameters.h: Removed.
* UIProcess/API/Cocoa/_WKLinkIconParameters.mm: Removed.
* UIProcess/API/Cocoa/_WKLinkIconParametersInternal.h: Removed.
* UIProcess/Cocoa/IconLoadingDelegate.h: Removed.
* UIProcess/Cocoa/IconLoadingDelegate.mm: Removed.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::setIconLoadingClient): Deleted.
(WebKit::WebPageProxy::getLoadDecisionForIcon): Deleted.
(WebKit::WebPageProxy::finishedLoadingIcon): Deleted.
* UIProcess/WebPageProxy.h:
(WebKit::WebPageProxy::iconLoadingClient): Deleted.
* UIProcess/WebPageProxy.messages.in:
* WebKit2.xcodeproj/project.pbxproj:
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::useIconLoadingClient): Deleted.
(WebKit::WebFrameLoaderClient::getLoadDecisionForIcon): Deleted.
(WebKit::WebFrameLoaderClient::finishedLoadingIcon): Deleted.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
(WebKit::WebFrameLoaderClient::setUseIconLoadingClient): Deleted.
(): Deleted.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::didGetLoadDecisionForIcon): Deleted.
(WebKit::WebPage::setUseIconLoadingClient): Deleted.
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209599 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[WebCrypto] Remove NoInterfaceObject attribute from SubtleCrypto Interface
jiewen_tan@apple.com [Fri, 9 Dec 2016 07:45:56 +0000 (07:45 +0000)]
[WebCrypto] Remove NoInterfaceObject attribute from SubtleCrypto Interface
https://bugs.webkit.org/show_bug.cgi?id=165629
<rdar://problem/29586203>

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

* WebCryptoAPI/idlharness-expected.txt:

Source/WebCore:

Covered by existing tests.

* crypto/SubtleCrypto.idl:

LayoutTests:

* js/dom/global-constructors-attributes-dedicated-worker-expected.txt:
* platform/mac/js/dom/global-constructors-attributes-expected.txt:
* platform/mac-yosemite/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209598 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: JSC::link* shouldn't need a CodeBlock
jfbastien@apple.com [Fri, 9 Dec 2016 06:52:51 +0000 (06:52 +0000)]
WebAssembly: JSC::link* shouldn't need a CodeBlock
https://bugs.webkit.org/show_bug.cgi?id=165591

Reviewed by Keith Miller.

JSTests:

test that wasm -> JS works, including the IC

* wasm/js-api/test_Instance.js:
(const.wasmModuleWhichImportJS):
(MonomorphicImport):
(Polyphic2Import):
(Polyphic3Import):
(VirtualImport):

Source/JavaScriptCore:

Allow linking without a CodeBlock, which WebAssembly's wasm -> JS stubs does. This needs to work for polymorphic and virtual calls. This patch adds corresponding tests for this.

* assembler/LinkBuffer.cpp:
(JSC::shouldDumpDisassemblyFor): don't look at the tier option if there isn't a CodeBlock, only look at the global one. This is a WebAssembly function, so the tier information is irrelevant.
* jit/Repatch.cpp:
(JSC::isWebAssemblyToJSCallee): this is used in the link* functions below
(JSC::linkFor):
(JSC::linkVirtualFor):
(JSC::linkPolymorphicCall):
* runtime/Options.h: add an option to change the maximum number of polymorphic calls in stubs from wasm to JS, which will come in handy when we try to tune performance or try merging some of the WebAssembly stubs
* wasm/WasmBinding.cpp:
(JSC::Wasm::importStubGenerator): remove the breakpoint since the code now works
* wasm/js/WebAssemblyToJSCallee.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209597 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoGreen the cloop bot by raising this threshold.
fpizlo@apple.com [Fri, 9 Dec 2016 05:10:57 +0000 (05:10 +0000)]
Green the cloop bot by raising this threshold.

* mozilla/js1_5/Array/regress-101964.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209596 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMultiPutByOffset should get a barrier if it transitions
fpizlo@apple.com [Fri, 9 Dec 2016 04:53:33 +0000 (04:53 +0000)]
MultiPutByOffset should get a barrier if it transitions
https://bugs.webkit.org/show_bug.cgi?id=165646

Reviewed by Keith Miller.

Previously, if we knew that we were storing a non-cell but we needed to transition, we
would fail to add the barrier but the FTL's lowering expected the barrier to be there.

Strictly, we need to "consider" the barrier on MultiPutByOffset if the value is
possibly a cell or if the MultiPutByOffset may transition. Then "considering" the
barrier implies checking if the base is possibly old.

But because the barrier is so cheap anyway, this patch implements something safer: we
just consider the barrier on MultiPutByOffset unconditionally, which opts it out of any
barrier optimizations other than those based on the predicted state of the base. Those
optimizations are already sound - for example they use doesGC() to detect safepoints
and that function correctly predicts when MultiPutByOffset could GC.

Because the barrier optimizations are only a very small speed-up, I think it's great to
fix bugs by weakening the optimizer without cleverness.

* dfg/DFGFixupPhase.cpp:
* dfg/DFGStoreBarrierInsertionPhase.cpp:
* heap/MarkedBlock.cpp:
(JSC::MarkedBlock::assertValidCell):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209595 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoEnable concurrent GC on ARM64
fpizlo@apple.com [Fri, 9 Dec 2016 03:30:03 +0000 (03:30 +0000)]
Enable concurrent GC on ARM64
https://bugs.webkit.org/show_bug.cgi?id=165643

Reviewed by Saam Barati.

It looks stable enough to enable.

* assembler/CPU.h:
(JSC::useGCFences): Deleted.
* bytecode/PolymorphicAccess.cpp:
(JSC::AccessCase::generateImpl):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage):
(JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeNewObject):
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::reallocatePropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::allocateObject):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::mutatorFence):
(JSC::AssemblyHelpers::storeButterfly):
(JSC::AssemblyHelpers::nukeStructureAndStoreButterfly):
(JSC::AssemblyHelpers::emitInitializeInlineStorage):
(JSC::AssemblyHelpers::emitInitializeOutOfLineStorage):
* runtime/Options.cpp:
(JSC::recomputeDependentOptions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209594 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoFileHandle::printf doesn't build on Windows
krollin@apple.com [Fri, 9 Dec 2016 03:10:02 +0000 (03:10 +0000)]
FileHandle::printf doesn't build on Windows
https://bugs.webkit.org/show_bug.cgi?id=165642

Reviewed by Ryosuke Niwa.

Fix the build -- vasprintf does not exist on Windows, so make
FileHandle::printf a no-op on that platform.

No new tests -- affected facility is currently only used in testing
code and is not user reachable.

* platform/FileHandle.cpp:
(WebCore::FileHandle::printf):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209593 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[Modern Media Controls] Exiting fullscreen with paused media shows the start button
commit-queue@webkit.org [Fri, 9 Dec 2016 02:37:45 +0000 (02:37 +0000)]
[Modern Media Controls] Exiting fullscreen with paused media shows the start button
https://bugs.webkit.org/show_bug.cgi?id=165640

Patch by Antoine Quint <graouts@apple.com> on 2016-12-08
Reviewed by Dean Jackson.

Source/WebCore:

Like all supporting objects, the StartSupport instance gets recreated when creating controls
for new layout traits, which happens when going from fullscreen to inline. Due to this, the
"_isPlayed" property is not longer set to true, even if the media has played prior to being
paused in fullscreen. We now also check the media's played range to identify whether media
has been played.

* Modules/modern-media-controls/media/start-support.js:
(StartSupport.prototype._shouldShowStartButton):
(StartSupport):

LayoutTests:

Modify the existing test that enters fullscreen and returns to inline controls with paused media
to check that the start button is not shown upon returning to inline controls.

* media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-inline-expected.txt:
* media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-inline.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209592 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoASSERTION FAILED: locale in WebCore::lastHyphenLocation
mmaxfield@apple.com [Fri, 9 Dec 2016 02:06:04 +0000 (02:06 +0000)]
ASSERTION FAILED: locale in WebCore::lastHyphenLocation
https://bugs.webkit.org/show_bug.cgi?id=164182

Reviewed by Zalan Bujtas.

Source/WebCore:

Our hyphenation code assumes the locale is in a small set of known locales.
However, web content can put whatever string it wants in the locale field.

Test: fast/text/hyphenation-unknown-locale.html

* platform/text/cf/HyphenationCF.cpp:
(WebCore::lastHyphenLocation):
* rendering/RenderText.cpp:
(WebCore::maxWordFragmentWidth): When computing the minimum preferred width of
an element, we want to know the size of the widest nonbreakable unit. When
hyphenation is enabled, we have to measure the width of each fragment of each
word (where "fragment" is determined by a substring between two successive
hyphenation points, appended with a hyphen character). A hyphenation point at
string offset 0 is irrelevant for this purpose, because it would lead to an
empty fragment. Therefore, skip this situation.

LayoutTests:

* fast/text/hyphenation-unknown-locale-expected.txt: Added.
* fast/text/hyphenation-unknown-locale.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209591 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAlways check the return value of pthread_key_create()
ddkilzer@apple.com [Fri, 9 Dec 2016 01:54:31 +0000 (01:54 +0000)]
Always check the return value of pthread_key_create()
<https://webkit.org/b/165274>

Reviewed by Darin Adler.

Source/bmalloc:

* bmalloc/PerThread.h:
(bmalloc::PerThreadStorage::init): Call BCRASH() if
pthread_key_create() returns an error.  The error code will be
stored in a register available in a crash log, so no need to log
the value explicitly.

Source/WebCore:

* platform/ios/wak/WebCoreThread.mm:
(InitThreadContextKey): Call CRASH() if pthread_key_create()
returns an error.  The error code will be stored in a register
available in a crash log, so no need to log the value
explicitly.

Source/WTF:

* wtf/ThreadIdentifierDataPthreads.cpp:
(WTF::ThreadIdentifierData::initializeOnce): Make the code more
readable by assigning a variable to the result of
pthread_key_create().  This matches the idiom used elsewhere.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209590 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAdd 64-bit signed LEB decode method
keith_miller@apple.com [Fri, 9 Dec 2016 01:34:05 +0000 (01:34 +0000)]
Add 64-bit signed LEB decode method
https://bugs.webkit.org/show_bug.cgi?id=165630

Reviewed by Ryosuke Niwa.

Source/WTF:

Add int64 LEB decode and fix some 64-bit specific issues
with the decoder. There is also a fix where we would allow
LEBs with canonical length + 1 size that is fixed by this
patch.

* wtf/LEBDecoder.h:
(WTF::LEBDecoder::decodeUInt):
(WTF::LEBDecoder::decodeInt):
(WTF::LEBDecoder::decodeUInt32):
(WTF::LEBDecoder::decodeUInt64):
(WTF::LEBDecoder::decodeInt32):
(WTF::LEBDecoder::decodeInt64):

Tools:

Add tests for LEB int64 and uint64 decode since I guess
I forgot to add tests before.

* TestWebKitAPI/Tests/WTF/LEBDecoder.cpp:
(TestWebKitAPI::testUInt32LEBDecode):
(TestWebKitAPI::TEST):
(TestWebKitAPI::testUInt64LEBDecode):
(TestWebKitAPI::testInt32LEBDecode):
(TestWebKitAPI::testInt64LEBDecode):
(TestWebKitAPI::testUnsignedLEBDecode): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209586 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMake it easy to enable --force-collectContinuously
fpizlo@apple.com [Fri, 9 Dec 2016 01:21:15 +0000 (01:21 +0000)]
Make it easy to enable --force-collectContinuously
https://bugs.webkit.org/show_bug.cgi?id=165638

Reviewed by Keith Miller.

* Scripts/run-javascriptcore-tests:
(runJSCStressTests):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209585 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoReduce PassRefPtr use in platform/graphics
achristensen@apple.com [Fri, 9 Dec 2016 01:21:07 +0000 (01:21 +0000)]
Reduce PassRefPtr use in platform/graphics
https://bugs.webkit.org/show_bug.cgi?id=165636

Reviewed by Dean Jackson.

No change in behavior.

* platform/graphics/GraphicsContext3D.h:
* platform/graphics/mac/DisplayRefreshMonitorMac.h:
(WebCore::DisplayRefreshMonitorMac::create):
* platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
(WebCore::GraphicsContext3D::createForCurrentGLContext):
(WebCore::GraphicsContext3D::paintRenderingResultsToImageData):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209584 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMove FileHandle to WebCore FileHandle.h
krollin@apple.com [Fri, 9 Dec 2016 00:56:48 +0000 (00:56 +0000)]
Move FileHandle to WebCore FileHandle.h
https://bugs.webkit.org/show_bug.cgi?id=165562

Reviewed by Alex Christensen.

Source/WebCore:

Add FileHandle, a small wrapper around FileSystem facilities to manage
the lifetime of an open file and give the facilities a C++ interface.

No new tests -- affected facility is currently only used in testing
code and is not user reachable.

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:
* platform/FileHandle.cpp: Added.
(WebCore::FileHandle::FileHandle):
(WebCore::FileHandle::~FileHandle):
(WebCore::FileHandle::operator=):
(WebCore::FileHandle::operator bool):
(WebCore::FileHandle::open):
(WebCore::FileHandle::read):
(WebCore::FileHandle::write):
(WebCore::FileHandle::printf):
(WebCore::FileHandle::close):
* platform/FileHandle.h: Added.

Source/WebKit2:

Move FileHandle from NetworkCaptureTypes.h (which can now be deleted)
to WebCore. Update client code to use the new version.

* NetworkProcess/capture/NetworkCaptureEvent.cpp:
* NetworkProcess/capture/NetworkCaptureEvent.h:
* NetworkProcess/capture/NetworkCaptureManager.cpp:
(WebKit::NetworkCapture::Manager::initialize):
(WebKit::NetworkCapture::Manager::terminate):
(WebKit::NetworkCapture::Manager::logRecordedResource):
(WebKit::NetworkCapture::Manager::logLoadedResource):
(WebKit::NetworkCapture::Manager::logPlayedBackResource):
(WebKit::NetworkCapture::Manager::openCacheFile):
(WebKit::NetworkCapture::Manager::ensureFileHandle): Deleted.
(WebKit::NetworkCapture::Manager::printToFile): Deleted.
* NetworkProcess/capture/NetworkCaptureManager.h:
* NetworkProcess/capture/NetworkCaptureRecorder.cpp:
(WebKit::NetworkCapture::Recorder::writeEvents):
* NetworkProcess/capture/NetworkCaptureTypes.h: Removed.
* WebKit2.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209583 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoASSERTION FAILED: m_items.isEmpty() in CustomElementReactionQueue destructor
rniwa@webkit.org [Fri, 9 Dec 2016 00:53:32 +0000 (00:53 +0000)]
ASSERTION FAILED: m_items.isEmpty() in CustomElementReactionQueue destructor
https://bugs.webkit.org/show_bug.cgi?id=162029
<rdar://problem/28945851>

Reviewed by Chris Dumez.

Source/WebCore:

The bug was caused by Document::removedLastRef enqueuing disconnectedCallback during a tear down.
Don't enqueue a disconnectedCallback while a document is getting torn down since that should not be
observable to author scripts. The connected, adopted, and attributeChanged callbacks are immune from
this problem since they don't happen during a document destruction.

Note that this was also the case prior to this patch since the disconnectedCallback would have been
added to the current CustomElementReactionQueue which will be destructed without invoking callbacks
(or hit a release assertion added in r208785 and r209426 for now).

Tests: fast/custom-elements/disconnected-callback-in-detached-iframe.html
       fast/custom-elements/element-queue-during-document-destruction.html

* dom/CustomElementReactionQueue.cpp:
(WebCore::CustomElementReactionQueue::enqueueConnectedCallbackIfNeeded): Added an assertion that
document's refCount hasn't reached zero yet.
(WebCore::CustomElementReactionQueue::enqueueDisconnectedCallbackIfNeeded): Fixed the bug.
(WebCore::CustomElementReactionQueue::enqueueAdoptedCallbackIfNeeded): Added the same assertion.
(WebCore::CustomElementReactionQueue::enqueueAttributeChangedCallbackIfNeeded): Ditto.

LayoutTests:

Added a regression test that reliably reproduces the crash in DumpRenderTree / WebKitTestRunner.

Also added a W3C style testharness.js test for the behavior I broke in an earlier iteration of the patch.

* fast/custom-elements/disconnected-callback-in-detached-iframe-expected.txt: Added.
* fast/custom-elements/disconnected-callback-in-detached-iframe.html: Added.
* fast/custom-elements/element-queue-during-document-destruction-expected.txt: Added.
* fast/custom-elements/element-queue-during-document-destruction.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209582 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAttempt to fix the iOS build.
andersca@apple.com [Fri, 9 Dec 2016 00:44:05 +0000 (00:44 +0000)]
Attempt to fix the iOS build.

* Platform/IPC/mac/MachMessage.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209581 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMarking compositing/rtl/rtl-fixed-overflow.html as failing on mac-wk1.
ryanhaddad@apple.com [Fri, 9 Dec 2016 00:36:13 +0000 (00:36 +0000)]
Marking compositing/rtl/rtl-fixed-overflow.html as failing on mac-wk1.
https://bugs.webkit.org/show_bug.cgi?id=165541

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209580 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDisable the collectContinuously mode until I investigate failures.
fpizlo@apple.com [Fri, 9 Dec 2016 00:32:46 +0000 (00:32 +0000)]
Disable the collectContinuously mode until I investigate failures.

Rubber stamped by Keith Miller.

I'm seeing collectContinuously crashes on some platforms. Disabling that testing mode
while I investigate.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209579 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAdd Strict Mixed Content Checking and Upgrade Insecure Requests to WebKit Feature...
dbates@webkit.org [Fri, 9 Dec 2016 00:24:02 +0000 (00:24 +0000)]
Add Strict Mixed Content Checking and Upgrade Insecure Requests to WebKit Feature Status dashboard
https://bugs.webkit.org/show_bug.cgi?id=165635

Rubber-stamped by Ryosuke Niwa.

* features.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209578 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoImplement Strict Mixed Content Checking
dbates@webkit.org [Thu, 8 Dec 2016 23:54:13 +0000 (23:54 +0000)]
Implement Strict Mixed Content Checking
https://bugs.webkit.org/show_bug.cgi?id=165438
<rdar://problem/26103867>

Reviewed by Brent Fulgham and Andy Estes.

Source/WebCore:

Add support for the CSP directive block-all-mixed-content to enable strict mixed content checking
as per <https://www.w3.org/TR/2016/CR-mixed-content-20160802/#strict-checking> (2 August 2016).

Currently WebKit only blocks blockable content as such content can contaminate the security origin
that loaded it. Optionally-blockable content, including images, would be allowed to load as mixed
content. When strict mixed content checking is enabled all mixed content is blocked. That is, both
blockable and optionally-blockable content will be blocked. A web site can opt into strict mixed
content checking by adding the directive block-all-mixed-content to their content security policy.

Tests: http/tests/security/contentSecurityPolicy/block-all-mixed-content/data-url-iframe-in-main-frame.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/duplicate-directive.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-iframe-report-only.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-main-frame.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-iframe-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-iframe-in-main-frame.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-blob-url-iframe-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-enforced-and-report-policies.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-inherited-policy.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-main-frame.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-xslt-document-in-iframe-with-inherited-policy.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-main-frame.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-iframe-with-inherited-policy.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-main-frame.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-asynchronous-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-asynchronous-in-main-frame.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-synchronous-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-synchronous-in-main-frame.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/secure-image-after-upgrade-in-iframe.html
       http/tests/security/contentSecurityPolicy/block-all-mixed-content/secure-image-after-upgrade-redirect-in-iframe.html

* dom/Document.cpp:
(WebCore::Document::initSecurityContext): Inherit strict mixed content checking mode from parent document.
* dom/SecurityContext.h:
(WebCore::SecurityContext::isStrictMixedContentMode): Added.
(WebCore::SecurityContext::setStrictMixedContentMode): Added.
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::willSendRequest): Check mixed content policy with respect to the current frame.
The document in the current frame may have opted into strict mixed content checking or inherited it from
its parent document.
* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::begin): Inherit the strict mixed content checking mode from the owner document
when loading a JavaScript URL in a frame (e.g. <iframe src="javascript:...">) because such URLs inherit
the security origin of their parent document.
* loader/MixedContentChecker.cpp:
(WebCore::MixedContentChecker::canDisplayInsecureContent): Check the content security policy of the document
and the strict mixed content checking mode bit on the document (in that order) to determine if we are in
strict mode. Block display of insecure content when in strict mode. Modified to take enum AlwaysDisplayInNonStrictMode (defaults
to AlwaysDisplayInNonStrictMode::No) as to whether to allow our current relaxed behavior of displaying insecure
content in non-strict mode.
(WebCore::MixedContentChecker::canRunInsecureContent): Check the content security policy of the document
and the strict mixed content checking mode bit on the document (in that order) to determine if we are in
strict mode. Block running of insecure content when in strict mode.
* loader/MixedContentChecker.h:
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::checkInsecureContent): Always check mixed content policy with respect to
the current frame. The document in the current frame may have opted into strict mixed content checking or
inherited it from its parent document. Also renamed a local variable f to frame to better describe its
purpose.
* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::allowRunningOrDisplayingInsecureContent): Added. Iterate through all the
policies and report violations with respect to policies that have directive block-all-mixed-content.
(WebCore::ContentSecurityPolicy::didReceiveHeader): Move logic to set eval() error message from here...
(WebCore::ContentSecurityPolicy::applyPolicyToScriptExecutionContext): ...to here so that we only perform
it once we are ready to apply the CSP policy to the script execution context. Additionally, enable
strict mixed content checking on the script execution context if applicable.
(WebCore::ContentSecurityPolicy::reportViolation): Added overrides that take a string and a directive list
object (ContentSecurityPolicyDirectiveList) for the effective violated directive and its associated directive
list, respectively. We make use of these overrides so as to support reporting block-all-mixed-content
violations, which are not implemented using a ContentSecurityPolicyDirective object as it seemed sufficient
to implement it as a boolean on ContentSecurityPolicyDirectiveList.
* page/csp/ContentSecurityPolicy.h:
* page/csp/ContentSecurityPolicyDirectiveList.cpp:
(WebCore::ContentSecurityPolicyDirectiveList::setBlockAllMixedContentEnabled): Added.
(WebCore::ContentSecurityPolicyDirectiveList::addDirective): Parse the directive block-all-mixed-content.
* page/csp/ContentSecurityPolicyDirectiveList.h:
(WebCore::ContentSecurityPolicyDirectiveList::hasBlockAllMixedContentDirective): Added.
* page/csp/ContentSecurityPolicyDirectiveNames.cpp:
* page/csp/ContentSecurityPolicyDirectiveNames.h: Add constant for "block-all-mixed-content".

LayoutTests:

Add tests to ensure that we do not regress strict mixed content checking.

* http/tests/security/contentSecurityPolicy/block-all-mixed-content/data-url-iframe-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/data-url-iframe-in-main-frame.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/duplicate-directive-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/duplicate-directive.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-iframe-report-only-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-iframe-report-only.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-main-frame.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-iframe-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-iframe-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-iframe-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-iframe-in-main-frame.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-blob-url-iframe-in-iframe-expected.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-blob-url-iframe-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-enforced-and-report-policies-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-enforced-and-report-policies.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-inherited-policy-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-inherited-policy.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-main-frame.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-xslt-document-in-iframe-with-inherited-policy-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-xslt-document-in-iframe-with-inherited-policy.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-main-frame.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-iframe-with-inherited-policy-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-iframe-with-inherited-policy.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-main-frame.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-asynchronous-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-asynchronous-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-asynchronous-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-asynchronous-in-main-frame.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-synchronous-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-synchronous-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-synchronous-in-main-frame-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-synchronous-in-main-frame.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/dump-securitypolicyviolation-and-notify-done.js: Added.
(logMessage):
(securityPolicyViolationToString):
(checkNotify):
(recordSecurityPolicyViolation):
(window.onload):
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/fail.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-data-url-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-css-report-only.php: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-css.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-image-and-without-policy.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-image-in-blob-url-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-image-in-javascript-url-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-image-with-enforced-and-report-policies.php: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-image.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-plugin.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-script.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-xhr.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-secure-image-after-upgrade-redirect.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-secure-image-after-upgrade.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/red-square.png: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/transform-functions.xsl: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/secure-image-after-upgrade-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/secure-image-after-upgrade-in-iframe.html: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/secure-image-after-upgrade-redirect-in-iframe-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/secure-image-after-upgrade-redirect-in-iframe.html: Added.
* platform/ios-simulator/TestExpectations: Skip plugin tests as plugins are not supported on iOS.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209577 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDisable collectContinuously if not useConcurrentGC
fpizlo@apple.com [Thu, 8 Dec 2016 22:57:12 +0000 (22:57 +0000)]
Disable collectContinuously if not useConcurrentGC

Rubber stamped by Geoffrey Garen.

* runtime/Options.cpp:
(JSC::recomputeDependentOptions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209576 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDefer sending Mach messages if the queue is full
andersca@apple.com [Thu, 8 Dec 2016 22:53:58 +0000 (22:53 +0000)]
Defer sending Mach messages if the queue is full
https://bugs.webkit.org/show_bug.cgi?id=165622
rdar://problem/29518036

Reviewed by Brady Eidson.

Source/WebKit2:

* Platform/IPC/Connection.cpp:
Include MachMessage.h so the Connection destructor can do its thing.

* Platform/IPC/Connection.h:
Add new members.

* Platform/IPC/mac/ConnectionMac.mm:
(IPC::Connection::platformInvalidate):
Null out the pending outgoing mach message.

(IPC::Connection::sendMessage):
New helper that will send a Mach message. If we time out, store the message in m_pendingOutgoingMachMessage.
When our send source will be triggered we'll try to send the message again.

(IPC::Connection::platformCanSendOutgoingMessages):
We can only send messages if we don't have a pending outgoing message.

(IPC::Connection::sendOutgoingMessage):
Call the newly added sendMessage function.

(IPC::Connection::initializeSendSource):
Add the DISPATCH_MACH_SEND_POSSIBLE mask (and DISPATCH_MACH_SEND_DEAD which was previously implicit).
In our event handler, check for DISPATCH_MACH_SEND_POSSIBLE and try to send the pending outgoing message again.

* Platform/IPC/mac/MachMessage.cpp:
(IPC::MachMessage::create):
Rename length to size.

(IPC::MachMessage::MachMessage):
Initialize m_shouldFreeDescriptors.

(IPC::MachMessage::~MachMessage):
Call mach_msg_destroy, which will free the descriptors.

(IPC::MachMessage::leakDescriptors):
Set m_shouldFreeDescriptors to false.

* Platform/IPC/mac/MachMessage.h:
(IPC::MachMessage::size):
(IPC::MachMessage::length): Deleted.

Source/WTF:

Add new SPI.

* wtf/spi/darwin/XPCSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209575 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[WebIDL] Remove custom bindings for Geolocation
weinig@apple.com [Thu, 8 Dec 2016 22:52:37 +0000 (22:52 +0000)]
[WebIDL] Remove custom bindings for Geolocation
https://bugs.webkit.org/show_bug.cgi?id=165625

Reviewed by Alex Christensen.

Source/WebCore:

* CMakeLists.txt:
* DerivedSources.cpp:
* DerivedSources.make:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSBindingsAllInOne.cpp:
Add/remove files.

* Modules/geolocation/GeoNotifier.cpp:
(WebCore::GeoNotifier::GeoNotifier):
(WebCore::GeoNotifier::hasZeroTimeout):
(WebCore::GeoNotifier::startTimerIfNeeded):
* Modules/geolocation/GeoNotifier.h:
(WebCore::GeoNotifier::create):
(WebCore::GeoNotifier::options):
Update to store PositionOptions as a value, and pass the PositionCallback
as a Ref, rather than a RefPtr, since it is not optional.

* Modules/geolocation/Geolocation.cpp:
(WebCore::createGeoposition):
Use auto, to get the good type for Coordinates (Ref).

(WebCore::Geolocation::getCurrentPosition):
(WebCore::Geolocation::watchPosition):
(WebCore::Geolocation::haveSuitableCachedPosition):
(WebCore::Geolocation::startUpdating):
* Modules/geolocation/Geolocation.h:
Update to pass PositionOptions itself now that it is a plain struct.

* Modules/geolocation/Geolocation.idl:
Remove [Custom] extended attribute and add FIXME about nullable annotation.

* Modules/geolocation/Geoposition.h:
Pass/store Coordinates as a Ref.

* Modules/geolocation/PositionOptions.h:
Convert to be a simple struct.

* Modules/geolocation/PositionOptions.idl:
Added.

* bindings/js/JSGeolocationCustom.cpp:
Removed.

LayoutTests:

* fast/dom/Geolocation/argument-types-expected.txt:
* fast/dom/Geolocation/not-enough-arguments-expected.txt:
* fast/dom/Geolocation/script-tests/argument-types.js:
Update tests for improved error messages / adherence to WebIDL.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209574 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[iOS] WKWebView should not allow app links to be opened on back or forward navigation
cpugh@apple.com [Thu, 8 Dec 2016 22:50:28 +0000 (22:50 +0000)]
[iOS] WKWebView should not allow app links to be opened on back or forward navigation
https://bugs.webkit.org/show_bug.cgi?id=165502

Reviewed by Dan Bernstein.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForNavigationAction): Add a condition to shouldOpenAppLinks
(which we use when creating a NavigationAction) that the navigationActionData is not a navigation
of type BackForward. This way, we don't open app links when a navigation is done via back or
forward.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209573 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoREGRESSION (URL parser): Relative URLs aren’t resolved correctly when the base URL...
achristensen@apple.com [Thu, 8 Dec 2016 22:42:18 +0000 (22:42 +0000)]
REGRESSION (URL parser): Relative URLs aren’t resolved correctly when the base URL is an applewebdata: URL
https://bugs.webkit.org/show_bug.cgi?id=165621

Reviewed by Dan Bernstein.

Source/WebCore:

Covered by new API tests.

* platform/URLParser.cpp:
(WebCore::URLParser::parse):
URLs with nonspecial schemes and no slash after the host get no slash as the path to maintain compatibility with all browsers.
This was proposed to the URL spec in https://github.com/whatwg/url/issues/148
When such as URL is used as a base URL with a relative path, in order to maintain compatibility with URL::parse we need to prepend
a slash to the path.  For completeness I added tests with a relative path, a relative query, a relative fragment, and a relative empty string,
and because the fate of the spec is unclear in this case, I decided to maintain compatibility with URL::parse in all these cases.

Tools:

* TestWebKitAPI/Tests/WebCore/URLParser.cpp:
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209572 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, fix cloop build.
fpizlo@apple.com [Thu, 8 Dec 2016 22:22:52 +0000 (22:22 +0000)]
Unreviewed, fix cloop build.

* runtime/JSObject.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209571 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoPerformanceTests:
fpizlo@apple.com [Thu, 8 Dec 2016 22:14:50 +0000 (22:14 +0000)]
PerformanceTests:
Concurrent GC should be stable enough to land enabled
https://bugs.webkit.org/show_bug.cgi?id=164990

Reviewed by Geoffrey Garen.

Made CDjs more configurable and refined the "large.js" configuration. I was using that one and
the new "long.js" configuration to tune concurrent eden GCs.

Added a new way of running Splay in browser, which using chartjs to plot the execution times of
2000 iterations. This includes the minified chartjs.

* JetStream/Octane2/splay-detail.html: Added.
* JetStream/cdjs/benchmark.js:
(benchmarkImpl):
(benchmark):
* JetStream/cdjs/long.js: Added.

Source/JavaScriptCore:
Concurrent GC should be stable enough to land enabled on X86_64
https://bugs.webkit.org/show_bug.cgi?id=164990

Reviewed by Geoffrey Garen.

This fixes a ton of performance and correctness bugs revealed by getting the concurrent GC to
be stable enough to land enabled.

I had to redo the JSObject::visitChildren concurrency protocol again. This time I think it's
even more correct than ever!

This is an enormous win on JetStream/splay-latency and Octane/SplayLatency. It looks to be
mostly neutral on everything else, though Speedometer is showing statistically weak signs of a
slight regression.

* API/JSAPIWrapperObject.mm: Added locking.
(JSC::JSAPIWrapperObject::visitChildren):
* API/JSCallbackObject.h: Added locking.
(JSC::JSCallbackObjectData::visitChildren):
(JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
(JSC::JSCallbackObjectData::JSPrivatePropertyMap::deletePrivateProperty):
(JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren):
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::UnconditionalFinalizer::finalizeUnconditionally): This had a TOCTOU race on shouldJettisonDueToOldAge.
(JSC::EvalCodeCache::visitAggregate): Moved to EvalCodeCache.cpp.
* bytecode/DirectEvalCodeCache.cpp: Added. Outlined some functions and made them use locks.
(JSC::DirectEvalCodeCache::setSlow):
(JSC::DirectEvalCodeCache::clear):
(JSC::DirectEvalCodeCache::visitAggregate):
* bytecode/DirectEvalCodeCache.h:
(JSC::DirectEvalCodeCache::set):
(JSC::DirectEvalCodeCache::clear): Deleted.
* bytecode/UnlinkedCodeBlock.cpp: Added locking.
(JSC::UnlinkedCodeBlock::visitChildren):
(JSC::UnlinkedCodeBlock::setInstructions):
(JSC::UnlinkedCodeBlock::shrinkToFit):
* bytecode/UnlinkedCodeBlock.h: Added locking.
(JSC::UnlinkedCodeBlock::addRegExp):
(JSC::UnlinkedCodeBlock::addConstant):
(JSC::UnlinkedCodeBlock::addFunctionDecl):
(JSC::UnlinkedCodeBlock::addFunctionExpr):
(JSC::UnlinkedCodeBlock::createRareDataIfNecessary):
(JSC::UnlinkedCodeBlock::shrinkToFit): Deleted.
* debugger/Debugger.cpp: Use the right delete API.
(JSC::Debugger::recompileAllJSFunctions):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): Fix a pre-existing bug in ToFunction constant folding.
* dfg/DFGClobberize.h: Add support for nuking.
(JSC::DFG::clobberize):
* dfg/DFGClobbersExitState.cpp: Add support for nuking.
(JSC::DFG::clobbersExitState):
* dfg/DFGFixupPhase.cpp: Add support for nuking.
(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::indexForChecks):
(JSC::DFG::FixupPhase::originForCheck):
(JSC::DFG::FixupPhase::speculateForBarrier):
(JSC::DFG::FixupPhase::insertCheck):
(JSC::DFG::FixupPhase::fixupChecksInBlock):
* dfg/DFGSpeculativeJIT.cpp: Add support for nuking.
(JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage):
(JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage):
* ftl/FTLLowerDFGToB3.cpp: Add support for nuking.
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::reallocatePropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::mutatorFence):
(JSC::FTL::DFG::LowerDFGToB3::nukeStructureAndSetButterfly):
(JSC::FTL::DFG::LowerDFGToB3::setButterfly): Deleted.
* heap/CodeBlockSet.cpp: We need to be more careful about the CodeBlockSet workflow during GC, since we will allocate CodeBlocks in eden while collecting.
(JSC::CodeBlockSet::clearMarksForFullCollection):
(JSC::CodeBlockSet::deleteUnmarkedAndUnreferenced):
* heap/Heap.cpp: Added code to measure max pauses. Added a better collectContinuously mode.
(JSC::Heap::lastChanceToFinalize): Stop the collectContinuously thread.
(JSC::Heap::harvestWeakReferences): Inline SlotVisitor::harvestWeakReferences.
(JSC::Heap::finalizeUnconditionalFinalizers): Inline SlotVisitor::finalizeUnconditionalReferences.
(JSC::Heap::markToFixpoint): We need to do some MarkedSpace stuff before every conservative scan, rather than just at the start of marking, so we now call prepareForConservativeScan() before each conservative scan. Also call a less-parallel version of drainInParallel when the mutator is running.
(JSC::Heap::collectInThread): Inline Heap::prepareForAllocation().
(JSC::Heap::stopIfNecessarySlow): We need to be more careful about ensuring that we run finalization before and after stopping. Also, we should sanitize stack when stopping the world.
(JSC::Heap::acquireAccessSlow): Add some optional debug prints.
(JSC::Heap::handleNeedFinalize): Assert that we are running this when the world is not stopped.
(JSC::Heap::finalize): Remove the old collectContinuously code.
(JSC::Heap::requestCollection): We don't need to sanitize stack here anymore.
(JSC::Heap::notifyIsSafeToCollect): Start the collectContinuously thread. It will request collection 1 KHz.
(JSC::Heap::prepareForAllocation): Deleted.
(JSC::Heap::preventCollection): Prevent any new concurrent GCs from being initiated.
(JSC::Heap::allowCollection):
(JSC::Heap::forEachSlotVisitor): Allows us to safely iterate slot visitors.
* heap/Heap.h:
* heap/HeapInlines.h:
(JSC::Heap::writeBarrier): If the 'to' cell is not NewWhite then it could be AnthraciteOrBlack. During a full collection, objects may be AnthraciteOrBlack from a previous GC. Turns out, we don't benefit from this optimization so we can just kill it.
* heap/HeapSnapshotBuilder.cpp:
(JSC::HeapSnapshotBuilder::buildSnapshot): This needs to use PreventCollectionScope to ensure snapshot soundness.
* heap/ListableHandler.h:
(JSC::ListableHandler::isOnList): Useful helper.
* heap/LockDuringMarking.h:
(JSC::lockDuringMarking): It's a locker that only locks while we're marking.
* heap/MarkedAllocator.cpp:
(JSC::MarkedAllocator::addBlock): Hold the bitvector lock while resizing.
* heap/MarkedBlock.cpp: Hold the bitvector lock while accessing the bitvectors while the mutator is running.
* heap/MarkedSpace.cpp:
(JSC::MarkedSpace::prepareForConservativeScan): We used to do this in prepareForMarking, but we need to do it before each conservative scan not just before marking.
(JSC::MarkedSpace::prepareForMarking): Remove the logic moved to prepareForConservativeScan.
* heap/MarkedSpace.h:
* heap/PreventCollectionScope.h: Added.
* heap/SlotVisitor.cpp: Refactored drainFromShared so that we can write a similar function called drainInParallelPassively.
(JSC::SlotVisitor::updateMutatorIsStopped): Update whether we can use "fast" scanning.
(JSC::SlotVisitor::mutatorIsStoppedIsUpToDate):
(JSC::SlotVisitor::didReachTermination):
(JSC::SlotVisitor::hasWork):
(JSC::SlotVisitor::drain): This now uses the rightToRun lock to allow the main GC thread to safepoint the workers.
(JSC::SlotVisitor::drainFromShared):
(JSC::SlotVisitor::drainInParallelPassively): This runs marking with one fewer threads than normal. It's useful for when we have resumed the mutator, since then the mutator has a better chance of getting on a core.
(JSC::SlotVisitor::addWeakReferenceHarvester):
(JSC::SlotVisitor::addUnconditionalFinalizer):
(JSC::SlotVisitor::harvestWeakReferences): Deleted.
(JSC::SlotVisitor::finalizeUnconditionalFinalizers): Deleted.
* heap/SlotVisitor.h:
* heap/SlotVisitorInlines.h: Outline stuff.
(JSC::SlotVisitor::addWeakReferenceHarvester): Deleted.
(JSC::SlotVisitor::addUnconditionalFinalizer): Deleted.
* runtime/InferredType.cpp: This needed thread safety.
(JSC::InferredType::visitChildren): This needs to keep its structure finalizer alive until it runs.
(JSC::InferredType::set):
(JSC::InferredType::InferredStructureFinalizer::finalizeUnconditionally):
* runtime/InferredType.h:
* runtime/InferredValue.cpp: This needed thread safety.
(JSC::InferredValue::visitChildren):
(JSC::InferredValue::ValueCleanup::finalizeUnconditionally):
* runtime/JSArray.cpp:
(JSC::JSArray::unshiftCountSlowCase): Update to use new butterfly API.
(JSC::JSArray::unshiftCountWithArrayStorage): Update to use new butterfly API.
* runtime/JSArrayBufferView.cpp:
(JSC::JSArrayBufferView::visitChildren): Thread safety.
* runtime/JSCell.h:
(JSC::JSCell::setStructureIDDirectly): This is used for nuking the structure.
(JSC::JSCell::InternalLocker::InternalLocker): Deleted. The cell is now the lock.
(JSC::JSCell::InternalLocker::~InternalLocker): Deleted. The cell is now the lock.
* runtime/JSCellInlines.h:
(JSC::JSCell::structure): Clean this up.
(JSC::JSCell::lock): The cell is now the lock.
(JSC::JSCell::tryLock):
(JSC::JSCell::unlock):
(JSC::JSCell::isLocked):
(JSC::JSCell::lockInternalLock): Deleted.
(JSC::JSCell::unlockInternalLock): Deleted.
* runtime/JSFunction.cpp:
(JSC::JSFunction::visitChildren): Thread safety.
* runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren): Thread safety.
(JSC::JSGenericTypedArrayView<Adaptor>::slowDownAndWasteMemory): Thread safety.
* runtime/JSObject.cpp:
(JSC::JSObject::markAuxiliaryAndVisitOutOfLineProperties): Factor out this "easy" step of butterfly visiting.
(JSC::JSObject::visitButterfly): Make this achieve 100% precision about structure-butterfly relationships. This relies on the mutator "nuking" the structure prior to "locked" structure-butterfly transitions.
(JSC::JSObject::visitChildren): Use the new, nicer API.
(JSC::JSFinalObject::visitChildren): Use the new, nicer API.
(JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists): Use the new butterfly API.
(JSC::JSObject::createInitialUndecided): Use the new butterfly API.
(JSC::JSObject::createInitialInt32): Use the new butterfly API.
(JSC::JSObject::createInitialDouble): Use the new butterfly API.
(JSC::JSObject::createInitialContiguous): Use the new butterfly API.
(JSC::JSObject::createArrayStorage): Use the new butterfly API.
(JSC::JSObject::convertUndecidedToContiguous): Use the new butterfly API.
(JSC::JSObject::convertUndecidedToArrayStorage): Use the new butterfly API.
(JSC::JSObject::convertInt32ToArrayStorage): Use the new butterfly API.
(JSC::JSObject::convertDoubleToContiguous): Use the new butterfly API.
(JSC::JSObject::convertDoubleToArrayStorage): Use the new butterfly API.
(JSC::JSObject::convertContiguousToArrayStorage): Use the new butterfly API.
(JSC::JSObject::increaseVectorLength): Use the new butterfly API.
(JSC::JSObject::shiftButterflyAfterFlattening): Use the new butterfly API.
* runtime/JSObject.h:
(JSC::JSObject::setButterfly): This now does all of the fences. Only use this when you are not also transitioning the structure or the structure's lastOffset.
(JSC::JSObject::nukeStructureAndSetButterfly): Use this when doing locked structure-butterfly transitions.
* runtime/JSObjectInlines.h:
(JSC::JSObject::putDirectWithoutTransition): Use the newly factored out API.
(JSC::JSObject::prepareToPutDirectWithoutTransition): Factor this out!
(JSC::JSObject::putDirectInternal): Use the newly factored out API.
* runtime/JSPropertyNameEnumerator.cpp:
(JSC::JSPropertyNameEnumerator::finishCreation): Locks!
(JSC::JSPropertyNameEnumerator::visitChildren): Locks!
* runtime/JSSegmentedVariableObject.cpp:
(JSC::JSSegmentedVariableObject::visitChildren): Locks!
* runtime/JSString.cpp:
(JSC::JSString::visitChildren): Thread safety.
* runtime/ModuleProgramExecutable.cpp:
(JSC::ModuleProgramExecutable::visitChildren): Thread safety.
* runtime/Options.cpp: For now we disable concurrent GC on not-X86_64.
(JSC::recomputeDependentOptions):
* runtime/Options.h: Change the default max GC parallelism to 8. I don't know why it was still 7.
* runtime/SamplingProfiler.cpp:
(JSC::SamplingProfiler::stackTracesAsJSON): This needs to defer GC before grabbing its lock.
* runtime/SparseArrayValueMap.cpp: This needed thread safety.
(JSC::SparseArrayValueMap::add):
(JSC::SparseArrayValueMap::remove):
(JSC::SparseArrayValueMap::visitChildren):
* runtime/SparseArrayValueMap.h:
* runtime/Structure.cpp: This had a race between addNewPropertyTransition and visitChildren.
(JSC::Structure::Structure):
(JSC::Structure::materializePropertyTable):
(JSC::Structure::addNewPropertyTransition):
(JSC::Structure::flattenDictionaryStructure):
(JSC::Structure::add): Help out with nuking support - the m_offset needs to play along.
(JSC::Structure::visitChildren):
* runtime/Structure.h: Make some useful things public - like the notion of a lastOffset.
* runtime/StructureChain.cpp:
(JSC::StructureChain::visitChildren): Thread safety!
* runtime/StructureChain.h: Thread safety!
* runtime/StructureIDTable.cpp:
(JSC::StructureIDTable::allocateID): Ensure that we don't get nuked IDs.
* runtime/StructureIDTable.h: Add the notion of a nuked ID! It's a bit that the runtime never sees except during specific shady actions like locked structure-butterfly transitions. "Nuking" tells the GC to steer clear and rescan once we fire the barrier.
(JSC::nukedStructureIDBit):
(JSC::nuke):
(JSC::isNuked):
(JSC::decontaminate):
* runtime/StructureInlines.h:
(JSC::Structure::hasIndexingHeader): Better API.
(JSC::Structure::add):
* runtime/VM.cpp: Better GC interaction.
(JSC::VM::ensureWatchdog):
(JSC::VM::deleteAllLinkedCode):
(JSC::VM::deleteAllCode):
* runtime/VM.h:
(JSC::VM::getStructure): Why wasn't this always an API!
* runtime/WebAssemblyExecutable.cpp:
(JSC::WebAssemblyExecutable::visitChildren): Thread safety.

Source/WebCore:
Concurrent GC should be stable enough to land enabled on X86_64
https://bugs.webkit.org/show_bug.cgi?id=164990

Reviewed by Geoffrey Garen.

Made WebCore down with concurrent marking by adding some locking and adapting to some new API.

This has new test modes in run-sjc-stress-tests. Also, the way that LayoutTests run is already
a fantastic GC test.

* ForwardingHeaders/heap/DeleteAllCodeEffort.h: Added.
* ForwardingHeaders/heap/LockDuringMarking.h: Added.
* bindings/js/GCController.cpp:
(WebCore::GCController::deleteAllCode):
(WebCore::GCController::deleteAllLinkedCode):
* bindings/js/GCController.h:
* bindings/js/JSDOMBinding.cpp:
(WebCore::getCachedDOMStructure):
(WebCore::cacheDOMStructure):
* bindings/js/JSDOMGlobalObject.cpp:
(WebCore::JSDOMGlobalObject::addBuiltinGlobals):
(WebCore::JSDOMGlobalObject::visitChildren):
* bindings/js/JSDOMGlobalObject.h:
(WebCore::getDOMConstructor):
* bindings/js/JSDOMPromise.cpp:
(WebCore::DeferredPromise::DeferredPromise):
(WebCore::DeferredPromise::clear):
* bindings/js/JSXPathResultCustom.cpp:
(WebCore::JSXPathResult::visitAdditionalChildren):
* dom/EventListenerMap.cpp:
(WebCore::EventListenerMap::clear):
(WebCore::EventListenerMap::replace):
(WebCore::EventListenerMap::add):
(WebCore::EventListenerMap::remove):
(WebCore::EventListenerMap::find):
(WebCore::EventListenerMap::removeFirstEventListenerCreatedFromMarkup):
(WebCore::EventListenerMap::copyEventListenersNotCreatedFromMarkupToTarget):
(WebCore::EventListenerIterator::EventListenerIterator):
* dom/EventListenerMap.h:
(WebCore::EventListenerMap::lock):
* dom/EventTarget.cpp:
(WebCore::EventTarget::visitJSEventListeners):
* dom/EventTarget.h:
(WebCore::EventTarget::visitJSEventListeners): Deleted.
* dom/Node.cpp:
(WebCore::Node::eventTargetDataConcurrently):
(WebCore::Node::ensureEventTargetData):
(WebCore::Node::clearEventTargetData):
* dom/Node.h:
* page/MemoryRelease.cpp:
(WebCore::releaseCriticalMemory):
* page/cocoa/MemoryReleaseCocoa.mm:
(WebCore::jettisonExpensiveObjectsOnTopLevelNavigation):
(WebCore::registerMemoryReleaseNotifyCallbacks):

Source/WTF:
Concurrent GC should be stable enough to land enabled on X86_64
https://bugs.webkit.org/show_bug.cgi?id=164990

Reviewed by Geoffrey Garen.

Adds the ability to say:

auto locker = holdLock(any type of lock)

Instead of having to say:

Locker<LockType> locker(locks of type LockType)

I think that we should use "auto locker = holdLock(lock)" as the default way that we acquire
locks unless we need to use a special locker type.

This also adds the ability to safepoint a lock. Safepointing a lock is basically a super fast
way of unlocking it fairly and then immediately relocking it - i.e. letting anyone who is
waiting to run without losing steam of there is noone waiting.

* wtf/Lock.cpp:
(WTF::LockBase::safepointSlow):
* wtf/Lock.h:
(WTF::LockBase::safepoint):
* wtf/LockAlgorithm.h:
(WTF::LockAlgorithm::safepointFast):
(WTF::LockAlgorithm::safepoint):
(WTF::LockAlgorithm::safepointSlow):
* wtf/Locker.h:
(WTF::AbstractLocker::AbstractLocker):
(WTF::Locker::tryLock):
(WTF::Locker::operator bool):
(WTF::Locker::Locker):
(WTF::Locker::operator=):
(WTF::holdLock):
(WTF::tryHoldLock):

Tools:
Concurrent GC should be stable enough to land enabled
https://bugs.webkit.org/show_bug.cgi?id=164990

Reviewed by Geoffrey Garen.

Add a new mode that runs GC continuously. Also made eager modes run GC continuously.

It's clear that this works just fine in release, but I'm still trying to figure out if it's
safe for debug. It might be too slow for debug.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209570 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[CSS Parser] Unskip passing flexbox tests
hyatt@apple.com [Thu, 8 Dec 2016 21:59:02 +0000 (21:59 +0000)]
[CSS Parser] Unskip passing flexbox tests
https://bugs.webkit.org/show_bug.cgi?id=165626

Reviewed by Dean Jackson.

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209569 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoEnable SharedArrayBuffer, remove the flag
fpizlo@apple.com [Thu, 8 Dec 2016 21:56:23 +0000 (21:56 +0000)]
Enable SharedArrayBuffer, remove the flag
https://bugs.webkit.org/show_bug.cgi?id=165614

Rubber stamped by Geoffrey Garen.

Source/JavaScriptCore:

* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
* runtime/RuntimeFlags.h:

Source/WebKit/mac:

* WebView/WebPreferencesPrivate.h:

Source/WebKit/win:

* Interfaces/IWebPreferencesPrivate.idl:

Source/WebKit2:

* UIProcess/API/C/WKPreferencesRefPrivate.h:
* UIProcess/API/Cocoa/WKPreferencesPrivate.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209568 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago@supports fails combinations of conjuctions, disjunctions, and negations of simple...
hyatt@apple.com [Thu, 8 Dec 2016 21:54:21 +0000 (21:54 +0000)]
@supports fails combinations of conjuctions, disjunctions, and negations of simple conditions
https://bugs.webkit.org/show_bug.cgi?id=137566
<rdar://problem/18600949>

Reviewed by Dean Jackson.

* TestExpectations:
Test passes now with new @supports parser.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209567 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[CSS Parser] Add strict checking for right parens to selector functions like :matches...
hyatt@apple.com [Thu, 8 Dec 2016 21:49:18 +0000 (21:49 +0000)]
[CSS Parser] Add strict checking for right parens to selector functions like :matches, :not etc.
https://bugs.webkit.org/show_bug.cgi?id=165624

Reviewed by Dean Jackson.

Source/WebCore:

Unskipped fast/selectors/invalid-functional-pseudo-class.html.

* css/parser/CSSSelectorParser.cpp:
(WebCore::CSSSelectorParser::consumePseudo):
Bail if we don't actually consume a right parenthesis.

LayoutTests:

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209566 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoExit fullscreen on escape key down, not up.
commit-queue@webkit.org [Thu, 8 Dec 2016 21:46:09 +0000 (21:46 +0000)]
Exit fullscreen on escape key down, not up.
https://bugs.webkit.org/show_bug.cgi?id=165618
rdar://problem/29581688

This problem was introduced by https://bugs.webkit.org/show_bug.cgi?id=165416
The fix to only exit fullscreen on key down, not key up.

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-12-08
Reviewed by Jer Noble.

* page/EventHandler.cpp:
(WebCore::EventHandler::keyEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209565 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[WebCrypto] Replace webkitSubtle with subtle for all crypto/workers/subtle/ tests
jiewen_tan@apple.com [Thu, 8 Dec 2016 21:42:53 +0000 (21:42 +0000)]
[WebCrypto] Replace webkitSubtle with subtle for all crypto/workers/subtle/ tests
https://bugs.webkit.org/show_bug.cgi?id=165540

Reviewed by Brent Fulgham.

* crypto/workers/subtle/aes-postMessage-worker.html:
* crypto/workers/subtle/hmac-postMessage-worker.html:
* crypto/workers/subtle/hrsa-postMessage-worker-expected.txt:
* crypto/workers/subtle/hrsa-postMessage-worker.html:
* crypto/workers/subtle/multiple-postMessage-worker.html:
* crypto/workers/subtle/resources/hrsa-postMessage-worker.js:
* crypto/workers/subtle/rsa-postMessage-worker.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209564 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRebaseline some css tests for ios-simulator.
ryanhaddad@apple.com [Thu, 8 Dec 2016 21:42:24 +0000 (21:42 +0000)]
Rebaseline some css tests for ios-simulator.

Unreviewed test gardening.

* platform/ios-simulator/fast/css/font_property_normal-expected.txt:
* platform/ios-simulator/fast/css/image-set-unprefixed-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209563 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[CSS Parser] Unskip grid tests
hyatt@apple.com [Thu, 8 Dec 2016 21:25:59 +0000 (21:25 +0000)]
[CSS Parser] Unskip grid tests
https://bugs.webkit.org/show_bug.cgi?id=165623

Reviewed by Zalan Bujtas.

* TestExpectations:
* fast/css-grid-layout/grid-auto-flow-get-set-expected.txt:
* fast/css-grid-layout/grid-auto-flow-get-set.html:
* fast/css-grid-layout/grid-columns-rows-get-set-expected.txt:
* fast/css-grid-layout/grid-template-shorthand-get-set-expected.txt:
* fast/css-grid-layout/grid-template-shorthand-get-set.html:
* fast/css-grid-layout/non-grid-columns-rows-get-set-expected.txt:
* fast/css-grid-layout/resources/grid-columns-rows-get-set.js:
* fast/css-grid-layout/resources/non-grid-columns-rows-get-set.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209562 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoOverlapping text at AppleSeed forum's footer.
zalan@apple.com [Thu, 8 Dec 2016 21:25:10 +0000 (21:25 +0000)]
Overlapping text at AppleSeed forum's footer.
https://bugs.webkit.org/show_bug.cgi?id=165613

Reviewed by Simon Fraser.

This is a test case for r207219.

* fast/text/float-with-sibling-text-overlaps-when-text-decoration-changes-expected.html: Added.
* fast/text/float-with-sibling-text-overlaps-when-text-decoration-changes.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209561 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly JS API: wire up Instance imports
jfbastien@apple.com [Thu, 8 Dec 2016 21:09:06 +0000 (21:09 +0000)]
WebAssembly JS API: wire up Instance imports
https://bugs.webkit.org/show_bug.cgi?id=165118

Reviewed by Saam Barati.

JSTests:

* wasm/js-api/test_Instance.js: add the test, disabled for now

Source/JavaScriptCore:

Change a bunch of the WebAssembly object model, and pipe the
necessary changes to be able to call JS imports from
WebAssembly. This will make it easier to call_indirect, and
unblock many other missing features.

As a follow-up I need to teach JSC::linkFor to live without a
CodeBlock: wasm doesn't have one and the IC patching is sad. We'll
switch on the callee (or its type?) and then use that as the owner
(because the callee is alive if the instance is alive, ditto
module, and module owns the CallLinkInfo).

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* interpreter/CallFrame.h:
(JSC::ExecState::callee): give access to the callee as a JSCell
* jit/RegisterSet.cpp: dead code from previous WebAssembly implementation
* jsc.cpp:
(callWasmFunction):
(functionTestWasmModuleFunctions):
* runtime/JSCellInlines.h:
(JSC::ExecState::vm): check callee instead of jsCallee: wasm only has a JSCell and not a JSObject
* runtime/VM.cpp:
(JSC::VM::VM): store the "top" WebAssembly.Instance on entry to WebAssembly (and restore the previous one on exit)
* runtime/VM.h:
* testWasm.cpp:
(runWasmTests):
* wasm/JSWebAssembly.h:
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::B3IRGenerator): pass unlinked calls around to shorten their lifetime: they're ony needed until the Plan is done
(JSC::Wasm::B3IRGenerator::addCall):
(JSC::Wasm::createJSToWasmWrapper):
(JSC::Wasm::parseAndCompile): also pass in the function index space, so that imports can be signature-checked along with internal functions
* wasm/WasmB3IRGenerator.h:
* wasm/WasmBinding.cpp: Added.
(JSC::Wasm::importStubGenerator): stubs from wasm to JS
* wasm/WasmBinding.h: Copied from Source/JavaScriptCore/wasm/WasmValidate.h.
* wasm/WasmCallingConvention.h:
(JSC::Wasm::CallingConvention::setupFrameInPrologue):
* wasm/WasmFormat.h: fix the object model
(JSC::Wasm::CallableFunction::CallableFunction):
* wasm/WasmFunctionParser.h: simplify some of the failure condition checks
(JSC::Wasm::FunctionParser<Context>::FunctionParser): need function index space, not just internal functions
(JSC::Wasm::FunctionParser<Context>::parseExpression):
* wasm/WasmModuleParser.cpp: early-create some of the structures which will be needed later
(JSC::Wasm::ModuleParser::parseImport):
(JSC::Wasm::ModuleParser::parseFunction):
(JSC::Wasm::ModuleParser::parseMemory):
(JSC::Wasm::ModuleParser::parseExport):
(JSC::Wasm::ModuleParser::parseCode):
* wasm/WasmModuleParser.h:
(JSC::Wasm::ModuleParser::functionIndexSpace):
(JSC::Wasm::ModuleParser::functionLocations):
* wasm/WasmParser.h:
(JSC::Wasm::Parser::consumeUTF8String):
* wasm/WasmPlan.cpp: pass around the wasm objects at the right time, reducing their lifetime and making it easier to pass them around when needed
(JSC::Wasm::Plan::run):
(JSC::Wasm::Plan::initializeCallees):
* wasm/WasmPlan.h:
(JSC::Wasm::Plan::exports):
(JSC::Wasm::Plan::internalFunctionCount):
(JSC::Wasm::Plan::jsToWasmEntryPointForFunction):
(JSC::Wasm::Plan::takeModuleInformation):
(JSC::Wasm::Plan::takeCallLinkInfos):
(JSC::Wasm::Plan::takeWasmToJSStubs):
(JSC::Wasm::Plan::takeFunctionIndexSpace):
* wasm/WasmValidate.cpp: check function index space instead of only internal functions
(JSC::Wasm::Validate::addCall):
(JSC::Wasm::validateFunction):
* wasm/WasmValidate.h:
* wasm/js/JSWebAssemblyCallee.cpp:
(JSC::JSWebAssemblyCallee::finishCreation):
* wasm/js/JSWebAssemblyCallee.h:
(JSC::JSWebAssemblyCallee::create):
(JSC::JSWebAssemblyCallee::jsToWasmEntryPoint):
* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::create):
(JSC::JSWebAssemblyInstance::JSWebAssemblyInstance):
(JSC::JSWebAssemblyInstance::visitChildren):
* wasm/js/JSWebAssemblyInstance.h: hold the import functions off the end of the Instance
(JSC::JSWebAssemblyInstance::importFunction):
(JSC::JSWebAssemblyInstance::importFunctions):
(JSC::JSWebAssemblyInstance::setImportFunction):
(JSC::JSWebAssemblyInstance::offsetOfImportFunctions):
(JSC::JSWebAssemblyInstance::offsetOfImportFunction):
(JSC::JSWebAssemblyInstance::allocationSize):
* wasm/js/JSWebAssemblyModule.cpp:
(JSC::JSWebAssemblyModule::create):
(JSC::JSWebAssemblyModule::JSWebAssemblyModule):
(JSC::JSWebAssemblyModule::visitChildren):
* wasm/js/JSWebAssemblyModule.h: hold the link call info, the import function stubs, and the function index space
(JSC::JSWebAssemblyModule::signatureForFunctionIndexSpace):
(JSC::JSWebAssemblyModule::importCount):
(JSC::JSWebAssemblyModule::calleeFromFunctionIndexSpace):
* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction): set top Instance on VM
* wasm/js/WebAssemblyFunction.h:
(JSC::WebAssemblyFunction::instance):
* wasm/js/WebAssemblyInstanceConstructor.cpp:
(JSC::constructJSWebAssemblyInstance): handle function imports
* wasm/js/WebAssemblyModuleConstructor.cpp:
(JSC::constructJSWebAssemblyModule): generate the stubs for import functions
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):
* wasm/js/WebAssemblyToJSCallee.cpp: Copied from Source/JavaScriptCore/wasm/js/JSWebAssemblyCallee.cpp.
(JSC::WebAssemblyToJSCallee::create): dummy JSCell singleton which lives on the VM, and is put as the callee in the import stub's frame to identified it when unwinding
(JSC::WebAssemblyToJSCallee::createStructure):
(JSC::WebAssemblyToJSCallee::WebAssemblyToJSCallee):
(JSC::WebAssemblyToJSCallee::finishCreation):
(JSC::WebAssemblyToJSCallee::destroy):
* wasm/js/WebAssemblyToJSCallee.h: Copied from Source/JavaScriptCore/wasm/WasmB3IRGenerator.h.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209560 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[CSS Parser] Unskip background parsing tests
hyatt@apple.com [Thu, 8 Dec 2016 20:57:59 +0000 (20:57 +0000)]
[CSS Parser] Unskip background parsing tests
https://bugs.webkit.org/show_bug.cgi?id=165619

Reviewed by Zalan Bujtas.

Source/WebCore:

Change background-position so that the origin being set is tracked
on a per-x/y basis instead of as a single boolean. The single boolean
caused lousy computed style dumping, since we would switch into verbose
mode for both x and y, even if only one of them had a pair set for it.

* css/CSSComputedStyleDeclaration.cpp:
(WebCore::createPositionListForLayer):
* css/StyleBuilderConverter.h:
(WebCore::StyleBuilderConverter::convertPositionComponent):
* rendering/style/FillLayer.cpp:
(WebCore::FillLayer::FillLayer):
(WebCore::FillLayer::operator=):
(WebCore::FillLayer::fillUnsetProperties):
* rendering/style/FillLayer.h:
(WebCore::FillLayer::isBackgroundXOriginSet):
(WebCore::FillLayer::isBackgroundYOriginSet):
(WebCore::FillLayer::setBackgroundXOrigin):
(WebCore::FillLayer::setBackgroundYOrigin):
(WebCore::FillLayer::clearXPosition):
(WebCore::FillLayer::clearYPosition):
(WebCore::FillLayer::isBackgroundOriginSet): Deleted.

LayoutTests:

* TestExpectations:
* fast/backgrounds/background-position-parsing-2-expected.txt:
* fast/backgrounds/background-position-parsing-2.html:
* fast/backgrounds/background-shorthand-after-set-backgroundSize-expected.txt:
* fast/backgrounds/background-shorthand-after-set-backgroundSize.html:
* fast/backgrounds/background-shorthand-with-backgroundSize-style-expected.txt:
* fast/backgrounds/background-shorthand-with-backgroundSize-style.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209559 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAdd SPI for sending WebsiteSettings to WebProcess during navigation
achristensen@apple.com [Thu, 8 Dec 2016 20:52:35 +0000 (20:52 +0000)]
Add SPI for sending WebsiteSettings to WebProcess during navigation
https://bugs.webkit.org/show_bug.cgi?id=165517
<rdar://29341068>

Source/WebKit2:

We add the ability for the navigation client to send settings to the WebProcess
based on the URL of the document being navigated to. This approach adds no new IPC
messages and allows the application to decide what settings to use during navigation
instead of declaratively before navigation. Right now there is only one setting,
whether to disable content blockers, but this infrastructure can be used for more settings.

Reviewed by Anders Carlsson.

* CMakeLists.txt:
* PlatformMac.cmake:
* Shared/API/APIObject.h:
* Shared/API/c/WKBase.h:
* Shared/WebsitePolicies.h: Added.
(WebKit::WebsitePolicies::encode):
(WebKit::WebsitePolicies::decode):
* UIProcess/API/APINavigationClient.h:
(API::NavigationClient::decidePolicyForNavigationAction):
(API::NavigationClient::decidePolicyForNavigationResponse):
* UIProcess/API/APIPolicyClient.h:
(API::PolicyClient::decidePolicyForNavigationAction):
(API::PolicyClient::decidePolicyForNewWindowAction):
(API::PolicyClient::decidePolicyForResponse):
* UIProcess/API/APIWebsitePolicies.cpp: Added.
(API::WebsitePolicies::create):
* UIProcess/API/APIWebsitePolicies.h: Added.
* UIProcess/API/C/WKAPICast.h:
* UIProcess/API/C/WKFramePolicyListener.cpp:
(WKFramePolicyListenerUse):
(WKFramePolicyListenerUseWithPolicies):
* UIProcess/API/C/WKFramePolicyListener.h:
* UIProcess/API/C/WKPage.cpp:
(WKPageSetPagePolicyClient):
* UIProcess/API/C/WKWebsitePolicies.cpp: Added.
(WKWebsitePoliciesGetTypeID):
(WKWebsitePoliciesCreate):
(WKWebsitePoliciesSetContentBlockersEnabled):
(WKWebsitePoliciesGetContentBlockersEnabled):
* UIProcess/API/C/WKWebsitePolicies.h: Added.
* UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h:
* UIProcess/API/Cocoa/_WKWebsitePolicies.h: Added.
* UIProcess/API/Cocoa/_WKWebsitePolicies.mm: Added.
(-[_WKWebsitePolicies dealloc]):
(-[_WKWebsitePolicies init]):
(-[_WKWebsitePolicies setContentBlockersEnabled:]):
(-[_WKWebsitePolicies contentBlockersEnabled]):
(-[_WKWebsitePolicies description]):
(-[_WKWebsitePolicies _apiObject]):
* UIProcess/API/Cocoa/_WKWebsitePoliciesInternal.h: Added.
(WebKit::wrapper):
* UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::reloadBrowsingContext):
* UIProcess/Cocoa/NavigationState.h:
* UIProcess/Cocoa/NavigationState.mm:
(WebKit::NavigationState::setNavigationDelegate):
(WebKit::tryAppLink):
(WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction):
(WebKit::NavigationState::NavigationClient::decidePolicyForNavigationResponse):
* UIProcess/WebFormSubmissionListenerProxy.cpp:
(WebKit::WebFormSubmissionListenerProxy::continueSubmission):
* UIProcess/WebFrameListenerProxy.cpp:
(WebKit::WebFrameListenerProxy::receivedPolicyDecision):
* UIProcess/WebFrameListenerProxy.h:
* UIProcess/WebFramePolicyListenerProxy.cpp:
(WebKit::WebFramePolicyListenerProxy::use):
(WebKit::WebFramePolicyListenerProxy::download):
(WebKit::WebFramePolicyListenerProxy::ignore):
* UIProcess/WebFramePolicyListenerProxy.h:
(WebKit::WebFramePolicyListenerProxy::create):
* UIProcess/WebFrameProxy.cpp:
(WebKit::WebFrameProxy::receivedPolicyDecision):
* UIProcess/WebFrameProxy.h:
* UIProcess/WebInspectorProxy.cpp:
(WebKit::decidePolicyForNavigationAction):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::receivedPolicyDecision):
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:
* WebKit2.xcodeproj/project.pbxproj:
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

Tools:

Reviewed by Anders Carlsson.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit2/contentBlockerCheck.html: Added.
* TestWebKitAPI/Tests/WebKit2Cocoa/WebsitePolicies.mm: Added.
(-[WebsitePoliciesDelegate webView:decidePolicyForNavigationAction:decisionHandler:]):
(-[WebsitePoliciesDelegate _webView:decidePolicyForNavigationAction:decisionHandler:]):
(-[WebsitePoliciesDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:completionHandler:]):
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209558 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWeb Inspector: Unable to delete breakpoint from worker script
joepeck@webkit.org [Thu, 8 Dec 2016 20:23:41 +0000 (20:23 +0000)]
Web Inspector: Unable to delete breakpoint from worker script
https://bugs.webkit.org/show_bug.cgi?id=165578

Reviewed by Matt Baker.

Source/WebInspectorUI:

* UserInterface/Controllers/DebuggerManager.js:
(WebInspector.DebuggerManager.prototype._removeBreakpoint):
Match setting breakpoints. If this is a "URL breakpoint", affect
all targets. If this is a "Script breakpoint", affect just the
single target containing that Script.

LayoutTests:

* inspector/worker/debugger-shared-breakpoint-expected.txt: Added.
* inspector/worker/debugger-shared-breakpoint.html: Added.
Ensure setting / removing a breakpoint affects all Workers that share
a resource with the same URL.

* inspector/worker/resources/worker-debugger-pause.js:
Add an echo command that will be useful to ensure Workers are not paused.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209557 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRebaseline fast/selectors/nth-last-child-bounds.html after r209548.
ryanhaddad@apple.com [Thu, 8 Dec 2016 20:14:26 +0000 (20:14 +0000)]
Rebaseline fast/selectors/nth-last-child-bounds.html after r209548.

Unreviewed test gardening.

* fast/selectors/nth-child-bounds-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209556 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agopointer lock should exit when a js alert is shown
commit-queue@webkit.org [Thu, 8 Dec 2016 20:01:00 +0000 (20:01 +0000)]
pointer lock should exit when a js alert is shown
https://bugs.webkit.org/show_bug.cgi?id=165423
rdar://problem/29430803

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-12-08
Reviewed by Jer Noble.

Source/WebCore:

Test: pointer-lock/lock-lost-on-alert.html

* page/DOMWindow.cpp:
(WebCore::DOMWindow::alert):
(WebCore::DOMWindow::confirm):
(WebCore::DOMWindow::prompt):

LayoutTests:

* platform/mac/TestExpectations:
* pointer-lock/lock-lost-on-alert-expected.txt: Added.
* pointer-lock/lock-lost-on-alert.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209555 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoSalt network cache hashes
antti@apple.com [Thu, 8 Dec 2016 19:58:21 +0000 (19:58 +0000)]
Salt network cache hashes
https://bugs.webkit.org/show_bug.cgi?id=164924

Reviewed by Alex Christensen.

To enhance privacy make cache content unidentifiable from file names alone.
This is done by generating a unique persistent salt for each cache instance.
It is used when computing hashes used in file names.

The patch also replaces plain text partition directory names with salted hashes.

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::Cache::makeCacheKey):
(WebKit::NetworkCache::makeCacheKey): Deleted.
* NetworkProcess/cache/NetworkCache.h:

    Increment cache version.

* NetworkProcess/cache/NetworkCacheBlobStorage.cpp:
(WebKit::NetworkCache::BlobStorage::BlobStorage):
(WebKit::NetworkCache::BlobStorage::add):
(WebKit::NetworkCache::BlobStorage::get):

    Use salt for blob content hash.

* NetworkProcess/cache/NetworkCacheBlobStorage.h:
* NetworkProcess/cache/NetworkCacheData.cpp:
(WebKit::NetworkCache::computeSHA1):

    For simplicity all SHA1s are now salted.

(WebKit::NetworkCache::makeSalt):
(WebKit::NetworkCache::readOrMakeSalt):

    Read salt if it exists, generate and persist it otherwise.

* NetworkProcess/cache/NetworkCacheData.h:
* NetworkProcess/cache/NetworkCacheKey.cpp:
(WebKit::NetworkCache::Key::Key):

    Remove the "No partition" string and just empty.
    That was only needed to have a directory name of some sort.

(WebKit::NetworkCache::Key::computeHash):

    Use salt for key hash.

(WebKit::NetworkCache::Key::computePartitionHash):

    Separate hash for partition.

* NetworkProcess/cache/NetworkCacheKey.h:
* NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp:
(WebKit::NetworkCache::makeSubresourcesKey):
(WebKit::NetworkCache::SpeculativeLoadManager::PendingFrameLoad::saveToDiskIfReady):
(WebKit::NetworkCache::SpeculativeLoadManager::retrieveSubresourcesEntry):
* NetworkProcess/cache/NetworkCacheStorage.cpp:
(WebKit::NetworkCache::makeSaltFilePath):
(WebKit::NetworkCache::Storage::open):

    Cache can't be opened if we can't read or persist a salt.

(WebKit::NetworkCache::traverseRecordsFiles):
(WebKit::NetworkCache::Storage::Storage):
(WebKit::NetworkCache::Storage::synchronize):
(WebKit::NetworkCache::Storage::recordDirectoryPathForKey):

    Use the partition hash in the directory name instead of a plain text name.

(WebKit::NetworkCache::decodeRecordHeader):
(WebKit::NetworkCache::Storage::readRecord):
(WebKit::NetworkCache::Storage::encodeRecord):
(WebKit::NetworkCache::Storage::traverse):
(WebKit::NetworkCache::Storage::clear):
* NetworkProcess/cache/NetworkCacheStorage.h:
(WebKit::NetworkCache::Storage::salt):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209554 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoEnable JSC restricted options by default in the jsc shell.
mark.lam@apple.com [Thu, 8 Dec 2016 19:43:31 +0000 (19:43 +0000)]
Enable JSC restricted options by default in the jsc shell.
https://bugs.webkit.org/show_bug.cgi?id=165615

Reviewed by Keith Miller.

The jsc shell is only used for debugging and development testing.  We should
allow it to use restricted options like JSC_useDollarVM even for release builds.

* jsc.cpp:
(jscmain):
* runtime/Options.cpp:
(JSC::Options::enableRestrictedOptions):
(JSC::Options::isAvailable):
(JSC::allowRestrictedOptions): Deleted.
* runtime/Options.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209553 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[WebIDL] WebGLContextAttributes should be a dictionary
weinig@apple.com [Thu, 8 Dec 2016 19:09:35 +0000 (19:09 +0000)]
[WebIDL] WebGLContextAttributes should be a dictionary
https://bugs.webkit.org/show_bug.cgi?id=165572

Reviewed by Dean Jackson.

Source/WebCore:

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:
Remove unused files.

* bindings/js/JSHTMLCanvasElementCustom.cpp:
(WebCore::JSHTMLCanvasElement::getContext):
(WebCore::attributesFor3DContext): Deleted.
Re-work getContext to use JSDOMConvert and use the WebGLContextAttributes dictionary.

* bindings/scripts/CodeGeneratorJS.pm:
(NativeToJSValueDOMConvertNeedsState):
(NativeToJSValueDOMConvertNeedsGlobalObject):
Add missing inclusion of dictionaries.

* html/HTMLCanvasElement.cpp:
(WebCore::maxActivePixelMemory):
(WebCore::HTMLCanvasElement::getContext):
(WebCore::HTMLCanvasElement::is2dType):
(WebCore::HTMLCanvasElement::getContext2d):
(WebCore::shouldEnableWebGL):
(WebCore::HTMLCanvasElement::is3dType):
(WebCore::HTMLCanvasElement::getContextWebGL):
* html/HTMLCanvasElement.h:
Refactor context creation of 2d and WebGL contexts into their own functions. Make the
WebGL one take a WebGLContextAttributes struct.

* html/HTMLCanvasElement.idl:
No functionality change. Make IDL match the latest spec.

* html/canvas/CanvasContextAttributes.cpp: Removed.
* html/canvas/CanvasContextAttributes.h: Removed.
Remove unneeded base class.

* html/canvas/WebGLContextAttributes.cpp: Removed.
* html/canvas/WebGLContextAttributes.h:
Instead of a class, we can use a type alias of GraphicsContext3D::Attributes for
WebGLContextAttributes.

* html/canvas/WebGLContextAttributes.idl:
Convert to a dictionary.

* html/canvas/WebGL2RenderingContext.cpp:
* html/canvas/WebGL2RenderingContext.h:
* html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::create):
(WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase):
(WebCore::WebGLRenderingContextBase::clearIfComposited):
(WebCore::WebGLRenderingContextBase::getContextAttributes):
(WebCore::WebGLRenderingContextBase::applyStencilTest):
* html/canvas/WebGLRenderingContextBase.h:
Update to WebGLContextAttributes by value, since it is a simple struct now. Update getContextAttributes
to return a std::optional<WebGLContextAttributes>.

* html/canvas/WebGLRenderingContextBase.idl:
Make getContextAttributes return a nullable WebGLContextAttributes, as per spec.

* platform/graphics/GraphicsContext3D.h:
Sort attributes into categories, one that match WebGLContextAttributes, and the remainder.

LayoutTests:

* fast/canvas/webgl/context-creation-attributes-expected.txt:
Update test results.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209549 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[CSS Parser] Unskip/remove more tests
hyatt@apple.com [Thu, 8 Dec 2016 18:57:34 +0000 (18:57 +0000)]
[CSS Parser] Unskip/remove more tests
https://bugs.webkit.org/show_bug.cgi?id=165611

Reviewed by Zalan Bujtas.

* TestExpectations:
* fast/css/parse-color-int-or-percent-crash.html:
* fast/css/string-quote-binary-expected.txt: Removed.
* fast/css/string-quote-binary.html: Removed.
* fast/masking/parsing-mask-expected.txt:
* fast/masking/parsing-mask.html:
* fast/selectors/nth-child-bounds.html:
* fast/selectors/nth-last-child-bounds-expected.txt:
* fast/selectors/nth-last-child-bounds.html:
* fast/text/text-combine-crash.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209548 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[CSS Parser] Unskip more tests
hyatt@apple.com [Thu, 8 Dec 2016 18:37:23 +0000 (18:37 +0000)]
[CSS Parser] Unskip more tests
https://bugs.webkit.org/show_bug.cgi?id=165610

Reviewed by Zalan Bujtas.

* TestExpectations:
* fast/css/css-selector-text-expected.txt:
* fast/css/css-selector-text.html:
* fast/css/css-set-selector-text-expected.txt:
* fast/css/css-set-selector-text.html:
* fast/css/parsing-css-nth-child-expected.txt:
* fast/css/parsing-css-nth-child.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209547 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDo not create multicolumn context for certain type of renderers.
zalan@apple.com [Thu, 8 Dec 2016 18:20:01 +0000 (18:20 +0000)]
Do not create multicolumn context for certain type of renderers.
https://bugs.webkit.org/show_bug.cgi?id=135601
<rdar://problem/27686300>

Reviewed by David Hyatt.

Source/WebCore:

Certain type of renderers including forms should not initialize multicolumn context for
their inner (shadow) content. It just does not makes sense and is inline with what other browsers do.

Test: fast/multicol/no-multicol-for-textareas.html

* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::willCreateColumns):
(WebCore::RenderBlockFlow::requiresColumns):
* rendering/RenderBlockFlow.h:

LayoutTests:

* fast/multicol/no-multicol-for-textareas-expected.txt: Added.
* fast/multicol/no-multicol-for-textareas.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209546 268f45cc-cd09-0410-ab3c-d52691b4dbfc