WebKit-https.git
5 years agoMarking fast/viewport/ios/width-is-device-width-overflowing* tests as failing on...
ryanhaddad@apple.com [Mon, 14 Dec 2015 21:30:28 +0000 (21:30 +0000)]
Marking fast/viewport/ios/width-is-device-width-overflowing* tests as failing on iOS simulator
https://bugs.webkit.org/show_bug.cgi?id=152135

Unreviewed test gardening.

* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194055 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAX: iOS: Text field variations do not have the correct traits
cfleizach@apple.com [Mon, 14 Dec 2015 21:12:22 +0000 (21:12 +0000)]
AX: iOS: Text field variations do not have the correct traits
https://bugs.webkit.org/show_bug.cgi?id=152237

Reviewed by Mario Sanchez Prada.

Source/WebCore:

Make search fields and text areas use the appropriate iOS traits to
distinguish them.

Test: accessibility/ios-simulator/textentry-traits.html

* accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
(-[WebAccessibilityObjectWrapper _accessibilityTextEntryTraits]):
(-[WebAccessibilityObjectWrapper accessibilityTraits]):

Tools:

Add iOS calls for determing if an object is a search field or a text area.

* DumpRenderTree/AccessibilityUIElement.cpp:
(getIsSearchFieldCallback):
(getIsTextAreaCallback):
(stringForSelectionCallback):
(AccessibilityUIElement::getJSClass):
* DumpRenderTree/AccessibilityUIElement.h:
* DumpRenderTree/ios/AccessibilityUIElementIOS.mm:
(AccessibilityUIElement::identifier):
(AccessibilityUIElement::isTextArea):
(AccessibilityUIElement::isSearchField):
(AccessibilityUIElement::traits):
* WebKitTestRunner/InjectedBundle/AccessibilityUIElement.cpp:
(WTR::AccessibilityUIElement::scrollPageRight):
(WTR::AccessibilityUIElement::hasContainedByFieldsetTrait):
(WTR::AccessibilityUIElement::fieldsetAncestorElement):
(WTR::AccessibilityUIElement::isSearchField):
(WTR::AccessibilityUIElement::isTextArea):
* WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
* WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
* WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:
(WTR::AccessibilityUIElement::fieldsetAncestorElement):
(WTR::AccessibilityUIElement::isTextArea):
(WTR::AccessibilityUIElement::isSearchField):
(WTR::AccessibilityUIElement::rowCount):

LayoutTests:

* accessibility/ios-simulator/textentry-traits-expected.txt: Added.
* accessibility/ios-simulator/textentry-traits.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194054 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMarking fast/viewport/ios/width-is-device-width-overflowing* tests as failing on...
ryanhaddad@apple.com [Mon, 14 Dec 2015 21:03:29 +0000 (21:03 +0000)]
Marking fast/viewport/ios/width-is-device-width-overflowing* tests as failing on iOS simulator
https://bugs.webkit.org/show_bug.cgi?id=152135

Unreviewed test gardening.

* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194053 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMarking fast/picture/image-picture-* as failing on iOS simulator
ryanhaddad@apple.com [Mon, 14 Dec 2015 21:00:20 +0000 (21:00 +0000)]
Marking fast/picture/image-picture-* as failing on iOS simulator
https://bugs.webkit.org/show_bug.cgi?id=152141

Unreviewed test gardening.

* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194052 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemoving failure expectation for css3/blending tests that are now passing on iOS...
ryanhaddad@apple.com [Mon, 14 Dec 2015 20:43:45 +0000 (20:43 +0000)]
Removing failure expectation for css3/blending tests that are now passing on iOS simulator
https://bugs.webkit.org/show_bug.cgi?id=152131

Unreviewed test gardening.

* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194051 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, fix merge issue in a test.
fpizlo@apple.com [Mon, 14 Dec 2015 20:28:23 +0000 (20:28 +0000)]
Unreviewed, fix merge issue in a test.

* b3/testb3.cpp:
(JSC::B3::testCheckTwoMegaCombos):
(JSC::B3::testCheckTwoNonRedundantMegaCombos):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194050 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoB3 should not give ValueReps for the non-stackmap children of a CheckValue to the...
fpizlo@apple.com [Mon, 14 Dec 2015 20:25:30 +0000 (20:25 +0000)]
B3 should not give ValueReps for the non-stackmap children of a CheckValue to the generator callback
https://bugs.webkit.org/show_bug.cgi?id=152224

Reviewed by Geoffrey Garen.

Previously, a stackmap generator for a Check had to know how many children the B3 value for the
Check had at the time of code generation. That meant that B3 could not change the kind of Check
that it was - for example it cannot turn a Check into a Patchpoint and it cannot turn a CheckAdd
into a Check. But just changing the contract so that the stackmap generation params only get the
stackmap children of the check means that B3 can transform Checks as it likes.

This is meant to aid sinking values into checks.

Also, I found that the effects of a Check did not include HeapRange::top(). I think it's best if
exitsSideways does not imply reading top, the way that it does in DFG. In the DFG, that makes
sense because the exit analysis is orthogonal, so the clobber analysis tells you about the reads
not counting OSR exit - if you need to you can conditionally merge that with World based on a
separate exit analysis. But in B3, the Effects object tells you about both exiting and reading,
and it's computed by one analysis. Prior to this change, Check was not setting reads to top() so
we were effectively saying that Effects::reads is meaningless when exitsSideways is true. It
seems more sensible to instead force the analysis to set reads to top() when setting
exitsSideways to true, not least because we only have one such analysis and many users. But it
also makes sense for another reason: it allows us to bound the set of things that the program
will read after it exits. That might not be useful to us now, but it's a nice feature to get for
free. I've seen language features that have behave like exitsSideways that don't also read top,
like an array bounds check that causes sudden termination without making any promises about how
pretty the crash dump will look.

* b3/B3CheckSpecial.cpp:
(JSC::B3::CheckSpecial::generate):
* b3/B3Opcode.h:
* b3/B3Value.cpp:
(JSC::B3::Value::effects):
* b3/testb3.cpp:
(JSC::B3::testSimpleCheck):
(JSC::B3::testCheckLessThan):
(JSC::B3::testCheckMegaCombo):
(JSC::B3::testCheckAddImm):
(JSC::B3::testCheckAddImmCommute):
(JSC::B3::testCheckAddImmSomeRegister):
(JSC::B3::testCheckAdd):
(JSC::B3::testCheckAdd64):
(JSC::B3::testCheckSubImm):
(JSC::B3::testCheckSubBadImm):
(JSC::B3::testCheckSub):
(JSC::B3::testCheckSub64):
(JSC::B3::testCheckNeg):
(JSC::B3::testCheckNeg64):
(JSC::B3::testCheckMul):
(JSC::B3::testCheckMulMemory):
(JSC::B3::testCheckMul2):
(JSC::B3::testCheckMul64):
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::DFG::LowerDFGToLLVM::blessSpeculation):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194048 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemove some Mavericks guards in ServicesOverlayController
timothy_horton@apple.com [Mon, 14 Dec 2015 19:58:14 +0000 (19:58 +0000)]
Remove some Mavericks guards in ServicesOverlayController
https://bugs.webkit.org/show_bug.cgi?id=152238

Reviewed by Darin Adler.

* page/mac/ServicesOverlayController.mm:
(WebCore::ServicesOverlayController::selectionRectsDidChange): Deleted.
(WebCore::ServicesOverlayController::selectedTelephoneNumberRangesChanged): Deleted.
The whole file is already PLATFORM(MAC) guarded, and the 10.9 guards
are no longer necessary.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoTiledCoreAnimationDrawingAreaProxy::createFenceForGeometryUpdate() sets fence port...
timothy_horton@apple.com [Mon, 14 Dec 2015 19:55:46 +0000 (19:55 +0000)]
TiledCoreAnimationDrawingAreaProxy::createFenceForGeometryUpdate() sets fence port on context twice
https://bugs.webkit.org/show_bug.cgi?id=152239
<rdar://problem/22893289>

Reviewed by Darin Adler.

* UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.mm:
(WebKit::TiledCoreAnimationDrawingAreaProxy::createFenceForGeometryUpdate):
No need to setFencePort; createFencePort also installs it on the creating context.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAir: Support Architecture-specific forms and Opcodes
fpizlo@apple.com [Mon, 14 Dec 2015 19:54:15 +0000 (19:54 +0000)]
Air: Support Architecture-specific forms and Opcodes
https://bugs.webkit.org/show_bug.cgi?id=151736

Reviewed by Benjamin Poulain.

This adds really awesome architecture selection to the AirOpcode.opcodes file. If an opcode or
opcode form is unavailable on some architecture, you can still mention its name in C++ code (it'll
still be a member of the enum) but isValidForm() and all other reflective queries will tell you
that it doesn't exist. This will make the instruction selector steer clear of it, and it will
also ensure that the spiller doesn't try to use any unavailable architecture-specific address
forms.

The new capability is documented extensively in a comment in AirOpcode.opcodes.

* b3/air/AirOpcode.opcodes:
* b3/air/opcode_generator.rb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194045 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRebaselining fast/text/emoji.html for iOS simulator
ryanhaddad@apple.com [Mon, 14 Dec 2015 19:53:04 +0000 (19:53 +0000)]
Rebaselining fast/text/emoji.html for iOS simulator
https://bugs.webkit.org/show_bug.cgi?id=152261

Unreviewed test gardening.

* platform/ios-simulator/fast/text/emoji-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194044 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUse existing code for redirects when using NETWORK_SESSION
achristensen@apple.com [Mon, 14 Dec 2015 19:45:07 +0000 (19:45 +0000)]
Use existing code for redirects when using NETWORK_SESSION
https://bugs.webkit.org/show_bug.cgi?id=152207
rdar://problem/23860624

Reviewed by Darin Adler.

This fixes http/tests/cookies/set-cookie-on-redirect.html when using NETWORK_SESSION.

* NetworkProcess/NetworkLoad.cpp:
(WebKit::NetworkLoad::continueWillSendRequest):
(WebKit::NetworkLoad::convertTaskToDownload):
(WebKit::NetworkLoad::willPerformHTTPRedirection):
(WebKit::NetworkLoad::didReceiveChallenge):
* NetworkProcess/NetworkLoad.h:
* NetworkProcess/NetworkSession.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194043 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMisc. small fixes in snippet related code.
mark.lam@apple.com [Mon, 14 Dec 2015 19:44:56 +0000 (19:44 +0000)]
Misc. small fixes in snippet related code.
https://bugs.webkit.org/show_bug.cgi?id=152259

Reviewed by Saam Barati.

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArithMul):
- When loading a constant JSValue for a node, use the one that the node already
  provides instead of reconstructing it.  This is not a bug, but the fix makes
  the code cleaner.

* jit/JITBitAndGenerator.cpp:
(JSC::JITBitAndGenerator::generateFastPath):
- No need to do a bitand with a constant int 0xffffffff operand.

* jit/JITBitOrGenerator.cpp:
(JSC::JITBitOrGenerator::generateFastPath):
- Fix comments: bitor is '|', not '&'.
- No need to do a bitor with a constant int 0 operand.

* jit/JITBitXorGenerator.cpp:
(JSC::JITBitXorGenerator::generateFastPath):
- Fix comments: bitxor is '^', not '&'.

* jit/JITRightShiftGenerator.cpp:
(JSC::JITRightShiftGenerator::generateFastPath):
- Renamed a jump target name to be clearer about its purpose.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194042 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMake UCharIterator createIterator(StringView) visible to other classes
sukolsak@gmail.com [Mon, 14 Dec 2015 19:41:45 +0000 (19:41 +0000)]
Make UCharIterator createIterator(StringView) visible to other classes
https://bugs.webkit.org/show_bug.cgi?id=151917

Reviewed by Darin Adler.

Make UCharIterator createIterator(StringView) in CollatorICU.cpp visible
to other classes so that future patches that will ucol_strcollIter
(including Bug 147604) can use it.

* wtf/unicode/Collator.h:
* wtf/unicode/icu/CollatorICU.cpp:
(WTF::createIterator):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194041 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWe should not employ the snippet code in the DFG if no OSR exit was previously encoun...
mark.lam@apple.com [Mon, 14 Dec 2015 19:39:45 +0000 (19:39 +0000)]
We should not employ the snippet code in the DFG if no OSR exit was previously encountered.
https://bugs.webkit.org/show_bug.cgi?id=152255

Reviewed by Saam Barati.

* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194040 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoB3->Air compare-branch fusion should fuse even if the result of the comparison is...
fpizlo@apple.com [Mon, 14 Dec 2015 19:13:31 +0000 (19:13 +0000)]
B3->Air compare-branch fusion should fuse even if the result of the comparison is used more than once
https://bugs.webkit.org/show_bug.cgi?id=152198

Reviewed by Benjamin Poulain.

If we have a comparison operation that is branched on from multiple places, then we were
previously executing the comparison to get a boolean result in a register and then we were
testing/branching on that register in multiple places. This is actually less efficient than
just fusing the compare/branch multiple times, even though this means that the comparison
executes multiple times. This would only be bad if the comparison fused loads multiple times,
since duplicating loads is both wrong and inefficient. So, this adds the notion of sharing to
compare/branch fusion. If a compare is shared by multiple branches, then we refuse to fuse
the load.

To write the test, I needed to zero-extend 8 to 32. In the process of thinking about how to
do this, I realized that we needed lowerings for SExt8/SExt16. And I realized that the
lowerings for the other extension operations were not fully fleshed out; for example they
were incapable of load fusion. This patch fixes this and also adds some smart strength
reductions for BitAnd(@x, 0xff/0xffff/0xffffffff) - all of which should be lowered to a zero
extension.

This is a big win on asm.js code. It's not enough to bridge the gap to LLVM, but it's a huge
step in that direction.

* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::load8SignedExtendTo32):
(JSC::MacroAssemblerX86Common::zeroExtend8To32):
(JSC::MacroAssemblerX86Common::signExtend8To32):
(JSC::MacroAssemblerX86Common::load16):
(JSC::MacroAssemblerX86Common::load16SignedExtendTo32):
(JSC::MacroAssemblerX86Common::zeroExtend16To32):
(JSC::MacroAssemblerX86Common::signExtend16To32):
(JSC::MacroAssemblerX86Common::store32WithAddressOffsetPatch):
* assembler/X86Assembler.h:
(JSC::X86Assembler::movzbl_rr):
(JSC::X86Assembler::movsbl_rr):
(JSC::X86Assembler::movzwl_rr):
(JSC::X86Assembler::movswl_rr):
(JSC::X86Assembler::cmovl_rr):
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::createGenericCompare):
(JSC::B3::Air::LowerToAir::lower):
* b3/B3ReduceStrength.cpp:
* b3/air/AirOpcode.opcodes:
* b3/testb3.cpp:
(JSC::B3::testCheckMegaCombo):
(JSC::B3::testCheckTwoMegaCombos):
(JSC::B3::testCheckTwoNonRedundantMegaCombos):
(JSC::B3::testCheckAddImm):
(JSC::B3::testTruncSExt32):
(JSC::B3::testSExt8):
(JSC::B3::testSExt8Fold):
(JSC::B3::testSExt8SExt8):
(JSC::B3::testSExt8SExt16):
(JSC::B3::testSExt8BitAnd):
(JSC::B3::testBitAndSExt8):
(JSC::B3::testSExt16):
(JSC::B3::testSExt16Fold):
(JSC::B3::testSExt16SExt16):
(JSC::B3::testSExt16SExt8):
(JSC::B3::testSExt16BitAnd):
(JSC::B3::testBitAndSExt16):
(JSC::B3::testSExt32BitAnd):
(JSC::B3::testBitAndSExt32):
(JSC::B3::testBasicSelect):
(JSC::B3::run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194039 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[iOS] DOM click event may not be dispatched when page has :active style and <input...
commit-queue@webkit.org [Mon, 14 Dec 2015 18:07:19 +0000 (18:07 +0000)]
[iOS] DOM click event may not be dispatched when page has :active style and <input type="search">
https://bugs.webkit.org/show_bug.cgi?id=144451
<rdar://problem/23099482>

Patch by Daniel Bates <dabates@apple.com> on 2015-12-14
Reviewed by Simon Fraser.

Source/WebCore:

Fixes an issue where a DOM click event is not dispatched to an element in a subframe on a page
that has a <input type="search"> and defines a CSS :active pseudo-class for the HTML body element.

On iOS we only dispatch a DOM click event if the content of the page does not change as part of
dispatching a DOM mousemove event at the tapped element as a means of providing a good user
experience on web pages that reveal or hide content based on mouse hover. Currently we consider
the content of the page to have changed if the visibility of any element on the page changes.
In particular we consider the content of the page to have changed if the visibility of a user
agent shadow DOM element changes (e.g. the search field cancel button). Instead we should only
consider visibility changes to the actual web page content and ignore visibility changes to
user agent shadow DOM elements.

Tests: fast/events/can-click-element-on-page-with-active-pseudo-class-and-search-field.html
       fast/forms/search/search-cancel-button-visible-when-input-becomes-disabled.html
       fast/forms/search/search-cancel-button-visible-when-input-becomes-readonly.html
       fast/forms/search/search-cancel-in-formerly-invisible-element.html
       fast/forms/search/search-cancel-toggle-visibility-initially-hidden.html
       fast/forms/search/search-cancel-toggle-visibility-initially-visible.html

* style/StyleResolveTree.cpp:
(WebCore::Style::CheckForVisibilityChangeOnRecalcStyle::~CheckForVisibilityChangeOnRecalcStyle):
Ignore visibility changes to user agent shadow DOM elements.

LayoutTests:

Add a test to ensure that a DOM click event is dispatched to an element in a subframe on a page
with a search field and that specifies a CSS :active pseudo-class that changes the tap highlight
color.

Additionally, add tests to ensure we update the cancel button visibility whenever the visibility
of the search field changes.

* fast/events/can-click-element-on-page-with-active-pseudo-class-and-search-field-expected.txt: Added.
* fast/events/can-click-element-on-page-with-active-pseudo-class-and-search-field.html: Added.
* fast/forms/search/search-cancel-button-visible-when-input-becomes-disabled-expected.html: Added.
* fast/forms/search/search-cancel-button-visible-when-input-becomes-disabled.html: Added.
* fast/forms/search/search-cancel-button-visible-when-input-becomes-readonly-expected.html: Added.
* fast/forms/search/search-cancel-button-visible-when-input-becomes-readonly.html: Added.
* fast/forms/search/search-cancel-in-formerly-invisible-element-expected.html: Added.
* fast/forms/search/search-cancel-in-formerly-invisible-element.html: Added.
* fast/forms/search/search-cancel-toggle-visibility-initially-hidden-expected.html: Added.
* fast/forms/search/search-cancel-toggle-visibility-initially-hidden.html: Added.
* fast/forms/search/search-cancel-toggle-visibility-initially-visible-expected.html: Added.
* fast/forms/search/search-cancel-toggle-visibility-initially-visible.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194038 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION (r162777): Remove Boost Software License from WTF
ddkilzer@apple.com [Mon, 14 Dec 2015 17:44:17 +0000 (17:44 +0000)]
REGRESSION (r162777): Remove Boost Software License from WTF
<http://webkit.org/b/152243>

Reviewed by Darin Adler.

The source code that the Boost Software License was referring to
was removed in r162777 by switching to std::atomic.

* wtf/Atomics.cpp:
* wtf/Atomics.h:
* wtf/ThreadSafeRefCounted.h:
- Remove Boost Software License.
- Update Apple Inc. copyright as needed.
- Refresh Apple Inc. license text.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194037 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRoll out r193974 and follow-up fixes as it caused JSC crashes
cdumez@apple.com [Mon, 14 Dec 2015 17:37:59 +0000 (17:37 +0000)]
Roll out r193974 and follow-up fixes as it caused JSC crashes
https://bugs.webkit.org/show_bug.cgi?id=152256

Source/JavaScriptCore:

Unreviewed, Roll out r193974 and follow-up fixes as it caused JSC crashes.

* API/JSCallbackObject.h:
* builtins/FunctionPrototype.js:
* bytecode/BytecodeBasicBlock.cpp:
(JSC::isBranch):
* bytecode/BytecodeList.json:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
* bytecode/ExitKind.cpp:
(JSC::exitKindToString): Deleted.
* bytecode/ExitKind.h:
* bytecode/PreciseJumpTargets.cpp:
(JSC::getJumpTargetsForBytecodeOffset):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitCheckHasInstance):
(JSC::BytecodeGenerator::emitGetById): Deleted.
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitTypeOf): Deleted.
* bytecompiler/NodesCodegen.cpp:
(JSC::InstanceOfNode::emitBytecode):
(JSC::LogicalOpNode::emitBytecode): Deleted.
(JSC::LogicalOpNode::emitBytecodeInConditionContext): Deleted.
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGHeapLocation.cpp:
(WTF::printInternal):
* dfg/DFGHeapLocation.h:
* dfg/DFGNode.h:
(JSC::DFG::Node::hasCellOperand): Deleted.
(JSC::DFG::Node::hasTransition): Deleted.
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileInstanceOf): Deleted.
(JSC::DFG::SpeculativeJIT::compileArithAdd): Deleted.
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation): Deleted.
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLIntrinsicRepository.h:
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::DFG::LowerDFGToLLVM::compileNode):
(JSC::FTL::DFG::LowerDFGToLLVM::compileCheckHasInstance):
(JSC::FTL::DFG::LowerDFGToLLVM::compileInstanceOf): Deleted.
(JSC::FTL::DFG::LowerDFGToLLVM::compileHasIndexedProperty): Deleted.
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArguments): Deleted.
(JSC::CCallHelpers::setupArgumentsWithExecState): Deleted.
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITInlines.h:
(JSC::JIT::callOperationNoExceptionCheck): Deleted.
(JSC::JIT::callOperation): Deleted.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_check_has_instance):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_check_has_instance):
(JSC::JIT::emitSlow_op_instanceof):
(JSC::JIT::emit_op_is_undefined): Deleted.
(JSC::JIT::emitSlow_op_to_number): Deleted.
(JSC::JIT::emitSlow_op_to_string): Deleted.
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_check_has_instance):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_check_has_instance):
(JSC::JIT::emitSlow_op_instanceof):
(JSC::JIT::emit_op_is_undefined): Deleted.
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions): Deleted.
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* llint/LLIntSlowPaths.h:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/CommonIdentifiers.h:
* runtime/ExceptionHelpers.cpp:
(JSC::invalidParameterInstanceofSourceAppender):
(JSC::createInvalidInstanceofParameterError):
(JSC::createError): Deleted.
(JSC::createNotAFunctionError): Deleted.
(JSC::createNotAnObjectError): Deleted.
* runtime/ExceptionHelpers.h:
* runtime/FunctionPrototype.cpp:
(JSC::FunctionPrototype::addFunctionProperties):
* runtime/FunctionPrototype.h:
* runtime/JSBoundFunction.cpp:
(JSC::JSBoundFunction::create): Deleted.
(JSC::JSBoundFunction::customHasInstance): Deleted.
* runtime/JSBoundFunction.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren): Deleted.
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::throwTypeErrorGetterSetter): Deleted.
* runtime/JSObject.cpp:
(JSC::JSObject::hasInstance):
(JSC::JSObject::defaultHasInstance): Deleted.
(JSC::JSObject::getPropertyNames): Deleted.
(JSC::JSObject::getOwnPropertyNames): Deleted.
* runtime/JSObject.h:
(JSC::JSFinalObject::create): Deleted.
* runtime/JSTypeInfo.h:
(JSC::TypeInfo::TypeInfo):
(JSC::TypeInfo::overridesHasInstance):
* runtime/WriteBarrier.h:
(JSC::WriteBarrierBase<Unknown>::slot):
* tests/es6.yaml:
* tests/stress/instanceof-custom-hasinstancesymbol.js: Removed.
* tests/stress/symbol-hasInstance.js: Removed.

LayoutTests:

Unreviewed, roll out r193974 and follow-up fixes as it caused JSC crashes.

* inspector/model/remote-object-get-properties-expected.txt:
* js/Object-getOwnPropertyNames-expected.txt:
* js/exception-for-nonobject-expected.txt:
* js/exception-instanceof-expected.txt:
* js/instance-of-immediates-expected.txt:
* js/regress/instanceof-bound-expected.txt: Removed.
* js/regress/instanceof-bound.html: Removed.
* js/regress/script-tests/instanceof-bound.js: Removed.
* js/script-tests/Object-getOwnPropertyNames.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194036 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Streams API] Directly use @then as much as possible
youenn.fablet@crf.canon.fr [Mon, 14 Dec 2015 17:27:27 +0000 (17:27 +0000)]
[Streams API] Directly use @then as much as possible
https://bugs.webkit.org/show_bug.cgi?id=151631

Reviewed by Darin Adler.

Moved from @Promise.prototype.@then.@call(promise,...) to promise.@then.(...)
for promise objects that are not exposed to user scripts.

Updated promiseInvokeXX stream utility functions to ensure that returned promise always has a @then.
This allows improving the readability of code calling promiseInvokeXX functions.
Changed invokeOrNoop to promiseInvokeOrNoopNoCatch as invokeOrNoop
result is always wrapped as a promise using Promise.resolve.

No change in behavior.

* Modules/streams/ReadableStream.js:
(initializeReadableStream):
* Modules/streams/ReadableStreamInternals.js:
(teeReadableStream):
(teeReadableStreamBranch2CancelFunction):
(cancelReadableStream):
* Modules/streams/StreamInternals.js:
(shieldingPromiseResolve): introduced this routine to ensure the returned promise has a @then property.
(promiseInvokeOrNoopNoCatch):
(promiseInvokeOrNoop):
(promiseInvokeOrFallbackOrNoop):
* Modules/streams/WritableStream.js:
(initializeWritableStream):
(abort):
* Modules/streams/WritableStreamInternals.js:
(callOrScheduleWritableStreamAdvanceQueue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194035 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[GTK] [JHBuild] package libtool-bin is now required on Debian systems.
clopez@igalia.com [Mon, 14 Dec 2015 16:27:42 +0000 (16:27 +0000)]
[GTK] [JHBuild] package libtool-bin is now required on Debian systems.
https://bugs.webkit.org/show_bug.cgi?id=152252

Reviewed by Sergio Villar Senin.

* gtk/install-dependencies: Add libtool-bin to the list of packages required
for building the JHBuild on Debian systems.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194034 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Streams API] Expose ReadableStream and relatives to Worker
youenn.fablet@crf.canon.fr [Mon, 14 Dec 2015 15:57:48 +0000 (15:57 +0000)]
[Streams API] Expose ReadableStream and relatives to Worker
https://bugs.webkit.org/show_bug.cgi?id=152066

LayoutTests/imported/w3c:

Reviewed by Darin Adler.

Rebasing all worker tests from FAIL to PASS.

* web-platform-tests/streams-api/byte-length-queuing-strategy-expected.txt:
* web-platform-tests/streams-api/count-queuing-strategy-expected.txt:
* web-platform-tests/streams-api/readable-streams/bad-strategies-expected.txt:
* web-platform-tests/streams-api/readable-streams/bad-underlying-sources-expected.txt:
* web-platform-tests/streams-api/readable-streams/brand-checks-expected.txt:
* web-platform-tests/streams-api/readable-streams/cancel-expected.txt:
* web-platform-tests/streams-api/readable-streams/count-queuing-strategy-integration-expected.txt:
* web-platform-tests/streams-api/readable-streams/garbage-collection-expected.txt:
* web-platform-tests/streams-api/readable-streams/general-expected.txt:
* web-platform-tests/streams-api/readable-streams/pipe-through-expected.txt:
* web-platform-tests/streams-api/readable-streams/readable-stream-reader-expected.txt:
* web-platform-tests/streams-api/readable-streams/tee-expected.txt:
* web-platform-tests/streams-api/readable-streams/templated-expected.txt:

Source/WebCore:

Reviewed by Darin Adler.

Moving the code that links internal functions to the GlobalObject in WebCoreJSBuiltinInternals.cpp.
This file should be generated by the builtin generator once refactoring is done.
This code is located in JSBuiltinFunctions::initialize.

Moving ReadableStream private constructors and constants code from JSDOMWindowBase to JSDOMGlobalObject.
Calling JSBuiltinInternalFunctions::initialize in JSDOMGlobalObject so that internals are also available in Worker.

Made ReadableStream and relatives exposed in Worker.

Rebased and fixed style by Xabier Rodriguez Calvar.

Covered by rebased tests.

* CMakeLists.txt:
* Modules/streams/ByteLengthQueuingStrategy.idl:
* Modules/streams/CountQueuingStrategy.idl:
* Modules/streams/ReadableStream.idl:
* Modules/streams/ReadableStreamController.idl:
* Modules/streams/ReadableStreamReader.idl:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSDOMGlobalObject.cpp:
(WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
(WebCore::JSDOMGlobalObject::addBuiltinGlobals):
(WebCore::JSDOMGlobalObject::finishCreation):
(WebCore::JSDOMGlobalObject::visitChildren):
* bindings/js/JSDOMGlobalObject.h:
* bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::finishCreation): Deleted.
(WebCore::JSDOMWindowBase::visitChildren): Deleted.
* bindings/js/JSDOMWindowBase.h:
* bindings/js/WebCoreJSBuiltinInternals.cpp: Added.
(WebCore::JSBuiltinInternalFunctions::JSBuiltinInternalFunctions):
(WebCore::JSBuiltinInternalFunctions::visit):
(WebCore::JSBuiltinInternalFunctions::initialize):
* bindings/js/WebCoreJSBuiltinInternals.h:
* bindings/js/WebCoreJSBuiltins.h:

LayoutTests:

Reviewed by Darin Adler.

Adding ByteLengthQueuingStrategy, CountQueuingStrategy and ReadableStream as worker constructors.

* js/dom/global-constructors-attributes-dedicated-worker-expected.txt:
* platform/efl/js/dom/global-constructors-attributes-dedicated-worker-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194033 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[GTK] Unreviewed gardening.
clopez@igalia.com [Mon, 14 Dec 2015 13:00:42 +0000 (13:00 +0000)]
[GTK] Unreviewed gardening.

* platform/gtk/TestExpectations: Update TestExpectations with the following changes:
  - Remove expectations for tests removed after r193411 r193426 and r19366.
  - Merge repeated expectations from some tests.
  - Mark tests failing after r188159.
  - Update list of imported/blink tests failing.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194032 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMove MathMLOperatorDictionary features into a separate module.
fred.wang@free.fr [Mon, 14 Dec 2015 11:48:48 +0000 (11:48 +0000)]
Move MathMLOperatorDictionary features into a separate module.
https://bugs.webkit.org/show_bug.cgi?id=152242

Reviewed by Martin Robinson.

The definitions, properties and search of the MathML operator dictionary are really independent of the renderer object for math operators.
This patch moves them in a separate module/file to make them more manageable and readable.
No new tests. We already have sufficient test coverage.

* CMakeLists.txt:
* WebCore.vcxproj/WebCore.vcxproj:
* WebCore.vcxproj/WebCore.vcxproj.filters:
* WebCore.xcodeproj/project.pbxproj:
* rendering/mathml/MathMLOperatorDictionary.cpp:
(WebCore::ExtractKey):
(WebCore::ExtractChar):
(WebCore::ExtractKeyHorizontal):
(WebCore::MathMLOperatorDictionary::getEntry):
(WebCore::MathMLOperatorDictionary::isVertical):
* rendering/mathml/MathMLOperatorDictionary.h: Added.
* rendering/mathml/RenderMathMLOperator.cpp:
(WebCore::RenderMathMLOperator::setOperatorProperties):
(WebCore::MathMLOperatorDictionary::ExtractKey): Deleted.
(WebCore::MathMLOperatorDictionary::ExtractChar): Deleted.
(WebCore::MathMLOperatorDictionary::ExtractKeyHorizontal): Deleted.
* rendering/mathml/RenderMathMLOperator.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194031 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[css-grid] Fix height computation of grid items with borders
svillar@igalia.com [Mon, 14 Dec 2015 10:06:08 +0000 (10:06 +0000)]
[css-grid] Fix height computation of grid items with borders
https://bugs.webkit.org/show_bug.cgi?id=151800

Reviewed by Darin Adler.

Source/WebCore:

When computing the logical height of grid items for the
default "min-height: auto;" case we were constraning the
min-content size using constrainLogicalHeightByMinMax()
instead of constrainContentLogicalHeightByMinMax(). The
problem of using the former is that we were adding the borders
twice.

Test: fast/css-grid-layout/grid-item-with-border-in-intrinsic.html

* rendering/RenderBox.cpp:
(WebCore::RenderBox::computeLogicalHeight):

LayoutTests:

* fast/css-grid-layout/grid-item-with-border-in-intrinsic-expected.txt: Added.
* fast/css-grid-layout/grid-item-with-border-in-intrinsic.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194030 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Make TimelineOverview's graph container a subview
mattbaker@apple.com [Mon, 14 Dec 2015 07:24:01 +0000 (07:24 +0000)]
Web Inspector: Make TimelineOverview's graph container a subview
https://bugs.webkit.org/show_bug.cgi?id=152235

Reviewed by Brian Burg.

* UserInterface/Views/TimelineOverview.js:
(WebInspector.TimelineOverview):
Create graph container subview.
(WebInspector.TimelineOverview.prototype._instrumentAdded):
Add overview to the graph container view.
(WebInspector.TimelineOverview.prototype._instrumentRemoved):
Remove overview from the graph container view.
(WebInspector.TimelineOverview.prototype.layout):
No longer necessary to manually lay out overview graphs.
(WebInspector.TimelineOverview.prototype._needsLayout): Deleted.
Removed dead code.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194029 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdopt CGIOSurfaceContextCreateImageReference to avoid unnecessary readback
timothy_horton@apple.com [Mon, 14 Dec 2015 05:27:45 +0000 (05:27 +0000)]
Adopt CGIOSurfaceContextCreateImageReference to avoid unnecessary readback
https://bugs.webkit.org/show_bug.cgi?id=150988
<rdar://problem/18993594>

Reviewed by Darin Adler.

* platform/graphics/GraphicsContext.cpp:
(WebCore::GraphicsContext::drawConsumingImageBuffer):
* platform/graphics/GraphicsContext.h:
* platform/graphics/ImageBuffer.h:
* platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::createBitmapImageAfterScalingIfNeeded):
(WebCore::ImageBuffer::copyImage):
(WebCore::ImageBuffer::sinkIntoImage):
(WebCore::ImageBuffer::sinkIntoNativeImage):
(WebCore::ImageBuffer::drawConsuming):
* platform/graphics/cocoa/IOSurface.h:
* platform/graphics/cocoa/IOSurface.mm:
(IOSurface::createFromImageBuffer):
(IOSurface::sinkIntoImage):
Add sinkIntoImage, sinkIntoNativeImage, and drawConsuming to ImageBuffer,
which all consume the ImageBuffer and allow us to tell the system to
make a CGImage that references the IOSurface, which is in many cases
more efficient than making an image with a "copy" of the IOSurface.
(The copy is done lazily, but we often hit a corner case that causes
it to happen unnecessarily.)

* html/shadow/MediaControlElements.cpp:
(WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
* page/TextIndicator.cpp:
(WebCore::takeSnapshot):
* platform/DragImage.cpp:
(WebCore::createDragImageFromSnapshot):
* platform/graphics/filters/FETile.cpp:
(WebCore::FETile::platformApplySoftware):
* platform/mac/ThemeMac.mm:
(WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
* platform/mediastream/mac/AVVideoCaptureSource.mm:
(WebCore::AVVideoCaptureSource::currentFrameImage):
* rendering/RenderBoxModelObject.cpp:
(WebCore::RenderBoxModelObject::paintFillLayerExtended):
* rendering/RenderThemeMac.mm:
(WebCore::RenderThemeMac::paintProgressBar):
* rendering/svg/RenderSVGResourcePattern.cpp:
(WebCore::RenderSVGResourcePattern::buildPattern):
* svg/graphics/SVGImage.cpp:
(WebCore::SVGImage::drawPatternForContainer):
Adopt sinkIntoImage and drawConsumingImageBuffer in a few places.

* WebCoreSupport/WebContextMenuClient.mm:
(WebContextMenuClient::imageForCurrentSharingServicePickerItem):
Adopt sinkIntoImage and drawConsumingImageBuffer in a few places.

* WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::createSelectionSnapshot):
Adopt sinkIntoImage and drawConsumingImageBuffer in a few places.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194025 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Remove FTL::Output's doubleEqualOrUnordered()
commit-queue@webkit.org [Mon, 14 Dec 2015 04:30:37 +0000 (04:30 +0000)]
[JSC] Remove FTL::Output's doubleEqualOrUnordered()
https://bugs.webkit.org/show_bug.cgi?id=152234

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-12-13
Reviewed by Sam Weinig.

It is unused, one less thing to worry about.

* ftl/FTLB3Output.h:
(JSC::FTL::Output::doubleEqualOrUnordered): Deleted.
* ftl/FTLOutput.h:
(JSC::FTL::Output::doubleEqualOrUnordered): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194024 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAnother fix after r194018.
mitz@apple.com [Mon, 14 Dec 2015 03:31:46 +0000 (03:31 +0000)]
Another fix after r194018.

* Configurations/BaseTarget.xcconfig:
* Configurations/BaseXPCService.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194023 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Mac] Shims used by XPC services are installed inside legacy process bundles
mitz@apple.com [Mon, 14 Dec 2015 03:19:47 +0000 (03:19 +0000)]
[Mac] Shims used by XPC services are installed inside legacy process bundles
https://bugs.webkit.org/show_bug.cgi?id=152233

Reviewed by Sam Weinig.

Have the shim dylibs installed in the framework’s Frameworks directory instead.

* Configurations/BaseLegacyProcess.xcconfig: Simplified now that EXCLUDED_SHIM_FILE_NAME is
  no longer defined, because shims aren’t copied into legacy processes.

* Configurations/NetworkProcess.xcconfig: Removed definition of EXCLUDED_SHIM_FILE_NAME.
* Configurations/PluginProcess.xcconfig: Ditto.
* Configurations/WebContentProcess.xcconfig: Ditto.

* Configurations/Shim.xcconfig: Install the shims when building for OS X. Added definitions
  of INSTALL_PATH and DYLIB_INSTALL_NAME_BASE which are now common to all shims.

* Configurations/PluginProcessShim.xcconfig: Removed definitions of INSTALL_PATH and
  DYLIB_INSTALL_NAME_BASE from here, now that they are defined for all shims in
  Shim.xcconfig.
* Configurations/SecItemShim.xcconfig: Ditto.
* Configurations/WebProcessShim.xcconfig:

* Configurations/WebKit.xcconfig: Added the shims to EXCLUDED_SOURCE_FILE_NAMES for iOS.

* NetworkProcess/EntryPoint/mac/XPCService/NetworkService/Info-OSX-10.9-10.10.plist: Changed
  the value of DYLD_INSERT_LIBRARIES to point to the shim’s new location.
* PluginProcess/EntryPoint/mac/XPCService/PluginService.32-64-10.9-10.10.Info.plist: Ditto.
* WebProcess/EntryPoint/mac/XPCService/WebContentService/Info-OSX-10.9-10.10.plist: Ditto.

* UIProcess/Launcher/mac/ProcessLauncherMac.mm:
(WebKit::computeProcessShimPath): Changed to return the new paths, which are all inside the
  framework’s Frameworks directory.

* WebKit2.xcodeproj/project.pbxproj:
- Removed references to WRAPPER_NAME from the “Copy XPC services for engineering builds”
  build phase in the All target, becase WRAPPER_NAME is empty in an aggregate target.
- Removed the PlugInProcess target’s dependency on the PluginProcessShim target and its
  Copy Plug-in Process Shim build phase.
- Removed the NetworkProcess target’s dependency on the SecItemShim target and its Copy
  Sec Item Shim build phase.
- Removed the WebProcess target’s dependency on the WebProcessShim target and its Copy
  WebProcessShim build phase.
- Made the WebKit target depend on the shim targets, and added to it a Copy Shims build
  phase that copies the shims into the framework’s Frameworks directory.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194022 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Should not emit get_by_id for indexed property access
utatane.tea@gmail.com [Mon, 14 Dec 2015 02:52:51 +0000 (02:52 +0000)]
[JSC] Should not emit get_by_id for indexed property access
https://bugs.webkit.org/show_bug.cgi?id=151354

Reviewed by Darin Adler.

Before this patch, `a["1"]` is converted to `a.1` get_by_id operation in the bytecode compiler.
get_by_id emits IC. IC rely on the fact that Structure transition occur when adding / removing object's properties.
However, it's not true for indexed element properties. They are stored in the element storage and Structure transition does not occur.

For example, in the following case,

     function getOne(a) { return a['1']; }

     for (var i = 0; i < 36; ++i)
         getOne({2: true});

     if (!getOne({1: true}))
         throw new Error("OUT");

In this case, `a['1']` creates get_by_id. `getOne({2: true})` calls makes getOne's get_by_id to create IC says that,
"when comming this structure chain, there is no property in "1", so we should return `undefined`".

After that, we call `getOne({1: true})`. But in this case, `{2: true}` and `{1: true}` have the same structure chain,
because indexed property addition does not occur structure transition.
So previous IC fast path is used and return `undefined`. But the correct answer is returning `true`.

This patch fixes the above issue. When there is string bracket access, we only emits get_by_id if the given string is not an index.
There are bugs in get_by_id, put_by_id, put_by_id (direct). But only get_by_id poses user observable issue.
Because in the put_by_id case, the generic path just says "this put is uncacheable".

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitGetById):
(JSC::BytecodeGenerator::emitPutById):
(JSC::BytecodeGenerator::emitDirectPutById):
* bytecompiler/NodesCodegen.cpp:
(JSC::isNonIndexStringElement):
(JSC::BracketAccessorNode::emitBytecode):
(JSC::FunctionCallBracketNode::emitBytecode):
(JSC::AssignBracketNode::emitBytecode):
(JSC::ObjectPatternNode::bindValue):
* tests/stress/element-property-get-should-not-handled-with-get-by-id.js: Added.
(getOne):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194021 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoBuild fix.
mitz@apple.com [Mon, 14 Dec 2015 00:05:54 +0000 (00:05 +0000)]
Build fix.

* Configurations/PluginProcess.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194019 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Mac] Shims aren’t inserted properly on Yosemite when building with the El Capitan SDK
mitz@apple.com [Sun, 13 Dec 2015 23:21:35 +0000 (23:21 +0000)]
[Mac] Shims aren’t inserted properly on Yosemite when building with the El Capitan SDK
https://bugs.webkit.org/show_bug.cgi?id=152229

Reviewed by Darin Adler.

* Configurations/BaseTarget.xcconfig: Defined WK_LINK_SHIM on OS X to YES or NO based on the
  target version.
* Configurations/BaseXPCService.xcconfig: Define WK_XPC_SERVICE_INFOPLIST_SUFFIX to
  "-10.9-10.10" when targeting those OS X versions.
* Configurations/NetworkService.xcconfig: Use WK_XPC_SERVICE_INFOPLIST_SUFFIX in the
  definition of INFOPLIST_FILE. Use WK_LINK_SHIM in the definition of OTHER_LDFLAGS.
* Configurations/PluginProcess.xcconfig: Use WK_LINK_SHIM in the definition of
  LDFLAGS_SHIM_Production for OS X.
* Configurations/PluginService.32.xcconfig: Use WK_XPC_SERVICE_INFOPLIST_SUFFIX in the
  definition of INFOPLIST_FILE. Use WK_LINK_SHIM in the definition of OTHER_LDFLAGS.
* Configurations/PluginService.64.xcconfig: Ditto.
* Configurations/WebContentService.xcconfig: Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194018 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCachedScript could have a copy-free path for all-ASCII scripts.
akling@apple.com [Sun, 13 Dec 2015 20:03:24 +0000 (20:03 +0000)]
CachedScript could have a copy-free path for all-ASCII scripts.
<https://webkit.org/b/152203>

Source/JavaScriptCore:

Reviewed by Antti Koivisto.

Make SourceProvider vend a StringView instead of a String.
This relaxes the promises that providers have to make about string lifetimes.

This means that on the WebCore side, CachedScript is free to cache a String
internally, while only ever exposing it as a temporary StringView.

A few extra copies (CPU, not memory) are introduced, none of them on hot paths.

* API/JSScriptRef.cpp:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::sourceCodeForTools):
(JSC::CodeBlock::dumpSource):
* inspector/ScriptDebugServer.cpp:
(Inspector::ScriptDebugServer::dispatchDidParseSource):
(Inspector::ScriptDebugServer::dispatchFailedToParseSource):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::execute):
* jsc.cpp:
(functionFindTypeForExpression):
(functionHasBasicBlockExecuted):
(functionBasicBlockExecutionCount):
* parser/Lexer.cpp:
(JSC::Lexer<T>::setCode):
* parser/Lexer.h:
(JSC::Lexer<LChar>::setCodeStart):
(JSC::Lexer<UChar>::setCodeStart):
* parser/Parser.h:
(JSC::Parser::getToken):
* parser/SourceCode.cpp:
(JSC::SourceCode::toUTF8):
* parser/SourceCode.h:
(JSC::SourceCode::hash):
(JSC::SourceCode::view):
(JSC::SourceCode::toString): Deleted.
* parser/SourceCodeKey.h:
(JSC::SourceCodeKey::SourceCodeKey):
(JSC::SourceCodeKey::string):
* parser/SourceProvider.h:
(JSC::SourceProvider::getRange):
* runtime/Completion.cpp:
(JSC::loadAndEvaluateModule):
(JSC::loadModule):
* runtime/ErrorInstance.cpp:
(JSC::appendSourceToError):
* runtime/FunctionPrototype.cpp:
(JSC::functionProtoFuncToString):
* tools/FunctionOverrides.cpp:
(JSC::initializeOverrideInfo):
(JSC::FunctionOverrides::initializeOverrideFor):

Source/WebCore:

Reviewed by ANtti Koivisto.

Many (if not most) of script resources on the web contain nothing but ASCII characters.
Such resources, when streamed through a text decoder, will yield the exact same byte
sequence, except in anonymous heap memory instead of delicious file-backed pages.

Care is taken to ensure that the wrapper StringImpl is updated to target newly cached
resource data if an asynchronous caching notification comes in.

* loader/cache/CachedResource.cpp:
(WebCore::CachedResource::tryReplaceEncodedData):
* loader/cache/CachedResource.h:
(WebCore::CachedResource::didReplaceSharedBufferContents):
* loader/cache/CachedScript.cpp:
(WebCore::encodingMayBeAllASCII):
(WebCore::CachedScript::script):
(WebCore::CachedScript::didReplaceSharedBufferContents):
* loader/cache/CachedScript.h:
* platform/SharedBuffer.h:
* platform/cf/SharedBufferCF.cpp:
(WebCore::SharedBuffer::tryReplaceContentsWithPlatformBuffer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194017 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoClean up absolute positioned map properly.
zalan@apple.com [Sun, 13 Dec 2015 16:18:07 +0000 (16:18 +0000)]
Clean up absolute positioned map properly.
https://bugs.webkit.org/show_bug.cgi?id=152219
rdar://problem/23861165

Reviewed by Simon Fraser.

We insert positioned renderers into a static map (RenderBlock::gPositionedDescendantsMap) to keep track of them.
Since this static map is at block level, (positioned)inline renderers use their containing block to store
their positioned descendants.
This patch ensures that when an inline element can no longer hold positioned children, we remove them from
the inline's containing block's map. -unless the container itself can hold positioned renderers(see RenderElement::canContainAbsolutelyPositionedObjects).

Source/WebCore:

Test: fast/block/positioning/crash-when-positioned-inline-has-positioned-child.html

* rendering/RenderInline.cpp:
(WebCore::RenderInline::styleWillChange):
* rendering/RenderInline.h:

LayoutTests:

* fast/block/positioning/crash-when-positioned-inline-has-positioned-child-expected.txt: Added.
* fast/block/positioning/crash-when-positioned-inline-has-positioned-child.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194016 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAX: [EFL] Anonymous render block flow elements should be exposed as ATK_ROLE_SECTION...
jdiggs@igalia.com [Sun, 13 Dec 2015 14:07:40 +0000 (14:07 +0000)]
AX: [EFL] Anonymous render block flow elements should be exposed as ATK_ROLE_SECTION; not ATK_ROLE_PANEL
https://bugs.webkit.org/show_bug.cgi?id=152079

Reviewed by Chris Fleizach.

Source/WebCore:

Map the element to WebCore AccessibilityRole DivRole for EFL. As with GTK, this
is being done in the shared layer rather than in the platform layer because we
want all subsequent logic to treat anonymous render block flow elements as divs.

No new tests. We already have sufficient test coverage. The expectations
been updated accordingly.

* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::determineAccessibilityRole):

LayoutTests:

* platform/efl/accessibility/deleting-iframe-destroys-axcache-expected.txt: Added.
* platform/efl/accessibility/image-link-expected.txt: Updated.
* platform/efl/accessibility/image-with-alt-and-map-expected.txt: Updated.
* platform/efl/accessibility/lists-expected.txt: Updated.
* platform/efl/accessibility/media-element-expected.txt: Updated

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: TextExpectations gardening to run more tests.
beidson@apple.com [Sun, 13 Dec 2015 08:25:40 +0000 (08:25 +0000)]
Modern IDB: TextExpectations gardening to run more tests.
https://bugs.webkit.org/show_bug.cgi?id=152217

Reviewed by Alex Christensen.

* platform/mac-wk1/TestExpectations: 5 crash/timeout tests now either pass or merely have text failures.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194014 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: CodeMirrorTokenTrackingController handles symbols in class definitions...
mattbaker@apple.com [Sun, 13 Dec 2015 05:09:44 +0000 (05:09 +0000)]
Web Inspector: CodeMirrorTokenTrackingController handles symbols in class definitions incorrectly
https://bugs.webkit.org/show_bug.cgi?id=152218

Reviewed by Timothy Hatcher.

* UserInterface/Controllers/CodeMirrorTokenTrackingController.js:
(WebInspector.CodeMirrorTokenTrackingController.prototype._processJavaScriptExpression):
Stop checking for object literal shorthand property if an open parenthesis is found.
This check became necessary with the introduction of ES6 class syntax.

* UserInterface/Views/CodeMirrorAdditions.js:
Use localState when available, to prevent passing a state that doesn't define a tokenize property.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194013 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: Update a couple of tests that fail only because of error message differences.
beidson@apple.com [Sat, 12 Dec 2015 23:49:46 +0000 (23:49 +0000)]
Modern IDB: Update a couple of tests that fail only because of error message differences.
https://bugs.webkit.org/show_bug.cgi?id=152205

Reviewed by Alex Christensen.

* platform/mac-wk1/TestExpectations:
* storage/indexeddb/objectstore-autoincrement-expected.txt:
* storage/indexeddb/open-cursor-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194012 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Add lowering for B3's Store8 opcode
benjamin@webkit.org [Sat, 12 Dec 2015 23:04:54 +0000 (23:04 +0000)]
[JSC] Add lowering for B3's Store8 opcode
https://bugs.webkit.org/show_bug.cgi?id=152208

Reviewed by Geoffrey Garen.

B3 has an opcode to store 8bit values but it had
no lowering.

* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::createStore):
(JSC::B3::Air::LowerToAir::lower):
* b3/air/AirOpcode.opcodes:
* b3/testb3.cpp:
(JSC::B3::testStore8Arg):
(JSC::B3::testStore8Imm):
(JSC::B3::testStorePartial8BitRegisterOnX86):
(JSC::B3::run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194011 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: storage/indexeddb/index-duplicate-keypaths.html fails.
beidson@apple.com [Sat, 12 Dec 2015 22:03:09 +0000 (22:03 +0000)]
Modern IDB: storage/indexeddb/index-duplicate-keypaths.html fails.
https://bugs.webkit.org/show_bug.cgi?id=152201

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (At least one failing test now passes).

The spec states that if an object store uses a key generator, and then a record is stored whose
key was an explicitly set number, then the key generator value should be bumped to the next
integer higher than the explicit number.

We didn't do that.

Now we do.

* Modules/indexeddb/IndexedDB.h: Add an "OverwriteForCursor" option for overwrite mode.

* Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
(WebCore::IDBClient::IDBObjectStore::putForCursorUpdate): Use the "OverwriteForCursor" mode.

* Modules/indexeddb/server/IDBBackingStore.h: Add maybeUpdateKeyGeneratorNumber

* Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
(WebCore::IDBServer::MemoryIDBBackingStore::maybeUpdateKeyGeneratorNumber): If the number value
  from the provided key should bump the key generator value, do so now.
* Modules/indexeddb/server/MemoryIDBBackingStore.h:

* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd): After successfully adding the new record,
  possibly bump the key generator value.

LayoutTests:

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194010 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION (r191613): Web Inspector: Can't type spaces when editing DOM nodes
commit-queue@webkit.org [Sat, 12 Dec 2015 17:37:35 +0000 (17:37 +0000)]
REGRESSION (r191613): Web Inspector: Can't type spaces when editing DOM nodes
https://bugs.webkit.org/show_bug.cgi?id=152173

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-12-12
Reviewed by Timothy Hatcher.

* UserInterface/Views/TimelineSidebarPanel.js:
(WebInspector.TimelineSidebarPanel):
Disable the keyboard shortcuts when they are created. They will be
enabled when the panel is shown / hidden. It doesn't really make sense
that these are on the sidebar panel instead of the tab, but things
will be changing in Timelines soon anyways so just fix this now.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194009 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: "Selected Element" should use sans-serif font, not monospace
nvasilyev@apple.com [Sat, 12 Dec 2015 17:32:15 +0000 (17:32 +0000)]
Web Inspector: "Selected Element" should use sans-serif font, not monospace
https://bugs.webkit.org/show_bug.cgi?id=152212

Reviewed by Timothy Hatcher.

* UserInterface/Views/ConsoleMessageView.css:
(.console-user-command.special-user-log > .console-message-text):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194008 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ARM] Add the missing setupArgumentsWithExecState functions after r193974
ossy@webkit.org [Sat, 12 Dec 2015 11:21:49 +0000 (11:21 +0000)]
[ARM] Add the missing setupArgumentsWithExecState functions after r193974
https://bugs.webkit.org/show_bug.cgi?id=152214

Reviewed by Mark Lam.

* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194007 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSafari background tabs should be fully suspended where possible.
commit-queue@webkit.org [Sat, 12 Dec 2015 09:26:42 +0000 (09:26 +0000)]
Safari background tabs should be fully suspended where possible.
https://bugs.webkit.org/show_bug.cgi?id=150515

Patch by Katlyn Graff <kgraff@apple.com> on 2015-12-12
Reviewed by Ryosuke Niwa.

Source/WebCore:

Support for tab suspension for Mac, enabled by defaults writing to WebKitTabSuspension.
Page-down suspension consolidated with PageCache suspension code in Document::
suspend and Document::resume. Pages canTabSuspend if cacheable, nonvisible, nonprerender,
and nonactive.

* dom/Document.cpp: moved scrollbar handling from setInPageCache to suspend/resume
(WebCore::Document::suspend): moved scrollbar, dom, animation, timer, and visual update suspending into here
(WebCore::Document::resume): moved scrollbar, dom, animation, timer, and visual update resuming into here
* dom/Document.h: added m_isSuspended to prevent repeat calls from PageCache/Tab Suspension contention
* history/CachedFrame.cpp: moved dom, animation, and timer suspension into Document::suspend
(WebCore::CachedFrame::CachedFrame):
       * history/PageCache.cpp: Added a few nullchecks to prevent crashes if canCacheFrame is called but document is null
(WebCore::PageCache::canCacheFrame):
* page/Page.cpp:
(WebCore::Page::Page): Added timer to fire delayed suspension
(WebCore::Page::setPageActivityState): Added a call to schedule tab suspension
(WebCore::Page::setIsVisibleInternal): Added a call to schedule tab suspension
(WebCore::Page::canTabSuspend): Added support for suspending if cacheable, nonvisible, nonprerender, and nonactive
(WebCore::Page::setIsTabSuspended): Added a function to suspend or resume tabs
(WebCore::Page::setTabSuspensionEnabled): Added support for a defaults write enable
(WebCore::Page::scheduleTabSuspension): Added ability to schedule the suspension timer to fire or resume
(WebCore::Page::timerFired): Added a suspension timer
* page/Page.h:
* page/PageThrottler.h:
(WebCore::PageThrottler::activityState): Added access to m_activityState for canTabSuspend

Source/WebKit2:

Added a runtime flag enabling tab suspension, default off.

* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::WebProcessCreationParameters):
(WebKit::WebProcessCreationParameters::encode):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::registerUserDefaultsIfNeeded):
(WebKit::WebProcessPool::platformInitializeWebProcess):
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194006 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Too many derefs when RemoteInspectorXPCConnection fails to validate...
joepeck@webkit.org [Sat, 12 Dec 2015 07:44:07 +0000 (07:44 +0000)]
Web Inspector: Too many derefs when RemoteInspectorXPCConnection fails to validate connection
https://bugs.webkit.org/show_bug.cgi?id=152213

Rubber-stamped by Ryosuke Niwa.

* inspector/remote/RemoteInspectorXPCConnection.mm:
(Inspector::RemoteInspectorXPCConnection::handleEvent):
We should just close the XPC connection triggering XPC_ERROR_CONNECTION_INVALID
which will then graceful teardown the connection as expected.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194005 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMousewheel events don't work in iframes in RTL documents
simon.fraser@apple.com [Sat, 12 Dec 2015 06:58:15 +0000 (06:58 +0000)]
Mousewheel events don't work in iframes in RTL documents
https://bugs.webkit.org/show_bug.cgi?id=152200

Reviewed by Beth Dakin.

Source/WebCore:

When dispatching wheel events, the testing of the event point against the
non-fast scrollable region was broken in an RTL document. Fix by taking
the scrollOrigin into account in ScrollingTreeFrameScrollingNode::viewToContentsOffset().

Test: fast/scrolling/rtl-point-in-iframe.html

* page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
(WebCore::ScrollingTreeFrameScrollingNode::viewToContentsOffset):

LayoutTests:

Try dispatching wheel events to an iframe in an RTL document.

* fast/scrolling/rtl-point-in-iframe-expected.txt: Added.
* fast/scrolling/rtl-point-in-iframe.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194004 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Add Floating Point Abs() to B3
commit-queue@webkit.org [Sat, 12 Dec 2015 06:10:07 +0000 (06:10 +0000)]
[JSC] Add Floating Point Abs() to B3
https://bugs.webkit.org/show_bug.cgi?id=152176

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-12-11
Reviewed by Geoffrey Garen.

This patch adds an Abs() operation for floating point.

On x86, Abs() is implemented by masking the top bit
of the floating point value. On ARM64, there is a builtin
abs opcode.

To account for those differences, B3 use "Abs" as
the cannonical operation. When we are about to lower
to Air, Abs is extended on x86 to get a clean handling
of the mask constants.

This patch has one cool thing related to FTL.
If you do:
   @1 = unboxDouble(@0)
   @2 = abs(@1)
   @3 = boxDouble(@2)

B3ReduceStrength completely eliminate the Double-Integer
conversion.

The strength reduction of Abs is aware that it can do a bit
mask over the bitcast used by unboxing.
If even works if you use floats by forcing fround: reduceDoubleToFloat()
elminiates the useless conversions, followed by ReduceStrength
that removes the switch from GP to FP.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::andDouble):
(JSC::MacroAssemblerX86Common::andFloat):
* assembler/X86Assembler.h:
(JSC::X86Assembler::andps_rr):
* b3/B3ConstDoubleValue.cpp:
(JSC::B3::ConstDoubleValue::bitAndConstant):
(JSC::B3::ConstDoubleValue::absConstant):
* b3/B3ConstDoubleValue.h:
* b3/B3ConstFloatValue.cpp:
(JSC::B3::ConstFloatValue::bitAndConstant):
(JSC::B3::ConstFloatValue::absConstant):
* b3/B3ConstFloatValue.h:
* b3/B3Generate.cpp:
(JSC::B3::generateToAir):
* b3/B3LowerMacrosAfterOptimizations.cpp: Added.
(JSC::B3::lowerMacrosAfterOptimizations):
* b3/B3LowerMacrosAfterOptimizations.h: Added.
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
* b3/B3Opcode.cpp:
(WTF::printInternal):
* b3/B3Opcode.h:
* b3/B3ReduceDoubleToFloat.cpp:
* b3/B3ReduceStrength.cpp:
* b3/B3Validate.cpp:
* b3/B3Value.cpp:
(JSC::B3::Value::absConstant):
(JSC::B3::Value::effects):
(JSC::B3::Value::key):
(JSC::B3::Value::typeFor):
* b3/B3Value.h:
* b3/air/AirOpcode.opcodes:
* b3/testb3.cpp:
(JSC::B3::bitAndDouble):
(JSC::B3::testBitAndArgDouble):
(JSC::B3::testBitAndArgsDouble):
(JSC::B3::testBitAndArgImmDouble):
(JSC::B3::testBitAndImmsDouble):
(JSC::B3::bitAndFloat):
(JSC::B3::testBitAndArgFloat):
(JSC::B3::testBitAndArgsFloat):
(JSC::B3::testBitAndArgImmFloat):
(JSC::B3::testBitAndImmsFloat):
(JSC::B3::testBitAndArgsFloatWithUselessDoubleConversion):
(JSC::B3::testAbsArg):
(JSC::B3::testAbsImm):
(JSC::B3::testAbsMem):
(JSC::B3::testAbsAbsArg):
(JSC::B3::testAbsBitwiseCastArg):
(JSC::B3::testBitwiseCastAbsBitwiseCastArg):
(JSC::B3::testAbsArgWithUselessDoubleConversion):
(JSC::B3::testAbsArgWithEffectfulDoubleConversion):
(JSC::B3::run):
* ftl/FTLB3Output.h:
(JSC::FTL::Output::doubleAbs):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194003 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoASSERTION FAILED: !rect.isEmpty() in WebCore::GraphicsContext::drawRect
zalan@apple.com [Sat, 12 Dec 2015 03:26:36 +0000 (03:26 +0000)]
ASSERTION FAILED: !rect.isEmpty() in WebCore::GraphicsContext::drawRect
https://bugs.webkit.org/show_bug.cgi?id=151201

Reviewed by Simon Fraser.

Drawing empty rect is a waste.

Source/WebCore:

Test: fast/borders/empty-drawrect-assert-after-pixelsnap.html

* rendering/RenderElement.cpp:
(WebCore::RenderElement::drawLineForBoxSide):

LayoutTests:

* fast/borders/empty-drawrect-assert-after-pixelsnap-expected.txt: Added.
* fast/borders/empty-drawrect-assert-after-pixelsnap.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194002 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoStrip out Referer header when requesting subresources or following links for document...
jiewen_tan@apple.com [Sat, 12 Dec 2015 02:26:45 +0000 (02:26 +0000)]
Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
https://bugs.webkit.org/show_bug.cgi?id=152102
<rdar://problem/22124230>

Reviewed by Andy Estes.

Source/WebCore:

Keep the ReferrerPolicy for a document as ReferrerPolicyNever if the document is loaded with
"Content-Disposition: attachment".

Test: http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html

* dom/Document.cpp:
(WebCore::Document::processReferrerPolicy):
(WebCore::Document::applyContentDispositionAttachmentSandbox):

LayoutTests:

* http/tests/contentdispositionattachmentsandbox/resources/echo-http-referer.php: Added.
* http/tests/contentdispositionattachmentsandbox/resources/subresource-request-not-include-referer-header-frame.php: Added.
* http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header-expected.txt: Added.
* http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194001 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[MediaStream] Add a setting to allow the mock media capture devices to be enabled...
eric.carlson@apple.com [Sat, 12 Dec 2015 01:52:43 +0000 (01:52 +0000)]
[MediaStream] Add a setting to allow the mock media capture devices to be enabled and disabled
https://bugs.webkit.org/show_bug.cgi?id=152197

Reviewed by Dean Jackson.

Source/WebCore:

Test: fast/mediastream/mock-media-source.html

* page/Settings.cpp:
(WebCore::Settings::mockCaptureDevicesEnabled):
(WebCore::Settings::setMockCaptureDevicesEnabled):
* page/Settings.h:

* platform/mediastream/RealtimeMediaSourceCenter.cpp:
(WebCore::RealtimeMediaSourceCenter::setSharedStreamCenterOverride): Renamed.
(WebCore::RealtimeMediaSourceCenter::setSharedStreamCenter): Deleted.
* platform/mediastream/RealtimeMediaSourceCenter.h:

* platform/mock/MockRealtimeMediaSourceCenter.cpp:
(WebCore::MockRealtimeMediaSourceCenter::setMockRealtimeMediaSourceCenterEnabled): Renamed. Allow
  it to be enabled and disabled.
(WebCore::MockRealtimeMediaSourceCenter::registerMockRealtimeMediaSourceCenter): Deleted.
* platform/mock/MockRealtimeMediaSourceCenter.h:

* testing/Internals.cpp:
(WebCore::Internals::Internals):
(WebCore::Internals::setMockMediaCaptureDevicesEnabled):
* testing/Internals.h:
* testing/Internals.idl:

Source/WebKit/mac:

* WebView/WebPreferenceKeysPrivate.h:
* WebView/WebPreferences.mm:
(+[WebPreferences initialize]):
(-[WebPreferences mockCaptureDevicesEnabled]):
(-[WebPreferences setMockCaptureDevicesEnabled:]):
* WebView/WebPreferencesPrivate.h:
* WebView/WebView.mm:
(-[WebView _preferencesChanged:]):

Source/WebKit2:

* Shared/WebPreferencesDefinitions.h:
* UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetMockCaptureDevicesEnabled):
(WKPreferencesGetMockCaptureDevicesEnabled):
* UIProcess/API/C/WKPreferencesRefPrivate.h:
* UIProcess/API/Cocoa/WKPreferences.mm:
(-[WKPreferences _mockCaptureDevicesEnabled]):
(-[WKPreferences _setMockCaptureDevicesEnabled:]):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):

LayoutTests:

* fast/mediastream/mock-media-source-expected.txt: Added.
* fast/mediastream/mock-media-source.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194000 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[EME] Do not pass in the initialization data to AVContentKeyRequest as the contentIde...
jer.noble@apple.com [Sat, 12 Dec 2015 01:46:55 +0000 (01:46 +0000)]
[EME] Do not pass in the initialization data to AVContentKeyRequest as the contentIdentifier.
https://bugs.webkit.org/show_bug.cgi?id=152204
rdar://problem/23867877

Reviewed by Eric Carlson.

The AVContentKeyRequest API has been updated to no longer require a contentId parameter if the
ID can be derived from the initialization data.

* platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
(WebCore::CDMSessionAVContentKeySession::update):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193999 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemoved some dead code, and simplified some code in the baseline JIT.
mark.lam@apple.com [Sat, 12 Dec 2015 01:32:43 +0000 (01:32 +0000)]
Removed some dead code, and simplified some code in the baseline JIT.
https://bugs.webkit.org/show_bug.cgi?id=152199

Reviewed by Benjamin Poulain.

* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emitBitBinaryOpFastPath):
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emitSlow_op_lshift):
(JSC::JIT::emitRightShiftFastPath):
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emitSlow_op_rshift):
(JSC::JIT::emit_op_urshift):
(JSC::JIT::emitSlow_op_urshift):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193998 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago_touchEventRegions should return regions in the view's coordinates
bdakin@apple.com [Sat, 12 Dec 2015 01:21:52 +0000 (01:21 +0000)]
_touchEventRegions should return regions in the view's coordinates
https://bugs.webkit.org/show_bug.cgi?id=152189
-and corresponding-
rdar://problem/23188605

Reviewed by Dan Bernstein.

Source/WebKit/mac:

The comment here was actually out of date. It claimed that touch rectangles
are in the coordinate system of the document, but we had actually changed
them to be in the view’s coordinate system in order to fix issues with
handling touch events in UIWebView. But now we are going back to having the
touch rectangles be in the document’s coordinate system, so we should fix the
rtl bugs here by converting to view coordinates before handing the rects off
to iOS WK1 clients.
* WebView/WebView.mm:
(-[WebView _touchEventRegions]):

LayoutTests:

* fast/events/touch/ios/touch-event-rtl-expected.txt: Added.
* fast/events/touch/ios/touch-event-rtl.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRoll out http://trac.webkit.org/r193984, because the new test is timing out.
ap@apple.com [Sat, 12 Dec 2015 00:45:03 +0000 (00:45 +0000)]
Roll out trac.webkit.org/r193984, because the new test is timing out.

Was: Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
https://bugs.webkit.org/show_bug.cgi?id=152102
<rdar://problem/22124230>

Source/WebCore:

* dom/Document.cpp:
(WebCore::Document::processReferrerPolicy):
(WebCore::Document::applyContentDispositionAttachmentSandbox):

LayoutTests:

* http/tests/contentdispositionattachmentsandbox/resources/echo-http-referer.php: Removed.
* http/tests/contentdispositionattachmentsandbox/resources/subresource-request-not-include-referer-header-frame.php: Removed.
* http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header-expected.txt: Removed.
* http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193995 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agotmp for 152194
beidson@apple.com [Sat, 12 Dec 2015 00:18:18 +0000 (00:18 +0000)]
tmp for 152194

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193994 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoB3::reduceStrength should remove redundant Phi's
fpizlo@apple.com [Sat, 12 Dec 2015 00:17:24 +0000 (00:17 +0000)]
B3::reduceStrength should remove redundant Phi's
https://bugs.webkit.org/show_bug.cgi?id=152184

Reviewed by Benjamin Poulain.

This adds redundant Phi removal using Aycock and Horspools SSA simplification algorithm. This
is needed because even in simple asm.js code, we see a lot of CFG simplification that leaves
behind totally useless Phi's.

* b3/B3PhiChildren.cpp:
(JSC::B3::PhiChildren::PhiChildren):
* b3/B3PhiChildren.h:
(JSC::B3::PhiChildren::at):
(JSC::B3::PhiChildren::operator[]):
(JSC::B3::PhiChildren::phis):
* b3/B3ReduceStrength.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193993 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoPerf dashboard's buildbot sync config JSON duplicates too much information
rniwa@webkit.org [Sat, 12 Dec 2015 00:11:40 +0000 (00:11 +0000)]
Perf dashboard's buildbot sync config JSON duplicates too much information
https://bugs.webkit.org/show_bug.cgi?id=152196

Reviewed by Stephanie Lewis.

Added shared, per-builder, and per-test (called type) configurations.

* tools/sync-with-buildbot.py:
(load_config):
(load_config.merge):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193992 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFollowup to:
beidson@apple.com [Fri, 11 Dec 2015 23:54:30 +0000 (23:54 +0000)]
Followup to:
Modern IDB: storage/indexeddb/index-count.html fails.
https://bugs.webkit.org/show_bug.cgi?id=152175

Noticed by Darin Adler.

* Modules/indexeddb/client/IDBIndexImpl.cpp:
(WebCore::IDBClient::IDBIndex::count): Replace a curly brace to its proper place.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193991 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: storage/indexeddb/cursor-continue.html fails.
beidson@apple.com [Fri, 11 Dec 2015 23:52:48 +0000 (23:52 +0000)]
Modern IDB: storage/indexeddb/cursor-continue.html fails.
https://bugs.webkit.org/show_bug.cgi?id=152192

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (At least one failing test now passes).

* Modules/indexeddb/client/IDBCursorImpl.cpp:
(WebCore::IDBClient::IDBCursor::continueFunction): Check against the current key, not the current primary key.
(WebCore::IDBClient::IDBCursor::setGetResult): Also save off the current IDBKeyData.
* Modules/indexeddb/client/IDBCursorImpl.h:

LayoutTests:

* platform/mac-wk1/TestExpectations:
* storage/indexeddb/cursor-continue-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193990 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Add an implementation of pow() taking an integer exponent to B3
benjamin@webkit.org [Fri, 11 Dec 2015 23:45:04 +0000 (23:45 +0000)]
[JSC] Add an implementation of pow() taking an integer exponent to B3
https://bugs.webkit.org/show_bug.cgi?id=152165

Reviewed by Mark Lam.

LLVM has this really neat optimized opcode for
raising the power of something by an integer exponent.

There is no such native instruction so we need to extend
the existing FTLOutput API to something efficient.

DFG has a pretty competitive implementation. In this patch,
I added a version of it to B3.
I created powDoubleInt32() instead of putting the code directly
in FTL for easier testing and optimization.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* b3/B3MathExtras.cpp: Added.
(JSC::B3::powDoubleInt32):
* b3/B3MathExtras.h: Added.
* b3/B3MemoryValue.h:
* b3/testb3.cpp:
(JSC::B3::testPowDoubleByIntegerLoop):
(JSC::B3::run):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::compileArithPowIntegerFastPath):
* ftl/FTLB3Output.cpp:
(JSC::FTL::Output::doublePowi):
* ftl/FTLB3Output.h:
(JSC::FTL::Output::doublePowi): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193989 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: storage/indexeddb/index-basics.html fails.
beidson@apple.com [Fri, 11 Dec 2015 23:30:34 +0000 (23:30 +0000)]
Modern IDB: storage/indexeddb/index-basics.html fails.
https://bugs.webkit.org/show_bug.cgi?id=152190

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (At least one failing test now passes).

* bindings/js/JSIDBObjectStoreCustom.cpp:
(WebCore::JSIDBObjectStore::createIndex): Custom error message for the TypeError

LayoutTests:

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193988 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoB3 should have CSE
fpizlo@apple.com [Fri, 11 Dec 2015 23:20:20 +0000 (23:20 +0000)]
B3 should have CSE
https://bugs.webkit.org/show_bug.cgi?id=150961

Reviewed by Benjamin Poulain.

This implements a very simple CSE for pure values. I need this as a prerequisite for other
optimizations that I'm implementing. For now, this is neutral on imaging-gaussian-blur but a
slow-down on asm.js code. I suspect that the asm.js slow-down is because of other things that are
still going wrong, and anyway, I need CSE to be able to do even the most basic asm.js strength
reductions.

* b3/B3ReduceStrength.cpp:
* b3/B3ReduceStrength.h:
* b3/B3Value.cpp:
(JSC::B3::Value::replaceWithIdentity):
(JSC::B3::Value::key):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193987 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRebaseline a failing inspector test for a new property on Function.prototype.
keith_miller@apple.com [Fri, 11 Dec 2015 23:09:35 +0000 (23:09 +0000)]
Rebaseline a failing inspector test for a new property on Function.prototype.

* inspector/model/remote-object-get-properties-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRefactoring to reduce potential cut-paste errors with the FTL ICs.
mark.lam@apple.com [Fri, 11 Dec 2015 23:01:57 +0000 (23:01 +0000)]
Refactoring to reduce potential cut-paste errors with the FTL ICs.
https://bugs.webkit.org/show_bug.cgi?id=152185

Reviewed by Saam Barati.

* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* JavaScriptCore.xcodeproj/project.pbxproj:

* ftl/FTLCompile.cpp:
- ICs now have their own names.  GetById and PutByID fast path ICs no longer just
  say "inline cache fast path".

* ftl/FTLCompileBinaryOp.cpp:
(JSC::FTL::generateBinaryArithOpFastPath):
- Fixed an indentation.

* ftl/FTLInlineCacheDescriptor.h:
(JSC::FTL::InlineCacheDescriptor::InlineCacheDescriptor):
(JSC::FTL::InlineCacheDescriptor::name):
(JSC::FTL::GetByIdDescriptor::GetByIdDescriptor):
(JSC::FTL::PutByIdDescriptor::PutByIdDescriptor):
(JSC::FTL::CheckInDescriptor::CheckInDescriptor):
(JSC::FTL::BinaryOpDescriptor::nodeType):
(JSC::FTL::BinaryOpDescriptor::size):
(JSC::FTL::BinaryOpDescriptor::slowPathFunction):
(JSC::FTL::BinaryOpDescriptor::leftOperand):
(JSC::FTL::BinaryOpDescriptor::BinaryOpDescriptor):
(JSC::FTL::ArithDivDescriptor::ArithDivDescriptor):
(JSC::FTL::ArithDivDescriptor::icSize):
(JSC::FTL::ArithDivDescriptor::nodeType):
(JSC::FTL::ArithDivDescriptor::opName):
(JSC::FTL::ArithDivDescriptor::slowPathFunction):
(JSC::FTL::ArithDivDescriptor::nonNumberSlowPathFunction):
(JSC::FTL::ArithMulDescriptor::ArithMulDescriptor):
(JSC::FTL::ArithMulDescriptor::icSize):
(JSC::FTL::ArithMulDescriptor::nodeType):
(JSC::FTL::ArithMulDescriptor::opName):
(JSC::FTL::ArithMulDescriptor::slowPathFunction):
(JSC::FTL::ArithMulDescriptor::nonNumberSlowPathFunction):
(JSC::FTL::ArithSubDescriptor::ArithSubDescriptor):
(JSC::FTL::ArithSubDescriptor::icSize):
(JSC::FTL::ArithSubDescriptor::nodeType):
(JSC::FTL::ArithSubDescriptor::opName):
(JSC::FTL::ArithSubDescriptor::slowPathFunction):
(JSC::FTL::ArithSubDescriptor::nonNumberSlowPathFunction):
(JSC::FTL::ValueAddDescriptor::ValueAddDescriptor):
(JSC::FTL::ValueAddDescriptor::icSize):
(JSC::FTL::ValueAddDescriptor::nodeType):
(JSC::FTL::ValueAddDescriptor::opName):
(JSC::FTL::ValueAddDescriptor::slowPathFunction):
(JSC::FTL::ValueAddDescriptor::nonNumberSlowPathFunction):
(JSC::FTL::LazySlowPathDescriptor::LazySlowPathDescriptor):
(JSC::FTL::ProbeDescriptor::ProbeDescriptor):
(JSC::FTL::BinaryOpDescriptor::name): Deleted.
(JSC::FTL::BinaryOpDescriptor::fastPathICName): Deleted.
* ftl/FTLInlineCacheDescriptorInlines.h: Removed.
- Consolidate the number of places where we have to fill in a data about new
  snippet ICs.  It is all done in FTLInlineCacheDescriptor.h now.

* ftl/FTLJITFinalizer.cpp:
(JSC::FTL::JITFinalizer::finalizeFunction):

* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::DFG::LowerDFGToLLVM::compileUntypedBinaryOp):
(JSC::FTL::DFG::LowerDFGToLLVM::compileValueAdd):
(JSC::FTL::DFG::LowerDFGToLLVM::compileArithAddOrSub):
(JSC::FTL::DFG::LowerDFGToLLVM::compileArithMul):
(JSC::FTL::DFG::LowerDFGToLLVM::compileArithDiv):
- Introduced a compileUntypedBinaryOp() template and use that at all the FTL
  places that need to use a snippet.  This reduces the amount of cut and paste
  code.

* ftl/FTLState.h:
- Removed a bad #include.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193985 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoStrip out Referer header when requesting subresources or following links for document...
jiewen_tan@apple.com [Fri, 11 Dec 2015 22:43:49 +0000 (22:43 +0000)]
Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
https://bugs.webkit.org/show_bug.cgi?id=152102
<rdar://problem/22124230>

Reviewed by Andy Estes.

Source/WebCore:

Keep the ReferrerPolicy for a document as ReferrerPolicyNever if the document is loaded with
"Content-Disposition: attachment".

Test: http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html

* dom/Document.cpp:
(WebCore::Document::processReferrerPolicy):
(WebCore::Document::applyContentDispositionAttachmentSandbox):

LayoutTests:

* http/tests/contentdispositionattachmentsandbox/resources/echo-http-referer.php: Added.
* http/tests/contentdispositionattachmentsandbox/resources/subresource-request-not-include-referer-header-frame.php: Added.
* http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header-expected.txt: Added.
* http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193984 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoOverrides has instance should not move ValueFalse to a register then immediately...
keith_miller@apple.com [Fri, 11 Dec 2015 22:39:29 +0000 (22:39 +0000)]
Overrides has instance should not move ValueFalse to a register then immediately to the stack in the LLInt.
https://bugs.webkit.org/show_bug.cgi?id=152188

Reviewed by Mark Lam.

This fixes a minor issue with the code for the overrides_has_instance in the LLInt. Old code had an extra move,
which is both slow and breaks the build on cloop.

* llint/LowLevelInterpreter64.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193983 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMarking fast/events/ios tests as flaky on ios-simulator due to timeouts
ryanhaddad@apple.com [Fri, 11 Dec 2015 22:33:40 +0000 (22:33 +0000)]
Marking fast/events/ios tests as flaky on ios-simulator due to timeouts
https://bugs.webkit.org/show_bug.cgi?id=152134

Unreviewed test gardening.

* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193982 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: storage/indexeddb/key-type-array.html fails.
beidson@apple.com [Fri, 11 Dec 2015 22:14:18 +0000 (22:14 +0000)]
Modern IDB: storage/indexeddb/key-type-array.html fails.
https://bugs.webkit.org/show_bug.cgi?id=152187

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (At least one failing test now passes).

* Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
(WebCore::IDBClient::IDBObjectStore::putOrAdd): Perform the correct validity check on array keys.

LayoutTests:

* platform/mac-wk1/TestExpectations:
* storage/indexeddb/key-type-array-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193981 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: Updates to 3 intversion tests, and/or their results.
beidson@apple.com [Fri, 11 Dec 2015 22:12:43 +0000 (22:12 +0000)]
Modern IDB: Updates to 3 intversion tests, and/or their results.
https://bugs.webkit.org/show_bug.cgi?id=152179

Reviewed by Alex Christensen.

* platform/mac-wk1/TestExpectations:
* platform/wk2/storage/indexeddb/intversion-close-in-oncomplete-expected.txt:

* storage/indexeddb/intversion-close-in-oncomplete-expected.txt:
* storage/indexeddb/intversion-close-in-upgradeneeded-expected.txt:
* storage/indexeddb/intversion-upgrades-expected.txt:
* storage/indexeddb/resources/intversion-close-in-oncomplete.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193980 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoImprove Animometer on iOS
jonlee@apple.com [Fri, 11 Dec 2015 21:47:31 +0000 (21:47 +0000)]
Improve Animometer on iOS
https://bugs.webkit.org/show_bug.cgi?id=152180

Reviewed by Simon Fraser.

Improve experience on phones. Make the canvas take
up the whole screen.

* Animometer/runner/animometer.html: Add meta viewport.
Remove the container div.
* Animometer/runner/resources/animometer.css: Have buttons lay
out vertically. Update detail arrow glyph. Make the suites and
options section lay out vertically. Remove the top spacers since
we want the canvas to take over the whole screen. Minimal display
is recommended for use.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193975 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[ES6] Add support for Symbol.hasInstance
keith_miller@apple.com [Fri, 11 Dec 2015 21:43:45 +0000 (21:43 +0000)]
[ES6] Add support for Symbol.hasInstance
https://bugs.webkit.org/show_bug.cgi?id=151839

Reviewed by Saam Barati.

Source/JavaScriptCore:

This patch adds support for Symbol.hasInstance, unfortunately in order to prevent
regressions several new bytecodes and DFG IR nodes were necessary. Before, Symbol.hasInstance
when executing an instanceof expression we would emit three bytecodes: overrides_has_instance, get_by_id,
then instanceof. As the spec has changed, we emit a more complicated set of bytecodes in addition to some
new ones. First the role of overrides_has_instance and its corresponding DFG node have changed. Now it returns
a js-boolean indicating whether the RHS of the instanceof expression (from here on called the constructor for simplicity)
needs non-default behavior for resolving the expression. i.e. The constructor has a Symbol.hasInstance that differs from the one on
Function.prototype[Symbol.hasInstance] or is a bound/C-API function. Once we get to the DFG this node is generally eliminated as
we can prove the value of Symbol.hasInstance is a constant. The second new bytecode is instanceof_custom. insntanceof_custom, just
emits a call to slow path code that computes the result.

In the DFG, there is also a new node, CheckTypeInfoFlags, which checks the type info flags are consistent with the ones provided and
OSR exits if the flags are not. Additionally, we attempt to prove that the result of CheckHasValue will be a constant and transform
it into a CheckTypeInfoFlags followed by a JSConstant.

* API/JSCallbackObject.h:
* builtins/FunctionPrototype.js:
(symbolHasInstance):
* bytecode/BytecodeBasicBlock.cpp:
(JSC::isBranch): Deleted.
* bytecode/BytecodeList.json:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
* bytecode/ExitKind.cpp:
(JSC::exitKindToString):
* bytecode/ExitKind.h:
* bytecode/PreciseJumpTargets.cpp:
(JSC::getJumpTargetsForBytecodeOffset): Deleted.
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitOverridesHasInstance):
(JSC::BytecodeGenerator::emitInstanceOfCustom):
(JSC::BytecodeGenerator::emitCheckHasInstance): Deleted.
* bytecompiler/BytecodeGenerator.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::InstanceOfNode::emitBytecode):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGHeapLocation.cpp:
(WTF::printInternal):
* dfg/DFGHeapLocation.h:
* dfg/DFGNode.h:
(JSC::DFG::Node::hasCellOperand):
(JSC::DFG::Node::hasTypeInfoOperand):
(JSC::DFG::Node::typeInfoOperand):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileCheckTypeInfoFlags):
(JSC::DFG::SpeculativeJIT::compileInstanceOfCustom):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLIntrinsicRepository.h:
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::DFG::LowerDFGToLLVM::compileNode):
(JSC::FTL::DFG::LowerDFGToLLVM::compileOverridesHasInstance):
(JSC::FTL::DFG::LowerDFGToLLVM::compileCheckTypeInfoFlags):
(JSC::FTL::DFG::LowerDFGToLLVM::compileInstanceOfCustom):
(JSC::FTL::DFG::LowerDFGToLLVM::compileCheckHasInstance): Deleted.
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITInlines.h:
(JSC::JIT::callOperation):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_overrides_has_instance):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_instanceof_custom):
(JSC::JIT::emitSlow_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof_custom):
(JSC::JIT::emit_op_check_has_instance): Deleted.
(JSC::JIT::emitSlow_op_check_has_instance): Deleted.
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_overrides_has_instance):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_instanceof_custom):
(JSC::JIT::emitSlow_op_instanceof_custom):
(JSC::JIT::emit_op_check_has_instance): Deleted.
(JSC::JIT::emitSlow_op_check_has_instance): Deleted.
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* llint/LLIntSlowPaths.h:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/CommonIdentifiers.h:
* runtime/ExceptionHelpers.cpp:
(JSC::invalidParameterInstanceofSourceAppender):
(JSC::invalidParameterInstanceofNotFunctionSourceAppender):
(JSC::invalidParameterInstanceofhasInstanceValueNotFunctionSourceAppender):
(JSC::createInvalidInstanceofParameterErrorNotFunction):
(JSC::createInvalidInstanceofParameterErrorhasInstanceValueNotFunction):
(JSC::createInvalidInstanceofParameterError): Deleted.
* runtime/ExceptionHelpers.h:
* runtime/FunctionPrototype.cpp:
(JSC::FunctionPrototype::addFunctionProperties):
* runtime/FunctionPrototype.h:
* runtime/JSBoundFunction.cpp:
(JSC::isBoundFunction):
(JSC::hasInstanceBoundFunction):
* runtime/JSBoundFunction.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::functionProtoHasInstanceSymbolFunction):
* runtime/JSObject.cpp:
(JSC::JSObject::hasInstance):
(JSC::objectPrivateFuncInstanceOf):
* runtime/JSObject.h:
* runtime/JSTypeInfo.h:
(JSC::TypeInfo::TypeInfo):
(JSC::TypeInfo::overridesHasInstance):
* runtime/WriteBarrier.h:
(JSC::WriteBarrierBase<Unknown>::slot):
* tests/es6.yaml:
* tests/stress/instanceof-custom-hasinstancesymbol.js: Added.
(Constructor):
(value):
(instanceOf):
(body):
* tests/stress/symbol-hasInstance.js: Added.
(Constructor):
(value):
(ObjectClass.Symbol.hasInstance):
(NumberClass.Symbol.hasInstance):

LayoutTests:

Fix tests to reflect the changes to instanceof in ES6.

Added a new regression test for bound functions in instanceof
as the perfomance on bound functions should, to some degree,
reflect the performance on C-API users.

* js/Object-getOwnPropertyNames-expected.txt:
* js/exception-for-nonobject-expected.txt:
* js/exception-instanceof-expected.txt:
* js/instance-of-immediates-expected.txt:
* js/regress/instanceof-bound-expected.txt: Added.
* js/regress/instanceof-bound.html: Added.
* js/regress/script-tests/instanceof-bound.js: Added.
(Constructor):
(test):
* js/script-tests/Object-getOwnPropertyNames.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193974 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUpdating mac-wk1 TestExpectations for fast/replaced/replaced-breaking.html to Yosemit...
ryanhaddad@apple.com [Fri, 11 Dec 2015 21:01:53 +0000 (21:01 +0000)]
Updating mac-wk1 TestExpectations for fast/replaced/replaced-breaking.html to Yosemite+ to fix EWS bot results.
https://bugs.webkit.org/show_bug.cgi?id=152178

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193973 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agocheck-for-inappropriate-objc-class-names should check all class names, not just exter...
commit-queue@webkit.org [Fri, 11 Dec 2015 20:56:12 +0000 (20:56 +0000)]
check-for-inappropriate-objc-class-names should check all class names, not just externally visible ones
https://bugs.webkit.org/show_bug.cgi?id=152156

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-12-11
Reviewed by Dan Bernstein.

Source/JavaScriptCore:

* llvm/InitializeLLVMMac.cpp:
Remove stale comment. The ObjC class this comment referenced
has already been removed.

Source/WebCore:

* platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.h:
* platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
(WebCore::CDMSessionAVContentKeySession::CDMSessionAVContentKeySession):
* platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.h:
* platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
(WebCore::CDMSessionAVStreamSession::CDMSessionAVStreamSession):
Rename classes with a "Web" prefix.

Source/WebKit2:

* UIProcess/ios/WebVideoFullscreenManagerProxy.mm:
(WebKit::WebVideoFullscreenManagerProxy::setupFullscreenWithID):
* UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.h:
* UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.mm:
(WebKit::RemoteLayerTreeDrawingAreaProxy::RemoteLayerTreeDrawingAreaProxy):
Rename internal classes with "_WK" prefix.

Tools:

Our frameworks should appropriately prefix all ObjC classes,
not just external symbols.

* Scripts/check-for-inappropriate-objc-class-names:
Remove the -g switch to check all ObjC class names.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193972 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: storage/indexeddb/intversion-abort-in-initial-upgradeneeded.html fails.
beidson@apple.com [Fri, 11 Dec 2015 19:56:18 +0000 (19:56 +0000)]
Modern IDB: storage/indexeddb/intversion-abort-in-initial-upgradeneeded.html fails.
https://bugs.webkit.org/show_bug.cgi?id=152177

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (At least one failing test now passes).

* Modules/indexeddb/client/IDBOpenDBRequestImpl.cpp:
(WebCore::IDBClient::IDBOpenDBRequest::versionChangeTransactionDidFinish): Renamed from below.
(WebCore::IDBClient::IDBOpenDBRequest::versionChangeTransactionWillFinish): Deleted.
* Modules/indexeddb/client/IDBOpenDBRequestImpl.h:

* Modules/indexeddb/client/IDBRequestImpl.cpp:
(WebCore::IDBClient::IDBRequest::setVersionChangeTransaction): OpenDBRequests usually don't have transactions,
  unless they end up being upgrade requests.
* Modules/indexeddb/client/IDBRequestImpl.h:

* Modules/indexeddb/client/IDBTransactionImpl.cpp:
(WebCore::IDBClient::IDBTransaction::IDBTransaction): Call setVersionChangeTransaction on the request if appropriate.
(WebCore::IDBClient::IDBTransaction::dispatchEvent): Call versionChangeTransactionDidFinish after the
  abort/complete events fire.
(WebCore::IDBClient::IDBTransaction::abort): Deleted.
(WebCore::IDBClient::IDBTransaction::commit): Deleted.

LayoutTests:

* platform/mac-wk1/TestExpectations:
* platform/wk2/storage/indexeddb/intversion-abort-in-initial-upgradeneeded-expected.txt: Copied from LayoutTests/storage/indexeddb/intversion-abort-in-initial-upgradeneeded-expected.txt.
* storage/indexeddb/intversion-abort-in-initial-upgradeneeded-expected.txt:
* storage/indexeddb/resources/intversion-abort-in-initial-upgradeneeded.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193970 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoDo not fire load events from frames with scripting disabled
jiewen_tan@apple.com [Fri, 11 Dec 2015 19:49:56 +0000 (19:49 +0000)]
Do not fire load events from frames with scripting disabled
https://bugs.webkit.org/show_bug.cgi?id=118042
<rdar://problem/14272857>

Reviewed by Brent Fulgham.

Since the crash is not reproducible, only test case from Blink r153029 is merged:
https://codereview.chromium.org/17682003

* fast/images/image-load-event-crash-expected.txt: Added.
* fast/images/image-load-event-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193969 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: storage/indexeddb/index-count.html fails.
beidson@apple.com [Fri, 11 Dec 2015 19:13:38 +0000 (19:13 +0000)]
Modern IDB: storage/indexeddb/index-count.html fails.
https://bugs.webkit.org/show_bug.cgi?id=152175

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (At least one failing test now passes).

* Modules/indexeddb/client/IDBIndexImpl.cpp:
(WebCore::IDBClient::IDBIndex::count): If the passed in IDBKeyRange* is nullptr, use IDBKeyRangeData::allKeys.
(WebCore::IDBClient::IDBIndex::doCount): Change an isNull check to a more correct !isValid() check.

LayoutTests:

* platform/mac-wk1/TestExpectations:
* storage/indexeddb/index-count-expected.txt:
* storage/indexeddb/modern/index-get-count-failures-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193968 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[WinCairo][MediaFoundation] Setting playback rate does not work.
peavo@outlook.com [Fri, 11 Dec 2015 17:45:16 +0000 (17:45 +0000)]
[WinCairo][MediaFoundation] Setting playback rate does not work.
https://bugs.webkit.org/show_bug.cgi?id=152172

Reviewed by Brent Fulgham.

Implement method to set playback rate.

* platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
(WebCore::MediaPlayerPrivateMediaFoundation::seekDouble):
(WebCore::MediaPlayerPrivateMediaFoundation::setRateDouble):
(WebCore::MediaPlayerPrivateMediaFoundation::durationDouble):
* platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193959 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[iOS][WK2] Update expected results for tests imported/w3c/web-platform-tests
dbates@webkit.org [Fri, 11 Dec 2015 17:44:55 +0000 (17:44 +0000)]
[iOS][WK2] Update expected results for tests imported/w3c/web-platform-tests

* platform/ios-simulator-wk2/imported/w3c/web-platform-tests/html/dom/interfaces-expected.txt: Added.
* platform/ios-simulator-wk2/imported/w3c/web-platform-tests/html/semantics/forms/constraints/form-validation-validity-valueMissing-expected.txt: Added.
* platform/ios-simulator-wk2/imported/w3c/web-platform-tests/html/semantics/forms/constraints/form-validation-willValidate-expected.txt: Renamed from LayoutTests/platform/ios-simulator/imported/w3c/web-platform-tests/html/semantics/forms/constraints/form-validation-willValidate-expected.txt.
* platform/ios-simulator-wk2/imported/w3c/web-platform-tests/html/semantics/forms/the-input-element/type-change-state-expected.txt: Added.
* platform/ios-simulator-wk2/imported/w3c/web-platform-tests/html/semantics/interfaces-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193958 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoReduce the number of events that can be created by Document.createEvent
darin@apple.com [Fri, 11 Dec 2015 17:35:52 +0000 (17:35 +0000)]
Reduce the number of events that can be created by Document.createEvent
https://bugs.webkit.org/show_bug.cgi?id=151931

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

* web-platform-tests/dom/events/ProgressEvent-expected.txt: Updated for progression.
* web-platform-tests/html/semantics/embedded-content/media-elements/interfaces/TrackEvent/createEvent-expected.txt:
Ditto.

Source/WebCore:

Document.createEvent is intended for use only with a certain set of legacy events.
Ideally it should only be the ones mentioned in the DOM specification.

For now, at least remove all the events that can't usefully be created and initialized
this way. Later, we should cut it down even smaller. And stop automatically generating
this, which was causing everyone who made an event IDL file to get supported here!

The modern alternative is to use event class constructors instead.

* CMakeLists.txt: Don't compile EventFactory.cpp. For now, we still generate
EventFactory.cpp but we do not use it.
* DerivedSources.make: Ditto.
* WebCore.vcxproj/WebCore.vcxproj: Ditto.
* WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
* WebCore.xcodeproj/project.pbxproj: Ditto. Also don't include EventFactory.h in the
project file.

* dom/DOMImplementation.cpp:
(WebCore::DOMImplementation::hasFeature): Added a comment about the SVGZoomEvents feature.

* dom/Document.cpp: Re-sorted includes and added the new ones needed for createEvent.
(WebCore::Document::createEvent): Moved all the logic here from EventFactory, and
took a crack at comments that explain what this should and should not be used for.

* dom/EventFactory.h: Removed.

LayoutTests:

* TestExpectations: Added expected failures for the two tests that depend
on createEvent("IDBVersionChangeEvent").

* animations/animation-events-create.html: Updated to use
"new WebKitAnimationEvent" instead of document.createEvent.

* fast/events/event-creation-expected.txt: Removed expected results for
various events that can no longer be created with createEvent.
* fast/events/event-creation.html: Removed tests for various events
that can no longer be created with createEvent.

* imported/blink/plugins/plugin-synthetic-event-crash.html: Updated to use
"new PopStateEvent" instead of document.createEvent.

* indieui/create-uirequestevent-expected.txt: Removed.
* indieui/create-uirequestevent.html: Removed.

* platform/mac-wk2/TestExpecations: Removed expectations for some deleted tests.

* platform/wk2/storage/indexeddb/removed-expected.txt: Removed, since this is
no different from the platform-independent expected result.

* transitions/transition-end-event-create.html: Updated to use
"new WebKitTransitionEvent" instead of document.createEvent.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193957 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: When logging strings, detect stack traces and show them as StackTraceView
nvasilyev@apple.com [Fri, 11 Dec 2015 17:34:32 +0000 (17:34 +0000)]
Web Inspector: When logging strings, detect stack traces and show them as StackTraceView
https://bugs.webkit.org/show_bug.cgi?id=149790

Reviewed by Timothy Hatcher.

Source/WebInspectorUI:

* UserInterface/Models/StackTrace.js:
(WebInspector.StackTrace.isLikelyStackTrace): Added.

* UserInterface/Views/ConsoleMessageView.css:
(.console-message-extra-parameter .stack-trace):
Display stack trace view on the same line as a list bullet point from
console message extra parameter.

* UserInterface/Views/ConsoleMessageView.js:
(WebInspector.ConsoleMessageView.prototype._appendFormattedArguments):
Don't format with string substitutions for stack traces. E.g. there is
no need to replace %s with the next argument.

(WebInspector.ConsoleMessageView.prototype._isStackTrace): Added.
(WebInspector.ConsoleMessageView.prototype._formatParameterAsString):
Detect stack traces and format them appropriately.

LayoutTests:

* inspector/console/js-isLikelyStackTrace.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193956 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Little cleanup of FTLOutput type casts and conversions
benjamin@webkit.org [Fri, 11 Dec 2015 17:15:58 +0000 (17:15 +0000)]
[JSC] Little cleanup of FTLOutput type casts and conversions
https://bugs.webkit.org/show_bug.cgi?id=152166

Reviewed by Geoffrey Garen.

Clean up:
-Change fpCast() to explicit conversion doubleToFloat() and floatToDouble()
 to match B3's opcodes.
-Remove unused conversion functions.
-Use the most specific cast function when possible.
-Functions that are only used inside FTLOutput are made private.
 In FTLB3Output, those functions were removed.

* ftl/FTLB3Output.h:
(JSC::FTL::Output::doubleToFloat):
(JSC::FTL::Output::floatToDouble):
(JSC::FTL::Output::fround):
(JSC::FTL::Output::fpToInt): Deleted.
(JSC::FTL::Output::fpToUInt): Deleted.
(JSC::FTL::Output::intToFP): Deleted.
(JSC::FTL::Output::unsignedToFP): Deleted.
(JSC::FTL::Output::intCast): Deleted.
(JSC::FTL::Output::fpCast): Deleted.
(JSC::FTL::Output::intToPtr): Deleted.
(JSC::FTL::Output::ptrToInt): Deleted.
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::DFG::LowerDFGToLLVM::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToLLVM::compilePutByVal):
* ftl/FTLOutput.h:
(JSC::FTL::Output::doubleToFloat):
(JSC::FTL::Output::floatToDouble):
(JSC::FTL::Output::intCast):
(JSC::FTL::Output::fpToInt):
(JSC::FTL::Output::fpToUInt):
(JSC::FTL::Output::fpCast):
(JSC::FTL::Output::intToFP):
(JSC::FTL::Output::unsignedToFP):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193955 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: storage/indexeddb/objectstore-count.html fails.
beidson@apple.com [Fri, 11 Dec 2015 07:59:41 +0000 (07:59 +0000)]
Modern IDB: storage/indexeddb/objectstore-count.html fails.
https://bugs.webkit.org/show_bug.cgi?id=152167

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (At least one failing test now passes).

* Modules/indexeddb/IDBKeyRangeData.h:
(WebCore::IDBKeyRangeData::allKeys):

* Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
(WebCore::IDBClient::IDBObjectStore::count): If the passed in IDBKeyRange* is nullptr, use IDBKeyRangeData::allKeys.
(WebCore::IDBClient::IDBObjectStore::doCount): Change an isNull check to a more correct !isValid() check.

LayoutTests:

* platform/mac-wk1/TestExpectations:
* storage/indexeddb/objectstore-count-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193949 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoBinding and builtin generators should lowercase RTCXX as rtcXX and not rTCXX
youenn.fablet@crf.canon.fr [Fri, 11 Dec 2015 07:45:09 +0000 (07:45 +0000)]
Binding and builtin generators should lowercase RTCXX as rtcXX and not rTCXX
https://bugs.webkit.org/show_bug.cgi?id=152121

Reviewed by Darin Adler.

Source/JavaScriptCore:

* Scripts/builtins/builtins_generator.py:
(WK_lcfirst): Added RTC special rule.

Source/WebCore:

No change in behavior.

* bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::finishCreation): Using rtcXX in lieu of rTCXX.
* bindings/js/WebCoreJSBuiltinInternals.h:
(WebCore::JSBuiltinInternalFunctions::JSBuiltinInternalFunctions): Ditto.
(WebCore::JSBuiltinInternalFunctions::rtcPeerConnectionInternals): Added.
(WebCore::JSBuiltinInternalFunctions::visit): Ditto.
(WebCore::JSBuiltinInternalFunctions::init): Ditto.
(WebCore::JSBuiltinInternalFunctions::rTCPeerConnectionInternals): Deleted.
* bindings/js/WebCoreJSBuiltins.h:
(WebCore::JSBuiltinFunctions::JSBuiltinFunctions): Using rtcXX in lieu of rTCXX.
(WebCore::JSBuiltinFunctions::rtcPeerConnectionBuiltins): Added.
(WebCore::JSBuiltinFunctions::rtcPeerConnectionInternalsBuiltins): Added.
(WebCore::JSBuiltinFunctions::rTCPeerConnectionBuiltins): Deleted.
(WebCore::JSBuiltinFunctions::rTCPeerConnectionInternalsBuiltins): Deleted.
* bindings/scripts/CodeGenerator.pm:
(WK_lcfirst): Added RTC special rule.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193948 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoASSERTION FAILED: !simpleLineLayout() in WebCore::RenderText::collectSelectionRectsFo...
zalan@apple.com [Fri, 11 Dec 2015 07:31:28 +0000 (07:31 +0000)]
ASSERTION FAILED: !simpleLineLayout() in WebCore::RenderText::collectSelectionRectsForLineBoxes
https://bugs.webkit.org/show_bug.cgi?id=152115

Reviewed by Simon Fraser.

document.execCommand("indent") generates a blockquote wrapper and moves the indented content inside.
If the indented content is already inside a selection, we need to make sure that newly created flow uses
normal line layout.
This patch fixes the generic case as re-parenting an already selected renderer is not specific to document.execCommand("indent").

Source/WebCore:

Test: fast/block/selection-inside-simple-line-layout.html

* rendering/SimpleLineLayout.cpp:
(WebCore::SimpleLineLayout::canUseForWithReason):
(WebCore::SimpleLineLayout::printReason):

LayoutTests:

* fast/block/selection-inside-simple-line-layout-expected.txt: Added.
* fast/block/selection-inside-simple-line-layout.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193947 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: debugger dashboard's switching arrows are positioned too close to...
nvasilyev@apple.com [Fri, 11 Dec 2015 05:26:15 +0000 (05:26 +0000)]
Web Inspector: debugger dashboard's switching arrows are positioned too close to the dashboard border
https://bugs.webkit.org/show_bug.cgi?id=151867

Reviewed by Timothy Hatcher.

* UserInterface/Views/DashboardContainerView.css:
(.dashboard-container .advance-arrow):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193946 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed TestExpectations gardening.
beidson@apple.com [Fri, 11 Dec 2015 04:26:03 +0000 (04:26 +0000)]
Unreviewed TestExpectations gardening.

* platform/mac-wk1/TestExpectations: Move 3 failing IDB tests to the "Skipped because of Workers" section.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193945 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[MediaStream] Expose media capture devices persistent permissions to WebCore
eric.carlson@apple.com [Fri, 11 Dec 2015 04:06:05 +0000 (04:06 +0000)]
[MediaStream] Expose media capture devices persistent permissions to WebCore
https://bugs.webkit.org/show_bug.cgi?id=152087

Source/WebCore:

Reviewed by Chris Dumez.

No new tests, an existing test was updated to test the change.

* CMakeLists.txt: Add UserMediaPermissionCheck.cpp.

* Modules/mediastream/MediaDevicesRequest.cpp:
(WebCore::MediaDevicesRequest::~MediaDevicesRequest): Clear the permission checker client.
(WebCore::MediaDevicesRequest::contextDestroyed): Ditto.
(WebCore::MediaDevicesRequest::start): Create a permission checker and start it running.
(WebCore::MediaDevicesRequest::didCompleteCheck): Start the media source checker.
(WebCore::MediaDevicesRequest::didCompleteRequest): Only include a track's label if the
  page has permission to use a capture device.
* Modules/mediastream/MediaDevicesRequest.h:

* Modules/mediastream/UserMediaClient.h: Include prototypes for permission checker.
(WebCore::UserMediaClient::~UserMediaClient):

* Modules/mediastream/MediaStreamTrackSourcesRequest.cpp: Removed, not longer used.
* Modules/mediastream/MediaStreamTrackSourcesRequest.h:

* Modules/mediastream/UserMediaController.h:
(WebCore::UserMediaController::checkUserMediaPermission): New.
(WebCore::UserMediaController::cancelUserMediaPermissionCheck): Ditto.

* Modules/mediastream/UserMediaPermissionCheck.cpp: Added.
(WebCore::UserMediaPermissionCheck::create):
(WebCore::UserMediaPermissionCheck::UserMediaPermissionCheck):
(WebCore::UserMediaPermissionCheck::~UserMediaPermissionCheck):
(WebCore::UserMediaPermissionCheck::securityOrigin):
(WebCore::UserMediaPermissionCheck::contextDestroyed):
(WebCore::UserMediaPermissionCheck::start):
(WebCore::UserMediaPermissionCheck::setDeviceAccessMode):
* Modules/mediastream/UserMediaPermissionCheck.h: Added.
(WebCore::UserMediaPermissionCheckClient::~UserMediaPermissionCheckClient):
(WebCore::UserMediaPermissionCheck::setClient):

* WebCore.xcodeproj/project.pbxproj: Add UserMediaPermissionCheck.cpp|.h

* platform/mock/UserMediaClientMock.h: Removed, it is no longer used.

* testing/Internals.cpp: Remove UserMediaClientMock.h include, it is gone.

Source/WebKit/mac:

Reviewed by Chris Dumez.

Add methods and helpers for WK1 permission checker interface.
* WebCoreSupport/WebUserMediaClient.h:
* WebCoreSupport/WebUserMediaClient.mm:
(userMediaRequestsMap):
(AddRequestToRequestMap):
(RemoveRequestFromRequestMap):
(userMediaCheckMap):
(AddPermissionCheckToMap):
(RemovePermissionCheckFromMap):
(WebUserMediaClient::WebUserMediaClient):
(WebUserMediaClient::requestUserMediaAccess):
(WebUserMediaClient::cancelUserMediaAccessRequest):
(WebUserMediaClient::checkUserMediaPermission):
(WebUserMediaClient::cancelUserMediaPermissionCheck):
(-[WebUserMediaPolicyListener allow]):
(-[WebUserMediaPolicyListener deny]):
(-[WebUserMediaPolicyCheckerListener initWithUserMediaPermissionCheck:]):
(-[WebUserMediaPolicyCheckerListener cancelUserMediaPermissionCheck]):
(-[WebUserMediaPolicyCheckerListener allow]):
(-[WebUserMediaPolicyCheckerListener deny]):
(-[WebUserMediaPolicyCheckerListener denyOnlyThisRequest]):
(-[WebUserMediaPolicyCheckerListener shouldClearCache]):
(AddRequestToMap): Deleted.
(RemoveRequestFromMap): Deleted.
* WebView/WebUIDelegatePrivate.h:

Source/WebKit2:

Reviewed by Chris Dumez.

* CMakeLists.txt: Add UserMediaPermissionCheckProxy.cpp and WKUserMediaPermissionCheck.cpp.

* Shared/API/APIObject.h: Define UserMediaPermissionCheck.

* Shared/API/c/WKBase.h: Add WKUserMediaPermissionCheckRef typedef.

* UIProcess/API/APIUIClient.h:
(API::UIClient::checkUserMediaPermissionForOrigin): New.

* UIProcess/API/C/WKAPICast.h: Add WKUserMediaPermissionCheckRef/UserMediaPermissionCheckProxy mapping.

* UIProcess/API/C/WKPage.cpp:
(WKPageSetPageUIClient): Implement checkUserMediaPermissionForOrigin.

* UIProcess/API/C/WKPageUIClient.h: Add WKCheckUserMediaPermissionCallback typedef and add
  checkUserMediaPermissionForOrigin to WKPageUIClientV6.

* UIProcess/API/C/WKUserMediaPermissionCheck.cpp: Added.
(WKUserMediaPermissionCheckGetTypeID):
(WKUserMediaPermissionCheckSetHasPermission):

* UIProcess/API/C/WKUserMediaPermissionCheck.h: Added.

* UIProcess/UserMediaPermissionCheckProxy.cpp: Added.
(WebKit::UserMediaPermissionCheckProxy::UserMediaPermissionCheckProxy):
(WebKit::UserMediaPermissionCheckProxy::setHasPermission):
(WebKit::UserMediaPermissionCheckProxy::invalidate):
* UIProcess/UserMediaPermissionCheckProxy.h: Added.
(WebKit::UserMediaPermissionCheckProxy::create):
* UIProcess/UserMediaPermissionRequestManagerProxy.cpp:
(WebKit::UserMediaPermissionRequestManagerProxy::invalidateRequests):
(WebKit::UserMediaPermissionRequestManagerProxy::createRequest):
(WebKit::UserMediaPermissionRequestManagerProxy::didReceiveUserMediaPermissionDecision):
(WebKit::UserMediaPermissionRequestManagerProxy::createUserMediaPermissionCheck):
(WebKit::UserMediaPermissionRequestManagerProxy::didCompleteUserMediaPermissionCheck):
* UIProcess/UserMediaPermissionRequestManagerProxy.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::requestUserMediaPermissionForFrame):
(WebKit::WebPageProxy::checkUserMediaPermissionForFrame):
(WebKit::WebPageProxy::requestNotificationPermission):
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:

* WebKit2.xcodeproj/project.pbxproj: Add UserMediaPermissionCheckProxy.*, and WKUserMediaPermissionCheck.*.

* WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp:
(WebKit::UserMediaPermissionRequestManager::startUserMediaRequest): Renamed from startRequest.
(WebKit::UserMediaPermissionRequestManager::cancelUserMediaRequest): Renamed from cancelRequest.
(WebKit::UserMediaPermissionRequestManager::didReceiveUserMediaPermissionDecision): m_requestToIDMap ->
  m_userMediaRequestToIDMap.remove.
(WebKit::UserMediaPermissionRequestManager::startUserMediaPermissionCheck): New, start the request.
(WebKit::UserMediaPermissionRequestManager::cancelUserMediaPermissionCheck): New, cancel
  the request.
(WebKit::UserMediaPermissionRequestManager::didCompleteUserMediaPermissionCheck): New,
  all the request completion method.
(WebKit::UserMediaPermissionRequestManager::startRequest): Deleted.
(WebKit::UserMediaPermissionRequestManager::cancelRequest): Deleted.
* WebProcess/MediaStream/UserMediaPermissionRequestManager.h:

* WebProcess/WebCoreSupport/WebUserMediaClient.cpp:
(WebKit::WebUserMediaClient::requestUserMediaAccess): startRequest -> startUserMediaRequest.
(WebKit::WebUserMediaClient::cancelUserMediaAccessRequest): cancelRequest -> cancelUserMediaRequest.
(WebKit::WebUserMediaClient::checkUserMediaPermission): New.
(WebKit::WebUserMediaClient::cancelUserMediaPermissionCheck): New.
* WebProcess/WebCoreSupport/WebUserMediaClient.h:

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::didCompleteUserMediaPermissionCheck): New.
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in: Add DidCompleteUserMediaPermissionCheck.

Tools:

Add support for the new user media permission checker page UI client method.

Reviewed by Chris Dumez.

* WebKitTestRunner/TestController.cpp:
(WTR::decidePolicyForUserMediaPermissionRequest):
(WTR::checkUserMediaPermissionForOrigin):
(WTR::TestController::createOtherPage): Add checkUserMediaPermissionForOrigin.
(WTR::TestController::createWebViewWithOptions): Ditto.
(WTR::TestController::resetStateToConsistentValues): Clear m_userMediaOriginPermissions.
(WTR::originUserVisibleName): New, create a string for the origin.
(WTR::TestController::handleCheckOfUserMediaPermissionForOrigin): Set the WKUserMediaPermissionCheckRef
  according to the state of the origin permission map.
(WTR::TestController::handleUserMediaPermissionRequest): Remember both the origin and the
  request so we can update the origin permission map in decidePolicyForUserMediaPermissionRequestIfPossible.
(WTR::TestController::decidePolicyForUserMediaPermissionRequestIfPossible): Update the
  origin permission map.
* WebKitTestRunner/TestController.h:

LayoutTests:

Reviewed by Chris Dumez.

* fast/mediastream/MediaDevices-enumerateDevices-expected.txt:
* fast/mediastream/MediaDevices-enumerateDevices.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193944 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFTL B3 should be able to run quicksort asm.js test
fpizlo@apple.com [Fri, 11 Dec 2015 04:03:28 +0000 (04:03 +0000)]
FTL B3 should be able to run quicksort asm.js test
https://bugs.webkit.org/show_bug.cgi?id=152105

Reviewed by Geoffrey Garen.

This covers making all of the changes needed to run quicksort.js from AsmBench.

- Reintroduced float types to FTLLower since we now have B3::Float.

- Gave FTL::Output the ability to speak of load types and store types separately from LValue
  types. This dodges the problem that B3 doesn't have types for Int8 and Int16 but supports loads
  and stores of that type.

- Implemented Mod in B3 and wrote tests.

I also fixed a pre-existing bug in a test that appeared to only manifest in release builds.

Currently, B3's performance on asm.js tests is not good. It should be easy to fix:

- B3 should strength-reduce the shifting madness that happens in asm.js memory accesses
  https://bugs.webkit.org/show_bug.cgi?id=152106

- B3 constant hoisting should have a story for the asm.js heap constant
  https://bugs.webkit.org/show_bug.cgi?id=152107

* b3/B3CCallValue.h:
* b3/B3Const32Value.cpp:
(JSC::B3::Const32Value::divConstant):
(JSC::B3::Const32Value::modConstant):
(JSC::B3::Const32Value::bitAndConstant):
* b3/B3Const32Value.h:
* b3/B3Const64Value.cpp:
(JSC::B3::Const64Value::divConstant):
(JSC::B3::Const64Value::modConstant):
(JSC::B3::Const64Value::bitAndConstant):
* b3/B3Const64Value.h:
* b3/B3ReduceStrength.cpp:
* b3/B3Validate.cpp:
* b3/B3Value.cpp:
(JSC::B3::Value::divConstant):
(JSC::B3::Value::modConstant):
(JSC::B3::Value::bitAndConstant):
* b3/B3Value.h:
* b3/testb3.cpp:
(JSC::B3::testChillDiv64):
(JSC::B3::testMod):
(JSC::B3::testSwitch):
(JSC::B3::run):
* ftl/FTLB3Output.cpp:
(JSC::FTL::Output::load16ZeroExt32):
(JSC::FTL::Output::store):
(JSC::FTL::Output::store32As8):
(JSC::FTL::Output::store32As16):
(JSC::FTL::Output::loadFloatToDouble): Deleted.
* ftl/FTLB3Output.h:
(JSC::FTL::Output::mul):
(JSC::FTL::Output::div):
(JSC::FTL::Output::chillDiv):
(JSC::FTL::Output::rem):
(JSC::FTL::Output::neg):
(JSC::FTL::Output::load32):
(JSC::FTL::Output::load64):
(JSC::FTL::Output::loadPtr):
(JSC::FTL::Output::loadFloat):
(JSC::FTL::Output::loadDouble):
(JSC::FTL::Output::store32):
(JSC::FTL::Output::store64):
(JSC::FTL::Output::storePtr):
(JSC::FTL::Output::storeFloat):
(JSC::FTL::Output::storeDouble):
(JSC::FTL::Output::addPtr):
(JSC::FTL::Output::extractValue):
(JSC::FTL::Output::call):
(JSC::FTL::Output::operation):
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::DFG::LowerDFGToLLVM::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToLLVM::compilePutByVal):
(JSC::FTL::DFG::LowerDFGToLLVM::compileArrayPush):
(JSC::FTL::DFG::LowerDFGToLLVM::compileArrayPop):
* ftl/FTLOutput.cpp:
(JSC::FTL::Output::Output):
(JSC::FTL::Output::store):
(JSC::FTL::Output::check):
(JSC::FTL::Output::load):
* ftl/FTLOutput.h:
(JSC::FTL::Output::load32):
(JSC::FTL::Output::load64):
(JSC::FTL::Output::loadPtr):
(JSC::FTL::Output::loadFloat):
(JSC::FTL::Output::loadDouble):
(JSC::FTL::Output::store32As8):
(JSC::FTL::Output::store32As16):
(JSC::FTL::Output::store32):
(JSC::FTL::Output::store64):
(JSC::FTL::Output::storePtr):
(JSC::FTL::Output::storeFloat):
(JSC::FTL::Output::storeDouble):
(JSC::FTL::Output::addPtr):
(JSC::FTL::Output::loadFloatToDouble): Deleted.
(JSC::FTL::Output::store16): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193943 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoBuild fix
mmaxfield@apple.com [Fri, 11 Dec 2015 03:51:29 +0000 (03:51 +0000)]
Build fix

Unreviewed.

* platform/graphics/cocoa/FontCocoa.mm:
(WebCore::smallCapsTrueTypeDictionary):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193942 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoConsider still matching an address expression even if B3 has already assigned a Tmp...
fpizlo@apple.com [Fri, 11 Dec 2015 03:41:18 +0000 (03:41 +0000)]
Consider still matching an address expression even if B3 has already assigned a Tmp to it
https://bugs.webkit.org/show_bug.cgi?id=150777

Reviewed by Geoffrey Garen.

We need some heuristic for when an address should be computed as a separate instruction. It's
usually profitable to sink the address into the memory access. The previous heuristic meant that
the address would get separate instructions if it was in a separate block from the memory access.
This was messing up codegen of things like PutByVal out-of-bounds, where the address is computed
in one block and then used in another. I don't think that which block owns the address
computation should factor into any heuristic here, since it's so fragile: the compiler may lower
something by splitting blocks and we don't want this to ruin performance.

So, this replaces that heuristic with a more sensible one: the address computation gets its own
instruction if it has a lot of uses. In practice this means that we always sink the address
computation into the memory access.

* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::effectiveAddr):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193941 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMordernize viewport dumping
simon.fraser@apple.com [Fri, 11 Dec 2015 02:24:09 +0000 (02:24 +0000)]
Mordernize viewport dumping
https://bugs.webkit.org/show_bug.cgi?id=152159

Reviewed by Zalan Bujtas.

Use groupings to simplify the viewport configuration dumping code.

* page/ViewportConfiguration.cpp:
(WebCore::operator<<):
(WebCore::ViewportConfiguration::description):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193940 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[CSP] eval() is not blocked for stringified literals
dbates@webkit.org [Fri, 11 Dec 2015 02:08:31 +0000 (02:08 +0000)]
[CSP] eval() is not blocked for stringified literals
https://bugs.webkit.org/show_bug.cgi?id=152158
<rdar://problem/15775625>

Reviewed by Saam Barati.

Source/JavaScriptCore:

Fixes an issue where stringified literals can be eval()ed despite being disallowed by
Content Security Policy of the page.

* interpreter/Interpreter.cpp:
(JSC::eval): Throw a JavaScript EvalError exception if eval() is disallowed for the page
and return undefined.
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncEval): Ditto.

LayoutTests:

Update test LayoutTests/http/tests/security/contentSecurityPolicy/eval-blocked.html to be
more comprehensive.

Add tests to ensure that we block eval() from within an external JavaScript script when the
policy of the page disallows eval() and that we block eval() inside a subframe that disallows
eval() when the page in the main frame allows eval().

* http/tests/security/contentSecurityPolicy/eval-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/eval-blocked-in-external-script-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/eval-blocked-in-external-script.html: Added.
* http/tests/security/contentSecurityPolicy/eval-blocked-in-subframe-expected.txt: Copied from LayoutTests/http/tests/security/contentSecurityPolicy/eval-blocked-expected.txt.
* http/tests/security/contentSecurityPolicy/eval-blocked-in-subframe.html: Added.
* http/tests/security/contentSecurityPolicy/eval-blocked.html:
* http/tests/security/contentSecurityPolicy/resources/eval-blocked-in-external-script.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193939 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix jsc symlink creation on iOS
commit-queue@webkit.org [Fri, 11 Dec 2015 02:06:59 +0000 (02:06 +0000)]
Fix jsc symlink creation on iOS
https://bugs.webkit.org/show_bug.cgi?id=152155

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-12-10
Reviewed by Dan Bernstein.

* JavaScriptCore.xcodeproj/project.pbxproj:
Switch from INSTALL_PATH_ACTUAL to just INSTALL_PATH.
Remove now unnecessary INSTALL_PATH_PREFIX use as well.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193938 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemote Inspector: Verify the identity of the other side of XPC connections
joepeck@webkit.org [Fri, 11 Dec 2015 01:37:05 +0000 (01:37 +0000)]
Remote Inspector: Verify the identity of the other side of XPC connections
https://bugs.webkit.org/show_bug.cgi?id=152153

Reviewed by Brian Burg.

Source/JavaScriptCore:

* JavaScriptCore.xcodeproj/project.pbxproj:
Link with the Security framework.

* inspector/remote/RemoteInspectorXPCConnection.h:
* inspector/remote/RemoteInspectorXPCConnection.mm:
(auditTokenHasEntitlement):
(Inspector::RemoteInspectorXPCConnection::handleEvent):
(Inspector::RemoteInspectorXPCConnection::RemoteInspectorXPCConnection): Deleted.
When receiving the first message, verify the XPC connection
is connected to who we thought we were connected to and
Bail if it isn't.

Source/WebCore:

* WebCore.xcodeproj/project.pbxproj:
* platform/network/mac/CertificateInfoMac.mm:
Use the new header.

Source/WebKit2:

* Shared/mac/SandboxUtilities.mm:
* UIProcess/ApplicationStateTracker.mm:
Use new header.

Source/WTF:

* WTF.xcodeproj/project.pbxproj:
* wtf/spi/cocoa/SecuritySPI.h: Renamed from Source/WebCore/platform/spi/cocoa/SecuritySPI.h.
Push this down into WTF from WebCore and add a new method.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193937 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoModern IDB: storage/indexeddb/delete-in-upgradeneeded-close-in-versionchange.html...
beidson@apple.com [Fri, 11 Dec 2015 01:35:17 +0000 (01:35 +0000)]
Modern IDB: storage/indexeddb/delete-in-upgradeneeded-close-in-versionchange.html fails
https://bugs.webkit.org/show_bug.cgi?id=152144

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (At least two failing tests now pass, and other incorrect tests updated to be more correct).

- An IDBOpenDBRequest resulting in a versionchange transaction should not have the onsuccess event fire if
  the database connection was closed during the versionchange transaction. onerror should fire instead.
- When firing an event at an IDBRequest, it should not have the transaction as an additional target if the
  transaction has finished.
- When firing an event at an IDBRequest, it should not have the database as an additional target if the
  database is closed or is closing.

* Modules/indexeddb/client/IDBDatabaseImpl.h:
(WebCore::IDBClient::IDBDatabase::isClosingOrClosed):

* Modules/indexeddb/client/IDBOpenDBRequestImpl.cpp:
(WebCore::IDBClient::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion):
(WebCore::IDBClient::IDBOpenDBRequest::fireErrorAfterVersionChangeAbort): Deleted.
* Modules/indexeddb/client/IDBOpenDBRequestImpl.h:

* Modules/indexeddb/client/IDBRequestImpl.cpp:
(WebCore::IDBClient::IDBRequest::dispatchEvent): Don't add finished transactions or closed databases as event targets.

* Modules/indexeddb/client/IDBTransactionImpl.cpp:
(WebCore::IDBClient::IDBTransaction::notifyDidAbort):
(WebCore::IDBClient::IDBTransaction::dispatchEvent): If this was a versionchange transaction completing, possibly fire
  the error event on the OpenDBRequest instead of the success event.
* Modules/indexeddb/client/IDBTransactionImpl.h:
(WebCore::IDBClient::IDBTransaction::isFinished):

LayoutTests:

* platform/mac-wk1/TestExpectations:
* storage/indexeddb/modern/abort-requests-cancelled-expected.txt:
* storage/indexeddb/modern/aborted-put-expected.txt:
* storage/indexeddb/modern/createobjectstore-basic-expected.txt:
* storage/indexeddb/modern/deletedatabase-2-expected.txt:
* storage/indexeddb/modern/deletedatabase-2.html:
* storage/indexeddb/modern/deleteindex-2-expected.txt:
* storage/indexeddb/modern/deleteobjectstore-1-expected.txt:
* storage/indexeddb/modern/opendatabase-versions-expected.txt:
* storage/indexeddb/modern/opendatabase-versions.html:
* storage/indexeddb/modern/versionchange-abort-then-reopen-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193936 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Win] Support building under Cygwin or native Perl
bfulgham@apple.com [Fri, 11 Dec 2015 01:21:29 +0000 (01:21 +0000)]
[Win] Support building under Cygwin or native Perl
https://bugs.webkit.org/show_bug.cgi?id=152145
<rdar://problem/23839868>

Reviewed by David Kilzer.

* Source/cmake/tools/scripts/auto-version.pl: Correct handling of mixed DOS filenames when used in a
Cygwin context.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193935 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSimple line layout: Use TextPainter to draw simple line text.
zalan@apple.com [Fri, 11 Dec 2015 01:19:03 +0000 (01:19 +0000)]
Simple line layout: Use TextPainter to draw simple line text.
https://bugs.webkit.org/show_bug.cgi?id=152150

Reviewed by Simon Fraser.

No change in functionality.

* rendering/SimpleLineLayoutFunctions.cpp:
(WebCore::SimpleLineLayout::paintFlow):
* rendering/TextPainter.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193934 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[JSC] Add a Modulo operator to B3, and a chill variant
commit-queue@webkit.org [Fri, 11 Dec 2015 00:31:51 +0000 (00:31 +0000)]
[JSC] Add a Modulo operator to B3, and a chill variant
https://bugs.webkit.org/show_bug.cgi?id=152110

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-12-10
Reviewed by Geoffrey Garen.

It is basically refactoring the Div and ChillDiv
code to be used by both opcodes.

* b3/B3Common.h:
(JSC::B3::chillDiv):
(JSC::B3::chillMod):
* b3/B3Const32Value.cpp:
(JSC::B3::Const32Value::modConstant):
* b3/B3Const32Value.h:
* b3/B3Const64Value.cpp:
(JSC::B3::Const64Value::modConstant):
* b3/B3Const64Value.h:
* b3/B3ConstDoubleValue.cpp:
(JSC::B3::ConstDoubleValue::modConstant):
* b3/B3ConstDoubleValue.h:
* b3/B3LowerMacros.cpp:
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
(JSC::B3::Air::LowerToAir::lowerX86Div):
* b3/B3Opcode.cpp:
(WTF::printInternal):
* b3/B3Opcode.h:
* b3/B3ReduceStrength.cpp:
* b3/B3Validate.cpp:
* b3/B3Value.cpp:
(JSC::B3::Value::modConstant):
(JSC::B3::Value::effects):
(JSC::B3::Value::key):
(JSC::B3::Value::typeFor):
* b3/B3Value.h:
* b3/testb3.cpp:
(JSC::B3::testModArgDouble):
(JSC::B3::testModArgsDouble):
(JSC::B3::testModArgImmDouble):
(JSC::B3::testModImmArgDouble):
(JSC::B3::testModImmsDouble):
(JSC::B3::testModArgFloat):
(JSC::B3::testModArgsFloat):
(JSC::B3::testModArgImmFloat):
(JSC::B3::testModImmArgFloat):
(JSC::B3::testModImmsFloat):
(JSC::B3::testModArg):
(JSC::B3::testModArgs):
(JSC::B3::testModImms):
(JSC::B3::testModArg32):
(JSC::B3::testModArgs32):
(JSC::B3::testModImms32):
(JSC::B3::testChillModArg):
(JSC::B3::testChillModArgs):
(JSC::B3::testChillModImms):
(JSC::B3::testChillModArg32):
(JSC::B3::testChillModArgs32):
(JSC::B3::testChillModImms32):
(JSC::B3::run):
* ftl/FTLB3Output.h:
(JSC::FTL::Output::mod):
(JSC::FTL::Output::chillMod):
(JSC::FTL::Output::doubleMod):
(JSC::FTL::Output::rem): Deleted.
(JSC::FTL::Output::doubleRem): Deleted.
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::DFG::LowerDFGToLLVM::compileArithMod):
* ftl/FTLOutput.cpp:
(JSC::FTL::Output::chillMod):
* ftl/FTLOutput.h:
(JSC::FTL::Output::mod):
(JSC::FTL::Output::doubleMod):
(JSC::FTL::Output::rem): Deleted.
(JSC::FTL::Output::doubleRem): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193933 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Font Features] r193894 introduces leaks
mmaxfield@apple.com [Fri, 11 Dec 2015 00:05:00 +0000 (00:05 +0000)]
[Font Features] r193894 introduces leaks
https://bugs.webkit.org/show_bug.cgi?id=152154

Reviewed by Joe Pecoraro.

* platform/graphics/cocoa/FontCocoa.mm:
(WebCore::smallCapsTrueTypeDictionary):
(WebCore::createCTFontWithoutSynthesizableFeatures):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193932 268f45cc-cd09-0410-ab3c-d52691b4dbfc