WebKit-https.git
4 years agoJSC should detect the right default locale even when it's not embedded in WebCore
fpizlo@apple.com [Wed, 18 May 2016 02:11:19 +0000 (02:11 +0000)]
JSC should detect the right default locale even when it's not embedded in WebCore
https://bugs.webkit.org/show_bug.cgi?id=157755
rdar://problem/24665424

Reviewed by Keith Miller.

This makes JSC try to use WTF's platform user preferred language detection if the DOM did
not register a defaultLanguage callback. The result is that when JSC runs standalone it
will detect the platform user preferred language almost the same way as when it's embedded
in WebCore. The only difference is that WebCore may have its own additional overrides via
the WK API. But in the absence of overrides, WebCore uses the same WTF logic that JSC falls
back to.

We first found this bug because on iOS, the intl tests would fail because ICU would report
a somewhat bogus locale on that platform. Prior to this change, standalone JSC would fall
back to ICU's locale detection. It turns out that the ICU default locale is also bogus on
OS X, just less so. For example, setting things to Poland did not result in the jsc shell
printing dates Polish-style. Now it will print them Polish-style if your system preferences
say so. Also, the tests don't fail on iOS anymore.

* runtime/IntlObject.cpp:
(JSC::defaultLocale):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd media query support for wide gamut displays on Mac
dino@apple.com [Wed, 18 May 2016 02:07:11 +0000 (02:07 +0000)]
Add media query support for wide gamut displays on Mac
https://bugs.webkit.org/show_bug.cgi?id=157824
<rdar://problem/26333137>

Reviewed by Simon Fraser.

Source/WebCore:

Implement the Mac version of the color-gamut media query
by filling out the screenSupportsExtendedColor function.

On Yosemite, we always return false. On El Capitan, we
can check the ColorProfile via ColorSync to see if the
screen is wide gamut.

There is already a test in fast/media/mq-color-gamut.html

* css/MediaQueryEvaluator.cpp:
(WebCore::color_gamutMediaFeatureEval): Pass the mainFrame's view
to screenSupportsExtendedColor, so that it can fetch the NSScreen.
* platform/PlatformScreen.h: screenSupportsExtendedColor now takes
an optional Widget parameter.
* platform/ios/PlatformScreenIOS.mm:
(WebCore::screenSupportsExtendedColor): Add empty parameter.
* platform/mac/PlatformScreenMac.mm:
(WebCore::screenSupportsExtendedColor): Get the NSWindow, then the
NSScreen, then the ColorSpace, then the ColorSyncProfile, and
check if it is a wide gamut profile.
* platform/spi/cg/CoreGraphicsSPI.h: Add the SPI declarations.

LayoutTests:

Remove the check for sRGB, since it is confusingly false
on browsers that don't implement this query, and is likely
to be dropped from the specification.

Also, make the text readable.

* fast/media/mq-color-gamut-expected.html:
* fast/media/mq-color-gamut.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201065 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, fix Darin's post-mortem review comments for r201052.
cdumez@apple.com [Wed, 18 May 2016 01:26:11 +0000 (01:26 +0000)]
Unreviewed, fix Darin's post-mortem review comments for r201052.

* rendering/RenderFieldset.cpp:
(WebCore::RenderFieldset::findLegend):
* rendering/svg/SVGRenderSupport.cpp:
(WebCore::SVGRenderSupport::layoutChildren):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201064 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Remove TimelineSidebarPanel.js as it's no longer referenced anywhere
mattbaker@apple.com [Wed, 18 May 2016 00:13:24 +0000 (00:13 +0000)]
Web Inspector: Remove TimelineSidebarPanel.js as it's no longer referenced anywhere
https://bugs.webkit.org/show_bug.cgi?id=157819

Reviewed by Timothy Hatcher.

* UserInterface/Views/TimelineSidebarPanel.js: Removed.
Removed unused file.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201057 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMake handleAcceptedCandidate a public function
bdakin@apple.com [Tue, 17 May 2016 23:24:19 +0000 (23:24 +0000)]
Make handleAcceptedCandidate a public function
https://bugs.webkit.org/show_bug.cgi?id=157763
-and corresponding-
rdar://problem/26206397

Reviewed by Tim Horton.

Source/WebCore:

Define handleAcceptedCandidateWithSoftSpaces on EditorClient so that it can
be invoked on any EditorClient.
* loader/EmptyClients.h:
* page/EditorClient.h:
(WebCore::EditorClient::handleAcceptedCandidateWithSoftSpaces):

Source/WebKit/mac:

This patch re-names handleAcceptedCandidate to
handleAcceptedCandidateWithSoftSpaces. The function now takes a
WebCore::TextCheckingResult instead of an NSTextCheckingResult and it can be
called from outside of WebEditorClient.

* WebCoreSupport/WebEditorClient.h:
* WebCoreSupport/WebEditorClient.mm:
(WebEditorClient::handleRequestedCandidates):
(WebEditorClient::handleAcceptedCandidateWithSoftSpaces):
(textCheckingResultFromNSTextCheckingResult): Deleted.
(WebEditorClient::handleAcceptedCandidate): Deleted.

Move showCandidates to WebViewPrivate so that it can be overridden by a test.
* WebView/WebViewInternal.h:
* WebView/WebViewPrivate.h:

Source/WebKit2:

This patch makes handleAcceptedCandidate a public member of WebViewImpl
instead of a private member.
* UIProcess/Cocoa/WebViewImpl.h:
(WebKit::WebViewImpl::createWeakPtr):

Tools:

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit2Cocoa/autofocused-text-input.html: Added.
* TestWebKitAPI/Tests/mac/ViewWithEditableAreaLeak.mm: Added.
(-[DoNotLeakWebView dealloc]):
(-[DoNotLeakWebView showCandidates:forString:inRect:forSelectedRange:view:completionHandler:]):
(-[DoNotLeakFrameLoadDelegate webView:didFinishLoadForFrame:]):
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed debug build fix after r201052.
cdumez@apple.com [Tue, 17 May 2016 23:22:30 +0000 (23:22 +0000)]
Unreviewed debug build fix after r201052.

* rendering/svg/RenderSVGText.cpp:
(WebCore::findPreviousAndNextAttributes): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201055 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION(r192855): Math.random() always produces the same first 7 decimal points...
commit-queue@webkit.org [Tue, 17 May 2016 22:52:47 +0000 (22:52 +0000)]
REGRESSION(r192855): Math.random() always produces the same first 7 decimal points the first two invocations
https://bugs.webkit.org/show_bug.cgi?id=157805
<rdar://problem/26327851>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-05-17
Reviewed by Geoffrey Garen.

Source/WTF:

* wtf/WeakRandom.h:
(WTF::WeakRandom::setSeed):
Advance once to randomize the 32bit seed across the 128bit state
and avoid re-using 64bits of state in the second advance.

LayoutTests:

* js/dom/math-random-initial-values-expected.txt: Added.
* js/dom/math-random-initial-values.html: Added.
* js/resources/math-random-initial-values-iframe.html: Added.
Test that less then 5% of the time, early Math.random invocations
produce very similiar values. Before this change we were failing
100%, but after we see similiar values mostly around 0-3%.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201053 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUse RenderChildIterator more for traversing a renderer's children
cdumez@apple.com [Tue, 17 May 2016 22:39:00 +0000 (22:39 +0000)]
Use RenderChildIterator more for traversing a renderer's children
https://bugs.webkit.org/show_bug.cgi?id=157811

Reviewed by Antti Koivisto.

Use RenderChildIterator more for traversing a renderer's children.

* inspector/InspectorLayerTreeAgent.cpp:
(WebCore::InspectorLayerTreeAgent::layersForNode):
(WebCore::InspectorLayerTreeAgent::gatherLayersUsingRenderObjectHierarchy):
* inspector/InspectorLayerTreeAgent.h:
* rendering/AutoTableLayout.cpp:
(WebCore::AutoTableLayout::recalcColumn):
* rendering/InlineIterator.h:
(WebCore::isEmptyInline):
* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::addFocusRingRects):
* rendering/RenderBox.cpp:
(WebCore::RenderBox::positionForPoint):
* rendering/RenderElement.cpp:
(WebCore::RenderElement::updateOutlineAutoAncestor):
* rendering/RenderElement.h:
* rendering/RenderFieldset.cpp:
(WebCore::RenderFieldset::findLegend):
* rendering/RenderFieldset.h:
* rendering/RenderInline.cpp:
(WebCore::RenderInline::generateCulledLineBoxRects):
(WebCore::RenderInline::culledInlineFirstLineBox):
(WebCore::RenderInline::culledInlineVisualOverflowBoundingBox):
(WebCore::RenderInline::dirtyLineBoxes):
* rendering/RenderListItem.cpp:
(WebCore::getParentOfFirstLineBox):
* rendering/RenderObject.cpp:
(WebCore::RenderObject::setFlowThreadStateIncludingDescendants):
(WebCore::RenderObject::addAbsoluteRectForLayer):
(WebCore::RenderObject::paintingRootRect):
(WebCore::RenderObject::removeFromRenderFlowThreadIncludingDescendants):
(WebCore::RenderObject::invalidateFlowThreadContainingBlockIncludingDescendants):
(WebCore::RenderObject::updateDragState):
* rendering/RenderTable.cpp:
(WebCore::RenderTable::firstColumn):
* rendering/RenderTableCol.cpp:
(WebCore::RenderTableCol::clearPreferredLogicalWidthsDirtyBits):
* rendering/RenderTableSection.cpp:
(WebCore::RenderTableSection::layoutRows):
* rendering/RenderTreeAsText.cpp:
(WebCore::write):
* rendering/svg/RenderSVGText.cpp:
(WebCore::findPreviousAndNextAttributes):
(WebCore::RenderSVGText::subtreeChildWasAdded):
(WebCore::RenderSVGText::subtreeChildWillBeRemoved):
* rendering/svg/SVGRenderSupport.cpp:
(WebCore::updateObjectBoundingBox):
(WebCore::SVGRenderSupport::computeContainerBoundingBoxes):
(WebCore::SVGRenderSupport::layoutChildren):
* rendering/svg/SVGTextLayoutAttributesBuilder.cpp:
(WebCore::SVGTextLayoutAttributesBuilder::collectTextPositioningElements):
* rendering/svg/SVGTextMetricsBuilder.cpp:
(WebCore::SVGTextMetricsBuilder::walkTree):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201052 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove ES6_GENERATORS flag
dino@apple.com [Tue, 17 May 2016 22:34:45 +0000 (22:34 +0000)]
Remove ES6_GENERATORS flag
https://bugs.webkit.org/show_bug.cgi?id=157815
<rdar://problem/26332894>

Reviewed by Geoffrey Garen.

This flag isn't needed. Generators are enabled everywhere and
part of a stable specification.

.:

* Source/cmake/OptionsWin.cmake:
* Source/cmake/WebKitFeatures.cmake:
* Source/cmake/tools/vsprops/FeatureDefines.props:
* Source/cmake/tools/vsprops/FeatureDefinesCairo.props:

Source/JavaScriptCore:

* Configurations/FeatureDefines.xcconfig:
* parser/Parser.cpp:
(JSC::Parser<LexerType>::parseFunctionDeclaration): Deleted.
(JSC::Parser<LexerType>::parseClass): Deleted.
(JSC::Parser<LexerType>::parseExportDeclaration): Deleted.
(JSC::Parser<LexerType>::parseAssignmentExpression): Deleted.
(JSC::Parser<LexerType>::parseProperty): Deleted.
(JSC::Parser<LexerType>::parseFunctionExpression): Deleted.

Source/WebCore:

* Configurations/FeatureDefines.xcconfig:

Source/WebKit/mac:

* Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

* Configurations/FeatureDefines.xcconfig:

Source/WTF:

* wtf/FeatureDefines.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201051 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION: JetStream crashes on some iPhones
ggaren@apple.com [Tue, 17 May 2016 22:27:21 +0000 (22:27 +0000)]
REGRESSION: JetStream crashes on some iPhones
https://bugs.webkit.org/show_bug.cgi?id=157814

Reviewed by Michael Saboff.

* bmalloc/Sizes.h: Reduce smallMax to 32kB.

Previous justification for 64kB was:

    * bmalloc/Sizes.h: Upped smallMax to 64kB. Upping to 32kB is pretty
    reasonable, since sizes between 16kB and 32kB share page sizes. I went
    all the way up to 64kB because the GC uses 64kB blocks, and also just
    for extra padding to ensure that large allocations are indeed rare.

It turns out that the bump to 64kB substantially increases our memory
high water mark on JetStream, leading to jetsam crashes. Also, there
doesn't seem to be a practical performance problem to putting objects in
the (32kB - 64kB) range in the large allocator.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201050 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRollout r200426 since it causes PLT regressions.
keith_miller@apple.com [Tue, 17 May 2016 22:19:59 +0000 (22:19 +0000)]
Rollout r200426 since it causes PLT regressions.
https://bugs.webkit.org/show_bug.cgi?id=157812

Unreviewed rollout of r200426 since the bots see a ~.6% PLT regression from the patch.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201049 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: inspector tests should redirect and log console.trace() calls in test...
bburg@apple.com [Tue, 17 May 2016 22:04:48 +0000 (22:04 +0000)]
Web Inspector: inspector tests should redirect and log console.trace() calls in test output
https://bugs.webkit.org/show_bug.cgi?id=157802
<rdar://problem/26325671>

Reviewed by Timothy Hatcher.

* UserInterface/Test/FrontendTestHarness.js:
(FrontendTestHarness.prototype.redirectConsoleToTestOutput.createProxyConsoleHandler):
Remove bind() that is now unnecessary. Also redirect console.warn.

(FrontendTestHarness.prototype.redirectConsoleToTestOutput):
For console.trace(), throw and catch a dummy Error to get a stack trace.
Do some post processing on it to remove useless frames and sanitize file paths.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201048 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Filtering huge data grids should yield occasionally so the UI remains...
bburg@apple.com [Tue, 17 May 2016 21:38:17 +0000 (21:38 +0000)]
Web Inspector: Filtering huge data grids should yield occasionally so the UI remains responsive
https://bugs.webkit.org/show_bug.cgi?id=157702
<rdar://problem/26282898>

Based on a patch by Matt Baker <mattbaker@apple.com> on 2016-05-16
Reviewed by Timothy Hatcher.

Source/WebInspectorUI:

This patch adds a new class, YieldableTask, for processing large
data sets without starving the runloop. A yieldable task takes a delegate,
an iterator that produces the items to be processed by the delegate, and
the "work interval" time slice and "idle interval" to wait between time slices.
It works by using `yield` to suspend processing when the current time
slice is exceeded, and setting a timeout to wait out the idle interval.

The iterator is responsible for deciding a good traversal order for items,
and the delegate is responsible for processing each item in turn. Tasks
cannot be reused once cancelled or processing completes.

Change DataGrid to use a yieldable task for filtering data grid nodes.
When the filtering criteria changes, cancel the task and run a new task.

* UserInterface/Base/YieldableTask.js: Added.
(WebInspector.YieldableTask.prototype.get processing):
(WebInspector.YieldableTask.prototype.get cancelled):
(WebInspector.YieldableTask.prototype.get idleInterval):
(WebInspector.YieldableTask.prototype.get workInterval):
Add getters.

(WebInspector.YieldableTask.prototype.start.createIteratorForProcessingItems):
(WebInspector.YieldableTask.prototype.start):
Set up an iterator that cranks through items to be processed until the
time slice is exceeded. Check to see if the task is cancelled before and
after calling out to the delegate to perform processing on the item.

(WebInspector.YieldableTask.prototype.cancel):
Set the cancel flag. Tell the delegate the task is finished soon.

(WebInspector.YieldableTask.prototype._processPendingItems):
Request the next item from the cranking iterator so it tries to process
more items. If it yields but still has more items to process, set a timeout
and continue processing more items after the idle interval.

(WebInspector.YieldableTask.prototype._willYield): Notify the delegate.
(WebInspector.YieldableTask.prototype._didFinish): Clear state and notify.
(WebInspector.YieldableTask):

* UserInterface/Main.html:
* UserInterface/Test.html: Add new file.

* UserInterface/Views/DataGrid.js:
(WebInspector.DataGrid):
(WebInspector.DataGrid.prototype.filterDidChange):
Cancel the currently running filter task, if any exists.

(WebInspector.DataGrid.prototype._updateFilter.createIteratorForNodesToBeFiltered):
(WebInspector.DataGrid.prototype._updateFilter):
Set up and start a new filtering task when the filter updates.

(WebInspector.DataGrid.prototype.yieldableTaskWillProcessItem):
(WebInspector.DataGrid.prototype.yieldableTaskDidYield):
(WebInspector.DataGrid.prototype.yieldableTaskDidFinish):
Batch up notifications about filtered nodes changing since this can
cause a lot of unnecessary work by event listeners.

LayoutTests:

Add tests for new Inspector utility class YieldableTask.

* inspector/unit-tests/yieldable-task-expected.txt: Added.
* inspector/unit-tests/yieldable-task.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoBitmapImage::destroyDecodedDataIfNecessary() should only count frames with image...
simon.fraser@apple.com [Tue, 17 May 2016 21:28:57 +0000 (21:28 +0000)]
BitmapImage::destroyDecodedDataIfNecessary() should only count frames with image data
https://bugs.webkit.org/show_bug.cgi?id=157779

Reviewed by Tim Horton.

BitmapImage::destroyDecodedDataIfNecessary() throws away all frames of an image if the
decoded frame size exceeds a threshold. However, it counts all frames, whether or not
they have an image (some frames may only have metadata, but m_frameBytes still returns
height*width*4).

Fix by only count m_frameBytes for frames that have an image.

* platform/graphics/BitmapImage.cpp:
(WebCore::BitmapImage::destroyDecodedDataIfNecessary):
* platform/graphics/BitmapImage.h:
(WebCore::FrameData::FrameData):
(WebCore::FrameData::usedFrameBytes):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201043 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoTemporarily enable Experimental Features
dino@apple.com [Tue, 17 May 2016 21:24:09 +0000 (21:24 +0000)]
Temporarily enable Experimental Features
https://bugs.webkit.org/show_bug.cgi?id=157810
<rdar://problem/26330804>

Reviewed by Anders Carlsson.

We currently don't have good UI for enabling these features,
which would mean Safari Technology Preview users would
never be able to turn them on… unless we enable them by
default temporarily.

* Shared/WebPreferencesDefinitions.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201042 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd a subtitle under platform name in the summary page
rniwa@webkit.org [Tue, 17 May 2016 21:17:28 +0000 (21:17 +0000)]
Add a subtitle under platform name in the summary page
https://bugs.webkit.org/show_bug.cgi?id=157809

Reviewed by Chris Dumez.

Add a description beneath the platform names.

* public/v3/pages/summary-page.js:
(SummaryPage.prototype._constructTable): Add a br and a span if subtitle is present.
(SummaryPage.cssTemplate): Added CSS rules for .subtitle.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201041 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoOptimize layer repaint rect computation and painting.
hyatt@apple.com [Tue, 17 May 2016 21:02:01 +0000 (21:02 +0000)]
Optimize layer repaint rect computation and painting.
https://bugs.webkit.org/show_bug.cgi?id=157631

Reviewed by Zalan Bujtas.

This patch changes the computation of repaint rects to be for self-painting layers
only. In addition, hasBoxDecorations() has been changed to hasVisibleBoxDecorations(),
and it will no longer be set for transparent borders.

For scrolling layer position updating, visually empty layers have their repaint rects
cleared, and we don't compute repaint rects during the scroll. We would like to do this
all the time, but computeRepaintRects can be called at times when the visually empty
state is stale/unknown. For now we limit it to scrolling, since we know that the layer's
visually empty state is correct.

* rendering/InlineFlowBox.cpp:
(WebCore::InlineFlowBox::paintBoxDecorations):
* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::paintObject):
* rendering/RenderBlockLineLayout.cpp:
(WebCore::RenderBlockFlow::layoutRunsAndFloats):
* rendering/RenderBox.cpp:
(WebCore::RenderBox::updateFromStyle):
(WebCore::RenderBox::paintBoxDecorations):
* rendering/RenderBoxModelObject.cpp:
(WebCore::RenderBoxModelObject::willBeDestroyed):
(WebCore::RenderBoxModelObject::hasVisibleBoxDecorationStyle):
(WebCore::RenderBoxModelObject::updateFromStyle):
(WebCore::RenderBoxModelObject::hasBoxDecorationStyle): Deleted.
* rendering/RenderBoxModelObject.h:
* rendering/RenderElement.cpp:
(WebCore::RenderElement::styleWillChange):
(WebCore::mustRepaintBackgroundOrBorder):
* rendering/RenderImage.cpp:
(WebCore::RenderImage::imageChanged):
* rendering/RenderInline.cpp:
(WebCore::RenderInline::styleDidChange):
* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::RenderLayer):
(WebCore::RenderLayer::updateLayerPositions):
(WebCore::RenderLayer::repaintRectIncludingNonCompositingDescendants):
(WebCore::RenderLayer::computeRepaintRects):
(WebCore::RenderLayer::clearRepaintRects):
(WebCore::RenderLayer::updateLayerPositionsAfterScroll):
(WebCore::RenderLayer::scrollTo):
(WebCore::RenderLayer::calculateClipRects):
* rendering/RenderLayer.h:
* rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::updateDrawsContent):
(WebCore::RenderLayerBacking::compositingOpacity):
(WebCore::hasVisibleBoxDecorations):
(WebCore::canCreateTiledImage):
(WebCore::hasVisibleBoxDecorationsOrBackgroundImage):
(WebCore::supportsDirectBoxDecorationsComposition):
(WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer):
(WebCore::RenderLayerBacking::containsPaintedContent):
(WebCore::RenderLayerBacking::isDirectlyCompositedImage):
(WebCore::hasBoxDecorations): Deleted.
(WebCore::hasBoxDecorationsOrBackgroundImage): Deleted.
* rendering/RenderLayerModelObject.cpp:
(WebCore::RenderLayerModelObject::styleDidChange):
* rendering/RenderNamedFlowFragment.cpp:
(WebCore::RenderNamedFlowFragment::setObjectStyleInRegion):
* rendering/RenderObject.h:
(WebCore::RenderObject::hasVisibleBoxDecorations):
(WebCore::RenderObject::setFloating):
(WebCore::RenderObject::setInline):
(WebCore::RenderObject::computeBackgroundIsKnownToBeObscured):
(WebCore::RenderObject::setSelectionStateIfNeeded):
(WebCore::RenderObject::setHasVisibleBoxDecorations):
(WebCore::RenderObject::invalidateBackgroundObscurationStatus):
(WebCore::RenderObject::hasBoxDecorations): Deleted.
(WebCore::RenderObject::setHasBoxDecorations): Deleted.
* rendering/RenderReplaced.cpp:
(WebCore::RenderReplaced::paint):
* rendering/RenderTable.cpp:
(WebCore::RenderTable::paintObject):
(WebCore::RenderTable::paintBoxDecorations):
* rendering/RenderTableCell.cpp:
(WebCore::RenderTableCell::styleDidChange):
* rendering/RenderWidget.cpp:
(WebCore::RenderWidget::paint):
* rendering/style/BorderData.h:
(WebCore::BorderData::hasBorder):
(WebCore::BorderData::hasVisibleBorder):
(WebCore::BorderData::hasFill):
(WebCore::BorderData::hasBorderRadius):
* rendering/style/RenderStyle.h:
* rendering/svg/RenderSVGRoot.cpp:
(WebCore::RenderSVGRoot::layout):
(WebCore::RenderSVGRoot::styleDidChange):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201040 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd test262 harness support code
keith_miller@apple.com [Tue, 17 May 2016 20:38:36 +0000 (20:38 +0000)]
Add test262 harness support code
https://bugs.webkit.org/show_bug.cgi?id=157797

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

This patch adds some new tooling needed to run Test262 with the jsc
CLI. There were three options that needed to be added for Test262:

1) "--test262-async" This option overrides the print function in the test runner to look for
'Test262:AsyncTestComplete' instead of printing the passed text. If test262-async mode is on
and that string is not passed then the test is marked as failing.

2) "--strict-file=<file>" This option appends `"use strict";\n` to the beginning of the
passed file before passing the source code to the VM. This option can, in theory, be passed
multiple times.

3) "--exception=<name>" This option asserts that at the end of the last script file passed
the VM has an uncaught exception with its name property equal to the passed name.

* jsc.cpp:
(Script::Script):
(fillBufferWithContentsOfFile):
(functionPrint):
(checkUncaughtException):
(runWithScripts):
(printUsageStatement):
(CommandLine::parseArguments):
(runJSC):

Tools:

The import-test262-tests script is used to generate the yaml file used to run test262. It
takes a path to the local copy of the Test262 repository as well as an optional path to file
containing a list of failures. This script currently just creates the yaml file used to run
the script. It does not relocate the test files into our tests directory. In the future I
plan to add that feature but it didn't seem essential for the first iteration. Since many
test262 tests need to be run in both strict and non-strict mode, import-test262-tests
creates two separate runs for those tests. This enables us to distinguish between failures
in only one of the two modes.

This patch also updates the run-jsc-stress-tests Script to run tests from Test262. In order
to do so two new run commands were needed runTest262 and prepareTest262Fixture. runTest262
takes an actual test file along with the metadata associated with it. prepareTest262Fixture
takes a fixture file (used by module tests for importing) and makes sure that file is
properly relocated to the test runner directory.

The proccess I used to import the tests was to first run import-test262-tests to create a
yaml for all the tests (import-test262-tests assumes all tests pass if to failures file is
passed). Then I ran the generated yaml file with "run-jsc-stress-tests -v -c 1" piping the
output to a file and collected all the lines with "FAIL" in it. Finally, I reran
import-test262-tests with the new failure file to create the final yaml.

* Scripts/import-test262-tests: Added.
* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201039 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWTF should know about Language
fpizlo@apple.com [Tue, 17 May 2016 19:38:51 +0000 (19:38 +0000)]
WTF should know about Language
https://bugs.webkit.org/show_bug.cgi?id=157756

Source/JavaScriptCore:

Reviewed by Geoffrey Garen.

Teach our scripts that a ObjC class beginning with WTF is totally cool.

* JavaScriptCore.xcodeproj/project.pbxproj:

Source/WebCore:

Reviewed by Geoffrey Garen.

No new tests because this does not change behavior.

This change is all about moving some language functionality to WTF. Quoting the WTF
ChangeLog, this contains two changes:

- Move everything that WebCore's logic for getting the platform user preferred language
  depended on into WTF. This means CFBundleSPI.h and BlockObjCExceptions.h|cpp.

- Move WebCore::platformUserPreferredLanguages() to WTF::platformUserPreferredLanguages().
  This is needed by https://bugs.webkit.org/show_bug.cgi?id=157755, which will make JSC
  use this to detect the platform user preferred language when running standalone.

The changes in WebCore are mostly about rewiring #includes and #imports and removing the
code that we moved to WTF. But there is one logic change: previously,
platformUserPreferredLanguages() would call WebCore::languageDidChange(). It can't do that
directly anymore, but WTF gives WebCore some API for registering the callback. So in
Language.cpp we now register languageDidChange anytime we do something that would
necessitate it, like calling platformUserPreferredLanguages(). This also registers the
callback inside addLanguageChangeObserver(), since it's possible for that to be called
after JSC had called platformUserPreferredLanguages() but before WebCore does so.

* PlatformEfl.cmake:
* PlatformGTK.cmake:
* PlatformMac.cmake:
* PlatformWin.cmake:
* WebCore.xcodeproj/project.pbxproj:
* bindings/objc/DOMCustomXPathNSResolver.mm:
* editing/ios/EditorIOS.mm:
* editing/mac/DictionaryLookup.mm:
* editing/mac/EditorMac.mm:
* page/CaptionUserPreferencesMediaAF.cpp:
* page/ios/EventHandlerIOS.mm:
* page/ios/FrameIOS.mm:
* page/mac/ChromeMac.mm:
* page/mac/EventHandlerMac.mm:
* platform/Language.cpp:
(WebCore::registerLanguageDidChangeCallbackIfNecessary):
(WebCore::observerMap):
(WebCore::addLanguageChangeObserver):
(WebCore::overrideUserPreferredLanguages):
(WebCore::userPreferredLanguages):
* platform/Language.h:
* platform/cocoa/ContentFilterUnblockHandlerCocoa.mm:
* platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.mm:
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
* platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
* platform/graphics/ca/cocoa/PlatformCAFiltersCocoa.mm:
* platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
* platform/graphics/cocoa/FontCocoa.mm:
* platform/graphics/mac/ColorMac.mm:
* platform/graphics/mac/GraphicsContext3DMac.mm:
* platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
* platform/ios/PlatformSpeechSynthesizerIOS.mm:
* platform/ios/ScrollViewIOS.mm:
* platform/ios/WidgetIOS.mm:
* platform/mac/BlockExceptions.h: Removed.
* platform/mac/BlockExceptions.mm: Removed.
* platform/mac/CursorMac.mm:
* platform/mac/Language.mm: Removed.
* platform/mac/ScrollAnimatorMac.mm:
* platform/mac/ScrollViewMac.mm:
* platform/mac/ScrollbarThemeMac.mm:
* platform/mac/ThemeMac.mm:
* platform/mac/WidgetMac.mm:
* platform/mediastream/mac/AVVideoCaptureSource.mm:
* platform/network/mac/CookieJarMac.mm:
* platform/network/mac/ResourceErrorMac.mm:
* platform/network/mac/ResourceHandleMac.mm:
* platform/spi/cf/CFBundleSPI.h: Removed.
* platform/unix/LanguageUnix.cpp: Removed.
* platform/win/LanguageWin.cpp: Removed.

Source/WebKit/mac:

Reviewed by Geoffrey Garen.

Rewires a bunch of includes/imports.

* WebCoreSupport/PopupMenuMac.mm:
* WebCoreSupport/WebChromeClient.mm:
* WebCoreSupport/WebFrameLoaderClient.mm:
* WebCoreSupport/WebGeolocationClient.mm:
* WebCoreSupport/WebNotificationClient.mm:
* WebCoreSupport/WebPlatformStrategies.mm:
* WebCoreSupport/WebUserMediaClient.mm:
* WebCoreSupport/WebVisitedLinkStore.mm:
* WebView/WebHTMLView.mm:

Source/WebKit2:

Reviewed by Geoffrey Garen and Alexey Proskuryakov.

Rewires a bunch of includes/imports.

* Shared/mac/RemoteLayerTreePropertyApplier.mm:
* UIProcess/Launcher/mac/ProcessLauncherMac.mm:
* UIProcess/Scrolling/ios/ScrollingTreeOverflowScrollingNodeIOS.mm:
* WebProcess/WebPage/mac/PlatformCAAnimationRemote.mm:

Source/WTF:

Reviewed by Geoffrey Garen.

This contains two changes:

- Move everything that WebCore's logic for getting the platform user preferred language
  depended on into WTF. This means CFBundleSPI.h and BlockObjCExceptions.h|cpp.

- Move WebCore::platformUserPreferredLanguages() to WTF::platformUserPreferredLanguages().
  This is needed by https://bugs.webkit.org/show_bug.cgi?id=157755, which will make JSC
  use this to detect the platform user preferred language when running standalone.

Moving the dependencies accounts for a huge chunk of this change, since we have to rewire
all of the references to those headers in all of WebKit.

Moving platformUserPreferredLanguages() is mostly easy except for the weird callback.
That function would call languageDidChange(), which needs to stay in WebCore. So, this
gives WebCore the ability to register a languageDidChange callback. Other than this new
logic, the code being added to WTF is just being lifted out of WebCore.

* WTF.xcodeproj/project.pbxproj:
* wtf/BlockObjCExceptions.h: Added.
* wtf/BlockObjCExceptions.mm: Added.
(ReportBlockedObjCException):
* wtf/PlatformEfl.cmake:
* wtf/PlatformGTK.cmake:
* wtf/PlatformJSCOnly.cmake:
* wtf/PlatformMac.cmake:
* wtf/PlatformUserPreferredLanguages.h: Added.
* wtf/PlatformUserPreferredLanguagesMac.mm: Added.
(WTF::setPlatformUserPreferredLanguagesChangedCallback):
(WTF::preferredLanguages):
(+[WTFLanguageChangeObserver languagePreferencesDidChange:]):
(WTF::httpStyleLanguageCode):
(WTF::isValidICUCountryCode):
(WTF::platformUserPreferredLanguages):
* wtf/PlatformUserPreferredLanguagesUnix.cpp: Added.
(WTF::setPlatformUserPreferredLanguagesChangedCallback):
(WTF::platformLanguage):
(WTF::platformUserPreferredLanguages):
* wtf/PlatformUserPreferredLanguagesWin.cpp: Added.
(WTF::setPlatformUserPreferredLanguagesChangedCallback):
(WTF::localeInfo):
(WTF::platformLanguage):
(WTF::platformUserPreferredLanguages):
* wtf/PlatformWin.cmake:
* wtf/spi/cf: Added.
* wtf/spi/cf/CFBundleSPI.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201038 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoTidy unused parameters with build flags in isValidKeywordPropertyAndValue
dino@apple.com [Tue, 17 May 2016 19:04:04 +0000 (19:04 +0000)]
Tidy unused parameters with build flags in isValidKeywordPropertyAndValue
https://bugs.webkit.org/show_bug.cgi?id=157780
<rdar://problem/26327312>

Reviewed by Alex Christensen.

CSS_COMPOSITING and CSS_REGIONS aren't runtime flags any more, so
don't need a parser context. Meanwhile CSS_GRID_LAYOUT does, even
though it wasn't in the condition for the UNUSED_PARAM.

* css/CSSParser.cpp:
(WebCore::isValidKeywordPropertyAndValue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201036 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRegression(r177786): GlyphMetricsMap<T>::locatePageSlowCase() fills existing pages...
cdumez@apple.com [Tue, 17 May 2016 18:31:04 +0000 (18:31 +0000)]
Regression(r177786): GlyphMetricsMap<T>::locatePageSlowCase() fills existing pages with unknown metrics
https://bugs.webkit.org/show_bug.cgi?id=157749

Reviewed by Antti Koivisto.

After r177786, GlyphMetricsMap<T>::locatePageSlowCase() would unconditionally fill
pages with unknown metrics. This patch updates the code to do so only if the page
is new, thus restoring the pre-r177786 behavior.

* platform/graphics/GlyphMetricsMap.h:
(WebCore::GlyphMetricsMap::metricsForGlyph):
(WebCore::GlyphMetricsMap::setMetricsForGlyph):
(WebCore::GlyphMetricsMap::GlyphMetricsPage::GlyphMetricsPage):
(WebCore::GlyphMetricsMap::GlyphMetricsPage::fill):
(WebCore::GlyphMetricsMap::locatePage):
(WebCore::GlyphMetricsMap<T>::locatePageSlowCase):
(WebCore::GlyphMetricsMap::GlyphMetricsPage::metricsForGlyph): Deleted.
(WebCore::GlyphMetricsMap::GlyphMetricsPage::setMetricsForGlyph): Deleted.
(WebCore::GlyphMetricsMap::GlyphMetricsPage::setMetricsForIndex): Deleted.
(WebCore::GlyphMetricsMap<float>::unknownMetrics): Deleted.
(WebCore::GlyphMetricsMap<FloatRect>::unknownMetrics): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201023 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoconsole namespace breaks putting properties on console.__proto__
joepeck@webkit.org [Tue, 17 May 2016 18:20:26 +0000 (18:20 +0000)]
console namespace breaks putting properties on console.__proto__
https://bugs.webkit.org/show_bug.cgi?id=157782
<rdar://problem/26250526>

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

Some websites currently depend on console.__proto__ existing and being
a separate object from Object.prototype. This patch adds back a basic
console.__proto__ object, but all the console functions are left on
the ConsoleObject itself.

* runtime/JSGlobalObject.cpp:
(JSC::createConsoleProperty):

LayoutTests:

* js/console-expected.txt:
* js/console.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201022 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r201017.
ryanhaddad@apple.com [Tue, 17 May 2016 17:36:32 +0000 (17:36 +0000)]
Unreviewed, rolling out r201017.
https://bugs.webkit.org/show_bug.cgi?id=157799

Rebaselining the test was not the right solution. (Requested
by ryanhaddad on #webkit).

Reverted changeset:

"Rebaseline inspector/debugger/tail-recursion.html"
http://trac.webkit.org/changeset/201017

Patch by Commit Queue <commit-queue@webkit.org> on 2016-05-17

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201020 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: breakpoints in sourceURL named scripts are not persisted
bburg@apple.com [Tue, 17 May 2016 17:33:20 +0000 (17:33 +0000)]
Web Inspector: breakpoints in sourceURL named scripts are not persisted
https://bugs.webkit.org/show_bug.cgi?id=157714
<rdar://problem/26287099>

Reviewed by Joseph Pecoraro.

The Inspector frontend doesn't try to persist a breakpoint that
lacks a URL, even if the breakpoint has a sourceURL. Similarly, for
breakpoints without a URL, the frontend asks the backend to create
the breakpoint for a specific script identifier rather than a
URL-based breakpoint. This prevents breakpoints in injected scripts
from being resolved if the page is reloaded.

The Inspector backend knows how to resolve URL-based breakpoints
by matching against the script's URL or sourceURL, so we just need
to teach the frontend when either is appropriate to use.

This patch adds SourceCode.contentIdentifier, which is roughly
`url || sourceURL` for content that is not emphemeral, such as
console evaluations. Change breakpoint and debugger code to use
`contentIdentifier` rather than `url`, and pass contentIdentifier
to the backend when setting a breakpoint by URL.

* UserInterface/Controllers/DebuggerManager.js:
(WebInspector.DebuggerManager.prototype.breakpointsForSourceCode):
(WebInspector.DebuggerManager.prototype.scriptsForURL):
(WebInspector.DebuggerManager.prototype.get searchableScripts):
(WebInspector.DebuggerManager.prototype.removeBreakpoint):
(WebInspector.DebuggerManager.prototype.reset):
(WebInspector.DebuggerManager.prototype.scriptDidParse):
(WebInspector.DebuggerManager.prototype._setBreakpoint):
(WebInspector.DebuggerManager.prototype._saveBreakpoints):
(WebInspector.DebuggerManager.prototype._associateBreakpointsWithSourceCode):

* UserInterface/Models/Breakpoint.js:
(WebInspector.Breakpoint):
(WebInspector.Breakpoint.prototype.get contentIdentifier):
(WebInspector.Breakpoint.prototype.get info):
(WebInspector.Breakpoint.prototype.saveIdentityToCookie):
(WebInspector.Breakpoint.prototype.get url): Deleted.
Replace uses of Breakpoint.prototype.get url with
contentIdentifier inside the class and at all callsites.

* UserInterface/Models/Script.js:
(WebInspector.Script.prototype.get contentIdentifier):
Added. Use the URL, or the sourceURL unless the script is
ephemeral and only run once, like as a console evaluation.

* UserInterface/Models/SourceCode.js:
(WebInspector.SourceCode.prototype.get url): Added.
All subclasses already override this getter. Add it here so that
the default implementation of contentIdentifier can use it.

(WebInspector.SourceCode.prototype.get contentIdentifier): Added.

* UserInterface/Views/BreakpointTreeElement.js:
(WebInspector.BreakpointTreeElement.prototype.get filterableData):
* UserInterface/Views/ProbeSetDetailsSection.js:
(WebInspector.ProbeSetDetailsSection.prototype._updateLinkElement):
* UserInterface/Views/SourceCodeTextEditor.js:
(WebInspector.SourceCodeTextEditor.prototype._matchesBreakpoint):
* UserInterface/Views/TextResourceContentView.js:
(WebInspector.TextResourceContentView.prototype.get supplementalRepresentedObjects):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201019 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix the !ENABLE(WEB_TIMING) build after r200887
ossy@webkit.org [Tue, 17 May 2016 17:07:19 +0000 (17:07 +0000)]
Fix the !ENABLE(WEB_TIMING) build after r200887
https://bugs.webkit.org/show_bug.cgi?id=157796

Reviewed by Chris Dumez.

* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::didFinishLoading):
(WebCore::DocumentThreadableLoader::loadRequest):
* loader/DocumentThreadableLoader.h:
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):
(WebCore::CachedResourceLoader::revalidateResource):
(WebCore::CachedResourceLoader::loadResource):
* loader/cache/CachedResourceLoader.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201018 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRebaseline inspector/debugger/tail-recursion.html
ryanhaddad@apple.com [Tue, 17 May 2016 17:03:28 +0000 (17:03 +0000)]
Rebaseline inspector/debugger/tail-recursion.html

Unreviewed test gardening.

* inspector/debugger/tail-recursion-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201017 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed GTK+ and EFL bulid fix; make the audio playback user gesture requirement
jer.noble@apple.com [Tue, 17 May 2016 16:40:46 +0000 (16:40 +0000)]
Unreviewed GTK+ and EFL bulid fix; make the audio playback user gesture requirement
Cocoa-only.

* Shared/WebPreferencesDefinitions.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201016 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION(r54729): Line breaking in complex mixed-direction text is inconsistent...
mmaxfield@apple.com [Tue, 17 May 2016 16:21:31 +0000 (16:21 +0000)]
REGRESSION(r54729): Line breaking in complex mixed-direction text is inconsistent across page refreshes
https://bugs.webkit.org/show_bug.cgi?id=157783
<rdar://problem/22908924>

Reviewed by Zalan Bujtas.

Source/WebCore:

mappedIndices is uninitialized.

Test: fast/text/complex-mixed-direction-line-breaking.html

* platform/graphics/mac/ComplexTextController.cpp:
(WebCore::ComplexTextController::ComplexTextRun::setIsNonMonotonic):

LayoutTests:

* fast/text/complex-mixed-direction-line-breaking-expected.html: Added.
* fast/text/complex-mixed-direction-line-breaking.html: Added.
* fast/text/resources/Gulf-regular.ttf: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, dump more information when math-pow-stable-results.js failed
utatane.tea@gmail.com [Tue, 17 May 2016 13:43:29 +0000 (13:43 +0000)]
Unreviewed, dump more information when math-pow-stable-results.js failed
https://bugs.webkit.org/show_bug.cgi?id=157168

* tests/stress/math-pow-stable-results.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201014 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoDOMPromise should only restrict the resolution type
youenn.fablet@crf.canon.fr [Tue, 17 May 2016 10:20:11 +0000 (10:20 +0000)]
DOMPromise should only restrict the resolution type
https://bugs.webkit.org/show_bug.cgi?id=157307

Reviewed by Darin Adler.

Source/WebCore:

Removing from DOMPromise the rejection template parameter.
Supported rejection types are integers (Exception codes) and DOM objects (DOMError typically).

Updated DeferredWrapper to accept Ref<>&& and RefPtr<>&&.
Relanding without touching JSDOMBinding.h as this seemed to be impacting performances.

Changes also allow in most cases to remove the need for explictly declaring the
rejection/resolution type.

Minor refactoring of FontFaceSet promise handling to use DOMPromise in lieu of DeferredWrapper.

Covered by existing tests.
Changes should not be visible from user scripts.

* Modules/fetch/FetchBody.cpp:
(WebCore::FetchBody::consume):
(WebCore::FetchBody::consumeText):
(WebCore::blobFromArrayBuffer):
(WebCore::FetchBody::loadingFailed):
* Modules/fetch/FetchBody.h:
(WebCore::FetchBody::formData):
* Modules/fetch/FetchBodyOwner.cpp:
(WebCore::FetchBodyOwner::arrayBuffer):
(WebCore::FetchBodyOwner::blob):
(WebCore::FetchBodyOwner::formData):
(WebCore::FetchBodyOwner::json):
(WebCore::FetchBodyOwner::text):
* Modules/fetch/FetchResponse.cpp:
(WebCore::FetchResponse::BodyLoader::didReceiveResponse):
* Modules/fetch/FetchResponse.h:
* Modules/mediastream/MediaDevices.h:
* Modules/mediastream/PeerConnectionBackend.h:
* Modules/mediastream/UserMediaRequest.cpp:
(WebCore::UserMediaRequest::didCreateStream):
* Modules/streams/ReadableStreamSource.h:
* Modules/webaudio/AudioContext.h:
* bindings/js/JSDOMPromise.cpp:
(WebCore::fulfillPromiseWithJSON):
* bindings/js/JSDOMPromise.h:
(WebCore::TypeInspector::decltype):
(WebCore::TypeInspector::testIsVector):
(WebCore::TypeInspector::testIsRefOrRefPtr):
(WebCore::DeferredWrapper::resolve):
(WebCore::DeferredWrapper::reject):
(WebCore::DOMPromise::resolve):
(WebCore::DOMPromise::reject):
(WebCore::DeferredWrapper::resolveWithValue):
(WebCore::DeferredWrapper::rejectWithValue):
(WebCore::callPromiseFunction):
* bindings/js/JSSubtleCryptoCustom.cpp:
(WebCore::JSSubtleCrypto::importKey):
(WebCore::JSSubtleCrypto::unwrapKey):
* css/FontFace.h:
* css/FontFaceSet.cpp:
(WebCore::FontFaceSet::PendingPromise::PendingPromise):
(WebCore::FontFaceSet::load):
(WebCore::FontFaceSet::registerReady):
* css/FontFaceSet.h:
* html/HTMLMediaElement.h:

Source/WTF:

* wtf/Ref.h: Adding static constexpr to ease detection of Ref for templates.
* wtf/RefPtr.h: Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201013 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoModernize CSS Parser
commit-queue@webkit.org [Tue, 17 May 2016 06:36:52 +0000 (06:36 +0000)]
Modernize CSS Parser
https://bugs.webkit.org/show_bug.cgi?id=157772

Patch by Alex Christensen <achristensen@webkit.org> on 2016-05-16
Reviewed by Brady Eidson.

No new tests.  This patch just replaces PassRefPtr with RefPtr&&.

* css/CSSParser.cpp:
(WebCore::CSSParser::parseDeclaration):
(WebCore::CSSParser::SourceSize::SourceSize):
(WebCore::CSSParser::createStyleProperties):
(WebCore::CSSParser::addProperty):
(WebCore::CSSParser::parseValidPrimitive):
(WebCore::CSSParser::addExpandedPropertyForValue):
(WebCore::CSSParser::parseVariableDependentValue):
(WebCore::CSSParser::parseValue):
(WebCore::CSSParser::parseColumnsShorthand):
(WebCore::CSSParser::parseGridItemPositionShorthand):
(WebCore::CSSParser::parseGridAreaShorthand):
(WebCore::CSSParser::parseInsetRoundedCorners):
(WebCore::CSSParser::parseBasicShapeInset):
(WebCore::ShadowParseContext::commitLength):
(WebCore::ShadowParseContext::commitColor):
(WebCore::BorderImageParseContext::requireWidth):
(WebCore::BorderImageParseContext::requireOutset):
(WebCore::BorderImageParseContext::commitImage):
(WebCore::BorderImageParseContext::commitImageSlice):
(WebCore::BorderImageParseContext::commitForwardSlashOperator):
(WebCore::BorderImageParseContext::commitBorderWidth):
(WebCore::BorderImageParseContext::commitBorderOutset):
(WebCore::BorderImageParseContext::commitRepeat):
(WebCore::BorderImageParseContext::commitWebKitBorderImage):
(WebCore::BorderImageParseContext::commitBorderImage):
(WebCore::BorderImageParseContext::commitBorderImageProperty):
(WebCore::BorderImageSliceParseContext::commitFill):
(WebCore::BorderImageSliceParseContext::commitBorderImageSlice):
(WebCore::BorderImageQuadParseContext::commitNumber):
(WebCore::BorderImageQuadParseContext::setAllowFinalCommit):
(WebCore::BorderImageQuadParseContext::setTop):
(WebCore::BorderImageQuadParseContext::commitBorderImageQuad):
(WebCore::CSSParser::parseCounter):
(WebCore::parseDeprecatedGradientPoint):
(WebCore::CSSParser::parseDeprecatedGradient):
(WebCore::valueFromSideKeyword):
(WebCore::parseGradientColorOrKeyword):
(WebCore::CSSParser::parsePerspectiveOrigin):
(WebCore::CSSParser::addTextDecorationProperty):
(WebCore::CSSParser::parseTextDecoration):
(WebCore::CSSParser::realLex):
(WebCore::CSSParser::createImportRule):
(WebCore::CSSParser::createMediaRule):
(WebCore::CSSParser::processAndAddNewRuleToSourceTreeIfNeeded):
(WebCore::CSSParser::addNewRuleToSourceTree):
* css/CSSParser.h:
(WebCore::CSSParser::hasProperties):
(WebCore::CSSParser::resetPropertyRange):
(WebCore::CSSParser::isExtractingSourceData):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201000 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoShadowChicken crashes when reading a scope from the frame during a stack overflow...
sbarati@apple.com [Tue, 17 May 2016 05:31:35 +0000 (05:31 +0000)]
ShadowChicken crashes when reading a scope from the frame during a stack overflow exception
https://bugs.webkit.org/show_bug.cgi?id=157770

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

ShadowChicken was reading the scope from a half formed
frame as it threw a stack overflow exception. The frame had
a valid CodeBlock pointer, but it did not have a valid scope.
The code in ShadowChicken's throw packet logging mechanism didn't
account for this. The fix is to respect whether genericUnwind wants
to unwind from the current frame or the caller's frame. For stack
overflow errors, we always unwind the caller's frame.

* jit/JITExceptions.cpp:
(JSC::genericUnwind):

LayoutTests:

* inspector/debugger/debugger-stack-overflow-expected.txt: Added.
* inspector/debugger/debugger-stack-overflow.html: Added.
* inspector/debugger/resources/stack-overflow.js: Added.
(foo):
(start):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION(r200208): It made 2 JSC stress tests fail on x86
utatane.tea@gmail.com [Tue, 17 May 2016 04:36:08 +0000 (04:36 +0000)]
REGRESSION(r200208): It made 2 JSC stress tests fail on x86
https://bugs.webkit.org/show_bug.cgi?id=157168

Reviewed by Benjamin Poulain.

The fast path in operationMathPow produces different results between x87 and the other environments.
This is because x87 calculates the double value in 80bit precision.
The situation is the following: in x86 32bit environment, floating point operations are compiled to
x87 operations by default even if we can use SSE2. But in DFG environment, we aggressively use SSE2
if the cpuid reports SSE2 is available. As a result, the implementations differ between C runtime
and DFG JIT code. The C runtime uses x87 while DFG JIT code uses SSE2. This causes a precision
problem since x87 has 80bit precision while SSE2 has 64bit precision.

In this patch, in x86 32bit environment, we use `volatile double` if the `-mfpmath=sse and -msse2 (or later)`
is not specified. This will round the x87 value into 64bit per multiplying. Note that this problem does not
occur in OS X clang 32bit environment. This is because `-mfpmath=sse` is enabled by default in OS X clang 32bit.

* b3/B3MathExtras.cpp:
(JSC::B3::powDoubleInt32):
* runtime/MathCommon.cpp:
(JSC::operationMathPow):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUncaught Exception: TypeError: null is not an object (evaluating 'event.data.pathComp...
commit-queue@webkit.org [Tue, 17 May 2016 04:11:41 +0000 (04:11 +0000)]
Uncaught Exception: TypeError: null is not an object (evaluating 'event.data.pathComponent.domTreeElement')
https://bugs.webkit.org/show_bug.cgi?id=157759
<rdar://problem/26309427>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-05-16
Reviewed by Timothy Hatcher.

* UserInterface/Views/DOMTreeContentView.js:
(WebInspector.DOMTreeContentView.prototype._pathComponentSelected):
Handle possible null path components.

* UserInterface/Views/HierarchicalPathComponent.js:
(WebInspector.HierarchicalPathComponent.prototype.get selectedPathComponent):
When there is a list of just one that is triggered, the Clicked
event should produce that one, to be consistent with clicking
on a list of multiple elements and selecting the same value.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200995 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd RenderDescendantIterator to traverse a RenderObject's descendants
cdumez@apple.com [Tue, 17 May 2016 04:11:34 +0000 (04:11 +0000)]
Add RenderDescendantIterator to traverse a RenderObject's descendants
https://bugs.webkit.org/show_bug.cgi?id=157785

Reviewed by Zalan Bujtas.

Add RenderDescendantIterator to traverse a RenderObject's descendants. I
am planning to use it in the iOS Text Autosizing code (See Bug 157784).

* WebCore.xcodeproj/project.pbxproj:
* rendering/RenderDescendantIterator.h: Added.
(WebCore::RenderDescendantIterator<T>::RenderDescendantIterator):
(WebCore::RenderDescendantIterator<T>::operator):
(WebCore::RenderDescendantConstIterator<T>::RenderDescendantConstIterator):
(WebCore::RenderDescendantConstIterator<T>::operator):
(WebCore::RenderDescendantIteratorAdapter<T>::RenderDescendantIteratorAdapter):
(WebCore::RenderDescendantIteratorAdapter<T>::begin):
(WebCore::RenderDescendantIteratorAdapter<T>::end):
(WebCore::RenderDescendantConstIteratorAdapter<T>::RenderDescendantConstIteratorAdapter):
(WebCore::RenderDescendantConstIteratorAdapter<T>::begin):
(WebCore::RenderDescendantConstIteratorAdapter<T>::end):
(WebCore::descendantsOfType):
* rendering/RenderIterator.h:
(WebCore::RenderObjectTraversal::firstChild):
(WebCore::RenderObjectTraversal::nextAncestorSibling):
(WebCore::RenderObjectTraversal::next):
(WebCore::RenderTraversal::firstChild):
(WebCore::RenderTraversal::lastChild):
(WebCore::RenderTraversal::nextSibling):
(WebCore::RenderTraversal::previousSibling):
(WebCore::RenderTraversal::findAncestorOfType):
(WebCore::RenderTraversal::firstWithin):
(WebCore::RenderTraversal::next):
(WebCore::RenderIterator<T>::traverseNext):
(WebCore::RenderConstIterator<T>::traverseNext):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200994 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoARMV7K: Crash at JavaScriptCore: WTF::ScopedLambdaFunctor<bool
msaboff@apple.com [Tue, 17 May 2016 04:02:40 +0000 (04:02 +0000)]
ARMV7K: Crash at JavaScriptCore: WTF::ScopedLambdaFunctor<bool
https://bugs.webkit.org/show_bug.cgi?id=157781

Reviewed by Filip Pizlo.

Replaced use of ScopedLambda in locking code with std::function much as it was
before change set 199760 to work around what appears to be a clang compiler issue.

* wtf/ParkingLot.cpp:
(WTF::ParkingLot::parkConditionallyImpl):
(WTF::ParkingLot::unparkOne):
(WTF::ParkingLot::unparkAll):
(WTF::ParkingLot::forEach):
(WTF::ParkingLot::unparkOneImpl): Deleted.
(WTF::ParkingLot::forEachImpl): Deleted.
* wtf/ParkingLot.h:
(WTF::ParkingLot::parkConditionally):
(WTF::ParkingLot::unparkOne): Deleted.
(WTF::ParkingLot::forEach): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200993 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] "return this" in a constructor does not need a branch on isObject(this)
commit-queue@webkit.org [Tue, 17 May 2016 03:36:45 +0000 (03:36 +0000)]
[JSC] "return this" in a constructor does not need a branch on isObject(this)
https://bugs.webkit.org/show_bug.cgi?id=157775

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-05-16
Reviewed by Saam Barati and Ryosuke Niwa.

When returning "this" in a constructor, the bytecode generator was generating:
    is_object         locX, this
    jtrue             locX, 5(->second ret)
    ret               this
    ret               this

That code is eliminated in DFG but it is pretty costly lower tiers.

This patch changes bytecode generation to avoid the is_object test
when possible and not generate two ret if they encode the same thing.

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitReturn):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200992 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] Remove the index check from op_get_by_val/op_put_by_val when the index is constant
commit-queue@webkit.org [Tue, 17 May 2016 03:31:12 +0000 (03:31 +0000)]
[JSC] Remove the index check from op_get_by_val/op_put_by_val when the index is constant
https://bugs.webkit.org/show_bug.cgi?id=157766

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-05-16
Reviewed by Geoffrey Garen.

If the index is an integer constant, do not generate the index check.

* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200991 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC][DFG] Fill spilled Int32 as Int32 instead of JSInt32
commit-queue@webkit.org [Tue, 17 May 2016 03:28:46 +0000 (03:28 +0000)]
[JSC][DFG] Fill spilled Int32 as Int32 instead of JSInt32
https://bugs.webkit.org/show_bug.cgi?id=157700

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-05-16
Reviewed by Michael Saboff.

In general, fillSpeculateInt32() originate from SpeculateInt32
and the user does not care about the tag.

This is particularily obvious on Sunspider's math-spectral-norm.js.
In that test, registers are frequently spilled because of x86's DIV.

When they are re-filled, they were always tagged.
Since the loops are small, all the tagging adds up.

* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::fillSpeculateInt32Internal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200990 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove YouTube site-specific hack
commit-queue@webkit.org [Tue, 17 May 2016 01:30:31 +0000 (01:30 +0000)]
Remove YouTube site-specific hack
https://bugs.webkit.org/show_bug.cgi?id=157776

Patch by Alex Christensen <achristensen@webkit.org> on 2016-05-16
Reviewed by Eric Carlson.

No new tests.  Youtube fullscreen seems to work without
http://trac.webkit.org/changeset/173533 now.

* dom/Document.cpp:
(WebCore::unwrapFullScreenRenderer):
(WebCore::Document::webkitWillEnterFullScreenForElement):
(WebCore::Document::webkitDidEnterFullScreenForElement):
(WebCore::Document::webkitWillExitFullScreenForElement):
(WebCore::Document::webkitDidExitFullScreenForElement):
(WebCore::Document::setFullScreenRenderer):
(WebCore::hostIsYouTube): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200988 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoheap use-after-free at WebCore::TimerBase::heapPopMin()
bfulgham@apple.com [Tue, 17 May 2016 01:09:27 +0000 (01:09 +0000)]
heap use-after-free at WebCore::TimerBase::heapPopMin()
https://bugs.webkit.org/show_bug.cgi?id=157742
<rdar://problem/26236778>

Source/WebCore:

Reviewed by David Kilzer.

Tested by fast/frames/resources/crash-during-iframe-load-stop.html.

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::stopForUserCancel): Protect m_frame from destruction while it is still
being used by the current stack frame.
(WebCore::FrameLoader::frameDetached): Ditto.
(WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy): Ditto.

LayoutTests:

Reviewed by Simon Fraser.

* fast/frames/crash-during-iframe-load-stop-expected.txt: Added.
* fast/frames/crash-during-iframe-load-stop.html: Added.
* fast/frames/resources/crash-during-iframe-load-stop-inner.html: Added.
* fast/frames/resources/crash-during-iframe-load-stop.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWebCoreJSBuiltinInternals won't compile if some build flags are off
dino@apple.com [Tue, 17 May 2016 01:05:41 +0000 (01:05 +0000)]
WebCoreJSBuiltinInternals won't compile if some build flags are off
https://bugs.webkit.org/show_bug.cgi?id=157777
<rdar://problem/26312967>

Reviewed by Simon Fraser.

Allow this file to compile when some build flags are disabled.

* bindings/js/WebCoreJSBuiltinInternals.cpp:
(WebCore::JSBuiltinInternalFunctions::JSBuiltinInternalFunctions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200985 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed Cloop build fix.
sbarati@apple.com [Tue, 17 May 2016 00:29:40 +0000 (00:29 +0000)]
Unreviewed Cloop build fix.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200984 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION (200035): changes in "WebKit Malloc" VM regions are causing 'leaks' to...
ggaren@apple.com [Tue, 17 May 2016 00:15:31 +0000 (00:15 +0000)]
REGRESSION (200035): changes in "WebKit Malloc" VM regions are causing 'leaks' to spew "Failed to map remote region" messages
https://bugs.webkit.org/show_bug.cgi?id=157764

Reviewed by Gavin Barraclough.

We need to allow for guard pages and only report unguarded pages to the
leaks tool -- otherwise, it will try to remote map our guarded pages,
and crash.

* bmalloc/VMHeap.cpp:
(bmalloc::VMHeap::tryAllocateLargeChunk):
(bmalloc::VMHeap::allocateSmallChunk): Adopt the new API for reporting
a range instead of a Chunk*, and report the unguarded range.

This also fixes a separate bug -- very large allocations would not
fully participate in pointer scanning because they would only report 2MB
(chunkSize) in size. This could cause false-positive leak reports.

* bmalloc/Zone.cpp:
(bmalloc::enumerator): Updated to scan ranges instead of fixed-sized
Chunk pointers.

* bmalloc/Zone.h:
(bmalloc::Zone::ranges):
(bmalloc::Zone::addRange): Store ranges instead of fixed-sized Chunk
pointers because our VM ranges have variable sizes -- both due to guard
pages and due to large allocations.

(bmalloc::Zone::chunks): Deleted.
(bmalloc::Zone::addChunk): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200983 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoModern IDB: Give each UniqueIDBDatabase its own task queues.
beidson@apple.com [Mon, 16 May 2016 23:49:52 +0000 (23:49 +0000)]
Modern IDB: Give each UniqueIDBDatabase its own task queues.
https://bugs.webkit.org/show_bug.cgi?id=157757

Reviewed by Alex Christensen.

No new tests (Refactor, no behavior change).

Each UniqueIDBDatabase now maintains its own databaseTask and databaseTaskReply queues.

Instead of posting the specific task(reply) with the IDBServer, it merely posts a task(reply) that says
"Handle your next task(reply)".

* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation):
(WebCore::IDBServer::UniqueIDBDatabase::performCurrentDeleteOperation):
(WebCore::IDBServer::UniqueIDBDatabase::deleteBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::startVersionChangeTransaction):
(WebCore::IDBServer::UniqueIDBDatabase::openBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::createObjectStore):
(WebCore::IDBServer::UniqueIDBDatabase::performCreateObjectStore):
(WebCore::IDBServer::UniqueIDBDatabase::deleteObjectStore):
(WebCore::IDBServer::UniqueIDBDatabase::performDeleteObjectStore):
(WebCore::IDBServer::UniqueIDBDatabase::clearObjectStore):
(WebCore::IDBServer::UniqueIDBDatabase::performClearObjectStore):
(WebCore::IDBServer::UniqueIDBDatabase::createIndex):
(WebCore::IDBServer::UniqueIDBDatabase::performCreateIndex):
(WebCore::IDBServer::UniqueIDBDatabase::deleteIndex):
(WebCore::IDBServer::UniqueIDBDatabase::performDeleteIndex):
(WebCore::IDBServer::UniqueIDBDatabase::putOrAdd):
(WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):
(WebCore::IDBServer::UniqueIDBDatabase::getRecord):
(WebCore::IDBServer::UniqueIDBDatabase::performGetRecord):
(WebCore::IDBServer::UniqueIDBDatabase::performGetIndexRecord):
(WebCore::IDBServer::UniqueIDBDatabase::getCount):
(WebCore::IDBServer::UniqueIDBDatabase::performGetCount):
(WebCore::IDBServer::UniqueIDBDatabase::deleteRecord):
(WebCore::IDBServer::UniqueIDBDatabase::performDeleteRecord):
(WebCore::IDBServer::UniqueIDBDatabase::openCursor):
(WebCore::IDBServer::UniqueIDBDatabase::performOpenCursor):
(WebCore::IDBServer::UniqueIDBDatabase::iterateCursor):
(WebCore::IDBServer::UniqueIDBDatabase::performIterateCursor):
(WebCore::IDBServer::UniqueIDBDatabase::commitTransaction):
(WebCore::IDBServer::UniqueIDBDatabase::performCommitTransaction):
(WebCore::IDBServer::UniqueIDBDatabase::abortTransaction):
(WebCore::IDBServer::UniqueIDBDatabase::performAbortTransaction):
(WebCore::IDBServer::UniqueIDBDatabase::activateTransactionInBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::performActivateTransactionInBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTask):
(WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTaskReply):
(WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
(WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
* Modules/indexeddb/server/UniqueIDBDatabase.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200982 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoHook up ShadowChicken to the debugger to show tail deleted frames
sbarati@apple.com [Mon, 16 May 2016 23:31:39 +0000 (23:31 +0000)]
Hook up ShadowChicken to the debugger to show tail deleted frames
https://bugs.webkit.org/show_bug.cgi?id=156685
<rdar://problem/25770521>

Reviewed by Filip Pizlo and Mark Lam and Joseph Pecoraro.

Source/JavaScriptCore:

The heart of this patch hooks up ShadowChicken to DebuggerCallFrame to
allow the Web Inspector to display the ShadowChicken's shadow stack.
This means the Web Inspector can now display tail deleted frames.
To make this work, I made the necessary changes to ShadowChicken and
DebuggerCallFrame to allow DebuggerCallFrame to keep the same API
when representing both machine frames and tail deleted frames.

- ShadowChicken prologue packets now log the current scope. Tail packets
  log the current scope, the 'this' value, the CodeBlock, and the
  CallSiteIndex. This allows the inspector to not only show the
  tail deleted frame, but also show exactly where the tail call happened (line and column numbers),
  with which scope it executed, and with which 'this' value. This
  patch also allows DebuggerCallFrame to execute console statements
  in a tail deleted frame.

- I changed ShadowChicken's stack resizing algorithm. ShadowChicken
  now only keeps a maximum number of tail deleted frames in its shadow stack.
  It will happily represent all machine frames without limit. Right now, the
  maximum number of tail deleted frames I chose to keep alive is 128.
  We will keep frames alive starting from the top of the stack. This
  allows us to have a strong defense against runaway memory usage. We will only
  keep around at most 128 "shadow" frames that wouldn't have naturally been kept
  alive by the executing program. We can play around with this number
  if we find that 128 is either too many or too few frames.

- DebuggerCallFrame is no longer a cheap class to create. When it is created,
  we will eagerly create the entire virtual debugger stack. So I modified the
  existing code to lazily create DebuggerCallFrames only when necessary. We
  used to eagerly create them at each op_debug statement even though we would
  just throw them away if we didn't hit a breakpoint.

- A valid DebuggerCallFrame will always have a valid CallFrame* pointer
  into the stack. This pointer won't always refer to the logical frame
  that the DebuggerCallFrame represents because a DebuggerCallFrame can
  now represent a tail deleted frame. To do this, DebuggerCallFrame now
  has a ShadowChicken::Frame member variable. This allows DebuggerCallFrame
  to know when it represents a tail deleted frame and gives DebuggerCallFrame
  a mechanism to ask the tail deleted frame for interesting information
  (like its 'this' value, scope, CodeBlock, etc). A tail deleted frame's
  machine frame pointer will be the machine caller of the tail deleted frame
  (or the machine caller of the first of a series of consecutive tail calls).

- I added a new flag to UnlinkedCodeBlock to indicate when it is compiled
  with debugging opcodes. I did this because ShadowChicken may read a JSScope
  from the machine stack. This is only safe if the machine CodeBlock was
  compiled with debugging opcodes. This is safer than asking if the
  CodeBlock's global object has an interactive debugger enabled because
  it's theoretically possible for the debugger to be enabled while code
  compiled without a debugger is still live on the stack. This field is
  also now used to indicate to the DFGGraph that the interactive debugger
  is enabled.

- Finally, this patch adds a new field to the Inspector's CallFrame protocol
  object called 'isTailDeleted' to allow the Inspector to know when a
  CallFrame represents a tail deleted frame.

* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/BytecodeList.json:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::findPC):
(JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::clearDebuggerRequests):
(JSC::CodeBlock::wasCompiledWithDebuggingOpcodes):
* bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
* bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedCodeBlock::wasCompiledWithDebuggingOpcodes):
(JSC::UnlinkedCodeBlock::finishCreation):
(JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock):
* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::generateUnlinkedFunctionCodeBlock):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitEnter):
(JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary):
(JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary):
(JSC::BytecodeGenerator::emitCallDefineProperty):
* debugger/Debugger.cpp:
(JSC::DebuggerPausedScope::DebuggerPausedScope):
(JSC::DebuggerPausedScope::~DebuggerPausedScope):
(JSC::Debugger::didReachBreakpoint):
(JSC::Debugger::currentDebuggerCallFrame):
* debugger/Debugger.h:
* debugger/DebuggerCallFrame.cpp:
(JSC::LineAndColumnFunctor::operator()):
(JSC::DebuggerCallFrame::create):
(JSC::DebuggerCallFrame::DebuggerCallFrame):
(JSC::DebuggerCallFrame::callerFrame):
(JSC::DebuggerCallFrame::globalExec):
(JSC::DebuggerCallFrame::vmEntryGlobalObject):
(JSC::DebuggerCallFrame::sourceID):
(JSC::DebuggerCallFrame::functionName):
(JSC::DebuggerCallFrame::scope):
(JSC::DebuggerCallFrame::type):
(JSC::DebuggerCallFrame::thisValue):
(JSC::DebuggerCallFrame::evaluateWithScopeExtension):
(JSC::DebuggerCallFrame::invalidate):
(JSC::DebuggerCallFrame::currentPosition):
(JSC::DebuggerCallFrame::positionForCallFrame):
(JSC::DebuggerCallFrame::sourceIDForCallFrame):
(JSC::FindCallerMidStackFunctor::FindCallerMidStackFunctor): Deleted.
(JSC::FindCallerMidStackFunctor::operator()): Deleted.
(JSC::FindCallerMidStackFunctor::getCallerFrame): Deleted.
(JSC::DebuggerCallFrame::thisValueForCallFrame): Deleted.
* debugger/DebuggerCallFrame.h:
(JSC::DebuggerCallFrame::isValid):
(JSC::DebuggerCallFrame::isTailDeleted):
(JSC::DebuggerCallFrame::create): Deleted.
(JSC::DebuggerCallFrame::exec): Deleted.
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::Graph):
(JSC::DFG::Graph::~Graph):
* dfg/DFGJITCompiler.h:
(JSC::DFG::JITCompiler::addCallSite):
(JSC::DFG::JITCompiler::emitStoreCodeOrigin):
(JSC::DFG::JITCompiler::emitStoreCallSiteIndex):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileLogShadowChickenPrologue):
(JSC::FTL::DFG::LowerDFGToB3::compileLogShadowChickenTail):
(JSC::FTL::DFG::LowerDFGToB3::compileRecordRegExpCachedResult):
(JSC::FTL::DFG::LowerDFGToB3::allocateJSArray):
(JSC::FTL::DFG::LowerDFGToB3::ensureShadowChickenPacket):
(JSC::FTL::DFG::LowerDFGToB3::setupShadowChickenPacket): Deleted.
* inspector/InjectedScriptSource.js:
(InjectedScript.CallFrameProxy):
* inspector/JSJavaScriptCallFrame.cpp:
(Inspector::JSJavaScriptCallFrame::thisObject):
(Inspector::JSJavaScriptCallFrame::isTailDeleted):
(Inspector::JSJavaScriptCallFrame::type):
* inspector/JSJavaScriptCallFrame.h:
* inspector/JSJavaScriptCallFramePrototype.cpp:
(Inspector::JSJavaScriptCallFramePrototype::finishCreation):
(Inspector::jsJavaScriptCallFramePrototypeFunctionEvaluateWithScopeExtension):
(Inspector::jsJavaScriptCallFrameAttributeType):
(Inspector::jsJavaScriptCallFrameIsTailDeleted):
* inspector/JavaScriptCallFrame.h:
(Inspector::JavaScriptCallFrame::type):
(Inspector::JavaScriptCallFrame::scopeChain):
(Inspector::JavaScriptCallFrame::vmEntryGlobalObject):
(Inspector::JavaScriptCallFrame::isTailDeleted):
(Inspector::JavaScriptCallFrame::thisValue):
(Inspector::JavaScriptCallFrame::evaluateWithScopeExtension):
* inspector/ScriptDebugServer.cpp:
(Inspector::ScriptDebugServer::evaluateBreakpointAction):
* inspector/protocol/Debugger.json:
* interpreter/ShadowChicken.cpp:
(JSC::ShadowChicken::update):
(JSC::ShadowChicken::visitChildren):
(JSC::ShadowChicken::reset):
* interpreter/ShadowChicken.h:
(JSC::ShadowChicken::Packet::throwMarker):
(JSC::ShadowChicken::Packet::prologue):
(JSC::ShadowChicken::Packet::tail):
(JSC::ShadowChicken::Frame::Frame):
(JSC::ShadowChicken::Frame::operator==):
* jit/CCallHelpers.cpp:
(JSC::CCallHelpers::logShadowChickenProloguePacket):
(JSC::CCallHelpers::logShadowChickenTailPacket):
(JSC::CCallHelpers::ensureShadowChickenPacket):
(JSC::CCallHelpers::setupShadowChickenPacket): Deleted.
* jit/CCallHelpers.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_profile_type):
(JSC::JIT::emit_op_log_shadow_chicken_prologue):
(JSC::JIT::emit_op_log_shadow_chicken_tail):
(JSC::JIT::emit_op_get_enumerable_length):
(JSC::JIT::emit_op_resume):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_profile_type):
(JSC::JIT::emit_op_log_shadow_chicken_prologue):
(JSC::JIT::emit_op_log_shadow_chicken_tail):
* jit/RegisterSet.cpp:
(JSC::RegisterSet::webAssemblyCalleeSaveRegisters):
(JSC::RegisterSet::argumentGPRS):
(JSC::RegisterSet::registersToNotSaveForJSCall):
* jit/RegisterSet.h:
* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/CodeCache.cpp:
(JSC::CodeCache::getGlobalCodeBlock):
* runtime/Options.h:
* tests/stress/shadow-chicken-enabled.js:
(test5a.foo):
(test5a):
(test5b.foo):
(test5b):
(test6.foo):
(test6):

Source/WebCore:

Tests: inspector/debugger/tail-deleted-frames-this-value.html
       inspector/debugger/tail-deleted-frames.html
       inspector/debugger/tail-recursion.html

* ForwardingHeaders/interpreter/ShadowChicken.h: Added.

Source/WebInspectorUI:

This patch makes the WebInspector display tail deleted frames.
We show tail deleted frames with a gray [f] instead of a green
[f]. We also put text in the tooltip to indicate that the frame
is tail deleted. Other than that, tail deleted frames behave like
normal frames. You can evaluate in them, inspect their scope, etc.

* Localizations/en.lproj/localizedStrings.js:
* UserInterface/Images/TailDeletedFunction.svg: Added.
* UserInterface/Images/gtk/TailDeletedFunction.svg: Added.
* UserInterface/Models/CallFrame.js:
* UserInterface/Views/CallFrameIcons.css:
* UserInterface/Views/CallFrameTreeElement.js:
* UserInterface/Views/CallFrameView.js:

LayoutTests:

* inspector/debugger/resources/tail-deleted-frames-this-value.js: Added.
(a):
(b):
* inspector/debugger/resources/tail-deleted-frames.js: Added.
(a):
(b):
(c):
(startABC):
* inspector/debugger/resources/tail-recursion.js: Added.
(recurse):
(startRecurse):
* inspector/debugger/tail-deleted-frames-expected.txt: Added.
* inspector/debugger/tail-deleted-frames-this-value-expected.txt: Added.
* inspector/debugger/tail-deleted-frames-this-value.html: Added.
* inspector/debugger/tail-deleted-frames.html: Added.
* inspector/debugger/tail-recursion-expected.txt: Added.
* inspector/debugger/tail-recursion.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200981 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoTypeSet/StructureShape have a flawed sense of JS prototype chains
sbarati@apple.com [Mon, 16 May 2016 23:27:27 +0000 (23:27 +0000)]
TypeSet/StructureShape have a flawed sense of JS prototype chains
https://bugs.webkit.org/show_bug.cgi?id=157760

Reviewed by Joseph Pecoraro.

There was an assumption that we would bottom out in "Object". This is
not true for many reasons. JS objects may not end in Object.prototype.
Also, our mechanism of grabbing an Object's class name may also not
bottom out in "Object". We were seeing this in the JS objects we use
in the InjectedScriptSource.js inspector script.

* runtime/TypeSet.cpp:
(JSC::StructureShape::leastCommonAncestor):
* tests/typeProfiler/weird-prototype-chain.js: Added.
(wrapper.foo):
(wrapper.let.o2):
(wrapper):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200980 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agobuild fix after r200968 and r200969
enrica@apple.com [Mon, 16 May 2016 23:21:32 +0000 (23:21 +0000)]
build fix after r200968 and r200969

Unreviewed.

* DumpRenderTree/mac/EventSendingController.mm:
(-[EventSendingController keyDown:withModifiers:withLocation:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200979 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAPI test WebKit2.MSEIsPlayingAudio timing out after r200951
jer.noble@apple.com [Mon, 16 May 2016 23:19:36 +0000 (23:19 +0000)]
API test WebKit2.MSEIsPlayingAudio timing out after r200951
https://bugs.webkit.org/show_bug.cgi?id=157748

Reviewed by Eric Carlson.

The file-with-mse.html testcase only calls play() once it's own XHR loading is complete; the
"user gesture" check fails at that point.  Call play() up front; playback will begin as soon
as enough data is loaded.

* TestWebKitAPI/Tests/WebKit2/file-with-mse.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200978 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoDon't include CSSParser.h from other headers
achristensen@apple.com [Mon, 16 May 2016 23:11:08 +0000 (23:11 +0000)]
Don't include CSSParser.h from other headers
https://bugs.webkit.org/show_bug.cgi?id=157765

Reviewed by Zalan Bujtas.

No change in behavior.  This just makes it so touching CSSParser.h doesn't rebuild as many files.

* css/CSSCalculationValue.cpp:
* css/CSSParser.cpp:
(WebCore::CSSParser::sourceSize):
(WebCore::filterProperties):
* css/CSSParser.h:
(WebCore::CSSParser::ValueWithCalculation::ValueWithCalculation):
* css/CSSProperty.h:
(WebCore::prefixingVariantForPropertyId):
* css/FontFace.cpp:
* css/StyleProperties.cpp:
(WebCore::MutableStyleProperties::parseDeclaration):
(WebCore::MutableStyleProperties::addParsedProperties):
* css/StyleProperties.h:
* css/StyleResolver.h:
* rendering/style/RenderStyle.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200977 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION (r200441): Yahoo sports, finance and news pages automatically scroll
commit-queue@webkit.org [Mon, 16 May 2016 23:08:05 +0000 (23:08 +0000)]
REGRESSION (r200441): Yahoo sports, finance and news pages automatically scroll
https://bugs.webkit.org/show_bug.cgi?id=157692
<rdar://problem/26231897>

Patch by Aaron Chu <aaron_chu@apple.com> on 2016-05-16
Reviewed by Eric Carlson.

Source/WebCore:

Test: media/video-controls-to-not-scroll-page-on-load.html

This bug was due to the fact that showControls button was shown and focused
when the video controls are hidden. The showControls button is used by FKA or
screen readers to make the video controls reappear after they have faded out.
When the showControls button is shown, a focus() is called on it to ensure that
the screen reader is focusing on the button instead of <body> or the video chrome.
To fix this bug, I added the shouldHaveControls() check before calling focus() on
the showControls button.

* Modules/mediacontrols/mediaControlsApple.js:
(Controller.prototype.showShowControlsButton):

LayoutTests:

Added Layout test to make sure that the page does not scroll automatically because
of the focus() on showControlsButton in the video shadow DOM.

* media/video-controls-to-not-scroll-page-on-load-expected.txt: Added.
* media/video-controls-to-not-scroll-page-on-load.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200976 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd a WKA extension point for WKPreferences SPI
andersca@apple.com [Mon, 16 May 2016 22:53:21 +0000 (22:53 +0000)]
Add a WKA extension point for WKPreferences SPI
https://bugs.webkit.org/show_bug.cgi?id=157762
rdar://problem/24529203

Reviewed by Sam Weinig.

* UIProcess/API/Cocoa/WKPreferences.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200975 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAction sheets don’t work in presented view controllers
ddkilzer@apple.com [Mon, 16 May 2016 22:44:37 +0000 (22:44 +0000)]
Action sheets don’t work in presented view controllers
<https://webkit.org/b/157754>
<rdar://problem/26304845>

Reviewed by Anders Carlsson.

* UIProcess/ios/WKActionSheet.mm:
(-[WKActionSheet presentSheetFromRect:]):
(-[WKActionSheet willRotate]):
- Call SPI to get the presenting view controller, since it may
  not always be the root view controller.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200974 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed rollout r200924. Caused js/regress/string-replace-generic.html to fail.
joepeck@webkit.org [Mon, 16 May 2016 22:31:13 +0000 (22:31 +0000)]
Unreviewed rollout r200924. Caused js/regress/string-replace-generic.html to fail.

.:

* ManualTests/inspector/profiler-test-call.html: Added.
* ManualTests/inspector/profiler-test-many-calls-in-the-same-scope.html: Added.

Source/JavaScriptCore:

* API/JSProfilerPrivate.cpp: Copied from Source/JavaScriptCore/profiler/ProfilerJettisonReason.h.
(JSStartProfiling):
(JSEndProfiling):
* API/JSProfilerPrivate.h: Copied from Source/JavaScriptCore/profiler/ProfilerJettisonReason.h.
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/BytecodeList.json:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::generateUnlinkedFunctionCodeBlock):
(JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor):
* bytecode/UnlinkedFunctionExecutable.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitCallVarargs):
(JSC::BytecodeGenerator::emitCallVarargsInTailPosition):
(JSC::BytecodeGenerator::emitConstructVarargs):
(JSC::BytecodeGenerator::emitConstruct):
* bytecompiler/BytecodeGenerator.h:
(JSC::CallArguments::profileHookRegister):
(JSC::BytecodeGenerator::shouldEmitProfileHooks):
* bytecompiler/NodesCodegen.cpp:
(JSC::CallArguments::CallArguments):
(JSC::CallFunctionCallDotNode::emitBytecode):
(JSC::ApplyFunctionCallDotNode::emitBytecode):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* inspector/InjectedScriptBase.cpp:
(Inspector::InjectedScriptBase::callFunctionWithEvalEnabled):
* inspector/protocol/Timeline.json:
* interpreter/Interpreter.cpp:
(JSC::UnwindFunctor::operator()):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
* jit/JIT.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_profile_will_call):
(JSC::JIT::emit_op_profile_did_call):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_profile_will_call):
(JSC::JIT::emit_op_profile_did_call):
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* jsc.cpp:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* llint/LLIntSlowPaths.h:
* llint/LowLevelInterpreter.asm:
* parser/ParserModes.h:
* profiler/CallIdentifier.h: Added.
(JSC::CallIdentifier::CallIdentifier):
(JSC::CallIdentifier::functionName):
(JSC::CallIdentifier::url):
(JSC::CallIdentifier::lineNumber):
(JSC::CallIdentifier::columnNumber):
(JSC::CallIdentifier::operator==):
(JSC::CallIdentifier::operator!=):
(JSC::CallIdentifier::Hash::hash):
(JSC::CallIdentifier::Hash::equal):
(JSC::CallIdentifier::hash):
(JSC::CallIdentifier::operator const char*):
(JSC::CallIdentifier::c_str):
(WTF::HashTraits<JSC::CallIdentifier>::constructDeletedValue):
(WTF::HashTraits<JSC::CallIdentifier>::isDeletedValue):
* profiler/LegacyProfiler.cpp: Added.
(JSC::LegacyProfiler::profiler):
(JSC::LegacyProfiler::startProfiling):
(JSC::LegacyProfiler::stopProfiling):
(JSC::callFunctionForProfilesWithGroup):
(JSC::LegacyProfiler::suspendProfiling):
(JSC::LegacyProfiler::unsuspendProfiling):
(JSC::LegacyProfiler::willExecute):
(JSC::LegacyProfiler::didExecute):
(JSC::LegacyProfiler::exceptionUnwind):
(JSC::LegacyProfiler::createCallIdentifier):
(JSC::createCallIdentifierFromFunctionImp):
* profiler/LegacyProfiler.h: Added.
(JSC::LegacyProfiler::currentProfiles):
* profiler/Profile.cpp: Added.
(JSC::Profile::create):
(JSC::Profile::Profile):
(JSC::Profile::~Profile):
(JSC::Profile::debugPrint):
(JSC::functionNameCountPairComparator):
(JSC::Profile::debugPrintSampleStyle):
* profiler/Profile.h: Copied from Source/JavaScriptCore/profiler/ProfilerJettisonReason.h.
* profiler/ProfileGenerator.cpp: Added.
(JSC::ProfileGenerator::create):
(JSC::ProfileGenerator::ProfileGenerator):
(JSC::AddParentForConsoleStartFunctor::AddParentForConsoleStartFunctor):
(JSC::AddParentForConsoleStartFunctor::foundParent):
(JSC::AddParentForConsoleStartFunctor::operator()):
(JSC::ProfileGenerator::addParentForConsoleStart):
(JSC::ProfileGenerator::title):
(JSC::ProfileGenerator::beginCallEntry):
(JSC::ProfileGenerator::endCallEntry):
(JSC::ProfileGenerator::willExecute):
(JSC::ProfileGenerator::didExecute):
(JSC::ProfileGenerator::exceptionUnwind):
(JSC::ProfileGenerator::stopProfiling):
(JSC::ProfileGenerator::removeProfileStart):
(JSC::ProfileGenerator::removeProfileEnd):
* profiler/ProfileGenerator.h: Added.
(JSC::ProfileGenerator::profile):
(JSC::ProfileGenerator::origin):
(JSC::ProfileGenerator::profileGroup):
(JSC::ProfileGenerator::setIsSuspended):
* profiler/ProfileNode.cpp: Added.
(JSC::ProfileNode::ProfileNode):
(JSC::ProfileNode::addChild):
(JSC::ProfileNode::removeChild):
(JSC::ProfileNode::spliceNode):
(JSC::ProfileNode::traverseNextNodePostOrder):
(JSC::ProfileNode::debugPrint):
(JSC::ProfileNode::debugPrintSampleStyle):
(JSC::ProfileNode::debugPrintRecursively):
(JSC::ProfileNode::debugPrintSampleStyleRecursively):
* profiler/ProfileNode.h: Added.
(JSC::ProfileNode::create):
(JSC::ProfileNode::Call::Call):
(JSC::ProfileNode::Call::startTime):
(JSC::ProfileNode::Call::setStartTime):
(JSC::ProfileNode::Call::elapsedTime):
(JSC::ProfileNode::Call::setElapsedTime):
(JSC::ProfileNode::operator==):
(JSC::ProfileNode::callerCallFrame):
(JSC::ProfileNode::callIdentifier):
(JSC::ProfileNode::id):
(JSC::ProfileNode::functionName):
(JSC::ProfileNode::url):
(JSC::ProfileNode::lineNumber):
(JSC::ProfileNode::columnNumber):
(JSC::ProfileNode::parent):
(JSC::ProfileNode::setParent):
(JSC::ProfileNode::calls):
(JSC::ProfileNode::lastCall):
(JSC::ProfileNode::appendCall):
(JSC::ProfileNode::children):
(JSC::ProfileNode::firstChild):
(JSC::ProfileNode::lastChild):
(JSC::ProfileNode::nextSibling):
(JSC::ProfileNode::setNextSibling):
(JSC::ProfileNode::forEachNodePostorder):
(JSC::CalculateProfileSubtreeDataFunctor::operator()):
(JSC::CalculateProfileSubtreeDataFunctor::returnValue):
* profiler/ProfilerJettisonReason.cpp:
(WTF::printInternal):
* profiler/ProfilerJettisonReason.h:
* runtime/CodeCache.cpp:
(JSC::CodeCache::getGlobalCodeBlock):
(JSC::CodeCache::getProgramCodeBlock):
(JSC::CodeCache::getEvalCodeBlock):
(JSC::CodeCache::getModuleProgramCodeBlock):
* runtime/CodeCache.h:
* runtime/Executable.cpp:
(JSC::ScriptExecutable::newCodeBlockFor):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::~JSGlobalObject):
(JSC::JSGlobalObject::hasLegacyProfiler):
(JSC::JSGlobalObject::createProgramCodeBlock):
(JSC::JSGlobalObject::createEvalCodeBlock):
(JSC::JSGlobalObject::createModuleProgramCodeBlock):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::supportsLegacyProfiling):
* runtime/Options.h:
* runtime/VM.cpp:
(JSC::VM::VM):
(JSC::SetEnabledProfilerFunctor::operator()):
(JSC::VM::setEnabledProfiler):
* runtime/VM.h:
(JSC::VM::enabledProfiler):
(JSC::VM::enabledProfilerAddress):

Source/WebCore:

Tests: fast/profiler/*

* CMakeLists.txt:
* DerivedSources.cpp:
* DerivedSources.make:
* ForwardingHeaders/profiler/LegacyProfiler.h: Added.
* ForwardingHeaders/profiler/Profile.h: Added.
* ForwardingHeaders/profiler/ProfileNode.h: Added.
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSCustomXPathNSResolver.cpp:
* bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::supportsLegacyProfiling):
(WebCore::JSDOMWindowBase::supportsRichSourceInfo):
* bindings/js/JSDOMWindowBase.h:
* bindings/js/JSWorkerGlobalScopeBase.cpp:
(WebCore::JSWorkerGlobalScopeBase::supportsLegacyProfiling):
* bindings/js/JSWorkerGlobalScopeBase.h:
* bindings/js/ScriptCachedFrameData.cpp:
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::clearWindowShell):
* bindings/js/ScriptProfile.h: Copied from Source/JavaScriptCore/profiler/ProfilerJettisonReason.h.
* bindings/js/ScriptProfileNode.h: Copied from Source/JavaScriptCore/profiler/ProfilerJettisonReason.h.
* bindings/scripts/CodeGeneratorJS.pm:
(AddClassForwardIfNeeded):
* bindings/scripts/test/JS/JSTestObj.cpp:
(WebCore::jsTestObjPrototypeFunctionMethodWithSequenceArg):
(WebCore::jsTestObjPrototypeFunctionMethodReturningSequence):
* bindings/scripts/test/TestObj.idl:
* css/CSSParser.cpp:
* dom/Document.cpp:
* inspector/InspectorConsoleInstrumentation.h:
(WebCore::InspectorInstrumentation::stopProfiling):
* inspector/InspectorController.cpp:
(WebCore::InspectorController::InspectorController):
(WebCore::InspectorController::legacyProfilerEnabled):
(WebCore::InspectorController::setLegacyProfilerEnabled):
* inspector/InspectorController.h:
* inspector/InspectorInstrumentation.cpp:
(WebCore::InspectorInstrumentation::stopProfilingImpl):
* inspector/InspectorInstrumentation.h:
* inspector/InspectorTimelineAgent.cpp:
(WebCore::InspectorTimelineAgent::startFromConsole):
(WebCore::InspectorTimelineAgent::stopFromConsole):
* inspector/InspectorTimelineAgent.h:
* inspector/PageDebuggerAgent.cpp:
* inspector/PageRuntimeAgent.cpp:
* inspector/ScriptProfile.idl: Copied from Source/JavaScriptCore/profiler/ProfilerJettisonReason.h.
* inspector/ScriptProfileNode.idl: Copied from Source/JavaScriptCore/profiler/ProfilerJettisonReason.h.
* inspector/TimelineRecordFactory.cpp:
(WebCore::buildAggregateCallInfoInspectorObject):
(WebCore::buildInspectorObject):
(WebCore::buildProfileInspectorObject):
(WebCore::TimelineRecordFactory::appendProfile):
* inspector/TimelineRecordFactory.h:
* page/DOMWindow.cpp:
* page/Page.cpp:
* page/PageConsoleClient.cpp:
(WebCore::PageConsoleClient::profileEnd):
(WebCore::PageConsoleClient::clearProfiles):
* page/PageConsoleClient.h:
* testing/Internals.cpp:
(WebCore::Internals::resetToConsistentState):
(WebCore::Internals::consoleProfiles):
(WebCore::Internals::setLegacyJavaScriptProfilingEnabled):
* testing/Internals.h:
* testing/Internals.idl:
* testing/js/WebCoreTestSupport.cpp:
* xml/XSLStyleSheetLibxslt.cpp:
* xml/XSLTProcessorLibxslt.cpp:

Source/WebKit/win:

* Interfaces/IWebInspector.idl:
* WebCoreStatistics.cpp:
* WebInspector.cpp:
(WebInspector::isJavaScriptProfilingEnabled):
(WebInspector::setJavaScriptProfilingEnabled):
* WebInspector.h:
* WebView.cpp:

LayoutTests:

* fast/profiler/anonymous-event-handler-expected.txt: Added.
* fast/profiler/anonymous-event-handler.html: Added.
* fast/profiler/anonymous-function-called-from-different-contexts-expected.txt: Added.
* fast/profiler/anonymous-function-called-from-different-contexts.html: Added.
* fast/profiler/anonymous-function-calls-built-in-functions-expected.txt: Added.
* fast/profiler/anonymous-function-calls-built-in-functions.html: Added.
* fast/profiler/anonymous-function-calls-eval-expected.txt: Added.
* fast/profiler/anonymous-function-calls-eval.html: Added.
* fast/profiler/anonymous-functions-with-display-names-expected.txt: Added.
* fast/profiler/anonymous-functions-with-display-names.html: Added.
* fast/profiler/apply-expected.txt: Added.
* fast/profiler/apply.html: Added.
* fast/profiler/built-in-function-calls-anonymous-expected.txt: Added.
* fast/profiler/built-in-function-calls-anonymous.html: Added.
* fast/profiler/built-in-function-calls-user-defined-function-expected.txt: Added.
* fast/profiler/built-in-function-calls-user-defined-function.html: Added.
* fast/profiler/call-expected.txt: Added.
* fast/profiler/call-register-leak-expected.txt: Added.
* fast/profiler/call-register-leak.html: Added.
* fast/profiler/call.html: Added.
* fast/profiler/calling-the-function-that-started-the-profiler-from-another-scope-expected.txt: Added.
* fast/profiler/calling-the-function-that-started-the-profiler-from-another-scope.html: Added.
* fast/profiler/compare-multiple-profiles-expected.txt: Added.
* fast/profiler/compare-multiple-profiles.html: Added.
* fast/profiler/constructor-expected.txt: Added.
* fast/profiler/constructor.html: Added.
* fast/profiler/dead-time-expected.txt: Added.
* fast/profiler/dead-time.html: Added.
* fast/profiler/document-dot-write-expected.txt: Added.
* fast/profiler/document-dot-write.html: Added.
* fast/profiler/event-handler-expected.txt: Added.
* fast/profiler/event-handler.html: Added.
* fast/profiler/execution-context-and-eval-on-same-line-expected.txt: Added.
* fast/profiler/execution-context-and-eval-on-same-line.html: Added.
* fast/profiler/inline-event-handler-expected.txt: Added.
* fast/profiler/inline-event-handler.html: Added.
* fast/profiler/many-calls-in-the-same-scope-expected.txt: Added.
* fast/profiler/many-calls-in-the-same-scope.html: Added.
* fast/profiler/multiple-and-different-scoped-anonymous-function-calls-expected.txt: Added.
* fast/profiler/multiple-and-different-scoped-anonymous-function-calls.html: Added.
* fast/profiler/multiple-and-different-scoped-function-calls-expected.txt: Added.
* fast/profiler/multiple-and-different-scoped-function-calls.html: Added.
* fast/profiler/multiple-anonymous-functions-called-from-the-same-function-expected.txt: Added.
* fast/profiler/multiple-anonymous-functions-called-from-the-same-function.html: Added.
* fast/profiler/multiple-frames-expected.txt: Added.
* fast/profiler/multiple-frames.html: Added.
* fast/profiler/named-functions-with-display-names-expected.txt: Added.
* fast/profiler/named-functions-with-display-names.html: Added.
* fast/profiler/nested-anonymous-functon-expected.txt: Added.
* fast/profiler/nested-anonymous-functon.html: Added.
* fast/profiler/nested-start-and-stop-profiler-expected.txt: Added.
* fast/profiler/nested-start-and-stop-profiler.html: Added.
* fast/profiler/no-execution-context-expected.txt: Added.
* fast/profiler/no-execution-context.html: Added.
* fast/profiler/one-execution-context-expected.txt: Added.
* fast/profiler/one-execution-context.html: Added.
* fast/profiler/profile-calls-in-included-file-expected.txt: Added.
* fast/profiler/profile-calls-in-included-file.html: Added.
* fast/profiler/profile-with-no-title-expected.txt: Added.
* fast/profiler/profile-with-no-title.html: Added.
* fast/profiler/profiling-from-a-nested-location-but-stop-profiling-outside-the-nesting-expected.txt: Added.
* fast/profiler/profiling-from-a-nested-location-but-stop-profiling-outside-the-nesting.html: Added.
* fast/profiler/profiling-from-a-nested-location-expected.txt: Added.
* fast/profiler/profiling-from-a-nested-location.html: Added.
* fast/profiler/resources/other-frame.html: Added.
* fast/profiler/resources/other-window.html: Added.
* fast/profiler/resources/profiler-test-JS-resources.js: Added.
(endTest):
(insertGivenText):
(insertNewText):
(arrayOperatorFunction):
(anonymousFunction):
(anotherAnonymousFunction):
(intermediaryFunction):
(isEqualToFive):
(startProfile):
(printHeavyProfilesDataWithoutTime):
(printProfilesDataWithoutTime):
(printProfileNodeWithoutTime):
* fast/profiler/simple-event-call-expected.txt: Added.
* fast/profiler/simple-event-call.html: Added.
* fast/profiler/simple-no-level-change-expected.txt: Added.
* fast/profiler/simple-no-level-change.html: Added.
* fast/profiler/start-and-stop-profiler-multiple-times-expected.txt: Added.
* fast/profiler/start-and-stop-profiler-multiple-times.html: Added.
* fast/profiler/start-and-stop-profiling-in-the-same-function-expected.txt: Added.
* fast/profiler/start-and-stop-profiling-in-the-same-function.html: Added.
* fast/profiler/start-but-dont-stop-profiling-expected.txt: Added.
* fast/profiler/start-but-dont-stop-profiling.html: Added.
* fast/profiler/stop-profiling-after-setTimeout-expected.txt: Added.
* fast/profiler/stop-profiling-after-setTimeout.html: Added.
* fast/profiler/stop-then-function-call-expected.txt: Added.
* fast/profiler/stop-then-function-call.html: Added.
* fast/profiler/throw-exception-from-eval-expected.txt: Added.
* fast/profiler/throw-exception-from-eval.html-disabled: Added.
* fast/profiler/two-execution-contexts-expected.txt: Added.
* fast/profiler/two-execution-contexts.html: Added.
* fast/profiler/user-defined-function-calls-built-in-functions-expected.txt: Added.
* fast/profiler/user-defined-function-calls-built-in-functions.html: Added.
* fast/profiler/window-dot-eval-expected.txt: Added.
* fast/profiler/window-dot-eval.html: Added.
* platform/efl/TestExpectations:
* platform/gtk/TestExpectations:
* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200973 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoText selection is basically impossible on plain text pages.
enrica@apple.com [Mon, 16 May 2016 22:20:16 +0000 (22:20 +0000)]
Text selection is basically impossible on plain text pages.
https://bugs.webkit.org/show_bug.cgi?id=157681
rdar://problem/26065660

Reviewed by Darin Adler.

When dealing with a plain text file, the rules for deciding whether
a position is selectable should be different and we should never
switch to block selection.

* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::shouldSwitchToBlockModeForHandle):
(WebKit::rectIsTooBigForSelection): Added helper function.
(WebKit::WebPage::selectTextWithGranularityAtPoint):
(WebKit::WebPage::getPositionInformation):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200972 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRenderLayer::hitTestList could mutate the list of candidate layers.
zalan@apple.com [Mon, 16 May 2016 22:00:30 +0000 (22:00 +0000)]
RenderLayer::hitTestList could mutate the list of candidate layers.
https://bugs.webkit.org/show_bug.cgi?id=157718
<rdar://problem/22556046>

Reviewed by Simon Fraser.

This patch ensures that we always start hittesting a clean render tree at EventHandler::hitTestResultAtPoint.

Speculative fix.

* page/EventHandler.cpp:
(WebCore::EventHandler::hitTestResultAtPoint):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200971 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, fixed typo in a comment.
annulen@yandex.ru [Mon, 16 May 2016 21:53:44 +0000 (21:53 +0000)]
Unreviewed, fixed typo in a comment.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200970 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove unused initializer for WebEvent on iOS.
enrica@apple.com [Mon, 16 May 2016 21:42:07 +0000 (21:42 +0000)]
Remove unused initializer for WebEvent on iOS.
https://bugs.webkit.org/show_bug.cgi?id=157689

Reviewed by Anders Carlsson.

Removing use of characterSet property.

* WebView/WebHTMLView.mm:
(-[WebHTMLView _handleEditingKeyEvent:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200969 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove unused initializer for WebEvent on iOS.
enrica@apple.com [Mon, 16 May 2016 21:39:04 +0000 (21:39 +0000)]
Remove unused initializer for WebEvent on iOS.
https://bugs.webkit.org/show_bug.cgi?id=157689

Reviewed by Anders Carlsson.

Source/WebCore:

This is no longer used and can be removed.
The logic tied to isPopupVariant has been incorporated
in keyboard flags. The characterSet property is no longer needed too.

* platform/ios/WebEvent.h:
* platform/ios/WebEvent.mm:
(-[WebEvent initWithKeyEventType:timeStamp:characters:charactersIgnoringModifiers:modifiers:isRepeating:withFlags:keyCode:isTabKey:characterSet:]):
(-[WebEvent initWithKeyEventType:timeStamp:characters:charactersIgnoringModifiers:modifiers:isRepeating:isPopupVariant:keyCode:isTabKey:characterSet:]): Deleted.
(-[WebEvent _characterSetDescription]): Deleted.
(-[WebEvent isPopupVariant]): Deleted.
(-[WebEvent characterSet]): Deleted.

Tools:

Adopting different initializer for WebEvent to fix the build.

* DumpRenderTree/mac/EventSendingController.mm:
(-[EventSendingController keyDown:withModifiers:withLocation:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200968 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd a WebCore logging channel for images
simon.fraser@apple.com [Mon, 16 May 2016 21:36:15 +0000 (21:36 +0000)]
Add a WebCore logging channel for images
https://bugs.webkit.org/show_bug.cgi?id=157752

Reviewed by Zalan Bujtas.

Create an Images log channel, and log various things related to decoding and drawing
images.

* platform/Logging.h:
* platform/graphics/BitmapImage.cpp:
(WebCore::BitmapImage::destroyDecodedDataIfNecessary):
(WebCore::BitmapImage::cacheFrame):
(WebCore::BitmapImage::startAnimation):
* platform/graphics/cg/GraphicsContextCG.cpp:
(WebCore::GraphicsContext::drawNativeImage):
* platform/graphics/cg/ImageDecoderCG.cpp:
(WebCore::ImageDecoder::createFrameImageAtIndex):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200967 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[iOS] Remove dispatch_after in -[WKFormInputSession setSuggestions:]
commit-queue@webkit.org [Mon, 16 May 2016 20:52:33 +0000 (20:52 +0000)]
[iOS] Remove dispatch_after in -[WKFormInputSession setSuggestions:]
https://bugs.webkit.org/show_bug.cgi?id=157745

Patch by Chelsea Pugh <cpugh@apple.com> on 2016-05-16
Reviewed by Dan Bernstein.

* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKFormInputSession setSuggestions:]): Remove the dispatch_after since
there is no longer a chance of keyboard suggestions replacing the
suggestions set here.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200966 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoDon't execute JavaScript within HTMLMediaElement::stop()
adachan@apple.com [Mon, 16 May 2016 20:46:01 +0000 (20:46 +0000)]
Don't execute JavaScript within HTMLMediaElement::stop()
https://bugs.webkit.org/show_bug.cgi?id=157655

Reviewed by Chris Dumez.

* dom/ScriptExecutionContext.cpp:
(WebCore::ScriptExecutionContext::suspendActiveDOMObjects):
Move the setting of m_activeDOMObjectsAreSuspended to true earlier so we won't execute
any JS while suspending the objects.
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::updateMediaControlsAfterPresentationModeChange):
Bail early if the controls script hasn't been injected yet or the DOM object has been
stopped or suspended.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200965 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFocus ordering should respect slot elements
rniwa@webkit.org [Mon, 16 May 2016 20:26:40 +0000 (20:26 +0000)]
Focus ordering should respect slot elements
https://bugs.webkit.org/show_bug.cgi?id=151379

Reviewed by Antti Koivisto.

Source/WebCore:

Implemented the sequential focus navigation ordering as discussed on
https://github.com/w3c/webcomponents/issues/375

New behavior treats each shadow root and slot as a "focus scope". The focus navigation ordering
is defined within each "focus scope" using tabindex, treating any "focus scope owner"
(e.g. shadow host or a slot) as if it was having tabindex=0 if it wasn't itself focusable.

This patch modifies FocusNavigationScope to support a focus scope defined for a slot element in
addition to the one defined for a shadow tree and a document as previously supported.

Tests: fast/shadow-dom/focus-across-details-element.html
       fast/shadow-dom/focus-navigation-across-slots.html

* dom/Node.cpp:
(WebCore::parentShadowRoot): Extracted from assignedSlot.
(WebCore::Node::assignedSlot):
(WebCore::Node::assignedSlotForBindings): Added.
* dom/Node.h:
* dom/NonDocumentTypeChildNode.idl:
* html/HTMLDetailsElement.h:
(HTMLDetailsElement::hasCustomFocusLogic): Added. Don't treat details element as a "focus scope".
* html/HTMLSummaryElement.h:
(HTMLSummaryElement::hasCustomFocusLogic): Ditto for summary element.
* page/FocusController.cpp:
(WebCore::hasCustomFocusLogic): Moved.
(WebCore::isFocusScopeOwner): Added. Returns true on a shadow host without a custom focus logic or
on a slot inside a shadow tree whose shadow host doesn't have a custom focus logic.
(WebCore::FocusNavigationScope::firstChildInScope): Now takes a reference. Call isFocusScopeOwner
to check for both slots and shadow roots instead of just the latter. This fixes a subtle bug that
focus may never get out of textarea in some cases due to its failure to check hasCustomFocusLogic.
(WebCore::FocusNavigationScope::lastChildInScope): Ditto.
(WebCore::FocusNavigationScope::parentInScope): Made this a member function since it needs to check
against m_slotElement inside the focus scope of a slot.
(WebCore::FocusNavigationScope::nextSiblingInScope): Added. Finds the next assigned node in a slot
in the focus scope defined for a slot. Just calls nextSibling() in the focus scope for shadow tree
and document.
(WebCore::FocusNavigationScope::previousSiblingInScope): Ditto for finding the previous sibling.
(WebCore::FocusNavigationScope::firstNodeInScope): Added. This function replaces rootNode() which
doesn't exist for the focus scope of a slot element.
(WebCore::FocusNavigationScope::lastNodeInScope): Ditto for the last node.
(WebCore::FocusNavigationScope::nextInScope):
(WebCore::FocusNavigationScope::previousInScope):
(WebCore::FocusNavigationScope::FocusNavigationScope): Added a variant that takes HTMLSlotElement.
(WebCore::FocusNavigationScope::owner): Added the support for slot elements.
(WebCore::FocusNavigationScope::scopeOf): Ditto.
(WebCore::FocusNavigationScope::scopeOwnedByScopeOwner): Ditto.
(WebCore::isFocusableElementOrScopeOwner): Added the support for slot elements and renamed from
isFocusableOrHasShadowTreeWithoutCustomFocusLogic.
(WebCore::isNonFocusableScopeOwner): Ditto. Renamed from isNonFocusableShadowHost.
(WebCore::isFocusableScopeOwner): Ditto. Renamed from isFocusableShadowHost.
(WebCore::shadowAdjustedTabIndex): Added the support for slot elements.
(WebCore::FocusController::findFocusableElementAcrossFocusScope):
(WebCore::FocusController::nextFocusableElementWithinScope):
(WebCore::FocusController::previousFocusableElementWithinScope):
(WebCore::FocusController::findElementWithExactTabIndex):
(WebCore::nextElementWithGreaterTabIndex): Call firstNodeInScope() instead of rootNode() here since
there is no root node for the focus scope defined for a slot element.
(WebCore::previousElementWithLowerTabIndex): Ditto for scope.lastNodeInScope().
(WebCore::FocusController::nextFocusableElementOrScopeOwner):
(WebCore::FocusController::previousFocusableElementOrScopeOwner):
(WebCore::parentInScope): Deleted.
(WebCore::FocusNavigationScope::rootNode): Deleted.
(WebCore::FocusNavigationScope::scopeOwnedByShadowHost): Deleted.
(WebCore::isNonFocusableShadowHost): Deleted.
(WebCore::isFocusableShadowHost): Deleted.
(WebCore::isFocusableOrHasShadowTreeWithoutCustomFocusLogic): Deleted.

LayoutTests:

Added regression tests for moving focus by tab and shift+tab across
user-defined shadow trees with slots and details element.

* fast/shadow-dom/focus-across-details-element-expected.txt: Added.
* fast/shadow-dom/focus-across-details-element.html: Added.
* fast/shadow-dom/focus-navigation-across-slots-expected.txt: Added.
* fast/shadow-dom/focus-navigation-across-slots.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200964 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUse WTF::Optional for ScrollView's m_deferredScrollDelta / m_deferredScrollOffsets
cdumez@apple.com [Mon, 16 May 2016 20:24:52 +0000 (20:24 +0000)]
Use WTF::Optional for ScrollView's m_deferredScrollDelta / m_deferredScrollOffsets
https://bugs.webkit.org/show_bug.cgi?id=157747

Reviewed by Zalan Bujtas.

Use WTF::Optional for ScrollView's m_deferredScrollDelta / m_deferredScrollOffsets
instead of std::unique_ptr as it is more suited for this purpose.

* platform/ScrollView.cpp:
(WebCore::ScrollView::scrollOffsetChangedViaPlatformWidget):
(WebCore::ScrollView::handleDeferredScrollUpdateAfterContentSizeChange):
(WebCore::ScrollView::scrollTo):
* platform/ScrollView.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200963 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Contents of Duration column are covered by always on (legacy) scroll...
nvasilyev@apple.com [Mon, 16 May 2016 20:19:24 +0000 (20:19 +0000)]
Web Inspector: Contents of Duration column are covered by always on (legacy) scroll bars
https://bugs.webkit.org/show_bug.cgi?id=157590

Reviewed by Timothy Hatcher.

Set the right padding of the DataGrid header to match the scrollbar width.

* UserInterface/Views/DataGrid.css:
(.data-grid .data-container):
(.data-grid.inline .data-container):
Don't show scrollbars for inline data grids.

(.data-grid > .header-wrapper):
(.data-grid.no-header > .header-wrapper > table.header):
(.data-grid.no-header > table.header): Deleted.
(.data-grid th): Deleted.
* UserInterface/Views/DataGrid.js:
(WebInspector.DataGrid):
We can't add padding-rigth to a table. Wrap the table in div.header-wrapper.

(WebInspector.DataGrid.prototype._updateScrollbarPadding):
(WebInspector.DataGrid.prototype.layout):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200962 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCrash simulating keystrokes at WebKit::WebAutomationSession::platformSimulateKeyStroke
bburg@apple.com [Mon, 16 May 2016 20:01:03 +0000 (20:01 +0000)]
Crash simulating keystrokes at WebKit::WebAutomationSession::platformSimulateKeyStroke
https://bugs.webkit.org/show_bug.cgi?id=157737
<rdar://problem/26292946>

Reviewed by Timothy Hatcher.

* UIProcess/Cocoa/WebAutomationSessionCocoa.mm:
(WebKit::WebAutomationSession::platformSimulateKeyStroke):
AppKit expects characters passed to [NSEvent keyEventWithType:...]
to be non-nil even if there are no characters. Initialize characters
to the empty string @"". It will be overwritten if the keystroke should
produce any unicode characters.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200961 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRebaseline tests for ios-simulator
ryanhaddad@apple.com [Mon, 16 May 2016 19:57:55 +0000 (19:57 +0000)]
Rebaseline tests for ios-simulator

Unreviewed test gardening.

* fast/events/touch/document-create-touch-list-ios-expected.txt:
* platform/ios-simulator/ios/touch/construct-TouchList-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200960 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Automation: Automation.inspectBrowsingContext should automatically start page...
bburg@apple.com [Mon, 16 May 2016 19:53:00 +0000 (19:53 +0000)]
Web Automation: Automation.inspectBrowsingContext should automatically start page profiling
https://bugs.webkit.org/show_bug.cgi?id=157739

Reviewed by Timothy Hatcher.

* UIProcess/API/C/WKInspector.cpp:
(WKInspectorTogglePageProfiling):
Implicitly show the Web Inspector in the C API command to preserve existing behavior.

* UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::inspectorFrontendLoaded):
If the frontend loaded, it was either because the user opened Web Inspector (and
turning on page profiling is harmless), or it was loaded but not shown by the
inspectBrowsingContext command. For the latter, we want to start page profiling
before processing any additional commands so subsequent execution is captured.

* UIProcess/WebInspectorProxy.cpp:
(WebKit::WebInspectorProxy::togglePageProfiling):
Send the start/stop profiling messages directly to the WebInspectorUI process instead of
bouncing through the inspected page's process, which does an implicit show() we don't want.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::inspector): Make it const.
* UIProcess/WebPageProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200959 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFixupPhase should be more eager to demote bit math to untyped
fpizlo@apple.com [Mon, 16 May 2016 19:41:01 +0000 (19:41 +0000)]
FixupPhase should be more eager to demote bit math to untyped
https://bugs.webkit.org/show_bug.cgi?id=157746

Reviewed by Mark Lam.
Source/JavaScriptCore:

This just makes the logic for how we fixup bit math match the way we do it in other places.
This doesn't affect performance on any major benchmark but it's a big win on new
microbenchmarks added in this change.

Details:

object-and                                     11.1610+-0.7602     ^      4.8105+-0.1690        ^ definitely 2.3201x faster
object-or                                      11.0845+-0.2487     ^      4.7146+-0.0374        ^ definitely 2.3511x faster
object-xor                                     10.2946+-0.9946     ^      4.7278+-0.0814        ^ definitely 2.1775x faster
object-lshift                                  10.4896+-1.0867     ^      4.7699+-0.0721        ^ definitely 2.1991x faster
object-rshift                                  11.1239+-0.5010     ^      4.7194+-0.0445        ^ definitely 2.3570x faster
object-urshift                                 10.9745+-0.1315     ^      4.7848+-0.0479        ^ definitely 2.2936x faster

* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):

LayoutTests:

* js/regress/object-and-expected.txt: Added.
* js/regress/object-and.html: Added.
* js/regress/object-int-and-array-expected.txt: Added.
* js/regress/object-int-and-array.html: Added.
* js/regress/object-lshift-expected.txt: Added.
* js/regress/object-lshift.html: Added.
* js/regress/object-or-expected.txt: Added.
* js/regress/object-or.html: Added.
* js/regress/object-rshift-expected.txt: Added.
* js/regress/object-rshift.html: Added.
* js/regress/object-urshift-expected.txt: Added.
* js/regress/object-urshift.html: Added.
* js/regress/object-xor-expected.txt: Added.
* js/regress/object-xor.html: Added.
* js/regress/script-tests/object-and.js: Added.
(o.valueOf):
* js/regress/script-tests/object-int-and-array.js: Added.
(i.o.valueOf):
* js/regress/script-tests/object-lshift.js: Added.
(o.valueOf):
* js/regress/script-tests/object-or.js: Added.
(o.valueOf):
* js/regress/script-tests/object-rshift.js: Added.
(o.valueOf):
* js/regress/script-tests/object-urshift.js: Added.
(o.valueOf):
* js/regress/script-tests/object-xor.js: Added.
(o.valueOf):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200958 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix some deprecation warnings.
conrad_shultz@apple.com [Mon, 16 May 2016 19:20:40 +0000 (19:20 +0000)]
Fix some deprecation warnings.

* UIProcess/mac/WKPrintingView.mm:
(-[WKPrintingView _drawPDFDocument:page:atPoint:]):
* WebProcess/Plugins/PDF/DeprecatedPDFPlugin.mm:
(WebKit::PDFPlugin::setActiveAnnotation):
(WebKit::PDFPlugin::lookupTextAtLocation):
* WebProcess/Plugins/PDF/PDFPluginChoiceAnnotation.h:
* WebProcess/Plugins/PDF/PDFPluginChoiceAnnotation.mm:
(WebKit::PDFPluginChoiceAnnotation::createAnnotationElement):
* WebProcess/Plugins/PDF/PDFPluginTextAnnotation.h:
* WebProcess/Plugins/PDF/PDFPluginTextAnnotation.mm:
(WebKit::PDFPluginTextAnnotation::createAnnotationElement):
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::drawPDFPage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200957 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd machine-readable results for JSC API tests to the Buildbot json log
commit-queue@webkit.org [Mon, 16 May 2016 18:57:28 +0000 (18:57 +0000)]
Add machine-readable results for JSC API tests to the Buildbot json log
https://bugs.webkit.org/show_bug.cgi?id=157642

Patch by Srinivasan Vijayaraghavan <svijayaraghavan@apple.com> on 2016-05-16
Reviewed by Geoffrey Garen.

* BuildSlaveSupport/build.webkit.org-config/master.cfg:
(RunJavaScriptCoreTests): Use --no-fail-fast option on run-javascriptcore-tests
* Scripts/run-javascriptcore-tests:
(runJSCStressTests): Abstracted out writing JSON to file (new function below)
(writeJsonDataIfApplicable): Added

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200956 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Background stripes don't span the width of Network sidebar
nvasilyev@apple.com [Mon, 16 May 2016 18:54:41 +0000 (18:54 +0000)]
Web Inspector: Background stripes don't span the width of Network sidebar
https://bugs.webkit.org/show_bug.cgi?id=157744

Reviewed by Timothy Hatcher.

* UserInterface/Views/NetworkSidebarPanel.css:
(.sidebar > .panel.navigation.network.network-grid-content-view-showing > .content):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200955 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agocontainingBlockFor*Position functions should take the renderer instead of the parent.
zalan@apple.com [Mon, 16 May 2016 18:44:02 +0000 (18:44 +0000)]
containingBlockFor*Position functions should take the renderer instead of the parent.
https://bugs.webkit.org/show_bug.cgi?id=157659

Reviewed by Simon Fraser.

containingBlockForFixedPosition, containingBlockForAbsolutePosition and containingBlockForObjectInFlow functions
expect the renderer's parent to be passed in (unless it is a RenderInline!). It is rather misleading and highly error-prone.
We should call them with the renderer itself instead.

* dom/Element.cpp:
(WebCore::layoutOverflowRectContainsAllDescendants): This expects ancestor containing block.
* rendering/LogicalSelectionOffsetCaches.h:
(WebCore::LogicalSelectionOffsetCaches::LogicalSelectionOffsetCaches):
* rendering/RenderElement.cpp:
(WebCore::containingBlockForFixedPosition):
(WebCore::containingBlockForAbsolutePosition):
(WebCore::containingBlockForObjectInFlow):
* rendering/RenderElement.h:
* rendering/RenderInline.cpp:
(WebCore::RenderInline::styleWillChange):
* rendering/RenderLineBreak.cpp:
(WebCore::RenderLineBreak::collectSelectionRects): Not a behaviour change.
* rendering/RenderObject.cpp:
(WebCore::RenderObject::containingBlock): RenderScrollbarPart renderer now returns
the containing block based on its owning renderer's style.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200953 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Computed style shows both prefixed and unprefixed variants of properties
bburg@apple.com [Mon, 16 May 2016 18:26:32 +0000 (18:26 +0000)]
Web Inspector: Computed style shows both prefixed and unprefixed variants of properties
https://bugs.webkit.org/show_bug.cgi?id=157674
<rdar://problem/24339756>

Patch by Antoine Quint <graouts@apple.com> on 2016-05-16
Reviewed by Timothy Hatcher.

We make the CSSProperty `implicit` property read-write, and in the case where a computed style
has a property marked as explicit, we also check that it's found in matching rules to consider
it non-implicit. This correctly filters out variants of properties set explicitly.

* UserInterface/Models/CSSProperty.js:
(WebInspector.CSSProperty.prototype.set implicit):
* UserInterface/Models/DOMNodeStyles.js:
(WebInspector.DOMNodeStyles.prototype.refresh.fetchedComputedStyle):
(WebInspector.DOMNodeStyles.prototype.refresh):
(WebInspector.DOMNodeStyles.prototype._isPropertyFoundInMatchingRules):
(WebInspector.DOMNodeStyles):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200952 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[WK2] Add API to WKWebViewConfiguration to control autoplay policy.
jer.noble@apple.com [Mon, 16 May 2016 18:23:22 +0000 (18:23 +0000)]
[WK2] Add API to WKWebViewConfiguration to control autoplay policy.
https://bugs.webkit.org/show_bug.cgi?id=156312

Reviewed by Dan Bernstein.

Source/WebKit2:

Add a new API to WKWebViewConfiguration to allow fine-grained control over when media is allowed
to play without a user gesture, and simultaneously deprecate the existing, all-or-nothing API,
and deprecated the equivalent SPIs.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]):
* UIProcess/API/Cocoa/WKWebViewConfiguration.h:
* UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration encodeWithCoder:]):
(-[WKWebViewConfiguration initWithCoder:]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _requiresUserActionForVideoPlayback]):
(-[WKWebViewConfiguration _setRequiresUserActionForVideoPlayback:]):
(-[WKWebViewConfiguration _requiresUserActionForAudioPlayback]):
(-[WKWebViewConfiguration _setRequiresUserActionForAudioPlayback:]):
(-[WKWebViewConfiguration requiresUserActionForMediaPlayback]):
(-[WKWebViewConfiguration setRequiresUserActionForMediaPlayback:]):
* UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:

Tools:

* WebKitTestRunner/cocoa/TestControllerCocoa.mm:
(WTR::initializeWebViewConfiguration):
* TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:
(TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200951 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Automation: WebAutomationSessionProxy.js gets injected more than once sometimes
bburg@apple.com [Mon, 16 May 2016 18:09:46 +0000 (18:09 +0000)]
Web Automation: WebAutomationSessionProxy.js gets injected more than once sometimes
https://bugs.webkit.org/show_bug.cgi?id=157716
<rdar://problem/26287306>

Reviewed by Timothy Hatcher.

Whenever a script was injected into a non-normal world by a WebKit client,
the WebProcess's WebAutomationSessionProxy singleton would get a
notification that the window was cleared from the relevant frame.
This notification happens when creating the world's window shell for
the first time.

This code should ignore such notifications that originate from non-main world
contexts. Web Inspector's instrumentation already ignored this, but
the automation session notification comes in via a different WebKit2 layer.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDidClearWindowObjectInWorld):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200950 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: DataGrid _updateVisibleRows dominates profiles of timeline recordings...
timothy@apple.com [Mon, 16 May 2016 18:04:25 +0000 (18:04 +0000)]
Web Inspector: DataGrid _updateVisibleRows dominates profiles of timeline recordings when data grid (Overview or TimelineDataGrids) is showing
https://bugs.webkit.org/show_bug.cgi?id=157664
rdar://problem/26262219

Reviewed by Joseph Pecoraro.

* UserInterface/Views/DataGrid.js:
(WebInspector.DataGrid): Added new members.
(WebInspector.DataGrid.prototype.layout): Reset _cachedScrollTop and _cachedScrollHeight on resize.
(WebInspector.DataGrid.prototype._noteScrollPositionChanged): Added.
(WebInspector.DataGrid.prototype._updateVisibleRows): Cache sizes and positions when possible.
(WebInspector.DataGridNode.prototype.set hidden): Added call to _noteRowsChanged.
(WebInspector.DataGridNode.prototype.collapse): Call _noteRowsChanged instead of needsLayout.
(WebInspector.DataGridNode.prototype.expand): Call _noteRowsChanged instead of needsLayout.
(WebInspector.DataGrid.prototype._updateFilter): Removed direct call to _updateVisibleRows, this is
better handled by DataGridNode's hidden setter.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200949 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Many DataGrid instances do not save/restore their scroll position
timothy@apple.com [Mon, 16 May 2016 17:41:41 +0000 (17:41 +0000)]
Web Inspector: Many DataGrid instances do not save/restore their scroll position
https://bugs.webkit.org/show_bug.cgi?id=157709
rdar://problem/26286090

Reviewed by Brian Burg.

* UserInterface/Models/BackForwardEntry.js:
(WebInspector.BackForwardEntry.prototype.makeCopy): Added.
* UserInterface/Views/ContentViewContainer.js:
(WebInspector.ContentViewContainer.prototype.showContentView): Copy the last entry for the view.
* UserInterface/Views/DOMStorageContentView.js:
(WebInspector.DOMStorageContentView.prototype.get scrollableElements): Added.
* UserInterface/Views/HeapSnapshotContentView.js:
(WebInspector.HeapSnapshotContentView.prototype.get scrollableElements): Added.
* UserInterface/Views/IndexedDatabaseObjectStoreContentView.js:
(WebInspector.IndexedDatabaseObjectStoreContentView.prototype.get scrollableElements): Added.
* UserInterface/Views/MemoryTimelineView.js:
(WebInspector.MemoryTimelineView.prototype.get scrollableElements): Added.
* UserInterface/Views/ProfileView.js:
(WebInspector.ProfileView.prototype.get scrollableElements): Added.
(WebInspector.ProfileView.prototype._repopulateDataGridFromTree): Removed unused skipRefresh argument.
* UserInterface/Views/ScriptClusterTimelineView.js:
(WebInspector.ScriptClusterTimelineView.prototype.get scrollableElements): Added.
* UserInterface/Views/ScriptProfileTimelineView.js:
(WebInspector.ScriptProfileTimelineView.prototype.get scrollableElements): Added.
* UserInterface/Views/TimelineView.js:
(WebInspector.TimelineView.prototype.get scrollableElements): Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200947 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRegExp /y flag incorrect handling of mixed-length alternation
msaboff@apple.com [Mon, 16 May 2016 17:40:15 +0000 (17:40 +0000)]
RegExp /y flag incorrect handling of mixed-length alternation
https://bugs.webkit.org/show_bug.cgi?id=157723

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

Previously for sticky patterns, we were bailing out and exiting when backtracking
alternatives with dissimilar match lengths.  Deleted that code.  Instead, for
sticky patterns we need to process the backtracking except for advancing to the
next input index.

* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::backtrack):

LayoutTests:

Added tests for alternatives with shorter to longer lengths.

* js/regexp-sticky-expected.txt:
* js/script-tests/regexp-sticky.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200946 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION (r192098): Content missing after copy and paste to Notes App on retina...
bfulgham@apple.com [Mon, 16 May 2016 17:35:30 +0000 (17:35 +0000)]
REGRESSION (r192098): Content missing after copy and paste to Notes App on retina displays
https://bugs.webkit.org/show_bug.cgi?id=157630
<rdar://problem/25277577>

Reviewed by Simon Fraser.

Source/WebCore:

Tested by http/tests/images/hidpi-srcset-copy.html

The code to create a WebArchive (or other representation) of a webpage was using the 'src' attribute of
the image element, which might be changed to reflect the optimal image dimensions for a specific
display. Instead, we should use the 'imageSourceURL' method of the Element class so we get the correct
'original' image URL in our cached resources.

* editing/cocoa/HTMLConverter.mm:
(HTMLConverter::_processElement): Use 'imageSourceURL', rather than getting the raw 'src' attribute.
* html/HTMLImageElement.cpp:
(WebCore::HTMLImageElement::addSubresourceAttributeURLs): Ditto.

Tools:

Update test infrastructure to support checking the number of images in the pasteboard.

* DumpRenderTree/TestRunner.cpp:
(imageCountInGeneralPasteboardCallback): Added.
(TestRunner::staticFunctions):
* DumpRenderTree/TestRunner.h:
* DumpRenderTree/mac/TestRunnerMac.mm:
(TestRunner::imageCountInGeneralPasteboard): Added.
* DumpRenderTree/win/TestRunnerWin.cpp:
(TestRunner::imageCountInGeneralPasteboard): Added stub method.
* WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
* WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::imageCountInGeneralPasteboard): Added.
* WebKitTestRunner/InjectedBundle/InjectedBundle.h:
* WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::imageCountInGeneralPasteboard): Added.
* WebKitTestRunner/InjectedBundle/TestRunner.h:
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::imageCountInGeneralPasteboard): Added stub implementation.
* WebKitTestRunner/TestController.h:
* WebKitTestRunner/TestInvocation.cpp:
(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle): Handle copy message.
* WebKitTestRunner/cocoa/TestControllerCocoa.mm:
(WTR::TestController::imageCountInGeneralPasteboard): Added.

LayoutTests:

* http/tests/images/hidpi-srcset-copy-expected.txt: Added.
* http/tests/images/hidpi-srcset-copy.html: Added.
* http/tests/resources/img-srcset: Added.
* http/tests/resources/img-srcset/image1-620x442.jpg: Added.
* http/tests/resources/img-srcset/image2-1024x731.jpg: Added.
* http/tests/resources/img-srcset/image2-1400x1000.jpg: Added.
* http/tests/resources/img-srcset/image2-300x214.jpg: Added.
* http/tests/resources/img-srcset/image2-620x442.jpg: Added.
* http/tests/resources/img-srcset/image2-840x600.jpg: Added.
* http/tests/resources/img-srcset/image3-250x178.jpg: Added.
* http/tests/resources/img-srcset/image3-615x438.jpg: Added.
* http/tests/resources/img-srcset/image3-620x440.jpg: Added.
* http/tests/resources/img-srcset/image3-700x498.jpg: Added.
* http/tests/resources/img-srcset/image3-840x598.jpg: Added.
* http/tests/resources/img-srcset/image3.jpg: Added.
* http/tests/resources/img-srcset/image4-1024x612.jpg: Added.
* http/tests/resources/img-srcset/image4-300x179.jpg: Added.
* http/tests/resources/img-srcset/image4-620x370.jpg: Added.
* http/tests/resources/img-srcset/image4-768x459.jpg: Added.
* http/tests/resources/img-srcset/image4-840x502.jpg: Added.
* http/tests/resources/img-srcset/image4-940x560.jpg: Added.
* platform/efl/TestExpectations: No pasteboard implementation. Skip.
* platform/gtk/TestExpectations: Ditto.
* platform/win/TestExpectations: Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200945 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRandom CachedFont.cpp cleanup.
beidson@apple.com [Mon, 16 May 2016 17:22:13 +0000 (17:22 +0000)]
Random CachedFont.cpp cleanup.
https://bugs.webkit.org/show_bug.cgi?id=157740

Reviewed by Myles C. Maxfield.

No new tests (Refactor/cleanup, no behavior change)

* loader/cache/CachedFont.cpp:
(WebCore::CachedFont::ensureCustomFontData): Remove unneeded local RefPtr<>
(WebCore::CachedFont::createCustomFontData): Refactor to not require unnecessary Ref-churn in the common case.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200944 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoModernize Track classes' code
cdumez@apple.com [Mon, 16 May 2016 16:37:26 +0000 (16:37 +0000)]
Modernize Track classes' code
https://bugs.webkit.org/show_bug.cgi?id=157735

Reviewed by Eric Carlson.

Modernize Track classes' code a bit.

* Modules/mediasource/MediaSource.cpp:
(WebCore::MediaSource::removeSourceBuffer):
* Modules/mediasource/SourceBuffer.cpp:
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment):
* bindings/js/JSTrackCustom.cpp:
(WebCore::toTrack):
(WebCore::toJS):
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::audioTrackEnabledChanged):
(WebCore::HTMLMediaElement::textTrackModeChanged):
(WebCore::HTMLMediaElement::videoTrackSelectedChanged):
(WebCore::HTMLMediaElement::textTrackRemoveCues):
(WebCore::HTMLMediaElement::mediaPlayerDidAddTextTrack):
(WebCore::HTMLMediaElement::addAudioTrack):
(WebCore::HTMLMediaElement::addTextTrack):
(WebCore::HTMLMediaElement::addVideoTrack):
(WebCore::HTMLMediaElement::removeAudioTrack):
(WebCore::HTMLMediaElement::removeTextTrack):
(WebCore::HTMLMediaElement::removeVideoTrack):
(WebCore::HTMLMediaElement::forgetResourceSpecificTracks):
(WebCore::HTMLMediaElement::audioTracks):
(WebCore::HTMLMediaElement::textTracks):
(WebCore::HTMLMediaElement::videoTracks):
(WebCore::HTMLMediaElement::didAddTextTrack):
(WebCore::HTMLMediaElement::didRemoveTextTrack):
(WebCore::HTMLMediaElement::setSelectedTextTrack):
(WebCore::HTMLMediaElement::textTrackAddCues): Deleted.
(WebCore::HTMLMediaElement::closeCaptionTracksChanged): Deleted.
* html/HTMLMediaElement.h:
* html/shadow/MediaControlElements.cpp:
(WebCore::MediaControlClosedCaptionsTrackListElement::updateDisplay):
(WebCore::MediaControlClosedCaptionsTrackListElement::rebuildTrackListMenu):
* html/track/AudioTrack.cpp:
(WebCore::AudioTrack::~AudioTrack):
(WebCore::AudioTrack::setPrivate):
(WebCore::AudioTrack::isValidKind):
(WebCore::AudioTrack::willRemove):
(WebCore::AudioTrack::setEnabled): Deleted.
(WebCore::AudioTrack::updateKindFromPrivate): Deleted.
* html/track/AudioTrack.h:
(isType):
* html/track/AudioTrackList.cpp:
(AudioTrackList::append):
(AudioTrackList::item):
(AudioTrackList::getTrackById):
(AudioTrackList::eventTargetInterface): Deleted.
* html/track/AudioTrackList.h:
* html/track/InbandTextTrack.cpp:
(WebCore::InbandTextTrack::willRemove):
* html/track/TextTrack.cpp:
(WebCore::TextTrack::setKind):
(WebCore::TextTrack::trackIndex):
(WebCore::TextTrack::trackIndexRelativeToRenderedTracks):
(WebCore::TextTrack::setLanguage):
* html/track/TextTrack.h:
(isType):
* html/track/TextTrackList.cpp:
(TextTrackList::getTrackIndex):
(TextTrackList::getTrackIndexRelativeToRenderedTracks):
(TextTrackList::item):
(TextTrackList::getTrackById):
(TextTrackList::invalidateTrackIndexesAfterTrack):
(TextTrackList::append):
(TextTrackList::remove):
(TextTrackList::contains):
* html/track/TextTrackList.h:
* html/track/TrackBase.h:
* html/track/TrackEvent.cpp:
(WebCore::TrackEvent::TrackEvent):
* html/track/TrackEvent.h:
* html/track/TrackListBase.cpp:
(TrackListBase::remove):
(TrackListBase::contains):
(TrackListBase::scheduleTrackEvent):
(TrackListBase::scheduleAddTrackEvent):
(TrackListBase::scheduleRemoveTrackEvent):
* html/track/TrackListBase.h:
* html/track/VideoTrack.cpp:
(WebCore::VideoTrack::willRemove):
(WebCore::VideoTrack::setKind):
(WebCore::VideoTrack::setLanguage):
* html/track/VideoTrack.h:
(isType):
* html/track/VideoTrackList.cpp:
(VideoTrackList::append):
(VideoTrackList::item):
(VideoTrackList::getTrackById):
(VideoTrackList::selectedIndex):
* html/track/VideoTrackList.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200943 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed gardening
jdiggs@igalia.com [Mon, 16 May 2016 14:50:07 +0000 (14:50 +0000)]
Unreviewed gardening

Re-mark a failing test as failing. Update the expectations file so
that it fails rather than passes unexpectedly.

* accessibility/gtk/title-and-alt-expected.txt:
* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200942 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCSSParser.cpp triggers -Wunused-parameter
mcatanzaro@igalia.com [Mon, 16 May 2016 14:40:57 +0000 (14:40 +0000)]
CSSParser.cpp triggers -Wunused-parameter
https://bugs.webkit.org/show_bug.cgi?id=157734

Reviewed by Csaba Osztrogonác.

* css/CSSParser.cpp:
(WebCore::isValidKeywordPropertyAndValue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200941 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Cairo] GraphicsContext3D::ImageExtractor should use the correct size for copying...
zandobersek@gmail.com [Mon, 16 May 2016 10:28:19 +0000 (10:28 +0000)]
[Cairo] GraphicsContext3D::ImageExtractor should use the correct size for copying non-image surfaces
https://bugs.webkit.org/show_bug.cgi?id=157580

Reviewed by Darin Adler.

GraphicsContext3D::ImageExtractor::extractImage() shouldn't use m_imageWidth
and m_imageHeight members when copying the non-image-backed Cairo surface into
the image-based replacement simply because these two are not initialized until
later in this method.

Instead, the size of the to-be-copied image should be queried via the
cairoSurfaceSize() utility function which properly handles Cairo surfaces of
different types.

* platform/graphics/cairo/GraphicsContext3DCairo.cpp:
(WebCore::GraphicsContext3D::ImageExtractor::extractImage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200940 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoREGRESSION (r199821): Large animated GIFs with slow network do not animate till the...
commit-queue@webkit.org [Mon, 16 May 2016 08:05:13 +0000 (08:05 +0000)]
REGRESSION (r199821): Large animated GIFs with slow network do not animate till the last frame
https://bugs.webkit.org/show_bug.cgi?id=157500
Source/WebCore:

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-05-16
Reviewed by Darin Adler.

r199821 relies on the assumption that the image frameCount can be retrieved
only once when the image size is available and it is not going to change. It
turned out this assumption is wrong for some animated GIFs. The frameCount
can change every time a new data block is decoded.

The fix is to invalidate the image cached metadata every time a new data
block is decoded.

Test: http/tests/misc/slow-loading-animated-image.html

* platform/graphics/BitmapImage.cpp:
(WebCore::BitmapImage::BitmapImage): Move the "fromImage" BitmapImage constructor
to BitmapImage.cpp. The ImageSource needs to be initialized differently for
this case from the decoder image case. Also get rid of the template constructor.
Most of the flags of the BitmapImage will be deleted with the asynchronous image
decoding work.

(WebCore::BitmapImage::cacheFrame): Delete unused flag m_hasUniformFrameSize.
It was added in r35761 and was mainly used by BitmapImage::currentFrameSize().
But this function itself was deleted in r172348.

(WebCore::BitmapImage::dataChanged): Invalidate the image metadata cache.

* platform/graphics/BitmapImage.h:
(WebCore::BitmapImage::BitmapImage): Deleted.
Delete unused flag m_hasUniformFrameSize. Also define new static functions in
FrameData to calculate platform dependent properties of an image.

* platform/graphics/ImageSource.cpp:
(WebCore::ImageSource::ImageSource): Add a new constructor for the "fromImage"
BitmapImage case. The purpose of this constructor is to keep m_needsUpdateMetadata
and m_maximumSubsamplingLevel be initialized as they are in the class definition.
This constructor will be used with the asynchronous image decoding work where the
ImageSource needs to cache the FrameData.

(WebCore::ImageSource::updateMetadata): If needsUpdateMetaData() is true, cache new metadata.

(WebCore::ImageSource::subsamplingLevelForScale): Call updateMetadata() with its new name.
(WebCore::ImageSource::frameCount): Ditto
(WebCore::ImageSource::cacheMetadata): Deleted.

* platform/graphics/ImageSource.h:
(WebCore::ImageSource::setNeedsUpdateMetadata): Invalidate the image cached metadata.

* platform/graphics/cairo/BitmapImageCairo.cpp:
(WebCore::NativeImage::size):
(WebCore::NativeImage::hasAlpha):
(WebCore::BitmapImage::BitmapImage): Deleted.
Delete the "fromImage" BitmapImage constructor from this file since it is now platform
independent and has been moved to BitmapImage.cpp. Also add the new NativeImage platform
dependent functions which are used by the new "fromImage" BitmapImage constructor.

* platform/graphics/cg/BitmapImageCG.cpp:
(WebCore::NativeImage::size):
(WebCore::NativeImage::hasAlpha):
(WebCore::BitmapImage::BitmapImage): Deleted.
Ditto.

LayoutTests:

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-05-16
Reviewed by Darin Adler.

Ensure the large animated gif will get the correct frameCount even if it
is loaded through a slow network.

* http/tests/misc/resources/large-animated.gif: Added.
This is a large animated GIF with 48 frames. The frameCount keeps changing
every time a new data block is decoded. Each frame except the last one lasts
for 20 ms. The last one lasts for 10 seconds which is similar to setting no-
loop to true. I created all the images myself. All the images except the last
one are rectangles filled with gradient color so their sizes can be large and
get the bug to repro.

* http/tests/misc/resources/slow-image-load.pl: Added.
* http/tests/misc/resources/slow-png-load.pl: Removed.
I wanted to use the slow-png-load.pl but only changing the image mimetype.
So I changed its name and I added a new query paramater called 'mimetype'.

* http/tests/misc/slow-loading-animated-image-expected.html: Added.
* http/tests/misc/slow-loading-animated-image.html: Added.
This test loads the animated image in 1 second. It waits for another 1 second
to ensure that all the frames are displayed. All we need is to capture the
last frame which is distinctly filled with solid green color.

* http/tests/misc/slow-loading-image-in-pattern.html:
* http/tests/misc/slow-loading-mask.html:
Use slow-image-load.pl and pass the image mime type.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200939 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoSmall removal of useless code for MathML token elements
fred.wang@free.fr [Mon, 16 May 2016 06:23:36 +0000 (06:23 +0000)]
Small removal of useless code for MathML token elements
https://bugs.webkit.org/show_bug.cgi?id=157568

Patch by Frederic Wang <fwang@igalia.com> on 2016-05-15
Reviewed by Darin Adler.

We remove two pieces of code for MathML token elements with unclear purposes and that do not
have any effect on math rendering.

No new tests, behavior is unchanged.

* css/mathml.css:
(mtext): Deleted. This was probably a hack that is no longer needed with the latest math font
ascent/descent management.
* mathml/MathMLTextElement.cpp:
(WebCore::MathMLTextElement::createElementRenderer): Deleted. Removing this does not break
the mentioned test.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200938 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Fix some bogus expectations broken by the previous commit
mcatanzaro@igalia.com [Mon, 16 May 2016 00:47:26 +0000 (00:47 +0000)]
[GTK] Fix some bogus expectations broken by the previous commit

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200937 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] More unreviewed test expectations gardening
mcatanzaro@igalia.com [Mon, 16 May 2016 00:41:47 +0000 (00:41 +0000)]
[GTK] More unreviewed test expectations gardening

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200936 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] More Unreviewed test expectations gardening
mcatanzaro@igalia.com [Mon, 16 May 2016 00:10:28 +0000 (00:10 +0000)]
[GTK] More Unreviewed test expectations gardening

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200935 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUse more references in JS wrappers related code
cdumez@apple.com [Sun, 15 May 2016 23:30:11 +0000 (23:30 +0000)]
Use more references in JS wrappers related code
https://bugs.webkit.org/show_bug.cgi?id=157721

Reviewed by Darin Adler.

Source/WebCore:

- Use more references in JS wrappers related code.
- Avoid some refcounting churn when using toJSNewlyCreated() and in
  HTML/SVG elements factories by moving the Ref<> around.
- Add toJS() / toJSNewlyCreated() implementations for Text, XMLDocument
  and HTMLDocument. Now that toJSNewlyCreated() takes a Ref<>&& /
  RefPtr<>&& in, the compiler is no longer able to implicitly use the
  toJSNewlyCreated() implementation of a parent class for a subclass
  type (complains about calls being ambiguous). I thought about updating
  the bindings generator to always generate a toJSNewlyCreated() for
  all wrapper types (that would call the one on the parent class if the
  subclass does not have a proper implementation). However this would
  add some complexity to the bindings generator and it did not seem
  worth it because [NewObject] and therefore toJSNewlyCreated() is only
  used for a very limited set of subtypes. I have therefore decided to
  add the toJS() / toJSNewlyCreated() implementations for the subtypes
  in question. This also has the benefit of avoiding calling the more
  complex implementations on Node / Document.

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSAnimationTimelineCustom.cpp:
(WebCore::toJS):
* bindings/js/JSAudioContextCustom.cpp:
(WebCore::constructJSAudioContext):
* bindings/js/JSBindingsAllInOne.cpp:
* bindings/js/JSBlobCustom.cpp:
(WebCore::constructJSBlob):
* bindings/js/JSCSSRuleCustom.cpp:
(WebCore::toJS):
* bindings/js/JSCSSValueCustom.cpp:
(WebCore::toJS):
* bindings/js/JSDOMBinding.h:
(WebCore::getCachedWrapper):
(WebCore::createWrapper):
(WebCore::wrap):
(WebCore::getExistingWrapper):
(WebCore::createNewWrapper):
(WebCore::toJS):
(WebCore::finiteInt32Value): Deleted.
* bindings/js/JSDocumentCustom.cpp:
(WebCore::createNewDocumentWrapper):
(WebCore::toJS):
(WebCore::cachedDocumentWrapper):
(WebCore::reportMemoryForFramelessDocument):
(WebCore::toJSNewlyCreated):
* bindings/js/JSDocumentCustom.h:
* bindings/js/JSDocumentFragmentCustom.cpp:
(WebCore::createNewDocumentFragmentWrapper):
(WebCore::toJSNewlyCreated):
(WebCore::toJS):
* bindings/js/JSElementCustom.cpp:
(WebCore::toJSNewlyCreated):
* bindings/js/JSElementCustom.h:
(WebCore::toJSNewlyCreated):
* bindings/js/JSEventCustom.cpp:
(WebCore::createNewEventWrapper):
(WebCore::toJS):
(WebCore::toJSNewlyCreated):
* bindings/js/JSFileCustom.cpp:
(WebCore::constructJSFile):
* bindings/js/JSHTMLCollectionCustom.cpp:
(WebCore::toJS):
* bindings/js/JSHTMLDocumentCustom.cpp:
(WebCore::createNewHTMLDocumentWrapper):
(WebCore::toJS):
(WebCore::toJSNewlyCreated):
* bindings/js/JSHTMLTemplateElementCustom.cpp:
(WebCore::JSHTMLTemplateElement::content):
* bindings/js/JSImageDataCustom.cpp:
(WebCore::toJS):
* bindings/js/JSNodeCustom.cpp:
(WebCore::createWrapperInline):
(WebCore::createWrapper):
(WebCore::toJSNewlyCreated):
(WebCore::getOutOfLineCachedWrapper):
* bindings/js/JSNodeCustom.h:
(WebCore::toJS):
* bindings/js/JSNodeListCustom.cpp:
(WebCore::createWrapper):
(WebCore::toJSNewlyCreated):
* bindings/js/JSNodeListCustom.h:
(WebCore::toJS):
* bindings/js/JSRTCPeerConnectionCustom.cpp:
(WebCore::constructJSRTCPeerConnection):
* bindings/js/JSRTCSessionDescriptionCustom.cpp:
(WebCore::constructJSRTCSessionDescription):
* bindings/js/JSSVGPathSegCustom.cpp:
(WebCore::toJS):
* bindings/js/JSStyleSheetCustom.cpp:
(WebCore::toJS):
* bindings/js/JSTextCustom.cpp: Copied from Source/WebCore/dom/XMLDocument.idl.
(WebCore::createNewTextWrapper):
(WebCore::toJS):
(WebCore::toJSNewlyCreated):
* bindings/js/JSTextTrackCueCustom.cpp:
(WebCore::toJS):
* bindings/js/JSTrackCustom.cpp:
(WebCore::toJS):
* bindings/js/JSXMLDocumentCustom.cpp: Copied from Source/WebCore/bindings/js/JSDocumentFragmentCustom.cpp.
(WebCore::createNewXMLDocumentWrapper):
(WebCore::toJS):
(WebCore::toJSNewlyCreated):
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateHeader):
(GenerateImplementation):
* bindings/scripts/test/JS/*: Rebaseline bindings tests.
* dom/Element.cpp:
(WebCore::Element::setInnerHTML):
* dom/Text.idl:
* dom/XMLDocument.idl:
* dom/make_names.pl:
(printWrapperFunctions):
(printWrapperFactoryCppFile):
(printWrapperFactoryHeaderFile):
* editing/MarkupAccumulator.cpp:
(WebCore::MarkupAccumulator::serializeNodesWithNamespaces):
* html/HTMLDocument.idl:
* html/HTMLTemplateElement.cpp:
(WebCore::HTMLTemplateElement::content):
(WebCore::HTMLTemplateElement::cloneNodeInternal):
* html/HTMLTemplateElement.h:
* html/parser/HTMLConstructionSite.cpp:
(WebCore::insert):
(WebCore::HTMLConstructionSite::insertTextNode):
(WebCore::HTMLConstructionSite::ownerDocumentForCurrentNode):
* inspector/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::buildObjectForNode):
* xml/parser/XMLDocumentParserLibxml2.cpp:
(WebCore::XMLDocumentParser::startElementNs):

Source/WTF:

Add new static_reference_cast() overload that takes a Ref<U>&& in
in order to downcast Ref<> types without causing ref-counting
churn.

* wtf/Ref.h:
(WTF::static_reference_cast):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200934 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoDFG::Plan shouldn't read from its VM once it's been cancelled
fpizlo@apple.com [Sun, 15 May 2016 23:08:21 +0000 (23:08 +0000)]
DFG::Plan shouldn't read from its VM once it's been cancelled
https://bugs.webkit.org/show_bug.cgi?id=157726

Reviewed by Saam Barati.

Plan::vm was a reference, not a pointer, and so wasn't nulled by Plan::cancel(). So, a
cancelled plan may have a dangling pointer to a VM: we could delete the VM after cancelling
the plan.

Prior to http://trac.webkit.org/changeset/200705, this was probably fine because nobody
would read Plan::vm if the plan was cancelled. But r200705 changed that. It was a hard
regression to spot because usually a cancelled plan will still refer to a valid VM.

This change fixes the regression and makes it a lot easier to spot the regression in the
future. Plan::vm is now a pointer and we null it in Plan::cancel(). Now if you make this
mistake, you will get a crash anytime the Plan is cancelled, not just anytime the plan is
cancelled and the VM gets deleted. Also, it's now very clear what to do when you want to
use Plan::vm on the cancel path: you can null-check vm; if it's null, assume the worst.

Because we null the VM of a cancelled plan, we cannot have Safepoint::vm() return the
plan's VM anymore. That's because when we cancel a plan that is at a safepoint, we use the
safepoint's VM to determine whether this is one of our safepoints *after* the plan is
already cancelled. So, Safepoint now has its own copy of m_vm, and that copy gets nulled
when the Safepoint is cancelled. The Safepoint's m_vm will be nulled moments after Plan's
vm gets nulled (see Worklist::removeDeadPlans(), which has a cancel path for Plans in one
loop and a cancel path for Safepoints in the loop after it).

* dfg/DFGJITFinalizer.cpp:
(JSC::DFG::JITFinalizer::finalizeCommon):
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::Plan):
(JSC::DFG::Plan::computeCompileTimes):
(JSC::DFG::Plan::reportCompileTimes):
(JSC::DFG::Plan::compileInThreadImpl):
(JSC::DFG::Plan::reallyAdd):
(JSC::DFG::Plan::notifyCompiling):
(JSC::DFG::Plan::finalizeWithoutNotifyingCallback):
(JSC::DFG::Plan::cancel):
* dfg/DFGPlan.h:
(JSC::DFG::Plan::canTierUpAndOSREnter):
* dfg/DFGSafepoint.cpp:
(JSC::DFG::Safepoint::cancel):
(JSC::DFG::Safepoint::vm):
* dfg/DFGSafepoint.h:
* dfg/DFGWorklist.cpp:
(JSC::DFG::Worklist::isActiveForVM):
(JSC::DFG::Worklist::waitUntilAllPlansForVMAreReady):
(JSC::DFG::Worklist::removeAllReadyPlansForVM):
(JSC::DFG::Worklist::rememberCodeBlocks):
(JSC::DFG::Worklist::visitWeakReferences):
(JSC::DFG::Worklist::removeDeadPlans):
(JSC::DFG::Worklist::runThread):
* ftl/FTLJITFinalizer.cpp:
(JSC::FTL::JITFinalizer::finalizeFunction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200933 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoSomething tiny left out of the last patch.
darin@apple.com [Sun, 15 May 2016 22:13:53 +0000 (22:13 +0000)]
Something tiny left out of the last patch.

* WebCore.xcodeproj/project.pbxproj: Allow Xcode to update this file.
* editing/ApplyStyleCommand.cpp:
(WebCore::ApplyStyleCommand::applyInlineStyleChange): Removed unneeded null check; all
code paths already have null checks.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200932 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMore CTTE and other cleanups for HTML editing header
darin@apple.com [Sun, 15 May 2016 22:08:52 +0000 (22:08 +0000)]
More CTTE and other cleanups for HTML editing header
https://bugs.webkit.org/show_bug.cgi?id=157722

Reviewed by Chris Dumez.

Source/WebCore:

These changes are mostly things Chris asked for in his review of my last patch
or other related style and small efficiency improvements.

- using nullptr instead of 0
- using is<Text> instead of isTextNode and is<> instead of hasTagName
- changing argument type of functions like editingIgnoresContent to a reference
- using { } instead of constructor calls for classes like Position
- using words like position intead of abbreviations like pos
- using auto rather than explicit types
- rename functions that return true for HTMLElement to express that in the function names

* dom/Position.cpp:
(WebCore::nextRenderedEditable): nullptr
(WebCore::previousRenderedEditable): nullptr
(WebCore::Position::Position): is<>, reference
(WebCore::Position::moveToPosition): reference
(WebCore::Position::offsetForPositionAfterAnchor): Added a null assertion and
null check that replaces the one that used to be in lastOffsetForEditing.
(WebCore::Position::parentAnchoredEquivalent): { }, reference
(WebCore::Position::computeNodeBeforePosition): nullptr
(WebCore::Position::computeNodeAfterPosition): nullptr
(WebCore::Position::anchorTypeForLegacyEditingPosition): reference
(WebCore::Position::previous): reference
(WebCore::Position::next): reference
(WebCore::Position::parentEditingBoundary): nullptr
(WebCore::Position::previousCharacterPosition): { }, pos -> position
(WebCore::Position::nextCharacterPosition): { }, pos -> position
(WebCore::endsOfNodeAreVisuallyDistinctPositions): reference
(WebCore::Position::upstream): { }, pos -> position
(WebCore::Position::downstream): { }, pos -> position
(WebCore::Position::rootUserSelectAllForNode): nullptr
(WebCore::Position::isCandidate): auto, reference, is<>
(WebCore::Position::rendersInDifferentPosition): pos -> position, auto, is<>
(WebCore::Position::leadingWhitespacePosition): { }, is<>
(WebCore::Position::trailingWhitespacePosition): { }
(WebCore::Position::getInlineBoxAndOffset): reference
(WebCore::Position::equals): reference, is<>

* dom/PositionIterator.cpp:
(WebCore::PositionIterator::operator Position): reference
(WebCore::PositionIterator::isCandidate): reference

* editing/ApplyStyleCommand.cpp:
(WebCore::ApplyStyleCommand::applyRelativeFontStyleChange): is<>
(WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange): is<>, reference
(WebCore::ApplyStyleCommand::removeConflictingInlineStyleFromRun): reference
(WebCore::ApplyStyleCommand::removeInlineStyle): auto, is<>, reference
(WebCore::ApplyStyleCommand::nodeFullySelected): is<>
(WebCore::ApplyStyleCommand::nodeFullyUnselected): is<>
(WebCore::ApplyStyleCommand::splitTextAtStart): is<>
(WebCore::ApplyStyleCommand::splitTextElementAtStart): is<>
(WebCore::ApplyStyleCommand::splitTextElementAtEnd): is<>
(WebCore::ApplyStyleCommand::isValidCaretPositionInTextNode): is<>
(WebCore::ApplyStyleCommand::surroundNodeRangeWithElement): Removed unneeded
is<Element> calls before calling areIdenticalElements.
(WebCore::ApplyStyleCommand::positionToComputeInlineStyleChange): Tightened
up logic for the loop to avoid redundant checks.
(WebCore::ApplyStyleCommand::applyInlineStyleChange): auto

* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::insertNodeAt): reference
(WebCore::CompositeEditCommand::appendNode): reference
(WebCore::CompositeEditCommand::moveParagraphs): isListHTMLElement

* editing/DeleteSelectionCommand.cpp:
(WebCore::DeleteSelectionCommand::handleGeneralDelete): reference

* editing/FormatBlockCommand.cpp: Fixed order of includes.
(WebCore::enclosingBlockToSplitTreeTo): isListHTMLElement

* editing/InsertParagraphSeparatorCommand.cpp:
(WebCore::InsertParagraphSeparatorCommand::doApply): reference

* editing/ModifySelectionListLevel.cpp:
(WebCore::getStartEndListChildren): isListHTMLElement
(WebCore::IncreaseSelectionListLevelCommand::doApply):isListHTMLElement
(WebCore::canDecreaseListLevel):isListHTMLElement

* editing/RemoveNodeCommand.cpp: Removed unneeded include.

* editing/ReplaceNodeWithSpanCommand.cpp:
(WebCore::ReplaceNodeWithSpanCommand::doApply): Use HTMLSpanElement::create.

* editing/ReplaceSelectionCommand.cpp:
(WebCore::isInterchangeNewlineNode): is<>, downcast<>
(WebCore::isInterchangeConvertedSpaceSpan): is<>, downcast<>
(WebCore::positionAvoidingPrecedingNodes): pos -> position, reference
(WebCore::ReplaceSelectionCommand::doApply): isListHTMLElement
(WebCore::ReplaceSelectionCommand::insertAsListItems): isListHTMLElement

* editing/SpellChecker.cpp: Removed unneeded include.

* editing/TextIterator.cpp:
(WebCore::SimplifiedBackwardsTextIterator::advance): reference

* editing/VisibleSelection.cpp:
(WebCore::VisibleSelection::selectionFromContentsOfNode): reference

* editing/VisibleUnits.cpp:
(WebCore::previousLinePosition): reference
(WebCore::nextLinePosition): reference
(WebCore::findStartOfParagraph): reference
(WebCore::findEndOfParagraph): reference

* editing/htmlediting.cpp:
(WebCore::canHaveChildrenForEditing): Moved here from header file so we don't
have to include "Text.h". Not critical to inline this.
(WebCore::isAtomicNode): reference
(WebCore::lastOffsetForEditing): reference
(WebCore::stringWithRebalancedWhitespace): Changed to use StringBuilder instead
of Vector<UChar> so this won't turn 8-bit strings into 16-bit strings. Changed
to not use the StringBuilder at all until we encounter a character that needs
to be changed.
(WebCore::isSpecialHTMLElement): Renamed to make it clear that it only can return
true for a Node that is an HTMLElement.
(WebCore::firstInSpecialElement): isSpecialHTMLElement
(WebCore::lastInSpecialElement): isSpecialHTMLElement
(WebCore::isListHTMLElement): Renamed to make it clear that it can only return
true for a Node that is an HTMLElement.
(WebCore::isListItem): isListHTMLElement, is<>
(WebCore::enclosingNodeOfType): p -> position, nullptr
(WebCore::highestEnclosingNodeOfType): p -> position
(WebCore::enclosingListChild): isListHTMLElement, is<>
(WebCore::embeddedSublist): isListHTMLElement
(WebCore::appendedSublist):isListHTMLElement
(WebCore::caretMaxOffset): is<>
(WebCore::caretRendersInsideNode): changed to take a reference
(WebCore::rendererForCaretPainting): reference

* editing/htmlediting.h: Updated for name changes and type changes above.

* editing/markup.cpp:
(WebCore::StyledMarkupAccumulator::traverseNodesForSerialization): reference
(WebCore::highestAncestorToWrapMarkup): auto, reference, isListHTMLElement

* html/HTMLSpanElement.cpp:
(WebCore::HTMLSpanElement::create): Added overload that does not require a tag name.
* html/HTMLSpanElement.h: Ditto.

* page/DOMSelection.cpp: Removed unneeded includes.

* rendering/RenderBox.cpp:
(WebCore::RenderBox::localCaretRect): reference

Source/WebKit/ios:

* WebCoreSupport/WebFrameIOS.mm:
(-[WebFrame previousUnperturbedDictationResultBoundaryFromPosition:]): auto
(-[WebFrame nextUnperturbedDictationResultBoundaryFromPosition:]): auto

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200931 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Unreviewed test expectations gardening
mcatanzaro@igalia.com [Sun, 15 May 2016 22:05:56 +0000 (22:05 +0000)]
[GTK] Unreviewed test expectations gardening

* TestExpectations:
* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200930 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Unreviewed test expectations gardening
mcatanzaro@igalia.com [Sun, 15 May 2016 22:05:05 +0000 (22:05 +0000)]
[GTK] Unreviewed test expectations gardening

* TestExpectations:
* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200929 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoModernize Intl constructors; using InternalFunction::createSubclassStructure
utatane.tea@gmail.com [Sun, 15 May 2016 21:11:27 +0000 (21:11 +0000)]
Modernize Intl constructors; using InternalFunction::createSubclassStructure
https://bugs.webkit.org/show_bug.cgi?id=157082

Reviewed by Darin Adler.

Previously, Intl constructors retrieve "prototype" to inherit the "new.target".
At that time, this mis-assumed that getDirect() always returns meaningful JS value.
Actually, it returns an empty value if a property does not exist.

Instead of fixing this assertion, we now use InternalFunction::createSubclassStructure
in Intl constructors. It is modern and preferable way since it can cache the derived
structures in InternalFunction.

This patch also cleans up the workaround in Intl.NumberFormat and Intl.DateTimeFormat.
Those code are largely duplicate. This is now extracted into
constructIntlInstanceWithWorkaroundForLegacyIntlConstructor. This clean up does not
have any behavior changes. They are already tested in LayoutTests/js/intl-datetimeformat
and LayoutTests/js/intl-numberformat.

* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/IntlCollator.cpp:
(JSC::IntlCollator::create):
* runtime/IntlCollator.h:
* runtime/IntlCollatorConstructor.cpp:
(JSC::constructIntlCollator):
(JSC::callIntlCollator):
* runtime/IntlDateTimeFormat.cpp:
(JSC::IntlDateTimeFormat::create):
* runtime/IntlDateTimeFormat.h:
* runtime/IntlDateTimeFormatConstructor.cpp:
(JSC::constructIntlDateTimeFormat):
(JSC::callIntlDateTimeFormat):
* runtime/IntlDateTimeFormatPrototype.cpp:
(JSC::IntlDateTimeFormatPrototypeGetterFormat):
(JSC::IntlDateTimeFormatPrototypeFuncResolvedOptions):
* runtime/IntlNumberFormat.cpp:
(JSC::IntlNumberFormat::create):
* runtime/IntlNumberFormat.h:
* runtime/IntlNumberFormatConstructor.cpp:
(JSC::constructIntlNumberFormat):
(JSC::callIntlNumberFormat):
* runtime/IntlNumberFormatPrototype.cpp:
(JSC::IntlNumberFormatPrototypeGetterFormat):
(JSC::IntlNumberFormatPrototypeFuncResolvedOptions):
* runtime/IntlObjectInlines.h: Added.
(JSC::constructIntlInstanceWithWorkaroundForLegacyIntlConstructor):
* tests/stress/intl-constructors-with-proxy.js: Added.
(shouldBe):
(throw.new.Error.Empty):
(throw.new.Error):
(shouldBe.Empty):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200928 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r200925.
commit-queue@webkit.org [Sun, 15 May 2016 15:36:57 +0000 (15:36 +0000)]
Unreviewed, rolling out r200925.
https://bugs.webkit.org/show_bug.cgi?id=157725

Does not build if MEDIA_SESSION is enabled (Requested by
cdumez_ on #webkit).

Reverted changeset:

"Use new Web IDL dictionary support for
MediaSession.setMetadata()"
https://bugs.webkit.org/show_bug.cgi?id=157711
http://trac.webkit.org/changeset/200925

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200927 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove Frédéric Wang's blog from the planet
fred.wang@free.fr [Sun, 15 May 2016 10:34:51 +0000 (10:34 +0000)]
Remove Frédéric Wang's blog from the planet
https://bugs.webkit.org/show_bug.cgi?id=157724

Reviewed by Philippe Normand.

* config.ini: Remove my feed url since my homepage changed and it is included twice after r169566.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200926 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUse new Web IDL dictionary support for MediaSession.setMetadata()
cdumez@apple.com [Sat, 14 May 2016 23:52:01 +0000 (23:52 +0000)]
Use new Web IDL dictionary support for MediaSession.setMetadata()
https://bugs.webkit.org/show_bug.cgi?id=157711

Reviewed by Eric Carlson.

Use new Web IDL dictionary support for MediaSession.setMetadata().

No new tests, no intended Web-exposed behavior change.

* Modules/mediasession/MediaSession.cpp:
(WebCore::MediaSession::setMetadata):
(WebCore::MediaSession::deactivate): Deleted.
* Modules/mediasession/MediaSession.h:
* Modules/mediasession/MediaSession.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@200925 268f45cc-cd09-0410-ab3c-d52691b4dbfc