WebKit-https.git
2 years agoPropagate the source origin as much as possible
utatane.tea@gmail.com [Mon, 26 Dec 2016 06:35:07 +0000 (06:35 +0000)]
Propagate the source origin as much as possible
https://bugs.webkit.org/show_bug.cgi?id=166348

Reviewed by Darin Adler.

JSTests:

* stress/source-origin.js: Added.
(shouldBe):

Source/JavaScriptCore:

This patch introduces CallFrame::callerSourceOrigin, SourceOrigin class
and SourceProvider::m_sourceOrigin. CallFrame::callerSourceOrigin returns
an appropriate SourceOrigin if possible. If we cannot find the appropriate
one, we just return null SourceOrigin.

This paves the way for implementing the module dynamic-import[1].
When the import operator is evaluated, it will resolve the module
specifier with this propagated source origin of the caller function.

To support import operator inside the dynamic code generation
functions (like `eval`, `new Function`, indirect call to `eval`),
we need to propagate the caller's source origin to the generated
source code.

We do not use sourceURL for that purpose. This is because we
would like to keep sourceURL for `eval` / `new Function` null.
This sourceURL will be used for the stack dump for errors with line/column
numbers. Dumping the caller's sourceURL with line/column numbers are
meaningless. So we would like to keep it null while we would like
to propagate SourceOrigin for dynamic imports.

[1]: https://github.com/tc39/proposal-dynamic-import

* API/JSBase.cpp:
(JSEvaluateScript):
(JSCheckScriptSyntax):
* API/JSObjectRef.cpp:
(JSObjectMakeFunction):
* API/JSScriptRef.cpp:
(OpaqueJSScript::create):
(OpaqueJSScript::vm):
(OpaqueJSScript::OpaqueJSScript):
(parseScript):
* JavaScriptCore.xcodeproj/project.pbxproj:
* Scripts/builtins/builtins_templates.py:
* Scripts/tests/builtins/expected/WebCore-AnotherGuardedInternalBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result:
* builtins/BuiltinExecutables.cpp:
(JSC::BuiltinExecutables::BuiltinExecutables):
(JSC::BuiltinExecutables::createDefaultConstructor):
* debugger/DebuggerCallFrame.cpp:
(JSC::DebuggerCallFrame::evaluateWithScopeExtension):
* inspector/InjectedScriptManager.cpp:
(Inspector::InjectedScriptManager::createInjectedScript):
* inspector/JSInjectedScriptHost.cpp:
(Inspector::JSInjectedScriptHost::evaluateWithScopeExtension):
* inspector/agents/InspectorRuntimeAgent.cpp:
(Inspector::InspectorRuntimeAgent::parse):
* interpreter/CallFrame.cpp:
(JSC::CallFrame::callerSourceOrigin):
* interpreter/CallFrame.h:
* interpreter/Interpreter.cpp:
(JSC::eval):
* jsc.cpp:
(jscSource):
(GlobalObject::finishCreation):
(extractDirectoryName):
(currentWorkingDirectory):
(GlobalObject::moduleLoaderResolve):
(functionRunString):
(functionLoadString):
(functionCallerSourceOrigin):
(functionCreateBuiltin):
(functionCheckModuleSyntax):
(runInteractive):
* parser/SourceCode.h:
(JSC::makeSource):
* parser/SourceProvider.cpp:
(JSC::SourceProvider::SourceProvider):
* parser/SourceProvider.h:
(JSC::SourceProvider::sourceOrigin):
(JSC::StringSourceProvider::create):
(JSC::StringSourceProvider::StringSourceProvider):
(JSC::WebAssemblySourceProvider::create):
(JSC::WebAssemblySourceProvider::WebAssemblySourceProvider):
* runtime/FunctionConstructor.cpp:
(JSC::constructFunction):
(JSC::constructFunctionSkippingEvalEnabledCheck):
* runtime/FunctionConstructor.h:
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncEval):
* runtime/ModuleLoaderPrototype.cpp:
(JSC::moduleLoaderPrototypeParseModule):
* runtime/ScriptExecutable.h:
(JSC::ScriptExecutable::sourceOrigin):
* runtime/SourceOrigin.h: Added.
(JSC::SourceOrigin::SourceOrigin):
(JSC::SourceOrigin::string):
(JSC::SourceOrigin::isNull):
* tools/FunctionOverrides.cpp:
(JSC::initializeOverrideInfo):

Source/WebCore:

* bindings/js/CachedScriptSourceProvider.h:
(WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):
* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::initializeJSFunction):
* bindings/js/ScriptSourceCode.h:
(WebCore::ScriptSourceCode::ScriptSourceCode):
* bridge/NP_jsobject.cpp:
(_NPN_Evaluate):
* bridge/objc/WebScriptObject.mm:
(-[WebScriptObject evaluateWebScript:]):

Source/WebKit/mac:

* Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::evaluate):

Source/WebKit/win:

* Plugins/PluginPackage.cpp:
(WebCore::NPN_Evaluate):
(WebCore::makeSource): Deleted.

Source/WebKit2:

* WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
(WebKit::NPRuntimeObjectMap::evaluate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210149 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[WebIDL] Remove (most) custom bindings for the IndexedDB code
weinig@apple.com [Mon, 26 Dec 2016 01:33:33 +0000 (01:33 +0000)]
[WebIDL] Remove (most) custom bindings for the IndexedDB code
https://bugs.webkit.org/show_bug.cgi?id=166451

Reviewed by Darin Adler.

Source/WebCore:

Removes the custom bindings for all but one attribute (IDBRequest.result) in
the IndexedDB code.
- Adds a new WebIDL extension type, IDBKey, to represent the complex key conversion
  rules IndexedDB specifies.
- Replaces custom bindings for IDBCursor.source with use of a union.
- Replaces custom enum type checking for IDBCursor.direction with a WebIDL enum.
- Replaces custom code generation for IDBKeyPaths with a union.

* CMakeLists.txt:
* DerivedSources.make:
* WebCore.xcodeproj/project.pbxproj:
Add new files.

* Modules/indexeddb/IDBCursor.cpp:
(WebCore::IDBCursor::source):
(WebCore::IDBCursor::direction):
(WebCore::IDBCursor::directionNext): Deleted.
(WebCore::IDBCursor::directionNextUnique): Deleted.
(WebCore::IDBCursor::directionPrev): Deleted.
(WebCore::IDBCursor::directionPrevUnique): Deleted.
(WebCore::IDBCursor::stringToDirection): Deleted.
(WebCore::IDBCursor::directionToString): Deleted.
* Modules/indexeddb/IDBCursor.h:
(WebCore::IDBCursor::objectStore): Deleted.
(WebCore::IDBCursor::index): Deleted.
Replace custom enum checking with direct use of the enum, letting the generator
handle the checks. Also adds source function which returns a Variant.

* Modules/indexeddb/IDBCursor.idl:
Remove custom annotation and use correct types.

* Modules/indexeddb/IDBCursorDirection.h: Added.
* Modules/indexeddb/IDBCursorDirection.idl: Added.

* Modules/indexeddb/IDBIndex.cpp:
(WebCore::IDBIndex::openCursor):
(WebCore::IDBIndex::openKeyCursor):
* Modules/indexeddb/IDBIndex.h:
* Modules/indexeddb/IDBIndex.idl:
* Modules/indexeddb/IDBObjectStore.cpp:
(WebCore::IDBObjectStore::openCursor):
(WebCore::IDBObjectStore::openKeyCursor):
* Modules/indexeddb/IDBObjectStore.h:
* Modules/indexeddb/IDBObjectStore.idl:
Replace Strings with IDBCursorDirection enums.

* Modules/indexeddb/IDBKeyRange.idl:
Remove annotation and use new IDBKey extension type.

* Modules/indexeddb/IDBOpenDBRequest.cpp:
(WebCore::IDBOpenDBRequest::onSuccess):
(WebCore::IDBOpenDBRequest::onUpgradeNeeded):
(WebCore::IDBOpenDBRequest::onDeleteDatabaseSuccess):
Use ReadyState enum in place of the old m_isDone boolean.

* Modules/indexeddb/IDBRequest.cpp:
(WebCore::IDBRequest::IDBRequest):
(WebCore::IDBRequest::error):
(WebCore::IDBRequest::source):
(WebCore::IDBRequest::dispatchEvent):
(WebCore::IDBRequest::willIterateCursor):
(WebCore::IDBRequest::completeRequestAndDispatchEvent):
(WebCore::IDBRequest::readyState): Deleted.
* Modules/indexeddb/IDBRequest.h:
(WebCore::IDBRequest::readyState):
(WebCore::IDBRequest::isDone):
(WebCore::IDBRequest::objectStoreSource): Deleted.
(WebCore::IDBRequest::indexSource): Deleted.
(WebCore::IDBRequest::cursorSource): Deleted.
* Modules/indexeddb/IDBRequest.idl:
Replace the readyState String with a enum, and the custom source binding with a
source function that returns a Variant.

* Modules/indexeddb/IndexedDB.h:
Add the missing values to CursorDirection to make it comply with the IDL definition.

* bindings/generic/IDLTypes.h:
* bindings/js/JSDOMConvert.h:
(WebCore::JSConverter<IDLIDBKey<T>>::convert):
Add new extension type IDLIDBKey.

* bindings/js/JSIDBCursorCustom.cpp:
(WebCore::JSIDBCursor::source): Deleted.
* bindings/js/JSIDBRequestCustom.cpp:
(WebCore::JSIDBRequest::source): Deleted.
Remove custom bindings.

* bindings/scripts/CodeGenerator.pm:
(IsBuiltinType):
* bindings/scripts/CodeGeneratorJS.pm:
(GetBaseIDLType):
(NativeToJSValueDOMConvertNeedsState):
(NativeToJSValueDOMConvertNeedsGlobalObject):
(NativeToJSValue):
Add support for IDBKey, and remove custom code for IndexedDB in core conversion logic.

* bindings/scripts/IDLAttributes.txt:
Remove now unused ImplementationReturnType attribute.

* inspector/InspectorIndexedDBAgent.cpp:
Update to work with new functions taking enums rather than strings.

LayoutTests:

* storage/indexeddb/exceptions-expected.txt:
* storage/indexeddb/exceptions-private-expected.txt:
* storage/indexeddb/index-basics-expected.txt:
* storage/indexeddb/index-basics-private-expected.txt:
* storage/indexeddb/index-basics-workers-expected.txt:
* storage/indexeddb/objectstore-cursor-expected.txt:
* storage/indexeddb/objectstore-cursor-private-expected.txt:
Update results for improved exception messages.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210148 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoREGRESSION (r209299): Selection is broken when you zoom in webpage using trackpad
simon.fraser@apple.com [Sun, 25 Dec 2016 23:57:40 +0000 (23:57 +0000)]
REGRESSION (r209299): Selection is broken when you zoom in webpage using trackpad
https://bugs.webkit.org/show_bug.cgi?id=166472
rdar://problem/29675551

Reviewed by Tim Horton.

Source/WebCore:

r209299 broke autoscroll in zoomed pages because it changed RenderLayer::scrollRectToVisible()
to shrink viewRect by page scale. This is incorrect for all callers of scrollRectToVisible, since
the "absoluteRect" passed in is actually in zoomed document coordinates for all the callers I tested.

This code is also fixed to account for headers and footers. getRectToExpose() takes rectangles
in "scroll view contents" coordinates (i.e. including header, and zoomed document), so doesn't need
the separate visibleRectRelativeToDocument parameter.

Tests: fast/events/autoscroll-main-document.html
       fast/events/autoscroll-when-zoomed.html
       fast/events/drag-select-when-zoomed-with-header.html
       fast/events/drag-select-when-zoomed.html
       fast/scrolling/scroll-to-anchor-zoomed-header.html

* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::scrollRectToVisible):
(WebCore::RenderLayer::getRectToExpose):
* rendering/RenderLayer.h:

Tools:

These changes are necessary to allow the mouse to leave the WTR window while
drag-scrolling, to test autoscroll. Previously, we were never calling -mouseDragged
(which DRT does); we'd always go through mouseMoved, which hits an early return
in WebViewImpl::mouseMoved() when the point is outside the view.

* WebKitTestRunner/mac/EventSenderProxy.mm:
(WTR::EventSenderProxy::mouseMoveTo):

LayoutTests:

Add some test coverage for autoscroll of the main document. I could only get this
working in WebKitTestRunner, not DumpRenderTree.

* TestExpectations:
* fast/events/autoscroll-main-document-expected.txt: Added.
* fast/events/autoscroll-main-document.html: Added.
* fast/events/autoscroll-when-zoomed-expected.txt: Added.
* fast/events/autoscroll-when-zoomed.html: Added.
* fast/events/drag-select-when-zoomed-expected.txt: Added.
* fast/events/drag-select-when-zoomed-with-header-expected.txt: Added.
* fast/events/drag-select-when-zoomed-with-header.html: Added.
* fast/events/drag-select-when-zoomed.html: Added.
* fast/scrolling/scroll-to-anchor-zoomed-header-expected.txt: Added.
* fast/scrolling/scroll-to-anchor-zoomed-header.html: Added.
* fast/transforms/selection-bounds-in-transformed-view.html: Revert the target scroll position to what it was
before r209299, and improve the failure output.
* platform/ios-simulator/TestExpectations:
* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210147 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[test262] Fixing mapped arguments object property test case
commit-queue@webkit.org [Sat, 24 Dec 2016 21:26:22 +0000 (21:26 +0000)]
[test262] Fixing mapped arguments object property test case
https://bugs.webkit.org/show_bug.cgi?id=159398

Patch by Caio Lima <ticaiolima@gmail.com> on 2016-12-24
Reviewed by Saam Barati.

JSTests:

* stress/arguments-bizarre-behaviour-disable-enumerability.js:
* stress/arguments-define-property.js: Added.
(assert):
(testProperties):
* stress/arguments-non-configurable.js: Added.
(assert):
(tryChangeNonConfigurableDescriptor):
(set tryChangeNonConfigurableDescriptor):
(tryChangeWritableOfNonConfigurableDescriptor):
* test262.yaml:

Source/JavaScriptCore:

This patch changes GenericArguments' override mechanism to
implement corret behavior on ECMAScript test262 suite test cases of
mapped arguments object with non-configurable and non-writable
property. Also it is ensuring that arguments[i]
cannot be deleted when argument "i" is {configurable: false}.

The previous implementation is against to the specification for 2 reasons:

1. Every argument in arguments object are {writable: true} by default
   (http://www.ecma-international.org/ecma-262/7.0/index.html#sec-createunmappedargumentsobject).
   It means that we have to stop mapping a defined property index
   if the new property descriptor contains writable (i.e writable is
   present) and its value is false (also check
   https://tc39.github.io/ecma262/#sec-arguments-exotic-objects-defineownproperty-p-desc).
   Previous implementation considers {writable: false} if writable is
   not present.

2. When a property is overriden, "delete" operation is always returning true. However
   delete operations should follow the specification.

We created an auxilary boolean array named m_modifiedArgumentsDescriptor
to store which arguments[i] descriptor was changed from its default
property descriptor. This modification was necessary because m_overrides
was responsible to keep this information at the same time
of keeping information about arguments mapping. The problem of this apporach was
that we needed to call overridesArgument(i) as soon as the ith argument's property
descriptor was changed and it stops the argument's mapping as sideffect, producing
wrong behavior.
To keep tracking arguments mapping status, we renamed DirectArguments::m_overrides to
DirectArguments::m_mappedArguments and now we it is responsible to manage if an
argument[i] is mapped or not.
With these 2 structures, now it is possible to an argument[i] have its property
descriptor modified and don't stop the mapping as soon as it happens. One example
of that wrong behavior can be found on arguments-bizarre-behaviour-disable-enumerability
test case, that now is fixed by this new mechanism.

* bytecode/PolymorphicAccess.cpp:
(JSC::AccessCase::generateWithGuard):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetByValOnDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileCreateDirectArguments):
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateDirectArguments):
* jit/JITOperations.cpp:
(JSC::canAccessArgumentIndexQuickly):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitDirectArgumentsGetByVal):
* runtime/DirectArguments.cpp:
(JSC::DirectArguments::estimatedSize):
(JSC::DirectArguments::visitChildren):
(JSC::DirectArguments::overrideThings):
(JSC::DirectArguments::overrideThingsIfNecessary):
(JSC::DirectArguments::unmapArgument):
(JSC::DirectArguments::copyToArguments):
(JSC::DirectArguments::overridesSize):
(JSC::DirectArguments::overrideArgument): Deleted.
* runtime/DirectArguments.h:
(JSC::DirectArguments::length):
(JSC::DirectArguments::isMappedArgument):
(JSC::DirectArguments::isMappedArgumentInDFG):
(JSC::DirectArguments::getIndexQuickly):
(JSC::DirectArguments::setIndexQuickly):
(JSC::DirectArguments::overrodeThings):
(JSC::DirectArguments::initModifiedArgumentsDescriptorIfNecessary):
(JSC::DirectArguments::setModifiedArgumentDescriptor):
(JSC::DirectArguments::isModifiedArgumentDescriptor):
(JSC::DirectArguments::offsetOfMappedArguments):
(JSC::DirectArguments::offsetOfModifiedArgumentsDescriptor):
(JSC::DirectArguments::canAccessIndexQuickly): Deleted.
(JSC::DirectArguments::canAccessArgumentIndexQuicklyInDFG): Deleted.
(JSC::DirectArguments::offsetOfOverrides): Deleted.
* runtime/GenericArguments.h:
* runtime/GenericArgumentsInlines.h:
(JSC::GenericArguments<Type>::visitChildren):
(JSC::GenericArguments<Type>::getOwnPropertySlot):
(JSC::GenericArguments<Type>::getOwnPropertySlotByIndex):
(JSC::GenericArguments<Type>::getOwnPropertyNames):
(JSC::GenericArguments<Type>::put):
(JSC::GenericArguments<Type>::putByIndex):
(JSC::GenericArguments<Type>::deleteProperty):
(JSC::GenericArguments<Type>::deletePropertyByIndex):
(JSC::GenericArguments<Type>::defineOwnProperty):
(JSC::GenericArguments<Type>::initModifiedArgumentsDescriptor):
(JSC::GenericArguments<Type>::initModifiedArgumentsDescriptorIfNecessary):
(JSC::GenericArguments<Type>::setModifiedArgumentDescriptor):
(JSC::GenericArguments<Type>::isModifiedArgumentDescriptor):
(JSC::GenericArguments<Type>::copyToArguments):
* runtime/ScopedArguments.cpp:
(JSC::ScopedArguments::visitChildren):
(JSC::ScopedArguments::unmapArgument):
(JSC::ScopedArguments::overrideArgument): Deleted.
* runtime/ScopedArguments.h:
(JSC::ScopedArguments::isMappedArgument):
(JSC::ScopedArguments::isMappedArgumentInDFG):
(JSC::ScopedArguments::getIndexQuickly):
(JSC::ScopedArguments::setIndexQuickly):
(JSC::ScopedArguments::initModifiedArgumentsDescriptorIfNecessary):
(JSC::ScopedArguments::setModifiedArgumentDescriptor):
(JSC::ScopedArguments::isModifiedArgumentDescriptor):
(JSC::ScopedArguments::canAccessIndexQuickly): Deleted.
(JSC::ScopedArguments::canAccessArgumentIndexQuicklyInDFG): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210146 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoRenderBlockFlow::moveFloatsTo does not move floats.
zalan@apple.com [Sat, 24 Dec 2016 18:00:00 +0000 (18:00 +0000)]
RenderBlockFlow::moveFloatsTo does not move floats.
https://bugs.webkit.org/show_bug.cgi?id=166467

Reviewed by Darin Adler.

RenderBlockFlow::moveFloatsTo name is misleading. Floats are not moved from "this" to
the new RenderBlockFlow parent, but rather they are copied so that overhanging floats
don't get lost.

Covered by existing tests.

* rendering/FloatingObjects.cpp:
(WebCore::FloatingObject::cloneForNewParent):
(WebCore::FloatingObject::unsafeClone): Deleted.
* rendering/FloatingObjects.h:
* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::addFloatsToNewParent):
(WebCore::RenderBlockFlow::moveAllChildrenIncludingFloatsTo):
(WebCore::RenderBlockFlow::moveFloatsTo): Deleted.
* rendering/RenderBlockFlow.h:
* rendering/RenderRubyBase.cpp:
(WebCore::RenderRubyBase::mergeChildrenWithBase):
* rendering/RenderRubyBase.h:
* rendering/RenderRubyRun.cpp:
(WebCore::RenderRubyRun::removeChild):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210145 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[iOS] DumpRenderTree triggers an assertion failure when calling +[WebPreferences...
aestes@apple.com [Sat, 24 Dec 2016 04:39:52 +0000 (04:39 +0000)]
[iOS] DumpRenderTree triggers an assertion failure when calling +[WebPreferences _switchNetworkLoaderToNewTestingSession]
https://bugs.webkit.org/show_bug.cgi?id=166471

Reviewed by Andreas Kling.

When DumpRenderTree starts up, it calls
+[WebPreferences _switchNetworkLoaderToNewTestingSession] from the main thread. In Debug
builds, this triggers the ASSERT(isMainThread()) in
NetworkStorageSession::defaultNetworkStorageSession() because the Web thread has already
started, we are on the main thread, and we are not holding the Web thread lock. This is
causing all layout tests to crash in the iOS WK1 Debug configuration.

* WebView/WebPreferences.mm: (+[WebPreferences _switchNetworkLoaderToNewTestingSession]):
Take the Web thread lock before calling NetworkStorageSession::switchToNewTestingSession().

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210144 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[iOS] Fix some crashing webarchive tests
aestes@apple.com [Sat, 24 Dec 2016 01:14:59 +0000 (01:14 +0000)]
[iOS] Fix some crashing webarchive tests
https://bugs.webkit.org/show_bug.cgi?id=166470

Reviewed by Andreas Kling.

Tools:

Tests that use TestRunner.dumpDOMAsWebArchive() crashed on iOS due to a stub implementation
of WebArchiveDumpSupport in WebKitTestRunner. The Mac implementation works fine on iOS too,
so this change uses that on both platforms.

* WebKitTestRunner/Configurations/InjectedBundle.xcconfig: Removed
WebArchiveDumpSupportMac.mm from EXCLUDED_SOURCE_FILE_NAMES.
* WebKitTestRunner/InjectedBundle/cocoa/WebArchiveDumpSupportCocoa.mm: Renamed from
Tools/WebKitTestRunner/mac/WebArchiveDumpSupportMac.mm.
* WebKitTestRunner/PlatformMac.cmake:
* WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:
* WebKitTestRunner/ios/WebArchiveDumpSupportIOS.mm: Removed.

LayoutTests:

Removed entries for previously crashing/failing tests.

* platform/ios-simulator-wk2/TestExpectations:
* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210143 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoREGRESSION(r209865): Crash when navigating back to some pages with compositing layers.
akling@apple.com [Sat, 24 Dec 2016 00:23:37 +0000 (00:23 +0000)]
REGRESSION(r209865): Crash when navigating back to some pages with compositing layers.
<https://webkit.org/b/166469>
<rdar://problem/29109053>

Reviewed by Darin Adler.

Source/WebCore:

Remove the old WK1-era clear/restoreBackingStores optimization from the page cache.
When enabling it on non-iOS platforms, we started hitting lots of assertions,
and none of our memory tests showed any significant improvement anyway.

Test: compositing/page-cache-back-crash.html

* history/CachedFrame.cpp:
(WebCore::CachedFrameBase::CachedFrameBase):
(WebCore::CachedFrameBase::restore):
(WebCore::CachedFrame::CachedFrame):
* history/CachedFrame.h:
* page/FrameView.cpp:
(WebCore::FrameView::restoreBackingStores): Deleted.
* page/FrameView.h:

LayoutTests:

Add a smoke test for the crashes we were seeing. Thanks to Zal├ín for the reduction.

* compositing/page-cache-back-crash-expected.txt: Added.
* compositing/page-cache-back-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210142 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoFix iOS engineering builds.
aestes@apple.com [Fri, 23 Dec 2016 22:13:29 +0000 (22:13 +0000)]
Fix iOS engineering builds.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210141 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoAdd missing std::optional to ApplePayPaymentRequest.lineItems
commit-queue@webkit.org [Fri, 23 Dec 2016 22:01:12 +0000 (22:01 +0000)]
Add missing std::optional to ApplePayPaymentRequest.lineItems
https://bugs.webkit.org/show_bug.cgi?id=166468

Patch by Sam Weinig <sam@webkit.org> on 2016-12-23
Reviewed by Alexey Proskuryakov.

No functional change, but is more consistent.

* Modules/applepay/ApplePayPaymentRequest.h:
Remove unnecessary #include of <heap/Strong.h>, add std::optional to lineItems.

* Modules/applepay/ApplePaySession.cpp:
(WebCore::convertAndValidate):
Update to deal with optional line items, remove unnecessary comment.

* Modules/applepay/ApplePaySession.h:
Remove unneeded forward declarations.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210140 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoUsing Option::breakOnThrow() shouldn't crash while printing a null CodeBlock.
mark.lam@apple.com [Fri, 23 Dec 2016 19:45:46 +0000 (19:45 +0000)]
Using Option::breakOnThrow() shouldn't crash while printing a null CodeBlock.
https://bugs.webkit.org/show_bug.cgi?id=166466

Reviewed by Keith Miller.

* runtime/VM.cpp:
(JSC::VM::throwException):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210139 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoEnhance LLInt tracing to dump the codeBlock signature instead of just a pointer where...
mark.lam@apple.com [Fri, 23 Dec 2016 19:26:21 +0000 (19:26 +0000)]
Enhance LLInt tracing to dump the codeBlock signature instead of just a pointer where appropriate.
https://bugs.webkit.org/show_bug.cgi?id=166465

Reviewed by Keith Miller.

* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::traceFunctionPrologue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210138 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: trap on bad division.
keith_miller@apple.com [Fri, 23 Dec 2016 19:08:43 +0000 (19:08 +0000)]
WebAssembly: trap on bad division.
https://bugs.webkit.org/show_bug.cgi?id=164786

Reviewed by Mark Lam.

JSTests:

Also, mark conversions as passing.

* wasm.yaml:
* wasm/wasm.json:

Source/JavaScriptCore:

This patch adds traps for division / modulo by zero and for
division by int_min / -1.

* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::emitChecksForModOrDiv):
* wasm/WasmExceptionType.h:
* wasm/WasmPlan.cpp:
(JSC::Wasm::Plan::run):
* wasm/wasm.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210137 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoFix broken LLINT_SLOW_PATH_TRACING build.
mark.lam@apple.com [Fri, 23 Dec 2016 19:01:32 +0000 (19:01 +0000)]
Fix broken LLINT_SLOW_PATH_TRACING build.
https://bugs.webkit.org/show_bug.cgi?id=166463

Reviewed by Keith Miller.

* llint/LLIntExceptions.cpp:
(JSC::LLInt::returnToThrow):
(JSC::LLInt::callToThrow):
* runtime/CommonSlowPathsExceptions.cpp:
(JSC::CommonSlowPaths::interpreterThrowInCaller):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210136 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoTry to fix the Mac CMake build after r210130.
aestes@apple.com [Fri, 23 Dec 2016 18:16:42 +0000 (18:16 +0000)]
Try to fix the Mac CMake build after r210130.

* platform/network/mac/WebCoreResourceHandleAsDelegate.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210135 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[WebIDL] Remove custom bindings for WebSQL code
weinig@apple.com [Fri, 23 Dec 2016 17:09:04 +0000 (17:09 +0000)]
[WebIDL] Remove custom bindings for WebSQL code
https://bugs.webkit.org/show_bug.cgi?id=166441

Reviewed by Darin Adler.

Source/WebCore:

- Replace custom variant type SQLValue with a type alias of a Variant.
- Use the newly representable SQLValue to remove custom bindings for
  SQLResultSetRowList::item and SQLTransaction::executeSql.

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSBindingsAllInOne.cpp:
* bindings/js/JSSQLResultSetRowListCustom.cpp: Removed.
* bindings/js/JSSQLTransactionCustom.cpp: Removed.
* platform/sql/SQLValue.cpp: Removed.
Remove files.

* Modules/webdatabase/SQLResultSetRowList.cpp:
(WebCore::SQLResultSetRowList::length):
(WebCore::SQLResultSetRowList::item):
* Modules/webdatabase/SQLResultSetRowList.h:
* Modules/webdatabase/SQLResultSetRowList.idl:
Sink the implementation of item() into the implementation. Use a
record type to bridge to javascript.

* Modules/webdatabase/SQLStatement.cpp:
(WebCore::SQLStatement::SQLStatement):
* Modules/webdatabase/SQLStatement.h:
Update to take arguments by rvalue reference.

* Modules/webdatabase/SQLTransaction.cpp:
(WebCore::SQLTransaction::executeSql):
* Modules/webdatabase/SQLTransaction.h:
* Modules/webdatabase/SQLTransaction.idl:
Remove custom annotation, and update signature to match the IDL.

* Modules/webdatabase/SQLTransactionBackend.cpp:
* Modules/webdatabase/SQLTransactionBackend.h:
Remove unneeded #includes of SQLValue.h

* bindings/js/JSDOMConvert.h:
(WebCore::Converter<IDLNull>::convert):
(WebCore::JSConverter<IDLNull>::convert):
Implement conversion for the null type so it can be used in the SQLValue union.

* inspector/InspectorDatabaseAgent.cpp:
* platform/sql/SQLiteStatement.cpp:
(WebCore::SQLiteStatement::bindValue):
(WebCore::SQLiteStatement::getColumnValue):
* platform/sql/SQLiteStatement.h:
Replace old switch with a WTF::switchOn that operates on the new variant.

* platform/sql/SQLValue.h:
(WebCore::SQLValue::SQLValue): Deleted.
(WebCore::SQLValue::type): Deleted.
Replace implementation with a Variant.

LayoutTests:

* storage/websql/execute-sql-args-expected.txt:
* storage/websql/execute-sql-args.js:
Update test and result to be slightly more strict about functions taking sequences.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210134 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[GTK] GLES build broken since r208997
mcatanzaro@igalia.com [Fri, 23 Dec 2016 14:36:50 +0000 (14:36 +0000)]
[GTK] GLES build broken since r208997
https://bugs.webkit.org/show_bug.cgi?id=166455

Unreviewed. Fix the preprocessor guards here; this code is incompatible with GLES2.

Looks like it's been broken for a month. Typical!

* platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
(WebCore::Extensions3DOpenGLCommon::initializeAvailableExtensions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210133 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[EME][GStreamer] Enable various code paths for ENCRYPTED_MEDIA
zandobersek@gmail.com [Fri, 23 Dec 2016 09:15:07 +0000 (09:15 +0000)]
[EME][GStreamer] Enable various code paths for ENCRYPTED_MEDIA
https://bugs.webkit.org/show_bug.cgi?id=166054

Reviewed by Xabier Rodriguez-Calvar.

Add ENABLE_ENCRYPTED_MEDIA build guards in various places in GStreamer
code to enable decryption-related GStreamer elements and the proper
decryptor handling in AppendPipeline.

* platform/GStreamer.cmake:
* platform/graphics/gstreamer/GStreamerUtilities.cpp:
* platform/graphics/gstreamer/GStreamerUtilities.h:
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::registerWebKitGStreamerElements):
(WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage):
Only call needKey() if LEGACY_ENCRYPTED_MEDIA is enabled, since this is
the way the legacy EME system expects to be notified of key necessity.
It's very likely ENCRYPTED_MEDIA will do this differently.
* platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
* platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.h:
* platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
* platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.h:
* platform/graphics/gstreamer/mse/AppendPipeline.cpp:
(WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
(WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
(WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
* platform/graphics/gstreamer/mse/AppendPipeline.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210132 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoEliminate the use of lastChild in TextIterator
rniwa@webkit.org [Fri, 23 Dec 2016 09:11:32 +0000 (09:11 +0000)]
Eliminate the use of lastChild in TextIterator
https://bugs.webkit.org/show_bug.cgi?id=166456

Reviewed by Antti Koivisto.

Just use the node we just existed in TextIterator::exitNode and in emitting additional new line
to eliminate the use of Node::lastChild.

Also initialize member variables in the declaration instead of the constructor to modernize the code.

* editing/TextIterator.cpp:
(WebCore::TextIterator::TextIterator):
(WebCore::TextIterator::advance):
(WebCore::TextIterator::exitNode):
* editing/TextIterator.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210131 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoReduce QuickLook.h include overhead
aestes@apple.com [Fri, 23 Dec 2016 04:41:52 +0000 (04:41 +0000)]
Reduce QuickLook.h include overhead
https://bugs.webkit.org/show_bug.cgi?id=166454

Reviewed by Andreas Kling.

Source/WebCore:

* dom/Document.cpp: Included QuickLook.h for QLPreviewProtocol().
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::setQuickLookHandle): Moved from DocumentLoader.h to here.
* loader/DocumentLoader.h: Stopped including QuickLook.h and forward-declared
QuickLookHandle.
(WebCore::DocumentLoader::setQuickLookHandle): Moved definition out-of-line since it
requires QuickLookHandle to be a complete type.
* loader/ios/QuickLook.h: Updated to use #pragma once. Cleaned up includes and forward
declarations.
* platform/network/ResourceHandle.cpp: Included QuickLook.h so that QuickLookHandle is a
complete type in the ResourceHandle constructor.
* platform/network/ResourceHandle.h: Stopped including QuickLook.h and forward-declared
QuickLookHandle.
(WebCore::ResourceHandle::setQuickLookHandle): Moved definition out-of-line since it
requires QuickLookHandle to be a complete type.
* platform/network/mac/ResourceHandleMac.mm:
(WebCore::ResourceHandle::setQuickLookHandle): Moved from ResourceHandle.h to here.
* platform/network/mac/WebCoreResourceHandleAsDelegate.mm: Included QuickLook.h for
QuickLookHandle.

Source/WebKit:

* WebCoreSupport/WebResourceLoadScheduler.cpp: Stopped including QuickLook.h.

Source/WebKit2:

* WebProcess/Network/WebLoaderStrategy.cpp: Included QuickLook.h for QLPreviewProtocol().
* WebProcess/Network/WebResourceLoader.cpp: Included QuickLook.h for QuickLookHandle.
* WebProcess/Network/WebResourceLoader.h: Stopped including QuickLook.h.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210130 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[iOS] Move QuickLook from WebCore/platform to WebCore/loader
aestes@apple.com [Fri, 23 Dec 2016 02:24:28 +0000 (02:24 +0000)]
[iOS] Move QuickLook from WebCore/platform to WebCore/loader
https://bugs.webkit.org/show_bug.cgi?id=166449

Reviewed by Darin Adler.

QuickLook.mm knows about ResourceLoader, so it's a layering violation to have it in
platform/. Move it to loader/ios/.

* WebCore.xcodeproj/project.pbxproj:
* loader/ios/QuickLook.h: Renamed from Source/WebCore/platform/network/ios/QuickLook.h.
* loader/ios/QuickLook.mm: Renamed from Source/WebCore/platform/network/ios/QuickLook.mm.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210129 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoUnreviewed, fix unused parameter warning in GLES build
mcatanzaro@igalia.com [Fri, 23 Dec 2016 02:21:02 +0000 (02:21 +0000)]
Unreviewed, fix unused parameter warning in GLES build

Looks like it's been here since 2012. Impressive!

* platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
(WebCore::GraphicsContext3D::resolveMultisamplingIfNecessary):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210128 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: Make spec-tests/f32.wast.js and spec-tests/f64.wast.js pass
keith_miller@apple.com [Fri, 23 Dec 2016 02:14:31 +0000 (02:14 +0000)]
WebAssembly: Make spec-tests/f32.wast.js and spec-tests/f64.wast.js pass
https://bugs.webkit.org/show_bug.cgi?id=166447

Reviewed by Saam Barati.

JSTests:

* wasm.yaml:
* wasm/wasm.json:

Source/JavaScriptCore:

We needed to treat -0.0 < 0.0 for floating point min/max. For min,
the algorithm works because if a == b then a and b are not NaNs so
either they are the same or they are some zero. When we or a and b
either we get the same number back or we get -0.0. Similarly for
max we use an and and the sign bit gets dropped if one is 0.0 and
the other is -0.0, otherwise, we get the same number back.

* wasm/wasm.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210127 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: Make calling Wasm functions that returns or takes an i64 as a parameter...
sbarati@apple.com [Fri, 23 Dec 2016 01:32:30 +0000 (01:32 +0000)]
WebAssembly: Make calling Wasm functions that returns or takes an i64 as a parameter an early exception
https://bugs.webkit.org/show_bug.cgi?id=166437
<rdar://problem/29793949>

Reviewed by Keith Miller.

JSTests:

* wasm.yaml:
* wasm/function-tests/i64-from-js-exceptions.js: Added.
(const.imp.import.sideEffects):
(assert.throws.instance.exports.foo.valueOf):

Source/JavaScriptCore:

This patch makes it so that we throw an exception before we do
anything else if we call a wasm function that either takes an
i64 as an argument or returns an i64.

* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction):
(JSC::WebAssemblyFunction::WebAssemblyFunction):
(JSC::WebAssemblyFunction::call): Deleted.
* wasm/js/WebAssemblyFunction.h:
(JSC::WebAssemblyFunction::signatureIndex):
(JSC::WebAssemblyFunction::jsEntrypoint):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210126 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoUnreviewed, rolling out r210069.
commit-queue@webkit.org [Fri, 23 Dec 2016 01:23:15 +0000 (01:23 +0000)]
Unreviewed, rolling out r210069.
https://bugs.webkit.org/show_bug.cgi?id=166439

This patch makes all properties in Computed Styles strike-
through when switching from the Rules panel. (Requested by NVI
on #webkit).

Reverted changeset:

"Web Inspector: Uncommenting CSS properties doesn't work for
inline styles"
https://bugs.webkit.org/show_bug.cgi?id=166297
http://trac.webkit.org/changeset/210069

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210125 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoAdd BitOr for floating points to B3
keith_miller@apple.com [Fri, 23 Dec 2016 01:19:55 +0000 (01:19 +0000)]
Add BitOr for floating points to B3
https://bugs.webkit.org/show_bug.cgi?id=166446

Reviewed by Saam Barati.

Source/JavaScriptCore:

This patch does some slight refactoring to the ARM assembler,
which groups all the vector floating point instructions together.

* assembler/ARM64Assembler.h:
(JSC::ARM64Assembler::vand):
(JSC::ARM64Assembler::vorr):
(JSC::ARM64Assembler::vectorDataProcessingLogical):
(JSC::ARM64Assembler::vectorDataProcessing2Source): Deleted.
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::orDouble):
(JSC::MacroAssemblerARM64::orFloat):
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::orDouble):
(JSC::MacroAssemblerX86Common::orFloat):
* assembler/X86Assembler.h:
(JSC::X86Assembler::orps_rr):
* b3/B3ConstDoubleValue.cpp:
(JSC::B3::ConstDoubleValue::bitOrConstant):
(JSC::B3::ConstDoubleValue::bitXorConstant):
* b3/B3ConstDoubleValue.h:
* b3/B3ConstFloatValue.cpp:
(JSC::B3::ConstFloatValue::bitOrConstant):
(JSC::B3::ConstFloatValue::bitXorConstant):
* b3/B3ConstFloatValue.h:
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
* b3/B3Validate.cpp:
* b3/air/AirInstInlines.h:
(JSC::B3::Air::Inst::shouldTryAliasingDef):
* b3/air/AirOpcode.opcodes:
* b3/testb3.cpp:
(JSC::B3::bitOrDouble):
(JSC::B3::testBitOrArgDouble):
(JSC::B3::testBitOrArgsDouble):
(JSC::B3::testBitOrArgImmDouble):
(JSC::B3::testBitOrImmsDouble):
(JSC::B3::bitOrFloat):
(JSC::B3::testBitOrArgFloat):
(JSC::B3::testBitOrArgsFloat):
(JSC::B3::testBitOrArgImmFloat):
(JSC::B3::testBitOrImmsFloat):
(JSC::B3::testBitOrArgsFloatWithUselessDoubleConversion):
(JSC::B3::run):

Websites/webkit.org:

Update docs to indicate it's cool to use bit ops with floating point.

* docs/b3/intermediate-representation.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210124 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoMove GraphicsContext3DWin to GraphicsContext3DOpenGLES
achristensen@apple.com [Fri, 23 Dec 2016 00:32:25 +0000 (00:32 +0000)]
Move GraphicsContext3DWin to GraphicsContext3DOpenGLES
https://bugs.webkit.org/show_bug.cgi?id=166425

Reviewed by Tim Horton.

Move code which is GLES-specific not Windows-specific to the GLES-specific file
so I can use it on Cocoa, with a temporary PLATFORM macro that I plan to remove once
all platforms use ANGLE's GLES implementation. There is another copy of this code in
GraphicsContext3DCairo, which will also be united with this code here soon.
Also remove the PlatformCALayerWin, which was never used for anything.

* platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
(WebCore::GraphicsContext3D::create):
(WebCore::GraphicsContext3D::GraphicsContext3D):
(WebCore::GraphicsContext3D::~GraphicsContext3D):
(WebCore::GraphicsContext3D::setContextLostCallback):
(WebCore::GraphicsContext3D::setErrorMessageCallback):
(WebCore::GraphicsContext3D::makeContextCurrent):
(WebCore::GraphicsContext3D::checkGPUStatusIfNecessary):
(WebCore::GraphicsContext3D::platformGraphicsContext3D):
(WebCore::GraphicsContext3D::platformTexture):
(WebCore::GraphicsContext3D::isGLES2Compliant):
(WebCore::GraphicsContext3D::platformLayer):
* platform/graphics/win/GraphicsContext3DWin.cpp: Removed.
* PlatformMac.cmake:
Include the egl directory.  I'll need this, too, once Mac starts using ANGLE's EGL implementation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210123 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoNested calls to setDocument can omit firing 'unload' events
bfulgham@apple.com [Fri, 23 Dec 2016 00:20:27 +0000 (00:20 +0000)]
Nested calls to setDocument can omit firing 'unload' events
https://bugs.webkit.org/show_bug.cgi?id=166422
<rdar://problem/29763012>

Reviewed by Alex Christensen.

Source/WebCore:

Test: fast/loader/nested-document-handling.html

Only allow a single document change to be taking place during a given runloop cycle.

* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::executeIfJavaScriptURL): Block script changing the document
when we are in the middle of changing the document.
* page/Frame.cpp:
(WebCore::Frame::setDocument): Keep track of document change state.
* page/Frame.h:

LayoutTests:

* fast/loader/nested-document-handling-expected.txt: Added.
* fast/loader/nested-document-handling.html: Added.
* fast/loader/resources/subframe-success.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210122 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoTileGrid creates new cohorts even when not using temporarilyRetainTileCohorts mode
timothy_horton@apple.com [Thu, 22 Dec 2016 23:52:44 +0000 (23:52 +0000)]
TileGrid creates new cohorts even when not using temporarilyRetainTileCohorts mode
https://bugs.webkit.org/show_bug.cgi?id=166440

Reviewed by Simon Fraser.

No new tests.

* platform/graphics/ca/TileGrid.cpp:
(WebCore::TileGrid::revalidateTiles):
If we are not temporarily retaining unparented tile cohorts (e.g. on
iOS WebKit2), instead immediately removing all tiles that would go into
the new cohort, avoid starting the cohort at all.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210121 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoDo not destroy the RenderNamedFlowFragment as leftover anonymous block.
zalan@apple.com [Thu, 22 Dec 2016 23:48:53 +0000 (23:48 +0000)]
Do not destroy the RenderNamedFlowFragment as leftover anonymous block.
https://bugs.webkit.org/show_bug.cgi?id=166436
rdar://problem/29772233

Reviewed by Simon Fraser.

Source/WebCore:

When as the result of certain style change, the generated anonymous block is not needed anymore, we
move its descendants up to the parent and destroy the generated box. While RenderNamedFlowFragment is a generated
block, the cleanup code should just ignore it the same way we ignore boxes like multicolumn, mathml etc.

Test: fast/regions/flow-fragment-as-anonymous-block-crash.html

* rendering/RenderObject.h:
(WebCore::RenderObject::isAnonymousBlock):

LayoutTests:

* fast/regions/flow-fragment-as-anonymous-block-crash-expected.txt: Added.
* fast/regions/flow-fragment-as-anonymous-block-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210120 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoBytecodeGenerator::m_finallyDepth should be unsigned.
mark.lam@apple.com [Thu, 22 Dec 2016 23:23:51 +0000 (23:23 +0000)]
BytecodeGenerator::m_finallyDepth should be unsigned.
https://bugs.webkit.org/show_bug.cgi?id=166438

Reviewed by Saam Barati.

Also removed FinallyContext::m_finallyDepth because it is not used.

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::pushFinallyControlFlowScope):
(JSC::BytecodeGenerator::labelScopeDepth):
* bytecompiler/BytecodeGenerator.h:
(JSC::FinallyContext::FinallyContext):
(JSC::FinallyContext::finallyLabel):
(JSC::FinallyContext::depth): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210119 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoNull deref under WebPageProxy::applicationDidFinishSnapshottingAfterEnteringBackground
timothy_horton@apple.com [Thu, 22 Dec 2016 23:18:12 +0000 (23:18 +0000)]
Null deref under WebPageProxy::applicationDidFinishSnapshottingAfterEnteringBackground
https://bugs.webkit.org/show_bug.cgi?id=166433
<rdar://problem/29732407>

Reviewed by Daniel Bates.

* UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::applicationDidFinishSnapshottingAfterEnteringBackground):
m_drawingArea can be null if the process is not valid.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210118 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoCSS Scroll Snap does not work if scrollbar is hidden
wenson_hsieh@apple.com [Thu, 22 Dec 2016 22:55:31 +0000 (22:55 +0000)]
CSS Scroll Snap does not work if scrollbar is hidden
https://bugs.webkit.org/show_bug.cgi?id=160442
<rdar://problem/23317034>

Reviewed by Simon Fraser.

Source/WebCore:

Currently, the only reason scroll snapping works in overflow scrolling containers without forcing layout is
because we would initialize the scrolling container's ScrollAnimator in the process of updating scrollbars. If
there are no scrollbars to render, we won't bother creating a ScrollAnimator. Without an existing
ScrollAnimator, ScrollableArea::updateScrollSnapState will simply bail instead of setting up the scroll snap
state. Instead, we should take setting a non-empty vector of scroll offsets on the ScrollableArea as a cue that
the ScrollableArea also needs a ScrollAnimator, and initialize it there if necessary.

Test: tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-hidden-scrollbars.html

* platform/ScrollableArea.cpp:
(WebCore::ScrollableArea::setHorizontalSnapOffsets):
(WebCore::ScrollableArea::setVerticalSnapOffsets):

LayoutTests:

Adds a new layout test verifying that scroll snapping still works when scrollbars are hidden via CSS.

* tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-hidden-scrollbars-expected.txt: Added.
* tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-hidden-scrollbars.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210117 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoDe-duplicate finally blocks.
mark.lam@apple.com [Thu, 22 Dec 2016 22:48:32 +0000 (22:48 +0000)]
De-duplicate finally blocks.
https://bugs.webkit.org/show_bug.cgi?id=160168

Reviewed by Saam Barati.

JSTests:

Re-landing r209952 with a few new tests added in test-finally.js.

* stress/deeply-nested-finallys.js: Copied from JSTests/stress/deeply-nested-finallys.js.
- Tests many levels of finally nesting.  This causes the old code to hang (and
  crashes eventually) while trying to generate bytecode for the exponentially
  duplicated finally blocks.  The new code completes this test almost instantly.

* stress/test-finally.js: Copied from JSTests/stress/test-finally.js.
- Tests control flow through various permutations of finally blocks.

Source/JavaScriptCore:

JS execution can arrive at a finally block when there are abrupt completions from
its try or catch block.  The abrupt completion types include Break,
Continue, Return, and Throw.  The non-abrupt completion type is called Normal
(i.e. the case of a try block falling through to the finally block).

Previously, we enable each of these paths for abrupt completion (except for Throw)
to run the finally block code by duplicating the finally block code at each of
the sites that trigger those completions.  This patch fixes the implementation so
that each of these abrupt completions will set a completionTypeRegister (plus a
completionValueRegister for CompletionType::Return) and then jump to the
relevant finally blocks, and continue to thread through subsequent outer finally
blocks until execution reaches the outermost finally block that the completion
type dictates.  We no longer duplicate the finally block code.

The implementation details:
1. We allocate a pair of registers (completionTypeRegister and completionValueRegister)
   just before entering the outermost try-catch-finally scope.

   On allocating the registers, we initialize the completionTypeRegister to
   CompletionType::Normal, and set the completionValueRegister to the empty
   JSValue.

2. The completionTypeRegister will hold a CompletionType value.  This is how we
   encode the CompletionType value to be set:

   a. For Normal, Return, and Throw completion types:
      - The completionTypeRegister is set to CompletionType::Normal,
        CompletionType::Return, and CompletionType::Throw respectively.

   b. For Break and Continue completion types:
      - The completionTypeRegister is set to a unique jumpID where the jumpID is
        computed as:

        jumpID = CompletionType::NumberOfTypes + bytecodeOffset

        The bytecodeOffset used here is the bytecodeOffset of the break or continue
        statement that triggered this completion.

3. Each finally block will have 2 entries:
   a. the catch entry.
   b. the normal entry.

   The catch entry is recorded in the codeBlock's exception handler table,
   and can only be jumped to by the VM's exception handling mechanism.

   The normal entry is recorded in a FinallyContext (at bytecode generation time
   only) and is jumped to when we want enter the finally block due any of the
   other CompletionTypes.

4. How each completion type works?

   CompletionType::Normal
   ======================
   We normally encounter this when falling through from a try or catch block to
   the finally block.

   For the try block case, since completionTypeRegister is set to Normal by default,
   there's nothing more that needs to be done.

   For the catch block case, since we entered the catch block with an exception,
   completionTypeRegister may be set to Throw.  We'll need to set it to Normal
   before jumping to the finally block's normal entry.

   CompletionType::Break
   =====================
   When we emit bytecode for the BreakNode, we check if we have any FinallyContexts
   that we need to service before jumping to the breakTarget.  If we don't, then
   emit op_jump to the breakTarget as usual.  Otherwise:

   a. we'll register a jumpID and the breakTarget with the FinallyContext for the
      outermost finally block that we're supposed to run through.
   b. we'll also increment the numberOfBreaksOrContinues count in each FinallyContext
      from the innermost to the one for that outermost finally block.
   c. emit bytecode to set the completionTypeRegister to the jumpID.
   d. emit bytecode to jump to the normal entry of the innermost finally block.

   Each finally block will take care of cascading to the next outer finally block
   as needed (see (5) below).

   CompletionType::Continue
   ========================
   Since continues and breaks work the same way (i.e. with a jump), we handle this
   exactly the same way as CompletionType::Break, except that we use the
   continueTarget instead of the breakTarget.

   CompletionType::Return
   ======================
   When we emit bytecode for the ReturnNode, we check if we have any FinallyContexts
   at all on the m_controlFlowScopeStack.  If we don't, then emit op_ret as usual.
   Otherwise:

   a. emit bytecode to set the completionTypeRegister to CompletionType::Return.
   b. emit bytecode to move the return value into the completionValueRegister.
   c. emit bytecode to jump to the normal entry of the innermost finally block.

   Each finally block will take care of cascading to the next outer finally block
   as needed (see (5) below).

   CompletionType::Throw
   ======================
   At the catch entry a finally block, we:
   1. emit an op_catch that stores the caught Exception object in the
      completionValueRegister.
   2. emit bytecode to set the completionTypeRegister to CompletionType::Throw.
   3. Fall through or jump to the finally block's normal entry.

5. What happens in each finally block?
   ==================================
   For details on the finally block's catch entry, see "CompletionType::Throw" in
   (4) above.

   The finally block's normal entry will:
   1. restore the scope of the finally block.
   2. save the completionTypeRegister in a savedCompletionTypeRegister.
   3. proceed to execute the body of the finally block.

   At the end of the finally block, we will emit bytecode check the
   savedCompletionTypeRegister for each completion type see emitFinallyCompletion())
   in the following order:

   a. Check for CompletionType::Normal
      ================================
      If savedCompletionTypeRegister is CompletionType::Normal, jump to the
      designated normalCompletion label.  We only need this check this finally
      block also needs to check for Break, Continue, or Return.  If not, the
      completion type check for CompletionType::Throw below will make this check
      redundant.

   b. Check for CompletionType::Break and Continue
      ============================================
      If the FinallyContext for this block has registered FinallyJumps, we'll
      check the jumpIDs against the savedCompletionTypeRegister.  If the jumpID
      matches, jump to the corresponding jumpTarget.

      If no jumpIDs match but the FinallyContext's numberOfBreaksOrContinues is
      greater than the number of registered FinallyJumps, then this means that
      we have a Break or Continue that needs to be handled by an outer finally
      block.  In that case, jump to the next outer finally block's normal entry.

   c. Check for CompletionType::Return
      ================================
      If this finally block is not the outermost and the savedCompletionTypeRegister
      is set to CompletionType::Return, then jump to the next outer finally
      block's normal entry.

      Otherwise, if this finally block is the outermost and the savedCompletionTypeRegister
      is set to CompletionType::Return, then execute op_ret and return the value
      in the completionValueRegister.

   d. CompletionType::Throw
      =====================
      If savedCompletionTypeRegister is CompletionType::Throw, then just re-throw the
      Exception object in the completionValueRegister.

   Detail 1: that we check the savedCompletionTypeRegister (and not the
   completionTypeRegister).  This is because the finally block may itself contain
   a try-finally, and this inner try-finally may have trashed the completionTypeRegister.
   Here's an example:

       try {
           return "r1"; // Sets completionTypeRegister to CompletionType::Return;
       } finally {
           // completionTypeRegister is CompletionType::Return here.

           try {
               ... // do stuff.
           } finally {
               ... // do more stuff.
           }

           // completionTypeRegister may be anything here depending on what
           // was executed in the inner try-finally block above.

           // Hence, finally completion here must be based on a saved copy of the
           // completionTypeRegister when we entered this finally block.
       }

   Detail 2: the finally completion for CompletionType::Throw must always explicitly
   check if the savedCompletionTypeRegister is CompletionType::Throw before throwing.
   We cannot imply that it is so from the Throw case being last.  Here's why:

       // completionTypeRegister is CompletionType::Normal here.
       try {
           return "r1"; // Sets completionTypeRegister to CompletionType::Return;
       } finally {
           // completionTypeRegister is CompletionType::Return here.

           try {
               ... // do stuff.  No abrupt completions.
           } finally {
               // completionTypeRegister is CompletionType::Return here (from the outer try-finally).
               // savedCompletionTypeRegister is set to completionTypeRegister (i.e. CompletionType::Return) here.

               ... // do more stuff.  No abrupt completions.

               // Unless there's an abrupt completion since entering the outer
               // finally block, the savedCompletionTypeRegister will remain set
               // to CompletionType::Return.  If we don't explicitly check if the
               // savedCompletionTypeRegister is CompletionType::Throw before
               // throwing here, we'll end up erroneously throwing "r1".
           }

           ...
       }

6. restoreScopeRegister()

   Since the needed scope objects are always stored in a local, we can restore
   the scope register by simply moving from that local instead of going through
   op_get_parent_scope.

7. m_controlFlowScopeStack needs to be a SegmentedVector instead of a Vector.
   This makes it easier to keep a pointer to the FinallyContext on that stack,
   and not have to worry about the vector being realloc'ed due to resizing.

Performance appears to be neutral both on ES6SampleBench (run via cli) and the
JSC benchmarks.

Relevant spec references:
https://tc39.github.io/ecma262/#sec-completion-record-specification-type
https://tc39.github.io/ecma262/#sec-try-statement-runtime-semantics-evaluation

* bytecode/HandlerInfo.h:
(JSC::HandlerInfoBase::typeName):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitReturn):
(JSC::BytecodeGenerator::pushFinallyControlFlowScope):
(JSC::BytecodeGenerator::popFinallyControlFlowScope):
(JSC::BytecodeGenerator::allocateAndEmitScope):
(JSC::BytecodeGenerator::pushTry):
(JSC::BytecodeGenerator::popTry):
(JSC::BytecodeGenerator::emitCatch):
(JSC::BytecodeGenerator::restoreScopeRegister):
(JSC::BytecodeGenerator::labelScopeDepthToLexicalScopeIndex):
(JSC::BytecodeGenerator::labelScopeDepth):
(JSC::BytecodeGenerator::pushLocalControlFlowScope):
(JSC::BytecodeGenerator::popLocalControlFlowScope):
(JSC::BytecodeGenerator::emitEnumeration):
(JSC::BytecodeGenerator::emitIsNumber):
(JSC::BytecodeGenerator::emitYield):
(JSC::BytecodeGenerator::emitDelegateYield):
(JSC::BytecodeGenerator::emitJumpViaFinallyIfNeeded):
(JSC::BytecodeGenerator::emitReturnViaFinallyIfNeeded):
(JSC::BytecodeGenerator::emitFinallyCompletion):
(JSC::BytecodeGenerator::allocateCompletionRecordRegisters):
(JSC::BytecodeGenerator::releaseCompletionRecordRegisters):
(JSC::BytecodeGenerator::emitJumpIf):
(JSC::BytecodeGenerator::pushIteratorCloseControlFlowScope): Deleted.
(JSC::BytecodeGenerator::popIteratorCloseControlFlowScope): Deleted.
(JSC::BytecodeGenerator::emitComplexPopScopes): Deleted.
(JSC::BytecodeGenerator::emitPopScopes): Deleted.
(JSC::BytecodeGenerator::popTryAndEmitCatch): Deleted.
* bytecompiler/BytecodeGenerator.h:
(JSC::bytecodeOffsetToJumpID):
(JSC::FinallyJump::FinallyJump):
(JSC::FinallyContext::FinallyContext):
(JSC::FinallyContext::outerContext):
(JSC::FinallyContext::finallyLabel):
(JSC::FinallyContext::depth):
(JSC::FinallyContext::numberOfBreaksOrContinues):
(JSC::FinallyContext::incNumberOfBreaksOrContinues):
(JSC::FinallyContext::handlesReturns):
(JSC::FinallyContext::setHandlesReturns):
(JSC::FinallyContext::registerJump):
(JSC::FinallyContext::numberOfJumps):
(JSC::FinallyContext::jumps):
(JSC::ControlFlowScope::ControlFlowScope):
(JSC::ControlFlowScope::isLabelScope):
(JSC::ControlFlowScope::isFinallyScope):
(JSC::BytecodeGenerator::currentLexicalScopeIndex):
(JSC::BytecodeGenerator::CompletionRecordScope::CompletionRecordScope):
(JSC::BytecodeGenerator::CompletionRecordScope::~CompletionRecordScope):
(JSC::BytecodeGenerator::completionTypeRegister):
(JSC::BytecodeGenerator::completionValueRegister):
(JSC::BytecodeGenerator::emitSetCompletionType):
(JSC::BytecodeGenerator::emitSetCompletionValue):
(JSC::BytecodeGenerator::isInFinallyBlock): Deleted.
* bytecompiler/NodesCodegen.cpp:
(JSC::ContinueNode::emitBytecode):
(JSC::BreakNode::emitBytecode):
(JSC::ReturnNode::emitBytecode):
(JSC::TryNode::emitBytecode):

Source/WTF:

Added some methods to bring SegmentedVector closer to parity with Vector.

* wtf/SegmentedVector.h:
(WTF::SegmentedVector::first):
(WTF::SegmentedVector::last):
(WTF::SegmentedVector::takeLast):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210116 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: Make the spec-tests/address.wast.js test pass
sbarati@apple.com [Thu, 22 Dec 2016 22:40:39 +0000 (22:40 +0000)]
WebAssembly: Make the spec-tests/address.wast.js test pass
https://bugs.webkit.org/show_bug.cgi?id=166429
<rdar://problem/29793220>

Reviewed by Keith Miller.

JSTests:

* wasm.yaml:

Source/JavaScriptCore:

Right now, provably out of bound loads/stores (given a load/store's constant
offset) are not a validation error. However, we were failing to catch uint32_t
overflows in release builds (we did have a debug assertion). To fix this,
I now detect when uint32_t addition will overflow, and instead of emitting
a normal load/store, I emit code that throws an out of bounds memory exception.

* wasm/WasmB3IRGenerator.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210115 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: Silence the output of the spec-tests
sbarati@apple.com [Thu, 22 Dec 2016 22:29:27 +0000 (22:29 +0000)]
WebAssembly: Silence the output of the spec-tests
https://bugs.webkit.org/show_bug.cgi?id=166417

Reviewed by Mark Lam.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210114 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoMake http/tests/security/popup-blocked-from-{fake-event, window-open}.html actually...
dbates@webkit.org [Thu, 22 Dec 2016 22:26:37 +0000 (22:26 +0000)]
Make http/tests/security/popup-blocked-from-{fake-event, window-open}.html actually test popup
blocker; run on WebKit2
https://bugs.webkit.org/show_bug.cgi?id=166403

Reviewed by Darin Adler.

The tests http/tests/security/popup-blocked-from-{fake-event, window-open}.html inadvertently
depended on the default behavior of DumpRenderTree to ignore the ChromeClient::createWindow()
callback when asked to create a new window instead of testing that the popup blocker blocked
opening windows. We should call testRunner.setCanOpenWindows() and testRunner.setPopupBlockingEnabled(true)
from both of these tests so that DumpRenderTree respects requests to open windows and enable
the popup blocker (it is disabled by default), respectively.

The default behavior of DumpRenderTree to disallow opening windows falls out from the purpose
and implementation of testRunner.setCanOpenWindows() to support writing tests where the embedding
client ignores requests to create a new window. We do not implement such a concept in WebKitTestRunner
(see <https://bugs.webkit.org/show_bug.cgi?id=166402>).

* http/tests/security/popup-blocked-from-fake-event.html:
* http/tests/security/popup-blocked-from-window-open.html:
* platform/wk2/TestExpectations: Unskip the above tests as they now pass.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210113 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoBypass pop-up blocker from cross-origin or sandboxed frame
dbates@webkit.org [Thu, 22 Dec 2016 22:20:25 +0000 (22:20 +0000)]
Bypass pop-up blocker from cross-origin or sandboxed frame
https://bugs.webkit.org/show_bug.cgi?id=166290
<rdar://problem/29742039>

Reviewed by Darin Adler.

Source/WebCore:

Tests: fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame.html
       fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame2.html
       fast/events/popup-blocked-from-unique-frame-via-window-open-named-sibling-frame.html

* page/DOMWindow.cpp:
(WebCore::DOMWindow::open): Use FrameLoader::findFrameForNavigation() to find the
target frame to navigate with respect to the active document just as we do in WebCore::createWindow().

LayoutTests:

* fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame-expected.txt: Added.
* fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame.html: Added.
* fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame2-expected.txt: Added.
* fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame2.html: Added.
* fast/events/popup-blocked-from-unique-frame-via-window-open-named-sibling-frame-expected.txt: Added.
* fast/events/popup-blocked-from-unique-frame-via-window-open-named-sibling-frame.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210112 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: The validator should not allow unused stack entries at the end of a...
keith_miller@apple.com [Thu, 22 Dec 2016 22:19:42 +0000 (22:19 +0000)]
WebAssembly: The validator should not allow unused stack entries at the end of a block
https://bugs.webkit.org/show_bug.cgi?id=166411

Reviewed by Saam Barati.

JSTests:

Test cleanup and enable new passing tests.

* wasm.yaml:
* wasm/function-tests/br-if-as-return.js:

Source/JavaScriptCore:

This patch also cleans up some of the verbose mode logging.

* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::dumpExpressionStack):
(JSC::Wasm::B3IRGenerator::dump):
* wasm/WasmFunctionParser.h:
* wasm/WasmValidate.cpp:
(JSC::Wasm::dumpExpressionStack):
(JSC::Wasm::Validate::dump):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210111 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWeb Inspector: Styles sidebar: Uncommenting CSS rules of pseudo-elements doesn't...
nvasilyev@apple.com [Thu, 22 Dec 2016 21:56:50 +0000 (21:56 +0000)]
Web Inspector: Styles sidebar: Uncommenting CSS rules of pseudo-elements doesn't work
https://bugs.webkit.org/show_bug.cgi?id=165831
<rdar://problem/29652688>

Reviewed by Matt Baker.

* UserInterface/Views/CSSStyleDeclarationTextEditor.js:
(WebInspector.CSSStyleDeclarationTextEditor.prototype.uncommentAllProperties):
Call _resetContent() when toggling all properties to ensure properties have text markers.

(WebInspector.CSSStyleDeclarationTextEditor.prototype._propertyCommentCheckboxChanged):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._uncommentProperty): Added.
This method is the opposite of _commentProperty. Introduce it to minimize code duplication.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210110 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoMake WebCore::EditorInsertAction an enum class
aestes@apple.com [Thu, 22 Dec 2016 21:10:26 +0000 (21:10 +0000)]
Make WebCore::EditorInsertAction an enum class
https://bugs.webkit.org/show_bug.cgi?id=166424

Reviewed by Brent Fulgham.

Source/WebCore:

* editing/AlternativeTextController.cpp:
(WebCore::AlternativeTextController::applyDictationAlternative):
* editing/Editor.cpp:
(WebCore::Editor::pasteAsPlainTextWithPasteboard):
(WebCore::Editor::shouldInsertText):
(WebCore::Editor::insertTextWithoutSendingTextEvent):
(WebCore::Editor::insertLineBreak):
(WebCore::Editor::insertParagraphSeparator):
(WebCore::Editor::markMisspellingsAfterTypingToWord):
(WebCore::Editor::markAndReplaceFor):
(WebCore::Editor::changeBackToReplacedString):
(WebCore::Editor::transpose):
(WebCore::Editor::handleAcceptedCandidate):
* editing/EditorInsertAction.h:
(): Deleted.
* editing/gtk/EditorGtk.cpp:
(WebCore::Editor::pasteWithPasteboard):
* editing/ios/EditorIOS.mm:
(WebCore::Editor::pasteWithPasteboard):
(WebCore::Editor::replaceSelectionWithAttributedString):
* editing/mac/EditorMac.mm:
(WebCore::Editor::pasteWithPasteboard):
(WebCore::Editor::replaceNodeFromPasteboard):
(WebCore::Editor::replaceSelectionWithAttributedString):
* editing/win/EditorWin.cpp:
(WebCore::Editor::pasteWithPasteboard):
* page/ContextMenuController.cpp:
(WebCore::insertUnicodeCharacter):
(WebCore::ContextMenuController::contextMenuItemSelected):
* page/DragController.cpp:
(WebCore::DragController::concludeEditDrag):

Source/WebKit/mac:

* WebCoreSupport/WebEditorClient.mm:
(kit):

Source/WebKit/win:

* WebCoreSupport/WebEditorClient.cpp:
(kit):
(WebEditorClient::shouldInsertNode):
(WebEditorClient::shouldInsertText):

Source/WebKit2:

* WebProcess/InjectedBundle/API/c/WKBundleAPICast.h:
(WebKit::toAPI):
* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
(toWK):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210109 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoOnly include those parts of AVFoundation.framework which are strictly needed.
jer.noble@apple.com [Thu, 22 Dec 2016 20:31:55 +0000 (20:31 +0000)]
Only include those parts of AVFoundation.framework which are strictly needed.
https://bugs.webkit.org/show_bug.cgi?id=166423

Reviewed by Eric Carlson.

* Modules/plugins/QuickTimePluginReplacement.mm:
* platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
* platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.mm:
* platform/graphics/avfoundation/objc/InbandTextTrackPrivateLegacyAVFObjC.mm:
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
* platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
* platform/mac/SerializedPlatformRepresentationMac.mm:
* platform/mac/WebPlaybackSessionInterfaceMac.mm:
* platform/mac/WebVideoFullscreenController.mm:
* platform/mediastream/mac/AVAudioCaptureSource.mm:
* platform/mediastream/mac/AVCaptureDeviceManager.mm:
* platform/mediastream/mac/AVMediaCaptureSource.mm:
* platform/mediastream/mac/AVVideoCaptureSource.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210105 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoNULL-deref CRASH in WebCore::PlatformMediaSession::mediaType
jer.noble@apple.com [Thu, 22 Dec 2016 20:07:18 +0000 (20:07 +0000)]
NULL-deref CRASH in WebCore::PlatformMediaSession::mediaType
https://bugs.webkit.org/show_bug.cgi?id=166407

Reviewed by Darin Adler.

In r207688, we added a facility in PlatformMediaSessionManager for safely walking through a
list of PlatformMediaSessions by replacing entries of deleted sessions with nullptr. We now
need to use those new iteration falicities in MediaSessionManageriOS.

In addition to the existing iterators, add one which takes a predicate, and returns the first
session which matches the predicate, or nullptr, if none do.

* platform/audio/PlatformMediaSessionManager.cpp:
(WebCore::PlatformMediaSessionManager::findSession):
(WebCore::PlatformMediaSessionManager::anyOfSessions):
* platform/audio/PlatformMediaSessionManager.h:
(WebCore::PlatformMediaSessionManager::sessions): Deleted.
* platform/audio/ios/MediaSessionManagerIOS.mm:
(WebCore::MediaSessionManageriOS::configureWireLessTargetMonitoring):
(WebCore::MediaSessionManageriOS::nowPlayingEligibleSession):
(WebCore::MediaSessionManageriOS::externalOutputDeviceAvailableDidChange):
(WebCore::MediaSessionManageriOS::applicationDidEnterBackground):
(WebCore::MediaSessionManageriOS::applicationWillEnterForeground):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210104 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoSource/WebKit2:
commit-queue@webkit.org [Thu, 22 Dec 2016 19:49:37 +0000 (19:49 +0000)]
Source/WebKit2:
[Cocoa] SPI for setloadsImagesAutomatically
https://bugs.webkit.org/show_bug.cgi?id=166401

Patch by Zhuo Li <zachli@apple.com> on 2016-12-22
Reviewed by Darin Adler.

* UIProcess/API/Cocoa/WKPreferences.mm: Call the C API under the hood.
(-[WKPreferences _loadsImagesAutomatically]):
(-[WKPreferences _setLoadsImagesAutomatically:]):

* UIProcess/API/Cocoa/WKPreferencesPrivate.h:
Add `_loadsImagesAutomatically` property.

Tools:
[Cocoa] SPI for setloadsImagesAutomatically.
https://bugs.webkit.org/show_bug.cgi?id=166401.

Patch by Zhuo Li <zachli@apple.com> on 2016-12-22
Reviewed by Darin Adler.

* TestWebKitAPI/Tests/WebKit2Cocoa/Preferences.mm:
(TEST): Test the _setLoadsImagesAutomatically SPI. By default,
_loadsImagesAutomatically returns YES.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210103 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: Make the spec-tests/start.wast.js test pass
sbarati@apple.com [Thu, 22 Dec 2016 18:31:04 +0000 (18:31 +0000)]
WebAssembly: Make the spec-tests/start.wast.js test pass
https://bugs.webkit.org/show_bug.cgi?id=166416
<rdar://problem/29784532>

Reviewed by Yusuke Suzuki.

JSTests:

* wasm.yaml:

Source/JavaScriptCore:

To make the test run, I had to fix two bugs:

1. We weren't properly finding the start function. There was code
that would try to find the start function from the list of *exported*
functions. This is wrong; the start function is an index into the
function index space, which is the space for *imports* and *local*
functions. So the code was just wrong in this respect, and I've
fixed it do the right thing. We weren't sure if this was originally
allowed or not in the spec, but it has been decided that it is allowed
and the spec-tests test for it: https://github.com/WebAssembly/design/issues/896

2. We were emitting a breakpoint for Unreachable. Instead of crashing,
this opcode needs to throw an exception when executing.

* wasm/WasmB3IRGenerator.cpp:
* wasm/WasmExceptionType.h:
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):
(JSC::WebAssemblyModuleRecord::evaluate):
* wasm/js/WebAssemblyModuleRecord.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210102 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agofast/events/ios/viewport-shrink-to-fit-allows-double-tap.html is flaky/order dependent
wenson_hsieh@apple.com [Thu, 22 Dec 2016 17:37:50 +0000 (17:37 +0000)]
fast/events/ios/viewport-shrink-to-fit-allows-double-tap.html is flaky/order dependent
https://bugs.webkit.org/show_bug.cgi?id=161328
<rdar://problem/28475977>

Reviewed by Darin Adler.

Running a test that scales the viewport and listens to a didEndZooming callback (such as
viewport-shrink-to-fit-allows-double-tap.html) immediately after a test that may begin to trigger viewport
scaling as the test completes (such as viewport-device-width-at-initial-scale-fast-clicks.html) may result in
the didEndZooming callback of the latter test being fired early due to the previous test triggering a zoom
animation. Ideally, -[WKScrollView _stopScrollingAndZoomingAnimations], which is called when committing the page
load, should prevent this from happening, but from reading documentation and code inspection, this is not
intended to fire any associated delegate methods or notifications of the UIScrollView, instead deferring them
for later. Instead, what we need in this case is to clear out any started but not yet completed animations after
we finish running a test and before we load the next test.

One way to do this is to remove all animations from the WKScrollView's layer, and the layers of its children,
recursively. Doing so causes scrollViewDidEndZooming:withView:atScale: to fire at the end of the runloop if the
previous test started zooming and then finished before zooming completed. Since this happens before the next
test has a chance to run UI-side scripts, we won't end up firing this callback prematurely during the next test.

* WebKitTestRunner/ios/TestControllerIOS.mm:
(WTR::TestController::platformResetStateToConsistentValues):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210101 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoMuted media element playback should not interrupt other audio playback
jer.noble@apple.com [Thu, 22 Dec 2016 17:32:38 +0000 (17:32 +0000)]
Muted media element playback should not interrupt other audio playback
https://bugs.webkit.org/show_bug.cgi?id=166347

Reviewed by Eric Carlson.

Source/WebCore:

Test: TestWebKitAPI/WebKit/ios/AudioSessionCategoryIOS.mm

* platform/audio/cocoa/MediaSessionManagerCocoa.cpp:
(PlatformMediaSessionManager::updateSessionState):

Tools:

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit/ios/AudioSessionCategoryIOS.mm:
(TestWebKitAPI::TEST):
* TestWebKitAPI/Tests/WebKit/ios/video-with-muted-audio.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210100 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoCheck for the existence of AVSampleBufferAudioRenderer.h before redeclaring AVSampleB...
jer.noble@apple.com [Thu, 22 Dec 2016 17:14:11 +0000 (17:14 +0000)]
Check for the existence of AVSampleBufferAudioRenderer.h before redeclaring AVSampleBufferAudioRenderer
https://bugs.webkit.org/show_bug.cgi?id=166421

Reviewed by Eric Carlson.

* platform/spi/mac/AVFoundationSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210099 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoAVPlayerLayer isn't available on every system
eric.carlson@apple.com [Thu, 22 Dec 2016 16:58:25 +0000 (16:58 +0000)]
AVPlayerLayer isn't available on every system
https://bugs.webkit.org/show_bug.cgi?id=166399

Reviewed by Jer Noble.

Source/WebCore:

No new tests, prevents a crash that can't be reproduced on a test system.

* platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm: Use SOFT_LINK_CLASS_OPTIONAL.

Source/WebKit2:

* WebProcess/WebPage/mac/PlatformCALayerRemoteCustom.mm: Use SOFT_LINK_CLASS_OPTIONAL.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210098 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoMediaStream: ASSERTION FAILED: m_ids.size() == m_handles.size() in MediaDeviceSandbox...
nael.ouedraogo@crf.canon.fr [Thu, 22 Dec 2016 16:41:10 +0000 (16:41 +0000)]
MediaStream: ASSERTION FAILED: m_ids.size() == m_handles.size() in MediaDeviceSandboxExtensions
https://bugs.webkit.org/show_bug.cgi?id=166328

Reviewed by Eric Carlson.

This assertion failure happens for ports with sandbox extensions disabled. SandboxExtension is empty and
HandleArray:size() always returns 0. Disable creation of MediaDevicesSandboxExtension in UserMediaProcessManager
when building without support of sandbox extension. Disable also WebPage::grantUserMediaDeviceSandboxExtensions
and WebPage::revokeUserMediaDeviceSandboxExtensions which can be avoided when sandbox extension is empty.

* UIProcess/UserMediaProcessManager.cpp:
(WebKit::UserMediaProcessManager::willCreateMediaStream):
(WebKit::UserMediaProcessManager::endedCaptureSession):
* WebProcess/WebPage/WebPage.cpp:
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210097 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[WebRTC] Add support for runtime PeeConnection setting, required after r209757
commit-queue@webkit.org [Thu, 22 Dec 2016 09:22:42 +0000 (09:22 +0000)]
[WebRTC] Add support for runtime PeeConnection setting, required after r209757
https://bugs.webkit.org/show_bug.cgi?id=166346

Patch by Alejandro G. Castro <alex@igalia.com> on 2016-12-22
Reviewed by Carlos Garcia Campos.

Source/WebKit2:

After that commit we have to enable the peerConnection runtime
flag if we want webrtc to work. We are not adding a new API for
the moment to control the peerConnection feature.

* UIProcess/API/gtk/WebKitSettings.cpp:
(webkit_settings_set_enable_media_stream): Use the mediaStream
setting to control the peerConnection

Tools:

Enable WebRTC by default to simplify testing.

* MiniBrowser/gtk/main.c:
(main):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210096 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoTileGrid revalidates tiles twice during flush, first with wrong visible rect
timothy_horton@apple.com [Thu, 22 Dec 2016 03:06:35 +0000 (03:06 +0000)]
TileGrid revalidates tiles twice during flush, first with wrong visible rect
https://bugs.webkit.org/show_bug.cgi?id=166406

Reviewed by Simon Fraser.

No new tests; existing tests cover this code, this is just a perf win,
specifically reducing the amount of layer churn during zooming.

* platform/graphics/ca/TileGrid.cpp:
(WebCore::TileGrid::setScale):
Schedule a revalidation, which will happen later in the same flush,
instead of doing it immediately. Doing it immediately is problematic,
because we're currently in the middle of a GraphicsLayer tree flush,
and don't have the complete picture of the new state yet. We're guaranteed
to get the new scale *before* the flush calls revalidateTiles.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210095 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoTileGrid creates new tiles when there are recyclable tiles about to be removed
timothy_horton@apple.com [Thu, 22 Dec 2016 03:06:05 +0000 (03:06 +0000)]
TileGrid creates new tiles when there are recyclable tiles about to be removed
https://bugs.webkit.org/show_bug.cgi?id=166408

Reviewed by Simon Fraser.

No new tests; existing tests cover this code, this is just a perf win,
specifically reducing the amount of layer churn during zooming.

* platform/graphics/ca/TileGrid.cpp:
(WebCore::TileGrid::revalidateTiles):
Remove all the tiles that will be removed first, then add new tiles.
Strictly ordering it this way means that tiles will be removed, go into
the LayerPool, then be pulled back out of the LayerPool to sit in the
newly-covered areas. Previously, we would sometimes make new layers
for newly-covered areas, and then remove unneeded but otherwise recyclable
tiles, which would then just go sit in the LayerPool (and often get
pruned, wastefully).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210094 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoREGRESSION: API test failure: WKWebView.LocalStorageClear
ap@apple.com [Thu, 22 Dec 2016 01:57:24 +0000 (01:57 +0000)]
REGRESSION: API test failure: WKWebView.LocalStorageClear
https://bugs.webkit.org/show_bug.cgi?id=166032
<rdar://problem/29758423>

Reviewed by Simon Fraser.

Add an @autoreleasepool around the code that allocates then clears the WKWebView,
to ensure that the view is destroyed before the callback fires.

* TestWebKitAPI/Tests/WebKit2Cocoa/LocalStorageClear.mm:
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210093 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[MediaStream] Update media-stream-event-constructor test
eric.carlson@apple.com [Thu, 22 Dec 2016 01:41:51 +0000 (01:41 +0000)]
[MediaStream] Update media-stream-event-constructor test
https://bugs.webkit.org/show_bug.cgi?id=166398

Reviewed by Jer Noble.

Source/WebCore:

No new tests, updated existing test.

* Modules/mediastream/MediaStreamEvent.idl: Mark eventInitDict as optional.

LayoutTests:

Update and rebaseline test to reflect behavior changes that happened while the test was
skipped. Un-skip it on macOS.

* fast/events/constructors/media-stream-event-constructor-expected.txt:
* fast/events/constructors/media-stream-event-constructor.html:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210092 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: Fix decode floating point constants in unreachable code
keith_miller@apple.com [Thu, 22 Dec 2016 01:26:09 +0000 (01:26 +0000)]
WebAssembly: Fix decode floating point constants in unreachable code
https://bugs.webkit.org/show_bug.cgi?id=166400

Reviewed by Saam Barati.

JSTests:

* wasm.yaml:

Source/JavaScriptCore:

We decoded these as variable length but they should be fixed length.

* wasm/WasmFunctionParser.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210091 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: Allow br, br_if, and br_table to act as a return
keith_miller@apple.com [Thu, 22 Dec 2016 01:06:20 +0000 (01:06 +0000)]
WebAssembly: Allow br, br_if, and br_table to act as a return
https://bugs.webkit.org/show_bug.cgi?id=166393

Reviewed by Saam Barati.

JSTests:

Add tests for breaks acting as returns and fix tests that
validate error messages.

* wasm/function-tests/br-as-return.js: Added.
* wasm/function-tests/br-if-as-return.js: Added.
* wasm/function-tests/br-table-as-return.js: Added.
* wasm/function-tests/if-no-else-non-void.js:
* wasm/function-tests/struct.js: Added.
* wasm/js-api/global-error.js:
(assert.throws):
* wasm/js-api/table.js:
(assert.throws):

Source/JavaScriptCore:

This patch allows br, br_if, and br_table to treat branching to
the size of the control stack to act as a return. This change was
made by adding a new block type to the wasm function parser,
TopLevel. Adding this new block eliminates a lot of the special
case code we had in the parser previously. The only special case
we need is when the end opcode is parsed from the top level.  The
B3 IR generator needs to automatically emit a return at that
point.

Also, this patch adds the function number to validation errors
in the function parser. The current error message is not helpful
otherwise.

* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::ControlData::dump):
(JSC::Wasm::B3IRGenerator::addTopLevel):
* wasm/WasmFunctionParser.h:
* wasm/WasmPlan.cpp:
(JSC::Wasm::Plan::parseAndValidateModule):
(JSC::Wasm::Plan::run):
* wasm/WasmValidate.cpp:
(JSC::Wasm::Validate::ControlData::dump):
(JSC::Wasm::Validate::Validate):
(JSC::Wasm::Validate::addTopLevel):
(JSC::Wasm::validateFunction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210090 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: Import spec tests
sbarati@apple.com [Thu, 22 Dec 2016 00:51:00 +0000 (00:51 +0000)]
WebAssembly: Import spec tests
https://bugs.webkit.org/show_bug.cgi?id=166395

Rubber stamped by Keith Miller.

JSTests:

This patch implements the Wasm spec's tests found here:
https://github.com/WebAssembly/spec/tree/master/interpreter/test

These tests are in .wast s-epxression format. To convert
them to JS, I use a script from the wabt library, found here:
https://github.com/WebAssembly/wabt/blob/master/test/run-gen-spec-js.py

I also added a script that automatically imports the tests as
JS files. The inputs to the script is the path to the Wasm spec
git repo and the path to the wabt git repo. This will make importing
new tests easy in the future.

The wasm spec imported is at commit: b055d01ea1dfdd7a5231ae779095435f836de97f
The wabt used to do the import is at commit: 622b42dced6d793e9d49e9b1fd1d1524defd1387

* wasm.yaml:
* wasm/import-spec-tests.rb: Added.
* wasm/spec-tests: Added.
* wasm/spec-tests/address.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/binary.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/block.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/br.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/br_if.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/br_table.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/break-drop.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/call.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/call_indirect.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/comments.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/conversions.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/custom_section.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/endianness.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/exports.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/f32.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/f32_cmp.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/f64.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/f64_cmp.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/fac.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/float_exprs.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/float_literals.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/float_memory.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/float_misc.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/forward.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/func.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/func_ptrs.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/get_local.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/globals.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/i32.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/i64.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/imports.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/int_exprs.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/int_literals.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/left-to-right.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/linking.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/loop.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/memory.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/memory_redundancy.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/memory_trap.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/names.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/nop.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/resizing.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/return.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/select.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/set_local.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/skip-stack-guard-page.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/stack.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/start.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/store_retval.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/switch.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/tee_local.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/traps.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/typecheck.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/unreachable.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):
* wasm/spec-tests/unwind.wast.js: Added.
(register):
(module):
(instance):
(assert_malformed):
(assert_invalid):
(assert_soft_invalid):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(assert_return):
(assert_return_nan):

Tools:

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210087 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebKit should set Original URL of a download request correctly
jiewen_tan@apple.com [Thu, 22 Dec 2016 00:04:11 +0000 (00:04 +0000)]
WebKit should set Original URL of a download request correctly
https://bugs.webkit.org/show_bug.cgi?id=166394
<rdar://problem/25391382>

Reviewed by Alex Christensen.

WebKit should set Original URL of a download request correctly if the download
is initiated by clicking on a link with target=_blank.

Manually tested as the requested test infrastructure doesn't exist yet. We need actual
loading process for API test such that we could simulate the real situation which
PolicyDownload is only set when we receive responds. Currently we can only set
PolicyDownload in a NavigationDelegate when the load starts. Hence we cannot simulate
the following process: load starts -> PolicyUse -> creates a new WebView ->
respond receives -> PolicyDownload -> downloads.

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::setOriginalURLForDownloadRequest):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210083 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoREGRESSION: API test failure: _WKDownload.OriginatingWebView
ap@apple.com [Wed, 21 Dec 2016 23:58:46 +0000 (23:58 +0000)]
REGRESSION: API test failure: _WKDownload.OriginatingWebView
https://bugs.webkit.org/show_bug.cgi?id=166033
<rdar://problem/29758428>

Reviewed by Simon Fraser.

Add an @autoreleasepool around the code that allocates the WKWebView,
so that it can be destroyed by removing the last reference in _downloadDidStart.

* TestWebKitAPI/Tests/WebKit2Cocoa/Download.mm:
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210082 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[WebIDL] Remove custom binding for ErrorEvent
weinig@apple.com [Wed, 21 Dec 2016 23:33:37 +0000 (23:33 +0000)]
[WebIDL] Remove custom binding for ErrorEvent
https://bugs.webkit.org/show_bug.cgi?id=166345

Reviewed by Anders Carlsson.

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSBindingsAllInOne.cpp:
* bindings/js/JSErrorEventCustom.cpp: Removed.
Remove JSErrorEventCustom.cpp

* ForwardingHeaders/heap/HandleTypes.h: Added.
Add forwarding header for HandleTypes.h

* bindings/js/JSErrorHandler.cpp:
(WebCore::JSErrorHandler::handleEvent):
Switch to using JSDOMConvert and call the updated name for the error getter.

* bindings/js/ScriptController.h:
* bindings/js/SerializedScriptValue.h:
Remove unnecessary forward declaration of ScriptValue.

* bindings/js/WorkerScriptController.cpp:
(WebCore::WorkerScriptController::evaluate):
* dom/ScriptExecutionContext.cpp:
(WebCore::ScriptExecutionContext::sanitizeScriptError):
(WebCore::ScriptExecutionContext::dispatchErrorEvent):
* dom/ScriptExecutionContext.h:
* workers/WorkerMessagingProxy.cpp:
(WebCore::WorkerMessagingProxy::postExceptionToWorkerObject):
Update type that sanitizeScriptError takes from a ScriptValue to a Strong<Unknown>.

* bindings/scripts/CodeGeneratorJS.pm:
(GenerateCallWith):
* bindings/scripts/IDLAttributes.txt:
Add a new extended attributes option for the CallWith, GlobalObject, that passes the global object.

* dom/ErrorEvent.cpp:
(WebCore::ErrorEvent::ErrorEvent):
(WebCore::ErrorEvent::error):
(WebCore::ErrorEvent::trySerializeError):
(WebCore::ErrorEvent::sanitizedErrorValue): Deleted.
* dom/ErrorEvent.h:
Store a Strong<Unknown> directly, rather than a ScriptValue. Rename sanitizedErrorValue to
just error to match the IDL.

* dom/ErrorEvent.idl:
Remove CustomGetter.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210081 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoUnreviewed, mark passing test as passing.
keith_miller@apple.com [Wed, 21 Dec 2016 23:11:37 +0000 (23:11 +0000)]
Unreviewed, mark passing test as passing.

* es6.yaml:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210080 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoModernize findPlainText
rniwa@webkit.org [Wed, 21 Dec 2016 22:11:39 +0000 (22:11 +0000)]
Modernize findPlainText
https://bugs.webkit.org/show_bug.cgi?id=166299

Reviewed by Sam Weinig.

Modernized findPlainText by merging the static version of it into it
and extracting the main nested loop out as findPlainTextOffset.

No new tests since there should be no behavioral change.

* editing/TextIterator.cpp:
(WebCore::findPlainTextOffset):
(WebCore::findPlainText):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210078 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoSwitch to a blacklist model for restricted Accept headers in simple CORS requests
wilander@apple.com [Wed, 21 Dec 2016 22:06:22 +0000 (22:06 +0000)]
Switch to a blacklist model for restricted Accept headers in simple CORS requests
https://bugs.webkit.org/show_bug.cgi?id=166363

Reviewed by Alex Christensen.

Source/WebCore:

Updated existing tests.

* platform/network/HTTPParsers.cpp:
(WebCore::isDelimiterCharacter):
    Convenience function for checking delimiter characters according to:
    https://tools.ietf.org/html/rfc7230#section-3.2.6
(WebCore::isValidAcceptHeaderValue):
    Now uses WebCore::isDelimiterCharacter() to blacklist delimiter characters
    instead of a whitelist of accepted non-alphanumeric characters.

LayoutTests:

* http/tests/xmlhttprequest/cors-non-standard-safelisted-headers-should-trigger-preflight-expected.txt:
* http/tests/xmlhttprequest/cors-non-standard-safelisted-headers-should-trigger-preflight.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210077 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[Mac][WK2] Stop using file* rules in WebProcess sandbox profiles
bfulgham@apple.com [Wed, 21 Dec 2016 22:02:48 +0000 (22:02 +0000)]
[Mac][WK2] Stop using file* rules in WebProcess sandbox profiles
https://bugs.webkit.org/show_bug.cgi?id=165824
<rdar://problem/14024823>

Reviewed by Alexey Proskuryakov

Switch from blanket 'file*' sandbox rules, to the specific 'file-read*' and 'file-write*' rules
we actually need.

* DatabaseProcess/mac/com.apple.WebKit.Databases.sb.in:
* PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in:
* WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210076 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoHolding down on candidates in the TouchBar should show panel on screen
bdakin@apple.com [Wed, 21 Dec 2016 21:30:30 +0000 (21:30 +0000)]
Holding down on candidates in the TouchBar should show panel on screen
https://bugs.webkit.org/show_bug.cgi?id=166367
-and corresponding-
<rdar://problem/28479236>

Reviewed by Tim Horton.

Source/WebCore:

Expose the version of setCandidates: that takes a rect.
* platform/spi/cocoa/NSTouchBarSPI.h:

Source/WebKit/mac:

Stray whitespace.
* WebCoreSupport/WebEditorClient.mm:
(WebEditorClient::handleRequestedCandidates):

Call the version of setCandidates: that takes a rect. We need to keep the helper
function in WK1 (unlike WK2) since we also use it for testing.
* WebView/WebView.mm:
(-[WebView showCandidates:forString:inRect:forSelectedRange:view:completionHandler:]):

Source/WebKit2:

The showCandidates() helper function is not needed. We can call the AppKit method
directly at the one call site.
* UIProcess/Cocoa/WebViewImpl.h:
* UIProcess/Cocoa/WebViewImpl.mm:

The panel should appear under the selection, so offset the selection rect.
(WebKit::WebViewImpl::handleRequestedCandidates):

No more showCandidates() since we can call it directly.
(WebKit::WebViewImpl::showCandidates): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210075 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoExtensions3DOpenGL[ES] constructor should not be explicit
mcatanzaro@igalia.com [Wed, 21 Dec 2016 21:24:17 +0000 (21:24 +0000)]
Extensions3DOpenGL[ES] constructor should not be explicit
https://bugs.webkit.org/show_bug.cgi?id=166296

Reviewed by Darin Adler.

These constructors used to only have one parameter. Now they have two and they're both
mandatory.

* platform/graphics/opengl/Extensions3DOpenGL.h:
* platform/graphics/opengl/Extensions3DOpenGLES.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210074 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly JS API: cleanup & pass VM around to {Compile/Runtime}Error
jfbastien@apple.com [Wed, 21 Dec 2016 20:34:04 +0000 (20:34 +0000)]
WebAssembly JS API: cleanup & pass VM around to {Compile/Runtime}Error
https://bugs.webkit.org/show_bug.cgi?id=166295
<rdar://problem/29762017>

Reviewed by Mark Lam.

JSTests:

Update tests to generate new error messages. Adapt some to use the
assert.js module.

* wasm/assert.js: allow filtering out sometimes-useless source
location information. Return the exception so that further
processing can occur on it as desired.
* wasm/function-tests/exceptions.js:
* wasm/function-tests/trap-load-2.js:
(assert): Deleted.
(i.catch): Deleted.
* wasm/function-tests/trap-load.js:
(assert): Deleted.
(i.catch): Deleted.
* wasm/function-tests/trap-store-2.js:
(import.Builder.from.string_appeared_here.assert): Deleted.
(i.catch): Deleted.
* wasm/function-tests/trap-store.js:
(import.Builder.from.string_appeared_here.assert): Deleted.
(i.catch): Deleted.

Source/JavaScriptCore:

Rename the create* functions, and pass VM around, as suggested for
LinkError in #165805.

At the same time, use the default source appender when
constructing these error types, which gives a nice map back to the
original source as part of the error message. This is clearer when
using the current frame, so add that as well.

* jit/ThunkGenerators.cpp:
(JSC::throwExceptionFromWasmThunkGenerator):
* wasm/js/JSWebAssemblyCompileError.cpp:
(JSC::JSWebAssemblyCompileError::create):
(JSC::createJSWebAssemblyCompileError):
(JSC::createWebAssemblyCompileError): Deleted.
* wasm/js/JSWebAssemblyCompileError.h:
(JSC::JSWebAssemblyCompileError::create):
* wasm/js/JSWebAssemblyRuntimeError.cpp:
(JSC::JSWebAssemblyRuntimeError::create):
* wasm/js/JSWebAssemblyRuntimeError.h:
(JSC::JSWebAssemblyRuntimeError::create):
* wasm/js/WebAssemblyCompileErrorConstructor.cpp:
(JSC::constructJSWebAssemblyCompileError):
* wasm/js/WebAssemblyModuleConstructor.cpp:
(JSC::WebAssemblyModuleConstructor::createModule):
* wasm/js/WebAssemblyRuntimeErrorConstructor.cpp:
(JSC::constructJSWebAssemblyRuntimeError):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210073 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoAdd a layout test for scroll snapping with padding in the container
wenson_hsieh@apple.com [Wed, 21 Dec 2016 20:27:46 +0000 (20:27 +0000)]
Add a layout test for scroll snapping with padding in the container
https://bugs.webkit.org/show_bug.cgi?id=144927
<rdar://problem/20923772>

Reviewed by Brent Fulgham.

The issue was actually addressed by changes to snap offset computation in AxisScrollSnapOffsets.cpp with
<https://trac.webkit.org/changeset/210024>, but there was no test for this. This patch adds a new layout test
verifying that the padding on child elements is accounted for when computing the scroll snap offsets of a scroll
snapping container.

* css3/scroll-snap/scroll-snap-children-with-padding-expected.txt: Added.
* css3/scroll-snap/scroll-snap-children-with-padding.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210072 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoset PYTHONPATH in separate COMMAND doesn't work with all CMake generators
annulen@yandex.ru [Wed, 21 Dec 2016 20:19:02 +0000 (20:19 +0000)]
set PYTHONPATH in separate COMMAND doesn't work with all CMake generators
https://bugs.webkit.org/show_bug.cgi?id=164997

Reviewed by Alex Christensen.

Fix for r201413.

* Source/cmake/WebKitMacros.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210071 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebKitTestRunner: Add comment to TestRunner::setCanOpenWindows()
dbates@webkit.org [Wed, 21 Dec 2016 19:35:52 +0000 (19:35 +0000)]
WebKitTestRunner: Add comment to TestRunner::setCanOpenWindows()
https://bugs.webkit.org/show_bug.cgi?id=166356

Tools:

Add comment in TestRunner::setCanOpenWindows() to elaborate further on its purpose
as a means to allow a test to explicit allow an embedding client to open a new windows
such that the default behavior is for the embedding client to forbid such an action.
The test plugins/get-url-with-blank-target.html assumes this default behavior though
it is currently skipped on WebKit2 because questions were raised in the patch for
<https://bugs.webkit.org/show_bug.cgi?id=43389> about its correctness and usefulness.
We will need to implement TestRunner::setCanOpenWindows() should we decide to unskip
this test.

* WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::setCanOpenWindows):

LayoutTests:

Add a remark that the test plugins/get-url-with-blank-target.html depends on
the assumption that WebKitTestRunner forbids opening windows by default.

* platform/wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210070 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWeb Inspector: Uncommenting CSS properties doesn't work for inline styles
nvasilyev@apple.com [Wed, 21 Dec 2016 19:13:32 +0000 (19:13 +0000)]
Web Inspector: Uncommenting CSS properties doesn't work for inline styles
https://bugs.webkit.org/show_bug.cgi?id=166297

Reviewed by Brian Burg.

* UserInterface/Views/CSSStyleDeclarationTextEditor.js:
Update checkboxes for inline styles, too.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210069 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoVersioning.
bshafiei@apple.com [Wed, 21 Dec 2016 19:02:35 +0000 (19:02 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWeb Inspector: Fix some typos and style in LayoutTests/inspector
commit-queue@webkit.org [Wed, 21 Dec 2016 18:52:28 +0000 (18:52 +0000)]
Web Inspector: Fix some typos and style in LayoutTests/inspector
https://bugs.webkit.org/show_bug.cgi?id=166273

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-12-21
Reviewed by Brian Burg.

* inspector/*

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210062 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[MediaStream] MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer can be called before...
eric.carlson@apple.com [Wed, 21 Dec 2016 18:30:36 +0000 (18:30 +0000)]
[MediaStream] MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer can be called before it has a media stream
https://bugs.webkit.org/show_bug.cgi?id=166344
<rdar://problem/29763143>

Reviewed by Jer Noble.

There is a very narrow window during which a MediaStream player can be asked for its layer
before it has a steam, resulting in a NULL dereference and crash. Don't do that.

Unable to reproduce.

* platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210061 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[Readable Streams API] Fix test in readableByteStreamCallPullIfNeeded
nael.ouedraogo@crf.canon.fr [Wed, 21 Dec 2016 17:37:14 +0000 (17:37 +0000)]
[Readable Streams API] Fix test in readableByteStreamCallPullIfNeeded
https://bugs.webkit.org/show_bug.cgi?id=166312

Reviewed by Youenn Fablet.

Add a new function to evaluate if calling a pull function is
required as per specification.

No new test required.

* Modules/streams/ReadableByteStreamInternals.js:
(readableByteStreamControllerShouldCallPull): Added.
(readableByteStreamControllerCallPullIfNeeded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210060 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoFixed bars are positioned incorrectly when there are header and footer banners
simon.fraser@apple.com [Wed, 21 Dec 2016 17:33:05 +0000 (17:33 +0000)]
Fixed bars are positioned incorrectly when there are header and footer banners
https://bugs.webkit.org/show_bug.cgi?id=166302
rdar://problem/29727145

Reviewed by Tim Horton.

Source/WebCore:

The computation of the visual viewport was wrong in the presence of header and footer
banners. It needs to take into account the fact that "visibleContentRect" applies to the
scroll view contents, which includes header and footer (unscaled), and the potentially scaled
document, and we need to return a rectangle in unscaled document coordinates.

Make a static method in FrameView to do this computation, and call it from FrameView::visualViewportRect()
and ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition().

layoutViewportForScrollPosition() is only called on Mac, so remove the #ifdeffing related to scaling,
and pass in an unscaled scroll position.

Test: fast/visual-viewport/zoomed-fixed-header-and-footer.html

* page/FrameView.cpp:
(WebCore::FrameView::updateLayoutViewport):
(WebCore::FrameView::maxStableLayoutViewportOrigin):
(WebCore::FrameView::visibleDocumentRect):
(WebCore::FrameView::visualViewportRect):
* page/FrameView.h:
* page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
(WebCore::ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition):
* page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
(WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollPositionWithoutContentEdgeConstraints):

LayoutTests:

* fast/visual-viewport/zoomed-fixed-header-and-footer-expected.txt: Added.
* fast/visual-viewport/zoomed-fixed-header-and-footer.html: Added.
* platform/ios-simulator/fast/visual-viewport/zoomed-fixed-header-and-footer-expected.txt: Added.
* tiled-drawing/scrolling/fixed/four-bars-with-header-and-footer-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210059 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[ES6] Fix modules document in features.json
utatane.tea@gmail.com [Wed, 21 Dec 2016 16:42:11 +0000 (16:42 +0000)]
[ES6] Fix modules document in features.json
https://bugs.webkit.org/show_bug.cgi?id=166313

Reviewed by Saam Barati.

* features.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210058 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[CMake] Remove remaining INDIE_UI related entries.
clopez@igalia.com [Wed, 21 Dec 2016 11:48:58 +0000 (11:48 +0000)]
[CMake] Remove remaining INDIE_UI related entries.
https://bugs.webkit.org/show_bug.cgi?id=165881

Unreviewed.

* CMakeLists.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210057 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[Cairo] Conditional jump or move depends on uninitialised value(s)
commit-queue@webkit.org [Wed, 21 Dec 2016 07:48:37 +0000 (07:48 +0000)]
[Cairo] Conditional jump or move depends on uninitialised value(s)
https://bugs.webkit.org/show_bug.cgi?id=166058

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-12-20
Reviewed by Michael Catanzaro.

Initialize x and y members of cairo_glyph_t struct before passing it to cairo_glyph_path.

* platform/graphics/cairo/FontCairo.cpp:
(WebCore::CairoGlyphToPathTranslator::path):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoSkia lighter wght variation looks bolder than regular
mmaxfield@apple.com [Wed, 21 Dec 2016 04:44:01 +0000 (04:44 +0000)]
Skia lighter wght variation looks bolder than regular
https://bugs.webkit.org/show_bug.cgi?id=165948

Reviewed by Antti Koivisto.

Source/WebCore:

Test: fast/text/variations/default-value.html

This patch inspects the font's information regarding variations. It uses this information
to work around a bug in CoreText where default variation values were not getting applied.
This workaround is placed behind a version check and the macro name
"WORKAROUND_CORETEXT_VARIATIONS_DEFAULT_VALUE_BUG" so we know to delete it whenever
possible. It also uses the minimum and maximum supported values for the axis to clamp our
variation values to the closest supported point, which is in line with a recent edit to
the fonts spec:
https://github.com/w3c/csswg-drafts/commit/52b802ac38619286a30662dceb71b8a29fa72f42
This clamping behavior also revealed another bug in CoreText, which was worked around
behind another version check and macro name WORKAROUND_CORETEXT_VARIATIONS_EXTENTS_BUG so
we know to delete it whenever possible.

* platform/graphics/cocoa/FontCacheCoreText.cpp:
(WebCore::defaultVariationValues):
(WebCore::preparePlatformFont):

LayoutTests:

* fast/text/variations/default-value-expected.html: Added.
* fast/text/variations/default-value.html: Added.
* fast/text/variations/outofbounds-expected-mismatch.html: Renamed from LayoutTests/fast/text/variations/outofbounds-expected.html.
* fast/text/variations/outofbounds.html:
* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210054 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoFix undefined behavior caused by macro expansion producing 'defined'
commit-queue@webkit.org [Wed, 21 Dec 2016 04:29:44 +0000 (04:29 +0000)]
Fix undefined behavior caused by macro expansion producing 'defined'
https://bugs.webkit.org/show_bug.cgi?id=166047

Patch by Taras Tsugrii <ttsugrii@fb.com> on 2016-12-20
Reviewed by Darin Adler.

Source/JavaScriptCore:

* API/JSBase.h:

Source/WebKit2:

* Shared/API/Cocoa/WKFoundation.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210053 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoAdd support for global
keith_miller@apple.com [Wed, 21 Dec 2016 04:04:50 +0000 (04:04 +0000)]
Add support for global
https://bugs.webkit.org/show_bug.cgi?id=165171

Reviewed by Filip Pizlo.

JSTests:

* stress/global.js: Added.

Source/JavaScriptCore:

This patch adds spport for the global property on the global object.
The global property spec is in stage three and is quite simple.
For reference: http://tc39.github.io/proposal-global/

* runtime/JSGlobalObject.cpp:

LayoutTests:

Fix getOwnPropertyDescriptor test.

* js/resources/getOwnPropertyDescriptor.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210052 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoRemove a duplicate reference to ScrollingMomentumCalculatorMac.h in the Xcode project
timothy_horton@apple.com [Wed, 21 Dec 2016 02:29:21 +0000 (02:29 +0000)]
Remove a duplicate reference to ScrollingMomentumCalculatorMac.h in the Xcode project

Rubber-stamped by Sam Weinig.

* WebCore.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210051 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoREGRESSION: API test failure: WKWebView.EvaluateJavaScriptBlockCrash
simon.fraser@apple.com [Wed, 21 Dec 2016 02:17:51 +0000 (02:17 +0000)]
REGRESSION: API test failure: WKWebView.EvaluateJavaScriptBlockCrash
https://bugs.webkit.org/show_bug.cgi?id=166031

Reviewed by Tim Horton.

Add an @autoreleasepool around the code that allocates then clears the WKWebView,
to ensure that the view is destroyed before the callback fires.

* TestWebKitAPI/Tests/WebKit2Cocoa/WKWebViewEvaluateJavaScript.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210050 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoRemove a duplicate reference to ScrollingMomentumCalculatorMac.mm in the Xcode project
timothy_horton@apple.com [Wed, 21 Dec 2016 02:06:12 +0000 (02:06 +0000)]
Remove a duplicate reference to ScrollingMomentumCalculatorMac.mm in the Xcode project

Rubber-stamped by Sam Weinig.

* WebCore.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210049 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoThrow Exception when test doesn't clean up HID Events properly
commit-queue@webkit.org [Wed, 21 Dec 2016 01:10:28 +0000 (01:10 +0000)]
Throw Exception when test doesn't clean up HID Events properly
https://bugs.webkit.org/show_bug.cgi?id=166271

Patch by Megan Gardner <megan_gardner@apple.com> on 2016-12-20
Reviewed by Simon Fraser.

Add in a check when UIScriptController is deleted to make sure that the HID event
callback dictionary is empty. If it is not, and a HID event is hit, this will cause
the program to crash without any good information. Crashes are race-y, and will still
happen with malformed test, but the information will be much more helpful.

* DumpRenderTree/ios/UIScriptControllerIOS.mm:
(WTR::UIScriptController::checkForClean):
* TestRunnerShared/UIScriptContext/UIScriptContext.cpp:
(UIScriptContext::~UIScriptContext):
* TestRunnerShared/UIScriptContext/UIScriptController.cpp:
(WTR::UIScriptController::checkForClean):
* TestRunnerShared/UIScriptContext/UIScriptController.h:
* WebKitTestRunner/ios/HIDEventGenerator.h:
* WebKitTestRunner/ios/HIDEventGenerator.mm:
(-[HIDEventGenerator checkHIDCallbacksClear]):
* WebKitTestRunner/ios/TestControllerIOS.mm:
* WebKitTestRunner/ios/UIScriptControllerIOS.mm:
(WTR::UIScriptController::checkForClean):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210048 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: We should compile wasm functions in parallel
sbarati@apple.com [Wed, 21 Dec 2016 00:29:36 +0000 (00:29 +0000)]
WebAssembly: We should compile wasm functions in parallel
https://bugs.webkit.org/show_bug.cgi?id=165993

Reviewed by Keith Miller.

This patch adds a very simple parallel compiler for Wasm code.
This patch speeds up compiling the Unity headless benchmark by
slightly more than 4x on my MBP. To make this safe, I perform
all linking on the main thread. I also had to change some code
inside Wasmb3IRGenerator to be thread safe.

* b3/air/AirCustom.h:
(JSC::B3::Air::WasmBoundsCheckCustom::generate):
* b3/air/AirGenerationContext.h:
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::emitExceptionCheck):
(JSC::Wasm::createJSToWasmWrapper):
(JSC::Wasm::parseAndCompile):
* wasm/WasmB3IRGenerator.h:
* wasm/WasmCallingConvention.h:
(JSC::Wasm::CallingConvention::setupFrameInPrologue):
* wasm/WasmPlan.cpp:
(JSC::Wasm::Plan::parseAndValidateModule):
(JSC::Wasm::Plan::run):
* wasm/WasmPlan.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWeb Inspector: Window resize causes TimelineOverview graph elements to be repositioned
mattbaker@apple.com [Wed, 21 Dec 2016 00:15:53 +0000 (00:15 +0000)]
Web Inspector: Window resize causes TimelineOverview graph elements to be repositioned
https://bugs.webkit.org/show_bug.cgi?id=160207
<rdar://problem/27553228>

Reviewed by Brian Burg.

TimelineRuler does not always update its divider positions when the start
time changes while the end time remains the same. The check that determines
whether the first or last divider positions have changed before doing a
layout uses the ruler end time instead of calculating the last divider's
position, and would falsely determine no change was needed.

* UserInterface/Views/TimelineRuler.js:
(WebInspector.TimelineRuler.prototype.set startTime):
(WebInspector.TimelineRuler.prototype.set secondsPerPixel):
Clear cached divider data on zoom or scroll, forcing dividers to be recalculated.
(WebInspector.TimelineRuler.prototype.layout):
Calculate accurate divider count and last divider time.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoRemove initEvent quirk
achristensen@apple.com [Tue, 20 Dec 2016 23:53:48 +0000 (23:53 +0000)]
Remove initEvent quirk
https://bugs.webkit.org/show_bug.cgi?id=166284

Reviewed by Dan Bernstein.

LayoutTests/imported/w3c:

* web-platform-tests/dom/interfaces-expected.txt:
We regress conformance, but a change has been proposed to the spec. Hopefully this will be a temporary regression.

Source/WebCore:

We added this quirk in r207908 and expanded it in r209946 and r210034.
Many web compatibility issues have been found, which leads us to believe that many more exist.
This reverts the behavior to match how it was before r203848.
This change was proposed to the spec in https://github.com/whatwg/dom/issues/387

* dom/Event.cpp:
(WebCore::Event::initEventForBindings): Deleted.
* dom/Event.h:
* dom/Event.idl:
* platform/RuntimeApplicationChecks.h:
* platform/RuntimeApplicationChecks.mm:
(WebCore::IOSApplication::isBaiduNuomi): Deleted.
(WebCore::IOSApplication::isAutoNaviAMap): Deleted.
(WebCore::IOSApplication::isFlipboard): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210045 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoINDIE_UI: fix cmake build
achristensen@apple.com [Tue, 20 Dec 2016 23:42:25 +0000 (23:42 +0000)]
INDIE_UI: fix cmake build
https://bugs.webkit.org/show_bug.cgi?id=166288

Patch by JF Bastien <jfbastien@apple.com> on 2016-12-20
Reviewed by Mark Lam.

Bug #165881 didn't remove a file from cmake.

* PlatformMac.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210044 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoFix clean Windows build after r210029
achristensen@apple.com [Tue, 20 Dec 2016 23:34:39 +0000 (23:34 +0000)]
Fix clean Windows build after r210029
https://bugs.webkit.org/show_bug.cgi?id=165881

* DerivedSources.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210043 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoAddress some style problems found by static analysis
bfulgham@apple.com [Tue, 20 Dec 2016 23:32:58 +0000 (23:32 +0000)]
Address some style problems found by static analysis
https://bugs.webkit.org/show_bug.cgi?id=165975

Reviewed by Alex Christensen.

Source/JavaScriptCore:

Correct the const-correctness of functions that are implemented using stricter
const declarations.

* inspector/agents/InspectorDebuggerAgent.h:
* inspector/agents/InspectorHeapAgent.cpp:
* inspector/agents/InspectorHeapAgent.h:
* inspector/agents/InspectorRuntimeAgent.h:
* inspector/agents/InspectorScriptProfilerAgent.cpp:
* inspector/agents/InspectorScriptProfilerAgent.h:
* inspector/scripts/codegen/cpp_generator.py:
(cpp_type_for_unchecked_formal_in_parameter): Update to match const declarations of
implementation files.
* inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
Rebaselined results for "const Ptr* const" syntax.

Source/WebCore:

Correct the const-correctness of functions that are implemented using stricter
const declarations.

Avoid passing large ANGLE data structures through the ANGLEWebKitBridge methods.

* inspector/InspectorCSSAgent.h: Declare the method overrides properly to match
the stricter const declarations in the implementation files.
* inspector/InspectorDOMAgent.h: Ditto.
* inspector/InspectorPageAgent.h: Ditto.
* inspector/InspectorTimelineAgent.h: Ditto.
* inspector/PageDebuggerAgent.h: Ditto.
* platform/graphics/ANGLEWebKitBridge.cpp:
(WebCore::ANGLEWebKitBridge::setResources): Pass by const reference.
* platform/graphics/ANGLEWebKitBridge.h:
(WebCore::ANGLEWebKitBridge::getResources): Return a const reference.
* platform/mediastream/RealtimeMediaSource.cpp:
(WebCore::RealtimeMediaSource::selectSettings): Use a lambda that takes
a const reference, rather than copying the maps while searching.

Source/WebKit2:

Avoid passing large ANGLE data structures through the ANGLEWebKitBridge methods.

* Shared/WebBackForwardListItem.cpp:
(WebKit::WebBackForwardListItem::create):
(WebKit::WebBackForwardListItem::WebBackForwardListItem):
* Shared/WebBackForwardListItem.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210042 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[iOS WK2] Switching or closing a tab leads to all-white tab content if the status...
simon.fraser@apple.com [Tue, 20 Dec 2016 23:32:28 +0000 (23:32 +0000)]
[iOS WK2] Switching or closing a tab leads to all-white tab content if the status bar is double height
https://bugs.webkit.org/show_bug.cgi?id=166286
rdar://problem/29593525

Reviewed by Tim Horton.

A double-height status bar triggers view resize while snapshotting in the background,
which also triggers calls to _endAnimatedResize on tab resume. However, it was possible
for _endAnimatedResize to re-enter via synchronizeDynamicViewportUpdate()/didCommitLayerTree(),
causing us to use a nil _resizeAnimationView for scale computations, thus setting a zero
scale on the WKContentView.

Fix by checking _dynamicViewportUpdateMode again after the call to synchronizeDynamicViewportUpdate(),
and do a belt-and-braces check for a nil _resizeAnimationView.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _endAnimatedResize]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210041 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoRemove an ANGLE Markdown file from the ANGLE target
timothy_horton@apple.com [Tue, 20 Dec 2016 23:31:10 +0000 (23:31 +0000)]
Remove an ANGLE Markdown file from the ANGLE target
https://bugs.webkit.org/show_bug.cgi?id=166279

Reviewed by Alex Christensen.

* ANGLE.xcodeproj/project.pbxproj:
We don't need to build this, it's not source code.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210040 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoRebaseline js/dom/global-constructors-attributes.html for mac-wk1.
ryanhaddad@apple.com [Tue, 20 Dec 2016 23:07:06 +0000 (23:07 +0000)]
Rebaseline js/dom/global-constructors-attributes.html for mac-wk1.

Unreviewed test gardening.

* platform/mac-wk1/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210039 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoWebAssembly: construct 32-bit encodedJSValue properly
jfbastien@apple.com [Tue, 20 Dec 2016 22:16:28 +0000 (22:16 +0000)]
WebAssembly: construct 32-bit encodedJSValue properly
https://bugs.webkit.org/show_bug.cgi?id=166199

Reviewed by Mark Lam.

Constructing an encodedJSValue using `{ }` yields the wrong value
on 32-bit platforms. WebAssembly doesn't currently target 32-bit
platforms, but we may as well get it right.

* wasm/JSWebAssembly.cpp:
(JSC::webAssemblyCompileFunc):
(JSC::webAssemblyValidateFunc):
* wasm/js/JSWebAssemblyHelpers.h:
(JSC::toNonWrappingUint32):
* wasm/js/WebAssemblyCompileErrorConstructor.cpp:
(JSC::constructJSWebAssemblyCompileError):
* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction):
* wasm/js/WebAssemblyInstanceConstructor.cpp:
(JSC::constructJSWebAssemblyInstance):
* wasm/js/WebAssemblyMemoryConstructor.cpp:
(JSC::constructJSWebAssemblyMemory):
* wasm/js/WebAssemblyModuleConstructor.cpp:
(JSC::constructJSWebAssemblyModule):
* wasm/js/WebAssemblyRuntimeErrorConstructor.cpp:
(JSC::constructJSWebAssemblyRuntimeError):
* wasm/js/WebAssemblyTableConstructor.cpp:
(JSC::constructJSWebAssemblyTable):
* wasm/js/WebAssemblyTablePrototype.cpp:
(JSC::webAssemblyTableProtoFuncLength):
(JSC::webAssemblyTableProtoFuncGrow):
(JSC::webAssemblyTableProtoFuncGet):
(JSC::webAssemblyTableProtoFuncSet):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210038 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years ago[WebIDL] Remove custom binding for WorkerGlobalScope::importScripts
weinig@apple.com [Tue, 20 Dec 2016 22:16:11 +0000 (22:16 +0000)]
[WebIDL] Remove custom binding for WorkerGlobalScope::importScripts
https://bugs.webkit.org/show_bug.cgi?id=166243

Reviewed by Alex Christensen.

* bindings/js/JSWorkerGlobalScopeCustom.cpp:
(WebCore::JSWorkerGlobalScope::importScripts): Deleted.
* workers/WorkerGlobalScope.idl:
Import scripts can now be trivially generated.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210037 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoUpdate keyword completions in the inspector for the new scroll snapping CSS properties
wenson_hsieh@apple.com [Tue, 20 Dec 2016 21:57:22 +0000 (21:57 +0000)]
Update keyword completions in the inspector for the new scroll snapping CSS properties
https://bugs.webkit.org/show_bug.cgi?id=166235

Reviewed by Joseph Pecoraro.

The CSS keyword completions for the scroll snapping properties need to be updated for the latest version of the spec.

* UserInterface/Models/CSSKeywordCompletions.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210036 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2 years agoSVG elements should inherit the root's flow thread state.
zalan@apple.com [Tue, 20 Dec 2016 21:47:31 +0000 (21:47 +0000)]
SVG elements should inherit the root's flow thread state.
https://bugs.webkit.org/show_bug.cgi?id=166173
rdar://problem/29704862

Reviewed by Simon Fraser.

Source/WebCore:

When the <svg> is not part of the multicolumn context (out of flow positioning), its descendants should not be in the flow either.

Test: fast/multicol/svg-inside-multicolumn.html

* rendering/RenderObject.cpp:
(WebCore::RenderObject::computedFlowThreadState):
* rendering/RenderObject.h:
(WebCore::RenderObject::isProgress):
(WebCore::RenderObject::isRenderSVGBlock):
* rendering/svg/RenderSVGBlock.h:

LayoutTests:

* fast/multicol/svg-inside-multicolumn-expected.txt: Added.
* fast/multicol/svg-inside-multicolumn.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210035 268f45cc-cd09-0410-ab3c-d52691b4dbfc