WebKit-https.git
3 years ago[Win] jsc.exe sometimes never exits.
pvollan@apple.com [Tue, 3 Jan 2017 10:24:38 +0000 (10:24 +0000)]
[Win] jsc.exe sometimes never exits.
https://bugs.webkit.org/show_bug.cgi?id=158073

Reviewed by Darin Adler.

On Windows the thread specific destructor is also called when the main thread is exiting.
This may lead to the main thread waiting forever for the machine thread lock when exiting,
if the sampling profiler thread was terminated by the system while holding the machine
thread lock.

* heap/MachineStackMarker.cpp:
(JSC::MachineThreads::removeThread):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210237 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[Win] Some xmlhttprequest tests are failing.
pvollan@apple.com [Tue, 3 Jan 2017 10:05:52 +0000 (10:05 +0000)]
[Win] Some xmlhttprequest tests are failing.
https://bugs.webkit.org/show_bug.cgi?id=166638

Reviewed by Darin Adler.

The tests are failing because the request timeout is set to zero.
When the timeout is set to zero, we should use the default timeout.

* platform/network/cf/ResourceRequestCFNet.cpp:
(WebCore::ResourceRequest::doUpdatePlatformRequest):
(WebCore::ResourceRequest::doUpdatePlatformHTTPBody):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210236 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientC...
carlosgc@webkit.org [Tue, 3 Jan 2017 09:08:21 +0000 (09:08 +0000)]
[SOUP] Load options allowStoredCredentials = DoNotAllowStoredCredentials with clientCredentialPolicy = MayAskClientForCredentials doesn't work
https://bugs.webkit.org/show_bug.cgi?id=164471

Reviewed by Michael Catanzaro.

When DoNotAllowStoredCredentials is used we disable the SoupAuthManager feature for the message, but that
disables all HTTP authentication, causing the load to always fail with Authorization required even when
clientCredentialPolicy allows to ask the user for credentials. The problem is that even if we don't use the
WebCore credentials for that request, libsoup will always use its internal cache of SoupAuth if we enable the
SoupAuthManager feature. Libsoup 2.57.1 has new API to disable the use of cached credentials for a particular
message, adding the new message flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE.

* NetworkProcess/soup/NetworkDataTaskSoup.cpp:
(WebKit::NetworkDataTaskSoup::createRequest): Set SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE flag to disable cached
credentials for the message if libsoup >= 2.57.1 is used.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210235 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] HTTP auth layout tests are flaky
carlosgc@webkit.org [Tue, 3 Jan 2017 09:04:20 +0000 (09:04 +0000)]
[GTK] HTTP auth layout tests are flaky
https://bugs.webkit.org/show_bug.cgi?id=158919

Reviewed by Michael Catanzaro.

Source/WebKit2:

Implement NetworkSession::clearCredentials() for soup using the new libsoup API when available.

* NetworkProcess/soup/NetworkSessionSoup.cpp:
(WebKit::NetworkSessionSoup::clearCredentials):
* NetworkProcess/soup/NetworkSessionSoup.h:

Tools:

* gtk/jhbuild.modules: Update libsoup to version 2.57.1.
* gtk/jhbuildrc: Stop passing --enable-introspection unconditionally to all modules. We don't really need
introspection for the dependencies in the internal build, and it makes newer libsoup build fail because of
missing valac in the bots.

LayoutTests:

Unskip tests that should pass now.

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210234 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoREGRESSION(r173753): [GTK] Source/WebKit is distributed in tarballs
carlosgc@webkit.org [Tue, 3 Jan 2017 08:14:58 +0000 (08:14 +0000)]
REGRESSION(r173753): [GTK] Source/WebKit is distributed in tarballs
https://bugs.webkit.org/show_bug.cgi?id=165797

Reviewed by Michael Catanzaro.

Move directory ruleset after all exclude rules of Source rulset.

* gtk/manifest.txt.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210233 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRemove sh4 specific code from JavaScriptCore
julien.brianceau@gmail.com [Tue, 3 Jan 2017 08:14:44 +0000 (08:14 +0000)]
Remove sh4 specific code from JavaScriptCore
https://bugs.webkit.org/show_bug.cgi?id=166640

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

sh4-specific code does not compile for a while (r189884 at least).
As nobody seems to have interest in this architecture anymore, let's
remove this dead code and thus ease the burden for JSC maintainers.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::Jump::Jump):
(JSC::AbstractMacroAssembler::Jump::link):
* assembler/MacroAssembler.h:
* assembler/MacroAssemblerSH4.h: Removed.
* assembler/MaxFrameExtentForSlowPathCall.h:
* assembler/SH4Assembler.h: Removed.
* bytecode/DOMJITAccessCasePatchpointParams.cpp:
(JSC::SlowPathCallGeneratorWithArguments::generateImpl):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::debugCall):
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):
(JSC::CCallHelpers::prepareForTailCallSlow):
* jit/CallFrameShuffler.cpp:
(JSC::CallFrameShuffler::prepareForTailCall):
* jit/ExecutableAllocator.h:
* jit/FPRInfo.h:
* jit/GPRInfo.h:
* jit/JITInlines.h:
(JSC::JIT::callOperation):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::privateCompileCTINativeCall):
* jit/JITOperations.cpp:
* jit/RegisterSet.cpp:
(JSC::RegisterSet::llintBaselineCalleeSaveRegisters):
(JSC::RegisterSet::dfgCalleeSaveRegisters):
* jit/ThunkGenerators.cpp:
(JSC::nativeForGenerator):
* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
* llint/LLIntOfflineAsmConfig.h:
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* offlineasm/backends.rb:
* offlineasm/instructions.rb:
* offlineasm/sh4.rb: Removed.
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::generateEnter):
(JSC::Yarr::YarrGenerator::generateReturn):

Source/WTF:

* wtf/Platform.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210232 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, follow-up fix for r210227
utatane.tea@gmail.com [Tue, 3 Jan 2017 02:56:11 +0000 (02:56 +0000)]
Unreviewed, follow-up fix for r210227
https://bugs.webkit.org/show_bug.cgi?id=166586

Suggested in the above bug.

* bindings/scripts/StaticString.pm:
(GenerateStrings):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210231 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoLeverage Substring to create new AtomicStringImpl for StaticStringImpl and SymbolImpl
utatane.tea@gmail.com [Tue, 3 Jan 2017 02:40:45 +0000 (02:40 +0000)]
Leverage Substring to create new AtomicStringImpl for StaticStringImpl and SymbolImpl
https://bugs.webkit.org/show_bug.cgi?id=166636

Reviewed by Darin Adler.

Source/WTF:

Previously we always create the full atomic string if we need to create the same string
based on the given value. For example, when generating AtomicStringImpl from the SymbolImpl,
we need to create a new AtomicStringImpl since SymbolImpl never becomes `isAtomic() == true`.
But it is costly.

This patch leverages the substring system of StringImpl. Instead of allocating the completely
duplicate string, we create a substring StringImpl that shares the same content with the
base string.

* wtf/text/AtomicStringImpl.cpp:
(WTF::stringTable):
(WTF::addToStringTable):
(WTF::addSubstring):
(WTF::AtomicStringImpl::addSlowCase):
(WTF::AtomicStringImpl::remove):
(WTF::AtomicStringImpl::lookUpSlowCase):
* wtf/text/StringImpl.h:
(WTF::StringImpl::StaticStringImpl::operator StringImpl&):

Tools:

* TestWebKitAPI/Tests/WTF/StringImpl.cpp:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210230 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: handle and optimize wasm export → wasm import calls
jfbastien@apple.com [Tue, 3 Jan 2017 01:57:40 +0000 (01:57 +0000)]
WebAssembly: handle and optimize wasm export → wasm import calls
https://bugs.webkit.org/show_bug.cgi?id=165282

Reviewed by Saam Barati.

JSTests:

* wasm/Builder.js: Add a Proxy to Builder.js, which intercepts
unknown property lookups. This creates way better error messages
on typos than 'undefined is not a function', which happens
semi-frequently as I typo opcode names (and which one is a typo is
hard to find because we chain builders).
(const._isValidValue):
(get target):
(const._importFunctionContinuation):
(const._importMemoryContinuation):
(const._importTableContinuation):
(const._exportFunctionContinuation):
(export.default.Builder.prototype._registerSectionBuilders.const.section.in.WASM.description.section.switch.section.case.string_appeared_here.this.section):
(export.default.Builder.prototype._registerSectionBuilders.this.Unknown):
* wasm/LowLevelBinary.js: Add limited support for var{u}int64 (only the 32-bit values)
(export.default.LowLevelBinary.prototype.varint32):
(export.default.LowLevelBinary.prototype.varuint64):
(export.default.LowLevelBinary.prototype.varint64):
* wasm/function-tests/exceptions.js: update error message
* wasm/function-tests/trap-load.js: update error message
* wasm/function-tests/trap-store.js: update error message
* wasm/js-api/wasm-to-wasm-bad-signature.js: Added. Test a bunch of bad wasm->wasm import signatures
(const.makeImportee.signature.switch):
(BadSignatureDropStartParams):
* wasm/js-api/wasm-to-wasm.js: Added. Test 64-bit wasm->wasm import calls
(const.callerModule):
(const.calleeModule):
(WasmToWasm):

Source/JavaScriptCore:

  - Add a new JSType for WebAssemblyFunction, and use it when creating its
    structure. This will is used to quickly detect from wasm whether the import
    call is to another wasm module, or whether it's to JS.
  - Generate two stubs from the import stub generator: one for wasm->JS and one
    for wasm -> wasm. This is done at Module time. Which is called will only be
    known at Instance time, once we've received the import object. We want to
    avoid codegen at Instance time, so having both around is great.
  - Restore the WebAssembly global state (VM top Instance, and pinned registers)
    after call / call_indirect, and in the JS->wasm entry stub.
  - Pinned registers are now a global thing, not per-Memory, because the wasm ->
    wasm stubs are generated at Module time where we don't really have enough
    information to do the right thing (doing so would generate too much code).

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/JSType.h: add WebAssemblyFunctionType as a JSType
* wasm/WasmB3IRGenerator.cpp: significantly rework how calls which
could be external work, and how we save / restore global state:
VM's top Instance, and pinned registers
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::getMemoryBaseAndSize):
(JSC::Wasm::restoreWebAssemblyGlobalState):
(JSC::Wasm::createJSToWasmWrapper):
(JSC::Wasm::parseAndCompile):
* wasm/WasmB3IRGenerator.h:
* wasm/WasmBinding.cpp:
(JSC::Wasm::materializeImportJSCell):
(JSC::Wasm::wasmToJS):
(JSC::Wasm::wasmToWasm): the main goal of this patch was adding this function
(JSC::Wasm::exitStubGenerator):
* wasm/WasmBinding.h:
* wasm/WasmFormat.h: Get rid of much of the function index space:
we already have all of its information elsewhere, and as-is it
provides no extra efficiency.
(JSC::Wasm::ModuleInformation::functionIndexSpaceSize):
(JSC::Wasm::ModuleInformation::isImportedFunctionFromFunctionIndexSpace):
(JSC::Wasm::ModuleInformation::signatureIndexFromFunctionIndexSpace):
* wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::FunctionParser):
* wasm/WasmMemory.cpp: Add some logging.
(JSC::Wasm::Memory::dump): this was nice when debugging
(JSC::Wasm::Memory::makeString):
(JSC::Wasm::Memory::Memory):
(JSC::Wasm::Memory::~Memory):
(JSC::Wasm::Memory::grow):
* wasm/WasmMemory.h: don't use extra indirection, it wasn't
needed. Reorder some of the fields which are looked up at runtime
so they're more cache-friendly.
(JSC::Wasm::Memory::Memory):
(JSC::Wasm::Memory::mode):
(JSC::Wasm::Memory::offsetOfSize):
* wasm/WasmMemoryInformation.cpp: Pinned registers are now a
global thing for all of JSC, not a per-Memory thing
anymore. wasm->wasm calls are more complex otherwise: they have to
figure out how to bridge between the caller and callee's
special-snowflake pinning.
(JSC::Wasm::PinnedRegisterInfo::get):
(JSC::Wasm::PinnedRegisterInfo::PinnedRegisterInfo):
(JSC::Wasm::MemoryInformation::MemoryInformation):
* wasm/WasmMemoryInformation.h:
* wasm/WasmModuleParser.cpp:
* wasm/WasmModuleParser.h:
* wasm/WasmPageCount.cpp: Copied from Source/JavaScriptCore/wasm/WasmBinding.h.
(JSC::Wasm::PageCount::dump): nice for debugging
* wasm/WasmPageCount.h:
* wasm/WasmPlan.cpp:
(JSC::Wasm::Plan::parseAndValidateModule):
(JSC::Wasm::Plan::run):
* wasm/WasmPlan.h:
(JSC::Wasm::Plan::takeWasmExitStubs):
* wasm/WasmSignature.cpp:
(JSC::Wasm::Signature::toString):
(JSC::Wasm::Signature::dump):
* wasm/WasmSignature.h:
* wasm/WasmValidate.cpp:
(JSC::Wasm::validateFunction):
* wasm/WasmValidate.h:
* wasm/js/JSWebAssemblyInstance.h:
(JSC::JSWebAssemblyInstance::offsetOfTable):
(JSC::JSWebAssemblyInstance::offsetOfImportFunctions):
(JSC::JSWebAssemblyInstance::offsetOfImportFunction):
* wasm/js/JSWebAssemblyMemory.cpp:
(JSC::JSWebAssemblyMemory::create):
(JSC::JSWebAssemblyMemory::JSWebAssemblyMemory):
(JSC::JSWebAssemblyMemory::buffer):
(JSC::JSWebAssemblyMemory::grow):
* wasm/js/JSWebAssemblyMemory.h:
(JSC::JSWebAssemblyMemory::memory):
(JSC::JSWebAssemblyMemory::offsetOfMemory):
(JSC::JSWebAssemblyMemory::offsetOfSize):
* wasm/js/JSWebAssemblyModule.cpp:
(JSC::JSWebAssemblyModule::create):
(JSC::JSWebAssemblyModule::JSWebAssemblyModule):
* wasm/js/JSWebAssemblyModule.h:
(JSC::JSWebAssemblyModule::signatureIndexFromFunctionIndexSpace):
(JSC::JSWebAssemblyModule::functionImportCount):
* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction):
(JSC::WebAssemblyFunction::create):
(JSC::WebAssemblyFunction::createStructure):
(JSC::WebAssemblyFunction::WebAssemblyFunction):
(JSC::WebAssemblyFunction::finishCreation):
* wasm/js/WebAssemblyFunction.h:
(JSC::WebAssemblyFunction::wasmEntrypoint):
(JSC::WebAssemblyFunction::offsetOfInstance):
(JSC::WebAssemblyFunction::offsetOfWasmEntryPointCode):
* wasm/js/WebAssemblyInstanceConstructor.cpp:
(JSC::constructJSWebAssemblyInstance): always start with a dummy
memory, so wasm->wasm calls don't need to null-check
* wasm/js/WebAssemblyMemoryConstructor.cpp:
(JSC::constructJSWebAssemblyMemory):
* wasm/js/WebAssemblyModuleConstructor.cpp:
(JSC::WebAssemblyModuleConstructor::createModule):
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):
(JSC::WebAssemblyModuleRecord::evaluate):
* wasm/js/WebAssemblyModuleRecord.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210229 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Some loads don't take into account the offset
sbarati@apple.com [Tue, 3 Jan 2017 00:32:05 +0000 (00:32 +0000)]
WebAssembly: Some loads don't take into account the offset
https://bugs.webkit.org/show_bug.cgi?id=166616
<rdar://problem/29841541>

Reviewed by Keith Miller.

JSTests:

* wasm/function-tests/load-offset.js: Added.

Source/JavaScriptCore:

* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::emitLoadOp):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210228 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUse StaticStringImpl instead of StaticASCIILiteral
utatane.tea@gmail.com [Mon, 2 Jan 2017 21:22:19 +0000 (21:22 +0000)]
Use StaticStringImpl instead of StaticASCIILiteral
https://bugs.webkit.org/show_bug.cgi?id=166586

Reviewed by Darin Adler.

Source/WebCore:

* bindings/scripts/StaticString.pm:
(GenerateStrings):

Source/WTF:

It is more handy way to define static StringImpl. It calculates the length
and hash value by using the constexpr constructor and function. So we do
not need to calculate these things in Perl script.
And it allows us to use StaticStringImpl in the hand written C++ code.
Previously, we need to calculate the length and hash value by hand if we
would like to use StaticASCIILiteral in the hand written C++ code, and it
meant that we cannot use it at all in the hand written C++ code.

* wtf/text/AtomicStringImpl.cpp:
(WTF::AtomicStringImpl::addSlowCase):
(WTF::AtomicStringImpl::lookUpSlowCase):
* wtf/text/AtomicStringImpl.h:
* wtf/text/StringImpl.h:
* wtf/text/SymbolImpl.h:
* wtf/text/UniquedStringImpl.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210227 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDrop the render tree for documents in the page cache.
akling@apple.com [Mon, 2 Jan 2017 21:16:09 +0000 (21:16 +0000)]
Drop the render tree for documents in the page cache.
<https://webkit.org/b/121798>

Reviewed by Antti Koivisto.

To save memory and reduce complexity, have documents tear down their render tree
when entering the page cache. I've wanted to do this for a long time and it seems
like we can actually do it now.

This patch will enable a number of clean-ups since it's no longer valid for renderers
to exist while the document is in page cache.

* dom/Document.cpp:
(WebCore::Document::destroyRenderTree): Remove assertion that we're not in the page cache
since we will now be tearing down render trees right as they enter the page cache.

* dom/PageCache.cpp:
(WebCore::destroyRenderTree):
(WebCore::PageCache::addIfCacheable): Tear down the render tree right before setting
the in-cache flag. The render tree is destroyed in bottom-up order to ensure that the
main frame renderers die last.

* history/CachedFrame.cpp:
(WebCore::CachedFrameBase::restore):
* page/FrameView.h:
* page/FrameView.cpp:
(WebCore::FrameView::didRestoreFromPageCache): Update the scollable area set after restoring
a frame from the page cache. This dirties the scrolling tree, which was covered by tests.

* page/animation/AnimationBase.cpp:
(WebCore::AnimationBase::setNeedsStyleRecalc):
* page/animation/AnimationController.cpp:
(WebCore::AnimationController::cancelAnimations): Make these no-ops if called
while the render tree is being torn down. This fixes some assertion failures
on layout tests and avoids pointless style invalidation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210226 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] WebCore/CSSParser unit test is not being built
rego@igalia.com [Mon, 2 Jan 2017 16:41:11 +0000 (16:41 +0000)]
[GTK] WebCore/CSSParser unit test is not being built
https://bugs.webkit.org/show_bug.cgi?id=166492

Reviewed by Michael Catanzaro.

This test was introduced in r175930, but we were not building
it on GTK+ port since r176015.
This patch marks the test to be built again on GTK+.
JFTR, the test is passing right now.

* TestWebKitAPI/PlatformGTK.cmake: Add CSSParser.cpp test file and use
ADD_WHOLE_ARCHIVE_TO_LIBRARIES to avoid linking errors.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210225 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDiscard media controls JS/CSS caches under memory pressure.
akling@apple.com [Mon, 2 Jan 2017 15:36:41 +0000 (15:36 +0000)]
Discard media controls JS/CSS caches under memory pressure.
<https://webkit.org/b/166639>

Reviewed by Antti Koivisto.

Source/WebCore:

Add a RenderTheme::purgeCaches() virtual and teach the iOS and macOS implementations
to drop their cached media controls JS/CSS strings there. The strings are only cleared
if nothing else is referencing them, which gives us a decent "weak cache" behavior.

This sheds ~300kB memory on iOS with the current media controls.

* page/MemoryRelease.cpp:
(WebCore::releaseNoncriticalMemory):
* rendering/RenderTheme.h:
(WebCore::RenderTheme::purgeCaches):
* rendering/RenderThemeIOS.h:
* rendering/RenderThemeIOS.mm:
(WebCore::RenderThemeIOS::purgeCaches):
* rendering/RenderThemeMac.h:
* rendering/RenderThemeMac.mm:
(WebCore::RenderThemeMac::purgeCaches):

Source/WTF:

* wtf/text/WTFString.h:
(WTF::String::clearImplIfNotShared): Add a helper for clearing a String if the underlying
StringImpl is not referenced by anyone else.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210224 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] Since the memory pressure relief has been activated, my disk has a high usage...
carlosgc@webkit.org [Mon, 2 Jan 2017 13:54:17 +0000 (13:54 +0000)]
[GTK] Since the memory pressure relief has been activated, my disk has a high usage and the desktop stalls
https://bugs.webkit.org/show_bug.cgi?id=164052

Reviewed by Michael Catanzaro.

Check how much memory is freed by the memory pressure handler and wait for a long time if we didn't free that
much.

* platform/linux/MemoryPressureHandlerLinux.cpp:
(WebCore::MemoryPressureHandler::EventFDPoller::EventFDPoller):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210223 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAX: Expose block quote level to iOS API
cfleizach@apple.com [Mon, 2 Jan 2017 09:02:12 +0000 (09:02 +0000)]
AX: Expose block quote level to iOS API
https://bugs.webkit.org/show_bug.cgi?id=166629
<rdar://problem/29834793>

Reviewed by Darin Adler.

Source/WebCore:

Expose the blockquote level to iOS Accessbility API.
Change the return type of blockquote level to unsigned.

Test: accessibility/ios-simulator/blockquote-level.html

* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::blockquoteLevel):
* accessibility/AccessibilityObject.h:
* accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper accessibilityBlockquoteLevel]):
* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

Tools:

* DumpRenderTree/ios/AccessibilityUIElementIOS.mm:
(AccessibilityUIElement::numberAttributeValue):
* WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:
(WTR::AccessibilityUIElement::numberAttributeValue):

LayoutTests:

* accessibility/ios-simulator/blockquote-level-expected.txt: Added.
* accessibility/ios-simulator/blockquote-level.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210222 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUpdate user-visible copyright strings to include 2017
jeffm@apple.com [Sun, 1 Jan 2017 20:23:01 +0000 (20:23 +0000)]
Update user-visible copyright strings to include 2017
https://bugs.webkit.org/show_bug.cgi?id=166278

Reviewed by Dan Bernstein.

Source/JavaScriptCore:

* Info.plist:

Source/WebCore:

* Info.plist:

Source/WebKit/mac:

* Info.plist:

Source/WebKit2:

* DatabaseProcess/EntryPoint/mac/XPCService/DatabaseService/Info.plist:
* Info.plist:
* NetworkProcess/EntryPoint/mac/XPCService/NetworkService/Info-OSX-10.9-10.10.plist:
* NetworkProcess/EntryPoint/mac/XPCService/NetworkService/Info-OSX.plist:
* NetworkProcess/EntryPoint/mac/XPCService/NetworkService/Info-iOS.plist:
* PluginProcess/EntryPoint/mac/XPCService/PluginService.32-64-10.9-10.10.Info.plist:
* PluginProcess/EntryPoint/mac/XPCService/PluginService.32-64.Info.plist:
* WebProcess/EntryPoint/mac/XPCService/WebContentService/Info-OSX-10.9-10.10.plist:
* WebProcess/EntryPoint/mac/XPCService/WebContentService/Info-OSX.plist:
* WebProcess/EntryPoint/mac/XPCService/WebContentService/Info-iOS.plist:

WebKitLibraries:

* win/tools/scripts/COPYRIGHT-END-YEAR:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210221 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoGraphicsContextCairo: setMiterLimit() is missing the DisplayListRecorder diversion
zandobersek@gmail.com [Sun, 1 Jan 2017 16:46:34 +0000 (16:46 +0000)]
GraphicsContextCairo: setMiterLimit() is missing the DisplayListRecorder diversion
https://bugs.webkit.org/show_bug.cgi?id=166539

Reviewed by Michael Catanzaro.

* platform/graphics/cairo/GraphicsContextCairo.cpp:
(WebCore::GraphicsContext::setMiterLimit): Call the setMiterLimit() method on the
m_displayListRecorder object when the GraphicsContext object is in recording mode.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210220 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoClean up GraphicsContext3D forward declarations, header inclusion
zandobersek@gmail.com [Sun, 1 Jan 2017 16:15:04 +0000 (16:15 +0000)]
Clean up GraphicsContext3D forward declarations, header inclusion
https://bugs.webkit.org/show_bug.cgi?id=166537

Reviewed by Alex Christensen.

Remove two unnecessary GraphicsContext3D forward declarations from the
EmptyClients and ChromeClient header files, and remove the unnecessary
GraphicsContext3D.h header inclusion from RenderLayerBacking.

No changes in behavior.

* loader/EmptyClients.h:
* page/ChromeClient.h:
* rendering/RenderLayerBacking.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210219 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoSecurityOrigin::create triplet constructor does not canonicalize port
mcatanzaro@igalia.com [Sun, 1 Jan 2017 00:48:19 +0000 (00:48 +0000)]
SecurityOrigin::create triplet constructor does not canonicalize port
https://bugs.webkit.org/show_bug.cgi?id=166624

Reviewed by Daniel Bates.

Source/WebCore:

It is currently possible to create two different unequal SecurityOrigin objects that
represent the same security origin. The SecurityOrigin create functions that take URL and
String parameters convert the port to nullopt if it is the default port for the protocol,
but the separate protocol/host/port constructor doesn't. Change it to parallel the other
constructors.

* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::create):
* page/SecurityOrigin.h: Export isSameOriginAs for use by tests.

Tools:

* TestWebKitAPI/PlatformGTK.cmake:
* TestWebKitAPI/PlatformWin.cmake:
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp: Added.
(TestWebKitAPI::SecurityOriginTest::SetUp):
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210218 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRemove setDOMException and a few custom bindings
darin@apple.com [Sat, 31 Dec 2016 09:57:11 +0000 (09:57 +0000)]
Remove setDOMException and a few custom bindings
https://bugs.webkit.org/show_bug.cgi?id=166002

Reviewed by Sam Weinig.

* CMakeLists.txt: Removed JSFileReaderCustom.cpp.

* WebCore.xcodeproj/project.pbxproj: Removed JSFileReaderCustom.cpp.

* bindings/js/CallbackFunction.cpp:
(WebCore::checkFunctionOnlyCallback): Use throwTypeMismatchError instead
of calling setDOMException with TYPE_MISMATCH_ERR.

* bindings/js/JSBindingsAllInOne.cpp: Removed JSFileReaderCustom.cpp.

* bindings/js/JSCSSStyleDeclarationCustom.cpp:
(WebCore::JSCSSStyleDeclaration::putDelegate): Pass a throw scope in to
propagateException.

* bindings/js/JSCryptoAlgorithmDictionary.cpp:
(WebCore::JSCryptoAlgorithmDictionary::parseAlgorithmIdentifier):
Renamed from getAlgorithmIdentifier. Got rid of bool return value, instead
use a conventional return value and conventional JavaScript exception
handling. Added a ThrowScope argument.
(WebCore::optionalHashAlgorithm): Added. Returns an optional hash algorithm.
Also makes the same changes as above, conventional exception handling and
ThrowScope argument.
(WebCore::requiredHashAlgorithm): Added. Like the above but throws an
exception if the algorithm is omitted.
(WebCore::getHashAlgorithm): Deleted. Replaced by the two functions above.
(WebCore::createAesCbcParams): Updated for above changes.
(WebCore::createHmacParams): Ditto.
(WebCore::createHmacKeyParams): Ditto.
(WebCore::createRsaKeyGenParams): Ditto.
(WebCore::createRsaOaepParams): Ditto.
(WebCore::createRsaSsaParams): Ditto.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForEncrypt): Added
a ThrowScope argument, and changed to use throwNotSupportedError instead
of setDOMException with NOT_SUPPORTED_ERROR.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForDecrypt): Ditto.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForSign): Ditto.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForVerify):
(WebCore::JSCryptoAlgorithmDictionary::createParametersForDigest): Ditto.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForGenerateKey): Ditto.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForDeriveKey): Ditto.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForDeriveBits): Ditto.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey): Ditto.
(WebCore::JSCryptoAlgorithmDictionary::createParametersForExportKey): Ditto.
* bindings/js/JSCryptoAlgorithmDictionary.h: Updated for the above changes.

* bindings/js/JSCryptoOperationData.cpp:
(WebCore::cryptoOperationDataFromJSValue): Got rid of bool return value and
instead use a conventional return value and conventional JS exception handling.
Added a ThrowScope argument.
* bindings/js/JSCryptoOperationData.h: Updated for the above.

* bindings/js/JSCustomXPathNSResolver.cpp:
(WebCore::JSCustomXPathNSResolver::create): Use ExceptionOr.
(WebCore::JSCustomXPathNSResolver::JSCustomXPathNSResolver): Take a VM&
rather than an ExecState*.
* bindings/js/JSCustomXPathNSResolver.h: Updated for the changes above.
Also marked class final and fixed indentation.

* bindings/js/JSDOMBinding.cpp:
(WebCore::createDOMException): Updated comment.
(WebCore::throwDOMException): Deleted.
(WebCore::propagateException): Deleted non-inline overload that does not take
a throw scope, now that all callers pass a throw scope.
(WebCore::setDOMExceptionSlow): Deleted.
(WebCore::setDOMException): Deleted.
(WebCore::throwNotSupportedError): Added.
(WebCore::throwDOMSyntaxError): Added.
(WebCore::throwDataCloneError): Added.
(WebCore::throwIndexSizeError): Added.
(WebCore::throwTypeMismatchError): Added.
* bindings/js/JSDOMBinding.h: Updated for the additions and removals
above. Also grouped the standard DOM exception throwing functions separately
from the special ones for getters and setters, and sorted them alphabetically.

* bindings/js/JSDataCueCustom.cpp:
(WebCore::createJSDataCue): Added, helper function for the below.
(WebCore::constructJSDataCue): Tightened and tweaked a bit.

* bindings/js/JSFileReaderCustom.cpp: Removed.

* bindings/js/JSHTMLOptionsCollectionCustom.cpp:
(WebCore::JSHTMLOptionsCollection::setLength): Use throwIndexSizeError instead
of setDOMException with INDEX_SIZE_ERR.
* bindings/js/JSHTMLSelectElementCustom.cpp:
(WebCore::selectElementIndexSetter): Use throwTypeMismatchError instead of
setDOMExceptoin with TYPEMISMATCH_ERR.

* bindings/js/JSIDBRequestCustom.cpp:
(WebCore::JSIDBRequest::result): Pass a throw scope in to
propagateException.

* bindings/js/JSSQLResultSetRowListCustom.cpp:
(WebCore::JSSQLResultSetRowList::item): Use throwTypeMismatchError and
throwIndexSizeError instead of setDOMException with TYPE_MISMATCH_ERR and
INDEX_ERR. This required adding a throw scope.

* bindings/js/JSSQLTransactionCustom.cpp:
(WebCore::JSSQLTransaction::executeSql): Use throwDOMSyntaxError and
throwTypeMismatchError instead of setDOMException with SYNTAX_ERR and
TYPE_MISMATCH_ERR.

* bindings/js/JSStorageCustom.cpp:
(WebCore::JSStorage::nameGetter): Pass a throw scope in to
propagateException.

* bindings/js/JSSubtleCryptoCustom.cpp:
(WebCore::normalizeCryptoAlgorithmParameters): Use throwNotSupportedError
instead of setDOMException with NOT_SUPPORTED_ERR.
(WebCore::createAlgorithm): Deleted.
(WebCore::supportExportKeyThrow): Added ThrowScope argument and use
throwNotSupportedError instead of setDOMException with NOT_SUPPORTED_ERR.
(WebCore::jsSubtleCryptoFunctionEncryptPromise): Updated for above changes,
throwing a not supported exception at this level rather than in a helper.
(WebCore::jsSubtleCryptoFunctionDecryptPromise): Ditto.
(WebCore::jsSubtleCryptoFunctionSignPromise): Ditto.
(WebCore::jsSubtleCryptoFunctionVerifyPromise): Ditto.
(WebCore::jsSubtleCryptoFunctionDigestPromise): Ditto.
(WebCore::jsSubtleCryptoFunctionGenerateKeyPromise): Ditto.
(WebCore::jsSubtleCryptoFunctionImportKeyPromise): Ditto.
(WebCore::jsSubtleCryptoFunctionExportKeyPromise): Ditto.
(WebCore::jsSubtleCryptoFunctionWrapKeyPromise): Ditto.
(WebCore::jsSubtleCryptoFunctionUnwrapKeyPromise): Ditto.

* bindings/js/JSWebKitSubtleCryptoCustom.cpp:
(WebCore::createAlgorithmFromJSValue): Got rid of bool return value and
instead use a conventional return value and conventional JS exception handling.
Added a ThrowScope argument.
(WebCore::cryptoKeyFormatFromJSValue): Ditto.
(WebCore::cryptoKeyUsagesFromJSValue): Ditto.
(WebCore::JSWebKitSubtleCrypto::encrypt): Updated for above changes.
(WebCore::JSWebKitSubtleCrypto::decrypt): Ditto.
(WebCore::JSWebKitSubtleCrypto::sign): Ditto.
(WebCore::JSWebKitSubtleCrypto::verify): Ditto.
(WebCore::JSWebKitSubtleCrypto::digest): Ditto.
(WebCore::JSWebKitSubtleCrypto::generateKey): Ditto.
(WebCore::JSWebKitSubtleCrypto::importKey): Ditto.
(WebCore::JSWebKitSubtleCrypto::exportKey): Ditto.
(WebCore::JSWebKitSubtleCrypto::wrapKey): Ditto.
(WebCore::JSWebKitSubtleCrypto::unwrapKey): Ditto.

* bindings/js/JSXMLHttpRequestCustom.cpp:
(WebCore::JSXMLHttpRequest::send): Pass a throw scope in to
propagateException.
(WebCore::JSXMLHttpRequest::responseText): Ditto.

* bindings/js/JSXPathNSResolverCustom.cpp:
(WebCore::JSXPathNSResolver::toWrapped): Updated since
JSCustomXPathNSResolver::create now uses ExceptionOr.

* bindings/js/SerializedScriptValue.cpp:
(WebCore::maybeThrowExceptionIfSerializationFailed): Updated to take
a reference instead of a pointer. Fixed the handling of success to be
simpler; no need to check the code twice. Use throwDataCloneError instead
of setDOMException with DATA_CLONE_ERR.
(WebCore::SerializedScriptValue::create): Updated for above.
(WebCore::SerializedScriptValue::deserialize): Ditto.

* bindings/js/StructuredClone.cpp:
(WebCore::structuredCloneArrayBuffer): Use throwDataCloneError instead of
setDOMException with DATA_CLONE_ERR.
(WebCore::structuredCloneArrayBufferView): Ditto.

* crypto/CryptoAlgorithmParametersDeprecated.h: Removed unneeded empty
constructor.
* crypto/parameters/CryptoAlgorithmHmacKeyParamsDeprecated.h: Ditto,
moving initialization to where the data member is defined.
* crypto/parameters/CryptoAlgorithmRsaKeyGenParamsDeprecated.h: Ditto.
* crypto/parameters/CryptoAlgorithmRsaOaepParamsDeprecated.h: Ditto.

* fileapi/FileReader.cpp:
(WebCore::FileReader::result): Added. Returns a combination of optional
and variant that matches what the ID specifies. Moved the code from the
two following functions in here.
(WebCore::FileReader::arrayBufferResult): Deleted.
(WebCore::FileReader::stringResult): Deleted.
* fileapi/FileReader.h: Updated for the above.
* fileapi/FileReader.idl: Removed [Custom] from the result attribute and
declared it with the type mentioned in the specification, a nullable union.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210217 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRemove PassRefPtr use from the "dom" directory, related cleanup
darin@apple.com [Sat, 31 Dec 2016 09:51:29 +0000 (09:51 +0000)]
Remove PassRefPtr use from the "dom" directory, related cleanup
https://bugs.webkit.org/show_bug.cgi?id=166569

Reviewed by Alex Christensen.

Source/WebCore:

* CMakeLists.txt: Removed DocumentMarker.cpp.
* WebCore.xcodeproj/project.pbxproj: Ditto.

* bindings/js/JSPopStateEventCustom.cpp:
(WebCore::JSPopStateEvent::state): Pass ExecState by reference.

* dom/CharacterData.cpp:
(WebCore::CharacterData::dispatchModifiedEvent): Use auto.

* dom/DOMAllInOne.cpp: Removed DocumentMarker.cpp.

* dom/DOMNamedFlowCollection.cpp:
(WebCore::DOMNamedFlowCollection::DOMNamedFlowCollection): Updated to take
ownership of the passed in vector.
(WebCore::DOMNamedFlowCollection::create): Moved here from header.
(WebCore::DOMNamedFlowCollection::~DOMNamedFlowCollection): Moved here so we
don't need to include "WebKitNamedFlow.h" in the header.
(WebCore::DOMNamedFlowCollection::item): Rewrote to use Vector.
(WebCore::DOMNamedFlowCollection::namedItem): Rewrote to use a HashSet that
we build from the Vector. Uses a set of hash functions defined right here.
Note that the privor version of this class had incorrect use of ListHashSet
with safeToCompareToEmptyOrDeleted inaccurately set to true.
(WebCore::DOMNamedFlowCollection::supportedPropertyNames): Added this.
Old version just had an empty placeholder.
* dom/DOMNamedFlowCollection.h: Changed to no longer use ListHashSet, not
the right data structure for this. Removed incorrect use of "long" and
made some other simplifications.
* dom/DOMNamedFlowCollection.idl: Changed return types of item and namedItem
to accurately reflect the fact that they return null when the index or name
not found in the collection.

* dom/DataTransfer.h: Remove indentation. Remove unimplemented
incorrect declarations of items for ENABLE(DATA_TRANSFER_ITEMS).
Will be added back when someone implements that feature, or perhaps
ENABLE(DATA_TRANSFER_ITEMS) should be entirely removed for now?

* dom/DataTransferItem.h: Changed return type for getAsFile to
RefPtr. Again, part of ENABLE(DATA_TRANSFER_ITEMS), so dead code for now.

* dom/Document.cpp:
(WebCore::canonicalizedTitle): Removed incorrect comment claiming we
convert control characters to spaces. Simplified logic, removing two
extra loops. Changed to work on just a String rather than StringWithDirection.
(WebCore::Document::updateTitle): Updated to call the function above.
Also updated since StringWithDirection is now a struct instead of a class.
Call displayBuffer on the encoding directly instead of calling a member
function named displayBufferModifiedByEncoding.
(WebCore::Document::updateTitleFromTitleElement): Updated since
StringWithDirection is now a struct.
(WebCore::Document::setTitle): Removed code that unnecessarily calls
updateTitle twice; once indirectly by calling setTextContent on the
title elmeent and once by directly calling updateTitle.
(WebCore::Document::setWindowAttributeEventListener): Take a RefPtr&&.
(WebCore::Document::statePopped): Take a Ref&&.
(WebCore::Document::displayStringModifiedByEncoding): Deleted unused overload.
(WebCore::Document::displayBufferModifiedByEncodingInternal): Deleted.
(WebCore::Document::requestAnimationFrame): Take a Ref&&.
* dom/Document.h: Updated for changes above. Also changed the title function
to return a const String& to slightly cut down on reference count churn.
(WebCore::Document::displayBufferModifiedByEncoding): Deleted.

* dom/DocumentMarker.cpp: Removed.
* dom/DocumentMarker.h: Reworked the DocumentMarker class to use a variant
instead of a separate reference counted DocumentMarkerDetails object.

* dom/DocumentMarkerController.cpp:
(WebCore::DocumentMarkerController::addMarkerToNode): Changed argument
type to DocumentMarker::Data&&.
(DocumentMarkerController::clearDescriptionOnMarkersIntersectingRange):
clearDetails -> clearData
(DocumentMarkerController::showMarkers): activeMatch -> isActiveMatch
* dom/DocumentMarkerController.h: Updated for the above.

* dom/DocumentParser.h: Fixed incorrect reference to PassRefPtr in a comment.

* dom/Element.cpp:
(WebCore::Element::willModifyAttribute): Use auto.

* dom/Event.cpp:
(WebCore::Event::isDragEvent): Deleted. Unused.
(WebCore::Event::cloneFor): Deleted. Unused function left over from the
start of an implementation of seamless frames.
* dom/Event.h: Updated for the above.

* dom/EventContext.cpp: Tweaked blank lines.
* dom/EventContext.h: Removed unnecessary includes and forward declarations.
Changed setRelatedTarget to take a raw pointer instead of PassRefPtr since
callers aren't passing ownership. Moved TouchEventContext::touchList body
out of the class definition since it's a bit long. Deleted unused
toTouchEventContext functions. FIxed incorrect comment.

* dom/MessageEvent.cpp:
(WebCore::MessageEvent::initMessageEvent): Removed unused overload.
* dom/MessageEvent.h: Updated for above. Also changed the
dataAsSerializedScriptValue function to return a raw pointer instead of
PassRefPtr since it is not passing ownership.

* dom/MouseEvent.cpp:
(WebCore::MouseEvent::create): Use raw pointer instead of PassRefPtr for
data transfer and related target arguments.
(WebCore::MouseEvent::MouseEvent): Ditto. Also use IntPoint instead of
separate ints for the various X/Y pairs.
(WebCore::MouseEvent::initMouseEvent): Take a raw pointer for event target.
(WebCore::MouseEvent::isDragEvent): Reformatted, sorted alphabetically,
added comment about why this function probably needs to go.
(WebCore::adjustedClientX): Deleted.
(WebCore::adjustedClientY): Deleted.
(WebCore::MouseEvent::cloneFor): Deleted.
* dom/MouseEvent.h: Updated for the above. Also made more functions private
and final and initialized more of the data members.

* dom/MutationEvent.cpp:
(WebCore::MutationEvent::MutationEvent): Pass related node as a raw pointer.
(WebCore::MutationEvent::initMutationEvent): Ditto.
* dom/MutationEvent.h: Updated for the above. Fixed indentation. Removed
unnecessary explicit destructor; default generated one is fine. Initialize
m_attrChange in the class definition.

* dom/MutationObserver.cpp:
(WebCore::MutationObserver::observe): Pass reference.
(WebCore::MutationObserver::disconnect): Call unregisterMutationObserver
directly instead of calling unregisterAndDelete.

* dom/MutationObserverInterestGroup.cpp:
(WebCore::MutationObserverInterestGroup::MutationObserverInterestGroup):
Take an rvalue reference to the HashMap and use move.
(WebCore::MutationObserverInterestGroup::createIfNeeded): Updated to call
registeredMutationObservers.
* dom/MutationObserverInterestGroup.h: Updated for the above.

* dom/MutationObserverRegistration.cpp:
(WebCore::MutationObserverRegistration::MutationObserverRegistration):
Take a reference to the observer instead of PassRefPtr. Also take a
refererence to the node rather than a pointer.
(WebCore::MutationObserverRegistration::observedSubtreeNodeWillDetach):
Updated to use references instead of pointers.
(WebCore::MutationObserverRegistration::clearTransientRegistrations): Ditto.
(WebCore::MutationObserverRegistration::unregisterAndDelete): Deleted.
(WebCore::MutationObserverRegistration::shouldReceiveMutationFrom): Ditto.
(WebCore::MutationObserverRegistration::addRegistrationNodesToSet): Ditto.
* dom/MutationObserverRegistration.h: Updated for above changes. Also added
a node member function. Changed m_observer to a Ref and m_node to a reference.
Removed the NodeHashSet typedef.

* dom/NamedFlowCollection.cpp:
(WebCore::NamedFlowCollection::createCSSOMSnapshot): Pass a vector of Ref
instead of a vector of raw pointers and pass it as an rvalue reference so
it can be taken over by the named flow collection wrapper.

* dom/Node.cpp:
(WebCore::Node::mutationObserverRegistry): Use auto and nullptr.
(WebCore::Node::transientMutationObserverRegistry): Ditto.
(WebCore::collectMatchingObserversForMutation): Use references instead of pointers.
(WebCore::Node::registeredMutationObservers): Changed to return a map instead of
filling one in and renamed to remove "get" from name.
(WebCore::Node::registerMutationObserver): Use references instead of pointers.
(WebCore::Node::unregisterMutationObserver): Ditto.
(WebCore::Node::registerTransientMutationObserver): Ditto.
(WebCore::Node::unregisterTransientMutationObserver): Ditto.
(WebCore::Node::notifyMutationObserversNodeWillDetach): Ditto.
* dom/Node.h: Updated for the above.

* dom/PopStateEvent.cpp:
(WebCore::PopStateEvent::PopStateEvent): Use RefPtr&& instead of PassRefPtr.
(WebCore::PopStateEvent::create): Use a raw pointer instead of PassRefPtr.
(WebCore::PopStateEvent::trySerializeState): Take a reference to ExecState.
* dom/PopStateEvent.h: Updated for the above.

* dom/Position.cpp:
(WebCore::Position::Position): Take a raw pointer instead of PassRefPtr.
(WebCore::Position::moveToPosition): Ditto.
* dom/Position.h: Updated for the above, also changed createLegacyEditingPosition
in the same way and got rid of the LegacyEditingPosition class.

* dom/Range.cpp:
(WebCore::Range::Range): Changed startContainer and endContainer to RefPtr<Node>&&.
Later this needs to be changed more, but for now this keeps code changes to a minimum.
(WebCore::Range::create): Changed startContainer and endContainer to Node*.
* dom/Range.h: Updated for the above.

* dom/ScopedEventQueue.cpp:
(WebCore::ScopedEventQueue::dispatchEvent): Removed a comment that talks about
PassRefPtr, and simplified the code since the comment is no longer valid.

* dom/ScriptExecutionContext.cpp:
(WebCore::ScriptExecutionContext::PendingException::PendingException):
Take a RefPtr&& instead of a PassRefPtr.
(WebCore::ScriptExecutionContext::ScriptExecutionContext): Moved initialization
of all the data members up to the class definition.
(WebCore::ScriptExecutionContext::sanitizeScriptError): Use ASCIILiteral.
(WebCore::ScriptExecutionContext::reportException): Use WTFMove when passing
arguments to the PendingException constructor and using a value from the
PendingException just before destroying it.

* dom/ScriptExecutionContext.h: Changed addTimeout to take a reference rather
than a PassRefPtr to the timer. Callers were not passing ownership. Also
initialize all the data members here in the class definition.

* dom/ScriptedAnimationController.cpp:
(WebCore::ScriptedAnimationController::registerCallback): Take a Ref&&.
* dom/ScriptedAnimationController.h: Updated for the above.

* dom/SimulatedClick.cpp:
(WebCore::SimulatedMouseEvent::SimulatedMouseEvent): Updated since MouseEvent
constructor arguments changed to use IntPoint.
* dom/WheelEvent.cpp:
(WebCore::WheelEvent::WheelEvent): Ditto. Also removed some unneeded initializers
now that the header does more.
(WebCore::WheelEvent::initWheelEvent): Tweaed style a bit.
(WebCore::WheelEvent::initWebKitWheelEvent): Deleted. Moved to the header since it's
just an inline that forwards to initWheelEvent.
* dom/WheelEvent.h: Updated for the above.

* dom/make_event_factory.pl:
(generateImplementation): Use RefPtr instead of PassRefPtr. A couple other tweaks.

* editing/AlternativeTextController.cpp:
(WebCore::AlternativeTextController::respondToMarkerAtEndOfWord): Use the data
insetad of details.
(WebCore::AlternativeTextController::removeDictationAlternativesForMarker):
Ditto, also changed to take reference instead of pointer.
(WebCore::AlternativeTextController::dictationAlternativesForMarker): Ditto.
(WebCore::AlternativeTextController::applyDictationAlternative): Ditto.
* editing/AlternativeTextController.h: Updated for the above.

* editing/ApplyBlockElementCommand.cpp:
(WebCore::ApplyBlockElementCommand::rangeForParagraphSplittingTextNodesIfNeeded):
Updated since Position now takes a raw pointer.
* editing/ApplyStyleCommand.cpp:
(WebCore::ApplyStyleCommand::joinChildTextNodes): Ditto.
* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::replaceSelectedTextInNode): Ditto.
(WebCore::CompositeEditCommand::rebalanceWhitespaceOnTextSubstring): Ditto.

* editing/DictationCommand.cpp:
(WebCore::DictationMarkerSupplier::addMarkersToTextNode): Updated to use the
DictationData struct.

* editing/Editor.cpp:
(WebCore::Editor::updateMarkersForWordsAffectedByEditing): Pass a reference.
(WebCore::Editor::dictationAlternativesForMarker): Take a reference.
* editing/Editor.h: Updated for the above.

* editing/InsertTextCommand.cpp:
(WebCore::InsertTextCommand::performOverwrite): Updated since Position now takes
a raw pointer.
(WebCore::InsertTextCommand::doApply): Ditto.
(WebCore::InsertTextCommand::insertTab): Ditto.
* editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplaceSelectionCommand::mergeTextNodesAroundPosition): Ditto.

* html/HTMLTitleElement.cpp:
(WebCore::HTMLTitleElement::computedTextWithDirection): Updated since
StringWithDirection is now a struct.

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::submitForm): Use Ref&& for the form submission.
(WebCore::FrameLoader::receivedFirstData): Updated for change to StringWithDirection.
(WebCore::FrameLoader::commitProvisionalLoad):
(WebCore::FrameLoader::didBeginDocument): Pass a reference.
(WebCore::FrameLoader::loadURLIntoChildFrame): Pass a Ref to loadArchive.
(WebCore::FrameLoader::loadArchive): Take a Ref&& for the archive.
(WebCore::FrameLoader::loadInSameDocument): Take a raw pointer for the
serialized script value state object. No one was passing ownership.
But pass it along to statePopped as a Ref since we need to pass ownership
of the null value, at least for now.
(WebCore::FrameLoader::loadFrameRequest): Take a raw pointer for form state.
No one was passing ownership.
(WebCore::FrameLoader::loadURL): Ditto.
(WebCore::FrameLoader::load): Ditto.
(WebCore::FrameLoader::loadWithNavigationAction): Ditto.
(WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
(WebCore::FrameLoader::loadPostRequest): Ditto.
(WebCore::FrameLoader::continueLoadAfterNavigationPolicy): Ditto.
(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy): Ditto.
* loader/FrameLoader.h: Updated for the above and to remove an unneeded forward
declaration of StringWithDirection, which is not used here.

* loader/FrameLoaderClient.h: Updated forward declaration of StringWithDirection.
Also sorted the others and removed unneeded conditionals.

* loader/HistoryController.cpp:
(WebCore::HistoryController::setCurrentItemTitle): Updated to use struct.
(WebCore::HistoryController::initializeItem): Ditto.
* loader/HistoryController.h: Updated forward declaration of StringWithDirection.

* loader/PolicyCallback.cpp:
(WebCore::PolicyCallback::PolicyCallback): Deleted. Default works fine.
(WebCore::PolicyCallback::~PolicyCallback): Ditto.
(WebCore::PolicyCallback::set): Take a raw pointer to form state.
* loader/PolicyCallback.h: Use raw pointer for form state.

* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy): Take a raw pointer for form state.
(WebCore::PolicyChecker::checkNewWindowPolicy): Ditto.
* loader/PolicyChecker.h: Updated for the above.

* page/DOMTimer.cpp:
(WebCore::DOMTimer::DOMTimer): Pass reference to addTimeout function.

* page/DOMWindow.cpp:
(WebCore::DOMWindow::requestAnimationFrame): Use Ref&& for callback.
(WebCore::DOMWindow::webkitRequestAnimationFrame): Ditto.
(WebCore::DOMWindow::cancelAnimationFrame): Tweak coding style.
* page/DOMWindow.h: Updated for the above.

* platform/PlatformWheelEvent.h: Use pragma once. Tweaked header indentation.
Simplified constructors by initializing data members.

* platform/text/StringWithDirection.h: Use pragma once. Use struct instead of class.

* rendering/HitTestResult.cpp:
(WebCore::HitTestResult::dictationAlternatives): Pass a reference.

* rendering/InlineTextBox.cpp:
(WebCore::InlineTextBox::paintTextMatchMarker): activeMatch -> isActiveMatch

Source/WebKit/ios:

* WebView/WebPDFViewIOS.mm:
(-[WebPDFView _checkPDFTitle]): Use aggregate-style syntax for StringWithDirection.
Not needed now, but useful later if we ever can get rid of the explicit constructors.

Source/WebKit/mac:

* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::dispatchDidReceiveTitle): Updated to use struct.
(WebFrameLoaderClient::updateGlobalHistory): Ditto.
(WebFrameLoaderClient::setTitle): Ditto.
(WebFrameLoaderClient::transitionToCommittedForNewPage): Ditto.
* WebView/WebFrame.mm:
(-[WebFrame _dispatchDidReceiveTitle:]): Use aggregate-style syntax for StringWithDirection.
Not needed now, but useful later if we ever can get rid of the explicit constructors.
(-[WebFrame loadArchive:]): Pass a reference to loadArchive.
* WebView/WebHTMLRepresentation.mm:
(-[WebHTMLRepresentation title]): Updated to use struct.

Source/WebKit/win:

* WebCoreSupport/WebFrameLoaderClient.cpp:
(WebFrameLoaderClient::dispatchDidReceiveTitle): Updated since StringWithDirection::title
is now a data member, not a function member.
(WebFrameLoaderClient::updateGlobalHistory): Ditto.
(WebFrameLoaderClient::setTitle): Ditto.
* WebDataSource.cpp:
(WebDataSource::pageTitle): Ditto.

Source/WebKit2:

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDidReceiveTitle): Updated to use struct.
(WebKit::WebFrameLoaderClient::updateGlobalHistory): Ditto.
(WebKit::WebFrameLoaderClient::setTitle): Ditto.

LayoutTests:

* fast/dom/title-text-property-2-expected.txt:
* http/tests/globalhistory/history-delegate-basic-title-expected.txt:
Updated expected results for progression where we no longer send duplicate updates
of the title when setting the title property on a document.

* fast/regions/cssom/webkit-named-flow-collection-expected.txt:
* fast/regions/cssom/webkit-named-flow-collection.html:
Added test cases cover property names in the named flow collection.
Specifically, check both Object.keys for just the indices, and also
Object.getOwnPropertyNames for including the names of the flows.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210216 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRemove PassRefPtr use from the "css" directory, related cleanup
darin@apple.com [Sat, 31 Dec 2016 09:17:36 +0000 (09:17 +0000)]
Remove PassRefPtr use from the "css" directory, related cleanup
https://bugs.webkit.org/show_bug.cgi?id=166628

Reviewed by Alex Christensen.

* css/CSSCalculationValue.cpp:
(WebCore::CSSCalcBinaryOperation::create): Take RefPtr&& instead of PassRefPtr.
Also added some checks for null. Code here is really inconsistent about null;
probably should change from RefPtr to Ref at some point.
(WebCore::CSSCalcBinaryOperation::createSimplified): Ditto.
(WebCore::CSSCalcBinaryOperation::CSSCalcBinaryOperation): Take Ref&& instead
of PassRefPtr.

* css/CSSCrossfadeValue.cpp:
(WebCore::subimageKnownToBeOpaque): Take a reference instead of a pointer.
(WebCore::CSSCrossfadeValue::SubimageObserver::SubimageObserver): Moved here
from the header, and renamed.
(WebCore::CSSCrossfadeValue::SubimageObserver::imageChanged): Ditto.
(WebCore::CSSCrossfadeValue::CSSCrossfadeValue): Moved here from the header.
(WebCore::CSSCrossfadeValue::create): Ditto.
(WebCore::CSSCrossfadeValue::~CSSCrossfadeValue): Updated for data member name change.
(WebCore::CSSCrossfadeValue::fixedSize): Take a reference. Also rewrote size math to
take advantage of FloatSize multiplication and addition operators.
(WebCore::CSSCrossfadeValue::knownToBeOpaque): Take a reference.
(WebCore::CSSCrossfadeValue::loadSubimages): Set m_subimagesAreReady rather than
calling setReady on the subimage observer.
(WebCore::CSSCrossfadeValue::image): Return a raw pointer rather than a RefPtr.
Take a reference instead of a pointer.
(WebCore::CSSCrossfadeValue::crossfadeChanged): Removed unused rect argument.
Rewrote to use modern for loop.
* css/CSSCrossfadeValue.h: Updated for above changes.

* css/CSSGradientValue.cpp:
(WebCore::createGradient): Added. Helper so the function below can use Ref rather
than RefPtr, and it's also nice to factor out this "poor man's virtual function".
(WebCore::CSSGradientValue::image): Take a reference rather than a pointer.
(WebCore::clone): Added. Helper like createGradient above.
(WebCore::CSSGradientValue::gradientWithStylesResolved): Take a reference rather
than a pointer. Simplified by using the helper above.
(WebCore::CSSGradientValue::knownToBeOpaque): Removed unused argument. Rewrote to
use a modern for loop.
* css/CSSGradientValue.h: Updated for above changes.

* css/CSSImageGeneratorValue.cpp: Moved the CachedGeneratedImage class in here
from the header. Also changed it to use const and Ref.
(WebCore::CSSImageGeneratorValue::addClient): Take a reference rather than a pointer.
(WebCore::CSSImageGeneratorValue::removeClient): Ditto.
(WebCore::CSSImageGeneratorValue::cachedImageForSize): Updated since image now returns
a reference rather than a pointer.
(WebCore::CSSImageGeneratorValue::saveCachedImageForSize): Take a reference rather
than PassRefPtr.
(WebCore::CSSImageGeneratorValue::image): Take a reference rather than a pointer.
(WebCore::CSSImageGeneratorValue::fixedSize): Ditto.
(WebCore::CSSImageGeneratorValue::knownToBeOpaque): Ditto.
* css/CSSImageGeneratorValue.h: Updated for above changes.

* css/CSSValuePool.cpp:
(WebCore::CSSValuePool::createFontFaceValue): Return a RefPtr rather than PassRefPtr.
* css/CSSValuePool.h: Updated for the above.

* css/StyleBuilderConverter.h: Change convertStyleImage and convertShapeValue to
return RefPtr instead of PassRefPtr.

* css/StyleBuilderCustom.h:
(WebCore::StyleBuilderCustom::applyValueContent): Since gradientWithStylesResolved
returns a Ref now, no need to dereference it any more. This also removes reference
count churn since we are now passing a Ref temporary to a Ref&&.
* css/StyleResolver.cpp:
(WebCore::StyleResolver::styleImage): Ditto.

* platform/graphics/GradientImage.cpp:
(WebCore::GradientImage::GradientImage): Pass generator as a reference rather than
as a PassRefPtr.
(WebCore::GradientImage::draw): Updated since m_gradient is now a Ref rather than
a RefPtr.
(WebCore::GradientImage::drawPattern): Ditto.
* platform/graphics/GradientImage.h: Updated for the above changes. Make things
private rather than protected since this class is final.

* rendering/style/StyleGeneratedImage.cpp:
(WebCore::StyleGeneratedImage::imageSize): Pass renderer as a reference. Later, we
should change the interface to this function, too.
(WebCore::StyleGeneratedImage::addClient): Ditto.
(WebCore::StyleGeneratedImage::removeClient): Ditto.
(WebCore::StyleGeneratedImage::image): Ditto.
(WebCore::StyleGeneratedImage::knownToBeOpaque): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210215 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] German translation update
mcatanzaro@igalia.com [Sat, 31 Dec 2016 01:28:36 +0000 (01:28 +0000)]
[GTK] German translation update
https://bugs.webkit.org/show_bug.cgi?id=152228

Patch by Bernd Homuth <dev@hmt.im> on 2016-12-30
Rubber-stamped by Michael Catanzaro.

* de.po:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210214 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[EFL] fix buffer over-read in RenderThemeEfl::mediaControlsStyleSheet()
commit-queue@webkit.org [Fri, 30 Dec 2016 16:16:31 +0000 (16:16 +0000)]
[EFL] fix buffer over-read in RenderThemeEfl::mediaControlsStyleSheet()
https://bugs.webkit.org/show_bug.cgi?id=166622

Patch by Olivier Blin <olivier.blin@softathome.com> on 2016-12-30
Reviewed by Gyuyoung Kim.

This has been detected by a charactersAreAllASCII() assert failure.
Initially in WebKitForWayland (WPE), but the code was likely borrowed from EFL.

This is because ASCIILiteral() is wrongly used in mediaControlsStyleSheet().
mediaControlsBaseUserAgentStyleSheet is a char array, not a null-terminated string.
It is thus incorrect to use StringImpl::createFromLiteral() that calls
strlen() to get the string length.

The String::ConstructFromLiteral constructor can not be used, since it
skips the last character.

* rendering/RenderThemeEfl.cpp:
(WebCore::RenderThemeEfl::mediaControlsStyleSheet):
Explicitely pass the size to the String constructor.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210213 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, rolling out r210206.
commit-queue@webkit.org [Fri, 30 Dec 2016 14:00:07 +0000 (14:00 +0000)]
Unreviewed, rolling out r210206.
https://bugs.webkit.org/show_bug.cgi?id=166621

Crashes on macOS PLT (Requested by kling on #webkit).

Reverted changeset:

"Drop the render tree for documents in the page cache."
https://bugs.webkit.org/show_bug.cgi?id=121798
http://trac.webkit.org/changeset/210206

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210212 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[css-grid] Isolate instrinsic size computation from layout
svillar@igalia.com [Fri, 30 Dec 2016 10:53:58 +0000 (10:53 +0000)]
[css-grid] Isolate instrinsic size computation from layout
https://bugs.webkit.org/show_bug.cgi?id=166530

Reviewed by Darin Adler.

Source/WebCore:

This is the last patch of the items placement data refactoring. By using a different Grid
instance in computeIntrinsicLogicalWidths we effectively isolate the intrinsic size
computation from the layout. They are now using different data structures so they don't
interfere each other.

This also means that we no longer reuse the placement of items done in the intrinsic size
computation. That shouldn't be a big issue once we make m_grid persistent on RenderGrid.

Last but not least, this patch finally removes the ugly const_cast's we had in
computeIntrinsicLogicalWidths() as we no longer modify the internal state of RenderGrid.

Tests: fast/css-grid-layout/grid-auto-repeat-intrinsic.html
       fast/css-grid-layout/grid-change-intrinsic-size-with-auto-repeat-tracks.html

* rendering/RenderGrid.cpp:
(WebCore::RenderGrid::computeIntrinsicLogicalWidths): Use a new instance of Grid.
(WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): Fixed a missing m_grid -> grid
rename.
(WebCore::RenderGrid::placeItemsOnGrid): Constify it. It nows repositions the items if the
number of auto repeat tracks has changed.
* rendering/RenderGrid.h:

LayoutTests:

* fast/css-grid-layout/grid-auto-repeat-intrinsic-expected.txt: Added.
* fast/css-grid-layout/grid-auto-repeat-intrinsic.html: Added.
* fast/css-grid-layout/grid-change-intrinsic-size-with-auto-repeat-tracks-expected.txt: Added.
* fast/css-grid-layout/grid-change-intrinsic-size-with-auto-repeat-tracks.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210211 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] Improve user agent construction
mcatanzaro@igalia.com [Fri, 30 Dec 2016 09:02:51 +0000 (09:02 +0000)]
[GTK] Improve user agent construction
https://bugs.webkit.org/show_bug.cgi?id=142074

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Using the macOS quirk rather than the Chrome quirk for Google domains was a mistake: it
broke Hangouts in a different way than the Chrome quirk, and also prevents use of the nice
Earth mode on Google Maps. Google is making it really hard to develop a sane quirk.
Eventually I settled on the combination of two quirks: (1) Firefox browser, and (2) Linux
x86_64 platform. See the bug for full discussion on why these quirks are the best way to
make Google domains work properly in WebKit. This is an extremely sad state of affairs, but
I'm confident it is the best option. Note this effectively includes a rollout of r210168.

Also, fix a bug that caused an extra space to be inserted in the middle of the user agent.

* platform/UserAgentQuirks.cpp:
(WebCore::isGoogle):
(WebCore::urlRequiresFirefoxBrowser):
(WebCore::urlRequiresMacintoshPlatform):
(WebCore::urlRequiresLinuxDesktopPlatform):
(WebCore::UserAgentQuirks::quirksForURL):
(WebCore::UserAgentQuirks::stringForQuirk):
(WebCore::UserAgentQuirks::firefoxRevisionString):
* platform/UserAgentQuirks.h:
* platform/gtk/UserAgentGtk.cpp:
(WebCore::buildUserAgentString):

Tools:

* TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:
(TestWebKitAPI::assertUserAgentForURLHasChromeBrowserQuirk):
(TestWebKitAPI::assertUserAgentForURLHasFirefoxBrowserQuirk):
(TestWebKitAPI::assertUserAgentForURLHasLinuxPlatformQuirk):
(TestWebKitAPI::assertUserAgentForURLHasMacPlatformQuirk):
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210207 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDrop the render tree for documents in the page cache.
akling@apple.com [Fri, 30 Dec 2016 08:54:25 +0000 (08:54 +0000)]
Drop the render tree for documents in the page cache.
<https://webkit.org/b/121798>

Reviewed by Darin Adler.

To save memory and reduce complexity, have documents tear down their render tree
when entering the page cache. I've wanted to do this for a long time and it seems
like we can actually do it now.

This patch will enable a number of clean-ups since it's no longer valid for renderers
to exist while the document is in page cache.

* dom/Document.cpp:
(WebCore::Document::destroyRenderTree): Remove assertion that we're not in the page cache
since we will now be tearing down render trees right as they enter the page cache.

(WebCore::Document::setPageCacheState): Tear down the render tree right before setting
the in-cache flag. From now on, there should not exist render objects for documents in
the page cache.

* history/CachedFrame.cpp:
(WebCore::CachedFrameBase::restore):
* page/FrameView.h:
* page/FrameView.cpp:
(WebCore::FrameView::didRestoreFromPageCache): Update the scollable area set after restoring a
frame from the page cache. This dirties the scrolling tree, which was covered by tests.

* page/animation/AnimationBase.cpp:
(WebCore::AnimationBase::setNeedsStyleRecalc): Make this a no-op if the render tree is being
torn down. This fixes assertions firing on animation tests.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210206 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAX: Need to expose frames to iOS Accessibility
cfleizach@apple.com [Thu, 29 Dec 2016 18:46:31 +0000 (18:46 +0000)]
AX: Need to expose frames to iOS Accessibility
https://bugs.webkit.org/show_bug.cgi?id=166571
<rdar://problem/29823724>

Reviewed by Darin Adler.

To support navigation by frame for VoiceOver on iOS, we need to expose the frame ancestor.

* accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper _accessibilityFrameAncestor]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210205 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Rebase spec-tests now that wabt has been updated to produce certain...
sbarati@apple.com [Thu, 29 Dec 2016 18:28:08 +0000 (18:28 +0000)]
WebAssembly: Rebase spec-tests now that wabt has been updated to produce certain kinds of invalid modules
https://bugs.webkit.org/show_bug.cgi?id=166491
<rdar://problem/29814999>

Reviewed by Yusuke Suzuki.

Based off these revisions:
- spec: b055d01ea1dfdd7a5231ae779095435f836de97f
- wabt: d0d44702c753f851b094615298a2f4d4e3c21035

The reason for the rebase is that wabt was updated to stop
silently rejecting invalid modules. This was needed because
some of the spec tests check to make sure that the module
is invalid, but wabt was silently ignoring the errors and
generating valid modules:
https://github.com/WebAssembly/wabt/issues/256

* wasm.yaml:
* wasm/spec-tests/address.wast.js:
* wasm/spec-tests/binary.wast.js:
* wasm/spec-tests/block.wast.js:
* wasm/spec-tests/br.wast.js:
* wasm/spec-tests/br_if.wast.js:
* wasm/spec-tests/br_table.wast.js:
* wasm/spec-tests/break-drop.wast.js:
* wasm/spec-tests/call.wast.js:
* wasm/spec-tests/call_indirect.wast.js:
* wasm/spec-tests/comments.wast.js:
* wasm/spec-tests/conversions.wast.js:
* wasm/spec-tests/custom_section.wast.js:
* wasm/spec-tests/endianness.wast.js:
* wasm/spec-tests/exports.wast.js:
* wasm/spec-tests/f32.wast.js:
* wasm/spec-tests/f32_cmp.wast.js:
* wasm/spec-tests/f64.wast.js:
* wasm/spec-tests/f64_cmp.wast.js:
* wasm/spec-tests/fac.wast.js:
* wasm/spec-tests/float_exprs.wast.js:
* wasm/spec-tests/float_literals.wast.js:
* wasm/spec-tests/float_memory.wast.js:
* wasm/spec-tests/float_misc.wast.js:
* wasm/spec-tests/forward.wast.js:
* wasm/spec-tests/func.wast.js:
* wasm/spec-tests/func_ptrs.wast.js:
* wasm/spec-tests/get_local.wast.js:
* wasm/spec-tests/globals.wast.js:
* wasm/spec-tests/i32.wast.js:
* wasm/spec-tests/i64.wast.js:
* wasm/spec-tests/imports.wast.js:
* wasm/spec-tests/int_exprs.wast.js:
* wasm/spec-tests/int_literals.wast.js:
* wasm/spec-tests/left-to-right.wast.js:
* wasm/spec-tests/linking.wast.js:
* wasm/spec-tests/loop.wast.js:
* wasm/spec-tests/memory.wast.js:
* wasm/spec-tests/memory_redundancy.wast.js:
* wasm/spec-tests/memory_trap.wast.js:
* wasm/spec-tests/names.wast.js:
* wasm/spec-tests/nop.wast.js:
* wasm/spec-tests/resizing.wast.js:
* wasm/spec-tests/return.wast.js:
* wasm/spec-tests/select.wast.js:
* wasm/spec-tests/set_local.wast.js:
* wasm/spec-tests/skip-stack-guard-page.wast.js:
* wasm/spec-tests/stack.wast.js:
* wasm/spec-tests/start.wast.js:
* wasm/spec-tests/store_retval.wast.js:
* wasm/spec-tests/switch.wast.js:
* wasm/spec-tests/tee_local.wast.js:
* wasm/spec-tests/traps.wast.js:
* wasm/spec-tests/typecheck.wast.js:
* wasm/spec-tests/unreachable.wast.js:
* wasm/spec-tests/unwind.wast.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210204 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Don't allow duplicate export names
sbarati@apple.com [Thu, 29 Dec 2016 03:10:04 +0000 (03:10 +0000)]
WebAssembly: Don't allow duplicate export names
https://bugs.webkit.org/show_bug.cgi?id=166490
<rdar://problem/29815000>

Reviewed by Keith Miller.

JSTests:

* wasm.yaml:
* wasm/function-tests/invalid-duplicate-export.js: Added.

Source/JavaScriptCore:

* wasm/WasmModuleParser.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210203 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed. Fix jsc.cpp build error.
sbarati@apple.com [Thu, 29 Dec 2016 00:18:44 +0000 (00:18 +0000)]
Unreviewed. Fix jsc.cpp build error.

* jsc.cpp:
(functionTestWasmModuleFunctions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210202 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Implement grow_memory and current_memory
sbarati@apple.com [Thu, 29 Dec 2016 00:06:52 +0000 (00:06 +0000)]
WebAssembly: Implement grow_memory and current_memory
https://bugs.webkit.org/show_bug.cgi?id=166448
<rdar://problem/29803676>

Reviewed by Keith Miller.

JSTests:

I rewrote some of the testWasmModuleFunctions that used Memory to use
the JS API since the jsc.cpp version can no longer use memory.

* wasm.yaml:
* wasm/function-tests/add-12.js:
(testWasmModuleFunctions):
* wasm/function-tests/br-if-loop-less-than.js:
(testWasmModuleFunctions):
* wasm/function-tests/brTableAsIf.js:
(testWasmModuleFunctions):
* wasm/function-tests/brTableManyValues.js:
(testWasmModuleFunctions):
* wasm/function-tests/brTableWithLoop.js:
(testWasmModuleFunctions):
* wasm/function-tests/dumb-eq-if-then-else.js:
* wasm/function-tests/eqz.js:
* wasm/function-tests/grow-memory-2.js: Added.
(const.func):
(assert.eq.instance.exports.foo):
* wasm/function-tests/grow-memory-3.js: Added.
* wasm/function-tests/grow-memory-4.js: Added.
(const.func):
* wasm/function-tests/grow-memory.js: Added.
(binaryShouldNotParse):
(assert.truthy):
(assert.eq):
(memory.grow):
* wasm/function-tests/i32-load.js:
(testWasmModuleFunctions):
* wasm/function-tests/i32-load8-s.js:
* wasm/function-tests/max.js:
* wasm/function-tests/min.js:
* wasm/js-api/memory-grow.js: Added.
(i.i):
(assertEq):
* wasm/js-api/test_memory.js:
* wasm/wasm.json:

Source/JavaScriptCore:

This patch implements grow_memory, current_memory, and WebAssembly.prototype.grow.
See relevant spec texts here:

https://github.com/WebAssembly/design/blob/master/Semantics.md#linear-memory-accesses
https://github.com/WebAssembly/design/blob/master/JS.md#webassemblymemoryprototypegrow

I also fix a couple miscellaneous bugs:

1. Data section now understands full init_exprs.
2. parseVarUint1 no longer has a bug where we allow values larger than 1 if
their bottom 8 bits are zero.

Since the JS API can now grow memory, we need to make calling an import
and call_indirect refresh the base memory register and the size registers.

* jsc.cpp:
(functionTestWasmModuleFunctions):
* runtime/Options.h:
* runtime/VM.h:
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::reloadPinnedRegisters):
(JSC::Wasm::B3IRGenerator::emitReloadPinnedRegisters):
(JSC::Wasm::createJSToWasmWrapper):
(JSC::Wasm::parseAndCompile):
* wasm/WasmFormat.cpp:
(JSC::Wasm::Segment::create):
* wasm/WasmFormat.h:
(JSC::Wasm::I32InitExpr::I32InitExpr):
(JSC::Wasm::I32InitExpr::globalImport):
(JSC::Wasm::I32InitExpr::constValue):
(JSC::Wasm::I32InitExpr::isConst):
(JSC::Wasm::I32InitExpr::isGlobalImport):
(JSC::Wasm::I32InitExpr::globalImportIndex):
(JSC::Wasm::Segment::byte):
(JSC::Wasm::ModuleInformation::importFunctionCount):
(JSC::Wasm::ModuleInformation::hasMemory):
* wasm/WasmFunctionParser.h:
* wasm/WasmMemory.cpp:
(JSC::Wasm::Memory::Memory):
(JSC::Wasm::Memory::grow):
* wasm/WasmMemory.h:
(JSC::Wasm::Memory::size):
(JSC::Wasm::Memory::sizeInPages):
(JSC::Wasm::Memory::offsetOfMemory):
(JSC::Wasm::Memory::isValid): Deleted.
(JSC::Wasm::Memory::grow): Deleted.
* wasm/WasmModuleParser.cpp:
(JSC::Wasm::makeI32InitExpr):
* wasm/WasmModuleParser.h:
* wasm/WasmPageCount.h:
(JSC::Wasm::PageCount::bytes):
(JSC::Wasm::PageCount::pageCount):
(JSC::Wasm::PageCount::fromBytes):
(JSC::Wasm::PageCount::operator+):
* wasm/WasmParser.h:
(JSC::Wasm::Parser<SuccessType>::parseVarUInt1):
* wasm/WasmValidate.cpp:
* wasm/js/JSWebAssemblyInstance.h:
(JSC::JSWebAssemblyInstance::offsetOfMemory):
* wasm/js/JSWebAssemblyMemory.cpp:
(JSC::JSWebAssemblyMemory::~JSWebAssemblyMemory):
(JSC::JSWebAssemblyMemory::grow):
* wasm/js/JSWebAssemblyMemory.h:
(JSC::JSWebAssemblyMemory::offsetOfMemory):
* wasm/js/JSWebAssemblyModule.h:
(JSC::JSWebAssemblyModule::functionImportCount):
(JSC::JSWebAssemblyModule::jsEntrypointCalleeFromFunctionIndexSpace):
(JSC::JSWebAssemblyModule::wasmEntrypointCalleeFromFunctionIndexSpace):
(JSC::JSWebAssemblyModule::importCount): Deleted.
* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction):
* wasm/js/WebAssemblyInstanceConstructor.cpp:
(JSC::constructJSWebAssemblyInstance):
* wasm/js/WebAssemblyMemoryConstructor.cpp:
(JSC::constructJSWebAssemblyMemory):
* wasm/js/WebAssemblyMemoryPrototype.cpp:
(JSC::getMemory):
(JSC::webAssemblyMemoryProtoFuncBuffer):
(JSC::webAssemblyMemoryProtoFuncGrow):
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):
(JSC::dataSegmentFail):
(JSC::WebAssemblyModuleRecord::evaluate):
* wasm/wasm.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210201 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[Gardening] Remove INDIE_UI related entries from TestExpectation files.
clopez@igalia.com [Wed, 28 Dec 2016 14:36:15 +0000 (14:36 +0000)]
[Gardening] Remove INDIE_UI related entries from TestExpectation files.
https://bugs.webkit.org/show_bug.cgi?id=165881

Unreviewed.

* platform/efl/TestExpectations:
* platform/gtk/TestExpectations:
* platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210200 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[css-grid] Move Grid into GridSizingData
svillar@igalia.com [Wed, 28 Dec 2016 11:06:44 +0000 (11:06 +0000)]
[css-grid] Move Grid into GridSizingData
https://bugs.webkit.org/show_bug.cgi?id=165654

Reviewed by Darin Adler.

The grid track sizing algorithm has been using the m_grid attribute from RenderGrid to
compute the sizes of the tracks unconditionally. However the goal is to make it work against
a generic instance of the Grid class, so that the intrinsic size computation and the layout
processes could be effectively decoupled.

Instead of passing the Grid as a new argument to all the track sizing algorithm methods we
leverage the existence of GridSizingData which is already passed to all of them. This data
structure holds from now on a reference to the Grid instance so that the track sizing
algorithm could use it.

No new tests as this is a refactoring.

* rendering/RenderGrid.cpp:
(WebCore::RenderGrid::GridSizingData::GridSizingData):
(WebCore::RenderGrid::GridSizingData::grid):
(WebCore::RenderGrid::computeTrackBasedLogicalHeight):
(WebCore::RenderGrid::computeTrackSizesForDirection):
(WebCore::RenderGrid::repeatTracksSizingIfNeeded):
(WebCore::RenderGrid::layoutBlock):
(WebCore::RenderGrid::guttersSize):
(WebCore::RenderGrid::computeIntrinsicLogicalWidths):
(WebCore::RenderGrid::computeIntrinsicLogicalHeight):
(WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
(WebCore::RenderGrid::computeFlexSizedTracksGrowth):
(WebCore::RenderGrid::computeFlexFactorUnitSize):
(WebCore::RenderGrid::findFlexFactorUnitSize):
(WebCore::RenderGrid::rawGridTrackSize):
(WebCore::RenderGrid::gridTrackSize):
(WebCore::RenderGrid::spanningItemCrossesFlexibleSizedTracks):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
(WebCore::RenderGrid::tracksAreWiderThanMinTrackBreadth):
(WebCore::RenderGrid::trackSizesForComputedStyle):
(WebCore::RenderGrid::applyStretchAlignmentToTracksIfNeeded):
(WebCore::RenderGrid::layoutGridItems):
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
(WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
(WebCore::RenderGrid::gridAreaBreadthForChild):
(WebCore::RenderGrid::gridAreaBreadthForChildIncludingAlignmentOffsets):
(WebCore::RenderGrid::populateGridPositionsForDirection):
(WebCore::RenderGrid::columnAxisOffsetForChild):
(WebCore::RenderGrid::rowAxisOffsetForChild):
(WebCore::RenderGrid::findChildLogicalPosition):
(WebCore::RenderGrid::numTracks):
(WebCore::RenderGrid::paintChildren):
* rendering/RenderGrid.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210197 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[EFL] Gardening on 28th Dec.
gyuyoung.kim@webkit.org [Wed, 28 Dec 2016 09:59:45 +0000 (09:59 +0000)]
[EFL] Gardening on 28th Dec.

Unreviewed EFL gardening.

* platform/efl/TestExpectations: Mark failing tests to Failure or ImageOnlyFailure.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210192 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoreduce PassRefPtr use in WebKit2
commit-queue@webkit.org [Wed, 28 Dec 2016 02:48:19 +0000 (02:48 +0000)]
reduce PassRefPtr use in WebKit2
https://bugs.webkit.org/show_bug.cgi?id=166452

Patch by Alex Christensen <achristensen@webkit.org> on 2016-12-27
Reviewed by Yusuke Suzuki.

* Shared/API/c/cg/WKImageCG.cpp:
(WKImageCreateCGImage):
(WKImageCreateFromCGImage):
* Shared/ShareableBitmap.cpp:
(WebKit::ShareableBitmap::createHandle):
* Shared/ShareableBitmap.h:
* Shared/UserData.cpp:
(WebKit::UserData::encode):
(WebKit::UserData::decode):
* Shared/WebImage.cpp:
(WebKit::WebImage::create):
(WebKit::WebImage::WebImage):
* Shared/WebImage.h:
(WebKit::WebImage::bitmap):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didGetImageForFindMatch):
* UIProcess/mac/WKTextFinderClient.mm:
(-[WKTextFinderClient didGetImageForMatchResult:]):
* WebProcess/Automation/WebAutomationSessionProxy.cpp:
(WebKit::WebAutomationSessionProxy::takeScreenshot):
* WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInNodeHandle.mm:
(-[WKWebProcessPlugInNodeHandle renderedImageWithOptions:]):
* WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.cpp:
(WebKit::imageForRect):
(WebKit::InjectedBundleNodeHandle::renderedImage):
(WebKit::InjectedBundleNodeHandle::visibleRange):
(WebKit::InjectedBundleNodeHandle::htmlTableCellElementCellAbove):
(WebKit::InjectedBundleNodeHandle::documentFrame):
(WebKit::InjectedBundleNodeHandle::htmlFrameElementContentFrame):
(WebKit::InjectedBundleNodeHandle::htmlIFrameElementContentFrame):
* WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.h:
* WebProcess/InjectedBundle/DOM/InjectedBundleRangeHandle.cpp:
(WebKit::InjectedBundleRangeHandle::renderedImage):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::takeSnapshot):
(WebKit::WebPage::snapshotAtSize):
(WebKit::WebPage::snapshotNode):
(WebKit::WebPage::drawRectToImage):
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::getPositionInformation):
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::setTopOverhangImage):
(WebKit::WebPage::setBottomOverhangImage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210181 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoEnsure NetworkProcess is ready before whitelisting TLS certificates
mcatanzaro@igalia.com [Tue, 27 Dec 2016 17:57:18 +0000 (17:57 +0000)]
Ensure NetworkProcess is ready before whitelisting TLS certificates
https://bugs.webkit.org/show_bug.cgi?id=162962

Patch by Emanuele Aina <emanuele.aina@collabora.com> on 2016-12-27
Reviewed by Alex Christensen.

If the API user tries to whitelist TLS certificates before any web
view has been created, the action will be ignored because the
NetworkProcess hasn't been fired up yet.

For example, the snippet below using the GTK+ API does not work,
unless the whitelisting is moved after the web view creation:

  webkit_web_context_allow_tls_certificate_for_host(webkit_web_context_get_default(), crt, host);
  webView = webkit_web_view_new();

* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::allowSpecificHTTPSCertificateForHost): Ensure
that the NetworkProcess has been already fired up when adding
certificates, so they can be whitelisted before the first web view is
instantiated.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210180 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] Improve user agent construction
mcatanzaro@igalia.com [Tue, 27 Dec 2016 15:26:52 +0000 (15:26 +0000)]
[GTK] Improve user agent construction
https://bugs.webkit.org/show_bug.cgi?id=142074

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Use the macOS rather than the Chrome quirk for Google domains, to avoid problems with
Google Calendar and Google Maps.

* platform/UserAgentQuirks.cpp:
(WebCore::urlRequiresChromeBrowser):
(WebCore::urlRequiresMacintoshPlatform):

Tools:

* TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210168 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[EFL] Gardening on 27th Dec.
gyuyoung.kim@webkit.org [Tue, 27 Dec 2016 08:04:25 +0000 (08:04 +0000)]
[EFL] Gardening on 27th Dec.

Unreviewed EFL gardening.

Patch by Gyuyoung Kim <gyuyoung.kim@navercorp.com> on 2016-12-27

* platform/efl/TestExpectations: Mark failing tests to Timeout or Skip.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210153 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoASSERTION FAILED: !rect.isEmpty() in WebCore::GraphicsContext::drawRect
zalan@apple.com [Tue, 27 Dec 2016 03:14:31 +0000 (03:14 +0000)]
ASSERTION FAILED: !rect.isEmpty() in WebCore::GraphicsContext::drawRect
https://bugs.webkit.org/show_bug.cgi?id=163461

Reviewed by Darin Adler.

Source/WebCore:

Make sure we don't paint empty rects.

Test: fast/lists/assert-on-empty-list-marker.html

* rendering/RenderListMarker.cpp:
(WebCore::RenderListMarker::paint):

LayoutTests:

* fast/lists/assert-on-empty-list-marker-expected.txt: Added.
* fast/lists/assert-on-empty-list-marker.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210152 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUse variadic templates in JSC Parser to clean up
utatane.tea@gmail.com [Mon, 26 Dec 2016 19:00:53 +0000 (19:00 +0000)]
Use variadic templates in JSC Parser to clean up
https://bugs.webkit.org/show_bug.cgi?id=166482

Reviewed by Saam Barati.

* parser/Parser.cpp:
(JSC::Parser<LexerType>::logError):
* parser/Parser.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210151 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAX: Headers of table not read by VoiceOver
cfleizach@apple.com [Mon, 26 Dec 2016 07:47:56 +0000 (07:47 +0000)]
AX: Headers of table not read by VoiceOver
https://bugs.webkit.org/show_bug.cgi?id=158693
<rdar://problem/26771065>

Reviewed by Darin Adler.

Source/WebCore:

If a table cell header is hidden, by pushing off screen then the content won't be accessible.
It seems that unless specifically requested (such as using aria-hidden), we should try to return
that table cell header.

Test: accessibility/hidden-th-still-column-header.html

* accessibility/AccessibilityTableColumn.cpp:
(WebCore::AccessibilityTableColumn::headerObjectForSection):

LayoutTests:

* accessibility/hidden-th-still-column-header-expected.txt: Added.
* accessibility/hidden-th-still-column-header.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210150 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoPropagate the source origin as much as possible
utatane.tea@gmail.com [Mon, 26 Dec 2016 06:35:07 +0000 (06:35 +0000)]
Propagate the source origin as much as possible
https://bugs.webkit.org/show_bug.cgi?id=166348

Reviewed by Darin Adler.

JSTests:

* stress/source-origin.js: Added.
(shouldBe):

Source/JavaScriptCore:

This patch introduces CallFrame::callerSourceOrigin, SourceOrigin class
and SourceProvider::m_sourceOrigin. CallFrame::callerSourceOrigin returns
an appropriate SourceOrigin if possible. If we cannot find the appropriate
one, we just return null SourceOrigin.

This paves the way for implementing the module dynamic-import[1].
When the import operator is evaluated, it will resolve the module
specifier with this propagated source origin of the caller function.

To support import operator inside the dynamic code generation
functions (like `eval`, `new Function`, indirect call to `eval`),
we need to propagate the caller's source origin to the generated
source code.

We do not use sourceURL for that purpose. This is because we
would like to keep sourceURL for `eval` / `new Function` null.
This sourceURL will be used for the stack dump for errors with line/column
numbers. Dumping the caller's sourceURL with line/column numbers are
meaningless. So we would like to keep it null while we would like
to propagate SourceOrigin for dynamic imports.

[1]: https://github.com/tc39/proposal-dynamic-import

* API/JSBase.cpp:
(JSEvaluateScript):
(JSCheckScriptSyntax):
* API/JSObjectRef.cpp:
(JSObjectMakeFunction):
* API/JSScriptRef.cpp:
(OpaqueJSScript::create):
(OpaqueJSScript::vm):
(OpaqueJSScript::OpaqueJSScript):
(parseScript):
* JavaScriptCore.xcodeproj/project.pbxproj:
* Scripts/builtins/builtins_templates.py:
* Scripts/tests/builtins/expected/WebCore-AnotherGuardedInternalBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result:
* Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result:
* builtins/BuiltinExecutables.cpp:
(JSC::BuiltinExecutables::BuiltinExecutables):
(JSC::BuiltinExecutables::createDefaultConstructor):
* debugger/DebuggerCallFrame.cpp:
(JSC::DebuggerCallFrame::evaluateWithScopeExtension):
* inspector/InjectedScriptManager.cpp:
(Inspector::InjectedScriptManager::createInjectedScript):
* inspector/JSInjectedScriptHost.cpp:
(Inspector::JSInjectedScriptHost::evaluateWithScopeExtension):
* inspector/agents/InspectorRuntimeAgent.cpp:
(Inspector::InspectorRuntimeAgent::parse):
* interpreter/CallFrame.cpp:
(JSC::CallFrame::callerSourceOrigin):
* interpreter/CallFrame.h:
* interpreter/Interpreter.cpp:
(JSC::eval):
* jsc.cpp:
(jscSource):
(GlobalObject::finishCreation):
(extractDirectoryName):
(currentWorkingDirectory):
(GlobalObject::moduleLoaderResolve):
(functionRunString):
(functionLoadString):
(functionCallerSourceOrigin):
(functionCreateBuiltin):
(functionCheckModuleSyntax):
(runInteractive):
* parser/SourceCode.h:
(JSC::makeSource):
* parser/SourceProvider.cpp:
(JSC::SourceProvider::SourceProvider):
* parser/SourceProvider.h:
(JSC::SourceProvider::sourceOrigin):
(JSC::StringSourceProvider::create):
(JSC::StringSourceProvider::StringSourceProvider):
(JSC::WebAssemblySourceProvider::create):
(JSC::WebAssemblySourceProvider::WebAssemblySourceProvider):
* runtime/FunctionConstructor.cpp:
(JSC::constructFunction):
(JSC::constructFunctionSkippingEvalEnabledCheck):
* runtime/FunctionConstructor.h:
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncEval):
* runtime/ModuleLoaderPrototype.cpp:
(JSC::moduleLoaderPrototypeParseModule):
* runtime/ScriptExecutable.h:
(JSC::ScriptExecutable::sourceOrigin):
* runtime/SourceOrigin.h: Added.
(JSC::SourceOrigin::SourceOrigin):
(JSC::SourceOrigin::string):
(JSC::SourceOrigin::isNull):
* tools/FunctionOverrides.cpp:
(JSC::initializeOverrideInfo):

Source/WebCore:

* bindings/js/CachedScriptSourceProvider.h:
(WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):
* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::initializeJSFunction):
* bindings/js/ScriptSourceCode.h:
(WebCore::ScriptSourceCode::ScriptSourceCode):
* bridge/NP_jsobject.cpp:
(_NPN_Evaluate):
* bridge/objc/WebScriptObject.mm:
(-[WebScriptObject evaluateWebScript:]):

Source/WebKit/mac:

* Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::evaluate):

Source/WebKit/win:

* Plugins/PluginPackage.cpp:
(WebCore::NPN_Evaluate):
(WebCore::makeSource): Deleted.

Source/WebKit2:

* WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
(WebKit::NPRuntimeObjectMap::evaluate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210149 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[WebIDL] Remove (most) custom bindings for the IndexedDB code
weinig@apple.com [Mon, 26 Dec 2016 01:33:33 +0000 (01:33 +0000)]
[WebIDL] Remove (most) custom bindings for the IndexedDB code
https://bugs.webkit.org/show_bug.cgi?id=166451

Reviewed by Darin Adler.

Source/WebCore:

Removes the custom bindings for all but one attribute (IDBRequest.result) in
the IndexedDB code.
- Adds a new WebIDL extension type, IDBKey, to represent the complex key conversion
  rules IndexedDB specifies.
- Replaces custom bindings for IDBCursor.source with use of a union.
- Replaces custom enum type checking for IDBCursor.direction with a WebIDL enum.
- Replaces custom code generation for IDBKeyPaths with a union.

* CMakeLists.txt:
* DerivedSources.make:
* WebCore.xcodeproj/project.pbxproj:
Add new files.

* Modules/indexeddb/IDBCursor.cpp:
(WebCore::IDBCursor::source):
(WebCore::IDBCursor::direction):
(WebCore::IDBCursor::directionNext): Deleted.
(WebCore::IDBCursor::directionNextUnique): Deleted.
(WebCore::IDBCursor::directionPrev): Deleted.
(WebCore::IDBCursor::directionPrevUnique): Deleted.
(WebCore::IDBCursor::stringToDirection): Deleted.
(WebCore::IDBCursor::directionToString): Deleted.
* Modules/indexeddb/IDBCursor.h:
(WebCore::IDBCursor::objectStore): Deleted.
(WebCore::IDBCursor::index): Deleted.
Replace custom enum checking with direct use of the enum, letting the generator
handle the checks. Also adds source function which returns a Variant.

* Modules/indexeddb/IDBCursor.idl:
Remove custom annotation and use correct types.

* Modules/indexeddb/IDBCursorDirection.h: Added.
* Modules/indexeddb/IDBCursorDirection.idl: Added.

* Modules/indexeddb/IDBIndex.cpp:
(WebCore::IDBIndex::openCursor):
(WebCore::IDBIndex::openKeyCursor):
* Modules/indexeddb/IDBIndex.h:
* Modules/indexeddb/IDBIndex.idl:
* Modules/indexeddb/IDBObjectStore.cpp:
(WebCore::IDBObjectStore::openCursor):
(WebCore::IDBObjectStore::openKeyCursor):
* Modules/indexeddb/IDBObjectStore.h:
* Modules/indexeddb/IDBObjectStore.idl:
Replace Strings with IDBCursorDirection enums.

* Modules/indexeddb/IDBKeyRange.idl:
Remove annotation and use new IDBKey extension type.

* Modules/indexeddb/IDBOpenDBRequest.cpp:
(WebCore::IDBOpenDBRequest::onSuccess):
(WebCore::IDBOpenDBRequest::onUpgradeNeeded):
(WebCore::IDBOpenDBRequest::onDeleteDatabaseSuccess):
Use ReadyState enum in place of the old m_isDone boolean.

* Modules/indexeddb/IDBRequest.cpp:
(WebCore::IDBRequest::IDBRequest):
(WebCore::IDBRequest::error):
(WebCore::IDBRequest::source):
(WebCore::IDBRequest::dispatchEvent):
(WebCore::IDBRequest::willIterateCursor):
(WebCore::IDBRequest::completeRequestAndDispatchEvent):
(WebCore::IDBRequest::readyState): Deleted.
* Modules/indexeddb/IDBRequest.h:
(WebCore::IDBRequest::readyState):
(WebCore::IDBRequest::isDone):
(WebCore::IDBRequest::objectStoreSource): Deleted.
(WebCore::IDBRequest::indexSource): Deleted.
(WebCore::IDBRequest::cursorSource): Deleted.
* Modules/indexeddb/IDBRequest.idl:
Replace the readyState String with a enum, and the custom source binding with a
source function that returns a Variant.

* Modules/indexeddb/IndexedDB.h:
Add the missing values to CursorDirection to make it comply with the IDL definition.

* bindings/generic/IDLTypes.h:
* bindings/js/JSDOMConvert.h:
(WebCore::JSConverter<IDLIDBKey<T>>::convert):
Add new extension type IDLIDBKey.

* bindings/js/JSIDBCursorCustom.cpp:
(WebCore::JSIDBCursor::source): Deleted.
* bindings/js/JSIDBRequestCustom.cpp:
(WebCore::JSIDBRequest::source): Deleted.
Remove custom bindings.

* bindings/scripts/CodeGenerator.pm:
(IsBuiltinType):
* bindings/scripts/CodeGeneratorJS.pm:
(GetBaseIDLType):
(NativeToJSValueDOMConvertNeedsState):
(NativeToJSValueDOMConvertNeedsGlobalObject):
(NativeToJSValue):
Add support for IDBKey, and remove custom code for IndexedDB in core conversion logic.

* bindings/scripts/IDLAttributes.txt:
Remove now unused ImplementationReturnType attribute.

* inspector/InspectorIndexedDBAgent.cpp:
Update to work with new functions taking enums rather than strings.

LayoutTests:

* storage/indexeddb/exceptions-expected.txt:
* storage/indexeddb/exceptions-private-expected.txt:
* storage/indexeddb/index-basics-expected.txt:
* storage/indexeddb/index-basics-private-expected.txt:
* storage/indexeddb/index-basics-workers-expected.txt:
* storage/indexeddb/objectstore-cursor-expected.txt:
* storage/indexeddb/objectstore-cursor-private-expected.txt:
Update results for improved exception messages.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210148 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoREGRESSION (r209299): Selection is broken when you zoom in webpage using trackpad
simon.fraser@apple.com [Sun, 25 Dec 2016 23:57:40 +0000 (23:57 +0000)]
REGRESSION (r209299): Selection is broken when you zoom in webpage using trackpad
https://bugs.webkit.org/show_bug.cgi?id=166472
rdar://problem/29675551

Reviewed by Tim Horton.

Source/WebCore:

r209299 broke autoscroll in zoomed pages because it changed RenderLayer::scrollRectToVisible()
to shrink viewRect by page scale. This is incorrect for all callers of scrollRectToVisible, since
the "absoluteRect" passed in is actually in zoomed document coordinates for all the callers I tested.

This code is also fixed to account for headers and footers. getRectToExpose() takes rectangles
in "scroll view contents" coordinates (i.e. including header, and zoomed document), so doesn't need
the separate visibleRectRelativeToDocument parameter.

Tests: fast/events/autoscroll-main-document.html
       fast/events/autoscroll-when-zoomed.html
       fast/events/drag-select-when-zoomed-with-header.html
       fast/events/drag-select-when-zoomed.html
       fast/scrolling/scroll-to-anchor-zoomed-header.html

* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::scrollRectToVisible):
(WebCore::RenderLayer::getRectToExpose):
* rendering/RenderLayer.h:

Tools:

These changes are necessary to allow the mouse to leave the WTR window while
drag-scrolling, to test autoscroll. Previously, we were never calling -mouseDragged
(which DRT does); we'd always go through mouseMoved, which hits an early return
in WebViewImpl::mouseMoved() when the point is outside the view.

* WebKitTestRunner/mac/EventSenderProxy.mm:
(WTR::EventSenderProxy::mouseMoveTo):

LayoutTests:

Add some test coverage for autoscroll of the main document. I could only get this
working in WebKitTestRunner, not DumpRenderTree.

* TestExpectations:
* fast/events/autoscroll-main-document-expected.txt: Added.
* fast/events/autoscroll-main-document.html: Added.
* fast/events/autoscroll-when-zoomed-expected.txt: Added.
* fast/events/autoscroll-when-zoomed.html: Added.
* fast/events/drag-select-when-zoomed-expected.txt: Added.
* fast/events/drag-select-when-zoomed-with-header-expected.txt: Added.
* fast/events/drag-select-when-zoomed-with-header.html: Added.
* fast/events/drag-select-when-zoomed.html: Added.
* fast/scrolling/scroll-to-anchor-zoomed-header-expected.txt: Added.
* fast/scrolling/scroll-to-anchor-zoomed-header.html: Added.
* fast/transforms/selection-bounds-in-transformed-view.html: Revert the target scroll position to what it was
before r209299, and improve the failure output.
* platform/ios-simulator/TestExpectations:
* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210147 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[test262] Fixing mapped arguments object property test case
commit-queue@webkit.org [Sat, 24 Dec 2016 21:26:22 +0000 (21:26 +0000)]
[test262] Fixing mapped arguments object property test case
https://bugs.webkit.org/show_bug.cgi?id=159398

Patch by Caio Lima <ticaiolima@gmail.com> on 2016-12-24
Reviewed by Saam Barati.

JSTests:

* stress/arguments-bizarre-behaviour-disable-enumerability.js:
* stress/arguments-define-property.js: Added.
(assert):
(testProperties):
* stress/arguments-non-configurable.js: Added.
(assert):
(tryChangeNonConfigurableDescriptor):
(set tryChangeNonConfigurableDescriptor):
(tryChangeWritableOfNonConfigurableDescriptor):
* test262.yaml:

Source/JavaScriptCore:

This patch changes GenericArguments' override mechanism to
implement corret behavior on ECMAScript test262 suite test cases of
mapped arguments object with non-configurable and non-writable
property. Also it is ensuring that arguments[i]
cannot be deleted when argument "i" is {configurable: false}.

The previous implementation is against to the specification for 2 reasons:

1. Every argument in arguments object are {writable: true} by default
   (http://www.ecma-international.org/ecma-262/7.0/index.html#sec-createunmappedargumentsobject).
   It means that we have to stop mapping a defined property index
   if the new property descriptor contains writable (i.e writable is
   present) and its value is false (also check
   https://tc39.github.io/ecma262/#sec-arguments-exotic-objects-defineownproperty-p-desc).
   Previous implementation considers {writable: false} if writable is
   not present.

2. When a property is overriden, "delete" operation is always returning true. However
   delete operations should follow the specification.

We created an auxilary boolean array named m_modifiedArgumentsDescriptor
to store which arguments[i] descriptor was changed from its default
property descriptor. This modification was necessary because m_overrides
was responsible to keep this information at the same time
of keeping information about arguments mapping. The problem of this apporach was
that we needed to call overridesArgument(i) as soon as the ith argument's property
descriptor was changed and it stops the argument's mapping as sideffect, producing
wrong behavior.
To keep tracking arguments mapping status, we renamed DirectArguments::m_overrides to
DirectArguments::m_mappedArguments and now we it is responsible to manage if an
argument[i] is mapped or not.
With these 2 structures, now it is possible to an argument[i] have its property
descriptor modified and don't stop the mapping as soon as it happens. One example
of that wrong behavior can be found on arguments-bizarre-behaviour-disable-enumerability
test case, that now is fixed by this new mechanism.

* bytecode/PolymorphicAccess.cpp:
(JSC::AccessCase::generateWithGuard):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetByValOnDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileCreateDirectArguments):
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateDirectArguments):
* jit/JITOperations.cpp:
(JSC::canAccessArgumentIndexQuickly):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitDirectArgumentsGetByVal):
* runtime/DirectArguments.cpp:
(JSC::DirectArguments::estimatedSize):
(JSC::DirectArguments::visitChildren):
(JSC::DirectArguments::overrideThings):
(JSC::DirectArguments::overrideThingsIfNecessary):
(JSC::DirectArguments::unmapArgument):
(JSC::DirectArguments::copyToArguments):
(JSC::DirectArguments::overridesSize):
(JSC::DirectArguments::overrideArgument): Deleted.
* runtime/DirectArguments.h:
(JSC::DirectArguments::length):
(JSC::DirectArguments::isMappedArgument):
(JSC::DirectArguments::isMappedArgumentInDFG):
(JSC::DirectArguments::getIndexQuickly):
(JSC::DirectArguments::setIndexQuickly):
(JSC::DirectArguments::overrodeThings):
(JSC::DirectArguments::initModifiedArgumentsDescriptorIfNecessary):
(JSC::DirectArguments::setModifiedArgumentDescriptor):
(JSC::DirectArguments::isModifiedArgumentDescriptor):
(JSC::DirectArguments::offsetOfMappedArguments):
(JSC::DirectArguments::offsetOfModifiedArgumentsDescriptor):
(JSC::DirectArguments::canAccessIndexQuickly): Deleted.
(JSC::DirectArguments::canAccessArgumentIndexQuicklyInDFG): Deleted.
(JSC::DirectArguments::offsetOfOverrides): Deleted.
* runtime/GenericArguments.h:
* runtime/GenericArgumentsInlines.h:
(JSC::GenericArguments<Type>::visitChildren):
(JSC::GenericArguments<Type>::getOwnPropertySlot):
(JSC::GenericArguments<Type>::getOwnPropertySlotByIndex):
(JSC::GenericArguments<Type>::getOwnPropertyNames):
(JSC::GenericArguments<Type>::put):
(JSC::GenericArguments<Type>::putByIndex):
(JSC::GenericArguments<Type>::deleteProperty):
(JSC::GenericArguments<Type>::deletePropertyByIndex):
(JSC::GenericArguments<Type>::defineOwnProperty):
(JSC::GenericArguments<Type>::initModifiedArgumentsDescriptor):
(JSC::GenericArguments<Type>::initModifiedArgumentsDescriptorIfNecessary):
(JSC::GenericArguments<Type>::setModifiedArgumentDescriptor):
(JSC::GenericArguments<Type>::isModifiedArgumentDescriptor):
(JSC::GenericArguments<Type>::copyToArguments):
* runtime/ScopedArguments.cpp:
(JSC::ScopedArguments::visitChildren):
(JSC::ScopedArguments::unmapArgument):
(JSC::ScopedArguments::overrideArgument): Deleted.
* runtime/ScopedArguments.h:
(JSC::ScopedArguments::isMappedArgument):
(JSC::ScopedArguments::isMappedArgumentInDFG):
(JSC::ScopedArguments::getIndexQuickly):
(JSC::ScopedArguments::setIndexQuickly):
(JSC::ScopedArguments::initModifiedArgumentsDescriptorIfNecessary):
(JSC::ScopedArguments::setModifiedArgumentDescriptor):
(JSC::ScopedArguments::isModifiedArgumentDescriptor):
(JSC::ScopedArguments::canAccessIndexQuickly): Deleted.
(JSC::ScopedArguments::canAccessArgumentIndexQuicklyInDFG): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210146 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoRenderBlockFlow::moveFloatsTo does not move floats.
zalan@apple.com [Sat, 24 Dec 2016 18:00:00 +0000 (18:00 +0000)]
RenderBlockFlow::moveFloatsTo does not move floats.
https://bugs.webkit.org/show_bug.cgi?id=166467

Reviewed by Darin Adler.

RenderBlockFlow::moveFloatsTo name is misleading. Floats are not moved from "this" to
the new RenderBlockFlow parent, but rather they are copied so that overhanging floats
don't get lost.

Covered by existing tests.

* rendering/FloatingObjects.cpp:
(WebCore::FloatingObject::cloneForNewParent):
(WebCore::FloatingObject::unsafeClone): Deleted.
* rendering/FloatingObjects.h:
* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::addFloatsToNewParent):
(WebCore::RenderBlockFlow::moveAllChildrenIncludingFloatsTo):
(WebCore::RenderBlockFlow::moveFloatsTo): Deleted.
* rendering/RenderBlockFlow.h:
* rendering/RenderRubyBase.cpp:
(WebCore::RenderRubyBase::mergeChildrenWithBase):
* rendering/RenderRubyBase.h:
* rendering/RenderRubyRun.cpp:
(WebCore::RenderRubyRun::removeChild):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210145 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[iOS] DumpRenderTree triggers an assertion failure when calling +[WebPreferences...
aestes@apple.com [Sat, 24 Dec 2016 04:39:52 +0000 (04:39 +0000)]
[iOS] DumpRenderTree triggers an assertion failure when calling +[WebPreferences _switchNetworkLoaderToNewTestingSession]
https://bugs.webkit.org/show_bug.cgi?id=166471

Reviewed by Andreas Kling.

When DumpRenderTree starts up, it calls
+[WebPreferences _switchNetworkLoaderToNewTestingSession] from the main thread. In Debug
builds, this triggers the ASSERT(isMainThread()) in
NetworkStorageSession::defaultNetworkStorageSession() because the Web thread has already
started, we are on the main thread, and we are not holding the Web thread lock. This is
causing all layout tests to crash in the iOS WK1 Debug configuration.

* WebView/WebPreferences.mm: (+[WebPreferences _switchNetworkLoaderToNewTestingSession]):
Take the Web thread lock before calling NetworkStorageSession::switchToNewTestingSession().

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210144 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[iOS] Fix some crashing webarchive tests
aestes@apple.com [Sat, 24 Dec 2016 01:14:59 +0000 (01:14 +0000)]
[iOS] Fix some crashing webarchive tests
https://bugs.webkit.org/show_bug.cgi?id=166470

Reviewed by Andreas Kling.

Tools:

Tests that use TestRunner.dumpDOMAsWebArchive() crashed on iOS due to a stub implementation
of WebArchiveDumpSupport in WebKitTestRunner. The Mac implementation works fine on iOS too,
so this change uses that on both platforms.

* WebKitTestRunner/Configurations/InjectedBundle.xcconfig: Removed
WebArchiveDumpSupportMac.mm from EXCLUDED_SOURCE_FILE_NAMES.
* WebKitTestRunner/InjectedBundle/cocoa/WebArchiveDumpSupportCocoa.mm: Renamed from
Tools/WebKitTestRunner/mac/WebArchiveDumpSupportMac.mm.
* WebKitTestRunner/PlatformMac.cmake:
* WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:
* WebKitTestRunner/ios/WebArchiveDumpSupportIOS.mm: Removed.

LayoutTests:

Removed entries for previously crashing/failing tests.

* platform/ios-simulator-wk2/TestExpectations:
* platform/ios-simulator/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210143 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoREGRESSION(r209865): Crash when navigating back to some pages with compositing layers.
akling@apple.com [Sat, 24 Dec 2016 00:23:37 +0000 (00:23 +0000)]
REGRESSION(r209865): Crash when navigating back to some pages with compositing layers.
<https://webkit.org/b/166469>
<rdar://problem/29109053>

Reviewed by Darin Adler.

Source/WebCore:

Remove the old WK1-era clear/restoreBackingStores optimization from the page cache.
When enabling it on non-iOS platforms, we started hitting lots of assertions,
and none of our memory tests showed any significant improvement anyway.

Test: compositing/page-cache-back-crash.html

* history/CachedFrame.cpp:
(WebCore::CachedFrameBase::CachedFrameBase):
(WebCore::CachedFrameBase::restore):
(WebCore::CachedFrame::CachedFrame):
* history/CachedFrame.h:
* page/FrameView.cpp:
(WebCore::FrameView::restoreBackingStores): Deleted.
* page/FrameView.h:

LayoutTests:

Add a smoke test for the crashes we were seeing. Thanks to Zalán for the reduction.

* compositing/page-cache-back-crash-expected.txt: Added.
* compositing/page-cache-back-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210142 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoFix iOS engineering builds.
aestes@apple.com [Fri, 23 Dec 2016 22:13:29 +0000 (22:13 +0000)]
Fix iOS engineering builds.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210141 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAdd missing std::optional to ApplePayPaymentRequest.lineItems
commit-queue@webkit.org [Fri, 23 Dec 2016 22:01:12 +0000 (22:01 +0000)]
Add missing std::optional to ApplePayPaymentRequest.lineItems
https://bugs.webkit.org/show_bug.cgi?id=166468

Patch by Sam Weinig <sam@webkit.org> on 2016-12-23
Reviewed by Alexey Proskuryakov.

No functional change, but is more consistent.

* Modules/applepay/ApplePayPaymentRequest.h:
Remove unnecessary #include of <heap/Strong.h>, add std::optional to lineItems.

* Modules/applepay/ApplePaySession.cpp:
(WebCore::convertAndValidate):
Update to deal with optional line items, remove unnecessary comment.

* Modules/applepay/ApplePaySession.h:
Remove unneeded forward declarations.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210140 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUsing Option::breakOnThrow() shouldn't crash while printing a null CodeBlock.
mark.lam@apple.com [Fri, 23 Dec 2016 19:45:46 +0000 (19:45 +0000)]
Using Option::breakOnThrow() shouldn't crash while printing a null CodeBlock.
https://bugs.webkit.org/show_bug.cgi?id=166466

Reviewed by Keith Miller.

* runtime/VM.cpp:
(JSC::VM::throwException):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210139 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoEnhance LLInt tracing to dump the codeBlock signature instead of just a pointer where...
mark.lam@apple.com [Fri, 23 Dec 2016 19:26:21 +0000 (19:26 +0000)]
Enhance LLInt tracing to dump the codeBlock signature instead of just a pointer where appropriate.
https://bugs.webkit.org/show_bug.cgi?id=166465

Reviewed by Keith Miller.

* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::traceFunctionPrologue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210138 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: trap on bad division.
keith_miller@apple.com [Fri, 23 Dec 2016 19:08:43 +0000 (19:08 +0000)]
WebAssembly: trap on bad division.
https://bugs.webkit.org/show_bug.cgi?id=164786

Reviewed by Mark Lam.

JSTests:

Also, mark conversions as passing.

* wasm.yaml:
* wasm/wasm.json:

Source/JavaScriptCore:

This patch adds traps for division / modulo by zero and for
division by int_min / -1.

* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::emitChecksForModOrDiv):
* wasm/WasmExceptionType.h:
* wasm/WasmPlan.cpp:
(JSC::Wasm::Plan::run):
* wasm/wasm.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210137 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoFix broken LLINT_SLOW_PATH_TRACING build.
mark.lam@apple.com [Fri, 23 Dec 2016 19:01:32 +0000 (19:01 +0000)]
Fix broken LLINT_SLOW_PATH_TRACING build.
https://bugs.webkit.org/show_bug.cgi?id=166463

Reviewed by Keith Miller.

* llint/LLIntExceptions.cpp:
(JSC::LLInt::returnToThrow):
(JSC::LLInt::callToThrow):
* runtime/CommonSlowPathsExceptions.cpp:
(JSC::CommonSlowPaths::interpreterThrowInCaller):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210136 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoTry to fix the Mac CMake build after r210130.
aestes@apple.com [Fri, 23 Dec 2016 18:16:42 +0000 (18:16 +0000)]
Try to fix the Mac CMake build after r210130.

* platform/network/mac/WebCoreResourceHandleAsDelegate.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210135 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[WebIDL] Remove custom bindings for WebSQL code
weinig@apple.com [Fri, 23 Dec 2016 17:09:04 +0000 (17:09 +0000)]
[WebIDL] Remove custom bindings for WebSQL code
https://bugs.webkit.org/show_bug.cgi?id=166441

Reviewed by Darin Adler.

Source/WebCore:

- Replace custom variant type SQLValue with a type alias of a Variant.
- Use the newly representable SQLValue to remove custom bindings for
  SQLResultSetRowList::item and SQLTransaction::executeSql.

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSBindingsAllInOne.cpp:
* bindings/js/JSSQLResultSetRowListCustom.cpp: Removed.
* bindings/js/JSSQLTransactionCustom.cpp: Removed.
* platform/sql/SQLValue.cpp: Removed.
Remove files.

* Modules/webdatabase/SQLResultSetRowList.cpp:
(WebCore::SQLResultSetRowList::length):
(WebCore::SQLResultSetRowList::item):
* Modules/webdatabase/SQLResultSetRowList.h:
* Modules/webdatabase/SQLResultSetRowList.idl:
Sink the implementation of item() into the implementation. Use a
record type to bridge to javascript.

* Modules/webdatabase/SQLStatement.cpp:
(WebCore::SQLStatement::SQLStatement):
* Modules/webdatabase/SQLStatement.h:
Update to take arguments by rvalue reference.

* Modules/webdatabase/SQLTransaction.cpp:
(WebCore::SQLTransaction::executeSql):
* Modules/webdatabase/SQLTransaction.h:
* Modules/webdatabase/SQLTransaction.idl:
Remove custom annotation, and update signature to match the IDL.

* Modules/webdatabase/SQLTransactionBackend.cpp:
* Modules/webdatabase/SQLTransactionBackend.h:
Remove unneeded #includes of SQLValue.h

* bindings/js/JSDOMConvert.h:
(WebCore::Converter<IDLNull>::convert):
(WebCore::JSConverter<IDLNull>::convert):
Implement conversion for the null type so it can be used in the SQLValue union.

* inspector/InspectorDatabaseAgent.cpp:
* platform/sql/SQLiteStatement.cpp:
(WebCore::SQLiteStatement::bindValue):
(WebCore::SQLiteStatement::getColumnValue):
* platform/sql/SQLiteStatement.h:
Replace old switch with a WTF::switchOn that operates on the new variant.

* platform/sql/SQLValue.h:
(WebCore::SQLValue::SQLValue): Deleted.
(WebCore::SQLValue::type): Deleted.
Replace implementation with a Variant.

LayoutTests:

* storage/websql/execute-sql-args-expected.txt:
* storage/websql/execute-sql-args.js:
Update test and result to be slightly more strict about functions taking sequences.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210134 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[GTK] GLES build broken since r208997
mcatanzaro@igalia.com [Fri, 23 Dec 2016 14:36:50 +0000 (14:36 +0000)]
[GTK] GLES build broken since r208997
https://bugs.webkit.org/show_bug.cgi?id=166455

Unreviewed. Fix the preprocessor guards here; this code is incompatible with GLES2.

Looks like it's been broken for a month. Typical!

* platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
(WebCore::Extensions3DOpenGLCommon::initializeAvailableExtensions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210133 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[EME][GStreamer] Enable various code paths for ENCRYPTED_MEDIA
zandobersek@gmail.com [Fri, 23 Dec 2016 09:15:07 +0000 (09:15 +0000)]
[EME][GStreamer] Enable various code paths for ENCRYPTED_MEDIA
https://bugs.webkit.org/show_bug.cgi?id=166054

Reviewed by Xabier Rodriguez-Calvar.

Add ENABLE_ENCRYPTED_MEDIA build guards in various places in GStreamer
code to enable decryption-related GStreamer elements and the proper
decryptor handling in AppendPipeline.

* platform/GStreamer.cmake:
* platform/graphics/gstreamer/GStreamerUtilities.cpp:
* platform/graphics/gstreamer/GStreamerUtilities.h:
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::registerWebKitGStreamerElements):
(WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage):
Only call needKey() if LEGACY_ENCRYPTED_MEDIA is enabled, since this is
the way the legacy EME system expects to be notified of key necessity.
It's very likely ENCRYPTED_MEDIA will do this differently.
* platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
* platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.h:
* platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
* platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.h:
* platform/graphics/gstreamer/mse/AppendPipeline.cpp:
(WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
(WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
(WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
* platform/graphics/gstreamer/mse/AppendPipeline.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210132 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoEliminate the use of lastChild in TextIterator
rniwa@webkit.org [Fri, 23 Dec 2016 09:11:32 +0000 (09:11 +0000)]
Eliminate the use of lastChild in TextIterator
https://bugs.webkit.org/show_bug.cgi?id=166456

Reviewed by Antti Koivisto.

Just use the node we just existed in TextIterator::exitNode and in emitting additional new line
to eliminate the use of Node::lastChild.

Also initialize member variables in the declaration instead of the constructor to modernize the code.

* editing/TextIterator.cpp:
(WebCore::TextIterator::TextIterator):
(WebCore::TextIterator::advance):
(WebCore::TextIterator::exitNode):
* editing/TextIterator.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210131 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoReduce QuickLook.h include overhead
aestes@apple.com [Fri, 23 Dec 2016 04:41:52 +0000 (04:41 +0000)]
Reduce QuickLook.h include overhead
https://bugs.webkit.org/show_bug.cgi?id=166454

Reviewed by Andreas Kling.

Source/WebCore:

* dom/Document.cpp: Included QuickLook.h for QLPreviewProtocol().
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::setQuickLookHandle): Moved from DocumentLoader.h to here.
* loader/DocumentLoader.h: Stopped including QuickLook.h and forward-declared
QuickLookHandle.
(WebCore::DocumentLoader::setQuickLookHandle): Moved definition out-of-line since it
requires QuickLookHandle to be a complete type.
* loader/ios/QuickLook.h: Updated to use #pragma once. Cleaned up includes and forward
declarations.
* platform/network/ResourceHandle.cpp: Included QuickLook.h so that QuickLookHandle is a
complete type in the ResourceHandle constructor.
* platform/network/ResourceHandle.h: Stopped including QuickLook.h and forward-declared
QuickLookHandle.
(WebCore::ResourceHandle::setQuickLookHandle): Moved definition out-of-line since it
requires QuickLookHandle to be a complete type.
* platform/network/mac/ResourceHandleMac.mm:
(WebCore::ResourceHandle::setQuickLookHandle): Moved from ResourceHandle.h to here.
* platform/network/mac/WebCoreResourceHandleAsDelegate.mm: Included QuickLook.h for
QuickLookHandle.

Source/WebKit:

* WebCoreSupport/WebResourceLoadScheduler.cpp: Stopped including QuickLook.h.

Source/WebKit2:

* WebProcess/Network/WebLoaderStrategy.cpp: Included QuickLook.h for QLPreviewProtocol().
* WebProcess/Network/WebResourceLoader.cpp: Included QuickLook.h for QuickLookHandle.
* WebProcess/Network/WebResourceLoader.h: Stopped including QuickLook.h.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210130 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[iOS] Move QuickLook from WebCore/platform to WebCore/loader
aestes@apple.com [Fri, 23 Dec 2016 02:24:28 +0000 (02:24 +0000)]
[iOS] Move QuickLook from WebCore/platform to WebCore/loader
https://bugs.webkit.org/show_bug.cgi?id=166449

Reviewed by Darin Adler.

QuickLook.mm knows about ResourceLoader, so it's a layering violation to have it in
platform/. Move it to loader/ios/.

* WebCore.xcodeproj/project.pbxproj:
* loader/ios/QuickLook.h: Renamed from Source/WebCore/platform/network/ios/QuickLook.h.
* loader/ios/QuickLook.mm: Renamed from Source/WebCore/platform/network/ios/QuickLook.mm.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210129 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, fix unused parameter warning in GLES build
mcatanzaro@igalia.com [Fri, 23 Dec 2016 02:21:02 +0000 (02:21 +0000)]
Unreviewed, fix unused parameter warning in GLES build

Looks like it's been here since 2012. Impressive!

* platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
(WebCore::GraphicsContext3D::resolveMultisamplingIfNecessary):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210128 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Make spec-tests/f32.wast.js and spec-tests/f64.wast.js pass
keith_miller@apple.com [Fri, 23 Dec 2016 02:14:31 +0000 (02:14 +0000)]
WebAssembly: Make spec-tests/f32.wast.js and spec-tests/f64.wast.js pass
https://bugs.webkit.org/show_bug.cgi?id=166447

Reviewed by Saam Barati.

JSTests:

* wasm.yaml:
* wasm/wasm.json:

Source/JavaScriptCore:

We needed to treat -0.0 < 0.0 for floating point min/max. For min,
the algorithm works because if a == b then a and b are not NaNs so
either they are the same or they are some zero. When we or a and b
either we get the same number back or we get -0.0. Similarly for
max we use an and and the sign bit gets dropped if one is 0.0 and
the other is -0.0, otherwise, we get the same number back.

* wasm/wasm.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210127 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Make calling Wasm functions that returns or takes an i64 as a parameter...
sbarati@apple.com [Fri, 23 Dec 2016 01:32:30 +0000 (01:32 +0000)]
WebAssembly: Make calling Wasm functions that returns or takes an i64 as a parameter an early exception
https://bugs.webkit.org/show_bug.cgi?id=166437
<rdar://problem/29793949>

Reviewed by Keith Miller.

JSTests:

* wasm.yaml:
* wasm/function-tests/i64-from-js-exceptions.js: Added.
(const.imp.import.sideEffects):
(assert.throws.instance.exports.foo.valueOf):

Source/JavaScriptCore:

This patch makes it so that we throw an exception before we do
anything else if we call a wasm function that either takes an
i64 as an argument or returns an i64.

* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction):
(JSC::WebAssemblyFunction::WebAssemblyFunction):
(JSC::WebAssemblyFunction::call): Deleted.
* wasm/js/WebAssemblyFunction.h:
(JSC::WebAssemblyFunction::signatureIndex):
(JSC::WebAssemblyFunction::jsEntrypoint):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210126 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoUnreviewed, rolling out r210069.
commit-queue@webkit.org [Fri, 23 Dec 2016 01:23:15 +0000 (01:23 +0000)]
Unreviewed, rolling out r210069.
https://bugs.webkit.org/show_bug.cgi?id=166439

This patch makes all properties in Computed Styles strike-
through when switching from the Rules panel. (Requested by NVI
on #webkit).

Reverted changeset:

"Web Inspector: Uncommenting CSS properties doesn't work for
inline styles"
https://bugs.webkit.org/show_bug.cgi?id=166297
http://trac.webkit.org/changeset/210069

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210125 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAdd BitOr for floating points to B3
keith_miller@apple.com [Fri, 23 Dec 2016 01:19:55 +0000 (01:19 +0000)]
Add BitOr for floating points to B3
https://bugs.webkit.org/show_bug.cgi?id=166446

Reviewed by Saam Barati.

Source/JavaScriptCore:

This patch does some slight refactoring to the ARM assembler,
which groups all the vector floating point instructions together.

* assembler/ARM64Assembler.h:
(JSC::ARM64Assembler::vand):
(JSC::ARM64Assembler::vorr):
(JSC::ARM64Assembler::vectorDataProcessingLogical):
(JSC::ARM64Assembler::vectorDataProcessing2Source): Deleted.
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::orDouble):
(JSC::MacroAssemblerARM64::orFloat):
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::orDouble):
(JSC::MacroAssemblerX86Common::orFloat):
* assembler/X86Assembler.h:
(JSC::X86Assembler::orps_rr):
* b3/B3ConstDoubleValue.cpp:
(JSC::B3::ConstDoubleValue::bitOrConstant):
(JSC::B3::ConstDoubleValue::bitXorConstant):
* b3/B3ConstDoubleValue.h:
* b3/B3ConstFloatValue.cpp:
(JSC::B3::ConstFloatValue::bitOrConstant):
(JSC::B3::ConstFloatValue::bitXorConstant):
* b3/B3ConstFloatValue.h:
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
* b3/B3Validate.cpp:
* b3/air/AirInstInlines.h:
(JSC::B3::Air::Inst::shouldTryAliasingDef):
* b3/air/AirOpcode.opcodes:
* b3/testb3.cpp:
(JSC::B3::bitOrDouble):
(JSC::B3::testBitOrArgDouble):
(JSC::B3::testBitOrArgsDouble):
(JSC::B3::testBitOrArgImmDouble):
(JSC::B3::testBitOrImmsDouble):
(JSC::B3::bitOrFloat):
(JSC::B3::testBitOrArgFloat):
(JSC::B3::testBitOrArgsFloat):
(JSC::B3::testBitOrArgImmFloat):
(JSC::B3::testBitOrImmsFloat):
(JSC::B3::testBitOrArgsFloatWithUselessDoubleConversion):
(JSC::B3::run):

Websites/webkit.org:

Update docs to indicate it's cool to use bit ops with floating point.

* docs/b3/intermediate-representation.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210124 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMove GraphicsContext3DWin to GraphicsContext3DOpenGLES
achristensen@apple.com [Fri, 23 Dec 2016 00:32:25 +0000 (00:32 +0000)]
Move GraphicsContext3DWin to GraphicsContext3DOpenGLES
https://bugs.webkit.org/show_bug.cgi?id=166425

Reviewed by Tim Horton.

Move code which is GLES-specific not Windows-specific to the GLES-specific file
so I can use it on Cocoa, with a temporary PLATFORM macro that I plan to remove once
all platforms use ANGLE's GLES implementation. There is another copy of this code in
GraphicsContext3DCairo, which will also be united with this code here soon.
Also remove the PlatformCALayerWin, which was never used for anything.

* platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
(WebCore::GraphicsContext3D::create):
(WebCore::GraphicsContext3D::GraphicsContext3D):
(WebCore::GraphicsContext3D::~GraphicsContext3D):
(WebCore::GraphicsContext3D::setContextLostCallback):
(WebCore::GraphicsContext3D::setErrorMessageCallback):
(WebCore::GraphicsContext3D::makeContextCurrent):
(WebCore::GraphicsContext3D::checkGPUStatusIfNecessary):
(WebCore::GraphicsContext3D::platformGraphicsContext3D):
(WebCore::GraphicsContext3D::platformTexture):
(WebCore::GraphicsContext3D::isGLES2Compliant):
(WebCore::GraphicsContext3D::platformLayer):
* platform/graphics/win/GraphicsContext3DWin.cpp: Removed.
* PlatformMac.cmake:
Include the egl directory.  I'll need this, too, once Mac starts using ANGLE's EGL implementation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210123 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoNested calls to setDocument can omit firing 'unload' events
bfulgham@apple.com [Fri, 23 Dec 2016 00:20:27 +0000 (00:20 +0000)]
Nested calls to setDocument can omit firing 'unload' events
https://bugs.webkit.org/show_bug.cgi?id=166422
<rdar://problem/29763012>

Reviewed by Alex Christensen.

Source/WebCore:

Test: fast/loader/nested-document-handling.html

Only allow a single document change to be taking place during a given runloop cycle.

* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::executeIfJavaScriptURL): Block script changing the document
when we are in the middle of changing the document.
* page/Frame.cpp:
(WebCore::Frame::setDocument): Keep track of document change state.
* page/Frame.h:

LayoutTests:

* fast/loader/nested-document-handling-expected.txt: Added.
* fast/loader/nested-document-handling.html: Added.
* fast/loader/resources/subframe-success.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210122 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoTileGrid creates new cohorts even when not using temporarilyRetainTileCohorts mode
timothy_horton@apple.com [Thu, 22 Dec 2016 23:52:44 +0000 (23:52 +0000)]
TileGrid creates new cohorts even when not using temporarilyRetainTileCohorts mode
https://bugs.webkit.org/show_bug.cgi?id=166440

Reviewed by Simon Fraser.

No new tests.

* platform/graphics/ca/TileGrid.cpp:
(WebCore::TileGrid::revalidateTiles):
If we are not temporarily retaining unparented tile cohorts (e.g. on
iOS WebKit2), instead immediately removing all tiles that would go into
the new cohort, avoid starting the cohort at all.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210121 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDo not destroy the RenderNamedFlowFragment as leftover anonymous block.
zalan@apple.com [Thu, 22 Dec 2016 23:48:53 +0000 (23:48 +0000)]
Do not destroy the RenderNamedFlowFragment as leftover anonymous block.
https://bugs.webkit.org/show_bug.cgi?id=166436
rdar://problem/29772233

Reviewed by Simon Fraser.

Source/WebCore:

When as the result of certain style change, the generated anonymous block is not needed anymore, we
move its descendants up to the parent and destroy the generated box. While RenderNamedFlowFragment is a generated
block, the cleanup code should just ignore it the same way we ignore boxes like multicolumn, mathml etc.

Test: fast/regions/flow-fragment-as-anonymous-block-crash.html

* rendering/RenderObject.h:
(WebCore::RenderObject::isAnonymousBlock):

LayoutTests:

* fast/regions/flow-fragment-as-anonymous-block-crash-expected.txt: Added.
* fast/regions/flow-fragment-as-anonymous-block-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210120 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoBytecodeGenerator::m_finallyDepth should be unsigned.
mark.lam@apple.com [Thu, 22 Dec 2016 23:23:51 +0000 (23:23 +0000)]
BytecodeGenerator::m_finallyDepth should be unsigned.
https://bugs.webkit.org/show_bug.cgi?id=166438

Reviewed by Saam Barati.

Also removed FinallyContext::m_finallyDepth because it is not used.

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::pushFinallyControlFlowScope):
(JSC::BytecodeGenerator::labelScopeDepth):
* bytecompiler/BytecodeGenerator.h:
(JSC::FinallyContext::FinallyContext):
(JSC::FinallyContext::finallyLabel):
(JSC::FinallyContext::depth): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210119 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoNull deref under WebPageProxy::applicationDidFinishSnapshottingAfterEnteringBackground
timothy_horton@apple.com [Thu, 22 Dec 2016 23:18:12 +0000 (23:18 +0000)]
Null deref under WebPageProxy::applicationDidFinishSnapshottingAfterEnteringBackground
https://bugs.webkit.org/show_bug.cgi?id=166433
<rdar://problem/29732407>

Reviewed by Daniel Bates.

* UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::applicationDidFinishSnapshottingAfterEnteringBackground):
m_drawingArea can be null if the process is not valid.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210118 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoCSS Scroll Snap does not work if scrollbar is hidden
wenson_hsieh@apple.com [Thu, 22 Dec 2016 22:55:31 +0000 (22:55 +0000)]
CSS Scroll Snap does not work if scrollbar is hidden
https://bugs.webkit.org/show_bug.cgi?id=160442
<rdar://problem/23317034>

Reviewed by Simon Fraser.

Source/WebCore:

Currently, the only reason scroll snapping works in overflow scrolling containers without forcing layout is
because we would initialize the scrolling container's ScrollAnimator in the process of updating scrollbars. If
there are no scrollbars to render, we won't bother creating a ScrollAnimator. Without an existing
ScrollAnimator, ScrollableArea::updateScrollSnapState will simply bail instead of setting up the scroll snap
state. Instead, we should take setting a non-empty vector of scroll offsets on the ScrollableArea as a cue that
the ScrollableArea also needs a ScrollAnimator, and initialize it there if necessary.

Test: tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-hidden-scrollbars.html

* platform/ScrollableArea.cpp:
(WebCore::ScrollableArea::setHorizontalSnapOffsets):
(WebCore::ScrollableArea::setVerticalSnapOffsets):

LayoutTests:

Adds a new layout test verifying that scroll snapping still works when scrollbars are hidden via CSS.

* tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-hidden-scrollbars-expected.txt: Added.
* tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-hidden-scrollbars.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210117 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoDe-duplicate finally blocks.
mark.lam@apple.com [Thu, 22 Dec 2016 22:48:32 +0000 (22:48 +0000)]
De-duplicate finally blocks.
https://bugs.webkit.org/show_bug.cgi?id=160168

Reviewed by Saam Barati.

JSTests:

Re-landing r209952 with a few new tests added in test-finally.js.

* stress/deeply-nested-finallys.js: Copied from JSTests/stress/deeply-nested-finallys.js.
- Tests many levels of finally nesting.  This causes the old code to hang (and
  crashes eventually) while trying to generate bytecode for the exponentially
  duplicated finally blocks.  The new code completes this test almost instantly.

* stress/test-finally.js: Copied from JSTests/stress/test-finally.js.
- Tests control flow through various permutations of finally blocks.

Source/JavaScriptCore:

JS execution can arrive at a finally block when there are abrupt completions from
its try or catch block.  The abrupt completion types include Break,
Continue, Return, and Throw.  The non-abrupt completion type is called Normal
(i.e. the case of a try block falling through to the finally block).

Previously, we enable each of these paths for abrupt completion (except for Throw)
to run the finally block code by duplicating the finally block code at each of
the sites that trigger those completions.  This patch fixes the implementation so
that each of these abrupt completions will set a completionTypeRegister (plus a
completionValueRegister for CompletionType::Return) and then jump to the
relevant finally blocks, and continue to thread through subsequent outer finally
blocks until execution reaches the outermost finally block that the completion
type dictates.  We no longer duplicate the finally block code.

The implementation details:
1. We allocate a pair of registers (completionTypeRegister and completionValueRegister)
   just before entering the outermost try-catch-finally scope.

   On allocating the registers, we initialize the completionTypeRegister to
   CompletionType::Normal, and set the completionValueRegister to the empty
   JSValue.

2. The completionTypeRegister will hold a CompletionType value.  This is how we
   encode the CompletionType value to be set:

   a. For Normal, Return, and Throw completion types:
      - The completionTypeRegister is set to CompletionType::Normal,
        CompletionType::Return, and CompletionType::Throw respectively.

   b. For Break and Continue completion types:
      - The completionTypeRegister is set to a unique jumpID where the jumpID is
        computed as:

        jumpID = CompletionType::NumberOfTypes + bytecodeOffset

        The bytecodeOffset used here is the bytecodeOffset of the break or continue
        statement that triggered this completion.

3. Each finally block will have 2 entries:
   a. the catch entry.
   b. the normal entry.

   The catch entry is recorded in the codeBlock's exception handler table,
   and can only be jumped to by the VM's exception handling mechanism.

   The normal entry is recorded in a FinallyContext (at bytecode generation time
   only) and is jumped to when we want enter the finally block due any of the
   other CompletionTypes.

4. How each completion type works?

   CompletionType::Normal
   ======================
   We normally encounter this when falling through from a try or catch block to
   the finally block.

   For the try block case, since completionTypeRegister is set to Normal by default,
   there's nothing more that needs to be done.

   For the catch block case, since we entered the catch block with an exception,
   completionTypeRegister may be set to Throw.  We'll need to set it to Normal
   before jumping to the finally block's normal entry.

   CompletionType::Break
   =====================
   When we emit bytecode for the BreakNode, we check if we have any FinallyContexts
   that we need to service before jumping to the breakTarget.  If we don't, then
   emit op_jump to the breakTarget as usual.  Otherwise:

   a. we'll register a jumpID and the breakTarget with the FinallyContext for the
      outermost finally block that we're supposed to run through.
   b. we'll also increment the numberOfBreaksOrContinues count in each FinallyContext
      from the innermost to the one for that outermost finally block.
   c. emit bytecode to set the completionTypeRegister to the jumpID.
   d. emit bytecode to jump to the normal entry of the innermost finally block.

   Each finally block will take care of cascading to the next outer finally block
   as needed (see (5) below).

   CompletionType::Continue
   ========================
   Since continues and breaks work the same way (i.e. with a jump), we handle this
   exactly the same way as CompletionType::Break, except that we use the
   continueTarget instead of the breakTarget.

   CompletionType::Return
   ======================
   When we emit bytecode for the ReturnNode, we check if we have any FinallyContexts
   at all on the m_controlFlowScopeStack.  If we don't, then emit op_ret as usual.
   Otherwise:

   a. emit bytecode to set the completionTypeRegister to CompletionType::Return.
   b. emit bytecode to move the return value into the completionValueRegister.
   c. emit bytecode to jump to the normal entry of the innermost finally block.

   Each finally block will take care of cascading to the next outer finally block
   as needed (see (5) below).

   CompletionType::Throw
   ======================
   At the catch entry a finally block, we:
   1. emit an op_catch that stores the caught Exception object in the
      completionValueRegister.
   2. emit bytecode to set the completionTypeRegister to CompletionType::Throw.
   3. Fall through or jump to the finally block's normal entry.

5. What happens in each finally block?
   ==================================
   For details on the finally block's catch entry, see "CompletionType::Throw" in
   (4) above.

   The finally block's normal entry will:
   1. restore the scope of the finally block.
   2. save the completionTypeRegister in a savedCompletionTypeRegister.
   3. proceed to execute the body of the finally block.

   At the end of the finally block, we will emit bytecode check the
   savedCompletionTypeRegister for each completion type see emitFinallyCompletion())
   in the following order:

   a. Check for CompletionType::Normal
      ================================
      If savedCompletionTypeRegister is CompletionType::Normal, jump to the
      designated normalCompletion label.  We only need this check this finally
      block also needs to check for Break, Continue, or Return.  If not, the
      completion type check for CompletionType::Throw below will make this check
      redundant.

   b. Check for CompletionType::Break and Continue
      ============================================
      If the FinallyContext for this block has registered FinallyJumps, we'll
      check the jumpIDs against the savedCompletionTypeRegister.  If the jumpID
      matches, jump to the corresponding jumpTarget.

      If no jumpIDs match but the FinallyContext's numberOfBreaksOrContinues is
      greater than the number of registered FinallyJumps, then this means that
      we have a Break or Continue that needs to be handled by an outer finally
      block.  In that case, jump to the next outer finally block's normal entry.

   c. Check for CompletionType::Return
      ================================
      If this finally block is not the outermost and the savedCompletionTypeRegister
      is set to CompletionType::Return, then jump to the next outer finally
      block's normal entry.

      Otherwise, if this finally block is the outermost and the savedCompletionTypeRegister
      is set to CompletionType::Return, then execute op_ret and return the value
      in the completionValueRegister.

   d. CompletionType::Throw
      =====================
      If savedCompletionTypeRegister is CompletionType::Throw, then just re-throw the
      Exception object in the completionValueRegister.

   Detail 1: that we check the savedCompletionTypeRegister (and not the
   completionTypeRegister).  This is because the finally block may itself contain
   a try-finally, and this inner try-finally may have trashed the completionTypeRegister.
   Here's an example:

       try {
           return "r1"; // Sets completionTypeRegister to CompletionType::Return;
       } finally {
           // completionTypeRegister is CompletionType::Return here.

           try {
               ... // do stuff.
           } finally {
               ... // do more stuff.
           }

           // completionTypeRegister may be anything here depending on what
           // was executed in the inner try-finally block above.

           // Hence, finally completion here must be based on a saved copy of the
           // completionTypeRegister when we entered this finally block.
       }

   Detail 2: the finally completion for CompletionType::Throw must always explicitly
   check if the savedCompletionTypeRegister is CompletionType::Throw before throwing.
   We cannot imply that it is so from the Throw case being last.  Here's why:

       // completionTypeRegister is CompletionType::Normal here.
       try {
           return "r1"; // Sets completionTypeRegister to CompletionType::Return;
       } finally {
           // completionTypeRegister is CompletionType::Return here.

           try {
               ... // do stuff.  No abrupt completions.
           } finally {
               // completionTypeRegister is CompletionType::Return here (from the outer try-finally).
               // savedCompletionTypeRegister is set to completionTypeRegister (i.e. CompletionType::Return) here.

               ... // do more stuff.  No abrupt completions.

               // Unless there's an abrupt completion since entering the outer
               // finally block, the savedCompletionTypeRegister will remain set
               // to CompletionType::Return.  If we don't explicitly check if the
               // savedCompletionTypeRegister is CompletionType::Throw before
               // throwing here, we'll end up erroneously throwing "r1".
           }

           ...
       }

6. restoreScopeRegister()

   Since the needed scope objects are always stored in a local, we can restore
   the scope register by simply moving from that local instead of going through
   op_get_parent_scope.

7. m_controlFlowScopeStack needs to be a SegmentedVector instead of a Vector.
   This makes it easier to keep a pointer to the FinallyContext on that stack,
   and not have to worry about the vector being realloc'ed due to resizing.

Performance appears to be neutral both on ES6SampleBench (run via cli) and the
JSC benchmarks.

Relevant spec references:
https://tc39.github.io/ecma262/#sec-completion-record-specification-type
https://tc39.github.io/ecma262/#sec-try-statement-runtime-semantics-evaluation

* bytecode/HandlerInfo.h:
(JSC::HandlerInfoBase::typeName):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitReturn):
(JSC::BytecodeGenerator::pushFinallyControlFlowScope):
(JSC::BytecodeGenerator::popFinallyControlFlowScope):
(JSC::BytecodeGenerator::allocateAndEmitScope):
(JSC::BytecodeGenerator::pushTry):
(JSC::BytecodeGenerator::popTry):
(JSC::BytecodeGenerator::emitCatch):
(JSC::BytecodeGenerator::restoreScopeRegister):
(JSC::BytecodeGenerator::labelScopeDepthToLexicalScopeIndex):
(JSC::BytecodeGenerator::labelScopeDepth):
(JSC::BytecodeGenerator::pushLocalControlFlowScope):
(JSC::BytecodeGenerator::popLocalControlFlowScope):
(JSC::BytecodeGenerator::emitEnumeration):
(JSC::BytecodeGenerator::emitIsNumber):
(JSC::BytecodeGenerator::emitYield):
(JSC::BytecodeGenerator::emitDelegateYield):
(JSC::BytecodeGenerator::emitJumpViaFinallyIfNeeded):
(JSC::BytecodeGenerator::emitReturnViaFinallyIfNeeded):
(JSC::BytecodeGenerator::emitFinallyCompletion):
(JSC::BytecodeGenerator::allocateCompletionRecordRegisters):
(JSC::BytecodeGenerator::releaseCompletionRecordRegisters):
(JSC::BytecodeGenerator::emitJumpIf):
(JSC::BytecodeGenerator::pushIteratorCloseControlFlowScope): Deleted.
(JSC::BytecodeGenerator::popIteratorCloseControlFlowScope): Deleted.
(JSC::BytecodeGenerator::emitComplexPopScopes): Deleted.
(JSC::BytecodeGenerator::emitPopScopes): Deleted.
(JSC::BytecodeGenerator::popTryAndEmitCatch): Deleted.
* bytecompiler/BytecodeGenerator.h:
(JSC::bytecodeOffsetToJumpID):
(JSC::FinallyJump::FinallyJump):
(JSC::FinallyContext::FinallyContext):
(JSC::FinallyContext::outerContext):
(JSC::FinallyContext::finallyLabel):
(JSC::FinallyContext::depth):
(JSC::FinallyContext::numberOfBreaksOrContinues):
(JSC::FinallyContext::incNumberOfBreaksOrContinues):
(JSC::FinallyContext::handlesReturns):
(JSC::FinallyContext::setHandlesReturns):
(JSC::FinallyContext::registerJump):
(JSC::FinallyContext::numberOfJumps):
(JSC::FinallyContext::jumps):
(JSC::ControlFlowScope::ControlFlowScope):
(JSC::ControlFlowScope::isLabelScope):
(JSC::ControlFlowScope::isFinallyScope):
(JSC::BytecodeGenerator::currentLexicalScopeIndex):
(JSC::BytecodeGenerator::CompletionRecordScope::CompletionRecordScope):
(JSC::BytecodeGenerator::CompletionRecordScope::~CompletionRecordScope):
(JSC::BytecodeGenerator::completionTypeRegister):
(JSC::BytecodeGenerator::completionValueRegister):
(JSC::BytecodeGenerator::emitSetCompletionType):
(JSC::BytecodeGenerator::emitSetCompletionValue):
(JSC::BytecodeGenerator::isInFinallyBlock): Deleted.
* bytecompiler/NodesCodegen.cpp:
(JSC::ContinueNode::emitBytecode):
(JSC::BreakNode::emitBytecode):
(JSC::ReturnNode::emitBytecode):
(JSC::TryNode::emitBytecode):

Source/WTF:

Added some methods to bring SegmentedVector closer to parity with Vector.

* wtf/SegmentedVector.h:
(WTF::SegmentedVector::first):
(WTF::SegmentedVector::last):
(WTF::SegmentedVector::takeLast):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210116 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Make the spec-tests/address.wast.js test pass
sbarati@apple.com [Thu, 22 Dec 2016 22:40:39 +0000 (22:40 +0000)]
WebAssembly: Make the spec-tests/address.wast.js test pass
https://bugs.webkit.org/show_bug.cgi?id=166429
<rdar://problem/29793220>

Reviewed by Keith Miller.

JSTests:

* wasm.yaml:

Source/JavaScriptCore:

Right now, provably out of bound loads/stores (given a load/store's constant
offset) are not a validation error. However, we were failing to catch uint32_t
overflows in release builds (we did have a debug assertion). To fix this,
I now detect when uint32_t addition will overflow, and instead of emitting
a normal load/store, I emit code that throws an out of bounds memory exception.

* wasm/WasmB3IRGenerator.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210115 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Silence the output of the spec-tests
sbarati@apple.com [Thu, 22 Dec 2016 22:29:27 +0000 (22:29 +0000)]
WebAssembly: Silence the output of the spec-tests
https://bugs.webkit.org/show_bug.cgi?id=166417

Reviewed by Mark Lam.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210114 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMake http/tests/security/popup-blocked-from-{fake-event, window-open}.html actually...
dbates@webkit.org [Thu, 22 Dec 2016 22:26:37 +0000 (22:26 +0000)]
Make http/tests/security/popup-blocked-from-{fake-event, window-open}.html actually test popup
blocker; run on WebKit2
https://bugs.webkit.org/show_bug.cgi?id=166403

Reviewed by Darin Adler.

The tests http/tests/security/popup-blocked-from-{fake-event, window-open}.html inadvertently
depended on the default behavior of DumpRenderTree to ignore the ChromeClient::createWindow()
callback when asked to create a new window instead of testing that the popup blocker blocked
opening windows. We should call testRunner.setCanOpenWindows() and testRunner.setPopupBlockingEnabled(true)
from both of these tests so that DumpRenderTree respects requests to open windows and enable
the popup blocker (it is disabled by default), respectively.

The default behavior of DumpRenderTree to disallow opening windows falls out from the purpose
and implementation of testRunner.setCanOpenWindows() to support writing tests where the embedding
client ignores requests to create a new window. We do not implement such a concept in WebKitTestRunner
(see <https://bugs.webkit.org/show_bug.cgi?id=166402>).

* http/tests/security/popup-blocked-from-fake-event.html:
* http/tests/security/popup-blocked-from-window-open.html:
* platform/wk2/TestExpectations: Unskip the above tests as they now pass.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210113 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoBypass pop-up blocker from cross-origin or sandboxed frame
dbates@webkit.org [Thu, 22 Dec 2016 22:20:25 +0000 (22:20 +0000)]
Bypass pop-up blocker from cross-origin or sandboxed frame
https://bugs.webkit.org/show_bug.cgi?id=166290
<rdar://problem/29742039>

Reviewed by Darin Adler.

Source/WebCore:

Tests: fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame.html
       fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame2.html
       fast/events/popup-blocked-from-unique-frame-via-window-open-named-sibling-frame.html

* page/DOMWindow.cpp:
(WebCore::DOMWindow::open): Use FrameLoader::findFrameForNavigation() to find the
target frame to navigate with respect to the active document just as we do in WebCore::createWindow().

LayoutTests:

* fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame-expected.txt: Added.
* fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame.html: Added.
* fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame2-expected.txt: Added.
* fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame2.html: Added.
* fast/events/popup-blocked-from-unique-frame-via-window-open-named-sibling-frame-expected.txt: Added.
* fast/events/popup-blocked-from-unique-frame-via-window-open-named-sibling-frame.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210112 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: The validator should not allow unused stack entries at the end of a...
keith_miller@apple.com [Thu, 22 Dec 2016 22:19:42 +0000 (22:19 +0000)]
WebAssembly: The validator should not allow unused stack entries at the end of a block
https://bugs.webkit.org/show_bug.cgi?id=166411

Reviewed by Saam Barati.

JSTests:

Test cleanup and enable new passing tests.

* wasm.yaml:
* wasm/function-tests/br-if-as-return.js:

Source/JavaScriptCore:

This patch also cleans up some of the verbose mode logging.

* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::dumpExpressionStack):
(JSC::Wasm::B3IRGenerator::dump):
* wasm/WasmFunctionParser.h:
* wasm/WasmValidate.cpp:
(JSC::Wasm::dumpExpressionStack):
(JSC::Wasm::Validate::dump):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210111 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWeb Inspector: Styles sidebar: Uncommenting CSS rules of pseudo-elements doesn't...
nvasilyev@apple.com [Thu, 22 Dec 2016 21:56:50 +0000 (21:56 +0000)]
Web Inspector: Styles sidebar: Uncommenting CSS rules of pseudo-elements doesn't work
https://bugs.webkit.org/show_bug.cgi?id=165831
<rdar://problem/29652688>

Reviewed by Matt Baker.

* UserInterface/Views/CSSStyleDeclarationTextEditor.js:
(WebInspector.CSSStyleDeclarationTextEditor.prototype.uncommentAllProperties):
Call _resetContent() when toggling all properties to ensure properties have text markers.

(WebInspector.CSSStyleDeclarationTextEditor.prototype._propertyCommentCheckboxChanged):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._uncommentProperty): Added.
This method is the opposite of _commentProperty. Introduce it to minimize code duplication.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210110 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMake WebCore::EditorInsertAction an enum class
aestes@apple.com [Thu, 22 Dec 2016 21:10:26 +0000 (21:10 +0000)]
Make WebCore::EditorInsertAction an enum class
https://bugs.webkit.org/show_bug.cgi?id=166424

Reviewed by Brent Fulgham.

Source/WebCore:

* editing/AlternativeTextController.cpp:
(WebCore::AlternativeTextController::applyDictationAlternative):
* editing/Editor.cpp:
(WebCore::Editor::pasteAsPlainTextWithPasteboard):
(WebCore::Editor::shouldInsertText):
(WebCore::Editor::insertTextWithoutSendingTextEvent):
(WebCore::Editor::insertLineBreak):
(WebCore::Editor::insertParagraphSeparator):
(WebCore::Editor::markMisspellingsAfterTypingToWord):
(WebCore::Editor::markAndReplaceFor):
(WebCore::Editor::changeBackToReplacedString):
(WebCore::Editor::transpose):
(WebCore::Editor::handleAcceptedCandidate):
* editing/EditorInsertAction.h:
(): Deleted.
* editing/gtk/EditorGtk.cpp:
(WebCore::Editor::pasteWithPasteboard):
* editing/ios/EditorIOS.mm:
(WebCore::Editor::pasteWithPasteboard):
(WebCore::Editor::replaceSelectionWithAttributedString):
* editing/mac/EditorMac.mm:
(WebCore::Editor::pasteWithPasteboard):
(WebCore::Editor::replaceNodeFromPasteboard):
(WebCore::Editor::replaceSelectionWithAttributedString):
* editing/win/EditorWin.cpp:
(WebCore::Editor::pasteWithPasteboard):
* page/ContextMenuController.cpp:
(WebCore::insertUnicodeCharacter):
(WebCore::ContextMenuController::contextMenuItemSelected):
* page/DragController.cpp:
(WebCore::DragController::concludeEditDrag):

Source/WebKit/mac:

* WebCoreSupport/WebEditorClient.mm:
(kit):

Source/WebKit/win:

* WebCoreSupport/WebEditorClient.cpp:
(kit):
(WebEditorClient::shouldInsertNode):
(WebEditorClient::shouldInsertText):

Source/WebKit2:

* WebProcess/InjectedBundle/API/c/WKBundleAPICast.h:
(WebKit::toAPI):
* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
(toWK):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210109 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoOnly include those parts of AVFoundation.framework which are strictly needed.
jer.noble@apple.com [Thu, 22 Dec 2016 20:31:55 +0000 (20:31 +0000)]
Only include those parts of AVFoundation.framework which are strictly needed.
https://bugs.webkit.org/show_bug.cgi?id=166423

Reviewed by Eric Carlson.

* Modules/plugins/QuickTimePluginReplacement.mm:
* platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
* platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.mm:
* platform/graphics/avfoundation/objc/InbandTextTrackPrivateLegacyAVFObjC.mm:
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
* platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
* platform/mac/SerializedPlatformRepresentationMac.mm:
* platform/mac/WebPlaybackSessionInterfaceMac.mm:
* platform/mac/WebVideoFullscreenController.mm:
* platform/mediastream/mac/AVAudioCaptureSource.mm:
* platform/mediastream/mac/AVCaptureDeviceManager.mm:
* platform/mediastream/mac/AVMediaCaptureSource.mm:
* platform/mediastream/mac/AVVideoCaptureSource.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210105 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoNULL-deref CRASH in WebCore::PlatformMediaSession::mediaType
jer.noble@apple.com [Thu, 22 Dec 2016 20:07:18 +0000 (20:07 +0000)]
NULL-deref CRASH in WebCore::PlatformMediaSession::mediaType
https://bugs.webkit.org/show_bug.cgi?id=166407

Reviewed by Darin Adler.

In r207688, we added a facility in PlatformMediaSessionManager for safely walking through a
list of PlatformMediaSessions by replacing entries of deleted sessions with nullptr. We now
need to use those new iteration falicities in MediaSessionManageriOS.

In addition to the existing iterators, add one which takes a predicate, and returns the first
session which matches the predicate, or nullptr, if none do.

* platform/audio/PlatformMediaSessionManager.cpp:
(WebCore::PlatformMediaSessionManager::findSession):
(WebCore::PlatformMediaSessionManager::anyOfSessions):
* platform/audio/PlatformMediaSessionManager.h:
(WebCore::PlatformMediaSessionManager::sessions): Deleted.
* platform/audio/ios/MediaSessionManagerIOS.mm:
(WebCore::MediaSessionManageriOS::configureWireLessTargetMonitoring):
(WebCore::MediaSessionManageriOS::nowPlayingEligibleSession):
(WebCore::MediaSessionManageriOS::externalOutputDeviceAvailableDidChange):
(WebCore::MediaSessionManageriOS::applicationDidEnterBackground):
(WebCore::MediaSessionManageriOS::applicationWillEnterForeground):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210104 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoSource/WebKit2:
commit-queue@webkit.org [Thu, 22 Dec 2016 19:49:37 +0000 (19:49 +0000)]
Source/WebKit2:
[Cocoa] SPI for setloadsImagesAutomatically
https://bugs.webkit.org/show_bug.cgi?id=166401

Patch by Zhuo Li <zachli@apple.com> on 2016-12-22
Reviewed by Darin Adler.

* UIProcess/API/Cocoa/WKPreferences.mm: Call the C API under the hood.
(-[WKPreferences _loadsImagesAutomatically]):
(-[WKPreferences _setLoadsImagesAutomatically:]):

* UIProcess/API/Cocoa/WKPreferencesPrivate.h:
Add `_loadsImagesAutomatically` property.

Tools:
[Cocoa] SPI for setloadsImagesAutomatically.
https://bugs.webkit.org/show_bug.cgi?id=166401.

Patch by Zhuo Li <zachli@apple.com> on 2016-12-22
Reviewed by Darin Adler.

* TestWebKitAPI/Tests/WebKit2Cocoa/Preferences.mm:
(TEST): Test the _setLoadsImagesAutomatically SPI. By default,
_loadsImagesAutomatically returns YES.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210103 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Make the spec-tests/start.wast.js test pass
sbarati@apple.com [Thu, 22 Dec 2016 18:31:04 +0000 (18:31 +0000)]
WebAssembly: Make the spec-tests/start.wast.js test pass
https://bugs.webkit.org/show_bug.cgi?id=166416
<rdar://problem/29784532>

Reviewed by Yusuke Suzuki.

JSTests:

* wasm.yaml:

Source/JavaScriptCore:

To make the test run, I had to fix two bugs:

1. We weren't properly finding the start function. There was code
that would try to find the start function from the list of *exported*
functions. This is wrong; the start function is an index into the
function index space, which is the space for *imports* and *local*
functions. So the code was just wrong in this respect, and I've
fixed it do the right thing. We weren't sure if this was originally
allowed or not in the spec, but it has been decided that it is allowed
and the spec-tests test for it: https://github.com/WebAssembly/design/issues/896

2. We were emitting a breakpoint for Unreachable. Instead of crashing,
this opcode needs to throw an exception when executing.

* wasm/WasmB3IRGenerator.cpp:
* wasm/WasmExceptionType.h:
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):
(JSC::WebAssemblyModuleRecord::evaluate):
* wasm/js/WebAssemblyModuleRecord.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210102 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agofast/events/ios/viewport-shrink-to-fit-allows-double-tap.html is flaky/order dependent
wenson_hsieh@apple.com [Thu, 22 Dec 2016 17:37:50 +0000 (17:37 +0000)]
fast/events/ios/viewport-shrink-to-fit-allows-double-tap.html is flaky/order dependent
https://bugs.webkit.org/show_bug.cgi?id=161328
<rdar://problem/28475977>

Reviewed by Darin Adler.

Running a test that scales the viewport and listens to a didEndZooming callback (such as
viewport-shrink-to-fit-allows-double-tap.html) immediately after a test that may begin to trigger viewport
scaling as the test completes (such as viewport-device-width-at-initial-scale-fast-clicks.html) may result in
the didEndZooming callback of the latter test being fired early due to the previous test triggering a zoom
animation. Ideally, -[WKScrollView _stopScrollingAndZoomingAnimations], which is called when committing the page
load, should prevent this from happening, but from reading documentation and code inspection, this is not
intended to fire any associated delegate methods or notifications of the UIScrollView, instead deferring them
for later. Instead, what we need in this case is to clear out any started but not yet completed animations after
we finish running a test and before we load the next test.

One way to do this is to remove all animations from the WKScrollView's layer, and the layers of its children,
recursively. Doing so causes scrollViewDidEndZooming:withView:atScale: to fire at the end of the runloop if the
previous test started zooming and then finished before zooming completed. Since this happens before the next
test has a chance to run UI-side scripts, we won't end up firing this callback prematurely during the next test.

* WebKitTestRunner/ios/TestControllerIOS.mm:
(WTR::TestController::platformResetStateToConsistentValues):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210101 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMuted media element playback should not interrupt other audio playback
jer.noble@apple.com [Thu, 22 Dec 2016 17:32:38 +0000 (17:32 +0000)]
Muted media element playback should not interrupt other audio playback
https://bugs.webkit.org/show_bug.cgi?id=166347

Reviewed by Eric Carlson.

Source/WebCore:

Test: TestWebKitAPI/WebKit/ios/AudioSessionCategoryIOS.mm

* platform/audio/cocoa/MediaSessionManagerCocoa.cpp:
(PlatformMediaSessionManager::updateSessionState):

Tools:

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit/ios/AudioSessionCategoryIOS.mm:
(TestWebKitAPI::TEST):
* TestWebKitAPI/Tests/WebKit/ios/video-with-muted-audio.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210100 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoCheck for the existence of AVSampleBufferAudioRenderer.h before redeclaring AVSampleB...
jer.noble@apple.com [Thu, 22 Dec 2016 17:14:11 +0000 (17:14 +0000)]
Check for the existence of AVSampleBufferAudioRenderer.h before redeclaring AVSampleBufferAudioRenderer
https://bugs.webkit.org/show_bug.cgi?id=166421

Reviewed by Eric Carlson.

* platform/spi/mac/AVFoundationSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210099 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoAVPlayerLayer isn't available on every system
eric.carlson@apple.com [Thu, 22 Dec 2016 16:58:25 +0000 (16:58 +0000)]
AVPlayerLayer isn't available on every system
https://bugs.webkit.org/show_bug.cgi?id=166399

Reviewed by Jer Noble.

Source/WebCore:

No new tests, prevents a crash that can't be reproduced on a test system.

* platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm: Use SOFT_LINK_CLASS_OPTIONAL.

Source/WebKit2:

* WebProcess/WebPage/mac/PlatformCALayerRemoteCustom.mm: Use SOFT_LINK_CLASS_OPTIONAL.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210098 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoMediaStream: ASSERTION FAILED: m_ids.size() == m_handles.size() in MediaDeviceSandbox...
nael.ouedraogo@crf.canon.fr [Thu, 22 Dec 2016 16:41:10 +0000 (16:41 +0000)]
MediaStream: ASSERTION FAILED: m_ids.size() == m_handles.size() in MediaDeviceSandboxExtensions
https://bugs.webkit.org/show_bug.cgi?id=166328

Reviewed by Eric Carlson.

This assertion failure happens for ports with sandbox extensions disabled. SandboxExtension is empty and
HandleArray:size() always returns 0. Disable creation of MediaDevicesSandboxExtension in UserMediaProcessManager
when building without support of sandbox extension. Disable also WebPage::grantUserMediaDeviceSandboxExtensions
and WebPage::revokeUserMediaDeviceSandboxExtensions which can be avoided when sandbox extension is empty.

* UIProcess/UserMediaProcessManager.cpp:
(WebKit::UserMediaProcessManager::willCreateMediaStream):
(WebKit::UserMediaProcessManager::endedCaptureSession):
* WebProcess/WebPage/WebPage.cpp:
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210097 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[WebRTC] Add support for runtime PeeConnection setting, required after r209757
commit-queue@webkit.org [Thu, 22 Dec 2016 09:22:42 +0000 (09:22 +0000)]
[WebRTC] Add support for runtime PeeConnection setting, required after r209757
https://bugs.webkit.org/show_bug.cgi?id=166346

Patch by Alejandro G. Castro <alex@igalia.com> on 2016-12-22
Reviewed by Carlos Garcia Campos.

Source/WebKit2:

After that commit we have to enable the peerConnection runtime
flag if we want webrtc to work. We are not adding a new API for
the moment to control the peerConnection feature.

* UIProcess/API/gtk/WebKitSettings.cpp:
(webkit_settings_set_enable_media_stream): Use the mediaStream
setting to control the peerConnection

Tools:

Enable WebRTC by default to simplify testing.

* MiniBrowser/gtk/main.c:
(main):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210096 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoTileGrid revalidates tiles twice during flush, first with wrong visible rect
timothy_horton@apple.com [Thu, 22 Dec 2016 03:06:35 +0000 (03:06 +0000)]
TileGrid revalidates tiles twice during flush, first with wrong visible rect
https://bugs.webkit.org/show_bug.cgi?id=166406

Reviewed by Simon Fraser.

No new tests; existing tests cover this code, this is just a perf win,
specifically reducing the amount of layer churn during zooming.

* platform/graphics/ca/TileGrid.cpp:
(WebCore::TileGrid::setScale):
Schedule a revalidation, which will happen later in the same flush,
instead of doing it immediately. Doing it immediately is problematic,
because we're currently in the middle of a GraphicsLayer tree flush,
and don't have the complete picture of the new state yet. We're guaranteed
to get the new scale *before* the flush calls revalidateTiles.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210095 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoTileGrid creates new tiles when there are recyclable tiles about to be removed
timothy_horton@apple.com [Thu, 22 Dec 2016 03:06:05 +0000 (03:06 +0000)]
TileGrid creates new tiles when there are recyclable tiles about to be removed
https://bugs.webkit.org/show_bug.cgi?id=166408

Reviewed by Simon Fraser.

No new tests; existing tests cover this code, this is just a perf win,
specifically reducing the amount of layer churn during zooming.

* platform/graphics/ca/TileGrid.cpp:
(WebCore::TileGrid::revalidateTiles):
Remove all the tiles that will be removed first, then add new tiles.
Strictly ordering it this way means that tiles will be removed, go into
the LayerPool, then be pulled back out of the LayerPool to sit in the
newly-covered areas. Previously, we would sometimes make new layers
for newly-covered areas, and then remove unneeded but otherwise recyclable
tiles, which would then just go sit in the LayerPool (and often get
pruned, wastefully).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210094 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoREGRESSION: API test failure: WKWebView.LocalStorageClear
ap@apple.com [Thu, 22 Dec 2016 01:57:24 +0000 (01:57 +0000)]
REGRESSION: API test failure: WKWebView.LocalStorageClear
https://bugs.webkit.org/show_bug.cgi?id=166032
<rdar://problem/29758423>

Reviewed by Simon Fraser.

Add an @autoreleasepool around the code that allocates then clears the WKWebView,
to ensure that the view is destroyed before the callback fires.

* TestWebKitAPI/Tests/WebKit2Cocoa/LocalStorageClear.mm:
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210093 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years ago[MediaStream] Update media-stream-event-constructor test
eric.carlson@apple.com [Thu, 22 Dec 2016 01:41:51 +0000 (01:41 +0000)]
[MediaStream] Update media-stream-event-constructor test
https://bugs.webkit.org/show_bug.cgi?id=166398

Reviewed by Jer Noble.

Source/WebCore:

No new tests, updated existing test.

* Modules/mediastream/MediaStreamEvent.idl: Mark eventInitDict as optional.

LayoutTests:

Update and rebaseline test to reflect behavior changes that happened while the test was
skipped. Un-skip it on macOS.

* fast/events/constructors/media-stream-event-constructor-expected.txt:
* fast/events/constructors/media-stream-event-constructor.html:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210092 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3 years agoWebAssembly: Fix decode floating point constants in unreachable code
keith_miller@apple.com [Thu, 22 Dec 2016 01:26:09 +0000 (01:26 +0000)]
WebAssembly: Fix decode floating point constants in unreachable code
https://bugs.webkit.org/show_bug.cgi?id=166400

Reviewed by Saam Barati.

JSTests:

* wasm.yaml:

Source/JavaScriptCore:

We decoded these as variable length but they should be fixed length.

* wasm/WasmFunctionParser.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@210091 268f45cc-cd09-0410-ab3c-d52691b4dbfc