WebKit-https.git
5 years agoForward additional CFNetwork ATS information to child processes
oliver@apple.com [Fri, 27 Mar 2015 19:04:28 +0000 (19:04 +0000)]
Forward additional CFNetwork ATS information to child processes
https://bugs.webkit.org/show_bug.cgi?id=143136

Reviewed by Anders Carlsson.

Source/WebCore:

Declare SPI.

* platform/spi/cf/CFNetworkSPI.h:

Source/WebKit2:

Add additional process creation parameter information, and pass it
to the child processes that actually use CFNetwork.

* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):
* Shared/Network/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode):
(WebKit::NetworkProcessCreationParameters::decode):
* Shared/Network/NetworkProcessCreationParameters.h:
* Shared/Plugins/PluginProcessCreationParameters.cpp:
(WebKit::PluginProcessCreationParameters::encode):
(WebKit::PluginProcessCreationParameters::decode):
* Shared/Plugins/PluginProcessCreationParameters.h:
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess):
(WebKit::WebProcessPool::platformInitializeNetworkProcess):
* UIProcess/Plugins/mac/PluginProcessProxyMac.mm:
(WebKit::PluginProcessProxy::platformInitializePluginProcess):
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182073 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoGardening: skipping inspector-protocol/debugger/setBreakpoint-dfg-and-modify-local...
mark.lam@apple.com [Fri, 27 Mar 2015 19:04:04 +0000 (19:04 +0000)]
Gardening: skipping inspector-protocol/debugger/setBreakpoint-dfg-and-modify-local.html until crash is fixed.
<https://webkit.org/b/143105>

Not reviewed.

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182072 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[WK2][NetworkCache] We only cache responses with status codes that are cacheable...
cdumez@apple.com [Fri, 27 Mar 2015 18:24:39 +0000 (18:24 +0000)]
[WK2][NetworkCache] We only cache responses with status codes that are cacheable by default
https://bugs.webkit.org/show_bug.cgi?id=143125
<rdar://problem/20321172>

Reviewed by Antti Koivisto.

Source/WebCore:

Export a couple of extra symbols.

* platform/network/ResourceResponseBase.h:

Source/WebKit2:

We Previously only cached responses with status codes that are cacheable
by default [1]. However, RFC 7234 [2] allows us to cache responses with
other status codes, as long as they have explicit headers allowing
caching:
- 'Expires' header field
- 'max-age' response directive

This patch updates our caching policy accordingly to improve efficiency.

[1] http://tools.ietf.org/html/rfc7231#page-48
[2] http://tools.ietf.org/html/rfc7234#section-4.3.2

Test: http/tests/cache/disk-cache/disk-cache-307-status-code.html

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::canStore):

LayoutTests:

Add layout test to check that responses with status code 307 (which is not
cacheable by default) are cached if they have explicit expiration headers.

Also update a couple of other disk cache tests to cover heuristic
freshness (http://tools.ietf.org/html/rfc7234#section-4.2.2), relying on
'Last-Modified' header to estimate freshness if usual expiration headers
are not available.

* http/tests/cache/disk-cache/disk-cache-204-status-code-expected.txt:
* http/tests/cache/disk-cache/disk-cache-204-status-code.html:
* http/tests/cache/disk-cache/disk-cache-307-status-code-expected.txt: Added.
* http/tests/cache/disk-cache/disk-cache-307-status-code.html: Added.
* http/tests/cache/disk-cache/disk-cache-404-status-code-expected.txt:
* http/tests/cache/disk-cache/disk-cache-404-status-code.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182071 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed gardening.
ossy@webkit.org [Fri, 27 Mar 2015 18:00:05 +0000 (18:00 +0000)]
Unreviewed gardening.

* js/script-tests/array-length-shortening.js: Unskip, r182058 fixed it.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182070 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoHTMLMediaElement will fire 'seeked' before seek completes, leading to currentTime...
jer.noble@apple.com [Fri, 27 Mar 2015 17:30:38 +0000 (17:30 +0000)]
HTMLMediaElement will fire 'seeked' before seek completes, leading to currentTime discontinuities.
https://bugs.webkit.org/show_bug.cgi?id=143132

Reviewed by Eric Carlson.

When seeking, if the ready state rises to >= HAVE_CURRENT_DATA, we will fire the 'seeked'
event and continue playback. However, if a media engine updates the ready state before its
seek operation actually completes, the currentTime it returns may still be the time before
the seek.

Wait until both the ready state rises to HAVE_CURRENT_DATA and m_player->seeking() returns
false before firing the 'seeked' event.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::parseAttribute):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182069 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMake some more objects use FastMalloc
ggaren@apple.com [Fri, 27 Mar 2015 17:27:47 +0000 (17:27 +0000)]
Make some more objects use FastMalloc
https://bugs.webkit.org/show_bug.cgi?id=143122

Reviewed by Csaba Osztrogonác.

Source/JavaScriptCore:

* API/JSCallbackObject.h:
* heap/IncrementalSweeper.h:
* jit/JITThunks.h:
* runtime/JSGlobalObjectDebuggable.h:
* runtime/RegExpCache.h:

Source/WebCore:

* Modules/geolocation/GeolocationController.h:
* Modules/geolocation/NavigatorGeolocation.h:
* Modules/indexeddb/DOMWindowIndexedDatabase.h:
* Modules/notifications/NotificationController.h:
* Modules/webdatabase/DatabaseServer.h:
* css/CSSFontFaceSource.h:
* html/HTMLMediaSession.h:
* inspector/InspectorIndexedDBAgent.h:
* inspector/InspectorReplayAgent.h:
* page/CaptionUserPreferencesMediaAF.h:
* page/PageConsoleClient.h:
* page/PageDebuggable.h:
* page/animation/CSSPropertyAnimation.cpp:
* page/mac/ServicesOverlayController.h:
* platform/RemoteCommandListener.h:
* platform/Timer.h:
* platform/audio/MediaSessionManager.h:
* platform/mac/SystemSleepListenerMac.h:
* platform/mac/ThemeMac.h:
* rendering/svg/RenderSVGResourceSolidColor.h:
* replay/ReplayController.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182068 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFEMorphology::platformApplyGeneric() should bail out if the radius is less than or...
commit-queue@webkit.org [Fri, 27 Mar 2015 17:02:46 +0000 (17:02 +0000)]
FEMorphology::platformApplyGeneric() should bail out if the radius is less than or equal to zero.
https://bugs.webkit.org/show_bug.cgi?id=142885.

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2015-03-27
Reviewed by Dean Jackson.

Source/WebCore:

FEMorphology class implementation code clean up.

Tests: svg/filters/feMorphology-radius-cases.svg

* platform/graphics/filters/FEMorphology.cpp:
(WebCore::shouldSupersedeExtremum): Reuse code instead of repeating it and
use < and > instead of =< and >=.

(WebCore::pixelArrayIndex): Returns the array index of a pixel in an image
buffer, given: position(x, y), image width and the color channel.

(WebCore::columnExtremum): Returns the extremum of a column of pixels.

(WebCore::kernelExtremum): Returns the extremum of a filter kernel.

(WebCore::FEMorphology::platformApplyGeneric): Apply some code clean-up.
The kernel size should be equal to radius of the filter. The extra pixel
was causing the resulted image to be asymmetric in some cases.

(WebCore::FEMorphology::platformApplyDegenerate):
(WebCore::FEMorphology::platformApplySoftware): After applying scaling, we
still need to check the resulted radius is negative (overflow case) or less
than one (zero radius case) and treat these cases differently.

(WebCore::FEMorphology::morphologyOperator): Deleted.
(WebCore::FEMorphology::radiusX): Deleted.
(WebCore::FEMorphology::radiusY): Deleted.
* platform/graphics/filters/FEMorphology.h:
(WebCore::FEMorphology::morphologyOperator):
(WebCore::FEMorphology::radiusX):
(WebCore::FEMorphology::radiusY):
Move a single line functions from the source file to the header file.

LayoutTests:

* svg/filters/feMorphology-radius-cases-expected.svg: Added.
* svg/filters/feMorphology-radius-cases.svg: Added.
Test different cases for radius of the feMorphology filter. There are three
cases for the radius:
    1. radius < 0: This is an error case, the source image should not be rendered.
    2. radius = 0: This case is treated as if the filter never exists.
    3. radius > 0: If the scaled radius is > 0, the filter is applied.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182067 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix WinCairo bot.
commit-queue@webkit.org [Fri, 27 Mar 2015 16:59:24 +0000 (16:59 +0000)]
Fix WinCairo bot.
https://bugs.webkit.org/show_bug.cgi?id=143086

Patch by Alex Christensen <achristensen@webkit.org> on 2015-03-27
Reviewed by Brent Fulgham.

* Scripts/webkitdirs.pm:
(buildVisualStudioProject):
(runSvnUpdateAndResolveChangeLogs):
Use ActivePerl-friendly perl.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182065 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMove CacheValidation to platform
antti@apple.com [Fri, 27 Mar 2015 16:49:21 +0000 (16:49 +0000)]
Move CacheValidation to platform
https://bugs.webkit.org/show_bug.cgi?id=143133

Reviewed by Chris Dumez.

It deals with platform types only and is currently violating layering.

* WebCore.xcodeproj/project.pbxproj:
* loader/cache/CacheValidation.cpp: Removed.
* loader/cache/CacheValidation.h: Removed.
* platform/network/CacheValidation.cpp: Copied from Source/WebCore/loader/cache/CacheValidation.cpp.
* platform/network/CacheValidation.h: Copied from Source/WebCore/loader/cache/CacheValidation.h.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182064 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoURTBF after r182059 to fix the EFL build.
ossy@webkit.org [Fri, 27 Mar 2015 16:42:16 +0000 (16:42 +0000)]
URTBF after r182059 to fix the EFL build.

* TestWebKitAPI/CMakeLists.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182063 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, rolling out r177896.
commit-queue@webkit.org [Fri, 27 Mar 2015 16:15:39 +0000 (16:15 +0000)]
Unreviewed, rolling out r177896.
https://bugs.webkit.org/show_bug.cgi?id=142978

Loading libgstclutter.so in-process hangs web process
(Requested by mcatanzaro on #webkit).

Reverted changeset:

"[GStreamer] Disable gst-plugin-scanner if seccomp filters are
enabled"
https://bugs.webkit.org/show_bug.cgi?id=140069
http://trac.webkit.org/changeset/177896

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182062 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRespect cache-control directives in request
antti@apple.com [Fri, 27 Mar 2015 15:13:02 +0000 (15:13 +0000)]
Respect cache-control directives in request
https://bugs.webkit.org/show_bug.cgi?id=143121
Source/WebCore:

rdar://problem/19714040

Reviewed by Chris Dumez.

Test: http/tests/cache/disk-cache/disk-cache-request-headers.html

* loader/cache/CacheValidation.cpp:
(WebCore::isCacheHeaderSeparator):
(WebCore::isControlCharacter):
(WebCore::trimToNextSeparator):
(WebCore::parseCacheHeader):
(WebCore::parseCacheControlDirectives):

    Factor Cache-control parsing here so it can be used for both requests and responses.

* loader/cache/CacheValidation.h:
* platform/network/ResourceRequestBase.h:
* platform/network/ResourceResponseBase.cpp:
(WebCore::ResourceResponseBase::ResourceResponseBase):
(WebCore::ResourceResponseBase::parseCacheControlDirectives):
(WebCore::ResourceResponseBase::cacheControlContainsNoCache):
(WebCore::ResourceResponseBase::cacheControlContainsNoStore):
(WebCore::ResourceResponseBase::cacheControlContainsMustRevalidate):
(WebCore::ResourceResponseBase::cacheControlMaxAge):
(WebCore::isCacheHeaderSeparator): Deleted.
(WebCore::isControlCharacter): Deleted.
(WebCore::trimToNextSeparator): Deleted.
(WebCore::parseCacheHeader): Deleted.
* platform/network/ResourceResponseBase.h:

Source/WebKit2:

rdar://problem/19714040

Reviewed by Chris Dumez.

Better support for https://tools.ietf.org/html/rfc7234#section-5.2.1

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::canUse):

    Consider requests with Cache-control: no-cache and max-age=0 expired.

(WebKit::NetworkCache::canStore):

    Don't store requests with Cache-control: no-store.

(WebKit::NetworkCache::Cache::store):
* NetworkProcess/cache/NetworkCache.h:
* NetworkProcess/cache/NetworkCacheStatisticsCocoa.mm:
(WebKit::NetworkCache::storeDecisionToDiagnosticKey):

LayoutTests:

Reviewed by Chris Dumez.

* http/tests/cache/disk-cache/disk-cache-request-headers-expected.txt: Added.
* http/tests/cache/disk-cache/disk-cache-request-headers.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182059 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoObjects with numeric properties intermittently get a phantom 'length' property
msaboff@apple.com [Fri, 27 Mar 2015 14:28:34 +0000 (14:28 +0000)]
Objects with numeric properties intermittently get a phantom 'length' property
https://bugs.webkit.org/show_bug.cgi?id=142792

Reviewed by Csaba Osztrogonác.

Source/JavaScriptCore:

Fixed a > (greater than) that should be a >> (right shift) in the code that disassembles
test and branch instructions.  This function is used for linking tbz/tbnz branches between
two seperately JIT'ed sections of code.  Sometime we'd create a bogus tbz instruction in
the failure case checks in the GetById array length stub created for "obj.length" access.
If the failure case code address was at a negative offset from the stub, we'd look for bit 1
being set when we should have been looking for bit 0.

* assembler/ARM64Assembler.h:
(JSC::ARM64Assembler::disassembleTestAndBranchImmediate):

LayoutTests:

New regression test.

* js/regress-142792-expected.txt: Added.
* js/regress-142792.html: Added.
* js/script-tests/regress-142792.js: Added.
(isArrayLike):
(filter):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182058 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoInsert exception check around toPropertyKey call
utatane.tea@gmail.com [Fri, 27 Mar 2015 11:08:49 +0000 (11:08 +0000)]
Insert exception check around toPropertyKey call
https://bugs.webkit.org/show_bug.cgi?id=142922

Reviewed by Geoffrey Garen.

In some places, exception check is missing after/before toPropertyKey.
However, since it calls toString, it's observable to users,

Missing exception checks in Object.prototype methods can be
observed since it would be overridden with toObject(null/undefined) errors.
We inserted exception checks after toPropertyKey.

Missing exception checks in GetById related code can be
observed since it would be overridden with toObject(null/undefined) errors.
In this case, we need to insert exception checks before/after toPropertyKey
since RequireObjectCoercible followed by toPropertyKey can cause exceptions.

JSValue::get checks null/undefined and raise an exception if |this| is null or undefined.
However, we need to check whether the baseValue is object coercible before executing JSValue::toPropertyKey.
According to the spec, we first perform RequireObjectCoercible and check the exception.
And second, we perform ToPropertyKey and check the exception.
Since JSValue::toPropertyKey can cause toString call, this is observable to users.
For example, if the target is not object coercible,
ToPropertyKey should not be executed, and toString should not be executed by ToPropertyKey.
So the order of observable actions (RequireObjectCoercible and ToPropertyKey) should be correct to the spec.

This patch introduces JSValue::requireObjectCoercible and use it because of the following 2 reasons.

1. Using toObject instead of requireObjectCoercible produces unnecessary wrapper object.

toObject converts primitive types into wrapper objects.
But it is not efficient since wrapper objects are not necessary
if we look up methods from primitive values's prototype. (using synthesizePrototype is better).

2. Using the result of toObject is not correct to the spec.

To align to the spec correctly, we cannot use JSObject::get
by using the wrapper object produced by the toObject suggested in (1).
If we use JSObject that is converted by toObject, getter will be called by using this JSObject as |this|.
It is not correct since getter should be called with the original |this| value that may be primitive types.

So in this patch, we use JSValue::requireObjectCoercible
to check the target is object coercible and raise an error if it's not.

* dfg/DFGOperations.cpp:
* jit/JITOperations.cpp:
(JSC::getByVal):
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::getByVal):
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/JSCJSValue.h:
* runtime/JSCJSValueInlines.h:
(JSC::JSValue::requireObjectCoercible):
* runtime/ObjectPrototype.cpp:
(JSC::objectProtoFuncHasOwnProperty):
(JSC::objectProtoFuncDefineGetter):
(JSC::objectProtoFuncDefineSetter):
(JSC::objectProtoFuncLookupGetter):
(JSC::objectProtoFuncLookupSetter):
(JSC::objectProtoFuncPropertyIsEnumerable):
* tests/stress/exception-in-to-property-key-should-be-handled-early-in-object-methods.js: Added.
(shouldThrow):
(if):
* tests/stress/exception-in-to-property-key-should-be-handled-early.js: Added.
(shouldThrow):
(.):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182057 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[GStreamer] share GL context in pipeline, part 2
vjaquez@igalia.com [Fri, 27 Mar 2015 10:31:00 +0000 (10:31 +0000)]
[GStreamer] share GL context in pipeline, part 2
https://bugs.webkit.org/show_bug.cgi?id=143049

Reviewed by Carlos Garcia Campos.

.:

* Source/cmake/OptionsGTK.cmake: USE_GSTREAMER_GL is set only if
OpenGL/ES2 is found and GLX/EGL is found too.

Source/WebCore:

This patch, instead of cluttering the GstGL attributes creation in
::handleSyncMessage(), creates a new method ::ensureGstGLContext(),
where those attributes are defined. This method is guarded by
USE(GSTREAMER_GL)

::handlSyncMessage() shall return nothing, according to GStreamer
documentation, not a boolean.

The GstGL attributes are now GRefPtr<> to avoid memory leaks.

The GstGLAPI and GstGLPlatform are now set given by the pre-processor
directives, and the code in ::ensureGstGLContext() is simpler.

No new tests because this is platform specific and it depends in the
run-time availability and configurations of GstGL elements.

* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
Don't initialise the GstGL attributes since are GRefPtr<>
(WebCore::MediaPlayerPrivateGStreamer::handleSyncMessage): Changed the
signature to use void instead of gboolean.
(WebCore::MediaPlayerPrivateGStreamer::ensureGstGLContext): New method.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Convert more misc View classes to ES6
timothy@apple.com [Fri, 27 Mar 2015 07:26:35 +0000 (07:26 +0000)]
Web Inspector: Convert more misc View classes to ES6
https://bugs.webkit.org/show_bug.cgi?id=143128

Reviewed by Joseph Pecoraro.

* UserInterface/Views/CompletionSuggestionsView.js:
* UserInterface/Views/ComputedStyleDetailsPanel.js:
* UserInterface/Views/DashboardContainerView.js:
* UserInterface/Views/DashboardView.js:
* UserInterface/Views/DebuggerDashboardView.js:
* UserInterface/Views/DefaultDashboardView.js:
* UserInterface/Views/FilterBarButton.js:
* UserInterface/Views/MetricsStyleDetailsPanel.js:
* UserInterface/Views/ObjectPreviewView.js:
* UserInterface/Views/ObjectTreeView.js:
* UserInterface/Views/QuickConsole.js:
* UserInterface/Views/ReplayDashboardView.js:
* UserInterface/Views/RulesStyleDetailsPanel.js:
* UserInterface/Views/StyleDetailsPanel.js:
Converted to ES6 classes.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182055 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Convert TextEditor classes to ES6
timothy@apple.com [Fri, 27 Mar 2015 07:26:27 +0000 (07:26 +0000)]
Web Inspector: Convert TextEditor classes to ES6
https://bugs.webkit.org/show_bug.cgi?id=143127

Reviewed by Joseph Pecoraro.

* UserInterface/Views/CSSStyleDeclarationTextEditor.js:
Removed a comment about const, we can't use it in strict mode / classes.

* UserInterface/Views/SourceCodeTextEditor.js:
* UserInterface/Views/TextEditor.js:
Converted to ES6 classes.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182054 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: clicking on console record while REPL is focused does not select a...
nvasilyev@apple.com [Fri, 27 Mar 2015 06:48:10 +0000 (06:48 +0000)]
Web Inspector: clicking on console record while REPL is focused does not select a new record
https://bugs.webkit.org/show_bug.cgi?id=142171

Reviewed by Timothy Hatcher.

* UserInterface/Views/LogContentView.js:
(WebInspector.LogContentView.prototype._mousedown):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182053 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoOptimized Fullscreen fails to cleanup because of no longer necessary release of m_pla...
commit-queue@webkit.org [Fri, 27 Mar 2015 06:36:48 +0000 (06:36 +0000)]
Optimized Fullscreen fails to cleanup because of no longer necessary release of m_playerController in exitFullscreen()
https://bugs.webkit.org/show_bug.cgi?id=143120

Patch by Jeremy Jones <jeremyj@apple.com> on 2015-03-26
Reviewed by Eric Carlson.

We used to release m_playerController in WebVideoFullscreenInterfaceAVKit::exitFullscreen() in order to make sure
media state was reset. This is no longer necessary as we now have a way the model can explicitly request resetting the
media state via resetMediaState(). m_playerController is already released in
WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal(). Releasing it prematurely can actually prevent the exit
fullscreen process from completing successfully.

* platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
(WebVideoFullscreenInterfaceAVKit::exitFullscreen):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182052 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoInline continuation code should not take anonymous containing wrapper granted.
zalan@apple.com [Fri, 27 Mar 2015 04:41:46 +0000 (04:41 +0000)]
Inline continuation code should not take anonymous containing wrapper granted.
https://bugs.webkit.org/show_bug.cgi?id=133312

Reviewed by Dave Hyatt.

It's wrong to assume that when RenderInline is part of an inline continuation, its containing block
is an anonymous wrapper and its sibling might be a block level renderer.
When the inline continuation is no longer needed, for example when the block level renderer that initiated the continuation
is detached from the render tree, the inline renderes still continue to form continuation.(however they no longer require
anonymous wrappers)

Source/WebCore:

Test: fast/inline/crash-when-position-property-is-changed-and-no-longer-in-continuation.html

* rendering/RenderInline.cpp:
(WebCore::updateStyleOfAnonymousBlockContinuations):
(WebCore::RenderInline::styleDidChange):

LayoutTests:

* fast/inline/crash-when-position-property-is-changed-and-no-longer-in-continuation-expected.txt: Added.
* fast/inline/crash-when-position-property-is-changed-and-no-longer-in-continuation.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182051 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWebContent Crash when instantiating class with Type Profiling enabled
joepeck@webkit.org [Fri, 27 Mar 2015 02:55:57 +0000 (02:55 +0000)]
WebContent Crash when instantiating class with Type Profiling enabled
https://bugs.webkit.org/show_bug.cgi?id=143037

Reviewed by Ryosuke Niwa.

* bytecompiler/BytecodeGenerator.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitMoveEmptyValue):
We cannot profile the type of an uninitialized empty JSValue.
Nor do we expect this to be necessary, since it is effectively
an unseen undefined value. So add a way to put the empty value
without profiling.

(JSC::BytecodeGenerator::emitMove):
Add an assert to try to catch this issue early on, and force
callers to explicitly use emitMoveEmptyValue instead.

* tests/typeProfiler/classes.js: Added.
(wrapper.Base):
(wrapper.Derived):
(wrapper):
Add test coverage both for this case and classes in general.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182050 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoiOS file upload panel menu items need icons
jhoneycutt@apple.com [Fri, 27 Mar 2015 02:24:55 +0000 (02:24 +0000)]
iOS file upload panel menu items need icons
<https://bugs.webkit.org/show_bug.cgi?id=143042>
<rdar://problem/20178678>

Reviewed by Andy Estes.

* Platform/spi/ios/UIKitSPI.h:
Declare new SPI methods _UIImageGetWebKitTakePhotoOrVideoIcon and
_UIImageGetWebKitPhotoLibraryIcon().

* UIProcess/ios/forms/WKFileUploadPanel.mm:
(photoLibraryIcon):
(cameraIcon):
If UIKit SPI exists, use it. Otherwise, return nil.

(-[WKFileUploadPanel _showDocumentPickerMenu]):
Use icons.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182049 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[GTK] Web Inspector: New Images for Console Types
agomez@igalia.com [Fri, 27 Mar 2015 01:53:07 +0000 (01:53 +0000)]
[GTK] Web Inspector: New Images for Console Types
https://bugs.webkit.org/show_bug.cgi?id=142301

Reviewed by Joseph Pecoraro.

Add more free icons and for the Web Inspector in GTK+.

* UserInterface/Images/gtk/Eye.svg: Added.
* UserInterface/Images/gtk/Frames.png: Added.
* UserInterface/Images/gtk/Frames@2x.png: Added.
* UserInterface/Images/gtk/FramesLarge.png: Added.
* UserInterface/Images/gtk/FramesLarge@2x.png: Added.
* UserInterface/Images/gtk/Reload.svg:
* UserInterface/Images/gtk/ReloadFull.svg: Added.
* UserInterface/Images/gtk/TypeBoolean.svg: Added.
* UserInterface/Images/gtk/TypeNull.svg: Added.
* UserInterface/Images/gtk/TypeNumber.svg: Added.
* UserInterface/Images/gtk/TypeObject.svg: Added.
* UserInterface/Images/gtk/TypeRegex.svg: Added.
* UserInterface/Images/gtk/TypeString.svg: Added.
* UserInterface/Images/gtk/TypeSymbol.svg: Added.
* UserInterface/Images/gtk/TypeUndefined.svg: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182048 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: ES6: Provide a better view for Classes in the console
joepeck@webkit.org [Fri, 27 Mar 2015 01:42:37 +0000 (01:42 +0000)]
Web Inspector: ES6: Provide a better view for Classes in the console
https://bugs.webkit.org/show_bug.cgi?id=142999

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

* inspector/protocol/Runtime.json:
Provide a new `subtype` enum "class". This is a subtype of `type`
"function", all other subtypes are subtypes of `object` types.
For a class, the frontend will immediately want to get the prototype
to enumerate its methods, so include the `classPrototype`.

* inspector/JSInjectedScriptHost.cpp:
(Inspector::JSInjectedScriptHost::subtype):
Denote class construction functions as "class" subtypes.

* inspector/InjectedScriptSource.js:
Handling for the new "class" type.

* bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedFunctionExecutable::isClassConstructorFunction):
* runtime/Executable.h:
(JSC::FunctionExecutable::isClassConstructorFunction):
* runtime/JSFunction.h:
* runtime/JSFunctionInlines.h:
(JSC::JSFunction::isClassConstructorFunction):
Check if this function is a class constructor function. That information
is on the UnlinkedFunctionExecutable, so plumb it through to JSFunction.

Source/WebInspectorUI:

* UserInterface/Protocol/RemoteObject.js:
(WebInspector.RemoteObject):
(WebInspector.RemoteObject.fromPrimitiveValue):
(WebInspector.RemoteObject.fromPayload):
(WebInspector.RemoteObject.prototype.get classPrototype):
(WebInspector.RemoteObject.prototype.isClass):
Update our RemoteObject model object for the new subtype
and its unique properties.

* UserInterface/Views/FormattedValue.js:
(WebInspector.FormattedValue.createElementForTypesAndValue):
(WebInspector.FormattedValue.createObjectTreeOrFormattedValueForRemoteObject):
Better handle "class", as it is a new function subtype.

* UserInterface/Views/LegacyConsoleMessageImpl.js:
(WebInspector.LegacyConsoleMessageImpl):
(WebInspector.LegacyConsoleMessageImpl.prototype._formatParameterAsObject):
Format a "class" with ObjectTreeView.

* UserInterface/Views/ObjectTreeArrayIndexTreeElement.js:
* UserInterface/Views/ObjectTreeBaseTreeElement.js:
* UserInterface/Views/ObjectTreePropertyTreeElement.css:
(.object-tree-property .getter.disabled):
(.object-tree-property .getter:not(.disabled):hover):
(.object-tree-property .getter:hover): Deleted.
* UserInterface/Views/ObjectTreePropertyTreeElement.js:
In ClassAPI mode, you cannot invoke a getter since we don't have
an instance to invoke it on. So disable interactivity with getters.

* UserInterface/Views/ObjectTreeView.js:
(WebInspector.ObjectTreeView):
Update the modes to include an API mode for instances and classes.

(WebInspector.ObjectTreeView.defaultModeForObject):
* UserInterface/Views/SourceCodeTextEditor.js:
(WebInspector.SourceCodeTextEditor.prototype._showPopoverForObject):
Simplify ObjectTree construction to automatically determine mode based
on the RemoteObject that was provided.

* Localizations/en.lproj/localizedStrings.js:
"Getter" tooltip.

LayoutTests:

* inspector/model/remote-object-expected.txt:
* inspector/model/remote-object.html:
Update the test to include coverage of the new "class" subtype of "function".

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION (r181358 and r181507): Lots of sites think that we support touch events...
timothy_horton@apple.com [Fri, 27 Mar 2015 01:02:38 +0000 (01:02 +0000)]
REGRESSION (r181358 and r181507): Lots of sites think that we support touch events on OS X
https://bugs.webkit.org/show_bug.cgi?id=142888
<rdar://problem/20227304>

Reviewed by Beth Dakin.

* dom/Document.idl:
* dom/Element.idl:
* html/HTMLBodyElement.idl:
* html/HTMLFrameSetElement.idl:
* page/DOMWindow.idl:
Re-conditionalize a lot of event listeners; sites test ("ontouchstart" in window), which
is not covered by NotEnumerable, and so r181358 and r181507 broke a bunch of sites
(apple.com, blaze.com, anything using nicescroll.js, etc.) by causing them to think
that (Mac) Safari was touch-enabled.

* fast/dom/event-handler-attributes-expected.txt:
* fast/dom/event-handler-attributes.html:
* fast/events/event-attribute-expected.txt:
* platform/win/fast/events/event-attribute-expected.txt:
Revert some changes to these tests and their results.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoOS X build fix after r182037.
enrica@apple.com [Fri, 27 Mar 2015 00:13:59 +0000 (00:13 +0000)]
OS X build fix after r182037.

Unreviewed.

* UIProcess/API/mac/WKView.mm:
(-[WKView _addFontPanelObserver]):
(-[WKView removeWindowObservers]):
(-[WKView observeValueForKeyPath:ofObject:change:context:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182045 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoiOS build fix after r182037.
enrica@apple.com [Fri, 27 Mar 2015 00:08:26 +0000 (00:08 +0000)]
iOS build fix after r182037.

Unreviewed.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _setEditable:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182044 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFunction.prototype.toString should not decompile the AST
ggaren@apple.com [Thu, 26 Mar 2015 23:41:16 +0000 (23:41 +0000)]
Function.prototype.toString should not decompile the AST
https://bugs.webkit.org/show_bug.cgi?id=142853

Reviewed by Darin Adler.

Following up on Darin's review comments.

* runtime/FunctionConstructor.cpp:
(JSC::constructFunctionSkippingEvalEnabledCheck):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182043 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Convert TreeElement classes to ES6
timothy@apple.com [Thu, 26 Mar 2015 23:38:12 +0000 (23:38 +0000)]
Web Inspector: Convert TreeElement classes to ES6
https://bugs.webkit.org/show_bug.cgi?id=143111

Reviewed by Joseph Pecoraro.

* UserInterface/Views/ApplicationCacheFrameTreeElement.js:
* UserInterface/Views/ApplicationCacheManifestTreeElement.js:
* UserInterface/Views/BreakpointTreeElement.js:
* UserInterface/Views/CallFrameTreeElement.js:
* UserInterface/Views/ContentFlowTreeElement.js:
* UserInterface/Views/CookieStorageTreeElement.js:
* UserInterface/Views/DOMStorageTreeElement.js:
* UserInterface/Views/DOMTreeElement.js:
* UserInterface/Views/DOMTreeOutline.js:
* UserInterface/Views/DatabaseHostTreeElement.js:
* UserInterface/Views/DatabaseTableTreeElement.js:
* UserInterface/Views/DatabaseTreeElement.js:
* UserInterface/Views/FolderTreeElement.js:
* UserInterface/Views/FolderizedTreeElement.js:
* UserInterface/Views/FrameTreeElement.js:
* UserInterface/Views/GeneralTreeElement.js:
* UserInterface/Views/IndexedDatabaseHostTreeElement.js:
* UserInterface/Views/IndexedDatabaseObjectStoreIndexTreeElement.js:
* UserInterface/Views/IndexedDatabaseObjectStoreTreeElement.js:
* UserInterface/Views/IndexedDatabaseTreeElement.js:
* UserInterface/Views/LegacyConsoleMessageImpl.js:
* UserInterface/Views/LogTreeElement.js:
* UserInterface/Views/NavigationSidebarPanel.js:
* UserInterface/Views/ObjectTreeArrayIndexTreeElement.js:
* UserInterface/Views/ObjectTreeBaseTreeElement.js:
* UserInterface/Views/ObjectTreeMapEntryTreeElement.js:
* UserInterface/Views/ObjectTreePropertyTreeElement.js:
* UserInterface/Views/ObjectTreeSetIndexTreeElement.js:
* UserInterface/Views/ObjectTreeView.js:
* UserInterface/Views/ProfileNodeTreeElement.js:
* UserInterface/Views/PropertiesSection.js:
* UserInterface/Views/ResourceTreeElement.js:
* UserInterface/Views/ScriptTreeElement.js:
* UserInterface/Views/SearchResultTreeElement.js:
* UserInterface/Views/SourceCodeTimelineTreeElement.js:
* UserInterface/Views/SourceCodeTreeElement.js:
* UserInterface/Views/SourceMapResourceTreeElement.js:
* UserInterface/Views/StorageTreeElement.js:
* UserInterface/Views/TimelineDataGrid.js:
* UserInterface/Views/TimelineRecordTreeElement.js:
* UserInterface/Views/TreeElementStatusButton.js:
* UserInterface/Views/TreeOutline.js:
* UserInterface/Views/TreeOutlineDataGridSynchronizer.js:
* UserInterface/Views/TypePropertiesSection.js:
Converted to ES6 classes where possible.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182042 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Convert sidebar classes to ES6
timothy@apple.com [Thu, 26 Mar 2015 23:37:55 +0000 (23:37 +0000)]
Web Inspector: Convert sidebar classes to ES6
https://bugs.webkit.org/show_bug.cgi?id=143108

Reviewed by Joseph Pecoraro.

* UserInterface/Models/KeyboardShortcut.js:
(WebInspector.KeyboardShortcut._handleKeyDown): Continue if callback is null.
(WebInspector.KeyboardShortcut.prototype.set callback): Added.

* UserInterface/Views/ApplicationCacheDetailsSidebarPanel.js:
* UserInterface/Views/CSSStyleDetailsSidebarPanel.js:
* UserInterface/Views/DOMDetailsSidebarPanel.js:
* UserInterface/Views/DOMNodeDetailsSidebarPanel.js:
* UserInterface/Views/DebuggerSidebarPanel.js:
* UserInterface/Views/DetailsSidebarPanel.js:
* UserInterface/Views/LayerTreeDetailsSidebarPanel.js:
* UserInterface/Views/NavigationSidebarPanel.js:
* UserInterface/Views/ProbeDetailsSidebarPanel.js:
* UserInterface/Views/ResourceDetailsSidebarPanel.js:
* UserInterface/Views/ResourceSidebarPanel.js:
* UserInterface/Views/ScopeChainDetailsSidebarPanel.js:
* UserInterface/Views/Sidebar.js:
* UserInterface/Views/SidebarPanel.js:
* UserInterface/Views/TimelineSidebarPanel.js:
Converted to ES6 classes.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182041 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Convert some View classes to ES6 classes
timothy@apple.com [Thu, 26 Mar 2015 23:37:45 +0000 (23:37 +0000)]
Web Inspector: Convert some View classes to ES6 classes
https://bugs.webkit.org/show_bug.cgi?id=143107

Reviewed by Joseph Pecoraro.

* UserInterface/Protocol/InspectorBackend.js:
* UserInterface/Protocol/InspectorFrontendAPI.js:
(InspectorFrontendAPI.contextMenuItemSelected): Updated to the right function path.
* UserInterface/Views/BoxModelDetailsSectionRow.js:
* UserInterface/Views/BreakpointActionView.js:
* UserInterface/Views/CodeMirrorAdditions.js:
* UserInterface/Views/ColorPicker.js:
* UserInterface/Views/ColorWheel.js:
* UserInterface/Views/ContextMenu.js:
* UserInterface/Views/DOMTreeElementPathComponent.js:
* UserInterface/Views/DetailsSection.js:
* UserInterface/Views/DetailsSectionDataGridRow.js:
* UserInterface/Views/DetailsSectionGroup.js:
* UserInterface/Views/DetailsSectionPropertiesRow.js:
* UserInterface/Views/DetailsSectionRow.js:
* UserInterface/Views/DetailsSectionSimpleRow.js:
* UserInterface/Views/DetailsSectionTextRow.js:
* UserInterface/Views/EditingSupport.js:
* UserInterface/Views/EventListenerSection.js:
* UserInterface/Views/EventListenerSectionGroup.js:
* UserInterface/Views/FilterBar.js:
* UserInterface/Views/FindBanner.js:
* UserInterface/Views/GeneralTreeElementPathComponent.js:
* UserInterface/Views/GoToLineDialog.js:
* UserInterface/Views/GradientSlider.js:
* UserInterface/Views/HierarchicalPathComponent.js:
* UserInterface/Views/HierarchicalPathNavigationItem.js:
* UserInterface/Views/HoverMenu.js:
* UserInterface/Views/Popover.js:
* UserInterface/Views/ProbeSetDetailsSection.js:
* UserInterface/Views/ResourceTimelineDataGridNodePathComponent.js:
* UserInterface/Views/SearchBar.js:
* UserInterface/Views/Slider.js:
Converted to ES6 ckasses.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182040 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Convert Base and Protocol files to ES6 classes
timothy@apple.com [Thu, 26 Mar 2015 23:37:30 +0000 (23:37 +0000)]
Web Inspector: Convert Base and Protocol files to ES6 classes
https://bugs.webkit.org/show_bug.cgi?id=143106

Reviewed by Joseph Pecoraro.

* UserInterface/Base/EventListener.js:
* UserInterface/Base/EventListenerSet.js:
* UserInterface/Protocol/ApplicationCacheObserver.js:
* UserInterface/Protocol/CSSObserver.js:
* UserInterface/Protocol/ConsoleObserver.js:
* UserInterface/Protocol/DOMObserver.js:
* UserInterface/Protocol/DOMStorageObserver.js:
* UserInterface/Protocol/DatabaseObserver.js:
* UserInterface/Protocol/DebuggerObserver.js:
* UserInterface/Protocol/InspectorBackend.js:
* UserInterface/Protocol/InspectorObserver.js:
* UserInterface/Protocol/LayerTreeObserver.js:
* UserInterface/Protocol/MessageDispatcher.js:
* UserInterface/Protocol/NetworkObserver.js:
* UserInterface/Protocol/PageObserver.js:
* UserInterface/Protocol/RemoteObject.js:
* UserInterface/Protocol/ReplayObserver.js:
* UserInterface/Protocol/RuntimeObserver.js:
* UserInterface/Protocol/TimelineObserver.js:
Converted to ES6 classes where possible.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182039 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago"lineNo" does not match WebKit coding style guidelines
ggaren@apple.com [Thu, 26 Mar 2015 23:35:47 +0000 (23:35 +0000)]
"lineNo" does not match WebKit coding style guidelines
https://bugs.webkit.org/show_bug.cgi?id=143119

Reviewed by Michael Saboff.

We can afford to use whole words.

Source/JavaScriptCore:

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::lineNumberForBytecodeOffset):
(JSC::CodeBlock::expressionRangeForBytecodeOffset):
* bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedFunctionExecutable::link):
(JSC::UnlinkedFunctionExecutable::fromGlobalCode):
* bytecode/UnlinkedCodeBlock.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::WhileNode::emitBytecode):
* debugger/Debugger.cpp:
(JSC::Debugger::toggleBreakpoint):
* interpreter/Interpreter.cpp:
(JSC::StackFrame::computeLineAndColumn):
(JSC::GetStackTraceFunctor::operator()):
(JSC::Interpreter::execute):
* interpreter/StackVisitor.cpp:
(JSC::StackVisitor::Frame::computeLineAndColumn):
* parser/Nodes.h:
(JSC::Node::firstLine):
(JSC::Node::lineNo): Deleted.
(JSC::StatementNode::firstLine): Deleted.
* parser/ParserError.h:
(JSC::ParserError::toErrorObject):
* profiler/LegacyProfiler.cpp:
(JSC::createCallIdentifierFromFunctionImp):
* runtime/CodeCache.cpp:
(JSC::CodeCache::getGlobalCodeBlock):
* runtime/Executable.cpp:
(JSC::ScriptExecutable::ScriptExecutable):
(JSC::ScriptExecutable::newCodeBlockFor):
(JSC::FunctionExecutable::fromGlobalCode):
* runtime/Executable.h:
(JSC::ScriptExecutable::firstLine):
(JSC::ScriptExecutable::setOverrideLineNumber):
(JSC::ScriptExecutable::hasOverrideLineNumber):
(JSC::ScriptExecutable::overrideLineNumber):
(JSC::ScriptExecutable::lineNo): Deleted.
(JSC::ScriptExecutable::setOverrideLineNo): Deleted.
(JSC::ScriptExecutable::hasOverrideLineNo): Deleted.
(JSC::ScriptExecutable::overrideLineNo): Deleted.
* runtime/FunctionConstructor.cpp:
(JSC::constructFunctionSkippingEvalEnabledCheck):
* runtime/FunctionConstructor.h:
* tools/CodeProfile.cpp:
(JSC::CodeProfile::report):
* tools/CodeProfile.h:
(JSC::CodeProfile::CodeProfile):

Source/WebCore:

* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::initializeJSFunction):
* bindings/js/JSMainThreadExecStateInstrumentation.h:
(WebCore::JSMainThreadExecState::instrumentFunctionCall):
* inspector/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::buildObjectForEventListener):
* testing/Internals.cpp:
(WebCore::Internals::parserMetaData):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182038 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION(r1807689): Slower startup time for WKWebView.
enrica@apple.com [Thu, 26 Mar 2015 23:24:02 +0000 (23:24 +0000)]
REGRESSION(r1807689): Slower startup time for WKWebView.
https://bugs.webkit.org/show_bug.cgi?id=143115
rdar://problem/20233711

Reviewed by Anders Carlsson.

In http://trac.webkit.org/changeset/180768 we added an observer to
track visibility of the NSFontPanel to ensure we could fetch the font
information for the current selection when the panel first becomes visible.
It turns out that adding the observer requires the shared font panel
object to be created.
That is apparently a very expensive operation that is regressing
the initialization time for the WKWebView.
We should initialize the NSFontPanel lazily, only when we make the entire
view editable.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _setEditable:]):
* UIProcess/API/mac/WKView.mm:
(-[WKView addWindowObserversForWindow:]):
(-[WKView _addFontPanelObserver]):
(-[WKView removeWindowObservers]):
(-[WKView observeValueForKeyPath:ofObject:change:context:]):
* UIProcess/API/mac/WKViewInternal.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182037 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoApply blur effect to media control background.
roger_fong@apple.com [Thu, 26 Mar 2015 23:23:57 +0000 (23:23 +0000)]
Apply blur effect to media control background.
https://bugs.webkit.org/show_bug.cgi?id=143116.
<rdar://problem/20316964>.

Reviewed by Brent Fulgham.

There are still a few issues, like the borders of the controls being blurred with black,
and the volume slider background not showing the blur effect. Will fix those separately.
Add CSS for new divs to create blur effect using back drop filters and blend modes.
* Modules/mediacontrols/mediaControlsApple.css:
(audio::-webkit-media-controls-panel):
(audio::-webkit-media-controls-panel-tint):
(audio::-webkit-media-controls-panel-background):
(audio::-webkit-media-controls-panel .volume-box):
(audio::-webkit-media-controls-volume-slider-container-background):
(audio::-webkit-media-controls-volume-slider-container-tint):
(audio::-webkit-media-controls-toggle-closed-captions-button): Adjust fill.
(audio::-webkit-media-controls-fullscreen-button): Adjust fill.
(audio::-webkit-media-controls-fullscreen-button.exit): Adjust fill.
(video:-webkit-full-screen::-webkit-media-controls-panel):
(audio:-webkit-full-screen::-webkit-media-controls-panel-tint):
(audio:-webkit-full-screen::-webkit-media-controls-panel-background):
(video:-webkit-full-screen::-webkit-media-controls-panel .volume-box):
(video:-webkit-full-screen::-webkit-media-controls-play-button):
(video:-webkit-full-screen::-webkit-media-controls-seek-back-button):
(video:-webkit-full-screen::-webkit-media-controls-seek-forward-button):
(video:-webkit-full-screen::-webkit-media-controls-timeline-container):
(video:-webkit-full-screen::-webkit-media-controls-status-display):
(audio::-webkit-media-controls-panel .volume-box:active): Deleted.
* Modules/mediacontrols/mediaControlsApple.js:
(Controller.prototype.createControls):
(Controller.prototype.configureInlineControls): Add new divs for blurred background effect.
(Controller.prototype.configureFullScreenControls): Ditto.
(Controller.prototype.handlePanelMouseDown): The tint div is now in front.
(Controller.prototype.drawTimelineBackground): Adjust colors to make border look better with new background.
(Controller.prototype.drawVolumeBackground): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182036 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAssertion firing in JavaScriptCore/parser/parser.h for statesman.com site
ggaren@apple.com [Thu, 26 Mar 2015 23:12:39 +0000 (23:12 +0000)]
Assertion firing in JavaScriptCore/parser/parser.h for statesman.com site
https://bugs.webkit.org/show_bug.cgi?id=142974

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

This patch does two things:

(1) Restore JavaScriptCore's sanitization of line and column numbers to
one-based values.

We need this because WebCore sometimes provides huge negative column
numbers.

(2) Solve the attribute event listener line numbering problem a different
way: Rather than offseting all line numbers by -1 in an attribute event
listener in order to arrange for a custom result, instead use an explicit
feature for saying "all errors in this code should map to this line number".

* bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedFunctionExecutable::link):
(JSC::UnlinkedFunctionExecutable::fromGlobalCode):
* bytecode/UnlinkedCodeBlock.h:
* interpreter/Interpreter.cpp:
(JSC::StackFrame::computeLineAndColumn):
(JSC::GetStackTraceFunctor::operator()):
* interpreter/Interpreter.h:
* interpreter/StackVisitor.cpp:
(JSC::StackVisitor::Frame::computeLineAndColumn):
* parser/ParserError.h:
(JSC::ParserError::toErrorObject): Plumb through an override line number.
When a function has an override line number, all syntax and runtime
errors in the function will map to it. This is useful for attribute event
listeners.

* parser/SourceCode.h:
(JSC::SourceCode::SourceCode): Restore the old sanitization of line and
column numbers to one-based integers. It was kind of a hack to remove this.

* runtime/Executable.cpp:
(JSC::ScriptExecutable::ScriptExecutable):
(JSC::FunctionExecutable::fromGlobalCode):
* runtime/Executable.h:
(JSC::ScriptExecutable::setOverrideLineNo):
(JSC::ScriptExecutable::hasOverrideLineNo):
(JSC::ScriptExecutable::overrideLineNo):
* runtime/FunctionConstructor.cpp:
(JSC::constructFunctionSkippingEvalEnabledCheck):
* runtime/FunctionConstructor.h: Plumb through an override line number.

Source/WebCore:

* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::initializeJSFunction): Use the new override
line number API to guarantee that errors will map to the .html file locations
that we like.

* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::eventHandlerPosition): Added a FIXME to cover
some cases where our line and column numbers are still nonsense.

LayoutTests:

No test covering this ASSERT because I couldn't design a way to reproduce
it after trying for a few hours. Simply loading the original ASSERTing
content from disk is not enough to reproduce this bug.

* fast/profiler/dead-time-expected.txt:
* fast/profiler/inline-event-handler-expected.txt:
* fast/profiler/stop-profiling-after-setTimeout-expected.txt: These are
progressions, where we used to get the line number wrong.

* fast/dom/attribute-event-listener-errors-expected.txt: Added.
* fast/dom/attribute-event-listener-errors.html: Added. This test covers
a subtle way in which the new mechanism for attribute event listener
line numbers is more accurate than the old one.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182034 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRelevant repainted objects callback is inaccurate and inconsistent for PDF
bdakin@apple.com [Thu, 26 Mar 2015 23:06:27 +0000 (23:06 +0000)]
Relevant repainted objects callback is inaccurate and inconsistent for PDF
documents
https://bugs.webkit.org/show_bug.cgi?id=143118
-and corresponding-
rdar://problem/13371582

Reviewed by Tim Horton.

Investigating this bug resulted in finding two things that should change for the
relevant repainted objects heuristic. First, we should not count any objects
painted while updating control tints. And secondly, we should not use it at all
for plugin documents. In other documents, we count the plugin area as “painted”
when we get to paint whether or not the plugin has actually loaded. This is
intentional because it allows us to account for chunks of the page that will be
filled in by possibly slow-loading ads. However, if the plugin is the whole
document, then the heuristic just doesn’t make any sense and it leads to
inconsistent behavior at different window sizes. So we’ll only count plugins when
the document is not a plugin document.

Don’t count objects during this paint!
* page/FrameView.cpp:
(WebCore::FrameView::updateControlTints):
* page/Page.h:
(WebCore::Page::setIsCountingRelevantRepaintedObjects):

Make sure the document is not a plugin document.
* rendering/RenderEmbeddedObject.cpp:
(WebCore::RenderEmbeddedObject::paint):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182033 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoProgress towards CMake on Mac.
commit-queue@webkit.org [Thu, 26 Mar 2015 22:53:46 +0000 (22:53 +0000)]
Progress towards CMake on Mac.
https://bugs.webkit.org/show_bug.cgi?id=143112

Patch by Alex Christensen <achristensen@webkit.org> on 2015-03-26
Reviewed by Chris Dumez.

.:

* Source/cmake/OptionsMac.cmake:

Source/WebCore:

* CMakeLists.txt:
* PlatformEfl.cmake:
* PlatformGTK.cmake:
* PlatformMac.cmake:
* platform/graphics/mac/IconMac.mm:

Source/WebKit:

* PlatformMac.cmake:

Source/WebKit/mac:

* WebCoreSupport/WebFrameLoaderClient.h:

Source/WebKit2:

* CMakeLists.txt:
* PlatformMac.cmake:
* UIProcess/Cocoa/WebPageProxyCocoa.mm:

Source/WTF:

* wtf/PlatformMac.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182032 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[WK2][Cocoa] Add private API to override the network disk cache size
cdumez@apple.com [Thu, 26 Mar 2015 22:52:14 +0000 (22:52 +0000)]
[WK2][Cocoa] Add private API to override the network disk cache size
https://bugs.webkit.org/show_bug.cgi?id=143113
<rdar://problem/20315669>

Reviewed by Antti Koivisto.

Add private API to let the client override the network disk cache size.
By default, the network disk cache is automatically determined based on
the CacheModel and the available disk space. However, for testing
purposes, it can be used for the client-side to be able to override
the disk cache size.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::initializeNetworkProcess):
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::Cache::setMaximumSize):
* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::platformSetCacheModel):
* Shared/Network/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode):
(WebKit::NetworkProcessCreationParameters::decode):
* Shared/Network/NetworkProcessCreationParameters.h:
* UIProcess/API/APIProcessPoolConfiguration.cpp:
(API::ProcessPoolConfiguration::copy):
* UIProcess/API/APIProcessPoolConfiguration.h:
* UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
* UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:
(-[_WKProcessPoolConfiguration diskCacheSizeOverride]):
(-[_WKProcessPoolConfiguration setDiskCacheSizeOverride:]):
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::WebProcessPool):
(WebKit::WebProcessPool::ensureNetworkProcess):
* UIProcess/WebProcessPool.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182031 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoLayout test results URL loads in WK1 but not WK2 minibrowser
ap@apple.com [Thu, 26 Mar 2015 22:35:30 +0000 (22:35 +0000)]
Layout test results URL loads in WK1 but not WK2 minibrowser
https://bugs.webkit.org/show_bug.cgi?id=143117

Reviewed by Tim Horton.

* MiniBrowser/mac/WK2BrowserWindowController.m:
(-[WK2BrowserWindowController fetch:]): Fix this, international domain names, and
everything.
(-[WK2BrowserWindowController updateTextFieldFromURL:]): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182030 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[iOS] Accessibility crashing because MediaPlayer is laying out UI off the main thread
jer.noble@apple.com [Thu, 26 Mar 2015 22:31:46 +0000 (22:31 +0000)]
[iOS] Accessibility crashing because MediaPlayer is laying out UI off the main thread
https://bugs.webkit.org/show_bug.cgi?id=142970

Reviewed by Eric Carlson.

isMainThread() will (ironically) return true if called from the web thread. Rather than dispatch
synchronously to the main thread to allocate the _volumeView, dispatch asynchronously and handle
the case where the MPVolumeView has not yet been created.

* platform/audio/ios/MediaSessionManagerIOS.mm:
(-[WebMediaSessionHelper allocateVolumeView]): Dispatch to the main thread to allocate. Move notification
    registration to -setVolumeView:.
(-[WebMediaSessionHelper setVolumeView:]): Added. Register/Unregister for route availablitiy notifications.
(-[WebMediaSessionHelper hasWirelessTargetsAvailable]): Handle the possibility of a nil _volumeView.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182029 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Darwin] Boost the web process QoS level while handling a synchronous IPC message.
akling@apple.com [Thu, 26 Mar 2015 22:20:45 +0000 (22:20 +0000)]
[Darwin] Boost the web process QoS level while handling a synchronous IPC message.
<https://webkit.org/b/142988>
<rdar://problem/20264346>

Reviewed by Antti Koivisto and Anders Carlsson.

Add a mechanism for IPC::Connection to boost the main thread for the duration
of processing a synchronous message.

This fixes an issue where the UI process would block on a synchronous request
to the web process that was being carried out at a lower QoS level.

* Platform/IPC/Connection.cpp:
(IPC::Connection::Connection): Save the main thread's pthread_t while we have
a chance to retreive it.

(IPC::Connection::processIncomingMessage): Optionally boost the main thread when
processing an incoming message with the IsSyncMessage flag set.

* Platform/IPC/Connection.h:
(IPC::Connection::setShouldBoostMainThreadOnSyncMessage): Added. When this mode is
enabled, Connection will give a temporary QoS override to the main thread when
receiving a synchronous message. Ownership of the override is handed to the
MessageDecoder, which resets the main thread QoS in its destructor.

* Platform/IPC/MessageDecoder.cpp:
(IPC::MessageDecoder::~MessageDecoder): Remove any QoS override owned by this message.

* Platform/IPC/MessageDecoder.h:
(IPC::MessageDecoder::setQOSClassOverride): Added. Takes ownership of a QoS override
to make sure it stays in effect until this message has been dispatched.

* WebProcess/WebProcess.cpp:
(WebKit::WebProcess::initializeConnection): Set up main thread QoS boosting for the
web process's connection to the UI process.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182028 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCursor doesn't change back to pointer when leaving Mail
rniwa@webkit.org [Thu, 26 Mar 2015 21:43:21 +0000 (21:43 +0000)]
Cursor doesn't change back to pointer when leaving Mail
https://bugs.webkit.org/show_bug.cgi?id=132038

Reviewed by Anders Carlsson.

Fixed the bug by adding a cursor rect and making the primary tracking area update the cursor so that
AppKit will reset the cursor as it leaves the WebView.

We use nil cursor here since we manually update the cursor by calling [NSCursor set].

Source/WebKit/mac:

* WebView/WebHTMLView.mm:
(-[WebHTMLView setDataSource:]): Use NSTrackingCursorUpdate option in creating the primary tracking area.

Source/WebKit2:

* UIProcess/API/mac/WKView.mm:
(-[WKView initWithFrame:processPool:configuration:webView:]):
* UIProcess/mac/PageClientImpl.mm:
(WebKit::PageClientImpl::recommendedScrollbarStyleDidChange):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182026 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix state maching debugging after r181964
benjamin@webkit.org [Thu, 26 Mar 2015 21:02:29 +0000 (21:02 +0000)]
Fix state maching debugging after r181964
https://bugs.webkit.org/show_bug.cgi?id=143082

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-03-26
Reviewed by Alex Christensen.

* contentextensions/ContentExtensionCompiler.cpp:
(WebCore::ContentExtensions::compileRuleList):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182024 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoIf we're in code for accessing scoped arguments, we should probably check if the...
fpizlo@apple.com [Thu, 26 Mar 2015 20:48:06 +0000 (20:48 +0000)]
If we're in code for accessing scoped arguments, we should probably check if the object is a scoped arguments rather than checking if it's a direct arguments.

Reviewed by Michael Saboff.

* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitScopedArgumentsGetByVal):
* tests/stress/scoped-then-direct-arguments-get-by-val-in-baseline.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182023 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoImprove the offsetWidth/Height layout optimization
hyatt@apple.com [Thu, 26 Mar 2015 19:09:24 +0000 (19:09 +0000)]
Improve the offsetWidth/Height layout optimization
https://bugs.webkit.org/show_bug.cgi?id=143008

Reviewed by Zalan Bujtas.

* dom/Document.cpp:
(WebCore::Document::updateLayoutIfDimensionsOutOfDate):
* dom/Document.h:
Change Element* to Element&. Clean up the dimension bits to use shifting. Remove both the inline and
the positioning restrictions on the optimization check.

* dom/Element.cpp:
(WebCore::Element::offsetWidth):
(WebCore::Element::offsetHeight):
Change to use Element& instead of Element*.

(WebCore::Element::clientWidth):
(WebCore::Element::clientHeight):
(WebCore::Element::scrollWidth):
(WebCore::Element::scrollHeight):
Turn on the optimization for clientWidth/Height and scrollWidth/Height.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182022 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Linux] SeccompFilters: improve the port-agnostic whitelist
commit-queue@webkit.org [Thu, 26 Mar 2015 19:00:05 +0000 (19:00 +0000)]
[Linux] SeccompFilters: improve the port-agnostic whitelist
https://bugs.webkit.org/show_bug.cgi?id=140064

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2015-03-26
Reviewed by Žan Doberšek.

Allow the web process to access several files and directories that it
was previously prohibited from accessing. This makes the web process
much less likely to break.

* Shared/linux/SeccompFilters/SyscallPolicy.cpp:
(WebKit::SyscallPolicy::addDefaultWebProcessPolicy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182021 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRemove unneeded isConditionalRequest check from NetworkResourceLoader
antti@apple.com [Thu, 26 Mar 2015 18:49:40 +0000 (18:49 +0000)]
Remove unneeded isConditionalRequest check from NetworkResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=143096

Reviewed by Anders Carlsson.

This check is leftover from implementation that allowed disk cache to validate conditional
request itself. The case can't happen as NetworkCache canRetrieve test does not allow
conditional requests in the first place.

* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::didReceiveResponseAsync):
(WebKit::isConditionalRequest): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182020 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoRename Storage::Entry to Storage::Record
antti@apple.com [Thu, 26 Mar 2015 18:39:22 +0000 (18:39 +0000)]
Rename Storage::Entry to Storage::Record
https://bugs.webkit.org/show_bug.cgi?id=143101

Reviewed by Chris Dumez.

Lets have just one type called Entry in the cache code.

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::Cache::retrieve):
(WebKit::NetworkCache::Cache::store):
(WebKit::NetworkCache::Cache::update):
(WebKit::NetworkCache::Cache::traverse):
(WebKit::NetworkCache::Cache::dumpContentsToFile):
* NetworkProcess/cache/NetworkCacheEntry.cpp:
(WebKit::NetworkCache::Entry::Entry):
(WebKit::NetworkCache::Entry::encodeAsStorageRecord):
(WebKit::NetworkCache::Entry::decodeStorageRecord):
(WebKit::NetworkCache::Entry::initializeBufferFromStorageRecord):
(WebKit::NetworkCache::Entry::buffer):
(WebKit::NetworkCache::Entry::shareableResourceHandle):
(WebKit::NetworkCache::Entry::encode): Deleted.
(WebKit::NetworkCache::Entry::decode): Deleted.
(WebKit::NetworkCache::Entry::initializeBufferFromStorageEntry): Deleted.
* NetworkProcess/cache/NetworkCacheEntry.h:
(WebKit::NetworkCache::Entry::sourceStorageRecord):
(WebKit::NetworkCache::Entry::sourceStorageEntry): Deleted.
* NetworkProcess/cache/NetworkCacheStorage.cpp:
(WebKit::NetworkCache::RecordMetaData::RecordMetaData):
(WebKit::NetworkCache::decodeRecordMetaData):
(WebKit::NetworkCache::decodeRecordHeader):
(WebKit::NetworkCache::decodeRecord):
(WebKit::NetworkCache::encodeRecordMetaData):
(WebKit::NetworkCache::encodeRecordHeader):
(WebKit::NetworkCache::Storage::dispatchReadOperation):
(WebKit::NetworkCache::retrieveFromMemory):
(WebKit::NetworkCache::Storage::store):
(WebKit::NetworkCache::Storage::update):
(WebKit::NetworkCache::Storage::traverse):
(WebKit::NetworkCache::Storage::dispatchPendingWriteOperations):
(WebKit::NetworkCache::Storage::dispatchFullWriteOperation):
(WebKit::NetworkCache::Storage::dispatchHeaderWriteOperation):
(WebKit::NetworkCache::EntryMetaData::EntryMetaData): Deleted.
(WebKit::NetworkCache::decodeEntryMetaData): Deleted.
(WebKit::NetworkCache::decodeEntryHeader): Deleted.
(WebKit::NetworkCache::decodeEntry): Deleted.
(WebKit::NetworkCache::encodeEntryMetaData): Deleted.
(WebKit::NetworkCache::encodeEntryHeader): Deleted.
* NetworkProcess/cache/NetworkCacheStorage.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182019 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd --allowed-host support to run-webkit-tests
jer.noble@apple.com [Thu, 26 Mar 2015 18:16:02 +0000 (18:16 +0000)]
Add --allowed-host support to run-webkit-tests
https://bugs.webkit.org/show_bug.cgi?id=142938

Reviewed by Brent Fulgham.

Accept --allowed-host arguments from run-webkit-tests and pass them through to
DumpRenderTree and WebKitTestRunner.

Drive-by fix: Depending on the value of the --layout-test-dir parameter, layout test results
are placed in the wrong location. The argument is compared with each tests's path, and if a
relative path or a path with '..' was used, results are placed alongside the test. Take the
absolute path of the --layout-test-dir argument, collapsing path components like '..'.

* Scripts/webkitpy/layout_tests/run_webkit_tests.py:
(parse_args):
* Scripts/webkitpy/port/base.py:
(Port.__init__):
(Port.allowed_hosts):
* Scripts/webkitpy/port/driver.py:
(Driver.cmd_line):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182018 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Mac] Add an --allowed-host argument to DRT and WKTR to allow tests to connect to...
jer.noble@apple.com [Thu, 26 Mar 2015 18:12:56 +0000 (18:12 +0000)]
[Mac] Add an --allowed-host argument to DRT and WKTR to allow tests to connect to non-localhost servers
https://bugs.webkit.org/show_bug.cgi?id=142931

Reviewed by Brent Fulgham.

Currently, both DRT and WKTR will refuse to allow network connections to non-localhost servers
over HTTP/HTTPS. For certain testing scenarios, however, it would be useful if both DRT and
WKTR could be allowed to make HTTP/HTTPS connections to certain, specific servers defined at
runtime.

To allow this, add an optional argument to DRT and WKTR, --allowed-host, which will add the specified
hostname to a whitelist; requests to these hosts will allowed to proceed normally.

Drive-by fix: in InjectedBundlePage::willSendRequestForFrame, we get the top loading frame from the
injected bundle. But after the main resource load completes, the bundle nulls out it's pointer to the
top loading frame, which causes a subsequent crash when further resources are requested. Instead, get
the top loading frame from the page, as we do elsewhere in this class.

* DumpRenderTree/TestRunner.h:
(TestRunner::allowedHosts):
(TestRunner::setAllowedHosts):
* DumpRenderTree/mac/DumpRenderTree.mm:
(initializeGlobalsFromCommandLineOptions):
(runTest):
* DumpRenderTree/mac/ResourceLoadDelegate.mm:
(isAllowedHost):
(-[ResourceLoadDelegate webView:resource:willSendRequest:redirectResponse:fromDataSource:]):
* WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::didReceiveMessage):
(WTR::InjectedBundle::isAllowedHost):
* WebKitTestRunner/InjectedBundle/InjectedBundle.h:
* WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
(WTR::isAllowedHost):
(WTR::InjectedBundlePage::willSendRequestForFrame):
* WebKitTestRunner/InjectedBundle/TestRunner.h:
* WebKitTestRunner/Options.cpp:
(WTR::handleOptionAllowedHost):
(WTR::OptionsHandler::OptionsHandler):
* WebKitTestRunner/Options.h:
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::initialize):
(WTR::TestController::resetStateToConsistentValues):
* WebKitTestRunner/TestController.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182017 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoApply ContentExtension actions after redirects.
beidson@apple.com [Thu, 26 Mar 2015 17:45:12 +0000 (17:45 +0000)]
Apply ContentExtension actions after redirects.
<rdar://problem/20062613> and https://bugs.webkit.org/show_bug.cgi?id=143055

Reviewed by Alex Christensen.

Source/WebCore:

Tests: http/tests/contentextensions/loading/main-resource-redirect-blocked.php
       http/tests/contentextensions/subresource-redirect-blocked.html

This patch moves the "run a URL against the content extension" code from CachedResourceLoader to
the ContentExtensionsBackend.

That allows it to be shared between the CachedResourceLoader where loads are initiated and
ResourceLoader where redirects are handled.

* contentextensions/ContentExtension.cpp:
(WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):

* contentextensions/ContentExtensionsBackend.cpp:
(WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
(WebCore::ContentExtensions::ContentExtensionsBackend::displayNoneCSSRule):
* contentextensions/ContentExtensionsBackend.h:

* loader/NetscapePlugInStreamLoader.cpp:
(WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):

* loader/ResourceLoadInfo.h:

* loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::ResourceLoader):
(WebCore::ResourceLoader::willSendRequest):
* loader/ResourceLoader.h:

* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::SubresourceLoader):

* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):

* page/UserContentController.cpp:
(WebCore::UserContentController::processContentExtensionRulesForLoad):
(WebCore::UserContentController::actionsForResourceLoad): Deleted.
(WebCore::UserContentController::globalDisplayNoneStyleSheet): Deleted.
(WebCore::UserContentController::displayNoneCSSRule): Deleted.
* page/UserContentController.h:

Tools:

* WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
(WTR::InjectedBundlePage::didFailProvisionalLoadWithErrorForFrame): Dump the fact that the load error is kWKErrorCodeCannotShowURL
  which is specifically interesting to a new test.

LayoutTests:

* http/tests/contentextensions/loading/main-resource-redirect-blocked-expected.txt: Added.
* http/tests/contentextensions/loading/main-resource-redirect-blocked.php: Added.
* http/tests/contentextensions/loading/main-resource-redirect-blocked.php.json: Added.
* http/tests/contentextensions/loading/resources/main-resource-redirect-blocked-target.html: Added.
* http/tests/contentextensions/resources/subresource-redirect.php: Added.
* http/tests/contentextensions/subresource-redirect-blocked-expected.txt: Added.
* http/tests/contentextensions/subresource-redirect-blocked.html: Added.
* http/tests/contentextensions/subresource-redirect-blocked.html.json: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182016 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCrash when laying out (char)0
mmaxfield@apple.com [Thu, 26 Mar 2015 17:29:53 +0000 (17:29 +0000)]
Crash when laying out (char)0
https://bugs.webkit.org/show_bug.cgi?id=143103

Reviewed by Dean Jackson.

We currently cache a character -> Font mapping in a HashMap.
However, keys in Hashmaps can't be 0. This patch simply skips
the cache in this case.

No new tests, for now. I'm having trouble creating a test because
the site that causes this bug generates their page using script,
and the script is all minified, and difficult to understand. I
will contact the owner of the site and ask for and unminified
version of their sources. However, I don't want to that to block
this tiny fix from going in.

* platform/graphics/Font.cpp:
(WebCore::Font::systemFallbackFontForCharacter):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Mac][EME] Crash at com.apple.WebCore: WebCore::CDMSessionMediaSourceAVFObjC::release...
jer.noble@apple.com [Thu, 26 Mar 2015 17:24:21 +0000 (17:24 +0000)]
[Mac][EME] Crash at com.apple.WebCore: WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys + 177
https://bugs.webkit.org/show_bug.cgi?id=143080

Reviewed by Eric Carlson.

Null-check m_certificate before dereferencing.

* platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
(WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182014 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agojs/promises-tests/promises-tests-2-3-3.html sometimes crashes under DFG::SpeculativeJ...
msaboff@apple.com [Thu, 26 Mar 2015 17:04:38 +0000 (17:04 +0000)]
js/promises-tests/promises-tests-2-3-3.html sometimes crashes under DFG::SpeculativeJIT::compile
https://bugs.webkit.org/show_bug.cgi?id=139865

Reviewed by Alexey Proskuryakov.

It appears that r181993 fixed this test as it removed the code where the crash occurred.

* TestExpectations: Re-enabled js/promises-tests/promises-tests-2-3-3 including marking it as Slow.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182013 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAX: [role="button"][aria-pressed] should be exposed as AXCheckbox:AXToggleButton...
cfleizach@apple.com [Thu, 26 Mar 2015 16:35:58 +0000 (16:35 +0000)]
AX: [role="button"][aria-pressed] should be exposed as AXCheckbox:AXToggleButton, with role description of "toggle button"
https://bugs.webkit.org/show_bug.cgi?id=115298

Reviewed by Mario Sanchez Prada.

Source/WebCore:

A role=button + aria-pressed object should be exposed as AXCheckbox on Mac now. It should also convert the
aria-pressed state into a 0, 1, 2 number value for the Mac.

Test: platform/mac/accessibility/aria-pressed-button-attributes.html

* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::checkboxOrRadioValue):
* accessibility/AccessibilityObject.h:
(WebCore::AccessibilityObject::isToggleButton):
* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
(createAccessibilityRoleMap):
(-[WebAccessibilityObjectWrapper subrole]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

LayoutTests:

* accessibility/aria-toggle-button-with-title.html:
     Bad path for post test resources file, so that is fixed.
* platform/mac/accessibility/aria-pressed-button-attributes-expected.txt: Added.
* platform/mac/accessibility/aria-pressed-button-attributes.html: Added.
* platform/mac/accessibility/aria-toggle-button-with-title-expected.txt:
      Updated to reflect the new role of this object.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182012 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[WK2] Let the compiler generate the NetworkCache::Key move constructor
cdumez@apple.com [Thu, 26 Mar 2015 16:24:06 +0000 (16:24 +0000)]
[WK2] Let the compiler generate the NetworkCache::Key move constructor
https://bugs.webkit.org/show_bug.cgi?id=143079

Reviewed by Antti Koivisto.

Let the compiler generate the NetworkCache::Key move constructor. The
generated one will do exactly the same thing as the one we had except
that it will move the m_hash member as well. I don't see any reason why
we weren't moving this member before (it is an std::array<uint8_t, 16>).

Also have the compiler generate a move assignment operator for
consistency. Although it is not currently useful, it could be at some
point.

* NetworkProcess/cache/NetworkCacheKey.cpp:
(WebKit::NetworkCache::Key::Key): Deleted.
* NetworkProcess/cache/NetworkCacheKey.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182011 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[WK2][NetworkCache] Compute if a cached response has expired only when actually needed
cdumez@apple.com [Thu, 26 Mar 2015 16:21:44 +0000 (16:21 +0000)]
[WK2][NetworkCache] Compute if a cached response has expired only when actually needed
https://bugs.webkit.org/show_bug.cgi?id=143070

Reviewed by Antti Koivisto.

Compute if a cached response has expired only when actually needed:
- This is not a history navigation
and
- It does not have "Cache-Control: no-cache" header

Previously, we would always determine if the response has expired and
we often end up not using this information.

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::responseHasExpired):
(WebKit::NetworkCache::canUse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182010 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFTL ScopedArguments GetArrayLength generates incorrect code and crashes in LLVM
fpizlo@apple.com [Thu, 26 Mar 2015 15:29:57 +0000 (15:29 +0000)]
FTL ScopedArguments GetArrayLength generates incorrect code and crashes in LLVM
https://bugs.webkit.org/show_bug.cgi?id=143098

Reviewed by Csaba Osztrogonác.

* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::LowerDFGToLLVM::compileGetArrayLength): Fix a typo.
* tests/stress/scoped-arguments-array-length.js: Added. This test previously always crashed in ftl-no-cjit mode.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182009 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[EFL] Disable building libseccomp on AArch64
ossy@webkit.org [Thu, 26 Mar 2015 12:23:49 +0000 (12:23 +0000)]
[EFL] Disable building libseccomp on AArch64
https://bugs.webkit.org/show_bug.cgi?id=143094

Reviewed by Gyuyoung Kim.

* efl/jhbuildrc:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182008 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[jhbuild] git should use only 1 thread for cloning jhbuild
ossy@webkit.org [Thu, 26 Mar 2015 12:21:38 +0000 (12:21 +0000)]
[jhbuild] git should use only 1 thread for cloning jhbuild
https://bugs.webkit.org/show_bug.cgi?id=143095

Reviewed by Gyuyoung Kim.

* jhbuild/jhbuild-wrapper:
(clone_jhbuild):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182007 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed gardening, skip failing tests on AArch64 Linux.
ossy@webkit.org [Thu, 26 Mar 2015 10:47:37 +0000 (10:47 +0000)]
Unreviewed gardening, skip failing tests on AArch64 Linux.

Source/JavaScriptCore:

* tests/mozilla/mozilla-tests.yaml:
* tests/stress/cached-prototype-setter.js:

LayoutTests:

* js/script-tests/array-from.js:
* js/script-tests/array-length-shortening.js:
* js/script-tests/dfg-int16array.js:
* js/script-tests/dfg-int8array.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182006 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAvoid the Vector<> copy in WebTouchEvent constructor
zandobersek@gmail.com [Thu, 26 Mar 2015 07:51:33 +0000 (07:51 +0000)]
Avoid the Vector<> copy in WebTouchEvent constructor
https://bugs.webkit.org/show_bug.cgi?id=143043

Reviewed by Carlos Garcia Campos.

Have the WebTouchEvent accept a Vector<> rvalue.
The relevant code is updated so the Vector<> object is moved
through the call chain and finally into the WebTouchEvent constructor.

* Shared/NativeWebTouchEvent.h:
* Shared/WebEvent.h:
* Shared/WebTouchEvent.cpp:
(WebKit::WebTouchEvent::WebTouchEvent):
* Shared/efl/WebEventFactory.cpp:
(WebKit::WebEventFactory::createWebTouchEvent):
* Shared/gtk/NativeWebTouchEventGtk.cpp:
(WebKit::NativeWebTouchEvent::NativeWebTouchEvent):
* Shared/gtk/WebEventFactory.cpp:
(WebKit::WebEventFactory::createWebTouchEvent):
* Shared/gtk/WebEventFactory.h:
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseTouchEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182005 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, fixes to silly things. While landing fixes to r181993, I introduced crash...
fpizlo@apple.com [Thu, 26 Mar 2015 07:17:08 +0000 (07:17 +0000)]
Unreviewed, fixes to silly things. While landing fixes to r181993, I introduced crashes. This fixes them.

* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants): I landed a fix for a VS warning. It broke this. Now I'm fixing it.
* ftl/FTLCompile.cpp:
(JSC::FTL::compile): Make sure we pass the module when dumping. This makes FTL debugging possible again.
* ftl/FTLState.cpp:
(JSC::FTL::State::dumpState): New overload that takes a module, so that we can call this after FTL::compile() clears State's module.
* ftl/FTLState.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182004 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agomedia/track/track-mode.html flakily times out
ap@apple.com [Thu, 26 Mar 2015 07:00:36 +0000 (07:00 +0000)]
media/track/track-mode.html flakily times out
https://bugs.webkit.org/show_bug.cgi?id=143085

* TestExpectations: Added an expectation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182003 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAX: table cells that use display:block render the table inaccessible to VoiceOver
cfleizach@apple.com [Thu, 26 Mar 2015 06:01:59 +0000 (06:01 +0000)]
AX: table cells that use display:block render the table inaccessible to VoiceOver
https://bugs.webkit.org/show_bug.cgi?id=143007

Unreviewed, layout test fix.

Skip associated accessibility/table-cell-display-block.html on failing platforms.

* platform/efl/TestExpectations:
* platform/gtk/TestExpectations:
    Specific platform changes in children ordering need to be updated to make this test pass.
* platform/win/TestExpectations:
    Need to implement cellForRowAndColumn.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182002 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, fix obvious goof that was causing 32-bit debug crashes. The 64-bit versio...
fpizlo@apple.com [Thu, 26 Mar 2015 05:32:19 +0000 (05:32 +0000)]
Unreviewed, fix obvious goof that was causing 32-bit debug crashes. The 64-bit version did it
right, so this just makes 32-bit do the same.

* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182001 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix a typo that ggaren found but that I didn't fix before.
fpizlo@apple.com [Thu, 26 Mar 2015 05:23:10 +0000 (05:23 +0000)]
Fix a typo that ggaren found but that I didn't fix before.

* runtime/DirectArgumentsOffset.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182000 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, we have edited this file in 2015.
fpizlo@apple.com [Thu, 26 Mar 2015 04:58:10 +0000 (04:58 +0000)]
Unreviewed, we have edited this file in 2015.

* wtf/Platform.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181999 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, VC found a bug. This fixes the bug.
fpizlo@apple.com [Thu, 26 Mar 2015 04:52:14 +0000 (04:52 +0000)]
Unreviewed, VC found a bug. This fixes the bug.

* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181998 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, try to fix Windows build.
fpizlo@apple.com [Thu, 26 Mar 2015 04:50:28 +0000 (04:50 +0000)]
Unreviewed, try to fix Windows build.

* runtime/ClonedArguments.cpp:
(JSC::ClonedArguments::createWithInlineFrame):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUpdate prepare-ChangeLog to work with ES6 Class syntax
commit-queue@webkit.org [Thu, 26 Mar 2015 04:37:35 +0000 (04:37 +0000)]
Update prepare-ChangeLog to work with ES6 Class syntax
https://bugs.webkit.org/show_bug.cgi?id=143069

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-03-25
Reviewed by Timothy Hatcher.

* Scripts/prepare-ChangeLog:
(get_function_line_ranges_for_javascript):
Better handle ES6 Class syntax.

* Scripts/webkitperl/prepare-ChangeLog_unittest/resources/javascript_unittests-expected.txt:
* Scripts/webkitperl/prepare-ChangeLog_unittest/resources/javascript_unittests.js:
(BaseClass):
(DerivedClass):
(DerivedClass.staticMethod):
(DerivedClass.prototype.method.nestedFunctionInsideMethod):
(DerivedClass.prototype.method):
(DerivedClass.prototype.get getter):
(namespace.MyClass):
(namespace.MyClass.staticMethod):
(namespace.MyClass.prototype.method.nestedFunctionInsideMethod):
(namespace.MyClass.prototype.method):
(namespace.MyClass.prototype.get getter):
Proof!

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, fix debug build.
fpizlo@apple.com [Thu, 26 Mar 2015 04:35:31 +0000 (04:35 +0000)]
Unreviewed, fix debug build.

* bytecompiler/NodesCodegen.cpp:
(JSC::ConstDeclNode::emitCodeSingle):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181995 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUnreviewed, fix CLOOP build.
fpizlo@apple.com [Thu, 26 Mar 2015 04:34:11 +0000 (04:34 +0000)]
Unreviewed, fix CLOOP build.

* dfg/DFGMinifiedID.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181994 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoHeap variables shouldn't end up in the stack frame
fpizlo@apple.com [Thu, 26 Mar 2015 04:28:43 +0000 (04:28 +0000)]
Heap variables shouldn't end up in the stack frame
https://bugs.webkit.org/show_bug.cgi?id=141174

Reviewed by Geoffrey Garen.
Source/JavaScriptCore:

This is a major change to how JavaScriptCore handles declared variables (i.e. "var"). It removes
any ambiguity about whether a variable should be in the heap or on the stack. A variable will no
longer move between heap and stack during its lifetime. This enables a bunch of optimizations and
simplifications:

- Accesses to variables no longer need checks or indirections to determine where the variable is
  at that moment in time. For example, loading a closure variable now takes just one load instead
  of two. Loading an argument by index now takes a bounds check and a load in the fastest case
  (when no arguments object allocation is required) while previously that same operation required
  a "did I allocate arguments yet" check, a bounds check, and then the load.

- Reasoning about the allocation of an activation or arguments object now follows the same simple
  logic as the allocation of any other kind of object. Previously, those objects were lazily
  allocated - so an allocation instruction wasn't the actual allocation site, since it might not
  allocate anything at all. This made the implementation of traditional escape analyses really
  awkward, and ultimately it meant that we missed important cases. Now, we can reason about the
  arguments object using the usual SSA tricks which allows for more comprehensive removal.

- The allocations of arguments objects, functions, and activations are now much faster. While
  this patch generally expands our ability to eliminate arguments object allocations, an earlier
  version of the patch - which lacked that functionality - was a progression on some arguments-
  and closure-happy benchmarks because although no allocations were eliminated, all allocations
  were faster.

- There is no tear-off. The runtime no loner needs to know about where on the stack a frame keeps
  its arguments objects or activations. The runtime doesn't have to do things to the arguments
  objects and activations that a frame allocated, when the frame is unwound. We always had horrid
  bugs in that code, so it's good to see it go. This removes *a ton* of machinery from the DFG,
  FTL, CodeBlock, and other places. All of the things having to do with "captured variables" is
  now gone. This also enables implementing block-scoping. Without this change, block-scope
  support would require telling CodeBlock and all of the rest of the runtime about all of the
  variables that store currently-live scopes. That would have been so disastrously hard that it
  might as well be impossible. With this change, it's fair game for the bytecode generator to
  simply allocate whatever activations it wants, wherever it wants, and to keep them live for
  however long it wants. This all works, because after bytecode generation, an activation is just
  an object and variables that refer to it are just normal variables.

- SymbolTable can now tell you explicitly where a variable lives. The answer is in the form of a
  VarOffset object, which has methods like isStack(), isScope(), etc. VirtualRegister is never
  used for offsets of non-stack variables anymore. We now have shiny new objects for other kinds
  of offsets - ScopeOffset for offsets into scopes, and DirectArgumentsOffset for offsets into
  an arguments object.

- Functions that create activations can now tier-up into the FTL. Previously they couldn't. Also,
  using activations used to prevent inlining; now functions that use activations can be inlined
  just fine.

This is a >1% speed-up on Octane. This is a >2% speed-up on CompressionBench. This is a tiny
speed-up on AsmBench (~0.4% or something). This looks like it might be a speed-up on SunSpider.
It's only a slow-down on very short-running microbenchmarks we had previously written for our old
style of tear-off-based arguments optimization. Those benchmarks are not part of any major suite.

The easiest way of understanding this change is to start by looking at the changes in runtime/,
and then the changes in bytecompiler/, and then sort of work your way up the compiler tiers.

* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* assembler/AbortReason.h:
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::BaseIndex::withOffset):
* bytecode/ByValInfo.h:
(JSC::hasOptimizableIndexingForJSType):
(JSC::hasOptimizableIndexing):
(JSC::jitArrayModeForJSType):
(JSC::jitArrayModePermitsPut):
(JSC::jitArrayModeForStructure):
* bytecode/BytecodeKills.h: Added.
(JSC::BytecodeKills::BytecodeKills):
(JSC::BytecodeKills::operandIsKilled):
(JSC::BytecodeKills::forEachOperandKilledAt):
(JSC::BytecodeKills::KillSet::KillSet):
(JSC::BytecodeKills::KillSet::add):
(JSC::BytecodeKills::KillSet::forEachLocal):
(JSC::BytecodeKills::KillSet::contains):
* bytecode/BytecodeList.json:
* bytecode/BytecodeLivenessAnalysis.cpp:
(JSC::isValidRegisterForLiveness):
(JSC::stepOverInstruction):
(JSC::BytecodeLivenessAnalysis::runLivenessFixpoint):
(JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset):
(JSC::BytecodeLivenessAnalysis::operandIsLiveAtBytecodeOffset):
(JSC::BytecodeLivenessAnalysis::computeFullLiveness):
(JSC::BytecodeLivenessAnalysis::computeKills):
(JSC::indexForOperand): Deleted.
(JSC::BytecodeLivenessAnalysis::getLivenessInfoForNonCapturedVarsAtBytecodeOffset): Deleted.
(JSC::getLivenessInfo): Deleted.
* bytecode/BytecodeLivenessAnalysis.h:
* bytecode/BytecodeLivenessAnalysisInlines.h:
(JSC::operandIsAlwaysLive):
(JSC::operandThatIsNotAlwaysLiveIsLive):
(JSC::operandIsLive):
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::nameForRegister):
(JSC::CodeBlock::validate):
(JSC::CodeBlock::isCaptured): Deleted.
(JSC::CodeBlock::framePointerOffsetToGetActivationRegisters): Deleted.
(JSC::CodeBlock::machineSlowArguments): Deleted.
* bytecode/CodeBlock.h:
(JSC::unmodifiedArgumentsRegister): Deleted.
(JSC::CodeBlock::setArgumentsRegister): Deleted.
(JSC::CodeBlock::argumentsRegister): Deleted.
(JSC::CodeBlock::uncheckedArgumentsRegister): Deleted.
(JSC::CodeBlock::usesArguments): Deleted.
(JSC::CodeBlock::captureCount): Deleted.
(JSC::CodeBlock::captureStart): Deleted.
(JSC::CodeBlock::captureEnd): Deleted.
(JSC::CodeBlock::argumentIndexAfterCapture): Deleted.
(JSC::CodeBlock::hasSlowArguments): Deleted.
(JSC::ExecState::argumentAfterCapture): Deleted.
* bytecode/CodeOrigin.h:
* bytecode/DataFormat.h:
(JSC::dataFormatToString):
* bytecode/FullBytecodeLiveness.h:
(JSC::FullBytecodeLiveness::getLiveness):
(JSC::FullBytecodeLiveness::operandIsLive):
(JSC::FullBytecodeLiveness::FullBytecodeLiveness): Deleted.
(JSC::FullBytecodeLiveness::getOut): Deleted.
* bytecode/Instruction.h:
(JSC::Instruction::Instruction):
* bytecode/Operands.h:
(JSC::Operands::virtualRegisterForIndex):
* bytecode/SpeculatedType.cpp:
(JSC::dumpSpeculation):
(JSC::speculationToAbbreviatedString):
(JSC::speculationFromClassInfo):
* bytecode/SpeculatedType.h:
(JSC::isDirectArgumentsSpeculation):
(JSC::isScopedArgumentsSpeculation):
(JSC::isActionableMutableArraySpeculation):
(JSC::isActionableArraySpeculation):
(JSC::isArgumentsSpeculation): Deleted.
* bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
* bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedCodeBlock::setArgumentsRegister): Deleted.
(JSC::UnlinkedCodeBlock::usesArguments): Deleted.
(JSC::UnlinkedCodeBlock::argumentsRegister): Deleted.
* bytecode/ValueRecovery.cpp:
(JSC::ValueRecovery::dumpInContext):
* bytecode/ValueRecovery.h:
(JSC::ValueRecovery::directArgumentsThatWereNotCreated):
(JSC::ValueRecovery::outOfBandArgumentsThatWereNotCreated):
(JSC::ValueRecovery::nodeID):
(JSC::ValueRecovery::argumentsThatWereNotCreated): Deleted.
* bytecode/VirtualRegister.h:
(JSC::VirtualRegister::operator==):
(JSC::VirtualRegister::operator!=):
(JSC::VirtualRegister::operator<):
(JSC::VirtualRegister::operator>):
(JSC::VirtualRegister::operator<=):
(JSC::VirtualRegister::operator>=):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::initializeNextParameter):
(JSC::BytecodeGenerator::visibleNameForParameter):
(JSC::BytecodeGenerator::emitMove):
(JSC::BytecodeGenerator::variable):
(JSC::BytecodeGenerator::createVariable):
(JSC::BytecodeGenerator::emitResolveScope):
(JSC::BytecodeGenerator::emitGetFromScope):
(JSC::BytecodeGenerator::emitPutToScope):
(JSC::BytecodeGenerator::initializeVariable):
(JSC::BytecodeGenerator::emitInstanceOf):
(JSC::BytecodeGenerator::emitNewFunction):
(JSC::BytecodeGenerator::emitNewFunctionInternal):
(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitReturn):
(JSC::BytecodeGenerator::emitConstruct):
(JSC::BytecodeGenerator::isArgumentNumber):
(JSC::BytecodeGenerator::emitEnumeration):
(JSC::BytecodeGenerator::addVar): Deleted.
(JSC::BytecodeGenerator::emitInitLazyRegister): Deleted.
(JSC::BytecodeGenerator::initializeCapturedVariable): Deleted.
(JSC::BytecodeGenerator::resolveCallee): Deleted.
(JSC::BytecodeGenerator::addCallee): Deleted.
(JSC::BytecodeGenerator::addParameter): Deleted.
(JSC::BytecodeGenerator::willResolveToArgumentsRegister): Deleted.
(JSC::BytecodeGenerator::uncheckedLocalArgumentsRegister): Deleted.
(JSC::BytecodeGenerator::createLazyRegisterIfNecessary): Deleted.
(JSC::BytecodeGenerator::isCaptured): Deleted.
(JSC::BytecodeGenerator::local): Deleted.
(JSC::BytecodeGenerator::constLocal): Deleted.
(JSC::BytecodeGenerator::emitResolveConstantLocal): Deleted.
(JSC::BytecodeGenerator::emitGetArgumentsLength): Deleted.
(JSC::BytecodeGenerator::emitGetArgumentByVal): Deleted.
(JSC::BytecodeGenerator::emitLazyNewFunction): Deleted.
(JSC::BytecodeGenerator::createArgumentsIfNecessary): Deleted.
* bytecompiler/BytecodeGenerator.h:
(JSC::Variable::Variable):
(JSC::Variable::isResolved):
(JSC::Variable::ident):
(JSC::Variable::offset):
(JSC::Variable::isLocal):
(JSC::Variable::local):
(JSC::Variable::isSpecial):
(JSC::BytecodeGenerator::argumentsRegister):
(JSC::BytecodeGenerator::emitNode):
(JSC::BytecodeGenerator::registerFor):
(JSC::Local::Local): Deleted.
(JSC::Local::operator bool): Deleted.
(JSC::Local::get): Deleted.
(JSC::Local::isSpecial): Deleted.
(JSC::ResolveScopeInfo::ResolveScopeInfo): Deleted.
(JSC::ResolveScopeInfo::isLocal): Deleted.
(JSC::ResolveScopeInfo::localIndex): Deleted.
(JSC::BytecodeGenerator::hasSafeLocalArgumentsRegister): Deleted.
(JSC::BytecodeGenerator::captureMode): Deleted.
(JSC::BytecodeGenerator::shouldTearOffArgumentsEagerly): Deleted.
(JSC::BytecodeGenerator::shouldCreateArgumentsEagerly): Deleted.
(JSC::BytecodeGenerator::hasWatchableVariable): Deleted.
(JSC::BytecodeGenerator::watchableVariableIdentifier): Deleted.
* bytecompiler/NodesCodegen.cpp:
(JSC::ResolveNode::isPure):
(JSC::ResolveNode::emitBytecode):
(JSC::BracketAccessorNode::emitBytecode):
(JSC::DotAccessorNode::emitBytecode):
(JSC::EvalFunctionCallNode::emitBytecode):
(JSC::FunctionCallResolveNode::emitBytecode):
(JSC::CallFunctionCallDotNode::emitBytecode):
(JSC::ApplyFunctionCallDotNode::emitBytecode):
(JSC::PostfixNode::emitResolve):
(JSC::DeleteResolveNode::emitBytecode):
(JSC::TypeOfResolveNode::emitBytecode):
(JSC::PrefixNode::emitResolve):
(JSC::ReadModifyResolveNode::emitBytecode):
(JSC::AssignResolveNode::emitBytecode):
(JSC::ConstDeclNode::emitCodeSingle):
(JSC::EmptyVarExpression::emitBytecode):
(JSC::ForInNode::tryGetBoundLocal):
(JSC::ForInNode::emitLoopHeader):
(JSC::ForOfNode::emitBytecode):
(JSC::ArrayPatternNode::emitDirectBinding):
(JSC::BindingNode::bindValue):
(JSC::getArgumentByVal): Deleted.
* dfg/DFGAbstractHeap.h:
* dfg/DFGAbstractInterpreter.h:
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::clobberWorld):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::clobberCapturedVars): Deleted.
* dfg/DFGAbstractValue.h:
* dfg/DFGArgumentPosition.h:
(JSC::DFG::ArgumentPosition::addVariable):
* dfg/DFGArgumentsEliminationPhase.cpp: Added.
(JSC::DFG::performArgumentsElimination):
* dfg/DFGArgumentsEliminationPhase.h: Added.
* dfg/DFGArgumentsSimplificationPhase.cpp: Removed.
* dfg/DFGArgumentsSimplificationPhase.h: Removed.
* dfg/DFGArgumentsUtilities.cpp: Added.
(JSC::DFG::argumentsInvolveStackSlot):
(JSC::DFG::emitCodeToGetArgumentsArrayLength):
* dfg/DFGArgumentsUtilities.h: Added.
* dfg/DFGArrayMode.cpp:
(JSC::DFG::ArrayMode::refine):
(JSC::DFG::ArrayMode::alreadyChecked):
(JSC::DFG::arrayTypeToString):
* dfg/DFGArrayMode.h:
(JSC::DFG::ArrayMode::canCSEStorage):
(JSC::DFG::ArrayMode::modeForPut):
* dfg/DFGAvailabilityMap.cpp:
(JSC::DFG::AvailabilityMap::prune):
* dfg/DFGAvailabilityMap.h:
(JSC::DFG::AvailabilityMap::closeOverNodes):
(JSC::DFG::AvailabilityMap::closeStartingWithLocal):
* dfg/DFGBackwardsPropagationPhase.cpp:
(JSC::DFG::BackwardsPropagationPhase::propagate):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::newVariableAccessData):
(JSC::DFG::ByteCodeParser::getLocal):
(JSC::DFG::ByteCodeParser::setLocal):
(JSC::DFG::ByteCodeParser::getArgument):
(JSC::DFG::ByteCodeParser::setArgument):
(JSC::DFG::ByteCodeParser::flushDirect):
(JSC::DFG::ByteCodeParser::flush):
(JSC::DFG::ByteCodeParser::noticeArgumentsUse):
(JSC::DFG::ByteCodeParser::handleVarargsCall):
(JSC::DFG::ByteCodeParser::attemptToInlineCall):
(JSC::DFG::ByteCodeParser::handleInlining):
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
(JSC::DFG::ByteCodeParser::parseCodeBlock):
* dfg/DFGCPSRethreadingPhase.cpp:
(JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeLocalsInBlock):
* dfg/DFGCSEPhase.cpp:
* dfg/DFGCallCreateDirectArgumentsSlowPathGenerator.h: Added.
(JSC::DFG::CallCreateDirectArgumentsSlowPathGenerator::CallCreateDirectArgumentsSlowPathGenerator):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::isSupportedForInlining):
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGCommon.h:
* dfg/DFGCommonData.h:
(JSC::DFG::CommonData::CommonData):
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):
* dfg/DFGDCEPhase.cpp:
(JSC::DFG::DCEPhase::cleanVariables):
* dfg/DFGDisassembler.h:
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGFlushFormat.cpp:
(WTF::printInternal):
* dfg/DFGFlushFormat.h:
(JSC::DFG::resultFor):
(JSC::DFG::useKindFor):
(JSC::DFG::dataFormatFor):
* dfg/DFGForAllKills.h: Added.
(JSC::DFG::forAllLiveNodesAtTail):
(JSC::DFG::forAllDirectlyKilledOperands):
(JSC::DFG::forAllKilledOperands):
(JSC::DFG::forAllKilledNodesAtNodeIndex):
(JSC::DFG::forAllKillsInBlock):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::Graph):
(JSC::DFG::Graph::dump):
(JSC::DFG::Graph::substituteGetLocal):
(JSC::DFG::Graph::livenessFor):
(JSC::DFG::Graph::killsFor):
(JSC::DFG::Graph::tryGetConstantClosureVar):
(JSC::DFG::Graph::tryGetRegisters): Deleted.
* dfg/DFGGraph.h:
(JSC::DFG::Graph::symbolTableFor):
(JSC::DFG::Graph::uses):
(JSC::DFG::Graph::bytecodeRegisterForArgument): Deleted.
(JSC::DFG::Graph::capturedVarsFor): Deleted.
(JSC::DFG::Graph::usesArguments): Deleted.
(JSC::DFG::Graph::argumentsRegisterFor): Deleted.
(JSC::DFG::Graph::machineArgumentsRegisterFor): Deleted.
(JSC::DFG::Graph::uncheckedArgumentsRegisterFor): Deleted.
* dfg/DFGHeapLocation.cpp:
(WTF::printInternal):
* dfg/DFGHeapLocation.h:
* dfg/DFGInPlaceAbstractState.cpp:
(JSC::DFG::InPlaceAbstractState::initialize):
(JSC::DFG::InPlaceAbstractState::mergeStateAtTail):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::link):
* dfg/DFGMayExit.cpp:
(JSC::DFG::mayExit):
* dfg/DFGMinifiedID.h:
* dfg/DFGMinifiedNode.cpp:
(JSC::DFG::MinifiedNode::fromNode):
* dfg/DFGMinifiedNode.h:
(JSC::DFG::belongsInMinifiedGraph):
(JSC::DFG::MinifiedNode::hasInlineCallFrame):
(JSC::DFG::MinifiedNode::inlineCallFrame):
* dfg/DFGNode.cpp:
(JSC::DFG::Node::convertToIdentityOn):
* dfg/DFGNode.h:
(JSC::DFG::Node::hasConstant):
(JSC::DFG::Node::constant):
(JSC::DFG::Node::hasScopeOffset):
(JSC::DFG::Node::scopeOffset):
(JSC::DFG::Node::hasDirectArgumentsOffset):
(JSC::DFG::Node::capturedArgumentsOffset):
(JSC::DFG::Node::variablePointer):
(JSC::DFG::Node::hasCallVarargsData):
(JSC::DFG::Node::hasLoadVarargsData):
(JSC::DFG::Node::hasHeapPrediction):
(JSC::DFG::Node::hasCellOperand):
(JSC::DFG::Node::objectMaterializationData):
(JSC::DFG::Node::isPhantomAllocation):
(JSC::DFG::Node::willHaveCodeGenOrOSR):
(JSC::DFG::Node::shouldSpeculateDirectArguments):
(JSC::DFG::Node::shouldSpeculateScopedArguments):
(JSC::DFG::Node::isPhantomArguments): Deleted.
(JSC::DFG::Node::hasVarNumber): Deleted.
(JSC::DFG::Node::varNumber): Deleted.
(JSC::DFG::Node::registerPointer): Deleted.
(JSC::DFG::Node::shouldSpeculateArguments): Deleted.
* dfg/DFGNodeType.h:
* dfg/DFGOSRAvailabilityAnalysisPhase.cpp:
(JSC::DFG::OSRAvailabilityAnalysisPhase::run):
(JSC::DFG::LocalOSRAvailabilityCalculator::executeNode):
* dfg/DFGOSRExitCompiler.cpp:
(JSC::DFG::OSRExitCompiler::emitRestoreArguments):
* dfg/DFGOSRExitCompiler.h:
(JSC::DFG::OSRExitCompiler::badIndex): Deleted.
(JSC::DFG::OSRExitCompiler::initializePoisoned): Deleted.
(JSC::DFG::OSRExitCompiler::poisonIndex): Deleted.
* dfg/DFGOSRExitCompiler32_64.cpp:
(JSC::DFG::OSRExitCompiler::compileExit):
* dfg/DFGOSRExitCompiler64.cpp:
(JSC::DFG::OSRExitCompiler::compileExit):
* dfg/DFGOSRExitCompilerCommon.cpp:
(JSC::DFG::reifyInlinedCallFrames):
(JSC::DFG::ArgumentsRecoveryGenerator::ArgumentsRecoveryGenerator): Deleted.
(JSC::DFG::ArgumentsRecoveryGenerator::~ArgumentsRecoveryGenerator): Deleted.
(JSC::DFG::ArgumentsRecoveryGenerator::generateFor): Deleted.
* dfg/DFGOSRExitCompilerCommon.h:
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::compileInThreadImpl):
* dfg/DFGPreciseLocalClobberize.h:
(JSC::DFG::PreciseLocalClobberizeAdaptor::read):
(JSC::DFG::PreciseLocalClobberizeAdaptor::write):
(JSC::DFG::PreciseLocalClobberizeAdaptor::def):
(JSC::DFG::PreciseLocalClobberizeAdaptor::readTop):
(JSC::DFG::preciseLocalClobberize):
(JSC::DFG::PreciseLocalClobberizeAdaptor::writeTop): Deleted.
(JSC::DFG::forEachLocalReadByUnwind): Deleted.
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::run):
(JSC::DFG::PredictionPropagationPhase::propagate):
(JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
(JSC::DFG::PredictionPropagationPhase::propagateThroughArgumentPositions):
* dfg/DFGPromoteHeapAccess.h:
(JSC::DFG::promoteHeapAccess):
* dfg/DFGPromotedHeapLocation.cpp:
(WTF::printInternal):
* dfg/DFGPromotedHeapLocation.h:
* dfg/DFGSSAConversionPhase.cpp:
(JSC::DFG::SSAConversionPhase::run):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::emitAllocateJSArray):
(JSC::DFG::SpeculativeJIT::emitGetLength):
(JSC::DFG::SpeculativeJIT::emitGetCallee):
(JSC::DFG::SpeculativeJIT::emitGetArgumentStart):
(JSC::DFG::SpeculativeJIT::checkArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetByValOnScopedArguments):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileNewFunction):
(JSC::DFG::SpeculativeJIT::compileForwardVarargs):
(JSC::DFG::SpeculativeJIT::compileCreateActivation):
(JSC::DFG::SpeculativeJIT::compileCreateDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetFromArguments):
(JSC::DFG::SpeculativeJIT::compilePutToArguments):
(JSC::DFG::SpeculativeJIT::compileCreateScopedArguments):
(JSC::DFG::SpeculativeJIT::compileCreateClonedArguments):
(JSC::DFG::SpeculativeJIT::emitAllocateArguments): Deleted.
(JSC::DFG::SpeculativeJIT::compileGetByValOnArguments): Deleted.
(JSC::DFG::SpeculativeJIT::compileGetArgumentsLength): Deleted.
(JSC::DFG::SpeculativeJIT::compileNewFunctionNoCheck): Deleted.
(JSC::DFG::SpeculativeJIT::compileNewFunctionExpression): Deleted.
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
(JSC::DFG::SpeculativeJIT::emitAllocateJSObjectWithKnownSize):
(JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
(JSC::DFG::SpeculativeJIT::framePointerOffsetToGetActivationRegisters): Deleted.
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGStackLayoutPhase.cpp:
(JSC::DFG::StackLayoutPhase::run):
* dfg/DFGStrengthReductionPhase.cpp:
(JSC::DFG::StrengthReductionPhase::handleNode):
* dfg/DFGStructureRegistrationPhase.cpp:
(JSC::DFG::StructureRegistrationPhase::run):
* dfg/DFGUnificationPhase.cpp:
(JSC::DFG::UnificationPhase::run):
* dfg/DFGValidate.cpp:
(JSC::DFG::Validate::validateCPS):
* dfg/DFGValueSource.cpp:
(JSC::DFG::ValueSource::dump):
* dfg/DFGValueSource.h:
(JSC::DFG::dataFormatToValueSourceKind):
(JSC::DFG::valueSourceKindToDataFormat):
(JSC::DFG::ValueSource::ValueSource):
(JSC::DFG::ValueSource::forFlushFormat):
(JSC::DFG::ValueSource::valueRecovery):
* dfg/DFGVarargsForwardingPhase.cpp: Added.
(JSC::DFG::performVarargsForwarding):
* dfg/DFGVarargsForwardingPhase.h: Added.
* dfg/DFGVariableAccessData.cpp:
(JSC::DFG::VariableAccessData::VariableAccessData):
(JSC::DFG::VariableAccessData::flushFormat):
(JSC::DFG::VariableAccessData::mergeIsCaptured): Deleted.
* dfg/DFGVariableAccessData.h:
(JSC::DFG::VariableAccessData::shouldNeverUnbox):
(JSC::DFG::VariableAccessData::shouldUseDoubleFormat):
(JSC::DFG::VariableAccessData::isCaptured): Deleted.
(JSC::DFG::VariableAccessData::mergeIsArgumentsAlias): Deleted.
(JSC::DFG::VariableAccessData::isArgumentsAlias): Deleted.
* dfg/DFGVariableAccessDataDump.cpp:
(JSC::DFG::VariableAccessDataDump::dump):
* dfg/DFGVariableAccessDataDump.h:
* dfg/DFGVariableEventStream.cpp:
(JSC::DFG::VariableEventStream::tryToSetConstantRecovery):
* dfg/DFGVariableEventStream.h:
* ftl/FTLAbstractHeap.cpp:
(JSC::FTL::AbstractHeap::dump):
(JSC::FTL::AbstractField::dump):
(JSC::FTL::IndexedAbstractHeap::dump):
(JSC::FTL::NumberedAbstractHeap::dump):
(JSC::FTL::AbsoluteAbstractHeap::dump):
* ftl/FTLAbstractHeap.h:
* ftl/FTLAbstractHeapRepository.cpp:
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLCompile.cpp:
(JSC::FTL::mmAllocateDataSection):
* ftl/FTLExitArgument.cpp:
(JSC::FTL::ExitArgument::dump):
* ftl/FTLExitPropertyValue.cpp:
(JSC::FTL::ExitPropertyValue::withLocalsOffset):
* ftl/FTLExitPropertyValue.h:
* ftl/FTLExitTimeObjectMaterialization.cpp:
(JSC::FTL::ExitTimeObjectMaterialization::ExitTimeObjectMaterialization):
(JSC::FTL::ExitTimeObjectMaterialization::accountForLocalsOffset):
* ftl/FTLExitTimeObjectMaterialization.h:
(JSC::FTL::ExitTimeObjectMaterialization::origin):
* ftl/FTLExitValue.cpp:
(JSC::FTL::ExitValue::withLocalsOffset):
(JSC::FTL::ExitValue::valueFormat):
(JSC::FTL::ExitValue::dumpInContext):
* ftl/FTLExitValue.h:
(JSC::FTL::ExitValue::isArgument):
(JSC::FTL::ExitValue::argumentsObjectThatWasNotCreated): Deleted.
(JSC::FTL::ExitValue::isArgumentsObjectThatWasNotCreated): Deleted.
(JSC::FTL::ExitValue::valueFormat): Deleted.
* ftl/FTLInlineCacheSize.cpp:
(JSC::FTL::sizeOfCallForwardVarargs):
(JSC::FTL::sizeOfConstructForwardVarargs):
(JSC::FTL::sizeOfICFor):
* ftl/FTLInlineCacheSize.h:
* ftl/FTLIntrinsicRepository.h:
* ftl/FTLJSCallVarargs.cpp:
(JSC::FTL::JSCallVarargs::JSCallVarargs):
(JSC::FTL::JSCallVarargs::emit):
* ftl/FTLJSCallVarargs.h:
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::LowerDFGToLLVM::lower):
(JSC::FTL::LowerDFGToLLVM::compileNode):
(JSC::FTL::LowerDFGToLLVM::compilePutStack):
(JSC::FTL::LowerDFGToLLVM::compileGetArrayLength):
(JSC::FTL::LowerDFGToLLVM::compileGetByVal):
(JSC::FTL::LowerDFGToLLVM::compileGetMyArgumentByVal):
(JSC::FTL::LowerDFGToLLVM::compilePutByVal):
(JSC::FTL::LowerDFGToLLVM::compileArrayPush):
(JSC::FTL::LowerDFGToLLVM::compileArrayPop):
(JSC::FTL::LowerDFGToLLVM::compileCreateActivation):
(JSC::FTL::LowerDFGToLLVM::compileNewFunction):
(JSC::FTL::LowerDFGToLLVM::compileCreateDirectArguments):
(JSC::FTL::LowerDFGToLLVM::compileCreateScopedArguments):
(JSC::FTL::LowerDFGToLLVM::compileCreateClonedArguments):
(JSC::FTL::LowerDFGToLLVM::compileStringCharAt):
(JSC::FTL::LowerDFGToLLVM::compileStringCharCodeAt):
(JSC::FTL::LowerDFGToLLVM::compileGetGlobalVar):
(JSC::FTL::LowerDFGToLLVM::compilePutGlobalVar):
(JSC::FTL::LowerDFGToLLVM::compileGetArgumentCount):
(JSC::FTL::LowerDFGToLLVM::compileGetClosureVar):
(JSC::FTL::LowerDFGToLLVM::compilePutClosureVar):
(JSC::FTL::LowerDFGToLLVM::compileGetFromArguments):
(JSC::FTL::LowerDFGToLLVM::compilePutToArguments):
(JSC::FTL::LowerDFGToLLVM::compileCallOrConstructVarargs):
(JSC::FTL::LowerDFGToLLVM::compileForwardVarargs):
(JSC::FTL::LowerDFGToLLVM::compileGetEnumeratorPname):
(JSC::FTL::LowerDFGToLLVM::ArgumentsLength::ArgumentsLength):
(JSC::FTL::LowerDFGToLLVM::getArgumentsLength):
(JSC::FTL::LowerDFGToLLVM::getCurrentCallee):
(JSC::FTL::LowerDFGToLLVM::getArgumentsStart):
(JSC::FTL::LowerDFGToLLVM::baseIndex):
(JSC::FTL::LowerDFGToLLVM::allocateObject):
(JSC::FTL::LowerDFGToLLVM::allocateVariableSizedObject):
(JSC::FTL::LowerDFGToLLVM::isArrayType):
(JSC::FTL::LowerDFGToLLVM::emitStoreBarrier):
(JSC::FTL::LowerDFGToLLVM::buildExitArguments):
(JSC::FTL::LowerDFGToLLVM::exitValueForAvailability):
(JSC::FTL::LowerDFGToLLVM::exitValueForNode):
(JSC::FTL::LowerDFGToLLVM::loadStructure):
(JSC::FTL::LowerDFGToLLVM::compilePhantomArguments): Deleted.
(JSC::FTL::LowerDFGToLLVM::compileGetMyArgumentsLength): Deleted.
(JSC::FTL::LowerDFGToLLVM::compileGetClosureRegisters): Deleted.
(JSC::FTL::LowerDFGToLLVM::compileCheckArgumentsNotCreated): Deleted.
(JSC::FTL::LowerDFGToLLVM::checkArgumentsNotCreated): Deleted.
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileRecovery):
(JSC::FTL::compileStub):
* ftl/FTLOperations.cpp:
(JSC::FTL::operationMaterializeObjectInOSR):
* ftl/FTLOutput.h:
(JSC::FTL::Output::aShr):
(JSC::FTL::Output::lShr):
(JSC::FTL::Output::zeroExtPtr):
* heap/CopyToken.h:
* interpreter/CallFrame.h:
(JSC::ExecState::getArgumentUnsafe):
* interpreter/Interpreter.cpp:
(JSC::sizeOfVarargs):
(JSC::sizeFrameForVarargs):
(JSC::loadVarargs):
(JSC::unwindCallFrame):
* interpreter/Interpreter.h:
* interpreter/StackVisitor.cpp:
(JSC::StackVisitor::Frame::createArguments):
(JSC::StackVisitor::Frame::existingArguments): Deleted.
* interpreter/StackVisitor.h:
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::storeValue):
(JSC::AssemblyHelpers::loadValue):
(JSC::AssemblyHelpers::storeTrustedValue):
(JSC::AssemblyHelpers::branchIfNotCell):
(JSC::AssemblyHelpers::branchIsEmpty):
(JSC::AssemblyHelpers::argumentsStart):
(JSC::AssemblyHelpers::baselineArgumentsRegisterFor): Deleted.
(JSC::AssemblyHelpers::offsetOfLocals): Deleted.
(JSC::AssemblyHelpers::offsetOfArguments): Deleted.
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgument):
* jit/GPRInfo.h:
(JSC::JSValueRegs::withTwoAvailableRegs):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITCall.cpp:
(JSC::JIT::compileSetupVarargsFrame):
* jit/JITCall32_64.cpp:
(JSC::JIT::compileSetupVarargsFrame):
* jit/JITInlines.h:
(JSC::JIT::callOperation):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_create_lexical_environment):
(JSC::JIT::emit_op_new_func):
(JSC::JIT::emit_op_create_direct_arguments):
(JSC::JIT::emit_op_create_scoped_arguments):
(JSC::JIT::emit_op_create_out_of_band_arguments):
(JSC::JIT::emit_op_tear_off_arguments): Deleted.
(JSC::JIT::emit_op_create_arguments): Deleted.
(JSC::JIT::emit_op_init_lazy_reg): Deleted.
(JSC::JIT::emit_op_get_arguments_length): Deleted.
(JSC::JIT::emitSlow_op_get_arguments_length): Deleted.
(JSC::JIT::emit_op_get_argument_by_val): Deleted.
(JSC::JIT::emitSlow_op_get_argument_by_val): Deleted.
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_create_lexical_environment):
(JSC::JIT::emit_op_tear_off_arguments): Deleted.
(JSC::JIT::emit_op_create_arguments): Deleted.
(JSC::JIT::emit_op_init_lazy_reg): Deleted.
(JSC::JIT::emit_op_get_arguments_length): Deleted.
(JSC::JIT::emitSlow_op_get_arguments_length): Deleted.
(JSC::JIT::emit_op_get_argument_by_val): Deleted.
(JSC::JIT::emitSlow_op_get_argument_by_val): Deleted.
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitGetClosureVar):
(JSC::JIT::emitPutClosureVar):
(JSC::JIT::emit_op_get_from_arguments):
(JSC::JIT::emit_op_put_to_arguments):
(JSC::JIT::emit_op_init_global_const):
(JSC::JIT::privateCompileGetByVal):
(JSC::JIT::emitDirectArgumentsGetByVal):
(JSC::JIT::emitScopedArgumentsGetByVal):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emitGetClosureVar):
(JSC::JIT::emitPutClosureVar):
(JSC::JIT::emit_op_get_from_arguments):
(JSC::JIT::emit_op_put_to_arguments):
(JSC::JIT::emit_op_init_global_const):
* jit/SetupVarargsFrame.cpp:
(JSC::emitSetupVarargsFrameFastCase):
* llint/LLIntOffsetsExtractor.cpp:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* parser/Nodes.h:
(JSC::ScopeNode::captures):
* runtime/Arguments.cpp: Removed.
* runtime/Arguments.h: Removed.
* runtime/ArgumentsMode.h: Added.
* runtime/DirectArgumentsOffset.cpp: Added.
(JSC::DirectArgumentsOffset::dump):
* runtime/DirectArgumentsOffset.h: Added.
(JSC::DirectArgumentsOffset::DirectArgumentsOffset):
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/CommonSlowPaths.h:
* runtime/ConstantMode.cpp: Added.
(WTF::printInternal):
* runtime/ConstantMode.h:
(JSC::modeForIsConstant):
* runtime/DirectArguments.cpp: Added.
(JSC::DirectArguments::DirectArguments):
(JSC::DirectArguments::createUninitialized):
(JSC::DirectArguments::create):
(JSC::DirectArguments::createByCopying):
(JSC::DirectArguments::visitChildren):
(JSC::DirectArguments::copyBackingStore):
(JSC::DirectArguments::createStructure):
(JSC::DirectArguments::overrideThings):
(JSC::DirectArguments::overrideThingsIfNecessary):
(JSC::DirectArguments::overrideArgument):
(JSC::DirectArguments::copyToArguments):
(JSC::DirectArguments::overridesSize):
* runtime/DirectArguments.h: Added.
(JSC::DirectArguments::internalLength):
(JSC::DirectArguments::length):
(JSC::DirectArguments::canAccessIndexQuickly):
(JSC::DirectArguments::getIndexQuickly):
(JSC::DirectArguments::setIndexQuickly):
(JSC::DirectArguments::callee):
(JSC::DirectArguments::argument):
(JSC::DirectArguments::overrodeThings):
(JSC::DirectArguments::offsetOfCallee):
(JSC::DirectArguments::offsetOfLength):
(JSC::DirectArguments::offsetOfMinCapacity):
(JSC::DirectArguments::offsetOfOverrides):
(JSC::DirectArguments::storageOffset):
(JSC::DirectArguments::offsetOfSlot):
(JSC::DirectArguments::allocationSize):
(JSC::DirectArguments::storage):
* runtime/FunctionPrototype.cpp:
* runtime/GenericArguments.h: Added.
(JSC::GenericArguments::GenericArguments):
* runtime/GenericArgumentsInlines.h: Added.
(JSC::GenericArguments<Type>::getOwnPropertySlot):
(JSC::GenericArguments<Type>::getOwnPropertySlotByIndex):
(JSC::GenericArguments<Type>::getOwnPropertyNames):
(JSC::GenericArguments<Type>::put):
(JSC::GenericArguments<Type>::putByIndex):
(JSC::GenericArguments<Type>::deleteProperty):
(JSC::GenericArguments<Type>::deletePropertyByIndex):
(JSC::GenericArguments<Type>::defineOwnProperty):
(JSC::GenericArguments<Type>::copyToArguments):
* runtime/GenericOffset.h: Added.
(JSC::GenericOffset::GenericOffset):
(JSC::GenericOffset::operator!):
(JSC::GenericOffset::offsetUnchecked):
(JSC::GenericOffset::offset):
(JSC::GenericOffset::operator==):
(JSC::GenericOffset::operator!=):
(JSC::GenericOffset::operator<):
(JSC::GenericOffset::operator>):
(JSC::GenericOffset::operator<=):
(JSC::GenericOffset::operator>=):
(JSC::GenericOffset::operator+):
(JSC::GenericOffset::operator-):
(JSC::GenericOffset::operator+=):
(JSC::GenericOffset::operator-=):
* runtime/JSArgumentsIterator.cpp:
(JSC::JSArgumentsIterator::finishCreation):
(JSC::argumentsFuncIterator):
* runtime/JSArgumentsIterator.h:
(JSC::JSArgumentsIterator::create):
(JSC::JSArgumentsIterator::next):
* runtime/JSEnvironmentRecord.cpp:
(JSC::JSEnvironmentRecord::visitChildren):
* runtime/JSEnvironmentRecord.h:
(JSC::JSEnvironmentRecord::variables):
(JSC::JSEnvironmentRecord::isValid):
(JSC::JSEnvironmentRecord::variableAt):
(JSC::JSEnvironmentRecord::offsetOfVariables):
(JSC::JSEnvironmentRecord::offsetOfVariable):
(JSC::JSEnvironmentRecord::allocationSizeForScopeSize):
(JSC::JSEnvironmentRecord::allocationSize):
(JSC::JSEnvironmentRecord::JSEnvironmentRecord):
(JSC::JSEnvironmentRecord::finishCreationUninitialized):
(JSC::JSEnvironmentRecord::finishCreation):
(JSC::JSEnvironmentRecord::registers): Deleted.
(JSC::JSEnvironmentRecord::registerAt): Deleted.
(JSC::JSEnvironmentRecord::addressOfRegisters): Deleted.
(JSC::JSEnvironmentRecord::offsetOfRegisters): Deleted.
* runtime/JSFunction.cpp:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::addGlobalVar):
(JSC::JSGlobalObject::addFunction):
(JSC::JSGlobalObject::visitChildren):
(JSC::JSGlobalObject::addStaticGlobals):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::directArgumentsStructure):
(JSC::JSGlobalObject::scopedArgumentsStructure):
(JSC::JSGlobalObject::outOfBandArgumentsStructure):
(JSC::JSGlobalObject::argumentsStructure): Deleted.
* runtime/JSLexicalEnvironment.cpp:
(JSC::JSLexicalEnvironment::symbolTableGet):
(JSC::JSLexicalEnvironment::symbolTablePut):
(JSC::JSLexicalEnvironment::getOwnNonIndexPropertyNames):
(JSC::JSLexicalEnvironment::symbolTablePutWithAttributes):
(JSC::JSLexicalEnvironment::visitChildren): Deleted.
* runtime/JSLexicalEnvironment.h:
(JSC::JSLexicalEnvironment::create):
(JSC::JSLexicalEnvironment::JSLexicalEnvironment):
(JSC::JSLexicalEnvironment::registersOffset): Deleted.
(JSC::JSLexicalEnvironment::storageOffset): Deleted.
(JSC::JSLexicalEnvironment::storage): Deleted.
(JSC::JSLexicalEnvironment::allocationSize): Deleted.
(JSC::JSLexicalEnvironment::isValidIndex): Deleted.
(JSC::JSLexicalEnvironment::isValid): Deleted.
(JSC::JSLexicalEnvironment::registerAt): Deleted.
* runtime/JSNameScope.cpp:
(JSC::JSNameScope::visitChildren): Deleted.
* runtime/JSNameScope.h:
(JSC::JSNameScope::create):
(JSC::JSNameScope::value):
(JSC::JSNameScope::finishCreation):
(JSC::JSNameScope::JSNameScope):
* runtime/JSScope.cpp:
(JSC::abstractAccess):
* runtime/JSSegmentedVariableObject.cpp:
(JSC::JSSegmentedVariableObject::findVariableIndex):
(JSC::JSSegmentedVariableObject::addVariables):
(JSC::JSSegmentedVariableObject::visitChildren):
(JSC::JSSegmentedVariableObject::findRegisterIndex): Deleted.
(JSC::JSSegmentedVariableObject::addRegisters): Deleted.
* runtime/JSSegmentedVariableObject.h:
(JSC::JSSegmentedVariableObject::variableAt):
(JSC::JSSegmentedVariableObject::assertVariableIsInThisObject):
(JSC::JSSegmentedVariableObject::registerAt): Deleted.
(JSC::JSSegmentedVariableObject::assertRegisterIsInThisObject): Deleted.
* runtime/JSSymbolTableObject.h:
(JSC::JSSymbolTableObject::offsetOfSymbolTable):
(JSC::symbolTableGet):
(JSC::symbolTablePut):
(JSC::symbolTablePutWithAttributes):
* runtime/JSType.h:
* runtime/Options.h:
* runtime/ClonedArguments.cpp: Added.
(JSC::ClonedArguments::ClonedArguments):
(JSC::ClonedArguments::createEmpty):
(JSC::ClonedArguments::createWithInlineFrame):
(JSC::ClonedArguments::createWithMachineFrame):
(JSC::ClonedArguments::createByCopyingFrom):
(JSC::ClonedArguments::createStructure):
(JSC::ClonedArguments::getOwnPropertySlot):
(JSC::ClonedArguments::getOwnPropertyNames):
(JSC::ClonedArguments::put):
(JSC::ClonedArguments::deleteProperty):
(JSC::ClonedArguments::defineOwnProperty):
(JSC::ClonedArguments::materializeSpecials):
(JSC::ClonedArguments::materializeSpecialsIfNecessary):
* runtime/ClonedArguments.h: Added.
(JSC::ClonedArguments::specialsMaterialized):
* runtime/ScopeOffset.cpp: Added.
(JSC::ScopeOffset::dump):
* runtime/ScopeOffset.h: Added.
(JSC::ScopeOffset::ScopeOffset):
* runtime/ScopedArguments.cpp: Added.
(JSC::ScopedArguments::ScopedArguments):
(JSC::ScopedArguments::finishCreation):
(JSC::ScopedArguments::createUninitialized):
(JSC::ScopedArguments::create):
(JSC::ScopedArguments::createByCopying):
(JSC::ScopedArguments::createByCopyingFrom):
(JSC::ScopedArguments::visitChildren):
(JSC::ScopedArguments::createStructure):
(JSC::ScopedArguments::overrideThings):
(JSC::ScopedArguments::overrideThingsIfNecessary):
(JSC::ScopedArguments::overrideArgument):
(JSC::ScopedArguments::copyToArguments):
* runtime/ScopedArguments.h: Added.
(JSC::ScopedArguments::internalLength):
(JSC::ScopedArguments::length):
(JSC::ScopedArguments::canAccessIndexQuickly):
(JSC::ScopedArguments::getIndexQuickly):
(JSC::ScopedArguments::setIndexQuickly):
(JSC::ScopedArguments::callee):
(JSC::ScopedArguments::overrodeThings):
(JSC::ScopedArguments::offsetOfOverrodeThings):
(JSC::ScopedArguments::offsetOfTotalLength):
(JSC::ScopedArguments::offsetOfTable):
(JSC::ScopedArguments::offsetOfScope):
(JSC::ScopedArguments::overflowStorageOffset):
(JSC::ScopedArguments::allocationSize):
(JSC::ScopedArguments::overflowStorage):
* runtime/ScopedArgumentsTable.cpp: Added.
(JSC::ScopedArgumentsTable::ScopedArgumentsTable):
(JSC::ScopedArgumentsTable::~ScopedArgumentsTable):
(JSC::ScopedArgumentsTable::destroy):
(JSC::ScopedArgumentsTable::create):
(JSC::ScopedArgumentsTable::clone):
(JSC::ScopedArgumentsTable::setLength):
(JSC::ScopedArgumentsTable::set):
(JSC::ScopedArgumentsTable::createStructure):
* runtime/ScopedArgumentsTable.h: Added.
(JSC::ScopedArgumentsTable::length):
(JSC::ScopedArgumentsTable::get):
(JSC::ScopedArgumentsTable::lock):
(JSC::ScopedArgumentsTable::offsetOfLength):
(JSC::ScopedArgumentsTable::offsetOfArguments):
(JSC::ScopedArgumentsTable::at):
* runtime/SymbolTable.cpp:
(JSC::SymbolTableEntry::prepareToWatch):
(JSC::SymbolTable::SymbolTable):
(JSC::SymbolTable::visitChildren):
(JSC::SymbolTable::localToEntry):
(JSC::SymbolTable::entryFor):
(JSC::SymbolTable::cloneScopePart):
(JSC::SymbolTable::prepareForTypeProfiling):
(JSC::SymbolTable::uniqueIDForOffset):
(JSC::SymbolTable::globalTypeSetForOffset):
(JSC::SymbolTable::cloneCapturedNames): Deleted.
(JSC::SymbolTable::uniqueIDForRegister): Deleted.
(JSC::SymbolTable::globalTypeSetForRegister): Deleted.
* runtime/SymbolTable.h:
(JSC::SymbolTableEntry::varOffsetFromBits):
(JSC::SymbolTableEntry::scopeOffsetFromBits):
(JSC::SymbolTableEntry::Fast::varOffset):
(JSC::SymbolTableEntry::Fast::scopeOffset):
(JSC::SymbolTableEntry::Fast::isDontEnum):
(JSC::SymbolTableEntry::Fast::getAttributes):
(JSC::SymbolTableEntry::SymbolTableEntry):
(JSC::SymbolTableEntry::varOffset):
(JSC::SymbolTableEntry::isWatchable):
(JSC::SymbolTableEntry::scopeOffset):
(JSC::SymbolTableEntry::setAttributes):
(JSC::SymbolTableEntry::constantMode):
(JSC::SymbolTableEntry::isDontEnum):
(JSC::SymbolTableEntry::disableWatching):
(JSC::SymbolTableEntry::pack):
(JSC::SymbolTableEntry::isValidVarOffset):
(JSC::SymbolTable::createNameScopeTable):
(JSC::SymbolTable::maxScopeOffset):
(JSC::SymbolTable::didUseScopeOffset):
(JSC::SymbolTable::didUseVarOffset):
(JSC::SymbolTable::scopeSize):
(JSC::SymbolTable::nextScopeOffset):
(JSC::SymbolTable::takeNextScopeOffset):
(JSC::SymbolTable::add):
(JSC::SymbolTable::set):
(JSC::SymbolTable::argumentsLength):
(JSC::SymbolTable::setArgumentsLength):
(JSC::SymbolTable::argumentOffset):
(JSC::SymbolTable::setArgumentOffset):
(JSC::SymbolTable::arguments):
(JSC::SlowArgument::SlowArgument): Deleted.
(JSC::SymbolTableEntry::Fast::getIndex): Deleted.
(JSC::SymbolTableEntry::getIndex): Deleted.
(JSC::SymbolTableEntry::isValidIndex): Deleted.
(JSC::SymbolTable::captureStart): Deleted.
(JSC::SymbolTable::setCaptureStart): Deleted.
(JSC::SymbolTable::captureEnd): Deleted.
(JSC::SymbolTable::setCaptureEnd): Deleted.
(JSC::SymbolTable::captureCount): Deleted.
(JSC::SymbolTable::isCaptured): Deleted.
(JSC::SymbolTable::parameterCount): Deleted.
(JSC::SymbolTable::parameterCountIncludingThis): Deleted.
(JSC::SymbolTable::setParameterCountIncludingThis): Deleted.
(JSC::SymbolTable::slowArguments): Deleted.
(JSC::SymbolTable::setSlowArguments): Deleted.
* runtime/VM.cpp:
(JSC::VM::VM):
* runtime/VM.h:
* runtime/VarOffset.cpp: Added.
(JSC::VarOffset::dump):
(WTF::printInternal):
* runtime/VarOffset.h: Added.
(JSC::VarOffset::VarOffset):
(JSC::VarOffset::assemble):
(JSC::VarOffset::isValid):
(JSC::VarOffset::operator!):
(JSC::VarOffset::kind):
(JSC::VarOffset::isStack):
(JSC::VarOffset::isScope):
(JSC::VarOffset::isDirectArgument):
(JSC::VarOffset::stackOffsetUnchecked):
(JSC::VarOffset::scopeOffsetUnchecked):
(JSC::VarOffset::capturedArgumentsOffsetUnchecked):
(JSC::VarOffset::stackOffset):
(JSC::VarOffset::scopeOffset):
(JSC::VarOffset::capturedArgumentsOffset):
(JSC::VarOffset::rawOffset):
(JSC::VarOffset::checkSanity):
(JSC::VarOffset::operator==):
(JSC::VarOffset::operator!=):
(JSC::VarOffset::hash):
(JSC::VarOffset::isHashTableDeletedValue):
(JSC::VarOffsetHash::hash):
(JSC::VarOffsetHash::equal):
* tests/stress/arguments-exit-strict-mode.js: Added.
* tests/stress/arguments-exit.js: Added.
* tests/stress/arguments-inlined-exit-strict-mode-fixed.js: Added.
* tests/stress/arguments-inlined-exit-strict-mode.js: Added.
* tests/stress/arguments-inlined-exit.js: Added.
* tests/stress/arguments-interference.js: Added.
* tests/stress/arguments-interference-cfg.js: Added.
* tests/stress/dead-get-closure-var.js: Added.
* tests/stress/get-declared-unpassed-argument-in-direct-arguments.js: Added.
* tests/stress/get-declared-unpassed-argument-in-scoped-arguments.js: Added.
* tests/stress/varargs-closure-inlined-exit-strict-mode.js: Added.
* tests/stress/varargs-closure-inlined-exit.js: Added.
* tests/stress/varargs-exit.js: Added.
* tests/stress/varargs-inlined-exit.js: Added.
* tests/stress/varargs-inlined-simple-exit-aliasing-weird-reversed-args.js: Added.
* tests/stress/varargs-inlined-simple-exit-aliasing-weird.js: Added.
* tests/stress/varargs-inlined-simple-exit-aliasing.js: Added.
* tests/stress/varargs-inlined-simple-exit.js: Added.
* tests/stress/varargs-too-few-arguments.js: Added.
* tests/stress/varargs-varargs-closure-inlined-exit.js: Added.
* tests/stress/varargs-varargs-inlined-exit-strict-mode.js: Added.
* tests/stress/varargs-varargs-inlined-exit.js: Added.

Source/WTF:

* wtf/FastBitVector.h:
(WTF::FastBitVector::resize): Small change: don't resize if you don't have to resize.

LayoutTests:

* js/function-apply-aliased-expected.txt:
* js/function-dot-arguments-expected.txt:
* js/regress/arguments-expected.txt: Added.
* js/regress/arguments-named-and-reflective-expected.txt: Added.
* js/regress/arguments-named-and-reflective.html: Added.
* js/regress/arguments-strict-mode-expected.txt: Added.
* js/regress/arguments-strict-mode.html: Added.
* js/regress/arguments.html: Added.
* js/regress/script-tests/arguments-named-and-reflective.js: Added.
* js/regress/script-tests/arguments-strict-mode.js: Added.
* js/regress/script-tests/arguments.js: Added.
* js/regress/script-tests/try-catch-get-by-val-cloned-arguments.js: Added.
* js/regress/script-tests/try-catch-get-by-val-direct-arguments.js: Added.
* js/regress/script-tests/try-catch-get-by-val-scoped-arguments.js: Added.
* js/regress/script-tests/varargs-call.js: Added.
* js/regress/script-tests/varargs-construct-inline.js: Added.
* js/regress/script-tests/varargs-construct.js: Added.
* js/regress/script-tests/varargs-inline.js: Added.
* js/regress/script-tests/varargs-strict-mode.js: Added.
* js/regress/script-tests/varargs.js: Added.
* js/regress/try-catch-get-by-val-cloned-arguments-expected.txt: Added.
* js/regress/try-catch-get-by-val-cloned-arguments.html: Added.
* js/regress/try-catch-get-by-val-direct-arguments-expected.txt: Added.
* js/regress/try-catch-get-by-val-direct-arguments.html: Added.
* js/regress/try-catch-get-by-val-scoped-arguments-expected.txt: Added.
* js/regress/try-catch-get-by-val-scoped-arguments.html: Added.
* js/regress/varargs-call-expected.txt: Added.
* js/regress/varargs-call.html: Added.
* js/regress/varargs-construct-expected.txt: Added.
* js/regress/varargs-construct-inline-expected.txt: Added.
* js/regress/varargs-construct-inline.html: Added.
* js/regress/varargs-construct.html: Added.
* js/regress/varargs-expected.txt: Added.
* js/regress/varargs-inline-expected.txt: Added.
* js/regress/varargs-inline.html: Added.
* js/regress/varargs-strict-mode-expected.txt: Added.
* js/regress/varargs-strict-mode.html: Added.
* js/regress/varargs.html: Added.
* js/script-tests/function-apply-aliased.js:
* js/script-tests/function-dot-arguments.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181993 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Cocoa] RemoteInspectorXPCConnection::deserializeMessage() leaks a NSDictionary under...
aestes@apple.com [Thu, 26 Mar 2015 03:11:04 +0000 (03:11 +0000)]
[Cocoa] RemoteInspectorXPCConnection::deserializeMessage() leaks a NSDictionary under Objective-C GC
https://bugs.webkit.org/show_bug.cgi?id=143068

Reviewed by Dan Bernstein.

* inspector/remote/RemoteInspectorXPCConnection.mm:
(Inspector::RemoteInspectorXPCConnection::deserializeMessage): Used RetainPtr::autorelease(), which does the right thing under GC.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181992 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[WK2] WebFrameLoaderClient::dispatchDecidePolicyForResponse() should always call...
cdumez@apple.com [Thu, 26 Mar 2015 02:36:08 +0000 (02:36 +0000)]
[WK2] WebFrameLoaderClient::dispatchDecidePolicyForResponse() should always call the FramePolicyFunction
https://bugs.webkit.org/show_bug.cgi?id=143036
<rdar://problem/20252438>
<rdar://problem/13811738>

Reviewed by Alexey Proskuryakov.

WebFrameLoaderClient::dispatchDecidePolicyForResponse() should always
call the FramePolicyFunction. Previously, it would fail to do in 2
cases:
- m_frame->page() returns null
or
- webPage->sendSync() returns false

If the FramePolicyFunction is not called, we will fail to clear the
callback in the PolicyChecker and
DocumentLoader::continueAfterContentPolicy() will not be called.

DocumentLoader::continueAfterContentPolicy() is in charge of resetting
m_waitingForContentPolicy flag to false. This could therefore explain
the following assertion being hit in DocumentLoader::detachFromFrame()
(see <rdar://problem/20252438>):
RELEASE_ASSERT(!m_waitingForContentPolicy)

Also, as the PolicyChecker callback is not cleared, it could make it
possible for DocumentLoader::continueAfterContentPolicy() to be called
*after* the load is finished, when later canceling the PolicyCallback:
FrameLoader::stopAllLoaders()
 -> PolicyChecker::stopCheck()
  -> PolicyCallback::cancel()
   -> DocumentLoader::continueAfterContentPolicy(PolicyIgnore)

Calling continueAfterContentPolicy(PolicyIgnore) after the load is
finished would be bad and could explain some of the crashes we've seen
in DocumentLoader::continueAfterContentPolicy() ->
DocumentLoader:: stopLoadingForPolicyChange() (see
<rdar://problem/13811738>).

This patch also applies the same fix to
dispatchDecidePolicyForNewWindowAction() and
dispatchDecidePolicyForNavigationAction() as they use the same pattern.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181991 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoUse JITCompilationCanFail in more places, and make the fail path of JITCompilationMus...
fpizlo@apple.com [Thu, 26 Mar 2015 01:26:56 +0000 (01:26 +0000)]
Use JITCompilationCanFail in more places, and make the fail path of JITCompilationMustSucceed a crash instead of attempting GC
https://bugs.webkit.org/show_bug.cgi?id=142993

Source/JavaScriptCore:

Reviewed by Geoffrey Garen and Mark Lam.

This changes the most commonly invoked paths that relied on JITCompilationMustSucceed
into using JITCompilationCanFail and having a legit fallback path. This mostly involves
having the FTL JIT do the same trick as the DFG JIT in case of any memory allocation
failure, but also involves adding the same kind of thing to the stub generators in
Repatch.

Because of that change, there are relatively few uses of JITCompilationMustSucceed. Most
of those uses cannot handle a GC, and so cannot do releaseExecutableMemory(). Only a few,
like host call stub generation, could handle a GC, but those get invoked very rarely. So,
this patch changes the releaseExecutableMemory() call into a crash with some diagnostic
printout.

Also add a way of inducing executable allocation failure, so that we can test this.

* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::compile):
(JSC::DFG::JITCompiler::compileFunction):
(JSC::DFG::JITCompiler::link): Deleted.
(JSC::DFG::JITCompiler::linkFunction): Deleted.
* dfg/DFGJITCompiler.h:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::compileInThreadImpl):
* ftl/FTLCompile.cpp:
(JSC::FTL::mmAllocateCodeSection):
(JSC::FTL::mmAllocateDataSection):
* ftl/FTLLink.cpp:
(JSC::FTL::link):
* ftl/FTLState.h:
* jit/ArityCheckFailReturnThunks.cpp:
(JSC::ArityCheckFailReturnThunks::returnPCsFor):
* jit/ExecutableAllocationFuzz.cpp: Added.
(JSC::numberOfExecutableAllocationFuzzChecks):
(JSC::doExecutableAllocationFuzzing):
* jit/ExecutableAllocationFuzz.h: Added.
(JSC::doExecutableAllocationFuzzingIfEnabled):
* jit/ExecutableAllocatorFixedVMPool.cpp:
(JSC::ExecutableAllocator::allocate):
* jit/JIT.cpp:
(JSC::JIT::privateCompile):
* jit/JITCompilationEffort.h:
* jit/Repatch.cpp:
(JSC::generateByIdStub):
(JSC::tryCacheGetByID):
(JSC::tryBuildGetByIDList):
(JSC::emitPutReplaceStub):
(JSC::emitPutTransitionStubAndGetOldStructure):
(JSC::tryCachePutByID):
(JSC::tryBuildPutByIdList):
(JSC::tryRepatchIn):
(JSC::linkPolymorphicCall):
* jsc.cpp:
(jscmain):
* runtime/Options.h:
* runtime/TestRunnerUtils.h:
* runtime/VM.cpp:
* tests/executableAllocationFuzz: Added.
* tests/executableAllocationFuzz.yaml: Added.
* tests/executableAllocationFuzz/v8-raytrace.js: Added.

Tools:

Reviewed by Mark Lam.

Bunch of support for testing executable allocation failure.

* Scripts/jsc-stress-test-helpers/js-executable-allocation-fuzz: Added.
(fail):
* Scripts/run-javascriptcore-tests:
(runJSCStressTests):
* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181990 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoCSS blend modes do not parse when in the shadow tree
dino@apple.com [Thu, 26 Mar 2015 01:05:20 +0000 (01:05 +0000)]
CSS blend modes do not parse when in the shadow tree
https://bugs.webkit.org/show_bug.cgi?id=143067
<rdar://problem/20302662>

Reviewed by Anders Carlson.

The media controls style sheets are injected as UA stylesheets
when we come across a <video> or <audio> element. These stylesheets
have a different parsing context than the document stylesheets -
one that uses the default constructor, which initializes some
features like cssCompositingEnabled to false without checking
the runtime state.

The easy fix is to use the global state to initialize the context.

Unfortunately we can't test this since it only occurs in the shadow
tree.

* css/CSSParser.cpp:
(WebCore::CSSParserContext::CSSParserContext): Check the state
of RuntimeEnabledFeatures to initialize CSS Regions and
CSS Compositing (Blending).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181989 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAX: table cells that use display:block render the table inaccessible to VoiceOver
cfleizach@apple.com [Thu, 26 Mar 2015 00:53:52 +0000 (00:53 +0000)]
AX: table cells that use display:block render the table inaccessible to VoiceOver
https://bugs.webkit.org/show_bug.cgi?id=143007

Reviewed by Mario Sanchez Prada.

Source/WebCore:

When display:block is used on a table cell, it was being ignored because it was anonymous.
This is still a valid scenario however if it's still inside of a valid table.

Test: accessibility/table-cell-display-block.html

* accessibility/AccessibilityTableCell.cpp:
(WebCore::AccessibilityTableCell::computeAccessibilityIsIgnored):

LayoutTests:

* accessibility/table-cell-display-block-expected.txt: Added.
* accessibility/table-cell-display-block.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181988 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Add ESLint "Disallow Undeclared Variables" rule and enable ES6 env
commit-queue@webkit.org [Thu, 26 Mar 2015 00:46:57 +0000 (00:46 +0000)]
Web Inspector: Add ESLint "Disallow Undeclared Variables" rule and enable ES6 env
https://bugs.webkit.org/show_bug.cgi?id=143062

Patch by Tobias Reiss <tobi+webkit@basecode.de> on 2015-03-25
Reviewed by Joseph Pecoraro.

ESLint: Add support for es6 environment and "no-undef" rule which disallows
use of undeclared variables unless mentioned in a /*global */ block.

* .eslintrc:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181987 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd a preference to prevent "user-scalable=no" from having any effect
timothy_horton@apple.com [Thu, 26 Mar 2015 00:03:44 +0000 (00:03 +0000)]
Add a preference to prevent "user-scalable=no" from having any effect
https://bugs.webkit.org/show_bug.cgi?id=143032

Reviewed by Sam Weinig.

* Shared/WebPreferencesDefinitions.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):
Add a preference and push it to the ViewportConfiguration.

* page/ViewportConfiguration.cpp:
(WebCore::ViewportConfiguration::ViewportConfiguration):
(WebCore::ViewportConfiguration::allowsUserScaling):
* page/ViewportConfiguration.h:
(WebCore::ViewportConfiguration::setForceAlwaysUserScalable):
If forceAlwaysUserScalable is set to true, force "user-scalable=yes".

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION (r181660): Force click url preview doesn't have a TextIndicator in Mail
bdakin@apple.com [Wed, 25 Mar 2015 23:37:41 +0000 (23:37 +0000)]
REGRESSION (r181660): Force click url preview doesn't have a TextIndicator in Mail
https://bugs.webkit.org/show_bug.cgi?id=143064
-and corresponding-
rdar://problem/20251440

Reviewed by Tim Horton.

The TextIndicator was getting set to nil by the call to
_dismissContentRelativeChildWindows in mouseDown. That line of code was added by
http://trac.webkit.org/changeset/177242 to work around a bug in another component
that has now been resolved, so it no longer appears to be necessary.

* UIProcess/API/mac/WKView.mm:
(-[WKView mouseDown:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181985 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd network and application cache directories to WebsiteDataStore
andersca@apple.com [Wed, 25 Mar 2015 23:37:04 +0000 (23:37 +0000)]
Add network and application cache directories to WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=143063

Reviewed by Sam Weinig.

Create a WebKit directory under ~/Library/Caches/<Bundle ID> for non-sandboxed applications,
and ~/Library/Caches for sandboxed applications. Create NetworkCache and OfflineWebApplicationCache
subdirectories. These directories will be used with the modern WebKit API.

* UIProcess/API/APIWebsiteDataStore.h:
* UIProcess/API/Cocoa/APIWebsiteDataStoreCocoa.mm:
(API::WebsiteDataStore::cacheDirectoryFileSystemRepresentation):
(API::WebsiteDataStore::defaultDataStoreConfiguration):
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::WebsiteDataStore):
* UIProcess/WebsiteData/WebsiteDataStore.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181984 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAnother attempt to get the iOS EWS building again.
mitz@apple.com [Wed, 25 Mar 2015 23:33:53 +0000 (23:33 +0000)]
Another attempt to get the iOS EWS building again.

* WebCore.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181983 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix Windows build from r181977.
mmaxfield@apple.com [Wed, 25 Mar 2015 23:25:31 +0000 (23:25 +0000)]
Fix Windows build from r181977.

Unreviewed.

* Scripts/update-webkit-dependency:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181982 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION(169139): LLINT intermittently fails JSC testapi tests.
mark.lam@apple.com [Wed, 25 Mar 2015 23:15:15 +0000 (23:15 +0000)]
REGRESSION(169139): LLINT intermittently fails JSC testapi tests.
<https://webkit.org/b/135719>

Reviewed by Geoffrey Garen.

This is a regression introduced in http://trac.webkit.org/changeset/169139 which
changed VM::watchdog from an embedded field into a std::unique_ptr, but did not
update the LLINT to access it as such.

The issue has only manifested so far on the CLoop tests because those are LLINT
only.  In the non-CLoop cases, the JIT kicks in and does the right thing, thereby
hiding the bug in the LLINT.

* API/JSContextRef.cpp:
(createWatchdogIfNeeded):
(JSContextGroupSetExecutionTimeLimit):
(JSContextGroupClearExecutionTimeLimit):
* llint/LowLevelInterpreter.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181981 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd case-insensitive checks to DFA bytecode.
achristensen@apple.com [Wed, 25 Mar 2015 23:05:36 +0000 (23:05 +0000)]
Add case-insensitive checks to DFA bytecode.
https://bugs.webkit.org/show_bug.cgi?id=142977

Reviewed by Benjamin Poulain.

* contentextensions/DFABytecode.h:
(WebCore::ContentExtensions::instructionSizeWithArguments):
* contentextensions/DFABytecodeCompiler.cpp:
(WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValue):
(WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValueRange):
Add case-insensitive bytecode.
(WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
Check to see if case-insensitive bytecodes can be used.
(WebCore::ContentExtensions::DFABytecodeCompiler::compileCheckForRange):
* contentextensions/DFABytecodeCompiler.h:
(WebCore::ContentExtensions::DFABytecodeCompiler::Range::Range):
Added Range structure to be able to count the ranges in a future patch deciding if we want to use jump tables.
* contentextensions/DFABytecodeInterpreter.cpp:
(WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
Interpret case-insensitive bytecodes.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181980 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoChange Atomic methods from using the_wrong_naming_conventions to using theRightNaming...
fpizlo@apple.com [Wed, 25 Mar 2015 22:56:50 +0000 (22:56 +0000)]
Change Atomic methods from using the_wrong_naming_conventions to using theRightNamingConventions. Also make seq_cst the default.

Rubber stamped by Geoffrey Garen.

Source/JavaScriptCore:

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::visitAggregate):

Source/WTF:

* wtf/Atomics.h:
(WTF::Atomic::load):
(WTF::Atomic::store):
(WTF::Atomic::compareExchangeWeak):
(WTF::Atomic::compareExchangeStrong):
(WTF::Atomic::compare_exchange_weak): Deleted.
(WTF::Atomic::compare_exchange_strong): Deleted.
* wtf/ByteSpinLock.h:
(WTF::ByteSpinLock::lock):
* wtf/SpinLock.h:
(WTF::SpinLockBase::lock):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181979 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAddress additional review feedback from https://bugs.webkit.org/show_bug.cgi?id=143059.
weinig@apple.com [Wed, 25 Mar 2015 22:56:19 +0000 (22:56 +0000)]
Address additional review feedback from https://bugs.webkit.org/show_bug.cgi?id=143059.

Source/WebCore:

* contentextensions/ContentExtensionCompiler.cpp:
(WebCore::ContentExtensions::compileRuleList):
* contentextensions/ContentExtensionCompiler.h:
* contentextensions/ContentExtensionParser.cpp:
(WebCore::ContentExtensions::getTypeFlags):

Source/WebKit2:

* Shared/WebCompiledContentExtension.cpp:
(WebKit::WebCompiledContentExtension::createFromCompiledContentExtensionData):
* UIProcess/API/C/WKUserContentFilterRef.cpp:
(WKUserContentFilterCreate):
* UIProcess/API/Cocoa/_WKUserContentFilter.mm:
(-[_WKUserContentFilter initWithName:serializedRules:]):

Tools:

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
(TestWebKitAPI::InMemoryCompiledContentExtension::createFromFilter):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181978 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoMigrate update-webkit for Windows to not require Cygwin
mmaxfield@apple.com [Wed, 25 Mar 2015 22:46:41 +0000 (22:46 +0000)]
Migrate update-webkit for Windows to not require Cygwin
https://bugs.webkit.org/show_bug.cgi?id=143040

Reviewed by Brent Fulgham.

* Scripts/update-webkit-dependency:
(wanted):
(toUnixPath): Deleted.
* Scripts/webkitdirs.pm:
(fontExists):
(checkInstalledTools):
(setupAppleWinEnv):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181977 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoFix formatting in BuiltinExecutables
commit-queue@webkit.org [Wed, 25 Mar 2015 22:42:39 +0000 (22:42 +0000)]
Fix formatting in BuiltinExecutables
https://bugs.webkit.org/show_bug.cgi?id=143061

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-03-25
Reviewed by Ryosuke Niwa.

* builtins/BuiltinExecutables.cpp:
(JSC::BuiltinExecutables::createExecutableInternal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181976 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoAdd a few more tests for Class names
commit-queue@webkit.org [Wed, 25 Mar 2015 22:41:04 +0000 (22:41 +0000)]
Add a few more tests for Class names
https://bugs.webkit.org/show_bug.cgi?id=143060

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-03-25
Reviewed by Ryosuke Niwa.

Add a few more class name tests:
- const class name binding inside class expression
- mutable class name binding from class statement

* js/script-tests/class-syntax-name.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181975 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years ago[Content Extensions] Convert content extension compiling to return error codes and...
weinig@apple.com [Wed, 25 Mar 2015 22:38:58 +0000 (22:38 +0000)]
[Content Extensions] Convert content extension compiling to return error codes and write its output using a client
https://bugs.webkit.org/show_bug.cgi?id=143059

Reviewed by Alex Christensen.

Source/WebCore:

* WebCore.xcodeproj/project.pbxproj:
Add ContentExtensionError.h/cpp.

* contentextensions/ContentExtensionError.cpp: Added.
(WebCore::ContentExtensions::contentExtensionErrorCategory):
* contentextensions/ContentExtensionError.h: Added.
(WebCore::ContentExtensions::make_error_code):
Add ContentExtensionError enum and std::error_code adaptor.

* contentextensions/ContentExtensionCompiler.h:
Instead of returning CompiledContentExtensionData, use a client interface
to pass data. Eventually, this should be turned into a direct streaming
interface so we can write directly to a file.

* contentextensions/ContentExtensionCompiler.cpp:
(WebCore::ContentExtensions::compileRuleList):
* contentextensions/ContentExtensionParser.cpp:
(WebCore::ContentExtensions::getTypeFlags):
(WebCore::ContentExtensions::loadTrigger):
(WebCore::ContentExtensions::loadAction):
(WebCore::ContentExtensions::loadRule):
(WebCore::ContentExtensions::loadEncodedRules):
(WebCore::ContentExtensions::parseRuleList):
* contentextensions/ContentExtensionParser.h:
Convert to return an error.

Source/WebKit2:

* Shared/WebCompiledContentExtension.cpp:
* Shared/WebCompiledContentExtension.h:
(WebKit::LegacyContentExtensionCompilationClient::LegacyContentExtensionCompilationClient):
(WebKit::LegacyContentExtensionCompilationClient::writeBytecode):
(WebKit::LegacyContentExtensionCompilationClient::writeActions):
Add subclass of ContentExtensionCompilationClient for use with the non-file backed content
extensions.

* UIProcess/API/C/WKUserContentFilterRef.cpp:
(WKUserContentFilterCreate):
* UIProcess/API/Cocoa/_WKUserContentFilter.mm:
(-[_WKUserContentFilter initWithName:serializedRules:]):
Update to use the new interface of compileRuleList().

Tools:

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
(TestWebKitAPI::InMemoryCompiledContentExtension::createFromFilter):
Update for new interface of compileRuleList().

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181974 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoES6: Classes: Program level class statement throws exception in strict mode
joepeck@webkit.org [Wed, 25 Mar 2015 21:33:59 +0000 (21:33 +0000)]
ES6: Classes: Program level class statement throws exception in strict mode
https://bugs.webkit.org/show_bug.cgi?id=143038

Reviewed by Ryosuke Niwa.

Source/JavaScriptCore:

Classes expose a name to the current lexical environment. This treats
"class X {}" like "var X = class X {}". Ideally it would be "let X = class X {}".
Also, improve error messages for class statements where the class is missing a name.

* parser/Parser.h:
* parser/Parser.cpp:
(JSC::Parser<LexerType>::parseClass):
Fill name in info parameter if needed. Better error message if name is needed and missing.

(JSC::Parser<LexerType>::parseClassDeclaration):
Pass info parameter to get name, and expose the name as a variable name.

(JSC::Parser<LexerType>::parsePrimaryExpression):
Pass info parameter that is ignored.

* parser/ParserFunctionInfo.h:
Add a parser info for class, to extract the name.

LayoutTests:

This updates a number of existing tests that were relying on
poor behavior. `shouldBe` and friends use eval within a function
not at the global scope. This means `shouldBe('class X { ... }')`
behaves like `shouldBe('var x = ...')` not `shouldBe('x = ...')`.
This means `x` will not be available in the next `shouldBe` call.

Add a test specifically to cover the scoping of the class name
in regular and strict mode code. Currently we treat it like var
with one failing test that would pass when we treat it like let.

* js/class-syntax-name.html: Added.
* js/script-tests/class-syntax-name.js: Added.
(runTestShouldBe):
(runTestShouldBeTrue):
(runTestShouldThrow):
(runTestShouldNotThrow):
Test class name scoping.

* js/class-syntax-call-expected.txt:
* js/class-syntax-declaration-expected.txt:
* js/class-syntax-default-constructor-expected.txt:
* js/class-syntax-name-expected.txt: Added.
* js/script-tests/class-syntax-call.js:
* js/script-tests/class-syntax-declaration.js:
* js/script-tests/class-syntax-default-constructor.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181973 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoWeb Inspector: Switching tabs to window with inspector open prohibits typing into...
rniwa@webkit.org [Wed, 25 Mar 2015 21:19:05 +0000 (21:19 +0000)]
Web Inspector: Switching tabs to window with inspector open prohibits typing into console
https://bugs.webkit.org/show_bug.cgi?id=126800

Reviewed by Anders Carlsson.

This is a regression from r85356 and r83814. These two patches made WKWebView clear its selection
when WKView resigns the first responder without ever restoring it even if WKView later becomes
the first responder again. This is problematic when a text field or a editing host element had been
focused and selected prior to the resignation since the editing code uses the selection to determine
the editability of the element.

Fixed the bug by restoring selection in [WKView becomeFirstResponder] if the selection is empty.

* UIProcess/API/mac/WKView.mm:
(-[WKView becomeFirstResponder]):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::restoreSelectionInFocusedEditableElement):
* UIProcess/WebPageProxy.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::restoreSelectionInFocusedEditableElement):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181972 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoREGRESSION (r181660): Safari navigates to link after a starting and canceling a
bdakin@apple.com [Wed, 25 Mar 2015 21:09:18 +0000 (21:09 +0000)]
REGRESSION (r181660): Safari navigates to link after a starting and canceling a
force preview
https://bugs.webkit.org/show_bug.cgi?id=143057
-and corresponding-
rdar://problem/20251436

Reviewed by Tim Horton.

Source/WebCore:

This patch adds a value for ActionUpdated to the ImmediateActionStage enum. Now if
m_immediateActionStage indicates that an immediate action has either begun or
completed then we can have the same behavior.
* page/EventHandler.cpp:
(WebCore::EventHandler::handleMouseReleaseEvent):
* page/EventHandler.h:

Source/WebKit2:

Always call _page->immediateActionDidUpdate() so that the EventHandler’s
ImmediateActionStage is appropriately updated.
* UIProcess/mac/WKImmediateActionController.mm:
(-[WKImmediateActionController immediateActionRecognizerDidUpdateAnimation:]):

Update the EventHandler’s ImmediateActionStage.
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::immediateActionDidUpdate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181971 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoSeparate entry decoding from validation
antti@apple.com [Wed, 25 Mar 2015 20:59:18 +0000 (20:59 +0000)]
Separate entry decoding from validation
https://bugs.webkit.org/show_bug.cgi?id=143052

Reviewed by Chris Dumez.

Make NetworkCache::Cache a class and move it to a file of its own.
Move the encoding/decoding code there.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::fetchDiskCacheEntries):
(WebKit::clearDiskCacheEntries):
* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::sendReplyToSynchronousRequest):
(WebKit::NetworkResourceLoader::start):
(WebKit::NetworkResourceLoader::sendBufferMaybeAborting):
(WebKit::NetworkResourceLoader::didRetrieveCacheEntry):
(WebKit::NetworkResourceLoader::validateCacheEntry):
* NetworkProcess/NetworkResourceLoader.h:
* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::collectVaryingRequestHeaders):
(WebKit::NetworkCache::canUse):

    Focused function for deciding if we can use a cache entry and if it needs validation.

(WebKit::NetworkCache::Cache::retrieve):
(WebKit::NetworkCache::Cache::store):
(WebKit::NetworkCache::Cache::update):
(WebKit::NetworkCache::Cache::traverse):
(WebKit::NetworkCache::encodeStorageEntry): Deleted.
(WebKit::NetworkCache::decodeStorageEntry): Deleted.
* NetworkProcess/cache/NetworkCache.h:
* NetworkProcess/cache/NetworkCacheEntry.cpp: Added.
(WebKit::NetworkCache::Entry::Entry):
(WebKit::NetworkCache::Entry::encode):
(WebKit::NetworkCache::Entry::decode):
(WebKit::NetworkCache::Entry::initializeBufferFromStorageEntry):
(WebKit::NetworkCache::Entry::buffer):
(WebKit::NetworkCache::Entry::shareableResourceHandle):
(WebKit::NetworkCache::Entry::needsValidation):
(WebKit::NetworkCache::Entry::setNeedsValidation):
* NetworkProcess/cache/NetworkCacheEntry.h: Added.
(WebKit::NetworkCache::Entry::key):
(WebKit::NetworkCache::Entry::timeStamp):
(WebKit::NetworkCache::Entry::response):
(WebKit::NetworkCache::Entry::varyingRequestHeaders):
(WebKit::NetworkCache::Entry::sourceStorageEntry):
* NetworkProcess/cache/NetworkCacheStatistics.h:
* NetworkProcess/cache/NetworkCacheStatisticsCocoa.mm:
(WebKit::NetworkCache::cachedEntryReuseFailureToDiagnosticKey):
(WebKit::NetworkCache::Statistics::recordRetrievedCachedEntry):
* WebKit2.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181970 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoGardening: rebaseline after r181907.
mark.lam@apple.com [Wed, 25 Mar 2015 19:35:49 +0000 (19:35 +0000)]
Gardening: rebaseline after r181907.

Not reviewed.

* platform/win/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181969 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5 years agoNew map and set modification tests in r181922 fails
ggaren@apple.com [Wed, 25 Mar 2015 18:37:17 +0000 (18:37 +0000)]
New map and set modification tests in r181922 fails
https://bugs.webkit.org/show_bug.cgi?id=143031

Reviewed and tweaked by Geoffrey Garen.

When packing Map/Set backing store, we need to decrement Map/Set iterator's m_index
to adjust for the packed backing store.

Consider the following map data.

x: deleted, o: exists
0 1 2 3 4
x x x x o

And iterator with m_index 3.

When packing the map data, map data will become,

0
o

At that time, we perfom didRemoveEntry 4 times on iterators.
times => m_index/index/result
1 => 3/0/dec
2 => 2/1/dec
3 => 1/2/nothing
4 => 1/3/nothing

After iteration, iterator's m_index becomes 1. But we expected that becomes 0.
This is because if we use decremented m_index for comparison,
while provided deletedIndex is the index in old storage, m_index is the index in partially packed storage.

In this patch, we compare against the packed index instead.
times => m_index/packedIndex/result
1 => 3/0/dec
2 => 2/0/dec
3 => 1/0/dec
4 => 0/0/nothing

So m_index becomes 0 as expected.

And according to the spec, once the iterator is closed (becomes done: true),
its internal [[Map]]/[[Set]] is set to undefined.
So after the iterator is finished, we don't revive the iterator (e.g. by clearing m_index = 0).

In this patch, we change 2 things.
1.
Compare an iterator's index against the packed index when removing an entry.

2.
If the iterator is closed (isFinished()), we don't apply adjustment to the iterator.

Patch by Yusuke Suzuki <utatane.tea@gmail.com> on 2015-03-25

* runtime/MapData.h:
(JSC::MapDataImpl::IteratorData::finish):
(JSC::MapDataImpl::IteratorData::isFinished):
(JSC::MapDataImpl::IteratorData::didRemoveEntry):
(JSC::MapDataImpl::IteratorData::didRemoveAllEntries):
(JSC::MapDataImpl::IteratorData::startPackBackingStore):
* runtime/MapDataInlines.h:
(JSC::JSIterator>::replaceAndPackBackingStore):
* tests/stress/modify-map-during-iteration.js:
* tests/stress/modify-set-during-iteration.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181968 268f45cc-cd09-0410-ab3c-d52691b4dbfc