WebKit-https.git
14 months agoWebDriver: implement maximize, minimize and fullscreen window commands
carlosgc@webkit.org [Thu, 24 May 2018 08:54:37 +0000 (08:54 +0000)]
WebDriver: implement maximize, minimize and fullscreen window commands
https://bugs.webkit.org/show_bug.cgi?id=180398

Reviewed by Brian Burg.

Source/WebDriver:

* CMakeLists.txt: Add EnterFullscreen.js to the build.
* Session.cpp:
(WebDriver::Session::maximizeWindow):
(WebDriver::Session::minimizeWindow):
(WebDriver::Session::fullscreenWindow):
* Session.h:
* WebDriverService.cpp:
(WebDriver::WebDriverService::maximizeWindow):
(WebDriver::WebDriverService::minimizeWindow):
(WebDriver::WebDriverService::fullscreenWindow):
* WebDriverService.h:

Source/WebKit:

* UIProcess/API/APIAutomationSessionClient.h:
(API::AutomationSessionClient::requestMaximizeWindowOfPage): Added to allow clients maximize the window.
* UIProcess/API/glib/WebKitAutomationSession.cpp:
* UIProcess/API/glib/WebKitWebViewPrivate.h:
* UIProcess/API/gtk/WebKitWebViewGtk.cpp:
(WindowStateEvent::WindowStateEvent): Struct to handle window state events.
(WindowStateEvent::~WindowStateEvent): Complete the event.
(WindowStateEvent::complete): Call the completion handler is not called already.
(windowStateEventCallback): Handle window state event changes.
(webkitWebViewMaximizeWindow): Try to maximize the window and wait for the event.
(webkitWebViewMinimizeWindow): Try to minimize the window and wait for the event.
(webkitWebViewRestoreWindow): Try to unmaximize or unminimize the window and wait for the event.
* UIProcess/API/wpe/WebKitWebViewWPE.cpp:
(webkitWebViewMaximizeWindow):
(webkitWebViewMinimizeWindow):
(webkitWebViewRestoreWindow):
* UIProcess/Automation/Automation.json:
* UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::maximizeWindowOfBrowsingContext): Exit fullscreen, restore the window and then
maximize it.
(WebKit::WebAutomationSession::maximizeWindowForPage): Ask the client to maximize the window of page.
* UIProcess/Automation/WebAutomationSession.h:
* UIProcess/Automation/atoms/EnterFullscreen.js:
(enterFullscreen): Return early if fullscreen is disabled or if window is already in fullscreen.

Tools:

* Scripts/webkitpy/port/xvfbdriver.py:
(XvfbDriver._setup_environ_for_test): Set UNDER_XVFB environment variable when running under Xvfb.

WebDriverTests:

Remove expectations for tests that are passing now.

* TestExpectations.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232150 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[GStreamer] Save some time disabling some compile options in the dependencies
calvaris@igalia.com [Thu, 24 May 2018 08:04:41 +0000 (08:04 +0000)]
[GStreamer] Save some time disabling some compile options in the dependencies
https://bugs.webkit.org/show_bug.cgi?id=185909

Reviewed by Philippe Normand.

* gstreamer/jhbuild.modules: Added  --disable-tests to gstreamer
and --disable-examples --disable-gtk-doc to gstreamer-vaapi.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232149 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUse ASCIILiteral with applicationBundleIsEqualTo in RuntimeApplicationChecksCocoa
commit-queue@webkit.org [Thu, 24 May 2018 05:42:10 +0000 (05:42 +0000)]
Use ASCIILiteral with applicationBundleIsEqualTo in RuntimeApplicationChecksCocoa
https://bugs.webkit.org/show_bug.cgi?id=185935

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2018-05-23
Reviewed by Yusuke Suzuki.

* platform/cocoa/RuntimeApplicationChecksCocoa.mm:
(WebCore::MacApplication::isSafari):
(WebCore::MacApplication::isAppleMail):
(WebCore::MacApplication::isIBooks):
(WebCore::MacApplication::isITunes):
(WebCore::MacApplication::isMicrosoftMessenger):
(WebCore::MacApplication::isAdobeInstaller):
(WebCore::MacApplication::isAOLInstantMessenger):
(WebCore::MacApplication::isMicrosoftMyDay):
(WebCore::MacApplication::isMicrosoftOutlook):
(WebCore::MacApplication::isQuickenEssentials):
(WebCore::MacApplication::isAperture):
(WebCore::MacApplication::isVersions):
(WebCore::MacApplication::isHRBlock):
(WebCore::MacApplication::isIAdProducer):
(WebCore::MacApplication::isSolidStateNetworksDownloader):
(WebCore::IOSApplication::isMobileMail):
(WebCore::IOSApplication::isMobileSafari):
(WebCore::IOSApplication::isWebBookmarksD):
(WebCore::IOSApplication::isDumpRenderTree):
(WebCore::IOSApplication::isMobileStore):
(WebCore::IOSApplication::isSpringBoard):
(WebCore::IOSApplication::isWebApp):
(WebCore::IOSApplication::isIBooks):
(WebCore::IOSApplication::isIBooksStorytime):
(WebCore::IOSApplication::isTheSecretSocietyHiddenMystery):
(WebCore::IOSApplication::isCardiogram):
(WebCore::IOSApplication::isNike):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232148 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoAvoid keeping FormState alive longer than necessary
bfulgham@apple.com [Thu, 24 May 2018 05:23:00 +0000 (05:23 +0000)]
Avoid keeping FormState alive longer than necessary
https://bugs.webkit.org/show_bug.cgi?id=185877
<rdar://problem/39329219>

Reviewed by Ryosuke Niwa.

A number of crash fixes were done to prevent FormState objects from being
accessed after their relevant Frames had been destroyed. Unfortunately, this
could cause the FormState to persist after the owning Frame had been
destroyed, resulting in nullptr dereferences.

This patch does the following:

1. Uses WeakPtr's for FormState objects passed to completion handlers, rather
   than RefPtr, since those completion handlers might fire as part of the
   clean-up process during Frame destruction. This allows us to use the FormState
   if they are still valid, but gracefully handle cases where a form submission
   is cancelled in-flight.
2. Moves FormState object as they pass through the loader.
3. Removes some extraneous WTFMove() calls being made on bare FormState pointers.
4. Changes FormSubmission to hold a RefPtr so we can move the FormState to the
   loader in the code path that uses it (the FormSubmission is always destroyed
   shortly afterwards).
5. Changes the trap from Bug 183704 so that it only fires if the FormState object
   is being retained more than once.

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::willSendRequest): Update for new CompletionHandler
signature.
* loader/FormState.cpp:
(WebCore::FormState::willDetachPage): Revise trap to check for retain counts
above one.
* loader/FormState.h:
(WebCore::FormState::weakPtrFactory const): Added.
* loader/FormSubmission.h:
(WebCore::FormSubmission::state const): Revised for change to RefPtr.
(WebCore::FormSubmission::takeState): Added.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::urlSelected): Update for new CompletionHandler signature.
(WebCore::FrameLoader::loadURLIntoChildFrame): Ditto.
(WebCore::FrameLoader::loadFrameRequest): Ditto.
(WebCore::FrameLoader::loadURL): Ditto.
(WebCore::FrameLoader::load): Ditto.
(WebCore::FrameLoader::loadWithNavigationAction): Ditto.
(WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
(WebCore::FrameLoader::reloadWithOverrideEncoding): Ditto.
(WebCore::FrameLoader::reload): Ditto.
(WebCore::FrameLoader::loadPostRequest): Ditto.
(WebCore::FrameLoader::loadDifferentDocumentItem): Ditto.
* loader/FrameLoader.h:
* loader/NavigationScheduler.cpp:
* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy):Revise to use WeakPtr for
FormState passed to the completion handler. Remove some extraneous WTFMove()
calls on bare pointers.
(WebCore::PolicyChecker::checkNewWindowPolicy): Ditto.
* loader/PolicyChecker.h:
* page/ContextMenuController.cpp:
(WebCore::openNewWindow): Revise for new signatures.
(WebCore::ContextMenuController::contextMenuItemSelected): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232147 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoRegression(r229831): fast/loader/javascript-url-iframe-remove-on-navigate-async-deleg...
cdumez@apple.com [Thu, 24 May 2018 04:08:43 +0000 (04:08 +0000)]
Regression(r229831): fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=183885
<rdar://problem/38733968>

Reviewed by Youenn Fablet.

Stop loading an external URL as this is not what the test is testing and since the error message for
the external load causes flakiness.

* TestExpectations:
* fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate-expected.txt:
* fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html:
* fast/loader/javascript-url-iframe-remove-on-navigate-expected.txt:
* fast/loader/javascript-url-iframe-remove-on-navigate.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232144 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoExpose $vm if window.internals is exposed
keith_miller@apple.com [Thu, 24 May 2018 03:01:43 +0000 (03:01 +0000)]
Expose $vm if window.internals is exposed
https://bugs.webkit.org/show_bug.cgi?id=185900

Reviewed by Mark Lam.

This is useful for testing vm internals when running LayoutTests.

Source/JavaScriptCore:

* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):
(JSC::JSGlobalObject::exposeDollarVM):
* runtime/JSGlobalObject.h:

Source/WebCore:

* testing/js/WebCoreTestSupport.cpp:
(WebCoreTestSupport::injectInternalsObject):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232143 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoOSBuildFetcher should respect maxRevision while finding OS builds to report.
dewei_zhu@apple.com [Thu, 24 May 2018 01:18:20 +0000 (01:18 +0000)]
OSBuildFetcher should respect maxRevision while finding OS builds to report.
https://bugs.webkit.org/show_bug.cgi?id=185925

Reviewed by Ryosuke Niwa.

* server-tests/tools-os-build-fetcher-tests.js: Fix a typo in the unit tests.
Added unit tests for this change. Aslo convert an existing test using async.
* tools/js/os-build-fetcher.js:
(prototype._fetchAvailableBuilds): It should also use 'maxRevision' to filter builds to be reported.
It should use 'minRevisionOrder' when no commit has ever been submitted.
(prototype._commitsForAvailableBuilds): Takes 'maxOrder' as fifth argument.
'minOrder' and 'maxOrder' should be inclusive.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232142 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUpdate ChartPane per change r231087.
dewei_zhu@apple.com [Thu, 24 May 2018 01:18:17 +0000 (01:18 +0000)]
Update ChartPane per change r231087.
https://bugs.webkit.org/show_bug.cgi?id=185570

Reviewed by Ryosuke Niwa.

On r231087 we change the return type of AnalysisTask.create, ChartPane needs to adapt
this change.

* public/v3/pages/chart-pane.js: Adapted the change that AnalysisTask.create now returns
an AnalysisTask object.
(ChartPane.prototype.async._analyzeRange):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232141 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoRemove Source Sans Pro from WebKit website
commit-queue@webkit.org [Thu, 24 May 2018 00:53:08 +0000 (00:53 +0000)]
Remove Source Sans Pro from WebKit website
https://bugs.webkit.org/show_bug.cgi?id=185871

Patch by Roy Reapor <rreapor@apple.com> on 2018-05-23
Reviewed by Aakash Jain.

* demos/spring/index.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232140 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoDon't create the SubimageCache just to clear an image from it
ddkilzer@apple.com [Thu, 24 May 2018 00:50:16 +0000 (00:50 +0000)]
Don't create the SubimageCache just to clear an image from it
<https://webkit.org/b/185757>

Reviewed by Said Abou-Hallawa.

To fix this we make SubimageCacheWithTimer::clearImage() a
static class method that checks whether the cache exists before
removing it.  We also make SubimageCacheWithTimer::getImage() a
static class method, and move more methods into the
SubimageCacheWithTimer class and make them private to reduce API
footprint.

* platform/graphics/cg/GraphicsContextCG.cpp:
(WebCore::GraphicsContext::drawNativeImage): Switch to use new
SubimageCacheWithTimer::getSubimage() static class method.
* platform/graphics/cg/NativeImageCG.cpp:
(WebCore::clearNativeImageSubimages): Switch to use new
SubimageCacheWithTimer::clearImage() static class method which
returns early if the subimage cache has not been created yet.
This fixes the bug.

* platform/graphics/cg/SubimageCacheWithTimer.cpp:
(WebCore::SubimageCacheWithTimer::s_cache): Allocate space for
static class variable.
(WebCore::SubimageCacheWithTimer::getSubimage): Replace instance
method with new static class method that gets the subimage cache
singleton and calls the subimage() instance method.
(WebCore::SubimageCacheWithTimer::clearImage): Replace instance
methdod with new static class method that returns early if the
static cache singleton doesn't exist (fixes the bug), otherwise
calls the clearImageAndSubimages() instance method.
(WebCore::SubimageCacheWithTimer::subimage): Rename from
getSubimage().  Use `auto` after renaming SubimageCache typedef
to SubimageCacheHashSet.
(WebCore::SubimageCacheWithTimer::clearImageAndSubimages):
Rename from clearImage().  Modernize loops.
(WebCore::SubimageCacheWithTimer::subimageCache): Change
WebCore::subimageCache() to a static class method that creates
the subimage cache singleton if it doesn't exist yet, and
returns it.
(WebCore::SubimageCacheWithTimer::subimageCacheExists): Add.
Returns false if the subimage cache singleton has not been
created yet.

* platform/graphics/cg/SubimageCacheWithTimer.h:
- Rename typedef SubimageCache to SubimageCacheHashSet to avoid
  general confusion.
(WebCore::SubimageCacheWithTimer::getSubimage):
(WebCore::SubimageCacheWithTimer::clearImage):
- Change to static class methods.
(WebCore::SubimageCacheWithTimer::SubimageCacheWithTimer):
- Make private.
(WebCore::SubimageCacheWithTimer::subimage):
- Rename from getSubimage() and make private.
(WebCore::SubimageCacheWithTimer::clearImageAndSubimages):
- Rename from clearImage() and make private.
(WebCore::SubimageCacheWithTimer::subimageCache):
- Rename from WebCore::subimageCache() and make a private static
  class method.
(WebCore::SubimageCacheWithTimer::subimageCacheExists):
- Add private static class method.
(WebCore::SubimageCacheWithTimer::s_cache):
- Declare private static variable to hold singleton.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232139 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoDefine length on CoW array should properly convert to writable
keith_miller@apple.com [Thu, 24 May 2018 00:47:35 +0000 (00:47 +0000)]
Define length on CoW array should properly convert to writable
https://bugs.webkit.org/show_bug.cgi?id=185927

Reviewed by Yusuke Suzuki.

JSTests:

* stress/cow-define-length-as-value.js: Added.
(test):

Source/JavaScriptCore:

* runtime/JSArray.cpp:
(JSC::JSArray::setLength):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232138 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUse Helvetica on build.webkit.org webpages
commit-queue@webkit.org [Thu, 24 May 2018 00:05:54 +0000 (00:05 +0000)]
Use Helvetica on build.webkit.org webpages
https://bugs.webkit.org/show_bug.cgi?id=185894

Patch by Roy Reapor <rreapor@apple.com> on 2018-05-23
Reviewed by Aakash Jain.

* BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/garden-o-matic.html:
* BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/styles/common.css:
* BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/summary-mock.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232137 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoAvoid loading AVFoundation to check supported MIME types if possible
eric.carlson@apple.com [Thu, 24 May 2018 00:00:54 +0000 (00:00 +0000)]
Avoid loading AVFoundation to check supported MIME types if possible
https://bugs.webkit.org/show_bug.cgi?id=185839
<rdar://problem/40182010>

Reviewed by Jer Noble.
Source/WebCore:

Avoid loading AVFoundation to call +[AVURLAssetClass audiovisualMIMETypes] as long as possible,
and when they are loaded send the list to the UI process so it can pass it to all extant
and all new web processes so they can won't have call it at all.

* WebCore.xcodeproj/project.pbxproj:
* platform/graphics/ImageDecoder.cpp:
(WebCore::ImageDecoder::create): Don't call ImageDecoderAVFObjC::canDecodeType if
ImageDecoderCG can decode the type so we don't have to load AVFoundation.
(WebCore::ImageDecoder::supportsMediaType): Return as soon as a decoder class says
it supports a media type to avoid calling more than one. Call ImageDecoderAVFObjC last.

* platform/graphics/avfoundation/objc/AVFoundationMIMETypeCache.h:
(WebCore::AVFoundationMIMETypeCache::setCacheMIMETypesCallback):
* platform/graphics/avfoundation/objc/AVFoundationMIMETypeCache.mm:
(WebCore::AVFoundationMIMETypeCache::singleton): Simplify.
(WebCore::AVFoundationMIMETypeCache::setSupportedTypes): Cache the supplied list of types
so we won't have to load AVFoundation when asked for types later.
(WebCore::AVFoundationMIMETypeCache::types):
(WebCore::AVFoundationMIMETypeCache::supportsContentType): New convenience routine.
(WebCore::AVFoundationMIMETypeCache::canDecodeType): Ditto.
(WebCore::AVFoundationMIMETypeCache::isAvailable const): New, check to see if AVFoundation.framework
is available without actually loading it.
(WebCore::AVFoundationMIMETypeCache::loadMIMETypes): Load types if possible.
(WebCore::AVFoundationMIMETypeCache::AVFoundationMIMETypeCache): Deleted.
(WebCore::AVFoundationMIMETypeCache::loadTypes): Deleted.

* platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
(WebCore::ImageDecoderAVFObjC::create): Use AVFoundationMIMETypeCache::isAvailable instead
of loading the frameworks.
(WebCore::ImageDecoderAVFObjC::supportsMediaType): Ditto.
(WebCore::ImageDecoderAVFObjC::supportsContentType): Use AVFoundationMIMETypeCache::supportsContentType.
(WebCore::ImageDecoderAVFObjC::canDecodeType): Use AVFoundationMIMETypeCache::canDecodeType.

* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine): ASSERT if the
AVFoundationMIMETypeCache is empty, it shouldn't be possible to get here in that state.
(WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType): Use AVFoundationMIMETypeCache::supportsContentType.
(WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem): Use AVFoundationMIMETypeCache::canDecodeType.

* platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::registerMediaEngine): ASSERT if the
AVFoundationMIMETypeCache is empty, it shouldn't be possible to get here in that state.
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsType): Use AVFoundationMIMETypeCache::canDecodeType.

* platform/graphics/cg/ImageDecoderCG.cpp:
(WebCore::ImageDecoderCG::canDecodeType): New.
* platform/graphics/cg/ImageDecoderCG.h:

Source/WebKit:

* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const): Encode mediaMIMETypes.
(WebKit::WebProcessCreationParameters::decode): Decode mediaMIMETypes.
* Shared/WebProcessCreationParameters.h:

* UIProcess/Cocoa/WebProcessProxyCocoa.mm:
(WebKit::mediaTypeCache): Static Vector of media MIME types.
(WebKit::WebProcessProxy::cacheMediaMIMETypes): Cache the type list and pass it to every other
process proxy.
(WebKit::WebProcessProxy::cacheMediaMIMETypesInternal): Cache the type list and pass it to the
web process.
(WebKit::WebProcessProxy::mediaMIMETypes): Return the cached type list.

* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::initializeNewWebProcess): Set parameters.mediaMIMETypes.

* UIProcess/WebProcessProxy.h:
* UIProcess/WebProcessProxy.messages.in: Add CacheMediaMIMETypes.

* WebProcess/WebProcess.h:
* WebProcess/WebProcess.messages.in: Add SetMediaMIMETypes.

* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess): Cache the MIME types if the list isn't
empty, else register with AVFoundationMIMETypeCache to be notified when it loads types.
AVFoundationMIMETypeCache to
(WebKit::WebProcess::platformTerminate): Unregister with AVFoundationMIMETypeCache.
(WebKit::WebProcess::setMediaMIMETypes): Pass list of types to AVFoundationMIMETypeCache.

Source/WTF:

* wtf/cocoa/SoftLinking.h: Add SOFT_LINK_FRAMEWORK_OPTIONAL_PREFLIGHT.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232136 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoAdd Buildbot configuration for Opensource EWS
aakash_jain@apple.com [Wed, 23 May 2018 23:41:43 +0000 (23:41 +0000)]
Add Buildbot configuration for Opensource EWS
https://bugs.webkit.org/show_bug.cgi?id=185484

Rubber-stamped by Alexey Proskuryakov.

* BuildSlaveSupport/ews-build/config.json: Added, config file.
* BuildSlaveSupport/ews-build/factories.py: Added, basic template for factories.
* BuildSlaveSupport/ews-build/loadConfig.py: Added.
(loadBuilderConfig): Loads the configuration.
(checkValidWorker): Checks if the worker is valid.
(checkValidBuilder): Checks if the builder is valid.
(checkWorkersAndBuildersForConsistency): Check if workers and builders are consistent.
(checkWorkersAndBuildersForConsistency._find_worker_with_name):
(getBlackListedTags): Returns a list of keywords which should not be listed as tags.
(getValidTags): Returns a list of valid tags.
(getTagsForBuilder): Return a list of tags for given builder.
* BuildSlaveSupport/ews-build/loadConfig_unittest.py: unit-tests for loadConfig.py.
* BuildSlaveSupport/ews-build/master.cfg: Configuration for buildbot.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232135 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoInPlaceAbstractState should filter variables at the tail from a GetLocal by their...
keith_miller@apple.com [Wed, 23 May 2018 23:04:58 +0000 (23:04 +0000)]
InPlaceAbstractState should filter variables at the tail from a GetLocal by their flush format
https://bugs.webkit.org/show_bug.cgi?id=185923

Reviewed by Saam Barati.

Previously, we could confuse AI by overly broadening a type. This happens when a block in a
loop has a local mutated following a GetLocal but never SetLocaled to the stack. For example,

Block 1:
@1: GetLocal(loc42, FlushedInt32);
@2: PutStructure(Check: Cell: @1);
@3: Jump(Block 1);

Would cause us to claim that loc42 could be either an int32 or a some cell. However,
the type of an local cannot change without writing to it.

This fixes a crash in destructuring-rest-element.js

* dfg/DFGInPlaceAbstractState.cpp:
(JSC::DFG::InPlaceAbstractState::endBasicBlock):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232134 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoWeb Automation: disable process swap on navigation when an automation session is...
bburg@apple.com [Wed, 23 May 2018 22:55:28 +0000 (22:55 +0000)]
Web Automation: disable process swap on navigation when an automation session is active
https://bugs.webkit.org/show_bug.cgi?id=185552

Reviewed by Tim Horton.

* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::processForNavigationInternal):
This is not intended to work right now. Opt out to avoid crashing
later when a process is deallocated unexpectedly.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232133 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoSpeed up JetStream/base64
fpizlo@apple.com [Wed, 23 May 2018 22:34:18 +0000 (22:34 +0000)]
Speed up JetStream/base64
https://bugs.webkit.org/show_bug.cgi?id=185914

Reviewed by Michael Saboff.

Source/JavaScriptCore:

Make allocation fast paths ALWAYS_INLINE.

This is a 1% speed-up on SunSpider, mostly because of base64. It also speeds up pdfjs by
~6%.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* heap/AllocatorInlines.h:
(JSC::Allocator::allocate const):
* heap/CompleteSubspace.cpp:
(JSC::CompleteSubspace::allocateNonVirtual): Deleted.
* heap/CompleteSubspace.h:
* heap/CompleteSubspaceInlines.h: Added.
(JSC::CompleteSubspace::allocateNonVirtual):
* heap/FreeListInlines.h:
(JSC::FreeList::allocate):
* heap/IsoSubspace.cpp:
(JSC::IsoSubspace::allocateNonVirtual): Deleted.
* heap/IsoSubspace.h:
(JSC::IsoSubspace::allocatorForNonVirtual):
* heap/IsoSubspaceInlines.h: Added.
(JSC::IsoSubspace::allocateNonVirtual):
* runtime/JSCellInlines.h:
* runtime/VM.h:

Source/WTF:

Make Vector<>::append ALWAYS_INLINE.

* wtf/Vector.h:
(WTF::Vector::append):
(WTF::minCapacity>::expandCapacity):
(WTF::minCapacity>::append):
(WTF::minCapacity>::tryAppend):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232132 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoVersioning.
bshafiei@apple.com [Wed, 23 May 2018 22:03:20 +0000 (22:03 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232125 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoRenderLayer::scrollRectToVisible() should not propagate a subframe's scroll to its...
cdumez@apple.com [Wed, 23 May 2018 20:22:18 +0000 (20:22 +0000)]
RenderLayer::scrollRectToVisible() should not propagate a subframe's scroll to its cross-origin parent
https://bugs.webkit.org/show_bug.cgi?id=185664
<rdar://problem/36185260>

Reviewed by Simon Fraser.

Source/WebCore:

RenderLayer::scrollRectToVisible() should not propagate a subframe's scroll to its
cross-origin parent. There was logic in FrameLoader::scrollToFragmentWithParentBoundary()
to temporarily set the 'safeToPropagateScrollToParent' flag to false on the cross-origin
ancestor frame during the call to FrameView::scrollToFragment(). This would correctly
prevent RenderLayer::scrollRectToVisible() to propagate the scroll to the cross-origin
ancestor frame when scrollRectToVisible() is called synchronously. However,
scrollRectToVisible() can get called asynchronously in case of a dirty layout, as part
of the post layout tasks.

To address the issue, we get rid of the safeToPropagateScrollToParent flag on FrameView
and instead update FrameView::safeToPropagateScrollToParent() to do the cross-origin
check. FrameView::safeToPropagateScrollToParent() is called by RenderLayer::scrollRectToVisible()
and this is a lot more robust than relying on a flag which gets temporarily set.

Test: http/tests/navigation/fragment-navigation-cross-origin-subframe-no-scrolling-parent.html

* dom/Document.cpp:
* dom/Document.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::scrollToFragmentWithParentBoundary):
* page/FrameView.cpp:
(WebCore::FrameView::FrameView):
(WebCore::FrameView::reset):
(WebCore::FrameView::safeToPropagateScrollToParent const):
* page/FrameView.h:

LayoutTests:

Add layout test coverage.

* http/tests/navigation/fragment-navigation-cross-origin-subframe-no-scrolling-parent-expected.txt: Added.
* http/tests/navigation/fragment-navigation-cross-origin-subframe-no-scrolling-parent.html: Added.
* http/tests/navigation/resources/clear-fragment.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232123 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoDate.parse() doesn't properly handle input outside of ES Spec limits
msaboff@apple.com [Wed, 23 May 2018 20:02:37 +0000 (20:02 +0000)]
Date.parse() doesn't properly handle input outside of ES Spec limits
https://bugs.webkit.org/show_bug.cgi?id=185868

Reviewed by Mark Lam.

JSTests:

New test.

* stress/date-parse-ranges.js: Added.
(shouldBe):
(throw.new.Error):
(shouldBeNaN):

Source/WTF:

Clamped date creation to +/-100,000,000 days relative to midnight at the beginning
of 01 January, 1970 UTC as per ecma262/#sec-time-values-and-time-range and
ecma262/#sec-date-time-string-format.

* wtf/DateMath.cpp:
(WTF::ymdhmsToSeconds):
(WTF::parseES5DateFromNullTerminatedCharacters):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232122 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoNetworkLoadChecker should check cached redirections
youenn@apple.com [Wed, 23 May 2018 19:09:08 +0000 (19:09 +0000)]
NetworkLoadChecker should check cached redirections
https://bugs.webkit.org/show_bug.cgi?id=185849

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

* web-platform-tests/service-workers/service-worker/redirected-response.https-expected.txt:
* web-platform-tests/service-workers/service-worker/registration-security-error.https-expected.txt:

Source/WebCore:

Covered by rebased tests.

* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::willSendRequestInternal):
       Log the case of a redirection with fetch error mode.

Source/WebKit:

* NetworkProcess/NetworkLoadChecker.cpp:
(WebKit::NetworkLoadChecker::checkRedirection):
Set the resource error url as done by WebCore SubresourceLoader.
* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::retrieveCacheEntry):
Pass the resource request to dispatchWillSendRedirectedRequest now needs it.
(WebKit::NetworkResourceLoader::willSendRedirectedRequest):
Make sure that m_networkLoad is not null before cancelling it since we might be checking a cached redirection.
(WebKit::NetworkResourceLoader::continueWillSendRedirectedRequest):
Ensure the redirect response is coming from the Network before adding it to the cache.
(WebKit::NetworkResourceLoader::dispatchWillSendRequestForCacheEntry):
Call willSendRedirectedRequest to make sure the cached redirect is validated.
* NetworkProcess/NetworkResourceLoader.h:

LayoutTests:

* TestExpectations:
* http/tests/fetch/redirectmode-and-preload-expected.txt:
* http/tests/fetch/redirectmode-and-preload.html:
Removed tests that mix manual/error redirect mode with no-cors since this is no longer a valid possibility.
* http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:
* http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
* platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232121 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoAX: setValue on contenteditable should preserve whitespace
n_wang@apple.com [Wed, 23 May 2018 18:38:42 +0000 (18:38 +0000)]
AX: setValue on contenteditable should preserve whitespace
https://bugs.webkit.org/show_bug.cgi?id=185897

Reviewed by Chris Fleizach.

Source/WebCore:

RenderText is using its parent renderer's style to determine if
whitespace collapsing is necessary. So when setting the innerText
of the element in setValue, let's also set its style in order to
preserve whitespaces.

Modified an existing test to cover this change.

* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::setValue):

LayoutTests:

* accessibility/mac/set-value-editable-types-expected.txt:
* accessibility/mac/set-value-editable-types.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232120 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoProhibit shrinking the FastBitVector
mcatanzaro@igalia.com [Wed, 23 May 2018 17:54:01 +0000 (17:54 +0000)]
Prohibit shrinking the FastBitVector
https://bugs.webkit.org/show_bug.cgi?id=181020

Reviewed by Oliver Hunt.

Prohibit shrinking the FastBitVector. It's not prepared for this and the current usage does
not require it.

* wtf/FastBitVector.cpp:
(WTF::FastBitVectorWordOwner::resizeSlow):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232119 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[GTK] Silence GCC 8 warnings
mcatanzaro@igalia.com [Wed, 23 May 2018 17:50:44 +0000 (17:50 +0000)]
[GTK] Silence GCC 8 warnings
https://bugs.webkit.org/show_bug.cgi?id=185556

Reviewed by Žan Doberšek.

Source/WebCore:

Silence remaining -Wcast-function-type warnings by casting through void (*)(void), aka
GCallback.

* accessibility/atk/WebKitAccessibleHyperlink.cpp:
(webkitAccessibleHyperlinkSetProperty):
(webkitAccessibleHyperlinkGetType):
* accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
(webkitAccessibleGetType):
* platform/network/soup/NetworkStorageSessionSoup.cpp:
(WebCore::NetworkStorageSession::getCredentialFromPersistentStorage):

Tools:

GCC is complaining about this strncpy. It's guaranteed to be safe, because the length of
source and destination are always identical. But switching to snprintf avoids the warning.

* DumpRenderTree/TestNetscapePlugIn/Tests/FormValue.cpp:
(FormValue::NPP_GetValue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232118 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoIncrease the simulated memory size on PLATFORM(IOS_SIMULATOR) from 512MB to 1024MB
antti@apple.com [Wed, 23 May 2018 17:39:03 +0000 (17:39 +0000)]
Increase the simulated memory size on PLATFORM(IOS_SIMULATOR) from 512MB to 1024MB
https://bugs.webkit.org/show_bug.cgi?id=185908

Reviewed by Geoffrey Garen.

Source/bmalloc:

We don't support 512MB devices anymore. This will make the simulator behave more
like a real device.

* bmalloc/AvailableMemory.cpp:
(bmalloc::memorySizeAccordingToKernel):

Factor to a function.
Don't use availableMemoryGuess for the simulator value as it is not a guess.

(bmalloc::computeAvailableMemory):

Apply the same adjustments to the simulated value too.

LayoutTests:

* platform/ios-simulator/fast/canvas/canvas-crash-expected.txt:
* platform/ios-simulator/fast/canvas/canvas-skia-excessive-size-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232117 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[GTK] Unreviewed test gardening
aboya@igalia.com [Wed, 23 May 2018 17:31:18 +0000 (17:31 +0000)]
[GTK] Unreviewed test gardening
https://bugs.webkit.org/show_bug.cgi?id=185916

* platform/gtk/TestExpectations:
* platform/gtk/accessibility/table-roles-hierarchy-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232116 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, rolling out r232112.
ryanhaddad@apple.com [Wed, 23 May 2018 16:59:58 +0000 (16:59 +0000)]
Unreviewed, rolling out r232112.

The tests added with this change  are failing on the bots.

Reverted changeset:

"test262/Runner.pm: add unit tests"
https://bugs.webkit.org/show_bug.cgi?id=185783
https://trac.webkit.org/changeset/232112

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232115 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[LFC] Move sizing/positioning logic to helper classes
zalan@apple.com [Wed, 23 May 2018 16:56:12 +0000 (16:56 +0000)]
[LFC] Move sizing/positioning logic to helper classes
https://bugs.webkit.org/show_bug.cgi?id=185898

Reviewed by Antti Koivisto.

The idea here is to move all the sizing and positioning logic to helper classes so that
the formatting context code stays lean.
This is similar to the dedicated BlockMarginCollapse class for the collapsing logic.
The helper classes have only static functions. These static functions do not mutate the associated DisplayBoxes,
but instead they simply retun the computed values.

* Sources.txt:
* WebCore.xcodeproj/project.pbxproj:
* layout/FormattingContext.cpp:
(WebCore::Layout::FormattingContext::computeOutOfFlowPosition const):
(WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
(WebCore::Layout::FormattingContext::computeFloatingWidth const):
(WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
(WebCore::Layout::FormattingContext::computeFloatingHeight const):
(WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const): Deleted.
(WebCore::Layout::FormattingContext::computeFloatingNonReplacedHeight const): Deleted.
(WebCore::Layout::FormattingContext::computeReplacedHeight const): Deleted.
(WebCore::Layout::FormattingContext::computeReplacedWidth const): Deleted.
(WebCore::Layout::FormattingContext::contentHeightForFormattingContextRoot const): Deleted.
(WebCore::Layout::FormattingContext::computeFloatingNonReplacedWidth const): Deleted.
(WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const): Deleted.
(WebCore::Layout::FormattingContext::computeOutOfFlowReplacedHeight const): Deleted.
(WebCore::Layout::FormattingContext::computeOutOfFlowReplacedWidth const): Deleted.
(WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedPosition const): Deleted.
(WebCore::Layout::FormattingContext::computeOutOfFlowReplacedPosition const): Deleted.
(WebCore::Layout::FormattingContext::shrinkToFitWidth const): Deleted.
* layout/FormattingContext.h:
* layout/FormattingContextGeometry.cpp: Copied from Source/WebCore/layout/FormattingContext.cpp.
(WebCore::Layout::contentHeightForFormattingContextRoot):
(WebCore::Layout::shrinkToFitWidth):
(WebCore::Layout::FormattingContextGeometry::outOfFlowNonReplacedHeight):
(WebCore::Layout::FormattingContextGeometry::outOfFlowNonReplacedWidth):
(WebCore::Layout::FormattingContextGeometry::outOfFlowReplacedHeight):
(WebCore::Layout::FormattingContextGeometry::outOfFlowReplacedWidth):
(WebCore::Layout::FormattingContextGeometry::floatingNonReplacedHeight):
(WebCore::Layout::FormattingContextGeometry::floatingNonReplacedWidth):
(WebCore::Layout::FormattingContextGeometry::floatingReplacedHeight):
(WebCore::Layout::FormattingContextGeometry::floatingReplacedWidth):
(WebCore::Layout::FormattingContextGeometry::outOfFlowNonReplacedPosition):
(WebCore::Layout::FormattingContextGeometry::outOfFlowReplacedPosition):
(WebCore::Layout::FormattingContextGeometry::replacedHeight):
(WebCore::Layout::FormattingContextGeometry::replacedWidth):
* layout/FormattingContextGeometry.h: Copied from Source/WebCore/layout/blockformatting/BlockFormattingContext.h.
* layout/blockformatting/BlockFormattingContext.cpp:
(WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
(WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
(WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
(WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedWidth const): Deleted.
(WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const): Deleted.
* layout/blockformatting/BlockFormattingContext.h:
* layout/blockformatting/BlockFormattingContextGeometry.cpp: Added.
(WebCore::Layout::BlockFormattingContextGeometry::inFlowNonReplacedHeight):
(WebCore::Layout::BlockFormattingContextGeometry::inFlowNonReplacedWidth):
(WebCore::Layout::BlockFormattingContextGeometry::inFlowReplacedHeight):
(WebCore::Layout::BlockFormattingContextGeometry::inFlowReplacedWidth):
(WebCore::Layout::BlockFormattingContextGeometry::staticPosition):
* layout/blockformatting/BlockFormattingContextGeometry.h: Copied from Source/WebCore/layout/blockformatting/BlockFormattingContext.h.
* layout/displaytree/DisplayBox.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232114 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoPage keeps reloading when viewing photos in google drive (due to too high canvas...
antti@apple.com [Wed, 23 May 2018 16:09:54 +0000 (16:09 +0000)]
Page keeps reloading when viewing photos in google drive (due to too high canvas memory limits)
https://bugs.webkit.org/show_bug.cgi?id=185903
<rdar://problem/38420562>

Reviewed by Simon Fraser.

Source/WebCore:

The canvas memory usage limits don't work on iOS since the current 2GB minimum limit is
larger than the maximum process size.

* html/HTMLCanvasElement.cpp:
(WebCore::maxActivePixelMemory):

Always base this on the reported ramSize() on iOS. Make it still fairly large to not risk breaking
any currently working content. In practice the limit computes to 448MB on device at the moment.

LayoutTests:

* platform/ios-simulator/fast/canvas/canvas-crash-expected.txt:
* platform/ios-simulator/fast/canvas/canvas-skia-excessive-size-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232113 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agotest262/Runner.pm: add unit tests
commit-queue@webkit.org [Wed, 23 May 2018 15:33:49 +0000 (15:33 +0000)]
test262/Runner.pm: add unit tests
https://bugs.webkit.org/show_bug.cgi?id=185783

Patch by Valerie R Young <valerie@bocoup.com> on 2018-05-23
Reviewed by Aakash Jain.

Add unit tests to be run by test-webkitperl

* Scripts/test262/Runner.pm:
(main):
 - If harness files cannot be found in a custom, supplies test262 path,
   then sure the webkit test262 harness files.
 - Lazily create the test262-results directory.
 - If an expectation file is supplied via command line, save to the
   supplied location instead of the detault webkit location.
(compileTest):
(processResult):
(getHarness):
* Scripts/webkitperl/test262_unittest/README: Added.
* Scripts/webkitperl/test262_unittest/fixtures/expectations-compare.yaml: Added.
* Scripts/webkitperl/test262_unittest/fixtures/expectations.yaml: Added.
* Scripts/webkitperl/test262_unittest/fixtures/test/expected-to-fail-now-failing-with-new-error.js: Added.
* Scripts/webkitperl/test262_unittest/fixtures/test/expected-to-fail-now-failing.js: Added.
* Scripts/webkitperl/test262_unittest/fixtures/test/expected-to-fail-now-passing.js: Added.
(f):
* Scripts/webkitperl/test262_unittest/fixtures/test/expected-to-pass-now-failing.js: Added.
* Scripts/webkitperl/test262_unittest/fixtures/test/fail.js: Added.
* Scripts/webkitperl/test262_unittest/fixtures/test/pass.js: Added.
(f):
* Scripts/webkitperl/test262_unittest/test262-runner-tests.pl: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232112 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[GTK] WebDriver: implement AutomationSessionClient::didDisconnectFromRemote
carlosgc@webkit.org [Wed, 23 May 2018 15:24:58 +0000 (15:24 +0000)]
[GTK] WebDriver: implement AutomationSessionClient::didDisconnectFromRemote
https://bugs.webkit.org/show_bug.cgi?id=185866

Reviewed by Brian Burg.

Source/WebDriver:

Close the dbus connection when receiving an empty target list.

* glib/SessionHostGlib.cpp:
(WebDriver::SessionHost::setTargetList):

Source/WebKit:

To handle the case of the session being closed by the browser, for example in case of a network process
crash. This is currently causing WebDriver tests to timeout in the bot.

* UIProcess/API/glib/WebKitAutomationSession.cpp: Add an implementation of didDisconnectFromRemote() to notify
the WebContext that the session will be closed.
* UIProcess/API/glib/WebKitWebContext.cpp: Remove the automation session when closed.
* UIProcess/API/glib/WebKitWebContextPrivate.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232111 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoConversion misspelled "Convertion" in error message string
commit-queue@webkit.org [Wed, 23 May 2018 15:18:30 +0000 (15:18 +0000)]
Conversion misspelled "Convertion" in error message string
https://bugs.webkit.org/show_bug.cgi?id=185436

Patch by Rick Waldron <waldron.rick@gmail.com> on 2018-05-23
JSTests:

Reviewed by Saam Barati, Michael Saboff.

* bigIntTests.yaml:

Source/JavaScriptCore:

Reviewed by Saam Barati, Michael Saboff

* runtime/JSBigInt.cpp:
(JSC::JSBigInt::toNumber const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232110 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[LFC] Implement positioning for replaced out-of-flow elements
zalan@apple.com [Wed, 23 May 2018 14:46:39 +0000 (14:46 +0000)]
[LFC] Implement positioning for replaced out-of-flow elements
https://bugs.webkit.org/show_bug.cgi?id=185902

Reviewed by Antti Koivisto.

* layout/FormattingContext.cpp:
(WebCore::Layout::FormattingContext::computeOutOfFlowReplacedPosition const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232109 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, skip test if memoryLimited is specified
utatane.tea@gmail.com [Wed, 23 May 2018 12:37:12 +0000 (12:37 +0000)]
Unreviewed, skip test if memoryLimited is specified
https://bugs.webkit.org/show_bug.cgi?id=185888

* stress/regress-185888.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232108 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[css-text] W3C test suite gardening
rego@igalia.com [Wed, 23 May 2018 06:49:59 +0000 (06:49 +0000)]
[css-text] W3C test suite gardening
https://bugs.webkit.org/show_bug.cgi?id=185879

Some more gardening on the css-text test suite.

Unreviewed test gardening.

* TestExpectations:
* platform/gtk/TestExpectations:
* platform/ios/TestExpectations:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232107 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[JSC] Clean up stringGetByValStubGenerator
utatane.tea@gmail.com [Wed, 23 May 2018 05:05:13 +0000 (05:05 +0000)]
[JSC] Clean up stringGetByValStubGenerator
https://bugs.webkit.org/show_bug.cgi?id=185864

Reviewed by Saam Barati.

We clean up stringGetByValStubGenerator.

1. Unify 32bit and 64bit implementations.
2. Rename stringGetByValStubGenerator to stringGetByValGenerator, move it to ThunkGenerators.cpp.
3. Remove string type check since this code is invoked only when we know regT0 is JSString*.
4. Do not tag Cell in stringGetByValGenerator side. 32bit code stores Cell with tag in JITPropertyAccess32_64 side.
5. Fix invalid use of loadPtr for StringImpl::flags. Should use load32.

* jit/JIT.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::stringGetByValStubGenerator): Deleted.
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::stringGetByValStubGenerator): Deleted.
* jit/ThunkGenerators.cpp:
(JSC::stringGetByValGenerator):
* jit/ThunkGenerators.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232106 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[JSC] Use branchIfString/branchIfNotString instead of structure checkings
utatane.tea@gmail.com [Wed, 23 May 2018 04:44:44 +0000 (04:44 +0000)]
[JSC] Use branchIfString/branchIfNotString instead of structure checkings
https://bugs.webkit.org/show_bug.cgi?id=185810

Reviewed by Saam Barati.

Let's use branchIfString/branchIfNotString helper functions instead of
checking structure with jsString's structure. It's easy to read. And
it emits less code since we do not need to embed string structure's
raw pointer in 32bit environment.

* jit/JIT.h:
* jit/JITInlines.h:
(JSC::JIT::emitLoadCharacterString):
(JSC::JIT::checkStructure): Deleted.
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::compileOpEqJumpSlow):
(JSC::JIT::emitSlow_op_neq):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::stringGetByValStubGenerator):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitByValIdentifierCheck):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::stringGetByValStubGenerator):
(JSC::JIT::emitSlow_op_get_by_val):
* jit/JSInterfaceJIT.h:
(JSC::ThunkHelpers::jsStringLengthOffset): Deleted.
(JSC::ThunkHelpers::jsStringValueOffset): Deleted.
* jit/SpecializedThunkJIT.h:
(JSC::SpecializedThunkJIT::loadJSStringArgument):
* jit/ThunkGenerators.cpp:
(JSC::stringCharLoad):
(JSC::charCodeAtThunkGenerator):
(JSC::charAtThunkGenerator):
* runtime/JSString.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232105 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoText can wrap between hyphens and commas
mmaxfield@apple.com [Wed, 23 May 2018 03:47:54 +0000 (03:47 +0000)]
Text can wrap between hyphens and commas
https://bugs.webkit.org/show_bug.cgi?id=185899
<rdar://problem/40118983>

Reviewed by Zalan Bujtas.

Source/WebCore:

Chrome, Firefox, and ICU all agree that text shouldn't wrap there.

Test: fast/text/line-break-hyphen-comma.html

* rendering/BreakLines.cpp:

LayoutTests:

* fast/text/line-break-hyphen-comma-expected.html: Added.
* fast/text/line-break-hyphen-comma.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232103 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoBytecodeGeneratorification shouldn't add a ValueProfile if the JIT is disabled.
mark.lam@apple.com [Wed, 23 May 2018 03:11:32 +0000 (03:11 +0000)]
BytecodeGeneratorification shouldn't add a ValueProfile if the JIT is disabled.
https://bugs.webkit.org/show_bug.cgi?id=185896
<rdar://problem/40471403>

Reviewed by Saam Barati.

JSTests:

* stress/regress-185896.js: Added.

Source/JavaScriptCore:

* bytecode/BytecodeGeneratorification.cpp:
(JSC::BytecodeGeneratorification::run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232100 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoAdd notifyutil callbacks to dump the memory cache, and the list of live Pages and...
simon.fraser@apple.com [Wed, 23 May 2018 02:36:04 +0000 (02:36 +0000)]
Add notifyutil callbacks to dump the memory cache, and the list of live Pages and Documents
https://bugs.webkit.org/show_bug.cgi?id=185853

Reviewed by Keith Miller.
Source/WebCore:

Add a notifyutil callback to dump the PageCache, which dumps the stats, and the list of live pages.
This can be invoked on iOS and macOS via "notifyutil -p com.apple.WebKit.showPageCache".

Add a notifyutil callback that dumps the list of all Pages, and the list of all Documents, with
Document pointer address and URL.
This can be invoked on iOS and macOS via "notifyutil -p com.apple.WebKit.showAllDocuments".

* history/PageCache.cpp:
(WebCore::PageCache::PageCache):
(WebCore::PageCache::dump const):
* history/PageCache.h:
* loader/cache/CachedResource.h:
(WebCore::CachedResource::numberOfClients const):
(WebCore::CachedResource::count const): Deleted.
* loader/cache/MemoryCache.cpp:
(WebCore::MemoryCache::MemoryCache):
(WebCore::MemoryCache::pruneLiveResourcesToSize):
(WebCore::MemoryCache::dumpStats):
(WebCore::MemoryCache::dumpLRULists const):
* loader/cache/MemoryCache.h:
* page/mac/PageMac.mm:
(WebCore::Page::platformInitialize):

Source/WebCore/PAL:

Compile registerNotifyCallback in release builds.

* pal/Logging.cpp:
(PAL::registerNotifyCallback):
* pal/Logging.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232098 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoClose access to "lsopen" for non-UI process
bfulgham@apple.com [Wed, 23 May 2018 02:23:57 +0000 (02:23 +0000)]
Close access to "lsopen" for non-UI process
https://bugs.webkit.org/show_bug.cgi?id=185890
<rdar://problem/39686511>

Reviewed by Alexey Proskuryakov.

Close down access to 'lsopen' in the iOS sandboxes. These operations are
performed by the UIProcess on behalf of these helper processes.

* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.Storage.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232097 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoOptimized path zoom animation needs a valid UIImage and CGRect
dino@apple.com [Wed, 23 May 2018 01:45:42 +0000 (01:45 +0000)]
Optimized path zoom animation needs a valid UIImage and CGRect
https://bugs.webkit.org/show_bug.cgi?id=185883
<rdar://problem/40306056>

Build fix.

* loader/FrameLoadRequest.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232094 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, rolling out r232081.
commit-queue@webkit.org [Wed, 23 May 2018 00:17:45 +0000 (00:17 +0000)]
Unreviewed, rolling out r232081.
https://bugs.webkit.org/show_bug.cgi?id=185895

Broke two API tests (Requested by bfulgham_ on #webkit).

Reverted changeset:

"Avoid keeping FormState alive longer than necessary"
https://bugs.webkit.org/show_bug.cgi?id=185877
https://trac.webkit.org/changeset/232081

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232093 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[JSC] Fix CachedCall's argument count if RegExp has named captures
utatane.tea@gmail.com [Wed, 23 May 2018 00:16:57 +0000 (00:16 +0000)]
[JSC] Fix CachedCall's argument count if RegExp has named captures
https://bugs.webkit.org/show_bug.cgi?id=185587

Reviewed by Mark Lam.

JSTests:

* test262/expectations.yaml:

Source/JavaScriptCore:

If the given RegExp has named captures, the argument count of CachedCall in String#replace
should be increased by one. This causes crash with assertion in test262. This patch corrects
the argument count.

This patch also unifies source.is8Bit()/!source.is8Bit() code since they are now completely
the same.

* runtime/StringPrototype.cpp:
(JSC::replaceUsingRegExpSearch):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232092 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUpdate test expectations for newly imported css-text layout tests
commit-queue@webkit.org [Wed, 23 May 2018 00:12:42 +0000 (00:12 +0000)]
Update test expectations for newly imported css-text layout tests
https://bugs.webkit.org/show_bug.cgi?id=185872

Unreviewed test gardening.

Patch by David Fenton <david_fenton@apple.com> on 2018-05-22

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232091 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoOptimized path zoom animation needs a valid UIImage and CGRect
dino@apple.com [Tue, 22 May 2018 23:56:01 +0000 (23:56 +0000)]
Optimized path zoom animation needs a valid UIImage and CGRect
https://bugs.webkit.org/show_bug.cgi?id=185883
<rdar://problem/40306056>

Reviewed by Jon Lee.

Source/WebCore:

Pass the bounding box of the element that was clicked onto
the UI process, so it can perform an animation from that spot.

This involved adding an IntRect to the ResourceRequest, and passing
that info into it from the HTMLAnchorElement, using a new struct
called SystemPreviewInfo.

* html/HTMLAnchorElement.cpp:
(WebCore::HTMLAnchorElement::handleClick):
* loader/FrameLoadRequest.cpp:
(WebCore::FrameLoadRequest::FrameLoadRequest):
* loader/FrameLoadRequest.h:
(WebCore::FrameLoadRequest::FrameLoadRequest):
(WebCore::FrameLoadRequest::isSystemPreview const):
(WebCore::FrameLoadRequest::systemPreviewRect const):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::urlSelected):
(WebCore::FrameLoader::loadURL):
* loader/FrameLoader.h:
(WebCore::FrameLoader::urlSelected):
* loader/FrameLoaderTypes.h:
* platform/network/ResourceRequestBase.cpp:
(WebCore::ResourceRequestBase::systemPreviewRect const):
(WebCore::ResourceRequestBase::setSystemPreviewRect):
* platform/network/ResourceRequestBase.h:

Source/WebKit:

Take the rectangle that was passed into the ResourceRequest and
use it for the origin of an animation into QuickLook.

* Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<ResourceRequest>::encode):
(IPC::ArgumentCoder<ResourceRequest>::decode):
* UIProcess/Cocoa/DownloadClient.mm:
(WebKit::DownloadClient::didStart):
* UIProcess/Cocoa/SystemPreviewControllerCocoa.mm:
(-[_WKPreviewControllerDelegate initWithSystemPreviewController:fromRect:]):
(-[_WKPreviewControllerDelegate presentingViewController]):
(-[_WKPreviewControllerDelegate previewController:frameForPreviewItem:inSourceView:]):
(-[_WKPreviewControllerDelegate previewController:transitionImageForPreviewItem:contentRect:]):
(WebKit::SystemPreviewController::start):
(-[_WKPreviewControllerDelegate initWithSystemPreviewController:]): Deleted.
* UIProcess/Downloads/DownloadProxy.h:
(WebKit::DownloadProxy::systemPreviewDownloadRect const):
* UIProcess/SystemPreviewController.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::syncRootViewToScreen):
* UIProcess/WebPageProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232090 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoStringImpl utf8 conversion should not fail silently.
mark.lam@apple.com [Tue, 22 May 2018 23:54:16 +0000 (23:54 +0000)]
StringImpl utf8 conversion should not fail silently.
https://bugs.webkit.org/show_bug.cgi?id=185888
<rdar://problem/40464506>

Reviewed by Filip Pizlo.

JSTests:

* stress/regress-185888.js: Added.

Source/JavaScriptCore:

* dfg/DFGLazyJSValue.cpp:
(JSC::DFG::LazyJSValue::dumpInContext const):
* runtime/DateConstructor.cpp:
(JSC::constructDate):
(JSC::dateParse):
* runtime/JSDateMath.cpp:
(JSC::parseDate):
* runtime/JSDateMath.h:

Source/WTF:

* WTF.xcodeproj/project.pbxproj:
* wtf/CMakeLists.txt:
* wtf/PrintStream.cpp:
(WTF::printExpectedCStringHelper):
(WTF::printInternal):
* wtf/text/StringImpl.cpp:
(WTF::StringImpl::utf8Impl):
(WTF::StringImpl::utf8ForCharacters):
(WTF::StringImpl::tryUtf8ForRange const):
(WTF::StringImpl::tryUtf8 const):
(WTF::StringImpl::utf8 const):
(WTF::StringImpl::utf8ForRange const): Deleted.
* wtf/text/StringImpl.h:
* wtf/text/StringView.cpp:
(WTF::StringView::tryUtf8 const):
(WTF::StringView::utf8 const):
* wtf/text/StringView.h:
* wtf/text/UTF8ConversionError.h: Added.
* wtf/text/WTFString.cpp:
(WTF::String::tryUtf8 const):
(WTF::String::utf8 const):
* wtf/text/WTFString.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232089 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[POSIX] Use access() instead of stat() in FileSystem::fileExists()
cdumez@apple.com [Tue, 22 May 2018 23:54:04 +0000 (23:54 +0000)]
[POSIX] Use access() instead of stat() in FileSystem::fileExists()
https://bugs.webkit.org/show_bug.cgi?id=185882

Reviewed by Geoffrey Garen.

Use access() instead of stat() in FileSystem::fileExists(). stat() returns a lot of information we
do not leverage and local benchmarking on macOS shows access() being > 80% faster than stat():
stat: 0.31567 (lower is better)
access: 0.16074 (lower is better)
stat: 0.303665 (lower is better)
access: 0.165468 (lower is better)

* platform/posix/FileSystemPOSIX.cpp:
(WebCore::FileSystem::fileExists):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232088 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoTest infrastructure websites should use jQuery and jQuery UI hosted on webkit.org
ryanhaddad@apple.com [Tue, 22 May 2018 23:42:21 +0000 (23:42 +0000)]
Test infrastructure websites should use jQuery and jQuery UI hosted on webkit.org
https://bugs.webkit.org/show_bug.cgi?id=185788

Patch by Roy Reapor <rreapor@apple.com> on 2018-05-22
Reviewed by Aakash Jain.

Tools:

* BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/garden-o-matic.html:
* BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/index.html:
* BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/rebaseline.html:
* BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/run-unittests.html:
* BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/summary-mock.html:
* TestResultServer/static-dashboards/run-embedded-unittests.html:
* TestResultServer/static-dashboards/run-unittests.html:

Websites/webkit.org:

* ajax/libs/jquery/jquery-1.6.2.min.js: Added.
* ajax/libs/jqueryui: Added.
* ajax/libs/jqueryui/jquery-ui-1.8.15.css: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232085 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoAdd some additional demo content to webkit.org
wenson_hsieh@apple.com [Tue, 22 May 2018 23:37:44 +0000 (23:37 +0000)]
Add some additional demo content to webkit.org
https://bugs.webkit.org/show_bug.cgi?id=185892

Reviewed by Tim Horton.

Adds three demo pages, and some placeholder assets.

* demos/extrazoom/article/constitution.jpg: Added.
* demos/extrazoom/article/index.html: Added.
* demos/extrazoom/login/index.html: Added.
* demos/extrazoom/login/webkit.svg: Added.
* demos/extrazoom/recipes/butterchicken.jpg: Added.
* demos/extrazoom/recipes/chowder.jpg: Added.
* demos/extrazoom/recipes/hummus.jpg: Added.
* demos/extrazoom/recipes/index.html: Added.
* demos/extrazoom/recipes/padthai.jpg: Added.
* demos/extrazoom/recipes/pizza.jpg: Added.
* demos/extrazoom/recipes/salmon.jpg: Added.
* demos/extrazoom/recipes/steak.jpg: Added.
* demos/extrazoom/recipes/tacos.jpg: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232084 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoSource/WebKit:
sihui_liu@apple.com [Tue, 22 May 2018 23:20:50 +0000 (23:20 +0000)]
Source/WebKit:
[iOS] TestWebKitAPI.WebKit.WKHTTPCookieStoreWithoutProcessPool fails because cookies use different files with/without processpool
https://bugs.webkit.org/show_bug.cgi?id=185831

Reviewed by Chris Dumez.

Started to use uiProcessCookieStorageIdentifier for iOS: make sure cookies handled without
processpool would use the same storage file as when processpool exists.

* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode const):
(WebKit::NetworkProcessCreationParameters::decode):
* NetworkProcess/NetworkProcessCreationParameters.h:
* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess):
(WebKit::WebProcessPool::platformInitializeNetworkProcess):

Tools:
[iOS] TestWebKitAPI.WebKit.WKHTTPCookieStoreWithoutProcessPool is crashing with reason: 'Completion handler passed to -[CookieUIDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:completionHandler:] was not called'
https://bugs.webkit.org/show_bug.cgi?id=185831

Reviewed by Chris Dumez.

Updated the test to prevent crash after assertion fails.

* TestWebKitAPI/Tests/WebKitCocoa/WKHTTPCookieStore.mm:
(-[CookieUIDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:completionHandler:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232083 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoRegression(AsyncPolicyDelegates): Box.app login Window is blank
cdumez@apple.com [Tue, 22 May 2018 22:41:06 +0000 (22:41 +0000)]
Regression(AsyncPolicyDelegates): Box.app login Window is blank
https://bugs.webkit.org/show_bug.cgi?id=185832
<rdar://problem/40307871>

Reviewed by Geoffrey Garen.

Source/WebKit:

Moved WeakObjCPtr.h header from WebKit/ to wtf/ so that it can be used in
WebKitLegacy code.

* UIProcess/API/Cocoa/WKBrowsingContextController.mm:
* UIProcess/API/Cocoa/WKBrowsingContextControllerInternal.h:
* UIProcess/API/Cocoa/WKConnection.mm:
* UIProcess/API/Cocoa/WKHTTPCookieStore.mm:
* UIProcess/API/Cocoa/WKProcessGroup.mm:
* UIProcess/API/Cocoa/WKProcessPool.mm:
* UIProcess/API/Cocoa/WKScriptMessage.mm:
* UIProcess/API/Cocoa/WKWebView.mm:
* UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
* UIProcess/API/Cocoa/_WKAutomationSession.mm:
* UIProcess/API/Cocoa/_WKDownload.mm:
* UIProcess/API/Cocoa/_WKElementAction.mm:
* UIProcess/ApplicationStateTracker.h:
* UIProcess/Cocoa/AutomationClient.h:
* UIProcess/Cocoa/AutomationSessionClient.h:
* UIProcess/Cocoa/DiagnosticLoggingClient.h:
* UIProcess/Cocoa/DownloadClient.h:
* UIProcess/Cocoa/FindClient.h:
* UIProcess/Cocoa/FullscreenClient.h:
* UIProcess/Cocoa/IconLoadingDelegate.h:
* UIProcess/Cocoa/NavigationState.h:
* UIProcess/Cocoa/UIDelegate.h:
* UIProcess/Cocoa/VideoFullscreenManagerProxy.mm:
* UIProcess/Cocoa/WKReloadFrameErrorRecoveryAttempter.mm:
* UIProcess/Cocoa/WebViewImpl.h:
* UIProcess/ios/ViewGestureControllerIOS.mm:
* UIProcess/ios/WKActionSheetAssistant.mm:
* UIProcess/ios/WKContentViewInteraction.mm:
* UIProcess/ios/WKPDFView.mm:
(-[WKPDFView web_setContentProviderData:suggestedFilename:]):
* UIProcess/ios/WKScrollView.mm:
* UIProcess/mac/WKInspectorViewController.mm:
* UIProcess/mac/WKInspectorWKWebView.mm:
* WebKit.xcodeproj/project.pbxproj:
* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:

Source/WebKitLegacy/mac:

We used to have a bug where where we would fail to wait for the policy decision for
the navigation response from the client and the load would keep going, racing with
the client's policy decision. If the client did not respond in time, the behavior
would be the same as "Use" policy action.

Box.app fails to make any policy decision in its decidePolicyForMIMEType delegate
but the load happened to proceed anyway due to our bug. Now that we've fixed the
WebKit bug, however, the load would hang because the completion handler for the
decidePolicyForNavigationResponse would never get called.

To work around the issue, I made the policy listener weak on the WebFrameLoaderClient
instead of retaining it. If the policy listener object gets destroyed because getting
resolved, we now use "Use" policy action in its dealloc function to maintain previous
behavior.

* WebCoreSupport/WebFrameLoaderClient.h:
* WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::cancelPolicyCheck):
(WebFrameLoaderClient::setUpPolicyListener):
(-[WebFramePolicyListener dealloc]):

Source/WTF:

Moved WeakObjCPtr.h from WebKit2 to WTF with RetainPtr.h, so that it can be used
in WebKitLegacy code.

* WTF.xcodeproj/project.pbxproj:
* wtf/WeakObjCPtr.h: Renamed from Source/WebKit/Shared/mac/WeakObjCPtr.h.

Tools:

Add API test coverage.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKit/cocoa/WeakObjCPtr.mm:
* TestWebKitAPI/Tests/mac/NoPolicyDelegateResponse.mm: Added.
(-[NoPolicyDelegateDecisionDelegate webView:decidePolicyForNavigationAction:request:frame:decisionListener:]):
(-[NoPolicyDelegateDecisionDelegate webView:decidePolicyForMIMEType:request:frame:decisionListener:]):
(-[NoPolicyDelegateDecisionDelegate webView:didFinishLoadForFrame:]):
(TestWebKitAPI::TEST):
* TestWebKitAPI/cocoa/TestWKWebView.mm:
(-[WKWebView _isBackground]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232082 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoAvoid keeping FormState alive longer than necessary
bfulgham@apple.com [Tue, 22 May 2018 22:01:34 +0000 (22:01 +0000)]
Avoid keeping FormState alive longer than necessary
https://bugs.webkit.org/show_bug.cgi?id=185877
<rdar://problem/39329219>

Reviewed by Ryosuke Niwa.

A number of crash fixes were done to prevent FormState objects from being
accessed after their relevant Frames had been destroyed. Unfortunately, this
could cause the FormState to persist after the owning Frame had been
destroyed, resulting in nullptr dereferences.

This patch does the following:

1. Changes to use WeakPtr's for FormState objects passed to completion handlers,
   rather than RefPtr, since those completion handlers might fire as part of
   the clean-up process during Frame destruction. This allows us to use the FormState
   if they are still valid, but gracefully handle cases where a form submission
   is cancelled in-flight.
2. Removes some extraneous WTFMove() calls being made on bare FormState pointers.
3. Changes the trap from Bug 183704 so that it only fires if the FormState object
   is being retained more than once.

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::willSendRequest): Update for new CompletionHandler
signature.
* loader/FormState.cpp:
(WebCore::FormState::willDetachPage): Revise trap to check for retain counts
above one.
* loader/FormState.h:
(WebCore::FormState::weakPtrFactory const): Added.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadFrameRequest): Revise to use WeakPtr for FormState
passed to the completion handler.
(WebCore::FrameLoader::loadURL): Update for new CompletionHandler signature.
(WebCore::FrameLoader::load): Ditto.
(WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
(WebCore::FrameLoader::loadPostRequest): Ditto.
* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy): Revise to use WeakPtr for
FormState passed to the completion handler. Remove some extraneous WTFMove()
calls on bare pointers.
(WebCore::PolicyChecker::checkNewWindowPolicy): Ditto.
* loader/PolicyChecker.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232081 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoRemove the UnconditionalFinalizer class
keith_miller@apple.com [Tue, 22 May 2018 21:33:26 +0000 (21:33 +0000)]
Remove the UnconditionalFinalizer class
https://bugs.webkit.org/show_bug.cgi?id=185881

Reviewed by Filip Pizlo.

The only remaining user of this API is
JSWebAssemblyCodeBlock. This patch changes, JSWebAssemblyCodeBlock
to use the newer template based API and removes the old class.

* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/CodeBlock.h:
* heap/Heap.cpp:
(JSC::Heap::finalizeUnconditionalFinalizers):
* heap/Heap.h:
* heap/SlotVisitor.cpp:
(JSC::SlotVisitor::addUnconditionalFinalizer): Deleted.
* heap/SlotVisitor.h:
* heap/UnconditionalFinalizer.h: Removed.
* wasm/js/JSWebAssemblyCodeBlock.cpp:
(JSC::JSWebAssemblyCodeBlock::JSWebAssemblyCodeBlock):
(JSC::JSWebAssemblyCodeBlock::visitChildren):
(JSC::JSWebAssemblyCodeBlock::finalizeUnconditionally):
(JSC::JSWebAssemblyCodeBlock::UnconditionalFinalizer::finalizeUnconditionally): Deleted.
* wasm/js/JSWebAssemblyCodeBlock.h:
* wasm/js/JSWebAssemblyModule.h:

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/CodeBlock.h:
* heap/Heap.cpp:
(JSC::Heap::finalizeUnconditionalFinalizers):
* heap/Heap.h:
* heap/SlotVisitor.cpp:
(JSC::SlotVisitor::addUnconditionalFinalizer): Deleted.
* heap/SlotVisitor.h:
* heap/UnconditionalFinalizer.h: Removed.
* wasm/js/JSWebAssemblyCodeBlock.cpp:
(JSC::JSWebAssemblyCodeBlock::JSWebAssemblyCodeBlock):
(JSC::JSWebAssemblyCodeBlock::visitChildren):
(JSC::JSWebAssemblyCodeBlock::finalizeUnconditionally):
(JSC::JSWebAssemblyCodeBlock::UnconditionalFinalizer::finalizeUnconditionally): Deleted.
* wasm/js/JSWebAssemblyCodeBlock.h:
* wasm/js/JSWebAssemblyModule.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232080 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoConversion between SecurityOriginData and DatabaseIdentifier is asymmetric when port...
sihui_liu@apple.com [Tue, 22 May 2018 21:13:59 +0000 (21:13 +0000)]
Conversion between SecurityOriginData and DatabaseIdentifier is asymmetric when port is null
https://bugs.webkit.org/show_bug.cgi?id=185715

Reviewed by Geoffrey Garen.

Source/WebCore:

Fixed the issue of null port when converting between SecurityOriginData and DatabaseIdentifier.

Test: WKWebView.LocalStorageFetchDataRecords.

* page/SecurityOriginData.cpp:
(WebCore::SecurityOriginData::fromDatabaseIdentifier):

Source/WebKit:

Add getter for origins in WKWebsiteDataRecord for testing.

* UIProcess/API/Cocoa/WKWebsiteDataRecord.mm:
(-[WKWebsiteDataRecord _originsString]):
* UIProcess/API/Cocoa/WKWebsiteDataRecordPrivate.h:

Tools:

Add API test coverage.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKitCocoa/LocalStorageDatabaseTracker.mm: Added.
(-[LocalStorageUIDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:completionHandler:]):
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232079 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoRename the "Web content is visible" process assertion.
beidson@apple.com [Tue, 22 May 2018 20:52:08 +0000 (20:52 +0000)]
Rename the "Web content is visible" process assertion.
https://bugs.webkit.org/show_bug.cgi?id=185878

Reviewed by Chris Dumez.

* UIProcess/ios/ProcessAssertionIOS.mm:
(WebKit::ProcessAssertion::ProcessAssertion):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232078 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[Wi-Fi Assertions] Drop assertions on process suspension
aestes@apple.com [Tue, 22 May 2018 20:48:43 +0000 (20:48 +0000)]
[Wi-Fi Assertions] Drop assertions on process suspension
https://bugs.webkit.org/show_bug.cgi?id=185844
<rdar://problem/40352319>

Reviewed by Daniel Bates.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::actualPrepareToSuspend):
(WebKit::NetworkProcess::processDidResume):
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::platformPrepareToSuspend):
(WebKit::NetworkProcess::platformProcessDidResume):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232077 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, fix internal build.
keith_miller@apple.com [Tue, 22 May 2018 19:55:03 +0000 (19:55 +0000)]
Unreviewed, fix internal build.

* runtime/JSImmutableButterfly.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232076 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoDFG::LICMPhase should attempt to hoist edge type checks if hoisting the whole node...
sbarati@apple.com [Tue, 22 May 2018 19:47:39 +0000 (19:47 +0000)]
DFG::LICMPhase should attempt to hoist edge type checks if hoisting the whole node fails
https://bugs.webkit.org/show_bug.cgi?id=144525

Reviewed by Filip Pizlo.

This patch teaches LICM to fall back to hoisting a node's type checks when
hoisting the entire node fails.

This patch follow the same principles we use when deciding to hoist nodes in general:
- If the pre header is control equivalent to where the current check is, we
go ahead and hoist the check.
- Otherwise, if hoisting hasn't failed before, we go ahead and gamble and
hoist the check. If hoisting failed in the past, we will not hoist the check.

* dfg/DFGLICMPhase.cpp:
(JSC::DFG::LICMPhase::attemptHoist):
* dfg/DFGUseKind.h:
(JSC::DFG::checkMayCrashIfInputIsEmpty):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232075 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoGet rid of TLCs
fpizlo@apple.com [Tue, 22 May 2018 19:20:05 +0000 (19:20 +0000)]
Get rid of TLCs
https://bugs.webkit.org/show_bug.cgi?id=185846

Rubber stamped by Geoffrey Garen.
Source/JavaScriptCore:

This removes support for thread-local caches from the GC in order to speed up allocation a
bit.

We added TLCs as part of Spectre mitigations, which we have since removed.

We will want some kind of TLCs eventually, since they allow us to:

- have a global GC, which may be a perf optimization at some point.
- allocate objects from JIT threads, which we've been wanting to do for a while.

This change keeps the most interesting aspect of TLCs, which is the
LocalAllocator/BlockDirectory separation. This means that it ought to be easy to implement
TLCs again in the future if we wanted this feature.

This change removes the part of TLCs that causes a perf regression, namely that Allocator is
an offset that requires a bounds check and lookup that makes the rest of the allocation fast
path dependent on the load of the TLC. Now, Allocator is really just a LocalAllocator*, so
you can directly use it to allocate. This removes two loads and a check from the allocation
fast path. In hindsight, I probably could have made that whole thing more efficient, had I
allowed us to have a statically known set of LocalAllocators. This would have removed the
bounds check (one load and one branch) and it would have made it possible to CSE the load of
the TLC data structure, since that would no longer resize. But that's a harder change that
this patch, and we don't need it right now.

While reviewing the allocation hot paths, I found that CreateThis had an unnecessary branch
to check if the allocator is null. I removed that check. AssemblyHelpers::emitAllocate() does
that check already. Previously, the TLC bounds check doubled as this check.

This is a 1% speed-up on Octane and a 2.3% speed-up on TailBench. However, the Octane
speed-up on my machine includes an 8% regexp speed-up. I've found that sometimes regexp
speeds up or slows down by 8% depending on which path I build JSC from. Without that 8%, this
is still an Octane speed-up due to 2-4% speed-ups in earley, boyer, raytrace, and splay.

* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* bytecode/ObjectAllocationProfileInlines.h:
(JSC::ObjectAllocationProfile::initializeProfile):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileCreateThis):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileMakeRope):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeNewObject):
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorageWithSizeImpl):
(JSC::FTL::DFG::LowerDFGToB3::allocateHeapCell):
(JSC::FTL::DFG::LowerDFGToB3::allocateObject):
(JSC::FTL::DFG::LowerDFGToB3::allocatorForSize):
* heap/Allocator.cpp:
(JSC::Allocator::cellSize const):
* heap/Allocator.h:
(JSC::Allocator::Allocator):
(JSC::Allocator::localAllocator const):
(JSC::Allocator::operator== const):
(JSC::Allocator::offset const): Deleted.
* heap/AllocatorInlines.h:
(JSC::Allocator::allocate const):
(JSC::Allocator::tryAllocate const): Deleted.
* heap/BlockDirectory.cpp:
(JSC::BlockDirectory::BlockDirectory):
(JSC::BlockDirectory::~BlockDirectory):
* heap/BlockDirectory.h:
(JSC::BlockDirectory::allocator const): Deleted.
* heap/CompleteSubspace.cpp:
(JSC::CompleteSubspace::allocateNonVirtual):
(JSC::CompleteSubspace::allocatorForSlow):
(JSC::CompleteSubspace::tryAllocateSlow):
* heap/CompleteSubspace.h:
* heap/Heap.cpp:
(JSC::Heap::Heap):
* heap/Heap.h:
(JSC::Heap::threadLocalCacheLayout): Deleted.
* heap/IsoSubspace.cpp:
(JSC::IsoSubspace::IsoSubspace):
(JSC::IsoSubspace::allocateNonVirtual):
* heap/IsoSubspace.h:
(JSC::IsoSubspace::allocatorForNonVirtual):
* heap/LocalAllocator.cpp:
(JSC::LocalAllocator::LocalAllocator):
(JSC::LocalAllocator::~LocalAllocator):
* heap/LocalAllocator.h:
(JSC::LocalAllocator::cellSize const):
(JSC::LocalAllocator::tlc const): Deleted.
* heap/ThreadLocalCache.cpp: Removed.
* heap/ThreadLocalCache.h: Removed.
* heap/ThreadLocalCacheInlines.h: Removed.
* heap/ThreadLocalCacheLayout.cpp: Removed.
* heap/ThreadLocalCacheLayout.h: Removed.
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::emitAllocateWithNonNullAllocator):
(JSC::AssemblyHelpers::emitAllocate):
(JSC::AssemblyHelpers::emitAllocateVariableSized):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_create_this):
* runtime/JSLock.cpp:
(JSC::JSLock::didAcquireLock):
* runtime/VM.cpp:
(JSC::VM::VM):
(JSC::VM::~VM):
* runtime/VM.h:
* runtime/VMEntryScope.cpp:
(JSC::VMEntryScope::~VMEntryScope):
* runtime/VMEntryScope.h:

Source/WTF:

* wtf/Platform.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232074 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUpdate test expectations for newly imported css-text layout tests
commit-queue@webkit.org [Tue, 22 May 2018 19:16:02 +0000 (19:16 +0000)]
Update test expectations for newly imported css-text layout tests
https://bugs.webkit.org/show_bug.cgi?id=185872

Unreviewed test gardening.

Patch by David Fenton <david_fenton@apple.com> on 2018-05-22

* TestExpectations: Flag tests that are not passing right now.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232073 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoREGRESSION(r229093): Re-enable Network Extension support in the WebContent process...
bfulgham@apple.com [Tue, 22 May 2018 19:08:51 +0000 (19:08 +0000)]
REGRESSION(r229093): Re-enable Network Extension support in the WebContent process (Take 2)
https://bugs.webkit.org/show_bug.cgi?id=185874
<rdar://problem/40454404>

Reviewed by Eric Carlson.

Add back a necessary XPC connection after locking down the network features in r229093.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232072 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, added myself as a WebKit committer.
sihui_liu@apple.com [Tue, 22 May 2018 18:31:01 +0000 (18:31 +0000)]
Unreviewed, added myself as a WebKit committer.

* Scripts/webkitpy/common/config/contributors.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232071 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoWe should have a CoW storage for NewArrayBuffer arrays.
keith_miller@apple.com [Tue, 22 May 2018 18:04:31 +0000 (18:04 +0000)]
We should have a CoW storage for NewArrayBuffer arrays.
https://bugs.webkit.org/show_bug.cgi?id=185003

Reviewed by Filip Pizlo.

JSTests:

* stress/cow-convert-contiguous-to-array-storage.js: Added.
(createBuffer):
(shouldBe):
(test):
* stress/cow-convert-double-to-array-storage.js: Added.
(createBuffer):
(shouldBe):
(test):
* stress/cow-convert-double-to-contiguous.js: Added.
(createBuffer):
(shouldBe):
(test):
* stress/cow-convert-int32-to-array-storage.js: Added.
(createBuffer):
(shouldBe):
(test):
* stress/cow-convert-int32-to-contiguous.js: Added.
(createBuffer):
(shouldBe):
(test):
* stress/cow-convert-int32-to-double.js: Added.
(createBuffer):
(shouldBe):
(test):
* stress/put-on-cow-prototype.js: Added.
(putByVal):
(putById):

Source/JavaScriptCore:

This patch adds copy on write storage for new array buffers. In
order to do this there needed to be significant changes to the
layout of IndexingType. The new indexing type has the following
shape:

struct IndexingTypeAndMisc {
    struct IndexingModeIncludingHistory {
        struct IndexingMode {
            struct IndexingType {
                uint8_t isArray:1;          // bit 0
                uint8_t shape:3;            // bit 1 - 3
            };
            uint8_t copyOnWrite:1;          // bit 4
        };
        uint8_t mayHaveIndexedAccessors:1;  // bit 5
    };
    uint8_t cellLockBits:2;                 // bit 6 - 7
};

For simplicity ArrayStorage shapes cannot be CoW. So the only
valid CoW indexing shapes are ArrayWithInt32, ArrayWithDouble, and
ArrayWithContiguous.

The backing store for a CoW array is a new class
JSImmutableButterfly, which looks exactly the same as a normal
butterfly except that it has a JSCell header. Like other
butterflies, JSImmutableButterfies are allocated out of the
Auxiliary Gigacage and are pointed to by JSCells in the same
way. However, when marking JSImmutableButterflies they are marked
as if they were a property.

With CoW arrays, the new_array_buffer bytecode will reallocate the
shared JSImmutableButterfly if it sees from the allocation profile
that the last array it allocated has transitioned to a different
indexing type. From then on, all arrays created by that
new_array_buffer bytecode will have the promoted indexing
type. This is more or less the same as what we used to do. The
only difference is that we don't promote all the way to array
storage even if we have seen it before.

Transitioning from a CoW indexing mode occurs whenever someone
tries to store to an element, grow the array, or add properties.
Storing or growing the array will call into code that does the
stupid thing of copying the butterfly then continue into the old
code. This doesn't end up costing us as future allocations will
use any upgraded indexing shape.  We get adding properties for
free by just changing the indexing mode on transition (our C++
code always updates the indexing mode).

* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* bytecode/ArrayAllocationProfile.cpp:
(JSC::ArrayAllocationProfile::updateProfile):
* bytecode/ArrayAllocationProfile.h:
(JSC::ArrayAllocationProfile::initializeIndexingMode):
* bytecode/ArrayProfile.cpp:
(JSC::dumpArrayModes):
(JSC::ArrayProfile::briefDescriptionWithoutUpdating):
* bytecode/ArrayProfile.h:
(JSC::asArrayModes):
(JSC::arrayModeFromStructure):
(JSC::arrayModesInclude):
(JSC::hasSeenCopyOnWriteArray):
* bytecode/BytecodeList.json:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finishCreation):
* bytecode/InlineAccess.cpp:
(JSC::InlineAccess::generateArrayLength):
* bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedCodeBlock::addArrayAllocationProfile):
(JSC::UnlinkedCodeBlock::decompressArrayAllocationProfile):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::newArrayAllocationProfile):
(JSC::BytecodeGenerator::emitNewArrayBuffer):
(JSC::BytecodeGenerator::emitNewArray):
(JSC::BytecodeGenerator::emitNewArrayWithSize):
(JSC::BytecodeGenerator::emitExpectedFunctionSnippet):
* bytecompiler/BytecodeGenerator.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::ArrayNode::emitBytecode):
(JSC::ArrayPatternNode::bindValue const):
(JSC::ArrayPatternNode::emitDirectBinding):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGArgumentsEliminationPhase.cpp:
* dfg/DFGArgumentsUtilities.cpp:
(JSC::DFG::emitCodeToGetArgumentsArrayLength):
* dfg/DFGArrayMode.cpp:
(JSC::DFG::ArrayMode::fromObserved):
(JSC::DFG::ArrayMode::refine const):
(JSC::DFG::ArrayMode::alreadyChecked const):
* dfg/DFGArrayMode.h:
(JSC::DFG::ArrayMode::ArrayMode):
(JSC::DFG::ArrayMode::action const):
(JSC::DFG::ArrayMode::withSpeculation const):
(JSC::DFG::ArrayMode::withArrayClass const):
(JSC::DFG::ArrayMode::withType const):
(JSC::DFG::ArrayMode::withConversion const):
(JSC::DFG::ArrayMode::withTypeAndConversion const):
(JSC::DFG::ArrayMode::arrayModesThatPassFiltering const):
(JSC::DFG::ArrayMode::arrayModesWithIndexingShape const):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
(JSC::DFG::ByteCodeParser::handleIntrinsicGetter):
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::attemptToForceStringArrayModeByToStringConversion):
(JSC::DFG::FixupPhase::attemptToMakeGetArrayLength):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
* dfg/DFGNode.h:
(JSC::DFG::Node::indexingType):
(JSC::DFG::Node::indexingMode):
* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::compileExit):
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::emitAllocateRawObject):
(JSC::DFG::SpeculativeJIT::jumpSlowForUnwantedArrayMode):
(JSC::DFG::SpeculativeJIT::arrayify):
(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
(JSC::DFG::SpeculativeJIT::compileGetByValOnDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetByValOnScopedArguments):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileCreateRest):
(JSC::DFG::SpeculativeJIT::compileArraySlice):
(JSC::DFG::SpeculativeJIT::compileNewArrayBuffer):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGValidate.cpp:
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compilePutStructure):
(JSC::FTL::DFG::LowerDFGToB3::compileArraySlice):
(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayWithSpread):
(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayBuffer):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread):
(JSC::FTL::DFG::LowerDFGToB3::compileForwardVarargsWithSpread):
(JSC::FTL::DFG::LowerDFGToB3::storeStructure):
(JSC::FTL::DFG::LowerDFGToB3::isArrayTypeForArrayify):
* ftl/FTLOperations.cpp:
(JSC::FTL::operationMaterializeObjectInOSR):
* generate-bytecode-files:
* interpreter/Interpreter.cpp:
(JSC::sizeOfVarargs):
(JSC::loadVarargs):
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo):
* jit/JITOperations.cpp:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
* jit/Repatch.cpp:
(JSC::tryCachePutByID):
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/Butterfly.h:
(JSC::ContiguousData::Data::Data):
(JSC::ContiguousData::Data::operator bool const):
(JSC::ContiguousData::Data::operator=):
(JSC::ContiguousData::Data::operator const T& const):
(JSC::ContiguousData::Data::set):
(JSC::ContiguousData::Data::setWithoutWriteBarrier):
(JSC::ContiguousData::Data::clear):
(JSC::ContiguousData::Data::get const):
(JSC::ContiguousData::atUnsafe):
(JSC::ContiguousData::at const): Deleted.
(JSC::ContiguousData::at): Deleted.
* runtime/ButterflyInlines.h:
(JSC::ContiguousData<T>::at const):
(JSC::ContiguousData<T>::at):
* runtime/ClonedArguments.cpp:
(JSC::ClonedArguments::createEmpty):
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/CommonSlowPaths.h:
(JSC::CommonSlowPaths::allocateNewArrayBuffer):
* runtime/IndexingType.cpp:
(JSC::leastUpperBoundOfIndexingTypeAndType):
(JSC::leastUpperBoundOfIndexingTypeAndValue):
(JSC::dumpIndexingType):
* runtime/IndexingType.h:
(JSC::hasIndexedProperties):
(JSC::hasUndecided):
(JSC::hasInt32):
(JSC::hasDouble):
(JSC::hasContiguous):
(JSC::hasArrayStorage):
(JSC::hasAnyArrayStorage):
(JSC::hasSlowPutArrayStorage):
(JSC::shouldUseSlowPut):
(JSC::isCopyOnWrite):
(JSC::arrayIndexFromIndexingType):
* runtime/JSArray.cpp:
(JSC::JSArray::tryCreateUninitializedRestricted):
(JSC::JSArray::put):
(JSC::JSArray::appendMemcpy):
(JSC::JSArray::setLength):
(JSC::JSArray::pop):
(JSC::JSArray::fastSlice):
(JSC::JSArray::shiftCountWithAnyIndexingType):
(JSC::JSArray::unshiftCountWithAnyIndexingType):
(JSC::JSArray::fillArgList):
(JSC::JSArray::copyToArguments):
* runtime/JSArrayInlines.h:
(JSC::JSArray::pushInline):
* runtime/JSCell.h:
* runtime/JSCellInlines.h:
(JSC::JSCell::JSCell):
(JSC::JSCell::finishCreation):
(JSC::JSCell::indexingType const):
(JSC::JSCell::indexingMode const):
(JSC::JSCell::setStructure):
* runtime/JSFixedArray.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::haveABadTime):
(JSC::JSGlobalObject::visitChildren):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::originalArrayStructureForIndexingType const):
(JSC::JSGlobalObject::arrayStructureForIndexingTypeDuringAllocation const):
(JSC::JSGlobalObject::isOriginalArrayStructure):
* runtime/JSImmutableButterfly.cpp: Added.
(JSC::JSImmutableButterfly::visitChildren):
(JSC::JSImmutableButterfly::copyToArguments):
* runtime/JSImmutableButterfly.h: Added.
(JSC::JSImmutableButterfly::createStructure):
(JSC::JSImmutableButterfly::tryCreate):
(JSC::JSImmutableButterfly::create):
(JSC::JSImmutableButterfly::publicLength const):
(JSC::JSImmutableButterfly::vectorLength const):
(JSC::JSImmutableButterfly::length const):
(JSC::JSImmutableButterfly::toButterfly const):
(JSC::JSImmutableButterfly::fromButterfly):
(JSC::JSImmutableButterfly::get const):
(JSC::JSImmutableButterfly::subspaceFor):
(JSC::JSImmutableButterfly::setIndex):
(JSC::JSImmutableButterfly::allocationSize):
(JSC::JSImmutableButterfly::JSImmutableButterfly):
* runtime/JSObject.cpp:
(JSC::JSObject::markAuxiliaryAndVisitOutOfLineProperties):
(JSC::JSObject::visitButterflyImpl):
(JSC::JSObject::getOwnPropertySlotByIndex):
(JSC::JSObject::putByIndex):
(JSC::JSObject::createInitialInt32):
(JSC::JSObject::createInitialDouble):
(JSC::JSObject::createInitialContiguous):
(JSC::JSObject::convertUndecidedToInt32):
(JSC::JSObject::convertUndecidedToDouble):
(JSC::JSObject::convertUndecidedToContiguous):
(JSC::JSObject::convertInt32ToDouble):
(JSC::JSObject::convertInt32ToArrayStorage):
(JSC::JSObject::convertDoubleToContiguous):
(JSC::JSObject::convertDoubleToArrayStorage):
(JSC::JSObject::convertContiguousToArrayStorage):
(JSC::JSObject::createInitialForValueAndSet):
(JSC::JSObject::convertInt32ForValue):
(JSC::JSObject::convertFromCopyOnWrite):
(JSC::JSObject::ensureWritableInt32Slow):
(JSC::JSObject::ensureWritableDoubleSlow):
(JSC::JSObject::ensureWritableContiguousSlow):
(JSC::JSObject::ensureArrayStorageSlow):
(JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
(JSC::JSObject::switchToSlowPutArrayStorage):
(JSC::JSObject::deletePropertyByIndex):
(JSC::JSObject::getOwnPropertyNames):
(JSC::canDoFastPutDirectIndex):
(JSC::JSObject::defineOwnIndexedProperty):
(JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
(JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
(JSC::JSObject::putByIndexBeyondVectorLength):
(JSC::JSObject::countElements):
(JSC::JSObject::ensureLengthSlow):
(JSC::JSObject::getEnumerableLength):
(JSC::JSObject::ensureInt32Slow): Deleted.
(JSC::JSObject::ensureDoubleSlow): Deleted.
(JSC::JSObject::ensureContiguousSlow): Deleted.
* runtime/JSObject.h:
(JSC::JSObject::putDirectIndex):
(JSC::JSObject::canGetIndexQuickly):
(JSC::JSObject::getIndexQuickly):
(JSC::JSObject::tryGetIndexQuickly const):
(JSC::JSObject::canSetIndexQuickly):
(JSC::JSObject::setIndexQuickly):
(JSC::JSObject::initializeIndex):
(JSC::JSObject::initializeIndexWithoutBarrier):
(JSC::JSObject::ensureWritableInt32):
(JSC::JSObject::ensureWritableDouble):
(JSC::JSObject::ensureWritableContiguous):
(JSC::JSObject::ensureLength):
(JSC::JSObject::ensureInt32): Deleted.
(JSC::JSObject::ensureDouble): Deleted.
(JSC::JSObject::ensureContiguous): Deleted.
* runtime/JSObjectInlines.h:
(JSC::JSObject::putDirectInternal):
* runtime/JSType.h:
* runtime/RegExpMatchesArray.h:
(JSC::tryCreateUninitializedRegExpMatchesArray):
* runtime/Structure.cpp:
(JSC::Structure::Structure):
(JSC::Structure::addNewPropertyTransition):
(JSC::Structure::nonPropertyTransition):
* runtime/Structure.h:
* runtime/StructureIDBlob.h:
(JSC::StructureIDBlob::StructureIDBlob):
(JSC::StructureIDBlob::indexingModeIncludingHistory const):
(JSC::StructureIDBlob::setIndexingModeIncludingHistory):
(JSC::StructureIDBlob::indexingModeIncludingHistoryOffset):
(JSC::StructureIDBlob::indexingTypeIncludingHistory const): Deleted.
(JSC::StructureIDBlob::setIndexingTypeIncludingHistory): Deleted.
(JSC::StructureIDBlob::indexingTypeIncludingHistoryOffset): Deleted.
* runtime/StructureTransitionTable.h:
(JSC::newIndexingType):
* runtime/VM.cpp:
(JSC::VM::VM):
* runtime/VM.h:

Source/WebCore:

* bindings/js/JSDOMConvertSequences.h:
(WebCore::Detail::NumericSequenceConverter::convertArray):
(WebCore::Detail::SequenceConverter::convertArray):

LayoutTests:

Test should have a real error that gives you the stack.

* js/slow-stress/script-tests/variadic-closure-call.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232070 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, rolling out r232052.
ryanhaddad@apple.com [Tue, 22 May 2018 17:21:49 +0000 (17:21 +0000)]
Unreviewed, rolling out r232052.

Breaks internal builds.

Reverted changeset:

"Use more C++17"
https://bugs.webkit.org/show_bug.cgi?id=185176
https://trac.webkit.org/changeset/232052

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232069 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoHost jquery on webkit.org instead of 3rd party
commit-queue@webkit.org [Tue, 22 May 2018 16:34:23 +0000 (16:34 +0000)]
Host jquery on webkit.org instead of 3rd party
https://bugs.webkit.org/show_bug.cgi?id=185691

Patch by Roy Reapor <rreapor@apple.com> on 2018-05-22
Reviewed by Alexey Proskuryakov.

* PrettyPatch/PrettyPatch.rb:
* code-review-test.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232068 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[CMake] Properly detect compiler flags, needed libs, and fallbacks for usage of 64...
berto@igalia.com [Tue, 22 May 2018 15:54:48 +0000 (15:54 +0000)]
[CMake] Properly detect compiler flags, needed libs, and fallbacks for usage of 64-bit atomic operations
https://bugs.webkit.org/show_bug.cgi?id=182622
<rdar://problem/40292317>

Reviewed by Michael Catanzaro.

.:

* Source/cmake/WebKitCompilerFlags.cmake:
Move the test to detect whether we need to link against libatomic
to a common CMake file so it can be used from both JavaScriptCore
and WebKit.

Source/JavaScriptCore:

We were linking JavaScriptCore against libatomic in MIPS because
in that architecture __atomic_fetch_add_8() is not a compiler
intrinsic and is provided by that library instead. However other
architectures (e.g armel) are in the same situation, so we need a
generic test.

That test already exists in WebKit/CMakeLists.txt, so we just have
to move it to a common file (WebKitCompilerFlags.cmake) and use
its result (ATOMIC_INT64_REQUIRES_LIBATOMIC) here.

* CMakeLists.txt:

Source/WebKit:

Move the test to determine whether we need to link against
libatomic to the common file WebKitCompilerFlags.cmake so it can
also be used for JavaScriptCore.

* CMakeLists.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232067 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[GTK] WebDriver: Network process crash when running imported/w3c/webdriver/tests...
carlosgc@webkit.org [Tue, 22 May 2018 15:09:57 +0000 (15:09 +0000)]
[GTK] WebDriver: Network process crash when running imported/w3c/webdriver/tests/delete_cookie/delete.py::test_unknown_cookie
https://bugs.webkit.org/show_bug.cgi?id=185867

Reviewed by Michael Catanzaro.

We need to null check the value returned by URL::createSoupURI() before passing it to soup.

* platform/network/soup/CookieJarSoup.cpp:
(WebCore::setCookiesFromDOM):
(WebCore::cookiesForSession):
(WebCore::getRawCookies):
(WebCore::deleteCookie):
* platform/network/soup/NetworkStorageSessionSoup.cpp:
(WebCore::NetworkStorageSession::getCookies):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[LFC] Implement positioning for non-replaced out-of-flow elements.
zalan@apple.com [Tue, 22 May 2018 15:06:27 +0000 (15:06 +0000)]
[LFC] Implement positioning for non-replaced out-of-flow elements.
https://bugs.webkit.org/show_bug.cgi?id=185858

Reviewed by Antti Koivisto.

In certain cases, the out-of-flow element's final position depends on the element's size.
Call computeOutOfFlowPosition() after width/height are resolved.

* layout/FormattingContext.cpp:
(WebCore::Layout::FormattingContext::computeOutOfFlowPosition const):
(WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
(WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedPosition const):
(WebCore::Layout::FormattingContext::computeOutOfFlowReplacedPosition const):
* layout/FormattingContext.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232065 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoFix build without MathML
commit-queue@webkit.org [Tue, 22 May 2018 14:46:42 +0000 (14:46 +0000)]
Fix build without MathML
https://bugs.webkit.org/show_bug.cgi?id=185865

Patch by Olivier Blin <olivier.blin@softathome.com> on 2018-05-22
Reviewed by Frédéric Wang.

Regression(r226654): [RenderTreeBuilder] Move MathML addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181443

Regression(r229694): Put the DOM in IsoHeaps
https://bugs.webkit.org/show_bug.cgi?id=183546

No new tests, build fix.

* mathml/MathMLUnknownElement.cpp:
* mathml/MathMLUnknownElement.h:
* rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::attach):
* rendering/updating/RenderTreeBuilder.h:
* rendering/updating/RenderTreeBuilderMathML.cpp:
* rendering/updating/RenderTreeBuilderMathML.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232064 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[css-text] W3C test suite gardening
rego@igalia.com [Tue, 22 May 2018 13:34:03 +0000 (13:34 +0000)]
[css-text] W3C test suite gardening
https://bugs.webkit.org/show_bug.cgi?id=185862

Test suite landed in r232057 but some of the tests marked as failure
are actually passing.

Unreviewed test gardening.

* TestExpectations:
* platform/ios/TestExpectations:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232063 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, rolling out r231843.
mcatanzaro@igalia.com [Tue, 22 May 2018 13:20:03 +0000 (13:20 +0000)]
Unreviewed, rolling out r231843.

Broke cross build

Reverted changeset:

"[CMake] Properly detect compiler flags, needed libs, and
fallbacks for usage of 64-bit atomic operations"
https://bugs.webkit.org/show_bug.cgi?id=182622
https://trac.webkit.org/changeset/231843

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232062 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[GStreamer] Don't set the ReadyState to HaveNothing when an error occurs in playback...
commit-queue@webkit.org [Tue, 22 May 2018 11:40:13 +0000 (11:40 +0000)]
[GStreamer] Don't set the ReadyState to HaveNothing when an error occurs in playback pipeline
https://bugs.webkit.org/show_bug.cgi?id=185725

Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-05-22
Reviewed by Philippe Normand.

The ReadyState should not be set to HaveNothing when an error occurs in playback pipeline, because
at least we should have the metadata in order to have an error in pipeline.

Here is the definition of HaveNothing state in W3C spec https://dev.w3.org/html5/spec-preview/media-elements.html#ready-states
"HAVE_NOTHING (numeric value 0): No information regarding the media resource is available. No data for the current
playback position is available. Media elements whose networkState attribute is NETWORK_EMPTY are always in the HAVE_NOTHING state."

In MSE case, this patch fixes the crashes of the followings WPT encrypted-media tests:
- clearkey-mp4-playback-temporary-clear-encrypted.https.html
- clearkey-mp4-playback-temporary-multikey-sequential.https.html
- clearkey-mp4-playback-temporary-multikey-sequential-readyState.https.html

Here is the cause of the crashes: When an error occurs in playback pipeline like no decipher key, in case of encrypted content,
the MediaPlayerPrivateGstreamer sets NetworkState to FormatError which causes the detachment of MediaElement from MediaSource,
then MediaPlayerPrivateGstreamer sets the ReadyState to HaveNothing which causes a trying again to play the same URI,
thus the crash occurs because the MediaElement is detached from MediaSource, see bugzilla for more details.
Note: these crashes should be fixed in 185242 but unfortunately it isn't the case. See bug 185242 for more details.

* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232061 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[GStreamer] Update to GStreamer 1.14.1 in jhbuild
commit-queue@webkit.org [Tue, 22 May 2018 11:37:15 +0000 (11:37 +0000)]
[GStreamer] Update to GStreamer 1.14.1 in jhbuild
https://bugs.webkit.org/show_bug.cgi?id=185689

Patch by Thibault Saunier <tsaunier@igalia.com> on 2018-05-22
Reviewed by Philippe Normand.

And update the patches, removing the ones that have been merged upstream.

* gstreamer/jhbuild.modules:
* gstreamer/patches/gst-plugins-good-0001-gstgdkpixbufdec-stop-pretending-to-decode-gifs.patch: Removed.
* gstreamer/patches/gst-plugins-good-0001-souphttpsrc-cookie-jar-and-context-query-support.patch: Removed. Not needed anymore and closed as OBSELETE upstream.
* gstreamer/patches/gst-plugins-good-0002-qtdemux-add-context-for-a-preferred-protection.patch: Renamed from Tools/gstreamer/patches/gst-plugins-good-0006-qtdemux-add-context-for-a-preferred-protection.patch
This patch has now been merged in GStreamer master and will be there in GStreamer 1.16.
* gstreamer/patches/gst-plugins-good-0003-qtdemux-also-push-buffers-without-encryption-info-in.patch: Renamed from Tools/gstreamer/patches/gst-plugins-good-0008-qtdemux-also-push-buffers-without-encryption-info-in.patch.
This patch has now been merged in GStreamer master and will be there in GStreamer 1.16.
* gstreamer/patches/gst-plugins-good-0009-qtdemux-fix-assert-when-moof-contains-one-sample.patch: Removed.
* gstreamer/patches/gstreamer-0001-protection-added-function-to-filter-system-ids.patch: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232060 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoDefine GIGACAGE_ALLOCATION_CAN_FAIL on Linux
utatane.tea@gmail.com [Tue, 22 May 2018 10:49:17 +0000 (10:49 +0000)]
Define GIGACAGE_ALLOCATION_CAN_FAIL on Linux
https://bugs.webkit.org/show_bug.cgi?id=183329

Reviewed by Michael Catanzaro.

We specify `GIGACAGE_ALLOCATION_CAN_FAIL 1` in Linux since
Linux can fail to `mmap` if `vm.overcommit_memory = 2`.
Users can enable Gigacage if users enable overcommit_memory.

* bmalloc/Gigacage.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232059 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[MSE][GStreamer] Fix the deadlock caused by bug 185242 (r231351)
commit-queue@webkit.org [Tue, 22 May 2018 09:32:46 +0000 (09:32 +0000)]
[MSE][GStreamer] Fix the deadlock caused by bug 185242 (r231351)
https://bugs.webkit.org/show_bug.cgi?id=185723

Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-05-22
Reviewed by Xabier Rodriguez-Calvar.

After a detailed investigation, we found that, the patch r231351 doesn't fix the crash that expected to fix,
it just replaces it by a deadlock. Now the crash is fixed in the bug 185725.

This Patch will remove a part of r231351 that causes the deadlock.

* platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
(webKitMediaSrcFreeStream):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232058 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[css-text] Import WPT test suite
rego@igalia.com [Tue, 22 May 2018 08:20:00 +0000 (08:20 +0000)]
[css-text] Import WPT test suite
https://bugs.webkit.org/show_bug.cgi?id=183258

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

* resources/import-expectations.json:
* resources/resource-files.json:
* web-platform-tests/css/css-text/: Added.

LayoutTests:

* TestExpectations: Flag tests that are not passing right now.
* platform/gtk/imported/w3c/web-platform-tests/css/css-text/white-space/seg-break-transformation-001-expected.txt: Added.
* platform/gtk/imported/w3c/web-platform-tests/css/css-text/white-space/seg-break-transformation-004-expected.txt: Added.
* platform/gtk/imported/w3c/web-platform-tests/css/css-text/white-space/seg-break-transformation-016-expected.txt: Added.
* platform/gtk/imported/w3c/web-platform-tests/css/css-text/white-space/seg-break-transformation-017-expected.txt: Added.
* platform/gtk/imported/w3c/web-platform-tests/css/css-text/white-space/white-space-collapse-002-expected.txt: Added.
* platform/ios-simulator/TestExpectations: Flag tests that are not passing right now.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232057 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoCrash when loading a SVG image
carlosgc@webkit.org [Tue, 22 May 2018 07:46:02 +0000 (07:46 +0000)]
Crash when loading a SVG image
https://bugs.webkit.org/show_bug.cgi?id=185819

Reviewed by Brent Fulgham.

This is happening in WebLoaderStrategy::scheduleLoad() when getting the value of
FrameLoaderClient::pageID(). SVGImage uses the empty clients for the loader, and
EmptyFrameLoaderClient::pageID() returns std::nullopt. The same happens with the frameID. This changed in
r225934, when pageID() and frameID() were changed to return std::optional, EmptyFrameLoaderClient was updated to
return std::nullopt instead of 0.

* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoad): Use value_or(0) instead of value() to get pageID and frameID from
FrameLoaderClient.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUse more C++17
utatane.tea@gmail.com [Tue, 22 May 2018 06:46:43 +0000 (06:46 +0000)]
Use more C++17
https://bugs.webkit.org/show_bug.cgi?id=185176

Reviewed by JF Bastien.

PerformanceTests:

* MallocBench/MallocBench.xcodeproj/project.pbxproj:
* MediaTime/Configurations/Base.xcconfig:
* MediaTime/MediaTime.xcodeproj/project.pbxproj:

Source/bmalloc:

Add BNO_RETURN.

* Configurations/Base.xcconfig:
* bmalloc/BCompiler.h:
* bmalloc/Scavenger.h:

Source/JavaScriptCore:

* Configurations/Base.xcconfig:

Source/ThirdParty:

* gtest/xcode/Config/General.xcconfig:

Source/ThirdParty/ANGLE:

* Configurations/Base.xcconfig:

Source/WebCore:

* Configurations/Base.xcconfig:
* DerivedSources.make:
* platform/ios/LegacyTileGrid.mm:
(WebCore::LegacyTileGrid::dropDistantTiles):

Source/WebCore/PAL:

* Configurations/Base.xcconfig:

Source/WebInspectorUI:

* Configurations/Base.xcconfig:

Source/WebKit:

* Configurations/Base.xcconfig:
* DerivedSources.make:

Source/WebKitLegacy/mac:

* Configurations/Base.xcconfig:
* Configurations/WebKitLegacy.xcconfig:

Source/WTF:

* Configurations/Base.xcconfig:
* wtf/StdLibExtras.h:

Tools:

* DumpRenderTree/mac/Configurations/Base.xcconfig:
* ImageDiff/cg/Configurations/Base.xcconfig:
* MiniBrowser/Configurations/Base.xcconfig:
* MobileMiniBrowser/Configurations/Base.xcconfig:
* TestWebKitAPI/Configurations/Base.xcconfig:
* WebKitTestRunner/Configurations/Base.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232052 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[GTK][Wayland] UI process crash when closing the window
carlosgc@webkit.org [Tue, 22 May 2018 06:08:51 +0000 (06:08 +0000)]
[GTK][Wayland] UI process crash when closing the window
https://bugs.webkit.org/show_bug.cgi?id=185818

Reviewed by Michael Catanzaro.

This happens when a page containing a text field is loaded but the focus remains in the url bar when the window
is closed. This is because we are sending a notify-in to the IM context, but the focus is still in the URL
bar. That confuses the wayland input method manager that tries to free the text of the web view IM context that has
already been deleted.

* UIProcess/gtk/InputMethodFilter.cpp:
(WebKit::InputMethodFilter::setEnabled): Only send notify-in if the view is actually focused.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232049 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[JSC] Remove duplicate methods in JSInterfaceJIT
utatane.tea@gmail.com [Tue, 22 May 2018 05:46:27 +0000 (05:46 +0000)]
[JSC] Remove duplicate methods in JSInterfaceJIT
https://bugs.webkit.org/show_bug.cgi?id=185813

Reviewed by Saam Barati.

Some methods of JSInterfaceJIT are duplicate with AssemblyHelpers' ones.
This patch removes these ones and use AssemblyHelpers' ones instead.

This patch also a bit cleans up ThunkGenerators' unnecessary ifdefs.

* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::tagFor):
(JSC::AssemblyHelpers::payloadFor):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_unsigned):
(JSC::JIT::emit_compareUnsigned):
(JSC::JIT::emit_op_inc):
(JSC::JIT::emit_op_dec):
(JSC::JIT::emit_op_mod):
* jit/JITCall32_64.cpp:
(JSC::JIT::compileOpCall):
* jit/JITInlines.h:
(JSC::JIT::emitPutIntToCallFrameHeader):
(JSC::JIT::updateTopCallFrame):
(JSC::JIT::emitInitRegister):
(JSC::JIT::emitLoad):
(JSC::JIT::emitStore):
(JSC::JIT::emitStoreInt32):
(JSC::JIT::emitStoreCell):
(JSC::JIT::emitStoreBool):
(JSC::JIT::emitGetVirtualRegister):
(JSC::JIT::emitPutVirtualRegister):
(JSC::JIT::emitTagBool): Deleted.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_overrides_has_instance):
(JSC::JIT::emit_op_is_empty):
(JSC::JIT::emit_op_is_undefined):
(JSC::JIT::emit_op_is_boolean):
(JSC::JIT::emit_op_is_number):
(JSC::JIT::emit_op_is_cell_with_type):
(JSC::JIT::emit_op_is_object):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::compileOpStrictEq):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emitSlow_op_neq):
(JSC::JIT::emitSlow_op_instanceof_custom):
(JSC::JIT::emitNewFuncExprCommon):
* jit/JSInterfaceJIT.h:
(JSC::JSInterfaceJIT::emitLoadInt32):
(JSC::JSInterfaceJIT::emitLoadDouble):
(JSC::JSInterfaceJIT::emitPutToCallFrameHeader):
(JSC::JSInterfaceJIT::emitPutCellToCallFrameHeader):
(JSC::JSInterfaceJIT::tagFor): Deleted.
(JSC::JSInterfaceJIT::payloadFor): Deleted.
(JSC::JSInterfaceJIT::intPayloadFor): Deleted.
(JSC::JSInterfaceJIT::intTagFor): Deleted.
(JSC::JSInterfaceJIT::emitTagInt): Deleted.
(JSC::JSInterfaceJIT::addressFor): Deleted.
* jit/SpecializedThunkJIT.h:
(JSC::SpecializedThunkJIT::returnDouble):
* jit/ThunkGenerators.cpp:
(JSC::nativeForGenerator):
(JSC::arityFixupGenerator):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232048 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, reland InById cache
utatane.tea@gmail.com [Tue, 22 May 2018 04:54:31 +0000 (04:54 +0000)]
Unreviewed, reland InById cache
https://bugs.webkit.org/show_bug.cgi?id=185682

JSTests:

* stress/in-by-id-accessors.js: Added.
(shouldBe):
(test):
(protoGetter.__proto__.get hello):
(protoSetter.__proto__.set hello):
(i.shouldBe.test.get hello):
(i.shouldBe.test.set hello):
* stress/in-by-id-ai.js: Added.
(shouldBe):
(test):
* stress/in-by-id-custom-accessors.js: Added.
(shouldBe):
(test1):
(test2):
* stress/in-by-id-custom-values.js: Added.
(shouldBe):
(test):
* stress/in-by-id-operation.js: Added.
(shouldBe):
(test):
(selfCache):
* stress/in-by-id-proxy.js: Added.
(shouldBe):
(test):
(handler.has):

Source/JavaScriptCore:

Includes Dominik's 32bit fix.

* bytecode/AccessCase.cpp:
(JSC::AccessCase::fromStructureStubInfo):
(JSC::AccessCase::generateWithGuard):
(JSC::AccessCase::generateImpl):
* bytecode/BytecodeDumper.cpp:
(JSC::BytecodeDumper<Block>::printInByIdCacheStatus):
(JSC::BytecodeDumper<Block>::dumpBytecode):
* bytecode/BytecodeDumper.h:
* bytecode/BytecodeList.json:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finishCreation):
* bytecode/InlineAccess.cpp:
(JSC::InlineAccess::generateSelfInAccess):
* bytecode/InlineAccess.h:
* bytecode/StructureStubInfo.cpp:
(JSC::StructureStubInfo::initInByIdSelf):
(JSC::StructureStubInfo::deref):
(JSC::StructureStubInfo::aboutToDie):
(JSC::StructureStubInfo::reset):
(JSC::StructureStubInfo::visitWeakReferences):
(JSC::StructureStubInfo::propagateTransitions):
* bytecode/StructureStubInfo.h:
(JSC::StructureStubInfo::patchableJump):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitInByVal):
(JSC::BytecodeGenerator::emitInById):
(JSC::BytecodeGenerator::emitIn): Deleted.
* bytecompiler/BytecodeGenerator.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::InNode::emitBytecode):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::link):
* dfg/DFGJITCompiler.h:
(JSC::DFG::JITCompiler::addInById):
(JSC::DFG::InRecord::InRecord): Deleted.
(JSC::DFG::JITCompiler::addIn): Deleted.
* dfg/DFGNode.h:
(JSC::DFG::Node::convertToInById):
(JSC::DFG::Node::hasIdentifier):
(JSC::DFG::Node::hasArrayMode):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileInById):
(JSC::DFG::SpeculativeJIT::compileInByVal):
(JSC::DFG::SpeculativeJIT::compileIn): Deleted.
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileInByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileInById):
(JSC::FTL::DFG::LowerDFGToB3::compileIn): Deleted.
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::boxBoolean):
* jit/ICStats.h:
* jit/JIT.cpp:
(JSC::JIT::JIT):
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
(JSC::JIT::link):
* jit/JIT.h:
* jit/JITInlineCacheGenerator.cpp:
(JSC::JITInByIdGenerator::JITInByIdGenerator):
(JSC::JITInByIdGenerator::generateFastPath):
* jit/JITInlineCacheGenerator.h:
(JSC::JITInByIdGenerator::JITInByIdGenerator):
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_in_by_id):
(JSC::JIT::emitSlow_op_in_by_id):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emit_op_in_by_id):
(JSC::JIT::emitSlow_op_in_by_id):
* jit/Repatch.cpp:
(JSC::tryCacheInByID):
(JSC::repatchInByID):
(JSC::resetInByID):
(JSC::tryCacheIn): Deleted.
(JSC::repatchIn): Deleted.
(JSC::resetIn): Deleted.
* jit/Repatch.h:
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter64.asm:
* parser/NodeConstructors.h:
(JSC::InNode::InNode):
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/CommonSlowPaths.h:
(JSC::CommonSlowPaths::opInByVal):
(JSC::CommonSlowPaths::opIn): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoRemove unused and no-op WKContextSetCookieStorageDirectory
rniwa@webkit.org [Tue, 22 May 2018 04:04:17 +0000 (04:04 +0000)]
Remove unused and no-op WKContextSetCookieStorageDirectory
https://bugs.webkit.org/show_bug.cgi?id=185857

Reviewed by Youenn Fablet.

Deleted C API which didn't do anything useful, and consequently not used by anyone.

* UIProcess/API/C/WKContext.cpp:
(WKContextSetCookieStorageDirectory): Deleted.
* UIProcess/API/C/WKContextPrivate.h:
* UIProcess/WebProcessPool.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232046 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[LFC] Box::isDescendantOf() should work with out-of-flow elements.
zalan@apple.com [Tue, 22 May 2018 03:43:31 +0000 (03:43 +0000)]
[LFC] Box::isDescendantOf() should work with out-of-flow elements.
https://bugs.webkit.org/show_bug.cgi?id=185812

Reviewed by Antti Koivisto.

Use the containing block chain instead of the parent chain to check for isDescendantOf().
(containing block is not always the direct parent)

* layout/layouttree/LayoutBox.cpp:
(WebCore::Layout::Box::isDescendantOf const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232045 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoRemove dead exception in MediaList.appendMedium
commit-queue@webkit.org [Tue, 22 May 2018 03:11:30 +0000 (03:11 +0000)]
Remove dead exception in MediaList.appendMedium
https://bugs.webkit.org/show_bug.cgi?id=185278

Patch by Chris Nardi <cnardi@chromium.org> on 2018-05-21
Reviewed by Chris Dumez.

Source/WebCore:

MediaList.appendMedium was able to throw an exception, but MediaQuerySet::add() always
returned true, making it impossible for that exception to be thrown. This matched the
spec, as |appendMedium| is not specified to throw an exception. Remove the dead code
surrounding the exception, and make MediaQuerySet::add() return false if the medium is
not added.

No new/modified tests as there should be no functional changes.

* css/MediaList.cpp:
(WebCore::MediaQuerySet::add):
(WebCore::MediaList::appendMedium):
* css/MediaList.h:
* css/MediaList.idl:

Source/WebKit:

Remove code pertaining to an exception being thrown by appendMedium().

* WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMMediaList.cpp:
(webkit_dom_media_list_append_medium):

Source/WebKitLegacy/mac:

Remove code pertaining to an exception being thrown by appendMedium().

* DOM/DOMMediaList.mm:
(-[DOMMediaList appendMedium:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232044 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoFile's structured serialization should serialize lastModified attribute
cdumez@apple.com [Tue, 22 May 2018 02:24:18 +0000 (02:24 +0000)]
File's structured serialization should serialize lastModified attribute
https://bugs.webkit.org/show_bug.cgi?id=185773

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Re-sync workers/semantics/structured-clone WPT tests after:
https://github.com/w3c/web-platform-tests/pull/9218

* web-platform-tests/html/webappapis/structured-clone/structured-clone-battery-of-tests-harness.js: Added.
(runStructuredCloneBatteryOfTests):
* web-platform-tests/html/webappapis/structured-clone/structured-clone-battery-of-tests-with-transferables.js: Added.
(structuredCloneBatteryOfTests.push.async.f):
* web-platform-tests/html/webappapis/structured-clone/structured-clone-battery-of-tests.js: Renamed from LayoutTests/imported/w3c/web-platform-tests/workers/semantics/structured-clone/common.js.
(async.compare_Blob):
(get_canvas_1x1_transparent_black):
(get_canvas_1x1_non_transparent_non_black):
(compare_ImageBitmap):
(structuredCloneBatteryOfTests.push.async.f):
* web-platform-tests/html/webappapis/structured-clone/w3c-import.log: Copied from LayoutTests/imported/w3c/web-platform-tests/workers/semantics/structured-clone/w3c-import.log.
* web-platform-tests/workers/semantics/structured-clone/dedicated-expected.txt:
* web-platform-tests/workers/semantics/structured-clone/dedicated.html:
* web-platform-tests/workers/semantics/structured-clone/dedicated.js: Removed.
* web-platform-tests/workers/semantics/structured-clone/shared-expected.txt:
* web-platform-tests/workers/semantics/structured-clone/shared.html:
* web-platform-tests/workers/semantics/structured-clone/shared.js: Removed.
* web-platform-tests/workers/semantics/structured-clone/w3c-import.log:
* web-platform-tests/workers/semantics/structured-clone/worker-common.js: Removed.

Source/WebCore:

Update our implementation for the stuctured serialization of a File to include
its lastModified attribute, as per:
- https://w3c.github.io/FileAPI/#file-section

No new tests, rebaselined existing test.

* bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneSerializer::write):
(WebCore::CloneDeserializer::readFile):
* fileapi/File.cpp:
(WebCore::File::File):
* fileapi/File.h:

LayoutTests:

Unskip structured serialization tests that no longer fail / time out.

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232043 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[LFC] Add FormattingContext::validateGeometryConstraintsAfterLayout
zalan@apple.com [Tue, 22 May 2018 01:41:58 +0000 (01:41 +0000)]
[LFC] Add FormattingContext::validateGeometryConstraintsAfterLayout
https://bugs.webkit.org/show_bug.cgi?id=185811

Reviewed by Antti Koivisto.

Also implement LayoutDescendantIterator and fix LayoutIterator.

* WebCore.xcodeproj/project.pbxproj:
* layout/FormattingContext.cpp:
(WebCore::Layout::FormattingContext::validateGeometryConstraintsAfterLayout const):
* layout/FormattingContext.h:
* layout/blockformatting/BlockFormattingContext.cpp:
(WebCore::Layout::BlockFormattingContext::layout const):
* layout/layouttree/LayoutDescendantIterator.h: Added.
(WebCore::Layout::LayoutDescendantIterator<T>::LayoutDescendantIterator):
(WebCore::Layout::LayoutDescendantIterator<T>::operator):
(WebCore::Layout::LayoutDescendantIteratorAdapter<T>::LayoutDescendantIteratorAdapter):
(WebCore::Layout::LayoutDescendantIteratorAdapter<T>::begin):
(WebCore::Layout::LayoutDescendantIteratorAdapter<T>::end):
(WebCore::Layout::LayoutDescendantIteratorAdapter<T>::at):
(WebCore::Layout::descendantsOfType):
* layout/layouttree/LayoutIterator.h:
(WebCore::Layout::LayoutBoxTraversal::firstChild):
(WebCore::Layout::LayoutBoxTraversal::nextAncestorSibling):
(WebCore::Layout::LayoutBoxTraversal::next):
(WebCore::Layout::LayoutBoxTraversal::nextSkippingChildren):
(WebCore::Layout::Traversal::firstChild):
(WebCore::Layout::Traversal::nextSibling):
(WebCore::Layout::Traversal::previousSibling):
(WebCore::Layout::Traversal::findAncestorOfType):
(WebCore::Layout::Traversal::firstWithin):
(WebCore::Layout::Traversal::next):
(WebCore::Layout::LayoutIterator<T>::traversePreviousSibling):
(WebCore::Layout::LayoutIterator<T>::traverseAncestor):
(WebCore::Layout::Traversal::nextAncestorSibling): Deleted.
(WebCore::Layout::Traversal::nextWithin): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232042 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, update crypto/subtle/ecdh-import-jwk-private-key-p384.html to correct...
jiewen_tan@apple.com [Tue, 22 May 2018 01:37:46 +0000 (01:37 +0000)]
Unreviewed, update crypto/subtle/ecdh-import-jwk-private-key-p384.html to correct input

* crypto/subtle/ecdh-import-jwk-private-key-p384.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232041 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoSource/WebKit:
commit-queue@webkit.org [Tue, 22 May 2018 00:19:28 +0000 (00:19 +0000)]
Source/WebKit:
[iOS] Click events only fire once when editing
https://bugs.webkit.org/show_bug.cgi?id=185777

Patch by Aditya Keerthi <akeerthi@apple.com> on 2018-05-21
Reviewed by Tim Horton.

gestureRecognizerShouldBegin: was returning false for the single tap gesture when a node was being
edited. This is an artifact of how the gesture was previously handled with the text selection assistant.
This condition is now removed, allowing the single tap gesture to go through and correctly propagate the
click event.

Also added an early return to _didGetTapHighlightForRequest: in order to prevent the tap highlight from
being shown when the node is already being assisted.

* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _didGetTapHighlightForRequest:color:quads:topLeftRadius:topRightRadius:bottomLeftRadius:bottomRightRadius:]):
(-[WKContentView gestureRecognizerShouldBegin:]):

LayoutTests:
Added test to verify behaviour when tapping multiple times on an editable node.
https://bugs.webkit.org/show_bug.cgi?id=185777

Patch by Aditya Keerthi <akeerthi@apple.com> on 2018-05-21
Reviewed by Tim Horton.

* fast/events/ios/click-event-while-editing-node-expected.txt: Added.
* fast/events/ios/click-event-while-editing-node.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232040 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[Curl] Bugfix for r231968, Suspend/Resume with WK2
Basuke.Suzuki@sony.com [Tue, 22 May 2018 00:14:39 +0000 (00:14 +0000)]
[Curl] Bugfix for r231968, Suspend/Resume with WK2
https://bugs.webkit.org/show_bug.cgi?id=185830

The flags are needed to be updated even if it is cancelled or finished to cleanup correctly.
Also fixed trivial bug for very rare case (hard to produce the situation).

Reviewed by Youenn Fablet.

No new tests because WK2 is not ready for WinCairo yet in public., tested internaly.

* platform/network/curl/CurlRequest.cpp:
(WebCore::CurlRequest::suspend):
(WebCore::CurlRequest::resume):
(WebCore::CurlRequest::pausedStatusChanged):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232039 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months ago[WinCairo] Enable WebKit build by default
Hironori.Fujii@sony.com [Tue, 22 May 2018 00:03:20 +0000 (00:03 +0000)]
[WinCairo] Enable WebKit build by default
https://bugs.webkit.org/show_bug.cgi?id=185141

Reviewed by Per Arne Vollan.

.:

* Source/cmake/OptionsWin.cmake: Disable
ENABLE_NETSCAPE_PLUGIN_API unconditionally for WinCairo port
because it builds both WK1 and WK2.
* Source/cmake/OptionsWinCairo.cmake: Turn ENABLE_WEBKIT on by default.
Remove BUILDING_WIN_CAIRO_WEBKIT macro.

Tools:

TestWTF, TestWebCore and TestWebKitLegacy need a dependency to
WebKitForwardingHeaders because config.h includes a header of WK2.

* TestWebKitAPI/PlatformWin.cmake: Make TestWTFLib, TestWebCoreLib and TestWebKitLegacyLib depend on WebKitForwardingHeaders.
* TestWebKitAPI/config.h: Use PLATFORM(WIN_CAIRO) instead of BUILDING_WIN_CAIRO_WEBKIT.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232038 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, rolling out r232030.
commit-queue@webkit.org [Mon, 21 May 2018 23:42:21 +0000 (23:42 +0000)]
Unreviewed, rolling out r232030.
https://bugs.webkit.org/show_bug.cgi?id=185850

"Caused
TestWebKitAPI.IndexedDB.StructuredCloneBackwardCompatibility
API test to fail" (Requested by cdumez on #webkit).

Reverted changeset:

"File's structured serialization should serialize lastModified
attribute"
https://bugs.webkit.org/show_bug.cgi?id=185773
https://trac.webkit.org/changeset/232030

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232037 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoREGRESSION: performance-api/performance-observer-entry-sort.html is flaky
rniwa@webkit.org [Mon, 21 May 2018 23:28:39 +0000 (23:28 +0000)]
REGRESSION: performance-api/performance-observer-entry-sort.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=185385

Reviewed by Saam Barati.

Add diagnostic assertions to test the hypothesis that performance.now is drifting backwards.

* performance-api/performance-observer-entry-sort.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232033 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoREGRESSION (r231107): CSP report-only policies are ignored for beacon, importScripts...
dbates@webkit.org [Mon, 21 May 2018 23:15:11 +0000 (23:15 +0000)]
REGRESSION (r231107): CSP report-only policies are ignored for beacon, importScripts, fetch(), EventSource, and XHR
https://bugs.webkit.org/show_bug.cgi?id=185789
<rdar://problem/40380175>

Reviewed by Andy Estes.

Source/WebCore:

Fixes an issue where CSP report-only policies were ignored for DocumentThreadableLoader and
PingLoad initiated loads as a result of moving CSP processing to NetworkProcess.

Have NetworkLoadChecker implement the ContentSecurityPolicyClient interface and support logging
console messages, sending CSP reports, and dispatching SecurityPolicyViolation events. To support
the latter we introduce a new WebPage message, EnqueueSecurityPolicyViolationEvent, to enqueue
a SecurityPolicyViolationEvent created from an event init dictionary on the document's event
dispatch queue.

Additionally, shorten the description for a ResourceError caused by CSP to "Blocked by Content Security Policy"
because the CSP code run in NetworkProcess can now log its more detailed error description to
Web Inspector.

Tests: http/tests/security/contentSecurityPolicy/connect-src-beacon-allowed.html
       http/tests/security/contentSecurityPolicy/connect-src-beacon-blocked.html
       http/tests/security/contentSecurityPolicy/report-only-connect-src-beacon-redirect-blocked.php
       http/tests/security/contentSecurityPolicy/report-only-connect-src-xmlhttprequest-redirect-to-blocked.php

* WebCore.xcodeproj/project.pbxproj: Change SecurityPolicyViolationEvent.h from a project header to
a private header so that we can include it in WebKit code.
* dom/Document.cpp:
(WebCore::Document::enqueueSecurityPolicyViolationEvent): Added.
* dom/Document.h:

* dom/EventInit.h:
(WebCore::EventInit::encode const):
(WebCore::EventInit::decode
* dom/SecurityPolicyViolationEvent.h:
(WebCore::SecurityPolicyViolationEvent::Init::encode const):
(WebCore::SecurityPolicyViolationEvent::Init::decode):
Support encoding and decoding for the event.

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::enqueueSecurityPolicyViolationEvent): Formerly named "dispatchSecurityPolicyViolationEvent".
(WebCore::DocumentLoader::dispatchSecurityPolicyViolationEvent): Deleted; renamed to "enqueueSecurityPolicyViolationEvent".
* loader/DocumentLoader.h:

* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::redirectReceived): While I am here, move the check for whether the loader
strategy took responsibility for performing security checks to be before we perform the CSP check to avoid doing
such CSP checks twice in the case that the loader strategy already did them.
(WebCore::DocumentThreadableLoader::didFail): Remove code that checked the CSP policy if the load failed. When
the loader strategy (NetworkProcess) is responsible for performing security checks then this code would never
be executed for a violation of a CSP report-only policy because the loader does not and should not fail the load
for a report-only violations. As the name implies, a report-only violation is only reported. That is, it is not
enforced such that the load is blocked; => fail the load.
(WebCore::DocumentThreadableLoader::reportContentSecurityPolicyError): Update the error description to more
accurately describe the error and be consistent with the error message used in NetworkProcess. This error
message is shown for a redirect blocked by CSP regardless of whether the redirect was to a same-origin or
cross-origin resource. I chose to make the error message more vague than necessary for simplicity because
the CSP code will log a more detailed message for this error than could ever be captured by error message
for the ResourceError. Also use ASCIILiteral to efficiently construct the String object for the error
message.

* page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::reportViolation const): Build up a SecurityPolicyViolationEvent::Init and
pass that to the delegate to dispatch.
* page/csp/ContentSecurityPolicy.h: Export allowScriptFromSource() and allowChildContextFromSource() so that
we can call them from WebKit.
* page/csp/ContentSecurityPolicyClient.h: Update for renaming.
* platform/network/ResourceRequestBase.h: Define a new requester type to be able to differentiate a request
initiated by importScripts() from other requests. We use this to perform the appropriate CSP checks in NetworkProcess.
* workers/WorkerScriptLoader.cpp:
(WebCore::WorkerScriptLoader::loadSynchronously): Set the requester on the ResourceRequest to ResourceRequest::Requester::ImportScripts
so that we can differentiate this request from other requests. See remark for file ResourceRequestBase.h for
more details.

Source/WebKit:

Have NetworkLoadChecker implement the ContentSecurityPolicyClient interface and support logging
console messages, sending CSP reports, and dispatching SecurityPolicyViolation events.

* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::loadPing):
* NetworkProcess/NetworkLoadChecker.cpp:
(WebKit::NetworkLoadChecker::NetworkLoadChecker): Modified to take a reference to the NetworkConnectionToWebProcess,
the web page ID, the web frame ID, and the resource load identifier. These details are necessary
in order to implement the ContentSecurityPolicyClient interface.
(WebKit::NetworkLoadChecker::isAllowedByContentSecurityPolicy): Added.
(WebKit::NetworkLoadChecker::continueCheckingRequest): Write in terms of isAllowedByContentSecurityPolicy().
(WebKit::NetworkLoadChecker::contentSecurityPolicy): Pass ourself as the client so that we receive
delegate callbacks.
(WebKit::NetworkLoadChecker::addConsoleMessage): Added.
(WebKit::NetworkLoadChecker::sendCSPViolationReport): Added.
(WebKit::NetworkLoadChecker::enqueueSecurityPolicyViolationEvent): Added.
* NetworkProcess/NetworkLoadChecker.h:
* NetworkProcess/NetworkResourceLoader.cpp:
(NetworkResourceLoader::enqueueSecurityPolicyViolationEvent): Added.
* NetworkProcess/NetworkResourceLoader.h:
* NetworkProcess/PingLoad.cpp:
(WebKit::PingLoad::PingLoad): Modified to take a reference to the NetworkConnectionToWebProcess and pass
this through to the NetworkLoadChecker along with the web page ID, web frame ID and resource load identifier.
* NetworkProcess/PingLoad.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::enqueueSecurityPolicyViolationEvent): Added.
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in: Add message EnqueueSecurityPolicyViolationEvent.

LayoutTests:

Add some new tests and updated the expected results of other tests.

The tests connect-src-beacon-{allowed, blocked} are derived from the Blink test:
<https://chromium.googlesource.com/chromium/src/+/5c265c1a56a60533a1957589d33eabc201e2e8b6/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-beacon-allowed.html>

* http/tests/quicklook/same-origin-xmlhttprequest-allowed-expected.txt: Update expected result. Note that these results are
a continuation of a regression caused by r231107. See <https://bugs.webkit.org/show_bug.cgi?id=185807> for more details.
* http/tests/security/contentSecurityPolicy/1.1/child-src/worker-redirect-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/connect-src-beacon-allowed-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/connect-src-beacon-allowed.html: Added.
* http/tests/security/contentSecurityPolicy/connect-src-beacon-blocked-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/connect-src-beacon-blocked.html: Added.
* http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/report-only-connect-src-beacon-redirect-blocked-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/report-only-connect-src-beacon-redirect-blocked.php: Added.
* http/tests/security/contentSecurityPolicy/report-only-connect-src-xmlhttprequest-redirect-to-blocked-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/report-only-connect-src-xmlhttprequest-redirect-to-blocked.php: Added.
* http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt:
* http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin-expected.txt:
* http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt:
* http/wpt/beacon/connect-src-beacon-redirect-blocked.sub-expected.txt:
* platform/mac-wk1/TestExpectations: Skip the beacon tests because we do not support beacon in WebKit1.
* platform/mac-wk1/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt:
* platform/mac-wk1/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt:
* platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt: Added.
* platform/mac-wk1/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt: Added.
* platform/win/TestExpectations: Skip the beacon tests because we do not support beacon in WebKit1.
* platform/win/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt:
* platform/win/http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-redirect-to-blocked-expected.txt:
* platform/win/http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked-expected.txt: Added.
* platform/win/http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232032 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoWeb Automation: always return an empty cookie list if document.cookieURL() is empty
bburg@apple.com [Mon, 21 May 2018 22:10:35 +0000 (22:10 +0000)]
Web Automation: always return an empty cookie list if document.cookieURL() is empty
https://bugs.webkit.org/show_bug.cgi?id=185838
<rdar://problem/37737526>

Reviewed by Tim Horton.

* WebProcess/Automation/WebAutomationSessionProxy.cpp:
(WebKit::WebAutomationSessionProxy::getCookiesForFrame):
This crashes in CFNetwork code because an empty cookie URL is not a valid input.
Just return an empty list since there couldn't be any cookies returned.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232031 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoFile's structured serialization should serialize lastModified attribute
cdumez@apple.com [Mon, 21 May 2018 21:53:46 +0000 (21:53 +0000)]
File's structured serialization should serialize lastModified attribute
https://bugs.webkit.org/show_bug.cgi?id=185773

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Re-sync workers/semantics/structured-clone WPT tests after:
https://github.com/w3c/web-platform-tests/pull/9218

* web-platform-tests/html/webappapis/structured-clone/structured-clone-battery-of-tests-harness.js: Added.
(runStructuredCloneBatteryOfTests):
* web-platform-tests/html/webappapis/structured-clone/structured-clone-battery-of-tests-with-transferables.js: Added.
(structuredCloneBatteryOfTests.push.async.f):
* web-platform-tests/html/webappapis/structured-clone/structured-clone-battery-of-tests.js: Renamed from LayoutTests/imported/w3c/web-platform-tests/workers/semantics/structured-clone/common.js.
(async.compare_Blob):
(get_canvas_1x1_transparent_black):
(get_canvas_1x1_non_transparent_non_black):
(compare_ImageBitmap):
(structuredCloneBatteryOfTests.push.async.f):
* web-platform-tests/html/webappapis/structured-clone/w3c-import.log: Copied from LayoutTests/imported/w3c/web-platform-tests/workers/semantics/structured-clone/w3c-import.log.
* web-platform-tests/workers/semantics/structured-clone/dedicated-expected.txt:
* web-platform-tests/workers/semantics/structured-clone/dedicated.html:
* web-platform-tests/workers/semantics/structured-clone/dedicated.js: Removed.
* web-platform-tests/workers/semantics/structured-clone/shared-expected.txt:
* web-platform-tests/workers/semantics/structured-clone/shared.html:
* web-platform-tests/workers/semantics/structured-clone/shared.js: Removed.
* web-platform-tests/workers/semantics/structured-clone/w3c-import.log:
* web-platform-tests/workers/semantics/structured-clone/worker-common.js: Removed.

Source/WebCore:

Update our implementation for the stuctured serialization of a File to include
its lastModified attribute, as per:
- https://w3c.github.io/FileAPI/#file-section

No new tests, rebaselined existing test.

* bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneSerializer::write):
(WebCore::CloneDeserializer::readFile):
* fileapi/File.cpp:
(WebCore::File::File):
* fileapi/File.h:

LayoutTests:

Unskip structured serialization tests that no longer fail / time out.

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232030 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoUnreviewed, rolling out r231998 and r232017.
commit-queue@webkit.org [Mon, 21 May 2018 21:52:26 +0000 (21:52 +0000)]
Unreviewed, rolling out r231998 and r232017.
https://bugs.webkit.org/show_bug.cgi?id=185842

causes crashes on 32 JSC bot (Requested by realdawei on
#webkit).

Reverted changesets:

"[JSC] JSC should have consistent InById IC"
https://bugs.webkit.org/show_bug.cgi?id=185682
https://trac.webkit.org/changeset/231998

"Unreviewed, fix 32bit and scope release"
https://bugs.webkit.org/show_bug.cgi?id=185682
https://trac.webkit.org/changeset/232017

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232029 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoWeb Automation: terminate the automation session if the network or storage process...
bburg@apple.com [Mon, 21 May 2018 21:47:59 +0000 (21:47 +0000)]
Web Automation: terminate the automation session if the network or storage process crashes
https://bugs.webkit.org/show_bug.cgi?id=185827
<rdar://problem/40424020>

Reviewed by Tim Horton.

If one of the processes crashes, the page may be in an undefined state and
automation will fail in unpredictable ways. It's better to just give up immediately.

* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::networkProcessFailedToLaunch):
(WebKit::WebProcessPool::storageProcessCrashed):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232028 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoAdd expected results for imported/w3c/web-platform-tests/css/cssom/interfaces.html
commit-queue@webkit.org [Mon, 21 May 2018 21:36:06 +0000 (21:36 +0000)]
Add expected results for imported/w3c/web-platform-tests/css/cssom/interfaces.html
https://bugs.webkit.org/show_bug.cgi?id=185834

Unreviewed test gardening.

This test was added as part of r232005 but it didn't have an expected results file.

Patch by David Fenton <david_fenton@apple.com> on 2018-05-21

* web-platform-tests/css/cssom/interfaces-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232027 268f45cc-cd09-0410-ab3c-d52691b4dbfc

14 months agoImprove NowPlaying "title"
eric.carlson@apple.com [Mon, 21 May 2018 21:28:16 +0000 (21:28 +0000)]
Improve NowPlaying "title"
https://bugs.webkit.org/show_bug.cgi?id=185680
<rdar://problem/40296700>

Unreviewed test fix.

* http/tests/media/now-playing-info-expected.txt:
* http/tests/media/now-playing-info.html: Don't test .elapsedTime before seeking because
the time value can take a while to "settle" when a file has just loaded.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232026 268f45cc-cd09-0410-ab3c-d52691b4dbfc