WebKit-https.git
6 years agoCursor doesn't change back to pointer when leaving Mail
rniwa@webkit.org [Thu, 26 Mar 2015 21:43:21 +0000 (21:43 +0000)]
Cursor doesn't change back to pointer when leaving Mail
https://bugs.webkit.org/show_bug.cgi?id=132038

Reviewed by Anders Carlsson.

Fixed the bug by adding a cursor rect and making the primary tracking area update the cursor so that
AppKit will reset the cursor as it leaves the WebView.

We use nil cursor here since we manually update the cursor by calling [NSCursor set].

Source/WebKit/mac:

* WebView/WebHTMLView.mm:
(-[WebHTMLView setDataSource:]): Use NSTrackingCursorUpdate option in creating the primary tracking area.

Source/WebKit2:

* UIProcess/API/mac/WKView.mm:
(-[WKView initWithFrame:processPool:configuration:webView:]):
* UIProcess/mac/PageClientImpl.mm:
(WebKit::PageClientImpl::recommendedScrollbarStyleDidChange):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182026 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoFix state maching debugging after r181964
benjamin@webkit.org [Thu, 26 Mar 2015 21:02:29 +0000 (21:02 +0000)]
Fix state maching debugging after r181964
https://bugs.webkit.org/show_bug.cgi?id=143082

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-03-26
Reviewed by Alex Christensen.

* contentextensions/ContentExtensionCompiler.cpp:
(WebCore::ContentExtensions::compileRuleList):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182024 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoIf we're in code for accessing scoped arguments, we should probably check if the...
fpizlo@apple.com [Thu, 26 Mar 2015 20:48:06 +0000 (20:48 +0000)]
If we're in code for accessing scoped arguments, we should probably check if the object is a scoped arguments rather than checking if it's a direct arguments.

Reviewed by Michael Saboff.

* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitScopedArgumentsGetByVal):
* tests/stress/scoped-then-direct-arguments-get-by-val-in-baseline.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182023 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoImprove the offsetWidth/Height layout optimization
hyatt@apple.com [Thu, 26 Mar 2015 19:09:24 +0000 (19:09 +0000)]
Improve the offsetWidth/Height layout optimization
https://bugs.webkit.org/show_bug.cgi?id=143008

Reviewed by Zalan Bujtas.

* dom/Document.cpp:
(WebCore::Document::updateLayoutIfDimensionsOutOfDate):
* dom/Document.h:
Change Element* to Element&. Clean up the dimension bits to use shifting. Remove both the inline and
the positioning restrictions on the optimization check.

* dom/Element.cpp:
(WebCore::Element::offsetWidth):
(WebCore::Element::offsetHeight):
Change to use Element& instead of Element*.

(WebCore::Element::clientWidth):
(WebCore::Element::clientHeight):
(WebCore::Element::scrollWidth):
(WebCore::Element::scrollHeight):
Turn on the optimization for clientWidth/Height and scrollWidth/Height.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182022 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Linux] SeccompFilters: improve the port-agnostic whitelist
commit-queue@webkit.org [Thu, 26 Mar 2015 19:00:05 +0000 (19:00 +0000)]
[Linux] SeccompFilters: improve the port-agnostic whitelist
https://bugs.webkit.org/show_bug.cgi?id=140064

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2015-03-26
Reviewed by Žan Doberšek.

Allow the web process to access several files and directories that it
was previously prohibited from accessing. This makes the web process
much less likely to break.

* Shared/linux/SeccompFilters/SyscallPolicy.cpp:
(WebKit::SyscallPolicy::addDefaultWebProcessPolicy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182021 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoRemove unneeded isConditionalRequest check from NetworkResourceLoader
antti@apple.com [Thu, 26 Mar 2015 18:49:40 +0000 (18:49 +0000)]
Remove unneeded isConditionalRequest check from NetworkResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=143096

Reviewed by Anders Carlsson.

This check is leftover from implementation that allowed disk cache to validate conditional
request itself. The case can't happen as NetworkCache canRetrieve test does not allow
conditional requests in the first place.

* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::didReceiveResponseAsync):
(WebKit::isConditionalRequest): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182020 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoRename Storage::Entry to Storage::Record
antti@apple.com [Thu, 26 Mar 2015 18:39:22 +0000 (18:39 +0000)]
Rename Storage::Entry to Storage::Record
https://bugs.webkit.org/show_bug.cgi?id=143101

Reviewed by Chris Dumez.

Lets have just one type called Entry in the cache code.

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::Cache::retrieve):
(WebKit::NetworkCache::Cache::store):
(WebKit::NetworkCache::Cache::update):
(WebKit::NetworkCache::Cache::traverse):
(WebKit::NetworkCache::Cache::dumpContentsToFile):
* NetworkProcess/cache/NetworkCacheEntry.cpp:
(WebKit::NetworkCache::Entry::Entry):
(WebKit::NetworkCache::Entry::encodeAsStorageRecord):
(WebKit::NetworkCache::Entry::decodeStorageRecord):
(WebKit::NetworkCache::Entry::initializeBufferFromStorageRecord):
(WebKit::NetworkCache::Entry::buffer):
(WebKit::NetworkCache::Entry::shareableResourceHandle):
(WebKit::NetworkCache::Entry::encode): Deleted.
(WebKit::NetworkCache::Entry::decode): Deleted.
(WebKit::NetworkCache::Entry::initializeBufferFromStorageEntry): Deleted.
* NetworkProcess/cache/NetworkCacheEntry.h:
(WebKit::NetworkCache::Entry::sourceStorageRecord):
(WebKit::NetworkCache::Entry::sourceStorageEntry): Deleted.
* NetworkProcess/cache/NetworkCacheStorage.cpp:
(WebKit::NetworkCache::RecordMetaData::RecordMetaData):
(WebKit::NetworkCache::decodeRecordMetaData):
(WebKit::NetworkCache::decodeRecordHeader):
(WebKit::NetworkCache::decodeRecord):
(WebKit::NetworkCache::encodeRecordMetaData):
(WebKit::NetworkCache::encodeRecordHeader):
(WebKit::NetworkCache::Storage::dispatchReadOperation):
(WebKit::NetworkCache::retrieveFromMemory):
(WebKit::NetworkCache::Storage::store):
(WebKit::NetworkCache::Storage::update):
(WebKit::NetworkCache::Storage::traverse):
(WebKit::NetworkCache::Storage::dispatchPendingWriteOperations):
(WebKit::NetworkCache::Storage::dispatchFullWriteOperation):
(WebKit::NetworkCache::Storage::dispatchHeaderWriteOperation):
(WebKit::NetworkCache::EntryMetaData::EntryMetaData): Deleted.
(WebKit::NetworkCache::decodeEntryMetaData): Deleted.
(WebKit::NetworkCache::decodeEntryHeader): Deleted.
(WebKit::NetworkCache::decodeEntry): Deleted.
(WebKit::NetworkCache::encodeEntryMetaData): Deleted.
(WebKit::NetworkCache::encodeEntryHeader): Deleted.
* NetworkProcess/cache/NetworkCacheStorage.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182019 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAdd --allowed-host support to run-webkit-tests
jer.noble@apple.com [Thu, 26 Mar 2015 18:16:02 +0000 (18:16 +0000)]
Add --allowed-host support to run-webkit-tests
https://bugs.webkit.org/show_bug.cgi?id=142938

Reviewed by Brent Fulgham.

Accept --allowed-host arguments from run-webkit-tests and pass them through to
DumpRenderTree and WebKitTestRunner.

Drive-by fix: Depending on the value of the --layout-test-dir parameter, layout test results
are placed in the wrong location. The argument is compared with each tests's path, and if a
relative path or a path with '..' was used, results are placed alongside the test. Take the
absolute path of the --layout-test-dir argument, collapsing path components like '..'.

* Scripts/webkitpy/layout_tests/run_webkit_tests.py:
(parse_args):
* Scripts/webkitpy/port/base.py:
(Port.__init__):
(Port.allowed_hosts):
* Scripts/webkitpy/port/driver.py:
(Driver.cmd_line):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182018 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Mac] Add an --allowed-host argument to DRT and WKTR to allow tests to connect to...
jer.noble@apple.com [Thu, 26 Mar 2015 18:12:56 +0000 (18:12 +0000)]
[Mac] Add an --allowed-host argument to DRT and WKTR to allow tests to connect to non-localhost servers
https://bugs.webkit.org/show_bug.cgi?id=142931

Reviewed by Brent Fulgham.

Currently, both DRT and WKTR will refuse to allow network connections to non-localhost servers
over HTTP/HTTPS. For certain testing scenarios, however, it would be useful if both DRT and
WKTR could be allowed to make HTTP/HTTPS connections to certain, specific servers defined at
runtime.

To allow this, add an optional argument to DRT and WKTR, --allowed-host, which will add the specified
hostname to a whitelist; requests to these hosts will allowed to proceed normally.

Drive-by fix: in InjectedBundlePage::willSendRequestForFrame, we get the top loading frame from the
injected bundle. But after the main resource load completes, the bundle nulls out it's pointer to the
top loading frame, which causes a subsequent crash when further resources are requested. Instead, get
the top loading frame from the page, as we do elsewhere in this class.

* DumpRenderTree/TestRunner.h:
(TestRunner::allowedHosts):
(TestRunner::setAllowedHosts):
* DumpRenderTree/mac/DumpRenderTree.mm:
(initializeGlobalsFromCommandLineOptions):
(runTest):
* DumpRenderTree/mac/ResourceLoadDelegate.mm:
(isAllowedHost):
(-[ResourceLoadDelegate webView:resource:willSendRequest:redirectResponse:fromDataSource:]):
* WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::didReceiveMessage):
(WTR::InjectedBundle::isAllowedHost):
* WebKitTestRunner/InjectedBundle/InjectedBundle.h:
* WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
(WTR::isAllowedHost):
(WTR::InjectedBundlePage::willSendRequestForFrame):
* WebKitTestRunner/InjectedBundle/TestRunner.h:
* WebKitTestRunner/Options.cpp:
(WTR::handleOptionAllowedHost):
(WTR::OptionsHandler::OptionsHandler):
* WebKitTestRunner/Options.h:
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::initialize):
(WTR::TestController::resetStateToConsistentValues):
* WebKitTestRunner/TestController.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182017 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoApply ContentExtension actions after redirects.
beidson@apple.com [Thu, 26 Mar 2015 17:45:12 +0000 (17:45 +0000)]
Apply ContentExtension actions after redirects.
<rdar://problem/20062613> and https://bugs.webkit.org/show_bug.cgi?id=143055

Reviewed by Alex Christensen.

Source/WebCore:

Tests: http/tests/contentextensions/loading/main-resource-redirect-blocked.php
       http/tests/contentextensions/subresource-redirect-blocked.html

This patch moves the "run a URL against the content extension" code from CachedResourceLoader to
the ContentExtensionsBackend.

That allows it to be shared between the CachedResourceLoader where loads are initiated and
ResourceLoader where redirects are handled.

* contentextensions/ContentExtension.cpp:
(WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):

* contentextensions/ContentExtensionsBackend.cpp:
(WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
(WebCore::ContentExtensions::ContentExtensionsBackend::displayNoneCSSRule):
* contentextensions/ContentExtensionsBackend.h:

* loader/NetscapePlugInStreamLoader.cpp:
(WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):

* loader/ResourceLoadInfo.h:

* loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::ResourceLoader):
(WebCore::ResourceLoader::willSendRequest):
* loader/ResourceLoader.h:

* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::SubresourceLoader):

* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):

* page/UserContentController.cpp:
(WebCore::UserContentController::processContentExtensionRulesForLoad):
(WebCore::UserContentController::actionsForResourceLoad): Deleted.
(WebCore::UserContentController::globalDisplayNoneStyleSheet): Deleted.
(WebCore::UserContentController::displayNoneCSSRule): Deleted.
* page/UserContentController.h:

Tools:

* WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:
(WTR::InjectedBundlePage::didFailProvisionalLoadWithErrorForFrame): Dump the fact that the load error is kWKErrorCodeCannotShowURL
  which is specifically interesting to a new test.

LayoutTests:

* http/tests/contentextensions/loading/main-resource-redirect-blocked-expected.txt: Added.
* http/tests/contentextensions/loading/main-resource-redirect-blocked.php: Added.
* http/tests/contentextensions/loading/main-resource-redirect-blocked.php.json: Added.
* http/tests/contentextensions/loading/resources/main-resource-redirect-blocked-target.html: Added.
* http/tests/contentextensions/resources/subresource-redirect.php: Added.
* http/tests/contentextensions/subresource-redirect-blocked-expected.txt: Added.
* http/tests/contentextensions/subresource-redirect-blocked.html: Added.
* http/tests/contentextensions/subresource-redirect-blocked.html.json: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182016 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoCrash when laying out (char)0
mmaxfield@apple.com [Thu, 26 Mar 2015 17:29:53 +0000 (17:29 +0000)]
Crash when laying out (char)0
https://bugs.webkit.org/show_bug.cgi?id=143103

Reviewed by Dean Jackson.

We currently cache a character -> Font mapping in a HashMap.
However, keys in Hashmaps can't be 0. This patch simply skips
the cache in this case.

No new tests, for now. I'm having trouble creating a test because
the site that causes this bug generates their page using script,
and the script is all minified, and difficult to understand. I
will contact the owner of the site and ask for and unminified
version of their sources. However, I don't want to that to block
this tiny fix from going in.

* platform/graphics/Font.cpp:
(WebCore::Font::systemFallbackFontForCharacter):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Mac][EME] Crash at com.apple.WebCore: WebCore::CDMSessionMediaSourceAVFObjC::release...
jer.noble@apple.com [Thu, 26 Mar 2015 17:24:21 +0000 (17:24 +0000)]
[Mac][EME] Crash at com.apple.WebCore: WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys + 177
https://bugs.webkit.org/show_bug.cgi?id=143080

Reviewed by Eric Carlson.

Null-check m_certificate before dereferencing.

* platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
(WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182014 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agojs/promises-tests/promises-tests-2-3-3.html sometimes crashes under DFG::SpeculativeJ...
msaboff@apple.com [Thu, 26 Mar 2015 17:04:38 +0000 (17:04 +0000)]
js/promises-tests/promises-tests-2-3-3.html sometimes crashes under DFG::SpeculativeJIT::compile
https://bugs.webkit.org/show_bug.cgi?id=139865

Reviewed by Alexey Proskuryakov.

It appears that r181993 fixed this test as it removed the code where the crash occurred.

* TestExpectations: Re-enabled js/promises-tests/promises-tests-2-3-3 including marking it as Slow.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182013 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAX: [role="button"][aria-pressed] should be exposed as AXCheckbox:AXToggleButton...
cfleizach@apple.com [Thu, 26 Mar 2015 16:35:58 +0000 (16:35 +0000)]
AX: [role="button"][aria-pressed] should be exposed as AXCheckbox:AXToggleButton, with role description of "toggle button"
https://bugs.webkit.org/show_bug.cgi?id=115298

Reviewed by Mario Sanchez Prada.

Source/WebCore:

A role=button + aria-pressed object should be exposed as AXCheckbox on Mac now. It should also convert the
aria-pressed state into a 0, 1, 2 number value for the Mac.

Test: platform/mac/accessibility/aria-pressed-button-attributes.html

* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::checkboxOrRadioValue):
* accessibility/AccessibilityObject.h:
(WebCore::AccessibilityObject::isToggleButton):
* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
(createAccessibilityRoleMap):
(-[WebAccessibilityObjectWrapper subrole]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

LayoutTests:

* accessibility/aria-toggle-button-with-title.html:
     Bad path for post test resources file, so that is fixed.
* platform/mac/accessibility/aria-pressed-button-attributes-expected.txt: Added.
* platform/mac/accessibility/aria-pressed-button-attributes.html: Added.
* platform/mac/accessibility/aria-toggle-button-with-title-expected.txt:
      Updated to reflect the new role of this object.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182012 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[WK2] Let the compiler generate the NetworkCache::Key move constructor
cdumez@apple.com [Thu, 26 Mar 2015 16:24:06 +0000 (16:24 +0000)]
[WK2] Let the compiler generate the NetworkCache::Key move constructor
https://bugs.webkit.org/show_bug.cgi?id=143079

Reviewed by Antti Koivisto.

Let the compiler generate the NetworkCache::Key move constructor. The
generated one will do exactly the same thing as the one we had except
that it will move the m_hash member as well. I don't see any reason why
we weren't moving this member before (it is an std::array<uint8_t, 16>).

Also have the compiler generate a move assignment operator for
consistency. Although it is not currently useful, it could be at some
point.

* NetworkProcess/cache/NetworkCacheKey.cpp:
(WebKit::NetworkCache::Key::Key): Deleted.
* NetworkProcess/cache/NetworkCacheKey.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182011 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[WK2][NetworkCache] Compute if a cached response has expired only when actually needed
cdumez@apple.com [Thu, 26 Mar 2015 16:21:44 +0000 (16:21 +0000)]
[WK2][NetworkCache] Compute if a cached response has expired only when actually needed
https://bugs.webkit.org/show_bug.cgi?id=143070

Reviewed by Antti Koivisto.

Compute if a cached response has expired only when actually needed:
- This is not a history navigation
and
- It does not have "Cache-Control: no-cache" header

Previously, we would always determine if the response has expired and
we often end up not using this information.

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::responseHasExpired):
(WebKit::NetworkCache::canUse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182010 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoFTL ScopedArguments GetArrayLength generates incorrect code and crashes in LLVM
fpizlo@apple.com [Thu, 26 Mar 2015 15:29:57 +0000 (15:29 +0000)]
FTL ScopedArguments GetArrayLength generates incorrect code and crashes in LLVM
https://bugs.webkit.org/show_bug.cgi?id=143098

Reviewed by Csaba Osztrogonác.

* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::LowerDFGToLLVM::compileGetArrayLength): Fix a typo.
* tests/stress/scoped-arguments-array-length.js: Added. This test previously always crashed in ftl-no-cjit mode.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182009 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[EFL] Disable building libseccomp on AArch64
ossy@webkit.org [Thu, 26 Mar 2015 12:23:49 +0000 (12:23 +0000)]
[EFL] Disable building libseccomp on AArch64
https://bugs.webkit.org/show_bug.cgi?id=143094

Reviewed by Gyuyoung Kim.

* efl/jhbuildrc:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182008 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[jhbuild] git should use only 1 thread for cloning jhbuild
ossy@webkit.org [Thu, 26 Mar 2015 12:21:38 +0000 (12:21 +0000)]
[jhbuild] git should use only 1 thread for cloning jhbuild
https://bugs.webkit.org/show_bug.cgi?id=143095

Reviewed by Gyuyoung Kim.

* jhbuild/jhbuild-wrapper:
(clone_jhbuild):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182007 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed gardening, skip failing tests on AArch64 Linux.
ossy@webkit.org [Thu, 26 Mar 2015 10:47:37 +0000 (10:47 +0000)]
Unreviewed gardening, skip failing tests on AArch64 Linux.

Source/JavaScriptCore:

* tests/mozilla/mozilla-tests.yaml:
* tests/stress/cached-prototype-setter.js:

LayoutTests:

* js/script-tests/array-from.js:
* js/script-tests/array-length-shortening.js:
* js/script-tests/dfg-int16array.js:
* js/script-tests/dfg-int8array.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182006 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAvoid the Vector<> copy in WebTouchEvent constructor
zandobersek@gmail.com [Thu, 26 Mar 2015 07:51:33 +0000 (07:51 +0000)]
Avoid the Vector<> copy in WebTouchEvent constructor
https://bugs.webkit.org/show_bug.cgi?id=143043

Reviewed by Carlos Garcia Campos.

Have the WebTouchEvent accept a Vector<> rvalue.
The relevant code is updated so the Vector<> object is moved
through the call chain and finally into the WebTouchEvent constructor.

* Shared/NativeWebTouchEvent.h:
* Shared/WebEvent.h:
* Shared/WebTouchEvent.cpp:
(WebKit::WebTouchEvent::WebTouchEvent):
* Shared/efl/WebEventFactory.cpp:
(WebKit::WebEventFactory::createWebTouchEvent):
* Shared/gtk/NativeWebTouchEventGtk.cpp:
(WebKit::NativeWebTouchEvent::NativeWebTouchEvent):
* Shared/gtk/WebEventFactory.cpp:
(WebKit::WebEventFactory::createWebTouchEvent):
* Shared/gtk/WebEventFactory.h:
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseTouchEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182005 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, fixes to silly things. While landing fixes to r181993, I introduced crash...
fpizlo@apple.com [Thu, 26 Mar 2015 07:17:08 +0000 (07:17 +0000)]
Unreviewed, fixes to silly things. While landing fixes to r181993, I introduced crashes. This fixes them.

* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants): I landed a fix for a VS warning. It broke this. Now I'm fixing it.
* ftl/FTLCompile.cpp:
(JSC::FTL::compile): Make sure we pass the module when dumping. This makes FTL debugging possible again.
* ftl/FTLState.cpp:
(JSC::FTL::State::dumpState): New overload that takes a module, so that we can call this after FTL::compile() clears State's module.
* ftl/FTLState.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182004 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agomedia/track/track-mode.html flakily times out
ap@apple.com [Thu, 26 Mar 2015 07:00:36 +0000 (07:00 +0000)]
media/track/track-mode.html flakily times out
https://bugs.webkit.org/show_bug.cgi?id=143085

* TestExpectations: Added an expectation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182003 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAX: table cells that use display:block render the table inaccessible to VoiceOver
cfleizach@apple.com [Thu, 26 Mar 2015 06:01:59 +0000 (06:01 +0000)]
AX: table cells that use display:block render the table inaccessible to VoiceOver
https://bugs.webkit.org/show_bug.cgi?id=143007

Unreviewed, layout test fix.

Skip associated accessibility/table-cell-display-block.html on failing platforms.

* platform/efl/TestExpectations:
* platform/gtk/TestExpectations:
    Specific platform changes in children ordering need to be updated to make this test pass.
* platform/win/TestExpectations:
    Need to implement cellForRowAndColumn.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182002 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, fix obvious goof that was causing 32-bit debug crashes. The 64-bit versio...
fpizlo@apple.com [Thu, 26 Mar 2015 05:32:19 +0000 (05:32 +0000)]
Unreviewed, fix obvious goof that was causing 32-bit debug crashes. The 64-bit version did it
right, so this just makes 32-bit do the same.

* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182001 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoFix a typo that ggaren found but that I didn't fix before.
fpizlo@apple.com [Thu, 26 Mar 2015 05:23:10 +0000 (05:23 +0000)]
Fix a typo that ggaren found but that I didn't fix before.

* runtime/DirectArgumentsOffset.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@182000 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, we have edited this file in 2015.
fpizlo@apple.com [Thu, 26 Mar 2015 04:58:10 +0000 (04:58 +0000)]
Unreviewed, we have edited this file in 2015.

* wtf/Platform.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181999 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, VC found a bug. This fixes the bug.
fpizlo@apple.com [Thu, 26 Mar 2015 04:52:14 +0000 (04:52 +0000)]
Unreviewed, VC found a bug. This fixes the bug.

* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181998 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, try to fix Windows build.
fpizlo@apple.com [Thu, 26 Mar 2015 04:50:28 +0000 (04:50 +0000)]
Unreviewed, try to fix Windows build.

* runtime/ClonedArguments.cpp:
(JSC::ClonedArguments::createWithInlineFrame):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUpdate prepare-ChangeLog to work with ES6 Class syntax
commit-queue@webkit.org [Thu, 26 Mar 2015 04:37:35 +0000 (04:37 +0000)]
Update prepare-ChangeLog to work with ES6 Class syntax
https://bugs.webkit.org/show_bug.cgi?id=143069

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-03-25
Reviewed by Timothy Hatcher.

* Scripts/prepare-ChangeLog:
(get_function_line_ranges_for_javascript):
Better handle ES6 Class syntax.

* Scripts/webkitperl/prepare-ChangeLog_unittest/resources/javascript_unittests-expected.txt:
* Scripts/webkitperl/prepare-ChangeLog_unittest/resources/javascript_unittests.js:
(BaseClass):
(DerivedClass):
(DerivedClass.staticMethod):
(DerivedClass.prototype.method.nestedFunctionInsideMethod):
(DerivedClass.prototype.method):
(DerivedClass.prototype.get getter):
(namespace.MyClass):
(namespace.MyClass.staticMethod):
(namespace.MyClass.prototype.method.nestedFunctionInsideMethod):
(namespace.MyClass.prototype.method):
(namespace.MyClass.prototype.get getter):
Proof!

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, fix debug build.
fpizlo@apple.com [Thu, 26 Mar 2015 04:35:31 +0000 (04:35 +0000)]
Unreviewed, fix debug build.

* bytecompiler/NodesCodegen.cpp:
(JSC::ConstDeclNode::emitCodeSingle):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181995 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, fix CLOOP build.
fpizlo@apple.com [Thu, 26 Mar 2015 04:34:11 +0000 (04:34 +0000)]
Unreviewed, fix CLOOP build.

* dfg/DFGMinifiedID.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181994 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoHeap variables shouldn't end up in the stack frame
fpizlo@apple.com [Thu, 26 Mar 2015 04:28:43 +0000 (04:28 +0000)]
Heap variables shouldn't end up in the stack frame
https://bugs.webkit.org/show_bug.cgi?id=141174

Reviewed by Geoffrey Garen.
Source/JavaScriptCore:

This is a major change to how JavaScriptCore handles declared variables (i.e. "var"). It removes
any ambiguity about whether a variable should be in the heap or on the stack. A variable will no
longer move between heap and stack during its lifetime. This enables a bunch of optimizations and
simplifications:

- Accesses to variables no longer need checks or indirections to determine where the variable is
  at that moment in time. For example, loading a closure variable now takes just one load instead
  of two. Loading an argument by index now takes a bounds check and a load in the fastest case
  (when no arguments object allocation is required) while previously that same operation required
  a "did I allocate arguments yet" check, a bounds check, and then the load.

- Reasoning about the allocation of an activation or arguments object now follows the same simple
  logic as the allocation of any other kind of object. Previously, those objects were lazily
  allocated - so an allocation instruction wasn't the actual allocation site, since it might not
  allocate anything at all. This made the implementation of traditional escape analyses really
  awkward, and ultimately it meant that we missed important cases. Now, we can reason about the
  arguments object using the usual SSA tricks which allows for more comprehensive removal.

- The allocations of arguments objects, functions, and activations are now much faster. While
  this patch generally expands our ability to eliminate arguments object allocations, an earlier
  version of the patch - which lacked that functionality - was a progression on some arguments-
  and closure-happy benchmarks because although no allocations were eliminated, all allocations
  were faster.

- There is no tear-off. The runtime no loner needs to know about where on the stack a frame keeps
  its arguments objects or activations. The runtime doesn't have to do things to the arguments
  objects and activations that a frame allocated, when the frame is unwound. We always had horrid
  bugs in that code, so it's good to see it go. This removes *a ton* of machinery from the DFG,
  FTL, CodeBlock, and other places. All of the things having to do with "captured variables" is
  now gone. This also enables implementing block-scoping. Without this change, block-scope
  support would require telling CodeBlock and all of the rest of the runtime about all of the
  variables that store currently-live scopes. That would have been so disastrously hard that it
  might as well be impossible. With this change, it's fair game for the bytecode generator to
  simply allocate whatever activations it wants, wherever it wants, and to keep them live for
  however long it wants. This all works, because after bytecode generation, an activation is just
  an object and variables that refer to it are just normal variables.

- SymbolTable can now tell you explicitly where a variable lives. The answer is in the form of a
  VarOffset object, which has methods like isStack(), isScope(), etc. VirtualRegister is never
  used for offsets of non-stack variables anymore. We now have shiny new objects for other kinds
  of offsets - ScopeOffset for offsets into scopes, and DirectArgumentsOffset for offsets into
  an arguments object.

- Functions that create activations can now tier-up into the FTL. Previously they couldn't. Also,
  using activations used to prevent inlining; now functions that use activations can be inlined
  just fine.

This is a >1% speed-up on Octane. This is a >2% speed-up on CompressionBench. This is a tiny
speed-up on AsmBench (~0.4% or something). This looks like it might be a speed-up on SunSpider.
It's only a slow-down on very short-running microbenchmarks we had previously written for our old
style of tear-off-based arguments optimization. Those benchmarks are not part of any major suite.

The easiest way of understanding this change is to start by looking at the changes in runtime/,
and then the changes in bytecompiler/, and then sort of work your way up the compiler tiers.

* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* assembler/AbortReason.h:
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::BaseIndex::withOffset):
* bytecode/ByValInfo.h:
(JSC::hasOptimizableIndexingForJSType):
(JSC::hasOptimizableIndexing):
(JSC::jitArrayModeForJSType):
(JSC::jitArrayModePermitsPut):
(JSC::jitArrayModeForStructure):
* bytecode/BytecodeKills.h: Added.
(JSC::BytecodeKills::BytecodeKills):
(JSC::BytecodeKills::operandIsKilled):
(JSC::BytecodeKills::forEachOperandKilledAt):
(JSC::BytecodeKills::KillSet::KillSet):
(JSC::BytecodeKills::KillSet::add):
(JSC::BytecodeKills::KillSet::forEachLocal):
(JSC::BytecodeKills::KillSet::contains):
* bytecode/BytecodeList.json:
* bytecode/BytecodeLivenessAnalysis.cpp:
(JSC::isValidRegisterForLiveness):
(JSC::stepOverInstruction):
(JSC::BytecodeLivenessAnalysis::runLivenessFixpoint):
(JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset):
(JSC::BytecodeLivenessAnalysis::operandIsLiveAtBytecodeOffset):
(JSC::BytecodeLivenessAnalysis::computeFullLiveness):
(JSC::BytecodeLivenessAnalysis::computeKills):
(JSC::indexForOperand): Deleted.
(JSC::BytecodeLivenessAnalysis::getLivenessInfoForNonCapturedVarsAtBytecodeOffset): Deleted.
(JSC::getLivenessInfo): Deleted.
* bytecode/BytecodeLivenessAnalysis.h:
* bytecode/BytecodeLivenessAnalysisInlines.h:
(JSC::operandIsAlwaysLive):
(JSC::operandThatIsNotAlwaysLiveIsLive):
(JSC::operandIsLive):
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::nameForRegister):
(JSC::CodeBlock::validate):
(JSC::CodeBlock::isCaptured): Deleted.
(JSC::CodeBlock::framePointerOffsetToGetActivationRegisters): Deleted.
(JSC::CodeBlock::machineSlowArguments): Deleted.
* bytecode/CodeBlock.h:
(JSC::unmodifiedArgumentsRegister): Deleted.
(JSC::CodeBlock::setArgumentsRegister): Deleted.
(JSC::CodeBlock::argumentsRegister): Deleted.
(JSC::CodeBlock::uncheckedArgumentsRegister): Deleted.
(JSC::CodeBlock::usesArguments): Deleted.
(JSC::CodeBlock::captureCount): Deleted.
(JSC::CodeBlock::captureStart): Deleted.
(JSC::CodeBlock::captureEnd): Deleted.
(JSC::CodeBlock::argumentIndexAfterCapture): Deleted.
(JSC::CodeBlock::hasSlowArguments): Deleted.
(JSC::ExecState::argumentAfterCapture): Deleted.
* bytecode/CodeOrigin.h:
* bytecode/DataFormat.h:
(JSC::dataFormatToString):
* bytecode/FullBytecodeLiveness.h:
(JSC::FullBytecodeLiveness::getLiveness):
(JSC::FullBytecodeLiveness::operandIsLive):
(JSC::FullBytecodeLiveness::FullBytecodeLiveness): Deleted.
(JSC::FullBytecodeLiveness::getOut): Deleted.
* bytecode/Instruction.h:
(JSC::Instruction::Instruction):
* bytecode/Operands.h:
(JSC::Operands::virtualRegisterForIndex):
* bytecode/SpeculatedType.cpp:
(JSC::dumpSpeculation):
(JSC::speculationToAbbreviatedString):
(JSC::speculationFromClassInfo):
* bytecode/SpeculatedType.h:
(JSC::isDirectArgumentsSpeculation):
(JSC::isScopedArgumentsSpeculation):
(JSC::isActionableMutableArraySpeculation):
(JSC::isActionableArraySpeculation):
(JSC::isArgumentsSpeculation): Deleted.
* bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
* bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedCodeBlock::setArgumentsRegister): Deleted.
(JSC::UnlinkedCodeBlock::usesArguments): Deleted.
(JSC::UnlinkedCodeBlock::argumentsRegister): Deleted.
* bytecode/ValueRecovery.cpp:
(JSC::ValueRecovery::dumpInContext):
* bytecode/ValueRecovery.h:
(JSC::ValueRecovery::directArgumentsThatWereNotCreated):
(JSC::ValueRecovery::outOfBandArgumentsThatWereNotCreated):
(JSC::ValueRecovery::nodeID):
(JSC::ValueRecovery::argumentsThatWereNotCreated): Deleted.
* bytecode/VirtualRegister.h:
(JSC::VirtualRegister::operator==):
(JSC::VirtualRegister::operator!=):
(JSC::VirtualRegister::operator<):
(JSC::VirtualRegister::operator>):
(JSC::VirtualRegister::operator<=):
(JSC::VirtualRegister::operator>=):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::initializeNextParameter):
(JSC::BytecodeGenerator::visibleNameForParameter):
(JSC::BytecodeGenerator::emitMove):
(JSC::BytecodeGenerator::variable):
(JSC::BytecodeGenerator::createVariable):
(JSC::BytecodeGenerator::emitResolveScope):
(JSC::BytecodeGenerator::emitGetFromScope):
(JSC::BytecodeGenerator::emitPutToScope):
(JSC::BytecodeGenerator::initializeVariable):
(JSC::BytecodeGenerator::emitInstanceOf):
(JSC::BytecodeGenerator::emitNewFunction):
(JSC::BytecodeGenerator::emitNewFunctionInternal):
(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitReturn):
(JSC::BytecodeGenerator::emitConstruct):
(JSC::BytecodeGenerator::isArgumentNumber):
(JSC::BytecodeGenerator::emitEnumeration):
(JSC::BytecodeGenerator::addVar): Deleted.
(JSC::BytecodeGenerator::emitInitLazyRegister): Deleted.
(JSC::BytecodeGenerator::initializeCapturedVariable): Deleted.
(JSC::BytecodeGenerator::resolveCallee): Deleted.
(JSC::BytecodeGenerator::addCallee): Deleted.
(JSC::BytecodeGenerator::addParameter): Deleted.
(JSC::BytecodeGenerator::willResolveToArgumentsRegister): Deleted.
(JSC::BytecodeGenerator::uncheckedLocalArgumentsRegister): Deleted.
(JSC::BytecodeGenerator::createLazyRegisterIfNecessary): Deleted.
(JSC::BytecodeGenerator::isCaptured): Deleted.
(JSC::BytecodeGenerator::local): Deleted.
(JSC::BytecodeGenerator::constLocal): Deleted.
(JSC::BytecodeGenerator::emitResolveConstantLocal): Deleted.
(JSC::BytecodeGenerator::emitGetArgumentsLength): Deleted.
(JSC::BytecodeGenerator::emitGetArgumentByVal): Deleted.
(JSC::BytecodeGenerator::emitLazyNewFunction): Deleted.
(JSC::BytecodeGenerator::createArgumentsIfNecessary): Deleted.
* bytecompiler/BytecodeGenerator.h:
(JSC::Variable::Variable):
(JSC::Variable::isResolved):
(JSC::Variable::ident):
(JSC::Variable::offset):
(JSC::Variable::isLocal):
(JSC::Variable::local):
(JSC::Variable::isSpecial):
(JSC::BytecodeGenerator::argumentsRegister):
(JSC::BytecodeGenerator::emitNode):
(JSC::BytecodeGenerator::registerFor):
(JSC::Local::Local): Deleted.
(JSC::Local::operator bool): Deleted.
(JSC::Local::get): Deleted.
(JSC::Local::isSpecial): Deleted.
(JSC::ResolveScopeInfo::ResolveScopeInfo): Deleted.
(JSC::ResolveScopeInfo::isLocal): Deleted.
(JSC::ResolveScopeInfo::localIndex): Deleted.
(JSC::BytecodeGenerator::hasSafeLocalArgumentsRegister): Deleted.
(JSC::BytecodeGenerator::captureMode): Deleted.
(JSC::BytecodeGenerator::shouldTearOffArgumentsEagerly): Deleted.
(JSC::BytecodeGenerator::shouldCreateArgumentsEagerly): Deleted.
(JSC::BytecodeGenerator::hasWatchableVariable): Deleted.
(JSC::BytecodeGenerator::watchableVariableIdentifier): Deleted.
* bytecompiler/NodesCodegen.cpp:
(JSC::ResolveNode::isPure):
(JSC::ResolveNode::emitBytecode):
(JSC::BracketAccessorNode::emitBytecode):
(JSC::DotAccessorNode::emitBytecode):
(JSC::EvalFunctionCallNode::emitBytecode):
(JSC::FunctionCallResolveNode::emitBytecode):
(JSC::CallFunctionCallDotNode::emitBytecode):
(JSC::ApplyFunctionCallDotNode::emitBytecode):
(JSC::PostfixNode::emitResolve):
(JSC::DeleteResolveNode::emitBytecode):
(JSC::TypeOfResolveNode::emitBytecode):
(JSC::PrefixNode::emitResolve):
(JSC::ReadModifyResolveNode::emitBytecode):
(JSC::AssignResolveNode::emitBytecode):
(JSC::ConstDeclNode::emitCodeSingle):
(JSC::EmptyVarExpression::emitBytecode):
(JSC::ForInNode::tryGetBoundLocal):
(JSC::ForInNode::emitLoopHeader):
(JSC::ForOfNode::emitBytecode):
(JSC::ArrayPatternNode::emitDirectBinding):
(JSC::BindingNode::bindValue):
(JSC::getArgumentByVal): Deleted.
* dfg/DFGAbstractHeap.h:
* dfg/DFGAbstractInterpreter.h:
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::clobberWorld):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::clobberCapturedVars): Deleted.
* dfg/DFGAbstractValue.h:
* dfg/DFGArgumentPosition.h:
(JSC::DFG::ArgumentPosition::addVariable):
* dfg/DFGArgumentsEliminationPhase.cpp: Added.
(JSC::DFG::performArgumentsElimination):
* dfg/DFGArgumentsEliminationPhase.h: Added.
* dfg/DFGArgumentsSimplificationPhase.cpp: Removed.
* dfg/DFGArgumentsSimplificationPhase.h: Removed.
* dfg/DFGArgumentsUtilities.cpp: Added.
(JSC::DFG::argumentsInvolveStackSlot):
(JSC::DFG::emitCodeToGetArgumentsArrayLength):
* dfg/DFGArgumentsUtilities.h: Added.
* dfg/DFGArrayMode.cpp:
(JSC::DFG::ArrayMode::refine):
(JSC::DFG::ArrayMode::alreadyChecked):
(JSC::DFG::arrayTypeToString):
* dfg/DFGArrayMode.h:
(JSC::DFG::ArrayMode::canCSEStorage):
(JSC::DFG::ArrayMode::modeForPut):
* dfg/DFGAvailabilityMap.cpp:
(JSC::DFG::AvailabilityMap::prune):
* dfg/DFGAvailabilityMap.h:
(JSC::DFG::AvailabilityMap::closeOverNodes):
(JSC::DFG::AvailabilityMap::closeStartingWithLocal):
* dfg/DFGBackwardsPropagationPhase.cpp:
(JSC::DFG::BackwardsPropagationPhase::propagate):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::newVariableAccessData):
(JSC::DFG::ByteCodeParser::getLocal):
(JSC::DFG::ByteCodeParser::setLocal):
(JSC::DFG::ByteCodeParser::getArgument):
(JSC::DFG::ByteCodeParser::setArgument):
(JSC::DFG::ByteCodeParser::flushDirect):
(JSC::DFG::ByteCodeParser::flush):
(JSC::DFG::ByteCodeParser::noticeArgumentsUse):
(JSC::DFG::ByteCodeParser::handleVarargsCall):
(JSC::DFG::ByteCodeParser::attemptToInlineCall):
(JSC::DFG::ByteCodeParser::handleInlining):
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
(JSC::DFG::ByteCodeParser::parseCodeBlock):
* dfg/DFGCPSRethreadingPhase.cpp:
(JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeLocalsInBlock):
* dfg/DFGCSEPhase.cpp:
* dfg/DFGCallCreateDirectArgumentsSlowPathGenerator.h: Added.
(JSC::DFG::CallCreateDirectArgumentsSlowPathGenerator::CallCreateDirectArgumentsSlowPathGenerator):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::isSupportedForInlining):
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGCommon.h:
* dfg/DFGCommonData.h:
(JSC::DFG::CommonData::CommonData):
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):
* dfg/DFGDCEPhase.cpp:
(JSC::DFG::DCEPhase::cleanVariables):
* dfg/DFGDisassembler.h:
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGFlushFormat.cpp:
(WTF::printInternal):
* dfg/DFGFlushFormat.h:
(JSC::DFG::resultFor):
(JSC::DFG::useKindFor):
(JSC::DFG::dataFormatFor):
* dfg/DFGForAllKills.h: Added.
(JSC::DFG::forAllLiveNodesAtTail):
(JSC::DFG::forAllDirectlyKilledOperands):
(JSC::DFG::forAllKilledOperands):
(JSC::DFG::forAllKilledNodesAtNodeIndex):
(JSC::DFG::forAllKillsInBlock):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::Graph):
(JSC::DFG::Graph::dump):
(JSC::DFG::Graph::substituteGetLocal):
(JSC::DFG::Graph::livenessFor):
(JSC::DFG::Graph::killsFor):
(JSC::DFG::Graph::tryGetConstantClosureVar):
(JSC::DFG::Graph::tryGetRegisters): Deleted.
* dfg/DFGGraph.h:
(JSC::DFG::Graph::symbolTableFor):
(JSC::DFG::Graph::uses):
(JSC::DFG::Graph::bytecodeRegisterForArgument): Deleted.
(JSC::DFG::Graph::capturedVarsFor): Deleted.
(JSC::DFG::Graph::usesArguments): Deleted.
(JSC::DFG::Graph::argumentsRegisterFor): Deleted.
(JSC::DFG::Graph::machineArgumentsRegisterFor): Deleted.
(JSC::DFG::Graph::uncheckedArgumentsRegisterFor): Deleted.
* dfg/DFGHeapLocation.cpp:
(WTF::printInternal):
* dfg/DFGHeapLocation.h:
* dfg/DFGInPlaceAbstractState.cpp:
(JSC::DFG::InPlaceAbstractState::initialize):
(JSC::DFG::InPlaceAbstractState::mergeStateAtTail):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::link):
* dfg/DFGMayExit.cpp:
(JSC::DFG::mayExit):
* dfg/DFGMinifiedID.h:
* dfg/DFGMinifiedNode.cpp:
(JSC::DFG::MinifiedNode::fromNode):
* dfg/DFGMinifiedNode.h:
(JSC::DFG::belongsInMinifiedGraph):
(JSC::DFG::MinifiedNode::hasInlineCallFrame):
(JSC::DFG::MinifiedNode::inlineCallFrame):
* dfg/DFGNode.cpp:
(JSC::DFG::Node::convertToIdentityOn):
* dfg/DFGNode.h:
(JSC::DFG::Node::hasConstant):
(JSC::DFG::Node::constant):
(JSC::DFG::Node::hasScopeOffset):
(JSC::DFG::Node::scopeOffset):
(JSC::DFG::Node::hasDirectArgumentsOffset):
(JSC::DFG::Node::capturedArgumentsOffset):
(JSC::DFG::Node::variablePointer):
(JSC::DFG::Node::hasCallVarargsData):
(JSC::DFG::Node::hasLoadVarargsData):
(JSC::DFG::Node::hasHeapPrediction):
(JSC::DFG::Node::hasCellOperand):
(JSC::DFG::Node::objectMaterializationData):
(JSC::DFG::Node::isPhantomAllocation):
(JSC::DFG::Node::willHaveCodeGenOrOSR):
(JSC::DFG::Node::shouldSpeculateDirectArguments):
(JSC::DFG::Node::shouldSpeculateScopedArguments):
(JSC::DFG::Node::isPhantomArguments): Deleted.
(JSC::DFG::Node::hasVarNumber): Deleted.
(JSC::DFG::Node::varNumber): Deleted.
(JSC::DFG::Node::registerPointer): Deleted.
(JSC::DFG::Node::shouldSpeculateArguments): Deleted.
* dfg/DFGNodeType.h:
* dfg/DFGOSRAvailabilityAnalysisPhase.cpp:
(JSC::DFG::OSRAvailabilityAnalysisPhase::run):
(JSC::DFG::LocalOSRAvailabilityCalculator::executeNode):
* dfg/DFGOSRExitCompiler.cpp:
(JSC::DFG::OSRExitCompiler::emitRestoreArguments):
* dfg/DFGOSRExitCompiler.h:
(JSC::DFG::OSRExitCompiler::badIndex): Deleted.
(JSC::DFG::OSRExitCompiler::initializePoisoned): Deleted.
(JSC::DFG::OSRExitCompiler::poisonIndex): Deleted.
* dfg/DFGOSRExitCompiler32_64.cpp:
(JSC::DFG::OSRExitCompiler::compileExit):
* dfg/DFGOSRExitCompiler64.cpp:
(JSC::DFG::OSRExitCompiler::compileExit):
* dfg/DFGOSRExitCompilerCommon.cpp:
(JSC::DFG::reifyInlinedCallFrames):
(JSC::DFG::ArgumentsRecoveryGenerator::ArgumentsRecoveryGenerator): Deleted.
(JSC::DFG::ArgumentsRecoveryGenerator::~ArgumentsRecoveryGenerator): Deleted.
(JSC::DFG::ArgumentsRecoveryGenerator::generateFor): Deleted.
* dfg/DFGOSRExitCompilerCommon.h:
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::compileInThreadImpl):
* dfg/DFGPreciseLocalClobberize.h:
(JSC::DFG::PreciseLocalClobberizeAdaptor::read):
(JSC::DFG::PreciseLocalClobberizeAdaptor::write):
(JSC::DFG::PreciseLocalClobberizeAdaptor::def):
(JSC::DFG::PreciseLocalClobberizeAdaptor::readTop):
(JSC::DFG::preciseLocalClobberize):
(JSC::DFG::PreciseLocalClobberizeAdaptor::writeTop): Deleted.
(JSC::DFG::forEachLocalReadByUnwind): Deleted.
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::run):
(JSC::DFG::PredictionPropagationPhase::propagate):
(JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
(JSC::DFG::PredictionPropagationPhase::propagateThroughArgumentPositions):
* dfg/DFGPromoteHeapAccess.h:
(JSC::DFG::promoteHeapAccess):
* dfg/DFGPromotedHeapLocation.cpp:
(WTF::printInternal):
* dfg/DFGPromotedHeapLocation.h:
* dfg/DFGSSAConversionPhase.cpp:
(JSC::DFG::SSAConversionPhase::run):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::emitAllocateJSArray):
(JSC::DFG::SpeculativeJIT::emitGetLength):
(JSC::DFG::SpeculativeJIT::emitGetCallee):
(JSC::DFG::SpeculativeJIT::emitGetArgumentStart):
(JSC::DFG::SpeculativeJIT::checkArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetByValOnScopedArguments):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileNewFunction):
(JSC::DFG::SpeculativeJIT::compileForwardVarargs):
(JSC::DFG::SpeculativeJIT::compileCreateActivation):
(JSC::DFG::SpeculativeJIT::compileCreateDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetFromArguments):
(JSC::DFG::SpeculativeJIT::compilePutToArguments):
(JSC::DFG::SpeculativeJIT::compileCreateScopedArguments):
(JSC::DFG::SpeculativeJIT::compileCreateClonedArguments):
(JSC::DFG::SpeculativeJIT::emitAllocateArguments): Deleted.
(JSC::DFG::SpeculativeJIT::compileGetByValOnArguments): Deleted.
(JSC::DFG::SpeculativeJIT::compileGetArgumentsLength): Deleted.
(JSC::DFG::SpeculativeJIT::compileNewFunctionNoCheck): Deleted.
(JSC::DFG::SpeculativeJIT::compileNewFunctionExpression): Deleted.
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
(JSC::DFG::SpeculativeJIT::emitAllocateJSObjectWithKnownSize):
(JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
(JSC::DFG::SpeculativeJIT::framePointerOffsetToGetActivationRegisters): Deleted.
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGStackLayoutPhase.cpp:
(JSC::DFG::StackLayoutPhase::run):
* dfg/DFGStrengthReductionPhase.cpp:
(JSC::DFG::StrengthReductionPhase::handleNode):
* dfg/DFGStructureRegistrationPhase.cpp:
(JSC::DFG::StructureRegistrationPhase::run):
* dfg/DFGUnificationPhase.cpp:
(JSC::DFG::UnificationPhase::run):
* dfg/DFGValidate.cpp:
(JSC::DFG::Validate::validateCPS):
* dfg/DFGValueSource.cpp:
(JSC::DFG::ValueSource::dump):
* dfg/DFGValueSource.h:
(JSC::DFG::dataFormatToValueSourceKind):
(JSC::DFG::valueSourceKindToDataFormat):
(JSC::DFG::ValueSource::ValueSource):
(JSC::DFG::ValueSource::forFlushFormat):
(JSC::DFG::ValueSource::valueRecovery):
* dfg/DFGVarargsForwardingPhase.cpp: Added.
(JSC::DFG::performVarargsForwarding):
* dfg/DFGVarargsForwardingPhase.h: Added.
* dfg/DFGVariableAccessData.cpp:
(JSC::DFG::VariableAccessData::VariableAccessData):
(JSC::DFG::VariableAccessData::flushFormat):
(JSC::DFG::VariableAccessData::mergeIsCaptured): Deleted.
* dfg/DFGVariableAccessData.h:
(JSC::DFG::VariableAccessData::shouldNeverUnbox):
(JSC::DFG::VariableAccessData::shouldUseDoubleFormat):
(JSC::DFG::VariableAccessData::isCaptured): Deleted.
(JSC::DFG::VariableAccessData::mergeIsArgumentsAlias): Deleted.
(JSC::DFG::VariableAccessData::isArgumentsAlias): Deleted.
* dfg/DFGVariableAccessDataDump.cpp:
(JSC::DFG::VariableAccessDataDump::dump):
* dfg/DFGVariableAccessDataDump.h:
* dfg/DFGVariableEventStream.cpp:
(JSC::DFG::VariableEventStream::tryToSetConstantRecovery):
* dfg/DFGVariableEventStream.h:
* ftl/FTLAbstractHeap.cpp:
(JSC::FTL::AbstractHeap::dump):
(JSC::FTL::AbstractField::dump):
(JSC::FTL::IndexedAbstractHeap::dump):
(JSC::FTL::NumberedAbstractHeap::dump):
(JSC::FTL::AbsoluteAbstractHeap::dump):
* ftl/FTLAbstractHeap.h:
* ftl/FTLAbstractHeapRepository.cpp:
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLCompile.cpp:
(JSC::FTL::mmAllocateDataSection):
* ftl/FTLExitArgument.cpp:
(JSC::FTL::ExitArgument::dump):
* ftl/FTLExitPropertyValue.cpp:
(JSC::FTL::ExitPropertyValue::withLocalsOffset):
* ftl/FTLExitPropertyValue.h:
* ftl/FTLExitTimeObjectMaterialization.cpp:
(JSC::FTL::ExitTimeObjectMaterialization::ExitTimeObjectMaterialization):
(JSC::FTL::ExitTimeObjectMaterialization::accountForLocalsOffset):
* ftl/FTLExitTimeObjectMaterialization.h:
(JSC::FTL::ExitTimeObjectMaterialization::origin):
* ftl/FTLExitValue.cpp:
(JSC::FTL::ExitValue::withLocalsOffset):
(JSC::FTL::ExitValue::valueFormat):
(JSC::FTL::ExitValue::dumpInContext):
* ftl/FTLExitValue.h:
(JSC::FTL::ExitValue::isArgument):
(JSC::FTL::ExitValue::argumentsObjectThatWasNotCreated): Deleted.
(JSC::FTL::ExitValue::isArgumentsObjectThatWasNotCreated): Deleted.
(JSC::FTL::ExitValue::valueFormat): Deleted.
* ftl/FTLInlineCacheSize.cpp:
(JSC::FTL::sizeOfCallForwardVarargs):
(JSC::FTL::sizeOfConstructForwardVarargs):
(JSC::FTL::sizeOfICFor):
* ftl/FTLInlineCacheSize.h:
* ftl/FTLIntrinsicRepository.h:
* ftl/FTLJSCallVarargs.cpp:
(JSC::FTL::JSCallVarargs::JSCallVarargs):
(JSC::FTL::JSCallVarargs::emit):
* ftl/FTLJSCallVarargs.h:
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::LowerDFGToLLVM::lower):
(JSC::FTL::LowerDFGToLLVM::compileNode):
(JSC::FTL::LowerDFGToLLVM::compilePutStack):
(JSC::FTL::LowerDFGToLLVM::compileGetArrayLength):
(JSC::FTL::LowerDFGToLLVM::compileGetByVal):
(JSC::FTL::LowerDFGToLLVM::compileGetMyArgumentByVal):
(JSC::FTL::LowerDFGToLLVM::compilePutByVal):
(JSC::FTL::LowerDFGToLLVM::compileArrayPush):
(JSC::FTL::LowerDFGToLLVM::compileArrayPop):
(JSC::FTL::LowerDFGToLLVM::compileCreateActivation):
(JSC::FTL::LowerDFGToLLVM::compileNewFunction):
(JSC::FTL::LowerDFGToLLVM::compileCreateDirectArguments):
(JSC::FTL::LowerDFGToLLVM::compileCreateScopedArguments):
(JSC::FTL::LowerDFGToLLVM::compileCreateClonedArguments):
(JSC::FTL::LowerDFGToLLVM::compileStringCharAt):
(JSC::FTL::LowerDFGToLLVM::compileStringCharCodeAt):
(JSC::FTL::LowerDFGToLLVM::compileGetGlobalVar):
(JSC::FTL::LowerDFGToLLVM::compilePutGlobalVar):
(JSC::FTL::LowerDFGToLLVM::compileGetArgumentCount):
(JSC::FTL::LowerDFGToLLVM::compileGetClosureVar):
(JSC::FTL::LowerDFGToLLVM::compilePutClosureVar):
(JSC::FTL::LowerDFGToLLVM::compileGetFromArguments):
(JSC::FTL::LowerDFGToLLVM::compilePutToArguments):
(JSC::FTL::LowerDFGToLLVM::compileCallOrConstructVarargs):
(JSC::FTL::LowerDFGToLLVM::compileForwardVarargs):
(JSC::FTL::LowerDFGToLLVM::compileGetEnumeratorPname):
(JSC::FTL::LowerDFGToLLVM::ArgumentsLength::ArgumentsLength):
(JSC::FTL::LowerDFGToLLVM::getArgumentsLength):
(JSC::FTL::LowerDFGToLLVM::getCurrentCallee):
(JSC::FTL::LowerDFGToLLVM::getArgumentsStart):
(JSC::FTL::LowerDFGToLLVM::baseIndex):
(JSC::FTL::LowerDFGToLLVM::allocateObject):
(JSC::FTL::LowerDFGToLLVM::allocateVariableSizedObject):
(JSC::FTL::LowerDFGToLLVM::isArrayType):
(JSC::FTL::LowerDFGToLLVM::emitStoreBarrier):
(JSC::FTL::LowerDFGToLLVM::buildExitArguments):
(JSC::FTL::LowerDFGToLLVM::exitValueForAvailability):
(JSC::FTL::LowerDFGToLLVM::exitValueForNode):
(JSC::FTL::LowerDFGToLLVM::loadStructure):
(JSC::FTL::LowerDFGToLLVM::compilePhantomArguments): Deleted.
(JSC::FTL::LowerDFGToLLVM::compileGetMyArgumentsLength): Deleted.
(JSC::FTL::LowerDFGToLLVM::compileGetClosureRegisters): Deleted.
(JSC::FTL::LowerDFGToLLVM::compileCheckArgumentsNotCreated): Deleted.
(JSC::FTL::LowerDFGToLLVM::checkArgumentsNotCreated): Deleted.
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileRecovery):
(JSC::FTL::compileStub):
* ftl/FTLOperations.cpp:
(JSC::FTL::operationMaterializeObjectInOSR):
* ftl/FTLOutput.h:
(JSC::FTL::Output::aShr):
(JSC::FTL::Output::lShr):
(JSC::FTL::Output::zeroExtPtr):
* heap/CopyToken.h:
* interpreter/CallFrame.h:
(JSC::ExecState::getArgumentUnsafe):
* interpreter/Interpreter.cpp:
(JSC::sizeOfVarargs):
(JSC::sizeFrameForVarargs):
(JSC::loadVarargs):
(JSC::unwindCallFrame):
* interpreter/Interpreter.h:
* interpreter/StackVisitor.cpp:
(JSC::StackVisitor::Frame::createArguments):
(JSC::StackVisitor::Frame::existingArguments): Deleted.
* interpreter/StackVisitor.h:
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::storeValue):
(JSC::AssemblyHelpers::loadValue):
(JSC::AssemblyHelpers::storeTrustedValue):
(JSC::AssemblyHelpers::branchIfNotCell):
(JSC::AssemblyHelpers::branchIsEmpty):
(JSC::AssemblyHelpers::argumentsStart):
(JSC::AssemblyHelpers::baselineArgumentsRegisterFor): Deleted.
(JSC::AssemblyHelpers::offsetOfLocals): Deleted.
(JSC::AssemblyHelpers::offsetOfArguments): Deleted.
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgument):
* jit/GPRInfo.h:
(JSC::JSValueRegs::withTwoAvailableRegs):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITCall.cpp:
(JSC::JIT::compileSetupVarargsFrame):
* jit/JITCall32_64.cpp:
(JSC::JIT::compileSetupVarargsFrame):
* jit/JITInlines.h:
(JSC::JIT::callOperation):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_create_lexical_environment):
(JSC::JIT::emit_op_new_func):
(JSC::JIT::emit_op_create_direct_arguments):
(JSC::JIT::emit_op_create_scoped_arguments):
(JSC::JIT::emit_op_create_out_of_band_arguments):
(JSC::JIT::emit_op_tear_off_arguments): Deleted.
(JSC::JIT::emit_op_create_arguments): Deleted.
(JSC::JIT::emit_op_init_lazy_reg): Deleted.
(JSC::JIT::emit_op_get_arguments_length): Deleted.
(JSC::JIT::emitSlow_op_get_arguments_length): Deleted.
(JSC::JIT::emit_op_get_argument_by_val): Deleted.
(JSC::JIT::emitSlow_op_get_argument_by_val): Deleted.
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_create_lexical_environment):
(JSC::JIT::emit_op_tear_off_arguments): Deleted.
(JSC::JIT::emit_op_create_arguments): Deleted.
(JSC::JIT::emit_op_init_lazy_reg): Deleted.
(JSC::JIT::emit_op_get_arguments_length): Deleted.
(JSC::JIT::emitSlow_op_get_arguments_length): Deleted.
(JSC::JIT::emit_op_get_argument_by_val): Deleted.
(JSC::JIT::emitSlow_op_get_argument_by_val): Deleted.
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitGetClosureVar):
(JSC::JIT::emitPutClosureVar):
(JSC::JIT::emit_op_get_from_arguments):
(JSC::JIT::emit_op_put_to_arguments):
(JSC::JIT::emit_op_init_global_const):
(JSC::JIT::privateCompileGetByVal):
(JSC::JIT::emitDirectArgumentsGetByVal):
(JSC::JIT::emitScopedArgumentsGetByVal):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emitGetClosureVar):
(JSC::JIT::emitPutClosureVar):
(JSC::JIT::emit_op_get_from_arguments):
(JSC::JIT::emit_op_put_to_arguments):
(JSC::JIT::emit_op_init_global_const):
* jit/SetupVarargsFrame.cpp:
(JSC::emitSetupVarargsFrameFastCase):
* llint/LLIntOffsetsExtractor.cpp:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* parser/Nodes.h:
(JSC::ScopeNode::captures):
* runtime/Arguments.cpp: Removed.
* runtime/Arguments.h: Removed.
* runtime/ArgumentsMode.h: Added.
* runtime/DirectArgumentsOffset.cpp: Added.
(JSC::DirectArgumentsOffset::dump):
* runtime/DirectArgumentsOffset.h: Added.
(JSC::DirectArgumentsOffset::DirectArgumentsOffset):
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/CommonSlowPaths.h:
* runtime/ConstantMode.cpp: Added.
(WTF::printInternal):
* runtime/ConstantMode.h:
(JSC::modeForIsConstant):
* runtime/DirectArguments.cpp: Added.
(JSC::DirectArguments::DirectArguments):
(JSC::DirectArguments::createUninitialized):
(JSC::DirectArguments::create):
(JSC::DirectArguments::createByCopying):
(JSC::DirectArguments::visitChildren):
(JSC::DirectArguments::copyBackingStore):
(JSC::DirectArguments::createStructure):
(JSC::DirectArguments::overrideThings):
(JSC::DirectArguments::overrideThingsIfNecessary):
(JSC::DirectArguments::overrideArgument):
(JSC::DirectArguments::copyToArguments):
(JSC::DirectArguments::overridesSize):
* runtime/DirectArguments.h: Added.
(JSC::DirectArguments::internalLength):
(JSC::DirectArguments::length):
(JSC::DirectArguments::canAccessIndexQuickly):
(JSC::DirectArguments::getIndexQuickly):
(JSC::DirectArguments::setIndexQuickly):
(JSC::DirectArguments::callee):
(JSC::DirectArguments::argument):
(JSC::DirectArguments::overrodeThings):
(JSC::DirectArguments::offsetOfCallee):
(JSC::DirectArguments::offsetOfLength):
(JSC::DirectArguments::offsetOfMinCapacity):
(JSC::DirectArguments::offsetOfOverrides):
(JSC::DirectArguments::storageOffset):
(JSC::DirectArguments::offsetOfSlot):
(JSC::DirectArguments::allocationSize):
(JSC::DirectArguments::storage):
* runtime/FunctionPrototype.cpp:
* runtime/GenericArguments.h: Added.
(JSC::GenericArguments::GenericArguments):
* runtime/GenericArgumentsInlines.h: Added.
(JSC::GenericArguments<Type>::getOwnPropertySlot):
(JSC::GenericArguments<Type>::getOwnPropertySlotByIndex):
(JSC::GenericArguments<Type>::getOwnPropertyNames):
(JSC::GenericArguments<Type>::put):
(JSC::GenericArguments<Type>::putByIndex):
(JSC::GenericArguments<Type>::deleteProperty):
(JSC::GenericArguments<Type>::deletePropertyByIndex):
(JSC::GenericArguments<Type>::defineOwnProperty):
(JSC::GenericArguments<Type>::copyToArguments):
* runtime/GenericOffset.h: Added.
(JSC::GenericOffset::GenericOffset):
(JSC::GenericOffset::operator!):
(JSC::GenericOffset::offsetUnchecked):
(JSC::GenericOffset::offset):
(JSC::GenericOffset::operator==):
(JSC::GenericOffset::operator!=):
(JSC::GenericOffset::operator<):
(JSC::GenericOffset::operator>):
(JSC::GenericOffset::operator<=):
(JSC::GenericOffset::operator>=):
(JSC::GenericOffset::operator+):
(JSC::GenericOffset::operator-):
(JSC::GenericOffset::operator+=):
(JSC::GenericOffset::operator-=):
* runtime/JSArgumentsIterator.cpp:
(JSC::JSArgumentsIterator::finishCreation):
(JSC::argumentsFuncIterator):
* runtime/JSArgumentsIterator.h:
(JSC::JSArgumentsIterator::create):
(JSC::JSArgumentsIterator::next):
* runtime/JSEnvironmentRecord.cpp:
(JSC::JSEnvironmentRecord::visitChildren):
* runtime/JSEnvironmentRecord.h:
(JSC::JSEnvironmentRecord::variables):
(JSC::JSEnvironmentRecord::isValid):
(JSC::JSEnvironmentRecord::variableAt):
(JSC::JSEnvironmentRecord::offsetOfVariables):
(JSC::JSEnvironmentRecord::offsetOfVariable):
(JSC::JSEnvironmentRecord::allocationSizeForScopeSize):
(JSC::JSEnvironmentRecord::allocationSize):
(JSC::JSEnvironmentRecord::JSEnvironmentRecord):
(JSC::JSEnvironmentRecord::finishCreationUninitialized):
(JSC::JSEnvironmentRecord::finishCreation):
(JSC::JSEnvironmentRecord::registers): Deleted.
(JSC::JSEnvironmentRecord::registerAt): Deleted.
(JSC::JSEnvironmentRecord::addressOfRegisters): Deleted.
(JSC::JSEnvironmentRecord::offsetOfRegisters): Deleted.
* runtime/JSFunction.cpp:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::addGlobalVar):
(JSC::JSGlobalObject::addFunction):
(JSC::JSGlobalObject::visitChildren):
(JSC::JSGlobalObject::addStaticGlobals):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::directArgumentsStructure):
(JSC::JSGlobalObject::scopedArgumentsStructure):
(JSC::JSGlobalObject::outOfBandArgumentsStructure):
(JSC::JSGlobalObject::argumentsStructure): Deleted.
* runtime/JSLexicalEnvironment.cpp:
(JSC::JSLexicalEnvironment::symbolTableGet):
(JSC::JSLexicalEnvironment::symbolTablePut):
(JSC::JSLexicalEnvironment::getOwnNonIndexPropertyNames):
(JSC::JSLexicalEnvironment::symbolTablePutWithAttributes):
(JSC::JSLexicalEnvironment::visitChildren): Deleted.
* runtime/JSLexicalEnvironment.h:
(JSC::JSLexicalEnvironment::create):
(JSC::JSLexicalEnvironment::JSLexicalEnvironment):
(JSC::JSLexicalEnvironment::registersOffset): Deleted.
(JSC::JSLexicalEnvironment::storageOffset): Deleted.
(JSC::JSLexicalEnvironment::storage): Deleted.
(JSC::JSLexicalEnvironment::allocationSize): Deleted.
(JSC::JSLexicalEnvironment::isValidIndex): Deleted.
(JSC::JSLexicalEnvironment::isValid): Deleted.
(JSC::JSLexicalEnvironment::registerAt): Deleted.
* runtime/JSNameScope.cpp:
(JSC::JSNameScope::visitChildren): Deleted.
* runtime/JSNameScope.h:
(JSC::JSNameScope::create):
(JSC::JSNameScope::value):
(JSC::JSNameScope::finishCreation):
(JSC::JSNameScope::JSNameScope):
* runtime/JSScope.cpp:
(JSC::abstractAccess):
* runtime/JSSegmentedVariableObject.cpp:
(JSC::JSSegmentedVariableObject::findVariableIndex):
(JSC::JSSegmentedVariableObject::addVariables):
(JSC::JSSegmentedVariableObject::visitChildren):
(JSC::JSSegmentedVariableObject::findRegisterIndex): Deleted.
(JSC::JSSegmentedVariableObject::addRegisters): Deleted.
* runtime/JSSegmentedVariableObject.h:
(JSC::JSSegmentedVariableObject::variableAt):
(JSC::JSSegmentedVariableObject::assertVariableIsInThisObject):
(JSC::JSSegmentedVariableObject::registerAt): Deleted.
(JSC::JSSegmentedVariableObject::assertRegisterIsInThisObject): Deleted.
* runtime/JSSymbolTableObject.h:
(JSC::JSSymbolTableObject::offsetOfSymbolTable):
(JSC::symbolTableGet):
(JSC::symbolTablePut):
(JSC::symbolTablePutWithAttributes):
* runtime/JSType.h:
* runtime/Options.h:
* runtime/ClonedArguments.cpp: Added.
(JSC::ClonedArguments::ClonedArguments):
(JSC::ClonedArguments::createEmpty):
(JSC::ClonedArguments::createWithInlineFrame):
(JSC::ClonedArguments::createWithMachineFrame):
(JSC::ClonedArguments::createByCopyingFrom):
(JSC::ClonedArguments::createStructure):
(JSC::ClonedArguments::getOwnPropertySlot):
(JSC::ClonedArguments::getOwnPropertyNames):
(JSC::ClonedArguments::put):
(JSC::ClonedArguments::deleteProperty):
(JSC::ClonedArguments::defineOwnProperty):
(JSC::ClonedArguments::materializeSpecials):
(JSC::ClonedArguments::materializeSpecialsIfNecessary):
* runtime/ClonedArguments.h: Added.
(JSC::ClonedArguments::specialsMaterialized):
* runtime/ScopeOffset.cpp: Added.
(JSC::ScopeOffset::dump):
* runtime/ScopeOffset.h: Added.
(JSC::ScopeOffset::ScopeOffset):
* runtime/ScopedArguments.cpp: Added.
(JSC::ScopedArguments::ScopedArguments):
(JSC::ScopedArguments::finishCreation):
(JSC::ScopedArguments::createUninitialized):
(JSC::ScopedArguments::create):
(JSC::ScopedArguments::createByCopying):
(JSC::ScopedArguments::createByCopyingFrom):
(JSC::ScopedArguments::visitChildren):
(JSC::ScopedArguments::createStructure):
(JSC::ScopedArguments::overrideThings):
(JSC::ScopedArguments::overrideThingsIfNecessary):
(JSC::ScopedArguments::overrideArgument):
(JSC::ScopedArguments::copyToArguments):
* runtime/ScopedArguments.h: Added.
(JSC::ScopedArguments::internalLength):
(JSC::ScopedArguments::length):
(JSC::ScopedArguments::canAccessIndexQuickly):
(JSC::ScopedArguments::getIndexQuickly):
(JSC::ScopedArguments::setIndexQuickly):
(JSC::ScopedArguments::callee):
(JSC::ScopedArguments::overrodeThings):
(JSC::ScopedArguments::offsetOfOverrodeThings):
(JSC::ScopedArguments::offsetOfTotalLength):
(JSC::ScopedArguments::offsetOfTable):
(JSC::ScopedArguments::offsetOfScope):
(JSC::ScopedArguments::overflowStorageOffset):
(JSC::ScopedArguments::allocationSize):
(JSC::ScopedArguments::overflowStorage):
* runtime/ScopedArgumentsTable.cpp: Added.
(JSC::ScopedArgumentsTable::ScopedArgumentsTable):
(JSC::ScopedArgumentsTable::~ScopedArgumentsTable):
(JSC::ScopedArgumentsTable::destroy):
(JSC::ScopedArgumentsTable::create):
(JSC::ScopedArgumentsTable::clone):
(JSC::ScopedArgumentsTable::setLength):
(JSC::ScopedArgumentsTable::set):
(JSC::ScopedArgumentsTable::createStructure):
* runtime/ScopedArgumentsTable.h: Added.
(JSC::ScopedArgumentsTable::length):
(JSC::ScopedArgumentsTable::get):
(JSC::ScopedArgumentsTable::lock):
(JSC::ScopedArgumentsTable::offsetOfLength):
(JSC::ScopedArgumentsTable::offsetOfArguments):
(JSC::ScopedArgumentsTable::at):
* runtime/SymbolTable.cpp:
(JSC::SymbolTableEntry::prepareToWatch):
(JSC::SymbolTable::SymbolTable):
(JSC::SymbolTable::visitChildren):
(JSC::SymbolTable::localToEntry):
(JSC::SymbolTable::entryFor):
(JSC::SymbolTable::cloneScopePart):
(JSC::SymbolTable::prepareForTypeProfiling):
(JSC::SymbolTable::uniqueIDForOffset):
(JSC::SymbolTable::globalTypeSetForOffset):
(JSC::SymbolTable::cloneCapturedNames): Deleted.
(JSC::SymbolTable::uniqueIDForRegister): Deleted.
(JSC::SymbolTable::globalTypeSetForRegister): Deleted.
* runtime/SymbolTable.h:
(JSC::SymbolTableEntry::varOffsetFromBits):
(JSC::SymbolTableEntry::scopeOffsetFromBits):
(JSC::SymbolTableEntry::Fast::varOffset):
(JSC::SymbolTableEntry::Fast::scopeOffset):
(JSC::SymbolTableEntry::Fast::isDontEnum):
(JSC::SymbolTableEntry::Fast::getAttributes):
(JSC::SymbolTableEntry::SymbolTableEntry):
(JSC::SymbolTableEntry::varOffset):
(JSC::SymbolTableEntry::isWatchable):
(JSC::SymbolTableEntry::scopeOffset):
(JSC::SymbolTableEntry::setAttributes):
(JSC::SymbolTableEntry::constantMode):
(JSC::SymbolTableEntry::isDontEnum):
(JSC::SymbolTableEntry::disableWatching):
(JSC::SymbolTableEntry::pack):
(JSC::SymbolTableEntry::isValidVarOffset):
(JSC::SymbolTable::createNameScopeTable):
(JSC::SymbolTable::maxScopeOffset):
(JSC::SymbolTable::didUseScopeOffset):
(JSC::SymbolTable::didUseVarOffset):
(JSC::SymbolTable::scopeSize):
(JSC::SymbolTable::nextScopeOffset):
(JSC::SymbolTable::takeNextScopeOffset):
(JSC::SymbolTable::add):
(JSC::SymbolTable::set):
(JSC::SymbolTable::argumentsLength):
(JSC::SymbolTable::setArgumentsLength):
(JSC::SymbolTable::argumentOffset):
(JSC::SymbolTable::setArgumentOffset):
(JSC::SymbolTable::arguments):
(JSC::SlowArgument::SlowArgument): Deleted.
(JSC::SymbolTableEntry::Fast::getIndex): Deleted.
(JSC::SymbolTableEntry::getIndex): Deleted.
(JSC::SymbolTableEntry::isValidIndex): Deleted.
(JSC::SymbolTable::captureStart): Deleted.
(JSC::SymbolTable::setCaptureStart): Deleted.
(JSC::SymbolTable::captureEnd): Deleted.
(JSC::SymbolTable::setCaptureEnd): Deleted.
(JSC::SymbolTable::captureCount): Deleted.
(JSC::SymbolTable::isCaptured): Deleted.
(JSC::SymbolTable::parameterCount): Deleted.
(JSC::SymbolTable::parameterCountIncludingThis): Deleted.
(JSC::SymbolTable::setParameterCountIncludingThis): Deleted.
(JSC::SymbolTable::slowArguments): Deleted.
(JSC::SymbolTable::setSlowArguments): Deleted.
* runtime/VM.cpp:
(JSC::VM::VM):
* runtime/VM.h:
* runtime/VarOffset.cpp: Added.
(JSC::VarOffset::dump):
(WTF::printInternal):
* runtime/VarOffset.h: Added.
(JSC::VarOffset::VarOffset):
(JSC::VarOffset::assemble):
(JSC::VarOffset::isValid):
(JSC::VarOffset::operator!):
(JSC::VarOffset::kind):
(JSC::VarOffset::isStack):
(JSC::VarOffset::isScope):
(JSC::VarOffset::isDirectArgument):
(JSC::VarOffset::stackOffsetUnchecked):
(JSC::VarOffset::scopeOffsetUnchecked):
(JSC::VarOffset::capturedArgumentsOffsetUnchecked):
(JSC::VarOffset::stackOffset):
(JSC::VarOffset::scopeOffset):
(JSC::VarOffset::capturedArgumentsOffset):
(JSC::VarOffset::rawOffset):
(JSC::VarOffset::checkSanity):
(JSC::VarOffset::operator==):
(JSC::VarOffset::operator!=):
(JSC::VarOffset::hash):
(JSC::VarOffset::isHashTableDeletedValue):
(JSC::VarOffsetHash::hash):
(JSC::VarOffsetHash::equal):
* tests/stress/arguments-exit-strict-mode.js: Added.
* tests/stress/arguments-exit.js: Added.
* tests/stress/arguments-inlined-exit-strict-mode-fixed.js: Added.
* tests/stress/arguments-inlined-exit-strict-mode.js: Added.
* tests/stress/arguments-inlined-exit.js: Added.
* tests/stress/arguments-interference.js: Added.
* tests/stress/arguments-interference-cfg.js: Added.
* tests/stress/dead-get-closure-var.js: Added.
* tests/stress/get-declared-unpassed-argument-in-direct-arguments.js: Added.
* tests/stress/get-declared-unpassed-argument-in-scoped-arguments.js: Added.
* tests/stress/varargs-closure-inlined-exit-strict-mode.js: Added.
* tests/stress/varargs-closure-inlined-exit.js: Added.
* tests/stress/varargs-exit.js: Added.
* tests/stress/varargs-inlined-exit.js: Added.
* tests/stress/varargs-inlined-simple-exit-aliasing-weird-reversed-args.js: Added.
* tests/stress/varargs-inlined-simple-exit-aliasing-weird.js: Added.
* tests/stress/varargs-inlined-simple-exit-aliasing.js: Added.
* tests/stress/varargs-inlined-simple-exit.js: Added.
* tests/stress/varargs-too-few-arguments.js: Added.
* tests/stress/varargs-varargs-closure-inlined-exit.js: Added.
* tests/stress/varargs-varargs-inlined-exit-strict-mode.js: Added.
* tests/stress/varargs-varargs-inlined-exit.js: Added.

Source/WTF:

* wtf/FastBitVector.h:
(WTF::FastBitVector::resize): Small change: don't resize if you don't have to resize.

LayoutTests:

* js/function-apply-aliased-expected.txt:
* js/function-dot-arguments-expected.txt:
* js/regress/arguments-expected.txt: Added.
* js/regress/arguments-named-and-reflective-expected.txt: Added.
* js/regress/arguments-named-and-reflective.html: Added.
* js/regress/arguments-strict-mode-expected.txt: Added.
* js/regress/arguments-strict-mode.html: Added.
* js/regress/arguments.html: Added.
* js/regress/script-tests/arguments-named-and-reflective.js: Added.
* js/regress/script-tests/arguments-strict-mode.js: Added.
* js/regress/script-tests/arguments.js: Added.
* js/regress/script-tests/try-catch-get-by-val-cloned-arguments.js: Added.
* js/regress/script-tests/try-catch-get-by-val-direct-arguments.js: Added.
* js/regress/script-tests/try-catch-get-by-val-scoped-arguments.js: Added.
* js/regress/script-tests/varargs-call.js: Added.
* js/regress/script-tests/varargs-construct-inline.js: Added.
* js/regress/script-tests/varargs-construct.js: Added.
* js/regress/script-tests/varargs-inline.js: Added.
* js/regress/script-tests/varargs-strict-mode.js: Added.
* js/regress/script-tests/varargs.js: Added.
* js/regress/try-catch-get-by-val-cloned-arguments-expected.txt: Added.
* js/regress/try-catch-get-by-val-cloned-arguments.html: Added.
* js/regress/try-catch-get-by-val-direct-arguments-expected.txt: Added.
* js/regress/try-catch-get-by-val-direct-arguments.html: Added.
* js/regress/try-catch-get-by-val-scoped-arguments-expected.txt: Added.
* js/regress/try-catch-get-by-val-scoped-arguments.html: Added.
* js/regress/varargs-call-expected.txt: Added.
* js/regress/varargs-call.html: Added.
* js/regress/varargs-construct-expected.txt: Added.
* js/regress/varargs-construct-inline-expected.txt: Added.
* js/regress/varargs-construct-inline.html: Added.
* js/regress/varargs-construct.html: Added.
* js/regress/varargs-expected.txt: Added.
* js/regress/varargs-inline-expected.txt: Added.
* js/regress/varargs-inline.html: Added.
* js/regress/varargs-strict-mode-expected.txt: Added.
* js/regress/varargs-strict-mode.html: Added.
* js/regress/varargs.html: Added.
* js/script-tests/function-apply-aliased.js:
* js/script-tests/function-dot-arguments.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181993 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Cocoa] RemoteInspectorXPCConnection::deserializeMessage() leaks a NSDictionary under...
aestes@apple.com [Thu, 26 Mar 2015 03:11:04 +0000 (03:11 +0000)]
[Cocoa] RemoteInspectorXPCConnection::deserializeMessage() leaks a NSDictionary under Objective-C GC
https://bugs.webkit.org/show_bug.cgi?id=143068

Reviewed by Dan Bernstein.

* inspector/remote/RemoteInspectorXPCConnection.mm:
(Inspector::RemoteInspectorXPCConnection::deserializeMessage): Used RetainPtr::autorelease(), which does the right thing under GC.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181992 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[WK2] WebFrameLoaderClient::dispatchDecidePolicyForResponse() should always call...
cdumez@apple.com [Thu, 26 Mar 2015 02:36:08 +0000 (02:36 +0000)]
[WK2] WebFrameLoaderClient::dispatchDecidePolicyForResponse() should always call the FramePolicyFunction
https://bugs.webkit.org/show_bug.cgi?id=143036
<rdar://problem/20252438>
<rdar://problem/13811738>

Reviewed by Alexey Proskuryakov.

WebFrameLoaderClient::dispatchDecidePolicyForResponse() should always
call the FramePolicyFunction. Previously, it would fail to do in 2
cases:
- m_frame->page() returns null
or
- webPage->sendSync() returns false

If the FramePolicyFunction is not called, we will fail to clear the
callback in the PolicyChecker and
DocumentLoader::continueAfterContentPolicy() will not be called.

DocumentLoader::continueAfterContentPolicy() is in charge of resetting
m_waitingForContentPolicy flag to false. This could therefore explain
the following assertion being hit in DocumentLoader::detachFromFrame()
(see <rdar://problem/20252438>):
RELEASE_ASSERT(!m_waitingForContentPolicy)

Also, as the PolicyChecker callback is not cleared, it could make it
possible for DocumentLoader::continueAfterContentPolicy() to be called
*after* the load is finished, when later canceling the PolicyCallback:
FrameLoader::stopAllLoaders()
 -> PolicyChecker::stopCheck()
  -> PolicyCallback::cancel()
   -> DocumentLoader::continueAfterContentPolicy(PolicyIgnore)

Calling continueAfterContentPolicy(PolicyIgnore) after the load is
finished would be bad and could explain some of the crashes we've seen
in DocumentLoader::continueAfterContentPolicy() ->
DocumentLoader:: stopLoadingForPolicyChange() (see
<rdar://problem/13811738>).

This patch also applies the same fix to
dispatchDecidePolicyForNewWindowAction() and
dispatchDecidePolicyForNavigationAction() as they use the same pattern.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181991 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUse JITCompilationCanFail in more places, and make the fail path of JITCompilationMus...
fpizlo@apple.com [Thu, 26 Mar 2015 01:26:56 +0000 (01:26 +0000)]
Use JITCompilationCanFail in more places, and make the fail path of JITCompilationMustSucceed a crash instead of attempting GC
https://bugs.webkit.org/show_bug.cgi?id=142993

Source/JavaScriptCore:

Reviewed by Geoffrey Garen and Mark Lam.

This changes the most commonly invoked paths that relied on JITCompilationMustSucceed
into using JITCompilationCanFail and having a legit fallback path. This mostly involves
having the FTL JIT do the same trick as the DFG JIT in case of any memory allocation
failure, but also involves adding the same kind of thing to the stub generators in
Repatch.

Because of that change, there are relatively few uses of JITCompilationMustSucceed. Most
of those uses cannot handle a GC, and so cannot do releaseExecutableMemory(). Only a few,
like host call stub generation, could handle a GC, but those get invoked very rarely. So,
this patch changes the releaseExecutableMemory() call into a crash with some diagnostic
printout.

Also add a way of inducing executable allocation failure, so that we can test this.

* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::compile):
(JSC::DFG::JITCompiler::compileFunction):
(JSC::DFG::JITCompiler::link): Deleted.
(JSC::DFG::JITCompiler::linkFunction): Deleted.
* dfg/DFGJITCompiler.h:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::compileInThreadImpl):
* ftl/FTLCompile.cpp:
(JSC::FTL::mmAllocateCodeSection):
(JSC::FTL::mmAllocateDataSection):
* ftl/FTLLink.cpp:
(JSC::FTL::link):
* ftl/FTLState.h:
* jit/ArityCheckFailReturnThunks.cpp:
(JSC::ArityCheckFailReturnThunks::returnPCsFor):
* jit/ExecutableAllocationFuzz.cpp: Added.
(JSC::numberOfExecutableAllocationFuzzChecks):
(JSC::doExecutableAllocationFuzzing):
* jit/ExecutableAllocationFuzz.h: Added.
(JSC::doExecutableAllocationFuzzingIfEnabled):
* jit/ExecutableAllocatorFixedVMPool.cpp:
(JSC::ExecutableAllocator::allocate):
* jit/JIT.cpp:
(JSC::JIT::privateCompile):
* jit/JITCompilationEffort.h:
* jit/Repatch.cpp:
(JSC::generateByIdStub):
(JSC::tryCacheGetByID):
(JSC::tryBuildGetByIDList):
(JSC::emitPutReplaceStub):
(JSC::emitPutTransitionStubAndGetOldStructure):
(JSC::tryCachePutByID):
(JSC::tryBuildPutByIdList):
(JSC::tryRepatchIn):
(JSC::linkPolymorphicCall):
* jsc.cpp:
(jscmain):
* runtime/Options.h:
* runtime/TestRunnerUtils.h:
* runtime/VM.cpp:
* tests/executableAllocationFuzz: Added.
* tests/executableAllocationFuzz.yaml: Added.
* tests/executableAllocationFuzz/v8-raytrace.js: Added.

Tools:

Reviewed by Mark Lam.

Bunch of support for testing executable allocation failure.

* Scripts/jsc-stress-test-helpers/js-executable-allocation-fuzz: Added.
(fail):
* Scripts/run-javascriptcore-tests:
(runJSCStressTests):
* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181990 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoCSS blend modes do not parse when in the shadow tree
dino@apple.com [Thu, 26 Mar 2015 01:05:20 +0000 (01:05 +0000)]
CSS blend modes do not parse when in the shadow tree
https://bugs.webkit.org/show_bug.cgi?id=143067
<rdar://problem/20302662>

Reviewed by Anders Carlson.

The media controls style sheets are injected as UA stylesheets
when we come across a <video> or <audio> element. These stylesheets
have a different parsing context than the document stylesheets -
one that uses the default constructor, which initializes some
features like cssCompositingEnabled to false without checking
the runtime state.

The easy fix is to use the global state to initialize the context.

Unfortunately we can't test this since it only occurs in the shadow
tree.

* css/CSSParser.cpp:
(WebCore::CSSParserContext::CSSParserContext): Check the state
of RuntimeEnabledFeatures to initialize CSS Regions and
CSS Compositing (Blending).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181989 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAX: table cells that use display:block render the table inaccessible to VoiceOver
cfleizach@apple.com [Thu, 26 Mar 2015 00:53:52 +0000 (00:53 +0000)]
AX: table cells that use display:block render the table inaccessible to VoiceOver
https://bugs.webkit.org/show_bug.cgi?id=143007

Reviewed by Mario Sanchez Prada.

Source/WebCore:

When display:block is used on a table cell, it was being ignored because it was anonymous.
This is still a valid scenario however if it's still inside of a valid table.

Test: accessibility/table-cell-display-block.html

* accessibility/AccessibilityTableCell.cpp:
(WebCore::AccessibilityTableCell::computeAccessibilityIsIgnored):

LayoutTests:

* accessibility/table-cell-display-block-expected.txt: Added.
* accessibility/table-cell-display-block.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181988 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoWeb Inspector: Add ESLint "Disallow Undeclared Variables" rule and enable ES6 env
commit-queue@webkit.org [Thu, 26 Mar 2015 00:46:57 +0000 (00:46 +0000)]
Web Inspector: Add ESLint "Disallow Undeclared Variables" rule and enable ES6 env
https://bugs.webkit.org/show_bug.cgi?id=143062

Patch by Tobias Reiss <tobi+webkit@basecode.de> on 2015-03-25
Reviewed by Joseph Pecoraro.

ESLint: Add support for es6 environment and "no-undef" rule which disallows
use of undeclared variables unless mentioned in a /*global */ block.

* .eslintrc:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181987 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAdd a preference to prevent "user-scalable=no" from having any effect
timothy_horton@apple.com [Thu, 26 Mar 2015 00:03:44 +0000 (00:03 +0000)]
Add a preference to prevent "user-scalable=no" from having any effect
https://bugs.webkit.org/show_bug.cgi?id=143032

Reviewed by Sam Weinig.

* Shared/WebPreferencesDefinitions.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):
Add a preference and push it to the ViewportConfiguration.

* page/ViewportConfiguration.cpp:
(WebCore::ViewportConfiguration::ViewportConfiguration):
(WebCore::ViewportConfiguration::allowsUserScaling):
* page/ViewportConfiguration.h:
(WebCore::ViewportConfiguration::setForceAlwaysUserScalable):
If forceAlwaysUserScalable is set to true, force "user-scalable=yes".

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoREGRESSION (r181660): Force click url preview doesn't have a TextIndicator in Mail
bdakin@apple.com [Wed, 25 Mar 2015 23:37:41 +0000 (23:37 +0000)]
REGRESSION (r181660): Force click url preview doesn't have a TextIndicator in Mail
https://bugs.webkit.org/show_bug.cgi?id=143064
-and corresponding-
rdar://problem/20251440

Reviewed by Tim Horton.

The TextIndicator was getting set to nil by the call to
_dismissContentRelativeChildWindows in mouseDown. That line of code was added by
http://trac.webkit.org/changeset/177242 to work around a bug in another component
that has now been resolved, so it no longer appears to be necessary.

* UIProcess/API/mac/WKView.mm:
(-[WKView mouseDown:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181985 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAdd network and application cache directories to WebsiteDataStore
andersca@apple.com [Wed, 25 Mar 2015 23:37:04 +0000 (23:37 +0000)]
Add network and application cache directories to WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=143063

Reviewed by Sam Weinig.

Create a WebKit directory under ~/Library/Caches/<Bundle ID> for non-sandboxed applications,
and ~/Library/Caches for sandboxed applications. Create NetworkCache and OfflineWebApplicationCache
subdirectories. These directories will be used with the modern WebKit API.

* UIProcess/API/APIWebsiteDataStore.h:
* UIProcess/API/Cocoa/APIWebsiteDataStoreCocoa.mm:
(API::WebsiteDataStore::cacheDirectoryFileSystemRepresentation):
(API::WebsiteDataStore::defaultDataStoreConfiguration):
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::WebsiteDataStore):
* UIProcess/WebsiteData/WebsiteDataStore.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181984 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAnother attempt to get the iOS EWS building again.
mitz@apple.com [Wed, 25 Mar 2015 23:33:53 +0000 (23:33 +0000)]
Another attempt to get the iOS EWS building again.

* WebCore.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181983 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoFix Windows build from r181977.
mmaxfield@apple.com [Wed, 25 Mar 2015 23:25:31 +0000 (23:25 +0000)]
Fix Windows build from r181977.

Unreviewed.

* Scripts/update-webkit-dependency:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181982 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoREGRESSION(169139): LLINT intermittently fails JSC testapi tests.
mark.lam@apple.com [Wed, 25 Mar 2015 23:15:15 +0000 (23:15 +0000)]
REGRESSION(169139): LLINT intermittently fails JSC testapi tests.
<https://webkit.org/b/135719>

Reviewed by Geoffrey Garen.

This is a regression introduced in http://trac.webkit.org/changeset/169139 which
changed VM::watchdog from an embedded field into a std::unique_ptr, but did not
update the LLINT to access it as such.

The issue has only manifested so far on the CLoop tests because those are LLINT
only.  In the non-CLoop cases, the JIT kicks in and does the right thing, thereby
hiding the bug in the LLINT.

* API/JSContextRef.cpp:
(createWatchdogIfNeeded):
(JSContextGroupSetExecutionTimeLimit):
(JSContextGroupClearExecutionTimeLimit):
* llint/LowLevelInterpreter.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181981 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAdd case-insensitive checks to DFA bytecode.
achristensen@apple.com [Wed, 25 Mar 2015 23:05:36 +0000 (23:05 +0000)]
Add case-insensitive checks to DFA bytecode.
https://bugs.webkit.org/show_bug.cgi?id=142977

Reviewed by Benjamin Poulain.

* contentextensions/DFABytecode.h:
(WebCore::ContentExtensions::instructionSizeWithArguments):
* contentextensions/DFABytecodeCompiler.cpp:
(WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValue):
(WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValueRange):
Add case-insensitive bytecode.
(WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
Check to see if case-insensitive bytecodes can be used.
(WebCore::ContentExtensions::DFABytecodeCompiler::compileCheckForRange):
* contentextensions/DFABytecodeCompiler.h:
(WebCore::ContentExtensions::DFABytecodeCompiler::Range::Range):
Added Range structure to be able to count the ranges in a future patch deciding if we want to use jump tables.
* contentextensions/DFABytecodeInterpreter.cpp:
(WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
Interpret case-insensitive bytecodes.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181980 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoChange Atomic methods from using the_wrong_naming_conventions to using theRightNaming...
fpizlo@apple.com [Wed, 25 Mar 2015 22:56:50 +0000 (22:56 +0000)]
Change Atomic methods from using the_wrong_naming_conventions to using theRightNamingConventions. Also make seq_cst the default.

Rubber stamped by Geoffrey Garen.

Source/JavaScriptCore:

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::visitAggregate):

Source/WTF:

* wtf/Atomics.h:
(WTF::Atomic::load):
(WTF::Atomic::store):
(WTF::Atomic::compareExchangeWeak):
(WTF::Atomic::compareExchangeStrong):
(WTF::Atomic::compare_exchange_weak): Deleted.
(WTF::Atomic::compare_exchange_strong): Deleted.
* wtf/ByteSpinLock.h:
(WTF::ByteSpinLock::lock):
* wtf/SpinLock.h:
(WTF::SpinLockBase::lock):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181979 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAddress additional review feedback from https://bugs.webkit.org/show_bug.cgi?id=143059.
weinig@apple.com [Wed, 25 Mar 2015 22:56:19 +0000 (22:56 +0000)]
Address additional review feedback from https://bugs.webkit.org/show_bug.cgi?id=143059.

Source/WebCore:

* contentextensions/ContentExtensionCompiler.cpp:
(WebCore::ContentExtensions::compileRuleList):
* contentextensions/ContentExtensionCompiler.h:
* contentextensions/ContentExtensionParser.cpp:
(WebCore::ContentExtensions::getTypeFlags):

Source/WebKit2:

* Shared/WebCompiledContentExtension.cpp:
(WebKit::WebCompiledContentExtension::createFromCompiledContentExtensionData):
* UIProcess/API/C/WKUserContentFilterRef.cpp:
(WKUserContentFilterCreate):
* UIProcess/API/Cocoa/_WKUserContentFilter.mm:
(-[_WKUserContentFilter initWithName:serializedRules:]):

Tools:

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
(TestWebKitAPI::InMemoryCompiledContentExtension::createFromFilter):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181978 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoMigrate update-webkit for Windows to not require Cygwin
mmaxfield@apple.com [Wed, 25 Mar 2015 22:46:41 +0000 (22:46 +0000)]
Migrate update-webkit for Windows to not require Cygwin
https://bugs.webkit.org/show_bug.cgi?id=143040

Reviewed by Brent Fulgham.

* Scripts/update-webkit-dependency:
(wanted):
(toUnixPath): Deleted.
* Scripts/webkitdirs.pm:
(fontExists):
(checkInstalledTools):
(setupAppleWinEnv):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181977 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoFix formatting in BuiltinExecutables
commit-queue@webkit.org [Wed, 25 Mar 2015 22:42:39 +0000 (22:42 +0000)]
Fix formatting in BuiltinExecutables
https://bugs.webkit.org/show_bug.cgi?id=143061

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-03-25
Reviewed by Ryosuke Niwa.

* builtins/BuiltinExecutables.cpp:
(JSC::BuiltinExecutables::createExecutableInternal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181976 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAdd a few more tests for Class names
commit-queue@webkit.org [Wed, 25 Mar 2015 22:41:04 +0000 (22:41 +0000)]
Add a few more tests for Class names
https://bugs.webkit.org/show_bug.cgi?id=143060

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2015-03-25
Reviewed by Ryosuke Niwa.

Add a few more class name tests:
- const class name binding inside class expression
- mutable class name binding from class statement

* js/script-tests/class-syntax-name.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181975 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Content Extensions] Convert content extension compiling to return error codes and...
weinig@apple.com [Wed, 25 Mar 2015 22:38:58 +0000 (22:38 +0000)]
[Content Extensions] Convert content extension compiling to return error codes and write its output using a client
https://bugs.webkit.org/show_bug.cgi?id=143059

Reviewed by Alex Christensen.

Source/WebCore:

* WebCore.xcodeproj/project.pbxproj:
Add ContentExtensionError.h/cpp.

* contentextensions/ContentExtensionError.cpp: Added.
(WebCore::ContentExtensions::contentExtensionErrorCategory):
* contentextensions/ContentExtensionError.h: Added.
(WebCore::ContentExtensions::make_error_code):
Add ContentExtensionError enum and std::error_code adaptor.

* contentextensions/ContentExtensionCompiler.h:
Instead of returning CompiledContentExtensionData, use a client interface
to pass data. Eventually, this should be turned into a direct streaming
interface so we can write directly to a file.

* contentextensions/ContentExtensionCompiler.cpp:
(WebCore::ContentExtensions::compileRuleList):
* contentextensions/ContentExtensionParser.cpp:
(WebCore::ContentExtensions::getTypeFlags):
(WebCore::ContentExtensions::loadTrigger):
(WebCore::ContentExtensions::loadAction):
(WebCore::ContentExtensions::loadRule):
(WebCore::ContentExtensions::loadEncodedRules):
(WebCore::ContentExtensions::parseRuleList):
* contentextensions/ContentExtensionParser.h:
Convert to return an error.

Source/WebKit2:

* Shared/WebCompiledContentExtension.cpp:
* Shared/WebCompiledContentExtension.h:
(WebKit::LegacyContentExtensionCompilationClient::LegacyContentExtensionCompilationClient):
(WebKit::LegacyContentExtensionCompilationClient::writeBytecode):
(WebKit::LegacyContentExtensionCompilationClient::writeActions):
Add subclass of ContentExtensionCompilationClient for use with the non-file backed content
extensions.

* UIProcess/API/C/WKUserContentFilterRef.cpp:
(WKUserContentFilterCreate):
* UIProcess/API/Cocoa/_WKUserContentFilter.mm:
(-[_WKUserContentFilter initWithName:serializedRules:]):
Update to use the new interface of compileRuleList().

Tools:

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
(TestWebKitAPI::InMemoryCompiledContentExtension::createFromFilter):
Update for new interface of compileRuleList().

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181974 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoES6: Classes: Program level class statement throws exception in strict mode
joepeck@webkit.org [Wed, 25 Mar 2015 21:33:59 +0000 (21:33 +0000)]
ES6: Classes: Program level class statement throws exception in strict mode
https://bugs.webkit.org/show_bug.cgi?id=143038

Reviewed by Ryosuke Niwa.

Source/JavaScriptCore:

Classes expose a name to the current lexical environment. This treats
"class X {}" like "var X = class X {}". Ideally it would be "let X = class X {}".
Also, improve error messages for class statements where the class is missing a name.

* parser/Parser.h:
* parser/Parser.cpp:
(JSC::Parser<LexerType>::parseClass):
Fill name in info parameter if needed. Better error message if name is needed and missing.

(JSC::Parser<LexerType>::parseClassDeclaration):
Pass info parameter to get name, and expose the name as a variable name.

(JSC::Parser<LexerType>::parsePrimaryExpression):
Pass info parameter that is ignored.

* parser/ParserFunctionInfo.h:
Add a parser info for class, to extract the name.

LayoutTests:

This updates a number of existing tests that were relying on
poor behavior. `shouldBe` and friends use eval within a function
not at the global scope. This means `shouldBe('class X { ... }')`
behaves like `shouldBe('var x = ...')` not `shouldBe('x = ...')`.
This means `x` will not be available in the next `shouldBe` call.

Add a test specifically to cover the scoping of the class name
in regular and strict mode code. Currently we treat it like var
with one failing test that would pass when we treat it like let.

* js/class-syntax-name.html: Added.
* js/script-tests/class-syntax-name.js: Added.
(runTestShouldBe):
(runTestShouldBeTrue):
(runTestShouldThrow):
(runTestShouldNotThrow):
Test class name scoping.

* js/class-syntax-call-expected.txt:
* js/class-syntax-declaration-expected.txt:
* js/class-syntax-default-constructor-expected.txt:
* js/class-syntax-name-expected.txt: Added.
* js/script-tests/class-syntax-call.js:
* js/script-tests/class-syntax-declaration.js:
* js/script-tests/class-syntax-default-constructor.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181973 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoWeb Inspector: Switching tabs to window with inspector open prohibits typing into...
rniwa@webkit.org [Wed, 25 Mar 2015 21:19:05 +0000 (21:19 +0000)]
Web Inspector: Switching tabs to window with inspector open prohibits typing into console
https://bugs.webkit.org/show_bug.cgi?id=126800

Reviewed by Anders Carlsson.

This is a regression from r85356 and r83814. These two patches made WKWebView clear its selection
when WKView resigns the first responder without ever restoring it even if WKView later becomes
the first responder again. This is problematic when a text field or a editing host element had been
focused and selected prior to the resignation since the editing code uses the selection to determine
the editability of the element.

Fixed the bug by restoring selection in [WKView becomeFirstResponder] if the selection is empty.

* UIProcess/API/mac/WKView.mm:
(-[WKView becomeFirstResponder]):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::restoreSelectionInFocusedEditableElement):
* UIProcess/WebPageProxy.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::restoreSelectionInFocusedEditableElement):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181972 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoREGRESSION (r181660): Safari navigates to link after a starting and canceling a
bdakin@apple.com [Wed, 25 Mar 2015 21:09:18 +0000 (21:09 +0000)]
REGRESSION (r181660): Safari navigates to link after a starting and canceling a
force preview
https://bugs.webkit.org/show_bug.cgi?id=143057
-and corresponding-
rdar://problem/20251436

Reviewed by Tim Horton.

Source/WebCore:

This patch adds a value for ActionUpdated to the ImmediateActionStage enum. Now if
m_immediateActionStage indicates that an immediate action has either begun or
completed then we can have the same behavior.
* page/EventHandler.cpp:
(WebCore::EventHandler::handleMouseReleaseEvent):
* page/EventHandler.h:

Source/WebKit2:

Always call _page->immediateActionDidUpdate() so that the EventHandler’s
ImmediateActionStage is appropriately updated.
* UIProcess/mac/WKImmediateActionController.mm:
(-[WKImmediateActionController immediateActionRecognizerDidUpdateAnimation:]):

Update the EventHandler’s ImmediateActionStage.
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::immediateActionDidUpdate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181971 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoSeparate entry decoding from validation
antti@apple.com [Wed, 25 Mar 2015 20:59:18 +0000 (20:59 +0000)]
Separate entry decoding from validation
https://bugs.webkit.org/show_bug.cgi?id=143052

Reviewed by Chris Dumez.

Make NetworkCache::Cache a class and move it to a file of its own.
Move the encoding/decoding code there.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::fetchDiskCacheEntries):
(WebKit::clearDiskCacheEntries):
* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::sendReplyToSynchronousRequest):
(WebKit::NetworkResourceLoader::start):
(WebKit::NetworkResourceLoader::sendBufferMaybeAborting):
(WebKit::NetworkResourceLoader::didRetrieveCacheEntry):
(WebKit::NetworkResourceLoader::validateCacheEntry):
* NetworkProcess/NetworkResourceLoader.h:
* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::collectVaryingRequestHeaders):
(WebKit::NetworkCache::canUse):

    Focused function for deciding if we can use a cache entry and if it needs validation.

(WebKit::NetworkCache::Cache::retrieve):
(WebKit::NetworkCache::Cache::store):
(WebKit::NetworkCache::Cache::update):
(WebKit::NetworkCache::Cache::traverse):
(WebKit::NetworkCache::encodeStorageEntry): Deleted.
(WebKit::NetworkCache::decodeStorageEntry): Deleted.
* NetworkProcess/cache/NetworkCache.h:
* NetworkProcess/cache/NetworkCacheEntry.cpp: Added.
(WebKit::NetworkCache::Entry::Entry):
(WebKit::NetworkCache::Entry::encode):
(WebKit::NetworkCache::Entry::decode):
(WebKit::NetworkCache::Entry::initializeBufferFromStorageEntry):
(WebKit::NetworkCache::Entry::buffer):
(WebKit::NetworkCache::Entry::shareableResourceHandle):
(WebKit::NetworkCache::Entry::needsValidation):
(WebKit::NetworkCache::Entry::setNeedsValidation):
* NetworkProcess/cache/NetworkCacheEntry.h: Added.
(WebKit::NetworkCache::Entry::key):
(WebKit::NetworkCache::Entry::timeStamp):
(WebKit::NetworkCache::Entry::response):
(WebKit::NetworkCache::Entry::varyingRequestHeaders):
(WebKit::NetworkCache::Entry::sourceStorageEntry):
* NetworkProcess/cache/NetworkCacheStatistics.h:
* NetworkProcess/cache/NetworkCacheStatisticsCocoa.mm:
(WebKit::NetworkCache::cachedEntryReuseFailureToDiagnosticKey):
(WebKit::NetworkCache::Statistics::recordRetrievedCachedEntry):
* WebKit2.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181970 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoGardening: rebaseline after r181907.
mark.lam@apple.com [Wed, 25 Mar 2015 19:35:49 +0000 (19:35 +0000)]
Gardening: rebaseline after r181907.

Not reviewed.

* platform/win/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181969 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoNew map and set modification tests in r181922 fails
ggaren@apple.com [Wed, 25 Mar 2015 18:37:17 +0000 (18:37 +0000)]
New map and set modification tests in r181922 fails
https://bugs.webkit.org/show_bug.cgi?id=143031

Reviewed and tweaked by Geoffrey Garen.

When packing Map/Set backing store, we need to decrement Map/Set iterator's m_index
to adjust for the packed backing store.

Consider the following map data.

x: deleted, o: exists
0 1 2 3 4
x x x x o

And iterator with m_index 3.

When packing the map data, map data will become,

0
o

At that time, we perfom didRemoveEntry 4 times on iterators.
times => m_index/index/result
1 => 3/0/dec
2 => 2/1/dec
3 => 1/2/nothing
4 => 1/3/nothing

After iteration, iterator's m_index becomes 1. But we expected that becomes 0.
This is because if we use decremented m_index for comparison,
while provided deletedIndex is the index in old storage, m_index is the index in partially packed storage.

In this patch, we compare against the packed index instead.
times => m_index/packedIndex/result
1 => 3/0/dec
2 => 2/0/dec
3 => 1/0/dec
4 => 0/0/nothing

So m_index becomes 0 as expected.

And according to the spec, once the iterator is closed (becomes done: true),
its internal [[Map]]/[[Set]] is set to undefined.
So after the iterator is finished, we don't revive the iterator (e.g. by clearing m_index = 0).

In this patch, we change 2 things.
1.
Compare an iterator's index against the packed index when removing an entry.

2.
If the iterator is closed (isFinished()), we don't apply adjustment to the iterator.

Patch by Yusuke Suzuki <utatane.tea@gmail.com> on 2015-03-25

* runtime/MapData.h:
(JSC::MapDataImpl::IteratorData::finish):
(JSC::MapDataImpl::IteratorData::isFinished):
(JSC::MapDataImpl::IteratorData::didRemoveEntry):
(JSC::MapDataImpl::IteratorData::didRemoveAllEntries):
(JSC::MapDataImpl::IteratorData::startPackBackingStore):
* runtime/MapDataInlines.h:
(JSC::JSIterator>::replaceAndPackBackingStore):
* tests/stress/modify-map-during-iteration.js:
* tests/stress/modify-set-during-iteration.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181968 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[WinCairo] Crash when plugin window is destroyed.
peavo@outlook.com [Wed, 25 Mar 2015 17:55:28 +0000 (17:55 +0000)]
[WinCairo] Crash when plugin window is destroyed.
https://bugs.webkit.org/show_bug.cgi?id=142905

Reviewed by Alex Christensen.

When a plugin window is destroyed with the Win32 api function DestroyWindow,
the system will send a synchronous WM_PARENTNOTIFY message to the WebView.
The WebView window procedure will, when processing the WM_PARENTNOTIFY message,
call UpdateWindow to paint synchronously. This will cause reentrancy problems,
since we're already called from WebCore code, and then reenter WebCore painting code.
We should avoid calling UpdateWindow when handling the WM_PARENTNOTIFY message.

* WebView.cpp:
(WebView::WebViewWndProc):
(WebView::updateWindowIfNeeded):
* WebView.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181966 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoMediaControls: Use font with fixed number width
dino@apple.com [Wed, 25 Mar 2015 17:43:56 +0000 (17:43 +0000)]
MediaControls: Use font with fixed number width
https://bugs.webkit.org/show_bug.cgi?id=143018
<rdar://problem/20245415>

Reviewed by Eric Carlson.

Source/WebCore:

Add a new font-family, specific to Apple platforms,
called -apple-system-font-monospaced-numbers. This is
a special variant of the system font which uses monospaced
forms for the number glyphs - allowing a time reading that
doesn't bounce around as the time changes.

* Modules/mediacontrols/mediaControlsApple.css: Media controls should
use the new font.
(audio::-webkit-media-controls-time-remaining-display):
* Modules/mediacontrols/mediaControlsiOS.css:
(audio::-webkit-media-controls-time-remaining-display):

* platform/graphics/ios/FontCacheIOS.mm: Request a new CTFontRef with
the appropriate attributes.
(WebCore::createCTFontWithFamilyNameAndWeight):
* platform/graphics/mac/FontCacheMac.mm: Ditto, but NSFont.
(WebCore::fontWithFamily):
* platform/spi/cocoa/CoreTextSPI.h: Expose the constants for
the new form so that the public SDK can build.

LayoutTests:

Add some results for the new font family "-apple-system-font-monospaced-numbers".

* platform/mac/fast/text/systemFont.html:
* platform/mac/fast/text/systemFont-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181965 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Content Extensions] Add multi-DFA compiling and interpreting.
achristensen@apple.com [Wed, 25 Mar 2015 17:31:52 +0000 (17:31 +0000)]
[Content Extensions] Add multi-DFA compiling and interpreting.
https://bugs.webkit.org/show_bug.cgi?id=143010

Reviewed by Benjamin Poulain.

Source/WebCore:

* contentextensions/ContentExtensionCompiler.cpp:
(WebCore::ContentExtensions::compileRuleList):
Compile multiple NFAs to DFAs.
* contentextensions/ContentExtensionsBackend.cpp:
(WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
Fixed a bug when there are no non-universal actions.
We still need to report that no ignore-previous-rules was hit to apply the
universal actions which are now accessed through DFABytecodeInterpreter::actionsFromDFARoot
and skipped in DFABytecodeInterpreter::interpret.
* contentextensions/DFABytecodeCompiler.cpp:
(WebCore::ContentExtensions::DFABytecodeCompiler::compile):
Add a header for each DFA.
* contentextensions/DFABytecodeInterpreter.cpp:
(WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
(WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
Interpret as many DFAs as there are in the bytecode.

Tools:

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
(TestWebKitAPI::testRequest):
(TestWebKitAPI::TEST_F):
Add some tests for ignore-previous-rules and large rulesets.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181964 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Win] Illegal character in project file.
peavo@outlook.com [Wed, 25 Mar 2015 17:18:29 +0000 (17:18 +0000)]
[Win] Illegal character in project file.
https://bugs.webkit.org/show_bug.cgi?id=143051

Reviewed by Brent Fulgham.

There is an illegal character in the WebCore project filter.
WebCore files are shown unfiltered.

* WebCore.vcxproj/WebCore.vcxproj.filters:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181963 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoMavericks WK1 still runs JSC tests
ap@apple.com [Wed, 25 Mar 2015 17:00:14 +0000 (17:00 +0000)]
Mavericks WK1 still runs JSC tests
https://bugs.webkit.org/show_bug.cgi?id=143035

Reviewed by Csaba Osztrogonác.

* BuildSlaveSupport/build.webkit.org-config/config.json: Bring Mavericks WK1 in line
with other bots.

* BuildSlaveSupport/build.webkit.org-config/mastercfg_unittest.py: Updated the tests
accordingly.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181962 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoWeb Inspector: console.table with source code location look poor
nvasilyev@apple.com [Wed, 25 Mar 2015 16:49:57 +0000 (16:49 +0000)]
Web Inspector: console.table with source code location look poor
https://bugs.webkit.org/show_bug.cgi?id=142068

Reviewed by Timothy Hatcher.

* UserInterface/Views/LegacyConsoleMessageImpl.js:
(WebInspector.LegacyConsoleMessageImpl.prototype._formatParameterAsTable):
Remove dataGridContainer as it is an unnecessary span element.
* UserInterface/Views/LogContentView.css:
(.console-messages .data-grid):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181961 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAdd a pref to enable the new block-inside-inline model
hyatt@apple.com [Wed, 25 Mar 2015 16:28:28 +0000 (16:28 +0000)]
Add a pref to enable the new block-inside-inline model
https://bugs.webkit.org/show_bug.cgi?id=143050

Reviewed by Sam Weinig.

Source/WebCore:

* page/Settings.in:

Source/WebKit2:

* Shared/WebPreferencesDefinitions.h:
* UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetNewBlockInsideInlineModelEnabled):
(WKPreferencesGetNewBlockInsideInlineModelEnabled):
* UIProcess/API/C/WKPreferencesRefPrivate.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181959 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoiOS Simulator build fix.
mitz@apple.com [Wed, 25 Mar 2015 13:51:29 +0000 (13:51 +0000)]
iOS Simulator build fix.

* platform/spi/cocoa/IOSurfaceSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181958 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoGTK+ Gardening 24th March
commit-queue@webkit.org [Wed, 25 Mar 2015 11:53:21 +0000 (11:53 +0000)]
GTK+ Gardening 24th March
https://bugs.webkit.org/show_bug.cgi?id=143003

Unreviewed.

Patch by Marcos Chavarría Teijeiro <chavarria1991@gmail.com> on 2015-03-25

* platform/gtk/TestExpectations:
* platform/gtk/css3/selectors3/xhtml/css3-modsel-15c-expected.txt: Rebaselined after r181889.
* platform/gtk/css3/selectors3/xml/css3-modsel-15c-expected.txt: Rebaselined after r181889.
* platform/gtk/plugins/npruntime/object-from-destroyed-plugin-expected.txt: Rebaselined after r181889.
* platform/gtk/plugins/npruntime/object-from-destroyed-plugin-in-subframe-expected.txt: Rebaselined after r181889.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181953 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[WK2] WebUserMediaClient::pageDestroyed() virtual method should be marked as override
zandobersek@gmail.com [Wed, 25 Mar 2015 10:09:07 +0000 (10:09 +0000)]
[WK2] WebUserMediaClient::pageDestroyed() virtual method should be marked as override
https://bugs.webkit.org/show_bug.cgi?id=143046

Reviewed by Carlos Garcia Campos.

* WebProcess/WebCoreSupport/WebUserMediaClient.h: Mark the WebUserMediaClient::pageDestroyed()
method, inherited from the WebCore::UserMediaClient, as an override.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181943 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[GTK][WK2] WebPageProxy::failedToShowPopupMenu() virtual method should be marked...
zandobersek@gmail.com [Wed, 25 Mar 2015 09:38:11 +0000 (09:38 +0000)]
[GTK][WK2] WebPageProxy::failedToShowPopupMenu() virtual method should be marked as override
https://bugs.webkit.org/show_bug.cgi?id=143045

Reviewed by Carlos Garcia Campos.

* UIProcess/WebPageProxy.h: Mark the failedToShowPopupMenu(), inherited from
the WebPopupMenuProxy::Client class, as overridden.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181938 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[WK2] Clean up DrawingAreaImpl vtable overrides
zandobersek@gmail.com [Wed, 25 Mar 2015 09:32:33 +0000 (09:32 +0000)]
[WK2] Clean up DrawingAreaImpl vtable overrides
https://bugs.webkit.org/show_bug.cgi?id=143044

Reviewed by Carlos Garcia Campos.

Declare virtual methods of the DrawingAreaImpl class as overridden where necessary.

* WebProcess/WebPage/DrawingAreaImpl.h:
(WebKit::DrawingAreaImpl::layerTreeStateIsFrozen): Deleted.
(WebKit::DrawingAreaImpl::layerTreeHost): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181937 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoVersioning.
bshafiei@apple.com [Wed, 25 Mar 2015 07:45:21 +0000 (07:45 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181936 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, rolling out r181932.
commit-queue@webkit.org [Wed, 25 Mar 2015 07:40:01 +0000 (07:40 +0000)]
Unreviewed, rolling out r181932.
https://bugs.webkit.org/show_bug.cgi?id=143041

The test fails most of the time on bots (Requested by ap on
#webkit).

Reverted changeset:

"[Content Extensions] Add multi-DFA compiling and
interpreting."
https://bugs.webkit.org/show_bug.cgi?id=143010
http://trac.webkit.org/changeset/181932

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181935 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoSource/WebCore/rendering/RenderThemeMac.mm:2181:118: error: null passed to a callee...
dino@apple.com [Wed, 25 Mar 2015 06:06:15 +0000 (06:06 +0000)]
Source/WebCore/rendering/RenderThemeMac.mm:2181:118: error: null passed to a callee that requires a non-null argument [-Werror,-Wnonnull]
https://bugs.webkit.org/show_bug.cgi?id=143039

Unreviewed build fix for newer versions of OS X.

* rendering/RenderThemeMac.mm: Define a null language parameter. This
seemed better than turning the clang warning off for just that
function.
(WebCore::AttachmentLayout::layOutTitle):
(WebCore::AttachmentLayout::layOutSubtitle):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181934 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAnother attempt to fix the build.
mitz@apple.com [Wed, 25 Mar 2015 05:29:08 +0000 (05:29 +0000)]
Another attempt to fix the build.

* WebCore.xcodeproj/project.pbxproj:
* platform/spi/cocoa/QuartzCoreSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181933 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Content Extensions] Add multi-DFA compiling and interpreting.
achristensen@apple.com [Wed, 25 Mar 2015 05:19:42 +0000 (05:19 +0000)]
[Content Extensions] Add multi-DFA compiling and interpreting.
https://bugs.webkit.org/show_bug.cgi?id=143010

Reviewed by Benjamin Poulain.

Source/WebCore:

* contentextensions/ContentExtensionCompiler.cpp:
(WebCore::ContentExtensions::compileRuleList):
Compile multiple NFAs to DFAs.
* contentextensions/ContentExtensionsBackend.cpp:
(WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
Fixed a bug when there are no non-universal actions.
We still need to report that no ignore-previous-rules was hit to apply the
universal actions which are now accessed through DFABytecodeInterpreter::actionsFromDFARoot
and skipped in DFABytecodeInterpreter::interpret.
* contentextensions/DFABytecodeCompiler.cpp:
(WebCore::ContentExtensions::DFABytecodeCompiler::compile):
Add a header for each DFA.
* contentextensions/DFABytecodeInterpreter.cpp:
(WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
(WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
Interpret as many DFAs as there are in the bytecode.

Tools:

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:
(TestWebKitAPI::testRequest):
(TestWebKitAPI::TEST_F):
Add some tests for ignore-previous-rules and large rulesets.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181932 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoTried to fix the EWS build.
mitz@apple.com [Wed, 25 Mar 2015 05:12:49 +0000 (05:12 +0000)]
Tried to fix the EWS build.

* platform/spi/cocoa/QuartzCoreSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181931 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoWeb Inspector: IndexedDB / Databases ContentViews should have refresh button
joepeck@webkit.org [Wed, 25 Mar 2015 04:27:33 +0000 (04:27 +0000)]
Web Inspector: IndexedDB / Databases ContentViews should have refresh button
https://bugs.webkit.org/show_bug.cgi?id=142996

Reviewed by Timothy Hatcher.

* Localizations/en.lproj/localizedStrings.js:
Remove unused strings.

* UserInterface/Images/ReloadFull.svg: Added.
This is the same as Reload.svg but adjusted to fill the viewbox edge to edge.
The only change is to the viewbox.

* UserInterface/Protocol/RemoteObject.js:
(WebInspector.RemoteObject.prototype.release):
Some clients would call release not knowing if this was an object or not.
Act gracefully in the case that this was not an object that needs a
remote release.

* UserInterface/Views/DatabaseTableContentView.js:
(WebInspector.DatabaseTableContentView):
(WebInspector.DatabaseTableContentView.prototype.get navigationItems):
(WebInspector.DatabaseTableContentView.prototype._queryError):
(WebInspector.DatabaseTableContentView.prototype._refreshButtonClicked):
* UserInterface/Views/IndexedDatabaseObjectStoreContentView.js:
(WebInspector.IndexedDatabaseObjectStoreContentView):
(WebInspector.IndexedDatabaseObjectStoreContentView.prototype.get navigationItems):
(WebInspector.IndexedDatabaseObjectStoreContentView.prototype._fetchMoreData):
(WebInspector.IndexedDatabaseObjectStoreContentView.prototype._refreshButtonClicked):
Give the storage content views a refresh button to reload the content.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181930 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoSetter should have a single formal parameter, Getter no parameters
joepeck@webkit.org [Wed, 25 Mar 2015 04:20:30 +0000 (04:20 +0000)]
Setter should have a single formal parameter, Getter no parameters
https://bugs.webkit.org/show_bug.cgi?id=142903

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

* parser/Parser.cpp:
(JSC::Parser<LexerType>::parseFunctionInfo):
Enforce no parameters for getters and a single parameter
for setters, with informational error messages.

Source/WebInspectorUI:

* UserInterface/Views/GradientSlider.js:
(WebInspector.GradientSliderKnob.prototype.get wellColor):
Fix a getter that was incorrectly taking a parameter.

LayoutTests:

Correct a bunch of setters in existing tests and add
tests for good/bad getter and setter syntax.

* js/class-syntax-declaration-expected.txt:
* js/dom/exception-sequencing.html:
* js/dom/reserved-words-as-property-expected.txt:
* js/dom/script-tests/implicit-call-with-global-reentry.js:
(testObject.set setterTest):
* js/dom/script-tests/reserved-words-as-property.js:
(testWord):
* js/for-in-cached-expected.txt:
* js/object-literal-direct-put-expected.txt:
* js/object-literal-syntax-expected.txt:
* js/parser-syntax-check-expected.txt:
* js/script-tests/class-syntax-declaration.js:
* js/script-tests/class-syntax-super.js:
(class.Derived.extends.Base.set callBaseMethodInSetter):
(class.Derived.extends.Base.set baseMethodInGetterSetter):
* js/script-tests/for-in-cached.js:
* js/script-tests/object-literal-direct-put.js:
* js/script-tests/object-literal-syntax.js:
* js/script-tests/parser-syntax-check.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181929 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed, rolling out r181898 and r181909.
commit-queue@webkit.org [Wed, 25 Mar 2015 03:52:10 +0000 (03:52 +0000)]
Unreviewed, rolling out r181898 and r181909.
https://bugs.webkit.org/show_bug.cgi?id=143034

Broke fast/regions/auto-size/autoheight-two-pass-layout-
complex-002.html (Requested by ap on #webkit).

Reverted changesets:

"Improve the offsetWidth/Height layout optimization"
https://bugs.webkit.org/show_bug.cgi?id=143008
http://trac.webkit.org/changeset/181898

"Disable layout dimensions optimization for RenderRegions"
https://bugs.webkit.org/show_bug.cgi?id=143017
http://trac.webkit.org/changeset/181909

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181928 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoInspector doesn't get focused when opened in dock mode
rniwa@webkit.org [Wed, 25 Mar 2015 02:37:00 +0000 (02:37 +0000)]
Inspector doesn't get focused when opened in dock mode
https://bugs.webkit.org/show_bug.cgi?id=143030

Reviewed by Anders Carlsson.

The bug was caused by platformBringToFront and platformAttach calling makeFirstResponder on WKWebView,
which aren't intended to become the first responder. Fixed the bug by calling makeFirstResponder on the WKView
subview of the WKWebView, which is intended to be used as the first responder on behalf of the web view.

* UIProcess/mac/WebInspectorProxyMac.mm:
(WebKit::WebInspectorProxy::platformBringToFront):
(WebKit::WebInspectorProxy::platformAttach):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181927 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[WK2] Responses with 302 HTTP Status Code should not be cached
cdumez@apple.com [Wed, 25 Mar 2015 02:18:10 +0000 (02:18 +0000)]
[WK2] Responses with 302 HTTP Status Code should not be cached
https://bugs.webkit.org/show_bug.cgi?id=143028
<rdar://problem/19714040>

Reviewed by Antti Koivisto.

Source/WebKit2:

Responses with 302 HTTP Status Code should not be cached as per
RFC 7231:
http://tools.ietf.org/html/rfc7231#section-6.1

This patch updates our disk cache policy accordingly.

Test: http/tests/cache/disk-cache/disk-cache-302-status-code.html

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::canStore):

LayoutTests:

Add layout test to check that responses with 302 HTTP Status Code
are not cached.

* http/tests/cache/disk-cache/disk-cache-302-status-code-expected.txt: Added.
* http/tests/cache/disk-cache/disk-cache-302-status-code.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181926 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoScripts running in isolated world should not subject to a page's CSP about 'eval'.
commit-queue@webkit.org [Wed, 25 Mar 2015 01:28:28 +0000 (01:28 +0000)]
Scripts running in isolated world should not subject to a page's CSP about 'eval'.
https://bugs.webkit.org/show_bug.cgi?id=141316.

Patch by Zhuo Li <zachli@apple.com> on 2015-03-24
Reviewed by Geoffrey Garen.

Source/WebCore:

* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::initScript):
We should not impose the main world Content Security Policy onto the isolated world.

LayoutTests:

I added a new Content Security Policy directive, "script-src", so that we do not
allow 'unsafe-eval' in the main world.

Also I have to copy the whole function instead of using eval because
eval is subject to the main world Content Security Policy now.

* http/tests/security/isolatedWorld/bypass-main-world-csp-expected.txt:
* http/tests/security/isolatedWorld/bypass-main-world-csp.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181925 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoES6: Classes: Early return in sub-class constructor results in returning undefined...
joepeck@webkit.org [Wed, 25 Mar 2015 01:18:18 +0000 (01:18 +0000)]
ES6: Classes: Early return in sub-class constructor results in returning undefined instead of instance
https://bugs.webkit.org/show_bug.cgi?id=143012

Reviewed by Ryosuke Niwa.

Source/JavaScriptCore:

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitReturn):
Fix handling of "undefined" when returned from a Derived class. It was
returning "undefined" when it should have returned "this".

LayoutTests:

* js/class-constructor-return-expected.txt: Added.
* js/class-constructor-return.html: Added.
* js/script-tests/class-constructor-return.js: Added.
New test covering different return values from constructors.

* js/class-syntax-super-expected.txt:
* js/script-tests/class-syntax-super.js:
Fix test. Returning undefined is the same as an implicit return
and should return `this`.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181924 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[Mac] Use .cpp file extension instead of .mm for SharedTimerCF and PowerObserverMac
cdumez@apple.com [Wed, 25 Mar 2015 00:55:11 +0000 (00:55 +0000)]
[Mac] Use .cpp file extension instead of .mm for SharedTimerCF and PowerObserverMac
https://bugs.webkit.org/show_bug.cgi?id=143026

Reviewed by Andy Estes.

Use .cpp file extension instead of .mm for SharedTimerCF and
PowerObserverMac.

* WebCore.xcodeproj/project.pbxproj:
* platform/cf/SharedTimerCF.cpp: Renamed from Source/WebCore/platform/cf/SharedTimerCF.mm.
(WebCore::timerFired):
Use WTF::AutodrainedPool instead of @autoreleasepool {}.

* platform/mac/PowerObserverMac.cpp: Renamed from Source/WebCore/platform/mac/PowerObserverMac.mm.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181923 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoREGRESSION (r181458): Heap use-after-free in JSSetIterator destructor
ggaren@apple.com [Wed, 25 Mar 2015 00:19:05 +0000 (00:19 +0000)]
REGRESSION (r181458): Heap use-after-free in JSSetIterator destructor
https://bugs.webkit.org/show_bug.cgi?id=142696

Reviewed and tweaked by Geoffrey Garen.

Source/JavaScriptCore:

Before r142556, JSSetIterator::destroy was not defined.
So accidentally MapData::const_iterator in JSSet was never destroyed.
But it had non trivial destructor, decrementing MapData->m_iteratorCount.

After r142556, JSSetIterator::destroy works.
It correctly destruct MapData::const_iterator and m_iteratorCount partially works.
But JSSetIterator::~JSSetIterator requires owned JSSet since it mutates MapData->m_iteratorCount.

It is guaranteed that JSSet is live since JSSetIterator has a reference to JSSet
and marks it in visitChildren (WriteBarrier<Unknown>).
However, the order of destructions is not guaranteed in GC-ed system.

Consider the following case,
allocate JSSet and subsequently allocate JSSetIterator.
And they resides in the separated MarkedBlock, <1> and <2>.

JSSet<1> <- JSSetIterator<2>

And after that, when performing GC, Marker decides that the above 2 objects are not marked.
And Marker also decides MarkedBlocks <1> and <2> can be sweeped.

First Sweeper sweep <1>, destruct JSSet<1> and free MarkedBlock<1>.
Second Sweeper sweep <2>, attempt to destruct JSSetIterator<2>.
However, JSSetIterator<2>'s destructor,
JSSetIterator::~JSSetIterator requires live JSSet<1>, it causes use-after-free.

In this patch, we introduce WeakGCMap into JSMap/JSSet to track live iterators.
When packing the removed elements in JSSet/JSMap, we apply the change to all live
iterators tracked by WeakGCMap.

WeakGCMap can only track JSCell since they are managed by GC.
So we drop JSSet/JSMap C++ style iterators. Instead of C++ style iterator, this patch
introduces JS style iterator signatures into C++ class IteratorData.
If we need to iterate over JSMap/JSSet, use JSSetIterator/JSMapIterator instead of using
IteratorData directly.

Patch by Yusuke Suzuki <utatane.tea@gmail.com> on 2015-03-24

* runtime/JSMap.cpp:
(JSC::JSMap::destroy):
* runtime/JSMap.h:
(JSC::JSMap::JSMap):
(JSC::JSMap::begin): Deleted.
(JSC::JSMap::end): Deleted.
* runtime/JSMapIterator.cpp:
(JSC::JSMapIterator::destroy):
* runtime/JSMapIterator.h:
(JSC::JSMapIterator::next):
(JSC::JSMapIterator::nextKeyValue):
(JSC::JSMapIterator::iteratorData):
(JSC::JSMapIterator::JSMapIterator):
* runtime/JSSet.cpp:
(JSC::JSSet::destroy):
* runtime/JSSet.h:
(JSC::JSSet::JSSet):
(JSC::JSSet::begin): Deleted.
(JSC::JSSet::end): Deleted.
* runtime/JSSetIterator.cpp:
(JSC::JSSetIterator::destroy):
* runtime/JSSetIterator.h:
(JSC::JSSetIterator::next):
(JSC::JSSetIterator::iteratorData):
(JSC::JSSetIterator::JSSetIterator):
* runtime/MapData.h:
(JSC::MapDataImpl::IteratorData::finish):
(JSC::MapDataImpl::IteratorData::isFinished):
(JSC::MapDataImpl::shouldPack):
(JSC::JSIterator>::MapDataImpl):
(JSC::JSIterator>::KeyType::KeyType):
(JSC::JSIterator>::IteratorData::IteratorData):
(JSC::JSIterator>::IteratorData::next):
(JSC::JSIterator>::IteratorData::ensureSlot):
(JSC::JSIterator>::IteratorData::applyMapDataPatch):
(JSC::JSIterator>::IteratorData::refreshCursor):
(JSC::MapDataImpl::const_iterator::key): Deleted.
(JSC::MapDataImpl::const_iterator::value): Deleted.
(JSC::MapDataImpl::const_iterator::operator++): Deleted.
(JSC::MapDataImpl::const_iterator::finish): Deleted.
(JSC::MapDataImpl::const_iterator::atEnd): Deleted.
(JSC::MapDataImpl::begin): Deleted.
(JSC::MapDataImpl::end): Deleted.
(JSC::MapDataImpl<Entry>::MapDataImpl): Deleted.
(JSC::MapDataImpl<Entry>::clear): Deleted.
(JSC::MapDataImpl<Entry>::KeyType::KeyType): Deleted.
(JSC::MapDataImpl<Entry>::const_iterator::internalIncrement): Deleted.
(JSC::MapDataImpl<Entry>::const_iterator::ensureSlot): Deleted.
(JSC::MapDataImpl<Entry>::const_iterator::const_iterator): Deleted.
(JSC::MapDataImpl<Entry>::const_iterator::~const_iterator): Deleted.
(JSC::MapDataImpl<Entry>::const_iterator::operator): Deleted.
(JSC::=): Deleted.
* runtime/MapDataInlines.h:
(JSC::JSIterator>::clear):
(JSC::JSIterator>::find):
(JSC::JSIterator>::contains):
(JSC::JSIterator>::add):
(JSC::JSIterator>::set):
(JSC::JSIterator>::get):
(JSC::JSIterator>::remove):
(JSC::JSIterator>::replaceAndPackBackingStore):
(JSC::JSIterator>::replaceBackingStore):
(JSC::JSIterator>::ensureSpaceForAppend):
(JSC::JSIterator>::visitChildren):
(JSC::JSIterator>::copyBackingStore):
(JSC::JSIterator>::applyMapDataPatch):
(JSC::MapDataImpl<Entry>::find): Deleted.
(JSC::MapDataImpl<Entry>::contains): Deleted.
(JSC::MapDataImpl<Entry>::add): Deleted.
(JSC::MapDataImpl<Entry>::set): Deleted.
(JSC::MapDataImpl<Entry>::get): Deleted.
(JSC::MapDataImpl<Entry>::remove): Deleted.
(JSC::MapDataImpl<Entry>::replaceAndPackBackingStore): Deleted.
(JSC::MapDataImpl<Entry>::replaceBackingStore): Deleted.
(JSC::MapDataImpl<Entry>::ensureSpaceForAppend): Deleted.
(JSC::MapDataImpl<Entry>::visitChildren): Deleted.
(JSC::MapDataImpl<Entry>::copyBackingStore): Deleted.
* runtime/MapPrototype.cpp:
(JSC::mapProtoFuncForEach):
* runtime/SetPrototype.cpp:
(JSC::setProtoFuncForEach):
* runtime/WeakGCMap.h:
(JSC::WeakGCMap::forEach):
* tests/stress/modify-map-during-iteration.js: Added.
(testValue):
(identityPairs):
(.set if):
(var):
(set map):
* tests/stress/modify-set-during-iteration.js: Added.
(testValue):
(set forEach):
(set delete):

Source/WebCore:

Use JSSetIterator/JSMapIterator to iterate over JSSet and JSMap.

Patch by Yusuke Suzuki <utatane.tea@gmail.com> on 2015-03-24

* ForwardingHeaders/runtime/JSMapIterator.h: Added.
* ForwardingHeaders/runtime/JSSetIterator.h: Added.
* bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneSerializer::serialize):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181922 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoFix crash in WebKit::RemoteObjectRegistry::sendInvocation
andersca@apple.com [Tue, 24 Mar 2015 23:54:04 +0000 (23:54 +0000)]
Fix crash in WebKit::RemoteObjectRegistry::sendInvocation
https://bugs.webkit.org/show_bug.cgi?id=143027
rdar://problem/20208674

Reviewed by Sam Weinig.

* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
(-[WKWebProcessPlugInBrowserContextController dealloc]):
Make sure to invalidate the _WKRemoteObjectRegistry like we do in the UI process.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181921 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[WK2] Responses with 204 HTTP Status Code should be cacheable by default
cdumez@apple.com [Tue, 24 Mar 2015 23:46:03 +0000 (23:46 +0000)]
[WK2] Responses with 204 HTTP Status Code should be cacheable by default
https://bugs.webkit.org/show_bug.cgi?id=143020
<rdar://problem/20281529>

Reviewed by Antti Koivisto.

Source/WebKit2:

Make responses with 204 HTTP Status Code cacheable by default, as
per RFC 7231:
http://tools.ietf.org/html/rfc7231#section-6.3.5

Test: http/tests/cache/disk-cache/disk-cache-204-status-code.html

* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::canStore):

LayoutTests:

Add test to make sure that responses with 204 HTTP Status Code are
cacheable by default.

* http/tests/cache/disk-cache/disk-cache-204-status-code-expected.txt: Added.
* http/tests/cache/disk-cache/disk-cache-204-status-code.html: Added.
* http/tests/cache/disk-cache/resources/cache-test.js:
Re-introduce support for generating responses with only headers (no body).
This was mistakenly dropped when I rebased my patch for r181895.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181920 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years ago[iOS] Remove unused keyboard code in WKSelectPopover class.
enrica@apple.com [Tue, 24 Mar 2015 23:37:34 +0000 (23:37 +0000)]
[iOS] Remove unused keyboard code in WKSelectPopover class.
https://bugs.webkit.org/show_bug.cgi?id=143021

Reviewed by Joseph Pecoraro.

WKSelectPopover created an instance of UIKeyboard that was
initialized in initWithView but never used. Removing the
obsolete code.

* UIProcess/ios/forms/WKFormSelectPopover.mm:
(-[WKSelectPopover initWithView:hasGroups:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181919 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoTried to fix the iOS Simulator build.
mitz@apple.com [Tue, 24 Mar 2015 23:25:47 +0000 (23:25 +0000)]
Tried to fix the iOS Simulator build.

* platform/spi/cocoa/QuartzCoreSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181918 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoMake URL filter patterns matching consistent and add a simple canonicalization step
benjamin@webkit.org [Tue, 24 Mar 2015 23:24:36 +0000 (23:24 +0000)]
Make URL filter patterns matching consistent and add a simple canonicalization step
https://bugs.webkit.org/show_bug.cgi?id=142998

Patch by Benjamin Poulain <bpoulain@apple.com> on 2015-03-24
Reviewed by Alex Christensen.

Source/WebCore:

This patch makes two changes to the url filter input:
-Make the matching "Search" by default, the pattern can now appear anywhere
 in the URL by default.
-Make the input a little less fragile: do not explode on valid input
 that is not formatted in a certain way.

To implement the search behavior, I simply add an implict ".*" in front of the patterns
when that make sense.

To make the input more solid, we do some little modification on the input:
-Remove duplicated ".*".
-Remove matching suffixes that do not bring new information.
-Unify all the ".*" in the same format.

Why do that here? That should be done through a graph analysis on the machine.

The reason is this is incredibly cheap compared to the graph analysis. Any state
removed upfront will save the handling of several hundred nodes in the deterministic
graph.

* contentextensions/URLFilterParser.cpp:
(WebCore::ContentExtensions::Term::isKnownToMatchAnyString):
(WebCore::ContentExtensions::Term::isUniversalTransition):
(WebCore::ContentExtensions::GraphBuilder::finalize):
(WebCore::ContentExtensions::GraphBuilder::assertionBOL):
(WebCore::ContentExtensions::GraphBuilder::fail):
(WebCore::ContentExtensions::GraphBuilder::simplifySunkTerms):

Tools:

* TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181917 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoWeb Inspector: REGRESSION (r179286): ReferenceError: Can't find variable: selector
commit-queue@webkit.org [Tue, 24 Mar 2015 23:10:30 +0000 (23:10 +0000)]
Web Inspector: REGRESSION (r179286): ReferenceError: Can't find variable: selector
https://bugs.webkit.org/show_bug.cgi?id=143022

Patch by Tobias Reiss <tobi+webkit@basecode.de> on 2015-03-24
Reviewed by Timothy Hatcher.

Fix a regression where a missing variable statement causes a ReferenceError.

* UserInterface/Models/DOMNodeStyles.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181916 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoRegression(r181671): Caused Timer-related crashes on iOS / WK1
cdumez@apple.com [Tue, 24 Mar 2015 23:10:03 +0000 (23:10 +0000)]
Regression(r181671): Caused Timer-related crashes on iOS / WK1
https://bugs.webkit.org/show_bug.cgi?id=143025

Reviewed by Andy Estes.

Call CFRunLoopAddTimer() on WebThreadRunLoop() instead of
CFRunLoopGetCurrent() for iOS, as we did before r181671.

I inadvertently changed this in r181671 when merging the Mac
and iOS implementations.

No new tests, already covered by existing tests.

* platform/cf/SharedTimerCF.mm:
(WebCore::setSharedTimerFireInterval):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181915 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoThe ExecutionTimeLimit test should use its own JSGlobalContextRef.
mark.lam@apple.com [Tue, 24 Mar 2015 22:56:03 +0000 (22:56 +0000)]
The ExecutionTimeLimit test should use its own JSGlobalContextRef.
<https://webkit.org/b/143024>

Reviewed by Geoffrey Garen.

Currently, the ExecutionTimeLimit test is using a JSGlobalContextRef
passed in from testapi.c.  It should create its own for better
encapsulation of the test.

* API/tests/ExecutionTimeLimitTest.cpp:
(currentCPUTimeAsJSFunctionCallback):
(testExecutionTimeLimit):
* API/tests/ExecutionTimeLimitTest.h:
* API/tests/testapi.c:
(main):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181914 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAnother attempted test fix after http://trac.webkit.org/changeset/181907
bdakin@apple.com [Tue, 24 Mar 2015 22:55:23 +0000 (22:55 +0000)]
Another attempted test fix after trac.webkit.org/changeset/181907

* platform/mac/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181913 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoWeb Inspector: Adopt ES6 Class Syntax for CSSStyleDeclarationTextEditor
commit-queue@webkit.org [Tue, 24 Mar 2015 22:54:07 +0000 (22:54 +0000)]
Web Inspector: Adopt ES6 Class Syntax for CSSStyleDeclarationTextEditor
https://bugs.webkit.org/show_bug.cgi?id=143019

Patch by Tobias Reiss <tobi+webkit@basecode.de> on 2015-03-24
Reviewed by Timothy Hatcher.

- Convert CSSStyleDeclarationTextEditor to use class syntax
- Convert constructor functions to constructor methods
- Convert "constructor.method" to class static methods where possible
- Convert all methods to method syntax, eliminate commas between methods
- Convert all superclass calls in classes to use "super"
- Removed FIXME from WebInspector.Object subclasses, added calls to super.
- Fixed strict mode issues now that classes enforce strict mode (see below).

* UserInterface/Views/CSSStyleDeclarationTextEditor.js:
Many function declarations modified.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181912 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAttempted test fix after http://trac.webkit.org/changeset/181907
bdakin@apple.com [Tue, 24 Mar 2015 22:47:55 +0000 (22:47 +0000)]
Attempted test fix after trac.webkit.org/changeset/181907

* platform/mac-mavericks/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181911 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoSource/WebCore:
mitz@apple.com [Tue, 24 Mar 2015 22:47:53 +0000 (22:47 +0000)]
Source/WebCore:
WebCore part of <rdar://problem/20282863> Transforms are flattened in snapshots of on-screen WKWebViews
https://bugs.webkit.org/show_bug.cgi?id=143023

Reviewed by Tim Horton.

* platform/spi/cocoa/QuartzCoreSPI.h: Added the declaration of
CARenderServerRenderLayerWithTransform.

Source/WebKit2:
WebKit2 part of <rdar://problem/20282863> Transforms are flattened in snapshots of on-screen WKWebViews
https://bugs.webkit.org/show_bug.cgi?id=143023

Reviewed by Tim Horton.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _snapshotRect:intoImageOfWidth:completionHandler:]): If the view is in a
window, use CARenderServerRenderLayerWithTransform to synchronously capture a snapshot of
its layer tree into an IOSurfcae, then call the completion handler with an image created
from the IOSurface.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181910 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoDisable layout dimensions optimization for RenderRegions
hyatt@apple.com [Tue, 24 Mar 2015 21:50:32 +0000 (21:50 +0000)]
Disable layout dimensions optimization for RenderRegions
https://bugs.webkit.org/show_bug.cgi?id=143017

Reviewed by Dean Jackson.

* dom/Document.cpp:
(WebCore::Document::updateLayoutIfDimensionsOutOfDate):
Turn off the optimization for regions, since auto height regions can change size
without needing a layout.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181909 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoUnreviewed gardening after r181901.
joepeck@webkit.org [Tue, 24 Mar 2015 21:39:05 +0000 (21:39 +0000)]
Unreviewed gardening after r181901.

* platform/mac/http/tests/media/media-source/mediasource-sourcebuffer-mode-expected.txt:
Update the expected results for platform specific results that include
a stringified function.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181908 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 years agoAdd events related to force click gesture
bdakin@apple.com [Tue, 24 Mar 2015 21:31:28 +0000 (21:31 +0000)]
Add events related to force click gesture
https://bugs.webkit.org/show_bug.cgi?id=142836
-and corresponding-
rdar://problem/20210239

Reviewed by Dean Jackson.

Source/WebCore:

This patch adds six new events for the force click gesture:

webkitmouseforcewillbegin -> Event is sent just before mousedown to indicate that
force can be perceived if the user presses any harder. The author should prevent
default on this event to both prevent the user agent’s default force click
features and to receive the other 5 events.

webkitmouseforcechanged -> This event fires whenever force changes between the
mousedown and mouseup. It is a new type of mouse event that includes a force
variable which is a normalized number between 0 (corresponds to click) and 1
(corresponds to force click). In this patch, I have only added code to send this
event between mousedown and mouseforcedown, but as a followup patch, we plan to
send it through mouseup.

webkitmouseforcecancelled -> If the user releases their finger from the trackpad
after pressing hard enough to send webkitmouseforcewillbegin events but not hard
enough to force click, this event will be sent to indicate that the user bailed
out on the gesture.

webkitmouseforcedown -> The down part of the force click.

webkitmouseforceup -> The up part of the force click. This event is added in this
patch, but does not yet fire. That is work for a follow-up patch.

webkitmouseforceclick -> The equivalent of the click event for the force click.
Should fire just after webkitmouseforceup. This event is added in this patch, but
does not yet fire. That is work for a follow-up patch.

Add new files for WebKitMouseForceEvent to build systems.
* DerivedSources.cpp:
* DerivedSources.make:
* WebCore.vcxproj/WebCore.vcxproj:
* WebCore.vcxproj/WebCore.vcxproj.filters:
* WebCore.xcodeproj/project.pbxproj:
* WebCore.xcodeproj/project.pbxproj:

Plumbing for new events.
* dom/Document.idl:

Code to dispatch the new events. Currently the code that calls these functions is
in WebKit2.
* dom/Element.cpp:
(WebCore::Element::dispatchMouseForceWillBegin):
(WebCore::Element::dispatchMouseForceChanged):
(WebCore::Element::dispatchMouseForceDown):
(WebCore::Element::dispatchMouseForceUp):
(WebCore::Element::dispatchMouseForceClick):
(WebCore::Element::dispatchMouseForceCancelled):
* dom/Element.h:

More plumbing.
* dom/Element.idl:
* dom/EventNames.h:
* dom/EventNames.in:

Our new type of mouse event that includes force.
* dom/WebKitMouseForceEvent.cpp: Added.
(WebCore::WebKitMouseForceEventInit::WebKitMouseForceEventInit):
(WebCore::WebKitMouseForceEvent::WebKitMouseForceEvent):
(WebCore::WebKitMouseForceEvent::~WebKitMouseForceEvent):
(WebCore::WebKitMouseForceEvent::eventInterface):
* dom/WebKitMouseForceEvent.h: Added.
* dom/WebKitMouseForceEvent.idl: Added.

More plumbing.
* html/HTMLAttributeNames.in:
* html/HTMLBodyElement.cpp:
(WebCore::HTMLBodyElement::createWindowEventHandlerNameMap):
* html/HTMLBodyElement.idl:
* html/HTMLElement.cpp:
(WebCore::HTMLElement::createEventHandlerNameMap):
* page/DOMWindow.idl:
* page/EventHandler.h:
(WebCore::EventHandler::lastMouseDownEvent):

Source/WebKit2:

ActionMenuHitTestResult has a new bool indicating whether to not the HitTestResult
will prevent default.
* Shared/mac/ActionMenuHitTestResult.h:
* Shared/mac/ActionMenuHitTestResult.mm:
(WebKit::ActionMenuHitTestResult::encode):
(WebKit::ActionMenuHitTestResult::decode):

Send immediateActionDidUpdate and the normalized force over the the WebProcess.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::immediateActionDidUpdate):
* UIProcess/WebPageProxy.h:

We need a dummy animation controller when web content is overriding the default
behavior.
* UIProcess/mac/WKImmediateActionController.mm:

Send along the update information.
(-[WKImmediateActionController immediateActionRecognizerDidUpdateAnimation:]):

Use the dummy animation controller if default has been prevented.
(-[WKImmediateActionController _defaultAnimationController]):
(-[WKImmediateActionController _updateImmediateActionItem]):

Keep track of whether m_lastActionMenuHitTes prevented the default immediate
action behavior.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::WebPage):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:

Call dispatchMouseForceMayBegin() at hit test time.
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::performActionMenuHitTestAtLocation):

Call dispatchMouseForceChanged() if appropriate.
(WebKit::WebPage::immediateActionDidUpdate):

Call dispatchMouseForceCancelled() if appropriate.
(WebKit::WebPage::immediateActionDidCancel):

Call dispatchMouseForceDown() if appropriate.
(WebKit::WebPage::immediateActionDidComplete):

Source/WTF:

New enable flag for the events.
* wtf/FeatureDefines.h:

LayoutTests:

* fast/dom/event-handler-attributes-expected.txt:
* fast/dom/event-handler-attributes.html:
* platform/mac/js/dom/global-constructors-attributes-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181907 268f45cc-cd09-0410-ab3c-d52691b4dbfc