Context Navigation

← Previous Period
Next Period →

Timeline

Apr 18, 2018:

10:38 PM Changeset in webkit [230796] by Ross Kirsling

2 edits in trunk/Tools

[WinCairo][EWS] Build bot should clean user temp directory each time.
https://bugs.webkit.org/show_bug.cgi?id=184761

Reviewed by Lucas Forschler.

EWSTools/Start-Queue.ps1:

Clean user's temp directory before each build, so that Windows git doesn't fill it up over time.

9:19 PM Changeset in webkit [230795] by dbates@webkit.org

3 edits in trunk/Source/WebCore

Cleanup TextControlInnerElements
https://bugs.webkit.org/show_bug.cgi?id=184475

Reviewed by Antti Koivisto.

Clean up TextControlInnerElement::resolveCustomStyle(), move the implementation of
TextControlPlaceholderElement::create() from the header to the cpp file, replace
fancy comments to demarcate classes with MARK: so that they show up in Xcode's
function menu.

html/shadow/TextControlInnerElements.cpp:

(WebCore::TextControlInnerElement::resolveCustomStyle):
(WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
(WebCore::TextControlPlaceholderElement::create):

html/shadow/TextControlInnerElements.h:

9:02 PM Changeset in webkit [230794] by Chris Dumez

26 edits
2 moves in trunk/Source

Rename WindowProxyController to WindowProxy
https://bugs.webkit.org/show_bug.cgi?id=184756

Reviewed by Sam Weinig.

Rename WindowProxyController to WindowProxy for clarity. When the IDL uses WindowProxy, the implementation
needed use WindowProxyController type, which was a bit confusing.

Source/WebCore:

Sources.txt:
WebCore.xcodeproj/project.pbxproj:
bindings/js/DOMWrapperWorld.cpp:

(WebCore::DOMWrapperWorld::~DOMWrapperWorld):
(WebCore::DOMWrapperWorld::clearWrappers):

bindings/js/DOMWrapperWorld.h:

(WebCore::DOMWrapperWorld::didCreateWindowProxy):
(WebCore::DOMWrapperWorld::didDestroyWindowProxy):

bindings/js/JSBindingsAllInOne.cpp:
bindings/js/JSDOMWindowBase.cpp:

(WebCore::toJS):

bindings/js/JSDOMWindowProxy.cpp:

(WebCore::toJS):
(WebCore::toJSDOMWindowProxy):

bindings/js/JSDOMWindowProxy.h:

(WebCore::toJS):
(WebCore::toJSDOMWindowProxy):

bindings/js/ScriptCachedFrameData.cpp:

(WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
(WebCore::ScriptCachedFrameData::restore):

bindings/js/ScriptController.cpp:

(WebCore::ScriptController::evaluateInWorld):
(WebCore::ScriptController::loadModuleScriptInWorld):
(WebCore::ScriptController::linkAndEvaluateModuleScriptInWorld):
(WebCore::ScriptController::evaluateModule):
(WebCore::ScriptController::setupModuleScriptHandlers):
(WebCore::ScriptController::windowProxy):
(WebCore::ScriptController::enableEval):
(WebCore::ScriptController::enableWebAssembly):
(WebCore::ScriptController::disableEval):
(WebCore::ScriptController::disableWebAssembly):
(WebCore::ScriptController::updateDocument):
(WebCore::ScriptController::collectIsolatedContexts):
(WebCore::ScriptController::windowScriptNPObject):
(WebCore::ScriptController::executeIfJavaScriptURL):

bindings/js/ScriptController.h:

(WebCore::ScriptController::globalObject):

bindings/js/ScriptControllerMac.mm:

(WebCore::ScriptController::windowScriptObject):

bindings/js/ScriptState.cpp:

(WebCore::mainWorldExecState):

bindings/js/WindowProxy.cpp: Renamed from Source/WebCore/bindings/js/WindowProxyController.cpp.

(WebCore::WindowProxy::WindowProxy):
(WebCore::WindowProxy::~WindowProxy):
(WebCore::WindowProxy::destroyJSWindowProxy):
(WebCore::WindowProxy::createJSWindowProxy):
(WebCore::WindowProxy::jsWindowProxiesAsVector const):
(WebCore::WindowProxy::createJSWindowProxyWithInitializedScript):
(WebCore::WindowProxy::clearJSWindowProxiesNotMatchingDOMWindow):
(WebCore::WindowProxy::setDOMWindow):
(WebCore::WindowProxy::attachDebugger):

bindings/js/WindowProxy.h: Renamed from Source/WebCore/bindings/js/WindowProxyController.h.

(WebCore::WindowProxy::jsWindowProxies const):
(WebCore::WindowProxy::releaseJSWindowProxies):
(WebCore::WindowProxy::setJSWindowProxies):
(WebCore::WindowProxy::jsWindowProxy):
(WebCore::WindowProxy::existingJSWindowProxy const):
(WebCore::WindowProxy::globalObject):

loader/FrameLoader.cpp:

(WebCore::FrameLoader::clear):
(WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):

page/AbstractFrame.cpp:

(WebCore::AbstractFrame::AbstractFrame):

page/AbstractFrame.h:

(WebCore::AbstractFrame::windowProxy):
(WebCore::AbstractFrame::windowProxy const):

page/Page.cpp:

(WebCore::Page::setDebugger):

page/RemoteDOMWindow.cpp:

(WebCore::RemoteDOMWindow::self const):
(WebCore::RemoteDOMWindow::top const):
(WebCore::RemoteDOMWindow::opener const):
(WebCore::RemoteDOMWindow::parent const):

page/RemoteDOMWindow.h:

Source/WebKit:

WebProcess/Plugins/PluginView.cpp:

(WebKit::PluginView::windowScriptNPObject):

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::frameBecameRemote):

Source/WebKitLegacy/mac:

Plugins/Hosted/NetscapePluginInstanceProxy.mm:

(WebKit::NetscapePluginInstanceProxy::getWindowNPObject):

WebView/WebFrame.mm:

(-[WebFrame _attachScriptDebugger]):

7:05 PM Changeset in webkit [230793] by Kocsen Chung

7 edits in branches/safari-605-branch/Source

Versioning.

6:38 PM Changeset in webkit [230792] by Kocsen Chung

1 copy in tags/Safari-605.2.5

Tag Safari-605.2.5.

5:47 PM Changeset in webkit [230791] by youenn@apple.com

13 edits
6 copies in trunk

LayoutTests/imported/w3c:
Allow cross-origin redirections for synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=184723

Reviewed by Alex Christensen.

web-platform-tests/XMLHttpRequest/access-control-and-redirects-expected.txt:

Source/WebKit:
Allow SameOrigin credentials handling for synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=184723

Reviewed by Alex Christensen.

In case of SameOrigin credentials, we need to stop the current load
in case of cross origin redirection to restart a load with a different session.
Covered by updated WK2 tests.
Rebased WK1 tests since this is Wk1 only.

NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::startNetworkLoad):
(WebKit::NetworkResourceLoader::willSendRedirectedRequest):

NetworkProcess/NetworkResourceLoader.h:

LayoutTests:
Allow SameOrigin credentials handling for synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=184723

Reviewed by Alex Christensen.

http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
http/tests/xmlhttprequest/access-control-and-redirects.html:
http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt:
http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt:
http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt:
platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt.
platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt.
platform/mac-wk1/http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt.
platform/win/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-post-sync-expected.txt.
platform/win/http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/redirect-cross-origin-sync-expected.txt.
platform/win/http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt: Copied from LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt.

4:40 PM Changeset in webkit [230790] by Ross Kirsling

2 edits in trunk/Tools

Buildbots using Python zipfile should enable compression
https://bugs.webkit.org/show_bug.cgi?id=184759

Reviewed by Lucas Forschler.

BuildSlaveSupport/built-product-archive:

(createZipManually):
Default is to archive without compressing, so tell it to compress as well.

3:27 PM Changeset in webkit [230789] by Chris Dumez

19 edits
1 copy in trunk

Set RemoteDOMWindow's initial opener
https://bugs.webkit.org/show_bug.cgi?id=184716

Reviewed by Sam Weinig.

Source/WebCore:

Add support for WindowProxy type in the IDL. The implementation should
return a WindowProxyController and toJS() will take care of converting
this into a JSValue via JSDOMWindowProxy.

No new tests, rebaselined existing test.

WebCore.xcodeproj/project.pbxproj:
bindings/IDLTypes.h:
bindings/js/JSDOMConvertWindowProxy.h: Added.

(WebCore::JSConverter<IDLWindowProxy>::convert):

bindings/js/JSDOMWindowBase.cpp:

(WebCore::toJS):

bindings/js/JSDOMWindowBase.h:

(WebCore::toJS):

bindings/js/JSDOMWindowProxy.cpp:

(WebCore::toJS):
(WebCore::toJSDOMWindowProxy):

bindings/js/JSDOMWindowProxy.h:

(WebCore::toJS):
(WebCore::toJSDOMWindowProxy):

bindings/js/JSRemoteDOMWindowBase.cpp:
bindings/js/JSRemoteDOMWindowBase.h:
bindings/scripts/CodeGenerator.pm:

(IsBuiltinType):

bindings/scripts/CodeGeneratorJS.pm:

(AddToIncludesForIDLType):
(GetBaseIDLType):

page/RemoteDOMWindow.cpp:

(WebCore::RemoteDOMWindow::self const):
(WebCore::RemoteDOMWindow::top const):
(WebCore::RemoteDOMWindow::opener const):
(WebCore::RemoteDOMWindow::parent const):

page/RemoteDOMWindow.h:
page/RemoteDOMWindow.idl:
page/RemoteFrame.h:

Source/WebKit:

When a frame becomes remote, transfer the frame opener from the old
frame to the new remote one.

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::frameBecameRemote):

LayoutTests:

Rebaseline existing test now that remoteWindow.opener now returns
its initial opener.

http/tests/navigation/process-swap-window-open-expected.txt:

3:13 PM Changeset in webkit [230788] by dino@apple.com

11 edits
3 adds in trunk

Detect system preview links
https://bugs.webkit.org/show_bug.cgi?id=184753
<rdar://problem/39500514>

Reviewed by Antoine Quint.

Source/WebCore:

Detect a special type of link anchor, which we're calling System Previews.
Ultimately this will allow WebKit to present such links in a special
way.

A System Preview link is an <a> element, with a rel attribute that
includes "system-preview". It has a single element child, which is
either an <img> or a <picture>.

Test: system-preview/detection.html

html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::relList): Add braces.
(WebCore::HTMLAnchorElement::isSystemPreviewLink const): New
function.

html/HTMLAnchorElement.h:

html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::isSystemPreviewImage const): Ask the
parent if it is a system preview link.

html/HTMLImageElement.h:
html/HTMLPictureElement.cpp:

(WebCore::HTMLPictureElement::isSystemPreviewImage const): Ditto.

html/HTMLPictureElement.h:

testing/Internals.cpp: Testing helpers.

(WebCore::Internals::systemPreviewRelType):
(WebCore::Internals::isSystemPreviewLink const):
(WebCore::Internals::isSystemPreviewImage const):

testing/Internals.h:
testing/Internals.idl:

LayoutTests:

system-preview/detection-expected.txt: Added.
system-preview/detection.html: Added.

3:03 PM Changeset in webkit [230787] by Ryan Haddad

2 edits in trunk/LayoutTests

Skip animations/missing-from-to.html on mac-wk1 debug.
https://bugs.webkit.org/show_bug.cgi?id=184569

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

3:01 PM Changeset in webkit [230786] by Antti Koivisto

2 edits in trunk/Source/WebCore

:active pseudo class doesn't deactivate when using pressure sensitive trackpad
https://bugs.webkit.org/show_bug.cgi?id=181680

Reviewed by Beth Dakin.

Trackpad sends a mouse force event with force of zero after mouse up event. This causes the element under cursor
activate again.

Even a fake event test doesn't appear to be currently possible as TestRunner crashes if you try to send mouseForceChanged.
All the tests using it are skipped.

page/EventHandler.cpp:

(WebCore::EventHandler::handleMouseForceEvent):

Don't add HitTestRequest::Active if the force of the force event is zero.

2:54 PM Changeset in webkit [230785] by Megan Gardner

2 edits in trunk/Source/WebCore

Ensure correct screen sizes
https://bugs.webkit.org/show_bug.cgi?id=184757

Reviewed by Wenson Hsieh.

Make sure that the screen sizes are actually correct.

Not currently testable, will add tests when it is.

platform/ios/PlatformScreenIOS.mm:

2:43 PM Changeset in webkit [230784] by mitz@apple.com

9 copies
1 add in releases/Apple/Safari Technology Preview 54

Added a tag for Safari Technology Preview release 54.

2:26 PM Changeset in webkit [230783] by youenn@apple.com

2 edits in trunk/Source/WebKit

NetworkResourceLoader should not clean itself inside didReceiveResponse
https://bugs.webkit.org/show_bug.cgi?id=184754

Reviewed by Chris Dumez.

Delay the cleanup to after the didReceiveResponse call so that NetworkLoad can terminate its work.
Covered by XHR sync tests no longer crashing on GuardMalloc bots.

NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::didReceiveResponse):

2:21 PM Changeset in webkit [230782] by n_wang@apple.com

9 edits
2 adds in trunk

AX: [macOS] WebKit hangs when triggering an alert from an AOM increment event
https://bugs.webkit.org/show_bug.cgi?id=184742

Reviewed by Chris Fleizach.

Source/WebCore:

Made increment and decrement actions on the macOS to be async. So that VoiceOver
won't hang indefinitely if performing the actions causes an alert or other modal
behaviors.

Test: accessibility/mac/async-increment-decrement-action.html

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityPerformIncrementAction]):
(-[WebAccessibilityObjectWrapper _accessibilityPerformIncrementAction]):
(-[WebAccessibilityObjectWrapper accessibilityPerformDecrementAction]):
(-[WebAccessibilityObjectWrapper _accessibilityPerformDecrementAction]):
(-[WebAccessibilityObjectWrapper accessibilityPerformAction:]):

Tools:

DumpRenderTree/mac/AccessibilityUIElementMac.mm:

(AccessibilityUIElement::increment):
(AccessibilityUIElement::decrement):

WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:

(WTR::AccessibilityUIElement::asyncIncrement):
(WTR::AccessibilityUIElement::asyncDecrement):

WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::increment):
(WTR::AccessibilityUIElement::decrement):
(WTR::AccessibilityUIElement::asyncIncrement):
(WTR::AccessibilityUIElement::asyncDecrement):

LayoutTests:

accessibility/mac/async-increment-decrement-action-expected.txt: Added.
accessibility/mac/async-increment-decrement-action.html: Added.
platform/mac-wk1/TestExpectations:

2:21 PM Changeset in webkit [230781] by youenn@apple.com

7 edits in trunk

MediaResourceLoader should set its fetch destination
https://bugs.webkit.org/show_bug.cgi?id=184746

Reviewed by Eric Carlson.

LayoutTests/imported/w3c:

web-platform-tests/service-workers/service-worker/fetch-request-resources.https-expected.txt:
web-platform-tests/service-workers/service-worker/fetch-request-resources.https.html:
web-platform-tests/service-workers/service-worker/resources/fetch-request-resources-iframe.https.html:
web-platform-tests/service-workers/service-worker/resources/fetch-request-resources-worker.js:

Source/WebCore:

Covered by updated test.

loader/MediaResourceLoader.cpp:

(WebCore::MediaResourceLoader::requestResource):

2:17 PM Changeset in webkit [230780] by jer.noble@apple.com

2 edits in trunk/Source/WebKit

Fix rendering of WKRemoteView layers in the simulator
https://bugs.webkit.org/show_bug.cgi?id=184752

Reviewed by Tim Horton.

Platform/mac/LayerHostingContext.mm:

(WebKit::LayerHostingContext::createForExternalHostingProcess):

2:17 PM Changeset in webkit [230779] by jer.noble@apple.com

2 edits in trunk/Source/WebCore

Fix runtime errors in simulator while playing media
https://bugs.webkit.org/show_bug.cgi?id=184751

Reviewed by Eric Carlson.

AVURLAssetHTTPCookiesKey may not be present, and AVPlayer may not respond to certain methods.

platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
(WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):
(WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):

2:06 PM Changeset in webkit [230778] by jer.noble@apple.com

13 edits
2 adds in trunk/Source/WebKit

Fix entitlements and sandboxing for iphoneminimalsimulator
https://bugs.webkit.org/show_bug.cgi?id=184692

Reviewed by Tim Horton.

Use the correct implementations for ChildProcess and NetworkProcess
when building for iphoneminimalsimulator. Stub out imlementations
which rely on methods not available in the iphoneminimalsimulator SDK.

Configurations/Network-OSX.entitlements: Added.
Configurations/NetworkService.xcconfig:
NetworkProcess/cocoa/NetworkProcessCocoa.mm:

(WebKit::NetworkProcess::sourceApplicationAuditData const):

NetworkProcess/ios/NetworkProcessIOS.mm:
NetworkProcess/mac/NetworkProcessMac.mm:

(WebKit::NetworkProcess::initializeProcessName):
(WebKit::overrideSystemProxies):

Shared/ios/ChildProcessIOS.mm:

(WebKit::ChildProcess::initializeSandbox):

Shared/mac/ChildProcessMac.mm:

(WebKit::ChildProcess::setApplicationIsDaemon):
(WebKit::enableSandboxStyleFileQuarantine):
(WebKit::ChildProcess::initializeSandbox):
(WebKit::ChildProcess::platformStopRunLoop):

Shared/mac/CodeSigning.mm:
WebKit.xcodeproj/project.pbxproj:
WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::initializeSandbox):

1:26 PM Changeset in webkit [230777] by Kocsen Chung

2 edits in tags/Safari-606.1.14/Source/WebKit

Cherry-pick r230771. rdar://problem/39287964

Avoid crash if ITP Debug mode is on, but ResourceLoadStatistics are not being used
https://bugs.webkit.org/show_bug.cgi?id=184739
<rdar://problem/39287964>

Reviewed by David Kilzer.

If a user has the ResourceLoadStatistics logic turned off, but has the ITP Debug experimental
flag turned on, you can cause a crash.

This is because the WebsiteDataStore for the process doesn't bother creating a ResourceLoadStatisticsStore
if the statistics machinery is not running. The ITP debug flag was being blindly set without checking
if the statistics store exists or not, which can cause a crash.

UIProcess/WebsiteData/WebsiteDataStore.cpp: (WebKit::WebsiteDataStore::setResourceLoadStatisticsDebugMode): Check if the statistics store exists before calling functions on it.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230771 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:19 PM Changeset in webkit [230776] by Ross Kirsling

2 edits in trunk/Source/JavaScriptCore

REGRESSION(r230748) [WinCairo] 'JSC::JIT::appendCallWithSlowPathReturnType': function does not take 1 arguments
https://bugs.webkit.org/show_bug.cgi?id=184725

Reviewed by Mark Lam.

jit/JIT.h:

1:13 PM Changeset in webkit [230775] by jer.noble@apple.com

2 edits in trunk/Source/WebCore

Ignore ASSERT when setting AVAudioSessionCategory returns an error on simulator.
https://bugs.webkit.org/show_bug.cgi?id=184698

Reviewed by Eric Carlson.

platform/audio/ios/AudioSessionIOS.mm:
platform/audio/mac/AudioSessionMac.cpp:

1:09 PM Changeset in webkit [230774] by Ross Kirsling

5 edits in trunk

[Win] Layout Test js/date-constructor.html is failing
https://bugs.webkit.org/show_bug.cgi?id=140945

Reviewed by Per Arne Vollan.

Source/WTF:

wtf/DateMath.cpp:

(WTF::calculateDSTOffset):
Move all shared calculations outside of the #if -- including the "jump forward a day" case that had been overlooked.

LayoutTests:

platform/win/TestExpectations:
platform/wincairo/TestExpectations:

12:17 PM Changeset in webkit [230773] by BJ Burg

7 edits in trunk/Source/WebKit

Unreviewed, rolling out r230743.
https://bugs.webkit.org/show_bug.cgi?id=184747

causes mouse clicks to not work on some platforms (Requested
by brrian on #webkit).

Reverted changeset:

"Web Automation: simulated mouse interactions should not be
done until associated DOM events have been dispatched"
https://bugs.webkit.org/show_bug.cgi?id=184462
https://trac.webkit.org/changeset/230743

Patch by Commit Queue <commit-queue@webkit.org> on 2018-04-18

12:04 PM Changeset in webkit [230772] by Ross Kirsling

2 edits in trunk/Tools

Fix archive step for WinCairo build bot.
https://bugs.webkit.org/show_bug.cgi?id=184715

Reviewed by Lucas Forschler.

BuildSlaveSupport/built-product-archive:

(archiveBuiltProduct):
(extractBuiltProduct):

11:55 AM Changeset in webkit [230771] by Brent Fulgham

2 edits in trunk/Source/WebKit

Avoid crash if ITP Debug mode is on, but ResourceLoadStatistics are not being used
https://bugs.webkit.org/show_bug.cgi?id=184739
<rdar://problem/39287964>

Reviewed by David Kilzer.

If a user has the ResourceLoadStatistics logic turned off, but has the ITP Debug experimental
flag turned on, you can cause a crash.

This is because the WebsiteDataStore for the process doesn't bother creating a ResourceLoadStatisticsStore
if the statistics machinery is not running. The ITP debug flag was being blindly set without checking
if the statistics store exists or not, which can cause a crash.

UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::setResourceLoadStatisticsDebugMode): Check if the statistics store exists
before calling functions on it.

11:42 AM Changeset in webkit [230770] by Kocsen Chung

3 edits in tags/Safari-606.1.14/Source/WebKit

Cherry-pick r230747. rdar://problem/39468022

WebKit::DisplayLink maintains a strong reference to WebPageProxy, creating a reference cycle
https://bugs.webkit.org/show_bug.cgi?id=184718

Reviewed by Tim Horton.

It turns out that the m_webPageProxy back-reference in DisplayLink, which was creating a
reference cycle, wasn't ever read, so we can just remove it.

UIProcess/mac/DisplayLink.cpp: (WebKit::DisplayLink::DisplayLink):
UIProcess/mac/DisplayLink.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230747 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:02 AM Changeset in webkit [230769] by Kocsen Chung

1 copy in tags/Safari-606.1.14

Tag Safari-606.1.14.

10:55 AM Changeset in webkit [230768] by Yusuke Suzuki

15 edits in trunk

[WebAssembly][Modules] Import tables in wasm modules
https://bugs.webkit.org/show_bug.cgi?id=184738

Reviewed by JF Bastien.

JSTests:

wasm/modules/wasm-imports-js-re-exports-wasm-exports.js:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wasm:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wat:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/re-export.js:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wasm:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wat:
wasm/modules/wasm-imports-wasm-exports.js:
wasm/modules/wasm-imports-wasm-exports/imports.wasm:
wasm/modules/wasm-imports-wasm-exports/imports.wat:
wasm/modules/wasm-imports-wasm-exports/sum.wasm:
wasm/modules/wasm-imports-wasm-exports/sum.wat:

Source/JavaScriptCore:

This patch simply allows wasm modules to import table from wasm modules / js re-exporting.
Basically moving JSWebAssemblyInstance's table linking code to WebAssemblyModuleRecord::link
just works.

wasm/js/JSWebAssemblyInstance.cpp:

(JSC::JSWebAssemblyInstance::create):

wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::link):

10:50 AM Changeset in webkit [230767] by commit-queue@webkit.org

4 edits in trunk

REGRESSION: Using the reload button while offline pushes identical pages onto the back/forward list
https://bugs.webkit.org/show_bug.cgi?id=184570
<rdar://problem/34807323>

Patch by Sihui Liu <sihui_liu@apple.com> on 2018-04-18
Reviewed by Chris Dumez.

Source/WebCore:

Set FrameLoadType properly when error occurs in reload.

tests: Tools/TestWebKitAPI/Tests/WebKitCocoa/LoadAlternateHTMLString.mm

loader/FrameLoader.cpp:

(WebCore::FrameLoader::load):

Tools:

Add API test coverage.

TestWebKitAPI/Tests/WebKitCocoa/LoadAlternateHTMLString.mm:

(TEST):

10:31 AM Changeset in webkit [230766] by commit-queue@webkit.org

3 edits in trunk/Source/WebKit

Add -[_WKInputDelegateDelegate willStartInputSession:] for clients that want to configure input session before assisting form node
https://bugs.webkit.org/show_bug.cgi?id=184662

Patch by Paul Knight <pknight@apple.com> on 2018-04-18
Reviewed by Beth Dakin.

Clients may wish to configure a WKInputSession before we start assisting
a node. Add a -[_WKInputDelegateDelegate _webView:willStartInputSession:]
callback.

For example, clients that wish to present a custom input view will want
to configure the WKFormInputSession's customInputView before the
keyboard is presented. Otherwise the standard keyboard will begin to
animate and then the custom input view will swap in later.

UIProcess/API/Cocoa/_WKInputDelegate.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _startAssistingNode:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):

Call -_webView:willStartInputSession: before assisting the node.
Only create the form session if the delegate implements either
the willStart or didStartInputSession callbacks.

10:16 AM Changeset in webkit [230765] by commit-queue@webkit.org

4 edits in trunk/Source/JavaScriptCore

[ARM] Fix build error and crash after PtrTag change
https://bugs.webkit.org/show_bug.cgi?id=184732

Patch by Dominik Infuehr <dinfuehr@igalia.com> on 2018-04-18
Reviewed by Mark Lam.

Do not pass NoPtrTag in callOperation and fix misspelled JSEntryPtrTag. Use
MacroAssemblerCodePtr::createFromExecutableAddress to avoid tagging a pointer
twice with ARM-Thumb2.

assembler/MacroAssemblerCodeRef.h:

(JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):

jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::emitSlow_op_put_by_val):

jit/Repatch.cpp:

(JSC::linkPolymorphicCall):

9:50 AM Changeset in webkit [230764] by Chris Dumez

40 edits
2 adds in trunk

Add support for converting a local window to a remote window
https://bugs.webkit.org/show_bug.cgi?id=184515
<rdar://problem/39011318>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Add initial support for process-swapping when navigating cross-origin as a result
of a window.open(). The window object returned by window.open() is initially same
origin and is for about:blank. The navigation cross-origin then happens and the
JS wrappers for the window then point to a cross-origin window which is remote (i.e.
hosted in another WebProcess).

The RemoteDOMWindow exposed to JS looks like a regular cross-origin Window with a few
exceptions due to our incomplete implementation (e.g. w.location returns null) and
most of its API is currently not functional. The RemoteDOMWindow API will be implemented
in a follow-up by relying on IPC.

Test: http/tests/navigation/process-swap-window-open.html

bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSDOMGlobalObject::scriptExecutionContext const):

bindings/js/JSDOMPromiseDeferred.h:
bindings/js/JSDOMWindowProperties.cpp:

(WebCore::JSDOMWindowProperties::getOwnPropertySlot):

bindings/js/JSDOMWindowProxy.cpp:

(WebCore::JSDOMWindowProxy::finishCreation):
(WebCore::JSDOMWindowProxy::create):

bindings/js/JSDOMWindowProxy.h:
bindings/js/JSDOMWrapper.cpp:

(WebCore::JSDOMObject::JSDOMObject):

bindings/js/JSDOMWrapper.h:
bindings/js/WindowProxyController.cpp:

(WebCore::WindowProxyController::createWindowProxy):
(WebCore::WindowProxyController::setDOMWindowForWindowProxy):

bridge/objc/WebScriptObject.mm:

(-[WebScriptObject _isSafeScript]):
Teach more of our bindings code about RemoteDOMWindows.

dom/Document.cpp:

(WebCore::Document::createDOMWindow):

loader/FrameLoaderClient.h:

Add FrameLoaderClient function to notify the client when a DOMWindow is constructed in
the frame. This is needed for WebKit2 to link the old window to its new representation
in the new WebProcess.

Source/WebKit:

UIProcess/API/APIProcessPoolConfiguration.cpp:

(API::ProcessPoolConfiguration::copy):

UIProcess/API/APIProcessPoolConfiguration.h:
UIProcess/API/C/WKContextConfigurationRef.cpp:

(WKContextConfigurationProcessSwapsOnWindowOpenWithOpener):
(WKContextConfigurationSetProcessSwapsOnWindowOpenWithOpener):

UIProcess/API/C/WKContextConfigurationRef.h:
UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:

(-[_WKProcessPoolConfiguration setProcessSwapsOnWindowOpenWithOpener:]):
(-[_WKProcessPoolConfiguration processSwapsOnWindowOpenWithOpener]):
Add ProcessPool configuration flag to turn on processSwap on window.open(), even
if there is an opener.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::continueNavigationInNewProcess):
If the navigation was triggered via window.open(), then set up on handler for when
a DOMWindow is constructed for the main frame in the new process.

(WebKit::WebPageProxy::didCreateWindow):
When a Window is constructed for the main frame in a new process on process swap,
notify the old process that its representation of the window should become remote
and provide it with the Frame / Window identifiers it needs.

UIProcess/WebPageProxy.h:
UIProcess/WebPageProxy.messages.in:

UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::processForNavigation):
Do process swapping on cross-origin window.open() if the corresponding setting is
enabled.

WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::didCreateWindow):

WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::frameBecameRemote):
This is called when process swapping has happened due to a window.open() navigation
cross-origin, when a Frame / Window has been constructed in the new process. We do
the following:

Construct a RemoteFrame / RemoteWindow using the provided global identifiers to represent the Frame / Window in the new process.
We transfer the WindowProxies from the old Frame's WindowProxyController to the new RemoteFrame's WindowProxyController.
We update the window proxied by those WindowProxies to be the new RemoteWindow.
We detach the old Frame as it is now remote and represented by the new RemoteFrame object we constructed.
If the old frame was the main frame (always the case currently), we close the page as it is no longer needed. The new RemoteFrame is currently owned by the RemoteWindow which is kept alive by its JS wrappers.

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/WebPage.messages.in:

Tools:

MiniBrowser/mac/AppDelegate.m:

(defaultConfiguration):

MiniBrowser/mac/SettingsController.h:
MiniBrowser/mac/SettingsController.m:

(-[SettingsController _populateMenu]):
(-[SettingsController validateMenuItem:]):
(-[SettingsController processSwapOnWindowOpenWithOpenerEnabled]):
(-[SettingsController toggleProcessSwapOnWindowOpenWithOpener:]):
Add menu entry in minibrowser to turn on process swap on cross-origin window.open().

TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

Turn on process swap on cross-origin window.open() for corresponding test and update
test to expect that a new WebProcess is created.

WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:

(WTR::InjectedBundlePage::decidePolicyForResponse):
Add null checks for injectedBundle.testRunner(). When we swap process on navigation,
the InjectedBundlePage::decidePolicyForResponse() gets called in the new process.
In this new process, we have constructed a InjectedBundlePage for the page but we
have not initialized the InjectedBundle members such as testRunner.

WebKitTestRunner/TestController.cpp:

(WTR::TestController::createWebViewWithOptions):
(WTR::updateTestOptionsFromTestHeader):

WebKitTestRunner/TestOptions.h:

(WTR::TestOptions::hasSameInitializationOptions const):
Add a way for layout tests to turn on process swap on navigation via a test header.

LayoutTests:

Add layout test coverage a cross-origin window.open() to check that the
returned window looks like a regular cross-origin window after being
navigated cross-origin. We are still failing some of the checks because
our implementation is still incomplete. However, it mostly works as
expected.

TestExpectations:
http/tests/navigation/process-swap-window-open-expected.txt: Added.
http/tests/navigation/process-swap-window-open.html: Added.
platform/wk2/TestExpectations:

9:33 AM Changeset in webkit [230763] by Yusuke Suzuki

17 edits
6 adds in trunk

[WebAssembly][Modules] Import globals from wasm modules
https://bugs.webkit.org/show_bug.cgi?id=184736

Reviewed by JF Bastien.

JSTests:

wasm.yaml:
wasm/modules/wasm-imports-js-re-exports-wasm-exports.js:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wasm:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wat:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/re-export.js:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wasm:
wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wat:
wasm/modules/wasm-imports-wasm-exports.js:
wasm/modules/wasm-imports-wasm-exports/imports.wasm:
wasm/modules/wasm-imports-wasm-exports/imports.wat:
wasm/modules/wasm-imports-wasm-exports/sum.wasm:
wasm/modules/wasm-imports-wasm-exports/sum.wat:

Source/JavaScriptCore:

This patch implements a feature importing globals to/from wasm modules.
Since we are not supporting mutable globals now, we can just copy the
global data when importing. Currently we do not support importing/exporting
i64 globals. This will be supported once (1) mutable global bindings are
specified and (2) BigInt based i64 importing/exporting is specified.

wasm/js/JSWebAssemblyInstance.cpp:

(JSC::JSWebAssemblyInstance::create):

wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::link):

6:01 AM Changeset in webkit [230762] by tpopela@redhat.com

2 edits in trunk/Source/JavaScriptCore

Unreviewed, fix build on ARM

assembler/MacroAssemblerARM.h:

(JSC::MacroAssemblerARM::readCallTarget):

4:09 AM Changeset in webkit [230761] by tpopela@redhat.com

2 edits in trunk/Source/JavaScriptCore

Unreviewed, fix build with GCC

assembler/LinkBuffer.h:

(JSC::LinkBuffer::finalizeCodeWithDisassembly):

3:42 AM Changeset in webkit [230760] by Ms2ger@igalia.com

9 edits in trunk/LayoutTests

Test gardening.
https://bugs.webkit.org/show_bug.cgi?id=184726

Unreviewed test gardening.

LayoutTests/imported/w3c:

web-platform-tests/touch-events/historical-expected.txt: update expectation to test change

LayoutTests:

Update expectations.

platform/gtk/TestExpectations:
platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
platform/wpe/TestExpectations:
platform/wpe/imported/w3c/web-platform-tests/html/dom/interfaces-expected.txt:
platform/wpe/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
platform/wpe/js/dom/dom-static-property-for-in-iteration-expected.txt:

3:03 AM WebKitGTK/Gardening/Calendar edited by Ms2ger@igalia.com

(diff)

2:47 AM Changeset in webkit [230759] by Yusuke Suzuki

25 edits
1 copy
65 adds in trunk

Unreviewed, reland r230697, r230720, and r230724.
https://bugs.webkit.org/show_bug.cgi?id=184600

JSTests:

wasm.yaml:
wasm/modules/constant.wasm: Added.
wasm/modules/constant.wat: Added.
wasm/modules/default-import-star-error.js: Added.

(then):

wasm/modules/default-import-star-error/entry.wasm: Added.
wasm/modules/default-import-star-error/entry.wat: Added.
wasm/modules/default-import-star-error/t0.js: Added.
wasm/modules/default-import-star-error/t1.js: Added.
wasm/modules/default-import-star-error/t2.js: Added.

(export.default.Cocoa):

wasm/modules/js-wasm-cycle.js: Added.
wasm/modules/js-wasm-cycle/entry.js: Added.

(from.string_appeared_here.export.return42):

wasm/modules/js-wasm-cycle/sum.wasm: Added.
wasm/modules/js-wasm-cycle/sum.wat: Added.
wasm/modules/js-wasm-function-namespace.js: Added.

(assert.throws):

wasm/modules/js-wasm-function.js: Added.

(assert.throws):

wasm/modules/js-wasm-global-namespace.js: Added.

(assert.throws):

wasm/modules/js-wasm-global.js: Added.

(assert.throws):

wasm/modules/js-wasm-memory-namespace.js: Added.

(assert.throws):

wasm/modules/js-wasm-memory.js: Added.

(assert.throws):

wasm/modules/js-wasm-start.js: Added.

(then):

wasm/modules/js-wasm-table-namespace.js: Added.

(assert.throws):

wasm/modules/js-wasm-table.js: Added.

(assert.throws):

wasm/modules/memory.wasm: Added.
wasm/modules/memory.wat: Added.
wasm/modules/run-from-wasm.wasm: Added.
wasm/modules/run-from-wasm.wat: Added.
wasm/modules/run-from-wasm/check.js: Added.

(export.check):

wasm/modules/start.wasm: Added.
wasm/modules/start.wat: Added.
wasm/modules/sum.wasm: Added.
wasm/modules/sum.wat: Added.
wasm/modules/table.wasm: Added.
wasm/modules/table.wat: Added.
wasm/modules/wasm-imports-js-exports.js: Added.
wasm/modules/wasm-imports-js-exports/imports.wasm: Added.
wasm/modules/wasm-imports-js-exports/imports.wat: Added.
wasm/modules/wasm-imports-js-exports/sum.js: Added.

(export.sum):

wasm/modules/wasm-imports-js-re-exports-wasm-exports.js: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wasm: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wat: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/re-export.js: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wasm: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wat: Added.
wasm/modules/wasm-imports-wasm-exports.js: Added.
wasm/modules/wasm-imports-wasm-exports/imports.wasm: Added.
wasm/modules/wasm-imports-wasm-exports/imports.wat: Added.
wasm/modules/wasm-imports-wasm-exports/sum.wasm: Added.
wasm/modules/wasm-imports-wasm-exports/sum.wat: Added.
wasm/modules/wasm-js-cycle.js: Added.
wasm/modules/wasm-js-cycle/entry.wasm: Added.
wasm/modules/wasm-js-cycle/entry.wat: Added.
wasm/modules/wasm-js-cycle/sum.js: Added.

(from.string_appeared_here.export.sum):

wasm/modules/wasm-wasm-cycle.js: Added.
wasm/modules/wasm-wasm-cycle/entry.wasm: Added.
wasm/modules/wasm-wasm-cycle/entry.wat: Added.
wasm/modules/wasm-wasm-cycle/sum.wasm: Added.
wasm/modules/wasm-wasm-cycle/sum.wat: Added.

Source/JavaScriptCore:

With CatchScope check.

JavaScriptCore.xcodeproj/project.pbxproj:
builtins/ModuleLoaderPrototype.js:

(globalPrivate.newRegistryEntry):
(requestInstantiate):
(link):

jsc.cpp:

(convertShebangToJSComment):
(fillBufferWithContentsOfFile):
(fetchModuleFromLocalFileSystem):
(GlobalObject::moduleLoaderFetch):
(functionDollarAgentStart):
(checkException):
(runWithOptions):

parser/NodesAnalyzeModule.cpp:

(JSC::ImportDeclarationNode::analyzeModule):

parser/SourceProvider.h:

(JSC::WebAssemblySourceProvider::create):
(JSC::WebAssemblySourceProvider::WebAssemblySourceProvider):

runtime/AbstractModuleRecord.cpp:

(JSC::AbstractModuleRecord::hostResolveImportedModule):
(JSC::AbstractModuleRecord::resolveImport):
(JSC::AbstractModuleRecord::link):
(JSC::AbstractModuleRecord::evaluate):
(JSC::identifierToJSValue): Deleted.

runtime/AbstractModuleRecord.h:

(JSC::AbstractModuleRecord::moduleEnvironmentMayBeNull):
(JSC::AbstractModuleRecord::ImportEntry::isNamespace const): Deleted.

runtime/JSModuleEnvironment.cpp:

(JSC::JSModuleEnvironment::getOwnNonIndexPropertyNames):

runtime/JSModuleLoader.cpp:

(JSC::JSModuleLoader::evaluate):

runtime/JSModuleRecord.cpp:

(JSC::JSModuleRecord::link):
(JSC::JSModuleRecord::instantiateDeclarations):

runtime/JSModuleRecord.h:
runtime/ModuleLoaderPrototype.cpp:

(JSC::moduleLoaderPrototypeParseModule):
(JSC::moduleLoaderPrototypeRequestedModules):
(JSC::moduleLoaderPrototypeModuleDeclarationInstantiation):

wasm/WasmCreationMode.h: Copied from Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.h.
wasm/js/JSWebAssemblyHelpers.h:

(JSC::getWasmBufferFromValue):
(JSC::createSourceBufferFromValue):

wasm/js/JSWebAssemblyInstance.cpp:

(JSC::JSWebAssemblyInstance::finalizeCreation):
(JSC::JSWebAssemblyInstance::createPrivateModuleKey):
(JSC::JSWebAssemblyInstance::create):

wasm/js/JSWebAssemblyInstance.h:
wasm/js/WebAssemblyInstanceConstructor.cpp:

(JSC::constructJSWebAssemblyInstance):

wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::prepareLink):
(JSC::WebAssemblyModuleRecord::link):

wasm/js/WebAssemblyModuleRecord.h:
wasm/js/WebAssemblyPrototype.cpp:

(JSC::resolve):
(JSC::instantiate):
(JSC::compileAndInstantiate):
(JSC::WebAssemblyPrototype::instantiate):
(JSC::webAssemblyInstantiateFunc):
(JSC::webAssemblyValidateFunc):

wasm/js/WebAssemblyPrototype.h:

Tools:

Scripts/run-jsc-stress-tests:

1:36 AM Changeset in webkit [230758] by Carlos Garcia Campos

1 copy in releases/WebKitGTK/webkit-2.21.1

WebKitGTK+ 2.21.1

1:35 AM Changeset in webkit [230757] by Carlos Garcia Campos

4 edits in trunk

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.21.1 release.

Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

gtk/NEWS: Add release notes for 2.21.1.

1:33 AM Changeset in webkit [230756] by Carlos Garcia Campos

2 edits in trunk/Source/WebKit

Unreviewed. Remove symbols from webkitglib-symbols.map.

Remove symbols not present in WebKit.

webkitglib-symbols.map:

12:42 AM Changeset in webkit [230755] by Carlos Garcia Campos

2 edits in trunk/Source/WebKit

Unreviewed. Add missing symbols to webkitglib-symbols.map.

Add symbols global in JSC and present in WebKit.

webkitglib-symbols.map:

12:33 AM Changeset in webkit [230754] by Fujii Hironori

2 edits in trunk/Source/WebKit

[Win][WebKit] Implement InjectedBundleWin.cpp
https://bugs.webkit.org/show_bug.cgi?id=184525

Reviewed by Konstantin Tokarev.

WebProcess/InjectedBundle/win/InjectedBundleWin.cpp:

(WebKit::InjectedBundle::initialize):

Apr 17, 2018:

11:51 PM Changeset in webkit [230753] by Carlos Garcia Campos

13 edits in trunk

[GLIB] Make it possible to handle JSCClass external properties not added to the prototype
https://bugs.webkit.org/show_bug.cgi?id=184687

Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

Add JSCClassVTable that can be optionally passed to jsc_context_register_class() to provide implmentations for
JSClassDefinition. This is required to implement dynamic properties that can't be added with
jsc_class_add_property() for example to implement something like imports object in seed/gjs.

API/glib/JSCClass.cpp:

(VTableExceptionHandler::VTableExceptionHandler): Helper class to handle the exceptions in vtable functions that
can throw exceptions.
(VTableExceptionHandler::~VTableExceptionHandler):
(getProperty): Iterate the class chain to call get_property function.
(setProperty): Iterate the class chain to call set_property function.
(hasProperty): Iterate the class chain to call has_property function.
(deleteProperty): Iterate the class chain to call delete_property function.
(getPropertyNames): Iterate the class chain to call enumerate_properties function.
(jsc_class_class_init): Remove constructed implementation, since we need to initialize the JSClassDefinition in
jscClassCreate now.
(jscClassCreate): Receive an optional JSCClassVTable that is used to initialize the JSClassDefinition.

API/glib/JSCClass.h:
API/glib/JSCClassPrivate.h:
API/glib/JSCContext.cpp:

(jscContextGetRegisteredClass): Helper to get the JSCClass for a given JSClassRef.
(jsc_context_register_class): Add JSCClassVTable parameter.

API/glib/JSCContext.h:
API/glib/JSCContextPrivate.h:
API/glib/JSCWrapperMap.cpp:

(JSC::WrapperMap::registeredClass const): Get the JSCClass for a given JSClassRef.

API/glib/JSCWrapperMap.h:
API/glib/docs/jsc-glib-4.0-sections.txt: Add new symbols.

Tools:

Add test cases for the new API.

TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:

(fooCreate):
(fooFree):
(fooGetProperty):
(fooSetProperty):
(testJSCPromises):
(testJSCGarbageCollector):
(testsJSCVirtualMachine):

TestWebKitAPI/Tests/WebKitGLib/WebProcessTest.cpp:

(windowObjectClearedCallback):

11:03 PM Changeset in webkit [230752] by Wenson Hsieh

9 edits
2 adds in trunk

[Extra zoom mode] Programmatically changing focus when an element already has focus is a confusing experience
https://bugs.webkit.org/show_bug.cgi?id=184635
<rdar://problem/39440642>

Reviewed by Tim Horton.

Source/WebKit:

Currently on iOS, we allow element focus to present UI if the keyboard is already shown. In extra zoom mode,
this would lead to a confusing experience when the focus form control overlay is disabled, since fullscreen
input view controllers are swapped out from underneath the user. Currently, this also puts the UI process into a
bad state where the focused form control overlay is active, but still hidden. This patch makes some tweaks to
input view controller handling in the UI process to address these issues, and also adds WebKitTestRunner support
for simulating interactions with select menus in extra zoom mode. See comments below for more detail.

Test: fast/events/extrazoom/change-focus-during-change-event.html

UIProcess/API/Cocoa/WKUIDelegatePrivate.h:

Add new SPI delegate hooks to notify the UI delegate when view controllers are presented or dismissed in extra
zoom mode. See -presentViewControllerForCurrentAssistedNode and -dismissAllInputViewControllers.

UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::takeBackgroundActivityTokenForFullscreenInput):
(WebKit::WebProcessProxy::releaseBackgroundActivityTokenForFullscreenInput):

See the comment below -dismissAllInputViewControllers.

UIProcess/WebProcessProxy.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _startAssistingNode:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):

In extra zoom mode, when changing focus from one assisted node to another, only allow the second node to be
assisted if the focused form control overlay is being shown. Otherwise, (i.e. when a fullscreen input view
controller is being presented), don't allow focus to start an input session.

Additionally, make a minor tweak to allow the previous node to blur, even if we are not showing the keyboard for
the new focused element. Without this adjustment, in the case where the page has programmatically focused
another element while a fullscreen input view controller is presented, we'll show the old view controller for
the new focused element.

(-[WKContentView presentViewControllerForCurrentAssistedNode]):
(-[WKContentView dismissAllInputViewControllers:]):

Currently, when a fullscreen input view controller is presented, the web process gets backgrounded. This
prevents event handlers from executing, which leads to strange behaviors in many cases (for instance: if we
have a multiple select, and the "change" event handler blurs the select, the user may check or uncheck multiple
items, but only the first change will actually take effect).

To fix this, we maintain a background activity token while presenting an input view controller.

(-[WKContentView focusedFormControlViewDidBeginEditing:]):

Start hiding the focused form overlay when re-presenting an input view controller. This allows us to bail from
showing fullscreen input UI for another focused element if focus programmatically changes while the current
fullscreen input view controller is presented, due to the -isHidden check in -_startAssistingNode:.

(-[WKContentView selectFormAccessoryPickerRow:]):

Simulate tapping a given row in select menu UI in extra zoom mode.

Tools:

Add plumbing to support invoking didHideKeyboardCallback and didShowKeyboardCallback when (respectively)
dismissing or presenting fullscreen input view controllers in extra zoom mode.

WebKitTestRunner/cocoa/TestRunnerWKWebView.mm:

(-[TestRunnerWKWebView initWithFrame:configuration:]):
(-[TestRunnerWKWebView dealloc]):
(-[TestRunnerWKWebView _invokeShowKeyboardCallbackIfNecessary]):
(-[TestRunnerWKWebView _invokeHideKeyboardCallbackIfNecessary]):
(-[TestRunnerWKWebView _keyboardDidShow:]):
(-[TestRunnerWKWebView _keyboardDidHide:]):
(-[TestRunnerWKWebView _webView:didPresentFocusedElementViewController:]):
(-[TestRunnerWKWebView _webView:didDismissFocusedElementViewController:]):

LayoutTests:

Add a new layout test to exercise the following sequence of events in extra zoom mode:

Focus select element #1.
Choose an unselected option.
Programmatically focus select element #2 in the "change" event handler.
Choose an unselected option.
Programmatically blur select element #2 in the "change" event handler.

fast/events/extrazoom/change-focus-during-change-event-expected.txt: Added.
fast/events/extrazoom/change-focus-during-change-event.html: Added.
resources/ui-helper.js:

(window.UIHelper.waitForKeyboardToHide.return.new.Promise):
(window.UIHelper.waitForKeyboardToHide):

10:45 PM Changeset in webkit [230751] by zandobersek@gmail.com

5 edits in trunk

[CMake] Add and enable the ENABLE_CSS_ANIMATIONS_LEVEL_2 feature define
https://bugs.webkit.org/show_bug.cgi?id=184681

Reviewed by Carlos Garcia Campos.

Source/cmake/WebKitFeatures.cmake: Add the ENABLE_CSS_ANIMATIONS_LEVEL_2

feature define. Follow Cocoa ports and enable it by default.

Source/WebCore:

Sources.txt: Include CSSAnimationTriggerScrollValue.cpp in the build.
WebCore.xcodeproj/project.pbxproj: Remove CSSAnimationTriggerScrollValue.cpp

build target now that it's built via Sources.txt.

10:43 PM Changeset in webkit [230750] by zandobersek@gmail.com

2 edits in trunk/Source/WebCore

[CoordGraphics] CoordinatedImageBacking can simplify image drawing
https://bugs.webkit.org/show_bug.cgi?id=183986

Reviewed by Michael Catanzaro.

In CoordinatedImageBacking::update(), when drawing the image into a
freshly-created image backing, we can avoid save-and-restoring the
painting context. We also don't have to clip it, since the clipping area
is the same as the image (and buffer) bounds. Since the buffer is
initialized to transparent color, we can use the CompositeCopy operator
to just copy image data into the destination since there's nothing to
paint the source over.

No new tests -- no change in functionality.

platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:

(WebCore::CoordinatedImageBacking::update):

10:05 PM Changeset in webkit [230749] by Michael Catanzaro

4 edits in trunk

[GTK] Webkit should spoof as Safari on a Mac for Outlook.com
https://bugs.webkit.org/show_bug.cgi?id=184573

Reviewed by Carlos Alberto Lopez Perez.

Source/WebCore:

Add quirk for outlook.live.com.

platform/UserAgentQuirks.cpp:

(WebCore::urlRequiresMacintoshPlatform):

Tools:

TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:

(TestWebKitAPI::TEST):

8:31 PM Changeset in webkit [230748] by mark.lam@apple.com

186 edits
1 add in trunk/Source

Templatize CodePtr/Refs/FunctionPtrs with PtrTags.
https://bugs.webkit.org/show_bug.cgi?id=184702
<rdar://problem/35391681>

Reviewed by Filip Pizlo and Saam Barati.

Source/JavaScriptCore:

Templatized MacroAssemblerCodePtr/Ref, FunctionPtr, and CodeLocation variants to take a PtrTag template argument.
Replaced some uses of raw pointers with the equivalent CodePtr / FunctionPtr.

assembler/AbstractMacroAssembler.h:

(JSC::AbstractMacroAssembler::differenceBetweenCodePtr):
(JSC::AbstractMacroAssembler::linkJump):
(JSC::AbstractMacroAssembler::linkPointer):
(JSC::AbstractMacroAssembler::getLinkerAddress):
(JSC::AbstractMacroAssembler::repatchJump):
(JSC::AbstractMacroAssembler::repatchJumpToNop):
(JSC::AbstractMacroAssembler::repatchNearCall):
(JSC::AbstractMacroAssembler::repatchCompact):
(JSC::AbstractMacroAssembler::repatchInt32):
(JSC::AbstractMacroAssembler::repatchPointer):
(JSC::AbstractMacroAssembler::readPointer):
(JSC::AbstractMacroAssembler::replaceWithLoad):
(JSC::AbstractMacroAssembler::replaceWithAddressComputation):

assembler/CodeLocation.h:

(JSC::CodeLocationCommon:: const):
(JSC::CodeLocationCommon::CodeLocationCommon):
(JSC::CodeLocationInstruction::CodeLocationInstruction):
(JSC::CodeLocationLabel::CodeLocationLabel):
(JSC::CodeLocationLabel::retagged):
(JSC::CodeLocationLabel:: const):
(JSC::CodeLocationJump::CodeLocationJump):
(JSC::CodeLocationJump::retagged):
(JSC::CodeLocationCall::CodeLocationCall):
(JSC::CodeLocationCall::retagged):
(JSC::CodeLocationNearCall::CodeLocationNearCall):
(JSC::CodeLocationDataLabel32::CodeLocationDataLabel32):
(JSC::CodeLocationDataLabelCompact::CodeLocationDataLabelCompact):
(JSC::CodeLocationDataLabelPtr::CodeLocationDataLabelPtr):
(JSC::CodeLocationConvertibleLoad::CodeLocationConvertibleLoad):
(JSC::CodeLocationCommon<tag>::instructionAtOffset):
(JSC::CodeLocationCommon<tag>::labelAtOffset):
(JSC::CodeLocationCommon<tag>::jumpAtOffset):
(JSC::CodeLocationCommon<tag>::callAtOffset):
(JSC::CodeLocationCommon<tag>::nearCallAtOffset):
(JSC::CodeLocationCommon<tag>::dataLabelPtrAtOffset):
(JSC::CodeLocationCommon<tag>::dataLabel32AtOffset):
(JSC::CodeLocationCommon<tag>::dataLabelCompactAtOffset):
(JSC::CodeLocationCommon<tag>::convertibleLoadAtOffset):
(JSC::CodeLocationCommon::instructionAtOffset): Deleted.
(JSC::CodeLocationCommon::labelAtOffset): Deleted.
(JSC::CodeLocationCommon::jumpAtOffset): Deleted.
(JSC::CodeLocationCommon::callAtOffset): Deleted.
(JSC::CodeLocationCommon::nearCallAtOffset): Deleted.
(JSC::CodeLocationCommon::dataLabelPtrAtOffset): Deleted.
(JSC::CodeLocationCommon::dataLabel32AtOffset): Deleted.
(JSC::CodeLocationCommon::dataLabelCompactAtOffset): Deleted.
(JSC::CodeLocationCommon::convertibleLoadAtOffset): Deleted.

assembler/LinkBuffer.cpp:

(JSC::LinkBuffer::finalizeCodeWithoutDisassemblyImpl):
(JSC::LinkBuffer::finalizeCodeWithDisassemblyImpl):
(JSC::LinkBuffer::finalizeCodeWithoutDisassembly): Deleted.
(JSC::LinkBuffer::finalizeCodeWithDisassembly): Deleted.

assembler/LinkBuffer.h:

(JSC::LinkBuffer::link):
(JSC::LinkBuffer::patch):
(JSC::LinkBuffer::entrypoint):
(JSC::LinkBuffer::locationOf):
(JSC::LinkBuffer::locationOfNearCall):
(JSC::LinkBuffer::finalizeCodeWithoutDisassembly):
(JSC::LinkBuffer::finalizeCodeWithDisassembly):
(JSC::LinkBuffer::trampolineAt):

assembler/MacroAssemblerARM.h:

(JSC::MacroAssemblerARM::readCallTarget):
(JSC::MacroAssemblerARM::replaceWithJump):
(JSC::MacroAssemblerARM::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerARM::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerARM::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerARM::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerARM::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerARM::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerARM::repatchCall):
(JSC::MacroAssemblerARM::linkCall):

assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::readCallTarget):
(JSC::MacroAssemblerARM64::replaceWithVMHalt):
(JSC::MacroAssemblerARM64::replaceWithJump):
(JSC::MacroAssemblerARM64::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerARM64::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerARM64::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerARM64::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerARM64::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerARM64::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerARM64::repatchCall):
(JSC::MacroAssemblerARM64::linkCall):

assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::replaceWithJump):
(JSC::MacroAssemblerARMv7::readCallTarget):
(JSC::MacroAssemblerARMv7::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerARMv7::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerARMv7::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerARMv7::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerARMv7::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerARMv7::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerARMv7::repatchCall):
(JSC::MacroAssemblerARMv7::linkCall):

assembler/MacroAssemblerCodeRef.cpp:

(JSC::MacroAssemblerCodePtrBase::dumpWithName):
(JSC::MacroAssemblerCodeRefBase::tryToDisassemble):
(JSC::MacroAssemblerCodeRefBase::disassembly):
(JSC::MacroAssemblerCodePtr::createLLIntCodePtr): Deleted.
(JSC::MacroAssemblerCodePtr::dumpWithName const): Deleted.
(JSC::MacroAssemblerCodePtr::dump const): Deleted.
(JSC::MacroAssemblerCodeRef::createLLIntCodeRef): Deleted.
(JSC::MacroAssemblerCodeRef::tryToDisassemble const): Deleted.
(JSC::MacroAssemblerCodeRef::disassembly const): Deleted.
(JSC::MacroAssemblerCodeRef::dump const): Deleted.

assembler/MacroAssemblerCodeRef.h:

(JSC::FunctionPtr::FunctionPtr):
(JSC::FunctionPtr::retagged const):
(JSC::FunctionPtr::retaggedExecutableAddress const):
(JSC::FunctionPtr::operator== const):
(JSC::FunctionPtr::operator!= const):
(JSC::ReturnAddressPtr::ReturnAddressPtr):
(JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
(JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
(JSC::MacroAssemblerCodePtr::retagged const):
(JSC::MacroAssemblerCodePtr:: const):
(JSC::MacroAssemblerCodePtr::dumpWithName const):
(JSC::MacroAssemblerCodePtr::dump const):
(JSC::MacroAssemblerCodePtrHash::hash):
(JSC::MacroAssemblerCodePtrHash::equal):
(JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):
(JSC::MacroAssemblerCodeRef::createSelfManagedCodeRef):
(JSC::MacroAssemblerCodeRef::code const):
(JSC::MacroAssemblerCodeRef::retaggedCode const):
(JSC::MacroAssemblerCodeRef::retagged const):
(JSC::MacroAssemblerCodeRef::tryToDisassemble const):
(JSC::MacroAssemblerCodeRef::disassembly const):
(JSC::MacroAssemblerCodeRef::dump const):
(JSC::FunctionPtr<tag>::FunctionPtr):

assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::readCallTarget):
(JSC::MacroAssemblerMIPS::replaceWithJump):
(JSC::MacroAssemblerMIPS::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerMIPS::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerMIPS::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerMIPS::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerMIPS::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerMIPS::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerMIPS::repatchCall):
(JSC::MacroAssemblerMIPS::linkCall):

assembler/MacroAssemblerX86.h:

(JSC::MacroAssemblerX86::readCallTarget):
(JSC::MacroAssemblerX86::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerX86::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerX86::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerX86::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerX86::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerX86::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerX86::repatchCall):
(JSC::MacroAssemblerX86::linkCall):

assembler/MacroAssemblerX86Common.h:

(JSC::MacroAssemblerX86Common::repatchCompact):
(JSC::MacroAssemblerX86Common::replaceWithVMHalt):
(JSC::MacroAssemblerX86Common::replaceWithJump):

assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::readCallTarget):
(JSC::MacroAssemblerX86_64::startOfBranchPtrWithPatchOnRegister):
(JSC::MacroAssemblerX86_64::startOfBranch32WithPatchOnRegister):
(JSC::MacroAssemblerX86_64::startOfPatchableBranchPtrWithPatchOnAddress):
(JSC::MacroAssemblerX86_64::startOfPatchableBranch32WithPatchOnAddress):
(JSC::MacroAssemblerX86_64::revertJumpReplacementToPatchableBranchPtrWithPatch):
(JSC::MacroAssemblerX86_64::revertJumpReplacementToPatchableBranch32WithPatch):
(JSC::MacroAssemblerX86_64::revertJumpReplacementToBranchPtrWithPatch):
(JSC::MacroAssemblerX86_64::repatchCall):
(JSC::MacroAssemblerX86_64::linkCall):

assembler/testmasm.cpp:

(JSC::compile):
(JSC::invoke):
(JSC::testProbeModifiesProgramCounter):

b3/B3Compilation.cpp:

(JSC::B3::Compilation::Compilation):

b3/B3Compilation.h:

(JSC::B3::Compilation::code const):
(JSC::B3::Compilation::codeRef const):

b3/B3Compile.cpp:

(JSC::B3::compile):

b3/B3LowerMacros.cpp:
b3/air/AirDisassembler.cpp:

(JSC::B3::Air::Disassembler::dump):

b3/air/testair.cpp:
b3/testb3.cpp:

(JSC::B3::invoke):
(JSC::B3::testInterpreter):
(JSC::B3::testEntrySwitchSimple):
(JSC::B3::testEntrySwitchNoEntrySwitch):
(JSC::B3::testEntrySwitchWithCommonPaths):
(JSC::B3::testEntrySwitchWithCommonPathsAndNonTrivialEntrypoint):
(JSC::B3::testEntrySwitchLoop):

bytecode/AccessCase.cpp:

(JSC::AccessCase::generateImpl):

bytecode/AccessCaseSnippetParams.cpp:

(JSC::SlowPathCallGeneratorWithArguments::generateImpl):

bytecode/ByValInfo.h:

(JSC::ByValInfo::ByValInfo):

bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::callReturnLocation):
(JSC::CallLinkInfo::patchableJump):
(JSC::CallLinkInfo::hotPathBegin):
(JSC::CallLinkInfo::slowPathStart):

bytecode/CallLinkInfo.h:

(JSC::CallLinkInfo::setCallLocations):
(JSC::CallLinkInfo::hotPathOther):

bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finishCreation):

bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback):

bytecode/GetByIdVariant.cpp:

(JSC::GetByIdVariant::GetByIdVariant):
(JSC::GetByIdVariant::dumpInContext const):

bytecode/GetByIdVariant.h:

(JSC::GetByIdVariant::customAccessorGetter const):

bytecode/GetterSetterAccessCase.cpp:

(JSC::GetterSetterAccessCase::create):
(JSC::GetterSetterAccessCase::GetterSetterAccessCase):
(JSC::GetterSetterAccessCase::dumpImpl const):

bytecode/GetterSetterAccessCase.h:

(JSC::GetterSetterAccessCase::customAccessor const):
(): Deleted.

bytecode/HandlerInfo.h:

(JSC::HandlerInfo::initialize):

bytecode/InlineAccess.cpp:

(JSC::linkCodeInline):
(JSC::InlineAccess::rewireStubAsJump):

bytecode/InlineAccess.h:
bytecode/JumpTable.h:

(JSC::StringJumpTable::ctiForValue):
(JSC::SimpleJumpTable::ctiForValue):

bytecode/LLIntCallLinkInfo.h:

(JSC::LLIntCallLinkInfo::unlink):

bytecode/PolymorphicAccess.cpp:

(JSC::AccessGenerationState::emitExplicitExceptionHandler):
(JSC::PolymorphicAccess::regenerate):

bytecode/PolymorphicAccess.h:

(JSC::AccessGenerationResult::AccessGenerationResult):
(JSC::AccessGenerationResult::code const):

bytecode/StructureStubInfo.h:

(JSC::StructureStubInfo::slowPathCallLocation):
(JSC::StructureStubInfo::doneLocation):
(JSC::StructureStubInfo::slowPathStartLocation):
(JSC::StructureStubInfo::patchableJumpForIn):

dfg/DFGCommonData.h:

(JSC::DFG::CommonData::appendCatchEntrypoint):

dfg/DFGDisassembler.cpp:

(JSC::DFG::Disassembler::dumpDisassembly):

dfg/DFGDriver.h:
dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::linkOSRExits):
(JSC::DFG::JITCompiler::compileExceptionHandlers):
(JSC::DFG::JITCompiler::link):
(JSC::DFG::JITCompiler::compileFunction):
(JSC::DFG::JITCompiler::noticeCatchEntrypoint):

dfg/DFGJITCompiler.h:

(JSC::DFG::CallLinkRecord::CallLinkRecord):
(JSC::DFG::JITCompiler::appendCall):
(JSC::DFG::JITCompiler::JSCallRecord::JSCallRecord):
(JSC::DFG::JITCompiler::JSDirectCallRecord::JSDirectCallRecord):
(JSC::DFG::JITCompiler::JSDirectTailCallRecord::JSDirectTailCallRecord):

dfg/DFGJITFinalizer.cpp:

(JSC::DFG::JITFinalizer::JITFinalizer):
(JSC::DFG::JITFinalizer::finalize):
(JSC::DFG::JITFinalizer::finalizeFunction):

dfg/DFGJITFinalizer.h:
dfg/DFGJumpReplacement.h:

(JSC::DFG::JumpReplacement::JumpReplacement):

dfg/DFGNode.h:
dfg/DFGOSREntry.cpp:

(JSC::DFG::prepareOSREntry):
(JSC::DFG::prepareCatchOSREntry):

dfg/DFGOSREntry.h:

(JSC::DFG::prepareOSREntry):

dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::executeOSRExit):
(JSC::DFG::reifyInlinedCallFrames):
(JSC::DFG::adjustAndJumpToTarget):
(JSC::DFG::OSRExit::codeLocationForRepatch const):
(JSC::DFG::OSRExit::emitRestoreArguments):
(JSC::DFG::OSRExit::compileOSRExit):

dfg/DFGOSRExit.h:
dfg/DFGOSRExitCompilerCommon.cpp:

(JSC::DFG::handleExitCounts):
(JSC::DFG::reifyInlinedCallFrames):
(JSC::DFG::osrWriteBarrier):
(JSC::DFG::adjustAndJumpToTarget):

dfg/DFGOperations.cpp:
dfg/DFGSlowPathGenerator.h:

(JSC::DFG::CallResultAndArgumentsSlowPathGenerator::CallResultAndArgumentsSlowPathGenerator):
(JSC::DFG::CallResultAndArgumentsSlowPathGenerator::unpackAndGenerate):
(JSC::DFG::slowPathCall):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileMathIC):
(JSC::DFG::SpeculativeJIT::compileCallDOM):
(JSC::DFG::SpeculativeJIT::compileCallDOMGetter):
(JSC::DFG::SpeculativeJIT::emitSwitchIntJump):
(JSC::DFG::SpeculativeJIT::emitSwitchImm):
(JSC::DFG::SpeculativeJIT::emitSwitchStringOnString):
(JSC::DFG::SpeculativeJIT::compileHasIndexedProperty):
(JSC::DFG::SpeculativeJIT::compileGetDirectPname):
(JSC::DFG::SpeculativeJIT::cachedPutById):

dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):
(JSC::DFG::SpeculativeJIT::appendCall):
(JSC::DFG::SpeculativeJIT::appendCallWithCallFrameRollbackOnException):
(JSC::DFG::SpeculativeJIT::appendCallWithCallFrameRollbackOnExceptionSetResult):
(JSC::DFG::SpeculativeJIT::appendCallSetResult):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedGetByIdWithThis):
(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGThunks.cpp:

(JSC::DFG::osrExitThunkGenerator):
(JSC::DFG::osrExitGenerationThunkGenerator):
(JSC::DFG::osrEntryThunkGenerator):

dfg/DFGThunks.h:
disassembler/ARM64Disassembler.cpp:

(JSC::tryToDisassemble):

disassembler/ARMv7Disassembler.cpp:

(JSC::tryToDisassemble):

disassembler/Disassembler.cpp:

(JSC::disassemble):
(JSC::disassembleAsynchronously):

disassembler/Disassembler.h:

(JSC::tryToDisassemble):

disassembler/UDis86Disassembler.cpp:

(JSC::tryToDisassembleWithUDis86):

disassembler/UDis86Disassembler.h:

(JSC::tryToDisassembleWithUDis86):

disassembler/X86Disassembler.cpp:

(JSC::tryToDisassemble):

ftl/FTLCompile.cpp:

(JSC::FTL::compile):

ftl/FTLExceptionTarget.cpp:

(JSC::FTL::ExceptionTarget::label):
(JSC::FTL::ExceptionTarget::jumps):

ftl/FTLExceptionTarget.h:
ftl/FTLGeneratedFunction.h:
ftl/FTLJITCode.cpp:

(JSC::FTL::JITCode::initializeB3Code):
(JSC::FTL::JITCode::initializeAddressForCall):
(JSC::FTL::JITCode::initializeArityCheckEntrypoint):
(JSC::FTL::JITCode::addressForCall):
(JSC::FTL::JITCode::executableAddressAtOffset):

ftl/FTLJITCode.h:

(JSC::FTL::JITCode::b3Code const):

ftl/FTLJITFinalizer.cpp:

(JSC::FTL::JITFinalizer::finalizeCommon):

ftl/FTLLazySlowPath.cpp:

(JSC::FTL::LazySlowPath::initialize):
(JSC::FTL::LazySlowPath::generate):

ftl/FTLLazySlowPath.h:

(JSC::FTL::LazySlowPath::patchableJump const):
(JSC::FTL::LazySlowPath::done const):
(JSC::FTL::LazySlowPath::stub const):

ftl/FTLLazySlowPathCall.h:

(JSC::FTL::createLazyCallGenerator):

ftl/FTLLink.cpp:

(JSC::FTL::link):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::lower):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstruct):
(JSC::FTL::DFG::LowerDFGToB3::compileDirectCallOrConstruct):
(JSC::FTL::DFG::LowerDFGToB3::compileTailCall):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
(JSC::FTL::DFG::LowerDFGToB3::compileCallEval):
(JSC::FTL::DFG::LowerDFGToB3::compileInvalidationPoint):
(JSC::FTL::DFG::LowerDFGToB3::compileIn):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOMGetter):
(JSC::FTL::DFG::LowerDFGToB3::lazySlowPath):

ftl/FTLOSRExit.cpp:

(JSC::FTL::OSRExit::codeLocationForRepatch const):

ftl/FTLOSRExit.h:
ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileStub):
(JSC::FTL::compileFTLOSRExit):

ftl/FTLOSRExitHandle.cpp:

(JSC::FTL::OSRExitHandle::emitExitThunk):

ftl/FTLOperations.cpp:

(JSC::FTL::compileFTLLazySlowPath):

ftl/FTLPatchpointExceptionHandle.cpp:

(JSC::FTL::PatchpointExceptionHandle::scheduleExitCreationForUnwind):

ftl/FTLSlowPathCall.cpp:

(JSC::FTL::SlowPathCallContext::keyWithTarget const):
(JSC::FTL::SlowPathCallContext::makeCall):

ftl/FTLSlowPathCall.h:

(JSC::FTL::callOperation):

ftl/FTLSlowPathCallKey.cpp:

(JSC::FTL::SlowPathCallKey::dump const):

ftl/FTLSlowPathCallKey.h:

(JSC::FTL::SlowPathCallKey::SlowPathCallKey):
(JSC::FTL::SlowPathCallKey::callTarget const):
(JSC::FTL::SlowPathCallKey::withCallTarget):
(JSC::FTL::SlowPathCallKey::hash const):
(JSC::FTL::SlowPathCallKey::callPtrTag const): Deleted.

ftl/FTLState.cpp:

(JSC::FTL::State::State):

ftl/FTLThunks.cpp:

(JSC::FTL::genericGenerationThunkGenerator):
(JSC::FTL::osrExitGenerationThunkGenerator):
(JSC::FTL::lazySlowPathGenerationThunkGenerator):
(JSC::FTL::slowPathCallThunkGenerator):

ftl/FTLThunks.h:

(JSC::FTL::generateIfNecessary):
(JSC::FTL::keyForThunk):
(JSC::FTL::Thunks::getSlowPathCallThunk):
(JSC::FTL::Thunks::keyForSlowPathCallThunk):

interpreter/InterpreterInlines.h:

(JSC::Interpreter::getOpcodeID):

jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::callExceptionFuzz):
(JSC::AssemblyHelpers::emitDumbVirtualCall):
(JSC::AssemblyHelpers::debugCall):

jit/CCallHelpers.cpp:

(JSC::CCallHelpers::ensureShadowChickenPacket):

jit/ExecutableAllocator.cpp:

(JSC::FixedVMPoolExecutableAllocator::initializeSeparatedWXHeaps):
(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):

jit/ExecutableAllocator.h:

(JSC::performJITMemcpy):

jit/GCAwareJITStubRoutine.cpp:

(JSC::GCAwareJITStubRoutine::GCAwareJITStubRoutine):
(JSC::MarkingGCAwareJITStubRoutine::MarkingGCAwareJITStubRoutine):
(JSC::GCAwareJITStubRoutineWithExceptionHandler::GCAwareJITStubRoutineWithExceptionHandler):
(JSC::createJITStubRoutine):

jit/GCAwareJITStubRoutine.h:

(JSC::createJITStubRoutine):

jit/JIT.cpp:

(JSC::ctiPatchCallByReturnAddress):
(JSC::JIT::compileWithoutLinking):
(JSC::JIT::link):
(JSC::JIT::privateCompileExceptionHandlers):

jit/JIT.h:

(JSC::CallRecord::CallRecord):

jit/JITArithmetic.cpp:

(JSC::JIT::emitMathICFast):
(JSC::JIT::emitMathICSlow):

jit/JITCall.cpp:

(JSC::JIT::compileOpCallSlowCase):

jit/JITCall32_64.cpp:

(JSC::JIT::compileOpCallSlowCase):

jit/JITCode.cpp:

(JSC::JITCodeWithCodeRef::JITCodeWithCodeRef):
(JSC::JITCodeWithCodeRef::executableAddressAtOffset):
(JSC::DirectJITCode::DirectJITCode):
(JSC::DirectJITCode::initializeCodeRef):
(JSC::DirectJITCode::addressForCall):
(JSC::NativeJITCode::NativeJITCode):
(JSC::NativeJITCode::initializeCodeRef):
(JSC::NativeJITCode::addressForCall):

jit/JITCode.h:
jit/JITCodeMap.h:

(JSC::JITCodeMap::Entry::Entry):
(JSC::JITCodeMap::Entry::codeLocation):
(JSC::JITCodeMap::append):
(JSC::JITCodeMap::find const):

jit/JITDisassembler.cpp:

(JSC::JITDisassembler::dumpDisassembly):

jit/JITExceptions.cpp:

(JSC::genericUnwind):

jit/JITInlineCacheGenerator.cpp:

(JSC::JITByIdGenerator::finalize):

jit/JITInlines.h:

(JSC::JIT::emitNakedCall):
(JSC::JIT::emitNakedTailCall):
(JSC::JIT::appendCallWithExceptionCheck):
(JSC::JIT::appendCallWithExceptionCheckAndSlowPathReturnType):
(JSC::JIT::appendCallWithCallFrameRollbackOnException):
(JSC::JIT::appendCallWithExceptionCheckSetJSValueResult):
(JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile):

jit/JITMathIC.h:

(JSC::isProfileEmpty):

jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_switch_imm):
(JSC::JIT::emit_op_switch_char):
(JSC::JIT::emit_op_switch_string):
(JSC::JIT::privateCompileHasIndexedProperty):
(JSC::JIT::emitSlow_op_has_indexed_property):

jit/JITOpcodes32_64.cpp:

(JSC::JIT::privateCompileHasIndexedProperty):

jit/JITOperations.cpp:

(JSC::getByVal):

jit/JITPropertyAccess.cpp:

(JSC::JIT::stringGetByValStubGenerator):
(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitPutByValWithCachedId):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id_direct):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id_with_this):
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::privateCompileGetByVal):
(JSC::JIT::privateCompileGetByValWithCachedId):
(JSC::JIT::privateCompilePutByVal):
(JSC::JIT::privateCompilePutByValWithCachedId):

jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::stringGetByValStubGenerator):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitSlow_op_put_by_val):

jit/JITStubRoutine.h:

(JSC::JITStubRoutine::JITStubRoutine):
(JSC::JITStubRoutine::createSelfManagedRoutine):
(JSC::JITStubRoutine::code const):
(JSC::JITStubRoutine::asCodePtr):

jit/JITThunks.cpp:

(JSC::JITThunks::ctiNativeCall):
(JSC::JITThunks::ctiNativeConstruct):
(JSC::JITThunks::ctiNativeTailCall):
(JSC::JITThunks::ctiNativeTailCallWithoutSavedTags):
(JSC::JITThunks::ctiInternalFunctionCall):
(JSC::JITThunks::ctiInternalFunctionConstruct):
(JSC::JITThunks::ctiStub):
(JSC::JITThunks::existingCTIStub):
(JSC::JITThunks::hostFunctionStub):

jit/JITThunks.h:
jit/PCToCodeOriginMap.cpp:

(JSC::PCToCodeOriginMap::PCToCodeOriginMap):

jit/PCToCodeOriginMap.h:
jit/PolymorphicCallStubRoutine.cpp:

(JSC::PolymorphicCallStubRoutine::PolymorphicCallStubRoutine):

jit/PolymorphicCallStubRoutine.h:
jit/Repatch.cpp:

(JSC::readPutICCallTarget):
(JSC::ftlThunkAwareRepatchCall):
(JSC::appropriateOptimizingGetByIdFunction):
(JSC::appropriateGetByIdFunction):
(JSC::tryCacheGetByID):
(JSC::repatchGetByID):
(JSC::tryCachePutByID):
(JSC::repatchPutByID):
(JSC::tryCacheIn):
(JSC::repatchIn):
(JSC::linkSlowFor):
(JSC::linkFor):
(JSC::linkDirectFor):
(JSC::revertCall):
(JSC::unlinkFor):
(JSC::linkVirtualFor):
(JSC::linkPolymorphicCall):
(JSC::resetGetByID):
(JSC::resetPutByID):

jit/Repatch.h:
jit/SlowPathCall.h:

(JSC::JITSlowPathCall::call):

jit/SpecializedThunkJIT.h:

(JSC::SpecializedThunkJIT::finalize):
(JSC::SpecializedThunkJIT::callDoubleToDouble):
(JSC::SpecializedThunkJIT::callDoubleToDoublePreservingReturn):

jit/ThunkGenerator.h:
jit/ThunkGenerators.cpp:

(JSC::throwExceptionFromCallSlowPathGenerator):
(JSC::slowPathFor):
(JSC::linkCallThunkGenerator):
(JSC::linkPolymorphicCallThunkGenerator):
(JSC::virtualThunkFor):
(JSC::nativeForGenerator):
(JSC::nativeCallGenerator):
(JSC::nativeTailCallGenerator):
(JSC::nativeTailCallWithoutSavedTagsGenerator):
(JSC::nativeConstructGenerator):
(JSC::internalFunctionCallGenerator):
(JSC::internalFunctionConstructGenerator):
(JSC::arityFixupGenerator):
(JSC::unreachableGenerator):
(JSC::charCodeAtThunkGenerator):
(JSC::charAtThunkGenerator):
(JSC::fromCharCodeThunkGenerator):
(JSC::clz32ThunkGenerator):
(JSC::sqrtThunkGenerator):
(JSC::floorThunkGenerator):
(JSC::ceilThunkGenerator):
(JSC::truncThunkGenerator):
(JSC::roundThunkGenerator):
(JSC::expThunkGenerator):
(JSC::logThunkGenerator):
(JSC::absThunkGenerator):
(JSC::imulThunkGenerator):
(JSC::randomThunkGenerator):
(JSC::boundThisNoArgsFunctionCallGenerator):

jit/ThunkGenerators.h:
llint/LLIntData.cpp:

(JSC::LLInt::initialize):

llint/LLIntData.h:

(JSC::LLInt::getExecutableAddress):
(JSC::LLInt::getCodePtr):
(JSC::LLInt::getCodeRef):
(JSC::LLInt::getCodeFunctionPtr):

llint/LLIntEntrypoint.cpp:

(JSC::LLInt::setFunctionEntrypoint):
(JSC::LLInt::setEvalEntrypoint):
(JSC::LLInt::setProgramEntrypoint):
(JSC::LLInt::setModuleProgramEntrypoint):

llint/LLIntExceptions.cpp:

(JSC::LLInt::callToThrow):

llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::setUpCall):

llint/LLIntThunks.cpp:

(JSC::vmEntryToWasm):
(JSC::LLInt::generateThunkWithJumpTo):
(JSC::LLInt::functionForCallEntryThunkGenerator):
(JSC::LLInt::functionForConstructEntryThunkGenerator):
(JSC::LLInt::functionForCallArityCheckThunkGenerator):
(JSC::LLInt::functionForConstructArityCheckThunkGenerator):
(JSC::LLInt::evalEntryThunkGenerator):
(JSC::LLInt::programEntryThunkGenerator):
(JSC::LLInt::moduleProgramEntryThunkGenerator):

llint/LLIntThunks.h:
llint/LowLevelInterpreter.asm:
llint/LowLevelInterpreter32_64.asm:
llint/LowLevelInterpreter64.asm:
profiler/ProfilerCompilation.cpp:

(JSC::Profiler::Compilation::addOSRExitSite):

profiler/ProfilerCompilation.h:
profiler/ProfilerOSRExitSite.cpp:

(JSC::Profiler::OSRExitSite::toJS const):

profiler/ProfilerOSRExitSite.h:

(JSC::Profiler::OSRExitSite::OSRExitSite):
(JSC::Profiler::OSRExitSite::codeAddress const):
(JSC::Profiler::OSRExitSite:: const): Deleted.

runtime/ExecutableBase.cpp:

(JSC::ExecutableBase::clearCode):

runtime/ExecutableBase.h:

(JSC::ExecutableBase::entrypointFor):

runtime/NativeExecutable.cpp:

(JSC::NativeExecutable::finishCreation):

runtime/NativeFunction.h:

(JSC::TaggedNativeFunction::TaggedNativeFunction):
(JSC::TaggedNativeFunction::operator NativeFunction):

runtime/PtrTag.h:

(JSC::tagCodePtr):
(JSC::untagCodePtr):
(JSC::retagCodePtr):
(JSC::tagCFunctionPtr):
(JSC::untagCFunctionPtr):
(JSC::nextPtrTagID): Deleted.

runtime/PutPropertySlot.h:

(JSC::PutPropertySlot::PutPropertySlot):
(JSC::PutPropertySlot::setCustomValue):
(JSC::PutPropertySlot::setCustomAccessor):
(JSC::PutPropertySlot::customSetter const):

runtime/ScriptExecutable.cpp:

(JSC::ScriptExecutable::installCode):

runtime/VM.cpp:

(JSC::VM::getHostFunction):
(JSC::VM::getCTIInternalFunctionTrampolineFor):

runtime/VM.h:

(JSC::VM::getCTIStub):

wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::emitExceptionCheck):
(JSC::Wasm::B3IRGenerator::emitTierUpCheck):
(JSC::Wasm::B3IRGenerator::addCall):
(JSC::Wasm::B3IRGenerator::addCallIndirect):

wasm/WasmBBQPlan.cpp:

(JSC::Wasm::BBQPlan::prepare):
(JSC::Wasm::BBQPlan::complete):

wasm/WasmBBQPlan.h:
wasm/WasmBinding.cpp:

(JSC::Wasm::wasmToWasm):

wasm/WasmBinding.h:
wasm/WasmCallee.h:

(JSC::Wasm::Callee::entrypoint const):

wasm/WasmCallingConvention.h:

(JSC::Wasm::CallingConvention::setupFrameInPrologue const):

wasm/WasmCodeBlock.h:

(JSC::Wasm::CodeBlock::entrypointLoadLocationFromFunctionIndexSpace):

wasm/WasmFaultSignalHandler.cpp:

(JSC::Wasm::trapHandler):

wasm/WasmFormat.h:
wasm/WasmInstance.h:
wasm/WasmOMGPlan.cpp:

(JSC::Wasm::OMGPlan::work):

wasm/WasmThunks.cpp:

(JSC::Wasm::throwExceptionFromWasmThunkGenerator):
(JSC::Wasm::throwStackOverflowFromWasmThunkGenerator):
(JSC::Wasm::triggerOMGTierUpThunkGenerator):
(JSC::Wasm::Thunks::stub):
(JSC::Wasm::Thunks::existingStub):

wasm/WasmThunks.h:
wasm/js/JSToWasm.cpp:

(JSC::Wasm::createJSToWasmWrapper):

wasm/js/JSWebAssemblyCodeBlock.h:
wasm/js/WasmToJS.cpp:

(JSC::Wasm::handleBadI64Use):
(JSC::Wasm::wasmToJS):

wasm/js/WasmToJS.h:
wasm/js/WebAssemblyFunction.h:
yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::loadFromFrameAndJump):
(JSC::Yarr::YarrGenerator::BacktrackingState::linkDataLabels):
(JSC::Yarr::YarrGenerator::compile):

yarr/YarrJIT.h:

(JSC::Yarr::YarrCodeBlock::set8BitCode):
(JSC::Yarr::YarrCodeBlock::set16BitCode):
(JSC::Yarr::YarrCodeBlock::set8BitCodeMatchOnly):
(JSC::Yarr::YarrCodeBlock::set16BitCodeMatchOnly):
(JSC::Yarr::YarrCodeBlock::execute):
(JSC::Yarr::YarrCodeBlock::clear):

Source/WebCore:

No new tests. This is covered by existing tests.

WebCore.xcodeproj/project.pbxproj:
css/ElementRuleCollector.cpp:

(WebCore::ElementRuleCollector::ruleMatches):

cssjit/CSSPtrTag.h: Added.
cssjit/CompiledSelector.h:
cssjit/FunctionCall.h:

(WebCore::FunctionCall::FunctionCall):
(WebCore::FunctionCall::setFunctionAddress):
(WebCore::FunctionCall::prepareAndCall):

cssjit/SelectorCompiler.cpp:

(WebCore::SelectorCompiler::compileSelector):
(WebCore::SelectorCompiler::SelectorFragment::appendUnoptimizedPseudoClassWithContext):
(WebCore::SelectorCompiler::addPseudoClassType):
(WebCore::SelectorCompiler::SelectorCodeGenerator::compile):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeFunctionCallValueMatching):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementFunctionCallTest):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateContextFunctionCallTest):

cssjit/SelectorCompiler.h:

(WebCore::SelectorCompiler::ruleCollectorSimpleSelectorCheckerFunction):
(WebCore::SelectorCompiler::querySelectorSimpleSelectorCheckerFunction):
(WebCore::SelectorCompiler::ruleCollectorSelectorCheckerFunctionWithCheckingContext):
(WebCore::SelectorCompiler::querySelectorSelectorCheckerFunctionWithCheckingContext):

dom/SelectorQuery.cpp:

(WebCore::SelectorDataList::executeCompiledSingleMultiSelectorData const):
(WebCore::SelectorDataList::execute const):

dom/SelectorQuery.h:

8:07 PM Changeset in webkit [230747] by Conrad Shultz

3 edits in trunk/Source/WebKit

WebKit::DisplayLink maintains a strong reference to WebPageProxy, creating a reference cycle
https://bugs.webkit.org/show_bug.cgi?id=184718

Reviewed by Tim Horton.

It turns out that the m_webPageProxy back-reference in DisplayLink, which was creating a
reference cycle, wasn't ever read, so we can just remove it.

UIProcess/mac/DisplayLink.cpp:

(WebKit::DisplayLink::DisplayLink):

UIProcess/mac/DisplayLink.h:

7:50 PM Changeset in webkit [230746] by Wenson Hsieh

5 edits
3 adds in trunk

[Extra zoom mode] Double tap to zoom should account for text legibility in extra zoom mode
https://bugs.webkit.org/show_bug.cgi?id=184631
<rdar://problem/39303706>

Reviewed by Tim Horton.

Source/WebKit:

Implement the text legibility heuristic alluded to in r230506 by iterating through text runs in the document (up
to a maximum of 200) and building a histogram of font sizes that appear in the document, where each tally
represents a character.

The first and second text legibility zoom scales are then computed based on the zoom scales needed to
make 50% and 90% of the text legible, respectively. Here, a zoom scale that makes text legible is such that the
text would have an apparent font size of a hard-coded constant (currently, 12) after zooming. This means the
first and second text legibility scales may end up being close to one another, or even the same (in the case
where there is only a single font size in the entire document). In this case, we just snap the first scale to
the second, so that double tapping will only toggle between two zoom scales. In another case where the document
has no text (e.g. an image document), we just fall back to a zoom scale of 1.

Test: fast/events/extrazoom/double-tap-to-zoom-on-full-width-text.html

WebProcess/WebPage/ViewGestureGeometryCollector.cpp:

(WebKit::ViewGestureGeometryCollector::computeTextLegibilityScales):

LayoutTests:

Add a layout test to check that double tap to zoom works in extra zoom mode, even when text spans the entire
width of the document.

TestExpectations:
fast/events/extrazoom/double-tap-to-zoom-on-full-width-text-expected.txt: Added.
fast/events/extrazoom/double-tap-to-zoom-on-full-width-text.html: Added.
resources/basic-gestures.js:

Add a helper method to double tap at a given location, and wait for zooming to finish.

(return.new.Promise):

6:03 PM Changeset in webkit [230745] by Megan Gardner

2 edits in trunk/Source/WebKit

Don't activate selection on become first responder
https://bugs.webkit.org/show_bug.cgi?id=184719

Reviewed by Tim Horton.

If we activate the selection immediately on becoming first responder, we cause the selection view to delete itself
since it is not guaranteed to have selection rects immediately due to async/two process architecture. The selection
is activated already when the selection rects change, so there is no reason to activate it now. This has likely worked
in the past because this selection assistant was only for editable text, which would immediately set a caret, which
is a selection. Now that this is for non-editable text as well, activating the selection is problematic.

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView becomeFirstResponderForWebView]):

6:01 PM Changeset in webkit [230744] by Fujii Hironori

3 edits
4 adds in trunk/Tools

[WinCairo][TestWebKitAPI] Implement PlatformWebView for TestWebKit
https://bugs.webkit.org/show_bug.cgi?id=184524

Reviewed by Alex Christensen.

Resurrect PlatformWebView for Windows port which was removed in Bug 104607.

TestWebKitAPI/PlatformWebView.h:
TestWebKitAPI/PlatformWin.cmake:
TestWebKitAPI/win/InjectedBundleControllerWin.cpp: Added.

(TestWebKitAPI::InjectedBundleController::platformInitialize):

TestWebKitAPI/win/PlatformUtilitiesWin.cpp: Added.

(TestWebKitAPI::Util::moduleDirectory):
(TestWebKitAPI::Util::createInjectedBundlePath):
(TestWebKitAPI::Util::createURLForResource):
(TestWebKitAPI::Util::URLForNonExistentResource):
(TestWebKitAPI::Util::isKeyDown):

TestWebKitAPI/win/PlatformWebViewWin.cpp: Added.

(TestWebKitAPI::PlatformWebView::registerWindowClass):
(TestWebKitAPI::PlatformWebView::PlatformWebView):
(TestWebKitAPI::PlatformWebView::initialize):
(TestWebKitAPI::PlatformWebView::~PlatformWebView):
(TestWebKitAPI::PlatformWebView::page const):
(TestWebKitAPI::PlatformWebView::resizeTo):
(TestWebKitAPI::PlatformWebView::simulateSpacebarKeyPress):
(TestWebKitAPI::PlatformWebView::simulateAltKeyPress):
(TestWebKitAPI::PlatformWebView::simulateRightClick):
(TestWebKitAPI::PlatformWebView::simulateMouseMove):
(TestWebKitAPI::PlatformWebView::wndProc):

TestWebKitAPI/win/UtilitiesWin.cpp: Added.

(TestWebKitAPI::Util::run):
(TestWebKitAPI::Util::spinRunLoop):
(TestWebKitAPI::Util::sleep):

5:46 PM Changeset in webkit [230743] by BJ Burg

7 edits in trunk/Source/WebKit

Web Automation: simulated mouse interactions should not be done until associated DOM events have been dispatched
https://bugs.webkit.org/show_bug.cgi?id=184462
<rdar://problem/39323336>

Reviewed by Carlos Garcia Campos and Tim Horton.

Covered by existing layout tests and actions endpoints in WebDriver test suite.

In preparation for implementing the W3C WebDriver command "Perform Actions", we need a way to
know when a simulated mouse event has been fully processed by WebProcess and it is okay to continue
to dispatch more simulated events.

This patch makes mouse events go through a queue as they are delivered to WebPageProxy. The approach
is very similar to how key events are handled. In the key event case, lots of WebEvents can come out
of typing one keystroke, so these need to be queued up and retired one by one when the WebProcess has
finished handling each event. In some mouse event cases---particularly fake mouse moves---there can
also be more than one mouse event waiting to be handled by WebProcess.

In the past, these queued mouse events were tracked with several member variables as different
use cases emerged. These are all replaced with ordinary deque operations, such as peeking or
checking the queue length.

Platform/Logging.h: Add logging channel for mouse events.
UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::AutomationCommandError::toProtocolString): Add type-safe helper class for command errors.
In future patches we can hide knowledge of how this is sent over the protocol by relying more on
the convenience constructors and .toProtocolString() method.

(WebKit::WebAutomationSession::willShowJavaScriptDialog):
This section needs adjustments. Since performMouseInteraction now depends on key events being processed
prior to returning from the command, we need to abort any key event callbacks that are pending if an
alert pops up as a result of sending a mousedown event. Any mouse events that are still queued will
be handled when the alert is dismissed and the nested run loop exits.

(WebKit::WebAutomationSession::mouseEventsFlushedForPage):
(WebKit::WebAutomationSession::keyboardEventsFlushedForPage):
Modernize this a bit. Don't spread knowledge about how commands are sent back out into event handling code.
Our wrapper callbacks in performXXXInteraction handle the protocol-specific details of the response.

(WebKit::WebAutomationSession::performMouseInteraction):
Add code similar to performKeyboardInteractions so that the command doesn't finish until the mouse
event has been fully handled. Unlike keyboards, sometimes mouse interactions don't turn into WebEvents
so we also need to handle the case where there is nothing to be waited on because hit testing did
not return a target to deliver the event to.

(WebKit::WebAutomationSession::performKeyboardInteractions):
Modernize a little bit to use generic callbacks rather than protocol-generated callbacks in the
event waiting/handling code. Now it matches the types used for the mouse event case.

UIProcess/Automation/WebAutomationSession.h:

(WebKit::AutomationCommandError::AutomationCommandError):
Add a helper struct to hold an enumerated error name and an optional free-form error message.

UIProcess/WebPageProxy.h:
UIProcess/WebPageProxy.cpp:

(WebKit::webMouseEventTypeString):
(WebKit::webKeyboardEventTypeString):
(WebKit::WebPageProxy::handleMouseEvent):
(WebKit::WebPageProxy::processNextQueuedMouseEvent):
Split the old method into handleMouseEvent (called by other code) and processNextQueuedMouseEvent.
The latter sends the next mouse event to WebProcess, and can be triggered in didReceiveEvent
if there are more mouse events to be sent to WebProcess.

(WebKit::WebPageProxy::isProcessingMouseEvents const): Added.
(WebKit::WebPageProxy::currentlyProcessedMouseDownEvent): Reimplemented on top of the deque.
(WebKit::WebPageProxy::didReceiveEvent):
Unify the code paths for different mouse event types to all use the deque. They also will
notify the automation session if there are no more mouse events to send (i.e., interaction is over).

(WebKit::WebPageProxy::resetStateAfterProcessExited): Add handling for new map.

5:42 PM Changeset in webkit [230742] by Jonathan Bedard

2 edits in trunk/Tools

Fix hasher tests for system with 32 bit longs
https://bugs.webkit.org/show_bug.cgi?id=184708
<rdar://problem/39459977>

Reviewed by Mark Lam.

Some systems have 32 bit longs. The Hasher WTF tests should handle this case.

TestWebKitAPI/Tests/WTF/Hasher.cpp:

(TestWebKitAPI::TEST):

5:05 PM Changeset in webkit [230741] by Matt Lewis

25 edits
2 deletes in trunk

Unreviewed, rolling out r230697, r230720, and r230724.
https://bugs.webkit.org/show_bug.cgi?id=184717

These caused multiple failures on the Test262 testers.
(Requested by mlewis13 on #webkit).

Reverted changesets:

"[WebAssembly][Modules] Prototype wasm import"
https://bugs.webkit.org/show_bug.cgi?id=184600
https://trac.webkit.org/changeset/230697

"[WebAssembly][Modules] Implement function import from wasm
modules"
https://bugs.webkit.org/show_bug.cgi?id=184689
https://trac.webkit.org/changeset/230720

"[JSC] Rename runWebAssembly to runWebAssemblySuite"
https://bugs.webkit.org/show_bug.cgi?id=184703
https://trac.webkit.org/changeset/230724

Patch by Commit Queue <commit-queue@webkit.org> on 2018-04-17

4:48 PM Changeset in webkit [230740] by jfbastien@apple.com

3 edits
4 adds in trunk

A put is not an ExistingProperty put when we transition a structure because of an attributes change
https://bugs.webkit.org/show_bug.cgi?id=184706
<rdar://problem/38871451>

Reviewed by Saam Barati.

JSTests:

stress/put-by-id-direct-strict-transition.js: Added.

(const.foo):
(j.const.obj.set hello):

stress/put-by-id-direct-transition.js: Added.

(const.foo):
(j.const.obj.set hello):

stress/put-getter-setter-by-id-strict-transition.js: Added.

(const.foo):
(j.const.obj.set hello):

stress/put-getter-setter-by-id-transition.js: Added.

(const.foo):
(j.const.obj.set hello):

Source/JavaScriptCore:

When putting a property on a structure and the slot is a different
type, the slot can't be said to have already been existing.

runtime/JSObjectInlines.h:

(JSC::JSObject::putDirectInternal):

4:41 PM Changeset in webkit [230739] by Adrian Perez de Castro

2 edits in trunk/Source/WebKit

[GTK][WPE] Build failure due to presence of Avahi's <dns_sd.h> header
https://bugs.webkit.org/show_bug.cgi?id=184711

Unreviewed build fix.

NetworkProcess/webrtc/NetworkMDNSRegister.h: Set ENABLE_MDNS only for PLATFORM(COCOA).

4:38 PM Changeset in webkit [230738] by commit-queue@webkit.org

3 edits
3 adds in trunk

Retain MessagePortChannel for transfer when disentangling ports
https://bugs.webkit.org/show_bug.cgi?id=184502
<rdar://problem/39372771>

Patch by Tadeu Zagallo <Tadeu Zagallo> on 2018-04-17
Reviewed by Geoffrey Garen.

Source/WebCore:

MessagePortChannels should be retained while ports are being transferred, but that was only
happening when sending a port through another port, but not when sending it through a worker.

Test: workers/worker-to-worker.html

dom/messageports/MessagePortChannel.cpp:

(WebCore::MessagePortChannel::entanglePortWithProcess):
(WebCore::MessagePortChannel::disentanglePort):
(WebCore::MessagePortChannel::postMessageToRemote):
(WebCore::MessagePortChannel::takeAllMessagesForPort):

LayoutTests:

Check that the MessageChannel does not get eagerly deallocated when transferring both of its
ports. Original test case provided with the bug report by Ashley Gullen <ashley@scirra.com>

workers/worker-to-worker-expected.txt: Added.
workers/worker-to-worker.html: Added.
workers/worker-to-worker.js: Added.

4:33 PM Changeset in webkit [230737] by commit-queue@webkit.org

4 edits in trunk/Source/WebCore

References from CSSStyleDeclaration to CSSValues should be weak
https://bugs.webkit.org/show_bug.cgi?id=180280
<rdar://problem/35804869>

Patch by Tadeu Zagallo <Tadeu Zagallo> on 2018-04-17
Reviewed by Geoffrey Garen.

No new tests - used the existing test to verify the leak

css/DeprecatedCSSOMValue.h:

(WebCore::DeprecatedCSSOMValue::weakPtrFactory):

css/PropertySetCSSStyleDeclaration.cpp:

(WebCore::PropertySetCSSStyleDeclaration::wrapForDeprecatedCSSOM):

css/PropertySetCSSStyleDeclaration.h:

4:08 PM Changeset in webkit [230736] by Jonathan Bedard

37 edits
8 copies in trunk

Unreviewed rollout of r230632. Regression in memory usage.

That bug tracked in https://bugs.webkit.org/show_bug.cgi?id=184569.

LayoutTests/imported/w3c:

web-platform-tests/web-animations/interfaces/Animatable/animate-expected.txt:

Source/WebCore:

Tests: animations/animation-internals-api-multiple-keyframes.html

animations/animation-internals-api.html
transitions/transition-drt-api-delay.html
transitions/transition-drt-api.html

page/RuntimeEnabledFeatures.h:
testing/Internals.cpp:

(WebCore::Internals::pseudoElement): Deleted.

testing/Internals.h:
testing/Internals.idl:

Source/WebKit:

Shared/WebPreferences.yaml:

Source/WebKitLegacy/mac:

WebView/WebPreferences.mm:

(+[WebPreferences initialize]):

Source/WebKitLegacy/win:

WebPreferences.cpp:

(WebPreferences::initializeDefaultSettings):

Tools:

DumpRenderTree/TestOptions.h:
DumpRenderTree/mac/DumpRenderTree.mm:

(runTest):
(shouldOverrideAndDisableCSSAnimationsAndCSSTransitionsBackedByWebAnimationsPreference): Deleted.

WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetPreferencesToConsistentValues):

WebKitTestRunner/TestOptions.cpp:

(WTR::TestOptions::TestOptions):
(WTR::isLegacyAnimationEngineTestPath): Deleted.

WebKitTestRunner/TestOptions.h:

LayoutTests:

TestExpectations:
animations/animation-direction-alternate-reverse-expected.txt:
animations/animation-direction-alternate-reverse.html:
animations/animation-hit-test-transform.html:
animations/animation-internals-api-expected.txt: Copied from LayoutTests/animations/animation-internals-api-expected.txt.
animations/animation-internals-api-multiple-keyframes-expected.txt: Copied from LayoutTests/animations/animation-internals-api-multiple-keyframes-expected.txt.
animations/animation-internals-api-multiple-keyframes.html: Copied from LayoutTests/animations/animation-internals-api-multiple-keyframes.html.
animations/animation-internals-api.html: Copied from LayoutTests/animations/animation-internals-api.html.
animations/big-rotation-expected.txt:
animations/big-rotation.html:
animations/duplicated-keyframes-name.html:
animations/fill-forwards-end-state.html:
animations/fill-mode-forwards-zero-duration-expected.txt:
animations/fill-mode-forwards-zero-duration.html:
fast/css-generated-content/pseudo-animation.html:
fast/css-generated-content/pseudo-transition.html:
platform/ios/TestExpectations:
platform/win/TestExpectations:
transitions/remove-transition-style.html:
transitions/transition-drt-api-delay-expected.txt: Copied from LayoutTests/transitions/transition-drt-api-delay-expected.txt.
transitions/transition-drt-api-delay.html: Copied from LayoutTests/transitions/transition-drt-api-delay.html.
transitions/transition-drt-api-expected.txt: Copied from LayoutTests/transitions/transition-drt-api-expected.txt.
transitions/transition-drt-api.html: Copied from LayoutTests/transitions/transition-drt-api.html.
transitions/transition-hit-test-transform.html:
transitions/zero-duration-with-non-zero-delay-end.html:

3:57 PM Changeset in webkit [230735] by commit-queue@webkit.org

3 edits
3 adds in trunk

Do not unregister MessagePorts on deallocation if it has been disentangled
https://bugs.webkit.org/show_bug.cgi?id=184285
<rdar://problem/39256714>

Patch by Tadeu Zagallo <Tadeu Zagallo> on 2018-04-17
Reviewed by Darin Adler.

Source/WebCore:

Test: workers/message-port-gc.html

dom/MessagePort.cpp:

(WebCore::MessagePort::deref const):

LayoutTests:

Original test provided as part of the bug report by Yann Cabon <ycabon@esri.com>

workers/message-port-gc-expected.txt: Added.
workers/message-port-gc.html: Added.
workers/message-port-gc.js: Added.

3:21 PM Changeset in webkit [230734] by commit-queue@webkit.org

3 edits in trunk/Source/WebCore

[Curl] Fix timing of reporting error to the client
https://bugs.webkit.org/show_bug.cgi?id=184707

Before checking the result code, check the status of callback invocation and
do the right thing.

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-04-17
Reviewed by Youenn Fablet.

No new tests because there's no new behavior.

platform/network/curl/CurlRequest.cpp:

(WebCore::CurlRequest::didCompleteTransfer):

platform/network/curl/CurlRequest.h:

(WebCore::CurlRequest::needToInvokeDidReceiveResponse const):

3:20 PM Changeset in webkit [230733] by Kocsen Chung

18 edits in branches/safari-605-branch

Apply patch. rdar://problem/39305046

3:15 PM Changeset in webkit [230732] by Kocsen Chung

7 edits
5 adds in branches/safari-605-branch

Cherry-pick r230662. rdar://problem/39496355

Function.prototype.caller shouldn't return generator bodies
https://bugs.webkit.org/show_bug.cgi?id=184630

Reviewed by Yusuke Suzuki.
JSTests:

stress/function-caller-async-arrow-function-body.js: Added.
stress/function-caller-async-function-body.js: Added.
stress/function-caller-async-generator-body.js: Added.
stress/function-caller-generator-body.js: Added.
stress/function-caller-generator-method-body.js: Added.

Source/JavaScriptCore:

Function.prototype.caller no longer returns generator bodies. Those are meant to be
private.

Also added some builtin debugging tools so that it's easier to do the investigation that I
did.

builtins/BuiltinNames.h:
runtime/JSFunction.cpp: (JSC::JSFunction::callerGetter):
runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init):
runtime/JSGlobalObjectFunctions.cpp: (JSC::globalFuncBuiltinDescribe):
runtime/JSGlobalObjectFunctions.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230662 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:14 PM Changeset in webkit [230731] by Kocsen Chung

5 edits in branches/safari-605-branch

Cherry-pick r230530. rdar://problem/39462749

Show punycode if URL contains Latin dum character
https://bugs.webkit.org/show_bug.cgi?id=184477
<rdar://problem/39121999>

Reviewed by David Kilzer.

Source/WebCore:

Revise our "lookalike character" logic to include the small
Latin dum character.

Test: fast/url/host.html

platform/mac/WebCoreNSURLExtras.mm: (WebCore::isLookalikeCharacter):

LayoutTests:

fast/url/host-expected.txt:
fast/url/host.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230530 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:13 PM Changeset in webkit [230730] by timothy@apple.com

2 edits in trunk/Source/WebKit

Always use LayerContentsType::IOSurface in minimal simulator mode
https://bugs.webkit.org/show_bug.cgi?id=184710

Reviewed by Simon Fraser.

UIProcess/RemoteLayerTree/RemoteLayerTreeHost.mm:

(WebKit::RemoteLayerTreeHost::updateLayerTree):

2:54 PM Changeset in webkit [230729] by rniwa@webkit.org

2 edits in trunk/Source/WebKit

Release assert in InjectedBundle::postSynchronousMessage
https://bugs.webkit.org/show_bug.cgi?id=184683

Reviewed by Wenson Hsieh.

Some injected bundles sends sync message when it's not safe to execute scripts.

Use DoNotProcessIncomingMessagesWhenWaitingForSyncReply option in InjectedBundle::postSynchronousMessage
to avoid processing incoming sync IPC messages so that we don't execute arbitrary scripts in those cases.

WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::postSynchronousMessage):

2:42 PM Changeset in webkit [230728] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[Curl] Export authentication information to be used by the client.
https://bugs.webkit.org/show_bug.cgi?id=184709

Just added getters for username and password member variables.

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-04-17
Reviewed by Alex Christensen.

No new tests because there's no new behavior.

platform/network/curl/CurlRequest.h:

(WebCore::CurlRequest::user const):
(WebCore::CurlRequest::password const):

1:15 PM Changeset in webkit [230727] by Chris Dumez

2 edits in trunk/Source/WebKitLegacy/win

Unreviewed attempt to fix the Windows build after r230721

WebCoreSupport/WebFrameLoaderClient.cpp:

(WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

12:56 PM Changeset in webkit [230726] by fpizlo@apple.com

3 edits in trunk/Source/JavaScriptCore

JSGenericTypedArrayView<>::visitChildren has a race condition reading m_mode and m_vector
https://bugs.webkit.org/show_bug.cgi?id=184705

Reviewed by Michael Saboff.

My old multisocket Mac Pro is amazing at catching race conditions in the GC. Earlier today
while testing an unrelated patch, a concurrent GC thread crashed inside
JSGenericTypedArrayView<>::visitChildren() calling markAuxiliary(). I'm pretty sure it's
because a typed array became wasteful concurrently to the GC. So, visitChildren() read one
mode and another vector.

The fix is to lock inside visitChildren and anyone who changes those fields.

I'm not even going to try to write a test. I think it's super lucky that my Mac Pro caught
this.

runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::neuter):

runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren):
(JSC::JSGenericTypedArrayView<Adaptor>::slowDownAndWasteMemory):

12:53 PM Changeset in webkit [230725] by fpizlo@apple.com

5 edits
1 add in trunk

PutStackSinkingPhase should know that KillStack means ConflictingFlush
https://bugs.webkit.org/show_bug.cgi?id=184672

Reviewed by Michael Saboff.

JSTests:

stress/sink-put-stack-over-kill-stack.js: Added.

(avocado_1):
(apricot_0):
(c_0):
(banana_2):

Source/JavaScriptCore:

We've had a long history of KillStack and PutStackSinkingPhase having problems. We kept changing the meaning of
KillStack, and at some point we removed reasoning about KillStack from PutStackSinkingPhase. I tried doing some
archeology - but I'm still not sure why that phase ignores KillStack entirely. Maybe it's an oversight or maybe it's
intentional - I don't know.

Whatever the history, it's clear from the attached test case that ignoring KillStack is not correct. The outcome of
doing so is that we will sometimes sink a PutStack below a KillStack. That's wrong because then, OSR exit will use
the value from the PutStack instead of using the value from the MovHint that is associated with the KillStack. So,
KillStack must be seen as a special kind of clobber of the stack slot. OSRAvailabiity uses ConflictingFlush. I think
that's correct here, too. If we used DeadFlush and that was merged with another control flow path that had a
specific flush format, then we would think that we could sink the flush from that path. That's not right, since that
could still lead to sinking a PutStack past the KillStack in the sense that a PutStack will appear after the
KillStack along one path through the CFG. Also, the definition of DeadFlush and ConflictingFlush in the comment
inside PutStackSinkingPhase seems to suggest that KillStack is a ConflictingFlush, since DeadFlush means that we
have done some PutStack and their values are still valid. KillStack is not a PutStack and it means that previous
values are not valid. The definition of ConflictingFlush is that "we know, via forward flow, that there isn't any
value in the given local that anyone should have been relying on" - which exactly matches KillStack's definition.

This also means that we cannot eliminate arguments allocations that are live over KillStacks, since if we eliminated
them then we would have a GetStack after a KillStack. One easy way to fix this is to say that KillStack writes to
its stack slot for the purpose of clobberize.

dfg/DFGClobberize.h: KillStack "writes" to its stack slot.
dfg/DFGPutStackSinkingPhase.cpp: Fix the bug.
ftl/FTLLowerDFGToB3.cpp: Add better assertion failure.

(JSC::FTL::DFG::LowerDFGToB3::buildExitArguments):

12:13 PM Changeset in webkit [230724] by Yusuke Suzuki

4 edits in trunk

[JSC] Rename runWebAssembly to runWebAssemblySuite
https://bugs.webkit.org/show_bug.cgi?id=184703

Reviewed by JF Bastien.

JSTests:

And add runWebAssembly as a command to simplely run wasm modules.

wasm.yaml:

Tools:

Scripts/run-jsc-stress-tests:

11:59 AM Changeset in webkit [230723] by fpizlo@apple.com

4 edits in trunk/Source/JavaScriptCore

JSWebAssemblyCodeBlock should be in an IsoSubspace
https://bugs.webkit.org/show_bug.cgi?id=184704

Reviewed by Mark Lam.

Previously it was in a CompleteSubspace, which is pretty good, but also quite wasteful.
CompleteSubspace means about 4KB of data to track the size-allocator mapping. IsoSubspace
shortcircuits this. Also, IsoSubspace uses the iso allocator, so it provides stronger UAF
protection.

runtime/VM.cpp:

(JSC::VM::VM):

runtime/VM.h:
wasm/js/JSWebAssemblyCodeBlock.h:

11:33 AM Changeset in webkit [230722] by jer.noble@apple.com

2 edits in trunk/Source/JavaScriptCore

Only enable useSeparatedWXHeap on ARM64.
https://bugs.webkit.org/show_bug.cgi?id=184697

Reviewed by Saam Barati.

runtime/Options.cpp:

(JSC::recomputeDependentOptions):

11:13 AM Changeset in webkit [230721] by Chris Dumez

20 edits
2 adds in trunk

REGRESSION (r229831): CMD-clicking an iCloud web app link unexpectedly opens that link in a new tab and the current tab
https://bugs.webkit.org/show_bug.cgi?id=184678
<rdar://problem/39422122>

Reviewed by Alex Christensen.

Source/WebCore:

Frament navigations need to happen synchronously for Web-compatibility. Because of this,
r225657 added code to make sure that if the client does not make the navigation policy
decision synchronously for frament navigations, then we'll stop waiting for the client
and proceed with the navigation. However, r229831 make the navigation policy decision
IPC decision, meaning that even if the client responds synchronously, it would be
asynchronously from WebCore's point of view. As a result, we would always ignore the
client's policy decision when doing a fragment navigation.

This is an issue on iclould.com because the web-app links are fragment URLs. When you
CMD+click one of these link, we do the navigation policy check. As a result of this
check, Safari responds IGNORE to the policy decision and instead decides to load the
link in a new tab (because CMD key is pressed). Due to the bug mentioned above, we
would not obey the IGNORE policy decision from Safari and load the link in the current
tab, even though Safari would already be loading it in a new tab.

To address the issue, I reintroduced a synchronous code path for navigation policy
decision making, backed by synchronous IPC. This synchronous code path is now used for
fragment navigations to restore pre-r229831 behavior. If the client does not answer
synchronously, we'll proceed with the navigation anyway, as was happening pre-r229831.

Test: http/tests/navigation/fragment-navigation-policy-ignore.html

loader/EmptyClients.cpp:

(WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

loader/EmptyFrameLoaderClient.h:
loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::loadWithDocumentLoader):

loader/FrameLoaderClient.h:
loader/PolicyChecker.cpp:

(WebCore::PolicyChecker::checkNavigationPolicy):

loader/PolicyChecker.h:

Source/WebKit:

Re-introduce synchronous code path which existed pre-r229831 and use it for fragment navigations.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::receivedPolicyDecision):
(WebKit::WebPageProxy::decidePolicyForNavigationActionSync):

UIProcess/WebPageProxy.h:
UIProcess/WebPageProxy.messages.in:
WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

Source/WebKitLegacy/mac:

Add new parameter to dispatchDecidePolicyForNavigationAction.

WebCoreSupport/WebFrameLoaderClient.h:
WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

Source/WebKitLegacy/win:

Add new parameter to dispatchDecidePolicyForNavigationAction.

WebCoreSupport/WebFrameLoaderClient.cpp:

(WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

WebCoreSupport/WebFrameLoaderClient.h:

LayoutTests:

Add layout test coverage.

http/tests/navigation/fragment-navigation-policy-ignore-expected.txt: Added.
http/tests/navigation/fragment-navigation-policy-ignore.html: Added.

11:00 AM Changeset in webkit [230720] by Yusuke Suzuki

18 edits
46 adds in trunk

[WebAssembly][Modules] Implement function import from wasm modules
https://bugs.webkit.org/show_bug.cgi?id=184689

Reviewed by JF Bastien.

JSTests:

wasm.yaml:
wasm/modules/js-wasm-cycle.js: Added.
wasm/modules/js-wasm-cycle/entry.js: Added.

(from.string_appeared_here.export.return42):

wasm/modules/js-wasm-cycle/sum.wasm: Added.
wasm/modules/js-wasm-cycle/sum.wat: Added.
wasm/modules/run-from-wasm.wasm: Added.
wasm/modules/run-from-wasm.wat: Added.
wasm/modules/run-from-wasm/check.js: Added.

(export.check):

wasm/modules/wasm-imports-js-exports.js: Added.
wasm/modules/wasm-imports-js-exports/imports.wasm: Added.
wasm/modules/wasm-imports-js-exports/imports.wat: Added.
wasm/modules/wasm-imports-js-exports/sum.js: Added.

(export.sum):

wasm/modules/wasm-imports-js-re-exports-wasm-exports.js: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wasm: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/imports.wat: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/re-export.js: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wasm: Added.
wasm/modules/wasm-imports-js-re-exports-wasm-exports/sum.wat: Added.
wasm/modules/wasm-imports-wasm-exports.js: Added.
wasm/modules/wasm-imports-wasm-exports/imports.wasm: Added.
wasm/modules/wasm-imports-wasm-exports/imports.wat: Added.
wasm/modules/wasm-imports-wasm-exports/sum.wasm: Added.
wasm/modules/wasm-imports-wasm-exports/sum.wat: Added.
wasm/modules/wasm-js-cycle.js: Added.
wasm/modules/wasm-js-cycle/entry.wasm: Added.
wasm/modules/wasm-js-cycle/entry.wat: Added.
wasm/modules/wasm-js-cycle/sum.js: Added.

(from.string_appeared_here.export.sum):

wasm/modules/wasm-wasm-cycle.js: Added.
wasm/modules/wasm-wasm-cycle/entry.wasm: Added.
wasm/modules/wasm-wasm-cycle/entry.wat: Added.
wasm/modules/wasm-wasm-cycle/sum.wasm: Added.
wasm/modules/wasm-wasm-cycle/sum.wat: Added.

Source/JavaScriptCore:

This patch implements function import from wasm modules. We move function importing part
from JSWebAssemblyInstance's creation function to WebAssemblyModuleRecord::link. This
is because linking these functions requires that all the dependent modules are created.
While we want to move all the linking functionality from JSWebAssemblyInstance to
WebAssemblyModuleRecord::link, we do not that in this patch. In this patch, we move only
function importing part because efficient compilation of WebAssembly needs to know
the type of WebAssemblyMemory (signaling or bound checking). This needs to know imported
or attached WebAssembly memory object. So we cannot defer this linking to
WebAssemblyModuleRecord::link now.

The largest difference from JS module linking is that WebAssembly module linking links
function from the module by snapshotting. When you have a cyclic module graph like this,

-> JS1 (export "fun") -> Wasm1 (import "fun from JS1) -+

^{|

+--------------------------------------------------+}

we fail to link this since "fun" is not instantiated when Wasm1 is first linked. This behavior
is described in [1], and tested in this patch.

[1]: https://github.com/WebAssembly/esm-integration/tree/master/proposals/esm-integration#js---wasm-cycle-where-js-is-higher-in-the-module-graph

JavaScriptCore.xcodeproj/project.pbxproj:
jsc.cpp:

(functionDollarAgentStart):
(checkException):
(runWithOptions):
Small fixes for wasm module loading.

parser/NodesAnalyzeModule.cpp:

(JSC::ImportDeclarationNode::analyzeModule):

runtime/AbstractModuleRecord.cpp:

(JSC::AbstractModuleRecord::resolveImport):
(JSC::AbstractModuleRecord::link):

runtime/AbstractModuleRecord.h:

(JSC::AbstractModuleRecord::moduleEnvironmentMayBeNull):
(JSC::AbstractModuleRecord::ImportEntry::isNamespace const): Deleted.
Now, wasm modules can have import which is named "*". So this function does not work.
Since wasm modules never have namespace importing, we check this in JS's module analyzer.

runtime/JSModuleEnvironment.cpp:

(JSC::JSModuleEnvironment::getOwnNonIndexPropertyNames):

runtime/JSModuleRecord.cpp:

(JSC::JSModuleRecord::instantiateDeclarations):

wasm/WasmCreationMode.h: Added.
wasm/js/JSWebAssemblyInstance.cpp:

(JSC::JSWebAssemblyInstance::finalizeCreation):
(JSC::JSWebAssemblyInstance::create):

wasm/js/JSWebAssemblyInstance.h:
wasm/js/WebAssemblyInstanceConstructor.cpp:

(JSC::constructJSWebAssemblyInstance):

wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::link):

wasm/js/WebAssemblyModuleRecord.h:
wasm/js/WebAssemblyPrototype.cpp:

(JSC::resolve):
(JSC::instantiate):
(JSC::compileAndInstantiate):
(JSC::WebAssemblyPrototype::instantiate):
(JSC::webAssemblyInstantiateFunc):

Tools:

Add runWebAssemblyDirect, which runs wasm file directly.

Scripts/run-jsc-stress-tests:

10:23 AM Changeset in webkit [230719] by Dewei Zhu

11 edits in trunk/Websites/perf.webkit.org

Commit order should always be returned by api.
https://bugs.webkit.org/show_bug.cgi?id=184674

Reviewed by Ryosuke Niwa.

Commit order sometimes missing in CommitLog object before this change.
This makes ordering commits logic become unnecessarily complicate.
This change will ensure commit order is always fetched for a CommitLog object.
Change measurement-set API to contain commit order information.
Change commits API to contain commit order information.

public/api/measurement-set.php: Includes commit order information.
public/include/commit-log-fetcher.php:
public/v3/models/commit-log.js: Added a function to return order information.

(CommitLog.prototype.updateSingleton): This function should update commit order.
(CommitLog.prototype.order): Returns the order of commit.

public/v3/models/commit-set.js:

(MeasurementCommitSet): Update MeasurementCommitSet to contain commit order information when creating CommitLog object.

server-tests/api-measurement-set-tests.js: Updated unit tests.
unit-tests/analysis-task-tests.js: Update unit tests to contain commit order information in mock data.

(measurementCluster):

unit-tests/commit-log-tests.js: Added unit tests for CommitLog.order.
unit-tests/commit-set-tests.js: Added commit order in MeasurementCommitSet.
unit-tests/measurement-adaptor-tests.js: Updated unit tests to contain commit order information in mock data.
unit-tests/measurement-set-tests.js: Updated unit tests to contain commit order information in mock data.

10:13 AM Changeset in webkit [230718] by Michael Catanzaro

3 edits in trunk/Source/WebKit

[WPE][GTK] GObject introspection annotation fixes: BackForwardList, NetworkProxySettings
https://bugs.webkit.org/show_bug.cgi?id=184658

Reviewed by Carlos Garcia Campos.

Thanks to Dylan Simon for recommending these annotation fixes.

UIProcess/API/glib/WebKitBackForwardList.cpp:
UIProcess/API/glib/WebKitNetworkProxySettings.cpp:

10:05 AM Changeset in webkit [230717] by commit-queue@webkit.org

5 edits in trunk/Source/JavaScriptCore

Implement setupArgumentsImpl for ARM and MIPS
https://bugs.webkit.org/show_bug.cgi?id=183786

Patch by Dominik Infuehr <dinfuehr@igalia.com> on 2018-04-17
Reviewed by Yusuke Suzuki.

Implement setupArgumentsImpl for ARM (hardfp and softfp) and MIPS calling convention. Added
numCrossSources and extraGPRArgs to ArgCollection to keep track of extra
registers used for 64-bit values on 32-bit architectures. numCrossSources
keeps track of assignments from FPR to GPR registers as happens e.g. on MIPS.

assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::moveDouble):

assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::moveDouble):

jit/CCallHelpers.h:

(JSC::CCallHelpers::setupStubCrossArgs):
(JSC::CCallHelpers::ArgCollection::ArgCollection):
(JSC::CCallHelpers::ArgCollection::pushRegArg):
(JSC::CCallHelpers::ArgCollection::pushExtraRegArg):
(JSC::CCallHelpers::ArgCollection::addGPRArg):
(JSC::CCallHelpers::ArgCollection::addGPRExtraArg):
(JSC::CCallHelpers::ArgCollection::addStackArg):
(JSC::CCallHelpers::ArgCollection::addPoke):
(JSC::CCallHelpers::ArgCollection::argCount):
(JSC::CCallHelpers::calculatePokeOffset):
(JSC::CCallHelpers::pokeForArgument):
(JSC::CCallHelpers::stackAligned):
(JSC::CCallHelpers::marshallArgumentRegister):
(JSC::CCallHelpers::setupArgumentsImpl):
(JSC::CCallHelpers::pokeArgumentsAligned):
(JSC::CCallHelpers::std::is_integral<CURRENT_ARGUMENT_TYPE>::value):
(JSC::CCallHelpers::std::is_pointer<CURRENT_ARGUMENT_TYPE>::value):
(JSC::CCallHelpers::setupArguments):

jit/FPRInfo.h:

(JSC::FPRInfo::toArgumentRegister):

10:02 AM Changeset in webkit [230716] by Matt Lewis

2 edits in trunk/Source/WebCore

Unreviewed, rolling out r230713.

This caused internal build failures.

Reverted changeset:

"Implement checked cast for DDResultRef once
DDResultGetTypeID() is available"
https://bugs.webkit.org/show_bug.cgi?id=184554
https://trac.webkit.org/changeset/230713

9:59 AM Changeset in webkit [230715] by Chris Dumez

21 edits
4 adds in trunk/Source

Add bindings code for RemoteDOMWindow
https://bugs.webkit.org/show_bug.cgi?id=184653

Reviewed by Ryosuke Niwa.

Add bindings code for RemoteDOMWindow. A RemoteDOMWindow behaves exactly like a cross-origin
DOMWindow, which is backed by a RemoteDOMWindow object instead of a DOMWindow one. Since
a RemoteDOMWindow is always cross origin, we do not need cross-origin checks and the bindings
code is identical to the DOMWindow code paths from cross-origin handling.

No new tests, this code will be used and tested via Bug 184515.

CMakeLists.txt:
DerivedSources.make:
Sources.txt:
WebCore.xcodeproj/project.pbxproj:
bindings/js/JSBindingsAllInOne.cpp:
bindings/js/JSDOMWindowCustom.cpp:

(WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
(WebCore::JSDOMWindow::getOwnPropertySlot):
(WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
(WebCore::addCrossOriginWindowOwnPropertyNames):

bindings/js/JSDOMWindowCustom.h:

bindings/js/JSRemoteDOMWindowBase.cpp: Added.

(WebCore::JSRemoteDOMWindowBase::JSRemoteDOMWindowBase):
(WebCore::JSRemoteDOMWindowBase::destroy):
(WebCore::JSRemoteDOMWindowBase::javaScriptRuntimeFlags):
(WebCore::toJS):
(WebCore::toJSRemoteDOMWindow):

bindings/js/JSRemoteDOMWindowBase.h: Added.

JSRemoteDOMWindow unfortunately currently needs to be a global object because of:

a JSProxy's target needs to be a JSGlobalObject currently
The 'structure()->setGlobalObject(vm, &window);' call in JSDOMWindowProxy::setWindow(VM&, JSDOMGlobalObject&) which requires a JSGlobalObject.

Ideally, this wouldn't be the case in the future but this would require some code refactoring.
Our DOM global objects normally subclass JSDOMGlobalObject so I decided to subclass JSDOMGlobalObject,
which brings some things our bindings code expect. However, subclassing JSDOMGlobalObject directly is
problematic because it does not hold the m_wrapped implementation pointer. To address this issue, all
our our DOM global objects have a JS*Base base class which subclasses JSDOMGlobalObject and stores the
m_wrapped implementation pointer. I followed the same pattern here.

(WebCore::toJS):

bindings/js/JSRemoteDOMWindowCustom.cpp: Added.

(WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
(WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
(WebCore::JSRemoteDOMWindow::put):
(WebCore::JSRemoteDOMWindow::putByIndex):
(WebCore::JSRemoteDOMWindow::deleteProperty):
(WebCore::JSRemoteDOMWindow::deletePropertyByIndex):
(WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
(WebCore::JSRemoteDOMWindow::defineOwnProperty):
(WebCore::JSRemoteDOMWindow::getPrototype):
(WebCore::JSRemoteDOMWindow::preventExtensions):
(WebCore::JSRemoteDOMWindow::toStringName):

bindings/scripts/CodeGeneratorJS.pm:

(IsDOMGlobalObject):
(GenerateHeader):
(GenerateOverloadDispatcher):
(GenerateImplementation):

page/RemoteDOMWindow.idl: Added.

9:40 AM Changeset in webkit [230714] by Brent Fulgham

4 edits in trunk/Source/WebKit

[macOS] Don't establish unneeded Dock connections (Follow-up)
https://bugs.webkit.org/show_bug.cgi?id=184664
<rdar://problem/16863698>

Reviewed by Per Arne Vollan.

Because the Plugin process is driven by NSApplication's run loop, we aren't
setting the 'don't connect to the dock' setting early enough.

This patch sets the flag in XPCServiceMain for those services that
are linked to AppKit.

PluginProcess/mac/PluginProcessMac.mm:

(WebKit::PluginProcess::platformInitializeProcess): Remove unneeded code.

Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.mm:

(main):

WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess): Remove unneeded code.

9:28 AM Changeset in webkit [230713] by ddkilzer@apple.com

2 edits in trunk/Source/WebCore

Implement checked cast for DDResultRef once DDResultGetTypeID() is available
<https://webkit.org/b/184554>
<rdar://problem/36241894>

Reviewed by Brent Fulgham.

editing/cocoa/DataDetection.mm:

(WebCore::detectItemAtPositionWithRange): Implement checked cast
for DDResultRef.

9:22 AM Changeset in webkit [230712] by commit-queue@webkit.org

7 edits
1 copy in trunk

Animated GIF imagery with finite looping are falling one loop short
https://bugs.webkit.org/show_bug.cgi?id=183153

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-04-17
Reviewed by Simon Fraser.

Source/WebCore:

The Netscape Looping Application Extension is a block which may be added
to a GIF file to tell the viewer to loop through the entire GIF frames.
This is communicated through two bytes designated for the "loopCount" in
this block.

The entire block may not be found in the GIF, in which case the GIF is
supposed to animate its entire frames only once.

If the block exists and loopCount = 0, this means the image has to loop
through its frames indefinitely.

If the block exist and loopCount > 0, this should mean the image has to
loop through its frames loopCount + 1 times. The extra loop seems to be
the consensus among most of the GIF generators and viewers. For example,
if the image designer wants the image to loop through its frames n times:
-- The GIF generator (e.g. Adobe Photoshop and https://ezgif.com/maker)

will write n - 1 for loopCount. However http://gifmaker.me and
http://gifmaker.org write n for loopCount.

-- The browser (e.g. Chrome 65.0.3325 181 and FireFox Quantum 59.0.2) will

translate loopCount = n - 1 to: animate GIF once + loop n - 1, which
means loop the GIF n times.

Because the specs are not really clear about this, we are going to consider
the agreed-upon behavior among most of the web browsers the specs here.

platform/graphics/cg/ImageDecoderCG.cpp:

(WebCore::ImageDecoderCG::repetitionCount const):

platform/image-decoders/gif/GIFImageDecoder.cpp:

(WebCore::GIFImageDecoder::repetitionCount const):

LayoutTests:

This layout test tests GIF when it has to loop its entire frames a specific
number of times. There are three cases for the loopCount field:
-- loopCount is missing: This means the GIF should animate only once. This

is covered by animated-red-green-blue-repeat-1.gif.

-- loopCount = 0: This means the image has to animate indefinatly. This

case is covered by the new GIF animated-red-green-blue-repeat-infinite.gif.

-- loopCount > 0: This will loop the GIF entire frames for (loopCount + 1)

times. To fix the test with the extra loop, loopCount in
animated-red-green-blue-repeat-2.gif was changed to 1 instead of 2.

fast/images/animated-image-loop-count-expected.html:
fast/images/animated-image-loop-count.html:
fast/images/resources/animated-red-green-blue-repeat-2.gif:
fast/images/resources/animated-red-green-blue-repeat-infinite.gif:

8:57 AM Changeset in webkit [230711] by sbarati@apple.com

12 edits in trunk

Add system trace points for process launch and for initializeWebProcess
https://bugs.webkit.org/show_bug.cgi?id=184669

Reviewed by Simon Fraser.

Source/JavaScriptCore:

runtime/VMEntryScope.cpp:

(JSC::VMEntryScope::VMEntryScope):
(JSC::VMEntryScope::~VMEntryScope):

Source/WebCore:

No testing needed because there is no new functionality here.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::provisionalLoadStarted):
(WebCore::FrameLoader::checkLoadCompleteForThisFrame):

loader/SubresourceLoader.cpp:

(WebCore::SubresourceLoader::willSendRequestInternal):
(WebCore::SubresourceLoader::didFinishLoading):
(WebCore::SubresourceLoader::didFail):
(WebCore::SubresourceLoader::didCancel):

Source/WebKit:

UIProcess/Launcher/ProcessLauncher.cpp:

(WebKit::ProcessLauncher::ProcessLauncher):
(WebKit::ProcessLauncher::didFinishLaunchingProcess):

WebProcess/WebProcess.cpp:

(WebKit::WebProcess::initializeWebProcess):

Source/WTF:

This patch adds TracePointCodes to measure process launch time and
WebProcess::initializeWebProcess time.

It also renames the TracePoint function to tracePoint since WebKit style
does not capitalize the first letter in function names.

wtf/SystemTracing.h:

(WTF::tracePoint):
(WTF::TraceScope::TraceScope):
(WTF::TraceScope::~TraceScope):
(WTF::TracePoint): Deleted.

Tools:

Tracing/SystemTracePoints.plist:

8:46 AM Changeset in webkit [230710] by Ross Kirsling

4 edits in trunk/Tools

Add debug bots for WinCairo.
https://bugs.webkit.org/show_bug.cgi?id=184663

Reviewed by Lucas Forschler.

BuildSlaveSupport/build.webkit.org-config/config.json:

Add a debug build bot and two debug test bots.

BuildSlaveSupport/build.webkit.org-config/loadConfig.py:
BuildSlaveSupport/build.webkit.org-config/templates/root.html:

Add a WinCairo category to build.webkit.org.

8:06 AM Changeset in webkit [230709] by jer.noble@apple.com

2 edits in trunk/Source/JavaScriptCore

Fix duplicate symbol errors when building JavaScriptCore with non-empty WK_ALTERNATE_WEBKIT_SDK_PATH
https://bugs.webkit.org/show_bug.cgi?id=184602

Reviewed by Beth Dakin.

JavaScriptCore.xcodeproj/project.pbxproj:

7:55 AM Changeset in webkit [230708] by eric.carlson@apple.com

5 edits in trunk/Source/WebCore

[iOS] AirPlay device name is sometimes wrong
https://bugs.webkit.org/show_bug.cgi?id=184543
<rdar://problem/39105498>

Reviewed by Jer Noble.

Source/WebCore:

No new tests, this can only be tested with a specific hardware setup.

platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::exernalDeviceDisplayNameForPlayer): Get the device name from the AVOutputContext
when possible.

Source/WebCore/PAL:

pal/spi/mac/AVFoundationSPI.h: Declare more AVOutputContext SPI.

7:32 AM Changeset in webkit [230707] by Alan Bujtas

4 edits in trunk/Tools

[LayoutReloaded] Set inline-block box position.
https://bugs.webkit.org/show_bug.cgi?id=184690

Reviewed by Antti Koivisto.

LayoutReloaded/FormattingContext/InlineFormatting/InlineFormattingContext.js:

(InlineFormattingContext.prototype._handleInlineBlock):

LayoutReloaded/Utils.js:

(Utils._dumpBox):

LayoutReloaded/test/inline-block-with-fixed-width-height.html:

4:29 AM Changeset in webkit [230706] by clopez@igalia.com

2 edits in trunk/Source/WebCore

[GTK] Build fix after r230529 (WaylandCompositorDisplay leaks its wl_display)
https://bugs.webkit.org/show_bug.cgi?id=184406

Rubber-stamped by Michael Catanzaro.

Fix build with clang 3.8

No new tests, it is a build fix.

platform/graphics/wayland/PlatformDisplayWayland.cpp:

(WebCore::PlatformDisplayWayland::create):

1:41 AM Changeset in webkit [230705] by Carlos Garcia Campos

6 edits in trunk

[GLIB] Add API to clear JSCContext uncaught exception
https://bugs.webkit.org/show_bug.cgi?id=184685

Reviewed by Žan Doberšek.

Source/JavaScriptCore:

Add jsc_context_clear_exception() to clear any possible uncaught exception in a JSCContext.

API/glib/JSCContext.cpp:

(jsc_context_clear_exception):

API/glib/JSCContext.h:
API/glib/docs/jsc-glib-4.0-sections.txt:

Tools:

Add test cases for the new API.

TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:

(testJSCExceptions):

1:15 AM Changeset in webkit [230704] by Carlos Garcia Campos

6 edits in trunk

[GLIB] Add API to query, delete and enumerate properties
https://bugs.webkit.org/show_bug.cgi?id=184647

Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

Add jsc_value_object_has_property(), jsc_value_object_delete_property() and jsc_value_object_enumerate_properties().

API/glib/JSCValue.cpp:

(jsc_value_object_has_property):
(jsc_value_object_delete_property):
(jsc_value_object_enumerate_properties):

API/glib/JSCValue.h:
API/glib/docs/jsc-glib-4.0-sections.txt:

Tools:

Add test cases for the new API.

TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:

(testJSCObject):
(testJSCClass):
(testJSCPrototypes):

12:33 AM Changeset in webkit [230703] by graouts@webkit.org

8 edits in trunk

Layout Test animations/needs-layout.html is a flaky Image Failure.
https://bugs.webkit.org/show_bug.cgi?id=172397

Reviewed by Dean Jackson.

Source/WebCore:

Animations that animate a transform and uses a relative value for either the x or y components
require a layout before starting, which CSSAnimationController would perform in the call to
CSSAnimationControllerPrivate::animationTimerFired() made immediately after a CSS animation was
created.

We now perform a similar task where upon setting new blending keyframes we compute a flag indicating
if the keyframe effect is animating a transform with relative x or y components. Then, when we perform
the first invalidation task, which runs in the next run loop after a change to the timing model has
been made, such as a call to play() on a CSSAnimation made in the TreeResolver::createAnimatedElementUpdate()
where the CSSAnimation was created, we call forceLayout() on this element's FrameView. We also ensure
we commit animations on the compositor immediately after that too, instead of waiting until the next
DisplayRefreshMonitor callback.

animation/DocumentTimeline.cpp:

(WebCore::DocumentTimeline::performInvalidationTask):
(WebCore::DocumentTimeline::updateAnimations):

animation/KeyframeEffectReadOnly.cpp:

(WebCore::KeyframeEffectReadOnly::forceLayoutIfNeeded):
(WebCore::KeyframeEffectReadOnly::setBlendingKeyframes):
(WebCore::KeyframeEffectReadOnly::computedNeedsForcedLayout):
(WebCore::KeyframeEffectReadOnly::applyPendingAcceleratedActions):

animation/KeyframeEffectReadOnly.h:

LayoutTests:

No longer mark this test as flaky.

platform/ios-wk2/TestExpectations:
platform/mac-wk1/TestExpectations:
platform/mac-wk2/TestExpectations:

Apr 16, 2018:

11:54 PM Changeset in webkit [230702] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

Inconsistent EGL defines in ImageBufferCairo
https://bugs.webkit.org/show_bug.cgi?id=184661

Patch by Pablo Saavedra <Pablo Saavedra> on 2018-04-16
Reviewed by Žan Doberšek.

On revision r219391 libepoxy is added. The headers in
ImageBufferCairo.cpp become inconsistent when 2D canvas is enabled
(-DENABLE_ACCELERATED_2D_CANVAS=ON) due to a redefinition error during
the Webkit build:

...
/usr/include/GLES2/gl2.h:503:82: error: 'voi
epoxy_glAttachShader(GLuint, GLuint)' redeclared as different kind
of symbol
GL_APICALL void GL_APIENTRY glAttachShader (GLuint
program, GLuint shader);

No new tests.

platform/graphics/cairo/ImageBufferCairo.cpp:

10:48 PM Changeset in webkit [230701] by Nikita Vasilyev

2 edits in trunk/Source/WebInspectorUI

Web Inspector: Can't select and copy text from Network tab popover
https://bugs.webkit.org/show_bug.cgi?id=184606

Reviewed by Matt Baker.

UserInterface/Views/ResourceTimingBreakdownView.css:

(.waterfall-popover .resource-timing-breakdown):

10:17 PM Changeset in webkit [230700] by Alan Bujtas

6 edits
1 add in trunk/Tools

[LayoutReloaded] Add support for replaced box.
https://bugs.webkit.org/show_bug.cgi?id=184680

Reviewed by Antti Koivisto.

Basic support for inline replaced.

LayoutReloaded/FormattingContext/InlineFormatting/InlineFormattingContext.js:

(InlineFormattingContext.prototype._handleInlineBox):
(InlineFormattingContext.prototype._handleInlineBlock):
(InlineFormattingContext.prototype._handleReplaced):

LayoutReloaded/FormattingContext/InlineFormatting/Line.js:

(Line.prototype.lastLineBox):
(Line.prototype.addInlineBox):
(Line.prototype.addInlineContainerBox): Deleted.

LayoutReloaded/TreeBuilder.js:

(TreeBuilder.prototype._createAndAttachBox):

LayoutReloaded/Utils.js:

(Utils._dumpBox):

LayoutReloaded/test/index.html:
LayoutReloaded/test/inline-simple-replaced.html: Added.

8:15 PM Changeset in webkit [230699] by Alan Bujtas

2 edits in trunk/Tools

[LayoutReloaded] Minor InlineFormattingContext::layout() cleanup.
https://bugs.webkit.org/show_bug.cgi?id=184679

Reviewed by Antti Koivisto.

LayoutReloaded/FormattingContext/InlineFormatting/InlineFormattingContext.js:

(InlineFormattingContext):
(InlineFormattingContext.prototype.layout):
(InlineFormattingContext.prototype._handleInlineContainer):
(InlineFormattingContext.prototype._handleInlineContent):
(InlineFormattingContext.prototype._handleInlineBlock):
(InlineFormattingContext.prototype._handleReplacedBox):
(InlineFormattingContext.prototype._clearNeedsLayoutAndMoveToNextSibling):
(InlineFormattingContext.prototype._handleInlineBlockContainer): Deleted.
(InlineFormattingContext.prototype._clearAndMoveToNext): Deleted.

8:01 PM Changeset in webkit [230698] by timothy@apple.com

2 edits in trunk/Source/WebKit

Unreviewed 32-bit build fix for r230673.

https://bugs.webkit.org/show_bug.cgi?id=184657
rdar://problem/39463307

Configurations/PluginProcessShim.xcconfig: Use the correct names.

7:38 PM Changeset in webkit [230697] by Yusuke Suzuki

20 edits
20 adds in trunk

[WebAssembly][Modules] Prototype wasm import
https://bugs.webkit.org/show_bug.cgi?id=184600

Reviewed by JF Bastien.

JSTests:

Add wasm and wat files since module loader want to load wasm files from FS.
Currently, importing the other modules from wasm is not supported.

wasm.yaml:
wasm/modules/constant.wasm: Added.
wasm/modules/constant.wat: Added.
wasm/modules/js-wasm-function-namespace.js: Added.

(assert.throws):

wasm/modules/js-wasm-function.js: Added.

(assert.throws):

wasm/modules/js-wasm-global-namespace.js: Added.

(assert.throws):

wasm/modules/js-wasm-global.js: Added.

(assert.throws):

wasm/modules/js-wasm-memory-namespace.js: Added.

(assert.throws):

wasm/modules/js-wasm-memory.js: Added.

(assert.throws):

wasm/modules/js-wasm-start.js: Added.

(then):

wasm/modules/js-wasm-table-namespace.js: Added.

(assert.throws):

wasm/modules/js-wasm-table.js: Added.

(assert.throws):

wasm/modules/memory.wasm: Added.
wasm/modules/memory.wat: Added.
wasm/modules/start.wasm: Added.
wasm/modules/start.wat: Added.
wasm/modules/sum.wasm: Added.
wasm/modules/sum.wat: Added.
wasm/modules/table.wasm: Added.
wasm/modules/table.wat: Added.

Source/JavaScriptCore:

This patch is an initial attempt to implement Wasm loading in module pipeline.
Currently,

We only support Wasm loading in the JSC shell. Once loading mechanism is specified in whatwg HTML, we should integrate this into WebCore.

We only support exporting values from Wasm. Wasm module cannot import anything from the other modules now.

When loading a file, JSC shell checks wasm magic. If the wasm magic is found, JSC shell
loads the file with WebAssemblySourceProvider. It is wrapped into JSSourceCode and
module loader pipeline just handles it as the same to JS. When parsing a module, we
checks the type of JSSourceCode. If the source code is Wasm source code, we create a
WebAssemblyModuleRecord instead of JSModuleRecord. Our module pipeline handles
AbstractModuleRecord and Wasm module is instantiated, linked, and evaluated.

builtins/ModuleLoaderPrototype.js:

(globalPrivate.newRegistryEntry):
(requestInstantiate):
(link):

jsc.cpp:

(convertShebangToJSComment):
(fillBufferWithContentsOfFile):
(fetchModuleFromLocalFileSystem):
(GlobalObject::moduleLoaderFetch):

parser/SourceProvider.h:

(JSC::WebAssemblySourceProvider::create):
(JSC::WebAssemblySourceProvider::WebAssemblySourceProvider):

runtime/AbstractModuleRecord.cpp:

(JSC::AbstractModuleRecord::hostResolveImportedModule):
(JSC::AbstractModuleRecord::link):
(JSC::AbstractModuleRecord::evaluate):
(JSC::identifierToJSValue): Deleted.

runtime/AbstractModuleRecord.h:
runtime/JSModuleLoader.cpp:

(JSC::JSModuleLoader::evaluate):

runtime/JSModuleRecord.cpp:

(JSC::JSModuleRecord::link):
(JSC::JSModuleRecord::instantiateDeclarations):

runtime/JSModuleRecord.h:
runtime/ModuleLoaderPrototype.cpp:

(JSC::moduleLoaderPrototypeParseModule):
(JSC::moduleLoaderPrototypeRequestedModules):
(JSC::moduleLoaderPrototypeModuleDeclarationInstantiation):

wasm/js/JSWebAssemblyHelpers.h:

(JSC::getWasmBufferFromValue):
(JSC::createSourceBufferFromValue):

wasm/js/JSWebAssemblyInstance.cpp:

(JSC::JSWebAssemblyInstance::finalizeCreation):
(JSC::JSWebAssemblyInstance::createPrivateModuleKey):
(JSC::JSWebAssemblyInstance::create):

wasm/js/JSWebAssemblyInstance.h:
wasm/js/WebAssemblyInstanceConstructor.cpp:

(JSC::constructJSWebAssemblyInstance):

wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::prepareLink):
(JSC::WebAssemblyModuleRecord::link):

wasm/js/WebAssemblyModuleRecord.h:
wasm/js/WebAssemblyPrototype.cpp:

(JSC::resolve):
(JSC::instantiate):
(JSC::compileAndInstantiate):
(JSC::WebAssemblyPrototype::instantiate):
(JSC::webAssemblyInstantiateFunc):
(JSC::webAssemblyValidateFunc):

wasm/js/WebAssemblyPrototype.h:

7:02 PM Changeset in webkit [230696] by Alan Bujtas

1 edit
2 adds in trunk/Tools

[LayoutReloaded] Introduce fragmentation state/context.
https://bugs.webkit.org/show_bug.cgi?id=184677

Reviewed by Antti Koivisto.

State/context for fragmented content (multicol, regions, pagination etc).

LayoutReloaded/FormattingContext/FragmentationContext.js: Added.

(FragmentationContext):

LayoutReloaded/FormattingState/FragmentationState.js: Added.

(FragmentationState):
(FragmentationState.prototype.formattingState):

6:56 PM Changeset in webkit [230695] by fpizlo@apple.com

3 edits in trunk/Source/WebCore

MutationObserver should be in an IsoHeap
https://bugs.webkit.org/show_bug.cgi?id=184671
<rdar://problem/36081981>

Reviewed by Sam Weinig.

No new tests because no new behavior.

dom/MutationObserver.cpp:
dom/MutationObserver.h:

6:20 PM Changeset in webkit [230694] by aestes@apple.com

6 edits in trunk

[iOS] Enable WKPDFView by default
https://bugs.webkit.org/show_bug.cgi?id=184675
<rdar://problem/27885452>

Reviewed by Darin Adler.

Source/WebKit:

UIProcess/Cocoa/WKWebViewContentProviderRegistry.mm:

(-[WKWebViewContentProviderRegistry init]):

Source/WTF:

wtf/FeatureDefines.h:

Tools:

TestWebKitAPI/Tests/WebKitCocoa/WKPDFView.mm:

5:19 PM Changeset in webkit [230693] by Kocsen Chung

7 edits in tags/Safari-606.1.13.2/Source

Versioning.

5:17 PM Changeset in webkit [230692] by Kocsen Chung

1 copy in tags/Safari-606.1.13.2

New tag.

4:57 PM Changeset in webkit [230691] by Keith Rollin

4 edits in trunk/LayoutTests

REGRESSION: [mac-wk2 release] LayoutTest http/tests/security/contentSecurityPolicy/script-src-blocked-error-event.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=184673
<rdar://problem/39474698>

Unreviewed test gardening. The test was flaky because the HTTP parser
would try to preload the Javascript resource. Sometimes this operation
would complete in time to print its own console message, duplicating a
subsequent one when the non-preloading resource-load occurs. Updated
the test to load the Javascript in such a way that it skips the reload
step.

TestExpectations:
http/tests/security/contentSecurityPolicy/script-src-blocked-error-event-expected.txt:
http/tests/security/contentSecurityPolicy/script-src-blocked-error-event.html:

4:46 PM Changeset in webkit [230690] by Kocsen Chung

7 edits in branches/safari-605-branch/Source

Versioning.

4:43 PM Changeset in webkit [230689] by Brent Fulgham

5 edits in trunk/Source

[macOS] Don't establish unneeded Dock connections
https://bugs.webkit.org/show_bug.cgi?id=184664
<rdar://problem/16863698>

Reviewed by Simon Fraser.

There is no reason for the WebContent or Plugin processes to interact with
the Dock. We should tell AppKit that we don't want this connection, and to
avoid creating such connections.

Source/WebCore/PAL:

pal/spi/mac/NSApplicationSPI.h: Add Dock connection declaration.

Source/WebKit:

PluginProcess/mac/PluginProcessMac.mm:

(WebKit::PluginProcess::platformInitializeProcess): Tell NSApplication to
not create a Dock connection.

WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess): Ditto.

4:18 PM Changeset in webkit [230688] by Ross Kirsling

2 edits
208 adds in trunk/LayoutTests

Unreviewed. Update WinCairo TestExpectations in preparation for LayoutTests automation.

platform/wincairo/TestExpectations:

Updated current failures for directories A-E. Added temporary skips for everything after.

platform/wincairo/accessibility:
platform/wincairo/animations/3d:
platform/wincairo/css2.1:
platform/wincairo/css3:
platform/wincairo/editing:
platform/wincairo/fast/css-generated-content:
platform/wincairo/fast/dom:
platform/wincairo/legacy-animation-engine/animations/3d:
platform/wincairo/legacy-animation-engine/compositing:

Added expectation files.

3:59 PM Changeset in webkit [230687] by youenn@apple.com

2 edits in trunk/Source/ThirdParty/libwebrtc

Set H264 VT encoder usage to 1
https://bugs.webkit.org/show_bug.cgi?id=184668

Reviewed by Eric Carlson.

Source/webrtc/sdk/objc/Framework/Classes/VideoToolbox/RTCVideoEncoderH264.mm:

(-[RTCVideoEncoderH264 configureCompressionSession]):

3:46 PM Changeset in webkit [230686] by Megan Gardner

4 edits in trunk

Switch to UIWKTextInteractionAssistant for non-editable text
https://bugs.webkit.org/show_bug.cgi?id=182834

Reviewed by Beth Dakin.

Source/WebKit:

Switch to only using one assistant for text selection.

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView useSelectionAssistantWithGranularity:]):

LayoutTests:

Marking tests as flaky and to be fixed later.

platform/ios-wk2/TestExpectations:

3:29 PM Changeset in webkit [230685] by Kocsen Chung

4 edits in tags/Safari-606.1.13.1

Revert r230683. rdar://problem/39397649

3:29 PM Changeset in webkit [230684] by Kocsen Chung

4 edits in tags/Safari-606.1.13.1/Source

Revert r230682. rdar://problem/39344671

2:52 PM Changeset in webkit [230683] by Kocsen Chung

4 edits in tags/Safari-606.1.13.1

Cherry-pick r230665. rdar://problem/39397649

[Web Animations] Animations do not naturally get a finish event
https://bugs.webkit.org/show_bug.cgi?id=184639
<rdar://problem/39397649>

Reviewed by Jon Lee.

LayoutTests/imported/w3c:

Record two progressions in the Web Animations WPT tests.

web-platform-tests/web-animations/timing-model/animations/updating-the-finished-state-expected.txt:

Source/WebCore:

We must call updateFinishedState() when an animation gets sampled as it means its timeline's time has progressed
and it may have crossed to a finished state. Calling updateFinishedState() when sampling means that we'll correctly
set the animation's hold time to its end value, which means that currentTime() will now always be clamped to return
the end time once its has reached it, so we must not schedule animations to resolve immediately anymore since otherwise
they will keep being scheduled in a loop.

animation/WebAnimation.cpp: (WebCore::WebAnimation::timeToNextRequiredTick const): (WebCore::WebAnimation::resolve):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230665 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:52 PM Changeset in webkit [230682] by Kocsen Chung

4 edits in tags/Safari-606.1.13.1/Source

Cherry-pick r230521. rdar://problem/39344671

[Web Animations] Turn Web Animations on by default
https://bugs.webkit.org/show_bug.cgi?id=184491

Patch by Antoine Quint <Antoine Quint> on 2018-04-11
Reviewed by Simon Fraser.

Source/WebCore:

page/RuntimeEnabledFeatures.h:

Source/WebKit:

Shared/WebPreferences.yaml:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230521 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:50 PM Changeset in webkit [230681] by youenn@apple.com

29 edits
12 copies
6 adds in trunk

Use NetworkLoadChecker to handle synchronous HTTP loads
https://bugs.webkit.org/show_bug.cgi?id=184240

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

web-platform-tests/cors/request-headers-expected.txt:
web-platform-tests/XMLHttpRequest/access-control-and-redirects-expected.txt:
web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt:
web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt:

Source/WebCore:

Update LoaderStrategy::loadResourceSynchronously to pass FetchOptions directly.
Update various call sites accordingly. This allows NetworkProcess to do all necessary checks.
Add an option to disable security checks if NetworkProcess does it for WebProcess.
This option will be also used for regular asynchronous loads in future patches.

Update DocumentThreadableLoader to bypass preflighting and response validation checks in case they are done in NetworkProcess.

Covered by existing and rebased tests.

loader/CrossOriginPreflightChecker.cpp:

(WebCore::CrossOriginPreflightChecker::doPreflight):

loader/DocumentThreadableLoader.cpp:

(WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
(WebCore::DocumentThreadableLoader::loadRequest):

loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadResourceSynchronously):

loader/FrameLoader.h:
loader/LoaderStrategy.h:
xml/XSLTProcessorLibxslt.cpp:

(WebCore::docLoaderFunc):

xml/parser/XMLDocumentParserLibxml2.cpp:

(WebCore::openFunc):

Source/WebKit:

For every NetworkResourceLoader synchronous load, we create a NetworkLoadChecker.
NetworkLoadChecker handles all security checks in that case.
This allows supporting cross-origin loads for synchronous XHR.

Updated NetworkCORSPreflightChecker to return the result as a ResourceError.
This is used to convey any error message from NetworkProcess to the JS console.
Ensure NetworkCORSPreflightChecker computes correctly Access-Control-Request-Headers value
by providing the headers set by the application plus Referrer/Origin.

NetworkProcess/NetworkCORSPreflightChecker.cpp:

(WebKit::NetworkCORSPreflightChecker::~NetworkCORSPreflightChecker):
(WebKit::NetworkCORSPreflightChecker::willPerformHTTPRedirection):
(WebKit::NetworkCORSPreflightChecker::didReceiveChallenge):
(WebKit::NetworkCORSPreflightChecker::didCompleteWithError):
(WebKit::NetworkCORSPreflightChecker::wasBlocked):
(WebKit::NetworkCORSPreflightChecker::cannotShowURL):

NetworkProcess/NetworkLoadChecker.cpp:

(WebKit::NetworkLoadChecker::checkCORSRequestWithPreflight):

NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::NetworkResourceLoader):
(WebKit::NetworkResourceLoader::retrieveCacheEntry):
(WebKit::NetworkResourceLoader::didReceiveResponse):
(WebKit::NetworkResourceLoader::willSendRedirectedRequest):
(WebKit::NetworkResourceLoader::continueWillSendRequest):
(WebKit::NetworkResourceLoader::didRetrieveCacheEntry):
(WebKit::NetworkResourceLoader::validateCacheEntry):

NetworkProcess/NetworkResourceLoader.h:
WebProcess/Network/WebLoaderStrategy.cpp:

(WebKit::WebLoaderStrategy::loadResourceSynchronously):

WebProcess/Network/WebLoaderStrategy.h:

Source/WebKitLegacy:

WebCoreSupport/WebResourceLoadScheduler.cpp:

(WebResourceLoadScheduler::loadResourceSynchronously):

WebCoreSupport/WebResourceLoadScheduler.h:

LayoutTests:

http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt:
http/wpt/beacon/cors/cors-preflight-blob-failure.html: Fix buggy assertion.

Test should check for actual request header and not header name in Access-Control-Request-Headers.

http/wpt/beacon/cors/cors-preflight-blob-success.html: Ditto.
platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt: Added.
platform/mac-wk1/http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt: Added.
platform/mac-wk1/http/tests/xmlhttprequest/cross-origin-no-authorization-expected.txt: Added.
platform/mac-wk1/imported/w3c/web-platform-tests/XMLHttpRequest/access-control-and-redirects-expected.txt: Added.
platform/win/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt: Added.
platform/win/http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt: Added.
platform/win/http/tests/xmlhttprequest/cross-origin-no-authorization-expected.txt: Added.
platform/mac-highsierra-wk2/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt.
platform/mac-highsierra-wk2/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt.
platform/mac-wk1/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt.
platform/mac-wk1/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt.
platform/mac-wk1/imported/w3c/web-platform-tests/cors/request-headers-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/cors/request-headers-expected.txt.
platform/win/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
platform/win/http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt:
platform/win/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt.
platform/win/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt.
platform/win/imported/w3c/web-platform-tests/cors/request-headers-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/cors/request-headers-expected.txt.

2:03 PM Changeset in webkit [230680] by msaboff@apple.com

1 edit
121 adds in trunk/Tools

Perl-based Test262 runner
https://bugs.webkit.org/show_bug.cgi?id=183343

Patch by Leo Balter <Leo Balter> on 2018-04-16
Reviewed by Michael Saboff.

Scripts/test262-helpers/README.md: Added.
Scripts/test262-helpers/agent.js: Added.

(262.getGlobal):
(262.setGlobal):
(262.destroy):
(262.IsHTMLDDA):

Scripts/test262-helpers/cpanfile: Added.
Scripts/test262-helpers/cpanfile.snapshot: Added.
Scripts/test262-helpers/test262-runner.pl: Added.

(main):
(processFile):
(getScenarios):
(addScenario):
(compileTest):
(runTest):
(processResult):
(getTempFile):
(getContents):
(parseData):
(getHarness):

Scripts/test262-helpers/tests.log: Added.

1:56 PM WPE edited by clopez@igalia.com

update isntructions for wpebackend-fdo (diff)

12:45 PM Changeset in webkit [230679] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[WinCairo] Media elements should be enabled by default
https://bugs.webkit.org/show_bug.cgi?id=184597

Patch by Christopher Reid <chris.reid@sony.com> on 2018-04-16
Reviewed by Per Arne Vollan.

Enabling media elements by default with media foundation.

page/SettingsDefaultValues.h:

12:22 PM Changeset in webkit [230678] by commit-queue@webkit.org

3 edits in trunk/Source/WebCore

[Curl] Add the Accept-Language field to curl request headers
https://bugs.webkit.org/show_bug.cgi?id=184605

Patch by Christopher Reid <chris.reid@sony.com> on 2018-04-16
Reviewed by Alex Christensen.

Add Accept-Language field to curl request headers

platform/network/curl/CurlRequest.cpp:
platform/network/curl/CurlRequest.h:

12:20 PM Changeset in webkit [230677] by pvollan@apple.com

2 edits in trunk/Source/WTF

Deactivate the WindowServer connection for the WebContent process.
https://bugs.webkit.org/show_bug.cgi?id=184451
<rdar://problem/38313938>

Reviewed by Brent Fulgham.

Defining ENABLE_WEBPROCESS_WINDOWSERVER_BLOCKING as 1 will deactivate the WindowServer connection
for the WebContent process by enabling the call to 'CGSSetDenyWindowServerConnections(true)' on
process startup. After calling this function, every attempt to establish a connection to the
WindowServer from the WebContent process will fail, except for CA render server connections.

wtf/FeatureDefines.h:

12:02 PM Changeset in webkit [230676] by Chris Dumez

10 edits in trunk/Source/WebCore

Move more WindowProxy-related logic from ScriptController to WindowProxyController
https://bugs.webkit.org/show_bug.cgi?id=184640

Reviewed by Ryosuke Niwa.

Move more WindowProxy-related logic from ScriptController to WindowProxyController,
for clarity.

bindings/js/JSDOMWindowProxy.cpp:

(WebCore::JSDOMWindowProxy::attachDebugger):

bindings/js/JSDOMWindowProxy.h:
bindings/js/ScriptCachedFrameData.cpp:

(WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
(WebCore::ScriptCachedFrameData::restore):

bindings/js/ScriptController.cpp:

(WebCore::ScriptController::~ScriptController):
(WebCore::ScriptController::initScriptForWindowProxy):

bindings/js/ScriptController.h:

(WebCore::ScriptController::existingCacheableBindingRootObject const):

bindings/js/WindowProxyController.cpp:

(WebCore::collectGarbageAfterWindowProxyDestruction):
(WebCore::WindowProxyController::~WindowProxyController):
(WebCore::WindowProxyController::clearWindowProxiesNotMatchingDOMWindow):
(WebCore::WindowProxyController::setDOMWindowForWindowProxy):
(WebCore::WindowProxyController::attachDebugger):

bindings/js/WindowProxyController.h:
loader/FrameLoader.cpp:

(WebCore::FrameLoader::clear):

page/Page.cpp:

(WebCore::Page::setDebugger):

11:53 AM Changeset in webkit [230675] by BJ Burg

3 edits in trunk/Source/WebKit

[Cocoa] Web Automation: add SPI to terminate automation session and disconnect the remote end
https://bugs.webkit.org/show_bug.cgi?id=184523
<rdar://problem/39368599>

Reviewed by Simon Fraser.

When a user breaks the automation glass pane and chooses "Stop Session", there is no way
for Safari to actually disconnect the remote connection using automation-related ObjC SPI.
This can lead to sessions getting stuck and safaridriver is unable to request a new session.

Expose the -terminate method as SPI. This disconnects the remote connection and then notifies
the session delegate that the remote disconnected. At that point, Safari can uninstall
the session from the process pool and tear down other session state.

UIProcess/API/Cocoa/_WKAutomationSession.h:
UIProcess/API/Cocoa/_WKAutomationSession.mm:

(-[_WKAutomationSession terminate]):

11:33 AM Changeset in webkit [230674] by commit-queue@webkit.org

3 edits in trunk/Source/WebCore

[GStreamer] Set *TrackPrivateGStreamer::active based on GstStream default select in constructor
https://bugs.webkit.org/show_bug.cgi?id=184652

Patch by Thibault Saunier <tsaunier@igalia.com> on 2018-04-16
Reviewed by Philippe Normand.

In the constructor we should mark selected streams based on the default values from GstStream,
if the user changes them, they will be updated as required later on.

No new tests are added as we already have a few ones that are currently disabled in
the mediastream testsuite. This patch is part of the work to enable them.

platform/graphics/gstreamer/AudioTrackPrivateGStreamer.cpp:

(WebCore::AudioTrackPrivateGStreamer::AudioTrackPrivateGStreamer):

platform/graphics/gstreamer/VideoTrackPrivateGStreamer.cpp:

(WebCore::VideoTrackPrivateGStreamer::VideoTrackPrivateGStreamer):

11:29 AM Changeset in webkit [230673] by timothy@apple.com

5 edits in trunk/Source/WebKit

Clean up OTHER_LDFLAGS for WebKit processes
https://bugs.webkit.org/show_bug.cgi?id=184657

Reviewed by Jer Noble.

Configurations/PluginProcessShim.xcconfig:
Configurations/PluginService.32.xcconfig:
Configurations/PluginService.64.xcconfig:
Configurations/WebContentService.xcconfig:

11:05 AM Changeset in webkit [230672] by Kocsen Chung

7 edits in tags/Safari-606.1.13.1/Source

Versioning.

10:55 AM Changeset in webkit [230671] by bshafiei@apple.com

7 edits in trunk/Source

Versioning.

10:48 AM Changeset in webkit [230670] by Kocsen Chung

1 copy in tags/Safari-606.1.13.1

New tag.

9:01 AM Changeset in webkit [230669] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[GStreamer] Set TrackPrivateBaseGStreamer metadata information even if no client is avalaible
https://bugs.webkit.org/show_bug.cgi?id=184651

Patch by Thibault Saunier <tsaunier@igalia.com> on 2018-04-16
Reviewed by Philippe Normand.

We can't notify the client if none is connected, but still we need to fill our metadatas from
the provided GstTagList, especially in the case of playbin3 where the client is not set yet
at construct time but the metadata might already be preset (and won't be updated later on).

No new tests are added as we already have a few ones that are currently disabled in
the mediastream testsuite. This patch is part of the work to enable them.

platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:

(WebCore::TrackPrivateBaseGStreamer::notifyTrackOfTagsChanged):

7:36 AM Changeset in webkit [230668] by pvollan@apple.com

2 edits in trunk/LayoutTests

Mark css3/filters/blur-various-radii.html as a crash on Windows.
https://bugs.webkit.org/show_bug.cgi?id=184649

Unreviewed test gardening.

platform/win/TestExpectations:

1:47 AM Changeset in webkit [230667] by graouts@webkit.org

4 edits in trunk

[Web Animations] Ensure we never return -0 through the API
https://bugs.webkit.org/show_bug.cgi?id=184644

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Record one progression in the Web Animations WPT tests.

web-platform-tests/web-animations/timing-model/animations/updating-the-finished-state-expected.txt:

Source/WebCore:

We could sometimes return -0 instead of 0, which is surprising and leads to an error in WPT tests.
This would happen when playbackRate < 0.

animation/WebAnimationUtilities.h:

(WebCore::secondsToWebAnimationsAPITime):

Apr 15, 2018:

11:58 PM Changeset in webkit [230666] by rniwa@webkit.org

7 edits in trunk/Websites/perf.webkit.org

Make it possible to hide some repository groups
https://bugs.webkit.org/show_bug.cgi?id=184632

Reviewed by Saam Barati.

Added the ability to hide repository groups in the custom analysis task configurator from the admin page.
Hidden repositroy groups will continue to function for existing test groups. This is purely an UI change.

init-database.sql: Added repositorygroup_hidden as a new column to triggerable_repository_groups.
public/admin/triggerables.php: Added a form field to hide a repository group.
public/include/manifest-generator.php: Include hidden state in the manifest file.
public/v3/components/custom-analysis-task-configurator.js:

(CustomAnalysisTaskConfigurator.prototype._renderRepositoryPanes): Filter out hidden repository groups.

public/v3/models/triggerable.js:

(prototype.isHidden): Added.

server-tests/api-manifest-tests.js: Updated an existing test case to test a hidden repository group.

10:38 PM Changeset in webkit [230665] by graouts@webkit.org

4 edits in trunk

[Web Animations] Animations do not naturally get a finish event
https://bugs.webkit.org/show_bug.cgi?id=184639
<rdar://problem/39397649>

Reviewed by Jon Lee.

LayoutTests/imported/w3c:

Record two progressions in the Web Animations WPT tests.

web-platform-tests/web-animations/timing-model/animations/updating-the-finished-state-expected.txt:

Source/WebCore:

We must call updateFinishedState() when an animation gets sampled as it means its timeline's time has progressed
and it may have crossed to a finished state. Calling updateFinishedState() when sampling means that we'll correctly
set the animation's hold time to its end value, which means that currentTime() will now always be clamped to return
the end time once its has reached it, so we must not schedule animations to resolve immediately anymore since otherwise
they will keep being scheduled in a loop.

animation/WebAnimation.cpp:

(WebCore::WebAnimation::timeToNextRequiredTick const):
(WebCore::WebAnimation::resolve):

6:01 PM Changeset in webkit [230664] by Chris Dumez

21 edits
2 adds in trunk

Change Event's returnValue so it doesn't expose a new primitive
https://bugs.webkit.org/show_bug.cgi?id=184415

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Import test coverage from https://github.com/w3c/web-platform-tests/pull/10258.

web-platform-tests/dom/events/AddEventListenerOptions-passive-expected.txt:
web-platform-tests/dom/events/AddEventListenerOptions-passive.html:
web-platform-tests/dom/events/Event-constructors.html:
web-platform-tests/dom/events/Event-defaultPrevented-after-dispatch-expected.txt:
web-platform-tests/dom/events/Event-defaultPrevented-after-dispatch.html:
web-platform-tests/dom/events/Event-defaultPrevented-expected.txt:
web-platform-tests/dom/events/Event-defaultPrevented.html:
web-platform-tests/dom/events/Event-dispatch-click.html:
web-platform-tests/dom/events/Event-dispatch-detached-click.html:
web-platform-tests/dom/events/Event-dispatch-other-document.html:
web-platform-tests/dom/events/Event-initEvent.html:
web-platform-tests/dom/events/Event-returnValue-expected.txt: Added.
web-platform-tests/dom/events/Event-returnValue.html: Added.
web-platform-tests/dom/events/EventListener-handleEvent.html:
web-platform-tests/dom/events/EventTarget-dispatchEvent-returnvalue-expected.txt:
web-platform-tests/dom/events/EventTarget-dispatchEvent-returnvalue.html:
web-platform-tests/dom/events/w3c-import.log:
web-platform-tests/dom/interfaces-expected.txt:
web-platform-tests/interfaces/dom.idl:

Source/WebCore:

Update Event.returnValue setter to match the latest DOM specification after:

https://github.com/whatwg/dom/pull/626

In particular, the returnValue setter is now a no-op if the new flag value
is true. If the input flag value is false, it only sets the 'canceled' flag
if the event is cancelable and the event’s in passive listener flag is unset.

Test: imported/w3c/web-platform-tests/dom/events/Event-returnValue.html

dom/Event.cpp:

(WebCore::Event::setLegacyReturnValue):
(WebCore::Event::setCanceledFlagIfPossible):
(WebCore::Event::preventDefault):

dom/Event.h:

2:21 PM Changeset in webkit [230663] by aestes@apple.com

3 edits
1 add in trunk/Tools

[iOS] Add API tests for PDF find-in-page
https://bugs.webkit.org/show_bug.cgi?id=184634

Reviewed by Dan Bernstein.

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKit/find.pdf: Added.
TestWebKitAPI/Tests/WebKitCocoa/WKPDFView.mm:

(-[TestFindDelegate findString]):
(-[TestFindDelegate _webView:didCountMatches:forString:]):
(-[TestFindDelegate _webView:didFindMatches:forString:withMatchIndex:]):
(-[TestFindDelegate _webView:didFailToFindString:]):
(loadWebView):
(TEST):

10:38 AM Changeset in webkit [230662] by fpizlo@apple.com

7 edits
5 adds in trunk

Function.prototype.caller shouldn't return generator bodies
https://bugs.webkit.org/show_bug.cgi?id=184630

Reviewed by Yusuke Suzuki.
JSTests:

stress/function-caller-async-arrow-function-body.js: Added.
stress/function-caller-async-function-body.js: Added.
stress/function-caller-async-generator-body.js: Added.
stress/function-caller-generator-body.js: Added.
stress/function-caller-generator-method-body.js: Added.

Source/JavaScriptCore:

Function.prototype.caller no longer returns generator bodies. Those are meant to be
private.

Also added some builtin debugging tools so that it's easier to do the investigation that I
did.

builtins/BuiltinNames.h:
runtime/JSFunction.cpp:

(JSC::JSFunction::callerGetter):

runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

runtime/JSGlobalObjectFunctions.cpp:

(JSC::globalFuncBuiltinDescribe):

runtime/JSGlobalObjectFunctions.h:

9:32 AM Changeset in webkit [230661] by Michael Catanzaro

4 edits
1 add in trunk

[WPE] Install files needed for WebKitWebExtensions
https://bugs.webkit.org/show_bug.cgi?id=179915

Reviewed by Žan Doberšek.

Source/cmake/OptionsWPE.cmake:

Source/WebKit:

PlatformWPE.cmake: Install pkg-config file, injected bundle, and API headers.
UIProcess/API/glib/WebKitWebContext.cpp: Load the injected bundle when installed.
wpe/wpe-web-extension.pc.in: Added.