Timeline

Sep 19, 2015:

6:59 PM Changeset in webkit [190023] by Chris Dumez

• 18 edits in trunk/Source/WebCore

[Web IDL] Add support for [PutForwards=XXX] IDL extended attribute
​https://bugs.webkit.org/show_bug.cgi?id=149376

Reviewed by Darin Adler.

[Web IDL] Add support for [PutForwards=XXX] IDL extended attribute:
​https://heycam.github.io/webidl/#PutForwards

As an initial proof of concept, use it for Document.location as per the
HTML specification, instead of using custom bindings:
​https://html.spec.whatwg.org/multipage/dom.html#the-document-object

More attributes can be ported later.

No new tests, no web-exposed behavior change intended. Bindings tests
coverage was added.

• bindings/js/JSDocumentCustom.cpp:

Drop custom bindings for the location attribute setter.

• bindings/scripts/CodeGenerator.pm:

(GetAttributeFromInterface):
Add convenience function that returned an attribute from another
interface. This is used by [PutForwards] to retrieve the forwarded
attribute.

• bindings/scripts/CodeGeneratorJS.pm:

(IsReadonly):
(GenerateImplementation):

• bindings/scripts/IDLAttributes.txt:

Add support for [PutForwards=XXX] IDL extended attribute.

• bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
• bindings/scripts/test/GObject/WebKitDOMTestNode.h:
• bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
• bindings/scripts/test/GObject/WebKitDOMTestObj.h:
• bindings/scripts/test/JS/JSTestNode.cpp:
• bindings/scripts/test/JS/JSTestObj.cpp:
• bindings/scripts/test/ObjC/DOMTestNode.h:
• bindings/scripts/test/ObjC/DOMTestNode.mm:
• bindings/scripts/test/ObjC/DOMTestObj.h:
• bindings/scripts/test/ObjC/DOMTestObj.mm:

Add binding tests coverage for [PutForwards=XXX] IDL extended
attribute.

• dom/Document.idl:

Use [PutForwards=href] for Document.location attribute, as per the HTML
specification and stop using custom bindings for the setter. Also mark
the attribute as readonly as all attributes using [PutForwards] must be
marked as readonly as per the Web IDL specification.

6:09 PM Changeset in webkit [190022] by Yusuke Suzuki

• 2 edits in trunk/Source/JavaScriptCore

[GTK] Unreviewed, should check the result of fread
​https://bugs.webkit.org/show_bug.cgi?id=148917

Suppress the build warning on GTK with GCC.

• jsc.cpp:

(fillBufferWithContentsOfFile):
(fetchModuleFromLocalFileSystem):

5:45 PM Changeset in webkit [190021] by Chris Dumez

• 18 edits
  2 adds in trunk

[WebIDL] Specify default parameter values where it is useful
​https://bugs.webkit.org/show_bug.cgi?id=149331
<rdar://problem/22545600>

Reviewed by Darin Adler.

Source/WebCore:

Specify default parameter values where it is useful in our IDL, that is
to say where undefined would be converted to something else than the
default value otherwise. This patch focuses on the HTML API.

This patch also adds support for default values for optional parameters
of string enumeration type as this was needed by the
CanvasRenderingContext2D API.

Test: fast/html/undefined-parameter-default-value.html

• bindings/scripts/CodeGeneratorJS.pm:

(GenerateParametersCheck):
Add support default values for optional parameters of string enumeration
type as this was needed by the CanvasRenderingContext2D API.

• bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
• bindings/scripts/test/GObject/WebKitDOMTestObj.h:
• bindings/scripts/test/JS/JSTestObj.cpp:
• bindings/scripts/test/ObjC/DOMTestObj.h:
• bindings/scripts/test/ObjC/DOMTestObj.mm:
• bindings/scripts/test/TestObj.idl:

Add bindings tests coverage for optional parameters of string enumeration
type and that have a default value.

• html/HTMLInputElement.idl:

Specify default parameter value for stepUp() / stepDown(). Without this,
stepUp(undefined) would be equivalent to calling stepUp(0) even though
it is supposed to be equivalent to calling stepUp(1).

• html/HTMLTableElement.idl:
• html/HTMLTableSectionElement.idl:

Specify default parameter value for insertRow(). Without this,
insertRow(undefined) would be equivalent to insertRow(0) instead of
insertRow(-1). This would prepend the row instead of appending it:

• ​https://html.spec.whatwg.org/#htmltableelement
• ​https://html.spec.whatwg.org/#htmltablesectionelement

• html/HTMLTableRowElement.idl:

Specify default parameter value for insertCell(). Without this,
insertCell(undefined) would be equivalent to insertCell(0) instead of
insertCell(-1). This would prepend the cell instead of appending it:

• ​https://html.spec.whatwg.org/#htmltablerowelement

• html/canvas/CanvasRenderingContext2D.idl:

Specify default value for CanvasWindingRule parameters so that calling
this with undefined will use the default enum value instead of using the
"undefined" string and then throwing because it is not a valid enum value:

• ​https://html.spec.whatwg.org/#canvasrenderingcontext2d

LayoutTests:

Add test to check the behavior of passing undefined for various optional
parameters that have a default value in the HTML specification.

• fast/html/undefined-parameter-default-value-expected.txt: Added.
• fast/html/undefined-parameter-default-value.html: Added.

5:43 PM Changeset in webkit [190020] by eric.carlson@apple.com

• 8 edits in trunk/Source/WebCore

Cleanup code that finds and loads a media engine
​https://bugs.webkit.org/show_bug.cgi?id=149371

Reviewed by Darin Adler.

No new tests, no functional change.

• Modules/mediastream/MediaStream.cpp:

(WebCore::MediaStream::setRegistry): New, set the registry.
(WebCore::MediaStream::lookup): New, lookup a url in the registry.

• Modules/mediastream/MediaStream.h:

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::loadResource): Restructure and simplify the code that tries the

different types of media engine so the code is easier to understand and modify.

(WebCore::HTMLMediaElement::createMediaPlayer): Clear m_mediaStreamSrcObject.

• platform/graphics/MediaPlayer.cpp:

(WebCore::buildMediaEnginesVector): Add some whitespace to make it easier to read.
(WebCore::bestMediaEngineForSupportParameters): Also process mediastream and mediasource urls.
(WebCore::MediaPlayer::load): ASSERT if called when the reload timer is active.
(WebCore::MediaPlayer::loadWithNextMediaEngine): Also process mediastream and mediasource urls.

• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsType): Don't test empty/null urls.

• platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:

(WebCore::MockMediaPlayerMediaSource::supportsType): Ditto.

5:17 PM Changeset in webkit [190019] by Michael Catanzaro

• 2 edits in trunk/Source/WebKit2

[GTK] WebEditorClient::supportsGlobalSelection returns true under Wayland
​https://bugs.webkit.org/show_bug.cgi?id=149375

Reviewed by Darin Adler.

WebEditorClient::supportsGlobalSelection should return false when running under Wayland,
since Wayland does not have any equivalent for PRIMARY or the concept of a global selection.

• WebProcess/WebCoreSupport/WebEditorClient.cpp:

(WebKit::WebEditorClient::supportsGlobalSelection):

3:36 PM WebKitIDL edited by Chris Dumez

Add [SetterCallWith] (diff)

3:07 PM Changeset in webkit [190018] by mitz@apple.com

• 2 edits in trunk/Source/WebKit2

Attempted build fix.

• mac/postprocess-framework-headers.sh: Fixed an overzealous regular expression.

2:37 PM Changeset in webkit [190017] by Chris Dumez

• 17 edits in trunk/Source/WebCore

Get rid of most custom bindings for Location.idl
​https://bugs.webkit.org/show_bug.cgi?id=149370

Reviewed by Darin Adler.

Get rid of most custom bindings for Location.idl by extending support
for the [CallWith=XXX] IDL extended attribute to support 2 additional
values: ActiveWindow and FirstWindow. Also introduce a
[SetterCallWith=XXX] alternative that passes the extra arguments to
the attribute setter only, as is needed by the Location attributes.

No new tests, no intended web-exposed behavior change.

• bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
• bindings/scripts/test/GObject/WebKitDOMTestObj.h:
• bindings/scripts/test/JS/JSTestObj.cpp:
• bindings/scripts/test/ObjC/DOMTestObj.h:
• bindings/scripts/test/ObjC/DOMTestObj.mm:
• bindings/scripts/test/TestObj.idl:

Add bindings tests coverage for [SetterCallWith=XXX].

• page/Location.idl:

Also drop [DoNotCheckSecurityOnSetter] on href attribute. It has
no effet as the interface does not have [CheckSecurity].

2:05 PM Changeset in webkit [190016] by mitz@apple.com

• 2 edits in trunk/Tools

Attempted build fix.

• WebKitTestRunner/Configurations/WebKitTestRunnerApp.xcconfig:

11:15 AM Changeset in webkit [190015] by Chris Dumez

• 6 edits in trunk/Source/WebCore

Get rid of custom bindings for Document.location getter
​https://bugs.webkit.org/show_bug.cgi?id=149369

Reviewed by Andreas Kling.

Get rid of custom bindings for Document.location getter by defining
a location getter on Document that calls the one on the document's
DOMWindow. The DOMWindow location getter already has an
isCurrentlyDisplayedInFrame() check so the document does not need
to do a null check on the frame.

No new tests, no web-exposed behavior change intended.

• bindings/js/JSDocumentCustom.cpp:

(WebCore::JSDocument::location): Deleted.

• dom/Document.cpp:

(WebCore::Document::location):

• dom/Document.h:
• dom/Document.idl:
• page/DOMWindow.cpp:

(WebCore::DOMWindow::location):

8:36 AM Changeset in webkit [190014] by sbarati@apple.com

• 4 edits in trunk/Source/JavaScriptCore

VariableEnvironmentNode should inherit from ParserArenaDeletable because VariableEnvironment's must have their destructors run
​https://bugs.webkit.org/show_bug.cgi?id=149359

Reviewed by Andreas Kling.

VariableEnvironment must have its destructor run.
Therefore, VariableEnvironmentNode should inherit from ParserArenaDeletable.
Also, anything that inherits from VariableEnvironmentNode must use
ParserArenaDeletable's operator new. Also, any other nodes that own
a VariableEnvironment must also have their destructors run.

• parser/Nodes.h:

(JSC::VariableEnvironmentNode::VariableEnvironmentNode):

2:59 AM Changeset in webkit [190013] by dino@apple.com

• 3 edits
  2 adds in trunk

Null dereference loading Blink layout test svg/filters/feImage-failed-load-crash.html
​https://bugs.webkit.org/show_bug.cgi?id=149316
<rdar://problem/22749532>

Reviewed by Tim Horton.

Source/WebCore:

If an feImage triggered loading a resource, and then was removed from the document,
we'd still try to notify its parent when the resource arrived (or failed).

Merge Blink commit:
​https://chromium.googlesource.com/chromium/blink/+/9cbcfd7866bbaff0c4b3c4c8508b7c97b46d6e6a

Test: svg/filters/feImage-failed-load-crash.html

• svg/SVGFEImageElement.cpp:

(WebCore::SVGFEImageElement::notifyFinished): Add a null check to the parent element
before sending the notification.

LayoutTests:

Merge Blink commit:
​https://chromium.googlesource.com/chromium/blink/+/9cbcfd7866bbaff0c4b3c4c8508b7c97b46d6e6a

• svg/filters/feImage-failed-load-crash-expected.txt: Added.
• svg/filters/feImage-failed-load-crash.html: Added.

2:56 AM Changeset in webkit [190012] by dino@apple.com

• 3 edits
  6 adds in trunk

Null dereference loading Blink layout test svg/custom/use-href-attr-removal-crash.html
​https://bugs.webkit.org/show_bug.cgi?id=149315
<rdar://problem/22749358>

Reviewed by Tim Horton.

Source/WebCore:

We were not checking if the corresponding element referenced from
the SVG <use> actually existed before trying to set attributes on it.
The original Blink change is a little more detailed:
​https://chromium.googlesource.com/chromium/blink/+/e2f1087f32bb088160ab7d59a715a1403ef267c7
However, we've significantly diverged at this point.

Tests: svg/custom/use-href-attr-removal-crash.html

svg/custom/use-href-attr-removal-crash2.svg
svg/custom/use-href-change-local-to-invalid-remote.html

• svg/SVGUseElement.cpp:

(WebCore::SVGUseElement::transferSizeAttributesToTargetClone):

LayoutTests:

These tests, copied from Blink, should not crash.
The originals come from:
​https://chromium.googlesource.com/chromium/blink/+/e2f1087f32bb088160ab7d59a715a1403ef267c7

• svg/custom/use-href-attr-removal-crash.html: Added.
• svg/custom/use-href-attr-removal-crash-expected.txt: Added.
• svg/custom/use-href-attr-removal-crash2.svg: Added.
• svg/custom/use-href-attr-removal-crash2-expected.txt: Added.
• svg/custom/use-href-change-local-to-invalid-remote.html: Added.
• svg/custom/use-href-change-local-to-invalid-remote-expected.txt: Added.

1:57 AM Changeset in webkit [190011] by achristensen@apple.com

• 2 edits in trunk/Source/WebKit

Fix Windows tests after r189934.

• CMakeLists.txt:

Include WebKit.rc to include resources like missingImage.png in WebKit.dll.

Sep 18, 2015:

10:00 PM Changeset in webkit [190010] by ap@apple.com

• 2 edits in trunk/LayoutTests

Update Mac expectations for http/tests/cache/iframe-304-crash.html.
This test is flaky everywhere, not just on Mavericks and Yosemite.

• platform/mac-wk2/TestExpectations:

9:48 PM Changeset in webkit [190009] by commit-queue@webkit.org

• 21 edits in trunk

Unreviewed, rolling out r189908.
​https://bugs.webkit.org/show_bug.cgi?id=149368

Broke run-webkit-tests --pixel (Requested by ap on #webkit).

Reverted changeset:

"printing does not use minimum page zoom factor"
​https://bugs.webkit.org/show_bug.cgi?id=108507
​http://trac.webkit.org/changeset/189908

9:18 PM Changeset in webkit [190008] by rniwa@webkit.org

• 4 edits
  2 adds in trunk

Inserting or removing slot elements can cause a crash
​https://bugs.webkit.org/show_bug.cgi?id=149365

Reviewed by Antti Koivisto.

Source/WebCore:

HTMLSlotElement::insertedInto and removedFrom were doing completely non-sensical.

Since insertedInto and removedFrom are called on an element whenever it or its ancestor is inserted into
or removed from a container node, we can't always call addSlotElementByName removeSlotElementByName when
those functions are called. Instead, we need to check whether this slot has been inserted into or removed
from a container node that resides inside a shadow root.

Also reverted r189906 since the change was made upon a bogus assumption I had made.

Test: fast/shadow-dom/slot-removal-crash.html

• dom/Element.cpp:

(WebCore::Element::insertedInto): Added comments.
(WebCore::Element::removedFrom): Ditto.
(WebCore::Element::addShadowRoot): Reverted r189906.
(WebCore::Element::removeShadowRoot): Ditto.

• html/HTMLSlotElement.cpp:

(WebCore::HTMLSlotElement::insertedInto): When the insertion point's tree scope is different from ours,
the insertion happened to our shadow host or its ancestor. There is nothing to be done in that case since
the shadow tree was not modified (in particular, our relationship with our shadow root never changed).
We also don't do anything if we got inserted into a parent which is not inside a shadow tree.

(WebCore::HTMLSlotElement::removedFrom): Since Container::removeBetween sets the tree scope before this
function is getting called, we can't compare this element's treeScope with that of the "insertion" point.
They're always different regardless of whether the insertion point was in the same shadow tree to which
we belong or its shadow host's. However, since a node removed from a shadow tree is put into document's
tree scope before this function is called and InShadowTree flag is unset in Node::removedFrom at the end
of this function, this slot element is definitely being removed from its shadow root when isInShadowTree()
is true and the newly set tree scope is of the document. So call removeSlotElementByName if and only if
that condition holds.

(WebCore::HTMLSlotElement::getDistributedNodes): Explicitly check that we're inside a shadow root.

LayoutTests:

Added regression tests.

• fast/shadow-dom/slot-removal-crash.html: Added.

7:53 PM Changeset in webkit [190007] by rniwa@webkit.org

• 4 edits in trunk/Source/WebCore

REGRESSION(r150187): updateIdForTreeScope may not be called inside shadow trees
​https://bugs.webkit.org/show_bug.cgi?id=149364

Reviewed by Antti Koivisto.

Since the tree scope is set to that of Document's inside removeBetween when a node is removed from a shadow tree,
oldScope != &treeScope() was already true inside Element::removedFrom. This can introduce an inconsistency in
DocumentOrderedMap which could result in a crash. Fixed the bug by checking it against document(), which is the
behavior we had prior to r150187.

Also added a consistency check in DocumentOrderedMap to catch bugs like this.

No new tests. New assertions fail in existing tests without this fix.

• dom/DocumentOrderedMap.cpp:

(WebCore::DocumentOrderedMap::add):
(WebCore::DocumentOrderedMap::remove):
(WebCore::DocumentOrderedMap::get):

• dom/DocumentOrderedMap.h:
• dom/Element.cpp:

(WebCore::Element::removedFrom):

7:31 PM Changeset in webkit [190006] by Antti Koivisto

• 4 edits
  2 adds in trunk

Don't create renderers for children of shadow host
​https://bugs.webkit.org/show_bug.cgi?id=149363

Reviewed by Ryosuke Niwa.

Source/WebCore:

Test: fast/shadow-dom/css-scoping-shadow-root-hides-children.html

• dom/ShadowRoot.h:
• style/StyleResolveTree.cpp:

(WebCore::Style::attachRenderTree):
(WebCore::Style::resolveShadowTree):
(WebCore::Style::resolveChildren):
(WebCore::Style::resolveTree):

LayoutTests:

• fast/shadow-dom/css-scoping-shadow-root-hides-children-expected.html: Added.
• fast/shadow-dom/css-scoping-shadow-root-hides-children.html: Added.

7:18 PM Changeset in webkit [190005] by commit-queue@webkit.org

• 3 edits in trunk/Source/JavaScriptCore

Remove duplicate code in the WebAssembly parser
​https://bugs.webkit.org/show_bug.cgi?id=149361

Patch by Sukolsak Sakshuwong <Sukolsak Sakshuwong> on 2015-09-18
Reviewed by Saam Barati.

Refactor the methods for parsing GetLocal and GetGlobal in WebAssembly
to remove duplicate code.

• wasm/WASMFunctionParser.cpp:

(JSC::nameOfType):
(JSC::WASMFunctionParser::parseExpressionI32):
(JSC::WASMFunctionParser::parseExpressionF32):
(JSC::WASMFunctionParser::parseExpressionF64):
(JSC::WASMFunctionParser::parseUnaryExpressionF64):
(JSC::WASMFunctionParser::parseBinaryExpressionF64):
(JSC::WASMFunctionParser::parseGetLocalExpression):
(JSC::WASMFunctionParser::parseGetGlobalExpression):
(JSC::WASMFunctionParser::parseGetLocalExpressionI32): Deleted.
(JSC::WASMFunctionParser::parseGetGlobalExpressionI32): Deleted.
(JSC::WASMFunctionParser::parseGetLocalExpressionF32): Deleted.
(JSC::WASMFunctionParser::parseGetGlobalExpressionF32): Deleted.
(JSC::WASMFunctionParser::parseGetLocalExpressionF64): Deleted.
(JSC::WASMFunctionParser::parseGetGlobalExpressionF64): Deleted.

• wasm/WASMFunctionParser.h:

6:26 PM Changeset in webkit [190004] by sbarati@apple.com

• 2 edits in trunk/Source/JavaScriptCore

Refactor common code between GetCatchHandlerFunctor and UnwindFunctor
​https://bugs.webkit.org/show_bug.cgi?id=149276

Reviewed by Mark Lam.

There is currently code copy-pasted between these
two functors. Lets not do that. It's better to write
a function, even if the function is small.

I also did a bit of renaming to make the intent of the
unwindCallFrame function clear. The name of the function
didn't really indicate what it did. It decided if it was
okay to unwind further, and it also notified the debugger.
I've renamed the function to notifyDebuggerOfUnwinding.
And I've inlined the logic of deciding if it's okay
to unwind further into UnwindFunctor itself.

• interpreter/Interpreter.cpp:

(JSC::Interpreter::isOpcode):
(JSC::getStackFrameCodeType):
(JSC::Interpreter::stackTraceAsString):
(JSC::findExceptionHandler):
(JSC::GetCatchHandlerFunctor::GetCatchHandlerFunctor):
(JSC::GetCatchHandlerFunctor::operator()):
(JSC::notifyDebuggerOfUnwinding):
(JSC::UnwindFunctor::UnwindFunctor):
(JSC::UnwindFunctor::operator()):
(JSC::Interpreter::notifyDebuggerOfExceptionToBeThrown):
(JSC::unwindCallFrame): Deleted.

6:25 PM Changeset in webkit [190003] by Darin Adler

• 13 edits
  2 deletes in trunk/Source/WebCore

Refine and simplify some color-related code
​https://bugs.webkit.org/show_bug.cgi?id=148961

Reviewed by Anders Carlsson.

Refactoring code that seems to be covered by existing tests.

• css/CSSParser.cpp:

(WebCore::CSSParser::parseColor): Handle the empty string efficiently so that
callers don't need to do that.

• platform/graphics/Color.h: Started adding comments about deprecation.

Added RGBA class for future use whenever we need an RGBA quadruplet rather than
a color with a color space. Added FIXME about future evoluation of the classes here.
Added OptionalColor so we can start removing the "invalid color" feature from Color.
Added roundAndClampColorChannel function.

• svg/ColorDistance.cpp: Removed.
• svg/ColorDistance.h: Removed.

• CMakeLists.txt: Removed ColorDistance.
• WebCore.vcxproj/WebCore.vcxproj: Ditto.
• WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
• WebCore.xcodeproj/project.pbxproj: Ditto.
• svg/SVGAllInOne.cpp: Ditto.

• svg/SVGAnimatedColor.cpp:

(WebCore::SVGAnimatedColorAnimator::SVGAnimatedColorAnimator): Changed to take
a reference instead of a pointer.
(WebCore::SVGAnimatedColorAnimator::constructFromString): Simplified since the
SVGColor::colorFromRGBColorString will handle the empty string.
(WebCore::SVGAnimatedColorAnimator::addAnimatedTypes): Moved the code to add the
RGB channels of two colors here from ColorDistance::addColors since this is the
only place it was used.
(WebCore::currentColor): Refactored adjustForCurrentColor function into this.
Helper for the code below.
(WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue): Refactored to use
the new currentColor function and replaced the use of the ColorDistance::clampColor
function here with a bit of code here in the one place it was used.
(WebCore::SVGAnimatedColorAnimator::calculateDistance): Moved the distance algorithm
here from ColorDistance::distance.

• svg/SVGAnimatedColor.h: Removed unneeded forward declaration, changed constructor

to take references instead of pointers, and made all class member functions private.

• svg/SVGAnimatedType.cpp:

(WebCore::SVGAnimatedType::setValueAsString): Removed special case for empty string,
since SVGColor::colorFromRGBColorString does the same thing.

• svg/SVGAnimatorFactory.h:

(WebCore::SVGAnimatorFactory::create): Pass references rather tha pointers to the
SVGAnimatedColorAnimator constructor.

• svg/SVGColor.cpp:

(WebCore::SVGColor::colorFromRGBColorString): Added more FIXMEs about the future of
this function.
(WebCore::SVGColor::setRGBColor): Fixed confusing verb tense.
(WebCore::SVGColor::customCSSText): Use ASCII literal for an ASCII literal.

5:31 PM Changeset in webkit [190002] by commit-queue@webkit.org

• 7 edits in trunk/Source/JavaScriptCore

Implement the arithmetic instructions for doubles in WebAssembly
​https://bugs.webkit.org/show_bug.cgi?id=148945

Patch by Sukolsak Sakshuwong <Sukolsak Sakshuwong> on 2015-09-18
Reviewed by Geoffrey Garen.

This patch implements the arithmetic instructions for doubles (float64)
in WebAssembly.

• tests/stress/wasm-arithmetic-float64.js:
• tests/stress/wasm/arithmetic-float64.wasm:
• wasm/WASMFunctionCompiler.h:

(JSC::WASMFunctionCompiler::buildUnaryF64):
(JSC::WASMFunctionCompiler::buildBinaryF64):
(JSC::WASMFunctionCompiler::callOperation):

• wasm/WASMFunctionParser.cpp:

(JSC::WASMFunctionParser::parseExpressionF64):
(JSC::WASMFunctionParser::parseUnaryExpressionF64):
(JSC::WASMFunctionParser::parseBinaryExpressionF64):

• wasm/WASMFunctionParser.h:
• wasm/WASMFunctionSyntaxChecker.h:

(JSC::WASMFunctionSyntaxChecker::buildUnaryF64):
(JSC::WASMFunctionSyntaxChecker::buildBinaryF32):
(JSC::WASMFunctionSyntaxChecker::buildBinaryF64):

4:57 PM Changeset in webkit [190001] by eric.carlson@apple.com

• 2 edits in trunk/Source/WebCore

UserMediaClientMock leaks every test run
​https://bugs.webkit.org/show_bug.cgi?id=149358

Reviewed by Tim Horton.

• platform/mock/UserMediaClientMock.h: Implement pageDestroyed.

4:51 PM Changeset in webkit [190000] by achristensen@apple.com

• 1 edit in trunk/Source/WebCore/ChangeLog

190,000!

4:51 PM Changeset in webkit [189999] by msaboff@apple.com

• 14 edits
  8 adds in trunk/Source/JavaScriptCore

[ES6] Tail call fast path should efficiently reuse the frame's stack space
​https://bugs.webkit.org/show_bug.cgi?id=148662

Patch by Basile Clement <​basile_clement@apple.com> on 2015-09-18
Reviewed by Geoffrey Garen.

This introduces a new class (CallFrameShuffler) that is responsible for
efficiently building the new frames when performing a tail call. In
order for Repatch to know about the position of arguments on the
stack/registers (e.g. for polymorphic call inline caches), we store a
CallFrameShuffleData in the CallLinkInfo. Otherwise, the JIT and DFG
compiler are now using CallFrameShuffler instead of
CCallHelpers::prepareForTailCallSlow() to build the frame for a tail
call.

When taking a slow path, we still build the frame as if doing a regular
call, because we could throw an exception and need the caller's frame
at that point. This means that for virtual calls, we don't benefit from
the efficient frame move for now.

• CMakeLists.txt:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
• JavaScriptCore.xcodeproj/project.pbxproj:
• assembler/ARMv7Assembler.h:

(JSC::ARMv7Assembler::firstRegister):
(JSC::ARMv7Assembler::lastRegister):
(JSC::ARMv7Assembler::firstFPRegister):
(JSC::ARMv7Assembler::lastFPRegister):

• assembler/AbortReason.h:
• bytecode/CallLinkInfo.h:

(JSC::CallLinkInfo::setFrameShuffleData):
(JSC::CallLinkInfo::frameShuffleData):

• bytecode/ValueRecovery.h:

(JSC::ValueRecovery::inRegister):

• dfg/DFGGenerationInfo.h:

(JSC::DFG::GenerationInfo::recovery):

• jit/CachedRecovery.cpp: Added.

(JSC::CachedRecovery::loadsIntoFPR):
(JSC::CachedRecovery::loadsIntoGPR):

• jit/CachedRecovery.h: Added.

(JSC::CachedRecovery::CachedRecovery):
(JSC::CachedRecovery::targets):
(JSC::CachedRecovery::addTarget):
(JSC::CachedRecovery::removeTarget):
(JSC::CachedRecovery::clearTargets):
(JSC::CachedRecovery::setWantedJSValueRegs):
(JSC::CachedRecovery::setWantedFPR):
(JSC::CachedRecovery::boxingRequiresGPR):
(JSC::CachedRecovery::boxingRequiresFPR):
(JSC::CachedRecovery::recovery):
(JSC::CachedRecovery::setRecovery):
(JSC::CachedRecovery::wantedJSValueRegs):
(JSC::CachedRecovery::wantedFPR):

• jit/CallFrameShuffleData.cpp: Added.

(JSC::CallFrameShuffleData::setupCalleeSaveRegisters):

• jit/CallFrameShuffleData.h: Added.
• jit/CallFrameShuffler.cpp: Added.

(JSC::CallFrameShuffler::CallFrameShuffler):
(JSC::CallFrameShuffler::dump):
(JSC::CallFrameShuffler::getCachedRecovery):
(JSC::CallFrameShuffler::setCachedRecovery):
(JSC::CallFrameShuffler::spill):
(JSC::CallFrameShuffler::emitDeltaCheck):
(JSC::CallFrameShuffler::prepareForSlowPath):
(JSC::CallFrameShuffler::prepareForTailCall):
(JSC::CallFrameShuffler::tryWrites):
(JSC::CallFrameShuffler::performSafeWrites):
(JSC::CallFrameShuffler::prepareAny):

• jit/CallFrameShuffler.h: Added.

(JSC::CallFrameShuffler::lockGPR):
(JSC::CallFrameShuffler::acquireGPR):
(JSC::CallFrameShuffler::releaseGPR):
(JSC::CallFrameShuffler::snapshot):
(JSC::CallFrameShuffler::setCalleeJSValueRegs):
(JSC::CallFrameShuffler::assumeCalleeIsCell):
(JSC::CallFrameShuffler::canBox):
(JSC::CallFrameShuffler::ensureBox):
(JSC::CallFrameShuffler::ensureLoad):
(JSC::CallFrameShuffler::canLoadAndBox):
(JSC::CallFrameShuffler::updateRecovery):
(JSC::CallFrameShuffler::clearCachedRecovery):
(JSC::CallFrameShuffler::addCachedRecovery):
(JSC::CallFrameShuffler::numLocals):
(JSC::CallFrameShuffler::getOld):
(JSC::CallFrameShuffler::setOld):
(JSC::CallFrameShuffler::firstOld):
(JSC::CallFrameShuffler::lastOld):
(JSC::CallFrameShuffler::isValidOld):
(JSC::CallFrameShuffler::argCount):
(JSC::CallFrameShuffler::getNew):
(JSC::CallFrameShuffler::setNew):
(JSC::CallFrameShuffler::addNew):
(JSC::CallFrameShuffler::firstNew):
(JSC::CallFrameShuffler::lastNew):
(JSC::CallFrameShuffler::isValidNew):
(JSC::CallFrameShuffler::newAsOld):
(JSC::CallFrameShuffler::getFreeRegister):
(JSC::CallFrameShuffler::getFreeGPR):
(JSC::CallFrameShuffler::getFreeFPR):
(JSC::CallFrameShuffler::hasFreeRegister):
(JSC::CallFrameShuffler::ensureRegister):
(JSC::CallFrameShuffler::ensureGPR):
(JSC::CallFrameShuffler::ensureFPR):
(JSC::CallFrameShuffler::addressForOld):
(JSC::CallFrameShuffler::isUndecided):
(JSC::CallFrameShuffler::isSlowPath):
(JSC::CallFrameShuffler::addressForNew):
(JSC::CallFrameShuffler::dangerFrontier):
(JSC::CallFrameShuffler::isDangerNew):
(JSC::CallFrameShuffler::updateDangerFrontier):
(JSC::CallFrameShuffler::hasOnlySafeWrites):

• jit/CallFrameShuffler32_64.cpp: Added.

(JSC::CallFrameShuffler::emitStore):
(JSC::CallFrameShuffler::emitBox):
(JSC::CallFrameShuffler::emitLoad):
(JSC::CallFrameShuffler::canLoad):
(JSC::CallFrameShuffler::emitDisplace):

• jit/CallFrameShuffler64.cpp: Added.

(JSC::CallFrameShuffler::emitStore):
(JSC::CallFrameShuffler::emitBox):
(JSC::CallFrameShuffler::emitLoad):
(JSC::CallFrameShuffler::canLoad):
(JSC::CallFrameShuffler::emitDisplace):

• jit/JITCall.cpp:

(JSC::JIT::compileOpCall):
(JSC::JIT::compileOpCallSlowCase):

• jit/RegisterMap.cpp:

(JSC::RegisterMap::RegisterMap):
(JSC::GPRMap::GPRMap):
(JSC::FPRMap::FPRMap):

• jit/Repatch.cpp:

(JSC::linkPolymorphicCall):

4:46 PM Changeset in webkit [189998] by jacob_nielsen@apple.com

• 3 edits in trunk/LayoutTests

Adds more flaky tests to TestExpecations for iOS and WK2

• platform/ios-simulator/TestExpectations:
• platform/wk2/TestExpectations:

4:45 PM Changeset in webkit [189997] by aestes@apple.com

• 4 edits
  2 adds in trunk

[iOS] did{Start,Finish}LoadForQuickLookDocumentInMainFrame is never called on WKNavigationDelegate
​https://bugs.webkit.org/show_bug.cgi?id=149360

Reviewed by Tim Horton.

Source/WebKit2:

• UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::didStartLoadForQuickLookDocumentInMainFrame): Called on m_navigationDelegate if non-null.
(WebKit::WebPageProxy::didFinishLoadForQuickLookDocumentInMainFrame): Ditto.

Tools:

Added an API test.

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKit2Cocoa/QuickLook.mm: Added.

(-[QuickLookNavigationDelegate _webView:didStartLoadForQuickLookDocumentInMainFrameWithFileName:uti:]):
(-[QuickLookNavigationDelegate _webView:didFinishLoadForQuickLookDocumentInMainFrame:]):
(-[QuickLookNavigationDelegate webView:didFinishNavigation:]):
(TEST):

• TestWebKitAPI/ios/pages.pages: Added.

4:43 PM Changeset in webkit [189996] by sbarati@apple.com

• 1 edit
  6 adds in trunk/LayoutTests

add a regress test for richards with try/catch.
​https://bugs.webkit.org/show_bug.cgi?id=149301

Reviewed by Filip Pizlo.

This adds two variants of Octane/richards benchmark using
try/catch. One try/catch variant that actually throws.
Another that never throws. I've included try/catch inside
every function and every loop.

• js/regress/richards-empty-try-catch-expected.txt: Added.
• js/regress/richards-empty-try-catch.html: Added.
• js/regress/richards-try-catch-expected.txt: Added.
• js/regress/richards-try-catch.html: Added.
• js/regress/script-tests/richards-empty-try-catch.js: Added.

(runRichards):
(Scheduler):
(Scheduler.prototype.addIdleTask):
(Scheduler.prototype.addWorkerTask):
(Scheduler.prototype.addHandlerTask):
(Scheduler.prototype.addDeviceTask):
(Scheduler.prototype.addRunningTask):
(Scheduler.prototype.addTask):
(Scheduler.prototype.schedule):
(Scheduler.prototype.release):
(Scheduler.prototype.holdCurrent):
(Scheduler.prototype.suspendCurrent):
(Scheduler.prototype.queue):
(TaskControlBlock):
(TaskControlBlock.prototype.setRunning):
(TaskControlBlock.prototype.markAsNotHeld):
(TaskControlBlock.prototype.markAsHeld):
(TaskControlBlock.prototype.isHeldOrSuspended):
(TaskControlBlock.prototype.markAsSuspended):
(TaskControlBlock.prototype.markAsRunnable):
(TaskControlBlock.prototype.run):
(TaskControlBlock.prototype.checkPriorityAdd):
(TaskControlBlock.prototype.toString):
(IdleTask):
(IdleTask.prototype.run):
(IdleTask.prototype.toString):
(DeviceTask):
(DeviceTask.prototype.run):
(DeviceTask.prototype.toString):
(WorkerTask):
(WorkerTask.prototype.run):
(WorkerTask.prototype.toString):
(HandlerTask):
(HandlerTask.prototype.run):
(HandlerTask.prototype.toString):
(Packet):
(Packet.prototype.addTo):
(Packet.prototype.toString):

• js/regress/script-tests/richards-try-catch.js: Added.

(randomException):
(runRichards):
(Scheduler):
(Scheduler.prototype.addIdleTask):
(Scheduler.prototype.addWorkerTask):
(Scheduler.prototype.addHandlerTask):
(Scheduler.prototype.addDeviceTask):
(Scheduler.prototype.addRunningTask):
(Scheduler.prototype.addTask):
(Scheduler.prototype.schedule):
(Scheduler.prototype.release):
(Scheduler.prototype.holdCurrent):
(Scheduler.prototype.suspendCurrent):
(Scheduler.prototype.queue):
(TaskControlBlock):
(TaskControlBlock.prototype.setRunning):
(TaskControlBlock.prototype.markAsNotHeld):
(TaskControlBlock.prototype.markAsHeld):
(TaskControlBlock.prototype.isHeldOrSuspended):
(TaskControlBlock.prototype.markAsSuspended):
(TaskControlBlock.prototype.markAsRunnable):
(TaskControlBlock.prototype.run):
(TaskControlBlock.prototype.checkPriorityAdd):
(TaskControlBlock.prototype.toString):
(IdleTask):
(IdleTask.prototype.run):
(IdleTask.prototype.toString):
(DeviceTask):
(DeviceTask.prototype.run):
(DeviceTask.prototype.toString):
(WorkerTask):
(WorkerTask.prototype.run):
(WorkerTask.prototype.toString):
(HandlerTask):
(HandlerTask.prototype.run):
(HandlerTask.prototype.toString):
(Packet):
(Packet.prototype.addTo):
(Packet.prototype.toString):

4:37 PM Changeset in webkit [189995] by sbarati@apple.com

• 42 edits
  20 adds in trunk

Implement try/catch in the DFG.
​https://bugs.webkit.org/show_bug.cgi?id=147374

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

This patch implements try/catch inside the DFG JIT.
It also prevents tier up to the FTL for any functions
that have an op_catch in them that are DFG compiled.

This patch accomplishes implementing try/catch inside
the DFG by OSR exiting to op_catch when an exception is thrown.
We can OSR exit from an exception inside the DFG in two ways:
1) We have a JS call (can also be via implicit getter/setter in GetById/PutById)
2) We have an exception when returing from a callOperation

In the case of (1), we get to the OSR exit from genericUnwind because
the exception was thrown in a child call frame. This means these
OSR exits must act as defacto op_catches (even though we will still OSR
exit to a baseline op_catch). That means they must restore the stack pointer
and call frame.

In the case of (2), we can skip genericUnwind because we know the exception
check will take us to a particular OSR exit. Instead, we link these
exception checks as jumps to a particular OSR exit.

Both types of OSR exits will exit into op_catch inside the baseline JIT.
Because they exit to op_catch, these OSR exits must set callFrameForCatch
to the proper call frame pointer.

We "handle" all exceptions inside the machine frame of the DFG code
block. This means the machine code block is responsible for "catching"
exceptions of any inlined frames' try/catch. OSR exit will then exit to
the proper baseline CodeBlock after reifying the inlined frames
(DFG::OSRExit::m_codeOrigin corresponds to the op_catch we will exit to).
Also, genericUnwind will never consult an inlined call frame's CodeBlock to
see if they can catch the exception because they can't. We always unwind to the
next machine code block frame. The DFG CodeBlock changes how the exception
handler table is keyed: it is now keyed by CallSiteIndex for DFG code blocks.

So, when consulting call sites that throw, we keep track of the CallSiteIndex,
and the HandlerInfo for the corresponding baseline exception handler for
that particular CallSiteIndex (if an exception at that call site will be caught).
Then, when we're inside DFG::JITCompiler::link(), we install new HandlerInfo's
inside the DFG CodeBlock and key it by the corresponding CallSiteIndex.
(The CodeBlock only has HandlerInfos for the OSR exits that are to be arrived
at from genericUnwind).

Also, each OSR exit will know if it acting as an exception handler, and
whether or not it will be arrived at from genericUnwind. When we know we
will arrive at an OSR exit from genericUnwind, we set the corresponding
HandlerInfo's nativeCode CodeLocationLabel field to be the OSR exit.

This patch also introduces a new Phase inside the DFG that ensures
that DFG CodeBlocks that handle exceptions take the necessary
steps to keep live variables at "op_catch" live according the
OSR exit value recovery machinery. We accomplish this by flushing
all live op_catch variables to the stack when inside a "try" block.

• CMakeLists.txt:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
• JavaScriptCore.xcodeproj/project.pbxproj:
• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::handlerForBytecodeOffset):
(JSC::CodeBlock::handlerForIndex):

• bytecode/CodeBlock.h:

(JSC::CodeBlock::clearExceptionHandlers):
(JSC::CodeBlock::appendExceptionHandler):

• bytecode/PreciseJumpTargets.cpp:

(JSC::computePreciseJumpTargets):

• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::getLocal):
(JSC::DFG::ByteCodeParser::setLocal):
(JSC::DFG::ByteCodeParser::parseBlock):

• dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

• dfg/DFGCommonData.cpp:

(JSC::DFG::CommonData::addCodeOrigin):
(JSC::DFG::CommonData::lastCallSite):
(JSC::DFG::CommonData::shrinkToFit):

• dfg/DFGCommonData.h:
• dfg/DFGGraph.h:
• dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::linkOSRExits):
(JSC::DFG::JITCompiler::link):
(JSC::DFG::JITCompiler::compile):
(JSC::DFG::JITCompiler::noticeOSREntry):
(JSC::DFG::JITCompiler::appendExceptionHandlingOSRExit):
(JSC::DFG::JITCompiler::willCatchExceptionInMachineFrame):
(JSC::DFG::JITCompiler::exceptionCheck):
(JSC::DFG::JITCompiler::recordCallSiteAndGenerateExceptionHandlingOSRExitIfNeeded):

• dfg/DFGJITCompiler.h:

(JSC::DFG::JITCompiler::emitStoreCodeOrigin):
(JSC::DFG::JITCompiler::emitStoreCallSiteIndex):
(JSC::DFG::JITCompiler::appendCall):
(JSC::DFG::JITCompiler::exceptionCheckWithCallFrameRollback):
(JSC::DFG::JITCompiler::blockHeads):
(JSC::DFG::JITCompiler::exceptionCheck): Deleted.

• dfg/DFGLiveCatchVariablePreservationPhase.cpp: Added.

(JSC::DFG::FlushLiveCatchVariablesInsertionPhase::FlushLiveCatchVariablesInsertionPhase):
(JSC::DFG::FlushLiveCatchVariablesInsertionPhase::run):
(JSC::DFG::FlushLiveCatchVariablesInsertionPhase::willCatchException):
(JSC::DFG::FlushLiveCatchVariablesInsertionPhase::handleBlock):
(JSC::DFG::FlushLiveCatchVariablesInsertionPhase::newVariableAccessData):
(JSC::DFG::performLiveCatchVariablePreservationPhase):

• dfg/DFGLiveCatchVariablePreservationPhase.h: Added.
• dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::OSRExit):
(JSC::DFG::OSRExit::setPatchableCodeOffset):

• dfg/DFGOSRExit.h:

(JSC::DFG::OSRExit::considerAddingAsFrequentExitSite):

• dfg/DFGOSRExitCompiler.cpp:
• dfg/DFGOSRExitCompiler32_64.cpp:

(JSC::DFG::OSRExitCompiler::compileExit):

• dfg/DFGOSRExitCompiler64.cpp:

(JSC::DFG::OSRExitCompiler::compileExit):

• dfg/DFGOSRExitCompilerCommon.cpp:

(JSC::DFG::osrWriteBarrier):
(JSC::DFG::adjustAndJumpToTarget):

• dfg/DFGOSRExitCompilerCommon.h:
• dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

• dfg/DFGSlowPathGenerator.h:

(JSC::DFG::SlowPathGenerator::SlowPathGenerator):
(JSC::DFG::SlowPathGenerator::~SlowPathGenerator):
(JSC::DFG::SlowPathGenerator::generate):

• dfg/DFGSpeculativeJIT.h:
• dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::emitCall):

• dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::emitCall):

• dfg/DFGTierUpCheckInjectionPhase.cpp:

(JSC::DFG::TierUpCheckInjectionPhase::run):

• ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileStub):

• interpreter/Interpreter.cpp:

(JSC::GetCatchHandlerFunctor::operator()):
(JSC::UnwindFunctor::operator()):

• interpreter/StackVisitor.cpp:

(JSC::StackVisitor::gotoNextFrame):
(JSC::StackVisitor::unwindToMachineCodeBlockFrame):
(JSC::StackVisitor::readFrame):

• interpreter/StackVisitor.h:

(JSC::StackVisitor::operator*):
(JSC::StackVisitor::operator->):

• jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::emitExceptionCheck):
(JSC::AssemblyHelpers::emitNonPatchableExceptionCheck):
(JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo):

• jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::emitCount):

• jit/JITExceptions.cpp:

(JSC::genericUnwind):

• jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_catch):

• jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_catch):

• llint/LowLevelInterpreter32_64.asm:
• llint/LowLevelInterpreter64.asm:
• runtime/VM.cpp:

(JSC::VM::VM):

• runtime/VM.h:

(JSC::VM::clearException):
(JSC::VM::clearLastException):
(JSC::VM::addressOfCallFrameForCatch):
(JSC::VM::exception):
(JSC::VM::addressOfException):

• tests/stress/dfg-exception-try-catch-in-constructor-with-inlined-throw.js: Added.

(f):
(bar):
(Foo):

• tests/stress/es6-for-of-loop-exception.js: Added.

(assert):
(shouldThrowInvalidConstAssignment):
(baz):
(foo):

• tests/stress/exception-dfg-inlined-frame-not-strict-equal.js: Added.

(assert):
(o.valueOf):
(o.toString):
(read):
(bar):
(foo):

• tests/stress/exception-dfg-not-strict-equal.js: Added.

(foo):
(o.valueOf):
(o.toString):
(assert):
(shouldDoSomethingInFinally):
(catch):

• tests/stress/exception-dfg-operation-read-value.js: Added.

(assert):
(o.valueOf):
(o.toString):
(read):
(foo):

• tests/stress/exception-dfg-throw-from-catch-block.js: Added.

(assert):
(baz):
(bar):
(foo):

LayoutTests:

• js/regress/raytrace-with-empty-try-catch-expected.txt: Added.
• js/regress/raytrace-with-empty-try-catch.html: Added.
• js/regress/raytrace-with-try-catch-expected.txt: Added.
• js/regress/raytrace-with-try-catch.html: Added.
• js/regress/script-tests/raytrace-with-empty-try-catch.js: Added.

(createVector):
(sqrLengthVector):
(lengthVector):
(addVector):
(subVector):
(scaleVector):
(normaliseVector):
(add):
(sub):
(scalev):
(dot):
(scale):
(cross):
(normalise):
(transformMatrix):
(invertMatrix):
(Triangle):
(Triangle.prototype.intersect):
(Scene):
(Scene.prototype.intersect):
(Scene.prototype.blocked):
(Camera):
(Camera.prototype.generateRayPair):
(renderRows):
(Camera.prototype.render):
(raytraceScene.floorShader):
(raytraceScene):
(arrayToCanvasCommands):

• js/regress/script-tests/raytrace-with-try-catch.js: Added.

(randomException):
(createVector):
(sqrLengthVector):
(lengthVector):
(addVector):
(subVector):
(scaleVector):
(normaliseVector):
(add):
(sub):
(scalev):
(dot):
(scale):
(cross):
(normalise):
(transformMatrix):
(invertMatrix):
(Triangle):
(Triangle.prototype.intersect):
(Scene):
(Scene.prototype.intersect):
(Scene.prototype.blocked):
(Camera):
(Camera.prototype.generateRayPair):
(renderRows):
(Camera.prototype.render):
(raytraceScene.floorShader):
(raytraceScene):
(arrayToCanvasCommands):

• js/regress/script-tests/v8-raytrace-with-empty-try-catch.js: Added.

(Class.create):
(Object.extend):
(Flog.RayTracer.Color.prototype.initialize):
(Flog.RayTracer.Color.prototype.add):
(Flog.RayTracer.Color.prototype.addScalar):
(Flog.RayTracer.Color.prototype.subtract):
(Flog.RayTracer.Color.prototype.multiply):
(Flog.RayTracer.Color.prototype.multiplyScalar):
(Flog.RayTracer.Color.prototype.divideFactor):
(Flog.RayTracer.Color.prototype.limit):
(Flog.RayTracer.Color.prototype.distance):
(Flog.RayTracer.Color.prototype.blend):
(Flog.RayTracer.Color.prototype.brightness):
(Flog.RayTracer.Color.prototype.toString):
(Flog.RayTracer.Light.prototype.initialize):
(Flog.RayTracer.Light.prototype.toString):
(Flog.RayTracer.Vector.prototype.initialize):
(Flog.RayTracer.Vector.prototype.copy):
(Flog.RayTracer.Vector.prototype.normalize):
(Flog.RayTracer.Vector.prototype.magnitude):
(Flog.RayTracer.Vector.prototype.cross):
(Flog.RayTracer.Vector.prototype.dot):
(Flog.RayTracer.Vector.prototype.add):
(Flog.RayTracer.Vector.prototype.subtract):
(Flog.RayTracer.Vector.prototype.multiplyVector):
(Flog.RayTracer.Vector.prototype.multiplyScalar):
(Flog.RayTracer.Vector.prototype.toString):
(Flog.RayTracer.Ray.prototype.initialize):
(Flog.RayTracer.Ray.prototype.toString):
(Flog.RayTracer.Scene.prototype.initialize):
(Flog.RayTracer.Material.BaseMaterial.prototype.initialize):
(Flog.RayTracer.Material.BaseMaterial.prototype.getColor):
(Flog.RayTracer.Material.BaseMaterial.prototype.wrapUp):
(Flog.RayTracer.Material.BaseMaterial.prototype.toString):
(Flog.RayTracer.Material.Solid.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.initialize):
(Flog.RayTracer.Material.Solid.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.getColor):
(Flog.RayTracer.Material.Solid.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.toString):
(Flog.RayTracer.Material.Solid.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial):
(Flog.RayTracer.Material.Chessboard.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.initialize):
(Flog.RayTracer.Material.Chessboard.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.getColor):
(Flog.RayTracer.Material.Chessboard.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.toString):
(Flog.RayTracer.Material.Chessboard.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial):
(Flog.RayTracer.Shape.Sphere.prototype.initialize):
(Flog.RayTracer.Shape.Sphere.prototype.intersect):
(Flog.RayTracer.Shape.Sphere.prototype.toString):
(Flog.RayTracer.Shape.Plane.prototype.initialize):
(Flog.RayTracer.Shape.Plane.prototype.intersect):
(Flog.RayTracer.Shape.Plane.prototype.toString):
(Flog.RayTracer.IntersectionInfo.prototype.initialize):
(Flog.RayTracer.IntersectionInfo.prototype.toString):
(Flog.RayTracer.Camera.prototype.initialize):
(Flog.RayTracer.Camera.prototype.getRay):
(Flog.RayTracer.Camera.prototype.toString):
(Flog.RayTracer.Background.prototype.initialize):
(Flog.RayTracer.Engine.prototype.initialize):
(Flog.RayTracer.Engine.prototype.setPixel):
(Flog.RayTracer.Engine.prototype.renderScene):
(Flog.RayTracer.Engine.prototype.getPixelColor):
(Flog.RayTracer.Engine.prototype.testIntersection):
(Flog.RayTracer.Engine.prototype.getReflectionRay):
(Flog.RayTracer.Engine.prototype.rayTrace):
(renderScene):

• js/regress/script-tests/v8-raytrace-with-try-catch.js: Added.

(randomException):
(Class.create):
(Object.extend):
(Flog.RayTracer.Color.prototype.initialize):
(Flog.RayTracer.Color.prototype.add):
(Flog.RayTracer.Color.prototype.addScalar):
(Flog.RayTracer.Color.prototype.subtract):
(Flog.RayTracer.Color.prototype.multiply):
(Flog.RayTracer.Color.prototype.multiplyScalar):
(Flog.RayTracer.Color.prototype.divideFactor):
(Flog.RayTracer.Color.prototype.limit):
(Flog.RayTracer.Color.prototype.distance):
(Flog.RayTracer.Color.prototype.blend):
(Flog.RayTracer.Color.prototype.brightness):
(Flog.RayTracer.Color.prototype.toString):
(Flog.RayTracer.Light.prototype.initialize):
(Flog.RayTracer.Light.prototype.toString):
(Flog.RayTracer.Vector.prototype.initialize):
(Flog.RayTracer.Vector.prototype.copy):
(Flog.RayTracer.Vector.prototype.normalize):
(Flog.RayTracer.Vector.prototype.magnitude):
(Flog.RayTracer.Vector.prototype.cross):
(Flog.RayTracer.Vector.prototype.dot):
(Flog.RayTracer.Vector.prototype.add):
(Flog.RayTracer.Vector.prototype.subtract):
(Flog.RayTracer.Vector.prototype.multiplyVector):
(Flog.RayTracer.Vector.prototype.multiplyScalar):
(Flog.RayTracer.Vector.prototype.toString):
(Flog.RayTracer.Ray.prototype.initialize):
(Flog.RayTracer.Ray.prototype.toString):
(Flog.RayTracer.Scene.prototype.initialize):
(Flog.RayTracer.Material.BaseMaterial.prototype.initialize):
(Flog.RayTracer.Material.BaseMaterial.prototype.getColor):
(Flog.RayTracer.Material.BaseMaterial.prototype.wrapUp):
(Flog.RayTracer.Material.BaseMaterial.prototype.toString):
(Flog.RayTracer.Material.Solid.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.initialize):
(Flog.RayTracer.Material.Solid.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.getColor):
(Flog.RayTracer.Material.Solid.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.toString):
(Flog.RayTracer.Material.Solid.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial):
(Flog.RayTracer.Material.Chessboard.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.initialize):
(Flog.RayTracer.Material.Chessboard.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.getColor):
(Flog.RayTracer.Material.Chessboard.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial.toString):
(Flog.RayTracer.Material.Chessboard.prototype.Object.extend.new.Flog.RayTracer.Material.BaseMaterial):
(Flog.RayTracer.Shape.Sphere.prototype.initialize):
(Flog.RayTracer.Shape.Sphere.prototype.intersect):
(Flog.RayTracer.Shape.Sphere.prototype.toString):
(Flog.RayTracer.Shape.Plane.prototype.initialize):
(Flog.RayTracer.Shape.Plane.prototype.intersect):
(Flog.RayTracer.Shape.Plane.prototype.toString):
(Flog.RayTracer.IntersectionInfo.prototype.initialize):
(Flog.RayTracer.IntersectionInfo.prototype.toString):
(Flog.RayTracer.Camera.prototype.initialize):
(Flog.RayTracer.Camera.prototype.getRay):
(Flog.RayTracer.Camera.prototype.toString):
(Flog.RayTracer.Background.prototype.initialize):
(Flog.RayTracer.Engine.prototype.initialize):
(Flog.RayTracer.Engine.prototype.setPixel):
(Flog.RayTracer.Engine.prototype.renderScene):
(Flog.RayTracer.Engine.prototype.getPixelColor):
(Flog.RayTracer.Engine.prototype.testIntersection):
(Flog.RayTracer.Engine.prototype.getReflectionRay):
(Flog.RayTracer.Engine.prototype.rayTrace):
(renderScene):

• js/regress/v8-raytrace-with-empty-try-catch-expected.txt: Added.
• js/regress/v8-raytrace-with-empty-try-catch.html: Added.
• js/regress/v8-raytrace-with-try-catch-expected.txt: Added.
• js/regress/v8-raytrace-with-try-catch.html: Added.

4:19 PM Changeset in webkit [189994] by n_wang@apple.com

• 7 edits in trunk

AX: Implement ARIA 1.1 @aria-current on iOS
​https://bugs.webkit.org/show_bug.cgi?id=149297

Reviewed by Chris Fleizach.

Source/WebCore:

Added support for iOS to query for aria-current status.
Also, enabled aria-current.html test on iOS.

• accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper accessibilityInvalidStatus]):
(-[WebAccessibilityObjectWrapper accessibilityARIACurrentStatus]):
(-[WebAccessibilityObjectWrapper accessibilityMathRootIndexObject]):

Tools:

Added support to test aria-current on iOS.

• DumpRenderTree/ios/AccessibilityUIElementIOS.mm:

(AccessibilityUIElement::stringAttributeValue):

• WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::stringAttributeValue):

LayoutTests:

• platform/ios-simulator/TestExpectations:

4:06 PM Changeset in webkit [189993] by commit-queue@webkit.org

• 13 edits
  2 adds in trunk/Source/JavaScriptCore

Implement linear memory instructions in WebAssembly
​https://bugs.webkit.org/show_bug.cgi?id=149326

Patch by Sukolsak Sakshuwong <Sukolsak Sakshuwong> on 2015-09-18
Reviewed by Geoffrey Garen.

This patch implements linear memory instructions in WebAssembly.[1] To
use the linear memory, an ArrayBuffer must be passed to loadWebAssembly().

Notes:

• We limit the ArrayBuffer's byte length to 2^{31 - 1. This enables us to use only one comparison (unsigned greater than) to check for out-of-bounds access.}
• There is no consensus yet on what should happen when an out-of-bounds access occurs.[2] For now, we throw an error when that happens.
• In asm.js, a heap access looks like this: int32Array[i >> 2]. Note that ">> 2" is part of the syntax and is required. pack-asmjs will produce bytecodes that look something like "LoadI32, i" (not "LoadI32, ShiftRightI32, i, 2"). The requirement of the shift operator prevents unaligned accesses in asm.js. (There is a proposal to support unaligned accesses in the future version of asm.js using DataView.[3]) The WebAssembly spec allows unaligned accesses.[4] But since we use asm.js for testing, we follow asm.js's behaviors for now.

[1]: ​https://github.com/WebAssembly/design/blob/master/AstSemantics.md#linear-memory
[2]: ​https://github.com/WebAssembly/design/blob/master/AstSemantics.md#out-of-bounds
[3]: ​https://wiki.mozilla.org/Javascript:SpiderMonkey:OdinMonkey#Possible_asm.js_extensions_that_don.27t_require_new_JS_features
[4]: ​https://github.com/WebAssembly/design/blob/master/AstSemantics.md#alignment

• jit/JITOperations.cpp:
• jit/JITOperations.h:
• jsc.cpp:

(GlobalObject::finishCreation):
(functionLoadWebAssembly):

• tests/stress/wasm-linear-memory.js: Added.

(shouldBe):
(shouldThrow):

• tests/stress/wasm/linear-memory.wasm: Added.
• wasm/JSWASMModule.cpp:

(JSC::JSWASMModule::JSWASMModule):
(JSC::JSWASMModule::visitChildren):

• wasm/JSWASMModule.h:

(JSC::JSWASMModule::create):
(JSC::JSWASMModule::arrayBuffer):
(JSC::JSWASMModule::JSWASMModule): Deleted.

• wasm/WASMConstants.h:
• wasm/WASMFunctionCompiler.h:

(JSC::sizeOfMemoryType):
(JSC::WASMFunctionCompiler::MemoryAddress::MemoryAddress):
(JSC::WASMFunctionCompiler::endFunction):
(JSC::WASMFunctionCompiler::buildLoad):
(JSC::WASMFunctionCompiler::buildStore):

• wasm/WASMFunctionParser.cpp:

(JSC::WASMFunctionParser::parseStatement):
(JSC::WASMFunctionParser::parseExpressionI32):
(JSC::WASMFunctionParser::parseExpressionF32):
(JSC::WASMFunctionParser::parseExpressionF64):
(JSC::WASMFunctionParser::parseMemoryAddress):
(JSC::WASMFunctionParser::parseLoad):
(JSC::WASMFunctionParser::parseStore):

• wasm/WASMFunctionParser.h:
• wasm/WASMFunctionSyntaxChecker.h:

(JSC::WASMFunctionSyntaxChecker::MemoryAddress::MemoryAddress):
(JSC::WASMFunctionSyntaxChecker::buildLoad):
(JSC::WASMFunctionSyntaxChecker::buildStore):

• wasm/WASMModuleParser.cpp:

(JSC::WASMModuleParser::WASMModuleParser):
(JSC::WASMModuleParser::parseModule):
(JSC::parseWebAssembly):
(JSC::WASMModuleParser::parse): Deleted.

• wasm/WASMModuleParser.h:

4:05 PM Changeset in webkit [189992] by achristensen@apple.com

• 2 edits in trunk/WebKitLibraries

Remove last required use of WEBKIT_LIBRARIES environment variable on Windows
​https://bugs.webkit.org/show_bug.cgi?id=149355

Reviewed by Brent Fulgham.

• win/tools/scripts/auto-version.pl:

Use the directory of $0 (the currently executed perl script) to find the perl script instead of an environment variable.
This makes it possible to build WebKit on Windows without environment variables.

4:03 PM Changeset in webkit [189991] by achristensen@apple.com

• 2 edits in trunk/Source/WebCore

Fix Windows tests after switch to CMake.

• testing/js/WebCoreTestSupportPrefix.h:

Include cmakeconfig.h before wtf/Platform.h like we do in all the other precompiled headers
to have consistent features defined.

3:36 PM Changeset in webkit [189990] by ap@apple.com

• 2 edits in trunk/Source/WebCore

REGRESSION (r189526): Nightlies don't work on Mavericks
​https://bugs.webkit.org/show_bug.cgi?id=149215

Reviewed by Daniel Bates.

• platform/sql/SQLiteDatabase.cpp:

(WebCore::SQLiteDatabase::SQLiteDatabase): Fixed the check to work when cross-compiling
for 10.9 with 10.10 SDK.
(WebCore::SQLiteDatabase::disableThreadingChecks): Removed an obsolete version check -
WebCore has an #error elsewhere making sure that the version is higher than that.
(WebCore::SQLiteDatabase::authorizerFunction): Ditto.

3:30 PM Changeset in webkit [189989] by jacob_nielsen@apple.com

• 2 edits in trunk/LayoutTests

REGRESSION: http/tests/xmlhttprequest/timeout/xmlhttprequest-timeout-overrides.html is flaky
​https://bugs.webkit.org/show_bug.cgi?id=132388

• TestExpectations:

3:26 PM Changeset in webkit [189988] by achristensen@apple.com

• 2 edits in trunk/Source/WebCore

CMake clean build fix after r189971.

• CMakeLists.txt:

Remove Entity.idl.

3:25 PM Changeset in webkit [189987] by Antti Koivisto

• 16 edits in trunk/Source/WebCore

Support style isolation in shadow trees
​https://bugs.webkit.org/show_bug.cgi?id=149353

Reviewed by Ryosuke Niwa.

Allow ShadowRoots to have their own StyleResolvers.

This patch just adds the mechanism, all shadow roots still use the document resolver.

• css/StyleResolver.h:

(WebCore::StyleResolverParentPusher::push):
(WebCore::StyleResolverParentPusher::~StyleResolverParentPusher):

• dom/Element.cpp:

(WebCore::Element::absoluteLinkURL):
(WebCore::Element::styleResolver):

Helper function for getting the right StyleResolver for the element.

(WebCore::Element::resolveStyle):

Helper function for resolving element style.

• dom/Element.h:
• dom/ShadowRoot.cpp:

(WebCore::ShadowRoot::~ShadowRoot):
(WebCore::ShadowRoot::styleResolver):
(WebCore::ShadowRoot::cloneNode):

• dom/ShadowRoot.h:

(WebCore::ShadowRoot::resetStyleInheritance):

• editing/EditingStyle.cpp:

(WebCore::styleFromMatchedRulesForElement):

• html/HTMLTitleElement.cpp:

(WebCore::HTMLTitleElement::computedTextWithDirection):

• html/canvas/CanvasRenderingContext2D.cpp:

(WebCore::CanvasRenderingContext2D::setFont):

• inspector/InspectorCSSAgent.cpp:

(WebCore::InspectorCSSAgent::getMatchedStylesForNode):

• page/animation/KeyframeAnimation.cpp:

(WebCore::KeyframeAnimation::KeyframeAnimation):

• rendering/RenderElement.cpp:

(WebCore::RenderElement::getUncachedPseudoStyle):
(WebCore::RenderElement::containingBlockForFixedPosition):

• rendering/RenderNamedFlowFragment.cpp:

(WebCore::RenderNamedFlowFragment::checkRegionStyle):
(WebCore::RenderNamedFlowFragment::computeStyleInRegion):

• style/StyleResolveTree.cpp:

(WebCore::Style::styleForElement):

• svg/SVGElement.cpp:

(WebCore::SVGElement::customStyleForRenderer):
(WebCore::SVGElement::animatedSMILStyleProperties):

• svg/SVGElementRareData.h:

(WebCore::SVGElementRareData::overrideComputedStyle):

2:37 PM Changeset in webkit [189986] by Beth Dakin

• 2 edits in trunk/Source/WebKit2

Snapshots broken on iOS
​https://bugs.webkit.org/show_bug.cgi?id=149354

Reviewed by Tim Horton.

We need to send the IOSurface to ViewSnapshot::create() for this to work.

• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _takeViewSnapshot]):

2:30 PM Changeset in webkit [189985] by achristensen@apple.com

• 2 edits in trunk/Source/WebCore

[Win] Fix bindings tests after r189934.

Reviewed by Brent Fulgham.

• bindings/scripts/preprocessor.pm:

(applyPreprocessor):
Bindings tests use /usr/bin/gcc from cygwin, which requires different flags.
If we're using gcc to preprocess, use it like we did before r189934.

2:29 PM Changeset in webkit [189984] by commit-queue@webkit.org

• 8 edits in trunk/Source/JavaScriptCore

Implement type conversion instructions in WebAssembly
​https://bugs.webkit.org/show_bug.cgi?id=149340

Patch by Sukolsak Sakshuwong <Sukolsak Sakshuwong> on 2015-09-18
Reviewed by Mark Lam.

This patch implements some type conversion instructions in WebAssembly.
The WebAssembly spec has a lot more type conversion instructions than
what are available in asm.js.[1] We only implement the ones that are in
asm.js for now because we can only test those.

[1]: ​https://github.com/WebAssembly/design/blob/master/AstSemantics.md

• tests/stress/wasm-type-conversion.js:
• tests/stress/wasm/type-conversion.wasm:
• wasm/WASMConstants.h:
• wasm/WASMFunctionCompiler.h:

(JSC::operationConvertUnsignedInt32ToDouble):
(JSC::WASMFunctionCompiler::buildConvertType):
(JSC::WASMFunctionCompiler::callOperation):

• wasm/WASMFunctionParser.cpp:

(JSC::WASMFunctionParser::parseExpressionI32):
(JSC::WASMFunctionParser::parseExpressionF32):
(JSC::WASMFunctionParser::parseExpressionF64):
(JSC::WASMFunctionParser::parseConvertType):

• wasm/WASMFunctionParser.h:
• wasm/WASMFunctionSyntaxChecker.h:

(JSC::WASMFunctionSyntaxChecker::buildConvertType):

2:08 PM Changeset in webkit [189983] by jacob_nielsen@apple.com

• 2 edits in trunk/LayoutTests

line-break-language-sensitive tests should be marked as flaky
​https://bugs.webkit.org/show_bug.cgi?id=149349

• platform/ios-simulator/TestExpectations:

2:05 PM Changeset in webkit [189982] by eric.carlson@apple.com

• 18 edits
  4 adds
  2 deletes in trunk

[MediaStream] Finish implementing MediaDevices.enumerateDevices
​https://bugs.webkit.org/show_bug.cgi?id=149322
<rdar://problem/22750866>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: fast/mediastream/MediaDevices-enumerateDevices.html

• CMakeLists.txt: Add MediaDevicesRequest.cpp

• Modules/mediastream/MediaDeviceInfo.h: Add MediaDeviceInfoVector typedef.

• Modules/mediastream/MediaDevices.cpp:

(WebCore::MediaDevices::enumerateDevices): Use MediaDevicesRequest.

• Modules/mediastream/MediaDevices.h: EnumerateDevicePromise -> EnumerateDevicesPromise.
• Modules/mediastream/MediaDevices.idl:

• Modules/mediastream/MediaDevicesRequest.cpp: Added.

(WebCore::MediaDevicesRequest::create):
(WebCore::MediaDevicesRequest::MediaDevicesRequest):
(WebCore::MediaDevicesRequest::~MediaDevicesRequest):
(WebCore::MediaDevicesRequest::securityOrigin):
(WebCore::MediaDevicesRequest::contextDestroyed):
(WebCore::MediaDevicesRequest::start):
(WebCore::MediaDevicesRequest::didCompleteRequest):
(WebCore::MediaDevicesRequest::requestOrigin):

• Modules/mediastream/MediaDevicesRequest.h: Added.

• Modules/mediastream/MediaStreamTrackSourcesRequest.cpp:

(WebCore::MediaStreamTrackSourcesRequest::MediaStreamTrackSourcesRequest):
(WebCore::MediaStreamTrackSourcesRequest::didCompleteRequest):

• Modules/mediastream/MediaStreamTrackSourcesRequest.h:

• Modules/mediastream/UserMediaRequest.cpp:

(WebCore::UserMediaRequest::enumerateDevices): Deleted.

• Modules/mediastream/UserMediaRequest.h:

• WebCore.xcodeproj/project.pbxproj: Add MediaDevicesRequest.cpp

• platform/mediastream/MediaDevicesPrivate.cpp: Removed.
• platform/mediastream/MediaDevicesPrivate.h: Removed.

• platform/mediastream/MediaStreamCreationClient.h:
• platform/mediastream/MediaStreamTrackSourcesRequestClient.h:

(WebCore::MediaStreamTrackSourcesRequestClient::~MediaStreamTrackSourcesRequestClient):

• platform/mediastream/mac/AVCaptureDeviceManager.h:
• platform/mediastream/mac/AVCaptureDeviceManager.mm:

(WebCore::AVCaptureDeviceManager::verifyConstraintsForMediaType): Optionally take an

AVCaptureSession instead of always allocating one.

(WebCore::AVCaptureDeviceManager::bestSourcesForTypeAndConstraints): Pass the AVCaptureSession

to verifyConstraintsForMediaType.

• platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:

(WebCore::RealtimeMediaSourceCenterMac::getMediaStreamTrackSources):

• platform/mock/MockRealtimeMediaSourceCenter.cpp:

(WebCore::MockRealtimeMediaSourceCenter::getMediaStreamTrackSources):

LayoutTests:

• fast/mediastream/MediaDevices-enumerateDevices-expected.txt: Added.
• fast/mediastream/MediaDevices-enumerateDevices.html: Added.

1:57 PM Changeset in webkit [189981] by ap@apple.com

• 2 edits in trunk/Tools

iOS WebKitTestRunner frequently crashes in WKContextGetIconDatabase
​https://bugs.webkit.org/show_bug.cgi?id=149352

Reviewed by Simon Fraser.

• WebKitTestRunner/TestController.cpp: (WTR::TestController::~TestController):

m_context can be null. This may indicate a bug in webkitpy too, but
WebKitTestRunner should handle this situation nicely, there is nothing intrinsically
wrong with opening and immediately closing it.

1:55 PM Changeset in webkit [189980] by jacob_nielsen@apple.com

• 2 edits in trunk/LayoutTests

Updates to include change to iOS test expectations after bug 149187

• platform/ios-simulator/js/dom/constructor-length-expected.txt:

1:37 PM Changeset in webkit [189979] by Chris Dumez

• 2 edits in trunk/Source/WebCore

WebContent crash in WebCore::MemoryPressureHandler::releaseCriticalMemory() with GuardMalloc when preparing to suspend
​https://bugs.webkit.org/show_bug.cgi?id=149350

Reviewed by Antti Koivisto.

in MemoryPressureHandler::releaseCriticalMemory(), iterate over a copy of
Document::allDocuments() instead of iterating over allDocuments() directly.
Also make sure the Documents are ref'd inside the copy.

This is needed because clearing the StyleResolver of a Document may cause
Documents to be unref'd and removed from the allDocument() HashSet.

No new tests, already covered by existing tests.

• platform/MemoryPressureHandler.cpp:

(WebCore::MemoryPressureHandler::releaseCriticalMemory):

1:31 PM Changeset in webkit [189978] by Brent Fulgham

• 2 edits in trunk/Source/WebCore

[Win] Unreviewed build fix.

Non-cmake build does not include quotes in the file path, so a search
operation always failed.

• bindings/scripts/preprocessor.pm:

(applyPreprocessor):

1:00 PM Changeset in webkit [189977] by dbates@webkit.org

• 2 edits in trunk/Tools

isGitSVNDirectory() returns true when Git is not installed
​https://bugs.webkit.org/show_bug.cgi?id=149351

Reviewed by Alexey Proskuryakov.

Fixes an issue where VCSUtils::isGitSVNDirectory() returns true for any arbitrary directory if
Git is not installed on the machine.

• Scripts/VCSUtils.pm:

(isGitSVNDirectory): Ensure that git config --get svn-remote.svn.fetch 2>& 1 exits with
status code 0 (success).

12:31 PM Changeset in webkit [189976] by Chris Dumez

• 4 edits in trunk

REGRESSION (r182449, Mavericks ONLY): Pages re-open empty after swiping back and scrolling on them
​https://bugs.webkit.org/show_bug.cgi?id=149317
<rdar://problem/22521514>

Reviewed by Tim Horton.

Source/WebCore:

Disable on Mavericks a PageCache optimization from r182449 which lets
into PageCache pages that only have certain types of pending loads
(images and XHR). This is because it has been determined via bisection
that this change is the one that introduced the bug on Mavericks.

• loader/DocumentLoader.cpp:

(WebCore::areAllLoadersPageCacheAcceptable):

LayoutTests:

Skip a couple of PageCache layout tests on Mavericks now that a PageCache
optimization has been disabled.

• platform/mac/TestExpectations:

11:35 AM Changeset in webkit [189975] by Alan Bujtas

• 2 edits in trunk/LayoutTests

Unreviewed iOS gardening.

• platform/ios-simulator/TestExpectations:

11:23 AM Changeset in webkit [189974] by Brent Fulgham

• 8 edits in trunk/Source

[Win] Use tiled drawing for main background layer
​https://bugs.webkit.org/show_bug.cgi?id=149347
<rdar://problem/22759632>

Reviewed by Alex Christensen.

Source/WebCore:

Turn on tiled drawing for the root layer when using
accelerated compositing on Windows.

• page/Frame.h: Export the 'isMainFrame' method so that

it can be used by WebKit.dll.

• platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::getDebugBorderInfo): Use a full
pixel width on Windows, since it doesn't support High DPI (yet).

• platform/graphics/ca/win/PlatformCALayerWin.cpp:

(PlatformCALayerWin::create): Use nullptr.
(toCACFFilterType): Ditto.
(layerTreeHostForLayer): Ditto.
(PlatformCALayer::platformCALayer): Ditto.

(PlatformCALayerWin::PlatformCALayerWin): Use the correct contents scaling

factor for new layers.
(PlatformCALayerWin::animationForKey): Use nullptr.

• platform/graphics/ca/win/WebTiledBackingLayerWin.cpp:

(WebTiledBackingLayerWin::displayCallback): Update assertion to
recognize LayerTypePageTiledBackingLayer as a valid layer to be used
in this display routine.

Source/WebKit/win:

Instruct WebCore to use tiled drawing for the root layer
of the display.

• WebCoreSupport/WebChromeClient.cpp:

(WebChromeClient::shouldUseTiledBackingForFrameView): Added.

• WebCoreSupport/WebChromeClient.h:

11:00 AM Changeset in webkit [189973] by achristensen@apple.com

• 3 edits in trunk/Tools

Prevent build-webkit from building four times on Windows
​https://bugs.webkit.org/show_bug.cgi?id=149336

Reviewed by Brent Fulgham.

• Scripts/build-webkit:

Move the Windows code out of the for loop iterating over each subdirectory to be build.
They're built all at once.

• Scripts/webkitdirs.pm:

(buildVisualStudioProject):
(cmakeGeneratedBuildfile):
Don't generate the Visual Studio solution if it already exists.
It will run CMake again if necessary.

11:00 AM Changeset in webkit [189972] by achristensen@apple.com

• 3 edits
  1 add in trunk

Fix tests on Windows after switching to CMake.
​https://bugs.webkit.org/show_bug.cgi?id=149339

Reviewed by Brent Fulgham.

.:

• Source/PlatformWin.cmake: Added to copy WebInspectorUI.

Source/JavaScriptCore:

• shell/PlatformWin.cmake:

Build testapi and testRegExp (which doesn't seem to be used any more).

10:23 AM Changeset in webkit [189971] by Chris Dumez

• 40 edits in trunk

Drop support for Entity Node type
​https://bugs.webkit.org/show_bug.cgi?id=149239

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline W3C DOM test now that a new check is passing.

• web-platform-tests/dom/historical-expected.txt:

Source/WebCore:

Drop support for Entity DOM type. This legacy type has been dropped in
DOM4:

• ​https://dom.spec.whatwg.org/#dom-core-changes

Chrome [1] and Firefox [2] already dropped it. There is currently no
way to construct an Entity Node in WebKit.

[1] ​https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/k3tZGP2EANc
[2] ​https://developer.mozilla.org/en-US/docs/Web/API/Entity

No new tests, already covered by existing W3C test.

• DerivedSources.cpp:
• WebCore.xcodeproj/project.pbxproj:
• bindings/gobject/WebKitDOMPrivate.cpp:

(WebKit::wrap): Deleted.

• bindings/js/JSNodeCustom.cpp:

(WebCore::createWrapperInline): Deleted.

• bindings/objc/DOM.mm:

(kitClass): Deleted.

• dom/Document.cpp:

(WebCore::Document::importNode): Deleted.
(WebCore::Document::adoptNode): Deleted.
(WebCore::Document::childTypeAllowed): Deleted.
(WebCore::Document::canAcceptChild): Deleted.

• dom/Entity.h:
• dom/Entity.idl:
• dom/Node.cpp:

(WebCore::Node::isDefaultNamespace): Deleted.
(WebCore::Node::lookupPrefix): Deleted.
(WebCore::Node::lookupNamespaceURI): Deleted.
(WebCore::appendTextContent): Deleted.
(WebCore::Node::setTextContent): Deleted.

• dom/Node.h:
• dom/Range.cpp:

(WebCore::lengthOfContentsInNode): Deleted.
(WebCore::Range::processContentsBetweenOffsets): Deleted.
(WebCore::Range::insertNode): Deleted.
(WebCore::Range::checkNodeWOffset): Deleted.
(WebCore::Range::checkNodeBA): Deleted.
(WebCore::Range::selectNode): Deleted.
(WebCore::Range::selectNodeContents): Deleted.
(WebCore::Range::surroundContents): Deleted.

• editing/MarkupAccumulator.cpp:

(WebCore::MarkupAccumulator::appendStartMarkup): Deleted.

• xml/XPathUtil.cpp:

(WebCore::XPath::isValidContextNode): Deleted.

Source/WebKit2:

Stop handling the Entity node type.

• WebProcess/InjectedBundle/API/mac/WKDOMInternals.mm:

LayoutTests:

Rebaseline / update layout tests now that we no longer expose the
Entity type to the Web.

• fast/dom/Window/get-set-properties-expected.txt:
• fast/dom/Window/get-set-properties.html:
• fast/dom/Window/resources/window-properties.js:
• fast/dom/Window/window-lookup-precedence-expected.txt:
• fast/dom/dom-constructors-expected.txt:
• fast/dom/dom-constructors.html:
• platform/gtk/fast/dom/Window/window-lookup-precedence-expected.txt:
• platform/mac/fast/dom/Window/window-lookup-precedence-expected.txt:

10:16 AM Changeset in webkit [189970] by BJ Burg

• 32 edits in trunk/Source

ASSERT(!m_frontendRouter->hasLocalFrontend()) when running Web Inspector tests
​https://bugs.webkit.org/show_bug.cgi?id=149006
Source/JavaScriptCore:

Reviewed by Joseph Pecoraro.

Prior to disconnecting, we need to know how many frontends remain connected.

• inspector/InspectorFrontendRouter.h: Add frontendCount().

Source/WebCore:

Reviewed by Joseph Pecoraro.

The patch fixes two defects:

(1) the stub inspector frontend is not closed reliably when a test times out
(2) frontend clients and channels are sometimes connected to the wrong controllers

When an inspector test times out, the test runner requests (via the inspected page's controller)
that the inspector close. But, the stub frontend works independently of InspectorClient,
so the inspected page's InspectorController cannot close the stub frontend. The assertion
failed because the stub frontend's channel was still connected to the inspected page's controller.

The fix is to route requests for the inspector window to close through the FrontendClient's
closeWindow() method rather than InspectorClient, so that the stub frontend can react.
The other code paths (i.e., through close() and closeLocalFrontend()) have been removed.

Now that the stub frontend eagerly closes its channel before the Page gets GC'd, several
methods invoked during test teardown must be reordered to avoid using dangling pointers.

The stub frontend in Internals has been rewritten to properly disconnect itself
from both the frontend and inspected page's inspector controllers.

While fixing this bug, I noticed that we are inconsistent about which inspector controller
(the inspected page's or the frontend page's) receives the FrontendClient and which takes
FrontendChannels. It is now the case for all configurations that the FrontendClient is
connected to the frontend page's inspector controller, and FrontendChannels are connected
to the inspected page's inspector controller. In the WK2 case, the Inspector Process
has an attached frontend client, and its inspected Web Process has frontend channels.

No new tests, covered by existing tests.

• inspector/InspectorClient.h:
• inspector/InspectorController.cpp:

(WebCore::InspectorController::~InspectorController):
(WebCore::InspectorController::inspectedPageDestroyed):

This method is called from Page::~Page, so we should disconnect all frontends now
before subframes are detached from the page, making InspectorController inaccessible.

(WebCore::InspectorController::disconnectFrontend):

The teardown branch was never being run before, because we never disconnected the
frontend's channel correctly. Some agents use the overlay during teardown, so notify
agents before releasing the overlay page.

(WebCore::InspectorController::disconnectAllFrontends):

The actions from close() are inlined and rearranged here, similar to disconnectFrontend.
We have to notify agents before removing InspectorClient as some agents make use of it.

(WebCore::InspectorController::close): Deleted.
(WebCore::InspectorController::show): This assertion is vacuously true now.

• inspector/InspectorFrontendClientLocal.cpp:

(WebCore::InspectorFrontendClientLocal::inspectedPage): Added. Used by stub frontend.

• inspector/InspectorFrontendClientLocal.h:

(WebCore::InspectorFrontendClientLocal::frontendPage): Added.

• loader/EmptyClients.h:
• page/Page.cpp:

(WebCore::Page::~Page):

Notify inspector before detaching frames, otherwise it will not be possible to
cleanly disconnect the stub frontend's channel.

• testing/Internals.cpp:

Rewrite the stub frontend to better encapsulate its setup and teardown logic.

(WebCore::InspectorStubFrontend::frontendPage): Added.
(WebCore::InspectorStubFrontend::InspectorStubFrontend): Added.
(WebCore::InspectorStubFrontend::~InspectorStubFrontend): Added.
(WebCore::InspectorStubFrontend::closeWindow): Added.
(WebCore::InspectorStubFrontend::sendMessageToFrontend): Added.
(WebCore::Internals::openDummyInspectorFrontend):
(WebCore::Internals::closeDummyInspectorFrontend):
(WebCore::InspectorFrontendClientDummy::~InspectorFrontendClientDummy): Deleted.
(WebCore::InspectorFrontendClientDummy::InspectorFrontendClientDummy): Deleted.
(WebCore::InspectorFrontendChannelDummy::~InspectorFrontendChannelDummy): Deleted.
(WebCore::InspectorFrontendChannelDummy::InspectorFrontendChannelDummy): Deleted.
(WebCore::InspectorFrontendChannelDummy::sendMessageToFrontend): Deleted.

• testing/Internals.h:

Source/WebKit/ios:

Reviewed by Joseph Pecoraro.

• WebCoreSupport/WebInspectorClientIOS.mm:

(WebInspectorClient::closeLocalFrontend): Deleted.
(WebInspectorFrontendClient::disconnectFromBackend): Deleted.

Source/WebKit/mac:

Reviewed by Joseph Pecoraro.

WK1 WebInspectorClient was connecting to the wrong controllers. Fix this, and
remove extra code paths for closing the frontend.

• WebCoreSupport/WebInspectorClient.h:
• WebCoreSupport/WebInspectorClient.mm:

(-[WebInspectorWindowController destroyInspectorView]):

Disconnect the FrontendClient from the frontend page's inspector controller.
Do this teardown before releasing the frontend, otherwise we can't use it.

(WebInspectorClient::inspectedPageDestroyed): Deleted.
(WebInspectorClient::closeLocalFrontend): Deleted.
(WebInspectorFrontendClient::disconnectFromBackend): Deleted.

• WebInspector/WebInspector.mm:

(-inspectedWebViewClosed):

Make sure to close ourself if the inspected page closes.

(-close:):

Go through the frontend instead of InspectorController.

• WebInspector/WebInspectorFrontend.h:
• WebInspector/WebInspectorFrontend.mm:

(-[WebInspectorFrontend close]):

Source/WebKit/win:

Reviewed by Joseph Pecoraro.

• WebCoreSupport/WebInspectorClient.cpp:

(WebInspectorFrontendClient::destroyInspectorView):

Disconnect the FrontendClient from the frontend page's inspector controller.
Do this teardown before releasing the frontend, otherwise we can't use it.

(WebInspectorFrontendClient::onClose):
(WebInspectorClient::inspectedPageDestroyed): Deleted.
(WebInspectorClient::closeLocalFrontend): Deleted.

• WebCoreSupport/WebInspectorClient.h: Drive-by cleanup for class declarations.
• WebInspector.cpp:

(WebInspector::close):

Go through the frontend instead of InspectorController.

Source/WebKit2:

<rdar://problem/22654257>
<rdar://problem/22631369>

Reviewed by Joseph Pecoraro.

Stop using InspectorController to close the frontend page. Go through
the FrontendClient instead. Reduce redundant code paths.

This change seems to fix some recent crashes that were seen when
closing Safari with Web Inspector open. These were caused by the frontend
channel not being disconnected at the right time.

• WebProcess/WebCoreSupport/WebInspectorClient.cpp:

(WebKit::WebInspectorClient::inspectedPageDestroyed):
(WebKit::WebInspectorClient::closeLocalFrontend): Deleted.

• WebProcess/WebCoreSupport/WebInspectorClient.h:
• WebProcess/WebPage/WebInspector.cpp:

(WebKit::WebInspector::close):

• WebProcess/WebPage/WebInspectorUI.cpp:

(WebKit::WebInspectorUI::establishConnection):

Save a pointer to the frontend's InspectorController since we may
need to use it while the page is being destructed and its getter
is no longer accessible.

(WebKit::WebInspectorUI::closeWindow):

Explicitly remove the frontend client when closing the frontend.

• WebProcess/WebPage/WebInspectorUI.h:
• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::inspector):

Allow clients to specify whether an inspector should be eagerly created.
Without this, we may accidentally create an instance during teardown.

• WebProcess/WebPage/WebPage.h:

9:53 AM Changeset in webkit [189969] by Chris Dumez

• 9 edits
  3 adds in trunk

classList.toggle(name, force) treats undefined force argument as false
​https://bugs.webkit.org/show_bug.cgi?id=148582
<rdar://problem/22545600>

Reviewed by Ryosuke Niwa.

Source/WebCore:

classList.toggle(name, force) treats undefined force argument as false.
However, according to the Web IDL specification, we should treat undefined
as if the value was missing for optional parameters that do not have a
default value:
​https://heycam.github.io/webidl/#dfn-overload-resolution-algorithm (Step 14.4).

For optional parameters that have a default value, undefined should be
converted into the default value. This is supported as of r189957.

In this patch, we use custom bindings to provide a spec-compliant version
of DOMTokenList.toggle(). Unfortunately, adding such support in the
bindings generator would be a non-trivial task (I guess, we would have to
generalize using WTF::Optional<> type for all optional parameters in our
implementation. Also we cannot use the default value support added in
r189957 because the toggle() implementation needs to be able to
distinguish all 3 states for the 'force' parameter: true, false or
missing.

The new behavior matches the behavior of Firefox and the specification.

Test: fast/dom/Element/class-list-toggle.html

• CMakeLists.txt:
• WebCore.vcxproj/WebCore.vcxproj:
• WebCore.vcxproj/WebCore.vcxproj.filters:
• WebCore.xcodeproj/project.pbxproj:
• bindings/js/JSBindingsAllInOne.cpp:
• bindings/js/JSDOMTokenListCustom.cpp: Added.

(WebCore::JSDOMTokenList::toggle):

• html/DOMTokenList.h:
• html/DOMTokenList.idl:

LayoutTests:

Add decent test coverage for DOMTokenList.toggle() via Element.classList.

• fast/dom/Element/class-list-toggle-expected.txt: Added.
• fast/dom/Element/class-list-toggle.html: Added.

9:43 AM WebInspectorCodingStyleGuide edited by BJ Burg

update arrow function guidance (diff)

9:38 AM Changeset in webkit [189968] by Yusuke Suzuki

• 3 edits in trunk/Source/JavaScriptCore

Explicitly specify builtin JS files dependency
​https://bugs.webkit.org/show_bug.cgi?id=149323

Reviewed by Alex Christensen.

JSCBuiltins.{h,cpp} in CMakeLists.txt and DerivedSources.make just depend on the builtins directory.
As a result, even if we modify builtins/*.js code, regenerating JSCBuiltins.{h,cpp} does not occur.
As the same to the cpp sources, let's list up the JS files explicitly.

• CMakeLists.txt:
• DerivedSources.make:

9:21 AM Changeset in webkit [189967] by msaboff@apple.com

• 19 edits
  3 deletes in trunk/Source/JavaScriptCore

Remove register preservation and restoration stub code
​https://bugs.webkit.org/show_bug.cgi?id=149335

Reviewed by Mark Lam.

Delete the register preservation and restoration thunks and related plumbing.

Much of this change is removing the unneeded RegisterPreservationMode parameter
from various functions.

• CMakeLists.txt:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
• JavaScriptCore.xcodeproj/project.pbxproj:
• bytecode/CallLinkInfo.h:

(JSC::CallLinkInfo::isVarargsCallType):
(JSC::CallLinkInfo::CallLinkInfo):
(JSC::CallLinkInfo::isVarargs):
(JSC::CallLinkInfo::isLinked):
(JSC::CallLinkInfo::setUpCallFromFTL):
(JSC::CallLinkInfo::registerPreservationMode): Deleted.

• ftl/FTLJITCode.cpp:

(JSC::FTL::JITCode::initializeAddressForCall):
(JSC::FTL::JITCode::addressForCall):

• ftl/FTLJITCode.h:
• ftl/FTLOSREntry.cpp:

(JSC::FTL::prepareOSREntry):

• ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileStub):

• jit/JITCode.cpp:

(JSC::JITCode::execute):
(JSC::DirectJITCode::initializeCodeRef):
(JSC::DirectJITCode::addressForCall):
(JSC::NativeJITCode::initializeCodeRef):
(JSC::NativeJITCode::addressForCall):
(JSC::DirectJITCode::ensureWrappers): Deleted.

• jit/JITCode.h:

(JSC::JITCode::jitTypeFor):
(JSC::JITCode::executableAddress):

• jit/JITOperations.cpp:
• jit/RegisterPreservationWrapperGenerator.cpp: Removed.
• jit/RegisterPreservationWrapperGenerator.h: Removed.
• jit/Repatch.cpp:

(JSC::linkPolymorphicCall):

• jit/ThunkGenerators.cpp:

(JSC::virtualThunkFor):

• jit/ThunkGenerators.h:
• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::entryOSR):
(JSC::LLInt::setUpCall):

• runtime/Executable.cpp:

(JSC::ExecutableBase::clearCode):
(JSC::ScriptExecutable::installCode):
(JSC::WebAssemblyExecutable::prepareForExecution):

• runtime/Executable.h:

(JSC::ExecutableBase::generatedJITCodeFor):
(JSC::ExecutableBase::entrypointFor):
(JSC::ExecutableBase::offsetOfJITCodeWithArityCheckFor):

• runtime/RegisterPreservationMode.h: Removed.

7:20 AM WebKitGTK/2.10.x edited by clopez@igalia.com

(diff)

7:07 AM WebKitGTK/2.10.x edited by clopez@igalia.com

(diff)

6:27 AM Changeset in webkit [189966] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebKit2

Fix build with --no-indexed-database after r189831
​https://bugs.webkit.org/show_bug.cgi?id=149342

Patch by Emanuele Aina <Emanuele Aina> on 2015-09-18
Reviewed by Csaba Osztrogonác.

• WebProcess/Databases/WebDatabaseProvider.h:

Add ENABLE(INDEXED_DATABASE) guard around supportsModernIDB().