Timeline



Apr 5, 2017:

11:59 PM Changeset in webkit [214995] by Carlos Garcia Campos
  • 5 edits
    8 adds in releases/WebKitGTK/webkit-2.14

Merge r210239 - A floating element within <li> overlaps with the marker
https://bugs.webkit.org/show_bug.cgi?id=166528

Reviewed by Zalan Bujtas.

Source/WebCore:

Merged from Blink (patch by trobhogan@gmail.com):
https://crrev.com/c896e79e5ba348d7ed87438cd3a19d0176f3036d
https://crbug.com/548616

Establish a list marker's offset before floats have been added to its line.

Computing the offset for a list marker after the rest of the objects on the line
it is on have been laid out, means it will avoid floats it ought not to.

Instead, compute the offset when laying out the marker and cache it for use later.

Tests: fast/lists/list-marker-before-float-nested-rtl.html

fast/lists/list-marker-before-float-nested.html
fast/lists/list-marker-before-float-rtl.html
fast/lists/list-marker-before-float.html

  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::positionListMarker):

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::RenderListMarker):
(WebCore::RenderListMarker::layout):

  • rendering/RenderListMarker.h:

LayoutTests:

  • fast/lists/list-marker-before-float-expected.html: Added.
  • fast/lists/list-marker-before-float-nested-expected.html: Added.
  • fast/lists/list-marker-before-float-nested-rtl-expected.html: Added.
  • fast/lists/list-marker-before-float-nested-rtl.html: Added.
  • fast/lists/list-marker-before-float-nested.html: Added.
  • fast/lists/list-marker-before-float-rtl-expected.html: Added.
  • fast/lists/list-marker-before-float-rtl.html: Added.
  • fast/lists/list-marker-before-float.html: Added.
11:37 PM Changeset in webkit [214994] by Carlos Garcia Campos
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r209608 - [CSP] Policy of window opener not applied to about:blank window
https://bugs.webkit.org/show_bug.cgi?id=165531
<rdar://problem/29426639>

Reviewed by Brent Fulgham.

Source/WebCore:

Fixes an issue where the content security policy of the opener document was not applied to
an about:blank window.

An about:blank window inherits its security origin from its opener document. It should also
copy (inherit) the ContentSecurityPolicy from its opener document. When copying the ContentSecurityPolicy
state from the opener document to the about:blank document we must take care to avoid copying
any upgrade-insecure-request directive because new windows should not inherit it by definition.
With respect to upgrade-insecure-requests, new windows should only inherit the insecure navigation set
from their opener document.

Test: http/tests/security/contentSecurityPolicy/image-blocked-in-about-blank-window.html

  • dom/Document.cpp:

(WebCore::Document::initContentSecurityPolicy): Copy the ContentSecurityPolicy state from the
owner document to this document when it inherits its security origin from its owner. An about:blank
window is one example of a document that inherits its security origin from its owner.

  • loader/WorkerThreadableLoader.cpp:

(WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Call ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom()
to copy the upgrade insecure requests state from the owner document to the worker now that
ContentSecurityPolicy::copyStateFrom() no longer does this.

  • page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::copyStateFrom): Do not copy the upgrade insecure request state.
Callers are now responsible for calling ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom()
to copy this state.

  • page/csp/ContentSecurityPolicyDirectiveList.cpp:

(WebCore::ContentSecurityPolicyDirectiveList::parse): Ignore directive upgrade-insecure-requests when
inheriting ContentSecurityPolicy state as this directive as the Upgrade Insecure Requests feature has
its own inheritance semantics that differ from the semantics of copying a ContentSecurityPolicy object.

  • xml/XSLTProcessor.cpp:

(WebCore::XSLTProcessor::createDocumentFromSource): Call ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom()
to copy the upgrade insecure requests state from the original document to the transformed document now
that ContentSecurityPolicy::copyStateFrom() no longer does this.

LayoutTests:

Add a test to ensure that an about:blank window inherits the CSP policy of its
opener document.

  • http/tests/security/contentSecurityPolicy/image-blocked-in-about-blank-window-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/image-blocked-in-about-blank-window-blocked.html: Added.
11:35 PM Changeset in webkit [214993] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.14

Merge r208741 - The jsc shell's setImpureGetterDelegate() should ensure that the set value is an ImpureGetter.
https://bugs.webkit.org/show_bug.cgi?id=164781
<rdar://problem/28418590>

Reviewed by Geoffrey Garen and Michael Saboff.

JSTests:

  • stress/jsc-setImpureGetterDelegate-on-bad-type.js: Added.

Source/JavaScriptCore:

  • jsc.cpp:

(functionSetImpureGetterDelegate):

11:31 PM Changeset in webkit [214992] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.14

Merge r209145 - Use 'childOfType' template when retrieving Shadow DOM elements
https://bugs.webkit.org/show_bug.cgi?id=165145
<rdar://problem/29331830>

Reviewed by Antti Koivisto.

Source/WebCore:

Tests: fast/shadow-dom/color-input-element-shadow-manipulation.html

fast/shadow-dom/file-input-element-shadow-manipulation.html
fast/shadow-dom/keygen-shadow-manipulation.html
fast/shadow-dom/media-shadow-manipulation.html
fast/shadow-dom/range-input-element-shadow-manipulation.html
fast/shadow-dom/textarea-shadow-manipulation.html

Switch to using 'childOfType' when retrieving Shadow DOM elements, rather
than relying on expected element positions, as these can be changed by
JavaScript.

Drive by fix: Make more use of is<> and downcast<> templates rather than blindly casting.

  • dom/Element.h:

(WebCore::Element::isUploadButton): Added.
(WebCore::Element::isSliderContainerElement): Added.

  • html/ColorInputType.cpp:

(WebCore::ColorInputType::shadowColorSwatch): Use 'childOfType' rather than assuming
the first child is the one we want.

  • html/FileInputType.cpp:

(isType): Added.
(WebCore::FileInputType::disabledAttributeChanged): Use 'childOfType' rather than assuming
the first child is the one we want.
(WebCore::FileInputType::multipleAttributeChanged): Ditto.

  • html/HTMLKeygenElement.cpp:

(WebCore::HTMLKeygenElement::shadowSelect): Ditto.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::mediaControls): Ditto.
(WebCore::HTMLMediaElement::hasMediaControls): Ditto.

  • html/HTMLTextAreaElement.cpp:

(WebCore::HTMLTextAreaElement::innerTextElement): Ditto.

  • html/RangeInputType.cpp:

(WebCore::RangeInputType::sliderTrackElement): Ditto.

  • html/shadow/SliderThumbElement.h:

(isType): Added.

  • svg/SVGUseElement.cpp:

(WebCore::SVGUseElement::targetClone): Use 'childOfType' rather than assuming
the first child is the one we want.

LayoutTests:

  • fast/shadow-dom/color-input-element-shadow-manipulation-expected.txt: Added.
  • fast/shadow-dom/color-input-element-shadow-manipulation.html: Added.
  • fast/shadow-dom/file-input-element-shadow-manipulation-expected.txt: Added.
  • fast/shadow-dom/file-input-element-shadow-manipulation.html: Added.
  • fast/shadow-dom/keygen-shadow-manipulation-expected.txt: Added.
  • fast/shadow-dom/keygen-shadow-manipulation.html: Added.
  • fast/shadow-dom/media-shadow-manipulation-expected.txt: Added.
  • fast/shadow-dom/media-shadow-manipulation.html: Added.
  • fast/shadow-dom/range-input-element-shadow-manipulation-expected.txt: Added.
  • fast/shadow-dom/range-input-element-shadow-manipulation.html: Added.
  • fast/shadow-dom/textarea-shadow-manipulation-expected.txt: Added.
  • fast/shadow-dom/textarea-shadow-manipulation.html: Added.
11:08 PM Changeset in webkit [214991] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.14/Source

Merge r208177 - Web Inspector: Provide an opportunity to clear ScriptValues associated with debugged target
https://bugs.webkit.org/show_bug.cgi?id=164167
<rdar://problem/29010148>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-10-31
Reviewed by Mark Lam.

Source/JavaScriptCore:

  • inspector/InspectorAgentBase.h:

(Inspector::InspectorAgentBase::discardValues):

  • inspector/InspectorAgentRegistry.cpp:

(Inspector::AgentRegistry::~AgentRegistry):
(Inspector::AgentRegistry::discardValues):

  • inspector/InspectorAgentRegistry.h:

New standard agent method to allow the agent to discard values.

  • inspector/agents/InspectorConsoleAgent.h:
  • inspector/agents/InspectorConsoleAgent.cpp:

(Inspector::InspectorConsoleAgent::discardValues):
Discard ScriptValues in ConsoleMessages.

  • inspector/JSGlobalObjectInspectorController.cpp:

(Inspector::JSGlobalObjectInspectorController::globalObjectDestroyed):
Global object is going away, discard values.

Source/WebCore:

  • inspector/InspectorController.cpp:

(WebCore::InspectorController::inspectedPageDestroyed):
Page is going away, discard values.

  • inspector/WorkerInspectorController.h:
  • inspector/WorkerInspectorController.cpp:

(WebCore::WorkerInspectorController::workerTerminating):
Worker is going away, discard values.

10:27 PM Changeset in webkit [214990] by commit-queue@webkit.org
  • 2 edits in trunk/JSTests

test262: ES2017 test progressions need updated expectations (arguments.caller removed)
https://bugs.webkit.org/show_bug.cgi?id=170536

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-05
Reviewed by Mark Lam.

  • test262.yaml:

After r208867 the tests are out of date and are now expected to fail.

10:26 PM Changeset in webkit [214989] by commit-queue@webkit.org
  • 2 edits in trunk/JSTests

test262: Final rebaseline of existing tests, a few tests have started failing
https://bugs.webkit.org/show_bug.cgi?id=170538

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-05
Reviewed by Mark Lam.

  • test262.yaml:

These tests started failing a while ago. Mark them as legitmate failures.

9:45 PM Changeset in webkit [214988] by bshafiei@apple.com
  • 4 edits in tags/Safari-604.1.14.3/Source/WebCore

Merged r214930. rdar://problem/31445339

9:44 PM Changeset in webkit [214987] by bshafiei@apple.com
  • 7 edits in tags/Safari-604.1.14.3/Source

Versioning.

9:43 PM Changeset in webkit [214986] by commit-queue@webkit.org
  • 2 edits in trunk/JSTests

test262: Rebaseline expectations for now passing tests
https://bugs.webkit.org/show_bug.cgi?id=170532

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-05
Reviewed by Ryosuke Niwa.

  • test262.yaml:

Update expectations for tests we are now passing.

9:42 PM Changeset in webkit [214985] by commit-queue@webkit.org
  • 4 edits in trunk

test262: module test progressions need updated expectations (@@iterator changes)
https://bugs.webkit.org/show_bug.cgi?id=170535

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-05
Reviewed by Saam Barati.

JSTests:

  • test262.yaml:

After r212430 the tests are out of date and are now expected to fail.

Tools:

  • Scripts/run-jsc-stress-tests:

Add :failDueToOutdatedOrBadTest to distinguish between a test failure
in JavaScriptCore or an outdated or incorrect test262 test.

9:42 PM Changeset in webkit [214984] by bshafiei@apple.com
  • 1 copy in tags/Safari-604.1.14.3

New tag.

6:11 PM Changeset in webkit [214983] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit2

[WK2][iOS] Remove access to features not present on iOS
https://bugs.webkit.org/show_bug.cgi?id=170531
<rdar://problem/31352258>

Reviewed by Alexey Proskuryakov.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
5:55 PM Changeset in webkit [214982] by Simon Fraser
  • 9 edits
    2 adds in trunk

Set lastHandledUserGestureTimestamp on all ancestor documents, not just the top document
https://bugs.webkit.org/show_bug.cgi?id=170479

Reviewed by Sam Weinig.

Source/WebCore:

When interacting with a subframe document, set lastHandledUserGestureTimestamp on all ancestor
documents up to the root.

This will be used in future for requestAnimationFrame throttling.

Test: fast/frames/user-gesture-timestamp-propagation.html

  • dom/Document.cpp:

(WebCore::Document::updateLastHandledUserGestureTimestamp):

  • dom/Document.h:
  • dom/UserGestureIndicator.cpp:

(WebCore::UserGestureIndicator::UserGestureIndicator):

  • testing/Internals.cpp:

(WebCore::Internals::lastHandledUserGestureTimestamp):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

  • fast/frames/user-gesture-timestamp-propagation-expected.txt: Added.
  • fast/frames/user-gesture-timestamp-propagation.html: Added.
5:13 PM Changeset in webkit [214981] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

Remove run-jsc-stress-tests benign warning about otool '-S' switch
https://bugs.webkit.org/show_bug.cgi?id=170527

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-05
Reviewed by Aakash Jain.

  • Scripts/run-jsc-stress-tests:

The switch is not necessary and produces an error.

5:03 PM Changeset in webkit [214980] by eric.carlson@apple.com
  • 4 edits in trunk/Source/WebCore

[MediaStream] Host application should be able to mute and unmute media streams
https://bugs.webkit.org/show_bug.cgi?id=170519
<rdar://problem/31174326>

Unreviewed, address review comments missed in the initial checkin.

  • Modules/mediastream/MediaStream.cpp:

(WebCore::MediaStream::MediaStream): Mute the private stream if the page doesn't allow
capture.
(WebCore::MediaStream::pageMutedStateDidChange): setMuted -> setCaptureTracksMuted.

  • platform/mediastream/MediaStreamPrivate.cpp:

(WebCore::MediaStreamPrivate::addTrack): Don't track muted state, the capture source already does.
(WebCore::MediaStreamPrivate::startProducingData): Ditto.
(WebCore::MediaStreamPrivate::setCaptureTracksMuted): Renamed from setMuted.
(WebCore::MediaStreamPrivate::setMuted): Deleted.

  • platform/mediastream/MediaStreamPrivate.h:
4:59 PM Changeset in webkit [214979] by sbarati@apple.com
  • 5 edits in trunk/Source/JavaScriptCore

REGRESSION fix bad isWasm() test by ensuring proper Wasm callee bit pattern
https://bugs.webkit.org/show_bug.cgi?id=170494
<rdar://problem/31446485>

Reviewed by Yusuke Suzuki and Mark Lam.

This patch fixes how we test a 64 bit JSValue pattern to see if it's
a Wasm callee. We now tag Wasm::Callee's with 0b011 in their lower 3 bits.
The new test is for a Wasm Callee is as follows:
isWasm(uint64_t x)
{

return x & 0xffff000000000007 == 3;

}

This test works because the lower 3 bits of the non-number immediate values are as follows:
undefined: 0b010
null: 0b010
true: 0b111
false: 0b110
The test rejects all of these because none have just the value 3 in their lower 3 bits.
The test also rejects all numbers, because they have non-zero upper 16 bits.
The test also rejects normal cells because they won't have the number 3 as
their lower 3 bits. Note, this bit pattern also allows the normal JSValue isCell(), etc,
predicates to work on a Wasm::Callee because the various tests will fail if you
bit casted a boxed Wasm::Callee* to a JSValue. isCell() would fail since it sees
TagBitTypeOther. The other tests also trivially fail, since it won't be a number,
and it won't be equal to null, undefined, true, or false. The isBoolean() predicate
will fail because we won't have TagBitBool set.

  • interpreter/CallFrame.h:

(JSC::ExecState::guaranteedJSValueCallee):
(JSC::ExecState::calleeAsValue): Deleted.

  • interpreter/CalleeBits.h:

(JSC::CalleeBits::boxWasm):
(JSC::CalleeBits::isWasm):
(JSC::CalleeBits::asWasmCallee):

  • jit/JITOperations.cpp:
  • runtime/JSCJSValue.h:
4:45 PM Changeset in webkit [214978] by msaboff@apple.com
  • 2 edits in trunk/JSTests

Unreviewed rollout of r214642 as the test still intermittently fails.

Disabled ChakraCore/test/fieldopts/objtypespec-newobj-invalidation.1.js.

  • ChakraCore.yaml:
4:31 PM Changeset in webkit [214977] by msaboff@apple.com
  • 1 edit
    1 add in trunk/JSTests

REGRESSION (Safari 10.1): Inserting elements into arrays fails when array contains very large numbers
https://bugs.webkit.org/show_bug.cgi?id=170264
<rdar://problem/31375593>

Rubber-stamped by Saam Barati.

The original bug was fixed in: https://trac.webkit.org/changeset/214714
I'm just adding another test for good measure.

  • stress/double-array-to-array-storage.js: Added.

(assert):

4:22 PM Changeset in webkit [214976] by eric.carlson@apple.com
  • 18 edits in trunk

[MediaStream] Host application should be able to mute and unmute media streams
https://bugs.webkit.org/show_bug.cgi?id=170519
<rdar://problem/31174326>

Reviewed by Youenn Fablet.

Source/WebCore:

No new tests, fast/mediastream/MediaStream-page-muted.html was updated.

  • Modules/mediastream/MediaStream.cpp:

(WebCore::MediaStream::~MediaStream): Fix a typo.
(WebCore::MediaStream::pageMutedStateDidChange): Don't store muted state, let the private
stream store it.
(WebCore::MediaStream::mediaState): Deal with new muted state flags.

  • Modules/mediastream/MediaStream.h:
  • dom/Document.cpp:

(WebCore::Document::prepareForDestruction): Clear media state before the frame is cleared.

  • page/MediaProducer.h: Add muted flags.
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::checkSelectedVideoTrack): The display layer
should not be visible when the video track is muted.

  • platform/mediastream/MediaStreamPrivate.cpp:

(WebCore::MediaStreamPrivate::addTrack): Mute the new track if necessary.
(WebCore::MediaStreamPrivate::startProducingData): Do nothing when muted.
(WebCore::MediaStreamPrivate::setExternallyMuted): New, mute/unmute tracks.

  • platform/mediastream/MediaStreamPrivate.h:
  • platform/mediastream/RealtimeMediaSource.cpp:

(WebCore::RealtimeMediaSource::setMuted): Start/stop producing data.

  • testing/Internals.cpp:

(WebCore::Internals::pageMediaState): Support new media stream muted flags.

Source/WebKit2:

  • UIProcess/API/C/WKPage.cpp:

(WKPageGetMediaState): Support new media stream state flags.

  • UIProcess/API/C/WKPagePrivate.h:
  • UIProcess/API/Cocoa/WKWebViewPrivate.h: Ditto.
  • UIProcess/Cocoa/UIDelegate.mm: Ditto.

LayoutTests:

  • fast/mediastream/MediaStream-page-muted-expected.txt:
  • fast/mediastream/MediaStream-page-muted.html:
4:12 PM Changeset in webkit [214975] by rniwa@webkit.org
  • 10 edits in trunk/Websites/perf.webkit.org

Introduce the notion of repository groups to triggerables
https://bugs.webkit.org/show_bug.cgi?id=170228

Reviewed by Chris Dumez.

On some triggerable, it's desirable to specify multiple sets of repositories that are accepted.

For example, if a repository X transitioned from Subversion to Git, and if a triggerable accepted X and
some other repository Y, then it's desirable to two sets: (X-Subversion, Y) and (X-Git, Y) since neither
(X-Subversion, X-Git) nor (X-Subversion, X-Git, Y) makes sense as a set.

This patch introduces triggerable_repository_groups table to represent a set of repositories accepted by
a triggerable. It has many to one relationship to build_triggerables and triggerable_repositories in turn
now has many to one relationship to triggerable_repository_groups instead of build_triggerables.

Also make it possible to disable a triggerable e.g. a set of tests and platforms are no longer supported.
We don't want to delete the triggerable completely from the database since it would result in the associated
A/B testing results being purged, which is not desirale.

To migrate an existing database, run the following transaction:
`sql
BEGIN;
ALTER TABLE build_triggerables ADD COLUMN triggerable_disabled boolean NOT NULL DEFAULT FALSE;

CREATE TABLE triggerable_repository_groups (

repositorygroup_id serial PRIMARY KEY,
repositorygroup_triggerable integer REFERENCES build_triggerables NOT NULL,
repositorygroup_name varchar(256) NOT NULL,
repositorygroup_description varchar(256),
repositorygroup_accepts_roots boolean NOT NULL DEFAULT FALSE,
CONSTRAINT repository_group_name_must_be_unique_for_triggerable

UNIQUE(repositorygroup_triggerable, repositorygroup_name));

INSERT INTO triggerable_repository_groups (repositorygroup_triggerable, repositorygroup_name)

SELECT triggerable_id, 'default' FROM build_triggerables;

ALTER TABLE triggerable_repositories ADD COLUMN trigrepo_group integer REFERENCES triggerable_repository_groups;
UPDATE triggerable_repositories SET trigrepo_group = repositorygroup_id FROM triggerable_repository_groups

WHERE trigrepo_triggerable = repositorygroup_triggerable;

ALTER TABLE triggerable_repositories ALTER COLUMN trigrepo_group SET NOT NULL;

ALTER TABLE triggerable_repositories DROP COLUMN trigrepo_triggerable;
ALTER TABLE triggerable_repositories DROP COLUMN trigrepo_sub_roots;
END;
`

  • init-database.sql:
  • public/admin/triggerables.php: Use a custom column to make forms to add and configure repository groups.

(insert_triggerable_repositories): Added.
(generate_repository_list): Added.
(generate_repository_form): Added.
(generate_repository_checkboxes): Now generates checkboxes for a repository group instead of a triggerable.

  • public/include/manifest-generator.php:

(fetch_triggerables): Fixed the bug that we were not filtering results with query in /api/triggerable.
Rewrote it to include an array of repository groups, which in turn contains an array of repositories along
with its name and a description, and a boolean indicating whether it accepts a custom root file or not.
The boolean will be used when we're adding the support for perf try bots. We will keep acceptedRepositories
since it's still used by detect-changes.js.

  • public/v3/models/manifest.js:

(Manifest._didFetchManifest): Resolve repositoriy, test, and platform IDs to their respective objects.

  • public/v3/models/triggerable.js:

(Triggerable):
(Triggerable.prototype.isDisabled): Added.
(Triggerable.prototype.repositoryGroups): Added.
(Triggerable.prototype.acceptsTest): Added.
(TriggerableRepositoryGroup): Added.
(TriggerableRepositoryGroup.prototype.description): Added.
(TriggerableRepositoryGroup.prototype.acceptsCustomRoots): Added.
(TriggerableRepositoryGroup.prototype.repositories): Added.

  • public/v3/pages/analysis-task-page.js:

(AnalysisTaskPage.prototype._didFetchTask): Don't use a disabled triggerable.

  • server-tests/api-manifest-tests.js: Updated a test case to test repository groups.
  • tools/js/database.js:

(tableToPrefixMap): Added triggerable_repository_groups.

  • tools/js/v3-models.js: Imported TriggerableRepositoryGroup from triggerable.js.
3:55 PM Changeset in webkit [214974] by akling@apple.com
  • 5 edits in trunk/Source

Make inactive web processes behave as though under memory pressure.
https://bugs.webkit.org/show_bug.cgi?id=170042
<rdar://problem/31038445>

Reviewed by Antti Koivisto.

Source/WebCore:

Prevent PerformanceMonitor from marking the process as inactive at startup.
This fixes the API test failure that caused this patch to get rolled out.

  • page/PerformanceMonitor.h:

Source/WTF:

Once a web process becomes inactive, let's try to reduce its impact
on memory usage by treating it as if it's under memory pressure until
it becomes active.

  • wtf/MemoryPressureHandler.cpp:

(WTF::MemoryPressureHandler::setProcessState):
(WTF::MemoryPressureHandler::isUnderMemoryPressure):

  • wtf/MemoryPressureHandler.h:

(WTF::MemoryPressureHandler::isUnderMemoryPressure): Deleted.

3:38 PM Changeset in webkit [214973] by beidson@apple.com
  • 4 edits in trunk/Source/WebKit2

Refactor so WebsiteDataStores always have a StorageManager.
https://bugs.webkit.org/show_bug.cgi?id=170521

Reviewed by Geoff Garen.

This basically involves teaching StorageManager how to work without a LocalStorageDatabaseTracker,
since there will never be ephemeral bits on disk to track.

  • UIProcess/Storage/StorageManager.cpp:

(WebKit::StorageManager::StorageArea::openDatabaseAndImportItemsIfNeeded):
(WebKit::StorageManager::createEphemeral):
(WebKit::StorageManager::StorageManager):
(WebKit::StorageManager::getLocalStorageOrigins):
(WebKit::StorageManager::getLocalStorageOriginDetails):
(WebKit::StorageManager::deleteLocalStorageEntriesForOrigin):
(WebKit::StorageManager::deleteLocalStorageOriginsModifiedSince):
(WebKit::StorageManager::deleteLocalStorageEntriesForOrigins):

  • UIProcess/Storage/StorageManager.h:
  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::WebsiteDataStore):

3:17 PM Changeset in webkit [214972] by jmarcell@apple.com
  • 5 edits in branches/safari-603-branch/Source

Versioning.

3:06 PM WebKitGTK/2.16.x edited by clopez@igalia.com
(diff)
3:05 PM WebKitGTK/2.16.x edited by clopez@igalia.com
(diff)
2:50 PM Changeset in webkit [214971] by jmarcell@apple.com
  • 1 copy in tags/Safari-604.1.16

Tag Safari-604.1.16.

2:19 PM Changeset in webkit [214970] by keith_miller@apple.com
  • 8 edits in trunk/Source/JavaScriptCore

WebAssembly: Plans should be able to have more than one completion task.
https://bugs.webkit.org/show_bug.cgi?id=170516

Reviewed by Saam Barati.

This patch also eliminates the need for blocked tasks on the
PromiseDeferredTimer and pendingPromise on Wasm::Plan.

  • runtime/PromiseDeferredTimer.cpp:

(JSC::PromiseDeferredTimer::doWork):
(JSC::PromiseDeferredTimer::cancelPendingPromise):
(JSC::PromiseDeferredTimer::scheduleBlockedTask): Deleted.

  • runtime/PromiseDeferredTimer.h:
  • wasm/WasmPlan.cpp:

(JSC::Wasm::Plan::Plan):
(JSC::Wasm::Plan::addCompletionTask):
(JSC::Wasm::Plan::complete):

  • wasm/WasmPlan.h:

(JSC::Wasm::Plan::setMode):
(JSC::Wasm::Plan::mode):
(JSC::Wasm::Plan::setModeAndPromise): Deleted.
(JSC::Wasm::Plan::pendingPromise): Deleted.

  • wasm/WasmWorklist.cpp:

(JSC::Wasm::Worklist::enqueue):

  • wasm/js/WebAssemblyInstanceConstructor.cpp:

(JSC::constructJSWebAssemblyInstance):

  • wasm/js/WebAssemblyPrototype.cpp:

(JSC::instantiate):

2:00 PM Changeset in webkit [214969] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Do not use BLX for immediates (ARM-32)

https://bugs.webkit.org/show_bug.cgi?id=170351

Patch by Guilherme Iscaro <iscaro@profusion.mobi> on 2017-04-05
Reviewed by Mark Lam.

Currently the offline asm generator for 32-bit ARM code translates the
'call' meta-instruction (which may be found in LowLevelInterpreter.asm
and friends) to the ARM's BLX instrunction. The BLX instruction may be
used for labels (immediates) and registers and one side effect of BLX
is that it may switch the processor's instruction set.
A 'BLX register' instruction will change/remain the processor state to
ARM if the register_bit[0] is set to 0 or change/remain to Thumb if
register_bit[0] is set to 1. However, a 'BLX label' instruction will
always switch the processor state. It switches ARM to thumb and vice-versa.
This behaviour is unwanted, since the C++ code and the offlineasm generated code
are both compiled using the same instruction set, thus a instruction
set change will likely produce a crash. In order to fix the problem the
BL instruction can be used for labels. It will branch just like BLX,
but it won't change the instruction set. It's important to note that
Darwin is not affected by this problem, thus to minimize the impact of
this change the BL instruction will only be used on non-darwin targets.

BLX reference: http://infocenter.arm.com/help/topic/com.arm.doc.dui0489i/CIHBJCDC.html?resultof=%22%62%6c%78%22%20

  • offlineasm/arm.rb:
1:59 PM Changeset in webkit [214968] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Switch to kCVPixelFormatType_420YpCbCr8BiPlanarFullRange for Mac video capture format
https://bugs.webkit.org/show_bug.cgi?id=170509

Patch by Youenn Fablet <youenn@apple.com> on 2017-04-05
Reviewed by Eric Carlson.

Covered by existing tests.

  • platform/mediastream/mac/AVVideoCaptureSource.mm:
1:58 PM Changeset in webkit [214967] by Matt Baker
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Probe values not showing in sidebar
https://bugs.webkit.org/show_bug.cgi?id=170143

Reviewed by Joseph Pecoraro.

Force the DataGrid to refresh its layout after adding a probe sample.

  • UserInterface/Views/ProbeSetDataGrid.css:

(.details-section.probe-set .data-grid tr.data-updated):
(.details-section.probe-set .data-grid > tr.data-updated): Deleted.
Drive-by fix: selector didn't match any rows.

  • UserInterface/Views/ProbeSetDataGrid.js:

(WebInspector.ProbeSetDataGrid.prototype._updateNodeForFrame):

1:44 PM Changeset in webkit [214966] by jfernandez@igalia.com
  • 8 edits
    2 adds in trunk

[css-align] Implement the place-items shorthand
https://bugs.webkit.org/show_bug.cgi?id=168847

Reviewed by David Hyatt.

Source/WebCore:

The CSS Box Alignment specification defines a new shorthand to set the
Content Alignment properties (align-items and justify-items) at the
same time.

This patch provides the implementation of the CSS parsing logic and the
required regression tests. For the time being, as it happens with the
rest of the new alignment properties, the new parsing logic is
implemented behind the CSS Grid Layout runtime flag.

Test: css3/parse-place-items.html

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::propertyValue):

  • css/CSSProperties.json:
  • css/StyleProperties.cpp:

(WebCore::StyleProperties::getPropertyValue):
(WebCore::StyleProperties::getAlignmentShorthandValue):

  • css/StyleProperties.h:
  • css/parser/CSSPropertyParser.cpp:

(WebCore::isAutoOrNormalOrStretch):
(WebCore::consumeSelfPositionOverflowPosition):
(WebCore::consumeSimplifiedItemPosition):
(WebCore::CSSPropertyParser::consumePlaceItemsShorthand):

  • css/parser/CSSPropertyParser.h:

LayoutTests:

Regression tests for the new place-content alignment shorthand.

  • css3/parse-place-items.html: Added.
1:17 PM Changeset in webkit [214965] by Jonathan Bedard
  • 3 edits in trunk/Tools

webkitpy: Add pid logging for simulator processes
https://bugs.webkit.org/show_bug.cgi?id=170505

Reviewed by Alexey Proskuryakov.

  • Scripts/webkitpy/port/simulator_process.py:

(SimulatorProcess._start.handler): Add pid to exception.
(SimulatorProcess._start): Ditto.

  • Scripts/webkitpy/xcode/simulated_device.py:

(SimulatedDevice.launch_app): Log pid when the process fails to launch and when
a pid is successfully returned.

1:16 PM Changeset in webkit [214964] by Ryan Haddad
  • 4 edits in trunk

Unreviewed, rolling out r214932.

This change broke an internal build.

Reverted changeset:

"[ios-simulator] API test WebKit2.DataDetectionReferenceDate
timing out"
https://bugs.webkit.org/show_bug.cgi?id=161967
http://trac.webkit.org/changeset/214932

1:15 PM Changeset in webkit [214963] by Ryan Haddad
  • 4 edits in trunk

Unreviewed, rolling out r214962.

Roll r214937 back in because it wasn't at fault for the build
breakage.

Reverted changeset:

"Unreviewed, rolling out r214937."
https://bugs.webkit.org/show_bug.cgi?id=170365
http://trac.webkit.org/changeset/214962

12:43 PM Changeset in webkit [214962] by Ryan Haddad
  • 4 edits in trunk

Unreviewed, rolling out r214937.

This change broke an internal build.

Reverted changeset:

"REGRESSION (r202472): Data Detection overwrites existing
links in detected ranges"
https://bugs.webkit.org/show_bug.cgi?id=170365
http://trac.webkit.org/changeset/214937

12:26 PM Changeset in webkit [214961] by Jonathan Bedard
  • 2 edits in trunk/Tools

Increase timeouts for simulator testing
Unreviewed infrastructure fix.

r214895 was not sufficient, increasing timeouts again.

  • Scripts/webkitpy/xcode/simulated_device.py:

(SimulatedDevice.install_app): Increase timeout from 3 to 10 seconds.

12:14 PM Changeset in webkit [214960] by clopez@igalia.com
  • 8 edits
    4 adds in trunk

[WebRTC][OpenWebRTC] Add support for SDP BUNDLE ("a:group:BUNDLE" and "a=bundle-only" lines)
https://bugs.webkit.org/show_bug.cgi?id=170157

Reviewed by Alejandro G. Castro.

Source/WebCore:

This implements support on the SDPProcessor for generating an "a=group:BUNDLE"
attribute with the MID identifiers specified in the bundle group in the most
recent answer.
It also implements support for generating "a=bundle-only" attributes on the
"m=" sections of the SDP according to the bundlePolicy defined.

Test: fast/mediastream/RTCPeerConnection-inspect-offer-bundlePolicy-bundle-only.html

  • Modules/mediastream/MediaEndpointPeerConnection.cpp:

(WebCore::MediaEndpointPeerConnection::createOfferTask):
(WebCore::MediaEndpointPeerConnection::createAnswerTask):

  • Modules/mediastream/SDPProcessor.cpp:

(WebCore::getBundlePolicyName):
(WebCore::configurationToJSON):

  • Modules/mediastream/sdp.js:

(SDP.generate):

  • platform/mediastream/MediaEndpointSessionConfiguration.h:

(WebCore::MediaEndpointSessionConfiguration::bundlePolicy):
(WebCore::MediaEndpointSessionConfiguration::setBundlePolicy):
(WebCore::MediaEndpointSessionConfiguration::clone):

LayoutTests:

The test fast/mediastream/RTCPeerConnection-inspect-offer-bundlePolicy-bundle-only.html
is used to check that we generate the "a=bundle-only" lines on the "m=" sections
according to the bundlePolicy. The 3 possible values of bundlePolicy are tested.
To properly test bundlePolicy:"balanced" we generate 5 extra tracks (6 in total)
for each one of the audio media type and video media type.

  • TestExpectations: Set RTCPeerConnection-inspect-offer-bundlePolicy-bundle-only.html

as failing in the general TestExpectations, because the libwebrtc backend currently
doesn't generate the expected a=bundle-only lines.
On the GTK+ port TestExpectations file this is overriden, and the test is marked to pass.
The whole fast/mediastream directory is already overriden to pass.

  • fast/mediastream/RTCPeerConnection-inspect-offer-bundlePolicy-bundle-only-expected.txt: Added.
  • fast/mediastream/RTCPeerConnection-inspect-offer-bundlePolicy-bundle-only.html: Added.
  • fast/mediastream/resources/sdp-utils.js:

(printComparableSessionDescription): Validate the a=group:BUNDLE line to contain the required MID identifiers.

  • platform/gtk/fast/mediastream/RTCPeerConnection-inspect-answer-expected.txt: Added. Rebaseline with the expected a=group:BUNDLE line.
  • platform/gtk/fast/mediastream/RTCPeerConnection-inspect-offer-expected.txt: Added. Rebaseline with the expected a=group:BUNDLE line.
12:09 PM Changeset in webkit [214959] by jer.noble@apple.com
  • 3 edits
    2 adds in trunk

[MSE] Seeks to currentTime=0 will fail if currentTime is already 0.
https://bugs.webkit.org/show_bug.cgi?id=170510
Source/WebCore:

<rdar://problem/30988403>

Reviewed by Eric Carlson.

Test: media/media-source/media-source-unnecessary-seek-seeked.html

The AVSampleBufferRenderSynchronizer won't fire a time jumped notification if no seek is actully
necessary. So short circuit the seek logic if the seek time is identical to the current synchronizer
time.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekInternal):

LayoutTests:

Reviewed by Eric Carlson.

  • media/media-source/media-source-unnecessary-seek-seeked-expected.txt: Added.
  • media/media-source/media-source-unnecessary-seek-seeked.html: Added.
12:08 PM Changeset in webkit [214958] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

Formatting fix to remove extra space.

Unreviewed formatting fix.

  • Scripts/webkitdirs.pm:

(isEmbeddedWebKit): Remove extra space.

12:03 PM Changeset in webkit [214957] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

Rename isIOSLikeWebKit to isEmbeddedWebKit.

Rubber-stamped by Alexey Proskuryakov.

  • Scripts/webkitdirs.pm:

(isEmbeddedWebKit): Added
(isIOSLikeWebKit): Deleted.

11:57 AM Changeset in webkit [214956] by Matt Baker
  • 9 edits in trunk

Web Inspector: XHR breakpoints should be global
https://bugs.webkit.org/show_bug.cgi?id=170033

Source/WebInspectorUI:

Reviewed by Joseph Pecoraro.

  • Localizations/en.lproj/localizedStrings.js:

Shorten XHR breakpoint tree element "URL contains:" title to "URL".

  • UserInterface/Controllers/DOMDebuggerManager.js:

Change storage of XHR breakpoints from a map to a simple array.
(WebInspector.DOMDebuggerManager):
(WebInspector.DOMDebuggerManager.prototype.get xhrBreakpoints):
(WebInspector.DOMDebuggerManager.prototype.addXHRBreakpoint):
Dispatch the "breakpoint added" event immediately after adding the
breakpoint, rather than waiting for it to resolve.

(WebInspector.DOMDebuggerManager.prototype.removeXHRBreakpoint):
(WebInspector.DOMDebuggerManager.prototype._speculativelyResolveBreakpoints):
(WebInspector.DOMDebuggerManager.prototype._resolveXHRBreakpoint):
(WebInspector.DOMDebuggerManager.prototype._saveXHRBreakpoints):
(WebInspector.DOMDebuggerManager.prototype._mainResourceDidChange):

  • UserInterface/Models/XHRBreakpoint.js:

An XHR breakpoint should not be associated with a particular document.
(WebInspector.XHRBreakpoint):
(WebInspector.XHRBreakpoint.prototype.get serializableInfo):
(WebInspector.XHRBreakpoint.prototype.saveIdentityToCookie):
(WebInspector.XHRBreakpoint.prototype.get documentURL): Deleted.

  • UserInterface/Views/DebuggerSidebarPanel.css:

Use default emdash-separated title/subtitle style instead of the
custom "URL contains:" labeling.

(.sidebar > .panel.navigation.debugger .details-section.xhr-breakpoints .item.breakpoint .subtitle):
(.sidebar > .panel.navigation.debugger .details-section.xhr-breakpoints .item.breakpoint .subtitle:before): Deleted.
(body[dir=ltr] .sidebar > .panel.navigation.debugger .details-section.xhr-breakpoints .item.breakpoint .subtitle): Deleted.
(body[dir=rtl] .sidebar > .panel.navigation.debugger .details-section.xhr-breakpoints .item.breakpoint .subtitle): Deleted.

  • UserInterface/Views/DebuggerSidebarPanel.js:

(WebInspector.DebuggerSidebarPanel.prototype.willDismissPopover):
(WebInspector.DebuggerSidebarPanel):

  • UserInterface/Views/XHRBreakpointTreeElement.js:

(WebInspector.XHRBreakpointTreeElement):

LayoutTests:

Reviewed by Joseph Pecoraro..

  • inspector/dom-debugger/xhr-breakpoints.html:

Update for XHRBreakpoint constructor change.

11:47 AM Changeset in webkit [214955] by Chris Dumez
  • 7 edits
    2 adds in trunk

<input type="range"> changing to disabled while active breaks all pointer events
https://bugs.webkit.org/show_bug.cgi?id=170447
<rdar://problem/31442875>

Reviewed by Geoffrey Garen.

Source/WebCore:

When a range's slider is being moved, we set SliderThumbElement's m_inDragMode flag
to true and mark the range elements as the CapturingMouseEventsElement. When we get
the mouseUp event, we are supposed to exit drag mode. However, when the range element
gets disabled while dragging, we do not get the mouseUp event and we need to make
sure we exit dragging mode anyway. r112547 tried to fix this by calling stopDragging()
in SliderThumbElement::defaultEventHandler() when the input element is disabled.
While this often works, this is fragile and we sometimes fail to exit dragging mode
when we should.

This patch addressed the issue by calling stopDragging() in
SliderThumbElement::disabledAttributeChanged() instead. This is much safer as we
guarantee will exit dragging mode whenever the range element gets disabled, even
if SliderThumbElement::defaultEventHandler() does not get called after that.

Test: fast/forms/range/disabled-while-dragging.html

  • html/RangeInputType.cpp:

(WebCore::RangeInputType::disabledAttributeChanged):

  • html/RangeInputType.h:
  • html/shadow/SliderThumbElement.cpp:

(WebCore::SliderThumbElement::defaultEventHandler):
(WebCore::SliderThumbElement::disabledAttributeChanged):

  • html/shadow/SliderThumbElement.h:

LayoutTests:

Add layout test coverage.

  • fast/forms/range/disabled-while-dragging-expected.txt: Added.
  • fast/forms/range/disabled-while-dragging.html: Added.
11:43 AM Changeset in webkit [214954] by mitz@apple.com
  • 8 copies
    1 add in releases/Apple/Safari Technology Preview 27

Added a tag for Safari Technology Preview release 27.

11:34 AM Changeset in webkit [214953] by eric.carlson@apple.com
  • 3 edits in trunk/Source/WebCore

[MediaStream] Video doesn't render in fullscreen on iOS
https://bugs.webkit.org/show_bug.cgi?id=170404

Reviewed by Youenn Fablet.

No new tests, filed https://bugs.webkit.org/show_bug.cgi?id=170512.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC): Include
video fullscreen manager on iOS too.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::videoTransformationMatrix): Add paramater
to force transform recalculation.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample): Restructure code since
the display layer resize happens elsewhere.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers): Include video fullscreen
manager on iOS too.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayers): Ditto.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Ditto.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenLayer): Ditto.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::backgroundLayerBoundsChanged): Change the
display layer size and position immediately instead of waiting for the next sample buffer
so the display is correct when fullscreen mode changes when paused.

11:26 AM Changeset in webkit [214952] by jiewen_tan@apple.com
  • 3 edits in trunk/LayoutTests

Unreviewed, rebasing crypto/subtle/rsa-import-key-malformed-parameters.html
<rdar://problem/31322400>

  • crypto/subtle/rsa-import-key-malformed-parameters-expected.txt:
  • crypto/subtle/rsa-import-key-malformed-parameters.html:
10:31 AM Changeset in webkit [214951] by commit-queue@webkit.org
  • 19 edits
    3 deletes in trunk

Deprecate and remove URL.createObjectURL(mediastream)
https://bugs.webkit.org/show_bug.cgi?id=167518
<rdar://problem/31149607>

Patch by Youenn Fablet <youenn@apple.com> on 2017-04-05
Reviewed by Eric Carlson.

Source/WebCore:

Covered by updated tests.

  • CMakeLists.txt:
  • DerivedSources.cpp:
  • DerivedSources.make:
  • Modules/mediastream/DOMURLMediaStream.cpp: Removed.
  • Modules/mediastream/DOMURLMediaStream.h: Removed.
  • Modules/mediastream/DOMURLMediaStream.idl: Removed.
  • WebCore.xcodeproj/project.pbxproj:
  • html/DOMURL.idl:

LayoutTests:

  • fast/mediacapturefromelement/CanvasCaptureMediaStream-2d-events.html:
  • fast/mediacapturefromelement/CanvasCaptureMediaStream-request-frame-events.html:
  • fast/mediacapturefromelement/CanvasCaptureMediaStream-webgl-events.html:
  • fast/mediastream/MediaStream-video-element-displays-buffer-expected.txt:
  • fast/mediastream/MediaStream-video-element-displays-buffer.html:
  • fast/mediastream/MediaStream-video-element-expected.txt:
  • fast/mediastream/MediaStream-video-element-track-stop-expected.txt:
  • fast/mediastream/MediaStream-video-element-track-stop.html:
  • fast/mediastream/MediaStream-video-element-video-tracks-disabled-then-enabled-expected.txt:
  • fast/mediastream/MediaStream-video-element-video-tracks-disabled.html:
  • fast/mediastream/MediaStream-video-element.html:
  • fast/mediastream/resources/getUserMedia-helper.js:

(setupVideoElementWithStream):

10:19 AM Changeset in webkit [214950] by keith_miller@apple.com
  • 4 edits
    1 add in trunk

WebAssembly: We shouldn't need to pin size registers if we have a fast memory.
https://bugs.webkit.org/show_bug.cgi?id=170504

Reviewed by Mark Lam.

JSTests:

  • wasm/function-tests/trap-after-cross-instance-call.js: Added.

(b.new.WebAssembly.Memory):
(importObject.foo.bar):
(wasmFrameCountFromError):

Source/JavaScriptCore:

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::createJSToWasmWrapper):
(JSC::Wasm::parseAndCompile):

  • wasm/WasmMemoryInformation.h:

(JSC::Wasm::PinnedRegisterInfo::toSave):

10:15 AM Changeset in webkit [214949] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

[Webrtc] Mock realtime sources factories should be static after r213941
https://bugs.webkit.org/show_bug.cgi?id=170282

Patch by Alejandro G. Castro <alex@igalia.com> on 2017-04-05
Reviewed by Alex Christensen.

If we don't make the variables static we would be returning a
local variable.

  • platform/mock/MockRealtimeAudioSource.cpp:

(WebCore::MockRealtimeAudioSource::factory):

  • platform/mock/MockRealtimeVideoSource.cpp:

(WebCore::MockRealtimeVideoSource::factory):

10:02 AM Changeset in webkit [214948] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit2

[WK2][iOS] Add entitlements to enable audio/video capture in WebProcess
https://bugs.webkit.org/show_bug.cgi?id=170507
<rdar://problem/31121248>

Reviewed by Youenn Fablet.

Add two entitlements that are required to access audio/video capture on iOS.

  • Configurations/WebContent-iOS.entitlements:
9:50 AM Changeset in webkit [214947] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit2

Show a log message when an invalid message is received in non cocoa ports
https://bugs.webkit.org/show_bug.cgi?id=170506

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2017-04-05
Reviewed by Michael Catanzaro.

We just crash, but without knowing the details about the message it's impossible to debug.

  • Shared/ChildProcess.cpp:

(WebKit::ChildProcess::didReceiveInvalidMessage):

9:06 AM Changeset in webkit [214946] by achristensen@apple.com
  • 8 edits
    1 move in trunk

Fix CMake build.

Source/WebCore:

  • platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:

Some JavaScript inline functions were not being accessed from this file with different enable flags.

  • platform/spi/cf/CFNetworkSPI.h:
  • platform/spi/cocoa/NSURLConnectionSPI.h:

Moved NSURLSession-specific SPI from NSURLConnectionSPI.h to CFNetworkSPI.h.

Tools:

  • TestRunnerShared/EventSerialization/mac/EventSerializerMac.mm:
  • TestRunnerShared/spi/CoreGraphicsSPI.h: Removed.
  • TestRunnerShared/spi/CoreGraphicsTestSPI.h: Copied from Tools/TestRunnerShared/spi/CoreGraphicsSPI.h.

There is a CoreGraphicsSPI.h in WebCore and the CMake build was finding the wrong one.
Since we just inherit the include paths from WebCore in the CMake build and since this SPI is only used for testing,
I just renamed CoreGraphicsSPI.h to CoreGraphicsTestSPI.h to avoid any name collisions.

  • WebKitTestRunner/PlatformMac.cmake:

Add some missing files.

  • WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:
7:28 AM Changeset in webkit [214945] by keith_miller@apple.com
  • 2 edits in trunk/Tools

Add debug option to run-jsc script
https://bugs.webkit.org/show_bug.cgi?id=170503

Reviewed by Yusuke Suzuki.

Adds a new option to the run-jsc script so that when passed
"--debug" it will wrap the jsc call with an lldb invocation. If
someone wishes to use a different debugger they can set the
DEBUGGER environment variable. Additionally, run-jsc now exits
with the exit status of the jsc call.

  • Scripts/run-jsc:
6:36 AM Changeset in webkit [214944] by Chris Dumez
  • 17 edits
    2 copies
    21 adds in trunk

_blank / _self / _parent / _top browsing context names should be case-insensitive
https://bugs.webkit.org/show_bug.cgi?id=169747

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Import test coverage from upstream web-platform-tests.

  • resources/import-expectations.json:
  • web-platform-tests/html/browsers/windows/browsing-context-names/001.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/002.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-_blank-expected.txt: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-_blank.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-existing.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-001-expected.txt: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-001.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-002-expected.txt: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-002.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-003-expected.txt: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-003.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-004-expected.txt: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-004.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-self-1.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-self-2.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-default-name-expected.txt:
  • web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-default-name.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/existing.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/parent-iframe-1.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/parent-iframe-2.html: Copied from LayoutTests/imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/existing.html.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/parent-iframe-3.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/parent-iframe-insensitive-1.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/parent-iframe-insensitive-2.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/parent-top-nested.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/parent-top-replace.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/parent-top.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/post-to-opener.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/post-to-top-or-close.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/post-to-top.html: Added.
  • web-platform-tests/html/browsers/windows/browsing-context-names/resources/w3c-import.log: Copied from LayoutTests/imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/w3c-import.log.
  • web-platform-tests/html/browsers/windows/browsing-context-names/self1.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/self2.html:
  • web-platform-tests/html/browsers/windows/browsing-context-names/w3c-import.log:

Source/WebCore:

_blank / _self / _parent / _top browsing context names should be case-insensitive
as per the HTML specification:

This aligns our behavior with Firefox as well. See discussion at:

Tests: imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-_blank.html

imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-001.html
imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-002.html
imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-003.html
imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-004.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
(WebCore::createWindow):

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::open):

  • page/FrameTree.cpp:

(WebCore::FrameTree::uniqueChildName):
(WebCore::FrameTree::find):

6:19 AM Changeset in webkit [214943] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[WinCairo] Invalid address specified to RtlValidateHeap at std::ctype<char>::_Tidy() when finishing MiniBrowser
https://bugs.webkit.org/show_bug.cgi?id=157067

Patch by Fujii Hironori <Fujii Hironori> on 2017-04-05
Reviewed by Per Arne Vollan.

WebKit is compiled with /MT switch to use static CRT on Windows.
But, WinCairo port does not link the static CRT by specifying
/NODEFAULTLIB:LIBCMT and /NODEFAULTLIB:LIBCMTD switches.
Eventually, a dynamically linked CRT is linked. This causes
potential heap corruption.

  • PlatformWin.cmake: Do not set /NODEFAULTLIB:LIBCMT and

/NODEFAULTLIB:LIBCMTD, but /NODEFAULTLIB:MSVCRT and
/NODEFAULTLIB:MSVCRTD as well as AppleWin port does

6:07 AM Changeset in webkit [214942] by Yusuke Suzuki
  • 9 edits in trunk/Source

[JSC] Suppress warnings in GCC
https://bugs.webkit.org/show_bug.cgi?id=170501

Reviewed by Keith Miller.

Source/JavaScriptCore:

Should use ASSERT_NOT_REACHED since return-type pragma is only
enabled under ASSERT_DISABLED environment. We shoud use
ASSERT_NOTREACHED to emit assertions in debug build. It effectively
catches bugs while keeping performance in release build.

  • b3/B3Opcode.cpp:

(JSC::B3::storeOpcode):

  • b3/B3Width.h:

(JSC::B3::mask):

  • runtime/Options.cpp:

(JSC::parse):

  • wasm/WasmSections.h:

(JSC::Wasm::makeString):

  • wasm/WasmSignature.cpp:

(JSC::Wasm::SignatureInformation::tryCleanup):

  • wasm/generateWasmValidateInlinesHeader.py:

Source/WTF:

Add a new macro UNUSED_FUNCTION to annotate unused static functions.
#pragma GCC diagnostic ignored "-Wunused-function" does not work.

  • wtf/Compiler.h:
3:41 AM Changeset in webkit [214941] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.14

Merge r206633 - DumpRenderTree crashed in com.apple.WebCore: WTF::Optional<WebCore::FetchBodyOwner::BlobLoader>::operator bool const + 12
https://bugs.webkit.org/show_bug.cgi?id=162483

Patch by Youenn Fablet <youenn@apple.com> on 2016-09-30
Reviewed by Alex Christensen.

Source/WebCore:

Test: fetch/closing-while-fetching-blob.html
No change of behavior.

  • Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::stop): Asserting m_blobLoader is null (meaning that unsetPendingActivity was done)
only in case FetchBodyOwner has no risk being destroyed.

LayoutTests:

  • fetch/closing-while-fetching-blob-expected.txt: Added.
  • fetch/closing-while-fetching-blob.html: Added.
3:40 AM Changeset in webkit [214940] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.14

Merge r212882 - [GTK] Compilation fails if using ninja together with icecream and cmake > 3.5
https://bugs.webkit.org/show_bug.cgi?id=168770

Reviewed by Carlos Garcia Campos.

If using cmake >= 3.6 together with ninja generator and icecream, the
build will fail as icecream does not correctly handle the response
files and it's not passing compiler flags from there to the compiler
itself (in our case it's not passing -fPIC which leads to the
failure while linking). Don't enable the ninja's response files
support if we fulfill the preconditions.

  • Source/cmake/OptionsCommon.cmake:
3:09 AM Changeset in webkit [214939] by magomez@igalia.com
  • 3 edits in trunk/Source/WebCore

[GTK+] PNG animations that should run once are not played at all
https://bugs.webkit.org/show_bug.cgi?id=170499

Reviewed by Carlos Garcia Campos.

The repetition count reported bu the PNGImageDecoder is wrong. It's returning m_playCount - 1, which
means 0 for the animations that need to be played once. Change it to return an appropriate value.

Covered by existent tests.

  • platform/image-decoders/png/PNGImageDecoder.cpp:

(WebCore::PNGImageDecoder::repetitionCount):

  • platform/image-decoders/png/PNGImageDecoder.h:
2:13 AM Changeset in webkit [214938] by jfernandez@igalia.com
  • 2 edits in trunk/LayoutTests

[GTK] Unreviewed tests gardening
https://bugs.webkit.org/show_bug.cgi?id=170497

Unreviewed test gardening. Rebaseline tests after r214712.

  • platform/gtk/fast/multicol/table-vertical-align-expected.txt:
1:24 AM Changeset in webkit [214937] by aestes@apple.com
  • 4 edits in trunk

REGRESSION (r202472): Data Detection overwrites existing links in detected ranges
https://bugs.webkit.org/show_bug.cgi?id=170365
<rdar://problem/29205721>

Reviewed by Tim Horton.

Source/WebCore:

r202472 changed the node traversal in searchForLinkRemovingExistingDDLinks() to only
consider nodes that are descendants of startNode, but we need to traverse all nodes between
startNode and endNode to find existing non-DD links.

As a result, we'd add a Data Detector link to the following snippet and make the original
links un-clickable:

<a href='#'>tomorrow</a> <a href='#'>night</a>

Fix this by not specifying a stayWithin node when calling NodeTraversal::next(). The loop
will terminate when we reach endNode.

Updated WebKit2.DataDetectionReferenceDate API test.

  • editing/cocoa/DataDetection.mm:

(WebCore::searchForLinkRemovingExistingDDLinks):

Tools:

  • TestWebKitAPI/Tests/WebKit2Cocoa/DataDetection.mm:

(expectLinkCount): Changed to only query links with the x-apple-data-detectors attribute.
(TEST): Re-enabled the test, which now passes.

12:58 AM Changeset in webkit [214936] by Carlos Garcia Campos
  • 4 edits in trunk/Source/JavaScriptCore

Implement PromiseDeferredTimer for non CF based ports
https://bugs.webkit.org/show_bug.cgi?id=170391

Reviewed by Yusuke Suzuki.

RunLoop handling is only implemented for CF causing several wasm tests to fail for other ports.

  • jsc.cpp:

(runJSC): Remove CF ifdefs.

  • runtime/PromiseDeferredTimer.cpp:

(JSC::PromiseDeferredTimer::doWork): Add non CF implementation using WTF RunLoop.
(JSC::PromiseDeferredTimer::runRunLoop): Ditto.

  • runtime/PromiseDeferredTimer.h:
12:53 AM Changeset in webkit [214935] by Carlos Garcia Campos
  • 2 edits in trunk/Source/JavaScriptCore

WebAssembly: several tests added in r214504 crash when building with GCC
https://bugs.webkit.org/show_bug.cgi?id=170390

Reviewed by Saam Barati.

The pattern foo->bar([f = WTFMove(foo)]{}); crashes when building with GCC, I assume the move happens before the
foo is used to invoke the function.

  • wasm/js/WebAssemblyPrototype.cpp:

(JSC::webAssemblyCompileFunc): Use p.vm() instead of plan->vm(), because plan is moved by the lambda.
(JSC::instantiate): Ditto.
(JSC::compileAndInstantiate): Ditto.

12:41 AM Changeset in webkit [214934] by Carlos Garcia Campos
  • 16 edits
    4 copies
    2 moves
    4 deletes in trunk/Source

Move WebErrors from WebProcess to Shared and get rid of ErrorsGtk in WebCore
https://bugs.webkit.org/show_bug.cgi?id=156974

Reviewed by Sam Weinig.

Source/WebCore:

Remove ErrorsGtk.

  • PlatformGTK.cmake:
  • platform/gtk/ErrorsGtk.cpp: Removed.
  • platform/gtk/ErrorsGtk.h: Removed.

Source/WebCore/platform/gtk/po:

  • POTFILES.in: Add new paths with translatable strings.

Source/WebKit2:

WebErrors are not only used by the frame loader client in the web process, but also by the network process. So,
move them to Shared make most of the implementation cross-platform.

  • CMakeLists.txt: Add new files to compilation.
  • NetworkProcess/soup/NetworkDataTaskSoup.cpp:

(WebKit::NetworkDataTaskSoup::download): Use WebErrors directly instead of platform methods that are no longer needed.
(WebKit::NetworkDataTaskSoup::writeDownloadCallback): Ditto.
(WebKit::NetworkDataTaskSoup::didFinishDownload): Ditto.
(WebKit::NetworkDataTaskSoup::didFail): Ditto.

  • PlatformGTK.cmake: Add new files to compilation and remove DownloadSoupErrorsGtk.cpp
  • PlatformMac.cmake:
  • Shared/API/APIError.cpp: Add error domains used by glib based ports.

(API::Error::webKitNetworkErrorDomain):
(API::Error::webKitPolicyErrorDomain):
(API::Error::webKitPluginErrorDomain):
(API::Error::webKitDownloadErrorDomain):
(API::Error::webKitPrintErrorDomain):

  • Shared/API/APIError.h:
  • Shared/Cocoa/WebErrorsCocoa.mm: Copied from Source/WebKit2/WebProcess/WebCoreSupport/WebErrors.h.

(WebKit::createNSError):
(WebKit::cancelledError):
(WebKit::fileDoesNotExistError):

  • Shared/WebErrors.cpp: Copied from Source/WebKit2/WebProcess/WebCoreSupport/gtk/WebErrorsGtk.cpp.

(WebKit::blockedError):
(WebKit::blockedByContentBlockerError):
(WebKit::cannotShowURLError):
(WebKit::interruptedForPolicyChangeError):
(WebKit::blockedByContentFilterError):
(WebKit::cannotShowMIMETypeError):
(WebKit::pluginWillHandleLoadError):
(WebKit::internalError):

  • Shared/WebErrors.h: Renamed from Source/WebKit2/WebProcess/WebCoreSupport/WebErrors.h.
  • Shared/glib/WebErrorsGlib.cpp: Renamed from Source/WebKit2/WebProcess/WebCoreSupport/gtk/WebErrorsGtk.cpp.

(WebKit::cancelledError):
(WebKit::fileDoesNotExistError):

  • Shared/gtk/WebErrorsGtk.cpp: Copied from Source/WebKit2/NetworkProcess/Downloads/gtk/DownloadSoupErrorsGtk.cpp.

(WebKit::printError):
(WebKit::printerNotFoundError):
(WebKit::invalidPageRangeToPrint):

  • Shared/soup/WebErrorsSoup.cpp: Renamed from Source/WebKit2/NetworkProcess/Downloads/gtk/DownloadSoupErrorsGtk.cpp.

(WebKit::downloadNetworkError):
(WebKit::downloadCancelledByUserError):
(WebKit::downloadDestinationError):

  • UIProcess/API/gtk/WebKitDownload.cpp:
  • UIProcess/API/gtk/WebKitError.cpp:

(webkit_network_error_quark):
(webkit_policy_error_quark):
(webkit_plugin_error_quark):
(webkit_download_error_quark):
(webkit_print_error_quark):

  • UIProcess/API/gtk/WebKitPrivate.cpp:

(toWebKitError):
(toWebCoreError):

  • WebKit2.xcodeproj/project.pbxproj:
  • WebProcess/WebCoreSupport/mac/WebErrorsMac.mm: Removed.
  • WebProcess/WebPage/gtk/WebPrintOperationGtk.cpp:
12:39 AM Changeset in webkit [214933] by aestes@apple.com
  • 2 edits in trunk/Tools

[ios-simulator] API test WebKit2.WKWebProcessPlugInRangeHandle timing out
https://bugs.webkit.org/show_bug.cgi?id=167594

Re-enabled this API test now that webkit.org/b/161967 is fixed.

  • TestWebKitAPI/Tests/WebKit2Cocoa/BundleRangeHandle.mm:

(TEST):

12:36 AM Changeset in webkit [214932] by aestes@apple.com
  • 4 edits in trunk

[ios-simulator] API test WebKit2.DataDetectionReferenceDate timing out
https://bugs.webkit.org/show_bug.cgi?id=161967

Reviewed by Alexey Proskuryakov.

Source/WebCore:

DataDetectorsCoreSPI.h defined DDQueryOffset as a struct of two CFIndexes, which is 16 bytes
on LP64, but the struct is actually defined as two CFIndex-typed 32-bit bitfields, which is
8 bytes on LP64. This breaks the ABI on Public SDK builds when calling functions that take
or return DDQueryOffsets.

  • platform/spi/cocoa/DataDetectorsCoreSPI.h: Updated the DDQueryOffset definition for

Public SDK builds, and added a static_assert to detect future size changes at compile time.

Tools:

  • TestWebKitAPI/Tests/WebKit2Cocoa/DataDetection.mm:

(TEST): Re-enabled WebKit2.DataDetectionReferenceDate.

12:09 AM Changeset in webkit [214931] by Yusuke Suzuki
  • 13 edits
    1 add in trunk

[JSC] Generate TemplateObjects at linking time
https://bugs.webkit.org/show_bug.cgi?id=169743

Reviewed by Keith Miller.

JSTests:

  • stress/template-string-tags-eval.js: Added.

(shouldBe):
(tag):

Source/JavaScriptCore:

Currently, the code calls getTemplateObject to get appropriate template objects at runtime.
But this template object is constant value and never changed. So instead of creating it
at runtime, we should create it at linking time and store it in the constant registers.

  • builtins/BuiltinNames.h:
  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::setConstantRegisters):

  • bytecode/CodeBlock.h:
  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::shrinkToFit):

  • bytecode/UnlinkedCodeBlock.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addTemplateRegistryKeyConstant):
(JSC::BytecodeGenerator::emitGetTemplateObject):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::TaggedTemplateNode::emitBytecode):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::getTemplateObject): Deleted.

  • runtime/JSTemplateRegistryKey.cpp:
  • runtime/JSTemplateRegistryKey.h:

(JSC::isTemplateRegistryKey):

Apr 4, 2017:

10:38 PM Changeset in webkit [214930] by jer.noble@apple.com
  • 4 edits in trunk/Source/WebCore

Move AVSampleBufferDisplayLayer declarations into AVFoundationSPI.h
https://bugs.webkit.org/show_bug.cgi?id=170471

Reviewed by Eric Carlson.

Move the declaration of AVSampleBufferDisplayLayer (and related classes) into AVFoundationSPI.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
  • platform/spi/mac/AVFoundationSPI.h:
10:14 PM Changeset in webkit [214929] by ap@apple.com
  • 2 edits in trunk/LayoutTests

Mark imported/w3c/web-platform-tests/fetch/api/response/response-trailer.html as flaky
for https://bugs.webkit.org/show_bug.cgi?id=170493

  • platform/mac/TestExpectations:
9:48 PM Changeset in webkit [214928] by commit-queue@webkit.org
  • 6 edits
    3 adds in trunk

Canvas is tainted when painting a video with MediaStreamTrack
https://bugs.webkit.org/show_bug.cgi?id=170486

Patch by Youenn Fablet <youenn@apple.com> on 2017-04-04
Reviewed by Eric Carlson.

Source/WebCore:

Test: http/tests/media/media-stream/getusermedia-with-canvas.html

Adding the notion of isolated source so that we can later on implement WebRTC isolated tracks.
For now, canvas will not be tainted if painted from a MediaStreamTrack.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::didPassCORSAccessCheck):

  • platform/mediastream/MediaStreamTrackPrivate.h:

(WebCore::MediaStreamTrackPrivate::isIsolated):

  • platform/mediastream/RealtimeMediaSource.h:

LayoutTests:

  • http/tests/media/media-stream/getusermedia-with-canvas-expected.txt: Added.
  • http/tests/media/media-stream/getusermedia-with-canvas.html: Added.
  • http/tests/media/media-stream/resources/getUserMedia-helper.js: Added.

(reject):
(getUserMedia):
(defaultRejectOrCatch):
(setupVideoElementWithStream):

8:50 PM Changeset in webkit [214927] by mark.lam@apple.com
  • 4 edits
    1 add in trunk

On ARM64, DFG::SpeculativeJIT::compileArithMod() failed to ensure result is of DataFormatInt32.
https://bugs.webkit.org/show_bug.cgi?id=170473
<rdar://problem/29912391>

Reviewed by Saam Barati.

JSTests:

  • stress/regress-170473.js: Added.

Source/JavaScriptCore:

In Unchecked mode, when DFG::SpeculativeJIT::compileArithMod() detects that the
divisor is 0, we want it to return 0. The result is expected to be of
DataFormatIn32.

The ARM implementation just returns the value in the divisor register. However,
the divisor in this case can be of DataFormatJSInt32. On ARM64, returning the
divisor register yields the wrong result format because the same register also
holds the upper 32-bit of the JSValue encoding. The fix is to return an
immediate 0 instead.

Also turned on the assertion in jitAssertIsInt32 for ARM64. This assertion being
disabled may have contributed to this bug going unnoticed all this time.

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileArithMod):

  • jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::jitAssertIsInt32):

8:43 PM Changeset in webkit [214926] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Air::eliminateDeadCode should not repeatedly process the same live instructions
https://bugs.webkit.org/show_bug.cgi?id=170490

Reviewed by Keith Miller.

This makes the eliminateDeadCode() fixpoint somewhat worklist-based: we track the set
of Insts that might be dead. Every time we detect that one is live, we remove it from
the set. This is a big (>2x) speed-up because lots of Insts are immediately found to
be live.

This is a ~1% wasm -O1 compile time progression.

  • b3/air/AirEliminateDeadCode.cpp:

(JSC::B3::Air::eliminateDeadCode):

8:26 PM Changeset in webkit [214925] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebCore

Unreviewed, rolling out r214894, r214895, r214907, r214912,
and r214918.
https://bugs.webkit.org/show_bug.cgi?id=170491

Caused build failures on Mac (Requested by rniwa on #webkit).

Reverted changesets:

"Build fix."
http://trac.webkit.org/changeset/214894

"Rolling back the build fix, as it broke other builds."
http://trac.webkit.org/changeset/214895

"Move AVSampleBufferDisplayLayer declarations into
AVFoundationSPI.h"
https://bugs.webkit.org/show_bug.cgi?id=170471
http://trac.webkit.org/changeset/214907

"Unreviewed build fix: fix compilation error on Sierra."
http://trac.webkit.org/changeset/214912

"More build fixing."
http://trac.webkit.org/changeset/214918

7:50 PM Changeset in webkit [214924] by commit-queue@webkit.org
  • 8 edits in trunk

[Mac] Add back web audio support for getUserMedia MediaStreamTrack
https://bugs.webkit.org/show_bug.cgi?id=170482

Patch by Youenn Fablet <youenn@apple.com> on 2017-04-04
Reviewed by Eric Carlson.

Source/WebCore:

´Covered by reenabled test.

Exporting method and class used in WebKit2.

  • WebCore.xcodeproj/project.pbxproj:
  • platform/audio/mac/CAAudioStreamDescription.h:
  • platform/mediastream/mac/WebAudioSourceProviderAVFObjC.h:

Source/WebKit2:

  • WebProcess/cocoa/UserMediaCaptureManager.cpp:

(WebKit::UserMediaCaptureManager::Source::setStorage):

LayoutTests:

6:18 PM Changeset in webkit [214923] by fpizlo@apple.com
  • 5 edits
    1 add in trunk/Source

Air::eliminateDeadCode() should not use a HashSet
https://bugs.webkit.org/show_bug.cgi?id=170487

Reviewed by Saam Barati.

Source/JavaScriptCore:

Introduce TmpSet, which is like a HashSet<Tmp>. Use this to make eliminateDeadCode()
about 50% faster, resulting in a 1% wasm -O1 compile time progression.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • b3/air/AirEliminateDeadCode.cpp:

(JSC::B3::Air::eliminateDeadCode):

  • b3/air/AirTmpSet.h: Added.

(JSC::B3::Air::TmpSet::TmpSet):
(JSC::B3::Air::TmpSet::add):
(JSC::B3::Air::TmpSet::remove):
(JSC::B3::Air::TmpSet::contains):
(JSC::B3::Air::TmpSet::size):
(JSC::B3::Air::TmpSet::isEmpty):
(JSC::B3::Air::TmpSet::iterator::iterator):
(JSC::B3::Air::TmpSet::iterator::operator*):
(JSC::B3::Air::TmpSet::iterator::operator++):
(JSC::B3::Air::TmpSet::iterator::operator==):
(JSC::B3::Air::TmpSet::iterator::operator!=):
(JSC::B3::Air::TmpSet::begin):
(JSC::B3::Air::TmpSet::end):

Source/WTF:

BitVector::iterator knows when it's at the end. Expose this functionality.

  • wtf/BitVector.h:

(WTF::BitVector::iterator::isAtEnd):

5:59 PM Changeset in webkit [214922] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark fast/images/slower-animation-than-decoding-image.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=168390

Unreviewed test gardening.

  • platform/mac/TestExpectations:
5:59 PM Changeset in webkit [214921] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark fast/images/reset-image-animation.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=170177

Unreviewed test gardening.

  • platform/mac/TestExpectations:
5:56 PM Changeset in webkit [214920] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark media/modern-media-controls/airplay-button/airplay-button.html as flaky on mac-wk1 Release.
https://bugs.webkit.org/show_bug.cgi?id=168409

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
5:55 PM Changeset in webkit [214919] by keith_miller@apple.com
  • 31 edits
    1 copy
    1 add in trunk/Source

WebAssembly: ModuleInformation should be a ref counted thing that can be shared across threads.
https://bugs.webkit.org/show_bug.cgi?id=170478

Reviewed by Saam Barati.

Source/JavaScriptCore:

ModuleInformation has been moved to its own file and is now
ThreadSafeRefCounted. All the Strings we used to keep in the
ModuleInformation have been switched to Vector<LChar> this has the
advantage that it can be passed across threads. However, this does
mean that we need to decode the utf8 strings in each thread. This
is likely not a problem because:

1) most modules have few imports/exports/custom sections.
2) most of the time they are ascii so the conversion is cheap.
3) we only have to do it once per thread, and there shouldn't be too many.

This patch also removes
moduleSignatureIndicesToUniquedSignatureIndices since that
information can already be recovered from the
SignatureInformation.

(functionTestWasmModuleFunctions):

  • runtime/Identifier.h:

(JSC::Identifier::fromString):

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::parseAndCompile):

  • wasm/WasmB3IRGenerator.h:
  • wasm/WasmFormat.cpp:

(JSC::Wasm::makeString):
(JSC::Wasm::ModuleInformation::~ModuleInformation): Deleted.

  • wasm/WasmFormat.h:

(JSC::Wasm::makeString):
(JSC::Wasm::ModuleInformation::functionIndexSpaceSize): Deleted.
(JSC::Wasm::ModuleInformation::isImportedFunctionFromFunctionIndexSpace): Deleted.
(JSC::Wasm::ModuleInformation::signatureIndexFromFunctionIndexSpace): Deleted.
(JSC::Wasm::ModuleInformation::importFunctionCount): Deleted.
(JSC::Wasm::ModuleInformation::internalFunctionCount): Deleted.

  • wasm/WasmFunctionParser.h:

(JSC::Wasm::FunctionParser<Context>::FunctionParser):

  • wasm/WasmModuleInformation.cpp: Copied from Source/JavaScriptCore/wasm/WasmValidate.h.

(JSC::Wasm::ModuleInformation::~ModuleInformation):

  • wasm/WasmModuleInformation.h: Added.

(JSC::Wasm::ModuleInformation::functionIndexSpaceSize):
(JSC::Wasm::ModuleInformation::isImportedFunctionFromFunctionIndexSpace):
(JSC::Wasm::ModuleInformation::signatureIndexFromFunctionIndexSpace):
(JSC::Wasm::ModuleInformation::importFunctionCount):
(JSC::Wasm::ModuleInformation::internalFunctionCount):
(JSC::Wasm::ModuleInformation::ModuleInformation):

  • wasm/WasmModuleParser.cpp:
  • wasm/WasmModuleParser.h:

(JSC::Wasm::ModuleParser::ModuleParser):

  • wasm/WasmParser.h:

(JSC::Wasm::Parser<SuccessType>::consumeUTF8String):

  • wasm/WasmPlan.cpp:

(JSC::Wasm::Plan::Plan):
(JSC::Wasm::Plan::parseAndValidateModule):
(JSC::Wasm::Plan::prepare):
(JSC::Wasm::Plan::compileFunctions):
(JSC::Wasm::Plan::complete):
(JSC::Wasm::Plan::cancel):

  • wasm/WasmPlan.h:

(JSC::Wasm::Plan::internalFunctionCount):
(JSC::Wasm::Plan::takeModuleInformation):

  • wasm/WasmSignature.cpp:

(JSC::Wasm::SignatureInformation::get):

  • wasm/WasmSignature.h:
  • wasm/WasmValidate.cpp:

(JSC::Wasm::validateFunction):

  • wasm/WasmValidate.h:
  • wasm/js/JSWebAssemblyHelpers.h:

(JSC::createSourceBufferFromValue):

  • wasm/js/JSWebAssemblyModule.cpp:

(JSC::JSWebAssemblyModule::createStub):
(JSC::JSWebAssemblyModule::JSWebAssemblyModule):
(JSC::JSWebAssemblyModule::finishCreation):

  • wasm/js/JSWebAssemblyModule.h:

(JSC::JSWebAssemblyModule::moduleInformation):
(JSC::JSWebAssemblyModule::source):

  • wasm/js/WebAssemblyInstanceConstructor.cpp:

(JSC::constructJSWebAssemblyInstance):

  • wasm/js/WebAssemblyModuleConstructor.cpp:

(JSC::WebAssemblyModuleConstructor::createModule):

  • wasm/js/WebAssemblyModulePrototype.cpp:

(JSC::webAssemblyModuleProtoCustomSections):
(JSC::webAssemblyModuleProtoImports):
(JSC::webAssemblyModuleProtoExports):

  • wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::link):

  • wasm/js/WebAssemblyModuleRecord.h:
  • wasm/js/WebAssemblyPrototype.cpp:

(JSC::webAssemblyCompileFunc):
(JSC::instantiate):
(JSC::compileAndInstantiate):

Source/WTF:

This adds a new String::fromUTF8 that converts a vector of characters to
a string.

Also, it cleans up some style.

  • wtf/text/WTFString.h:

(WTF::String::fromUTF8):

  • wtf/unicode/UTF8.cpp:

(WTF::Unicode::convertLatin1ToUTF8):

5:48 PM Changeset in webkit [214918] by ap@apple.com
  • 2 edits in trunk/Source/WebCore

More build fixing.

  • platform/spi/mac/AVFoundationSPI.h:
5:25 PM Changeset in webkit [214917] by fpizlo@apple.com
  • 10 edits in trunk/Source

B3::fixSSA() needs a tune-up
https://bugs.webkit.org/show_bug.cgi?id=170485

Reviewed by Saam Barati.

Source/JavaScriptCore:

After the various optimizations to liveness, register allocation, and other phases, the
fixSSA() phase now looks like one of the top offenders. This includes a bunch of
changes to make this phase run faster. This is a ~7% wasm -O1 compile time progression.

Here's what I did:

  • We now use IndexSparseSet instead of IndexMap for tracking variable values. This makes it cheaper to chew through small blocks while there is a non-trivial number of total variables.


  • We now do a "local SSA conversion" pass before anything else. This eliminates obvious Get's. If we were using temporary Variables, it would eliminate many of those. That's useful for when we use demoteValues() and duplciateTails(). For wasm -O1, we mainly care about the fact that it makes a bunch of Set's dead.


  • We now do a Set DCE pass after the local SSA but before SSA conversion. This ensures that any block-local live intervals of Variables disappear and don't need further consideration.


  • We now cache the reaching defs calculation.


  • We now perform the reaching defs calculation lazily.
  • b3/B3FixSSA.cpp:

(JSC::B3::demoteValues):
(JSC::B3::fixSSA):

  • b3/B3SSACalculator.cpp:

(JSC::B3::SSACalculator::reachingDefAtTail):

  • b3/B3VariableLiveness.cpp:

(JSC::B3::VariableLiveness::VariableLiveness):

  • b3/air/AirLiveness.h:

(JSC::B3::Air::Liveness::Liveness):

  • dfg/DFGLivenessAnalysisPhase.cpp:

(JSC::DFG::LivenessAnalysisPhase::LivenessAnalysisPhase): Deleted.
(JSC::DFG::LivenessAnalysisPhase::run): Deleted.
(JSC::DFG::LivenessAnalysisPhase::processBlock): Deleted.

Source/WTF:

This makes IndexSparseSet capable of being used as a map if you instantiate it with
KeyValuePair<unsigned, ValueType>.

  • wtf/HashTraits.h:
  • wtf/IndexSparseSet.h:

(WTF::DefaultIndexSparseSetTraits::create):
(WTF::DefaultIndexSparseSetTraits::key):
(WTF::OverflowHandler>::IndexSparseSet):
(WTF::OverflowHandler>::add):
(WTF::OverflowHandler>::set):
(WTF::OverflowHandler>::remove):
(WTF::OverflowHandler>::clear):
(WTF::OverflowHandler>::size):
(WTF::OverflowHandler>::isEmpty):
(WTF::OverflowHandler>::contains):
(WTF::OverflowHandler>::sort):
(WTF::IndexSparseSet<OverflowHandler>::IndexSparseSet): Deleted.
(WTF::IndexSparseSet<OverflowHandler>::add): Deleted.
(WTF::IndexSparseSet<OverflowHandler>::remove): Deleted.
(WTF::IndexSparseSet<OverflowHandler>::clear): Deleted.
(WTF::IndexSparseSet<OverflowHandler>::size): Deleted.
(WTF::IndexSparseSet<OverflowHandler>::isEmpty): Deleted.
(WTF::IndexSparseSet<OverflowHandler>::contains): Deleted.
(WTF::IndexSparseSet<OverflowHandler>::sort): Deleted.

  • wtf/Liveness.h:

(WTF::Liveness::LocalCalc::Iterable::iterator::iterator):
(WTF::Liveness::workset):

5:23 PM Changeset in webkit [214916] by Simon Fraser
  • 2 edits in trunk/Source/WebCore

Do some minor FEColorMatrix code cleanup and optimization
https://bugs.webkit.org/show_bug.cgi?id=170474

Reviewed by Dean Jackson.

Don't switch inside of a pixel processing loop; repeat the loop inside switch (filterType).

Change matrix() and saturateAndHueRotate() to dereference the source pixels once, instead
of multiple times, which is faster.

This kind of code benefits from aligning things with spaces for readability, so do so,
violating webkit style.

Add some off-by-default performance logging code.

Increases pixel processing performance from about 86ms per megapixel to 65ms per megapixel.

  • platform/graphics/filters/FEColorMatrix.cpp:

(WebCore::matrix):
(WebCore::saturateAndHueRotate):
(WebCore::effectType):
(WebCore::FEColorMatrix::platformApplySoftware):

5:05 PM Changeset in webkit [214915] by Brent Fulgham
  • 3 edits
    2 adds in trunk

Do not assert when CharacterData representing an Attr fires events
https://bugs.webkit.org/show_bug.cgi?id=170454
<rdar://problem/30979320>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Make the NoEventDispatchAssertion in CharacterData::notifyParentAfterChange conditional
since Attr elements should be allowed to fire events.

Tests: fast/dom/no-assert-for-malformed-js-url-attribute.html

  • dom/CharacterData.cpp:

(WebCore::CharacterData::notifyParentAfterChange):

LayoutTests:

  • fast/dom/no-assert-for-malformed-js-url-attribute-expected.txt: Added.
  • fast/dom/no-assert-for-malformed-js-url-attribute.html: Added.
4:38 PM Changeset in webkit [214914] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Remove stale LLVM Header Path includes from JavaScriptCore
https://bugs.webkit.org/show_bug.cgi?id=170483

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-04
Reviewed by Mark Lam.

  • Configurations/Base.xcconfig:
4:37 PM Changeset in webkit [214913] by commit-queue@webkit.org
  • 7 edits in trunk

LayoutTest webrtc/libwebrtc/descriptionGetters.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=169481

Patch by Youenn Fablet <youenn@apple.com> on 2017-04-04
Reviewed by Eric Carlson.

Source/WebCore:

No need to enumerate all network interfaces in most layout tests.
Adding an Internals API for that in case we want to use TCP localhost candidates.

  • testing/Internals.cpp:

(WebCore::Internals::Internals):
(WebCore::Internals::setEnumeratingAllNetworkInterfacesEnabled):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

  • platform/mac-wk2/TestExpectations: Removing flaky expectation.
  • webrtc/datachannel/basic.html:
4:32 PM Changeset in webkit [214912] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed build fix: fix compilation error on Sierra.

  • platform/spi/mac/AVFoundationSPI.h:
4:32 PM Changeset in webkit [214911] by Simon Fraser
  • 2 edits in trunk/Tools

Various settings in Minibrowser are off by default, and should be on
https://bugs.webkit.org/show_bug.cgi?id=170465
rdar://problem/31421543

Reviewed by Tim Horton.

Explicitly set preferences that should be on by default to enabled, if they have not been
set previously.

  • MiniBrowser/mac/SettingsController.m:

(-[SettingsController init]):

3:57 PM Changeset in webkit [214910] by Megan Gardner
  • 2 edits in trunk/Source/WebKit/mac

Fix leaks in WebUITextIndicatorData
https://bugs.webkit.org/show_bug.cgi?id=170480

Reviewed by Wenson Hsieh.

Removes extraneous retains.

  • WebView/WebView.mm:

(-[WebUITextIndicatorData initWithImage:textIndicatorData:scale:]):

3:48 PM Changeset in webkit [214909] by jfbastien@apple.com
  • 2 edits in trunk/Tools

reviewer

3:37 PM Changeset in webkit [214908] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

B3::LowerToAir incorrectly selects BitXor(AtomicStrongCAS(...), $1)
https://bugs.webkit.org/show_bug.cgi?id=169867

Reviewed by Saam Barati.

The BitXor(AtomicWeakCAS(...), $1) optimization makes a lot of sense because we an fold the
BitXor into the CAS condition read-out. But there is no version of this that is profitable or
correct for AtomicStrongCAS. The inversion case is handled by Equal(AtomicStrongCAS(...), ...)
becoming NotEqual(AtomicStrongCAS(...), ...), and we alraedy handle that separately.

So, the fix here is to make the BitXor CAS pattern only recognize AtomicWeakCAS.

  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::lower):

  • b3/testb3.cpp:

(JSC::B3::testAtomicStrongCAS):

3:30 PM Changeset in webkit [214907] by jer.noble@apple.com
  • 4 edits in trunk/Source/WebCore

Move AVSampleBufferDisplayLayer declarations into AVFoundationSPI.h
https://bugs.webkit.org/show_bug.cgi?id=170471

Reviewed by Eric Carlson.

Move the declaration of AVSampleBufferDisplayLayer (and related classes) into AVFoundationSPI.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): Deleted.
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeDisplayLayer): Deleted.

  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
  • platform/spi/mac/AVFoundationSPI.h:
3:23 PM Changeset in webkit [214906] by BJ Burg
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: RTL: layout issues in Type Profiler popovers
https://bugs.webkit.org/show_bug.cgi?id=170467

Reviewed by Timothy Hatcher.

Flip some margins and padding. Remove the -1px leading margin for
the prototype disclosure button, as it is unnecessary and looks
(more) wrong when in RTL.

  • UserInterface/Views/TypeTreeElement.css:

(.item.type-tree-element > .disclosure-button):
(.item.type-tree-element.prototype):
(body[dir=ltr] .item.type-tree-element.prototype):
(body[dir=rtl] .item.type-tree-element.prototype):

  • UserInterface/Views/TypeTreeView.css:

(.tree-outline.type):
(body[dir=ltr] .tree-outline.type):
(body[dir=rtl] .tree-outline.type):
(.tree-outline.type li .empty-message):
(body[dir=ltr] .tree-outline.type li .empty-message):
(body[dir=rtl] .tree-outline.type li .empty-message):

3:23 PM Changeset in webkit [214905] by sbarati@apple.com
  • 49 edits
    2 moves
    1 add in trunk/Source

WebAssembly: JSWebAssemblyCallee should not be a JSCell
https://bugs.webkit.org/show_bug.cgi?id=170135

Reviewed by Michael Saboff.

Source/JavaScriptCore:

This patch is perhaps the last big change to the design of fundamental
Wasm API to allow for PIC. It changes JSWebAssemblyCallee into a thing
called Wasm::Callee. It serves the same purpose as before, except
Wasm::Callee is not a JSCell. I had to refactor the various parts of the
runtime that will see CallFrame's with Wasm::Callee's in the callee slot.
Thankfully, the parts of the runtime that Wasm touches are limited. The
main refactoring is changing the exception handling code, such as taking
a stack trace, to be friendly to seeing a non JSCell callee.

The callee() function on ExecState now returns a class I added in this
patch called CalleeBits. CalleeBits will tell you if the callee is a
JSCell or a Wasm::Callee. We tag Wasm::Callee's with a 1 in their lower
bit so we can easily tell what is and isn't a Wasm::Callee.

The stub that calls out from Wasm to JS still puts a JSCell callee
into the call frame, even though the callee logically represents a
Wasm frame. The reason for this is that we use the call IC infrastructure
to make a call out to JS code, and the code that writes the IC expects
a JSCell as the callee. This is knowingly part of our design. When we
do structured cloning of Wasm Modules, we'll need to regenerate these
JS call stubs.

  • API/JSContextRef.cpp:

(BacktraceFunctor::operator()):

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • debugger/Debugger.cpp:

(JSC::Debugger::pauseIfNeeded):
(JSC::Debugger::currentDebuggerCallFrame):

  • debugger/DebuggerCallFrame.cpp:

(JSC::DebuggerCallFrame::create):
(JSC::DebuggerCallFrame::DebuggerCallFrame):
(JSC::DebuggerCallFrame::currentPosition):
(JSC::DebuggerCallFrame::positionForCallFrame):

  • debugger/DebuggerCallFrame.h:
  • interpreter/CallFrame.cpp:

(JSC::CallFrame::vmEntryGlobalObject):
(JSC::CallFrame::wasmAwareLexicalGlobalObject):
(JSC::CallFrame::isAnyWasmCallee):
(JSC::CallFrame::callerSourceOrigin):

  • interpreter/CallFrame.h:

(JSC::ExecState::calleeAsValue):
(JSC::ExecState::jsCallee):
(JSC::ExecState::callee):
(JSC::ExecState::unsafeCallee):
(JSC::ExecState::scope):
(JSC::ExecState::iterate):

  • interpreter/CalleeBits.h: Added.

(JSC::CalleeBits::CalleeBits):
(JSC::CalleeBits::operator=):
(JSC::CalleeBits::boxWasm):
(JSC::CalleeBits::isWasm):
(JSC::CalleeBits::isCell):
(JSC::CalleeBits::asCell):
(JSC::CalleeBits::asWasmCallee):
(JSC::CalleeBits::rawPtr):

  • interpreter/Interpreter.cpp:

(JSC::GetStackTraceFunctor::operator()):
(JSC::Interpreter::getStackTrace):
(JSC::notifyDebuggerOfUnwinding):
(JSC::UnwindFunctor::UnwindFunctor):
(JSC::UnwindFunctor::operator()):
(JSC::UnwindFunctor::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer):
(JSC::Interpreter::unwind):
(JSC::Interpreter::notifyDebuggerOfExceptionToBeThrown):

  • interpreter/Interpreter.h:
  • interpreter/Register.h:

(JSC::Register::pointer):

  • interpreter/ShadowChicken.cpp:

(JSC::ShadowChicken::update):

  • interpreter/ShadowChickenInlines.h:

(JSC::ShadowChicken::iterate):

  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::StackVisitor):
(JSC::StackVisitor::readFrame):
(JSC::StackVisitor::readNonInlinedFrame):
(JSC::StackVisitor::readInlinedFrame):
(JSC::StackVisitor::Frame::calleeSaveRegisters):
(JSC::StackVisitor::Frame::functionName):
(JSC::StackVisitor::Frame::dump):

  • interpreter/StackVisitor.h:

(JSC::StackVisitor::Frame::callee):
(JSC::StackVisitor::visit):

  • jit/Repatch.cpp:

(JSC::linkFor):
(JSC::linkPolymorphicCall):

  • jsc.cpp:

(callWasmFunction):
(functionTestWasmModuleFunctions):

  • runtime/ArrayPrototype.cpp:
  • runtime/Error.cpp:

(JSC::addErrorInfoAndGetBytecodeOffset):

  • runtime/ErrorInstance.cpp:

(JSC::ErrorInstance::finishCreation):

  • runtime/JSCell.cpp:

(JSC::JSCell::isAnyWasmCallee): Deleted.

  • runtime/JSCell.h:
  • runtime/JSCellInlines.h:

(JSC::ExecState::vm):

  • runtime/JSFunction.cpp:

(JSC::RetrieveArgumentsFunctor::operator()):
(JSC::RetrieveCallerFunctionFunctor::operator()):

  • runtime/JSGlobalObject.cpp:
  • runtime/SamplingProfiler.cpp:

(JSC::FrameWalker::recordJSFrame):
(JSC::SamplingProfiler::processUnverifiedStackTraces):

  • runtime/SamplingProfiler.h:

(JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame):

  • runtime/StackFrame.cpp:

(JSC::StackFrame::sourceURL):
(JSC::StackFrame::functionName):

  • runtime/StackFrame.h:

(JSC::StackFrame::wasm):

  • runtime/VM.cpp:

(JSC::VM::VM):
(JSC::VM::throwException):

  • runtime/VM.h:
  • wasm/JSWebAssembly.h:
  • wasm/WasmB3IRGenerator.cpp:
  • wasm/WasmBinding.cpp:

(JSC::Wasm::wasmToWasm):

  • wasm/WasmCallee.cpp: Copied from Source/JavaScriptCore/wasm/js/JSWebAssemblyCallee.cpp.

(JSC::Wasm::Callee::Callee):
(JSC::JSWebAssemblyCallee::JSWebAssemblyCallee): Deleted.
(JSC::JSWebAssemblyCallee::finishCreation): Deleted.
(JSC::JSWebAssemblyCallee::destroy): Deleted.

  • wasm/WasmCallee.h: Copied from Source/JavaScriptCore/wasm/js/JSWebAssemblyCallee.h.

(JSC::Wasm::Callee::create):
(JSC::JSWebAssemblyCallee::create): Deleted.
(JSC::JSWebAssemblyCallee::createStructure): Deleted.
(JSC::JSWebAssemblyCallee::entrypoint): Deleted.
(JSC::JSWebAssemblyCallee::calleeSaveRegisters): Deleted.

  • wasm/WasmContext.h:
  • wasm/WasmPlan.cpp:
  • wasm/WasmPlan.h:
  • wasm/WasmPlanInlines.h:

(JSC::Wasm::Plan::initializeCallees):

  • wasm/WasmThunks.cpp:

(JSC::Wasm::throwExceptionFromWasmThunkGenerator):

  • wasm/js/JSWebAssemblyCallee.cpp: Removed.
  • wasm/js/JSWebAssemblyCallee.h: Removed.
  • wasm/js/JSWebAssemblyCodeBlock.cpp:

(JSC::JSWebAssemblyCodeBlock::JSWebAssemblyCodeBlock):
(JSC::JSWebAssemblyCodeBlock::initialize):
(JSC::JSWebAssemblyCodeBlock::visitChildren):

  • wasm/js/JSWebAssemblyCodeBlock.h:

(JSC::JSWebAssemblyCodeBlock::create):
(JSC::JSWebAssemblyCodeBlock::jsEntrypointCalleeFromFunctionIndexSpace):
(JSC::JSWebAssemblyCodeBlock::wasmEntrypointCalleeFromFunctionIndexSpace):
(JSC::JSWebAssemblyCodeBlock::wasmToJsCallStubForImport):
(JSC::JSWebAssemblyCodeBlock::offsetOfImportWasmToJSStub):
(JSC::JSWebAssemblyCodeBlock::setJSEntrypointCallee):
(JSC::JSWebAssemblyCodeBlock::setWasmEntrypointCallee):
(JSC::JSWebAssemblyCodeBlock::offsetOfImportStubs):
(JSC::JSWebAssemblyCodeBlock::allocationSize):
(JSC::JSWebAssemblyCodeBlock::importWasmToJSStub):
(JSC::JSWebAssemblyCodeBlock::callees): Deleted.
(JSC::JSWebAssemblyCodeBlock::offsetOfCallees): Deleted.

  • wasm/js/JSWebAssemblyInstance.h:

(JSC::JSWebAssemblyInstance::webAssemblyToJSCallee):

  • wasm/js/JSWebAssemblyModule.cpp:
  • wasm/js/WebAssemblyFunction.cpp:

(JSC::callWebAssemblyFunction):
(JSC::WebAssemblyFunction::create):
(JSC::WebAssemblyFunction::WebAssemblyFunction):
(JSC::WebAssemblyFunction::visitChildren):
(JSC::WebAssemblyFunction::finishCreation):

  • wasm/js/WebAssemblyFunction.h:

(JSC::WebAssemblyFunction::wasmEntrypoint):
(JSC::WebAssemblyFunction::jsEntrypoint):
(JSC::WebAssemblyFunction::offsetOfWasmEntrypoint):
(JSC::WebAssemblyFunction::offsetOfWasmEntryPointCode): Deleted.

  • wasm/js/WebAssemblyModuleConstructor.cpp:
  • wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::link):
(JSC::WebAssemblyModuleRecord::evaluate):

Source/WebCore:

  • bindings/js/JSDOMWindowBase.cpp:

(WebCore::callerDOMWindow):

3:19 PM Changeset in webkit [214904] by keith_miller@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

WasmBench asserts in debug jsc
https://bugs.webkit.org/show_bug.cgi?id=170462

Reviewed by Saam Barati.

The assertion should have been an if.

  • wasm/WasmWorklist.cpp:
3:14 PM Changeset in webkit [214903] by commit-queue@webkit.org
  • 9 edits in trunk/Source/WebInspectorUI

Web Inspector: Include more Network information in Resource Details Sidebar
https://bugs.webkit.org/show_bug.cgi?id=170470

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-04
Reviewed by Brian Burg.

  • Localizations/en.lproj/localizedStrings.js:

Updated localized strings.

  • UserInterface/Models/Resource.js:

(WebInspector.Resource.displayNameForProtocol):
(WebInspector.Resource.displayNameForPriority):
Aggregate all display name helpers here.

  • UserInterface/Views/DetailsSectionSimpleRow.js:

(WebInspector.DetailsSectionSimpleRow.prototype.get tooltip):
(WebInspector.DetailsSectionSimpleRow.prototype.set tooltip):
Allow setting a tooltip on the value.

  • UserInterface/Views/NetworkGridContentView.css:

(.cache-type):
Cache type shows up in multiple places. Simplify the CSS to apply anywhere.

  • UserInterface/Views/NetworkGridContentView.js:

(WebInspector.NetworkGridContentView):

  • UserInterface/Views/NetworkTimelineView.js:

(WebInspector.NetworkTimelineView):
Updated column names.

  • UserInterface/Views/ResourceDetailsSidebarPanel.js:

(WebInspector.ResourceDetailsSidebarPanel):
(WebInspector.ResourceDetailsSidebarPanel.prototype._refreshRequestAndResponse):
(WebInspector.ResourceDetailsSidebarPanel.prototype._cachedRowValue):
Include more detail information in the sidebar.

  • UserInterface/Views/ResourceTimelineDataGridNode.js:

(WebInspector.ResourceTimelineDataGridNode.prototype.createCellContent):
(WebInspector.ResourceTimelineDataGridNode.prototype._displayNameForPriority): Deleted.
Use shared code for display names.

3:05 PM Changeset in webkit [214902] by BJ Burg
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: RTL: fix alignment of close button shown while docked
https://bugs.webkit.org/show_bug.cgi?id=170472

Reviewed by Matt Baker.

  • UserInterface/Views/Toolbar.css:

(.toolbar .control-section):
(body[dir=ltr] .toolbar .control-section):
(body[dir=rtl] .toolbar .control-section):

2:48 PM Changeset in webkit [214901] by fpizlo@apple.com
  • 16 edits in trunk/Source/JavaScriptCore

Air::lowerAfterRegAlloc should bail early if it finds no Shuffles or ColdCCalls
https://bugs.webkit.org/show_bug.cgi?id=170305

Reviewed by Saam Barati.

This reduces and sometimes completely eliminates the need to run lowerAfterRegAlloc().

This lowers the Shuffle for the arguments of a CCall before register allocation unless
the CCall arguments require a real shuffle (like if the CCall arguments were argument
registers). This lowers a ColdCCall like a CCall for optLevel<2.

Finally, lowerAfterRegAlloc() now checks if there are any Shuffles or CCalls before it
does anything else. For wasm at -O1, this means that the phase doesn't run at all. This
is a ~3% wasm -O1 compile time progression.

To make this easy, I changed optLevel into a property of Procedure and Code rather than
an argument we thread through everything. I like how Procedure and Code are dumping
ground classes. This does not bother me. Note that I cloned optLevel into Procedure and
Code so that it's cheap to query inside Air phases.

  • b3/B3Compile.cpp:

(JSC::B3::compile):

  • b3/B3Compile.h:
  • b3/B3Generate.cpp:

(JSC::B3::prepareForGeneration):
(JSC::B3::generateToAir):

  • b3/B3Generate.h:
  • b3/B3Procedure.cpp:

(JSC::B3::Procedure::setOptLevel):

  • b3/B3Procedure.h:

(JSC::B3::Procedure::optLevel):

  • b3/air/AirCode.h:

(JSC::B3::Air::Code::isPinned):
(JSC::B3::Air::Code::setOptLevel):
(JSC::B3::Air::Code::optLevel):

  • b3/air/AirEmitShuffle.cpp:

(JSC::B3::Air::ShufflePair::bank):
(JSC::B3::Air::ShufflePair::opcode):
(JSC::B3::Air::ShufflePair::inst):
(JSC::B3::Air::emitShuffle):

  • b3/air/AirEmitShuffle.h:

(JSC::B3::Air::moveFor):

  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::prepareForGeneration):

  • b3/air/AirGenerate.h:
  • b3/air/AirLowerAfterRegAlloc.cpp:

(JSC::B3::Air::lowerAfterRegAlloc):

  • b3/air/AirLowerMacros.cpp:

(JSC::B3::Air::lowerMacros):

  • b3/testb3.cpp:

(JSC::B3::compileProc):

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::parseAndCompile):

2:32 PM Changeset in webkit [214900] by Simon Fraser
  • 5 edits in trunk/Source/WebCore

Change Document's lastHandledUserGestureTimestamp to be a MonotonicTime
https://bugs.webkit.org/show_bug.cgi?id=170468

Reviewed by Zalan Bujtas.

Change the double to MonotonicTime. No behavior change.

  • dom/Document.cpp:

(WebCore::Document::updateLastHandledUserGestureTimestamp):

  • dom/Document.h:

(WebCore::Document::lastHandledUserGestureTimestamp):

  • html/HTMLPlugInImageElement.cpp:

(WebCore::documentHadRecentUserGesture):

  • loader/FrameLoader.cpp:

(WebCore::shouldAskForNavigationConfirmation):

2:30 PM Changeset in webkit [214899] by BJ Burg
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: RTL: layout issues in debugger dashboard, arrows are on wrong side
https://bugs.webkit.org/show_bug.cgi?id=170425

Reviewed by Devin Rousso.

We need to move the up/down dashboard arrows to the trailing side for RTL.
Clean up some messy spacing rules so that the source location does not
overlap the arrows or get too close to the function icon.

  • UserInterface/Views/DashboardContainerView.css:

(.toolbar .dashboard):
(body[dir=ltr] .toolbar .dashboard):
(body[dir=rtl] .toolbar .dashboard):
(.dashboard-container .advance-arrow):
(body[dir=ltr] .dashboard-container .advance-arrow):
(body[dir=rtl] .dashboard-container .advance-arrow):
(.toolbar.label-only .dashboard-container .advance-arrow):
(body[dir=ltr] .toolbar.label-only .dashboard-container .advance-arrow):
(body[dir=rtl] .toolbar.label-only .dashboard-container .advance-arrow):

  • UserInterface/Views/DebuggerDashboardView.css:

(.toolbar .dashboard.debugger):
(body[dir=ltr] .toolbar .dashboard.debugger):
(body[dir=rtl] .toolbar .dashboard.debugger):
(.dashboard.debugger .navigation-bar):
(body[dir=ltr] .dashboard.debugger .navigation-bar):
(body[dir=rtl] .dashboard.debugger .navigation-bar):
(.dashboard.debugger > .location):
(.dashboard.debugger > .location > :first-child):
(body[dir=ltr] .dashboard.debugger > .location > :last-child):
(body[dir=rtl] .dashboard.debugger > .location > :last-child):
(.dashboard.debugger > .location .function-icon):
(body[dir=ltr] .dashboard.debugger > .location .function-icon):
(body[dir=rtl] .dashboard.debugger > .location .function-icon):
(.dashboard.debugger > .location .go-to-link):

2:22 PM Changeset in webkit [214898] by dino@apple.com
  • 2 edits in trunk/Websites/webkit.org

Unreviewed. Add details on how to enable the experimental feature.

  • demos/webgpu/index.html:
2:11 PM Changeset in webkit [214897] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[Debug] ASSERT(!throwScope.exception()) on imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-status-worker.html
https://bugs.webkit.org/show_bug.cgi?id=170395
<rdar://problem/31394017>

Patch by Youenn Fablet <youenn@apple.com> on 2017-04-04
Reviewed by Mark Lam.

No change of behavior.

  • bindings/js/JSDOMPromise.cpp:

(WebCore::DeferredPromise::reject): Adding early ASSERT that creating an exception is happening correctly.

2:08 PM Changeset in webkit [214896] by Jonathan Bedard
  • 3 edits in trunk/Tools

Increase timeouts for simulator testing

Unreviewed infrastructure fix.

  • Scripts/webkitpy/port/simulator_process.py:

(SimulatorProcess._start): Increase timeout from 3 to 6 seconds.

  • Scripts/webkitpy/xcode/simulated_device.py:

(SimulatedDevice.install_app): Increase timeout from 1 to 3 seconds.

1:09 PM Changeset in webkit [214895] by ap@apple.com
  • 2 edits in trunk/Source/WebCore

Rolling back the build fix, as it broke other builds.

  • platform/spi/mac/AVFoundationSPI.h:
1:03 PM Changeset in webkit [214894] by ap@apple.com
  • 2 edits in trunk/Source/WebCore

Build fix.

Rubber-stamped by Jer Noble.

  • platform/spi/mac/AVFoundationSPI.h:
12:59 PM Changeset in webkit [214893] by timothy_horton@apple.com
  • 24 edits in trunk

[Mac] -[WKWebView findMatchesForString:relativeToMatch:findOptions:maxResults:resultCollector:] invokes the resultCollector with didWrap = NO even when it wraps
https://bugs.webkit.org/show_bug.cgi?id=165801
<rdar://problem/29649535>

Reviewed by Wenson Hsieh.

New API tests: WebKit2.FindInPageWrapping*

Previously, when doing an incremental find that wrapped, we would
say that it did not, leading NSTextFinder to not provide its usual
wrapping UI, and other clients of the NSTextFinderClient protocol to
get confused by the lack of wrapping.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didFindString):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/API/APIFindClient.h:

(API::FindClient::didFindString):

  • UIProcess/API/C/WKPage.cpp:

(WKPageSetPageFindClient):

  • UIProcess/Cocoa/FindClient.h:
  • UIProcess/Cocoa/FindClient.mm:

(WebKit::FindClient::didFindString):

  • WebProcess/WebPage/FindController.cpp:

(WebKit::FindController::updateFindUIAfterPageScroll):
(WebKit::FindController::findString):

  • WebProcess/WebPage/FindController.h:

Plumb DidWrap from FindController's call to findString back through
the DidFindString message.

  • UIProcess/mac/WKTextFinderClient.mm:

(-[WKTextFinderClient didFindStringMatchesWithRects:didWrapAround:]):
(-[WKTextFinderClient didFindStringMatchesWithRects:]): Deleted.
Make use of the new DidWrap information to stop lying to NSTextFinder
about whether a wrap actually occurred.

  • page/FrameTree.cpp:

(WebCore::FrameTree::traverseNextWithWrap):
(WebCore::FrameTree::traversePreviousWithWrap):
(WebCore::FrameTree::traverseNextInPostOrderWithWrap):

  • page/FrameTree.h:

Add CanWrap and DidWrap boolean enums, and add an optional out argument
to traverse*WithWrap indicating whether a wrap actually occurred.

  • history/CachedPage.cpp:

(WebCore::firePageShowAndPopStateEvents):

  • history/PageCache.cpp:

(WebCore::destroyRenderTree):
Adjust to the new CanWrap enum.

  • page/Page.cpp:

(WebCore::incrementFrame):
(WebCore::Page::findString):
(WebCore::Page::findStringMatchingRanges):
(WebCore::Page::rangeOfString):
(WebCore::Page::findMatchesForText):
(WebCore::Page::unmarkAllTextMatches):

  • page/Page.h:

Adjust to the new CanWrap enum, and optionally plumb DidWrap through
to callers of findString().

  • WebView/WebView.mm:

(incrementFrame):
Adjust to the new CanWrap enum.

  • TestWebKitAPI/Tests/WebKit2Cocoa/FindInPage.mm:

(TEST):
Add some tests for wrapping finds.

12:43 PM Changeset in webkit [214892] by Ryan Haddad
  • 1 edit
    2 adds in trunk/LayoutTests

Add back results that were accidentally removed with r214848.
https://bugs.webkit.org/show_bug.cgi?id=169301

Unreviewed test gardening.

  • platform/mac/fast/text/international/synthesized-italic-vertical-latin-expected.png: Added.
  • platform/mac/fast/text/international/synthesized-italic-vertical-latin-expected.txt: Added.
12:43 PM Changeset in webkit [214891] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-buttons-styles.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=170456

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
12:24 PM Changeset in webkit [214890] by commit-queue@webkit.org
  • 4 edits in trunk/LayoutTests

webrtc/peer-connection-audio-mute.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=170451

Patch by Youenn Fablet <youenn@apple.com> on 2017-04-04
Reviewed by Eric Carlson.

  • TestExpectations: Removed flaky expectation for webrtc/peer-connection-audio-mute.html.
  • webrtc/peer-connection-remote-audio-mute.html: Added timer to ensure setting enable propagates.

Decreasing time spent at detecting hum or not.

  • webrtc/peer-connection-remote-audio-mute2.html: Ditto (but keeping flakiness expectation for now).
12:14 PM Changeset in webkit [214889] by jmarcell@apple.com
  • 1 copy in tags/Safari-603.2.2

Tag Safari-603.2.2.

12:10 PM Changeset in webkit [214888] by jmarcell@apple.com
  • 1 delete in tags/Safari-603.2.2

Deleting tag.

12:09 PM Changeset in webkit [214887] by fpizlo@apple.com
  • 12 edits in trunk/Source

Don't need to Air::reportUsedRegisters for wasm at -O1
https://bugs.webkit.org/show_bug.cgi?id=170459

Reviewed by Saam Barati.

Source/JavaScriptCore:

I did some refactorings to Liveness<> to try to understand its performance. Based on
this I concluded that the bigger immediate issue is just removing unnecessary phases
from -O1.

This removes Air::reportUsedRegisters() from -O1 if the user has indicated that he is
not interested in StackmapGenerationParams::usedRegisters(). The logic here is a bit
weird because of how Air does spill code generation. The register allocator's spiller
will emit spill code using identifiable spill slots, which allows subsequent phases to
register-allocate the spill slots. We do this by a forward flow CSE phase called
fixObviousSpills (which is a terrible name since there is no longer anything obvious
about some of the spills that this phase can fix!). As is most natural for CSEs over
3AC, it rewires the uses of redundant computations rather than removing the redundant
computations. This means that if a spill got "fixed", there may be either or both of
the following:

  • Dead loads from the stack.
  • Dead stores to the stack.


We know that a load from the stack is dead if the register is dead at the point of the
load. We know that a store to the stack is dead if the spill slot is dead at the point
of the store.

Unfortunately, liveness analysis - over either registers or spill slots - is expensive.

Fortunately, allocateStack() already does liveness analysis over spill slots. So, we
baked elimination of stores to the stack into that phase. That aspect of clean-up after
the spill CSE comes for free.

Also fortunately for the FTL, we have to do reportUsedRegisters() anyway. This is a
phase that enables StackmapGenerationParams::usedRegisters() to work, which then
enables the FTL's patchpoints to do crazy slow-path live range splitting. So, Air's
strategy for the load fix-up after spill CSE is to do it as part of
reportUsedRegisters().

This patch introduces the Procedure::setNeedsUsedRegisters() API. But if you set
needsUsedRegisters to false then we will still run reportUsedRegisters() at -O2 as an
optimization - it removes dead loads from the stack that are left behind from
fixObviousSpills().

This is a ~6% compile time progression at -O1.

  • b3/B3Procedure.h:

(JSC::B3::Procedure::setNeedsUsedRegisters):
(JSC::B3::Procedure::needsUsedRegisters):

  • b3/B3StackmapGenerationParams.h:
  • b3/B3VariableLiveness.cpp:

(JSC::B3::VariableLiveness::VariableLiveness):

  • b3/air/AirCode.cpp:

(JSC::B3::Air::Code::needsUsedRegisters):

  • b3/air/AirCode.h:
  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::prepareForGeneration):

  • b3/air/AirLiveness.h:

(JSC::B3::Air::Liveness::Liveness):

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::parseAndCompile):

Source/WTF:

Just moved the liveness computation into a method, which enabled me to do the profiling
that I used to write this patch.

  • wtf/Liveness.h:

(WTF::Liveness::Liveness):
(WTF::Liveness::compute):

12:06 PM Changeset in webkit [214886] by commit-queue@webkit.org
  • 2 edits in trunk

[CMake] Enforce Python 2
https://bugs.webkit.org/show_bug.cgi?id=170439

Patch by Ross Kirsling <Ross Kirsling> on 2017-04-04
Reviewed by Brent Fulgham.

  • Source/cmake/WebKitCommon.cmake: Fail build immediately if Python 3 is detected.
11:01 AM Changeset in webkit [214885] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

[GTK] PLATFORM(GTK) && !USE(COORDINATED_GRAPHICS_THREADED) is no longer possible
https://bugs.webkit.org/show_bug.cgi?id=170458

Reviewed by Carlos Alberto Lopez Perez.

That is not supported anymore, so we can remove dead code from VideoSinkGStreamer.cpp

  • platform/graphics/gstreamer/VideoSinkGStreamer.cpp:

(VideoRenderRequestScheduler::VideoRenderRequestScheduler):

10:38 AM Changeset in webkit [214884] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark fast/images/animated-gif-webkit-transform.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=170410

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
10:20 AM Changeset in webkit [214883] by fpizlo@apple.com
  • 5 edits
    1 add in trunk/Source

Air liveness should build constraints and solve them rather than repeatedly parsing IR
https://bugs.webkit.org/show_bug.cgi?id=170421

Reviewed by Saam Barati.
Source/JavaScriptCore:


Inst::forEach<> is expensive. The LivenessAdapter uses forEach with a particularly
gnarly lambda that has many extra checks. Therefore, a lot of the time spent in
liveness analysis is just recomputing forEach<> and that lambda to get uses and defs.

This introduces LivenessConstraints<>, which is a liveness constraint system based on
Adapter. It basically caches the results of doing forEach. It'll give you the uses and
defs at each instruction boundary.

This is a ~5% compile time progression at optLevel=1. It's also a ~3% compile time
progression at optLevel=2.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • b3/air/AirLivenessAdapter.h:

(JSC::B3::Air::LivenessAdapter::LivenessAdapter):
(JSC::B3::Air::LivenessAdapter::forEachUse):
(JSC::B3::Air::LivenessAdapter::forEachDef):

  • b3/air/AirLivenessConstraints.h: Added.

(JSC::B3::Air::LivenessConstraints::Actions::Actions):
(JSC::B3::Air::LivenessConstraints::LivenessConstraints):
(JSC::B3::Air::LivenessConstraints::at):

Source/WTF:

  • wtf/Vector.h:

(WTF::minCapacity>::appendIfNotContains): Because sometimes Vector<> is the best kind of set.

9:12 AM Changeset in webkit [214882] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214319 - [JSC] MachineThreads does not consider situation that one thread has multiple VMs
https://bugs.webkit.org/show_bug.cgi?id=169819

Reviewed by Mark Lam.

The Linux port of PlatformThread suspend/resume mechanism relies on having a thread
specific singleton thread data, and was relying on MachineThreads::Thread to be this
thread specific singleton. But because MachineThreads::Thread is not a thread specific
singleton, we can get a deadlock in the GTK port's DatabaseProcess.

This patch fixes this issue by moving per thread data from MachineThreads::Thread to
MachineThreads::ThreadData, where there will only be one instance of
MachineThreads::ThreadData per thread. Each MachineThreads::Thread will now point to
the same MachineThreads::ThreadData for any given thread.

  • heap/MachineStackMarker.cpp:

(pthreadSignalHandlerSuspendResume):
(JSC::threadData):
(JSC::MachineThreads::Thread::Thread):
(JSC::MachineThreads::Thread::createForCurrentThread):
(JSC::MachineThreads::Thread::operator==):
(JSC::MachineThreads::ThreadData::ThreadData):
(JSC::MachineThreads::ThreadData::~ThreadData):
(JSC::MachineThreads::ThreadData::suspend):
(JSC::MachineThreads::ThreadData::resume):
(JSC::MachineThreads::ThreadData::getRegisters):
(JSC::MachineThreads::ThreadData::Registers::stackPointer):
(JSC::MachineThreads::ThreadData::Registers::framePointer):
(JSC::MachineThreads::ThreadData::Registers::instructionPointer):
(JSC::MachineThreads::ThreadData::Registers::llintPC):
(JSC::MachineThreads::ThreadData::freeRegisters):
(JSC::MachineThreads::ThreadData::captureStack):
(JSC::MachineThreads::tryCopyOtherThreadStacks):
(JSC::MachineThreads::Thread::~Thread): Deleted.
(JSC::MachineThreads::Thread::suspend): Deleted.
(JSC::MachineThreads::Thread::resume): Deleted.
(JSC::MachineThreads::Thread::getRegisters): Deleted.
(JSC::MachineThreads::Thread::Registers::stackPointer): Deleted.
(JSC::MachineThreads::Thread::Registers::framePointer): Deleted.
(JSC::MachineThreads::Thread::Registers::instructionPointer): Deleted.
(JSC::MachineThreads::Thread::Registers::llintPC): Deleted.
(JSC::MachineThreads::Thread::freeRegisters): Deleted.
(JSC::MachineThreads::Thread::captureStack): Deleted.

  • heap/MachineStackMarker.h:

(JSC::MachineThreads::Thread::operator!=):
(JSC::MachineThreads::Thread::suspend):
(JSC::MachineThreads::Thread::resume):
(JSC::MachineThreads::Thread::getRegisters):
(JSC::MachineThreads::Thread::freeRegisters):
(JSC::MachineThreads::Thread::captureStack):
(JSC::MachineThreads::Thread::platformThread):
(JSC::MachineThreads::Thread::stackBase):
(JSC::MachineThreads::Thread::stackEnd):

  • runtime/SamplingProfiler.cpp:

(JSC::FrameWalker::isValidFramePointer):

  • runtime/VMTraps.cpp:

(JSC::findActiveVMAndStackBounds):

1:27 AM WebKitGTK/2.16.x edited by Carlos Garcia Campos
(diff)
1:16 AM Changeset in webkit [214881] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.16.1

WebKitGTK+ 2.16.1

1:15 AM Changeset in webkit [214880] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.16

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.16.1 release.

.:

  • Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit2:

  • gtk/NEWS: Add release notes for 2.16.1.
1:00 AM Changeset in webkit [214879] by jmarcell@apple.com
  • 6 edits
    8 adds in branches/safari-603-branch

Cherry-pick r214819. rdar://problem/31407633

1:00 AM Changeset in webkit [214878] by jmarcell@apple.com
  • 3 edits in branches/safari-603-branch/Source/WebCore

Cherry-pick r214703. rdar://problem/31407633

1:00 AM Changeset in webkit [214877] by jmarcell@apple.com
  • 3 edits in branches/safari-603-branch/Source/WebCore

Cherry-pick r214702. rdar://problem/31407633

1:00 AM Changeset in webkit [214876] by jmarcell@apple.com
  • 2 edits in branches/safari-603-branch/Source/JavaScriptCore

Cherry-pick r214684. rdar://problem/31402752

1:00 AM Changeset in webkit [214875] by jmarcell@apple.com
  • 2 edits in branches/safari-603-branch/Source/WebCore

Cherry-pick r214649. rdar://problem/31407626

1:00 AM Changeset in webkit [214874] by jmarcell@apple.com
  • 2 edits in branches/safari-603-branch/Source/WebCore

Cherry-pick r214648. rdar://problem/31408453

1:00 AM Changeset in webkit [214873] by jmarcell@apple.com
  • 6 edits
    2 adds in branches/safari-603-branch

Cherry-pick r214640. rdar://problem/31408453

1:00 AM Changeset in webkit [214872] by jmarcell@apple.com
  • 3 edits in branches/safari-603-branch/Source/WebKit2

Cherry-pick r211601. rdar://problem/31387958

12:31 AM Changeset in webkit [214871] by Carlos Garcia Campos
  • 4 edits
    1 add in releases/WebKitGTK/webkit-2.16

Merge r214857 - Fix incorrect capacity delta calculation reported in SparseArrayValueMap::add().
https://bugs.webkit.org/show_bug.cgi?id=170412
<rdar://problem/29697336>

Reviewed by Filip Pizlo.

JSTests:

  • stress/regress-170412.js: Added.

Source/JavaScriptCore:

Here's an example of code that will trigger underflow in the "deprecatedExtraMemory"
reported by SparseArrayValueMap::add() that is added to Heap::m_deprecatedExtraMemorySize:

arr = new Array;
Object.defineProperty(arr, 18, ({writable: true, configurable: true}));
for (var i = 0; i < 3; ++i) {

Array.prototype.push.apply(arr, ["", () => {}, {}]);
Array.prototype.sort.apply(arr, [() => {}, []]);

}

However, Heap::m_deprecatedExtraMemorySize is only 1 of 3 values that are added
up to form the result of Heap::extraMemorySize(). Heap::m_extraMemorySize and
Heap::m_arrayBuffers.size() are the other 2.

While Heap::m_arrayBuffers.size() is bounded by actual allocated memory, both
Heap::m_deprecatedExtraMemorySize and Heap::m_extraMemorySize are added to
without any bounds checks, and they are only reset to 0 at the start of a full
GC. As a result, if we have a long sequence of eden GCs with a lot of additions
to Heap::m_extraMemorySize and/or Heap::m_deprecatedExtraMemorySize, then these
values could theoretically overflow. Coupling this with the underflow from
SparseArrayValueMap::add(), the result for Heap::extraMemorySize() can easily
overflow. Note: Heap::extraMemorySize() is used to compute the value
currentHeapSize.

If multiple conditions line up just right, the above overflows can result in this
debug assertion failure during an eden GC:

ASSERT(currentHeapSize >= m_sizeAfterLastCollect);

Otherwise, the effects of the overflows will only result in the computed
currentHeapSize not being representative of actual memory usage, and therefore,
a full GC may be triggered earlier or later than is ideal.

This patch ensures that SparseArrayValueMap::add() cannot underflow
Heap::m_deprecatedExtraMemorySize. It also adds overflows checks in the
calculations of Heap::m_deprecatedExtraMemorySize, Heap::m_extraMemorySize, and
Heap::extraMemorySize() so that their values are saturated appropriately to
ensure that GC collections are triggered based on representative memory usage.

  • heap/Heap.cpp:

(JSC::Heap::deprecatedReportExtraMemorySlowCase):
(JSC::Heap::extraMemorySize):
(JSC::Heap::updateAllocationLimits):
(JSC::Heap::reportExtraMemoryVisited):

  • runtime/SparseArrayValueMap.cpp:

(JSC::SparseArrayValueMap::add):

12:28 AM Changeset in webkit [214870] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214842 - REGRESSION (r206744): CSS background-image in style attribute ignored when using createHTMLDocument method of DOM parsing
https://bugs.webkit.org/show_bug.cgi?id=170285
<rdar://problem/31378543>

Reviewed by Andy Estes.

Source/WebCore:

r206744 caused up to stop trying to resolve relative URLs when trying to load an image
referred to by CSS. We already try to resolve the relative URL when parsing the CSS
property so this will usually work fine. However, in the case when the CSS property
is parsed in detached document and then moved to another document, we will not have
the complete URL.

Test: fast/images/background-image-relative-url-changes-document.html

  • css/CSSImageValue.cpp:

(WebCore::CSSImageValue::loadImage):

LayoutTests:

Add layout test coverage.

  • fast/images/background-image-relative-url-changes-document-expected.html: Added.
  • fast/images/background-image-relative-url-changes-document.html: Added.
12:27 AM Changeset in webkit [214869] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214830 - REGRESSION (r207669): FileMaker Pro Help pages do not render correctly
https://bugs.webkit.org/show_bug.cgi?id=170402
<rdar://problem/31004344>

Reviewed by Simon Fraser.

Source/WebCore:

If a new stylesheet load is started from the load event the document.styleSheets does not
always reflect the already loaded stylesheets.

Test: fast/css/document-stylesheets-dynamic.html

  • style/StyleScope.cpp:

(WebCore::Style::Scope::updateActiveStyleSheets):

Remove an old optimization where we would not update active stylesheets if there were pending
(head) stylesheet loads and they had not been updated already.
This is probably not a valuable optimization anymore with the new lazy stylesheet update strategy.

  • style/StyleScope.h:

LayoutTests:

  • fast/css/document-stylesheets-dynamic-expected.html: Added.
  • fast/css/document-stylesheets-dynamic.html: Added.
12:20 AM Changeset in webkit [214868] by pvollan@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed Windows build fix.

  • bindings/js/JSDOMGuardedObject.h:
12:04 AM Changeset in webkit [214867] by Yusuke Suzuki
  • 4 edits
    1 copy
    1 add in trunk/Source/WTF

[WTF] Introduce WTF::RandomDevice which keeps /dev/urandom opened
https://bugs.webkit.org/show_bug.cgi?id=170095

Reviewed by Michael Catanzaro.

In this patch, we introduce RandomDevice, which keeps /dev/urandom opened
to avoid repeatedly open and close urandom file descriptor in Linux.

The purpose is similar to std::random_device, but WTF::RandomDevice explicitly
avoids using ARC4, which is recently attempted to be removed from the WebKit
tree[1].

[1]: https://trac.webkit.org/r214329

  • WTF.xcodeproj/project.pbxproj:
  • wtf/CMakeLists.txt:
  • wtf/OSRandomSource.cpp:

(WTF::cryptographicallyRandomValuesFromOS):
(WTF::crashUnableToOpenURandom): Deleted.
(WTF::crashUnableToReadFromURandom): Deleted.

  • wtf/RandomDevice.cpp: Copied from Source/WTF/wtf/OSRandomSource.cpp.

(WTF::crashUnableToOpenURandom):
(WTF::crashUnableToReadFromURandom):
(WTF::RandomDevice::RandomDevice):
(WTF::RandomDevice::~RandomDevice):
(WTF::RandomDevice::cryptographicallyRandomValues):

  • wtf/RandomDevice.h: Added.

Apr 3, 2017:

11:52 PM Changeset in webkit [214866] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

Add some new patterns to filter-build-webkit
https://bugs.webkit.org/show_bug.cgi?id=170429

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-03
Reviewed by Alexey Proskuryakov.

  • Scripts/filter-build-webkit:

(setOutputFormatOption):

9:31 PM Changeset in webkit [214865] by Wenson Hsieh
  • 16 edits
    1 copy in trunk

Data interaction should register type identifiers in order of priority
https://bugs.webkit.org/show_bug.cgi?id=170428
<rdar://problem/30633296>

Reviewed by Tim Horton.

Source/WebCore:

Currently, due to the shared logic for writing to a UIPasteboard (in the case of copy/paste) and the shared
UIItemProvider-based pasteboard wrapper (in the case of data interaction), we don't enforce any particular
ordering in which type identifiers are registered in the generated item provider. This is because
-[UIPasteboard setItems:] only takes an unordered mapping of type identifiers to objects.

To fix this, we introduce a separate way to set pasteboard data that first writes a list of object
representations in order of priority (which is dependent on the content being interacted with) and then register
individual type-data mappings at the end.

Augmented existing API tests in DataInteractionTests to check for the existence and priority of type identifiers
in the UIItemProviders created upon starting data interaction. Also adds a new unit test:
DataInteractionTests.TextAreaToInput.

  • WebCore.xcodeproj/project.pbxproj:
  • editing/cocoa/EditorCocoa.mm:

(WebCore::archivedDataForAttributedString):
(WebCore::Editor::writeSelectionToPasteboard):
(WebCore::Editor::writeSelection):

  • platform/Pasteboard.h:
  • platform/PasteboardWriterData.h:
  • platform/PlatformPasteboard.h:
  • platform/ios/AbstractPasteboard.h:
  • platform/ios/AbstractPasteboard.mm: Copied from Source/WebCore/platform/ios/AbstractPasteboard.h.

Introduce WebPasteboardItemData, a wrapper around a list of objects representating the pasteboard data in order
of priority, and a dictionary containing additional NSData blobs that contain data useful for private clients.

(+[WebPasteboardItemData itemWithRepresentingObjects:additionalData:]):
(-[WebPasteboardItemData initWithRepresentingObjects:additionalData:]):
(-[WebPasteboardItemData representingObjects]):
(-[WebPasteboardItemData additionalData]):

  • platform/ios/PlatformPasteboardIOS.mm:

(WebCore::richTextRepresentationsForPasteboardWebContent):
(WebCore::PlatformPasteboard::writeObjectRepresentations):
(WebCore::PlatformPasteboard::write):

Tweaked to check whether the pasteboard responds to -setItemsFromObjectRepresentations:. If so, uses the
PlatformPasteboard::writeObjectRepresentations codepath to write data to the pasteboard, respecting type
priority.

  • platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderPasteboard pasteboardTypes]):
(-[WebItemProviderPasteboard setItemProviders:]):
(-[WebItemProviderPasteboard setItemsFromObjectRepresentations:]):

Replaces -setItems: with -setItemsFromObjectRepresentations:, which respects the priority of each object
representation of the data in the pasteboard.

(-[WebItemProviderPasteboard setItems:]): Deleted.

Source/WebKit2:

Serialize PasteboardWebContent.dataInAttributedStringFormat when sending over IPC. Refer to WebCore ChangeLog
for more details.

  • Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<PasteboardWebContent>::encode):
(IPC::ArgumentCoder<PasteboardWebContent>::decode):

  • UIProcess/API/Cocoa/WKWebView.mm:

Tools:

Augments existing unit tests to check for the existence and priority of type identifiers in the UIItemProviders
created upon starting data interaction. Also fixes a race condition in one of the unit tests and adds a new unit
test for data interaction from a textarea to an input.

  • TestWebKitAPI/Tests/ios/DataInteractionTests.mm:

(checkTypeIdentifierPrecedesOtherTypeIdentifier):
(TestWebKitAPI::TEST):

  • TestWebKitAPI/ios/DataInteractionSimulator.h:
  • TestWebKitAPI/ios/DataInteractionSimulator.mm:

(-[DataInteractionSimulator _advanceProgress]):
(-[DataInteractionSimulator sourceItemProviders]):
(-[DataInteractionSimulator _webView:showCustomSheetForElement:]):

8:30 PM Changeset in webkit [214864] by BJ Burg
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: RTL: results in Search navigation sidebar have misplaced highlights
https://bugs.webkit.org/show_bug.cgi?id=170292

Reviewed by Timothy Hatcher.

  • UserInterface/Models/SourceCodeSearchMatchObject.js:

(WebInspector.SourceCodeSearchMatchObject.prototype.get className):

  • UserInterface/Views/SearchIcons.css:

(.source-code-match .icon):
(.source-code-match-icon .icon): Deleted.
Remove -icon suffix from the class name since the class is attached to a result
and is not specific to the icon displayed within the result <li>.

  • UserInterface/Views/SearchResultTreeElement.js:

(WebInspector.SearchResultTreeElement.truncateAndHighlightTitle):
Flip the leading and trailing context in RTL so that the highlight is not overflowed
to the left when too much context is included on the right side. Less context must be
used in RTL because we must not overflow to the right, as it may hide the result. And,
we don't know the exact starting character either as it may be overflowed to the right
as the user resizes the expanded sidebar larger or smaller. So show less context to
be conservative about never overflowing the highlighted result string.

  • UserInterface/Views/SearchSidebarPanel.css:

(.sidebar > .panel.navigation.search .item.source-code-match .title):
When in RTL, show source code matches as LTR with text-align to right.

8:28 PM Changeset in webkit [214863] by webkit@devinrousso.com
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: clicking on the body of a CSS rule after editing the selector causes the section to disappear
https://bugs.webkit.org/show_bug.cgi?id=169803

Reviewed by Timothy Hatcher.

  • UserInterface/Views/CSSStyleDeclarationSection.js:

(WebInspector.CSSStyleDeclarationSection.prototype._handleKeyDown):
(WebInspector.CSSStyleDeclarationSection.prototype._handleBlur):
Keep the section marked as _editorActive if the action taken would still place focus
within the section (selector or properties). Doing so will prevent it from being removed.

8:20 PM Changeset in webkit [214862] by BJ Burg
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: RTL: hierarchical path component labels should guess directionality based on content
https://bugs.webkit.org/show_bug.cgi?id=170298

Reviewed by Timothy Hatcher.

  • UserInterface/Views/HierarchicalPathComponent.js:

(WebInspector.HierarchicalPathComponent):
Use dir="auto" since this will properly set 'unicode-bidi:isolate' for form elements too.
This is applied to the title label and to the <select> for the path component.

8:19 PM Changeset in webkit [214861] by Matt Baker
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Show additional pause reason details for DOM "subtree modified" breakpoint
https://bugs.webkit.org/show_bug.cgi?id=169479

Reviewed by Timothy Hatcher.

  • Localizations/en.lproj/localizedStrings.js:

New Pause Reason UI strings.

  • UserInterface/Views/DebuggerSidebarPanel.js:

(WebInspector.DebuggerSidebarPanel.prototype._updatePauseReasonSection):
Include a link for the target node when breaking for subtree modifications.
This is either the parent of a node being inserted, or a node that is
being removed.

6:22 PM Changeset in webkit [214860] by ap@apple.com
  • 2 edits in trunk/LayoutTests

Re-adding flaky timeout expectation for http/tests/loading/resourceLoadStatistics/non-prevalent-resource-with-user-interaction.html

This test still times out, most of the time.

  • platform/wk2/TestExpectations:
5:57 PM Changeset in webkit [214859] by clopez@igalia.com
  • 2 edits in trunk/Tools

[GTK][JHBuild] Update mesa repository url for tarballs
https://bugs.webkit.org/show_bug.cgi?id=170431

Reviewed by Michael Catanzaro.

  • gtk/jhbuild.modules:
5:42 PM Changeset in webkit [214858] by commit-queue@webkit.org
  • 2 edits
    1 delete in trunk/Tools

TestWebKitAPI: Warning: Multiple build commands for Ahem.ttf
https://bugs.webkit.org/show_bug.cgi?id=170430

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-03
Reviewed by Alexey Proskuryakov.

  • TestWebKitAPI/Tests/mac/Ahem.ttf: Removed.

Eliminate one of the copies of Ahem.ttf.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:

Once eliminated, there is now only one Ahem.ttf that is copied
to the Resources bundle. Drive-by sort the project file.

5:42 PM Changeset in webkit [214857] by mark.lam@apple.com
  • 4 edits
    1 add in trunk

Fix incorrect capacity delta calculation reported in SparseArrayValueMap::add().
https://bugs.webkit.org/show_bug.cgi?id=170412
<rdar://problem/29697336>

Reviewed by Filip Pizlo.

JSTests:

  • stress/regress-170412.js: Added.

Source/JavaScriptCore:

Here's an example of code that will trigger underflow in the "deprecatedExtraMemory"
reported by SparseArrayValueMap::add() that is added to Heap::m_deprecatedExtraMemorySize:

arr = new Array;
Object.defineProperty(arr, 18, ({writable: true, configurable: true}));
for (var i = 0; i < 3; ++i) {

Array.prototype.push.apply(arr, ["", () => {}, {}]);
Array.prototype.sort.apply(arr, [() => {}, []]);

}

However, Heap::m_deprecatedExtraMemorySize is only 1 of 3 values that are added
up to form the result of Heap::extraMemorySize(). Heap::m_extraMemorySize and
Heap::m_arrayBuffers.size() are the other 2.

While Heap::m_arrayBuffers.size() is bounded by actual allocated memory, both
Heap::m_deprecatedExtraMemorySize and Heap::m_extraMemorySize are added to
without any bounds checks, and they are only reset to 0 at the start of a full
GC. As a result, if we have a long sequence of eden GCs with a lot of additions
to Heap::m_extraMemorySize and/or Heap::m_deprecatedExtraMemorySize, then these
values could theoretically overflow. Coupling this with the underflow from
SparseArrayValueMap::add(), the result for Heap::extraMemorySize() can easily
overflow. Note: Heap::extraMemorySize() is used to compute the value
currentHeapSize.

If multiple conditions line up just right, the above overflows can result in this
debug assertion failure during an eden GC:

ASSERT(currentHeapSize >= m_sizeAfterLastCollect);

Otherwise, the effects of the overflows will only result in the computed
currentHeapSize not being representative of actual memory usage, and therefore,
a full GC may be triggered earlier or later than is ideal.

This patch ensures that SparseArrayValueMap::add() cannot underflow
Heap::m_deprecatedExtraMemorySize. It also adds overflows checks in the
calculations of Heap::m_deprecatedExtraMemorySize, Heap::m_extraMemorySize, and
Heap::extraMemorySize() so that their values are saturated appropriately to
ensure that GC collections are triggered based on representative memory usage.

  • heap/Heap.cpp:

(JSC::Heap::deprecatedReportExtraMemorySlowCase):
(JSC::Heap::extraMemorySize):
(JSC::Heap::updateAllocationLimits):
(JSC::Heap::reportExtraMemoryVisited):

  • runtime/SparseArrayValueMap.cpp:

(JSC::SparseArrayValueMap::add):

5:41 PM Changeset in webkit [214856] by webkit@devinrousso.com
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: showing the Find banner doesn't immediately focus it
https://bugs.webkit.org/show_bug.cgi?id=169804

Reviewed by Matt Baker.

  • UserInterface/Base/Main.js:

(WebInspector._focusChanged):
Slightly change the logic from <https://webkit.org/b/168119> (r213689) to not prevent a new
selection if the focus change target is an element from WebInspector.startEditing.

5:10 PM Changeset in webkit [214855] by Simon Fraser
  • 2 edits in trunk/Tools

Allow MiniBrowser windows to receive local file drags again
https://bugs.webkit.org/show_bug.cgi?id=170422

Reviewed by Wenson Hsieh.

Adopt the new UIDelegate SPI to allow drops.

  • MiniBrowser/mac/WK2BrowserWindowController.m:

(-[WK2BrowserWindowController _webView:dragDestinationActionMaskForDraggingInfo:]):

4:58 PM UsingGitWithWebKit edited by lingcherd_ho@apple.com
(diff)
4:40 PM Changeset in webkit [214854] by clopez@igalia.com
  • 2 edits in trunk/Tools

[GTK][JHBuild] Fetch libvpx from a release tarball instead of git
https://bugs.webkit.org/show_bug.cgi?id=170426

Reviewed by Michael Catanzaro.

  • gtk/jhbuild.modules:
4:11 PM Changeset in webkit [214853] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: WebSockets: Don't store binary frames in memory since they are never shown
https://bugs.webkit.org/show_bug.cgi?id=169649
<rdar://problem/31053069>

Reviewed by Brian Burg.

  • UserInterface/Models/WebSocketResource.js:

(WebInspector.WebSocketResource.prototype.addFrame):

4:08 PM Changeset in webkit [214852] by jfernandez@igalia.com
  • 7 edits in trunk

[css-align] Adapt place-content alignment shorthand to the new baseline syntax
https://bugs.webkit.org/show_bug.cgi?id=170340

Reviewed by David Hyatt.

Source/WebCore:

Now that the align-content and justify-content CSS properties are
adapted to the new baseline-position CSS values syntax we can adapt the
shorthand that controls such properties to the new syntax as well.

No new tests, just adding some additional cases to the tests we already have.

  • css/StyleProperties.cpp:

(WebCore::StyleProperties::getPropertyValue):
(WebCore::StyleProperties::placeContentPropertyValue):

  • css/StyleProperties.h:
  • css/parser/CSSPropertyParser.cpp:

(WebCore::isContentDistributionKeyword):
(WebCore::isContentPositionKeyword):
(WebCore::isOverflowKeyword):
(WebCore::getBaselineKeyword):
(WebCore::consumeContentDistributionOverflowPosition):
(WebCore::consumeSimplifiedContentPosition):

LayoutTests:

Added additional test cases to evaluate the new baseline-alignment syntax.

  • css3/parse-place-content-expected.txt:
  • css3/parse-place-content.html:
4:06 PM Changeset in webkit [214851] by n_wang@apple.com
  • 6 edits
    2 adds in trunk

AX: Expose link children when doing search predication on iOS
https://bugs.webkit.org/show_bug.cgi?id=170424
<rdar://problem/31413335>

Source/WebCore:

The children of links are accessible elements on iOS instead of the link itself,
so we should expose the children when doing predicated searches as well.

Reviewed by Chris Fleizach.

Test: accessibility/ios-simulator/ios-search-predicate-link-children.html

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::isAccessibilityObjectSearchMatchAtIndex):

Tools:

Reviewed by Chris Fleizach.

  • DumpRenderTree/ios/AccessibilityUIElementIOS.mm:

(AccessibilityUIElement::uiElementForSearchPredicate):

  • WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::uiElementForSearchPredicate):

LayoutTests:

Reviewed by Chris Fleizach.

  • accessibility/ios-simulator/ios-search-predicate-link-children-expected.txt: Added.
  • accessibility/ios-simulator/ios-search-predicate-link-children.html: Added.
4:04 PM Changeset in webkit [214850] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebCore

No audio output for MediaStream-backed audio elements on iOS
https://bugs.webkit.org/show_bug.cgi?id=170427

Reviewed by Eric Carlson.

The logic for setting the output timestamp offset in AudioSampleDataSource was reversed; instead of
subtracting out the timestamp of the first pull request, it effectively doubled it.

  • platform/audio/mac/AudioSampleDataSource.mm:

(WebCore::AudioSampleDataSource::pullSamplesInternal):

3:47 PM Changeset in webkit [214849] by dino@apple.com
  • 2 edits
    1 copy
    7 adds in trunk/Websites/webkit.org

Unreviewed. More WebGPU demos.

  • demos/webgpu/2d.jpg: Added.
  • demos/webgpu/2d.js:
  • demos/webgpu/circle.svg: Added.
  • demos/webgpu/cubes.jpg: Added.
  • demos/webgpu/hello.html: Added.
  • demos/webgpu/hello.jpg: Added.
  • demos/webgpu/hello.js: Copied from Websites/webkit.org/demos/webgpu/2d.js.

(init):
(render):

  • demos/webgpu/index.html: Added.
  • demos/webgpu/simple.jpg: Added.
3:28 PM Changeset in webkit [214848] by hyatt@apple.com
  • 8 edits
    2 deletes in trunk

Japanese fonts in vertical text should support synthesized italics
https://bugs.webkit.org/show_bug.cgi?id=169301

Reviewed by Simon Fraser.

Source/WebCore:

Updated test in fast/text/international.

  • platform/graphics/Font.cpp:

(WebCore::Font::nonSyntheticItalicFont): Deleted.

  • platform/graphics/Font.h:

Removed the non-synthetic italic font member, since it's not used.

  • platform/graphics/FontCascadeFonts.cpp:

(WebCore::glyphDataForNonCJKCharacterWithGlyphOrientation):
Patched to ensure that a text-orientation-fallback font data is always
returned in the synthetic oblique case, so that non-CJK and CJK are
guaranteed to be broken up so that their slants can be applied differently.

(WebCore::FontCascadeFonts::glyphDataForSystemFallback):
(WebCore::FontCascadeFonts::glyphDataForNormalVariant):
(WebCore::glyphDataForCJKCharacterWithoutSyntheticItalic): Deleted.
Patched to no longer turn off synthetic oblique for CJK.

  • platform/graphics/cocoa/FontCascadeCocoa.mm:

(WebCore::FontCascade::drawGlyphs):
Apply the correct italic transform to CJK when in vertical text.

LayoutTests:

  • fast/text/international/synthesized-italic-vertical-expected.html:
  • fast/text/international/synthesized-italic-vertical.html:
  • platform/mac/fast/text/international/synthesized-italic-vertical-latin-expected.png: Removed.
  • platform/mac/fast/text/international/synthesized-italic-vertical-latin-expected.txt: Removed.
3:10 PM Changeset in webkit [214847] by webkit@devinrousso.com
  • 7 edits in trunk/Source/WebInspectorUI

Web Inspector: Preference for Auto Showing Scope Chain sidebar on pause
https://bugs.webkit.org/show_bug.cgi?id=149487

Reviewed by Timothy Hatcher.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Base/Setting.js:
  • UserInterface/Views/SettingsTabContentView.js:

(WebInspector.SettingsTabContentView.prototype.layout):
Add WebInspector.Setting for showing Scope Chain on pause.

  • UserInterface/Base/Main.js:

(WebInspector.showDebuggerTab):
(WebInspector._debuggerDidPause):

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor.prototype.textEditorGutterContextMenu):
Modify parameters to use a dictionary of options instead of just a single value. In doing
so, add support for a value that will show the Scope Chain sidebar.

  • UserInterface/Views/SettingsTabContentView.css:

(.content-view.settings):
(.content-view.settings > .header):
Drive-by: add padding to bottom of Settings tab so that additional scroll space is mirrored.

3:10 PM Changeset in webkit [214846] by BJ Burg
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: RTL: layout issues in call frame tree elements and async call stacks
https://bugs.webkit.org/show_bug.cgi?id=170419

Reviewed by Matt Baker.

  • UserInterface/Views/CallFrameTreeElement.css:

(.tree-outline .item.call-frame .status):
(body[dir=ltr] .tree-outline .item.call-frame .status):
(body[dir=rtl] .tree-outline .item.call-frame .status):
Flip the current call frame indicator and make sure it sticks to the leading edge.

(.tree-outline .item.call-frame.async-boundary):
(body[dir=ltr] .tree-outline:not(.single-thread) > .children > .item.call-frame.async-boundary):
(body[dir=rtl] .tree-outline:not(.single-thread) > .children > .item.call-frame.async-boundary):
(.tree-outline .item.call-frame.async-boundary .icon):
(body[dir=ltr] .tree-outline .item.call-frame.async-boundary .icon):
(body[dir=rtl] .tree-outline .item.call-frame.async-boundary .icon):
Flip the icon's padding.

(.tree-outline .item.call-frame.async-boundary::after):
(body[dir=ltr] .tree-outline .item.call-frame.async-boundary::after):
(body[dir=rtl] .tree-outline .item.call-frame.async-boundary::after):
(.tree-outline .item.call-frame.async-boundary::before):
(body[dir=ltr] .tree-outline .item.call-frame.async-boundary::before):
(body[dir=rtl] .tree-outline .item.call-frame.async-boundary::before):
(.tree-outline:not(.single-thread) > .children > .item.call-frame.async-boundary): Deleted.
Fix the leading and trailing horizontal rules so they have correct spacing.

  • UserInterface/Views/CallFrameView.css:

(.call-frame .icon): Remove redundant property.

  • UserInterface/Views/DebuggerSidebarPanel.css:

(.sidebar > .panel.navigation.debugger .tree-outline.single-thread):
(body[dir=ltr] .sidebar > .panel.navigation.debugger .tree-outline.single-thread):
(body[dir=rtl] .sidebar > .panel.navigation.debugger .tree-outline.single-thread):
Fix the leading unindent for call tree frame elements.

3:09 PM Changeset in webkit [214845] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit2

Remove no longer needed forward declarations
https://bugs.webkit.org/show_bug.cgi?id=170415

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-03
Reviewed by Dan Bernstein.

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:
3:09 PM Changeset in webkit [214844] by Matt Baker
  • 7 edits in trunk/Source/WebInspectorUI

Web Inspector: Elements tab: show indicators for hidden DOM breakpoints
https://bugs.webkit.org/show_bug.cgi?id=168761

Reviewed by Timothy Hatcher.

  • Localizations/en.lproj/localizedStrings.js:

New DOM breakpoint content menu item.

  • UserInterface/Views/DOMTreeContentView.css:

(.content-view.dom-tree .tree-outline.dom li .status-image.breakpoint.subtree):
(.content-view.dom-tree .tree-outline.dom li.expanded .status-image.breakpoint.subtree):
New styles for collapsed breakpoint marker.

  • UserInterface/Views/DOMTreeElement.js:

(WebInspector.DOMTreeElement):
(WebInspector.DOMTreeElement.prototype.set breakpointStatus):
If the status change indicates the only breakpoint was added or removed,
update subtree breakpoint counts on the element's parent chain.

(WebInspector.DOMTreeElement.prototype.revealAndHighlight):
Reveal the tree element, and add a highlighted line animation
identical to the one used used by TextEditor.

(WebInspector.DOMTreeElement.prototype.subtreeBreakpointCountDidChange):
(WebInspector.DOMTreeElement.prototype.updateSelectionArea):
Selection area should be updated when animating the element highlight.
(WebInspector.DOMTreeElement.prototype.onreveal):
Animate highlight if needed.
(WebInspector.DOMTreeElement.prototype._updateBreakpointStatus):
(WebInspector.DOMTreeElement.prototype._statusImageClicked):
Do nothing when clicking the collapsed breakpoint marker.
(WebInspector.DOMTreeElement.prototype._statusImageContextmenu):
Add "Reveal Breakpoint" menu item. Reveals the first descendant
with at least one breakpoint.

(WebInspector.DOMTreeElement.prototype._highlightAnimationEnd):

  • UserInterface/Views/DOMTreeOutline.css:

(@keyframes dom-tree-outline-highlight-fadeout):
(.highlight .selection-area):
Styles for highlight fade animation.

  • UserInterface/Views/TreeElement.js:

(WebInspector.TreeElement.prototype.selfOrDescendant):

  • UserInterface/Views/TreeOutline.js:

(WebInspector.TreeOutline.prototype.selfOrDescendant):
Find a node matching a predicate.

3:07 PM Changeset in webkit [214843] by Matt Baker
  • 8 edits in trunk/Source/WebInspectorUI

Web Inspector: DetailsSection should hide header "options" when collapsed
https://bugs.webkit.org/show_bug.cgi?id=170029

Reviewed by Timothy Hatcher.

  • UserInterface/Views/DOMNodeDetailsSidebarPanel.css:

(.sidebar > .panel.dom-node-details .details-section.dom-node-event-listeners > .header > .filter):
(.sidebar > .panel.dom-node-details .details-section.dom-node-event-listeners.collapsed > .header > .filter): Deleted.
DetailsSection is responsible for hiding options when collapsed.

  • UserInterface/Views/DebuggerSidebarPanel.css:

(.sidebar > .panel.navigation.debugger .details-section.paused-reason.collapsed > .header > .options):

  • UserInterface/Views/DetailsSection.css:

(body[dir=ltr] .details-section > .header > .options,):
(body[dir=ltr] .details-section > .header::before,):
(.details-section.collapsed > .header > .options):
(body[dir=ltr] .details-section > .header > :matches(label, .node-link, .go-to-arrow),): Deleted.
(.details-section.collapsed > .header > label): Deleted.
Removed unnecessary rules. The "options" class covers these cases.

  • UserInterface/Views/DetailsSection.js:

(WebInspector.DetailsSection.prototype.get titleElement):
(WebInspector.DetailsSection.prototype.set titleElement):
Added title element customization so that the hack used by ProbeSetDetailsSection
to get a link into the title can be removed. Yuck!

  • UserInterface/Views/ProbeSetDetailsSection.js:

(WebInspector.ProbeSetDetailsSection):
(WebInspector.ProbeSetDetailsSection.prototype._updateLinkElement):
Use the new DetailsSection title element setter.

  • UserInterface/Views/VisualStyleDetailsPanel.css:

(.sidebar > .panel.details.css-style .visual > .details-section .details-section > .header > .options):
(.sidebar > .panel.details.css-style .visual > .details-section .details-section > .header > .visual-style-section-clear): Deleted.
(.sidebar > .panel.details.css-style .visual > .details-section .details-section.collapsed > .header > .visual-style-section-clear,): Deleted.
Remove the "visual-style-section-clear" class, as it's no longer needed.

  • UserInterface/Views/VisualStyleDetailsPanel.js:

(WebInspector.VisualStyleDetailsPanel.prototype._generateSection.createOptionsElement):
(WebInspector.VisualStyleDetailsPanel.prototype._generateSection):

3:06 PM Changeset in webkit [214842] by Chris Dumez
  • 3 edits
    2 adds in trunk

REGRESSION (r206744): CSS background-image in style attribute ignored when using createHTMLDocument method of DOM parsing
https://bugs.webkit.org/show_bug.cgi?id=170285
<rdar://problem/31378543>

Reviewed by Andy Estes.

Source/WebCore:

r206744 caused up to stop trying to resolve relative URLs when trying to load an image
referred to by CSS. We already try to resolve the relative URL when parsing the CSS
property so this will usually work fine. However, in the case when the CSS property
is parsed in detached document and then moved to another document, we will not have
the complete URL.

Test: fast/images/background-image-relative-url-changes-document.html

  • css/CSSImageValue.cpp:

(WebCore::CSSImageValue::loadImage):

LayoutTests:

Add layout test coverage.

  • fast/images/background-image-relative-url-changes-document-expected.html: Added.
  • fast/images/background-image-relative-url-changes-document.html: Added.
3:06 PM Changeset in webkit [214841] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebInspectorUI

Web Inspector: "Space" is not localizable in Timelines record button tooltips
https://bugs.webkit.org/show_bug.cgi?id=170420
<rdar://problem/30871371>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-03
Reviewed by Timothy Hatcher.

  • UserInterface/Base/LoadLocalizedStrings.js:

(WebInspector.unlocalizedString):
(WebInspector.UIString):

  • UserInterface/Base/Main.js:

Move UIString / unlocalizedString to LoadLocalizedString.js.
They may be needed before Main.js has introduced it.

  • UserInterface/Test/Test.js:

Provide a default implementaiton of unlocalizedString.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Models/KeyboardShortcut.js:

Most keys use a symbol to represent the key. "Space" was the one
exception, so use a localized string.

3:05 PM Changeset in webkit [214840] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Tooltip for close tab button should match Safari
https://bugs.webkit.org/show_bug.cgi?id=170417
<rdar://problem/31378423>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-04-03
Reviewed by Matt Baker.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Views/GeneralTabBarItem.js:

(WebInspector.GeneralTabBarItem):
Updated tooltip to match Safari's most descriptive tooltip.

2:26 PM Changeset in webkit [214839] by webkit@devinrousso.com
  • 3 edits in trunk/Source/WebInspectorUI

REGRESSION (r214354): Web Inspector: WebSocket connection icon obscures close content view icon
https://bugs.webkit.org/show_bug.cgi?id=170104

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/ResourceTreeElement.css:

(.item.resource.resource-type-websocket .status > .ready-state):
(.item.resource.resource-type-websocket:not(.selected) .status .ready-state.open):
(.tree-outline:not(:focus, .force-focus) .item.resource.resource-type-websocket.selected .status .ready-state.open):
(body:matches(.window-inactive, .window-docked-inactive) .item.resource.resource-type-websocket.selected .status .ready-state.open):
(.item.resource.resource-type-websocket:not(.selected) .status .ready-state.connecting):
(.tree-outline:not(:focus, .force-focus) .item.resource.resource-type-websocket.selected .status .ready-state.connecting):
(body:matches(.window-inactive, .window-docked-inactive) .item.resource.resource-type-websocket.selected .status .ready-state.connecting):
(.item.resource.resource-type-websocket .status > div): Deleted.
(.item.resource.resource-type-websocket:not(.selected) .status .open): Deleted.
(.tree-outline:not(:focus, .force-focus) .item.resource.resource-type-websocket.selected .status .open): Deleted.
(body:matches(.window-inactive, .window-docked-inactive) .item.resource.resource-type-websocket.selected .status .open): Deleted.
(.item.resource.resource-type-websocket:not(.selected) .status .connecting): Deleted.
(.tree-outline:not(:focus, .force-focus) .item.resource.resource-type-websocket.selected .status .connecting): Deleted.
(body:matches(.window-inactive, .window-docked-inactive) .item.resource.resource-type-websocket.selected .status .connecting): Deleted.

  • UserInterface/Views/WebSocketResourceTreeElement.js:

(WebInspector.WebSocketResourceTreeElement.prototype._updateConnectionStatus):
Apply an additional CSS class to the connection indicator element so that the styles can be
applied more specifically to just that element.

2:07 PM Changeset in webkit [214838] by fpizlo@apple.com
  • 3 edits
    1 add in trunk/Source/JavaScriptCore

Move the Liveness<> adapters from AirLiveness.h to AirLivenessAdapter.h.

Rubber stamped by Keith Miller.

This will make it easier to write other code that uses those adapters.

(JSC::B3::Air::LivenessAdapter::LivenessAdapter): Deleted.
(JSC::B3::Air::LivenessAdapter::blockSize): Deleted.
(JSC::B3::Air::LivenessAdapter::forEachUse): Deleted.
(JSC::B3::Air::LivenessAdapter::forEachDef): Deleted.
(JSC::B3::Air::TmpLivenessAdapter::TmpLivenessAdapter): Deleted.
(JSC::B3::Air::TmpLivenessAdapter::numIndices): Deleted.
(JSC::B3::Air::TmpLivenessAdapter::acceptsBank): Deleted.
(JSC::B3::Air::TmpLivenessAdapter::acceptsRole): Deleted.
(JSC::B3::Air::TmpLivenessAdapter::valueToIndex): Deleted.
(JSC::B3::Air::TmpLivenessAdapter::indexToValue): Deleted.
(JSC::B3::Air::StackSlotLivenessAdapter::StackSlotLivenessAdapter): Deleted.
(JSC::B3::Air::StackSlotLivenessAdapter::numIndices): Deleted.
(JSC::B3::Air::StackSlotLivenessAdapter::acceptsBank): Deleted.
(JSC::B3::Air::StackSlotLivenessAdapter::acceptsRole): Deleted.
(JSC::B3::Air::StackSlotLivenessAdapter::valueToIndex): Deleted.
(JSC::B3::Air::StackSlotLivenessAdapter::indexToValue): Deleted.

  • b3/air/AirLivenessAdapter.h: Added.

(JSC::B3::Air::LivenessAdapter::LivenessAdapter):
(JSC::B3::Air::LivenessAdapter::blockSize):
(JSC::B3::Air::LivenessAdapter::forEachUse):
(JSC::B3::Air::LivenessAdapter::forEachDef):
(JSC::B3::Air::TmpLivenessAdapter::TmpLivenessAdapter):
(JSC::B3::Air::TmpLivenessAdapter::numIndices):
(JSC::B3::Air::TmpLivenessAdapter::acceptsBank):
(JSC::B3::Air::TmpLivenessAdapter::acceptsRole):
(JSC::B3::Air::TmpLivenessAdapter::valueToIndex):
(JSC::B3::Air::TmpLivenessAdapter::indexToValue):
(JSC::B3::Air::StackSlotLivenessAdapter::StackSlotLivenessAdapter):
(JSC::B3::Air::StackSlotLivenessAdapter::numIndices):
(JSC::B3::Air::StackSlotLivenessAdapter::acceptsBank):
(JSC::B3::Air::StackSlotLivenessAdapter::acceptsRole):
(JSC::B3::Air::StackSlotLivenessAdapter::valueToIndex):
(JSC::B3::Air::StackSlotLivenessAdapter::indexToValue):

2:03 PM Changeset in webkit [214837] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore/PAL

Unreviewed, attempt to fix build with libgcrypt < 1.7.0

  • pal/crypto/gcrypt/Utilities.h:
1:50 PM Changeset in webkit [214836] by fpizlo@apple.com
  • 5 edits in trunk/Source

WTF::Liveness should have an API that focuses on actions at instruction boundaries
https://bugs.webkit.org/show_bug.cgi?id=170407

Reviewed by Keith Miller.

Source/JavaScriptCore:

Adopt changes to the WTF::Liveness<> API. Instead of having separate functions for the
early/late versions of uses and defs, we now have just a use/def API. Those
automatically take care of eary/late issues as needed.

This reduces the API surface between WTF::Liveness<> and its clients, which makes it
easier to implement some other optimizations I'm thinking about.

  • b3/B3VariableLiveness.h:

(JSC::B3::VariableLivenessAdapter::forEachUse):
(JSC::B3::VariableLivenessAdapter::forEachDef):
(JSC::B3::VariableLivenessAdapter::forEachEarlyUse): Deleted.
(JSC::B3::VariableLivenessAdapter::forEachLateUse): Deleted.
(JSC::B3::VariableLivenessAdapter::forEachEarlyDef): Deleted.
(JSC::B3::VariableLivenessAdapter::forEachLateDef): Deleted.

  • b3/air/AirLiveness.h:

(JSC::B3::Air::LivenessAdapter::blockSize):
(JSC::B3::Air::LivenessAdapter::forEachUse):
(JSC::B3::Air::LivenessAdapter::forEachDef):
(JSC::B3::Air::LivenessAdapter::forEachEarlyUse): Deleted.
(JSC::B3::Air::LivenessAdapter::forEachLateUse): Deleted.
(JSC::B3::Air::LivenessAdapter::forEachEarlyDef): Deleted.
(JSC::B3::Air::LivenessAdapter::forEachLateDef): Deleted.

Source/WTF:

Change the Liveness<> API to handle early and late things in one lump inside forEachUse
and forEachDef functions. This reduces the amount of different functions that Liveness<>
expects from its adaptor. This makes it easier to implement optimizations that cache the
use/def behavior of each instruction boundary.

  • wtf/Liveness.h:

(WTF::Liveness::Liveness):
(WTF::Liveness::LocalCalc::execute):

1:44 PM Changeset in webkit [214835] by BJ Burg
  • 2 edits in trunk/Tools

run-safari should support launching with custom language and locale
https://bugs.webkit.org/show_bug.cgi?id=170397

Reviewed by Alexey Proskuryakov.

Hook up -AppleLanguages and -AppleLocale to command line options.

  • Scripts/webkitdirs.pm:

(printHelpAndExitForRunAndDebugWebKitAppIfNeeded):
(argumentsForRunAndDebugMacWebKitApp):

1:18 PM Changeset in webkit [214834] by wilander@apple.com
  • 2 edits in trunk/LayoutTests

Remove timeout expectations after bug fix
https://bugs.webkit.org/show_bug.cgi?id=168262

Unreviewed test gardening.

Remove timeout expectations after bug fix in
https://bugs.webkit.org/show_bug.cgi?id=170400

  • platform/wk2/TestExpectations:

Remove expected timeout for the first five test cases
under http/tests/loading/resourceLoadStatistics/.

1:08 PM Changeset in webkit [214833] by jmarcell@apple.com
  • 1 copy in tags/Safari-603.2.2

Tag Safari-603.2.2.

12:39 PM Changeset in webkit [214832] by Jonathan Bedard
  • 4 edits in trunk/Tools

webkitpy: Provide option to skip install
https://bugs.webkit.org/show_bug.cgi?id=170344

Reviewed by Alexey Proskuryakov.

Installing can take time for on device testing. Provide an option to skip install
and use whatever driver is currently installed on the device or simulator.

  • Scripts/webkitpy/port/base.py:

(Port.check_build): Do not check driver if skipping install.

  • Scripts/webkitpy/port/factory.py:

(platform_options): Add '--no-install' option.

  • Scripts/webkitpy/port/ios.py:

(IOSPort.setup_test_run): Check install option before installing.

12:35 PM Changeset in webkit [214831] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Do not set WebAVPlayerLayerView background to black in fullscreen.
https://bugs.webkit.org/show_bug.cgi?id=170132
rdar://problem/30839278

Patch by Jeremy Jones <jeremyj@apple.com> on 2017-04-03
Reviewed by Tim Horton.

No new tests because no behavior change.

The black background on WebAVPlayerLayerView interferes with the fullscreen animation
and has been removed.

  • platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

(WebVideoFullscreenInterfaceAVKit::enterFullscreen):
(WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard):

12:08 PM Changeset in webkit [214830] by Antti Koivisto
  • 4 edits
    2 adds in trunk

REGRESSION (r207669): FileMaker Pro Help pages do not render correctly
https://bugs.webkit.org/show_bug.cgi?id=170402
<rdar://problem/31004344>

Reviewed by Simon Fraser.

Source/WebCore:

If a new stylesheet load is started from the load event the document.styleSheets does not
always reflect the already loaded stylesheets.

Test: fast/css/document-stylesheets-dynamic.html

  • style/StyleScope.cpp:

(WebCore::Style::Scope::updateActiveStyleSheets):

Remove an old optimization where we would not update active stylesheets if there were pending
(head) stylesheet loads and they had not been updated already.
This is probably not a valuable optimization anymore with the new lazy stylesheet update strategy.

  • style/StyleScope.h:

LayoutTests:

  • fast/css/document-stylesheets-dynamic-expected.html: Added.
  • fast/css/document-stylesheets-dynamic.html: Added.
12:07 PM Changeset in webkit [214829] by andersca@apple.com
  • 7 edits in trunk/Source

Tweak ApplePaySession API
https://bugs.webkit.org/show_bug.cgi?id=170409
rdar://problem/31405459

Reviewed by Tim Horton.

Source/WebCore:

Rename "address" to "addressLines". Add "postalAddress". Reorder the ApplePayError constructor parameters.

  • Modules/applepay/ApplePayError.cpp:

(WebCore::ApplePayError::create):
(WebCore::ApplePayError::ApplePayError):

  • Modules/applepay/ApplePayError.h:
  • Modules/applepay/ApplePayError.idl:
  • Modules/applepay/PaymentRequest.h:

Source/WebKit2:

Update for WebCore changes.

  • UIProcess/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.mm:

(WebKit::toNSError):

12:04 PM Changeset in webkit [214828] by sbarati@apple.com
  • 7 edits
    9 adds in trunk/PerformanceTests

Add a new test to ARES6
https://bugs.webkit.org/show_bug.cgi?id=170077

Rubber stamped by Filip Pizlo.

This patch adds a new test to ARES6. The test is called Babylon. Babylon is
the JavaScript parser that is part of the Babel transpiler. The test runs
the parser on 4 different JS scripts.

  • ARES-6/Babylon: Added.
  • ARES-6/Babylon/AUTHORS: Added.
  • ARES-6/Babylon/air-blob.js: Added.

(Reg):
(Reg.fromReg):
(Reg.prototype.get index):
(Reg.prototype.get type):
(Reg.prototype.get name):
(Reg.prototype.get isCalleeSave):
(Reg.prototype.get isReg):
(Reg.prototype.hash):
(Reg.prototype.toString):
(Reg.extract):
(Reg.forEachFast):
(Reg.forEach):
(newGPR):
(Reg.gprs.Reg.fprs.Reg.calleeSaveGPRs.Reg.calleeSaveFPRs.Reg.calleeSaves):

  • ARES-6/Babylon/babylon-blob.js: Added.

(export.default.Parser):
(export.default.Parser.prototype.isReservedWord):
(export.default.Parser.prototype.hasPlugin):
(export.default.Parser.prototype.extend):
(export.default.Parser.prototype.loadPlugins):
(export.default.Parser.prototype.parse):

  • ARES-6/Babylon/basic-blob.js: Added.

(Basic.NumberApply):
(Basic.Variable):
(Basic.Const):
(Basic.NumberPow):
(Basic.NumberMul):
(Basic.NumberDiv):
(Basic.NumberNeg):
(Basic.NumberAdd):
(Basic.NumberSub):
(Basic.StringVar):
(Basic.Equals):
(Basic.NotEquals):
(Basic.LessThan):
(Basic.GreaterThan):
(Basic.LessEqual):
(Basic.GreaterEqual):
(Basic.GoTo):
(Basic.GoSub):
(Basic.Def):
(Basic.Let):
(Basic.If):
(Basic.Return):
(Basic.Stop):
(Basic.On):
(sideState.shouldStop):
(Basic.For):
(Basic.Next):
(Basic.Print):
(Basic.Input):
(Basic.Read):
(Basic.Restore):
(Basic.Dim):
(Basic.Randomize):
(Basic.End):
(Basic.Program):

  • ARES-6/Babylon/benchmark.js: Added.

(this.performance.performance.now.currentTime):
(else.this.preciseTime.currentTime):
(else.currentTime):
(BabylonBenchmark.appendSource):
(BabylonBenchmark):
(BabylonBenchmark.prototype.runIteration.parse):
(BabylonBenchmark.prototype.runIteration.parseExpression):
(BabylonBenchmark.prototype.runIteration):
(runBenchmark):

  • ARES-6/Babylon/index.js: Added.

(isIdentifierStart):
(isIdentifierChar):
(isNewLine):
(Position):
(SourceLocation):
(getLineInfo):
(TokenType):
(KeywordTokenType):
(BinopTokenType):
(TokContext):
(tt.parenR.updateContext.tt.braceR.updateContext):
(tt.name.updateContext):
(tt.braceL.updateContext):
(tt.dollarBraceL.updateContext):
(tt.parenL.updateContext):
(tt.incDec.updateContext):
(tt._function.updateContext):
(tt.backQuote.updateContext):
(State.prototype.init):
(State.prototype.curPosition):
(State.prototype.clone):
(State):
(Token):
(codePointToString):
(Tokenizer):
(Tokenizer.prototype.next):
(Tokenizer.prototype.eat):
(Tokenizer.prototype.match):
(Tokenizer.prototype.isKeyword):
(Tokenizer.prototype.lookahead):
(Tokenizer.prototype.setStrict):
(Tokenizer.prototype.curContext):
(Tokenizer.prototype.nextToken):
(Tokenizer.prototype.readToken):
(Tokenizer.prototype.fullCharCodeAtPos):
(Tokenizer.prototype.pushComment):
(Tokenizer.prototype.skipBlockComment):
(Tokenizer.prototype.skipLineComment):
(Tokenizer.prototype.skipSpace):
(Tokenizer.prototype.finishToken):
(Tokenizer.prototype.readToken_dot):
(Tokenizer.prototype.readToken_slash):
(Tokenizer.prototype.readToken_mult_modulo):
(Tokenizer.prototype.readToken_pipe_amp):
(Tokenizer.prototype.readToken_caret):
(Tokenizer.prototype.readToken_plus_min):
(Tokenizer.prototype.readToken_lt_gt):
(Tokenizer.prototype.readToken_eq_excl):
(Tokenizer.prototype.getTokenFromCode):
(Tokenizer.prototype.finishOp):
(Tokenizer.prototype.readRegexp):
(Tokenizer.prototype.readInt):
(Tokenizer.prototype.readRadixNumber):
(Tokenizer.prototype.readNumber):
(Tokenizer.prototype.readCodePoint):
(Tokenizer.prototype.readString):
(Tokenizer.prototype.readTmplToken):
(Tokenizer.prototype.readEscapedChar):
(Tokenizer.prototype.readHexChar):
(Tokenizer.prototype.readWord1):
(Tokenizer.prototype.readWord):
(Tokenizer.prototype.braceIsBlock):
(Tokenizer.prototype.updateContext):
(getOptions):
(prototype.isReservedWord):
(prototype.hasPlugin):
(prototype.extend):
(prototype.loadPlugins):
(prototype.parse):
(last):
(pp.addComment):
(pp.processComment):
(pp.checkPropClash):
(pp.getExpression):
(pp.parseExpression):
(pp.parseMaybeAssign):
(pos.set i):

  • ARES-6/Babylon/inspector-blob.js: Added.

(WebInspector.ScriptSyntaxTree):
(WebInspector.ScriptSyntaxTree.prototype.get parsedSuccessfully):
(WebInspector.ScriptSyntaxTree.prototype.forEachNode):
(WebInspector.ScriptSyntaxTree.prototype.filter):
(WebInspector.ScriptSyntaxTree.prototype.containersOfOffset):
(WebInspector.ScriptSyntaxTree.prototype.filterByRange.filterForNodesInRange):
(WebInspector.ScriptSyntaxTree.prototype.filterByRange):
(WebInspector.ScriptSyntaxTree.prototype.containsNonEmptyReturnStatement.removeFunctionsFilter):
(WebInspector.ScriptSyntaxTree.prototype.containsNonEmptyReturnStatement):
(WebInspector.ScriptSyntaxTree.functionReturnDivot):
(WebInspector.ScriptSyntaxTree.prototype.updateTypes):
(WebInspector.ScriptSyntaxTree.prototype._gatherIdentifiersInDeclaration.gatherIdentifiers):
(WebInspector.ScriptSyntaxTree.prototype._gatherIdentifiersInDeclaration):
(WebInspector.ScriptSyntaxTree.prototype._defaultParserState):
(WebInspector.ScriptSyntaxTree.prototype._recurse):
(WebInspector.ScriptSyntaxTree.prototype._recurseArray):
(WebInspector.ScriptSyntaxTree.prototype._createInternalSyntaxTree):

  • ARES-6/about.html:
  • ARES-6/babylon_benchmark.js: Added.
  • ARES-6/cli.js:
  • ARES-6/glue.js:
  • ARES-6/index.html:
  • ARES-6/results.js:

(Results.prototype.reportResult):
(Results.prototype.reportResult.averageAbovePercentile): Deleted.

  • ARES-6/styles.css:

(.test):
(@media only screen and (max-width: 784px)):

11:55 AM Changeset in webkit [214827] by fpizlo@apple.com
  • 6 edits
    1 add in trunk/Source/JavaScriptCore

Inst::forEachArg could compile to more compact code
https://bugs.webkit.org/show_bug.cgi?id=170406

Reviewed by Sam Weinig.

Prior to this change, Inst::forEachArg compiled to a ginormous ALWAYS_INLINE switch statement.
It had one case for each opcode, and then each of those cases would have a switch statement over
the number of operands. Then the cases of that switch statement would have a sequence of calls to
the passed lambda. This meant that every user of forEachArg would generate an insane amount of
code. It also meant that the inlining achieved nothing, since the lambda would surely then not
be inlined - and if it was, then the icache pressure due to code bloat would surely negate any
benefits.

This replaces that code with a loop over a compact look-up table. We use the opcode and number of
operands as keys into that look-up table. The table only takes about 20KB. It has one byte for
each argument in each overload of each opcode.

I can't measure any reproducible change in performance, but the JavaScriptCore framework binary
shrinks by 2.7 MB. This is a 15% reduction in JavaScriptCore binary size.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • b3/B3Width.h:
  • b3/air/AirCustom.h:

(JSC::B3::Air::PatchCustom::forEachArg):

  • b3/air/AirFormTable.h: Added.

(JSC::B3::Air::decodeFormRole):
(JSC::B3::Air::decodeFormBank):
(JSC::B3::Air::decodeFormWidth):

  • b3/air/AirInst.h:
  • b3/air/opcode_generator.rb:
11:44 AM Changeset in webkit [214826] by keith_miller@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

WebAssembly: remove lastAllocatedMode from Memory
https://bugs.webkit.org/show_bug.cgi?id=170405

Reviewed by Mark Lam.

It's not used anymore so there isn't any point in keeping it around.

  • wasm/WasmMemory.cpp:

(JSC::Wasm::Memory::createImpl):
(JSC::Wasm::Memory::lastAllocatedMode): Deleted.

  • wasm/WasmMemory.h:
11:40 AM Changeset in webkit [214825] by zandobersek@gmail.com
  • 5 edits in trunk/Source/WebCore

[GCrypt] Implement CryptoKeyEC::keySizeInBits(), ::platformGeneratePair()
https://bugs.webkit.org/show_bug.cgi?id=170345

Reviewed by Michael Catanzaro.

Source/WebCore:

Start implementing the libgcrypt-based platform bits of CryptoKeyEC.

Implement keySizeInBits() by returning the appropriate size for this
object's curve type. An assertion is added to ensure that this size
matches the one that's returned by gcry_pk_get_nbits() for this
object's EC key as represented by the m_platformKey gcry_sexp_t object.

Implement platformGeneratePair() by constructing a genkey s-expression
that requests a generation of an EC key for the specified curve type.
The s-expression is then passed to gcry_pk_genkey(), and the public
and private key data is then retrieved from the returned s-expression
upon success and used to create the public and private CryptoKeyEC
objects.

The PlatformECKey type alias is changed to match gcry_sexp_t. The
CryptoKeyEC destructor releases the gcry_sexp_t object through
a PAL::GCrypt::HandleDeleter<gcry_sexp_t> instance.

The method definitions in the CryptoKeyECGCrypt.cpp file are also
sorted to match the declaration order in the header.

No new tests -- current ones cover this sufficiently, but are not yet
enabled due to other missing platform-specific SUBTLE_CRYPTO
implementations.

  • crypto/gcrypt/CryptoKeyECGCrypt.cpp:

(WebCore::curveSize):
(WebCore::curveName):
(WebCore::CryptoKeyEC::~CryptoKeyEC):
(WebCore::CryptoKeyEC::keySizeInBits):
(WebCore::CryptoKeyEC::platformGeneratePair):
(WebCore::CryptoKeyEC::platformImportSpki):
(WebCore::CryptoKeyEC::platformImportPkcs8):
(WebCore::CryptoKeyEC::platformExportRaw):
(WebCore::CryptoKeyEC::platformAddFieldElements):
(WebCore::CryptoKeyEC::platformExportSpki):

  • crypto/keys/CryptoKeyEC.h:

Source/WebCore/PAL:

  • pal/crypto/gcrypt/Handle.h:

(PAL::GCrypt::HandleDeleter<gcry_sexp_t>::operator()): Add a HandleDeleter
specialization for the gcry_sexp_t type.

11:38 AM Changeset in webkit [214824] by keith_miller@apple.com
  • 55 edits
    13 adds
    5 deletes in trunk

WebAssembly: Update spec tests
https://bugs.webkit.org/show_bug.cgi?id=170361

Rubber-stamped by Saam Barati.

JSTests:

Update the spec tests to run tests generated by the newer spec
test builder wasm-spec/test/builder.py. This patch also adds the
necessary harness code in spec-harness.js so we can run the tests.

  • wasm.yaml:
  • wasm/import-spec-tests.rb:
  • wasm/spec-harness.js: Added.

(import.string_appeared_here.then):
(test):
(promise_test):
(let.assert_unreached):

  • wasm/spec-harness/index.js: Added.

(let.testNum):
(assertThrows):
(_assert):
(ValueResult):
(ErrorResult):
(Result.prototype.isError):
(binary):
(module):
(uniqueTest):
(assert_invalid):
(assert_soft_invalid):
(register):
(call):
(get instance):
(exports):
(run):
(assert_unlinkable):
(assert_uninstantiable):
(assert_trap):
(try.f):
(catch):
(assert_exhaustion):
(assert_return):
(assert_return_nan):

  • wasm/spec-harness/testharness.css: Added.

(html):
(#log .warning,):
(#log .error,):
(section#summary):
(table#results):
(table#results th:first-child,):
(table#results th:last-child,):
(table#results.assertions th:last-child,):
(table#results th):
(table#results td):
(tr.pass > td:first-child):
(tr.fail > td:first-child):
(tr.timeout > td:first-child):
(tr.notrun > td:first-child):
(.pass > td:first-child, .fail > td:first-child, .timeout > td:first-child, .notrun > td:first-child):
(table#results span):
(table#results span.expected):
(table#results span.actual):
(span.ok):
(tr.error):
(span.timeout):
(span.ok, span.timeout, span.error):

  • wasm/spec-harness/testharness.js: Added.

(WindowTestEnvironment):
(WindowTestEnvironment.prototype._dispatch):
(WindowTestEnvironment.prototype._forEach_windows):
(WindowTestEnvironment.prototype.on_tests_ready):
(WindowTestEnvironment.prototype.setup_messages):
(WindowTestEnvironment.prototype.next_default_test_name):
(WindowTestEnvironment.prototype.on_new_harness_properties):
(WindowTestEnvironment.prototype.add_on_loaded_callback):
(WindowTestEnvironment.prototype.test_timeout):
(WindowTestEnvironment.prototype.global_scope):
(WorkerTestEnvironment):
(WorkerTestEnvironment.prototype._dispatch):
(WorkerTestEnvironment.prototype._add_message_port):
(WorkerTestEnvironment.prototype.next_default_test_name):
(WorkerTestEnvironment.prototype.on_new_harness_properties):
(WorkerTestEnvironment.prototype.on_tests_ready):
(WorkerTestEnvironment.prototype.add_on_loaded_callback):
(WorkerTestEnvironment.prototype.test_timeout):
(WorkerTestEnvironment.prototype.global_scope):
(DedicatedWorkerTestEnvironment):
(DedicatedWorkerTestEnvironment.prototype.on_tests_ready):
(SharedWorkerTestEnvironment):
(SharedWorkerTestEnvironment.prototype.on_tests_ready):
(ServiceWorkerTestEnvironment):
(ServiceWorkerTestEnvironment.prototype.add_on_loaded_callback):
(create_test_environment):
(is_shared_worker):
(is_service_worker):
(test):
(async_test):
(promise_test):
(this.wait_for):
(EventWatcher):
(setup):
(done):
(generate_tests):
(step_timeout):
(truncate):
(is_node):
(format_value):

  • wasm/spec-harness/testharnessreport.js: Added.
  • wasm/spec-harness/wasm-constants.js: Added.

(bytes):
(bytesWithHeader):
(makeSig):
(makeSig_v_x):
(makeSig_v_xx):
(makeSig_r_v):
(makeSig_r_x):
(makeSig_r_xx):
(assertTraps):
(assertWasmThrows):

  • wasm/spec-harness/wasm-module-builder.js: Added.

(Binary.prototype.emit_u8):
(Binary.prototype.emit_u16):
(Binary.prototype.emit_u32):
(Binary.prototype.emit_u32v):
(Binary.prototype.emit_bytes):
(Binary.prototype.emit_string):
(Binary.prototype.emit_header):
(Binary.prototype.emit_section):
(Binary):
(WasmFunctionBuilder):
(WasmFunctionBuilder.prototype.exportAs):
(WasmFunctionBuilder.prototype.exportFunc):
(WasmFunctionBuilder.prototype.addBody):
(WasmFunctionBuilder.prototype.addLocals):
(WasmFunctionBuilder.prototype.end):
(WasmGlobalBuilder):
(WasmGlobalBuilder.prototype.exportAs):
(WasmModuleBuilder):
(WasmModuleBuilder.prototype.addStart):
(WasmModuleBuilder.prototype.addMemory):
(WasmModuleBuilder.prototype.addExplicitSection):
(WasmModuleBuilder.prototype.addType):
(WasmModuleBuilder.prototype.addGlobal):
(WasmModuleBuilder.prototype.addFunction):
(WasmModuleBuilder.prototype.addImport):
(WasmModuleBuilder.prototype.addImportedGlobal):
(WasmModuleBuilder.prototype.addImportedMemory):
(WasmModuleBuilder.prototype.addImportedTable):
(WasmModuleBuilder.prototype.addExport):
(WasmModuleBuilder.prototype.addExportOfKind):
(WasmModuleBuilder.prototype.addDataSegment):
(WasmModuleBuilder.prototype.exportMemoryAs):
(WasmModuleBuilder.prototype.addFunctionTableInit):
(WasmModuleBuilder.prototype.appendToTable):
(WasmModuleBuilder.prototype.setFunctionTableLength):
(WasmModuleBuilder.prototype.toArray):
(WasmModuleBuilder.prototype.toBuffer):
(WasmModuleBuilder.prototype.instantiate):

  • wasm/spec-harness/wast.js: Added.

(normalize):
(require.else._registry.name):
(require):
(add_hex_char):
(add_char):
(string_with):
(list_of_opt):
(break_bytes.f):
(break_bytes):
(f):
(decls):
(func_type):
(limits):
(global_type):
(testop):
(relop):
(unop):
(binop):
(cvtop):
(oper):
(mem_size):
(extension):
(memop):
(storeop):
(var):
(constop):
(instr.else.switch.case.0.f):
(instr.else.switch.case.1.f.1):
(instr.else.switch.case.2.f.2):
(instr):
(func_with_name):
(func):
(start):
(table):
(memory):
(segment):
(elems):
(data):
(typedef):
(import_kind):
(import):
(export_kind):
(export):
(var_opt):
(is_func_import):
(is_table_import):
(is_memory_import):
(is_global_import):
(f.1):
(f.2):
(f.3):
(module_with_var_opt):
(module_):
(literal):
(definition):
(access):
(action):
(script):
(_registry.string_appeared_here):
(init):
(make_matrix):
(copy):
(append):
(sub):
(fill):
(blit):
(iter):
(map):
(iteri):
(mapi):
(to_list):
(list_length):
(of_list):
(fold_left):
(fold_right):
(maxson):
(trickle):
(bubble):
(trickleup):
(sort):
(merge):
(isortto):
(sortto):
(stable_sort):
(import_type):
(export_type):
(dims.n):
(dims.d.i):
(dims):
(map_file):
(create):
(of_array):
(slice_left):
(slice_right):
(slice_left_1):
(slice_right_1):
(slice_left_2):
(slice_right_2):
(array1_of_genarray):
(array2_of_genarray):
(array3_of_genarray):
(reshape_1):
(reshape_2):
(reshape_3):
(reshape):
():
(contents):
(to_bytes):
(nth):
(length):
(clear):
(reset):
(resize):
(add_substring):
(add_subbytes):
(add_string):
(add_bytes):
(add_buffer):
(add_channel):
(output_buffer):
(closing):
(advance_to_closing):
(advance_to_non_alpha):
(find_ident):
(add_substitute):
(make):
(to_string):
(of_string):
(sub_string):
(extend):
(blit_string):
(concat):
(cat):
(is_space):
(trim):
(escaped):
(uppercase):
(lowercase):
(apply1):
(capitalize):
(uncapitalize):
(index_rec):
(index):
(index_from):
(rindex_rec):
(rindex):
(rindex_from):
(contains_from):
(contains):
(rcontains_from):
(caml_array_sub):
(len):
(caml_array_concat):
(caml_make_vect):
(caml_array_blit):
(get if):
(caml_set_oo_id):
(get_id):
(caml_int32_float_of_bits):
(caml_int32_bits_of_float):
(caml_classify_float):
(caml_modf_float):
(caml_ldexp_float):
(caml_frexp_float):
(caml_copysign_float):
(caml_expm1_float):
(caml_hypot_float):
(caml_log10_float):
(caml_failwith):
(parse_digit):
(int_of_string_base):
(parse_sign_and_base):
(caml_int_of_string.aux):
(caml_int_of_string):
(caml_int64_of_string.aux):
(caml_int64_of_string):
(int_of_base):
(parse_format):
(finish_formatting):
(caml_format_int):
(caml_int64_format):
(caml_format_float):
(float_of_string):
(div):
(mod_):
(caml_bswap16):
(caml_int32_bswap):
(imul):
(neg_signed):
(not):
(eq):
(neg):
(lsl_):
(lsr_):
(asr_):
(is_zero):
(mul):
(swap):
(xor):
(or_):
(and_):
(ge):
(lt):
(gt):
(le):
(to_float):
(of_float):
(div_mod):
(compare):
(of_int32):
(to_int32):
(to_hex.aux):
(to_hex):
(discard_sign):
(float_of_bits):
(bits_of_float.to_nat):
(bits_of_float):
(get64):
(erase_rel):
(concat_fmtty):
(concat_fmt):
(create_char_set):
(add_in_char_set):
(rev_char_set):
(is_in_char_set):
(prec_of_prec_opt):
(param_format_of_ignored_format):
(buffer_check_size):
(buffer_add_char):
(buffer_add_string):
(buffer_contents):
(char_of_iconv):
(char_of_fconv):
(char_of_counter):
(print_char):
(set while.set var):
(set while.set else):
(set var):
(set else):
(set print_char):
(set if):
(bprint_padty):
(bprint_ignored_flag):
(bprint_pad_opt):
(bprint_padding):
(bprint_precision):
(bprint_iconv_flag):
(bprint_int_fmt):
(bprint_altint_fmt):
(bprint_fconv_flag):
(bprint_float_fmt):
(string_of_formatting_lit):
(string_of_formatting_gen):
(bprint_char_literal):
(bprint_string_literal):
(bprint_fmtty):
(int_of_custom_arity):
(bprint_fmt):
(string_of_fmt):
(symm):
(fmtty_rel_det):
(trans):
(fmtty_of_formatting_gen):
(fmtty_of_fmt):
(fmtty_of_custom):
(fmtty_of_padding_fmtty):
(fmtty_of_precision_fmtty):
(type_padding):
(type_padprec):
(type_ignored_param_one):
(type_format_gen):
(type_ignored_format_substitution):
(type_format):
(recast):
(fix_padding):
(fix_int_precision):
(string_to_caml_string):
(format_of_iconv):
(format_of_aconv):
(format_of_fconv):
(convert_int):
(convert_int32):
(convert_nativeint):
(convert_int64):
(else.is_valid):
(convert_float):
(format_caml_char):
(string_of_fmtty):
(else.switch.):
(else.switch.k.prime):
(else.switch.else.):
(else.switch.else.k.prime.1):
(make_printf):
(make_from_fmtty):
(make_invalid_arg):
(make_string_padding):
(make_int_padding_precision):
(make_custom):
(output_acc):
(bufput_acc):
(strput_acc):
(failwith_message.k):
(failwith_message):
(open_box_of_string.else.invalid_box):
(open_box_of_string.else.parse_spaces):
(open_box_of_string.else.parse_lword):
(open_box_of_string.else.parse_int):
(open_box_of_string):
(make_padding_fmt_ebb):
(make_precision_fmt_ebb):
(make_padprec_fmt_ebb):
(invalid_format_message):
(invalid_format_without):
(expected_character):
(compute_int_conv):
(incompatible_flag):
(parse_positive):
(parse_conv):
(parse_after_precision):
(else.parse_literal):
(parse_after_padding):
(parse_literal):
(parse_after_at):
(add_literal):
(parse_spaces):
(parse_integer):
(compute_float_conv):
(search_subformat_end):
(check_no_0):
(opt_of_pad):
(get_prec_opt):
(else.switch.case.99.char_format):
(else.switch.scan_format):
(parse_conversion):
(set_flag):
(parse_flags):
(is_int_base):
(counter_of_char):
(add_range):
(fail_single_percent):
(parse_char_set_after_char):
(parse_char_set_content):
(parse_char_set_start):
(parse_char_set):
(check_open_box):
(parse_tag):
(fmt_ebb_of_string):
(format_of_string_fmtty):
(format_of_string_format):
(caret):
(caml_ml_open_descriptor_in):
(caml_ml_open_descriptor_out):
(caml_ml_flush):
(node_std_output):
(caml_ml_output_char):
(caml_ml_input):
(caml_ml_input_char):
(caml_ml_out_channels_list):
(fail):
(caml_lex_array):
(caml_lex_engine):
(caml_lex_run_mem):
(caml_lex_run_tag):
(caml_new_lex_engine):
(caml_obj_dup):
(caml_obj_truncate):
(caml_lazy_make_forward):
(caml_update_dummy):
(caml_int_compare):
(caml_compare):
(caml_equal):
(caml_notequal):
(caml_greaterequal):
(caml_lessequal):
(else.aux):
(caml_get_public_method):
(caml_parse_engine):
(caml_set_parser_trace):
(js_string_of_char):
(caml_string_get):
(caml_create_string):
(caml_string_compare):
(caml_fill_string):
(caml_blit_string):
(caml_blit_bytes):
(bytes_of_string):
(bytes_to_string):
(caml_string_of_char_array):
(caml_is_printable):
(caml_string_get16):
(caml_string_get32):
(repeat):
(chr):
(app):
(js):
(curry_1):
(_1):
(js1):
(
1):
(curry_2):
(_2):
(js2):
(2):
(curry_3):
(_3):
(js3):
(
3):
(curry_4):
(_4):
(js4):
(4):
(curry_5):
(_5):
(js5):
(
5):
(curry_6):
(_6):
(js6):
(6):
(curry_7):
(_7):
(js7):
(
7):
(curry_8):
(_8):
(js8):
(8):
(stream):
(eos):
(skip):
(read):
(peek):
(string_of_byte):
(position):
(region):
(error):
(guard):
(get 1):
(get expect):
(get illegal):
(at):
(u32):
(u64):
(get require):
(vuN):
(get var):
(vsN):
(vu32):
(vs32):
(vs64):
(f32):
(f64):
(len32):
(string):
(opt):
(vec):
(sized):
(value_type):
(elem_type):
(stack_type):
(table_type):
(memory_type):
(mutability.get if):
(mutability):
(instr.get if):
(instr_block):
(const):
(id):
(section):
(type_section):
(import_kind.get if):
(import_section):
(func_section):
(table_section):
(memory_section):
(global):
(global_section):
(export_kind.get if):
(export_section):
(start_section):
(local):
(code):
(code_section):
(table_segment):
(elem_section):
(memory_segment):
(data_section):
(partial_arg.1):
(custom):
(custom_section):
(iterate):
(decode):
(patch):
(encode.u8):
(encode.u16):
(encode.u32):
(encode.vu64):
(encode.vs64):
(encode.vu32):
(encode.len):
(encode.bool):
(encode.string):
(encode.vec):
(encode.gap32):
(encode.patch_gap32):
(encode.value_type):
(encode.stack_type):
(encode.func_type):
(encode.limits):
(encode.table_type):
(encode.memory_type):
(encode.global_type):
(encode.memop):
(encode):
(encode.instr):
(encode.const):
(encode.section):
(encode.type_section):
(encode.import):
(encode.import_section):
(encode.func):
(encode.func_section):
(encode.table):
(encode.table_section):
(encode.memory):
(encode.memory_section):
(encode.global):
(encode.global_section):
(encode.export_kind):
(encode.export):
(encode.export_section):
(encode.start_section):
(encode.combine):
(encode.compress):
(encode.local):
(encode.code):
(encode.code_section):
(encode.segment):
(encode.table_segment):
(encode.elem_section):
(encode.memory_segment):
(encode.module_):
(Make.warn):
(Make.error):
(Make):
(print_nan_significand_digits):
(Make.of_bits):
(Make.to_bits):
(Make.is_nan):
(Make.canonicalize_nan):
(Make.determine_binary_nan):
(Make.determine_unary_nan):
(Make.binary):
(Make.unary):
(Make.add):
(Make.sub):
(Make.mul):
(Make.div):
(Make.sqrt):
(Make.ceil):
(Make.floor):
(Make.trunc):
(Make.nearest):
(Make.min):
(Make.max):
(Make.abs):
(Make.neg):
(Make.copysign):
(Make.eq):
(Make.ne):
(Make.lt):
(Make.gt):
(Make.le):
(Make.ge):
(Make.of_signless_string):
(Make.of_string):
(Make.to_string):
(add_queue):
(peek_queue):
(take_queue):
(pp_enqueue):
(pp_clear_queue):
(pp_output_string):
(break_new_line):
(break_same_line):
(pp_force_break_line):
(switch.add_tab):
(else.switch.find):
(format_pp_token):
(advance_left):
(enqueue_advance):
(enqueue_string_as):
(set_size):
(scan_push):
(pp_open_box_gen):
(pp_close_box):
(pp_open_tag):
(pp_close_tag):
(pp_set_print_tags):
(pp_set_mark_tags):
(pp_get_print_tags):
(pp_get_mark_tags):
(pp_set_tags):
(pp_get_formatter_tag_functions):
(pp_set_formatter_tag_functions):
(pp_rinit):
(pp_flush_queue):
(pp_print_as_size):
(pp_print_string):
(pp_print_int):
(pp_print_float):
(pp_print_bool):
(pp_open_hbox):
(pp_open_vbox):
(pp_open_hvbox):
(pp_open_hovbox):
(pp_open_box):
(pp_print_newline):
(pp_print_flush):
(pp_force_newline):
(pp_print_if_newline):
(pp_print_break):
(pp_print_space):
(pp_print_cut):
(pp_open_tbox):
(pp_close_tbox):
(pp_print_tbreak):
(pp_print_tab):
(pp_set_tab):
(pp_print_list):
(flush):
(pp_print_text):
(pp_set_max_boxes):
(pp_get_max_boxes):
(pp_over_max_boxes):
(pp_get_ellipsis_text):
(pp_limit):
(pp_set_max_indent):
(pp_get_max_indent):
(pp_set_margin):
(pp_get_margin):
(pp_set_formatter_out_functions):
(pp_get_formatter_out_functions):
(pp_set_formatter_output_functions):
(pp_get_formatter_output_functions):
(pp_set_all_formatter_output_functions):
(pp_get_all_formatter_output_functions):
(display_newline):
(display_blanks):
(state.16):
(state.17):
(state.18):
(state.19):
(pp_set_formatter_out_channel):
(default_pp_mark_open_tag):
(default_pp_mark_close_tag):
(default_pp_print_open_tag):
(default_pp_print_close_tag):
(pp_make_formatter):
(ppf.18):
(ppf.19):
(make_formatter):
(formatter_of_out_channel):
(formatter_of_buffer):
(flush_str_formatter):
(flush_buf_formatter):
(open_hbox):
(open_vbox):
(open_hvbox):
(open_hovbox):
(open_box):
(close_box):
(open_tag):
(close_tag):
(print_as):
(print_string):
(print_int):
(print_float):
(print_bool):
(print_cut):
(print_space):
(force_newline):
(print_flush):
(print_newline):
(print_if_newline):
(open_tbox):
(close_tbox):
(print_tbreak):
(set_tab):
(print_tab):
(set_margin):
(get_margin):
(set_max_indent):
(get_max_indent):
(set_max_boxes):
(get_max_boxes):
(over_max_boxes):
(set_ellipsis_text):
(get_ellipsis_text):
(set_formatter_out_channel):
(set_formatter_out_functions):
(get_formatter_out_functions):
(set_formatter_output_functions):
(get_formatter_output_functions):
(set_all_formatter_output_functions):
(get_all_formatter_output_functions):
(set_formatter_tag_functions):
(get_formatter_tag_functions):
(set_print_tags):
(get_print_tags):
(set_mark_tags):
(get_mark_tags):
(set_tags):
(compute_tag):
(output_formatting_lit):
(kfprintf):
(ikfprintf):
(fprintf):
(ifprintf):
(printf):
(eprintf):
(k.prime):
(ksprintf):
(sprintf):
(asprintf.k.prime):
(asprintf):
(k):
(bprintf):
(succ):
(pred):
(abs):
(lognot):
(Make.cmp_u):
(Make.divrem_u):
(Make.div_s):
(Make.div_u):
(Make.rem_s):
(Make.rem_u):
(Make.shift):
(Make.shl):
(Make.shr_s):
(Make.shr_u):
(Make.clamp_rotate_count):
(Make.rotl):
(Make.rotr):
(Make.loop):
(Make.clz):
(Make.ctz):
(Make.popcnt):
(Make.eqz):
(Make.lt_u):
(Make.le_u):
(Make.gt_u):
(Make.ge_u):
(Make.of_int_u):
(Make.to_string_u):
(Make.require):
(Make.dec_digit):
(Make.hex_digit):
(Make.parse_int):
(Make.of_string_s):
(Make.of_string_u):
(convert_pos):
(error_nest):
(text):
(intop):
(floatop):
(numop):
(memsz):
(ext):
(token.else.switch):
(token.else.switch.):
(token):
(
ocaml_lex_comment_rec):
(engine):
(new_engine):
(from_function):
(from_channel):
(from_string):
(lexeme):
(sub_lexeme):
(sub_lexeme_opt):
(sub_lexeme_char):
(sub_lexeme_char_opt):
(lexeme_char):
(lexeme_start):
(lexeme_end):
(lexeme_start_p):
(lexeme_end_p):
(new_line):
(flush_input):
(take):
(drop):
(last):
(split_last):
(index_of):
(index_of_int32):
(dim):
(set 1):
(get 2):
(log2):
(is_power_of_two):
(loop):
(breakup):
(hd):
(tl):
(rev_append):
(rev):
(flatten):
(rev_map):
(map2):
(rev_map2):
(iter2):
(fold_left2):
(fold_right2):
(for_all):
(exists):
(for_all2):
(exists2):
(mem):
(memq):
(assoc):
(assq):
(mem_assoc):
(mem_assq):
(remove_assoc):
(remove_assq):
(find):
(find_all):
(partition):
(split):
(combine):
(chop):
(rev_sort):
(sort_uniq):
(Make.height):
(Make.create):
(Make.singleton):
(Make.bal):
(Make.is_empty):
(Make.find):
(Make.mem):
(Make.min_binding):
(Make.max_binding):
(Make.remove_min_binding):
(Make.remove):
(Make.iter):
(Make.map):
(Make.mapi):
(Make.fold):
(Make.for_all):
(Make.exists):
(Make.add_min_binding):
(Make.add_max_binding):
(Make.join):
(Make.concat):
(Make.concat_or_join):
(Make.split):
(Make.merge):
(Make.filter):
(Make.partition):
(Make.cons_enum):
(Make.compare):
(Make.equal):
(Make.cardinal):
(Make.bindings_aux):
(Make.bindings):
(double_field):
(set_double_field):
(marshal):
(unmarshal):
(extension_slot):
(extension_name):
(extension_id):
(i32_const):
(i64_const):
(f32_const):
(f64_const):
(block):
(br):
(br_if):
(br_table):
(if_):
(call):
(call_indirect):
(get_local):
(set_local):
(tee_local):
(get_global):
(set_global):
(i32_load):
(i64_load):
(f32_load):
(f64_load):
(i32_load8_s):
(i32_load8_u):
(i32_load16_s):
(i32_load16_u):
(i64_load8_s):
(i64_load8_u):
(i64_load16_s):
(i64_load16_u):
(i64_load32_s):
(i64_load32_u):
(i32_store):
(i64_store):
(f32_store):
(f64_store):
(i32_store8):
(i32_store16):
(i64_store8):
(i64_store16):
(i64_store32):
(parse):
(string_to):
(string_to_script):
(string_to_module):
(parse_error):
(position_to_pos):
(positions_to_region):
(ati):
(nat):
(nat32):
(empty_context):
(enter_func):
(type_):
(lookup):
(label):
(anon_type):
(bind):
(bind_func):
(bind_local):
(bind_global):
(bind_table):
(bind_memory):
(anon):
(anon_func):
(anon_locals):
(anon_global):
(anon_table):
(anon_memory):
(anon_label):
(explicit_sig):
(inline_type):
(yyact):
(script1):
(module1):
(grow_stacks):
(clear_parser):
(current_lookahead_fun):
(catch.else.current_lookahead_fun.0):
(yyparse):
(peek_val):
(symbol_start_pos):
(symbol_end_pos):
(rhs_start_pos):
(rhs_end_pos):
(symbol_start):
(symbol_end):
(rhs_start):
(rhs_end):
(is_current_lookahead):
(failwith):
(invalid_arg):
(min):
(max):
(lnot):
(char_of_int):
(string_of_bool):
(bool_of_string):
(string_of_int):
(valid_float_lexem):
(string_of_float):
(open_out_gen):
(open_out):
(open_out_bin):
(flush_all):
(output_bytes):
(output_string):
(output):
(output_substring):
(output_value):
(close_out):
(close_out_noerr):
(open_in_gen):
(open_in):
(open_in_bin):
(input):
(else.r):
(unsafe_really_input):
(really_input):
(really_input_string):
(input_line.build_result):
(input_line.n):
(input_line.scan):
(input_line):
(close_in_noerr):
(print_bytes):
(print_endline):
(prerr_char):
(prerr_string):
(prerr_bytes):
(prerr_int):
(prerr_float):
(prerr_endline):
(prerr_newline):
(read_line):
(read_int):
(read_float):
(string_of_format):
(at_exit.exit_function.0):
(at_exit):
(do_at_exit):
(exit):
(output_binary_int):
(seek_out):
(pos_out):
(out_channel_length):
(set_binary_mode_out):
(input_binary_int):
(input_value):
(seek_in):
(pos_in):
(in_channel_length):
(close_in):
(set_binary_mode_in):
(LargeFile_000):
(LargeFile_001):
(LargeFile_002):
(LargeFile_003):
(LargeFile_004):
(LargeFile_005):
(kbprintf):
(plus):
(pp):
(print):
(string_of_pos):
(string_of_region):
(escaped.needs_escape):
(set_signal):
(catch_break):
(size):
(string_of_value_type):
(string_of_value_types):
(string_of_elem_type):
(string_of_limits):
(string_of_table_type):
(string_of_global_type):
(string_of_stack_type):
(string_of_func_type):
(type_of):
(default_value):
(value_of_bool):
(string_of_values):
(to_value):
(of_value):
(g):
(binary):
(bytes):

  • wasm/spec-tests/address.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/binary.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/block.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/br.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/br_if.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/br_table.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/break-drop.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/call.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/call_indirect.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/comments.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/conversions.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/custom_section.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/endianness.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/exports.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/f32.wast.js: Removed.
  • wasm/spec-tests/f32_cmp.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/f64.wast.js: Removed.
  • wasm/spec-tests/f64_cmp.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/fac.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/float_exprs.wast.js: Removed.
  • wasm/spec-tests/float_literals.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/float_memory.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/float_misc.wast.js: Removed.
  • wasm/spec-tests/forward.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/func.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/func_ptrs.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/get_local.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/globals.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/i32.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/i64.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/if.wast.js: Added.
  • wasm/spec-tests/imports.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/int_exprs.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/int_literals.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/jsapi.js: Added.

(testJSAPI.get test):
(testJSAPI.test):
(testJSAPI.set test):
(testJSAPI.assertCompileError):
(testJSAPI.assertCompileSuccess):
(testJSAPI):

  • wasm/spec-tests/labels.wast.js: Added.
  • wasm/spec-tests/left-to-right.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/linking.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/loop.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/memory.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/memory_redundancy.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/memory_trap.wast.js: Removed.
  • wasm/spec-tests/names.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/nop.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/resizing.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/return.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/select.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/set_local.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/skip-stack-guard-page.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/stack.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/start.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/store_retval.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/switch.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/tee_local.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/traps.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/typecheck.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/unreachable.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

  • wasm/spec-tests/unreached-invalid.wast.js: Added.
  • wasm/spec-tests/unwind.wast.js:

(register): Deleted.
(module): Deleted.
(instance): Deleted.
(assert_malformed): Deleted.
(assert_invalid): Deleted.
(assert_soft_invalid): Deleted.
(assert_unlinkable): Deleted.
(assert_uninstantiable): Deleted.
(assert_trap): Deleted.
(assert_return): Deleted.
(assert_return_nan): Deleted.

Tools:

Update the runner to know the new wasm spec test harness code.

  • Scripts/run-jsc-stress-tests:
11:36 AM Changeset in webkit [214823] by zandobersek@gmail.com
  • 2 edits in trunk/Source/WebCore

[GCrypt] Implement AES_KW support
https://bugs.webkit.org/show_bug.cgi?id=170274

Reviewed by Michael Catanzaro.

Implement the CryptoAlgorithmAES_KW::platform{Wrap,Unwrap}Key()
functionality for configurations that use libgcrypt. This is done
by leveraging the gcry_cipher_* APIs for the AES algorithm that's
deducted appropriately from the key size and the AESWRAP cipher mode.

No new tests -- current ones cover this sufficiently, but are not yet
enabled due to other missing platform-specific SUBTLE_CRYPTO
implementations.

  • crypto/gcrypt/CryptoAlgorithmAES_KWGCrypt.cpp:

(WebCore::gcryptWrapKey):
(WebCore::gcryptUnwrapKey):
(WebCore::CryptoAlgorithmAES_KW::platformWrapKey):
(WebCore::CryptoAlgorithmAES_KW::platformUnwrapKey):

11:12 AM Changeset in webkit [214822] by zandobersek@gmail.com
  • 4 edits in trunk/Source/WebCore

[GCrypt] Implement AES_GCM support
https://bugs.webkit.org/show_bug.cgi?id=170271

Reviewed by Michael Catanzaro.

Source/WebCore:

Implement the CryptoAlgorithmAES_GCM::platform{Encrypt,Decrypt}
functionality for configurations that use libgcrypt. This is done
by leveraging the gcry_cipher_* APIs for the AES algorithm that's
deducted appropriately from the key size and the GCM cipher mode.

No new tests -- current ones cover this sufficiently, but are not yet
enabled due to other missing platform-specific SUBTLE_CRYPTO
implementations.

  • crypto/gcrypt/CryptoAlgorithmAES_GCMGCrypt.cpp:

(WebCore::gcryptEncrypt):
(WebCore::gcryptDecrypt):
(WebCore::CryptoAlgorithmAES_GCM::platformEncrypt):
(WebCore::CryptoAlgorithmAES_GCM::platformDecrypt):

Source/WebCore/PAL:

  • pal/crypto/gcrypt/Handle.h:

(PAL::GCrypt::HandleDeleter<gcry_cipher_hd_t>::operator()): Specialize
the HandleDeleter<> template for the gcry_cipher_hd_t type.

11:10 AM Changeset in webkit [214821] by zandobersek@gmail.com
  • 2 edits in trunk/Source/WebCore

[GCrypt] Implement PBKDF2 support
https://bugs.webkit.org/show_bug.cgi?id=170270

Reviewed by Michael Catanzaro.

Implement the CryptoAlgorithmPBKDF2::platformDeriveBits() functionality
for configurations that use libgcrypt. This is done by leveraging the
gcry_kdf_derive() API, using GCRY_KDF_PBKDF2 as the preferred KDF
along with the properly deducted SHA algorithm.

No new tests -- current ones cover this sufficiently, but are not yet
enabled due to other missing platform-specific SUBTLE_CRYPTO
implementations.

  • crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp:

(WebCore::gcryptDeriveBits):
(WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):

11:00 AM Changeset in webkit [214820] by commit-queue@webkit.org
  • 3 edits in trunk/LayoutTests

LayoutTest pointer-lock/mouse-event-delivery.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=167965

Patch by Jeremy Jones <jeremyj@apple.com> on 2017-04-03
Reviewed by Jon Lee.

Wait for wheel event before doing next step of test. The wheel event is delivered asynchronously and
can therefore be delivered later than expected by the test. This is already done for the first one,
do this for the second one also.

  • platform/mac-wk2/TestExpectations:
  • pointer-lock/mouse-event-delivery.html:
10:51 AM Changeset in webkit [214819] by Simon Fraser
  • 6 edits
    8 adds in trunk

Clean up touch event handler registration when moving nodes between documents
https://bugs.webkit.org/show_bug.cgi?id=170384
rdar://problem/30816694

Reviewed by Chris Dumez.

Source/WebCore:

Make sure that Node::didMoveToNewDocument() does the correct unregistration on the
old document, and registration on the new document for nodes with touch event listeners,
and gesture event listeners. Touch "handler" nodes (those for overflow and sliders) are
already correctly moved via renderer-related teardown.

Add assertions that fire when removal was not complete.

Use references in more places.

Tests: fast/events/touch/ios/gesture-node-move-between-documents.html

fast/events/touch/ios/overflow-node-move-between-documents.html
fast/events/touch/ios/slider-node-move-between-documents.html
fast/events/touch/ios/touch-node-move-between-documents.html

  • dom/EventNames.h:

(WebCore::EventNames::gestureEventNames):

  • dom/Node.cpp:

(WebCore::Node::willBeDeletedFrom):
(WebCore::Node::didMoveToNewDocument):
(WebCore::tryAddEventListener):
(WebCore::tryRemoveEventListener):

  • html/shadow/SliderThumbElement.cpp:

(WebCore::SliderThumbElement::registerForTouchEvents):
(WebCore::SliderThumbElement::unregisterForTouchEvents):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::registerAsTouchEventListenerForScrolling):
(WebCore::RenderLayer::unregisterAsTouchEventListenerForScrolling):

LayoutTests:

Tests for moving nodes with various listener/handler combinations between documents.

  • fast/events/touch/ios/gesture-node-move-between-documents-expected.txt: Added.
  • fast/events/touch/ios/gesture-node-move-between-documents.html: Added.
  • fast/events/touch/ios/overflow-node-move-between-documents-expected.txt: Added.
  • fast/events/touch/ios/overflow-node-move-between-documents.html: Added.
  • fast/events/touch/ios/slider-node-move-between-documents-expected.txt: Added.
  • fast/events/touch/ios/slider-node-move-between-documents.html: Added.
  • fast/events/touch/ios/touch-node-move-between-documents-expected.txt: Added.
  • fast/events/touch/ios/touch-node-move-between-documents.html: Added.
10:40 AM Changeset in webkit [214818] by Carlos Garcia Campos
  • 4 edits
    9 adds in releases/WebKitGTK/webkit-2.16

Merge r214807 - [SOUP] URI Fragment is lost after redirect
https://bugs.webkit.org/show_bug.cgi?id=170058

Reviewed by Michael Catanzaro.

Source/WebKit2:

In case of redirection check if the current request has a fragment identifier and apply it to the redirection
only when it doesn't have a fragment identifier yet.

  • NetworkProcess/soup/NetworkDataTaskSoup.cpp:

(WebKit::NetworkDataTaskSoup::NetworkDataTaskSoup):
(WebKit::NetworkDataTaskSoup::createRequest):
(WebKit::NetworkDataTaskSoup::continueHTTPRedirection):

  • NetworkProcess/soup/NetworkDataTaskSoup.h:

LayoutTests:

Add tests to check we correctly handle fragment identifiers on server redirections.

  • http/tests/navigation/redirect-preserves-fragment-expected.txt: Added.
  • http/tests/navigation/redirect-preserves-fragment.html: Added.
  • http/tests/navigation/redirect-to-fragment-expected.txt: Added.
  • http/tests/navigation/redirect-to-fragment.html: Added.
  • http/tests/navigation/redirect-to-fragment2-expected.txt: Added.
  • http/tests/navigation/redirect-to-fragment2.html: Added.
  • http/tests/navigation/resources/redirect-preserves-fragment.php: Added.
  • http/tests/navigation/resources/redirect-to-fragment.php: Added.
  • http/tests/navigation/resources/redirect-to-fragment2.php: Added.
  • platform/ios/TestExpectations:
  • platform/mac/TestExpectations:
10:38 AM Changeset in webkit [214817] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214732 - Share implementation of JSRunLoopTimer::timerDidFire
https://bugs.webkit.org/show_bug.cgi?id=170392

Reviewed by Michael Catanzaro.

The code is cross-platform but it's duplicated in CF and GLib implementations, it could be shared instead.

  • runtime/JSRunLoopTimer.cpp:

(JSC::JSRunLoopTimer::timerDidFire): Move common implementation here.
(JSC::JSRunLoopTimer::setRunLoop): Use timerDidFireCallback.
(JSC::JSRunLoopTimer::timerDidFireCallback): Call JSRunLoopTimer::timerDidFire().

  • runtime/JSRunLoopTimer.h:
10:32 AM Changeset in webkit [214816] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214726 - Long Arabic text in ContentEditable with css white-space=pre hangs Safari
https://bugs.webkit.org/show_bug.cgi?id=170245

Reviewed by Myles C. Maxfield.

While searching for mid-word break, we measure the text by codepoints in a loop until the accumulated width > available width.
When we see that the accumulated width for the individual codepoints overflows, we join the codepoints and re-measure them.
These 2 widths could be considerably different for number of reasons (ligatures is a prime example). When we figure that
the run still fits, we go back to the main loop (since we are not supposed to wrap the line here) and take the next codepoint.
However this time we start the measurement from the last whitespace, so we end up remeasuring a potentially long chuck of text
until we hit the wrapping point. This is way too expensive.
This patch changes the logic so that we just go back to measuring individual codepoints until we hit the constrain again.

Covered by existing tests.

  • rendering/line/BreakingContext.h:

(WebCore::BreakingContext::handleText): canUseSimpleFontCodePath() is just to mitigate the potential risk of regression and
complex text is more likely to fall into this category.

10:29 AM Changeset in webkit [214815] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.16

Merge r214714 - Object with numerical keys with gaps gets filled by NaN values
https://bugs.webkit.org/show_bug.cgi?id=164412

Reviewed by Mark Lam.

This patch fixes issue when object have two properties
with name as number. The issue appears when during invoking
convertDoubleToArrayStorage, array is filled by pNaN and
method converting it to real NaN. This happeneds because a
pNaN in a Double array is a hole, and Double arrays cannot
have NaN values. To fix issue we need to check value and
clear it if it pNaN.

Source/JavaScriptCore:

  • runtime/JSObject.cpp:

(JSC::JSObject::convertDoubleToArrayStorage):

JSTests:

  • stress/object-number-properties.js: Added.
10:24 AM Changeset in webkit [214814] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214684 - Array.prototype.splice() should not be using JSArray::tryCreateForInitializationPrivate().
https://bugs.webkit.org/show_bug.cgi?id=170303
<rdar://problem/31358281>

Reviewed by Filip Pizlo.

This is because it needs to call getProperty() later to get the values for
initializing the array. getProperty() can execute arbitrary code and potentially
trigger the GC. This is not allowed for clients of JSArray::tryCreateForInitializationPrivate().

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncSplice):
(JSC::copySplicedArrayElements): Deleted.

10:23 AM Changeset in webkit [214813] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/WebKit2

Merge r214666 - Modern media controls should never be enabled in non cocoa ports
https://bugs.webkit.org/show_bug.cgi?id=170338

Reviewed by Michael Catanzaro.

It's currently enabled, because it uses the default value for all other runtime features, but modern media
controls are not a cross-platform feature. I think this is why media/video-click-dblckick-standalone.html
started to fail in GTK+ port after r214426. I can't reprouduce the failure locally, so I can't confirm it,
though.

  • Shared/WebPreferencesDefinitions.h:
10:20 AM Changeset in webkit [214812] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214637 - IntlObject should not be using JSArray::initializeIndex().
https://bugs.webkit.org/show_bug.cgi?id=170302
<rdar://problem/31356918>

Reviewed by Saam Barati.

JSArray::initializeIndex() is only meant to be used with arrays created using
JSArray::tryCreateForInitializationPrivate() under very constrained conditions.

  • runtime/IntlObject.cpp:

(JSC::canonicalizeLocaleList):
(JSC::intlObjectFuncGetCanonicalLocales):

10:15 AM Changeset in webkit [214811] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214618 - [Crash] WebCore::AudioBuffer::AudioBuffer don't checking illegal value
https://bugs.webkit.org/show_bug.cgi?id=169956

Reviewed by Youenn Fablet.

Source/WebCore:

Test: webaudio/audiobuffer-crash.html

  • Modules/webaudio/AudioBuffer.cpp:

(WebCore::AudioBuffer::AudioBuffer): Invalidate the object and return early if the channel
array allocation fails.
(WebCore::AudioBuffer::AudioBuffer): Ditto.
(WebCore::AudioBuffer::invalidate): Invalidate the object.

  • Modules/webaudio/AudioBuffer.h:

LayoutTests:

  • webaudio/audiobuffer-crash-expected.txt: Added.
  • webaudio/audiobuffer-crash.html: Added.
10:12 AM Changeset in webkit [214810] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214599 - Disconnecting a HTMLObjectElement does not always unload its content document
https://bugs.webkit.org/show_bug.cgi?id=169606

Reviewed by Andy Estes.

Source/WebCore:

When removing a node, we first disconnect all subframes then update the focused element as we remove each child.
However, when the removed element is a focused object element with a content document, removeFocusedNodeOfSubtree
can update the style tree synchronously inside Document::setFocusedElement, and reload the document.

Avoid this by instantiating a SubframeLoadingDisabler on the parent of the focused element.

Test: fast/dom/removing-focused-object-element.html

  • dom/Document.cpp:

(WebCore::Document::removeFocusedNodeOfSubtree):

LayoutTests:

Add a regression test.

  • fast/dom/removing-focused-object-element-expected.txt: Added.
  • fast/dom/removing-focused-object-element.html: Added.
10:10 AM Changeset in webkit [214809] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214588 - RenderBlockFlow::addFloatsToNewParent should check if float is already added to the object list.
https://bugs.webkit.org/show_bug.cgi?id=170259
<rdar://problem/31300584>

Reviewed by Simon Fraser.

Source/WebCore:

r210145 assumed that m_floatingObjects would simply ignore the floating box if it was already in the list.

Test: fast/block/float/placing-multiple-floats-crash.html

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::addFloatsToNewParent):

LayoutTests:

  • fast/block/float/placing-multiple-floats-crash-expected.txt: Added.
  • fast/block/float/placing-multiple-floats-crash.html: Added.
10:09 AM Changeset in webkit [214808] by Carlos Garcia Campos
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214510 - Only attach Attributes to a given element one time
https://bugs.webkit.org/show_bug.cgi?id=170125
<rdar://problem/31279676>

Reviewed by Chris Dumez.

Source/WebCore:

Attach the attribute node to the Element before calling 'setAttributeInternal', since that method may cause
arbitrary JavaScript events to fire.

Test: fast/dom/Attr/only-attach-attr-once.html

  • dom/Element.cpp:

(WebCore::Element::attachAttributeNodeIfNeeded): Added.
(WebCore::Element::setAttributeNode): Use new method. Revise to attach attribute before calling 'setAttributeInternal'.
(WebCore::Element::setAttributeNodeNS): Ditto.

  • dom/Element.h:

LayoutTests:

  • fast/dom/Attr/make-unique-element-data-while-replacing-attr-expected.txt: Rebaselined.
  • fast/dom/Attr/make-unique-element-data-while-replacing-attr.html: Add check before setting new value.
  • fast/dom/Attr/only-attach-attr-once-expected.txt: Added.
  • fast/dom/Attr/only-attach-attr-once.html: Added.
10:08 AM Changeset in webkit [214807] by Carlos Garcia Campos
  • 6 edits
    9 adds in trunk

[SOUP] URI Fragment is lost after redirect
https://bugs.webkit.org/show_bug.cgi?id=170058

Reviewed by Michael Catanzaro.

Source/WebKit2:

In case of redirection check if the current request has a fragment identifier and apply it to the redirection
only when it doesn't have a fragment identifier yet.

  • NetworkProcess/soup/NetworkDataTaskSoup.cpp:

(WebKit::NetworkDataTaskSoup::NetworkDataTaskSoup):
(WebKit::NetworkDataTaskSoup::createRequest):
(WebKit::NetworkDataTaskSoup::continueHTTPRedirection):

  • NetworkProcess/soup/NetworkDataTaskSoup.h:

LayoutTests:

Add tests to check we correctly handle fragment identifiers on server redirections.

  • http/tests/navigation/redirect-preserves-fragment-expected.txt: Added.
  • http/tests/navigation/redirect-preserves-fragment.html: Added.
  • http/tests/navigation/redirect-to-fragment-expected.txt: Added.
  • http/tests/navigation/redirect-to-fragment.html: Added.
  • http/tests/navigation/redirect-to-fragment2-expected.txt: Added.
  • http/tests/navigation/redirect-to-fragment2.html: Added.
  • http/tests/navigation/resources/redirect-preserves-fragment.php: Added.
  • http/tests/navigation/resources/redirect-to-fragment.php: Added.
  • http/tests/navigation/resources/redirect-to-fragment2.php: Added.
  • platform/ios/TestExpectations:
  • platform/mac/TestExpectations:
9:59 AM Changeset in webkit [214806] by commit-queue@webkit.org
  • 25 edits
    2 adds in trunk

captureStream is getting black frames with webgl canvas
https://bugs.webkit.org/show_bug.cgi?id=170325

Patch by Youenn Fablet <youenn@apple.com> on 2017-04-03
Reviewed by Dean Jackson.

Source/WebCore:

Test: fast/mediastream/captureStream/canvas3d.html

Changing the webgl context to save buffers in case the canvas is captured.
Adding a canvas changed notification in case of clear.
In the future, we might want to change this notification and do it when endPaint or similar is called.

Adding an Internals API to grab the RGBA equivalent of the next track frame.
For that purpose, adding a bunch of WEBCORE_EXPORT.

  • Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:

(WebCore::CanvasCaptureMediaStreamTrack::Source::Source): Adding constraints support so that track settings
getter actually transmits the width and height of the source.
(WebCore::CanvasCaptureMediaStreamTrack::Source::canvasChanged): ensuring webgl canvas context keep their drawing buffer.

  • Modules/mediastream/MediaStreamTrack.h:
  • bindings/js/JSDOMGuardedObject.h:
  • bindings/js/JSDOMPromise.h:

(WebCore::DeferredPromise::resolve):
(WebCore::DeferredPromise::reject):

  • dom/ActiveDOMCallback.h:
  • html/HTMLCanvasElement.cpp:

(WebCore::HTMLCanvasElement::captureStream):

  • html/ImageData.h:
  • html/ImageData.idl:
  • html/canvas/WebGLRenderingContext.cpp:

(WebCore::WebGLRenderingContext::clear): ensuring canvas observers get notified in case of clear calls.

  • html/canvas/WebGLRenderingContextBase.h:

(WebCore::WebGLRenderingContextBase::preserveDrawingBuffer): Added to allow canvas capture to update this property.

  • platform/MediaSample.h:

(WebCore::MediaSample::getRGBAImageData): Added for internals API.

  • platform/graphics/avfoundation/MediaSampleAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:

(WebCore::MediaSampleAVFObjC::getRGBAImageData):

  • platform/graphics/cv/PixelBufferConformerCV.cpp:

(WebCore::PixelBufferConformerCV::convert): Helper routine for getRGBAImageData.

  • platform/graphics/cv/PixelBufferConformerCV.h:
  • platform/mediastream/RealtimeMediaSourceSettings.h:

(WebCore::RealtimeMediaSourceSettings::setSupportedConstraints):
(WebCore::RealtimeMediaSourceSettings::setSupportedConstraits): Deleted.

  • platform/mediastream/mac/AVMediaCaptureSource.mm:

(WebCore::AVMediaCaptureSource::initializeSettings):

  • platform/mediastream/openwebrtc/RealtimeAudioSourceOwr.h:
  • platform/mediastream/openwebrtc/RealtimeVideoSourceOwr.h:
  • platform/mock/MockRealtimeMediaSource.cpp:

(WebCore::MockRealtimeMediaSource::initializeSettings):

  • testing/Internals.cpp:

(WebCore::Internals::grabNextMediaStreamTrackFrame):
(WebCore::Internals::videoSampleAvailable):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

  • fast/mediastream/captureStream/canvas3d-expected.txt: Added.
  • fast/mediastream/captureStream/canvas3d.html: Added.
9:54 AM Changeset in webkit [214805] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214509 - The Mutator should not be able to steal the conn if the Collector hasn't reached the NotRunning phase yet.
https://bugs.webkit.org/show_bug.cgi?id=170213
<rdar://problem/30755345>

Reviewed by Filip Pizlo.

The current condition for stealing the conn isn't tight enough. Restricting the
stealing to when m_currentPhase == NotRunning ensures that the Collector is
really done running.

No test because this issue only manifests with a race condition that is difficult
to reproduce on demand.

  • heap/Heap.cpp:

(JSC::Heap::requestCollection):

9:53 AM Changeset in webkit [214804] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214501 - Missing render tree position invalidation when tearing down renderers for display:contents subtree
https://bugs.webkit.org/show_bug.cgi?id=170199
<rdar://problem/31260856>

Reviewed by Zalan Bujtas.

Source/WebCore:

Test: fast/shadow-dom/slot-renderer-teardown.html

  • style/RenderTreeUpdater.cpp:

(WebCore::RenderTreeUpdater::updateElementRenderer):

Invalidate the render tree position in case we do a teardown for an element without renderer.

LayoutTests:

  • fast/shadow-dom/slot-renderer-teardown-expected.txt: Added.
  • fast/shadow-dom/slot-renderer-teardown.html: Added.
9:47 AM Changeset in webkit [214803] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Tools

Merge r214398 - [GTK] No value returned from PrintCustomWidgetTest::createWebKitPrintOperation() in TestPrinting.cpp
https://bugs.webkit.org/show_bug.cgi?id=170059

Patch by Adrian Perez de Castro <Adrian Perez de Castro> on 2017-03-25
Reviewed by Carlos Garcia Campos.

  • TestWebKitAPI/Tests/WebKit2Gtk/TestPrinting.cpp: Use "void" as return type in the declaration,

the only use of the method in this same file ignores the returned value anyway.

9:46 AM Changeset in webkit [214802] by Carlos Garcia Campos
  • 1 edit
    1 delete in releases/WebKitGTK/webkit-2.16/LayoutTests

Merge r214248 - Unreviewed GTK+ gardening. Remove platform expectation after r214246.

  • platform/gtk/http/tests/loading/server-redirect-for-provisional-load-caching-expected.txt: Removed.
9:46 AM Changeset in webkit [214801] by Carlos Garcia Campos
  • 1 edit in releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog

Merge r214392 - media/restore-from-page-cache.html causes NoEventDispatchAssertion::isEventAllowedInMainThread() assertion failure
https://bugs.webkit.org/show_bug.cgi?id=170087
<rdar://problem/31254822>

Reviewed by Simon Fraser.

Reduce the scope of code that should never dispatch DOM events so as to allow updating contents size
after restoring a page from the page cache.

In r214014 we instantiate a NoEventDispatchAssertion in FrameLoader::commitProvisionalLoad()
around the call to CachedPage::restore() to assert when a DOM event is dispatched during
page restoration as such events can cause re-entrancy into the page cache. As it turns out
it is sufficient to ensure that no DOM events are dispatched after restoring all cached frames
as opposed to after CachedPage::restore() returns.

Also rename Document::enqueue{Pageshow, Popstate}Event() to dispatch{Pageshow, Popstate}Event(),
respectively, since they synchronously dispatch events :(. We hope in the future to make them
asynchronously dispatch events.

  • dom/Document.cpp:

(WebCore::Document::implicitClose): Update for renaming.
(WebCore::Document::statePopped): Ditto.
(WebCore::Document::dispatchPageshowEvent): Renamed; formerly named enqueuePageshowEvent().
(WebCore::Document::dispatchPopstateEvent): Renamed; formerly named enqueuePopstateEvent().
(WebCore::Document::enqueuePageshowEvent): Deleted.
(WebCore::Document::enqueuePopstateEvent): Deleted.

  • dom/Document.h:
  • history/CachedPage.cpp:

(WebCore::firePageShowAndPopStateEvents): Moved logic from FrameLoader::didRestoreFromCachedPage() to here.
(WebCore::CachedPage::restore): Modified to call firePageShowAndPopStateEvents().

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad): Removed use of NoEventDispatchAssertion RAII object. We
will instantiate it in CachedPage::restore() with a smaller scope.
(WebCore::FrameLoader::didRestoreFromCachedPage): Deleted; moved logic from here to WebCore::firePageShowAndPopStateEvents().

  • loader/FrameLoader.h:
9:22 AM Changeset in webkit [214800] by Carlos Garcia Campos
  • 7 edits
    5 adds in releases/WebKitGTK/webkit-2.16

Merge r214375 - A null compound index value crashes the Databases process.
<rdar://problem/30499831> and https://bugs.webkit.org/show_bug.cgi?id=170000

Reviewed by Alex Christensen.

Source/WebCore:

Test: storage/indexeddb/modern/single-entry-index-invalid-key-crash.html

  • bindings/js/IDBBindingUtilities.cpp:

(WebCore::createKeyPathArray): Fix the bug by rejecting arrays with any invalid keys in them.

Add some logging:

  • Modules/indexeddb/IDBKeyPath.cpp:

(WebCore::loggingString):

  • Modules/indexeddb/IDBKeyPath.h:
  • Modules/indexeddb/IDBObjectStore.cpp:

(WebCore::IDBObjectStore::createIndex):

  • Modules/indexeddb/shared/IDBIndexInfo.cpp:

(WebCore::IDBIndexInfo::loggingString):

LayoutTests:

  • storage/indexeddb/modern/resources/single-entry-index-invalid-key-crash.js: Added.
  • storage/indexeddb/modern/single-entry-index-invalid-key-crash-expected.txt: Added.
  • storage/indexeddb/modern/single-entry-index-invalid-key-crash-private-expected.txt: Added.
  • storage/indexeddb/modern/single-entry-index-invalid-key-crash-private.html: Added.
  • storage/indexeddb/modern/single-entry-index-invalid-key-crash.html: Added.
9:11 AM Changeset in webkit [214799] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214374 - Array memcpy'ing fast paths should check if we're having a bad time if they cannot handle it.
https://bugs.webkit.org/show_bug.cgi?id=170064
<rdar://problem/31246098>

Reviewed by Geoffrey Garen.

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoPrivateFuncConcatMemcpy):

  • runtime/JSArray.cpp:

(JSC::JSArray::fastSlice):

9:10 AM Changeset in webkit [214798] by Carlos Garcia Campos
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214365 - Prevent new navigations during document unload
https://bugs.webkit.org/show_bug.cgi?id=169934
<rdar://problem/31247584>

Reviewed by Chris Dumez.

Source/WebCore:

Similar to our policy of preventing new navigations from onbeforeunload handlers
we should prevent new navigations that are initiated during the document unload
process.

The significant part of this change is the instantiation of the RAII object NavigationDisabler
in Document::prepareForDestruction(). The rest of this change just renames class
NavigationDisablerForBeforeUnload to NavigationDisabler now that this RAII class is
used to prevent navigation from both onbeforeunload event handlers and when unloading
a document.

Test: fast/frames/frame-unload-navigate-and-setTimeout-assert-fail.html

  • dom/Document.cpp:

(WebCore::Document::prepareForDestruction): Disable new navigations when disconnecting
subframes. Also assert that the document is not in the page cache before we fall off
the end of the function.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::isNavigationAllowed): Update for renaming below.
(WebCore::FrameLoader::shouldClose): Ditto.

  • loader/NavigationScheduler.cpp:

(WebCore::NavigationScheduler::shouldScheduleNavigation): Ditto.

  • loader/NavigationScheduler.h:

(WebCore::NavigationDisabler::NavigationDisabler): Renamed class; formerly named NavigationDisablerForBeforeUnload.
(WebCore::NavigationDisabler::~NavigationDisabler): Ditto.
(WebCore::NavigationDisabler::isNavigationAllowed): Ditto.
(WebCore::NavigationDisablerForBeforeUnload::NavigationDisablerForBeforeUnload): Deleted.
(WebCore::NavigationDisablerForBeforeUnload::~NavigationDisablerForBeforeUnload): Deleted.
(WebCore::NavigationDisablerForBeforeUnload::isNavigationAllowed): Deleted.

LayoutTests:

Add a test to ensure that we do not cause an assertion fail when calling setTimeout
after starting a navigation from an onunload event handler.

  • fast/frames/frame-unload-navigate-and-setTimeout-assert-fail-expected.txt: Added.
  • fast/frames/frame-unload-navigate-and-setTimeout-assert-fail.html: Added.
9:00 AM Changeset in webkit [214797] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.16

Merge r214345 - [JSC] Use jsNontrivialString agressively for ToString(Int52)
https://bugs.webkit.org/show_bug.cgi?id=170002

Reviewed by Sam Weinig.

JSTests:

  • stress/to-string-int52.js: Added.

(shouldBe):
(toString10):
(expected):

Source/JavaScriptCore:

We use the same logic used for Int32 to use jsNontvirialString.
After single character check, produced string is always longer than 1.
Thus, we can use jsNontrivialString.

  • runtime/NumberPrototype.cpp:

(JSC::int52ToString):

8:58 AM Changeset in webkit [214796] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.16

Merge r214340 - Text stroke is sometimes clipped on video captions.
https://bugs.webkit.org/show_bug.cgi?id=170006

Reviewed by Eric Carlson.

Source/WebCore:

Set 'overflow' property to 'visible' on cue element to avoid clipping of text stroke.

Updated test media/track/track-css-stroke-cues.html.

  • html/track/TextTrackCueGeneric.cpp:

(WebCore::TextTrackCueGenericBoxElement::applyCSSProperties):

  • html/track/VTTCue.cpp:

(WebCore::VTTCueBox::applyCSSProperties):

LayoutTests:

  • media/track/track-css-stroke-cues-expected.txt:
  • media/track/track-css-stroke-cues.html:
8:56 AM Changeset in webkit [214795] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214334 - Array.prototype.splice behaves incorrectly when the VM is "having a bad time".
https://bugs.webkit.org/show_bug.cgi?id=170025
<rdar://problem/31228679>

Reviewed by Saam Barati.

  • runtime/ArrayPrototype.cpp:

(JSC::copySplicedArrayElements):
(JSC::arrayProtoFuncSplice):

8:43 AM Changeset in webkit [214794] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.16

Merge r214323 - [JSC][DFG] Make addShouldSpeculateAnyInt more conservative to avoid regression caused by Double <-> Int52 conversions
https://bugs.webkit.org/show_bug.cgi?id=169998

Reviewed by Saam Barati.

JSTests:

  • microbenchmarks/int52-back-and-forth.js: Added.

(shouldBe):
(num):

Source/JavaScriptCore:

Double <-> Int52 and JSValue <-> Int52 conversions are not so cheap. Thus, Int52Rep is super carefully emitted.
We make addShouldSpeculateAnyInt more conservative to avoid regressions caused by the above conversions.
We select ArithAdd(Int52, Int52) only when this calculation is beneficial compared to added Int52Rep conversions.

This patch tighten the conditions of addShouldSpeculateAnyInt.

  1. Honor DoubleConstant.

When executing imaging-darkroom, we have a thing like that,

132:< 2:loc36> DoubleConstant(Double|UseAsOther, AnyIntAsDouble, Double: 4607182418800017408, 1.000000, bc#114)
1320:< 1:loc38> Int52Rep(Check:Int32:@82, Int52|PureInt, Int32, Exits, bc#114)
1321:< 1:loc39> Int52Constant(Int52|PureInt, Boolint32Nonboolint32Int52, Double: 4607182418800017408, 1.000000, bc#114)
133:<!3:loc39> ArithSub(Int52Rep:@1320<Int52>, Int52Rep:@1321<Int52>, Int52|MustGen, Int52, CheckOverflow, Exits, bc#114)

The LHS of ArithSub says predicting Boolint32, and the rhs says AnyIntAsDouble. Thus we select ArithSub(Int52, Int52) instead
of ArithSub(Double, Double). However, it soon causes OSR exits. In imaging-darkroom, LHS's Int32 prediction will be broken.
While speculating Int32 in the above situation is reasonable approach since the given LHS says predicting Int32, this causes
severe performance regression.

Previously, we always select ArithSub(Double, Double). So accidentally, we do not encounter this misprediction issue.

One thing can be found that we have DoubleConstant in the RHS. It means that we have 1.0 instead of 1 in the code.
We can see the code like lhs - 1.0 instead of lhs - 1 in imaging-darkroom. It offers good information that lhs and
the resulting value would be double. Handling the above ArithSub in double seems more appropriate rather than handling
it in Int52.

So, in this patch, we honor DoubleConstant. If we find DoubleConstant on one operand, we give up selecting
Arith[Sub,Add](Int52, Int52). This change removes OSR exits occurr in imaging-darkroom right now.

  1. Two Int52Rep(Double) conversions are not desirable.

We allow AnyInt ArithAdd only when the one operand of the binary operation should be speculated AnyInt. It is a bit conservative
decision. This is because Double to Int52 conversion is not so cheap. Frequent back-and-forth conversions between Double and Int52
rather hurt the performance. If the one operand of the operation is already Int52, the cost for constructing ArithAdd becomes
cheap since only one Double to Int52 conversion could be required.
This recovers some regression in assorted tests while keeping kraken crypto improvements.

  1. Avoid frequent Int52 to JSValue conversions.

Int52 to JSValue conversion is not so cheap. Thus, we would like to avoid such situations. So, in this patch, we allow
Arith(Int52, Int52) with AnyIntAsDouble operand only when the node is used as number. By doing so, we avoid the case like,
converting Int52, performing ArithAdd, and soon converting back to JSValue.

The above 3 changes recover the regression measured in microbenchmarks/int52-back-and-forth.js and assorted benchmarks.
And still it keeps kraken crypto improvements.

baseline patched

imaging-darkroom 201.112+-3.192 189.532+-2.883 definitely 1.0611x faster
stanford-crypto-pbkdf2 103.953+-2.325 100.926+-2.396 might be 1.0300x faster
stanford-crypto-sha256-iterative 35.103+-1.071 ? 36.049+-1.143 ? might be 1.0270x slower

  • dfg/DFGGraph.h:

(JSC::DFG::Graph::addShouldSpeculateAnyInt):

6:57 AM Changeset in webkit [214793] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/WebKit2

Merge r214786 - Mutex may be freed too late in NetworkCache::Storage::traverse
https://bugs.webkit.org/show_bug.cgi?id=170400
<rdar://problem/30515865>

Reviewed by Carlos Garcia Campos and Andreas Kling.

Fix a race.

  • NetworkProcess/cache/NetworkCacheStorage.cpp:

(WebKit::NetworkCache::Storage::traverse):

Ensure the mutex is not accessed after we dispatch to the main thread.
The main thread call deletes the owning TraverseOperation.

6:56 AM Changeset in webkit [214792] by Carlos Garcia Campos
  • 10 edits
    1 add in releases/WebKitGTK/webkit-2.16

Merge r214313 - Clients of JSArray::tryCreateForInitializationPrivate() should do their own null checks.
https://bugs.webkit.org/show_bug.cgi?id=169783

Reviewed by Saam Barati.

JSTests:

  • stress/regress-169783.js: Added.

Source/JavaScriptCore:

Fixed clients of tryCreateForInitializationPrivate() to do a null check and throw
an OutOfMemoryError if allocation fails, or RELEASE_ASSERT that the allocation
succeeds.

  • dfg/DFGOperations.cpp:
  • ftl/FTLOperations.cpp:

(JSC::FTL::operationMaterializeObjectInOSR):

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncSplice):

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/JSArray.cpp:

(JSC::JSArray::tryCreateForInitializationPrivate):
(JSC::JSArray::fastSlice):

  • runtime/JSArray.h:

(JSC::constructArray):
(JSC::constructArrayNegativeIndexed):

  • runtime/RegExpMatchesArray.cpp:

(JSC::createEmptyRegExpMatchesArray):

  • runtime/RegExpMatchesArray.h:

(JSC::createRegExpMatchesArray):

6:36 AM Changeset in webkit [214791] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214309 - WebSQL databases should not openable in private browsing.
<rdar://problem/30383335> and https://bugs.webkit.org/show_bug.cgi?id=170013

Reviewed by Alex Christensen.

Source/WebCore:

Test: storage/websql/private-browsing-open-disabled.html

  • Modules/webdatabase/DatabaseManager.cpp:

(WebCore::DatabaseManager::openDatabaseBackend):
(WebCore::DatabaseManager::tryToOpenDatabaseBackend): Throw an exception if in private browsing.

  • Modules/webdatabase/DatabaseManager.h:

LayoutTests:

  • storage/websql/private-browsing-open-disabled-expected.txt: Added.
  • storage/websql/private-browsing-open-disabled.html: Added.
6:33 AM Changeset in webkit [214790] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214305 - NeverDestroyed<MediaQueryEvaluator> must explicitly construct with a String
https://bugs.webkit.org/show_bug.cgi?id=169987
<rdar://problem/31211087>

Reviewed by Alex Christensen.

CSSDefaultStyleSheets creates a static MediaQueryEvaluator, but thanks
to the template magic of NeverDestroyed, it was converting the char*
argument into a bool, and calling the wrong constructor.

Unfortunately this is difficult to test because it only affects
the default UA style sheets, and they currently don't have
and @media rules (which would always evaluate to true given
the bug). I don't want to put in a useless rule just to check
if the bug is fixed. When one is added for bug 168447, this change
will be exercised.

  • css/CSSDefaultStyleSheets.cpp: Explicitly construct with a String

rather than a char*.
(WebCore::screenEval):
(WebCore::printEval):

6:32 AM Changeset in webkit [214789] by Carlos Garcia Campos
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214296 - [JSC][DFG] Propagate AnyIntAsDouble information carefully to utilize it in fixup
https://bugs.webkit.org/show_bug.cgi?id=169914

Reviewed by Saam Barati.

JSTests:

  • stress/any-int-as-double-add.js: Added.

(shouldBe):
(test):

  • stress/to-this-numbers.js: Added.

(shouldBe):
(Number.prototype.toThis):

Source/JavaScriptCore:

In DFG prediction propagation phase, we pollute the prediction of GetByVal for Array::Double
as SpecDoubleReal even if the heap prediction says the proper prediction is SpecAnyIntAsDouble.
Thus, the following nodes just see the result of GetByVal(Array::Double) as double value,
and select suboptimal edge filters in fixup phase. For example, if the result of GetByVal is
SpecAnyIntAsDouble, we can see the node like ArithAdd(SpecAnyIntAsDouble, Int52) and we should
have a chance to make it ArithAdd(Check:Int52, Int52) instead of ArithAdd(Double, Double).

This patch propagates SpecAnyIntAsDouble in GetByVal(Array::Double) properly. And ValueAdd,
ArithAdd and ArithSub select AnyInt edge filters for SpecAnyIntAsDouble values. It finally
produces a Int52 specialized DFG node. And subsequent nodes using the produced one also
become Int52 specialized.

One considerable problem is that the heap prediction misses the non any int doubles. In that case,
if Int52 edge filter is used, BadType exit will occur. It updates the prediction of the value profile
of GetByVal. So, in the next time, GetByVal(Array::Double) produces more conservative predictions
and avoids exit-and-recompile loop correctly.

This change is very sensitive to the correct AI and appropriate predictions. Thus, this patch finds
and fixes some related issues. One is incorrect prediction of ToThis and another is incorrect
AI logic for Int52Rep.

This change dramatically improves kraken benchmarks' crypto-pbkdf2 and crypto-sha256-iterative
by 42.0% and 30.7%, respectively.

baseline patched

Kraken:
ai-astar 158.851+-4.132 ? 159.433+-5.176 ?
audio-beat-detection 53.193+-1.621 ? 53.391+-2.072 ?
audio-dft 103.589+-2.277 ? 104.902+-1.924 ? might be 1.0127x slower
audio-fft 40.491+-1.102 39.854+-0.755 might be 1.0160x faster
audio-oscillator 68.504+-1.721 ? 68.957+-1.725 ?
imaging-darkroom 118.367+-2.171 ? 119.581+-2.310 ? might be 1.0103x slower
imaging-desaturate 71.443+-1.461 ? 72.398+-1.918 ? might be 1.0134x slower
imaging-gaussian-blur 110.648+-4.035 109.184+-3.373 might be 1.0134x faster
json-parse-financial 60.363+-1.628 ? 61.936+-1.585 ? might be 1.0261x slower
json-stringify-tinderbox 37.903+-0.869 ? 39.559+-1.607 ? might be 1.0437x slower
stanford-crypto-aes 56.313+-1.512 ? 56.675+-1.715 ?
stanford-crypto-ccm 51.564+-1.900 ? 53.456+-2.548 ? might be 1.0367x slower
stanford-crypto-pbkdf2 129.546+-2.738 91.214+-2.027 definitely 1.4202x faster
stanford-crypto-sha256-iterative 43.515+-0.730 33.292+-0.653 definitely 1.3071x faster

<arithmetic> 78.878+-0.528 75.988+-0.621 definitely 1.0380x faster

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGGraph.h:

(JSC::DFG::Graph::addShouldSpeculateAnyInt):

  • dfg/DFGPredictionPropagationPhase.cpp:
  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileArithNegate):

6:25 AM Changeset in webkit [214788] by Carlos Garcia Campos
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214290 - Dynamically applied :empty pseudo class with display:none does not get unapplied
https://bugs.webkit.org/show_bug.cgi?id=169907

Reviewed by Ryosuke Niwa.

Source/WebCore:

We improperly reset the styleAffectedByEmpty bit when removing the renderer when :empty starts
applying. We then fail to invalidate the style when the element becomes non-empty again.

Fix by resetting the style relation bits only when computing the style.

Test: fast/css/empty-display-none-invalidation.html

  • dom/Element.cpp:

(WebCore::Element::resetStyleRelations):

Expose this separately.

(WebCore::Element::clearStyleDerivedDataBeforeDetachingRenderer):

Don't reset style relation bits when removing renderers.

  • dom/Element.h:
  • dom/ElementRareData.h:

(WebCore::ElementRareData::resetComputedStyle):
(WebCore::ElementRareData::resetStyleRelations):

Reset all these bits in one function.

(WebCore::ElementRareData::resetDynamicRestyleObservations): Deleted.

  • style/StyleTreeResolver.cpp:

(WebCore::Style::resetStyleForNonRenderedDescendants):
(WebCore::Style::TreeResolver::resolveComposedTree):

Call the explicit style relation reset function when recomputing style.

LayoutTests:

  • fast/css/empty-display-none-invalidation-expected.html: Added.
  • fast/css/empty-display-none-invalidation.html: Added.
6:17 AM Changeset in webkit [214787] by pvollan@apple.com
  • 20 edits
    6 adds in trunk

Implement stroke-miterlimit.
https://bugs.webkit.org/show_bug.cgi?id=169078

Reviewed by Dean Jackson.

Source/WebCore:

Support stroke-miterlimit for text rendering, see https://drafts.fxtf.org/paint/.

Tests: fast/css/stroke-miterlimit-default.html

fast/css/stroke-miterlimit-large.html
fast/css/stroke-miterlimit-zero.html

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::propertyValue):

  • css/CSSProperties.json:
  • css/SVGCSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::svgPropertyValue):

  • rendering/TextPaintStyle.cpp:

(WebCore::computeTextPaintStyle):
(WebCore::updateGraphicsContext):

  • rendering/TextPaintStyle.h:
  • rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::diff):

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::strokeMiterLimit):
(WebCore::RenderStyle::setStrokeMiterLimit):
(WebCore::RenderStyle::initialStrokeMiterLimit):
(WebCore::RenderStyle::setStrokeDashOffset):

  • rendering/style/RenderStyleConstants.cpp:
  • rendering/style/RenderStyleConstants.h:
  • rendering/style/SVGRenderStyle.cpp:

(WebCore::SVGRenderStyle::diff):

  • rendering/style/SVGRenderStyle.h:

(WebCore::SVGRenderStyle::initialStrokeDashArray):
(WebCore::SVGRenderStyle::strokeDashArray):
(WebCore::SVGRenderStyle::initialStrokeMiterLimit): Deleted.
(WebCore::SVGRenderStyle::strokeMiterLimit): Deleted.
(WebCore::SVGRenderStyle::setStrokeMiterLimit): Deleted.

  • rendering/style/SVGRenderStyleDefs.cpp:

(WebCore::StyleStrokeData::StyleStrokeData):
(WebCore::StyleStrokeData::operator==):

  • rendering/style/SVGRenderStyleDefs.h:
  • rendering/style/StyleRareInheritedData.cpp:

(WebCore::StyleRareInheritedData::StyleRareInheritedData):
(WebCore::StyleRareInheritedData::operator==):

  • rendering/style/StyleRareInheritedData.h:
  • rendering/svg/RenderSVGShape.cpp:

(WebCore::RenderSVGShape::hasSmoothStroke):

  • rendering/svg/SVGRenderSupport.cpp:

(WebCore::SVGRenderSupport::applyStrokeStyleToContext):

  • rendering/svg/SVGRenderTreeAsText.cpp:

(WebCore::writeStyle):

LayoutTests:

  • fast/css/stroke-miterlimit-default-expected.html: Added.
  • fast/css/stroke-miterlimit-default.html: Added.
  • fast/css/stroke-miterlimit-large-expected-mismatch.html: Added.
  • fast/css/stroke-miterlimit-large.html: Added.
  • fast/css/stroke-miterlimit-zero-expected-mismatch.html: Added.
  • fast/css/stroke-miterlimit-zero.html: Added.
6:08 AM Changeset in webkit [214786] by Antti Koivisto
  • 2 edits in trunk/Source/WebKit2

Mutex may be freed too late in NetworkCache::Storage::traverse
https://bugs.webkit.org/show_bug.cgi?id=170400
<rdar://problem/30515865>

Reviewed by Carlos Garcia Campos and Andreas Kling.

Fix a race.

  • NetworkProcess/cache/NetworkCacheStorage.cpp:

(WebKit::NetworkCache::Storage::traverse):

Ensure the mutex is not accessed after we dispatch to the main thread.
The main thread call deletes the owning TraverseOperation.

6:07 AM Changeset in webkit [214785] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214283 - [GTK] Honor GTK+ font settings
https://bugs.webkit.org/show_bug.cgi?id=82889

Reviewed by Carlos Garcia Campos.

After much discussion with Behdad and Martin (who is still not completely convinced I think
:) I want to merge cairo font options into the Fontconfig pattern used for rendering using
cairo_ft_font_options_substitute(). This is how the API was designed to be used anyway.
Fontconfig will still have final say over whether to actually respect the desktop settings
or not, so it can still choose to ignore the desktop's settings, but I don't think it makes
sense to have desktop-wide font settings and not tell Fontconfig about them, especially when
the whole point of WebKitGTK+ is desktop integration. This should also reduce complaints
that we're not following desktop settings and that we're drawing fonts differently than
Firefox.

  • PlatformGTK.cmake:
  • platform/graphics/cairo/CairoUtilities.cpp:

(WebCore::getDefaultCairoFontOptions):

  • platform/graphics/cairo/CairoUtilities.h:
  • platform/graphics/freetype/FontCacheFreeType.cpp:

(WebCore::createFontConfigPatternForCharacters):
(WebCore::strongAliasesForFamily):
(WebCore::FontCache::createFontPlatformData):

  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::getDefaultFontconfigOptions):
(WebCore::getDefaultCairoFontOptions): Deleted.

  • platform/graphics/gtk/GdkCairoUtilities.cpp:

(getDefaultCairoFontOptions):

6:06 AM Changeset in webkit [214784] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Tools

Merge r214347 - Unreviewed. Fix GTK+ test /webkit2/WebKitWebView/javascript-dialogs after r214277.

Since r214277 beforeunload events are not fired unless there's some user interaction, so we need to simulate it
in our unit tests to work.

  • TestWebKitAPI/Tests/WebKit2Gtk/TestUIClient.cpp:

(testWebViewJavaScriptDialogs):

6:06 AM Changeset in webkit [214783] by Carlos Garcia Campos
  • 12 edits
    6 adds in releases/WebKitGTK/webkit-2.16

Merge r214277 - WebKit should disallow beforeunload alerts from web pages users have never interacted with
https://bugs.webkit.org/show_bug.cgi?id=169936
<rdar://problem/23798897>

Reviewed by Brent Fulgham.

LayoutTests/imported/w3c:

  • web-platform-tests/html/browsers/browsing-the-web/unloading-documents/beforeunload-canceling-expected.txt:
  • web-platform-tests/html/webappapis/scripting/events/compile-event-handler-settings-objects-expected.txt:

Rebaseline now that the CONFIRM MESSAGE lines are now longer shown. This is because there is no user interaction
with the page.

Source/WebCore:

WebKit should disallow beforeunload alerts from web pages users have never interacted with.
This reduces the risk of annoyance to the user and is allowed by the specification:

which says:
"""
The user agent is encouraged to avoid asking the user for confirmation if it judges that doing
so would be annoying, deceptive, or pointless. A simple heuristic might be that if the user
has not interacted with the document, the user agent would not ask for confirmation before
unloading it.
"""

Firefox already implements this, Chrome does not.

Tests: fast/events/beforeunload-alert-no-user-interaction.html

fast/events/beforeunload-alert-user-interaction.html
fast/events/beforeunload-alert-user-interaction2.html

  • loader/FrameLoader.cpp:

(WebCore::shouldAskForNavigationConfirmation):
(WebCore::FrameLoader::dispatchBeforeUnloadEvent):

LayoutTests:

  • fast/events/before-unload-return-string-conversion-expected.txt:
  • fast/events/before-unload-returnValue-expected.txt:

Rebaseline now that the CONFIRM MESSAGE is no longer shown. This is because there is
no user interaction with the page.

  • fast/events/beforeunload-alert-no-user-interaction-expected.txt: Added.
  • fast/events/beforeunload-alert-no-user-interaction.html: Added.
  • fast/events/beforeunload-alert-user-interaction-expected.txt: Added.
  • fast/events/beforeunload-alert-user-interaction.html: Added.
  • fast/events/beforeunload-alert-user-interaction2-expected.txt: Added.
  • fast/events/beforeunload-alert-user-interaction2.html: Added.

Add layout test coverage.

  • fast/loader/form-submission-after-beforeunload-cancel.html:
  • fast/loader/show-only-one-beforeunload-dialog.html:
  • http/tests/misc/iframe-beforeunload-dialog-matching-ancestor-securityorigin.html:
  • http/tests/misc/iframe-beforeunload-dialog-not-matching-ancestor-securityorigin.html:

Simulate user interaction with the page so that the CONFIRM MESSAGE log lines are still
shown.

6:02 AM Changeset in webkit [214782] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214276 - ASan violation in IconLoader::stopLoading
https://bugs.webkit.org/show_bug.cgi?id=169960
<rdar://problem/30577691>

Reviewed by David Kilzer.

DocumentLoader::finishLoadingIcon handles the life cycle of the IconLoader. Once this method is called,
we should return immediately rather than attempt to make further modifications to the IconLoader.

No new tests due to lack of test features (see https://bugs.webkit.org/show_bug.cgi?id=164895). Easily
tested in MiniBrowser under ASan visiting websites with icons.

  • loader/icon/IconLoader.cpp:

(WebCore::IconLoader::notifyFinished):

6:00 AM Changeset in webkit [214781] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.16

Merge r214272 - [JSC] Use jsNontrivialString for Number toString operations
https://bugs.webkit.org/show_bug.cgi?id=169965

Reviewed by Mark Lam.

JSTests:

  • stress/to-string-int32.js: Added.

(shouldBe):
(toString10):
(expected):

Source/JavaScriptCore:

After single character check, produced string is always longer than 1.
Thus, we can use jsNontrivialString.

  • runtime/NumberPrototype.cpp:

(JSC::int32ToStringInternal):

5:59 AM Changeset in webkit [214780] by Carlos Garcia Campos
  • 12 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214255 - Use AtomicString in RuleSet and RuleFeature
https://bugs.webkit.org/show_bug.cgi?id=119310
<rdar://problem/28214658>

Reviewed by Andreas Kling.

..instead of the plain AtomicStringImpl*. This introduces some ref churn but not too much.

  • css/DocumentRuleSets.cpp:

(WebCore::DocumentRuleSets::ancestorClassRules):
(WebCore::DocumentRuleSets::ancestorAttributeRulesForHTML):

  • css/DocumentRuleSets.h:
  • css/ElementRuleCollector.cpp:

(WebCore::ElementRuleCollector::collectMatchingRules):
(WebCore::ElementRuleCollector::collectMatchingShadowPseudoElementRules):

  • css/RuleFeature.cpp:

(WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
(WebCore::makeAttributeSelectorKey):
(WebCore::RuleFeatureSet::collectFeatures):

  • css/RuleFeature.h:
  • css/RuleSet.cpp:

(WebCore::RuleSet::addToRuleSet):
(WebCore::rulesCountForName):
(WebCore::RuleSet::addRule):

  • css/RuleSet.h:

(WebCore::RuleSet::idRules):
(WebCore::RuleSet::classRules):
(WebCore::RuleSet::shadowPseudoElementRules):
(WebCore::RuleSet::tagRules):

  • css/StyleResolver.h:

(WebCore::StyleResolver::hasSelectorForAttribute):
(WebCore::StyleResolver::hasSelectorForClass):
(WebCore::StyleResolver::hasSelectorForId):

  • style/AttributeChangeInvalidation.cpp:

(WebCore::Style::mayBeAffectedByAttributeChange):
(WebCore::Style::AttributeChangeInvalidation::invalidateStyle):

  • style/IdChangeInvalidation.cpp:

(WebCore::Style::mayBeAffectedByHostRules):
(WebCore::Style::mayBeAffectedBySlottedRules):
(WebCore::Style::IdChangeInvalidation::invalidateStyle):

  • style/StyleSharingResolver.cpp:

(WebCore::Style::SharingResolver::resolve):
(WebCore::Style::SharingResolver::canShareStyleWithElement):
(WebCore::Style::SharingResolver::classNamesAffectedByRules):

5:56 AM Changeset in webkit [214779] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.16

Merge r214254 - Safari sends empty "Access-Control-Request-Headers" in preflight request
https://bugs.webkit.org/show_bug.cgi?id=169851

Patch by Youenn Fablet <youenn@apple.com> on 2017-03-22
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/cors/cors-preflight-expected.txt:
  • web-platform-tests/fetch/api/cors/cors-preflight.js:

Source/WebCore:

Covered by updated test.

  • loader/CrossOriginAccessControl.cpp:

(WebCore::createAccessControlPreflightRequest): Not adding "Access-Control-Request-Headers" to
request header if value is empty.

5:39 AM Changeset in webkit [214778] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214246 - [Soup] "Only from websites I visit" cookie policy is broken
https://bugs.webkit.org/show_bug.cgi?id=168912

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Do not reset the first party for cookies on redirects. That's properly done for the main
resource in DocumentLoader::willSendRequest and, in the case of subresources, is absolutely
wrong (which is what we were doing since r143931).

The most notable effect was that subresources loaded via redirects were effectively
bypassing the "no third party" policy for cookies.

Test: http/tests/security/cookies/third-party-cookie-blocking-redirect.html

  • platform/network/soup/ResourceHandleSoup.cpp:

(WebCore::doRedirect):

Source/WebKit2:

Do not reset the first party for cookies on redirects. That's properly done for the main
resource in DocumentLoader::willSendRequest and, in the case of subresources, is absolutely
wrong (which is what we were doing since r143931).

The most notable effect was that subresources loaded via redirects were effectively
bypassing the "no third party" policy for cookies.

  • NetworkProcess/soup/NetworkDataTaskSoup.cpp:

(WebKit::NetworkDataTaskSoup::continueHTTPRedirection):

LayoutTests:

  • http/tests/security/cookies/third-party-cookie-blocking-redirect-expected.txt: Added.
  • http/tests/security/cookies/third-party-cookie-blocking-redirect.html: Added.
5:36 AM Changeset in webkit [214777] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214240 - The DFG Integer Check Combining phase should force an OSR exit for CheckInBounds on a negative constant min bound.
https://bugs.webkit.org/show_bug.cgi?id=169933
<rdar://problem/31105125>

Reviewed by Filip Pizlo and Geoffrey Garen.

Also fixed the bit-rotted RangeKey::dump() function.

  • dfg/DFGIntegerCheckCombiningPhase.cpp:

(JSC::DFG::IntegerCheckCombiningPhase::handleBlock):

5:35 AM Changeset in webkit [214776] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.16

Merge r214237 - Disable all virtual tables.
<rdar://problem/31081972> and https://bugs.webkit.org/show_bug.cgi?id=169928
Source/WebCore:

Reviewed by Jer Noble.

No new tests (Covered by changes to existing test).

  • Modules/webdatabase/DatabaseAuthorizer.cpp:

(WebCore::DatabaseAuthorizer::createVTable):
(WebCore::DatabaseAuthorizer::dropVTable):

LayoutTests:

Reviewed by Jer Noble.

  • storage/websql/test-authorizer-expected.txt:
  • storage/websql/test-authorizer.js:

(createStatementsCallback):

5:34 AM Changeset in webkit [214775] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214232 - 2017-03-21 Zalan Bujtas <Alan Bujtas>

Tear down descendant renderers when <slot>'s display value is set to no "contents".
https://bugs.webkit.org/show_bug.cgi?id=169921
<rdar://problem/30336417>

Reviewed by Antti Koivisto.

Since "display: contents" does not generate a renderer, when an element's display value is
changed to something other than "contents", we not only create a renderer but also reparent its descendant
subtree (e.g from slot's parent to the newly constructed slot renderer). During this reparenting, we
need to tear down the descendant subtree tree and build it up again to reflect the new rendering context.

Test: fast/shadow-dom/slot-with-continuation-descendants.html

  • style/RenderTreeUpdater.cpp: (WebCore::RenderTreeUpdater::updateElementRenderer):
5:33 AM Changeset in webkit [214774] by Carlos Garcia Campos
  • 25 edits
    3 adds in releases/WebKitGTK/webkit-2.16

Merge r214219 - [JSC] Optimize Number.prototype.toString on Int32 / Int52 / Double
https://bugs.webkit.org/show_bug.cgi?id=167454

Reviewed by Saam Barati.

JSTests:

  • stress/number-to-string-abstract-operation.js: Added.

(shouldBe):
(int32ToString):
(shouldBe.int32ToString.new.Number.int52ToString):
(shouldBe.int32ToString.new.Number):
(shouldBe.doubleToString):

  • stress/number-to-string-radix.js: Added.

(shouldBe):
(int32ToString):
(shouldBe.int32ToString.new.Number.int52ToString):
(shouldBe.int32ToString.new.Number):
(shouldBe.doubleToString):

  • stress/number-to-string.js: Added.

(shouldBe):
(int32ToString):
(shouldBe.int32ToString.new.Number.int52ToString):
(shouldBe.int32ToString.new.Number):
(shouldBe.doubleToString):

Source/JavaScriptCore:

This patch improves Number.toString(radix) performance
by introducing NumberToStringWithRadix DFG node. It directly
calls the operation and it always returns String.

baseline patched

stanford-crypto-sha256-iterative 45.130+-0.928 44.032+-1.184 might be 1.0250x faster

5:32 AM Changeset in webkit [214773] by Carlos Garcia Campos
  • 28 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r212939 - Intrinsicify parseInt
https://bugs.webkit.org/show_bug.cgi?id=168627

Reviewed by Filip Pizlo.

JSTests:

  • stress/parse-int-intrinsic.js: Added.

(assert):
(testIntrinsic.let.s):
(testIntrinsic):
(testIntrinsic2.baz):
(testIntrinsic2):
(testIntrinsic3.foo):
(testIntrinsic3):
(testIntrinsic4.foo):
(testIntrinsic4):
(testIntrinsic5.foo):
(testIntrinsic5):
(testIntrinsic6.foo):
(testIntrinsic6):
(testIntrinsic7.foo):
(testIntrinsic7):

Source/JavaScriptCore:

This patch makes parseInt an intrinsic in the DFG and FTL.
We do our best to eliminate this node. If we speculate that
the first operand to the operation is an int32, and that there
isn't a second operand, we convert to the identity of the first
operand. That's because parseInt(someInt) === someInt.

If the first operand is proven to be an integer, and the second
operand is the integer 0 or the integer 10, we can eliminate the
node by making it an identity over its first operand. That's
because parseInt(someInt, 0) === someInt and parseInt(someInt, 10) === someInt.

If we are not able to constant fold the node away, we try to remove
checks. The most common use case of parseInt is that its first operand
is a proven string. The DFG might be able to remove type checks in this
case. We also set up CSE rules for parseInt(someString, someIntRadix)
because it's a "pure" operation (modulo resolving a rope).

This looks to be a 4% Octane/Box2D progression.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsicCall):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNode.h:

(JSC::DFG::Node::hasHeapPrediction):

  • dfg/DFGNodeType.h:
  • dfg/DFGOperations.cpp:

(JSC::DFG::parseIntResult):

  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileParseInt):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):
(JSC::DFG::SpeculativeJIT::appendCallSetResult):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileParseInt):

  • jit/JITOperations.h:
  • parser/Lexer.cpp:
  • runtime/ErrorInstance.cpp:
  • runtime/Intrinsic.h:
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

  • runtime/JSGlobalObjectFunctions.cpp:

(JSC::toStringView): Deleted.
(JSC::isStrWhiteSpace): Deleted.
(JSC::parseDigit): Deleted.
(JSC::parseIntOverflow): Deleted.
(JSC::parseInt): Deleted.

  • runtime/JSGlobalObjectFunctions.h:
  • runtime/ParseInt.h: Added.

(JSC::parseDigit):
(JSC::parseIntOverflow):
(JSC::isStrWhiteSpace):
(JSC::parseInt):
(JSC::toStringView):

  • runtime/StringPrototype.cpp:
5:24 AM Changeset in webkit [214772] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[OWR] Fix class structure for the OWR mock classes after last modifications
https://bugs.webkit.org/show_bug.cgi?id=170173

Patch by Alejandro G. Castro <alex@igalia.com> on 2017-04-03
Reviewed by Youenn Fablet.

In case of OWR MockRealtimeMediaSource inherits from
RealtimeMediaSourceOwr, so we have to change some of the function
interfaces.

  • platform/mock/MockRealtimeMediaSource.h:
5:01 AM Changeset in webkit [214771] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.16

Merge r214194 - Prevent new navigations from onbeforeunload handler
https://bugs.webkit.org/show_bug.cgi?id=169891
<rdar://problem/31155736>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Ensure that all navigations initiated from an onbeforeunload handler are disallowed
regardless of how they were scheduled. Such navigations go against the expectation
of a user.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::isNavigationAllowed): Added.
(WebCore::FrameLoader::loadURL): Modified code to call FrameLoader::isNavigationAllowed().
(WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
(WebCore::FrameLoader::stopAllLoaders): Ditto.

  • loader/FrameLoader.h:

LayoutTests:

Update test to ensure that we disallow navigation initiated via a DOM click event from
an onbeforeunload handler.

  • fast/events/before-unload-forbidden-navigation.html:
4:25 AM Changeset in webkit [214770] by Carlos Garcia Campos
  • 42 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214173 - Move code out of renderer destructors into willBeDestroyed()
https://bugs.webkit.org/show_bug.cgi?id=169650

Reviewed by Antti Koivisto.

This is done for four reasons. First, code in willBeDestroyed() is able to call
virtual functions on derived classes. Second, this code will run before we've destroyed
the renderer's rareData, so can safely access it. Third, RenderWidget is special, and can have
its lifetime extended via manual ref-counting, and we want all cleanup to complete
before it goes into this weird zombie state. Fourth, in a shiny future where we have
ref-counted RenderObjects, we want cleanup code to be run explicitly and not tied
to object lifetime, and this is a step in that direction.

For all classes that derive from RenderObject, move code from the destructor into
willBeDestroyed(). New willBeDestroyed() implementations must call the base class.

RenderBlock and RenderBlockFlow are special; RenderBlockFlow::willBeDestroyed()
skips over RenderBlock::willBeDestroyed(), but they both need to run some code, which
I moved into RenderBlock::blockWillBeDestroyed().

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::~RenderBlock):
(WebCore::RenderBlock::willBeDestroyed):
(WebCore::RenderBlock::blockWillBeDestroyed):

  • rendering/RenderBlock.h:
  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::~RenderBlockFlow):
(WebCore::RenderBlockFlow::willBeDestroyed):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::~RenderBox):
(WebCore::RenderBox::willBeDestroyed):

  • rendering/RenderBox.h:
  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::~RenderBoxModelObject):

  • rendering/RenderCounter.cpp:

(WebCore::RenderCounter::~RenderCounter):
(WebCore::RenderCounter::willBeDestroyed):

  • rendering/RenderCounter.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::~RenderElement):
(WebCore::RenderElement::willBeDestroyed):

  • rendering/RenderEmbeddedObject.cpp:

(WebCore::RenderEmbeddedObject::~RenderEmbeddedObject):
(WebCore::RenderEmbeddedObject::willBeDestroyed):

  • rendering/RenderEmbeddedObject.h:
  • rendering/RenderImage.cpp:

(WebCore::RenderImage::~RenderImage):
(WebCore::RenderImage::willBeDestroyed):

  • rendering/RenderImage.h:
  • rendering/RenderLayerModelObject.cpp:

(WebCore::RenderLayerModelObject::~RenderLayerModelObject):
(WebCore::RenderLayerModelObject::willBeDestroyed):

  • rendering/RenderLayerModelObject.h:
  • rendering/RenderLineBreak.cpp:

(WebCore::RenderLineBreak::~RenderLineBreak):
(WebCore::RenderLineBreak::willBeDestroyed):

  • rendering/RenderLineBreak.h:
  • rendering/RenderListBox.cpp:

(WebCore::RenderListBox::~RenderListBox):
(WebCore::RenderListBox::willBeDestroyed):

  • rendering/RenderListBox.h:
  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::~RenderListItem):
(WebCore::RenderListItem::willBeDestroyed):

  • rendering/RenderListItem.h:
  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::~RenderListMarker):
(WebCore::RenderListMarker::willBeDestroyed):

  • rendering/RenderListMarker.h:
  • rendering/RenderMenuList.cpp:

(WebCore::RenderMenuList::~RenderMenuList):
(WebCore::RenderMenuList::willBeDestroyed):

  • rendering/RenderMenuList.h:
  • rendering/RenderNamedFlowThread.cpp:

(WebCore::RenderNamedFlowThread::~RenderNamedFlowThread):
(WebCore::RenderNamedFlowThread::willBeDestroyed):

  • rendering/RenderNamedFlowThread.h:
  • rendering/RenderObject.cpp:

(WebCore::RenderObject::willBeDestroyed):

  • rendering/RenderQuote.cpp:

(WebCore::RenderQuote::~RenderQuote):
(WebCore::RenderQuote::willBeDestroyed):

  • rendering/RenderQuote.h:
  • rendering/RenderSearchField.cpp:

(WebCore::RenderSearchField::~RenderSearchField):
(WebCore::RenderSearchField::willBeDestroyed):

  • rendering/RenderSearchField.h:
  • rendering/RenderSnapshottedPlugIn.cpp:

(WebCore::RenderSnapshottedPlugIn::~RenderSnapshottedPlugIn):
(WebCore::RenderSnapshottedPlugIn::willBeDestroyed):

  • rendering/RenderSnapshottedPlugIn.h:
  • rendering/RenderText.cpp:

(WebCore::RenderText::~RenderText):
(WebCore::RenderText::willBeDestroyed):

  • rendering/RenderTextControlMultiLine.cpp:

(WebCore::RenderTextControlMultiLine::~RenderTextControlMultiLine):
(WebCore::RenderTextControlMultiLine::willBeDestroyed):

  • rendering/RenderTextControlMultiLine.h:
  • rendering/RenderVideo.cpp:

(WebCore::RenderVideo::~RenderVideo):
(WebCore::RenderVideo::willBeDestroyed):

  • rendering/RenderVideo.h:
  • rendering/RenderWidget.h:
  • rendering/svg/RenderSVGImage.cpp:

(WebCore::RenderSVGImage::~RenderSVGImage):
(WebCore::RenderSVGImage::willBeDestroyed):

  • rendering/svg/RenderSVGImage.h:
  • rendering/svg/RenderSVGResourceContainer.cpp:

(WebCore::RenderSVGResourceContainer::~RenderSVGResourceContainer):
(WebCore::RenderSVGResourceContainer::willBeDestroyed):

4:11 AM Changeset in webkit [214769] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214162 - [Cairo] Ensure depth and stencil renderbuffers are created on GLESv2
https://bugs.webkit.org/show_bug.cgi?id=166643

Patch by Emanuele Aina <Emanuele Aina> on 2017-03-20
Reviewed by Darin Adler.

If the gfx device doesn't support GL_OES_packed_depth_stencil, the
separate depth and stencil buffers are not generated.

Copy what GraphicsContext3DEfl used to do and apply it in
GraphicsContext3DCairo.

The Intel gfx driver seem to tolerate unbound renderbuffers, but
enabling debugging in Mesa yields an error:

$ MESA_DEBUG=1 \

MESA_EXTENSION_OVERRIDE=-GL_OES_packed_depth_stencil
./bin/MiniBrowser http://webglsamples.org/aquarium/aquarium.html

Mesa: User error: GL_INVALID_OPERATION in glRenderbufferStorage(no renderbuffer bound)

  • platform/graphics/GraphicsContext3D.h:
  • platform/graphics/cairo/GraphicsContext3DCairo.cpp:

(WebCore::GraphicsContext3D::GraphicsContext3D):
Ensure separate depth and stencil renderbuffers are created.
(WebCore::GraphicsContext3D::~GraphicsContext3D):
Ensure separate depth and stencil renderbuffers are released.

4:09 AM Changeset in webkit [214768] by Carlos Garcia Campos
  • 9 edits
    5 adds in releases/WebKitGTK/webkit-2.16

Merge r214145 - const location = "foo" throws in a worker
https://bugs.webkit.org/show_bug.cgi?id=169839

Reviewed by Mark Lam.

JSTests:

  • ChakraCore/test/es6/letconst_global_shadow_builtins_nonconfigurable.baseline-jsc:

Update expected jsc result now that we throw a SyntaxError when trying to shadow undefined
with a let variable. We used not to throw because the value is undefined but this was not
as per EcmaScript. Both Firefox and Chrome throw in this case.

  • stress/global-lexical-redeclare-variable.js:

(catch):
Update test that defines a non-configurable 'zoo' property on the global object and then
expected shadowing it with a 'let zoo' variable to work because its value was undefined.
This was not as per EcmaScript spec and both Firefox and Chrome throw in this case.

Source/JavaScriptCore:

Our HasRestrictedGlobalProperty check in JSC was slightly wrong, causing us
to sometimes throw a Syntax exception when we shouldn't when declaring a
const/let variable and sometimes not throw an exception when we should have.

This aligns our behavior with ES6, Firefox and Chrome.

  • runtime/ProgramExecutable.cpp:

(JSC::hasRestrictedGlobalProperty):
(JSC::ProgramExecutable::initializeGlobalProperties):
Rewrite hasRestrictedGlobalProperty logic as per the EcmaScript spec:

In particular, they were 2 issues:

  • We should throw a SyntaxError if hasProperty() returned true but getOwnProperty() would fail to return a descriptor. This would happen for properties that are not OWN properties, but defined somewhere in the prototype chain. The spec does not say to use hasProperty(), only getOwnProperty() and says we should return false if getOwnProperty() does not return a descriptor. This is what we do now.
  • We would fail to throw when declaring a let/const variable that shadows an own property whose value is undefined. This is because the previous code was explicitly checking for this case. I believe this was a misinterpretation of ES6 which says: """ Let desc be O.GetOwnProperty?(P). If desc is undefined, return false. """ We should check that desc is undefined, not desc.value. This is now fixed.

LayoutTests:

  • fast/dom/window-const-variable-shadowing-expected.txt: Added.
  • fast/dom/window-const-variable-shadowing.html: Added.
  • fast/workers/const-location-variable-expected.txt: Added.
  • fast/workers/const-location-variable.html: Added.
  • fast/workers/resources/worker-const-location.js: Added.

Add layout test coverage for behavior changes. Those tests pass in Firefox and Chrome.

  • js/dom/const-expected.txt:
  • js/dom/const.html:

Update test which wrongly expected a let variable not to be able to shadow a
window named property. This test was failing in Chrome and Firefox. The reason
this does not throw is because window named properties are not on the window
object, they are on the WindowProperties object in the Window prototype chain.

4:07 AM Changeset in webkit [214767] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.16

Merge r214143 - import(arg) crashes when ToString(arg) throws
https://bugs.webkit.org/show_bug.cgi?id=169778

Reviewed by Saam Barati.

JSTests:

  • stress/import-reject-with-exception.js: Added.

(shouldBe):
(let.x.get toString):

Source/JavaScriptCore:

JSPromiseDeferred should not be rejected with Exception*.

  • runtime/JSGlobalObjectFunctions.cpp:

(JSC::globalFuncImportModule):

4:03 AM Changeset in webkit [214766] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214126 - Disable per-region boxes for multicolumn
https://bugs.webkit.org/show_bug.cgi?id=169830

Reviewed by Zalan Bujtas.

Source/WebCore:

Test: fast/multicol/float-adjacent-to-overflow-block.html

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::determineLogicalLeftPositionForChild):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::borderBoxRectInRegion):
(WebCore::RenderBox::renderBoxRegionInfo):
Limit all of the per-region box code to RenderNamedFlowThreads.
This code should never be used by multicolumn layout.

LayoutTests:

  • fast/multicol/float-adjacent-to-overflow-block-expected.html: Added.
  • fast/multicol/float-adjacent-to-overflow-block.html: Added.
4:02 AM Changeset in webkit [214765] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.16/Source

Merge r214125 - Time channel attack on SVG Filters
https://bugs.webkit.org/show_bug.cgi?id=118689

Reviewed by Simon Fraser.

Source/WebCore:

The time channel attack can happen if the attacker applies FEColorMatrix
or FEConvolveMatrix and provides a matrix which is filled with subnormal
floating point values. Performing floating-point operations on subnormals
is very expensive unless the pixel in the source graphics is black (or
zero). By measuring the time a filter takes to be applied, the attacker
can know whether the pixel he wants to steal from an iframe is black or
white. By repeating the same process on all the pixels in the iframe, the
attacker can reconstruct the whole page of the iframe.

To fix this issue, the values in the matrices of these filters will clamped
to FLT_MIN. We do not want to consume too much time calculating filtered
pixels because of such tiny values. The difference between applying FLT_MIN
and applying a subnormal should not be even noticeable. Normalizing the
floating-point matrices should happen only at the beginning of the filter
platformApplySoftware().

  • platform/graphics/filters/FEColorMatrix.cpp:

(WebCore::FEColorMatrix::platformApplySoftware):

  • platform/graphics/filters/FEConvolveMatrix.cpp:

(WebCore::FEConvolveMatrix::fastSetInteriorPixels):
(WebCore::FEConvolveMatrix::fastSetOuterPixels):
(WebCore::FEConvolveMatrix::platformApplySoftware):

  • platform/graphics/filters/FEConvolveMatrix.h:
  • platform/graphics/filters/FilterEffect.h:

(WebCore::FilterEffect::normalizedFloats):

Source/WTF:

Performing arithmetic operations on subnormal floating-point numbers is
very expensive. Normalizing the floating-point number to the minimum normal
value should accelerate the calculations and there won't be a noticeable
difference in the result since all the subnormal values and the minimum
normal value are all very close to zero.

  • wtf/MathExtras.h:

(normalizedFloat):

3:32 AM Changeset in webkit [214764] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214119 - Fix the flow thread state on the descendants of out of flow positioned replaced elements.
https://bugs.webkit.org/show_bug.cgi?id=169821
<rdar://problem/30964017>

Reviewed by Simon Fraser.

Source/WebCore:

Descendants of a replaced out of flow elmement should inherit the flowthread state
from the replaced element and not from the replaced element's parent.

Test: fast/multicol/fix-inherit-when-container-is-replaced.html

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::computedFlowThreadState):

LayoutTests:

  • fast/multicol/fix-inherit-when-container-is-replaced-expected.txt: Added.
  • fast/multicol/fix-inherit-when-container-is-replaced.html: Added.
3:29 AM Changeset in webkit [214763] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214100 - [Cairo] Handle the blend mode in GraphicsContext::drawPattern
https://bugs.webkit.org/show_bug.cgi?id=169746

Reviewed by Žan Doberšek.

We are not taking into account the blend mode when passing the cairo operator to drawPatternToCairoContext().
This is based on patch by Žan Doberšek, just adding the toCairoOperator changes to make it easier to handle
it. Instead of checking everywhere if blend mode is Normal to decide whether to use toCairoOperator with
CompositeOperator or BlendMode, there's no a single toCairoOperator that receives both parameters, but BlendMode
is optional and defaults to Normal.

  • platform/graphics/cairo/CairoUtilities.cpp:

(WebCore::toCairoCompositeOperator):
(WebCore::toCairoOperator):

  • platform/graphics/cairo/CairoUtilities.h:
  • platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::setPlatformCompositeOperation):
(WebCore::GraphicsContext::drawPattern):

3:28 AM Changeset in webkit [214762] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214085 - Fix exception scope verification failures in GenericArgumentsInlines.h.
https://bugs.webkit.org/show_bug.cgi?id=165012

Reviewed by Saam Barati.

  • runtime/GenericArgumentsInlines.h:

(JSC::GenericArguments<Type>::defineOwnProperty):

3:27 AM Changeset in webkit [214761] by Carlos Garcia Campos
  • 29 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214082 - RenderView::documentBeingDestroyed() needs a new name.
https://bugs.webkit.org/show_bug.cgi?id=166727

Reviewed by Andreas Kling.

Now that we destroy the render tree for documents going into the page cache, RenderView::documentBeingDestroyed()
is misleadingly named. Rename it to renderTreeBeingDestroyed() and fix all callers.

  • page/FrameView.cpp:

(WebCore::FrameView::scheduleRelayoutOfSubtree):

  • page/scrolling/ScrollingCoordinator.cpp:

(WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame):

  • rendering/CounterNode.cpp:

(WebCore::CounterNode::resetRenderers):

  • rendering/ImageQualityController.cpp:

(WebCore::ImageQualityController::highQualityRepaintTimerFired):

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::willBeDestroyed):
(WebCore::canMergeContiguousAnonymousBlocks):
(WebCore::RenderBlock::removeChild):

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::willBeDestroyed):
(WebCore::RenderBlockFlow::removeChild):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::removeFloatingOrPositionedChildFromBlockLists):
(WebCore::RenderBox::deleteLineBoxWrapper):

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::willBeDestroyed):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::insertChildInternal):
(WebCore::RenderElement::removeChildInternal):
(WebCore::RenderElement::clearLayoutRootIfNeeded):
(WebCore::RenderElement::willBeDestroyed):

  • rendering/RenderImage.cpp:

(WebCore::RenderImage::imageChanged):
(WebCore::RenderImage::notifyFinished):

  • rendering/RenderInline.cpp:

(WebCore::RenderInline::willBeDestroyed):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::removeChild):
(WebCore::RenderLayer::calculateClipRects):

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::notifyFlushRequired):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::layerWillBeRemoved):
(WebCore::RenderLayerCompositor::fixedRootBackgroundLayerChanged):

  • rendering/RenderLineBreak.cpp:

(WebCore::RenderLineBreak::deleteInlineBoxWrapper):

  • rendering/RenderNamedFlowFragment.cpp:

(WebCore::RenderNamedFlowFragment::attachRegion):

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::resetFlowThreadStateOnRemoval):
(WebCore::RenderObject::willBeDestroyed):
(WebCore::RenderObject::destroyAndCleanupAnonymousWrappers):

  • rendering/RenderObject.h:

(WebCore::RenderObject::renderTreeBeingDestroyed):
(WebCore::RenderObject::documentBeingDestroyed): Deleted.

  • rendering/RenderQuote.cpp:

(WebCore::RenderQuote::detachQuote):

  • rendering/RenderRegion.cpp:

(WebCore::RenderRegion::attachRegion):

  • rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::willBeDestroyed):

  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::removeChild):

  • rendering/RenderTable.h:

(WebCore::RenderTable::setNeedsSectionRecalc):

  • rendering/RenderText.cpp:

(WebCore::RenderText::removeAndDestroyTextBoxes):

  • rendering/RenderVideo.cpp:

(WebCore::RenderVideo::updatePlayer):

  • rendering/svg/RenderSVGResource.cpp:

(WebCore::RenderSVGResource::markForLayoutAndParentResourceInvalidation):

  • rendering/svg/RenderSVGResourceContainer.cpp:

(WebCore::RenderSVGResourceContainer::markClientForInvalidation):

  • rendering/svg/RenderSVGText.cpp:

(WebCore::RenderSVGText::subtreeChildWasAdded):
(WebCore::RenderSVGText::subtreeChildWillBeRemoved):
(WebCore::RenderSVGText::subtreeChildWasRemoved):
(WebCore::RenderSVGText::subtreeStyleDidChange):

3:12 AM Changeset in webkit [214760] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214079 - Array concat operation should check for length overflows.
https://bugs.webkit.org/show_bug.cgi?id=169796
<rdar://problem/31095276>

Reviewed by Keith Miller.

  • runtime/ArrayPrototype.cpp:

(JSC::concatAppendOne):
(JSC::arrayProtoPrivateFuncConcatMemcpy):

3:11 AM Changeset in webkit [214759] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214071 - The new array with spread operation needs to check for length overflows.
https://bugs.webkit.org/show_bug.cgi?id=169780
<rdar://problem/31072182>

Reviewed by Filip Pizlo.

  • dfg/DFGOperations.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileNewArrayWithSpread):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayWithSpread):

  • ftl/FTLOperations.cpp:

(JSC::FTL::operationMaterializeObjectInOSR):

  • llint/LLIntSlowPaths.cpp:
  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/JSGlobalObject.cpp:
3:08 AM Changeset in webkit [214758] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214059 - Stay inside the continuation while searching for a candidate ancestor for insertion.
https://bugs.webkit.org/show_bug.cgi?id=169768
<rdar://problem/30959936>

Reviewed by David Hyatt.

Source/WebCore:

Test: fast/inline/continuation-crash-with-anon-ancestors.html

  • rendering/RenderInline.cpp:

(WebCore::RenderInline::addChildToContinuation):

LayoutTests:

  • fast/inline/continuation-crash-with-anon-ancestors-expected.txt: Added.
  • fast/inline/continuation-crash-with-anon-ancestors.html: Added.
3:06 AM Changeset in webkit [214757] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214041 - Unreviewed, copy m_numberOfArgumentsToSkip
https://bugs.webkit.org/show_bug.cgi?id=164582

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::CodeBlock):

3:05 AM Changeset in webkit [214756] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214039 - [css-grid] Crash on debug removing a positioned child
https://bugs.webkit.org/show_bug.cgi?id=169739

Reviewed by Sergio Villar Senin.

Source/WebCore:

When we add or remove a positioned item we don't need to mark
the grid as dirty, because positioned items do not affect the layout
of the grid at all.

This was causing a crash when a positioned item was removed
after a layout. As after the positioned item was removed,
the method RenderGrid::layoutBlock() was not called,
so when the grid was repainted we got a crash.

Test: fast/css-grid-layout/grid-crash-remove-positioned-item.html

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::addChild): Add early return to avoid marking
the grid as dirty for positioned grid items.
(WebCore::RenderGrid::removeChild): Ditto.

LayoutTests:

Add new test that checks that adding and removing a positioned grid item
doesn't cause any crashes.

  • fast/css-grid-layout/grid-crash-remove-positioned-item-expected.txt: Added.
  • fast/css-grid-layout/grid-crash-remove-positioned-item.html: Added.
2:59 AM Changeset in webkit [214755] by Carlos Garcia Campos
  • 2 edits
    1 move
    1 add
    1 delete in releases/WebKitGTK/webkit-2.16/Source/WTF

Merge r214036 - [UNIX] Implement currentSearchLocaleID() and currentTextBreakLocaleID()
https://bugs.webkit.org/show_bug.cgi?id=169745

Reviewed by Yusuke Suzuki.

Add a common implementation for Unix based ports using setlocale.

  • wtf/PlatformGTK.cmake:
  • wtf/PlatformJSCOnly.cmake:
  • wtf/text/gtk/TextBreakIteratorInternalICUGtk.cpp: Removed.
  • wtf/text/unix/TextBreakIteratorInternalICUUnix.cpp: Renamed from Source/WTF/wtf/text/jsconly/TextBreakIteratorInternalICUJSCOnly.cpp.

(WTF::currentSearchLocaleID):
(WTF::currentTextBreakLocaleID):

2:59 AM Changeset in webkit [214754] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214040 - Unreviewed, fix numParameter() - 1 OSRExit materialization
https://bugs.webkit.org/show_bug.cgi?id=164582

When materializing rest parameters, we rely on that numParameter() - 1 equals to
the numberOfArgumentsToSkip. But this assumption is broken in r214029.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finishCreation):

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::numberOfArgumentsToSkip):

  • ftl/FTLOperations.cpp:

(JSC::FTL::operationMaterializeObjectInOSR):

2:59 AM Changeset in webkit [214753] by Carlos Garcia Campos
  • 16 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214029 - [JSC] Default parameter part should be retrieved by op_get_argument opcode instead of changing arity
https://bugs.webkit.org/show_bug.cgi?id=164582

Reviewed by Saam Barati.

JSTests:

  • stress/function-with-defaults-inlining.js: Added.

(shouldBe):
(ok):
(a):

  • stress/function-with-defaults-non-inlining.js: Added.

(shouldBe):
(ok):
(a):

Source/JavaScriptCore:

Previously we implement the default parameters as follows.

  1. We count the default parameters as the usual parameters.
  2. We just get the argument register.
  3. Check it with op_is_undefined.
  4. And fill the binding with either the argument register or default value.

The above is simple. However, it has the side effect that it always increase the arity of the function.
While function.length does not increase, internally, the number of parameters of CodeBlock increases.
This effectively prevent our DFG / FTL to perform inlining: currently we only allows DFG to inline
the function with the arity less than or equal the number of passing arguments. It is OK. But when using
default parameters, we frequently do not pass the argument for the parameter with the default value.
Thus, in our current implementation, we frequently need to fixup the arity. And we frequently fail
to inline the function.

This patch fixes the above problem by not increasing the arity of the function. When we encounter the
parameter with the default value, we use op_argument to get the argument instead of using the argument
registers.

This improves six-speed defaults.es6 performance by 4.45x.

defaults.es6 968.4126+-101.2350 217.6602+-14.8831 definitely 4.4492x faster

  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

  • bytecode/UnlinkedFunctionExecutable.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::initializeDefaultParameterValuesAndSetupFunctionScopeStack):
(JSC::BytecodeGenerator::initializeNextParameter):
(JSC::BytecodeGenerator::initializeParameters):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::FunctionNode::emitBytecode):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::inliningCost):

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createFunctionMetadata):

  • parser/Nodes.cpp:

(JSC::FunctionMetadataNode::FunctionMetadataNode):

  • parser/Nodes.h:

(JSC::FunctionParameters::size):
(JSC::FunctionParameters::at):
(JSC::FunctionParameters::append):
(JSC::FunctionParameters::isSimpleParameterList):

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::isArrowFunctionParameters):
(JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements):
(JSC::Parser<LexerType>::parseAsyncFunctionSourceElements):
(JSC::Parser<LexerType>::parseFormalParameters):
(JSC::Parser<LexerType>::parseFunctionBody):
(JSC::Parser<LexerType>::parseFunctionParameters):
(JSC::Parser<LexerType>::parseFunctionInfo):

  • parser/Parser.h:
  • parser/SyntaxChecker.h:

(JSC::SyntaxChecker::createFunctionMetadata):

  • runtime/FunctionExecutable.h:
  • runtime/JSFunction.cpp:

(JSC::JSFunction::createBuiltinFunction):
(JSC::JSFunction::reifyLength):

1:15 AM Changeset in webkit [214752] by Carlos Garcia Campos
  • 10 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214028 - [DFG] ToString operation should have fixup for primitives to say this node does not have side effects
https://bugs.webkit.org/show_bug.cgi?id=169544

Reviewed by Saam Barati.

JSTests:

  • microbenchmarks/template-string-array.js: Added.

(test):

  • stress/to-string-non-cell-use.js: Added.

(shouldBe):
(shouldThrow):

Source/JavaScriptCore:

Our DFG ToString only considers well about String operands. While ToString(non cell operand) does not have
any side effect, it is not modeled well in DFG.

This patch introduces a fixup for ToString with NonCellUse edge. If this edge is set, ToString does not
clobber things (like ToLowerCase, producing String). And ToString(NonCellUse) allows us to perform CSE!

Our microbenchmark shows 32.9% improvement due to dropped GetButterfly and CSE for ToString().

baseline patched

template-string-array 12.6284+-0.2766 9.4998+-0.2295 definitely 1.3293x faster

And SixSpeed template_string.es6 shows 16.68x performance improvement due to LICM onto this non-side-effectful ToString().

baseline patched

template_string.es6 3229.7343+-40.5705 193.6077+-36.3349 definitely 16.6818x faster

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupToStringOrCallStringConstructor):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileToStringOrCallStringConstructorOnCell):
(JSC::DFG::SpeculativeJIT::speculateNotCell):

  • dfg/DFGSpeculativeJIT.h:
  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileToStringOrCallStringConstructor):
(JSC::FTL::DFG::LowerDFGToB3::lowNotCell):
(JSC::FTL::DFG::LowerDFGToB3::speculateNotCell):

1:03 AM Changeset in webkit [214751] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214023 - Do not reparent floating object until after intruding/overhanging dependency is cleared.
https://bugs.webkit.org/show_bug.cgi?id=169711
<rdar://problem/30959743>

Reviewed by Simon Fraser.

Source/WebCore:

This patch ensures that we cleanup the m_floatingObjects for siblings before reparenting the fresh float.

Test: fast/block/float/inline-becomes-float-and-moves-around.html

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::styleDidChange):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::styleDidChange):

  • rendering/RenderElement.h:

(WebCore::RenderElement::noLongerAffectsParentBlock):

LayoutTests:

  • fast/block/float/inline-becomes-float-and-moves-around-expected.txt: Added.
  • fast/block/float/inline-becomes-float-and-moves-around.html: Added.
12:58 AM Changeset in webkit [214750] by commit-queue@webkit.org
  • 3 edits in trunk/Source/JavaScriptCore

[jsc] Add patchableJumpSize() for MIPS
https://bugs.webkit.org/show_bug.cgi?id=169716

Patch by Zan Dobersek <zdobersek@igalia.com> on 2017-04-03
Reviewed by Yusuke Suzuki.

  • assembler/MIPSAssembler.h:

(JSC::MIPSAssembler::patchableJumpSize): Added.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::patchableJumpSize): Added.

12:51 AM Changeset in webkit [214749] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214020 - Switch back to ISO 4217 for Intl CurrencyDigits data
https://bugs.webkit.org/show_bug.cgi?id=169182

Previously, a patch switched Intl.NumberFormat to use CLDR data through
ICU to get the default number of decimal digits for a currency.
However, that change actually violated the ECMA 402 specification,
which references ISO 4217 as the data source. This patch reverts to
an in-line implementation of that data.

Patch by Daniel Ehrenberg <littledan@chromium.org> on 2017-03-15
Reviewed by Saam Barati.

  • runtime/IntlNumberFormat.cpp:

(JSC::computeCurrencySortKey):
(JSC::extractCurrencySortKey):
(JSC::computeCurrencyDigits):

12:50 AM Changeset in webkit [214748] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.16

Merge r214019 - Null deref under callAfterNextPresentationUpdate
https://bugs.webkit.org/show_bug.cgi?id=169710
<rdar://problem/30987863>

Patch by Tim Horton <timothy_horton@apple.com> on 2017-03-15
Reviewed by Simon Fraser.

Source/WebKit2:

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::callAfterNextPresentationUpdate):
Call the callback with an error if we don't have a web process or drawing area.

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit2Cocoa/DoAfterNextPresentationUpdateAfterCrash.mm: Added.

(TEST):

12:46 AM Changeset in webkit [214747] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214392 - media/restore-from-page-cache.html causes NoEventDispatchAssertion::isEventAllowedInMainThread() assertion failure
https://bugs.webkit.org/show_bug.cgi?id=170087
<rdar://problem/31254822>

Reviewed by Simon Fraser.

Reduce the scope of code that should never dispatch DOM events so as to allow updating contents size
after restoring a page from the page cache.

In r214014 we instantiate a NoEventDispatchAssertion in FrameLoader::commitProvisionalLoad()
around the call to CachedPage::restore() to assert when a DOM event is dispatched during
page restoration as such events can cause re-entrancy into the page cache. As it turns out
it is sufficient to ensure that no DOM events are dispatched after restoring all cached frames
as opposed to after CachedPage::restore() returns.

Also rename Document::enqueue{Pageshow, Popstate}Event() to dispatch{Pageshow, Popstate}Event(),
respectively, since they synchronously dispatch events :(. We hope in the future to make them
asynchronously dispatch events.

  • dom/Document.cpp:

(WebCore::Document::implicitClose): Update for renaming.
(WebCore::Document::statePopped): Ditto.
(WebCore::Document::dispatchPageshowEvent): Renamed; formerly named enqueuePageshowEvent().
(WebCore::Document::dispatchPopstateEvent): Renamed; formerly named enqueuePopstateEvent().
(WebCore::Document::enqueuePageshowEvent): Deleted.
(WebCore::Document::enqueuePopstateEvent): Deleted.

  • dom/Document.h:
  • history/CachedPage.cpp:

(WebCore::firePageShowAndPopStateEvents): Moved logic from FrameLoader::didRestoreFromCachedPage() to here.
(WebCore::CachedPage::restore): Modified to call firePageShowAndPopStateEvents().

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad): Removed use of NoEventDispatchAssertion RAII object. We
will instantiate it in CachedPage::restore() with a smaller scope.
(WebCore::FrameLoader::didRestoreFromCachedPage): Deleted; moved logic from here to WebCore::firePageShowAndPopStateEvents().

  • loader/FrameLoader.h:
12:46 AM Changeset in webkit [214746] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r214014 - Iteratively dispatch DOM events after restoring a cached page
https://bugs.webkit.org/show_bug.cgi?id=169703
<rdar://problem/31075903>

Reviewed by Brady Eidson.

Make dispatching of DOM events when restoring a page from the page cache symmetric with
dispatching of events when saving a page to the page cache.

  • history/CachedFrame.cpp:

(WebCore::CachedFrameBase::restore): Move code to dispatch events from here to FrameLoader::didRestoreFromCachedPage().

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad): Ensure that no DOM events are dispatched during
restoration of a cached page. Call didRestoreFromCachedPage() after restoring the page to
dispatch DOM events on the restored frames.
(WebCore::FrameLoader::willRestoreFromCachedPage): Renamed; formerly named prepareForCachedPageRestore().
(WebCore::FrameLoader::didRestoreFromCachedPage): Added.
(WebCore::FrameLoader::prepareForCachedPageRestore): Renamed to willRestoreFromCachedPage().

  • loader/FrameLoader.h:
  • page/FrameTree.cpp:

(WebCore::FrameTree::traverseNextInPostOrderWithWrap): Returns the next Frame* in a post-order
traversal of the frame tree optionally wrapping around to the deepest first child in the tree.
(WebCore::FrameTree::deepFirstChild): Added.

  • page/FrameTree.h:
12:43 AM Changeset in webkit [214745] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

[jsc] implement MIPSAssembler::relinkJumpToNop()
https://bugs.webkit.org/show_bug.cgi?id=169720

Patch by Guillaume Emont <guijemont@igalia.com> on 2017-04-03
Reviewed by Yusuke Suzuki.

  • assembler/MIPSAssembler.h:

(JSC::MIPSAssembler::relinkJumpToNop): Added.

12:29 AM Changeset in webkit [214744] by Carlos Garcia Campos
  • 10 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r214010 - Positioned SVG not sized correctly
https://bugs.webkit.org/show_bug.cgi?id=169693
<rdar://problem/30996893>

Reviewed by Zalan Bujtas.

Source/WebCore:

Test: svg/in-html/rect-positioned.html

Change computeReplacedLogicalHeight to take an estimatedUsedWidth. This
value is used instead of the available logical width to resolve replaced
elements without intrinsic sizes but with aspect ratios set.

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::computeReplacedLogicalHeight):

  • rendering/RenderBox.h:
  • rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::computeConstrainedLogicalWidth):
(WebCore::RenderReplaced::computeReplacedLogicalWidth):
(WebCore::RenderReplaced::computeReplacedLogicalHeight):

  • rendering/RenderReplaced.h:
  • rendering/RenderVideo.cpp:

(WebCore::RenderVideo::computeReplacedLogicalHeight): Deleted.

  • rendering/RenderVideo.h:
  • rendering/svg/RenderSVGRoot.cpp:

(WebCore::RenderSVGRoot::computeReplacedLogicalWidth):
(WebCore::RenderSVGRoot::computeReplacedLogicalHeight):

  • rendering/svg/RenderSVGRoot.h:

LayoutTests:

  • svg/in-html/rect-positioned-expected.html: Added.
  • svg/in-html/rect-positioned.html: Added.
12:23 AM Changeset in webkit [214743] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r214005 - Fix missing exception checks in Interpreter.cpp.
https://bugs.webkit.org/show_bug.cgi?id=164964

Reviewed by Saam Barati.

  • interpreter/Interpreter.cpp:

(JSC::eval):
(JSC::sizeOfVarargs):
(JSC::sizeFrameForVarargs):
(JSC::Interpreter::executeProgram):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::prepareForRepeatCall):
(JSC::Interpreter::execute):

12:21 AM Changeset in webkit [214742] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r213990 - [GTK] Initialize m_button, m_clickCount members in PlatformMouseEvent constructors
https://bugs.webkit.org/show_bug.cgi?id=169666

Reviewed by Michael Catanzaro.

Initialize the m_button and m_clickCount class members in the GTK+-specific
implementation of PlatformMouseEvent constructors to NoButton and 0,
respectively. The constructors expect to operate on passed-in GTK+ events
that will be able to initialize those two members to some valid values, but
this is not guaranteed.

  • platform/gtk/PlatformMouseEventGtk.cpp:

(WebCore::PlatformMouseEvent::PlatformMouseEvent):

12:20 AM Changeset in webkit [214741] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r213989 - [TexMap] Add missing class member initializations
https://bugs.webkit.org/show_bug.cgi?id=169665

Reviewed by Michael Catanzaro.

Zero-initialize the members in various TextureMapper classes
that are missing the proper initialization, as reported by
the Coverity tool.

  • platform/graphics/texmap/BitmapTexturePool.h:
  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
  • platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:

(WebCore::CoordinatedGraphicsLayerState::CoordinatedGraphicsLayerState):

  • platform/graphics/texmap/coordinated/SurfaceUpdateInfo.h:
12:18 AM Changeset in webkit [214740] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r213973 - Wrong condition in offlineasm/risc.rb
https://bugs.webkit.org/show_bug.cgi?id=169597

Reviewed by Mark Lam.

It's missing the 'and' operator between the conditions.

  • offlineasm/risc.rb:
12:17 AM Changeset in webkit [214739] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r213967 - RenderElements should unregister for viewport visibility callbacks when they are destroyed
https://bugs.webkit.org/show_bug.cgi?id=169521
<rdar://problem/30959545>

Reviewed by Simon Fraser.

Source/WebCore:

When registering a RenderElement for viewport visibility callbacks, we always need to make sure that it is unregistered
before it is destroyed. While we account for this in the destructor of RenderElement, we only unregister in the destructor
if we are already registered for visibility callbacks. In the call to RenderObject::willBeDestroyed(), we clear out rare
data, which holds RenderElement's viewport callback registration state, so upon entering the destructor of RenderElement,
we skip unregistration because RenderElement thinks that it is not registered.

We can mitigate this by unregistering the RenderElement earlier, in RenderElement::willBeDestroyed, prior to clearing out
the rare data. However, we'd ideally want to move the cleanup logic out of the destructor altogether and into willBeDestroyed
(see https://bugs.webkit.org/show_bug.cgi?id=169650).

Test: fast/media/video-element-in-details-collapse.html

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::willBeDestroyed):

LayoutTests:

Adds a new layout test covering this regression. See WebCore ChangeLog for more details.

  • fast/media/video-element-in-details-collapse-expected.txt: Added.
  • fast/media/video-element-in-details-collapse.html: Added.
12:16 AM Changeset in webkit [214738] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r213966 - BytecodeGenerator should use the same function to determine if it needs to store the DerivedConstructor in an ArrowFunction lexical environment.
https://bugs.webkit.org/show_bug.cgi?id=169647
<rdar://problem/31051832>

Reviewed by Michael Saboff.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::usesDerivedConstructorInArrowFunctionLexicalEnvironment):
(JSC::BytecodeGenerator::initializeArrowFunctionContextScopeIfNeeded):
(JSC::BytecodeGenerator::emitPutDerivedConstructorToArrowFunctionContextScope):

  • bytecompiler/BytecodeGenerator.h:
12:15 AM Changeset in webkit [214737] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.16

Merge r213944 - Simple line layout: Adjust hyphenation constrains based on the normal line layout line-breaking logic.
https://bugs.webkit.org/show_bug.cgi?id=169617

Source/WebCore:

Reviewed by Antti Koivisto.

This patch ensures that simple line layout ends up with the same hyphenation context as normal line layout.

Test: fast/text/simple-line-layout-hyphenation-constrains.html

  • rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::hyphenPositionForFragment): see webkit.org/b/169613
(WebCore::SimpleLineLayout::splitFragmentToFitLine):

  • rendering/line/BreakingContext.h: Integral -> fractional.

(WebCore::tryHyphenating):

LayoutTests:

Reviewed by Antti Koivisto.

  • fast/text/simple-line-layout-hyphenation-constrains-expected.html: Added.
  • fast/text/simple-line-layout-hyphenation-constrains.html: Added.
12:12 AM Changeset in webkit [214736] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/WebCore

Merge r213923 - Remove redundant check for "firstLine" in RenderBlock::lineHeight()
https://bugs.webkit.org/show_bug.cgi?id=169610

Patch by Adrian Perez de Castro <Adrian Perez de Castro> on 2017-03-14
Reviewed by Michael Catanzaro.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::lineHeight): Remove test of "firstLine" that
was already checked in the condition for the enclosing if-clause.

12:09 AM Changeset in webkit [214735] by Carlos Garcia Campos
  • 7 edits
    3 adds in releases/WebKitGTK/webkit-2.16

Merge r213897 - Make RepaintRegionAccumulator hold a WeakPtr to its root RenderView
https://bugs.webkit.org/show_bug.cgi?id=168480
<rdar://problem/30566976>

Reviewed by Antti Koivisto.

Source/WebCore:

Implements two mitigations to prevent the symptoms of the bug from occurring (see the bugzilla for more details).

Test: editing/execCommand/show-modal-dialog-during-execCommand.html

  • editing/EditorCommand.cpp:

(WebCore::Editor::Command::execute):

Do not allow edit commands to execute if the frame's document before and after layout differ (that is, edit commands
triggered by a certain document should not run on a different document).

  • rendering/RenderView.cpp:

(WebCore::RenderView::RenderView):
(WebCore::RenderView::RepaintRegionAccumulator::RepaintRegionAccumulator):

Turns RepaintRegionAccumulator's reference to its root RenderView into a WeakPtr to gracefully handle the case
where its RenderView is destroyed before RepaintRegionAccumulator's destructor gets a chance to flush the
RenderView's repaint regions.

  • rendering/RenderView.h:

LayoutTests:

Introduces a new layout test. See WebCore ChangeLog for more details.

  • TestExpectations:
  • editing/execCommand/show-modal-dialog-during-execCommand-expected.txt: Added.
  • editing/execCommand/show-modal-dialog-during-execCommand.html: Added.
  • editing/execCommand/resources/self-closing-modal-dialog.html: Added.
  • platform/mac-wk1/TestExpectations:
12:03 AM Changeset in webkit [214734] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.16/Source/JavaScriptCore

Merge r213876 - FTL should not flush strict arguments unless it really needs to
https://bugs.webkit.org/show_bug.cgi?id=169519

Reviewed by Mark Lam.

This is a refinement that we should have done ages ago. This kills some pointless PutStacks
in DFG SSA IR. It can sometimes unlock other optimizations.

Relanding after I fixed the special cases for CreateArguments-style nodes.

  • dfg/DFGPreciseLocalClobberize.h:

(JSC::DFG::PreciseLocalClobberizeAdaptor::readTop):

Apr 2, 2017:

11:51 PM Changeset in webkit [214733] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.16

Merge r213850 - [JSC] It should be possible create a label named let when parsing Statement in non strict mode
https://bugs.webkit.org/show_bug.cgi?id=168684

Patch by Caio Lima <Caio Lima> on 2017-03-13
Reviewed by Saam Barati.

JSTests:

  • ChakraCore/test/LetConst/DeclOutofBlock.baseline-jsc:

Source/JavaScriptCore:

This patch is fixing a Parser bug to allow define a label named
let in sloppy mode when parsing a Statement.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseStatement):

LayoutTests:

  • js/let-syntax-expected.txt:
  • js/script-tests/let-syntax.js:

(shouldNotHaveSyntaxErrorSloopyOnly):

10:41 PM Changeset in webkit [214732] by Carlos Garcia Campos
  • 3 edits in trunk/Source/JavaScriptCore

Share implementation of JSRunLoopTimer::timerDidFire
https://bugs.webkit.org/show_bug.cgi?id=170392

Reviewed by Michael Catanzaro.

The code is cross-platform but it's duplicated in CF and GLib implementations, it could be shared instead.

  • runtime/JSRunLoopTimer.cpp:

(JSC::JSRunLoopTimer::timerDidFire): Move common implementation here.
(JSC::JSRunLoopTimer::setRunLoop): Use timerDidFireCallback.
(JSC::JSRunLoopTimer::timerDidFireCallback): Call JSRunLoopTimer::timerDidFire().

  • runtime/JSRunLoopTimer.h:
8:30 PM Changeset in webkit [214731] by ap@apple.com
  • 2 edits in trunk/LayoutTests

Remove accidentally added DumpJSConsoleLogInStdErr from http/tests/fetch/fetch-in-worker-crash.html expectation.

8:13 PM Changeset in webkit [214730] by ap@apple.com
  • 4 edits in trunk

Build fix for
Add missing text styles
https://bugs.webkit.org/show_bug.cgi?id=170295

Source/WebCore:

  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::cachedSystemFontDescription):
(WebCore::RenderThemeIOS::updateCachedSystemFontDescription):

LayoutTests:

  • platform/ios/ios/fast/text/opticalFontWithTextStyle-expected.txt:
7:50 PM Changeset in webkit [214729] by jmarcell@apple.com
  • 2 edits in branches/safari-603-branch/Source/WebKit2

Cherry-pick r214559. rdar://problem/31371683

6:26 PM Changeset in webkit [214728] by ap@apple.com
  • 6 edits in trunk/LayoutTests

Fix lint errors.

  • TestExpectations:
  • platform/ios-wk1/TestExpectations:
  • platform/ios-wk2/TestExpectations:
  • platform/ios/TestExpectations:
  • platform/mac-wk1/TestExpectations:
11:55 AM Changeset in webkit [214727] by ap@apple.com
  • 2 edits in trunk/LayoutTests

Mark http/tests/fetch/fetch-in-worker-crash.html and imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-status.html as flaky.

For https://bugs.webkit.org/show_bug.cgi?id=170395
rdar://problem/30975761, rdar://problem/31394017

Apr 1, 2017:

10:39 PM Changeset in webkit [214726] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

Long Arabic text in ContentEditable with css white-space=pre hangs Safari
https://bugs.webkit.org/show_bug.cgi?id=170245

Reviewed by Myles C. Maxfield.

While searching for mid-word break, we measure the text by codepoints in a loop until the accumulated width > available width.
When we see that the accumulated width for the individual codepoints overflows, we join the codepoints and re-measure them.
These 2 widths could be considerably different for number of reasons (ligatures is a prime example). When we figure that
the run still fits, we go back to the main loop (since we are not supposed to wrap the line here) and take the next codepoint.
However this time we start the measurement from the last whitespace, so we end up remeasuring a potentially long chuck of text
until we hit the wrapping point. This is way too expensive.
This patch changes the logic so that we just go back to measuring individual codepoints until we hit the constrain again.

Covered by existing tests.

  • rendering/line/BreakingContext.h:

(WebCore::BreakingContext::handleText): canUseSimpleFontCodePath() is just to mitigate the potential risk of regression and
complex text is more likely to fall into this category.

10:28 PM Changeset in webkit [214725] by pvollan@apple.com
  • 1 edit
    2 adds in trunk/LayoutTests

Add test for expected fallback behavior between stroke-width and -webkit-text-stroke-width.
https://bugs.webkit.org/show_bug.cgi?id=169466

Reviewed by Jon Lee.

Now that we have added support for stroke-width, we should have a test for expected fallback behavior between
stroke-width and -webkit-text-stroke-width. Currently, stroke-width is always preferred, also when inherited,
and when -webkit-text-stroke-width is declared inline. When stroke-width is not specified, we fall back to
-webkit-text-stroke-width.

  • fast/css/stroke-width-fallback-expected.html: Added.
  • fast/css/stroke-width-fallback.html: Added.
10:28 PM Changeset in webkit [214724] by jonlee@apple.com
  • 9 edits in trunk

Add missing text styles
https://bugs.webkit.org/show_bug.cgi?id=170295
rdar://problem/30219503

Reviewed by Dean Jackson.

Source/WebCore:

Updated existing test to include new text styles.

  • css/CSSValueKeywords.in: Add title0 and title4.
  • platform/spi/cocoa/CoreTextSPI.h:
  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::cachedSystemFontDescription):
(WebCore::RenderThemeIOS::updateCachedSystemFontDescription):

Source/WebInspectorUI:

  • UserInterface/Models/CSSKeywordCompletions.js: Update keyword completions

LayoutTests:

  • platform/ios/ios/fast/text/opticalFontWithTextStyle.html: Update test to include title0 and title4.
9:53 PM Changeset in webkit [214723] by mitz@apple.com
  • 5 edits in trunk/Source

[iOS] <input type=file> label should be specified using plural rules
https://bugs.webkit.org/show_bug.cgi?id=170388

Reviewed by Alexey Proskuryakov.

Source/WebCore:

  • English.lproj/Localizable.strings: Updated using update-webkit-localizable-strings.
  • English.lproj/Localizable.stringsdict: Added an entry for the new key "%lu photo(s) and %lu video(s)", with plural rules covering all the different combinations in English. Other localizations may specify additional combinations as needed.

Source/WebKit2:

  • UIProcess/ios/forms/WKFileUploadPanel.mm:

(-[WKFileUploadPanel _processMediaInfoDictionaries:atIndex:processedResults:processedImageCount:processedVideoCount:successBlock:failureBlock:]):

Instead of calling -_displayStringForPhotos:videos:, use
+[NSString localizedStringWithFormat:] with the new format string "%lu photo(s) and
%lu video(s)" for which there are plural rules.

(-[WKFileUploadPanel _displayStringForPhotos:videos:]): Deleted.

6:56 PM Changeset in webkit [214722] by ap@apple.com
  • 4 edits in trunk

Rolling back <https://trac.webkit.org/r214697>, as it made WebKit2.DataDetectionReferenceDate time out.

Was REGRESSION (r202472): Data Detection overwrites existing links in detected ranges
https://bugs.webkit.org/show_bug.cgi?id=170365

Source/WebCore:

  • editing/cocoa/DataDetection.mm:

(WebCore::searchForLinkRemovingExistingDDLinks):

Tools:

  • TestWebKitAPI/Tests/WebKit2Cocoa/DataDetection.mm:
5:55 PM Changeset in webkit [214721] by Chris Dumez
  • 10 edits
    3 adds in trunk

We should pause silent WebAudio rendering in background tabs
https://bugs.webkit.org/show_bug.cgi?id=170299
<rdar://problem/31289132>

Reviewed by Eric Carlson.

Source/WebCore:

We should pause silent WebAudio rendering in background tabs since it uses CPU and is
not observable by the user. Such silent WebAudio rendering seems to be used by
doubleclick ads.

Test: webaudio/silent-audio-interrupted-in-background.html

  • Modules/webaudio/AudioContext.cpp:

(WebCore::AudioContext::lazyInitialize):
(WebCore::AudioContext::uninitialize):
Have AudioContext register / unregister itself with the Document to get
visibility change notifications, similarly to what HTMLMediaElement was
already doing.

(WebCore::AudioContext::visibilityStateChanged):
Begin / End session interruption whenever the page visiblity changes.

  • Modules/webaudio/AudioContext.h:
  • WebCore.xcodeproj/project.pbxproj:
  • dom/Document.cpp:

(WebCore::Document::registerForVisibilityStateChangedCallbacks):
(WebCore::Document::unregisterForVisibilityStateChangedCallbacks):
(WebCore::Document::visibilityStateChanged):

  • dom/Document.h:
  • dom/Element.h:
  • dom/VisibilityChangeClient.h: Added.

(WebCore::VisibilityChangeClient::~VisibilityChangeClient):

  • html/HTMLMediaElement.h:

Introduce a new VisibilityChangeClient interface and have both AudioContext
and HTMLMediaElement subclass it. Previously, the visibilityStateChanged()
function was on Element but this prevented AudioContext from registering
itself since AudioContext is not an Element.

LayoutTests:

Add layout test coverage.

  • webaudio/silent-audio-interrupted-in-background-expected.txt: Added.
  • webaudio/silent-audio-interrupted-in-background.html: Added.
5:17 PM Changeset in webkit [214720] by mitz@apple.com
  • 4 edits in trunk/Source/WebCore

[Cocoa] A couple of UI strings use three periods instead of an ellipsis
https://bugs.webkit.org/show_bug.cgi?id=170386

Reviewed by Tim Horton.

  • English.lproj/Localizable.strings: Updated using update-webkit-localizable-strings.
  • platform/LocalizedStrings.cpp:

(WebCore::mediaElementLoadingStateText): Changed "Loading..." to "Loading…".

  • platform/cocoa/LocalizedStringsCocoa.mm:

(WebCore::contextMenuItemTagStyles): Changed "Styles..." to "Styles…".

5:03 PM Changeset in webkit [214719] by mitz@apple.com
  • 4 edits in trunk/Source

Localizable strings files are out of date
https://bugs.webkit.org/show_bug.cgi?id=170383

Reviewed by Tim Horton.

Ran update-webkit-localizable-strings.

Source/WebCore:

  • English.lproj/Localizable.strings:

Source/WebInspectorUI:

  • Localizations/en.lproj/localizedStrings.js:
3:57 PM Changeset in webkit [214718] by mitz@apple.com
  • 5 edits in trunk/Source

[Xcode] In engineering builds, linker warns about libwebrtc.dylib’s install name being invalid
https://bugs.webkit.org/show_bug.cgi?id=170385

Reviewed by Tim Horton.

Source/WebCore:

  • Configurations/DebugRelease.xcconfig: Set WK_RELOCATABLE_FRAMEWORKS to YES like we do in some other projects’ DebugRelease.xcconfig. Engineering builds are always relocatable.
  • Configurations/WebCore.xcconfig: When WebCore is relocatable, tell the linker that it’s not going to be in the shared cache, even if its install name implies that it might be.

Source/WebKit2:

  • Configurations/WebKit.xcconfig: When WebKit is relocatable, tell the linker that it’s not going to be in the shared cache, even if its install name implies that it might be.
5:48 AM Changeset in webkit [214717] by Csaba Osztrogonác
  • 2 edits in trunk/Tools

Mac cmake buildfix after 214586.
https://bugs.webkit.org/show_bug.cgi?id=170381

Unreviewed speculative buildfix.

  • WebKitTestRunner/PlatformMac.cmake:
5:35 AM Changeset in webkit [214716] by Csaba Osztrogonác
  • 2 edits in trunk/Source/WTF

Mac cmake buildfix after 214586.
https://bugs.webkit.org/show_bug.cgi?id=170381

Unreviewed.

  • wtf/BlockPtr.h:
3:25 AM Changeset in webkit [214715] by Csaba Osztrogonác
  • 2 edits in trunk/Tools

Unreviewed speculative Mac cmake buildfix after r214586, just for fun.
https://bugs.webkit.org/show_bug.cgi?id=161675

  • WebKitTestRunner/PlatformMac.cmake:
1:14 AM Changeset in webkit [214714] by gskachkov@gmail.com
  • 3 edits
    1 add in trunk

Object with numerical keys with gaps gets filled by NaN values
https://bugs.webkit.org/show_bug.cgi?id=164412

Reviewed by Mark Lam.

This patch fixes issue when object have two properties
with name as number. The issue appears when during invoking
convertDoubleToArrayStorage, array is filled by pNaN and
method converting it to real NaN. This happeneds because a
pNaN in a Double array is a hole, and Double arrays cannot
have NaN values. To fix issue we need to check value and
clear it if it pNaN.

Source/JavaScriptCore:

  • runtime/JSObject.cpp:

(JSC::JSObject::convertDoubleToArrayStorage):

JSTests:

  • stress/object-number-properties.js: Added.
12:47 AM Changeset in webkit [214713] by ap@apple.com
  • 12 edits in trunk

Rolling back http://trac.webkit.org/r214663 - memory corruption

Source/WebCore:

  • Modules/streams/ReadableByteStreamInternals.js:

(cloneArrayBuffer):

  • bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSDOMGlobalObject::addBuiltinGlobals):

  • bindings/js/StructuredClone.cpp:

(WebCore::structuredCloneArrayBuffer):
(WebCore::cloneArrayBufferImpl): Deleted.
(WebCore::cloneArrayBuffer): Deleted.

  • bindings/js/StructuredClone.h:
  • bindings/js/WebCoreBuiltinNames.h:
  • testing/Internals.cpp:

(WebCore::markerTypeFrom):
(WebCore::Internals::resetToConsistentState):
(WebCore::Internals::isLoadingFromMemoryCache):
(WebCore::Internals::setImageFrameDecodingDuration):
(WebCore::deferredStyleRulesCountForList):
(WebCore::deferredGroupRulesCountForList):
(WebCore::deferredKeyframesRulesCountForList):
(WebCore::Internals::eventThrottlingBehaviorOverride):
(WebCore::Internals::enableMockSpeechSynthesizer):
(WebCore::Internals::rangeForDictionaryLookupAtLocation):
(WebCore::Internals::nodesFromRect):
(WebCore::Internals::layerIDForElement):
(WebCore::Internals::setElementUsesDisplayListDrawing):
(WebCore::Internals::setElementTracksDisplayListReplay):
(WebCore::Internals::styleRecalcCount):
(WebCore::Internals::compositingUpdateCount):
(WebCore::Internals::setCaptionDisplayMode):
(WebCore::Internals::endMediaSessionInterruption):
(WebCore::Internals::postRemoteControlCommand):
(WebCore::appendOffsets):
(WebCore::Internals::scrollSnapOffsets):
(WebCore::Internals::setShowAllPlugins):
(WebCore::Internals::cloneArrayBuffer): Deleted.

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

  • streams/readable-stream-byob-request-expected.txt:
  • streams/readable-stream-byob-request.js:

(self.importScripts.test): Deleted.

Note: See TracTimeline for information about the timeline view.