Context Navigation

Add operator== so that when a ScriptCallFrame object is held in a Vector, calling find
with an existing value doesn't need require a functor and can use existing code.

interpreter/StackVisitor.h:
interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::isWasmFrame const): Inlined in header.

Source/WebCore:

Tests: inspector/canvas/recording-2d.html

inspector/model/recording.html

inspector/InspectorCanvas.h:
inspector/InspectorCanvas.cpp:

(WebCore::InspectorCanvas::indexForData):
(WebCore::InspectorCanvas::buildAction):

Source/WebInspectorUI:

Localizations/en.lproj/localizedStrings.js:
UserInterface/Main.html:

UserInterface/Models/Recording.js:

(WI.Recording.prototype.swizzle):
Add Array type for swizzling array values.

UserInterface/Models/RecordingAction.js:

(WI.RecordingAction):
(WI.RecordingAction.fromPayload):
(WI.RecordingAction.prototype.get trace):
(WI.RecordingAction.prototype.swizzle):
(WI.RecordingAction.prototype.toJSON):

UserInterface/Views/RecordingTraceDetailsSidebarPanel.js: Added.

(WI.RecordingTraceDetailsSidebarPanel):
(WI.RecordingTraceDetailsSidebarPanel.disallowInstanceForClass):
(WI.RecordingTraceDetailsSidebarPanel.prototype.inspect):
(WI.RecordingTraceDetailsSidebarPanel.prototype.set recording):
(WI.RecordingTraceDetailsSidebarPanel.prototype.updateActionIndex):

UserInterface/Views/RecordingTraceDetailsSidebarPanel.css: Added.

(.sidebar > .panel.details.recording-trace > .content > .call-frame):
(.sidebar > .details.recording-trace > .content > .no-trace-data):
(.sidebar > .details.recording-trace > .content > .no-trace-data > .message):

UserInterface/Views/RecordingTabContentView.js:

(WI.RecordingTabContentView):

UserInterface/Views/RecordingActionTreeElement.js:

(WI.RecordingActionTreeElement.prototype.populateContextMenu):

UserInterface/Views/CallFrameView.css:

(.call-frame):
(body[dir=ltr] .call-frame .icon):
(body[dir=rtl] .call-frame .icon):
Apply the same trailing margin for CallFrameView icons as TreeElement.

LayoutTests:

inspector/canvas/recording-2d-expected.txt:
inspector/canvas/recording-2d.html:
inspector/model/recording-expected.txt:
inspector/model/recording.html:

11:16 PM Changeset in webkit [220187] by Yusuke Suzuki

3 edits in trunk/Source/WTF

Unreviewed, build fix for Windows port
https://bugs.webkit.org/show_bug.cgi?id=174716

This ugliness will be fixed in https://bugs.webkit.org/show_bug.cgi?id=175013.

wtf/ThreadHolder.h:
wtf/Threading.h:

11:03 PM Changeset in webkit [220186] by Yusuke Suzuki

40 edits
2 deletes in trunk/Source

Merge WTFThreadData to Thread::current
https://bugs.webkit.org/show_bug.cgi?id=174716

Reviewed by Mark Lam.

Source/JavaScriptCore:

Use Thread::current() instead.

API/JSContext.mm:

(+[JSContext currentContext]):
(+[JSContext currentThis]):
(+[JSContext currentCallee]):
(+[JSContext currentArguments]):
(-[JSContext beginCallbackWithData:calleeValue:thisValue:argumentCount:arguments:]):
(-[JSContext endCallbackWithData:]):

heap/Heap.cpp:

(JSC::Heap::requestCollection):

runtime/Completion.cpp:

(JSC::checkSyntax):
(JSC::checkModuleSyntax):
(JSC::evaluate):
(JSC::loadAndEvaluateModule):
(JSC::loadModule):
(JSC::linkAndEvaluateModule):
(JSC::importModule):

runtime/Identifier.cpp:

(JSC::Identifier::checkCurrentAtomicStringTable):

runtime/InitializeThreading.cpp:

(JSC::initializeThreading):

runtime/JSLock.cpp:

(JSC::JSLock::didAcquireLock):
(JSC::JSLock::willReleaseLock):
(JSC::JSLock::dropAllLocks):
(JSC::JSLock::grabAllLocks):

runtime/JSLock.h:
runtime/VM.cpp:

(JSC::VM::VM):
(JSC::VM::updateStackLimits):
(JSC::VM::committedStackByteCount):

runtime/VM.h:

(JSC::VM::isSafeToRecurse const):

runtime/VMEntryScope.cpp:

(JSC::VMEntryScope::VMEntryScope):

runtime/VMInlines.h:

(JSC::VM::ensureStackCapacityFor):

yarr/YarrPattern.cpp:

(JSC::Yarr::YarrPatternConstructor::isSafeToRecurse const):

Source/WebCore:

Use Thread::current() instead.

fileapi/AsyncFileStream.cpp:
platform/ThreadGlobalData.cpp:

(WebCore::ThreadGlobalData::ThreadGlobalData):

platform/graphics/cocoa/WebCoreDecompressionSession.h:
platform/ios/wak/WebCoreThread.mm:

(StartWebThread):

workers/WorkerThread.cpp:

(WebCore::WorkerThread::workerThread):

Source/WTF:

We placed thread specific data in WTFThreadData previously. But now, we have a new good place
to put thread specific data: WTF::Thread. Before this patch, WTFThreadData and WTF::Thread
sometimes have the completely same fields (m_stack etc.) due to initialization order limitations.
This patch merges WTFThreadData to WTF::Thread. We apply WTFThreadData's initialization style
to WTF::Thread. So, WTF::Thread's holder now uses fast TLS for darwin environment. Thus,
Thread::current() access is now accelerated. And WTF::Thread::current() can be accessed even
before calling WTF::initializeThreading.

WTF.xcodeproj/project.pbxproj:
wtf/CMakeLists.txt:
wtf/LockAlgorithm.h:
wtf/LockAlgorithmInlines.h:
wtf/MainThread.h:
wtf/ParkingLot.cpp:
wtf/StackStats.cpp:

(WTF::StackStats::PerThreadStats::PerThreadStats):
(WTF::StackStats::CheckPoint::CheckPoint):
(WTF::StackStats::CheckPoint::~CheckPoint):
(WTF::StackStats::probe):
(WTF::StackStats::LayoutCheckPoint::LayoutCheckPoint):

wtf/ThreadHolder.cpp:

(WTF::ThreadHolder::initializeCurrent):

wtf/ThreadHolder.h:

(WTF::ThreadHolder::ThreadHolder):
(WTF::ThreadHolder::currentMayBeNull):
(WTF::ThreadHolder::current):

wtf/ThreadHolderPthreads.cpp:

(WTF::ThreadHolder::initializeKey):
(WTF::ThreadHolder::initialize):
(WTF::ThreadHolder::destruct):
(WTF::ThreadHolder::initializeOnce): Deleted.
(WTF::ThreadHolder::current): Deleted.

wtf/ThreadHolderWin.cpp:

(WTF::ThreadHolder::initializeKey):
(WTF::ThreadHolder::currentDying):
(WTF::ThreadHolder::initialize):
(WTF::ThreadHolder::initializeOnce): Deleted.
(WTF::ThreadHolder::current): Deleted.

wtf/Threading.cpp:

(WTF::Thread::initializeInThread):
(WTF::Thread::entryPoint):
(WTF::Thread::create):
(WTF::Thread::didExit):
(WTF::initializeThreading):
(WTF::Thread::currentMayBeNull): Deleted.

wtf/Threading.h:

(WTF::Thread::current):
(WTF::Thread::atomicStringTable):
(WTF::Thread::setCurrentAtomicStringTable):
(WTF::Thread::stackStats):
(WTF::Thread::savedStackPointerAtVMEntry):
(WTF::Thread::setSavedStackPointerAtVMEntry):
(WTF::Thread::savedLastStackTop):
(WTF::Thread::setSavedLastStackTop):

wtf/ThreadingPrimitives.h:
wtf/ThreadingPthreads.cpp:

(WTF::Thread::createCurrentThread):
(WTF::Thread::current): Deleted.

wtf/ThreadingWin.cpp:

(WTF::Thread::createCurrentThread):
(WTF::Thread::current): Deleted.

wtf/WTFThreadData.cpp: Removed.
wtf/WTFThreadData.h: Removed.
wtf/text/AtomicString.cpp:
wtf/text/AtomicStringImpl.cpp:

(WTF::stringTable):

wtf/text/AtomicStringTable.cpp:

(WTF::AtomicStringTable::create):

wtf/text/AtomicStringTable.h:

10:57 PM Changeset in webkit [220185] by Chris Dumez

6 edits in trunk

NetworkResourceLoader::setDefersLoading() may cause start() to be called multiple times
https://bugs.webkit.org/show_bug.cgi?id=175109
<rdar://problem/33363169>

Reviewed by Brady Eidson.

Source/WebKit:

If NetworkResourceLoader::setDefersLoading(false) is called by the client while m_networkLoad is null
then we call NetworkResourceLoader::start() to start the load. This is needed in the case where
a NetworkResourceLoader is constructed in deferred mode so that the load can later be started via
setDefersLoading(). However, it is possible for setDefersLoading(false) to be called when start()
has already been called, which causes start() to be called multiple times and leads to an assertion
hit in debug.

Normally, setDefersLoading(false) returns without calling start() if m_networkLoad is not null. It
relies on m_networkLoad being non-null to determine if start() should be called. This is bad because
start() checks the disk cache asynchronously *before* calling startNetworkLoad() and initializing
m_networkLoad. Therefore, if setDefersLoading(false) is called *while* we are checking the cache,
then we will call incorrectly call start() again.

In the case of the radar, this happens when we:

Call start() and check the disk cache
Retrieve a cached redirect from the cache, which causes a WillSendRequest IPC to be sent to the WebProcess
The WebProcess calls setDefersLoading(true), sends the ContinueWillSendRequest IPC back and then calls setDefersLoading(false)

The call to continueWillSendRequest() causes us to retrieve the redirected entry from the cache,
asynchronously, which will return no entry and start a load.
The later call to setDefersLoading(false) causes us to call start() again and we end up back to step 1.

NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::start):
(WebKit::NetworkResourceLoader::setDefersLoading):

NetworkProcess/NetworkResourceLoader.h:

LayoutTests:

Extend test coverage to cover cacheable redirects to a resource that needs
revalidation, similarly to the case in the radar.

http/tests/cache/disk-cache/disk-cache-redirect-expected.txt:
http/tests/cache/disk-cache/disk-cache-redirect.html:

10:48 PM Changeset in webkit [220184] by fpizlo@apple.com

5 edits in trunk/Source/JavaScriptCore

LLInt should do pointer caging
https://bugs.webkit.org/show_bug.cgi?id=175036

Reviewed by Keith Miller.

Implementing this in the LLInt was challenging because offlineasm did not previously know
how to load from globals. This teaches it how to do that on Darwin/x86_64, which happens
to be where the Gigacage is enabled right now.

llint/LLIntOfflineAsmConfig.h:
llint/LowLevelInterpreter64.asm:
offlineasm/ast.rb:
offlineasm/x86.rb:

9:46 PM Changeset in webkit [220183] by commit-queue@webkit.org

2 edits in trunk/Source/WTF

NeverDestroyed related leaks seen on bots
https://bugs.webkit.org/show_bug.cgi?id=175113

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-08-02
Reviewed by Yusuke Suzuki.

wtf/NeverDestroyed.h:

(WTF::NeverDestroyed::NeverDestroyed):
Previously the result of makeNeverDestroyed was not always moving into
the static NeverDestroyed static local variable. In some cases it would
re-invoke the constructor, creating a new NeverDestroyed object. In the
case of a Vector it was causing leaks.

Adding a move constructor convinces the compiler to move the result
of makeNeverDestroyed into the NeverDestroyed static. It doesn't actually
invoke the move constructor here, which I believe means it is deciding
to perform optional copy elision optimization.
'http://en.cppreference.com/w/cpp/language/copy_elision

9:40 PM Changeset in webkit [220182] by jmarcell@apple.com

7 edits in tags/Safari-604.1.36/Source

Versioning.

9:25 PM Changeset in webkit [220181] by jmarcell@apple.com

1 copy in branches/safari-604.1.36-branch

New branch.

9:21 PM Changeset in webkit [220180] by Devin Rousso

4 edits in trunk/Source/WebInspectorUI

Web Inspector: add TreeElement virtualization for the Recording tab
https://bugs.webkit.org/show_bug.cgi?id=174968

Reviewed by Joseph Pecoraro.

UserInterface/Views/RecordingNavigationSidebarPanel.js:

(WI.RecordingNavigationSidebarPanel):

UserInterface/Views/TreeOutline.js:

(WI.TreeOutline):
(WI.TreeOutline.prototype.get virtualized):
(WI.TreeOutline.prototype.registerScrollVirtualizer):
(WI.TreeOutline.prototype.updateVirtualizedElements.walk):
(WI.TreeOutline.prototype.updateVirtualizedElements):
Add spacer elements before and after the TreeOutline element that will size to ensure that
the TreeOutline node still takes up the same amount of space after some of the TreeElements
are removed. Whenever the scroll of the container view changes, recalculate the visible area
and add/remove TreeElements based on whether they would be in that. This is only possible if
every TreeElement has the same vertical height, which is given when setting up the scroll
listener on the container view.

UserInterface/Views/TreeElement.js:

(WI.TreeElement.prototype.set hidden):
(WI.TreeElement.prototype._attach):
(WI.TreeElement.prototype.collapse):
(WI.TreeElement.prototype.expand):
(WI.TreeElement.prototype.reveal):
If the TreeOutline is being virtualized, don't add each TreeElement's node to the DOM. They
will be added at the end of the frame (via setTimeout) if they are within the visible + padding
area of the TreeOutline.

9:19 PM Changeset in webkit [220179] by commit-queue@webkit.org

5 edits
2 deletes in trunk

HTTP tests with 'https' suffix are only run over HTTPS for WK2, not WK1
https://bugs.webkit.org/show_bug.cgi?id=175089

Patch by Youenn Fablet <youenn@apple.com> on 2017-08-02
Reviewed by Chris Dumez.

Tools:

DumpRenderTree/TestOptions.mm:

(TestOptions::TestOptions): Using absolutePath if available.

DumpRenderTree/mac/DumpRenderTree.mm:

(computeTestURL): Removing http/tests/ specific URL computation.

Scripts/webkitpy/port/driver.py:

(Driver._command_from_driver_input): Making webkitpy passing HTTP urls for HTTP served tests to all test runners, including WK1.

LayoutTests:

Removing no longer needed expectations.

platform/ios-wk1/http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https-expected.txt: Removed.
platform/mac-wk1/http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https-expected.txt: Removed.

8:53 PM Changeset in webkit [220178] by akling@apple.com

2 edits in trunk/Source/WebKit

NetworkRTCProvider::createResolver() leaks CFHost objects
https://bugs.webkit.org/show_bug.cgi?id=175103
<rdar://problem/33690347>

Reviewed by Youenn Fablet.

Add a missing adoptCF() so we don't leak the CFHost.

NetworkProcess/webrtc/NetworkRTCProvider.cpp:

(WebKit::NetworkRTCProvider::createResolver):

8:49 PM Changeset in webkit [220177] by commit-queue@webkit.org

4 edits in trunk/Source/WebCore

Fix crashes in GC creating a document fragment on a background thread
https://bugs.webkit.org/show_bug.cgi?id=175111

Patch by Sam Weinig <sam@webkit.org> on 2017-08-02
Reviewed by Chris Dumez.

r220095 (https://webkit.org/b/175006) change JSHTMLTemplateElement from using a
private name + property to manager the lifetime of the reference DocumentFragment
to using the idiomatic visitAdditionalChildren. Unfortunately, the function to access
the DocumentFragment lazily creates it. If this lazy creation happens on a GC thread,
badness ensues. This introduces an accessor that returns the DocumentFragment if it
has been created or null if it has not.

bindings/js/JSHTMLTemplateElementCustom.cpp:

(WebCore::JSHTMLTemplateElement::visitAdditionalChildren):

html/HTMLTemplateElement.cpp:

(WebCore::HTMLTemplateElement::contentIfAvailable):

html/HTMLTemplateElement.h:

8:25 PM Changeset in webkit [220176] by commit-queue@webkit.org

5 edits in trunk/Source/WebCore

[WebIDL] Simplify [EnabledBySettings] extended attribute code to not require passing a global object to finishCreation
https://bugs.webkit.org/show_bug.cgi?id=175087

Patch by Sam Weinig <sam@webkit.org> on 2017-08-02
Reviewed by Chris Dumez.

bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation):
(GeneratePrototypeDeclaration):
Remove unnecessary passing of the global object to finishCreation for [EnabledBySettings].

bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
bindings/scripts/test/JS/JSTestNode.cpp:
bindings/scripts/test/JS/JSTestObj.cpp:

Update tests.

6:57 PM Changeset in webkit [220175] by fpizlo@apple.com

2 edits in trunk/Source/JavaScriptCore

Sweeping should only scribble when sweeping to free list
https://bugs.webkit.org/show_bug.cgi?id=175105

Reviewed by Saam Barati.

I just saw a crash on the bots where a destructor call attempt dereferenced scribbled memory. This
can happen because the bump path of specializedSweep will scribble in SweepOnly, which replaces the
zap word (i.e. 0) with the scribble word (i.e. 0xbadbeef0). This is a recent regression, since we
didn't used to do destruction on the bump path. No destruction, no zapping. Looking at the pop
path, we only scribble when we SweepToFreeList. This ensures that we only overwrite the zap word
when it doesn't matter anyway because we're building a free list.

This is a fix for those crashes on the bots because it means that we'll no longer scribble over the
zap.

heap/MarkedBlockInlines.h:

(JSC::MarkedBlock::Handle::specializedSweep):

6:55 PM Changeset in webkit [220174] by Matt Lewis

2 edits in trunk/LayoutTests

Marked http/tests/appcache/deferred-events-delete-while-raising-timer.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=175107

Unreviewed test gardening.

TestExpectations:

6:42 PM Changeset in webkit [220173] by clopez@igalia.com

2 edits in trunk/JSTests

[Linux] JSTests/wasm/stress/oom.js should not run on Linux
https://bugs.webkit.org/show_bug.cgi?id=175100

Reviewed by Mark Lam.

The JSC test JSTests/wasm/stress/oom.js tries to use all the
available memory until an out of memory exception happens.

The Linux kernel is more tuned for server workloads than for GUI
responsiveness. When a process tries to use a lot of memory, Linux
will do its best to serve the request. This usually translates to
free physical RAM by writing to disk dirty pages and/or moving out
less recently used pages to swap (disk storage).
Meanwhile it does this, the system will become unresponsive and this
leads to freezes that can last even some minutes on the worst cases.

Therefore, let's skip this test on Linux as it will cause more harm
than good on the Linux bots or on the machines of Linux developers.

wasm/stress/oom.js:

6:33 PM Changeset in webkit [220172] by jmarcell@apple.com

3 edits in branches/safari-604-branch/Source/JavaScriptCore

Cherry-pick r220144. rdar://problem/33687404

6:33 PM Changeset in webkit [220171] by jmarcell@apple.com

5 edits
3 adds in branches/safari-604-branch

Cherry-pick r220112. rdar://problem/33687415

6:33 PM Changeset in webkit [220170] by jmarcell@apple.com

6 edits in branches/safari-604-branch/Source/WebCore

Cherry-pick r220085. rdar://problem/33687398

6:33 PM Changeset in webkit [220169] by jmarcell@apple.com

2 edits in branches/safari-604-branch/Source/WebCore

Cherry-pick r220084. rdar://problem/33687425

6:33 PM Changeset in webkit [220168] by jmarcell@apple.com

3 edits in branches/safari-604-branch/Source/WebCore

Cherry-pick r220077. rdar://problem/33687398

6:32 PM Changeset in webkit [220167] by jmarcell@apple.com

4 edits
2 adds in branches/safari-604-branch

Cherry-pick r220035. rdar://problem/33687398

6:32 PM Changeset in webkit [220166] by Lucas Forschler

2 edits in trunk/Tools

6:32 PM Changeset in webkit [220165] by fpizlo@apple.com

8 edits
1 add in trunk/Source

All C++ accesses to JSObject::m_butterfly should do caging
https://bugs.webkit.org/show_bug.cgi?id=175039

Reviewed by Keith Miller.

Source/JavaScriptCore:

Makes JSObject::m_butterfly a AuxiliaryBarrier<CagedPtr<Butterfly>> and adopts the CagedPtr<> API.
This ensures that you can't cause C++ code to access a butterfly that has been rewired to point
outside the gigacage.

runtime/JSArray.cpp:

(JSC::JSArray::setLength):
(JSC::JSArray::pop):
(JSC::JSArray::push):
(JSC::JSArray::shiftCountWithAnyIndexingType):
(JSC::JSArray::unshiftCountWithAnyIndexingType):
(JSC::JSArray::fillArgList):
(JSC::JSArray::copyToArguments):

runtime/JSObject.cpp:

(JSC::JSObject::heapSnapshot):
(JSC::JSObject::createInitialIndexedStorage):
(JSC::JSObject::createArrayStorage):
(JSC::JSObject::convertUndecidedToInt32):
(JSC::JSObject::convertUndecidedToDouble):
(JSC::JSObject::convertUndecidedToContiguous):
(JSC::JSObject::convertInt32ToDouble):
(JSC::JSObject::convertInt32ToArrayStorage):
(JSC::JSObject::convertDoubleToContiguous):
(JSC::JSObject::convertDoubleToArrayStorage):
(JSC::JSObject::convertContiguousToArrayStorage):
(JSC::JSObject::defineOwnIndexedProperty):
(JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
(JSC::JSObject::ensureLengthSlow):
(JSC::JSObject::allocateMoreOutOfLineStorage):

runtime/JSObject.h:

(JSC::JSObject::canGetIndexQuickly):
(JSC::JSObject::getIndexQuickly):
(JSC::JSObject::tryGetIndexQuickly const):
(JSC::JSObject::canSetIndexQuickly):
(JSC::JSObject::setIndexQuickly):
(JSC::JSObject::initializeIndex):
(JSC::JSObject::initializeIndexWithoutBarrier):
(JSC::JSObject::butterfly const):
(JSC::JSObject::butterfly):

Source/WTF:

Adds a smart pointer class that does various kinds of caging for you.

WTF.xcodeproj/project.pbxproj:
wtf/CMakeLists.txt:
wtf/CagedPtr.h: Added.

(WTF::CagedPtr::CagedPtr):
(WTF::CagedPtr::get const):
(WTF::CagedPtr::getMayBeNull const):
(WTF::CagedPtr::operator== const):
(WTF::CagedPtr::operator!= const):
(WTF::CagedPtr::operator bool const):
(WTF::CagedPtr::operator* const):
(WTF::CagedPtr::operator-> const):

5:54 PM Changeset in webkit [220164] by Matt Lewis

2 edits
8 deletes in trunk/LayoutTests

Removed bad expectations and marked test as flaky.
https://bugs.webkit.org/show_bug.cgi?id=175061

Unreviewed test gardening.

platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Removed.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Removed.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any-expected.txt: Removed.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any.worker-expected.txt: Removed.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any-expected.txt: Removed.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any.worker-expected.txt: Removed.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any-expected.txt: Removed.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any.worker-expected.txt: Removed.
platform/mac/TestExpectations:

5:46 PM Changeset in webkit [220163] by aestes@apple.com

4 edits
3 adds in trunk

REGRESSION (r207155): Unable to switch sheets when previewing Numbers '09 spreadsheets
https://bugs.webkit.org/show_bug.cgi?id=175098
<rdar://problem/31416763>

Reviewed by Daniel Bates.

Source/WebCore:

r207155 enabled sandboxing on the frame displaying a QuickLook preview. This restricted
frames within the sandbox from navigating their sandboxed siblings or ancestors, which
breaks the functionality of multi-sheet Numbers '09 spreadsheet previews. These previews
contain a frameset with a table of contents frame and a content frame, and the table of
contents frame needs to be able to navigate the content frame when the sheet selection
changes.

Fix this by disabling the SandboxNavigation flag in the QuickLook sandbox. Frames within the
sandbox will be able to navigate each other, but will not be able to navigate the top frame
(due to SandboxTopNavigation still being enabled), nor will they be able to navigate any
other ancestor frame outside the sandbox (due to QuickLook previews being in a different
origin than the hosting frame). These two cases are covered by existing tests.

Test: quicklook/multi-sheet-numbers-09.html

dom/Document.cpp:

(WebCore::Document::applyQuickLookSandbox): Added a call to
disableSandboxFlags(SandboxNavigation) after applying the content security policy.

dom/SecurityContext.h:

(WebCore::SecurityContext::disableSandboxFlags): Defined disableSandboxFlags().

LayoutTests:

quicklook/multi-sheet-numbers-09-expected.txt: Added.
quicklook/multi-sheet-numbers-09.html: Added.
quicklook/resources/multi-sheet-numbers-09.numbers: Added.

5:44 PM Changeset in webkit [220162] by jmarcell@apple.com

1 copy in tags/Safari-604.1.36

Tag Safari-604.1.36.

5:44 PM Changeset in webkit [220161] by jmarcell@apple.com

1 delete in tags/Safari-604.1.36

Delete Tag.

4:56 PM Changeset in webkit [220160] by Chris Dumez

2 edits in trunk/LayoutTests

Unreviewed, skip newly imported WPT that is slow in Debug builds.

TestExpectations:

3:46 PM Changeset in webkit [220159] by commit-queue@webkit.org

3 edits in trunk/LayoutTests

inspector/runtime/CommandLineAPI-inspect.html is flaky.
https://bugs.webkit.org/show_bug.cgi?id=175092

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-08-02
Reviewed by Brian Burg.

inspector/runtime/CommandLineAPI-inspect-expected.txt:
inspector/runtime/CommandLineAPI-inspect.html:

3:35 PM Changeset in webkit [220158] by Jonathan Bedard

3 edits in trunk/Tools

check-webkit-style: deleting lines in a file runs the linter on the whole file
https://bugs.webkit.org/show_bug.cgi?id=175078

Reviewed by David Kilzer.

Deleting lines in a file should not cause linter errors to be blamed on the patch.
<https://bugs.webkit.org/show_bug.cgi?id=86142> is an example of this happening.

Scripts/webkitpy/style/checkers/test_expectations.py:

(TestExpectationsChecker._should_log_linter_warning): Do not log a linter error if the file it is associated with only has deleted lines

Scripts/webkitpy/style/main_unittest.py:

(ExpectationLinterInStyleCheckerTest.test_linter_duplicate_line): Added files should have every line number in the file when processing.
(ExpectationLinterInStyleCheckerTest.test_linter_duplicate_line_only_deletes): Test case where the file with the linter errors only contained deletes.
(ExpectationLinterInStyleCheckerTest.test_linter_added_file_with_error): Added files should have every line number in the file when processing.

3:31 PM Changeset in webkit [220157] by jmarcell@apple.com

7 edits in branches/safari-604-branch/Source

Versioning.

3:29 PM Changeset in webkit [220156] by jmarcell@apple.com

1 copy in tags/Safari-604.1.36

Tag Safari-604.1.36.

3:23 PM Changeset in webkit [220155] by jmarcell@apple.com

7 edits in trunk/Source

Versioning.

2:50 PM Changeset in webkit [220154] by fpizlo@apple.com

4 edits in trunk/Source/bmalloc

If Gigacage is disabled, bmalloc should service large aligned memory allocation requests through vmAllocate
https://bugs.webkit.org/show_bug.cgi?id=175085

Reviewed by Saam Barati.

This fixes a problem where if we used gmalloc, WebAssembly memory allocations would still use
bmalloc's large allocator.

We want to use the page allocator for those "large" allocations when the Gigacage is disabled.

bmalloc/DebugHeap.cpp:

(bmalloc::DebugHeap::DebugHeap):
(bmalloc::DebugHeap::memalignLarge):
(bmalloc::DebugHeap::freeLarge):

bmalloc/DebugHeap.h:
bmalloc/Heap.cpp:

(bmalloc::Heap::tryAllocateLarge):
(bmalloc::Heap::deallocateLarge):

2:50 PM Changeset in webkit [220153] by jer.noble@apple.com

2 edits in trunk/Source/WebCore

[MSE] Removing samples when presentation order does not match decode order can cause bad behavior.
https://bugs.webkit.org/show_bug.cgi?id=175091

Reviewed by Eric Carlson.

Address follow-up comments to r219519.

Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::removeCodedFrames):

1:51 PM Changeset in webkit [220152] by jmarcell@apple.com

1 copy in tags/Safari-605.1.2

Tag Safari-605.1.2.

1:45 PM Changeset in webkit [220151] by commit-queue@webkit.org

7 edits in trunk/Source

Remove unused and obsolete setting mediaDocumentEntersFullscreenAutomatically
https://bugs.webkit.org/show_bug.cgi?id=175080

Patch by Jeremy Jones <jeremyj@apple.com> on 2017-08-02
Reviewed by Jon Lee.

Source/WebCore:

No new tests because this only removes unused code.

This is obsolete because of the alternate solution in
https://bugs.webkit.org/show_bug.cgi?id=174850

page/Settings.in:

Source/WebKit:

This is obsolete because of the alternate solution in
https://bugs.webkit.org/show_bug.cgi?id=174850

Shared/WebPreferencesDefinitions.h:
UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences _setMediaDocumentEntersFullscreenAutomatically:]): Deleted.
(-[WKPreferences _mediaDocumentEntersFullscreenAutomatically]): Deleted.

UIProcess/API/Cocoa/WKPreferencesPrivate.h:
WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

1:01 PM Changeset in webkit [220150] by Jonathan Bedard

4 edits in trunk/Tools

webkitpy: Allow caller to specify response to unicode encode/decode error in filesystem
https://bugs.webkit.org/show_bug.cgi?id=175075

Reviewed by David Kilzer.

We have no way of handling text files with illegal unicode characters. Allow the callers of
filesystem.read_text_file to specify one of Python 2.7's supported responses ('strict', 'ignore', or
'replace'). See https://docs.python.org/2/howto/unicode.html for details on these responses.

Scripts/webkitpy/common/system/filesystem.py:

(FileSystem.read_text_file): Allow caller to specify unicode error handling.
(FileSystem.write_text_file): Ditto.

Scripts/webkitpy/common/system/filesystem_mock.py:

(MockFileSystem.read_text_file): Allow caller to specify unicode error handling.
(MockFileSystem.write_text_file): Ditto.

Scripts/webkitpy/common/system/filesystem_unittest.py:

(RealFileSystemTest.test_read_text_file_unicode_decode_error): Test reading a file with illegal unicode content.
(RealFileSystemTest.test_write_text_file_unicode_encode_error): Test writing illegal unicode content to a file.

12:59 PM Changeset in webkit [220149] by Chris Dumez

3 edits in trunk/LayoutTests

Unreviewed, skip newly imported WPT HTTPS tests on WK2 only.

The tests seem to work fine on WK1.

TestExpectations:
platform/wk2/TestExpectations:

12:57 PM Changeset in webkit [220148] by fpizlo@apple.com

13 edits in trunk/Source

We should be OK with the gigacage being disabled on gmalloc
https://bugs.webkit.org/show_bug.cgi?id=175082

Reviewed by Michael Saboff.
Source/bmalloc:

This adds Gigacage::shouldBeEnabled(), which returns false when we're using gmalloc or other things
that enable DebugHeap.

bmalloc/Environment.cpp:

(bmalloc::Environment::Environment):

bmalloc/Environment.h:
bmalloc/Gigacage.cpp:

(Gigacage::ensureGigacage):
(Gigacage::shouldBeEnabled):

bmalloc/Gigacage.h:
bmalloc/Heap.cpp:

(bmalloc::Heap::Heap):

bmalloc/Heap.h:

Source/JavaScriptCore:

jsc.cpp:

(jscmain):

Source/WebKit:

WebProcess/WebProcess.cpp:

(WebKit::m_webSQLiteDatabaseTracker):

Source/WTF:

wtf/Gigacage.h:

(Gigacage::shouldBeEnabled):

11:35 AM Changeset in webkit [220147] by BJ Burg

2 edits in trunk/Source/WebKit

Web Automation: files selected for upload should be checked against values of the 'accept' attribute
https://bugs.webkit.org/show_bug.cgi?id=174803
<rdar://problem/33514190>

Reviewed by Carlos Garcia Campos.

Use the parsed values of the file input element's "accept" attribute to reject
files that don't match the specified values. This is normally done by Safari
using NSOpenPanel, but since a real open panel isn't shown during automation,
it needs to be done here.

Support for limiting accepted files by file extensions will be added when the
same is implemented in the normal code path for the C and Objective-C APIs.

This change is covered by internal WebDriver tests that will be rewritten for the
public Webdriver W3C test suite someday, when safaridriver runs those tests itself.

UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::handleRunOpenPanel):
Since we already have the proposed files, there's no need to compute a list of
supported extensions based on wildcard MIME types. First check the extension,
then the inferred MIME type for the extension, and then the wildcard MIME type
if the inferred type is not an exact match.

11:25 AM Changeset in webkit [220146] by Matt Lewis

2 edits in trunk/LayoutTests

Unmarked imported/w3c/IndexedDB-private-browsing/idbfactory_open.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=174949

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:

11:24 AM Changeset in webkit [220145] by fpizlo@apple.com

2 edits in trunk/Source/WebCore

GPUBuffer::length() should return the size of the array buffer backing the GPU buffer, not the rounded-up GPU buffer length
https://bugs.webkit.org/show_bug.cgi?id=175079

Reviewed by Simon Fraser.

This fixes a failure in the GPU.BufferCreate unit test.

The problem is that in order to have a Metal buffer wrap memory we allocated, we have to tell Metal
that the memory is page-aligned. This means that the Metal buffer reports back a page-aligned size,
which is different than what the test expected.

It seems that it's most convenient for our GPUBuffer class to return the unaligned length, rather
than the aligned length. This is just a simple matter of returning the length from the ArrayBuffer
rather than the Metal buffer.

This fixes the unit test and is probably more sensible for actual users of this class, since the page
alignment of the length is a goofy implementation detail.

platform/graphics/cocoa/GPUBufferMetal.mm:

(WebCore::GPUBuffer::length const):

11:15 AM Changeset in webkit [220144] by sbarati@apple.com

3 edits in trunk/Source/JavaScriptCore

On memory-constrained iOS devices, reduce the rate at which the JS heap grows before a GC to try to keep more memory available for the system
https://bugs.webkit.org/show_bug.cgi?id=175041
<rdar://problem/33659370>

Reviewed by Filip Pizlo.

The testing I have done shows that this new function is a ~10%
progression running JetStream on 1GB iOS devices. I've also tried
this on a few > 1GB iOS devices, and the testing shows this is either neutral
or a regression. Right now, we'll just enable this for <= 1GB devices
since it's a win. In the future, we might want to either look into
tweaking these parameters or coming up with a new function for > 1GB
devices.

heap/Heap.cpp:
runtime/Options.h:

11:10 AM Changeset in webkit [220143] by matthew_hanson@apple.com

2 edits in tags/Safari-604.1.35.1/Source/WebKitLegacy

Cherry-pick r220128. rdar://problem/33537767

11:10 AM Changeset in webkit [220142] by matthew_hanson@apple.com

13 edits in tags/Safari-604.1.35.1

Cherry-pick r219602. rdar://problem/33537767

11:10 AM Changeset in webkit [220141] by matthew_hanson@apple.com

7 edits in tags/Safari-604.1.35.1/Source

Versioning.

10:57 AM Changeset in webkit [220140] by matthew_hanson@apple.com

1 copy in tags/Safari-604.1.35.1

New Tag.

10:54 AM Changeset in webkit [220139] by aakash_jain@apple.com

2 edits in trunk/Tools

Intermittent exception in buildPageURLForIteration for Buildbot 0.9 dashboard
https://bugs.webkit.org/show_bug.cgi?id=175072

Reviewed by Alexey Proskuryakov.

BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/Buildbot.js:

(Buildbot): Make sure this._builderNameToIDMap is always defined for Buildbot 0.9.

10:51 AM Changeset in webkit [220138] by timothy_horton@apple.com

5 edits in trunk/Source/WebKit

WKPDFView doesn't respect safe area insets
https://bugs.webkit.org/show_bug.cgi?id=175046
<rdar://problem/33558386>

Reviewed by Wenson Hsieh.

Platform/spi/ios/UIKitSPI.h:

Add some SPI.

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setHasCustomContentView:loadedMIMEType:]):
Drive-by fix two small custom content view issues:

Reset _scrollViewBackgroundColor; it is used to early-return from

updating the background color if it hasn't changed, but if you go from a
site with (for example) a white background, to a PDF, to another site
with a white background, we will early-return and not reset the background
color from the grey WKPDFView background.

When installing a custom content view, scroll to the origin. We miss

the usual mechanism for scrolling to the origin when custom content views
are installed, so do it here.

(-[WKWebView _effectiveObscuredInsetEdgesAffectedBySafeArea]):
Ignore _obscuredInsetEdgesAffectedBySafeArea for custom content views.
This is fairly arbitrary, and we should find a different way to
express different edge sets for different kinds of content (perhaps
bake this into default viewports?), but for now this works.

(-[WKWebView _computedContentInset]):
Use _effectiveObscuredInsetEdgesAffectedBySafeArea instead of the ivar directly.

(-[WKWebView _safeAreaShouldAffectObscuredInsets]):
Force safe areas to not affect obscured insets for custom content views,
so that it's up to every custom content view to take safe areas into
account themselves.

UIProcess/API/Cocoa/WKWebViewInternal.h:

Expose _computedUnobscuredSafeAreaInset for WKPDFView's use.

UIProcess/ios/WKPDFView.mm:

(-[WKPDFView web_setMinimumSize:]):
Avoid rebuilding the WKPDFView if the minimum size didn't change.

(-[WKPDFView _offsetForPageNumberIndicator]):
Take unobscured safe area insets into account when insetting
the page number indicator.

(-[WKPDFView web_computedContentInsetDidChange]):
Watch for unobscured safe area inset changes, and apply them to the
layout of the WKPDFView.

(-[WKPDFView _computePageAndDocumentFrames]):
Make it possible to only update the WKPDFView's size and position, without
rebuilding its subviews, if the width did not change. This prevents lots
of flashing of the child UIPDFPageViews when the unobscured safe area
insets change dynamically.

Take the safe area insets into account when determining what width
to lay out to.

(-[WKPDFView _updateDocumentFrame]):
Take the safe area insets into account when positioning the WKPDFView
inside the WKScrollView.

10:46 AM Changeset in webkit [220137] by Chris Dumez

2 edits in trunk/LayoutTests

Unreviewed, temporarily skip some HTTPS tests that time out on the bots.

TestExpectations:

10:45 AM Changeset in webkit [220136] by wilander@apple.com

2 edits in trunk/Source/WebKit

ResourceLoadStatisticsClassifierCocoa::singletonPredictionModel() should check the return value of storagePath()
https://bugs.webkit.org/show_bug.cgi?id=175055
<rdar://problem/32671352>

Reviewed by David Kilzer.

Platform/classifier/cocoa/ResourceLoadStatisticsClassifierCocoa.cpp:

(WebKit::ResourceLoadStatisticsClassifierCocoa::singletonPredictionModel):

Now uses dispatch_once() instead of NeverDestroyed and checks the
return value of storagePath() before using it to load the model.

10:38 AM Changeset in webkit [220135] by BJ Burg

9 edits in trunk/Source

HTML file input elements do not support file extensions in the "accept" attribute
https://bugs.webkit.org/show_bug.cgi?id=95698
<rdar://problem/12231850>

Reviewed by Darin Adler.

Source/WebCore:

Serialize the accepted file extensions so they can be accessed in the UI process.

platform/FileChooser.h:
platform/FileChooser.cpp:

(WebCore::FileChooser::invalidate): Modernize.
(WebCore::FileChooserSettings::acceptTypes const): Deleted.
This is dead code, it was only used by Chromium.

Source/WebKit:

Plumb accepted file extensions out to the C API.
The Cocoa API will be improved in a later patch.

Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<FileChooserSettings>::encode):
(IPC::ArgumentCoder<FileChooserSettings>::decode):

UIProcess/API/APIOpenPanelParameters.cpp:

(API::OpenPanelParameters::acceptFileExtensions const):

UIProcess/API/APIOpenPanelParameters.h:
UIProcess/API/C/WKOpenPanelParametersRef.cpp:

(WKOpenPanelParametersCopyAcceptedFileExtensions):

UIProcess/API/C/WKOpenPanelParametersRef.h:

10:37 AM Changeset in webkit [220134] by Matt Lewis

1 edit
8 moves
8 adds in trunk/LayoutTests

Added new expectations folders and moved expectations to correct folders.
https://bugs.webkit.org/show_bug.cgi?id=175061

Unreviewed gardening.

platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any-expected.txt.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any.worker-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any.worker-expected.txt.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any-expected.txt.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any.worker-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any.worker-expected.txt.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any-expected.txt.
platform/mac-elcapitan-wk2/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any.worker-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any.worker-expected.txt.

10:28 AM Changeset in webkit [220133] by matthew_hanson@apple.com

13 edits in branches/safari-604-branch

Cherry-pick r219602. rdar://problem/33537767

10:03 AM Changeset in webkit [220132] by commit-queue@webkit.org

5 edits in trunk/LayoutTests

Remove obsolete expectations for syntax-021.xml.
https://bugs.webkit.org/show_bug.cgi?id=86142

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-02
Reviewed by Sam Weinig.

It may have started passing in r209396.

platform/gtk/TestExpectations:
platform/ios-simulator/TestExpectations:
platform/mac/TestExpectations:
platform/win/TestExpectations:

9:46 AM Changeset in webkit [220131] by commit-queue@webkit.org

7 edits in trunk/Source

Use LazyNeverDestroyed instead of DEFINE_GLOBAL for QualifiedName
https://bugs.webkit.org/show_bug.cgi?id=175010
<rdar://problem/33647818>

Patch by Fujii Hironori <Fujii Hironori> on 2017-08-02
Reviewed by Alex Christensen.

Source/WebCore:

No new tests because no behavior change.

Stop using DEFINE_GLOBAL hack in favor of LazyNeverDestroyed.

contentextensions/ContentExtensionParser.cpp:

(WebCore::ContentExtensions::isValidCSSSelector):
Call QualifiedName::init().

dom/DOMAllInOne.cpp: Remove the warning. Include QualifiedName.cpp.
dom/QualifiedName.cpp:

(WebCore::QualifiedName::init): Call LazyNeverDestroyed::construct
instead of placement new.

dom/QualifiedName.h: Use LazyNeverDestroyed.

Source/WebKit:

UIProcess/API/APIContentRuleListStore.cpp:

(API::ContentRuleListStore::compileContentRuleList):
Call QualifiedName::init().

8:36 AM Changeset in webkit [220130] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Remove overridden lines from win's TestExpectations.
https://bugs.webkit.org/show_bug.cgi?id=175068

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-02
Reviewed by Darin Adler.

These lines cause lint errors and block any patch that touches the file from
landing.

platform/win/TestExpectations:

7:07 AM Changeset in webkit [220129] by matthew_hanson@apple.com

2 edits in branches/safari-604-branch/Source/WebKitLegacy

Cherry-pick r220128. rdar://problem/33537767

6:53 AM Changeset in webkit [220128] by matthew_hanson@apple.com

2 edits in trunk/Source/WebKitLegacy

Build-fix for Windows in Visual Studio after directory rename.

Reviewed by Per Arne Vollan.

WebKitLegacy.vcxproj/WebKitLegacy.proj:

We still build WebKit.dll, not WebKitLegacy.dll.

6:25 AM Changeset in webkit [220127] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

[GTK] Layout test editing/pasteboard/copy-standalone-image.html failing
https://bugs.webkit.org/show_bug.cgi?id=163184

Unreviewed test gardening.

Remove obsolete failure expectation for copy-standalone-image.html.

The bug was fixed in r212428. (The test was also broken by both landings for
bug 170956, until r216174 fixed it again.)

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-02

platform/gtk/TestExpectations:

1:45 AM Changeset in webkit [220126] by Michael Catanzaro

2 edits in trunk/Tools

[CMake] Remove obsolete code in TestWebKitAPI/CMakeLists.txt
https://bugs.webkit.org/show_bug.cgi?id=175019

Reviewed by Darin Adler.

TestWebKitAPI/CMakeLists.txt:

Aug 1, 2017:

11:45 PM Changeset in webkit [220125] by Csaba Osztrogonác

2 edits in trunk/Tools

Enabling uploading archives to S3
https://bugs.webkit.org/show_bug.cgi?id=174198

Unreviewed unit test fix after r219235.

BuildSlaveSupport/build.webkit.org-config/mastercfg_unittest.py:

11:40 PM Changeset in webkit [220124] by commit-queue@webkit.org

4 edits in trunk/Source/WebCore

CFString leak dragging an image - allocation under PlatformPasteboard::writeObjectRepresentations
https://bugs.webkit.org/show_bug.cgi?id=175064

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-08-01
Reviewed by Tim Horton.

platform/ios/PlatformPasteboardIOS.mm:

(WebCore::PlatformPasteboard::writeObjectRepresentations):
Adopt a created string into the RetainPtr.

platform/ios/WebItemProviderPasteboard.h:
platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderRegistrationInfoList dealloc]):
Release suggestedName and switch from -strong to -copy.

11:36 PM Changeset in webkit [220123] by Csaba Osztrogonác

2 edits in trunk/Tools

Fix JSCOnly ARM buildbots after r220047
https://bugs.webkit.org/show_bug.cgi?id=174993

Unreviewed fix after r220087.

BuildSlaveSupport/build.webkit.org-config/master.cfg:

(BuildAndRemoteJSCTestsFactory.init):

9:47 PM Changeset in webkit [220122] by Chris Dumez

2 edits in trunk/Source/WebCore

Unreviewed, update Beacon API status to "In Development".

features.json:

9:44 PM Changeset in webkit [220121] by Chris Dumez

41 edits
58 adds in trunk

Add initial support for navigator.sendBeacon
https://bugs.webkit.org/show_bug.cgi?id=175007
<rdar://problem/33547728>

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Import more beacon web-platform-tests and rebaseline the one we had
already imported now that navigator.sendBeacon is exposed.

resources/import-expectations.json:
resources/resource-files.json:
web-platform-tests/beacon/beacon-basic-blob-expected.txt: Added.
web-platform-tests/beacon/beacon-basic-blob.html: Added.
web-platform-tests/beacon/beacon-basic-blobMax-expected.txt: Added.
web-platform-tests/beacon/beacon-basic-blobMax.html: Added.
web-platform-tests/beacon/beacon-basic-buffersource-expected.txt: Added.
web-platform-tests/beacon/beacon-basic-buffersource.html: Added.
web-platform-tests/beacon/beacon-basic-buffersourceMax-expected.txt: Added.
web-platform-tests/beacon/beacon-basic-buffersourceMax.html: Added.
web-platform-tests/beacon/beacon-basic-formdata-expected.txt: Added.
web-platform-tests/beacon/beacon-basic-formdata.html: Added.
web-platform-tests/beacon/beacon-basic-formdataMax-expected.txt: Added.
web-platform-tests/beacon/beacon-basic-formdataMax.html: Added.
web-platform-tests/beacon/beacon-basic-string-expected.txt: Added.
web-platform-tests/beacon/beacon-basic-string.html: Added.
web-platform-tests/beacon/beacon-basic-stringMax-expected.txt: Added.
web-platform-tests/beacon/beacon-basic-stringMax.html: Added.
web-platform-tests/beacon/beacon-common.js: Added.

(allTests.forEach):
(CreateArrayBufferFromPayload):
(CreateEmptyFormDataPayload):
(CreateFormDataFromPayload):
(initSession.return.add):
(initSession):
(runTests.):
(runTests):
(continueAfterSendingBeacon):
(waitForResults.):
(waitForResults):
(runSendInIframeAndNavigateTests.self.buildId):
(runSendInIframeAndNavigateTests.window.onmessage):
(runSendInIframeAndNavigateTests.self.sendFunc):
(runSendInIframeAndNavigateTests.iframe.onload):

web-platform-tests/beacon/beacon-cors.window.js: Added.

(false.forEach.self.buildId):
(false.forEach.self.buildBaseUrl):
(false.forEach.self.buildTargetUrl):
(false.forEach):

web-platform-tests/beacon/beacon-error.window.js: Added.

(test):

web-platform-tests/beacon/beacon-redirect.window.js: Added.

(308.forEach.self.buildId):
(308.forEach.self.buildTargetUrl):
(308.forEach):

web-platform-tests/beacon/fetch-keepalive-navigate.iFrame.html: Added.
web-platform-tests/beacon/headers/header-content-type-expected.txt:
web-platform-tests/beacon/headers/header-referrer-no-referrer-expected.txt:
web-platform-tests/beacon/headers/header-referrer-no-referrer-when-downgrade.https-expected.txt:
web-platform-tests/beacon/headers/header-referrer-origin-expected.txt:
web-platform-tests/beacon/headers/header-referrer-origin-when-cross-origin-expected.txt:
web-platform-tests/beacon/headers/header-referrer-same-origin-expected.txt:
web-platform-tests/beacon/headers/header-referrer-strict-origin-when-cross-origin.https-expected.txt:
web-platform-tests/beacon/headers/header-referrer-strict-origin.https-expected.txt:
web-platform-tests/beacon/headers/header-referrer-unsafe-url.https-expected.txt:
web-platform-tests/beacon/resources/beacon.py: Added.

(build_stash_key):
(main):
(main.wrap_key):

web-platform-tests/beacon/resources/w3c-import.log:
web-platform-tests/beacon/w3c-import.log: Added.
web-platform-tests/url/failure-expected.txt:

Source/WebCore:

Add initial support for navigator.sendBeacon behind an experimental
feature runtime flag. The specification is available at:

https://w3c.github.io/beacon/

The current implementation supports sending beacons with all types of
payloads except for ReadableStream. Some functionality is incomplete
and will be taken care of in follow-up patches:

Support for CORS preflight for the cases where it is required. We currently return false and do not send the beacon in such cases.
Better support for redirects.
Use a more power-friendly network priority for beacon requests.

Tests: http/tests/blink/sendbeacon/*

http/tests/security/mixedContent/beacon/insecure-beacon-in-iframe.html
http/wpt/beacon/*
imported/blink/fast/beacon/*
imported/w3c/web-platform-tests/beacon/*

CMakeLists.txt:
DerivedSources.make:
Modules/beacon/NavigatorBeacon.cpp: Added.

(WebCore::NavigatorBeacon::sendBeacon):

Modules/beacon/NavigatorBeacon.h: Added.
Modules/beacon/NavigatorBeacon.idl: Added.
WebCore.xcodeproj/project.pbxproj:
loader/PingLoader.cpp:

(WebCore::PingLoader::sendBeacon):

loader/PingLoader.h:

Source/WebKit:

Add experimental feature flag for the Beacon API, disabled by default.

Shared/WebPreferencesDefinitions.h:
WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::overrideBoolPreferenceForTestRunner):

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

Source/WebKitLegacy/mac:

Add setting to toggle support for the Beacon API (it is disabled by default).

WebView/WebPreferenceKeysPrivate.h:
WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences beaconAPIEnabled]):
(-[WebPreferences setBeaconAPIEnabled:]):

WebView/WebPreferencesPrivate.h:
WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Tools:

Enable the Beacon API at runtime in the context of layout tests since the
feature is currently disabled by default.

DumpRenderTree/mac/DumpRenderTree.mm:

(enableExperimentalFeatures):

WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::beginTesting):

WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setModernMediaControlsEnabled):
(WTR::TestRunner::setBeaconAPIEnabled):

WebKitTestRunner/InjectedBundle/TestRunner.h:

LayoutTests:

fast/dom/navigator-detached-no-crash-expected.txt:

Rebaseline test now that sendBeacon is exposed on navigator.

http/tests/blink/sendbeacon/beacon-cookie-expected.txt: Added.
http/tests/blink/sendbeacon/beacon-cookie.html: Added.
http/tests/blink/sendbeacon/beacon-cross-origin-expected.txt: Added.
http/tests/blink/sendbeacon/beacon-cross-origin-redirect-blob-expected.txt: Added.
http/tests/blink/sendbeacon/beacon-cross-origin-redirect-blob.html: Added.
http/tests/blink/sendbeacon/beacon-cross-origin-redirect-expected.txt: Added.
http/tests/blink/sendbeacon/beacon-cross-origin-redirect.html: Added.
http/tests/blink/sendbeacon/beacon-cross-origin.html: Added.
http/tests/blink/sendbeacon/beacon-cross-origin.https-expected.txt: Added.
http/tests/blink/sendbeacon/beacon-cross-origin.https.html: Added.
http/tests/blink/sendbeacon/beacon-detached-no-crash-expected.txt: Added.
http/tests/blink/sendbeacon/beacon-detached-no-crash.html: Added.
http/tests/blink/sendbeacon/beacon-same-origin-expected.txt: Added.
http/tests/blink/sendbeacon/beacon-same-origin.html: Added.
http/tests/blink/sendbeacon/connect-src-beacon-allowed-expected.txt: Added.
http/tests/blink/sendbeacon/connect-src-beacon-allowed.html: Added.
http/tests/blink/sendbeacon/resources/check-beacon.php: Added.
http/tests/blink/sendbeacon/resources/save-beacon.php: Added.

Import more beacon test coverage from Blink.

http/wpt/beacon/connect-src-beacon-blocked.sub-expected.txt: Added.
http/wpt/beacon/connect-src-beacon-blocked.sub.html: Added.

Improve test coverage for sendBeacon and CSP.

http/wpt/beacon/headers/header-content-type-same-origin-expected.txt: Added.
http/wpt/beacon/headers/header-content-type-same-origin.html: Added.

Improve test coverage for sendBeacon with various types of payload. The test is done
using same origin as we do not currently support sending some of those payloads cross
origin yet.

imported/blink/fast/beacon/beacon-basic-expected.txt: Added.
imported/blink/fast/beacon/beacon-basic.html: Added.

Import basic Beacon test coverage from Blink.

resources/window-postmessage-open-close.html: Added.
tests-options.json:

8:22 PM Changeset in webkit [220120] by aakash_jain@apple.com

6 edits in trunk/Tools

Update Bot Watcher's Dashboard for Buildbot 0.9
https://bugs.webkit.org/show_bug.cgi?id=174777

Reviewed by Daniel Bates.

BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/Buildbot.js:

(Buildbot): Check if USE_BUILDBOT_VERSION_LESS_THAN_09 is passed.
(Buildbot.prototype._computeBuilderNameToIDMap): Fetch the builder name to ID mapping from buidbot and store
in a dictionary.
(Buildbot.prototype.buildPageURLForIteration): Updated URL as per Buildbot 0.9 format. Buildbot 0.9 currently does not support
builder name in the build url. See <https://github.com/buildbot/buildbot/issues/3465>.

BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotIteration.js:

(isMultiCodebaseGotRevisionProperty): Adapting to new data format.
(parseRevisionProperty): Ditto.
(BuildbotIteration.prototype.failureLogURL): Return the URL to build page if precise failure url is not available. For
Buildbot 0.9, build page URL would be appropriate in most cases as per the new UI.
(BuildbotIteration.prototype._parseData): Parsing the data as per new data format. Many variable names and data types
have changed in Buildbot 0.9.
(BuildbotIteration.prototype._adjustBuildDataForBuildbot09): Adjust the Buildbot 0.8 data to new format.
(BuildbotIteration.prototype._updateIfDataAvailable): Update method for Buildbot 0.9 data. We are performing two API calls,
one for build information, another for step information of that build. We need to wait until data from both REST API calls are available.
(BuildbotIteration.prototype._deprecatedUpdateWithData): Renamed from _updateWithData, used for Buildbot 0.8 data.
(BuildbotIteration.prototype.get buildURL): URL to fetch build information from Buildbot. Also fetches got_revision property.
(BuildbotIteration.prototype.get buildStepsURL): URL to fetch the steps information from Buildbot.
(BuildbotIteration.prototype.urlFailedToLoad): Callback method to be used when URL fails to load. Made it a separate function now.
(BuildbotIteration.prototype.update): Modified to support both Buildbot 0.9 and 0.8 data format.
(BuildbotIteration.prototype.actualUpdate): Update method for Buildbot 0.9 data.
(BuildbotIteration.prototype.deprecatedUpdate): Update method for Buildbot 0.8 data.

BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotQueue.js:

(BuildbotQueue.prototype.get baseURL): Updated URL as per Buildbot 0.9 format.
(BuildbotQueue.prototype.get allIterationsURL): Ditto.
(BuildbotQueue.prototype.get overviewURL): Ditto.
(BuildbotQueue.prototype.get buildsURL): URL to fetch builds data in Buildbot 0.9.
(BuildbotQueue.prototype.get buildsInfoURL): Returns the appropriate URL to use to fetch builds information from
Buildbot 0.8 or 0.9.
(BuildbotQueue.prototype.getBuilds): Method compatible with both Buildbot 0.8 and 0.9 to get build information from data
fetched from Buildbot. Also, reversing the Buildbot 0.8 data to make it similar to 0.9 data format.
(BuildbotQueue.prototype.isBuildComplete): Method compatible with both Buildbot 0.8 and 0.9 to check if the build has completed.
(BuildbotQueue.prototype.getIterationID): Method compatible with both Buildbot 0.8 and 0.9 to get the Iteration ID.
(BuildbotQueue.prototype.update): Supports both Buildbot 0.8 and 0.9. Buildbot 0.9 REST API doesn't have cachedBuilds and currentBuilds.
Therefore we are fetching information for fixed number of build.
Also iterating the loop incrementally since the build data is already reverse sorted.

BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotTestResults.js:

(BuildbotTestResults.prototype._parseResults): Updated as per Buildbot 0.9 format. Note that we do not
need to worry about 0.8 or 0.9 data format here, since the data is already converted to 0.9 format.

BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/WebKitBuildbot.js:

(WebKitBuildbot): Pass the USE_BUILDBOT_VERSION_LESS_THAN_09 flag.

8:09 PM Changeset in webkit [220119] by Devin Rousso

776 edits in trunk

Web Inspector: simplify WebInspector with WI
https://bugs.webkit.org/show_bug.cgi?id=175058

Reviewed by Joseph Pecoraro.

Source/WebInspectorUI:

.eslintrc:

Tools/PrettyPrinting/FormatterDebug.js:
Tools/PrettyPrinting/index.html:

UserInterface/Main.html:
UserInterface/Test.html:

UserInterface/Base/*.js:
UserInterface/Controllers/*.js:
UserInterface/Debug/*.js:
UserInterface/Models/*.js:
UserInterface/Protocol/*.js:
UserInterface/Proxies/*.js:
UserInterface/Test/*.js:
UserInterface/Views/*.js:

Tools:

Scripts/check-inspector-strings:

(extract_ui_strings):

Scripts/extract-localizable-js-strings:

LayoutTests:

http/tests/inspector//*.html:
http/tests/websocket/tests/hybi/inspector//*.html:
inspector//*.html:

6:50 PM Changeset in webkit [220118] by fpizlo@apple.com

84 edits
14 adds in trunk

Bmalloc and GC should put auxiliaries (butterflies, typed array backing stores) in a gigacage (separate multi-GB VM region)
https://bugs.webkit.org/show_bug.cgi?id=174727

Reviewed by Mark Lam.
Source/bmalloc:

This adds a mechanism for managing multiple isolated heaps in bmalloc. For now, these isoheaps
(isolated heaps) have a very simple relationship with each other and with the rest of bmalloc:

You have to choose how many isoheaps you will have statically. See numHeaps in HeapKind.h.

Because numHeaps is static, each isoheap gets fast thread-local allocation. Basically, we have a Cache for each heap kind.

Each isoheap gets its own Heap.

Each Heap gets a scavenger thread.

Some things, like Zone/VMHeap/Scavenger, are per-process.

Most of the per-HeapKind functionality is handled by PerHeapKind<>.

This approach is ideal for supporting special per-HeapKind behaviors. For now we have two heaps:
the Primary heap for normal malloc and the Gigacage. The gigacage is a 64GB-aligned 64GB virtual
region that we now use for variable-length random-access allocations. No Primary allocations will
go into the Gigacage.

CMakeLists.txt:
bmalloc.xcodeproj/project.pbxproj:
bmalloc/AllocationKind.h: Added.
bmalloc/Allocator.cpp:

(bmalloc::Allocator::Allocator):
(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocate):
(bmalloc::Allocator::refillAllocatorSlowCase):
(bmalloc::Allocator::allocateLarge):

bmalloc/Allocator.h:
bmalloc/BExport.h: Added.
bmalloc/Cache.cpp:

(bmalloc::Cache::scavenge):
(bmalloc::Cache::Cache):
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):
(bmalloc::Cache::operator new): Deleted.
(bmalloc::Cache::operator delete): Deleted.

bmalloc/Cache.h:

(bmalloc::Cache::tryAllocate):
(bmalloc::Cache::allocate):
(bmalloc::Cache::deallocate):
(bmalloc::Cache::reallocate):

bmalloc/Deallocator.cpp:

(bmalloc::Deallocator::Deallocator):
(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::processObjectLog):
(bmalloc::Deallocator::deallocateSlowCase):

bmalloc/Deallocator.h:
bmalloc/Gigacage.cpp: Added.

(Gigacage::Callback::Callback):
(Gigacage::Callback::function):
(Gigacage::Callbacks::Callbacks):
(Gigacage::ensureGigacage):
(Gigacage::disableGigacage):
(Gigacage::addDisableCallback):
(Gigacage::removeDisableCallback):

bmalloc/Gigacage.h: Added.

(Gigacage::caged):
(Gigacage::isCaged):

bmalloc/Heap.cpp:

(bmalloc::Heap::Heap):
(bmalloc::Heap::usingGigacage):
(bmalloc::Heap::concurrentScavenge):
(bmalloc::Heap::splitAndAllocate):
(bmalloc::Heap::tryAllocateLarge):
(bmalloc::Heap::allocateLarge):
(bmalloc::Heap::shrinkLarge):
(bmalloc::Heap::deallocateLarge):

bmalloc/Heap.h:

(bmalloc::Heap::mutex):
(bmalloc::Heap::kind const):
(bmalloc::Heap::setScavengerThreadQOSClass): Deleted.

bmalloc/HeapKind.h: Added.
bmalloc/ObjectType.cpp:

(bmalloc::objectType):

bmalloc/ObjectType.h:
bmalloc/PerHeapKind.h: Added.

(bmalloc::PerHeapKindBase::PerHeapKindBase):
(bmalloc::PerHeapKindBase::size):
(bmalloc::PerHeapKindBase::at):
(bmalloc::PerHeapKindBase::at const):
(bmalloc::PerHeapKindBase::operator[]):
(bmalloc::PerHeapKindBase::operator[] const):
(bmalloc::StaticPerHeapKind::StaticPerHeapKind):
(bmalloc::PerHeapKind::PerHeapKind):
(bmalloc::PerHeapKind::~PerHeapKind):

bmalloc/PerThread.h:

(bmalloc::PerThread<T>::destructor):
(bmalloc::PerThread<T>::getSlowCase):
(bmalloc::PerThreadStorage<Cache>::get): Deleted.
(bmalloc::PerThreadStorage<Cache>::init): Deleted.

bmalloc/Scavenger.cpp: Added.

(bmalloc::Scavenger::Scavenger):
(bmalloc::Scavenger::scavenge):

bmalloc/Scavenger.h: Added.

(bmalloc::Scavenger::setScavengerThreadQOSClass):
(bmalloc::Scavenger::requestedScavengerThreadQOSClass const):

bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::VMHeap):
(bmalloc::VMHeap::tryAllocateLargeChunk):

bmalloc/VMHeap.h:
bmalloc/Zone.cpp:

(bmalloc::Zone::Zone):

bmalloc/Zone.h:
bmalloc/bmalloc.h:

(bmalloc::api::tryMalloc):
(bmalloc::api::malloc):
(bmalloc::api::tryMemalign):
(bmalloc::api::memalign):
(bmalloc::api::realloc):
(bmalloc::api::tryLargeMemalignVirtual):
(bmalloc::api::free):
(bmalloc::api::freeLargeVirtual):
(bmalloc::api::scavengeThisThread):
(bmalloc::api::scavenge):
(bmalloc::api::isEnabled):
(bmalloc::api::setScavengerThreadQOSClass):

bmalloc/mbmalloc.cpp:

Source/JavaScriptCore:

This adopts the Gigacage for the GigacageSubspace, which we use for Auxiliary allocations. Also, in
one place in the code - the FTL codegen for butterfly and typed array access - we "cage" the accesses
themselves. Basically, we do masking to ensure that the pointer points into the gigacage.

This is neutral on JetStream.

CMakeLists.txt:
JavaScriptCore.xcodeproj/project.pbxproj:
b3/B3InsertionSet.cpp:

(JSC::B3::InsertionSet::execute):

dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGArgumentsEliminationPhase.cpp:
dfg/DFGClobberize.cpp:

(JSC::DFG::readsOverlap):

dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

dfg/DFGFixedButterflyAccessUncagingPhase.cpp: Added.

(JSC::DFG::performFixedButterflyAccessUncaging):

dfg/DFGFixedButterflyAccessUncagingPhase.h: Added.
dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

dfg/DFGHeapLocation.cpp:

(WTF::printInternal):

dfg/DFGHeapLocation.h:
dfg/DFGNodeType.h:
dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

dfg/DFGPredictionPropagationPhase.cpp:
dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetButterfly):

dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):

ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileGetButterfly):
(JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharAt):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharCodeAt):
(JSC::FTL::DFG::LowerDFGToB3::compileGetMapBucket):
(JSC::FTL::DFG::LowerDFGToB3::compileGetDirectPname):
(JSC::FTL::DFG::LowerDFGToB3::compileToLowerCase):
(JSC::FTL::DFG::LowerDFGToB3::caged):

heap/GigacageSubspace.cpp: Added.

(JSC::GigacageSubspace::GigacageSubspace):
(JSC::GigacageSubspace::~GigacageSubspace):
(JSC::GigacageSubspace::tryAllocateAlignedMemory):
(JSC::GigacageSubspace::freeAlignedMemory):
(JSC::GigacageSubspace::canTradeBlocksWith):

heap/GigacageSubspace.h: Added.
heap/Heap.cpp:

(JSC::Heap::Heap):
(JSC::Heap::lastChanceToFinalize):
(JSC::Heap::finalize):
(JSC::Heap::sweepInFinalize):
(JSC::Heap::updateAllocationLimits):
(JSC::Heap::shouldDoFullCollection):
(JSC::Heap::collectIfNecessaryOrDefer):
(JSC::Heap::reportWebAssemblyFastMemoriesAllocated): Deleted.
(JSC::Heap::webAssemblyFastMemoriesThisCycleAtThreshold const): Deleted.
(JSC::Heap::sweepLargeAllocations): Deleted.
(JSC::Heap::didAllocateWebAssemblyFastMemories): Deleted.

heap/Heap.h:
heap/LargeAllocation.cpp:

(JSC::LargeAllocation::tryCreate):
(JSC::LargeAllocation::destroy):

heap/MarkedAllocator.cpp:

(JSC::MarkedAllocator::tryAllocateWithoutCollecting):
(JSC::MarkedAllocator::tryAllocateBlock):

heap/MarkedBlock.cpp:

(JSC::MarkedBlock::tryCreate):
(JSC::MarkedBlock::Handle::Handle):
(JSC::MarkedBlock::Handle::~Handle):
(JSC::MarkedBlock::Handle::didAddToAllocator):
(JSC::MarkedBlock::Handle::subspace const): Deleted.

heap/MarkedBlock.h:

(JSC::MarkedBlock::Handle::subspace const):

heap/MarkedSpace.cpp:

(JSC::MarkedSpace::~MarkedSpace):
(JSC::MarkedSpace::freeMemory):
(JSC::MarkedSpace::prepareForAllocation):
(JSC::MarkedSpace::addMarkedAllocator):
(JSC::MarkedSpace::findEmptyBlockToSteal): Deleted.

heap/MarkedSpace.h:

(JSC::MarkedSpace::firstAllocator const):
(JSC::MarkedSpace::allocatorForEmptyAllocation const): Deleted.

heap/Subspace.cpp:

(JSC::Subspace::Subspace):
(JSC::Subspace::canTradeBlocksWith):
(JSC::Subspace::tryAllocateAlignedMemory):
(JSC::Subspace::freeAlignedMemory):
(JSC::Subspace::prepareForAllocation):
(JSC::Subspace::findEmptyBlockToSteal):

heap/Subspace.h:

(JSC::Subspace::didCreateFirstAllocator):

heap/SubspaceInlines.h:

(JSC::Subspace::forEachAllocator):
(JSC::Subspace::forEachMarkedBlock):
(JSC::Subspace::forEachNotEmptyMarkedBlock):

jit/JITPropertyAccess.cpp:

(JSC::JIT::emitDoubleLoad):
(JSC::JIT::emitContiguousLoad):
(JSC::JIT::emitArrayStorageLoad):
(JSC::JIT::emitGenericContiguousPutByVal):
(JSC::JIT::emitArrayStoragePutByVal):
(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emit_op_put_to_scope):
(JSC::JIT::emitIntTypedArrayGetByVal):
(JSC::JIT::emitFloatTypedArrayGetByVal):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

jsc.cpp:

(fillBufferWithContentsOfFile):
(functionReadFile):
(gigacageDisabled):
(jscmain):

llint/LowLevelInterpreter64.asm:
runtime/ArrayBuffer.cpp:

(JSC::ArrayBufferContents::tryAllocate):
(JSC::ArrayBuffer::createAdopted):
(JSC::ArrayBuffer::createFromBytes):
(JSC::ArrayBuffer::tryCreate):

runtime/IndexingHeader.h:
runtime/InitializeThreading.cpp:

(JSC::initializeThreading):

runtime/JSArrayBuffer.cpp:
runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::ConstructionContext::ConstructionContext):
(JSC::JSArrayBufferView::finalize):

runtime/JSLock.cpp:

(JSC::JSLock::didAcquireLock):

runtime/JSObject.h:
runtime/Options.cpp:

(JSC::recomputeDependentOptions):

runtime/Options.h:
runtime/ScopedArgumentsTable.h:
runtime/VM.cpp:

(JSC::VM::VM):
(JSC::VM::~VM):
(JSC::VM::gigacageDisabledCallback):
(JSC::VM::gigacageDisabled):

runtime/VM.h:

(JSC::VM::fireGigacageEnabledIfNecessary):
(JSC::VM::gigacageEnabled):

wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::emitCheckAndPreparePointer):

wasm/WasmCodeBlock.cpp:

(JSC::Wasm::CodeBlock::isSafeToRun):

wasm/WasmMemory.cpp:

(JSC::Wasm::makeString):
(JSC::Wasm::Memory::create):
(JSC::Wasm::Memory::~Memory):
(JSC::Wasm::Memory::addressIsInActiveFastMemory):
(JSC::Wasm::Memory::grow):
(JSC::Wasm::Memory::initializePreallocations): Deleted.
(JSC::Wasm::Memory::maxFastMemoryCount): Deleted.

wasm/WasmMemory.h:
wasm/js/JSWebAssemblyInstance.cpp:

(JSC::JSWebAssemblyInstance::create):

wasm/js/JSWebAssemblyMemory.cpp:

(JSC::JSWebAssemblyMemory::grow):
(JSC::JSWebAssemblyMemory::finishCreation):

wasm/js/JSWebAssemblyMemory.h:

(JSC::JSWebAssemblyMemory::subspaceFor):

Source/WebCore:

No new tests because no change in behavior.

Needed to teach Metal how to allocate in the Gigacage.

platform/graphics/cocoa/GPUBufferMetal.mm:

(WebCore::GPUBuffer::GPUBuffer):
(WebCore::GPUBuffer::contents):

Source/WebKit:

The WebProcess should never disable the Gigacage by allocating typed arrays outside the Gigacage. So,
we add a callback that crashes the process.

WebProcess/WebProcess.cpp:

(WebKit::gigacageDisabled):
(WebKit::m_webSQLiteDatabaseTracker):

Source/WTF:

For the Gigacage project to have minimal impact, we need to have some abstraction that allows code to
avoid having to guard itself with #if's. This adds a Gigacage abstraction that overlays the Gigacage
namespace from bmalloc, which always lets you call things like Gigacage::caged and Gigacage::tryMalloc.

Because of how many places need to possibly allocate in a gigacage, or possibly perform caged accesses,
it's better to hide the question of whether or not it's enabled inside this API.

WTF.xcodeproj/project.pbxproj:
wtf/CMakeLists.txt:
wtf/FastMalloc.cpp:
wtf/Gigacage.cpp: Added.

(Gigacage::tryMalloc):
(Gigacage::tryAllocateVirtualPages):
(Gigacage::freeVirtualPages):
(Gigacage::tryAlignedMalloc):
(Gigacage::alignedFree):
(Gigacage::free):

wtf/Gigacage.h: Added.

(Gigacage::ensureGigacage):
(Gigacage::disableGigacage):
(Gigacage::addDisableCallback):
(Gigacage::removeDisableCallback):
(Gigacage::caged):
(Gigacage::isCaged):
(Gigacage::tryAlignedMalloc):
(Gigacage::alignedFree):
(Gigacage::free):

6:08 PM Changeset in webkit [220117] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[WinCairo] Implement Font::platformBoundsForGlyph
https://bugs.webkit.org/show_bug.cgi?id=174813

Patch by Fujii Hironori <Fujii Hironori> on 2017-08-01
Reviewed by Alex Christensen.

Test: fast/text/emphasis.html

platform/graphics/win/SimpleFontDataCairoWin.cpp:

(WebCore::Font::platformBoundsForGlyph): Implemented by copying
the code from Font::boundsForGDIGlyph().

5:36 PM Changeset in webkit [220116] by Matt Lewis

1 edit
12 adds in trunk/LayoutTests

Added expectations files for El Capitan.
https://bugs.webkit.org/show_bug.cgi?id=175061

Unreviewed test gardening.

platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Added.
platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Added.
platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any-expected.txt: Added.
platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-basic.any.worker-expected.txt: Added.
platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any-expected.txt: Added.
platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-no-preflight.any.worker-expected.txt: Added.
platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any-expected.txt: Added.
platform/mac-elcapitan/imported/w3c/web-platform-tests/fetch/api/cors/cors-origin.any.worker-expected.txt: Added.

4:31 PM Changeset in webkit [220115] by BJ Burg

5 edits in trunk/Source/WebKit

Web Automation: add event to notify service when a page's main frame window object has cleared
https://bugs.webkit.org/show_bug.cgi?id=174987
<rdar://problem/36602634>

Reviewed by Carlos Garcia Campos.

UIProcess/Automation/Automation.json: Add new event.

UIProcess/Automation/WebAutomationSession.h:
UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::navigationOccurredForFrame):
(WebKit::WebAutomationSession::willClosePage):
When a WebPage navigates or closes, send the browsingContextCleared event.
Any element handles for elements in the browsing context are no longer valid.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::close):
Add a new hook into the active automation session so it is notified when a page closes.

4:00 PM Changeset in webkit [220114] by Devin Rousso

31 edits
5 copies
2 moves
8 adds in trunk

Web Inspector: create Recording tab for displaying recordings
https://bugs.webkit.org/show_bug.cgi?id=174484

Reviewed by Joseph Pecoraro.

Source/WebInspectorUI:

Localizations/en.lproj/localizedStrings.js:
UserInterface/Main.html:
UserInterface/Test.html:

UserInterface/Controllers/CanvasManager.js:

(WebInspector.CanvasManager.prototype.recordingFinished):

UserInterface/Models/Canvas.js:

(WebInspector.Canvas.prototype.toggleRecording):

UserInterface/Models/Recording.js:

(WebInspector.Recording):
(WebInspector.Recording.synthesizeError):
(WebInspector.Recording.prototype.get actions):
(WebInspector.Recording.prototype.get source):
(WebInspector.Recording.prototype.set source):
(WebInspector.Recording.prototype.swizzle):

UserInterface/Models/RecordingAction.js:

(WebInspector.RecordingAction):
(WebInspector.RecordingAction.isFunctionForType):
(WebInspector.RecordingAction.get name):
(WebInspector.RecordingAction.get parameters):
(WebInspector.RecordingAction.prototype.get valid):
(WebInspector.RecordingAction.prototype.set valid):
(WebInspector.RecordingAction.get isFunction):
(WebInspector.RecordingAction.get isGetter):
(WebInspector.RecordingAction.get isVisual):
(WebInspector.RecordingAction.get stateModifiers):
(WebInspector.RecordingAction.prototype.swizzle):
(WebInspector.RecordingAction.prototype.parameterSwizzleTypeForTypeAtIndex):

UserInterface/Models/RecordingInitialStateAction.js: Added.

(WebInspector.RecordingInitialStateAction):

UserInterface/Views/RecordingTabContentView.js: Added.

(WebInspector.RecordingTabContentView):
(WebInspector.RecordingTabContentView.tabInfo):
(WebInspector.RecordingTabContentView.prototype.get type):
(WebInspector.RecordingTabContentView.prototype.canShowRepresentedObject):
(WebInspector.RecordingTabContentView.prototype.showRepresentedObject):
(WebInspector.RecordingTabContentView.prototype.restoreStateFromCookie):
(WebInspector.RecordingTabContentView.prototype.saveStateToCookie):
(WebInspector.RecordingTabContentView.prototype.closed):
(WebInspector.RecordingTabContentView.prototype._updateActionIndex):
(WebInspector.RecordingTabContentView.prototype._scrubberNavigationItemValueChanged):
(WebInspector.RecordingTabContentView.prototype._navigationSidebarImport):
(WebInspector.RecordingTabContentView.prototype._navigationSidebarTreeOutlineSelectionChanged):

UserInterface/Views/RecordingContentView.js: Added.

(WebInspector.RecordingContentView):
(WebInspector.RecordingContentView.prototype.get navigationItems):
(WebInspector.RecordingContentView.prototype.updateActionIndex):
(WebInspector.RecordingContentView.prototype.shown):
(WebInspector.RecordingContentView.prototype.get supplementalRepresentedObjects):
(WebInspector.RecordingContentView.prototype._generateContentCanvas2D):
(WebInspector.RecordingContentView.prototype._applyAction):
(WebInspector.RecordingContentView.prototype._updateImageGrid):
(WebInspector.RecordingContentView.prototype._showGridButtonClicked):

UserInterface/Views/RecordingContentView.css: Copied from Source/WebInspectorUI/UserInterface/Views/CanvasContentView.css.

(.content-view:not(.tab).recording):
(.content-view:not(.tab).recording > .preview-container):
(.content-view:not(.tab).recording canvas):

UserInterface/Views/RecordingNavigationSidebarPanel.js: Added.

(WebInspector.RecordingNavigationSidebarPanel):
(WebInspector.RecordingNavigationSidebarPanel.disallowInstanceForClass):
(WebInspector.RecordingNavigationSidebarPanel.prototype.set recording):
(WebInspector.RecordingNavigationSidebarPanel.prototype.updateActionIndex):
(WebInspector.RecordingNavigationSidebarPanel.prototype.initialLayout):
(WebInspector.RecordingNavigationSidebarPanel.prototype._importNavigationItemClicked):
(WebInspector.RecordingNavigationSidebarPanel.prototype._exportNavigationItemClicked):

UserInterface/Views/RecordingNavigationSidebarPanel.css: Added.

(.sidebar > .panel.navigation.recording > :matches(.content, .empty-content-placeholder)):
(.sidebar > .panel.navigation.recording > .content > .tree-outline):
(.sidebar > .panel.navigation.recording > .content > .tree-outline > .item.parent:not(.action, .selected).expanded):
(.sidebar > .panel.navigation.recording > .content > .tree-outline .item.action:not(.initial-state)::before):
(body[dir=ltr] .sidebar > .panel.navigation.recording > .content > .tree-outline .item.action:not(.initial-state)::before):
(body[dir=rtl] .sidebar > .panel.navigation.recording > .content > .tree-outline .item.action:not(.initial-state)::before):
(.sidebar > .panel.navigation.recording > .content > .tree-outline[data-indent="2"] .item.action:not(.initial-state)::before):
(.sidebar > .panel.navigation.recording > .content > .tree-outline[data-indent="3"] .item.action:not(.initial-state)::before):
(.sidebar > .panel.navigation.recording > .content > .tree-outline[data-indent="4"] .item.action:not(.initial-state)::before):
(.sidebar > .panel.navigation.recording > .content > .tree-outline[data-indent="5"] .item.action:not(.initial-state)::before):
(.sidebar > .panel.navigation.recording > .content > .tree-outline[data-indent="6"] .item.action:not(.initial-state)::before):
(.sidebar > .panel.navigation.recording > .content > .tree-outline[data-indent="7"] .item.action:not(.initial-state)::before):
(.sidebar > .panel.navigation.recording > .content .action > .icon):
(.sidebar > .panel.navigation.recording > .content .action.function > .icon):
(.sidebar > .panel.navigation.recording > .content .action.attribute.getter > .icon):
(.sidebar > .panel.navigation.recording > .content .tree-outline:matches(:focus, .force-focus) .action.attribute.getter.selected > .icon):
(.sidebar > .panel.navigation.recording > .content .action.attribute.boolean > .icon):
(.sidebar > .panel.navigation.recording > .content .action.attribute.number > .icon):
(.sidebar > .panel.navigation.recording > .content .action.attribute.object > .icon):
(.sidebar > .panel.navigation.recording > .content .action.attribute.string > .icon):
(.sidebar > .panel.navigation.recording > .content > .tree-outline > .item.parent:not(.action) > .icon):
(.sidebar > .panel.navigation.recording > .content .action:matches(.invalid, .missing) > .icon):
(body[dir=ltr] .sidebar > .panel.navigation.recording > .content .action:not(.initial-state) > .icon):
(body[dir=rtl] .sidebar > .panel.navigation.recording > .content .action:not(.initial-state) > .icon):
(.sidebar > .panel.navigation.recording > .content .action.visual:not(.selected, .invalid)):
(.sidebar > .panel.navigation.recording > .content .action:not(.selected, .initial-state) > .titles .parameter.swizzled):
(.sidebar > .panel.navigation.recording > .content .action.invalid:not(.selected, .initial-state) > .titles .name,):

UserInterface/Views/RecordingStateDetailsSidebarPanel.js: Added.

(WebInspector.RecordingStateDetailsSidebarPanel):
(WebInspector.RecordingStateDetailsSidebarPanel.disallowInstanceForClass):
(WebInspector.RecordingStateDetailsSidebarPanel.prototype.inspect):
(WebInspector.RecordingStateDetailsSidebarPanel.prototype.set recording):
(WebInspector.RecordingStateDetailsSidebarPanel.prototype.updateActionIndex):
(WebInspector.RecordingStateDetailsSidebarPanel.prototype._generateDetailsCanvas2D):

UserInterface/Views/RecordingStateDetailsSidebarPanel.css: Added.

(.sidebar > .panel.details.recording-state > .content > .data-grid):
(.sidebar > .panel.details.recording-state > .content > .data-grid tr.modified):
(.sidebar > .panel.details.recording-state > .content > .data-grid tr:not(.selected).non-standard):
(.sidebar > .panel.details.recording-state > .content > .data-grid tr:not(.selected) .unavailable):

UserInterface/Views/RecordingActionTreeElement.js: Added.

(WebInspector.RecordingActionTreeElement):
(WebInspector.RecordingActionTreeElement._generateDOM):
(WebInspector.RecordingActionTreeElement.prototype.get index):
(WebInspector.RecordingActionTreeElement.get filterableData):
(WebInspector.RecordingActionTreeElement.prototype.get filterableData):
(WebInspector.RecordingActionTreeElement.prototype.onattach):
(WebInspector.RecordingActionTreeElement.prototype.populateContextMenu):

UserInterface/Base/Main.js:

(WebInspector.contentLoaded):
(WebInspector.instanceForClass):

UserInterface/Base/FileUtilites.js: Added.

(WebInspector.saveDataToFile): Moved from UserInterface/Base/Main.js
(WebInspector.loadDataFromFile):

UserInterface/Views/ButtonNavigationItem.js:

(WebInspector.ButtonNavigationItem.prototype._mouseClicked):
Send the native event as part of the data.

UserInterface/Views/CanvasContentView.js:

(WebInspector.CanvasContentView):
(WebInspector.CanvasContentView.prototype.get navigationItems):
(WebInspector.CanvasContentView.prototype.initialLayout):
(WebInspector.CanvasContentView.prototype.closed):
(WebInspector.CanvasContentView.prototype._toggleRecording):
(WebInspector.CanvasContentView.prototype._recordingFinished):

UserInterface/Views/CanvasContentView.css:

(.content-view.canvas):

UserInterface/Views/CanvasDetailsSidebarPanel.js:

(WebInspector.CanvasDetailsSidebarPanel.prototype.inspect):

UserInterface/Views/ContentBrowser.js:

(WebInspector.ContentBrowser):
(WebInspector.ContentBrowser.prototype._updateContentViewNavigationItems):

UserInterface/Views/ContentBrowserTabContentView.js:

(WebInspector.ContentBrowserTabContentView):

UserInterface/Views/ContentView.js:

(WebInspector.ContentView.createFromRepresentedObject):
(WebInspector.ContentView.isViewable):

UserInterface/Views/ScrubberNavigationItem.js: Added.

(WebInspector.ScrubberNavigationItem):
(WebInspector.ScrubberNavigationItem.prototype.get value):
(WebInspector.ScrubberNavigationItem.prototype.set value):
(WebInspector.ScrubberNavigationItem.prototype.get min):
(WebInspector.ScrubberNavigationItem.prototype.set min):
(WebInspector.ScrubberNavigationItem.prototype.get max):
(WebInspector.ScrubberNavigationItem.prototype.set max):
(WebInspector.ScrubberNavigationItem.prototype.set disabled):
(WebInspector.ScrubberNavigationItem.prototype.get additionalClassNames):
(WebInspector.ScrubberNavigationItem.prototype._sliderChanged):

UserInterface/Views/ScrubberNavigationItem.css: Added.

(.navigation-bar .item.scrubber):
(.navigation-bar .item.scrubber > input):
(.navigation-bar .item.scrubber > input[disabled]):
Allow the flexible space to be replaced with a navigation item at construction.

UserInterface/Views/DataGridNode.js:

(WebInspector.DataGridNode):
(WebInspector.DataGridNode.prototype.get element):
Allow a list of CSS classes to be added to the node's element.

UserInterface/Views/SettingsTabContentView.js:

(WebInspector.SettingsTabContentView.prototype.initialLayout):
(WebInspector.SettingsTabContentView.prototype._createExperimentalSettingsView.listenForChange):
(WebInspector.SettingsTabContentView.prototype._createExperimentalSettingsView):
(WebInspector.SettingsTabContentView.prototype._createDebugSettingsView):
Move experimental settings to their own panel.

UserInterface/Views/TabContentView.js:

(WebInspector.TabContentView.prototype.get navigationSidebarPanel):
Save the NavigationSidebarPanel after it's constructed.

UserInterface/Base/Utilities.js:

(Number.countDigits):

UserInterface/Images/Recording.svg: Added.
UserInterface/Images/RenderingFrame.svg: Renamed from Source/WebInspectorUI/UserInterface/Images/TimelineRecordRenderingFrame.svg.
UserInterface/Images/gtk/RenderingFrame.svg: Renamed from Source/WebInspectorUI/UserInterface/Images/gtk/TimelineRecordRenderingFrame.svg.
UserInterface/Views/TimelineIcons.css:

(.rendering-frame-record .icon):

UserInterface/Views/DOMTreeOutline.css:

(@keyframes node-state-changed):

UserInterface/Views/Main.css:

(:matches(img, canvas).show-grid):
(img.show-grid): Deleted.

UserInterface/Views/NavigationBar.css:

(.navigation-bar):

UserInterface/Views/NetworkSidebarPanel.css:

(.sidebar > .panel.navigation.network.network-grid-content-view-showing > .content > .tree-outline):

UserInterface/Views/TimelineTabContentView.css:

(.timeline.tab.content-view .navigation-bar > .item.radio):

UserInterface/Views/TimelineView.css:

(.panel.navigation.timeline.timeline-recording-content-view-showing > .content > .tree-outline):

UserInterface/Views/Variables.css:

(:root):
Create CSS variables for the DOM modification flash color and the color striping.

LayoutTests:

inspector/unit-tests/number-utilities-expected.txt:
inspector/unit-tests/number-utilities.html:

3:33 PM Changeset in webkit [220113] by commit-queue@webkit.org

2 edits
2 adds in trunk/Source/WebCore/PAL

[PAL][Win] Copy forwarding headers
https://bugs.webkit.org/show_bug.cgi?id=175012

Patch by Yoshiaki Jitsukawa <jitsu@rd.scei.sony.co.jp> on 2017-08-01
Reviewed by Myles C. Maxfield.

pal/PlatformAppleWin.cmake: Added.
pal/PlatformWin.cmake:
pal/PlatformWinCairo.cmake: Added.

2:42 PM Changeset in webkit [220112] by Alan Bujtas

5 edits
3 adds in trunk

REGRESSION (r217197): New Yorker website hangs for a long time on load, lots of blank tiles
https://bugs.webkit.org/show_bug.cgi?id=175009
<rdar://problem/33505791>

Reviewed by Simon Fraser.

Source/WebCore:

This patch ensures that we report the desktop, non-frame-flattened frame size for media queries in subframes.
Some websites don't expect the iframes to be expanded to the size of the content and when the media query
callback mutates the content (triggering frame resize), they might end up getting into a never ending layout.

Test: fast/frames/flattening/media-query-growing-content.html

css/MediaQueryEvaluator.cpp:

(WebCore::orientationEvaluate):
(WebCore::aspectRatioEvaluate):
(WebCore::heightEvaluate):
(WebCore::widthEvaluate):

page/FrameView.cpp:

(WebCore::FrameView::layout):
(WebCore::FrameView::layoutSizeForMediaQuery const):
(WebCore::FrameView::evaluateMediaQueryList):

page/FrameView.h:

LayoutTests:

fast/frames/flattening/media-query-growing-content-expected.txt: Added.
fast/frames/flattening/media-query-growing-content.html: Added.
fast/frames/flattening/resources/media-query-min-height-with-flattening.html: Added.

2:02 PM Changeset in webkit [220111] by commit-queue@webkit.org

9 edits
2 copies
2 adds in trunk

Layout tests with 'https' suffix should be run over HTTPS
https://bugs.webkit.org/show_bug.cgi?id=174992

Patch by Youenn Fablet <youenn@apple.com> on 2017-08-01
Reviewed by Chris Dumez.

Tools:

Updating the test-name <-> uri conversion routines to use https when test names contain ".https." in them.
This covers WPT tests, WPT WebKit tests and HTTP layout tests.
Covered by corresponding unit tests.

Scripts/webkitpy/layout_tests/servers/run_webkit_httpd.py:

(run_server):

Scripts/webkitpy/layout_tests/servers/web_platform_test_server.py:

(base_http_url):
(base_https_url):
(base_url): Deleted.

Scripts/webkitpy/port/base.py:

(Port.to.web_platform_test_server_base_http_url):
(Port.to):
(Port.to.web_platform_test_server_base_https_url):
(Port.to.web_platform_test_server_base_url): Deleted.

Scripts/webkitpy/port/driver.py:

(Driver.init):
(Driver.wpt_test_path_to_uri):
(Driver):
(Driver.http_test_path_to_uri):
(Driver.test_to_uri):
(Driver.uri_to_test):

Scripts/webkitpy/port/driver_unittest.py:

(DriverTest.test_test_to_uri):
(DriverTest.test_uri_to_test):

LayoutTests:

Updating test to allow display insecure content as otherwise the test would not complete now that it is run over HTTPS.
Adding WK1 expected files as the warning message is not printed.

http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https-expected.txt:
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https.html:
platform/ios-wk1/http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https-expected.txt: Added.
platform/mac-wk1/http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https-expected.txt: Added.

1:47 PM Changeset in webkit [220110] by Matt Lewis

2 edits in trunk/LayoutTests

Marked imported/w3c/IndexedDB-private-browsing/idbfactory_open.html as flaky.
<rdar://problem/33555052>

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:

1:00 PM Changeset in webkit [220109] by jiewen_tan@apple.com

4 edits
6 adds in trunk

Add tests to detect mistakes in backward compatibility when the structured clone algorithm is changed in the future
https://bugs.webkit.org/show_bug.cgi?id=173998

Reviewed by Darin Adler.

Source/WebCore:

bindings/js/SerializedScriptValue.cpp:

Add a comment.

Tools:

Since the structured clone algorithm is used for data stored in persistent databases, we need tests to help us
detect mistakes in backward compatibility in the future when we change it.

The way it works is to read from a pre-baked database and see if all the values are matched with the expectations.
Surprisedly, some of structured clonable objects cannot be stored into the indexedDB. Those are FileList,
ObjectReference, MessagePortReference, ArrayBufferView, ArrayBufferTransfer, NonMapProperties, NonSetProperties,
SharedArrayBuffer, WasmModule, DOMPointReadOnly, DOMPoint, DOMRectReadOnly, DOMRect, DOMMatrixReadOnly, DOMMatrix,
DOMQuad and Error. CryptoKey objects are not included as well as they need new API for encrypting/decrypting the
internal key data slot.

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBStructuredCloneBackwardCompatibility.mm: Added.

(-[IndexedDBStructuredCloneBackwardCompatibilityMessageHandler userContentController:didReceiveScriptMessage:]):
(getNextMessage):
(TEST):
Here is the API test that moves the pre-baked database to the location where TestWebKitAPI can read from.

TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBStructuredCloneBackwardCompatibility.sqlite3: Added.
TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBStructuredCloneBackwardCompatibility.sqlite3-shm: Added.
TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBStructuredCloneBackwardCompatibility.sqlite3-wal: Added.

These are the pre-baked databases.

TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBStructuredCloneBackwardCompatibilityRead.html: Added.

This is the actual test that do all the reads and comparisons.

TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBStructuredCloneBackwardCompatibilityWrite.html: Added.

This is the page that bakes the database. It never runs automatically. It is for someone who needs to teach
IndexedDB new stuffs. Then it can be used to bake the database again.

12:18 PM Changeset in webkit [220108] by zandobersek@gmail.com

2 edits
8 adds in trunk/LayoutTests

[WebCrypto] Add PKCS#8 import test that covers parameters and publicKey values in ECPrivateKey
https://bugs.webkit.org/show_bug.cgi?id=174420

Reviewed by Darin Adler.

Add test cases that cover testing of the optional ECParameters and publicKey bit string
attributes in the ECPrivateKey ASN.1 structure that's embedded in the PKCS#8 PrivateKeyInfo
ASN.1 structure.

Per the spec, if the ECParameters attribute in the ECPrivateKey structure is present, the
relevant curve object identifier should match the same curve identifier that's used in the
ECParameters attribute of the AlgorithmIdentifier structure in PrivateKeyInfo. Both of these
should of course match the curve that was specified for the import operation.

For the publicKey bit string, the data contained there should be properly formatted for
the specific curve, meaning it should be of proper curve-specific size and that it should
use 0x04 as the leading byte, signalling an uncompressed EC point. On top of that the public
key should have a valid value that positions it on the specified elliptic curve.

These cases are covered for PKCS#8 key imports for P-256 and P-384 curves and for both ECDH
and ECDSA algorithms in the newly-introduced tests. They are skipped on all platforms since
no implementation in WebKit can pass them yet.

TestExpectations:
crypto/subtle/ecdh-import-pkcs8-key-p256-validate-ecprivatekey-parameters-publickey-expected.txt: Added.
crypto/subtle/ecdh-import-pkcs8-key-p256-validate-ecprivatekey-parameters-publickey.html: Added.
crypto/subtle/ecdh-import-pkcs8-key-p384-validate-ecprivatekey-parameters-publickey-expected.txt: Added.
crypto/subtle/ecdh-import-pkcs8-key-p384-validate-ecprivatekey-parameters-publickey.html: Added.
crypto/subtle/ecdsa-import-pkcs8-key-p256-validate-ecprivatekey-parameters-publickey-expected.txt: Added.
crypto/subtle/ecdsa-import-pkcs8-key-p256-validate-ecprivatekey-parameters-publickey.html: Added.
crypto/subtle/ecdsa-import-pkcs8-key-p384-validate-ecprivatekey-parameters-publickey-expected.txt: Added.
crypto/subtle/ecdsa-import-pkcs8-key-p384-validate-ecprivatekey-parameters-publickey.html: Added.

12:03 PM Changeset in webkit [220107] by beidson@apple.com

4 edits in trunk

API test URLSchemeHandler.Exceptions is Exiting out early on macOS Debug..
https://bugs.webkit.org/show_bug.cgi?id=175030

Reviewed by Andy Estes.

Source/WebKit:

UIProcess/Cocoa/WebURLSchemeHandlerCocoa.mm:

(WebKit::WebURLSchemeHandlerCocoa::platformTaskCompleted): Release the API wrapped on the next

spin of the runloop.

Tools:

TestWebKitAPI/Tests/WebKit2Cocoa/WKURLSchemeHandler-1.mm:

(-[TaskSchemeHandler webView:startURLSchemeTask:]): Stop calling an invalid NSError constructor.

11:50 AM Changeset in webkit [220106] by Matt Lewis

4 edits in trunk/Source/WebCore

Unreviewed, rolling out r220089.

This caused multiple crashes on macOS Debug testers.

Reverted changeset:

"Use LazyNeverDestroyed instead of DEFINE_GLOBAL for
QualifiedName"
https://bugs.webkit.org/show_bug.cgi?id=175010
http://trac.webkit.org/changeset/220089

11:18 AM Changeset in webkit [220105] by beidson@apple.com

52 edits in trunk

Part 2 of: Rename DatabaseProcess to StorageProcess.
https://bugs.webkit.org/show_bug.cgi?id=174880

Reviewed by Andy Estes.

Source/WebKit:

Rename some more variables, classes, etc. to reflect the change.

NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::writeBlobsToTemporaryFiles):

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::grantSandboxExtensionsToStorageProcessForBlobs):
(WebKit::NetworkProcess::didGrantSandboxExtensionsToStorageProcessForBlobs):
(WebKit::NetworkProcess::grantSandboxExtensionsToDatabaseProcessForBlobs): Deleted.
(WebKit::NetworkProcess::didGrantSandboxExtensionsToDatabaseProcessForBlobs): Deleted.

NetworkProcess/NetworkProcess.h:
NetworkProcess/NetworkProcess.messages.in:

Shared/ProcessExecutablePath.h:
Shared/gtk/ProcessExecutablePathGtk.cpp:

(WebKit::executablePathOfStorageProcess):
(WebKit::executablePathOfDatabaseProcess): Deleted.

Shared/wpe/ProcessExecutablePathWPE.cpp:

(WebKit::executablePathOfStorageProcess):
(WebKit::executablePathOfDatabaseProcess): Deleted.

StorageProcess/IndexedDB/WebIDBConnectionToClient.cpp:

(WebKit::WebIDBConnectionToClient::putOrAdd):

StorageProcess/StorageProcess.cpp:

(WebKit::StorageProcess::initializeWebsiteDataStore):
(WebKit::StorageProcess::postStorageTask):
(WebKit::StorageProcess::performNextStorageTask):
(WebKit::StorageProcess::createStorageToWebProcessConnection):
(WebKit::StorageProcess::fetchWebsiteData):
(WebKit::StorageProcess::postDatabaseTask): Deleted.
(WebKit::StorageProcess::performNextDatabaseTask): Deleted.
(WebKit::StorageProcess::createDatabaseToWebProcessConnection): Deleted.

StorageProcess/StorageProcess.h:
StorageProcess/StorageProcess.messages.in:
StorageProcess/mac/StorageProcessMac.mm:

(WebKit::StorageProcess::initializeProcessName):

UIProcess/API/C/WKContext.cpp:

(WKContextGetDatabaseProcessIdentifier):

UIProcess/API/Cocoa/WKProcessPool.mm:

(-[WKProcessPool _terminateStorageProcess]):
(-[WKProcessPool _storageProcessIdentifier]):
(-[WKProcessPool _terminateDatabaseProcess]): Deleted.
(-[WKProcessPool _databaseProcessIdentifier]): Deleted.

UIProcess/API/Cocoa/WKProcessPoolPrivate.h:

UIProcess/ChildProcessProxy.cpp:

(WebKit::ChildProcessProxy::getLaunchOptions):

UIProcess/Launcher/ProcessLauncher.h:
UIProcess/Launcher/gtk/ProcessLauncherGtk.cpp:

(WebKit::ProcessLauncher::launchProcess):

UIProcess/Launcher/mac/ProcessLauncherMac.mm:

(WebKit::serviceName):

UIProcess/Launcher/wpe/ProcessLauncherWPE.cpp:

(WebKit::ProcessLauncher::launchProcess):

UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::grantSandboxExtensionsToStorageProcessForBlobs):
(WebKit::NetworkProcessProxy::grantSandboxExtensionsToDatabaseProcessForBlobs): Deleted.

UIProcess/Network/NetworkProcessProxy.h:
UIProcess/Network/NetworkProcessProxy.messages.in:

UIProcess/Storage/StorageProcessProxy.cpp:

(WebKit::StorageProcessProxy::getLaunchOptions):
(WebKit::StorageProcessProxy::getStorageProcessConnection):
(WebKit::StorageProcessProxy::didClose):
(WebKit::StorageProcessProxy::didCreateStorageToWebProcessConnection):
(WebKit::StorageProcessProxy::didFinishLaunching):
(WebKit::StorageProcessProxy::getDatabaseProcessConnection): Deleted.
(WebKit::StorageProcessProxy::didCreateDatabaseToWebProcessConnection): Deleted.

UIProcess/Storage/StorageProcessProxy.h:
UIProcess/Storage/StorageProcessProxy.messages.in:

UIProcess/WebContextClient.cpp:

(WebKit::WebContextClient::storageProcessDidCrash):
(WebKit::WebContextClient::databaseProcessDidCrash): Deleted.

UIProcess/WebContextClient.h:

UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::ensureStorageProcessAndWebsiteDataStore):
(WebKit::WebProcessPool::getStorageProcessConnection):
(WebKit::WebProcessPool::storageProcessCrashed):
(WebKit::WebProcessPool::pageAddedToProcess):
(WebKit::WebProcessPool::storageProcessIdentifier):
(WebKit::WebProcessPool::terminateStorageProcess):
(WebKit::WebProcessPool::ensureDatabaseProcessAndWebsiteDataStore): Deleted.
(WebKit::WebProcessPool::getDatabaseProcessConnection): Deleted.
(WebKit::WebProcessPool::databaseProcessCrashed): Deleted.
(WebKit::WebProcessPool::databaseProcessIdentifier): Deleted.
(WebKit::WebProcessPool::terminateDatabaseProcess): Deleted.

UIProcess/WebProcessPool.h:

(WebKit::WebProcessPool::sendToStorageProcessRelaunchingIfNecessary):
(WebKit::WebProcessPool::sendToDatabaseProcessRelaunchingIfNecessary): Deleted.

UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::getStorageProcessConnection):
(WebKit::WebProcessProxy::getDatabaseProcessConnection): Deleted.

UIProcess/WebProcessProxy.h:
UIProcess/WebProcessProxy.messages.in:

UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::fetchDataAndApply):
(WebKit::WebsiteDataStore::removeData):
(WebKit::WebsiteDataStore::storageProcessParameters):
(WebKit::WebsiteDataStore::databaseProcessParameters): Deleted.

UIProcess/WebsiteData/WebsiteDataStore.h:

WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp:

(WebKit::WebIDBConnectionToServer::messageSenderConnection):

WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.h:

WebProcess/Databases/WebDatabaseProvider.cpp:

(WebKit::WebDatabaseProvider::idbConnectionToServerForSession):

WebProcess/Storage/WebToStorageProcessConnection.cpp:

(WebKit::WebToStorageProcessConnection::WebToStorageProcessConnection):
(WebKit::WebToStorageProcessConnection::~WebToStorageProcessConnection):
(WebKit::WebToStorageProcessConnection::didReceiveMessage):
(WebKit::WebToStorageProcessConnection::didClose):
(WebKit::WebToStorageProcessConnection::didReceiveInvalidMessage):
(WebKit::WebToStorageProcessConnection::idbConnectionToServerForSession):
(WebKit::WebToDatabaseProcessConnection::WebToDatabaseProcessConnection): Deleted.
(WebKit::WebToDatabaseProcessConnection::~WebToDatabaseProcessConnection): Deleted.
(WebKit::WebToDatabaseProcessConnection::didReceiveMessage): Deleted.
(WebKit::WebToDatabaseProcessConnection::didClose): Deleted.
(WebKit::WebToDatabaseProcessConnection::didReceiveInvalidMessage): Deleted.
(WebKit::WebToDatabaseProcessConnection::idbConnectionToServerForSession): Deleted.

WebProcess/Storage/WebToStorageProcessConnection.h:

(WebKit::WebToStorageProcessConnection::create):
(WebKit::WebToDatabaseProcessConnection::create): Deleted.
(WebKit::WebToDatabaseProcessConnection::connection): Deleted.

WebProcess/WebProcess.cpp:

(WebKit::WebProcess::webToStorageProcessConnectionClosed):
(WebKit::WebProcess::webToStorageProcessConnection):
(WebKit::WebProcess::ensureWebToStorageProcessConnection):
(WebKit::WebProcess::webToDatabaseProcessConnectionClosed): Deleted.
(WebKit::WebProcess::webToDatabaseProcessConnection): Deleted.
(WebKit::WebProcess::ensureWebToDatabaseProcessConnection): Deleted.

WebProcess/WebProcess.h:

Tools:

TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.mm:
TestWebKitAPI/Tests/WebKit2Cocoa/IDBIndexUpgradeToV2.mm:
TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBDatabaseProcessKill.mm:
TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess.mm:
TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBPersistence.mm:
TestWebKitAPI/Tests/WebKit2Cocoa/ResourceLoadStatistics.mm:
TestWebKitAPI/Tests/WebKit2Cocoa/WebProcessKillIDBCleanup.mm:
TestWebKitAPI/Tests/WebKit2Cocoa/WebsiteDataStoreCustomPaths.mm:

9:42 AM Changeset in webkit [220104] by commit-queue@webkit.org

4 edits in trunk/LayoutTests

[GTK] Layout test fast/forms/content-with-margins-inside-button.html is failing
https://bugs.webkit.org/show_bug.cgi?id=174610

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-01
Reviewed by Darin Adler.

Use an explicit text color for content-with-margins-inside-button.html.

This makes the test pass in the GTK port.

I also changed the formatting of the CSS to make it more readable.

fast/forms/content-with-margins-inside-button-expected.html:
fast/forms/content-with-margins-inside-button.html:
platform/gtk/TestExpectations:

9:24 AM Changeset in webkit [220103] by commit-queue@webkit.org

3 edits in trunk/LayoutTests

Remove obsolete failure expectations for wpt XHR tests.
https://bugs.webkit.org/show_bug.cgi?id=175024

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-01
Reviewed by Darin Adler.

TestExpectations:
platform/gtk/TestExpectations:

9:22 AM Changeset in webkit [220102] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Remove obsolete failure expectations for style-01.html.
https://bugs.webkit.org/show_bug.cgi?id=175026

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-01
Reviewed by Darin Adler.

TestExpectations:

9:20 AM Changeset in webkit [220101] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Remove obsolete failure expectation for Document-characterSet-normalization.html.
https://bugs.webkit.org/show_bug.cgi?id=175022

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-01
Reviewed by Sam Weinig.

The expectations were updated in r204605.

platform/gtk/TestExpectations:

9:18 AM Changeset in webkit [220100] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Remove obsolete failure expectation for regional-indicators.html.
https://bugs.webkit.org/show_bug.cgi?id=175021

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-01
Reviewed by Sam Weinig.

platform/gtk/TestExpectations:

9:16 AM Changeset in webkit [220099] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

REGRESSION(r205909): Layout test editing/pasteboard/image-in-iframe.html is failing
https://bugs.webkit.org/show_bug.cgi?id=163185

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-01
Reviewed by Sam Weinig.

Remove obsolete failure expectation for image-in-iframe.html.

The bug was fixed in r212428. (The test was also broken by both landings for
bug 170956, until r216174 fixed it again.)

platform/gtk/TestExpectations:

9:13 AM Changeset in webkit [220098] by Darin Adler

3 edits in trunk/LayoutTests

REGRESSION (r220052): http/tests/media/video-play-stall.html times out
https://bugs.webkit.org/show_bug.cgi?id=174988

Reviewed by Sam Weinig.

TestExpectations: Stop skipping this test.

http/tests/media/video-play-stall.html: Use a 0-duration timeout to sidestep an

issue where the test runner never thinks the test is done because of the stalled
media loading, and times out. The behaviors here aren't great, but there is no
reason to think that this confused state has any effect on web browsing; just on
our test runners in a test that intentionally has a still loading video in it.

8:56 AM Changeset in webkit [220097] by commit-queue@webkit.org

3 edits in trunk/Source/bmalloc

Implement builtin_clzl for MSVC
https://bugs.webkit.org/show_bug.cgi?id=174232

Patch by Daewoong Jang <daewoong.jang@navercorp.com> on 2017-08-01
Reviewed by Geoffrey Garen.

bmalloc/Algorithm.h:

(bmalloc::clzl):
(bmalloc::clzl<1>):
(bmalloc::builtin_clzl):

bmalloc/BPlatform.h:

7:32 AM Changeset in webkit [220096] by gskachkov@gmail.com

2 edits in trunk/JSTests

[JSC] Remove unnecessary print from stress\promise-finally.js test
https://bugs.webkit.org/show_bug.cgi?id=175015

Reviewed by Yusuke Suzuki.

stress/promise-finally.js:

(p.finally):
(then):

7:23 AM Changeset in webkit [220095] by commit-queue@webkit.org

3 edits in trunk/Source/WebCore

[WebIDL] Swap a custom attribute for a custom mark function for HTMLTemplateElement
https://bugs.webkit.org/show_bug.cgi?id=175006

Patch by Sam Weinig <sam@webkit.org> on 2017-08-01
Reviewed by Chris Dumez.

Use the standard way of augmenting GC, visitAdditionalChildren, rather
than using a private name to create ownership.

bindings/js/JSHTMLTemplateElementCustom.cpp:

(WebCore::JSHTMLTemplateElement::visitAdditionalChildren):
(WebCore::JSHTMLTemplateElement::content const): Deleted.

html/HTMLTemplateElement.idl:

7:19 AM Changeset in webkit [220094] by beidson@apple.com

19 edits
20 copies
5 moves
14 adds
2 deletes in trunk

Part 1 of: Rename DatabaseProcess to StorageProcess.
https://bugs.webkit.org/show_bug.cgi?id=174879

Reviewed by Andy Estes.

Source/cmake/OptionsWPE.cmake:
Source/cmake/gtksymbols.filter:

Source/WebKit:

This patch is all about renaming source files and renaming the process itself (touching build system files, etc etc).

Some renaming in actual code did result (Some class/struct names, method names, etc)

Part 2 (174880) will go through and update all references in code itself from "Database" to "Storage"

CMakeLists.txt:
DerivedSources.make:
PlatformGTK.cmake:
PlatformMac.cmake:
PlatformWPE.cmake:
WebKit.xcodeproj/project.pbxproj:

Configurations/StorageService.xcconfig: Renamed from Source/WebKit/Configurations/DatabaseService.xcconfig.
StorageProcess/EntryPoint/mac/XPCService/StorageService/Info.plist: Renamed from Source/WebKit/DatabaseProcess/EntryPoint/mac/XPCService/DatabaseService/Info.plist.
StorageProcess/mac/com.apple.WebKit.Databases.sb.in: Renamed from Source/WebKit/DatabaseProcess/mac/com.apple.WebKit.Databases.sb.in.

Shared/Storage/StorageProcessCreationParameters.cpp: Renamed from Source/WebKit/Shared/Databases/DatabaseProcessCreationParameters.cpp.
Shared/Storage/StorageProcessCreationParameters.h: Renamed from Source/WebKit/Shared/Databases/DatabaseProcessCreationParameters.h.

StorageProcess/EntryPoint/mac/XPCService/StorageServiceEntryPoint.mm: Renamed from Source/WebKit/DatabaseProcess/EntryPoint/mac/XPCService/DatabaseServiceEntryPoint.mm.
StorageProcess/EntryPoint/unix/StorageProcessMain.cpp: Renamed from Source/WebKit/DatabaseProcess/EntryPoint/unix/DatabaseProcessMain.cpp.

StorageProcess/IndexedDB/WebIDBConnectionToClient.cpp: Renamed from Source/WebKit/DatabaseProcess/IndexedDB/WebIDBConnectionToClient.cpp.
StorageProcess/IndexedDB/WebIDBConnectionToClient.h: Renamed from Source/WebKit/DatabaseProcess/IndexedDB/WebIDBConnectionToClient.h.
StorageProcess/IndexedDB/WebIDBConnectionToClient.messages.in: Renamed from Source/WebKit/DatabaseProcess/IndexedDB/WebIDBConnectionToClient.messages.in.

StorageProcess/StorageProcess.cpp: Renamed from Source/WebKit/DatabaseProcess/DatabaseProcess.cpp.
StorageProcess/StorageProcess.h: Renamed from Source/WebKit/DatabaseProcess/DatabaseProcess.h.
StorageProcess/StorageProcess.messages.in: Renamed from Source/WebKit/DatabaseProcess/DatabaseProcess.messages.in.

StorageProcess/StorageToWebProcessConnection.cpp: Renamed from Source/WebKit/DatabaseProcess/DatabaseToWebProcessConnection.cpp.
StorageProcess/StorageToWebProcessConnection.h: Renamed from Source/WebKit/DatabaseProcess/DatabaseToWebProcessConnection.h.
StorageProcess/StorageToWebProcessConnection.messages.in: Renamed from Source/WebKit/DatabaseProcess/DatabaseToWebProcessConnection.messages.in.

StorageProcess/gtk/StorageProcessMainGtk.cpp: Renamed from Source/WebKit/DatabaseProcess/gtk/DatabaseProcessMainGtk.cpp.
StorageProcess/ios/StorageProcessIOS.mm: Renamed from Source/WebKit/DatabaseProcess/ios/DatabaseProcessIOS.mm.
StorageProcess/mac/StorageProcessMac.mm: Renamed from Source/WebKit/DatabaseProcess/mac/DatabaseProcessMac.mm.
StorageProcess/unix/StorageProcessMainUnix.h: Renamed from Source/WebKit/DatabaseProcess/unix/DatabaseProcessMainUnix.h.
UIProcess/Network/NetworkProcessProxy.cpp:

UIProcess/Storage/StorageProcessProxy.cpp: Renamed from Source/WebKit/UIProcess/Databases/DatabaseProcessProxy.cpp.
UIProcess/Storage/StorageProcessProxy.h: Renamed from Source/WebKit/UIProcess/Databases/DatabaseProcessProxy.h.
UIProcess/Storage/StorageProcessProxy.messages.in: Renamed from Source/WebKit/UIProcess/Databases/DatabaseProcessProxy.messages.in.

UIProcess/WebContextSupplement.h:
UIProcess/WebProcessPool.cpp:
UIProcess/WebProcessPool.h:
UIProcess/WebsiteData/WebsiteDataStore.cpp:
UIProcess/WebsiteData/WebsiteDataStore.h:
WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp:
WebProcess/Databases/WebDatabaseProvider.cpp:

WebProcess/Storage/WebToStorageProcessConnection.cpp: Renamed from Source/WebKit/WebProcess/Databases/WebToDatabaseProcessConnection.cpp.
WebProcess/Storage/WebToStorageProcessConnection.h: Renamed from Source/WebKit/WebProcess/Databases/WebToDatabaseProcessConnection.h.

WebProcess/WebProcess.cpp:

6:13 AM Changeset in webkit [220093] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Correct the line numbers in GTK's scheme-about.any-expected.txt.
https://bugs.webkit.org/show_bug.cgi?id=175017

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-08-01
Reviewed by Sam Weinig.

The code fix landed in r220050.

platform/gtk/imported/w3c/web-platform-tests/fetch/api/basic/scheme-about.any-expected.txt:

5:02 AM WebKitGTK/2.16.x edited by tpopela@redhat.com

(diff)

4:49 AM Changeset in webkit [220092] by zandobersek@gmail.com

4 edits in trunk/Source/WebCore

[GCrypt] Gather crypto constants in a single location
https://bugs.webkit.org/show_bug.cgi?id=174091

Reviewed by Jiewen Tan.

Gather common constants used across the libgcrypt-specific Web Crypto
implementations in a single place -- in the GCryptUtilities.h header,
inside the CryptoConstants namespace. The various ASN.1 object identifiers
and other helper values are placed inside, in the std::array<uint8_t, N>
container.

Additionally, CryptoConstants::matches() helper function is provided. It
compares the provided data-and-size pair with the given std::array
container and returns true if the std::memcmp() call returns 0.

Changes in CryptoKeyEC and CryptoKeyRSA consist mostly of switching to the
use of CryptoConstants::matches() and the CryptoConstants data arrays, as
well as some whitespace cleanup.

Additionallity in CryptoKeyEC, the helper functions covering various curve
attributes are reordered, renamed and reorganized for simplicity.

No new tests -- no changes in behavior.

crypto/gcrypt/CryptoKeyECGCrypt.cpp:

(WebCore::curveIdentifier):
(WebCore::curveSize):
(WebCore::curveUncompressedFieldElementSize):
(WebCore::curveUncompressedPointSize):
(WebCore::CryptoKeyEC::platformImportRaw):
(WebCore::CryptoKeyEC::platformImportJWKPublic):
(WebCore::CryptoKeyEC::platformImportJWKPrivate):
(WebCore::supportedAlgorithmIdentifier):
(WebCore::curveForIdentifier):
(WebCore::CryptoKeyEC::platformImportSpki):
(WebCore::CryptoKeyEC::platformExportRaw):
(WebCore::CryptoKeyEC::platformAddFieldElements):
(WebCore::CryptoKeyEC::platformExportSpki):
(WebCore::CryptoKeyEC::platformExportPkcs8):
(WebCore::uncompressedPointSizeForCurve): Deleted.
(WebCore::uncompressedFieldElementSizeForCurve): Deleted.

crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:

(WebCore::supportedAlgorithmIdentifier):
(WebCore::CryptoKeyRSA::importPkcs8):
(WebCore::CryptoKeyRSA::exportSpki):
(WebCore::CryptoKeyRSA::exportPkcs8):

crypto/gcrypt/GCryptUtilities.h:

(WebCore::CryptoConstants::matches):

1:08 AM Changeset in webkit [220091] by Michael Catanzaro

9 edits in trunk

[CMake] WebKitFS.cmake depends on options set in Option cmake files that are included later
https://bugs.webkit.org/show_bug.cgi?id=174855

Reviewed by Carlos Garcia Campos.

Create derived sources directories in WebKitCommon.cmake instead of WebKitFS.cmake, which is
too soon. I tried changing the include order, but other stuff in WebKitFS.cmake really is
needed before including the port options file.

Source/cmake/WebKitCommon.cmake:
Source/cmake/WebKitFS.cmake:

Source/WebDriver:

Don't create derived sources directory here anymore.

PlatformGTK.cmake:

Source/WebKit:

Don't create derived sources directory here anymore.

PlatformGTK.cmake:
PlatformMac.cmake:
PlatformWPE.cmake:

Jul 31, 2017:

11:42 PM Changeset in webkit [220090] by commit-queue@webkit.org

4 edits in trunk/Source/WebCore

Use LazyNeverDestroyed instead of DEFINE_GLOBAL for MediaFeatureNames
https://bugs.webkit.org/show_bug.cgi?id=175008

Patch by Fujii Hironori <Fujii Hironori> on 2017-07-31
Reviewed by Alex Christensen.

No new tests because no behavior change.

Stop using DEFINE_GLOBAL hack in favor of LazyNeverDestroyed.

css/MediaFeatureNames.cpp:

(WebCore::MediaFeatureNames::init): Do not include
<wtf/StaticConstructors.h>. Use LazyNeverDestroyed instead of
DEFINE_GLOBAL. Call LazyNeverDestroyed::construct instead of
placement new.

css/MediaFeatureNames.h: Use LazyNeverDestroyed.
css/MediaQueryEvaluator.cpp:

(WebCore::MediaQueryEvaluator::evaluate const): Dereference with ->.

11:40 PM Changeset in webkit [220089] by commit-queue@webkit.org

4 edits in trunk/Source/WebCore

Use LazyNeverDestroyed instead of DEFINE_GLOBAL for QualifiedName
https://bugs.webkit.org/show_bug.cgi?id=175010

Patch by Fujii Hironori <Fujii Hironori> on 2017-07-31
Reviewed by Alex Christensen.

No new tests because no behavior change.

Stop using DEFINE_GLOBAL hack in favor of LazyNeverDestroyed.

dom/DOMAllInOne.cpp: Remove the warning. Include QualifiedName.cpp.
dom/QualifiedName.cpp:

(WebCore::QualifiedName::init): Call LazyNeverDestroyed::construct
instead of placement new.

dom/QualifiedName.h: Use LazyNeverDestroyed.

11:37 PM Changeset in webkit [220088] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Remove some obsolete expected failures blamed on the threaded compositor.
https://bugs.webkit.org/show_bug.cgi?id=174982

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-07-31
Reviewed by Sergio Villar Senin.

platform/gtk/TestExpectations:

10:28 PM Changeset in webkit [220087] by Csaba Osztrogonác

2 edits in trunk/Tools

Fix JSCOnly ARM buildbots after r220047
https://bugs.webkit.org/show_bug.cgi?id=174993

Reviewed by Saam Barati.

BuildSlaveSupport/build.webkit.org-config/master.cfg:

(BuildAndRemoteJSCTestsFactory.init):

5:39 PM Changeset in webkit [220086] by commit-queue@webkit.org

3 edits in trunk/PerformanceTests

Speedometer 2.0: Remove <base> from Angular 4 test
https://bugs.webkit.org/show_bug.cgi?id=175004

Patch by Mathias Bynens <mathias@qiwi.be> on 2017-07-31
Reviewed by Ryosuke Niwa.

Speedometer/resources/todomvc/architecture-examples/angular/dist/index.html: Remove <base>.
Speedometer/resources/todomvc/architecture-examples/angular/src/index.html: Remove <base>.

5:39 PM Changeset in webkit [220085] by mrajca@apple.com

6 edits in trunk/Source/WebCore

Support quirk for letting media autoplay if the user interacted with at least one media element.
https://bugs.webkit.org/show_bug.cgi?id=175005
<rdar://problem/33476038>

Reviewed by Eric Carlson.

If the user has interacted with at least one media element, let other media elements auto-play
as a quirk.

dom/Document.cpp:

(WebCore::Document::updateIsPlayingMedia):

dom/Document.h:

(WebCore::Document::noteUserInteractionWithMediaElement):

html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture):

html/MediaElementSession.cpp:

(WebCore::needsDocumentLevelMediaUserGestureQuirk):
(WebCore::MediaElementSession::playbackPermitted const):

page/MediaProducer.h:

5:18 PM Changeset in webkit [220084] by n_wang@apple.com

2 edits in trunk/Source/WebCore

AX: CFEqual is failing on text markers with exact same data
https://bugs.webkit.org/show_bug.cgi?id=175002
<rdar://problem/33636985>

Reviewed by Chris Fleizach.

We should zero the memory of the TextMarkerData instance so that it
can be tested for byte-equivalence.

Made sure this change won't break any of the existing tests.

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
(WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):

4:55 PM Changeset in webkit [220083] by jmarcell@apple.com

7 edits in branches/safari-604-branch/Source

Versioning.

4:45 PM Changeset in webkit [220082] by jmarcell@apple.com

1 copy in tags/Safari-604.1.35

Tag Safari-604.1.35.

4:30 PM Changeset in webkit [220081] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Added some UNLIKELYs to operationOptimize().
https://bugs.webkit.org/show_bug.cgi?id=174976

Reviewed by JF Bastien.

jit/JITOperations.cpp:

4:30 PM Changeset in webkit [220080] by rniwa@webkit.org

2 edits in trunk/Websites/perf.webkit.org

Build fix. Fixed a typo. task.id() isn't a thing in this function.

public/v3/models/test-group.js:

(TestGroup.createWithCustomConfiguration):

3:59 PM Changeset in webkit [220079] by mark.lam@apple.com

2 edits in trunk/Source/bmalloc

Fixed some comment typos.

Not reviewed.

bmalloc/PerProcess.h:

3:47 PM Changeset in webkit [220078] by keith_miller@apple.com

6 edits in trunk/Source/JavaScriptCore

Make more things LLInt constexprs
https://bugs.webkit.org/show_bug.cgi?id=174994

Reviewed by Saam Barati.

This patch makes more const values in the LLInt constexprs.
It also deletes all of the no longer necessary static_asserts in
LLIntData.cpp. Finally, it fixes a typo in parser.rb.

interpreter/ShadowChicken.h:

(JSC::ShadowChicken::Packet::tailMarker):

llint/LLIntData.cpp:

(JSC::LLInt::Data::performAssertions):

llint/LowLevelInterpreter.asm:
offlineasm/generate_offset_extractor.rb:
offlineasm/parser.rb:

3:34 PM Changeset in webkit [220077] by mrajca@apple.com

3 edits in trunk/Source/WebCore

Propagate user gesture tokens when script elements are loaded.
https://bugs.webkit.org/show_bug.cgi?id=174959

Reviewed by Eric Carlson.

Propagate user gesture tokens when script elements are loaded (i.e. between the time an
element is created and its onload handler is invoked).

dom/ScriptElement.cpp:

(WebCore::ScriptElement::ScriptElement):
(WebCore::ScriptElement::dispatchLoadEventRespectingUserGestureIndicator):
(WebCore::ScriptElement::executeScriptAndDispatchEvent):
(WebCore::ScriptElement::executePendingScript):

dom/ScriptElement.h:

2:45 PM Changeset in webkit [220076] by jiewen_tan@apple.com

2 edits
3 adds in trunk/LayoutTests

Unreviewed, test gardening

platform/mac-highsierra/TestExpectations:
platform/mac-highsierra/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/test_pbkdf2_long_empty.https-expected.txt: Added.
platform/mac-highsierra/imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/test_pbkdf2_short_empty.https-expected.txt: Added.

2:43 PM Changeset in webkit [220075] by Matt Lewis

2 edits in trunk/LayoutTests

Skipped http/tests/media/video-play-stall.html.
https://bugs.webkit.org/show_bug.cgi?id=174988

Unreviewed test gardening.

TestExpectations:

2:26 PM Changeset in webkit [220074] by dbates@webkit.org

2 edits in trunk/Source/WebKit

WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction() may not be able to
determine page that initiated navigation
https://bugs.webkit.org/show_bug.cgi?id=174531

Remove a comment from WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction()
about determining the originating page independently from the originating frame. There
does not seem to be much value to fixing this. We can always revisit this issue if we
discover a strong motivating example. See <https://bugs.webkit.org/show_bug.cgi?id=174531#c1>
for more details.

WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

1:31 PM Changeset in webkit [220073] by Matt Lewis

12 edits
2 deletes in trunk

Unreviewed, rolling out r220048.

This revision caused multiple crashes in fast/images. See
webkit.org/b/174990

Reverted changeset:

"RenderImageResourceStyleImage::image() should return the
nullImage() if the image is not available"
https://bugs.webkit.org/show_bug.cgi?id=174874
http://trac.webkit.org/changeset/220048

11:36 AM Changeset in webkit [220072] by pvollan@apple.com

2 edits in trunk/LayoutTests

Do not mark all web-platform tests as slow, as this increases time spent on layout tests.
Only mark individual web-platform tests as slow.

Unreviewed test gardening.

platform/win/TestExpectations:

11:05 AM Changeset in webkit [220071] by commit-queue@webkit.org

17 edits
1 delete in trunk/Source

Remove unnecessary exceptions from storage code
https://bugs.webkit.org/show_bug.cgi?id=174572

Patch by Sam Weinig <sam@webkit.org> on 2017-07-31
Reviewed by Chris Dumez.

Source/WebCore:

Remove checks for canAccessStorage() and the exceptions they would cause.
These were used for Storage in ephemeral sessions, but they are now supported.
Add checks for a null frame to functions that can mutate the storage, as the
frame is needed for that, and it retains our existing behavior for disconnected
frames. By removing these checks / exceptions, we can fully generate Storage.idl.

CMakeLists.txt:
WebCore.xcodeproj/project.pbxproj:
bindings/js/JSBindingsAllInOne.cpp:
bindings/js/JSStorageCustom.cpp: Removed.

Remove JSStorageCustom.cpp

loader/EmptyClients.cpp:
page/DOMWindow.cpp:

(WebCore::DOMWindow::sessionStorage):
(WebCore::DOMWindow::localStorage):

storage/StorageArea.h:

Remove canAccessStorage.

storage/Storage.cpp:

(WebCore::Storage::length):
(WebCore::Storage::key):
(WebCore::Storage::getItem):
(WebCore::Storage::setItem):
(WebCore::Storage::removeItem):
(WebCore::Storage::clear):
(WebCore::Storage::contains):
(WebCore::Storage::isSupportedPropertyName):
(WebCore::Storage::supportedPropertyNames):

storage/Storage.h:
storage/Storage.idl:

Remove canAccessStorage checks and corresponding exceptions. Add supportedPropertyNames
to allow the removal of the [CustomGetOwnPropertyNames].

Source/WebKit:

WebProcess/Storage/StorageAreaImpl.cpp:

(WebKit::StorageAreaImpl::canAccessStorage): Deleted.

WebProcess/Storage/StorageAreaImpl.h:
WebProcess/Storage/StorageNamespaceImpl.cpp:

Remove canAccessStorage. It is no longer called.

Source/WebKitLegacy:

Storage/StorageAreaImpl.cpp:

(WebKit::StorageAreaImpl::canAccessStorage): Deleted.

Storage/StorageAreaImpl.h:

Remove canAccessStorage. It is no longer called.

10:42 AM Changeset in webkit [220070] by Yusuke Suzuki

2 edits in trunk/JSTests

Unreviewed, update test262 results for optional catch binding

test262.yaml:

9:32 AM Changeset in webkit [220069] by Matt Lewis

40 edits
1 copy
1 add in trunk/Source

Unreviewed, rolling out r220060.

This broke our internal builds. Contact reviewer of patch for
more information.

Reverted changeset:

"Merge WTFThreadData to Thread::current"
https://bugs.webkit.org/show_bug.cgi?id=174716
http://trac.webkit.org/changeset/220060

9:15 AM Changeset in webkit [220068] by Yusuke Suzuki

9 edits
2 adds in trunk

[JSC] Support optional catch binding
https://bugs.webkit.org/show_bug.cgi?id=174981

Reviewed by Saam Barati.

JSTests:

stress/optional-catch-binding-syntax.js: Added.

(testSyntax):
(testSyntaxError):
(catch.catch):

stress/optional-catch-binding.js: Added.

(shouldBe):
(throwException):

Source/JavaScriptCore:

This patch implements optional catch binding proposal[1], which is now stage 3.
This proposal adds a new catch brace with no error value binding.

`

try {

...

} catch {

...

}

`

Sometimes we do not need to get error value actually. For example, the function returns
boolean which means whether the function succeeds.

`
function parse(result) -> bool
{

try {

parseInner(result);

} catch {

return false;

}
return true;

}
`

In the above case, we are not interested in the actual error value. Without this syntax,
we always need to introduce a binding for an error value that is just ignored.

[1]: https://michaelficarra.github.io/optional-catch-binding-proposal/

bytecompiler/NodesCodegen.cpp:

(JSC::TryNode::emitBytecode):

parser/Parser.cpp:

(JSC::Parser<LexerType>::parseTryStatement):

LayoutTests:

Rebaseline existing tests.

js/parser-syntax-check-expected.txt:
js/script-tests/parser-syntax-check.js:
sputnik/Conformance/12_Statement/12.14_The_try_Statement/S12.14_A16_T4-expected.txt:
sputnik/Conformance/12_Statement/12.14_The_try_Statement/S12.14_A16_T4.html:

8:13 AM Changeset in webkit [220067] by pvollan@apple.com

2 edits in trunk/LayoutTests

Many web-platform tests are slow on Windows.

Unreviewed test gardening, mark web-platform tests as slow.

platform/win/TestExpectations:

7:37 AM Changeset in webkit [220066] by jmarcell@apple.com

12 edits
2 adds in branches/safari-604-branch

Cherry-pick r220048. rdar://problem/33619591

7:37 AM Changeset in webkit [220065] by jmarcell@apple.com

3 edits
2 adds in branches/safari-604-branch

Cherry-pick r220042. rdar://problem/33619586

7:37 AM Changeset in webkit [220064] by jmarcell@apple.com

5 edits in branches/safari-604-branch

Cherry-pick r220033. rdar://problem/33619596

7:37 AM Changeset in webkit [220063] by jmarcell@apple.com

4 edits
1 add in branches/safari-604-branch

Cherry-pick r220012. rdar://problem/33619526

7:37 AM Changeset in webkit [220062] by jmarcell@apple.com

15 edits in branches/safari-604-branch/Source/WebKit

Cherry-pick r220011. rdar://problem/33619596

7:37 AM Changeset in webkit [220061] by jmarcell@apple.com

7 edits
4 adds in branches/safari-604-branch

Cherry-pick r220009. rdar://problem/33619585

5:59 AM WebKitGTK edited by Adrian Perez de Castro

Update links to WebKitGTK/StableRelease (diff)

5:53 AM WebKitGTKStableReleases edited by Adrian Perez de Castro

Point to WebKitGTK/StableRelease (diff)

5:52 AM WebKitGTK/StableRelease edited by Adrian Perez de Castro

Import contents from WebKitGTKStableReleases (diff)

4:23 AM Changeset in webkit [220060] by Yusuke Suzuki

40 edits
2 deletes in trunk/Source

Merge WTFThreadData to Thread::current
https://bugs.webkit.org/show_bug.cgi?id=174716

Reviewed by Sam Weinig.

Source/JavaScriptCore:

Use Thread::current() instead.

API/JSContext.mm:

heap/Heap.cpp:

(JSC::Heap::requestCollection):

runtime/Completion.cpp:

(JSC::checkSyntax):
(JSC::checkModuleSyntax):
(JSC::evaluate):
(JSC::loadAndEvaluateModule):
(JSC::loadModule):
(JSC::linkAndEvaluateModule):
(JSC::importModule):

runtime/Identifier.cpp:

(JSC::Identifier::checkCurrentAtomicStringTable):

runtime/InitializeThreading.cpp:

(JSC::initializeThreading):

runtime/JSLock.cpp:

(JSC::JSLock::didAcquireLock):
(JSC::JSLock::willReleaseLock):
(JSC::JSLock::dropAllLocks):
(JSC::JSLock::grabAllLocks):

runtime/JSLock.h:
runtime/VM.cpp:

(JSC::VM::VM):
(JSC::VM::updateStackLimits):
(JSC::VM::committedStackByteCount):

runtime/VM.h:

(JSC::VM::isSafeToRecurse const):

runtime/VMEntryScope.cpp:

(JSC::VMEntryScope::VMEntryScope):

runtime/VMInlines.h:

(JSC::VM::ensureStackCapacityFor):

yarr/YarrPattern.cpp:

(JSC::Yarr::YarrPatternConstructor::isSafeToRecurse const):

Source/WebCore:

Use Thread::current() instead.

fileapi/AsyncFileStream.cpp:
platform/ThreadGlobalData.cpp:

(WebCore::ThreadGlobalData::ThreadGlobalData):

platform/graphics/cocoa/WebCoreDecompressionSession.h:
platform/ios/wak/WebCoreThread.mm:

(StartWebThread):

workers/WorkerThread.cpp:

(WebCore::WorkerThread::workerThread):

Source/WTF:

WTF.xcodeproj/project.pbxproj:
wtf/CMakeLists.txt:
wtf/LockAlgorithm.h:
wtf/LockAlgorithmInlines.h:
wtf/MainThread.h:
wtf/ParkingLot.cpp:
wtf/StackStats.cpp:

wtf/ThreadHolder.cpp:

(WTF::ThreadHolder::initializeCurrent):

wtf/ThreadHolder.h:

(WTF::ThreadHolder::ThreadHolder):
(WTF::ThreadHolder::currentMayBeNull):
(WTF::ThreadHolder::current):

wtf/ThreadHolderPthreads.cpp:

(WTF::ThreadHolder::initialize):
(WTF::ThreadHolder::destruct):
(WTF::ThreadHolder::current): Deleted.

wtf/ThreadHolderWin.cpp:

(WTF::ThreadHolder::currentDying):
(WTF::ThreadHolder::initialize):
(WTF::ThreadHolder::current): Deleted.

wtf/Threading.cpp:

(WTF::Thread::initializeInThread):
(WTF::Thread::entryPoint):
(WTF::Thread::didExit):
(WTF::initializeThreading):
(WTF::Thread::currentMayBeNull): Deleted.

wtf/Threading.h:

(WTF::Thread::atomicStringTable):
(WTF::Thread::setCurrentAtomicStringTable):
(WTF::Thread::stackStats):
(WTF::Thread::savedStackPointerAtVMEntry):
(WTF::Thread::setSavedStackPointerAtVMEntry):
(WTF::Thread::savedLastStackTop):
(WTF::Thread::setSavedLastStackTop):
(WTF::Thread::current):

wtf/ThreadingPrimitives.h:
wtf/ThreadingPthreads.cpp:

(WTF::Thread::createCurrentThread):
(WTF::Thread::current): Deleted.

wtf/ThreadingWin.cpp:

(WTF::Thread::createCurrentThread):
(WTF::Thread::current): Deleted.

wtf/WTFThreadData.cpp: Removed.
wtf/WTFThreadData.h: Removed.
wtf/text/AtomicString.cpp:
wtf/text/AtomicStringImpl.cpp:

(WTF::stringTable):

wtf/text/AtomicStringTable.cpp:

(WTF::AtomicStringTable::create):

wtf/text/AtomicStringTable.h:

4:16 AM WebKitGTK/StableRelease edited by Adrian Perez de Castro

(diff)

4:13 AM WebKitGTK/StableRelease edited by Adrian Perez de Castro

Add missing links to stable release info pages (2.12.x, 2.14.x, and 2.16.x) (diff)

4:09 AM Changeset in webkit [220059] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

[GTK] Layout test fast/css/image-set-unprefixed.html is failing
https://bugs.webkit.org/show_bug.cgi?id=163975

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-07-31
Reviewed by Žan Doberšek.

Remove obsolete expectation for image-set-unprefixed.html.

It appears to have started passing with the test change in r209543.

platform/gtk/TestExpectations:

2:14 AM Changeset in webkit [220058] by calvaris@igalia.com

6 edits in trunk/Source

Created a bool pretty printer at WTF for debugging purposes
https://bugs.webkit.org/show_bug.cgi?id=174893

Reviewed by Darin Adler.

Source/WebCore:

Use WTF::boolPrettyPrinter in debugging messages.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::supportsKeySystem):

platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

(WebCore::MediaPlayerPrivateGStreamerMSE::seek):

Source/WTF:

wtf/PrintStream.cpp:

(WTF::printInternal): The overload taking bool uses boolForPrinting

wtf/PrintStream.h:

(WTF::boolForPrinting): Converts a bool in "true" or "false".

2:07 AM Changeset in webkit [220057] by commit-queue@webkit.org

3 edits
1 add in trunk/LayoutTests

[GTK] Layout Tests fast/dom/{Element,Range}/getClientRects.html are failing
https://bugs.webkit.org/show_bug.cgi?id=141700

Patch by Ms2ger <Ms2ger@igalia.com> on 2017-07-31
Reviewed by Sam Weinig.

Add gtk-specific expectations for getClientRects tests.

Since these expectations depend on text metrics, it is unsurprising that they
are platform-dependent.

platform/gtk/TestExpectations:
platform/gtk/fast/dom/Element/getClientRects-expected.txt: Added.
platform/gtk/fast/dom/Range/getClientRects-expected.txt:

1:20 AM Changeset in webkit [220056] by bshafiei@apple.com

7 edits in trunk/Source

Versioning.

1:18 AM Changeset in webkit [220055] by bshafiei@apple.com

1 copy in tags/Safari-605.1.1

Tag Safari-605.1.1.

Jul 30, 2017:

11:59 PM Changeset in webkit [220054] by zandobersek@gmail.com

2 edits in trunk/Source/WebCore

Unreviewed. Suppress the -Wextra compiler warning when building with GCC 6.3.0,
explicitly initializing the RefCounted<> base class in the
FetchHeaders(const FetchHeaders&) constructor.

Note that while that's the signature of the copy constructor for the FetchHeaders
class, the base RefCounted<> class is not copyable, so the default RefCounted<>
constructor is used, but the FetchHeaders resources are normally copied into the
new object from the one that's passed in.

Modules/fetch/FetchHeaders.h:

(WebCore::FetchHeaders::FetchHeaders):

9:57 PM Changeset in webkit [220053] by Yusuke Suzuki

20 edits in trunk

[WTF] Introduce Private Symbols
https://bugs.webkit.org/show_bug.cgi?id=174935

Reviewed by Darin Adler.

Source/JavaScriptCore:

Use SymbolImpl::isPrivate().

builtins/BuiltinNames.cpp:
builtins/BuiltinNames.h:

(JSC::BuiltinNames::isPrivateName): Deleted.

builtins/BuiltinUtils.h:
bytecode/BytecodeIntrinsicRegistry.cpp:

(JSC::BytecodeIntrinsicRegistry::lookup):

runtime/CommonIdentifiers.cpp:

(JSC::CommonIdentifiers::isPrivateName): Deleted.

runtime/CommonIdentifiers.h:
runtime/ExceptionHelpers.cpp:

(JSC::createUndefinedVariableError):

runtime/Identifier.h:

(JSC::Identifier::isPrivateName):

runtime/IdentifierInlines.h:

(JSC::identifierToSafePublicJSValue):

runtime/ObjectConstructor.cpp:

(JSC::objectConstructorAssign):
(JSC::defineProperties):
(JSC::setIntegrityLevel):
(JSC::testIntegrityLevel):
(JSC::ownPropertyKeys):

runtime/PrivateName.h:

(JSC::PrivateName::PrivateName):

runtime/PropertyName.h:

(JSC::PropertyName::isPrivateName):

runtime/ProxyObject.cpp:

(JSC::performProxyGet):
(JSC::ProxyObject::performInternalMethodGetOwnProperty):
(JSC::ProxyObject::performHasProperty):
(JSC::ProxyObject::performPut):
(JSC::ProxyObject::performDelete):
(JSC::ProxyObject::performDefineOwnProperty):

Source/WTF:

Upcoming proposal of class fields[1] requires private fields.
The simple way to implement it is adding a property with a private symbol.
Currently, we have private symbols for internal properties. They are usual
Symbols managed by the hash table. So basically private symbols are statically
created in BuiltinNames. However this new proposal encourages users to create
such private symbols more and more.

So, this patch introduces notion of "Private" into WTF SymbolImpl. This patch
adds PrivateSymbolImpl. This is SymbolImpl with "Private" flag. We do not need
to look up the symbol from the hash table to check whether the given symbol
is a private one.

[1]: https://github.com/tc39/proposal-class-fields

wtf/text/StringImpl.h:
wtf/text/SymbolImpl.cpp:

(WTF::PrivateSymbolImpl::create):
(WTF::PrivateSymbolImpl::createNullSymbol):

wtf/text/SymbolImpl.h:

(WTF::SymbolImpl::isPrivate):
(WTF::SymbolImpl::StaticSymbolImpl::StaticSymbolImpl):
(WTF::SymbolImpl::SymbolImpl):
(WTF::PrivateSymbolImpl::PrivateSymbolImpl):

Tools:

TestWebKitAPI/Tests/WTF/StringImpl.cpp:

(TestWebKitAPI::TEST):

2:44 PM Changeset in webkit [220052] by Darin Adler

23 edits in trunk

Remove code in HTMLObjectElement attribute parsing that forces style resolution and layout
https://bugs.webkit.org/show_bug.cgi?id=130653

Reviewed by Antti Koivisto.

Source/WebCore:

Also fixes a bug where load events are delivered prematurely in some cases
when an object, embed, frame, or iframe element is still loading.

dom/Document.cpp:

(WebCore::Document::loadEventDelayTimerFired): Added a call to
FrameLoader::checkLoadComplete. Goes along with the change to
FrameLoader::checkLoadCompleteForThisFrame, which now respects the
isDelayingLoadEvent flag.

html/HTMLAppletElement.cpp:

(WebCore::HTMLAppletElement::HTMLAppletElement): Removed the createdByParser argument,
no longer needed by the base class.
(WebCore::HTMLAppletElement::create): Added call to finishCreating, which is now part of
the process of creating any object in a class derived from HTMLPlugInImageElement.
(WebCore::HTMLAppletElement::updateWidget): Rearranged logic so setNeedsWidgetUpdate
is only called when it's becoming false; avoids a false/true/false round trip that can
cause trouble.

html/HTMLAppletElement.h: Updated for the above.

html/HTMLEmbedElement.cpp:

(WebCore::HTMLEmbedElement::HTMLEmbedElement): Removed the createdByParser argument,
no longer needed by the base class.
(WebCore::HTMLEmbedElement::create): Added call to finishCreating, which is now part of
the process of creating any object in a class derived from HTMLPlugInImageElement.
(WebCore::HTMLEmbedElement::parseAttribute): Changed srcAttr to call
updateImageLoaderWithNewURLSoon to do the image loading logic.
(WebCore::HTMLEmbedElement::updateWidget): Rearranged logic so setNeedsWidgetUpdate
is only called when it's becoming false; avoids a false/true/false round trip that can
cause trouble.

html/HTMLEmbedElement.h: Updated for the above.

html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::setReadyState): Call setShouldDelayLoadEvent(false) when
transitioning to HAVE_CURRENT_DATA (or beyond), even if we have already fired a loadeddata
event in the past. This matches what the HTML specification calls for, but only if you
read it carefully. Without this change, and with the more complete implementation of
load event delay below, one of the regression tests hangs because are permanently stuck
dealying load events. Also added a FIXME about other code that likely has a similar
problem; the symptom is likely to be subtle and minor, though.

html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::HTMLObjectElement): Removed the createdByParser argument,
no longer needed by the base class.
(WebCore::HTMLObjectElement::create): Added call to finishCreating, which is now part of
the process of creating any object in a class derived from HTMLPlugInImageElement.
(WebCore::HTMLObjectElement::parseAttribute): Changed dataAttr to use
updateImageLoaderWithNewURLSoon. Explicitly call scheduleUpdateForAfterStyleResolution
since just calling invalidateStyleAndRenderersForSubtree alone is no longer sufficient.
(WebCore::HTMLObjectElement::updateWidget): Rearranged logic so setNeedsWidgetUpdate
is only called when it's becoming false; avoids a false/true/false round trip that can
cause trouble.
(WebCore::HTMLObjectElement::childrenChanged): Added calls to the new
scheduleUpdateForAfterStyleResolution since invalidating style is no longer sufficient.
(WebCore::HTMLObjectElement::renderFallbackContent): Remove the call to
updateStyleIfNeeded. This is the main change that the title of this bug refers to.

html/HTMLObjectElement.h: Updated for the above. Also removed the

clearUseFallbackContent function because it's clearer to set the data member in
line at the single call site in HTMLObjectElement::parseAttribute.

html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement): Removed the createdByParser
argument; no need to set an m_needsWidgetUpdate flag differently for parser cases now.
(WebCore::HTMLPlugInImageElement::finshCreating): Added. To be called after creating
an element to do work that can't be done in a constructor.
(WebCore::HTMLPlugInImageElement::didRecalcStyle): Added. Calls the new
scheduleUpdateForAfterStyleResolution function.
(WebCore::HTMLPlugInImageElement::didAttachRenderers): Moved all the logic from this
function into scheduleUpdateForAfterStyleResolution. Also added a call through to the base
class; cleans things up, even though it's just an assertion.
(WebCore::HTMLPlugInImageElement::willDetachRenderers): Removed the call to
setNeedsWidgetUpdate(true) here; no longer needed because the new logic already
does the right thing in this case.
(WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary): Deleted. Now handled by
updateAfterStyleResolution instead.
(WebCore::HTMLPlugInImageElement::finishParsingChildren): Deleted. Handling updates
after parsing all the children now comes naturally out of the new implementation.
(WebCore::HTMLPlugInImageElement::scheduleUpdateForAfterStyleResolution): Added.
Schedules a call to updateAfterStyleResolution when needed, and equally importantly,
increments the load event delay count to make sure that loads that are part of that
update can participate in decision about whether it's time for the load event.
(WebCore::HTMLPlugInImageElement::updateAfterStyleResolution): Added.
Combines updateWidgetIfNecessary and startLoadingImage, and also deals with the new
m_needsImageReload boolean in cases where no actual loading is done.
(WebCore::HTMLPlugInImageElement::didMoveToNewDocument): Update load event delay
count when moving an element that is in the middle of loading. This lets the
updateAfterStyleResolution function do the right thing even when the element is
moved without leaving anything stuck in a strange state.
(WebCore::HTMLPlugInImageElement::prepareForDocumentSuspension): Call the new
scheduleUpdateForAfterStyleResolution since invalidating style is no longer sufficient.
(WebCore::HTMLPlugInImageElement::startLoadingImage): Deleted. Now handled by
updateAfterStyleResolution instead.
(WebCore::HTMLPlugInImageElement::updateImageLoaderWithNewURLSoon): Added. Does all
the right things for when an image URL is changed; for use by the concrete derived classes.

html/HTMLPlugInImageElement.h: Updated for above changes. Also made m_imageLoader

private rather than protected, and added the two new boolean data members.

html/HTMLTagNames.in: Removed unneeded constructorNeedsCreatedByParser flags for

applet, embed, and object.

loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::isLoadingInAPISense): Return true if the document is
delaying a load event.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::checkLoadCompleteForThisFrame): Don't do any work if
isDelayingLoadEvent is true; otherwise this function can have a side effect of
triggering the load event.
(WebCore::FrameLoader::detachFromParent): Schedule a checkLoadComplete here, too, not
just a checkCompleted. This is relevant if the frame we are detaching was delaying
a load event because it no longer will be and so the load might be complete.

Tools:

WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:

(WTR::InjectedBundlePage::didFinishLoadForFrame): Omit now-unneeded "shouldDump" argument
when calling frameDidChangeLocation.
(WTR::InjectedBundlePage::frameDidChangeLocation): Removed "shouldDump" argument. This was
causing WebKitTestRunner to not dump anything in cases where DumpRenderTree will dump, and
thus causing mysterious failures of a couple of tests. There are two remaining issues:
1) WebKitTestRunner won't run its dump code if there is no "page", and there is no such
consideration in DumpRenderTree and 2) Both DumpRenderTree and WebKitTestRunner share the
same logic flaw that causes "top loading frame" to get set to one of the subframes in
tests where the following sequence occurs: test calls waitUntilDone, main frame finishes
loading, subframe starts loading. It would be good to clean that up some day, but for now
this patch makes the two work identically rather than changing both.

WebKitTestRunner/InjectedBundle/InjectedBundlePage.h: Updated for change above.

LayoutTests:

fast/text/international/embed-bidi-style-in-isolate-crash.html: Removed onerror attribute

in the audio element in this test. The error event does fire during the test, which causes
the test to fail. Before, the test was prematurely exiting before the load failed, preventing
the test from failing, but also meaning we didn't finish running the test.

imported/blink/fast/dom/Window/open-window-features-fuzz.html: Use waitUntilDone and

notifyDone to prevent the test from exiting prematurely. Use a URL that won't trigger loading
outside the web browser; the URL is not what mattered to this test. Before, the test was
prematurely exiting before the test ran. Note also, that I don't think this is testing
much effectively; not sure we are getting any benefit from this test since before it was
not really running to completion anyway.

media/event-queue-crash-expected.txt: Updated expectations to expect syntax error. Before

there was a race and often the test exited before the syntax error could be logged.

platform/mac/TestExpectations: Removed flakiness expectation from the

media/event-queue-crash.html test. What made it flaky was a race with the load event,
and that race should be fixed by the change to FrameLoader::checkLoadCompleteForThisFrame.
The same race existed on all platforms, not just Mac, so this flakiness expectation should
be in the main TextExpectations file if anywhere. But I believe it is not needed at all.
For media/modern-media-controls/media-documents/background-color-and-centering.html,
added image failure expectation because under modern WebKit on Mac the image now captures
the upper left hand corner of the controls overlay. Still seems to pass on iOS and the bug
this was created for was iOS-specific, so should be OK for now.

webarchive/loading/video-in-webarchive-expected.txt: Updated. The old result shows evidence

of a premature load event, fixed by the change to FrameLoader::checkLoadCompleteForThisFrame.

2:35 PM Changeset in webkit [220051] by Wenson Hsieh

2 edits in trunk/Tools

[WK2] Replace RetainPtr<> with auto when adopting allocated ObjC objects in DataInteractionTests
https://bugs.webkit.org/show_bug.cgi?id=174963

Reviewed by Darin Adler.

Replaces several uses of RetainPtr<>s with auto. Some test cases in this file use auto, while other test cases declare using
RetainPtr<>. This patch changes them to all use auto.

TestWebKitAPI/Tests/ios/DataInteractionTests.mm:

(TestWebKitAPI::TEST):

1:27 PM Changeset in webkit [220050] by weinig@apple.com

33 edits
3 deletes in trunk

[WebIDL] Remove JS builtin bindings for FetchRequest, DOMWindowFetch and WorkerGlobalScopeFetch
https://bugs.webkit.org/show_bug.cgi?id=174974

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

web-platform-tests/fetch/api/basic/mode-same-origin.any-expected.txt:
web-platform-tests/fetch/api/basic/scheme-about.any-expected.txt:
web-platform-tests/fetch/api/basic/scheme-blob-expected.txt:
web-platform-tests/fetch/api/basic/scheme-others-expected.txt:
web-platform-tests/fetch/api/cors/cors-cookies.any-expected.txt:
web-platform-tests/fetch/api/policies/referrer-origin-when-cross-origin-expected.txt:
web-platform-tests/fetch/api/request/request-bad-port-expected.txt:

Update results to have the correct line number for exceptions reported in the console.

Source/WebCore:

CMakeLists.txt:
DerivedSources.make:
WebCore.xcodeproj/project.pbxproj:
Modules/fetch/DOMWindowFetch.js: Removed.
Modules/fetch/FetchRequest.js: Removed.
Modules/fetch/WorkerGlobalScopeFetch.js: Removed.

Remove builtin files.

Modules/fetch/DOMWindowFetch.cpp:

(WebCore::DOMWindowFetch::fetch):

Modules/fetch/DOMWindowFetch.h:
Modules/fetch/DOMWindowFetch.idl:
Modules/fetch/WorkerGlobalScopeFetch.cpp:

(WebCore::WorkerGlobalScopeFetch::fetch):

Modules/fetch/WorkerGlobalScopeFetch.h:
Modules/fetch/WorkerGlobalScopeFetch.idl:

Remove builtin and instead create FetchRequest in the implementation.

Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::extract):

Modules/fetch/FetchBody.h:
Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::extractBody):

Modules/fetch/FetchBodyOwner.h:
Modules/fetch/FetchResponse.cpp:
Modules/fetch/FetchResponse.h:

Rename FetchBody::BindingDataType to FetchBody::Init to match its IDL naming.

Modules/fetch/FetchHeaders.cpp:

(WebCore::appendToHeaderMap):
(WebCore::fillHeaderMap):
(WebCore::FetchHeaders::create):
(WebCore::FetchHeaders::fill):

Modules/fetch/FetchHeaders.h:

Add helpers to implement the fill algorithm for various input types.
Leave the existing fill for now, as it is still used by the FetchResponse
builtin, but will eventually be removed.

Modules/fetch/FetchRequest.cpp:

(WebCore::FetchRequest::initializeOptions):
(WebCore::FetchRequest::initializeWith):
(WebCore::FetchRequest::setBody):
(WebCore::FetchRequest::create):
(WebCore::FetchRequest::setBodyFromInputRequest): Deleted.

Modules/fetch/FetchRequest.h:

Migrate builtin code to the implementation. This is 1-to-1 re-implementation,
so I did not attempt to fix any conformance issues. That will come in follow up.

Modules/fetch/FetchRequest.idl:

Replace builtins with an IDL constructor.

Modules/fetch/FetchRequestInit.h:
Modules/fetch/FetchRequestInit.idl:

Add missing headers and body to FetchRequestInit.

LayoutTests:

http/tests/inspector/network/fetch-network-data-expected.txt:

Update results to have the correct line number for exceptions reported in the console.

10:36 AM Changeset in webkit [220049] by beidson@apple.com

8 edits
2 copies
2 adds in trunk

Add URLSchemeHandler API tests that verify the lack of URLSchemeTask object leaks.
https://bugs.webkit.org/show_bug.cgi?id=174958

Reviewed by Darin Adler.

Source/WebKit:

UIProcess/API/APIURLSchemeTask.h:

UIProcess/API/C/WKTestingSupport.cpp:

(WKGetAPIURLSchemeTaskInstanceCount):
(WKGetWebURLSchemeTaskInstanceCount):

UIProcess/API/C/WKTestingSupport.h:

UIProcess/WebURLSchemeTask.h:

WebKit.xcodeproj/project.pbxproj:

Source/WTF:

This patch adds a new template class "InstanceCounted<T>".

For each specialization, "InstanceCounted" will keep track of the total number of
instances in existence.

This makes explicate leak checking in API tests possible.

Since this adds some runtime and storage overhead the code that actually does anything
is only compiled in debug builds.

WTF.xcodeproj/project.pbxproj:
wtf/InstanceCounted.h: Added.

(WTF::InstanceCounted::InstanceCounted):
(WTF::InstanceCounted::instanceCount):
(WTF::InstanceCounted::~InstanceCounted):

Tools:

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKit2Cocoa/WKURLSchemeHandler-leaks.mm: Added.

(-[LeakSchemeHandler webView:startURLSchemeTask:]):
(-[LeakSchemeHandler webView:stopURLSchemeTask:]):
(runUntilTasksInFlight):
(TEST):

12:38 AM Changeset in webkit [220048] by commit-queue@webkit.org

12 edits
2 adds in trunk

RenderImageResourceStyleImage::image() should return the nullImage() if the image is not available
https://bugs.webkit.org/show_bug.cgi?id=174874
<rdar://problem/33530130>

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2017-07-30
Reviewed by Darin Adler.

Source/WebCore:

If an <img> element has image content data for a none cached image, e.g.
-webkit-named-image, RenderImageResourceStyleImage will be created and
attached to the RenderImage. RenderImageResourceStyleImage::m_cachedImage
will be set to null because the m_styleImage->isCachedImage() is false in
this case. When ImageLoader finishes loading the url of the src attribute,
RenderImageResource::setCachedImage() will be called to set m_cachedImage.

A crash will happen when the RenderImage is destroyed. Destroying the
RenderImage calls RenderImageResourceStyleImage::shutdown() which checks
m_cachedImage and finds it not null, so it calls RenderImageResourceStyleImage::image()
which ends up calling CSSNamedImageValue::image() which returns a null pointer
because the size is empty. RenderImageResourceStyleImage::shutdown() calls
image()->stopAnimation() without checking the return value of image().

Like the base class virtual method RenderImageResource::image(),
RenderImageResourceStyleImage::image() should return the nullImage() if
the image is not available.

Test: fast/images/image-element-image-content-data.html

css/CSSCrossfadeValue.cpp:
css/CSSFilterImageValue.cpp:
page/EventHandler.cpp:
page/PageSerializer.cpp:
rendering/RenderElement.cpp:
rendering/RenderImageResource.cpp:
rendering/RenderImageResourceStyleImage.cpp:

(WebCore::RenderImageResourceStyleImage::initialize):

(WebCore::RenderImageResourceStyleImage::shutdown): Revert back the changes
of r208511 in this function. Add a call to image()->stopAnimation() without
checking the return of image() since it will return the nullImage() if
the image not available. There is no need to check m_cachedImage before
calling image() because image() does not check or access m_cachedImage.

(WebCore::RenderImageResourceStyleImage::image): The base class method
RenderImageResource::image() returns the nullImage() if the image not
available. This is because CachedImage::imageForRenderer() returns
the nullImage() if the image is not available; see CachedImage.h. We should
do the same for the derived class for consistency.

rendering/style/ContentData.cpp:
rendering/style/StyleCachedImage.cpp:
style/StylePendingResources.cpp:

LayoutTests:

fast/images/image-element-image-content-data-expected.txt: Added.
fast/images/image-element-image-content-data.html: Added.

Jul 29, 2017:

8:01 PM Changeset in webkit [220047] by keith_miller@apple.com

11 edits in trunk/Source/JavaScriptCore

LLInt offsets extractor should be able to handle C++ constexprs
https://bugs.webkit.org/show_bug.cgi?id=174964

Reviewed by Saam Barati.

This patch adds new syntax to the offline asm language. The new keyword,
constexpr, takes the subsequent identifier and maps it to a C++ constexpr
expression. Additionally, if the value is not an identifier you can wrap it in
parentheses. e.g. constexpr (myConstexprFunction() + OBJECT_OFFSET(Foo, bar)),
which will get converted into:
static_cast<int64_t>(myConstexprFunction() + OBJECT_OFFSET(Foo, bar));

This patch also changes the data format the LLIntOffsetsExtractor
binary produces. Previously, it would produce unsigned values,
after this patch every value is an int64_t. Using an int64_t is
useful because it means that we can represent any constant needed.
int32_t masks are sign extended then passed then converted to a
negative literal sting in the assembler so it will be the constant
expected.

llint/LLIntOffsetsExtractor.cpp:

(JSC::LLIntOffsetsExtractor::dummy):

llint/LowLevelInterpreter.asm:
llint/LowLevelInterpreter64.asm:
offlineasm/asm.rb:
offlineasm/ast.rb:
offlineasm/generate_offset_extractor.rb:
offlineasm/offsets.rb:
offlineasm/parser.rb:
offlineasm/transform.rb:

12:51 PM Changeset in webkit [220046] by Yusuke Suzuki

7 edits in trunk

Unreviewed, build fix for GTK and WPE about StorageProcess renaming

Source/cmake/OptionsWPE.cmake:

Source/WebKit:

CMakeLists.txt:
PlatformGTK.cmake:
PlatformMac.cmake:
PlatformWPE.cmake:

12:36 PM Changeset in webkit [220045] by fpizlo@apple.com

6 edits in trunk/Source/WebCore

Unreviewed, rollout r220044 because it set the bots on fire.

It seems that the "-Wunguarded-availability-new" pragma is not widely supported. So, a bunch of the
Mac bots are now unable to build and that includes EWS.

Fixing by rolling it out.

platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setHasAvailableAudioSample):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addAudioRenderer):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeAudioRenderer):

platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:

(-[WebAVSampleBufferErrorListener beginObservingRenderer:]):
(-[WebAVSampleBufferErrorListener stopObservingRenderer:]):
(-[WebAVSampleBufferErrorListener observeValueForKeyPath:ofObject:change:context:]):
(WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):
(WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError):
(WebCore::SourceBufferPrivateAVFObjC::flush):

9:25 AM Changeset in webkit [220044] by mitz@apple.com

6 edits in trunk/Source/WebCore

Fixed building for macOS 10.12 with the macOS 10.13 SDK.

Suppressed the unguarded-availability-new warning around uses of AVSampleBufferAudioRenderer
and AVSampleBufferRenderSynchronizer. Even though the 10.13 SDK declares them as available
starting in that release, they have been available as SPI earlier.

platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:

4:40 AM UsingGitWithWebKit edited by Adrian Perez de Castro

Add note about how to fetch branches using git-svn (diff)

4:38 AM Changeset in webkit [220043] by commit-queue@webkit.org

2 edits
1 add in trunk/PerformanceTests

Speedometer 2.0: Document vanilla/es2015 build process
https://bugs.webkit.org/show_bug.cgi?id=174894

Patch by Mathias Bynens <mathias@chromium.org> on 2017-07-29
Reviewed by Ryosuke Niwa.

Speedometer/resources/todomvc/vanilla-examples/es2015/README.md: Added.
Speedometer/resources/todomvc/vanilla-examples/es2015/index.html: Made title consistent.

3:27 AM Changeset in webkit [220042] by n_wang@apple.com

3 edits
2 adds in trunk

AX: findMatchingObjects doesn't work when the startObject is ignored
https://bugs.webkit.org/show_bug.cgi?id=174965

Reviewed by Chris Fleizach.

Source/WebCore:

findMatchingObjects would return a wrong element if we pass in an ignored
start object. To fix this, we should use the closest accessible sibling as
the start object.

Test: accessibility/mac/search-predicate-from-ignored-element.html

accessibility/AccessibilityObject.cpp:

(WebCore::appendChildrenToArray):

LayoutTests:

accessibility/mac/search-predicate-from-ignored-element-expected.txt: Added.
accessibility/mac/search-predicate-from-ignored-element.html: Added.

3:00 AM Changeset in webkit [220041] by commit-queue@webkit.org

6 edits
2 adds in trunk

AX: FKA: Buttons need a visible focus indicator
https://bugs.webkit.org/show_bug.cgi?id=171040
<rdar://problem/30922548>

Patch by Aaron Chu <aaron_chu@apple.com> on 2017-07-29
Reviewed by Antoine Quint.

Source/WebCore:

Added a background color for the focus state of the icon buttons in modern media controls.

Test: media/modern-media-controls/button/button-focus-state.html

Modules/modern-media-controls/controls/button.css:

(button:focus):
(button:focus > picture):

Modules/modern-media-controls/controls/slider.css:

(.slider > input):

LayoutTests:

media/modern-media-controls/button/button-focus-state-expected.txt: Added.
media/modern-media-controls/button/button-focus-state.html: Added.
platform/ios-simulator/TestExpectations:
platform/mac-elcapitan/TestExpectations:

Note: See TracTimeline for information about the timeline view.

Download in other formats:

RSS Feed