Timeline
Jan 8, 2018:
- 11:17 PM Changeset in webkit [226616] by
-
- 2 edits in trunk/Source/JavaScriptCore
REGRESSION(r225913): about 30 JSC test failures on ARMv7
https://bugs.webkit.org/show_bug.cgi?id=181162
<rdar://problem/36261349>
Unreviewed follow-up to r226298. Enable the fast case in
DFG::SpeculativeJIT::compileArraySlice() for any 64-bit platform,
assuming in good faith that enough GP registers are available on any
such configuration. The accompanying comment is adjusted to describe
this assumption.
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArraySlice):
- 11:10 PM Changeset in webkit [226615] by
-
- 15 edits in trunk
WebAssembly: mask indexed accesses to Table
https://bugs.webkit.org/show_bug.cgi?id=181412
<rdar://problem/36363236>
Reviewed by Saam Barati.
JSTests:
Update error messages.
- wasm/js-api/table.js:
(assert.throws.WebAssembly.Table.prototype.grow):
Source/JavaScriptCore:
WebAssembly Table indexed accesses are user-controlled and
bounds-checked. Force allocations of Table data to be a
power-of-two, and explicitly mask accesses after bounds-check
branches.
Rename misleading usage of "size" when "length" of a Table was
intended.
Rename the Spectre option from "disable" to "enable".
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::SpeculativeJIT):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::LowerDFGToB3):
- jit/JIT.cpp:
(JSC::JIT::JIT):
- runtime/Options.h:
- wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::emitCheckAndPreparePointer):
(JSC::Wasm::B3IRGenerator::addCallIndirect):
- wasm/WasmTable.cpp:
(JSC::Wasm::Table::allocatedLength):
(JSC::Wasm::Table::setLength):
(JSC::Wasm::Table::create):
(JSC::Wasm::Table::Table):
(JSC::Wasm::Table::grow):
(JSC::Wasm::Table::clearFunction):
(JSC::Wasm::Table::setFunction):
- wasm/WasmTable.h:
(JSC::Wasm::Table::length const):
(JSC::Wasm::Table::offsetOfLength):
(JSC::Wasm::Table::offsetOfMask):
(JSC::Wasm::Table::mask const):
(JSC::Wasm::Table::isValidLength):
- wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::create):
- wasm/js/JSWebAssemblyTable.cpp:
(JSC::JSWebAssemblyTable::JSWebAssemblyTable):
(JSC::JSWebAssemblyTable::visitChildren):
(JSC::JSWebAssemblyTable::grow):
(JSC::JSWebAssemblyTable::getFunction):
(JSC::JSWebAssemblyTable::clearFunction):
(JSC::JSWebAssemblyTable::setFunction):
- wasm/js/JSWebAssemblyTable.h:
(JSC::JSWebAssemblyTable::isValidLength):
(JSC::JSWebAssemblyTable::length const):
(JSC::JSWebAssemblyTable::allocatedLength const):
- wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::evaluate):
- wasm/js/WebAssemblyTablePrototype.cpp:
(JSC::webAssemblyTableProtoFuncLength):
(JSC::webAssemblyTableProtoFuncGrow):
(JSC::webAssemblyTableProtoFuncGet):
(JSC::webAssemblyTableProtoFuncSet):
- 10:41 PM Changeset in webkit [226614] by
-
- 9 edits3 adds6 deletes in trunk
::first-letter incorrectly selects grapheme pairs
https://bugs.webkit.org/show_bug.cgi?id=181315
Patch by Chris Nardi <csnardi1@gmail.com> on 2018-01-08
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Updated css-pseudo-4 to latest WPT revision and added first-letter-004.html.
- web-platform-tests/css/css-pseudo-4/first-letter-004-expected.html: Added.
- web-platform-tests/css/css-pseudo-4/first-letter-004.html: Added.
- web-platform-tests/css/css-pseudo-4/marker-color-expected.html:
- web-platform-tests/css/css-pseudo-4/marker-color.html:
- web-platform-tests/css/css-pseudo-4/marker-font-properties.html:
- web-platform-tests/css/css-pseudo-4/w3c-import.log:
Source/WebCore:
Grapheme pairs were incorrectly selected by ::first-letter. This
change fixes their selection.
Tests: Updated fast/css/first-letter-punctuation.html and imported
LayoutTests/imported/w3c/web-platform-tests/css/css-pseudo-4/first-letter-004.html
- rendering/updating/RenderTreeBuilderFirstLetter.cpp:
(WebCore::isPunctuationForFirstLetter):
(WebCore::shouldSkipForFirstLetter):
(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):
LayoutTests:
- fast/css/first-letter-punctuation-expected.html: Added.
- fast/css/first-letter-punctuation.html:
- platform/gtk/fast/css/first-letter-punctuation-expected.png: Removed.
- platform/gtk/fast/css/first-letter-punctuation-expected.txt: Removed.
- platform/ios/fast/css/first-letter-punctuation-expected.txt: Removed.
- platform/mac/fast/css/first-letter-punctuation-expected.png: Removed.
- platform/mac/fast/css/first-letter-punctuation-expected.txt: Removed.
- platform/win/fast/css/first-letter-punctuation-expected.txt: Removed.
- 10:19 PM Changeset in webkit [226613] by
-
- 13 edits2 adds1 delete in trunk
Special list-item counter starts from an incorrect number for ::before and ::after
https://bugs.webkit.org/show_bug.cgi?id=181084
Reviewed by Zalan Bujtas.
Source/WebCore:
Test: fast/css/counters/counter-list-item.html
- Sources.txt: Removed CounterDirectives.cpp.
- WebCore.xcodeproj/project.pbxproj: Ditto.
- css/CSSComputedStyleDeclaration.cpp:
(WebCore::counterToCSSValue): Updated for changes to the CounterDirectives struct.
- css/StyleBuilderCustom.h:
(WebCore::StyleBuilderCustom::applyInheritCounter): Ditto.
(WebCore::StyleBuilderCustom::applyValueCounter): Ditto.
- html/HTMLLIElement.cpp:
(WebCore::HTMLLIElement::parseValue): Call setExplicitValue(std::nullopt) instead
of clearExplicitValue since we are using std::optional now.
- rendering/RenderCounter.cpp:
(WebCore::listItemCounterDirectives): Added. Computes the counter directives that
express the effects on the list-item counter from list item and list elements.
Used something as close to what the CSS 3 draft says as possible. This uses a
negative increment when creating a list to counteract the positive increment done
by a list element, except in the case of an unordered list. This is where the bug
fix actually lies. Also fixed handling of reversed ordered lists at the same time.
(WebCore::planCounter): Refactored to use the function above. Also changed the
code to pay attention to both the counter directives and the implicit ones from
list item and list elements, getting as close as possible to what the specification
seems to call for.
- rendering/RenderListItem.cpp:
(WebCore::RenderListItem::RenderListItem): Since we are using std::optional and no
longer using bit fields, simplified the constructor for each list item.
(WebCore::RenderListItem::calcValue const): Deleted.
(WebCore::RenderListItem::updateValueNow const): Merged in all the code from the
old calcValue function, but it is also simpler now since m_value is std::optional.
(WebCore::RenderListItem::updateValue): Updated to use std::optional.
(WebCore::RenderListItem::setExplicitValue): Ditto.
(WebCore::RenderListItem::clearExplicitValue): Deleted.
(WebCore::RenderListItem::updateListMarkerNumbers): Updated to use std::optional.
(WebCore::RenderListItem::isInReversedOrderedList const): Added. This is used by
the counter code so it can decrement instead of incrementing.
- rendering/RenderListItem.h: Updated to use std::optional. Also marked functions
final instead of override and initialized m_notInList after making it not be a
bitfield any more.
- rendering/style/CounterDirectives.cpp: Removed.
- rendering/style/CounterDirectives.h: Removed most of the CounterDirectives
class and replaced it with a struct with two std::optional. Added an addClamped
function so the counter code can share it with the addIncrementValue function.
If we want to make a faster version that doesn't use double, we can come back
and do that. Also moved the == function to the header since the implementation
is so trivial.
- rendering/style/StyleAllInOne.cpp: Removed CounterDirectives.cpp.
- rendering/style/StyleRareNonInheritedData.cpp:
(WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): Updated to
use std::make_unique directly instead of using a clone function.
LayoutTests:
- fast/css/counters/counter-list-item-expected.html: Added.
- fast/css/counters/counter-list-item.html: Added.
- 8:08 PM Changeset in webkit [226612] by
-
- 4 edits in trunk
[Attachment Support] Expose HTMLAttachmentElement.uniqueIdentifier to bindings
https://bugs.webkit.org/show_bug.cgi?id=181420
<rdar://problem/36365827>
Reviewed by Alex Christensen.
Source/WebCore:
Add a new IDL definition for uniqueIdentifier on HTMLAttachmentElement. This allows clients to relate attachment
elements in the DOM to _WKAttachments delivered via Objective-C SPI.
Adjusted existing tests in WKAttachmentTests.
- html/HTMLAttachmentElement.idl:
Tools:
Adjusts some existing API tests to verify that attachment elements' uniqueIdentifiers match the uniqueIdentifier
of corresponding _WKAttachments.
- TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:
(TestWebKitAPI::TEST):
- 7:52 PM Changeset in webkit [226611] by
-
- 7 edits in trunk/Source
Versioning.
- 7:27 PM Changeset in webkit [226610] by
-
- 6 edits in trunk
Add WKNavigationDelegate SPI exposing WebProcess crash reason
https://bugs.webkit.org/show_bug.cgi?id=181410
<rdar://problem/36167199>
Reviewed by Wenson Hsieh.
Source/WebKit:
We exposed it in the C SPI.
- UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h:
- UIProcess/Cocoa/NavigationState.h:
- UIProcess/Cocoa/NavigationState.mm:
(WebKit::NavigationState::setNavigationDelegate):
(WebKit::toWKProcessTerminationReason):
(WebKit::NavigationState::NavigationClient::processDidTerminate):
Tools:
- TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm:
(-[CrashReasonDelegate _webView:webContentProcessDidTerminateWithReason:]):
(TEST):
- 7:26 PM Changeset in webkit [226609] by
-
- 8 edits in trunk/Source/WebKit
Make ObjC SPI equivalent to WKPageNavigationClient.decidePolicyForPluginLoad
https://bugs.webkit.org/show_bug.cgi?id=181413
<rdar://problem/36169005>
Reviewed by Wenson Hsieh.
- UIProcess/API/APINavigationClient.h:
(API::NavigationClient::decidePolicyForPluginLoad):
- UIProcess/API/C/WKPage.cpp:
(WKPageSetPageNavigationClient):
- UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h:
- UIProcess/Cocoa/NavigationState.h:
- UIProcess/Cocoa/NavigationState.mm:
(WebKit::NavigationState::setNavigationDelegate):
(WebKit::toPluginModuleLoadPolicy):
(WebKit::toWKPluginModuleLoadPolicy):
(WebKit::NavigationState::NavigationClient::decidePolicyForPluginLoad):
- UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::findPlugin):
- 7:08 PM Changeset in webkit [226608] by
-
- 2 edits in trunk/Source/WebKit
iOS build fix attempt after r226602.
- UIProcess/API/C/WKContextMenuListener.cpp:
(WKContextMenuListenerUseContextMenuItems):
- 6:56 PM Changeset in webkit [226607] by
-
- 6 edits1 add in trunk
Add SPI for WKOpenPanelParameters._acceptedMIMETypes and _acceptedFileExtensions
https://bugs.webkit.org/show_bug.cgi?id=181408
<rdar://problem/35884960>
Reviewed by Tim Horton.
Source/WebKit:
- UIProcess/API/Cocoa/WKOpenPanelParameters.mm:
(-[WKOpenPanelParameters _acceptedMIMETypes]):
(-[WKOpenPanelParameters _acceptedFileExtensions]):
- UIProcess/API/Cocoa/WKOpenPanelParametersInternal.h:
- UIProcess/API/Cocoa/WKOpenPanelParametersPrivate.h: Added.
- WebKit.xcodeproj/project.pbxproj:
Tools:
- TestWebKitAPI/Tests/WebKitCocoa/RunOpenPanel.mm:
(-[RunOpenPanelUIDelegate webView:runOpenPanelWithParameters:initiatedByFrame:completionHandler:]):
- 6:16 PM Changeset in webkit [226606] by
-
- 2 edits in trunk/Source/WebCore
AccessibilityARIAGrid does not compile when accessibility is disabled
https://bugs.webkit.org/show_bug.cgi?id=181418
<rdar://problem/36365398>
Reviewed by Chris Fleizach.
No new tests. No change in behavior.
- accessibility/AccessibilityARIAGrid.cpp:
- 6:07 PM Changeset in webkit [226605] by
-
- 30 edits in trunk
Unreviewed, rolling out r226532 and r226540.
https://bugs.webkit.org/show_bug.cgi?id=181422
jessie says basic browsing does not seem to work (Requested by
alexchristensen on #webkit).
Reverted changesets:
"Add CSP support to service workers"
https://bugs.webkit.org/show_bug.cgi?id=181385
https://trac.webkit.org/changeset/226532
"SWClientConnection should not keep references to service
worker jobs"
https://bugs.webkit.org/show_bug.cgi?id=181381
https://trac.webkit.org/changeset/226540
- 6:05 PM Changeset in webkit [226604] by
-
- 21 edits in trunk
[Attachment Support] Expose file name and content type of WKAttachment
https://bugs.webkit.org/show_bug.cgi?id=181390
<rdar://problem/36336837>
Reviewed by Tim Horton.
Source/WebCore:
Add new structs in AttachmentTypes.h and refactor HTMLAttachmentElement::requestData to requestInfo. See below
for more details. Augmented existing API tests in WKAttachmentTests.
- html/AttachmentTypes.h:
Add a struct to represent a snapshot of information about an attachment element.
- html/HTMLAttachmentElement.cpp:
(WebCore::HTMLAttachmentElement::requestInfo):
(WebCore::HTMLAttachmentElement::requestData): Deleted.
- html/HTMLAttachmentElement.h:
Change requestData to requestInfo. Instead of fetching and delivering data via callback, requestInfo returns an
AttachmentInfo.
- rendering/RenderThemeIOS.mm:
(WebCore::RenderAttachmentInfo::addLine):
(WebCore::RenderAttachmentInfo::buildWrappedLines):
(WebCore::RenderAttachmentInfo::buildSingleLine):
(WebCore::RenderAttachmentInfo::RenderAttachmentInfo):
(WebCore::RenderThemeIOS::attachmentBaseline const):
(WebCore::paintAttachmentIcon):
(WebCore::paintAttachmentText):
(WebCore::paintAttachmentProgress):
(WebCore::attachmentBorderPath):
(WebCore::RenderThemeIOS::paintAttachment):
(WebCore::AttachmentInfo::addLine): Deleted.
(WebCore::AttachmentInfo::buildWrappedLines): Deleted.
(WebCore::AttachmentInfo::buildSingleLine): Deleted.
(WebCore::AttachmentInfo::AttachmentInfo): Deleted.
Rename AttachmentInfo to RenderAttachmentInfo to resolve a name conflict with the new AttachmentInfo struct.
Source/WebKit:
Add support for -[_WKAttachment requestInfo:], which fetches a snapshot of the attachment's state. This API is
meant to be a replacement for -requestData: that provides additional metadata about the attachment.
- Scripts/webkit/messages.py:
(headers_for_type):
- Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<AttachmentInfo>::encode):
(IPC::ArgumentCoder<AttachmentInfo>::decode):
- Shared/WebCoreArgumentCoders.h:
Add IPC support for AttachmentInfo. Note that instead of using (encode|decode)SharedBuffer, we send and receive
data references to the shared buffer.
- UIProcess/API/APIAttachment.cpp:
(API::Attachment::requestInfo):
(API::Attachment::requestData): Deleted.
- UIProcess/API/APIAttachment.h:
Change requestData to requestInfo.
- UIProcess/API/Cocoa/_WKAttachment.h:
- UIProcess/API/Cocoa/_WKAttachment.mm:
(-[_WKAttachmentInfo initWithInfo:]):
(-[_WKAttachmentInfo data]):
(-[_WKAttachmentInfo name]):
(-[_WKAttachmentInfo filePath]):
(-[_WKAttachmentInfo contentType]):
(-[_WKAttachment requestInfo:]):
(-[_WKAttachment requestData:]):
Implement -requestInfo: by calling into APIAttachment, and reimplement -requestData: in terms of -requestInfo:.
- UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::attachmentInfoCallback):
(WebKit::WebPageProxy::requestAttachmentInfo):
(WebKit::WebPageProxy::sharedBufferCallback): Deleted.
(WebKit::WebPageProxy::requestAttachmentData): Deleted.
- UIProcess/WebPageProxy.h:
- UIProcess/WebPageProxy.messages.in:
Rename the SharedBufferCallback IPC message to AttachmentInfoCallback, and make it conditional on
ATTACHMENT_ELEMENT. Rename requestAttachmentData to requestAttachmentInfo.
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::requestAttachmentInfo):
(WebKit::WebPage::invokeSharedBufferCallback): Deleted.
(WebKit::WebPage::requestAttachmentData): Deleted.
Rename requestAttachmentData to requestAttachmentInfo and adopt HTMLAttachmentElement::requestInfo.
- WebProcess/WebPage/WebPage.h:
- WebProcess/WebPage/WebPage.messages.in:
Tools:
Adjusts some existing tests in WKAttachmentTests to exercise -requestInfo:.
- TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:
(-[_WKAttachment synchronouslyRequestInfo:]):
(-[_WKAttachment synchronouslyRequestData:]):
Reimplement this in terms of -synchronouslyRequestInfo:.
(-[_WKAttachment expectRequestedDataToBe:]):
(TestWebKitAPI::TEST):
- 5:55 PM Changeset in webkit [226603] by
-
- 2 edits in trunk/Source/WebCore
Speculative build fix after r226600. We only use clflush on x86 and the
asm volatilesyntax is not available in the Windows build.
No new tests because this is a build fix.
- dom/Comment.cpp:
(WebCore::Comment::clflushReadLength):
- 5:53 PM Changeset in webkit [226602] by
-
- 10 edits in trunk/Source/WebKit
Pass around Vector<Ref<WebContextMenuItem>> instead of WKArrayRef or Vector<WebContextMenuItemData>
https://bugs.webkit.org/show_bug.cgi?id=181419
Reviewed by Tim Horton.
Passing a WKArrayRef to an API object is messy and was preventing me from moving things around and making ObjC SPI.
No change in behavior. Just using different layering abstractions for the same data.
- UIProcess/API/C/WKContextMenuListener.cpp:
(WKContextMenuListenerUseContextMenuItems):
- UIProcess/WebContextMenuListenerProxy.cpp:
(WebKit::WebContextMenuListenerProxy::useContextMenuItems):
- UIProcess/WebContextMenuListenerProxy.h:
- UIProcess/WebContextMenuProxy.h:
- UIProcess/mac/WebContextMenuProxyMac.h:
- UIProcess/mac/WebContextMenuProxyMac.mm:
(WebKit::WebContextMenuProxyMac::showContextMenuWithItems):
(WebKit::WebContextMenuProxyMac::showContextMenu):
- 5:21 PM Changeset in webkit [226601] by
-
- 2 edits in trunk/Source/WTF
Add WTF_EXPORTs to UniStdExtras
https://bugs.webkit.org/show_bug.cgi?id=181415
Reviewed by Alex Christensen.
- wtf/UniStdExtras.h:
- 5:07 PM Changeset in webkit [226600] by
-
- 8 edits in trunk/Source
Add a DOM gadget for Spectre testing
https://bugs.webkit.org/show_bug.cgi?id=181351
Source/JavaScriptCore:
Reviewed by Michael Saboff.
Added a new JSC::Option named enableSpectreGadgets to enable any gadgets added to test
Spectre mitigations.
- runtime/Options.h:
Source/WebCore:
Reviewed by Saam Barati.
This change is used to test Spectre mitigations.
Added a side data array to the Comment DOM node to test for Spectre issues in
the DOM layer. This additional functionality is disabled by default and must
be enabled through the JSC option "enableSpectreGadgets".
- dom/Comment.cpp:
(WebCore::Comment::Comment):
(WebCore::Comment::setReadLength):
(WebCore::Comment::charCodeAt):
(WebCore::Comment::clflushReadLength):
- dom/Comment.h:
- dom/Comment.idl:
- page/RuntimeEnabledFeatures.cpp:
(WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const):
- page/RuntimeEnabledFeatures.h:
- 4:35 PM Changeset in webkit [226599] by
-
- 4 edits6 adds in trunk
A canvas should not be tainted if it draws a data URL SVGImage with a <foreignObject>
https://bugs.webkit.org/show_bug.cgi?id=180301
Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-01-08
Reviewed by Dean Jackson.
Source/WebCore:
Don't taint the canvas if it draws a data URL SVGImage with a <foreignObject>.
There should not be a cross-origin data leak in this case.
Tests: svg/as-image/svg-canvas-data-url-svg-with-feimage-not-tainted.html
svg/as-image/svg-canvas-data-url-svg-with-foreign-object-not-tainted.html
svg/as-image/svg-canvas-data-url-svg-with-image-not-tainted.html
- html/ImageBitmap.cpp:
(WebCore::taintsOrigin):
- html/canvas/CanvasRenderingContext.cpp:
(WebCore::CanvasRenderingContext::wouldTaintOrigin):
LayoutTests:
- svg/as-image/svg-canvas-data-url-svg-with-feimage-not-tainted-expected.txt: Added.
- svg/as-image/svg-canvas-data-url-svg-with-feimage-not-tainted.html: Added.
- svg/as-image/svg-canvas-data-url-svg-with-foreign-object-not-tainted-expected.txt: Added.
- svg/as-image/svg-canvas-data-url-svg-with-foreign-object-not-tainted.html: Added.
- svg/as-image/svg-canvas-data-url-svg-with-image-not-tainted-expected.txt: Added.
- svg/as-image/svg-canvas-data-url-svg-with-image-not-tainted.html: Added.
- 4:16 PM Changeset in webkit [226598] by
-
- 1 copy in tags/Safari-604.5.5
Tag Safari-604.5.5.
- 4:16 PM Changeset in webkit [226597] by
-
- 1 copy in tags/Safari-604.5.4
Tag Safari-604.5.4.
- 4:12 PM Changeset in webkit [226596] by
-
- 1 copy in tags/Safari-604.5.100.5
Tag Safari-604.5.100.5.
- 4:12 PM Changeset in webkit [226595] by
-
- 1 copy in tags/Safari-604.5.100.4
Tag Safari-604.5.100.4.
- 4:07 PM Changeset in webkit [226594] by
-
- 3 edits in branches/safari-604.5.100-branch/Source/WebCore
Cherry-pick r226457. rdar://problem/36324013
- 4:07 PM Changeset in webkit [226593] by
-
- 7 edits in branches/safari-604.5.100-branch/Source
Versioning.
- 4:07 PM Changeset in webkit [226592] by
-
- 1 edit in branches/safari-604.5.100-branch/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp
Apply patch. rdar://problem/36276168
fix indexing mask
- 4:07 PM Changeset in webkit [226591] by
-
- 7 edits in branches/safari-604.5.100-branch/Source
Versioning.
- 4:07 PM Changeset in webkit [226590] by
-
- 5 edits in branches/safari-604.5.100-branch
Apply patch. rdar://problem/36257610
Reduce the precision of "high" resolution time to 1ms
https://bugs.webkit.org/show_bug.cgi?id=180910
<rdar://problem/36085943>
Reviewed by Saam Barati.
Add a flaky test expectation to imported/w3c/web-platform-tests/workers/worker-performance.worker.html
due to a test bug. The test fix is tracked in https://github.com/w3c/web-platform-tests/pull/8711
- 4:07 PM Changeset in webkit [226589] by
-
- 3 edits in branches/safari-604.5.100-branch/Source/JavaScriptCore
Apply patch. rdar://problem/36257696
Disable/remove SharedArrayBuffers from Web API
rdar://problem/36077849
Removed SharedArrayBuffer prototype and structure to disable.
- runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::visitChildren):
- runtime/JSGlobalObject.h: (JSC::JSGlobalObject::arrayBufferPrototype const): (JSC::JSGlobalObject::arrayBufferStructure const):
- 3:51 PM Changeset in webkit [226588] by
-
- 3 edits in branches/safari-604-branch/Source/WebCore
Cherry-pick r226457. rdar://problem/36323985
- 3:50 PM Changeset in webkit [226587] by
-
- 7 edits in branches/safari-604-branch/Source
Versioning.
- 3:50 PM Changeset in webkit [226586] by
-
- 1 edit in branches/safari-604-branch/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp
Apply patch. rdar://problem/36276141
fix indexing mask
- 3:50 PM Changeset in webkit [226585] by
-
- 7 edits in branches/safari-604-branch/Source
Versioning.
- 3:50 PM Changeset in webkit [226584] by
-
- 5 edits in branches/safari-604-branch
Apply patch. rdar://problem/36257607
Reduce the precision of "high" resolution time to 1ms
https://bugs.webkit.org/show_bug.cgi?id=180910
<rdar://problem/36085943>
Reviewed by Saam Barati.
Add a flaky test expectation to imported/w3c/web-platform-tests/workers/worker-performance.worker.html
due to a test bug. The test fix is tracked in https://github.com/w3c/web-platform-tests/pull/8711
- 3:50 PM Changeset in webkit [226583] by
-
- 3 edits in branches/safari-604-branch/Source/JavaScriptCore
Apply patch. rdar://problem/36257695
Disable/remove SharedArrayBuffers from Web API
rdar://problem/36077849
Removed SharedArrayBuffer prototype and structure to disable.
- runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::visitChildren):
- runtime/JSGlobalObject.h: (JSC::JSGlobalObject::arrayBufferPrototype const): (JSC::JSGlobalObject::arrayBufferStructure const):
- 3:32 PM Changeset in webkit [226582] by
-
- 7 edits in tags/Safari-605.1.20/Source
Versioning.
- 3:27 PM Changeset in webkit [226581] by
-
- 6 edits in trunk/Source/WebCore
Simplify platform checks in Graphics Context
https://bugs.webkit.org/show_bug.cgi?id=181344
Reviewed by Alex Christensen.
No new tests. No change in behavior.
- platform/graphics/ANGLEWebKitBridge.h:
- platform/graphics/GLContext.h:
- platform/graphics/GraphicsContext3D.h:
- platform/graphics/OpenGLESShims.h:
- platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
(WebCore::GraphicsContext3D::checkVaryingsPacking const):
- 3:23 PM Changeset in webkit [226580] by
-
- 1 copy in tags/Safari-604.4.7.10.6
Tag Safari-604.4.7.10.6.
- 3:19 PM Changeset in webkit [226579] by
-
- 1 copy in tags/Safari-604.4.7.10.5
Tag Safari-604.4.7.10.5.
- 3:16 PM Changeset in webkit [226578] by
-
- 2 edits in trunk/LayoutTests
Marked imported/w3c/web-platform-tests/service-workers/service-worker/register-closed-window.https.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=181087
Unreviewed test gardening.
- platform/ios-wk2/TestExpectations:
- 3:15 PM Changeset in webkit [226577] by
-
- 7 edits in branches/safari-604.4.7.10-branch/Source
Versioning.
- 3:15 PM Changeset in webkit [226576] by
-
- 1 edit in branches/safari-604.4.7.10-branch/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp
Apply patch. rdar://problem/36267662
fix indexing mask
- 3:15 PM Changeset in webkit [226575] by
-
- 7 edits in branches/safari-604.4.7.10-branch/Source
Versioning.
- 3:15 PM Changeset in webkit [226574] by
-
- 2 edits in branches/safari-604.4.7.10-branch/Source/JavaScriptCore
Apply patch. rdar://problem/36116826
32-bit fix.
- 3:15 PM Changeset in webkit [226573] by
-
- 62 edits4 copies3 adds in branches/safari-604.4.7.10-branch
Apply patch. rdar://problem/36116820
Cherry-pick r225363, r225437, r225632, r225659, r225697, r225857. rdar://problem/36085975
Also merged offlineasm parts of r220184 and r222549. These changes are required
to support the code in cherry-picked revisions above.
2017-11-30 Mark Lam <mark.lam@apple.com>
Let's scramble MacroAssemblerCodePtr values.
https://bugs.webkit.org/show_bug.cgi?id=180169
<rdar://problem/35758340>
Reviewed by Filip Pizlo, Saam Barati, and JF Bastien.
- MacroAssemblerCodePtr now stores a ScrambledPtr instead of a void*.
- MacroAssemblerCodePtr's executableAddress() and dataLocation() now take a template argument type that will be used to cast the result. This makes the client code that uses these functions a little less verbose.
- Change the code base in general to minimize passing void* code pointers around. We now pass MacroAssemblerCodePtr as much as possible, and descramble it only at the last moment when we need the underlying code pointer.
- Added some MasmScrambledPtr paranoid asserts that are disabled (not built) by default. I'm leaving them in because they are instrumental in finding bugs where not all MacroAssemblerCodePtr values were not scrambled as expected. I expect them to be useful in the near future as we add more scrambling.
- Also disable the casting operator on MacroAssemblerCodePtr (except for explicit casts to a boolean). This ensures that clients will always explicitly use scrambledBits() or executableAddress() to get a value based on which value they actually need.
- Added currentThread() id to the logging in LLIntSlowPath trace functions. This was helpful when debugging tests that ran multiple VMs concurrently on different threads.
MacroAssemblerCodePtr is currently supported on 64-bit builds (including the
CLoop). It is not yet supported in 32-bit and Windows because we don't
currently have a way to read a global variable from their LLInt code.
- assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssembler::differenceBetweenCodePtr): (JSC::AbstractMacroAssembler::linkPointer):
- assembler/CodeLocation.h: (JSC::CodeLocationCommon::instructionAtOffset): (JSC::CodeLocationCommon::labelAtOffset): (JSC::CodeLocationCommon::jumpAtOffset): (JSC::CodeLocationCommon::callAtOffset): (JSC::CodeLocationCommon::nearCallAtOffset): (JSC::CodeLocationCommon::dataLabelPtrAtOffset): (JSC::CodeLocationCommon::dataLabel32AtOffset): (JSC::CodeLocationCommon::dataLabelCompactAtOffset): (JSC::CodeLocationCommon::convertibleLoadAtOffset):
- assembler/LinkBuffer.cpp: (JSC::LinkBuffer::finalizeCodeWithDisassembly):
- assembler/LinkBuffer.h: (JSC::LinkBuffer::link): (JSC::LinkBuffer::patch):
- assembler/MacroAssemblerCodeRef.cpp: (JSC::MacroAssemblerCodePtr::initialize):
- assembler/MacroAssemblerCodeRef.h: (JSC::FunctionPtr::FunctionPtr): (JSC::FunctionPtr::value const): (JSC::FunctionPtr::executableAddress const): (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): (JSC::MacroAssemblerCodePtr::scrambledPtr const): (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::operator! const): (JSC::MacroAssemblerCodePtr::operator bool const): (JSC::MacroAssemblerCodePtr::operator== const): (JSC::MacroAssemblerCodePtr::hash const): (JSC::MacroAssemblerCodePtr::emptyValue): (JSC::MacroAssemblerCodePtr::deletedValue): (JSC::MacroAssemblerCodePtr::executableAddress const): Deleted. (JSC::MacroAssemblerCodePtr::dataLocation const): Deleted.
- b3/B3LowerMacros.cpp:
- b3/testb3.cpp: (JSC::B3::testInterpreter):
- dfg/DFGDisassembler.cpp: (JSC::DFG::Disassembler::dumpDisassembly):
- dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::link): (JSC::DFG::JITCompiler::compileFunction):
- dfg/DFGOperations.cpp:
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::emitSwitchIntJump): (JSC::DFG::SpeculativeJIT::emitSwitchImm): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): (JSC::DFG::SpeculativeJIT::emitSwitchChar):
- dfg/DFGSpeculativeJIT.h:
- disassembler/Disassembler.cpp: (JSC::disassemble):
- disassembler/UDis86Disassembler.cpp: (JSC::tryToDisassembleWithUDis86):
- ftl/FTLCompile.cpp: (JSC::FTL::compile):
- ftl/FTLJITCode.cpp: (JSC::FTL::JITCode::executableAddressAtOffset):
- ftl/FTLLink.cpp: (JSC::FTL::link):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstruct): (JSC::FTL::DFG::LowerDFGToB3::compileTailCall): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
- interpreter/InterpreterInlines.h: (JSC::Interpreter::getOpcodeID):
- jit/JITArithmetic.cpp: (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow):
- jit/JITCode.cpp: (JSC::JITCodeWithCodeRef::executableAddressAtOffset): (JSC::JITCodeWithCodeRef::dataAddressAtOffset): (JSC::JITCodeWithCodeRef::offsetOf):
- jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpDisassembly):
- jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap):
- jit/Repatch.cpp: (JSC::ftlThunkAwareRepatchCall):
- jit/ThunkGenerators.cpp: (JSC::virtualThunkFor): (JSC::boundThisNoArgsFunctionCallGenerator):
- llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall):
- llint/LowLevelInterpreter64.asm:
- offlineasm/cloop.rb:
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- wasm/WasmBBQPlan.cpp: (JSC::Wasm::BBQPlan::complete):
- wasm/WasmCallee.h: (JSC::Wasm::Callee::entrypoint const):
- wasm/WasmCodeBlock.cpp: (JSC::Wasm::CodeBlock::CodeBlock):
- wasm/WasmOMGPlan.cpp: (JSC::Wasm::OMGPlan::work):
- wasm/js/WasmToJS.cpp: (JSC::Wasm::wasmToJS):
- wasm/js/WebAssemblyFunction.cpp: (JSC::callWebAssemblyFunction):
- wasm/js/WebAssemblyFunction.h:
- wasm/js/WebAssemblyWrapperFunction.cpp: (JSC::WebAssemblyWrapperFunction::create):
2017-12-01 Mark Lam <mark.lam@apple.com>
Let's scramble ClassInfo pointers in cells.
https://bugs.webkit.org/show_bug.cgi?id=180291
<rdar://problem/35807620>
Reviewed by JF Bastien.
- API/JSCallbackObject.h:
- API/JSObjectRef.cpp: (classInfoPrivate):
- JavaScriptCore.xcodeproj/project.pbxproj:
- Sources.txt:
- assembler/MacroAssemblerCodeRef.cpp: (JSC::MacroAssemblerCodePtr::initialize): Deleted.
- assembler/MacroAssemblerCodeRef.h: (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::hash const):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileCheckSubClass): (JSC::DFG::SpeculativeJIT::compileNewStringObject):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNewStringObject): (JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitAllocateDestructibleObject):
- jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass):
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- runtime/JSCScrambledPtr.cpp: Added. (JSC::initializeScrambledPtrKeys):
- runtime/JSCScrambledPtr.h: Added.
- runtime/JSDestructibleObject.h: (JSC::JSDestructibleObject::classInfo const):
- runtime/JSSegmentedVariableObject.h: (JSC::JSSegmentedVariableObject::classInfo const):
- runtime/Structure.h:
- runtime/VM.h:
2017-12-07 Mark Lam <mark.lam@apple.com>
[Re-landing r225620] Refactoring: Rename ScrambledPtr to Poisoned.
https://bugs.webkit.org/show_bug.cgi?id=180514
Reviewed by Saam Barati and JF Bastien.
Re-landing r225620 with speculative build fix for GCC 7.
- API/JSCallbackObject.h:
- API/JSObjectRef.cpp: (classInfoPrivate):
- JavaScriptCore.xcodeproj/project.pbxproj:
- Sources.txt:
- assembler/MacroAssemblerCodeRef.h: (JSC::FunctionPtr::FunctionPtr): (JSC::FunctionPtr::value const): (JSC::FunctionPtr::executableAddress const): (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): (JSC::MacroAssemblerCodePtr::poisonedPtr const): (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::operator! const): (JSC::MacroAssemblerCodePtr::operator== const): (JSC::MacroAssemblerCodePtr::emptyValue): (JSC::MacroAssemblerCodePtr::deletedValue): (JSC::MacroAssemblerCodePtr::scrambledPtr const): Deleted.
- b3/B3LowerMacros.cpp:
- b3/testb3.cpp: (JSC::B3::testInterpreter):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileCheckSubClass): (JSC::DFG::SpeculativeJIT::compileNewStringObject): (JSC::DFG::SpeculativeJIT::emitSwitchIntJump):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNewStringObject): (JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitAllocateDestructibleObject):
- jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass):
- jit/ThunkGenerators.cpp: (JSC::virtualThunkFor): (JSC::boundThisNoArgsFunctionCallGenerator):
- llint/LLIntSlowPaths.cpp: (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall):
- llint/LowLevelInterpreter64.asm:
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- runtime/JSCPoisonedPtr.cpp: Copied from Source/JavaScriptCore/runtime/JSCScrambledPtr.cpp. (JSC::initializePoison): (JSC::initializeScrambledPtrKeys): Deleted.
- runtime/JSCPoisonedPtr.h: Copied from Source/JavaScriptCore/runtime/JSCScrambledPtr.h.
- runtime/JSCScrambledPtr.cpp: Removed.
- runtime/JSCScrambledPtr.h: Removed.
- runtime/JSDestructibleObject.h: (JSC::JSDestructibleObject::classInfo const):
- runtime/JSSegmentedVariableObject.h: (JSC::JSSegmentedVariableObject::classInfo const):
- runtime/Structure.h:
- runtime/VM.h:
2017-12-07 Mark Lam <mark.lam@apple.com>
Apply poisoning to some native code pointers.
https://bugs.webkit.org/show_bug.cgi?id=180541
<rdar://problem/35916875>
Reviewed by Filip Pizlo.
Renamed g_classInfoPoison to g_globalDataPoison.
Renamed g_masmPoison to g_jitCodePoison.
Introduced g_nativeCodePoison.
Applied g_nativeCodePoison to poisoning some native code pointers.
Introduced non-random Int32 poison values (in JSCPoison.h) for use with pointers
to malloc allocated data structures (where needed).
- API/JSCallbackFunction.h: (JSC::JSCallbackFunction::functionCallback):
- JavaScriptCore.xcodeproj/project.pbxproj:
- jit/ThunkGenerators.cpp: (JSC::nativeForGenerator):
- llint/LowLevelInterpreter64.asm:
- runtime/CustomGetterSetter.h: (JSC::CustomGetterSetter::getter const): (JSC::CustomGetterSetter::setter const):
- runtime/InternalFunction.cpp: (JSC::InternalFunction::getCallData): (JSC::InternalFunction::getConstructData):
- runtime/InternalFunction.h: (JSC::InternalFunction::nativeFunctionFor):
- runtime/JSCPoison.h: Added.
- runtime/JSCPoisonedPtr.cpp: (JSC::initializePoison):
- runtime/JSCPoisonedPtr.h:
- runtime/Lookup.h:
- runtime/NativeExecutable.cpp: (JSC::NativeExecutable::hashFor const):
- runtime/NativeExecutable.h:
- runtime/Structure.cpp: (JSC::StructureTransitionTable::setSingleTransition):
- runtime/StructureTransitionTable.h: (JSC::StructureTransitionTable::StructureTransitionTable): (JSC::StructureTransitionTable::isUsingSingleSlot const): (JSC::StructureTransitionTable::map const): (JSC::StructureTransitionTable::weakImpl const): (JSC::StructureTransitionTable::setMap):
2017-12-08 Mark Lam <mark.lam@apple.com>
Need to unpoison native function pointers for CLoop.
https://bugs.webkit.org/show_bug.cgi?id=180601
<rdar://problem/35942028>
Reviewed by JF Bastien.
- llint/LowLevelInterpreter64.asm:
2017-12-13 Mark Lam <mark.lam@apple.com>
Fill out some Poisoned APIs, fix some bugs, and add some tests.
https://bugs.webkit.org/show_bug.cgi?id=180724
<rdar://problem/36006884>
Reviewed by JF Bastien.
- runtime/StructureTransitionTable.h:
2017-12-18 Jason Marcell <jmarcell@apple.com>
Apply patch. rdar://problem/36113365
Cherry-pick r225363, r225437, r225632, r225659, r225697, r225857. rdar://problem/36085975
2017-11-30 Mark Lam <mark.lam@apple.com>
Let's scramble MacroAssemblerCodePtr values.
https://bugs.webkit.org/show_bug.cgi?id=180169
<rdar://problem/35758340>
Reviewed by Filip Pizlo, Saam Barati, and JF Bastien.
Introduce a ScrambledPtr class to facilitate scrambling.
- WTF.xcodeproj/project.pbxproj:
- wtf/CMakeLists.txt:
- wtf/ScrambledPtr.cpp: Added. (WTF::makeScrambledPtrKey):
- wtf/ScrambledPtr.h: Added. (WTF::ScrambledPtr::ScrambledPtr): (WTF::ScrambledPtr::paranoidAssertIsScrambled const): (WTF::ScrambledPtr::paranoidAssertIsNotScrambled const): (WTF::ScrambledPtr:: const): (WTF::ScrambledPtr::operator-> const): (WTF::ScrambledPtr::scrambledBits const): (WTF::ScrambledPtr::operator! const): (WTF::ScrambledPtr::operator bool const): (WTF::ScrambledPtr::operator== const): (WTF::ScrambledPtr::operator==): (WTF::ScrambledPtr::scramble): (WTF::ScrambledPtr::descramble):
2017-12-01 Mark Lam <mark.lam@apple.com>
Let's scramble ClassInfo pointers in cells.
https://bugs.webkit.org/show_bug.cgi?id=180291
<rdar://problem/35807620>
Reviewed by JF Bastien.
- wtf/ScrambledPtr.h: (WTF::ScrambledPtr::descrambled const): (WTF::ScrambledPtr::bits const): (WTF::ScrambledPtr::operator==): (WTF::ScrambledPtr::operator=): (WTF::ScrambledPtr::scramble): (WTF::ScrambledPtr::descramble): (WTF::ScrambledPtr:: const): Deleted. (WTF::ScrambledPtr::scrambledBits const): Deleted.
2017-12-07 Mark Lam <mark.lam@apple.com>
[Re-landing r225620] Refactoring: Rename ScrambledPtr to Poisoned.
https://bugs.webkit.org/show_bug.cgi?id=180514
Reviewed by Saam Barati and JF Bastien.
Re-landing r225620 with speculative build fix for GCC 7.
- WTF.xcodeproj/project.pbxproj:
- wtf/CMakeLists.txt:
- wtf/Poisoned.cpp: Copied from Source/WTF/wtf/ScrambledPtr.cpp. (WTF::makePoison): (WTF::makeScrambledPtrKey): Deleted.
- wtf/Poisoned.h: Copied from Source/WTF/wtf/ScrambledPtr.h. (WTF::PoisonedImpl::PoisonedImpl): (WTF::PoisonedImpl::assertIsPoisoned const): (WTF::PoisonedImpl::assertIsNotPoisoned const): (WTF::PoisonedImpl::unpoisoned const): (WTF::PoisonedImpl::operator-> const): (WTF::PoisonedImpl::bits const): (WTF::PoisonedImpl::operator! const): (WTF::PoisonedImpl::operator bool const): (WTF::PoisonedImpl::operator== const): (WTF::PoisonedImpl::operator==): (WTF::PoisonedImpl::operator=): (WTF::PoisonedImpl::poison): (WTF::PoisonedImpl::unpoison): (WTF::ScrambledPtr::ScrambledPtr): Deleted. (WTF::ScrambledPtr::assertIsScrambled const): Deleted. (WTF::ScrambledPtr::assertIsNotScrambled const): Deleted. (WTF::ScrambledPtr::descrambled const): Deleted. (WTF::ScrambledPtr::operator-> const): Deleted. (WTF::ScrambledPtr::bits const): Deleted. (WTF::ScrambledPtr::operator! const): Deleted. (WTF::ScrambledPtr::operator bool const): Deleted. (WTF::ScrambledPtr::operator== const): Deleted. (WTF::ScrambledPtr::operator==): Deleted. (WTF::ScrambledPtr::operator=): Deleted. (WTF::ScrambledPtr::scramble): Deleted. (WTF::ScrambledPtr::descramble): Deleted.
- wtf/ScrambledPtr.cpp: Removed.
- wtf/ScrambledPtr.h: Removed.
2017-12-07 Mark Lam <mark.lam@apple.com>
Apply poisoning to some native code pointers.
https://bugs.webkit.org/show_bug.cgi?id=180541
<rdar://problem/35916875>
Reviewed by Filip Pizlo.
Ensure that the resultant poisoned bits still looks like a pointer in that its
bottom bits are 0, just like the alignment bits of a pointer. This allows the
client to use the bottom bits of the poisoned bits as flag bits just like the
client was previously able to do with pointer values.
Note: we only ensure that the bottom alignment bits of the generated poison
value is 0. We're not masking out the poisoned bits. This means that the bottom
bits of the poisoned bits will only be null if the original pointer is aligned.
Hence, if the client applies the poison to an unaligned pointer, we do not lose
any information on the low bits.
Also removed 2 wrong assertions in PoisonedImpl's constructors. We were
asserting that Poisoned will never be used with a null value, but that's invalid.
We do want to allow a null value so that we don't have to constantly do null
checks in the clients. This was uncovered by some layout tests.
- wtf/Poisoned.cpp: (WTF::makePoison):
- wtf/Poisoned.h: (WTF::PoisonedImpl::PoisonedImpl):
2017-12-13 Mark Lam <mark.lam@apple.com>
Fill out some Poisoned APIs, fix some bugs, and add some tests.
https://bugs.webkit.org/show_bug.cgi?id=180724
<rdar://problem/36006884>
Reviewed by JF Bastien.
Also rename Int32Poisoned to ConstExprPoisoned. The key it takes is actually a
uint32_t. So, Int32 is really a misnomer. In addition, the key needs to be a
constexpr. So, ConstExprPoisoned is a better name for it.
- wtf/Poisoned.cpp: (WTF::makePoison):
- wtf/Poisoned.h: (WTF::PoisonedImplHelper::asReference): (WTF::PoisonedImpl::PoisonedImpl): (WTF::PoisonedImpl::clear): (WTF::PoisonedImpl::operator* const): (WTF::PoisonedImpl::operator-> const): (WTF::PoisonedImpl::operator== const): (WTF::PoisonedImpl::operator!= const): (WTF::PoisonedImpl::operator< const): (WTF::PoisonedImpl::operator<= const): (WTF::PoisonedImpl::operator> const): (WTF::PoisonedImpl::operator>= const): (WTF::PoisonedImpl::operator=): (WTF::PoisonedImpl::swap): (WTF::PoisonedImpl::exchange): (WTF::swap): (WTF::makePoison): (WTF::PoisonedImpl::operator==): Deleted.
- 3:15 PM Changeset in webkit [226572] by
-
- 27 edits in branches/safari-604.4.7.10-branch/Source
Apply patch. rdar://problem/36116826
Use index masking for TypedArrays and and Wasm.
https://bugs.webkit.org/show_bug.cgi?id=180920
Reviewed by Filip Pizlo.
We should have index masking for our TypedArray code in the
DFG/FTL and for Wasm when doing bounds checking. Index masking for
Wasm is added to the WasmBoundsCheckValue. Since we don't CSE any
WasmBoundsCheckValues we don't need to worry about combining a
bounds check for a load and a store. I went with fusing the
pointer masking in the WasmBoundsCheckValue since it should reduce
additional compiler overhead.
- b3/B3LowerToAir.cpp:
- b3/B3Validate.cpp:
- b3/B3WasmBoundsCheckValue.cpp: (JSC::B3::WasmBoundsCheckValue::WasmBoundsCheckValue): (JSC::B3::WasmBoundsCheckValue::dumpMeta const):
- b3/B3WasmBoundsCheckValue.h: (JSC::B3::WasmBoundsCheckValue::pinnedIndexingMask const):
- b3/air/AirCustom.h: (JSC::B3::Air::WasmBoundsCheckCustom::generate):
- b3/testb3.cpp: (JSC::B3::testWasmBoundsCheck):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::loadFromIntTypedArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray): (JSC::DFG::SpeculativeJIT::compileNewTypedArray):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLAbstractHeapRepository.h:
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileAtomicsReadModifyWrite): (JSC::FTL::DFG::LowerDFGToB3::compileGetByVal): (JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray): (JSC::FTL::DFG::LowerDFGToB3::pointerIntoTypedArray):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitComputeButterflyIndexingMask):
- runtime/Butterfly.h:
- runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::JSArrayBufferView):
- runtime/JSArrayBufferView.h: (JSC::JSArrayBufferView::offsetOfIndexingMask):
- wasm/WasmB3IRGenerator.cpp: (JSC::Wasm::B3IRGenerator::B3IRGenerator): (JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState): (JSC::Wasm::B3IRGenerator::emitCheckAndPreparePointer): (JSC::Wasm::B3IRGenerator::load): (JSC::Wasm::B3IRGenerator::store): (JSC::Wasm::B3IRGenerator::addCallIndirect):
- wasm/WasmBinding.cpp: (JSC::Wasm::wasmToWasm):
- wasm/WasmMemory.cpp: (JSC::Wasm::Memory::Memory):
- wasm/WasmMemory.h: (JSC::Wasm::Memory::offsetOfIndexingMask):
- wasm/WasmMemoryInformation.cpp: (JSC::Wasm::PinnedRegisterInfo::get): (JSC::Wasm::PinnedRegisterInfo::PinnedRegisterInfo):
- wasm/WasmMemoryInformation.h: (JSC::Wasm::PinnedRegisterInfo::toSave const):
- wasm/js/JSToWasm.cpp: (JSC::Wasm::createJSToWasmWrapper):
Use index masking for TypedArrays and and Wasm.
https://bugs.webkit.org/show_bug.cgi?id=180920
Reviewed by Filip Pizlo.
Copy things from ToT that we will need for a branch.
- wtf/MathExtras.h: (WTF::computeIndexingMask):
- wtf/StdLibExtras.h: (std::clz):
- 3:15 PM Changeset in webkit [226571] by
-
- 5 edits in branches/safari-604.4.7.10-branch
Apply patch. rdar://problem/36116741
Reduce the precision of "high" resolution time to 1ms
https://bugs.webkit.org/show_bug.cgi?id=180910
<rdar://problem/36085943>
Reviewed by Saam Barati.
Add a flaky test expectation to imported/w3c/web-platform-tests/workers/worker-performance.worker.html
due to a test bug. The test fix is tracked in https://github.com/w3c/web-platform-tests/pull/8711
- 3:15 PM Changeset in webkit [226570] by
-
- 13 edits in branches/safari-604.4.7.10-branch/Source
Cherry-pick r226068. rdar://problem/36116830
- 3:14 PM Changeset in webkit [226569] by
-
- 3 edits in branches/safari-604.4.7.10-branch/Source/JavaScriptCore
Apply patch. rdar://problem/36116696
Disable/remove SharedArrayBuffers from Web API
rdar://problem/36077849
Removed SharedArrayBuffer prototype and structure to disable.
- runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::visitChildren):
- runtime/JSGlobalObject.h: (JSC::JSGlobalObject::arrayBufferPrototype const): (JSC::JSGlobalObject::arrayBufferStructure const):
- 3:14 PM Changeset in webkit [226568] by
-
- 9 edits2 adds in trunk/Source/WebCore
[RenderTreeBuilder] Move SVG addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181405
<rdar://problem/36360476>
Reviewed by Antti Koivisto.
This is about moving the code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).
No change in functionality.
- Sources.txt:
- WebCore.xcodeproj/project.pbxproj:
- rendering/svg/RenderSVGContainer.cpp:
(WebCore::RenderSVGContainer::addChild):
- rendering/svg/RenderSVGInline.cpp:
(WebCore::RenderSVGInline::addChild):
- rendering/svg/RenderSVGRoot.cpp:
(WebCore::RenderSVGRoot::addChild):
- rendering/svg/RenderSVGText.cpp:
(WebCore::RenderSVGText::addChild):
- rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::insertChildToSVGContainer):
(WebCore::RenderTreeBuilder::insertChildToSVGInline):
(WebCore::RenderTreeBuilder::insertChildToSVGRoot):
(WebCore::RenderTreeBuilder::insertChildToSVGText):
- rendering/updating/RenderTreeBuilder.h:
(WebCore::RenderTreeBuilder::SVGBuilder):
- rendering/updating/RenderTreeBuilderSVG.cpp: Added.
(WebCore::RenderTreeBuilder::SVG::SVG):
(WebCore::RenderTreeBuilder::SVG::insertChild):
- rendering/updating/RenderTreeBuilderSVG.h: Added.
- 3:11 PM Changeset in webkit [226567] by
-
- 1 copy in tags/Safari-604.4.7.1.6
Tag Safari-604.4.7.1.6.
- 3:10 PM Changeset in webkit [226566] by
-
- 1 copy in tags/Safari-604.4.7.1.5
Tag Safari-604.4.7.1.5.
- 3:09 PM Changeset in webkit [226565] by
-
- 7 edits in branches/safari-604.4.7.1-branch/Source
Versioning.
- 3:09 PM Changeset in webkit [226564] by
-
- 1 edit in branches/safari-604.4.7.1-branch/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp
Apply patch. rdar://problem/36267626
fix indexing mask
- 3:09 PM Changeset in webkit [226563] by
-
- 7 edits in branches/safari-604.4.7.1-branch/Source
Versioning.
- 3:09 PM Changeset in webkit [226562] by
-
- 2 edits in branches/safari-604.4.7.1-branch/Source/JavaScriptCore
Apply patch. rdar://problem/36116390
32-bit fix.
- 3:09 PM Changeset in webkit [226561] by
-
- 62 edits4 copies3 adds in branches/safari-604.4.7.1-branch
Apply patch. rdar://problem/36116388
Cherry-pick r225363, r225437, r225632, r225659, r225697, r225857. rdar://problem/36085975
Also merged offlineasm parts of r220184 and r222549. These changes are required
to support the code in cherry-picked revisions above.
2017-11-30 Mark Lam <mark.lam@apple.com>
Let's scramble MacroAssemblerCodePtr values.
https://bugs.webkit.org/show_bug.cgi?id=180169
<rdar://problem/35758340>
Reviewed by Filip Pizlo, Saam Barati, and JF Bastien.
- MacroAssemblerCodePtr now stores a ScrambledPtr instead of a void*.
- MacroAssemblerCodePtr's executableAddress() and dataLocation() now take a template argument type that will be used to cast the result. This makes the client code that uses these functions a little less verbose.
- Change the code base in general to minimize passing void* code pointers around. We now pass MacroAssemblerCodePtr as much as possible, and descramble it only at the last moment when we need the underlying code pointer.
- Added some MasmScrambledPtr paranoid asserts that are disabled (not built) by default. I'm leaving them in because they are instrumental in finding bugs where not all MacroAssemblerCodePtr values were not scrambled as expected. I expect them to be useful in the near future as we add more scrambling.
- Also disable the casting operator on MacroAssemblerCodePtr (except for explicit casts to a boolean). This ensures that clients will always explicitly use scrambledBits() or executableAddress() to get a value based on which value they actually need.
- Added currentThread() id to the logging in LLIntSlowPath trace functions. This was helpful when debugging tests that ran multiple VMs concurrently on different threads.
MacroAssemblerCodePtr is currently supported on 64-bit builds (including the
CLoop). It is not yet supported in 32-bit and Windows because we don't
currently have a way to read a global variable from their LLInt code.
- assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssembler::differenceBetweenCodePtr): (JSC::AbstractMacroAssembler::linkPointer):
- assembler/CodeLocation.h: (JSC::CodeLocationCommon::instructionAtOffset): (JSC::CodeLocationCommon::labelAtOffset): (JSC::CodeLocationCommon::jumpAtOffset): (JSC::CodeLocationCommon::callAtOffset): (JSC::CodeLocationCommon::nearCallAtOffset): (JSC::CodeLocationCommon::dataLabelPtrAtOffset): (JSC::CodeLocationCommon::dataLabel32AtOffset): (JSC::CodeLocationCommon::dataLabelCompactAtOffset): (JSC::CodeLocationCommon::convertibleLoadAtOffset):
- assembler/LinkBuffer.cpp: (JSC::LinkBuffer::finalizeCodeWithDisassembly):
- assembler/LinkBuffer.h: (JSC::LinkBuffer::link): (JSC::LinkBuffer::patch):
- assembler/MacroAssemblerCodeRef.cpp: (JSC::MacroAssemblerCodePtr::initialize):
- assembler/MacroAssemblerCodeRef.h: (JSC::FunctionPtr::FunctionPtr): (JSC::FunctionPtr::value const): (JSC::FunctionPtr::executableAddress const): (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): (JSC::MacroAssemblerCodePtr::scrambledPtr const): (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::operator! const): (JSC::MacroAssemblerCodePtr::operator bool const): (JSC::MacroAssemblerCodePtr::operator== const): (JSC::MacroAssemblerCodePtr::hash const): (JSC::MacroAssemblerCodePtr::emptyValue): (JSC::MacroAssemblerCodePtr::deletedValue): (JSC::MacroAssemblerCodePtr::executableAddress const): Deleted. (JSC::MacroAssemblerCodePtr::dataLocation const): Deleted.
- b3/B3LowerMacros.cpp:
- b3/testb3.cpp: (JSC::B3::testInterpreter):
- dfg/DFGDisassembler.cpp: (JSC::DFG::Disassembler::dumpDisassembly):
- dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::link): (JSC::DFG::JITCompiler::compileFunction):
- dfg/DFGOperations.cpp:
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::emitSwitchIntJump): (JSC::DFG::SpeculativeJIT::emitSwitchImm): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): (JSC::DFG::SpeculativeJIT::emitSwitchChar):
- dfg/DFGSpeculativeJIT.h:
- disassembler/Disassembler.cpp: (JSC::disassemble):
- disassembler/UDis86Disassembler.cpp: (JSC::tryToDisassembleWithUDis86):
- ftl/FTLCompile.cpp: (JSC::FTL::compile):
- ftl/FTLJITCode.cpp: (JSC::FTL::JITCode::executableAddressAtOffset):
- ftl/FTLLink.cpp: (JSC::FTL::link):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstruct): (JSC::FTL::DFG::LowerDFGToB3::compileTailCall): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
- interpreter/InterpreterInlines.h: (JSC::Interpreter::getOpcodeID):
- jit/JITArithmetic.cpp: (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow):
- jit/JITCode.cpp: (JSC::JITCodeWithCodeRef::executableAddressAtOffset): (JSC::JITCodeWithCodeRef::dataAddressAtOffset): (JSC::JITCodeWithCodeRef::offsetOf):
- jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpDisassembly):
- jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap):
- jit/Repatch.cpp: (JSC::ftlThunkAwareRepatchCall):
- jit/ThunkGenerators.cpp: (JSC::virtualThunkFor): (JSC::boundThisNoArgsFunctionCallGenerator):
- llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall):
- llint/LowLevelInterpreter64.asm:
- offlineasm/cloop.rb:
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- wasm/WasmBBQPlan.cpp: (JSC::Wasm::BBQPlan::complete):
- wasm/WasmCallee.h: (JSC::Wasm::Callee::entrypoint const):
- wasm/WasmCodeBlock.cpp: (JSC::Wasm::CodeBlock::CodeBlock):
- wasm/WasmOMGPlan.cpp: (JSC::Wasm::OMGPlan::work):
- wasm/js/WasmToJS.cpp: (JSC::Wasm::wasmToJS):
- wasm/js/WebAssemblyFunction.cpp: (JSC::callWebAssemblyFunction):
- wasm/js/WebAssemblyFunction.h:
- wasm/js/WebAssemblyWrapperFunction.cpp: (JSC::WebAssemblyWrapperFunction::create):
2017-12-01 Mark Lam <mark.lam@apple.com>
Let's scramble ClassInfo pointers in cells.
https://bugs.webkit.org/show_bug.cgi?id=180291
<rdar://problem/35807620>
Reviewed by JF Bastien.
- API/JSCallbackObject.h:
- API/JSObjectRef.cpp: (classInfoPrivate):
- JavaScriptCore.xcodeproj/project.pbxproj:
- Sources.txt:
- assembler/MacroAssemblerCodeRef.cpp: (JSC::MacroAssemblerCodePtr::initialize): Deleted.
- assembler/MacroAssemblerCodeRef.h: (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::hash const):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileCheckSubClass): (JSC::DFG::SpeculativeJIT::compileNewStringObject):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNewStringObject): (JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitAllocateDestructibleObject):
- jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass):
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- runtime/JSCScrambledPtr.cpp: Added. (JSC::initializeScrambledPtrKeys):
- runtime/JSCScrambledPtr.h: Added.
- runtime/JSDestructibleObject.h: (JSC::JSDestructibleObject::classInfo const):
- runtime/JSSegmentedVariableObject.h: (JSC::JSSegmentedVariableObject::classInfo const):
- runtime/Structure.h:
- runtime/VM.h:
2017-12-07 Mark Lam <mark.lam@apple.com>
[Re-landing r225620] Refactoring: Rename ScrambledPtr to Poisoned.
https://bugs.webkit.org/show_bug.cgi?id=180514
Reviewed by Saam Barati and JF Bastien.
Re-landing r225620 with speculative build fix for GCC 7.
- API/JSCallbackObject.h:
- API/JSObjectRef.cpp: (classInfoPrivate):
- JavaScriptCore.xcodeproj/project.pbxproj:
- Sources.txt:
- assembler/MacroAssemblerCodeRef.h: (JSC::FunctionPtr::FunctionPtr): (JSC::FunctionPtr::value const): (JSC::FunctionPtr::executableAddress const): (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): (JSC::MacroAssemblerCodePtr::poisonedPtr const): (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::operator! const): (JSC::MacroAssemblerCodePtr::operator== const): (JSC::MacroAssemblerCodePtr::emptyValue): (JSC::MacroAssemblerCodePtr::deletedValue): (JSC::MacroAssemblerCodePtr::scrambledPtr const): Deleted.
- b3/B3LowerMacros.cpp:
- b3/testb3.cpp: (JSC::B3::testInterpreter):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileCheckSubClass): (JSC::DFG::SpeculativeJIT::compileNewStringObject): (JSC::DFG::SpeculativeJIT::emitSwitchIntJump):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNewStringObject): (JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitAllocateDestructibleObject):
- jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass):
- jit/ThunkGenerators.cpp: (JSC::virtualThunkFor): (JSC::boundThisNoArgsFunctionCallGenerator):
- llint/LLIntSlowPaths.cpp: (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall):
- llint/LowLevelInterpreter64.asm:
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- runtime/JSCPoisonedPtr.cpp: Copied from Source/JavaScriptCore/runtime/JSCScrambledPtr.cpp. (JSC::initializePoison): (JSC::initializeScrambledPtrKeys): Deleted.
- runtime/JSCPoisonedPtr.h: Copied from Source/JavaScriptCore/runtime/JSCScrambledPtr.h.
- runtime/JSCScrambledPtr.cpp: Removed.
- runtime/JSCScrambledPtr.h: Removed.
- runtime/JSDestructibleObject.h: (JSC::JSDestructibleObject::classInfo const):
- runtime/JSSegmentedVariableObject.h: (JSC::JSSegmentedVariableObject::classInfo const):
- runtime/Structure.h:
- runtime/VM.h:
2017-12-07 Mark Lam <mark.lam@apple.com>
Apply poisoning to some native code pointers.
https://bugs.webkit.org/show_bug.cgi?id=180541
<rdar://problem/35916875>
Reviewed by Filip Pizlo.
Renamed g_classInfoPoison to g_globalDataPoison.
Renamed g_masmPoison to g_jitCodePoison.
Introduced g_nativeCodePoison.
Applied g_nativeCodePoison to poisoning some native code pointers.
Introduced non-random Int32 poison values (in JSCPoison.h) for use with pointers
to malloc allocated data structures (where needed).
- API/JSCallbackFunction.h: (JSC::JSCallbackFunction::functionCallback):
- JavaScriptCore.xcodeproj/project.pbxproj:
- jit/ThunkGenerators.cpp: (JSC::nativeForGenerator):
- llint/LowLevelInterpreter64.asm:
- runtime/CustomGetterSetter.h: (JSC::CustomGetterSetter::getter const): (JSC::CustomGetterSetter::setter const):
- runtime/InternalFunction.cpp: (JSC::InternalFunction::getCallData): (JSC::InternalFunction::getConstructData):
- runtime/InternalFunction.h: (JSC::InternalFunction::nativeFunctionFor):
- runtime/JSCPoison.h: Added.
- runtime/JSCPoisonedPtr.cpp: (JSC::initializePoison):
- runtime/JSCPoisonedPtr.h:
- runtime/Lookup.h:
- runtime/NativeExecutable.cpp: (JSC::NativeExecutable::hashFor const):
- runtime/NativeExecutable.h:
- runtime/Structure.cpp: (JSC::StructureTransitionTable::setSingleTransition):
- runtime/StructureTransitionTable.h: (JSC::StructureTransitionTable::StructureTransitionTable): (JSC::StructureTransitionTable::isUsingSingleSlot const): (JSC::StructureTransitionTable::map const): (JSC::StructureTransitionTable::weakImpl const): (JSC::StructureTransitionTable::setMap):
2017-12-08 Mark Lam <mark.lam@apple.com>
Need to unpoison native function pointers for CLoop.
https://bugs.webkit.org/show_bug.cgi?id=180601
<rdar://problem/35942028>
Reviewed by JF Bastien.
- llint/LowLevelInterpreter64.asm:
2017-12-13 Mark Lam <mark.lam@apple.com>
Fill out some Poisoned APIs, fix some bugs, and add some tests.
https://bugs.webkit.org/show_bug.cgi?id=180724
<rdar://problem/36006884>
Reviewed by JF Bastien.
- runtime/StructureTransitionTable.h:
2017-12-18 Jason Marcell <jmarcell@apple.com>
Apply patch. rdar://problem/36113365
Cherry-pick r225363, r225437, r225632, r225659, r225697, r225857. rdar://problem/36085975
2017-11-30 Mark Lam <mark.lam@apple.com>
Let's scramble MacroAssemblerCodePtr values.
https://bugs.webkit.org/show_bug.cgi?id=180169
<rdar://problem/35758340>
Reviewed by Filip Pizlo, Saam Barati, and JF Bastien.
Introduce a ScrambledPtr class to facilitate scrambling.
- WTF.xcodeproj/project.pbxproj:
- wtf/CMakeLists.txt:
- wtf/ScrambledPtr.cpp: Added. (WTF::makeScrambledPtrKey):
- wtf/ScrambledPtr.h: Added. (WTF::ScrambledPtr::ScrambledPtr): (WTF::ScrambledPtr::paranoidAssertIsScrambled const): (WTF::ScrambledPtr::paranoidAssertIsNotScrambled const): (WTF::ScrambledPtr:: const): (WTF::ScrambledPtr::operator-> const): (WTF::ScrambledPtr::scrambledBits const): (WTF::ScrambledPtr::operator! const): (WTF::ScrambledPtr::operator bool const): (WTF::ScrambledPtr::operator== const): (WTF::ScrambledPtr::operator==): (WTF::ScrambledPtr::scramble): (WTF::ScrambledPtr::descramble):
2017-12-01 Mark Lam <mark.lam@apple.com>
Let's scramble ClassInfo pointers in cells.
https://bugs.webkit.org/show_bug.cgi?id=180291
<rdar://problem/35807620>
Reviewed by JF Bastien.
- wtf/ScrambledPtr.h: (WTF::ScrambledPtr::descrambled const): (WTF::ScrambledPtr::bits const): (WTF::ScrambledPtr::operator==): (WTF::ScrambledPtr::operator=): (WTF::ScrambledPtr::scramble): (WTF::ScrambledPtr::descramble): (WTF::ScrambledPtr:: const): Deleted. (WTF::ScrambledPtr::scrambledBits const): Deleted.
2017-12-07 Mark Lam <mark.lam@apple.com>
[Re-landing r225620] Refactoring: Rename ScrambledPtr to Poisoned.
https://bugs.webkit.org/show_bug.cgi?id=180514
Reviewed by Saam Barati and JF Bastien.
Re-landing r225620 with speculative build fix for GCC 7.
- WTF.xcodeproj/project.pbxproj:
- wtf/CMakeLists.txt:
- wtf/Poisoned.cpp: Copied from Source/WTF/wtf/ScrambledPtr.cpp. (WTF::makePoison): (WTF::makeScrambledPtrKey): Deleted.
- wtf/Poisoned.h: Copied from Source/WTF/wtf/ScrambledPtr.h. (WTF::PoisonedImpl::PoisonedImpl): (WTF::PoisonedImpl::assertIsPoisoned const): (WTF::PoisonedImpl::assertIsNotPoisoned const): (WTF::PoisonedImpl::unpoisoned const): (WTF::PoisonedImpl::operator-> const): (WTF::PoisonedImpl::bits const): (WTF::PoisonedImpl::operator! const): (WTF::PoisonedImpl::operator bool const): (WTF::PoisonedImpl::operator== const): (WTF::PoisonedImpl::operator==): (WTF::PoisonedImpl::operator=): (WTF::PoisonedImpl::poison): (WTF::PoisonedImpl::unpoison): (WTF::ScrambledPtr::ScrambledPtr): Deleted. (WTF::ScrambledPtr::assertIsScrambled const): Deleted. (WTF::ScrambledPtr::assertIsNotScrambled const): Deleted. (WTF::ScrambledPtr::descrambled const): Deleted. (WTF::ScrambledPtr::operator-> const): Deleted. (WTF::ScrambledPtr::bits const): Deleted. (WTF::ScrambledPtr::operator! const): Deleted. (WTF::ScrambledPtr::operator bool const): Deleted. (WTF::ScrambledPtr::operator== const): Deleted. (WTF::ScrambledPtr::operator==): Deleted. (WTF::ScrambledPtr::operator=): Deleted. (WTF::ScrambledPtr::scramble): Deleted. (WTF::ScrambledPtr::descramble): Deleted.
- wtf/ScrambledPtr.cpp: Removed.
- wtf/ScrambledPtr.h: Removed.
2017-12-07 Mark Lam <mark.lam@apple.com>
Apply poisoning to some native code pointers.
https://bugs.webkit.org/show_bug.cgi?id=180541
<rdar://problem/35916875>
Reviewed by Filip Pizlo.
Ensure that the resultant poisoned bits still looks like a pointer in that its
bottom bits are 0, just like the alignment bits of a pointer. This allows the
client to use the bottom bits of the poisoned bits as flag bits just like the
client was previously able to do with pointer values.
Note: we only ensure that the bottom alignment bits of the generated poison
value is 0. We're not masking out the poisoned bits. This means that the bottom
bits of the poisoned bits will only be null if the original pointer is aligned.
Hence, if the client applies the poison to an unaligned pointer, we do not lose
any information on the low bits.
Also removed 2 wrong assertions in PoisonedImpl's constructors. We were
asserting that Poisoned will never be used with a null value, but that's invalid.
We do want to allow a null value so that we don't have to constantly do null
checks in the clients. This was uncovered by some layout tests.
- wtf/Poisoned.cpp: (WTF::makePoison):
- wtf/Poisoned.h: (WTF::PoisonedImpl::PoisonedImpl):
2017-12-13 Mark Lam <mark.lam@apple.com>
Fill out some Poisoned APIs, fix some bugs, and add some tests.
https://bugs.webkit.org/show_bug.cgi?id=180724
<rdar://problem/36006884>
Reviewed by JF Bastien.
Also rename Int32Poisoned to ConstExprPoisoned. The key it takes is actually a
uint32_t. So, Int32 is really a misnomer. In addition, the key needs to be a
constexpr. So, ConstExprPoisoned is a better name for it.
- wtf/Poisoned.cpp: (WTF::makePoison):
- wtf/Poisoned.h: (WTF::PoisonedImplHelper::asReference): (WTF::PoisonedImpl::PoisonedImpl): (WTF::PoisonedImpl::clear): (WTF::PoisonedImpl::operator* const): (WTF::PoisonedImpl::operator-> const): (WTF::PoisonedImpl::operator== const): (WTF::PoisonedImpl::operator!= const): (WTF::PoisonedImpl::operator< const): (WTF::PoisonedImpl::operator<= const): (WTF::PoisonedImpl::operator> const): (WTF::PoisonedImpl::operator>= const): (WTF::PoisonedImpl::operator=): (WTF::PoisonedImpl::swap): (WTF::PoisonedImpl::exchange): (WTF::swap): (WTF::makePoison): (WTF::PoisonedImpl::operator==): Deleted.
- 3:09 PM Changeset in webkit [226560] by
-
- 27 edits in branches/safari-604.4.7.1-branch/Source
Apply patch. rdar://problem/36116390
Use index masking for TypedArrays and and Wasm.
https://bugs.webkit.org/show_bug.cgi?id=180920
Reviewed by Filip Pizlo.
We should have index masking for our TypedArray code in the
DFG/FTL and for Wasm when doing bounds checking. Index masking for
Wasm is added to the WasmBoundsCheckValue. Since we don't CSE any
WasmBoundsCheckValues we don't need to worry about combining a
bounds check for a load and a store. I went with fusing the
pointer masking in the WasmBoundsCheckValue since it should reduce
additional compiler overhead.
- b3/B3LowerToAir.cpp:
- b3/B3Validate.cpp:
- b3/B3WasmBoundsCheckValue.cpp: (JSC::B3::WasmBoundsCheckValue::WasmBoundsCheckValue): (JSC::B3::WasmBoundsCheckValue::dumpMeta const):
- b3/B3WasmBoundsCheckValue.h: (JSC::B3::WasmBoundsCheckValue::pinnedIndexingMask const):
- b3/air/AirCustom.h: (JSC::B3::Air::WasmBoundsCheckCustom::generate):
- b3/testb3.cpp: (JSC::B3::testWasmBoundsCheck):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::loadFromIntTypedArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray): (JSC::DFG::SpeculativeJIT::compileNewTypedArray):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLAbstractHeapRepository.h:
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileAtomicsReadModifyWrite): (JSC::FTL::DFG::LowerDFGToB3::compileGetByVal): (JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray): (JSC::FTL::DFG::LowerDFGToB3::pointerIntoTypedArray):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitComputeButterflyIndexingMask):
- runtime/Butterfly.h:
- runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::JSArrayBufferView):
- runtime/JSArrayBufferView.h: (JSC::JSArrayBufferView::offsetOfIndexingMask):
- wasm/WasmB3IRGenerator.cpp: (JSC::Wasm::B3IRGenerator::B3IRGenerator): (JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState): (JSC::Wasm::B3IRGenerator::emitCheckAndPreparePointer): (JSC::Wasm::B3IRGenerator::load): (JSC::Wasm::B3IRGenerator::store): (JSC::Wasm::B3IRGenerator::addCallIndirect):
- wasm/WasmBinding.cpp: (JSC::Wasm::wasmToWasm):
- wasm/WasmMemory.cpp: (JSC::Wasm::Memory::Memory):
- wasm/WasmMemory.h: (JSC::Wasm::Memory::offsetOfIndexingMask):
- wasm/WasmMemoryInformation.cpp: (JSC::Wasm::PinnedRegisterInfo::get): (JSC::Wasm::PinnedRegisterInfo::PinnedRegisterInfo):
- wasm/WasmMemoryInformation.h: (JSC::Wasm::PinnedRegisterInfo::toSave const):
- wasm/js/JSToWasm.cpp: (JSC::Wasm::createJSToWasmWrapper):
Use index masking for TypedArrays and and Wasm.
https://bugs.webkit.org/show_bug.cgi?id=180920
Reviewed by Filip Pizlo.
Copy things from ToT that we will need for a branch.
- wtf/MathExtras.h: (WTF::computeIndexingMask):
- wtf/StdLibExtras.h: (std::clz):
- 3:08 PM Changeset in webkit [226559] by
-
- 5 edits in branches/safari-604.4.7.1-branch
Apply patch. rdar://problem/36116546
Reduce the precision of "high" resolution time to 1ms
https://bugs.webkit.org/show_bug.cgi?id=180910
<rdar://problem/36085943>
Reviewed by Saam Barati.
Add a flaky test expectation to imported/w3c/web-platform-tests/workers/worker-performance.worker.html
due to a test bug. The test fix is tracked in https://github.com/w3c/web-platform-tests/pull/8711
- 3:08 PM Changeset in webkit [226558] by
-
- 13 edits in branches/safari-604.4.7.1-branch/Source
Cherry-pick r226068. rdar://problem/36116392
- 3:08 PM Changeset in webkit [226557] by
-
- 3 edits in branches/safari-604.4.7.1-branch/Source/JavaScriptCore
Apply patch. rdar://problem/36116362
Disable/remove SharedArrayBuffers from Web API
rdar://problem/36077849
Removed SharedArrayBuffer prototype and structure to disable.
- runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::visitChildren):
- runtime/JSGlobalObject.h: (JSC::JSGlobalObject::arrayBufferPrototype const): (JSC::JSGlobalObject::arrayBufferStructure const):
- 2:59 PM Changeset in webkit [226556] by
-
- 6 edits in trunk/Source/JavaScriptCore
Rename CodeBlock::m_vm to CodeBlock::m_poisonedVM.
https://bugs.webkit.org/show_bug.cgi?id=181403
<rdar://problem/36359789>
Rubber-stamped by JF Bastien.
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::~CodeBlock):
(JSC::CodeBlock::setConstantRegisters):
(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::finalizeLLIntInlineCaches):
(JSC::CodeBlock::jettison):
(JSC::CodeBlock::predictedMachineCodeSize):
- bytecode/CodeBlock.h:
(JSC::CodeBlock::vm const):
(JSC::CodeBlock::addConstant):
(JSC::CodeBlock::heap const):
(JSC::CodeBlock::replaceConstant):
- llint/LowLevelInterpreter.asm:
- llint/LowLevelInterpreter32_64.asm:
- llint/LowLevelInterpreter64.asm:
- 2:51 PM Changeset in webkit [226555] by
-
- 1 copy in tags/Safari-604.4.7.0.5
Tag Safari-604.4.7.0.5.
- 2:50 PM Changeset in webkit [226554] by
-
- 1 copy in tags/Safari-604.4.7.0.4
Tag Safari-604.4.7.0.4.
- 2:45 PM Changeset in webkit [226553] by
-
- 1 copy in tags/Safari-605.1.20
Tag Safari-605.1.20.
- 2:42 PM Changeset in webkit [226552] by
-
- 7 edits in branches/safari-604.4.7.0-branch/Source
Versioning.
- 2:42 PM Changeset in webkit [226551] by
-
- 1 edit in branches/safari-604.4.7.0-branch/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp
Apply patch. rdar://problem/36267602
fix indexing mask
- 2:42 PM Changeset in webkit [226550] by
-
- 7 edits in branches/safari-604.4.7.0-branch/Source
Versioning.
- 2:42 PM Changeset in webkit [226549] by
-
- 3 edits in branches/safari-604.4.7.0-branch/Source/JavaScriptCore/offlineasm
Apply patch. rdar://problem/36113365
Fix build failure for iOS. Partial cherry-pick r223239 (offlineasm portion of that change).
- 2:42 PM Changeset in webkit [226548] by
-
- 2 edits in branches/safari-604.4.7.0-branch/Source/JavaScriptCore
Apply patch. rdar://problem/36113365
32-bit fix.
- 2:42 PM Changeset in webkit [226547] by
-
- 62 edits4 copies3 adds in branches/safari-604.4.7.0-branch
Apply patch. rdar://problem/36113352
Cherry-pick r225363, r225437, r225632, r225659, r225697, r225857. rdar://problem/36085975
Also merged offlineasm parts of r220184 and r222549. These changes are required
to support the code in cherry-picked revisions above.
2017-11-30 Mark Lam <mark.lam@apple.com>
Let's scramble MacroAssemblerCodePtr values.
https://bugs.webkit.org/show_bug.cgi?id=180169
<rdar://problem/35758340>
Reviewed by Filip Pizlo, Saam Barati, and JF Bastien.
- MacroAssemblerCodePtr now stores a ScrambledPtr instead of a void*.
- MacroAssemblerCodePtr's executableAddress() and dataLocation() now take a template argument type that will be used to cast the result. This makes the client code that uses these functions a little less verbose.
- Change the code base in general to minimize passing void* code pointers around. We now pass MacroAssemblerCodePtr as much as possible, and descramble it only at the last moment when we need the underlying code pointer.
- Added some MasmScrambledPtr paranoid asserts that are disabled (not built) by default. I'm leaving them in because they are instrumental in finding bugs where not all MacroAssemblerCodePtr values were not scrambled as expected. I expect them to be useful in the near future as we add more scrambling.
- Also disable the casting operator on MacroAssemblerCodePtr (except for explicit casts to a boolean). This ensures that clients will always explicitly use scrambledBits() or executableAddress() to get a value based on which value they actually need.
- Added currentThread() id to the logging in LLIntSlowPath trace functions. This was helpful when debugging tests that ran multiple VMs concurrently on different threads.
MacroAssemblerCodePtr is currently supported on 64-bit builds (including the
CLoop). It is not yet supported in 32-bit and Windows because we don't
currently have a way to read a global variable from their LLInt code.
- assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssembler::differenceBetweenCodePtr): (JSC::AbstractMacroAssembler::linkPointer):
- assembler/CodeLocation.h: (JSC::CodeLocationCommon::instructionAtOffset): (JSC::CodeLocationCommon::labelAtOffset): (JSC::CodeLocationCommon::jumpAtOffset): (JSC::CodeLocationCommon::callAtOffset): (JSC::CodeLocationCommon::nearCallAtOffset): (JSC::CodeLocationCommon::dataLabelPtrAtOffset): (JSC::CodeLocationCommon::dataLabel32AtOffset): (JSC::CodeLocationCommon::dataLabelCompactAtOffset): (JSC::CodeLocationCommon::convertibleLoadAtOffset):
- assembler/LinkBuffer.cpp: (JSC::LinkBuffer::finalizeCodeWithDisassembly):
- assembler/LinkBuffer.h: (JSC::LinkBuffer::link): (JSC::LinkBuffer::patch):
- assembler/MacroAssemblerCodeRef.cpp: (JSC::MacroAssemblerCodePtr::initialize):
- assembler/MacroAssemblerCodeRef.h: (JSC::FunctionPtr::FunctionPtr): (JSC::FunctionPtr::value const): (JSC::FunctionPtr::executableAddress const): (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): (JSC::MacroAssemblerCodePtr::scrambledPtr const): (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::operator! const): (JSC::MacroAssemblerCodePtr::operator bool const): (JSC::MacroAssemblerCodePtr::operator== const): (JSC::MacroAssemblerCodePtr::hash const): (JSC::MacroAssemblerCodePtr::emptyValue): (JSC::MacroAssemblerCodePtr::deletedValue): (JSC::MacroAssemblerCodePtr::executableAddress const): Deleted. (JSC::MacroAssemblerCodePtr::dataLocation const): Deleted.
- b3/B3LowerMacros.cpp:
- b3/testb3.cpp: (JSC::B3::testInterpreter):
- dfg/DFGDisassembler.cpp: (JSC::DFG::Disassembler::dumpDisassembly):
- dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::link): (JSC::DFG::JITCompiler::compileFunction):
- dfg/DFGOperations.cpp:
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::emitSwitchIntJump): (JSC::DFG::SpeculativeJIT::emitSwitchImm): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): (JSC::DFG::SpeculativeJIT::emitSwitchChar):
- dfg/DFGSpeculativeJIT.h:
- disassembler/Disassembler.cpp: (JSC::disassemble):
- disassembler/UDis86Disassembler.cpp: (JSC::tryToDisassembleWithUDis86):
- ftl/FTLCompile.cpp: (JSC::FTL::compile):
- ftl/FTLJITCode.cpp: (JSC::FTL::JITCode::executableAddressAtOffset):
- ftl/FTLLink.cpp: (JSC::FTL::link):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstruct): (JSC::FTL::DFG::LowerDFGToB3::compileTailCall): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread): (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
- interpreter/InterpreterInlines.h: (JSC::Interpreter::getOpcodeID):
- jit/JITArithmetic.cpp: (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow):
- jit/JITCode.cpp: (JSC::JITCodeWithCodeRef::executableAddressAtOffset): (JSC::JITCodeWithCodeRef::dataAddressAtOffset): (JSC::JITCodeWithCodeRef::offsetOf):
- jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpDisassembly):
- jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap):
- jit/Repatch.cpp: (JSC::ftlThunkAwareRepatchCall):
- jit/ThunkGenerators.cpp: (JSC::virtualThunkFor): (JSC::boundThisNoArgsFunctionCallGenerator):
- llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall):
- llint/LowLevelInterpreter64.asm:
- offlineasm/cloop.rb:
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- wasm/WasmBBQPlan.cpp: (JSC::Wasm::BBQPlan::complete):
- wasm/WasmCallee.h: (JSC::Wasm::Callee::entrypoint const):
- wasm/WasmCodeBlock.cpp: (JSC::Wasm::CodeBlock::CodeBlock):
- wasm/WasmOMGPlan.cpp: (JSC::Wasm::OMGPlan::work):
- wasm/js/WasmToJS.cpp: (JSC::Wasm::wasmToJS):
- wasm/js/WebAssemblyFunction.cpp: (JSC::callWebAssemblyFunction):
- wasm/js/WebAssemblyFunction.h:
- wasm/js/WebAssemblyWrapperFunction.cpp: (JSC::WebAssemblyWrapperFunction::create):
2017-12-01 Mark Lam <mark.lam@apple.com>
Let's scramble ClassInfo pointers in cells.
https://bugs.webkit.org/show_bug.cgi?id=180291
<rdar://problem/35807620>
Reviewed by JF Bastien.
- API/JSCallbackObject.h:
- API/JSObjectRef.cpp: (classInfoPrivate):
- JavaScriptCore.xcodeproj/project.pbxproj:
- Sources.txt:
- assembler/MacroAssemblerCodeRef.cpp: (JSC::MacroAssemblerCodePtr::initialize): Deleted.
- assembler/MacroAssemblerCodeRef.h: (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::hash const):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileCheckSubClass): (JSC::DFG::SpeculativeJIT::compileNewStringObject):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNewStringObject): (JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitAllocateDestructibleObject):
- jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass):
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- runtime/JSCScrambledPtr.cpp: Added. (JSC::initializeScrambledPtrKeys):
- runtime/JSCScrambledPtr.h: Added.
- runtime/JSDestructibleObject.h: (JSC::JSDestructibleObject::classInfo const):
- runtime/JSSegmentedVariableObject.h: (JSC::JSSegmentedVariableObject::classInfo const):
- runtime/Structure.h:
- runtime/VM.h:
2017-12-07 Mark Lam <mark.lam@apple.com>
[Re-landing r225620] Refactoring: Rename ScrambledPtr to Poisoned.
https://bugs.webkit.org/show_bug.cgi?id=180514
Reviewed by Saam Barati and JF Bastien.
Re-landing r225620 with speculative build fix for GCC 7.
- API/JSCallbackObject.h:
- API/JSObjectRef.cpp: (classInfoPrivate):
- JavaScriptCore.xcodeproj/project.pbxproj:
- Sources.txt:
- assembler/MacroAssemblerCodeRef.h: (JSC::FunctionPtr::FunctionPtr): (JSC::FunctionPtr::value const): (JSC::FunctionPtr::executableAddress const): (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): (JSC::MacroAssemblerCodePtr::poisonedPtr const): (JSC::MacroAssemblerCodePtr:: const): (JSC::MacroAssemblerCodePtr::operator! const): (JSC::MacroAssemblerCodePtr::operator== const): (JSC::MacroAssemblerCodePtr::emptyValue): (JSC::MacroAssemblerCodePtr::deletedValue): (JSC::MacroAssemblerCodePtr::scrambledPtr const): Deleted.
- b3/B3LowerMacros.cpp:
- b3/testb3.cpp: (JSC::B3::testInterpreter):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileCheckSubClass): (JSC::DFG::SpeculativeJIT::compileNewStringObject): (JSC::DFG::SpeculativeJIT::emitSwitchIntJump):
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNewStringObject): (JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitAllocateDestructibleObject):
- jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass):
- jit/ThunkGenerators.cpp: (JSC::virtualThunkFor): (JSC::boundThisNoArgsFunctionCallGenerator):
- llint/LLIntSlowPaths.cpp: (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall):
- llint/LowLevelInterpreter64.asm:
- runtime/InitializeThreading.cpp: (JSC::initializeThreading):
- runtime/JSCPoisonedPtr.cpp: Copied from Source/JavaScriptCore/runtime/JSCScrambledPtr.cpp. (JSC::initializePoison): (JSC::initializeScrambledPtrKeys): Deleted.
- runtime/JSCPoisonedPtr.h: Copied from Source/JavaScriptCore/runtime/JSCScrambledPtr.h.
- runtime/JSCScrambledPtr.cpp: Removed.
- runtime/JSCScrambledPtr.h: Removed.
- runtime/JSDestructibleObject.h: (JSC::JSDestructibleObject::classInfo const):
- runtime/JSSegmentedVariableObject.h: (JSC::JSSegmentedVariableObject::classInfo const):
- runtime/Structure.h:
- runtime/VM.h:
2017-12-07 Mark Lam <mark.lam@apple.com>
Apply poisoning to some native code pointers.
https://bugs.webkit.org/show_bug.cgi?id=180541
<rdar://problem/35916875>
Reviewed by Filip Pizlo.
Renamed g_classInfoPoison to g_globalDataPoison.
Renamed g_masmPoison to g_jitCodePoison.
Introduced g_nativeCodePoison.
Applied g_nativeCodePoison to poisoning some native code pointers.
Introduced non-random Int32 poison values (in JSCPoison.h) for use with pointers
to malloc allocated data structures (where needed).
- API/JSCallbackFunction.h: (JSC::JSCallbackFunction::functionCallback):
- JavaScriptCore.xcodeproj/project.pbxproj:
- jit/ThunkGenerators.cpp: (JSC::nativeForGenerator):
- llint/LowLevelInterpreter64.asm:
- runtime/CustomGetterSetter.h: (JSC::CustomGetterSetter::getter const): (JSC::CustomGetterSetter::setter const):
- runtime/InternalFunction.cpp: (JSC::InternalFunction::getCallData): (JSC::InternalFunction::getConstructData):
- runtime/InternalFunction.h: (JSC::InternalFunction::nativeFunctionFor):
- runtime/JSCPoison.h: Added.
- runtime/JSCPoisonedPtr.cpp: (JSC::initializePoison):
- runtime/JSCPoisonedPtr.h:
- runtime/Lookup.h:
- runtime/NativeExecutable.cpp: (JSC::NativeExecutable::hashFor const):
- runtime/NativeExecutable.h:
- runtime/Structure.cpp: (JSC::StructureTransitionTable::setSingleTransition):
- runtime/StructureTransitionTable.h: (JSC::StructureTransitionTable::StructureTransitionTable): (JSC::StructureTransitionTable::isUsingSingleSlot const): (JSC::StructureTransitionTable::map const): (JSC::StructureTransitionTable::weakImpl const): (JSC::StructureTransitionTable::setMap):
2017-12-08 Mark Lam <mark.lam@apple.com>
Need to unpoison native function pointers for CLoop.
https://bugs.webkit.org/show_bug.cgi?id=180601
<rdar://problem/35942028>
Reviewed by JF Bastien.
- llint/LowLevelInterpreter64.asm:
2017-12-13 Mark Lam <mark.lam@apple.com>
Fill out some Poisoned APIs, fix some bugs, and add some tests.
https://bugs.webkit.org/show_bug.cgi?id=180724
<rdar://problem/36006884>
Reviewed by JF Bastien.
- runtime/StructureTransitionTable.h:
2017-12-18 Jason Marcell <jmarcell@apple.com>
Apply patch. rdar://problem/36113365
Cherry-pick r225363, r225437, r225632, r225659, r225697, r225857. rdar://problem/36085975
2017-11-30 Mark Lam <mark.lam@apple.com>
Let's scramble MacroAssemblerCodePtr values.
https://bugs.webkit.org/show_bug.cgi?id=180169
<rdar://problem/35758340>
Reviewed by Filip Pizlo, Saam Barati, and JF Bastien.
Introduce a ScrambledPtr class to facilitate scrambling.
- WTF.xcodeproj/project.pbxproj:
- wtf/CMakeLists.txt:
- wtf/ScrambledPtr.cpp: Added. (WTF::makeScrambledPtrKey):
- wtf/ScrambledPtr.h: Added. (WTF::ScrambledPtr::ScrambledPtr): (WTF::ScrambledPtr::paranoidAssertIsScrambled const): (WTF::ScrambledPtr::paranoidAssertIsNotScrambled const): (WTF::ScrambledPtr:: const): (WTF::ScrambledPtr::operator-> const): (WTF::ScrambledPtr::scrambledBits const): (WTF::ScrambledPtr::operator! const): (WTF::ScrambledPtr::operator bool const): (WTF::ScrambledPtr::operator== const): (WTF::ScrambledPtr::operator==): (WTF::ScrambledPtr::scramble): (WTF::ScrambledPtr::descramble):
2017-12-01 Mark Lam <mark.lam@apple.com>
Let's scramble ClassInfo pointers in cells.
https://bugs.webkit.org/show_bug.cgi?id=180291
<rdar://problem/35807620>
Reviewed by JF Bastien.
- wtf/ScrambledPtr.h: (WTF::ScrambledPtr::descrambled const): (WTF::ScrambledPtr::bits const): (WTF::ScrambledPtr::operator==): (WTF::ScrambledPtr::operator=): (WTF::ScrambledPtr::scramble): (WTF::ScrambledPtr::descramble): (WTF::ScrambledPtr:: const): Deleted. (WTF::ScrambledPtr::scrambledBits const): Deleted.
2017-12-07 Mark Lam <mark.lam@apple.com>
[Re-landing r225620] Refactoring: Rename ScrambledPtr to Poisoned.
https://bugs.webkit.org/show_bug.cgi?id=180514
Reviewed by Saam Barati and JF Bastien.
Re-landing r225620 with speculative build fix for GCC 7.
- WTF.xcodeproj/project.pbxproj:
- wtf/CMakeLists.txt:
- wtf/Poisoned.cpp: Copied from Source/WTF/wtf/ScrambledPtr.cpp. (WTF::makePoison): (WTF::makeScrambledPtrKey): Deleted.
- wtf/Poisoned.h: Copied from Source/WTF/wtf/ScrambledPtr.h. (WTF::PoisonedImpl::PoisonedImpl): (WTF::PoisonedImpl::assertIsPoisoned const): (WTF::PoisonedImpl::assertIsNotPoisoned const): (WTF::PoisonedImpl::unpoisoned const): (WTF::PoisonedImpl::operator-> const): (WTF::PoisonedImpl::bits const): (WTF::PoisonedImpl::operator! const): (WTF::PoisonedImpl::operator bool const): (WTF::PoisonedImpl::operator== const): (WTF::PoisonedImpl::operator==): (WTF::PoisonedImpl::operator=): (WTF::PoisonedImpl::poison): (WTF::PoisonedImpl::unpoison): (WTF::ScrambledPtr::ScrambledPtr): Deleted. (WTF::ScrambledPtr::assertIsScrambled const): Deleted. (WTF::ScrambledPtr::assertIsNotScrambled const): Deleted. (WTF::ScrambledPtr::descrambled const): Deleted. (WTF::ScrambledPtr::operator-> const): Deleted. (WTF::ScrambledPtr::bits const): Deleted. (WTF::ScrambledPtr::operator! const): Deleted. (WTF::ScrambledPtr::operator bool const): Deleted. (WTF::ScrambledPtr::operator== const): Deleted. (WTF::ScrambledPtr::operator==): Deleted. (WTF::ScrambledPtr::operator=): Deleted. (WTF::ScrambledPtr::scramble): Deleted. (WTF::ScrambledPtr::descramble): Deleted.
- wtf/ScrambledPtr.cpp: Removed.
- wtf/ScrambledPtr.h: Removed.
2017-12-07 Mark Lam <mark.lam@apple.com>
Apply poisoning to some native code pointers.
https://bugs.webkit.org/show_bug.cgi?id=180541
<rdar://problem/35916875>
Reviewed by Filip Pizlo.
Ensure that the resultant poisoned bits still looks like a pointer in that its
bottom bits are 0, just like the alignment bits of a pointer. This allows the
client to use the bottom bits of the poisoned bits as flag bits just like the
client was previously able to do with pointer values.
Note: we only ensure that the bottom alignment bits of the generated poison
value is 0. We're not masking out the poisoned bits. This means that the bottom
bits of the poisoned bits will only be null if the original pointer is aligned.
Hence, if the client applies the poison to an unaligned pointer, we do not lose
any information on the low bits.
Also removed 2 wrong assertions in PoisonedImpl's constructors. We were
asserting that Poisoned will never be used with a null value, but that's invalid.
We do want to allow a null value so that we don't have to constantly do null
checks in the clients. This was uncovered by some layout tests.
- wtf/Poisoned.cpp: (WTF::makePoison):
- wtf/Poisoned.h: (WTF::PoisonedImpl::PoisonedImpl):
2017-12-13 Mark Lam <mark.lam@apple.com>
Fill out some Poisoned APIs, fix some bugs, and add some tests.
https://bugs.webkit.org/show_bug.cgi?id=180724
<rdar://problem/36006884>
Reviewed by JF Bastien.
Also rename Int32Poisoned to ConstExprPoisoned. The key it takes is actually a
uint32_t. So, Int32 is really a misnomer. In addition, the key needs to be a
constexpr. So, ConstExprPoisoned is a better name for it.
- wtf/Poisoned.cpp: (WTF::makePoison):
- wtf/Poisoned.h: (WTF::PoisonedImplHelper::asReference): (WTF::PoisonedImpl::PoisonedImpl): (WTF::PoisonedImpl::clear): (WTF::PoisonedImpl::operator* const): (WTF::PoisonedImpl::operator-> const): (WTF::PoisonedImpl::operator== const): (WTF::PoisonedImpl::operator!= const): (WTF::PoisonedImpl::operator< const): (WTF::PoisonedImpl::operator<= const): (WTF::PoisonedImpl::operator> const): (WTF::PoisonedImpl::operator>= const): (WTF::PoisonedImpl::operator=): (WTF::PoisonedImpl::swap): (WTF::PoisonedImpl::exchange): (WTF::swap): (WTF::makePoison): (WTF::PoisonedImpl::operator==): Deleted.
- 2:41 PM Changeset in webkit [226546] by
-
- 27 edits in branches/safari-604.4.7.0-branch/Source
Apply patch. rdar://problem/36113365
Use index masking for TypedArrays and and Wasm.
https://bugs.webkit.org/show_bug.cgi?id=180920
Reviewed by Filip Pizlo.
We should have index masking for our TypedArray code in the
DFG/FTL and for Wasm when doing bounds checking. Index masking for
Wasm is added to the WasmBoundsCheckValue. Since we don't CSE any
WasmBoundsCheckValues we don't need to worry about combining a
bounds check for a load and a store. I went with fusing the
pointer masking in the WasmBoundsCheckValue since it should reduce
additional compiler overhead.
- b3/B3LowerToAir.cpp:
- b3/B3Validate.cpp:
- b3/B3WasmBoundsCheckValue.cpp: (JSC::B3::WasmBoundsCheckValue::WasmBoundsCheckValue): (JSC::B3::WasmBoundsCheckValue::dumpMeta const):
- b3/B3WasmBoundsCheckValue.h: (JSC::B3::WasmBoundsCheckValue::pinnedIndexingMask const):
- b3/air/AirCustom.h: (JSC::B3::Air::WasmBoundsCheckCustom::generate):
- b3/testb3.cpp: (JSC::B3::testWasmBoundsCheck):
- dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::loadFromIntTypedArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray): (JSC::DFG::SpeculativeJIT::compileNewTypedArray):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLAbstractHeapRepository.h:
- ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileAtomicsReadModifyWrite): (JSC::FTL::DFG::LowerDFGToB3::compileGetByVal): (JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray): (JSC::FTL::DFG::LowerDFGToB3::pointerIntoTypedArray):
- jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitComputeButterflyIndexingMask):
- runtime/Butterfly.h:
- runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::JSArrayBufferView):
- runtime/JSArrayBufferView.h: (JSC::JSArrayBufferView::offsetOfIndexingMask):
- wasm/WasmB3IRGenerator.cpp: (JSC::Wasm::B3IRGenerator::B3IRGenerator): (JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState): (JSC::Wasm::B3IRGenerator::emitCheckAndPreparePointer): (JSC::Wasm::B3IRGenerator::load): (JSC::Wasm::B3IRGenerator::store): (JSC::Wasm::B3IRGenerator::addCallIndirect):
- wasm/WasmBinding.cpp: (JSC::Wasm::wasmToWasm):
- wasm/WasmMemory.cpp: (JSC::Wasm::Memory::Memory):
- wasm/WasmMemory.h: (JSC::Wasm::Memory::offsetOfIndexingMask):
- wasm/WasmMemoryInformation.cpp: (JSC::Wasm::PinnedRegisterInfo::get): (JSC::Wasm::PinnedRegisterInfo::PinnedRegisterInfo):
- wasm/WasmMemoryInformation.h: (JSC::Wasm::PinnedRegisterInfo::toSave const):
- wasm/js/JSToWasm.cpp: (JSC::Wasm::createJSToWasmWrapper):
Use index masking for TypedArrays and and Wasm.
https://bugs.webkit.org/show_bug.cgi?id=180920
Reviewed by Filip Pizlo.
Copy things from ToT that we will need for a branch.
- wtf/MathExtras.h: (WTF::computeIndexingMask):
- wtf/StdLibExtras.h: (std::clz):
- 2:41 PM Changeset in webkit [226545] by
-
- 5 edits in branches/safari-604.4.7.0-branch
Apply patch. rdar://problem/36113340
Reduce the precision of "high" resolution time to 1ms
https://bugs.webkit.org/show_bug.cgi?id=180910
<rdar://problem/36085943>
Reviewed by Saam Barati.
Add a flaky test expectation to imported/w3c/web-platform-tests/workers/worker-performance.worker.html
due to a test bug. The test fix is tracked in https://github.com/w3c/web-platform-tests/pull/8711
- 2:41 PM Changeset in webkit [226544] by
-
- 13 edits in branches/safari-604.4.7.0-branch/Source
Cherry-pick r226068. rdar://problem/36113378
- 2:41 PM Changeset in webkit [226543] by
-
- 3 edits in branches/safari-604.4.7.0-branch/Source/JavaScriptCore
Apply patch. rdar://problem/36113314
Disable/remove SharedArrayBuffers from Web API
rdar://problem/36077849
Removed SharedArrayBuffer prototype and structure to disable.
- runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::visitChildren):
- runtime/JSGlobalObject.h: (JSC::JSGlobalObject::arrayBufferPrototype const): (JSC::JSGlobalObject::arrayBufferStructure const):
- 2:41 PM Changeset in webkit [226542] by
-
- 8 edits in trunk/Source
Storage Access API: Remove access for all frames under a page when the page is closed
https://bugs.webkit.org/show_bug.cgi?id=181398
<rdar://problem/36357879>
Reviewed by Alex Christensen.
Source/WebCore:
No new tests. Discussed with Alex Christensen and we concluded that
both a layout test and an API test would require a lot of work and
we have existing tests for clearing out storage access for frames.
- platform/network/NetworkStorageSession.h:
- platform/network/cf/NetworkStorageSessionCFNet.cpp:
(WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage):
Source/WebKit:
- NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::removeStorageAccessForAllFramesOnPage):
- NetworkProcess/NetworkConnectionToWebProcess.h:
- NetworkProcess/NetworkConnectionToWebProcess.messages.in:
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::close):
- 2:35 PM Changeset in webkit [226541] by
-
- 7 edits4 deletes in trunk
Unreviewed, rolling out r226385.
The test introduced with this was a flaky since being added.
Reverted changeset:
"AX: when invert colors is on, double-invert certain media
elements in UserAgentStyleSheet"
https://bugs.webkit.org/show_bug.cgi?id=168447
https://trac.webkit.org/changeset/226385
- 2:33 PM Changeset in webkit [226540] by
-
- 12 edits in trunk/Source
SWClientConnection should not keep references to service worker jobs
https://bugs.webkit.org/show_bug.cgi?id=181381
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Chris Dumez.
Source/WebCore:
Difficult to test determiniscally but corresponding crash log should no longer happen in debug builds.
Stopped passing ServiceWorkerJob references from ServiceWorkerContainer (potentially in service worker thread) to SWClientConnection (main thread).
Instead pass job identifiers and related data to the main thread.
Minor refactoring to use ServiceWorkerJobIdentifier instead of ServiceWorkerJobDataIdentifier which contains more data than needed.
- workers/service/SWClientConnection.cpp:
(WebCore::SWClientConnection::scheduleJob):
(WebCore::SWClientConnection::failedFetchingScript):
(WebCore::SWClientConnection::postTaskForJob):
(WebCore::SWClientConnection::jobRejectedInServer):
(WebCore::SWClientConnection::registrationJobResolvedInServer):
(WebCore::SWClientConnection::unregistrationJobResolvedInServer):
(WebCore::SWClientConnection::startScriptFetchForServer):
(WebCore::SWClientConnection::clearPendingJobs):
(WebCore::SWClientConnection::finishedFetchingScript): Deleted.
- workers/service/SWClientConnection.h:
- workers/service/ServiceWorkerContainer.cpp:
(WebCore::ServiceWorkerContainer::scheduleJob):
(WebCore::ServiceWorkerContainer::startScriptFetchForJob):
(WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
(WebCore::ServiceWorkerContainer::jobFailedLoadingScript):
- workers/service/ServiceWorkerContainer.h:
- workers/service/server/SWServer.cpp:
(WebCore::SWServer::rejectJob):
(WebCore::SWServer::resolveRegistrationJob):
(WebCore::SWServer::resolveUnregistrationJob):
(WebCore::SWServer::startScriptFetch):
- workers/service/server/SWServer.h:
Source/WebKit:
Updated IPC handling based on WebCore refactoring.
- Scripts/webkit/messages.py:
(forward_declarations_and_headers):
(headers_for_type):
- StorageProcess/ServiceWorker/WebSWServerConnection.cpp:
(WebKit::WebSWServerConnection::rejectJobInClient):
(WebKit::WebSWServerConnection::resolveRegistrationJobInClient):
(WebKit::WebSWServerConnection::resolveUnregistrationJobInClient):
(WebKit::WebSWServerConnection::startScriptFetchInClient):
- StorageProcess/ServiceWorker/WebSWServerConnection.h:
- WebProcess/Storage/WebSWClientConnection.messages.in:
- 2:19 PM Changeset in webkit [226539] by
-
- 8 edits in trunk
Copying, pasting, and then deleting an attachment element breaks attachment data requests
https://bugs.webkit.org/show_bug.cgi?id=181365
<rdar://problem/36340647>
Reviewed by Tim Horton.
Source/WebCore:
Currently, copying and pasting an attachment element within the same document and then deleting backwards to
remove the pasted attachment element causes the original attachment element to be inaccessible via SPI. This is
because there are now two different attachment elements with the same unique identifier, such that Document,
which keeps a map of all unique attachment identifiers to attachment elements, will lose track of the original
attachment element.
To fix this, we ensure that attachment elements should always have unique identifiers when they are inserted
into the document. We make several small adjustments to accomplish this:
- First, refactor HTMLAttachmentElement's unique identifier so that it no longer depends on the value of the
"webkitattachmentid" attribute, and is instead just a member of HTMLAttachmentElement that is not exposed to
DOM bindings. This means setting and querying an attachment element's uniqueIdentifier can be done without
triggering any side effects, such as layout or mutation events.
- Next, make "webkitattachmentid" a temporary attribute similar to "webkitattachmentpath" and
"webkitattachmentbloburl", so that it is added only when generating a markup fragment for editing, and
removed upon deserialization.
- Lastly, shift the responsibility of assigning a unique identifier to an attachment away from places where we
create attachment elements, and instead have Document enforce this when an attachment element is inserted.
Tests: WKAttachmentTests.InsertAndRemoveDuplicateAttachment
WKAttachmentTests.InsertDuplicateAttachmentAndUpdateData
- dom/Document.cpp:
(WebCore::Document::didInsertAttachmentElement):
Assign the unique identifier of an attachment element that has been inserted. If the identifier already tracks
an existing attachment element in the document or is missing, reassign the identifier to a new value.
- editing/cocoa/WebContentReaderCocoa.mm:
(WebCore::createFragmentForImageAttachment):
(WebCore::replaceRichContentWithAttachments):
(WebCore::WebContentReader::readFilePaths):
Remove calls to setUniqueIdentifier here, since Document will assign a unique identifier upon insertion.
- editing/markup.cpp:
(WebCore::StyledMarkupAccumulator::appendCustomAttributes):
(WebCore::createFragmentFromMarkup):
Set the attachment's unique identifier to the value of the "webkitattachmentid" attribute. When moving existing
attachments around in the DOM without duplication, this ensures that the attachment will be removed and
reinserted in the document without triggering removal and insertion client delegate methods.
When pasting an attachment element that has the same identifier as an existing attachment, we let Document
realize that the attachment identifier already exists, and reassign it to a unique value.
- html/HTMLAttachmentElement.cpp:
(WebCore::HTMLAttachmentElement::uniqueIdentifier const): Deleted.
(WebCore::HTMLAttachmentElement::setUniqueIdentifier): Deleted.
- html/HTMLAttachmentElement.h:
Tools:
Adds two new attachment API tests to verify that copying and pasting an existing attachment inserts an
attachment element that may be edited independently of the original attachment. See WebCore/ChangeLog for more
detail.
- TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:
(TestWebKitAPI::TEST):
- 2:13 PM Changeset in webkit [226538] by
-
- 2 edits in trunk/LayoutTests
Skip http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html
https://bugs.webkit.org/show_bug.cgi?id=181223
Unreviewed test gardening.
- platform/wk2/TestExpectations:
- 2:04 PM Changeset in webkit [226537] by
-
- 7 edits2 adds in trunk/Source/WebCore
[RenderTreeBuilder] Move RenderBlockFlow addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181348
<rdar://problem/36328117>
Reviewed by Antti Koivisto.
This is about moving the code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).
No change in functionality.
- Sources.txt:
- WebCore.xcodeproj/project.pbxproj:
- rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::addChild):
- rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::insertChildToRenderBlockFlow):
- rendering/updating/RenderTreeBuilder.h:
(WebCore::RenderTreeBuilder::blockFlowBuilder):
- rendering/updating/RenderTreeBuilderBlockFlow.cpp: Added.
(WebCore::RenderTreeBuilder::BlockFlow::BlockFlow):
(WebCore::RenderTreeBuilder::BlockFlow::insertChild):
- rendering/updating/RenderTreeBuilderBlockFlow.h: Added.
- 2:01 PM Changeset in webkit [226536] by
-
- 3 edits4 adds in trunk/Source/WebKit
[Cocoa] Web Inspector: Provide a way for clients to check if an NSWindow is a Web Inspector window
https://bugs.webkit.org/show_bug.cgi?id=181361
<rdar://problem/36332865>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-08
Reviewed by Darin Adler.
- WebKit.xcodeproj/project.pbxproj:
New files.
- Shared/API/Cocoa/_WKNSWindowExtras.h: Added.
- Shared/API/Cocoa/_WKNSWindowExtras.mm: Added.
(-[NSWindow _web_isWebInspectorWindow]):
Method to determing if a window is being used for Web Inspector content.
- UIProcess/mac/WKInspectorWindow.h: Added.
- UIProcess/mac/WKInspectorWindow.mm: Added.
Named subclass so we can use isKindOfClass.
- UIProcess/mac/WebInspectorProxyMac.mm:
(WebKit::WebInspectorProxy::createFrontendWindow):
Use the named subclass.
- 1:54 PM Changeset in webkit [226535] by
-
- 2 edits in trunk/JSTests
Disable SharedArrayBuffer tests missed in r226386.
https://bugs.webkit.org/show_bug.cgi?id=181266
Unreviewed test gardening.
- test262.yaml:
- 1:53 PM Changeset in webkit [226534] by
-
- 2 edits in trunk/LayoutTests
Marked http/wpt/cache-storage/cache-put-stream.https.any.html as flaky on macOS WK2.
https://bugs.webkit.org/show_bug.cgi?id=181107
Unreviewed test gardening.
- platform/mac-wk2/TestExpectations:
- 1:48 PM Changeset in webkit [226533] by
-
- 2 edits in trunk/Source/WebKit
Build fix for WKPDFView
https://bugs.webkit.org/show_bug.cgi?id=181399
<rdar://problem/36311915>
Reviewed by Simon Fraser.
- UIProcess/ios/WKPDFView.mm:
Disable deprecation warnings in this whole file.
- 1:19 PM Changeset in webkit [226532] by
-
- 25 edits in trunk
Add CSP support to service workers
https://bugs.webkit.org/show_bug.cgi?id=181385
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Chris Dumez.
LayoutTests/imported/w3c:
- web-platform-tests/service-workers/service-worker/service-worker-csp-connect.https-expected.txt:
- web-platform-tests/service-workers/service-worker/service-worker-csp-default.https-expected.txt:
- web-platform-tests/service-workers/service-worker/service-worker-csp-script.https-expected.txt:
Source/WebCore:
Covered by rebased tests.
Added recovery of CSP information from WorkerScriptLoader.
Added plumbing to pass the CSP information to Service Workers.
Added persistency support for the CSP information.
- workers/WorkerScriptLoader.cpp:
(WebCore::WorkerScriptLoader::loadAsynchronously):
(WebCore::WorkerScriptLoader::didReceiveResponse):
- workers/WorkerScriptLoader.h:
(WebCore::WorkerScriptLoader::contentSecurityPolicy const):
- workers/service/SWClientConnection.cpp:
(WebCore::SWClientConnection::finishedFetchingScript):
(WebCore::SWClientConnection::failedFetchingScript):
- workers/service/SWClientConnection.h:
- workers/service/ServiceWorkerContainer.cpp:
(WebCore::ServiceWorkerContainer::addRegistration):
(WebCore::ServiceWorkerContainer::jobFailedWithException):
(WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
(WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
- workers/service/ServiceWorkerContainer.h:
- workers/service/ServiceWorkerContextData.cpp:
(WebCore::ServiceWorkerContextData::isolatedCopy const):
- workers/service/ServiceWorkerContextData.h:
(WebCore::ServiceWorkerContextData::encode const):
(WebCore::ServiceWorkerContextData::decode):
- workers/service/ServiceWorkerFetchResult.h:
(WebCore::ServiceWorkerFetchResult::encode const):
(WebCore::ServiceWorkerFetchResult::decode):
- workers/service/ServiceWorkerGlobalScope.cpp:
(WebCore::ServiceWorkerGlobalScope::create):
- workers/service/ServiceWorkerGlobalScope.h:
- workers/service/ServiceWorkerJob.cpp:
(WebCore::ServiceWorkerJob::notifyFinished):
- workers/service/ServiceWorkerJobClient.h:
- workers/service/context/ServiceWorkerThread.cpp:
(WebCore::ServiceWorkerThread::ServiceWorkerThread):
(WebCore::ServiceWorkerThread::createWorkerGlobalScope):
- workers/service/server/RegistrationDatabase.cpp:
(WebCore::v1RecordsTableSchema):
(WebCore::RegistrationDatabase::openSQLiteDatabase):
(WebCore::RegistrationDatabase::doPushChanges):
(WebCore::RegistrationDatabase::importRecords):
- workers/service/server/SWServer.cpp:
(WebCore::SWServer::updateWorker):
(WebCore::SWServer::installContextData):
- workers/service/server/SWServer.h:
- workers/service/server/SWServerJobQueue.cpp:
(WebCore::SWServerJobQueue::scriptFetchFinished):
- workers/service/server/SWServerWorker.cpp:
(WebCore::SWServerWorker::SWServerWorker):
(WebCore::m_contentSecurityPolicy):
(WebCore::SWServerWorker::contextData const):
- workers/service/server/SWServerWorker.h:
- 1:06 PM Changeset in webkit [226531] by
-
- 6 edits in trunk
Use no-cache fetch mode when loading main documents with location.reload()
https://bugs.webkit.org/show_bug.cgi?id=181285
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Alex Christensen.
LayoutTests/imported/w3c:
- web-platform-tests/service-workers/service-worker/fetch-event.https-expected.txt:
Source/WebCore:
Covered by rebased tests.
Start to translate cache policy used for navigation as FetchOptions::Cache.
This allows ensuring service workers receive the right cache mode when intercepting navigation loads.
To not change current navigation behavior, ReturnCacheDataElseLoad and ReturnCacheDataDontLoad still trigger default fetch cache mode.
For Reload and ReloadExpiredOnly frame load types, using no-cache mode is more efficient than reload mode,
as a conditional request will be sent if possible. This applies to location.reload which is consistent with other browsers.
Keep reload mode for ReloadFromOrigin.
- loader/DocumentLoader.cpp:
(WebCore::toFetchOptionsCache):
(WebCore::DocumentLoader::loadMainResource):
- loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadFrameRequest):
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::reload):
(WebCore::FrameLoader::defaultRequestCachingPolicy):
(WebCore::FrameLoader::loadDifferentDocumentItem):
- loader/NavigationScheduler.cpp:
- 1:05 PM Changeset in webkit [226530] by
-
- 26 edits in trunk/Source
Apply poisoning to more pointers in JSC.
https://bugs.webkit.org/show_bug.cgi?id=181096
<rdar://problem/36182970>
Reviewed by JF Bastien.
Source/JavaScriptCore:
- assembler/MacroAssembler.h:
(JSC::MacroAssembler::xorPtr):
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::xor64):
- assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::xor64):
- Add xorPtr implementation.
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::inferredName const):
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::~CodeBlock):
(JSC::CodeBlock::setConstantRegisters):
(JSC::CodeBlock::visitWeakly):
(JSC::CodeBlock::visitChildren):
(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::WeakReferenceHarvester::visitWeakReferences):
(JSC::CodeBlock::finalizeLLIntInlineCaches):
(JSC::CodeBlock::finalizeBaselineJITInlineCaches):
(JSC::CodeBlock::UnconditionalFinalizer::finalizeUnconditionally):
(JSC::CodeBlock::jettison):
(JSC::CodeBlock::predictedMachineCodeSize):
(JSC::CodeBlock::findPC):
- bytecode/CodeBlock.h:
(JSC::CodeBlock::UnconditionalFinalizer::UnconditionalFinalizer):
(JSC::CodeBlock::WeakReferenceHarvester::WeakReferenceHarvester):
(JSC::CodeBlock::stubInfoBegin):
(JSC::CodeBlock::stubInfoEnd):
(JSC::CodeBlock::callLinkInfosBegin):
(JSC::CodeBlock::callLinkInfosEnd):
(JSC::CodeBlock::instructions):
(JSC::CodeBlock::instructions const):
(JSC::CodeBlock::vm const):
- dfg/DFGOSRExitCompilerCommon.h:
(JSC::DFG::adjustFrameAndStackInOSRExitCompilerThunk):
- jit/JIT.h:
- llint/LLIntOfflineAsmConfig.h:
- llint/LowLevelInterpreter.asm:
- llint/LowLevelInterpreter64.asm:
- parser/UnlinkedSourceCode.h:
- runtime/JSCPoison.h:
- runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
- runtime/JSGlobalObject.h:
- runtime/JSScriptFetchParameters.h:
- runtime/JSScriptFetcher.h:
- runtime/StructureTransitionTable.h:
- wasm/js/JSWebAssemblyCodeBlock.cpp:
(JSC::JSWebAssemblyCodeBlock::JSWebAssemblyCodeBlock):
(JSC::JSWebAssemblyCodeBlock::visitChildren):
(JSC::JSWebAssemblyCodeBlock::UnconditionalFinalizer::finalizeUnconditionally):
- wasm/js/JSWebAssemblyCodeBlock.h:
Source/WTF:
Added support for PoisonedBag and PoisonedRefCountedArray.
- wtf/Bag.h:
(WTF::Private::BagNode::BagNode):
(WTF::Bag::Bag):
(WTF::Bag::operator=):
(WTF::Bag::clear):
(WTF::Bag::add):
(WTF::Bag::begin):
(WTF::Bag::unwrappedHead):
(WTF::Bag::Node::Node): Deleted.
- wtf/BagToHashMap.h:
(WTF::toHashMap):
- wtf/Poisoned.h:
(WTF::constExprPoisonRandom):
(WTF::makeConstExprPoison):
- wtf/RefCountedArray.h:
(WTF::RefCountedArray::RefCountedArray):
(WTF::RefCountedArray::clone const):
(WTF::RefCountedArray::operator=):
(WTF::RefCountedArray::~RefCountedArray):
(WTF::RefCountedArray::refCount const):
(WTF::RefCountedArray::size const):
(WTF::RefCountedArray::data):
(WTF::RefCountedArray::begin):
(WTF::RefCountedArray::end):
(WTF::RefCountedArray::data const):
(WTF::RefCountedArray::begin const):
(WTF::RefCountedArray::operator== const):
(WTF::RefCountedArray::Header::fromPayload):
- wtf/WTFAssertions.cpp:
- 1:02 PM Changeset in webkit [226529] by
-
- 2 edits in trunk/Source/WebKitLegacy/mac
Fix check-webkit-style issues with WebNSDataExtras.mm
<https://webkit.org/b/181369>
Reviewed by Alex Christensen.
- Misc/WebNSDataExtras.mm:
(-[NSString _web_capitalizeRFC822HeaderFieldName]):
(-[NSData _webkit_guessedMIMETypeForXML]):
(-[NSData _webkit_guessedMIMEType]):
(-[NSData _web_isCaseInsensitiveEqualToCString:]):
(_findEOL):
(-[NSData _webkit_parseRFC822HeaderFields]):
(-[NSData _web_locationAfterFirstBlankLine]):
- Fix all the check-webkit-style warnings.
- 12:47 PM Changeset in webkit [226528] by
-
- 2 edits in trunk/Source/WebKit
Caches::writeCachesToDisk should assert that it is initialized
https://bugs.webkit.org/show_bug.cgi?id=181383
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Alex Christensen.
Add assertion to ensure caches is initialized
- NetworkProcess/cache/CacheStorageEngineCaches.cpp:
(WebKit::CacheStorage::Caches::writeCachesToDisk):
- 12:45 PM Changeset in webkit [226527] by
-
- 1 edit2 adds in trunk/LayoutTests
[WinCairo] Add default port TestExpectations for wincairo
https://bugs.webkit.org/show_bug.cgi?id=179221
Patch by Basuke Suzuki <Basuke Suzuki> on 2018-01-08
Reviewed by Alex Christensen.
- platform/wincairo-win10/TestExpectations: Added.
- 10:58 AM Changeset in webkit [226526] by
-
- 14 edits2 adds in trunk
Stop exposing fetch and extendable events to window
https://bugs.webkit.org/show_bug.cgi?id=181325
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Chris Dumez.
Source/WebCore:
Covered by updated tests.
Marked FetchEvent and ExtendableEvent as visible in ServiceWorker environments only.
Moved related Internals testing routines to ServiceWorkerInternals.
- testing/Internals.cpp:
(WebCore::Internals::waitForFetchEventToFinish): Deleted.
(WebCore::Internals::createBeingDispatchedFetchEvent): Deleted.
- testing/Internals.h:
- testing/Internals.idl:
- testing/ServiceWorkerInternals.cpp:
(WebCore::ServiceWorkerInternals::waitForFetchEventToFinish):
(WebCore::ServiceWorkerInternals::createBeingDispatchedFetchEvent):
- testing/ServiceWorkerInternals.h:
- testing/ServiceWorkerInternals.idl:
- workers/service/ExtendableEvent.idl:
- workers/service/FetchEvent.idl:
LayoutTests:
- http/wpt/service-workers/extendableEvent.https-expected.txt:
- http/wpt/service-workers/extendableEvent.https.html:
- http/wpt/service-workers/fetchEvent.https-expected.txt:
- http/wpt/service-workers/fetchEvent.https.html:
- 10:55 AM Changeset in webkit [226525] by
-
- 5 edits in tags/Safari-605.1.19.1
Cherry-pick r226495. rdar://problem/36085943
- 10:55 AM Changeset in webkit [226524] by
-
- 24 edits in tags/Safari-605.1.19.1/Source
Cherry-pick r226461. rdar://problem/36085949
- 10:55 AM Changeset in webkit [226523] by
-
- 20 edits in tags/Safari-605.1.19.1
Cherry-pick r226386. rdar://problem/36077849
- 10:54 AM Changeset in webkit [226522] by
-
- 4 edits in tags/Safari-605.1.19.1
Cherry-pick r226371. rdar://problem/36146670
- 10:47 AM Changeset in webkit [226521] by
-
- 5 edits2 adds in trunk
REGRESSION (r219145): Toggling layer borders on a static document no longer works immediately
https://bugs.webkit.org/show_bug.cgi?id=176260
<rdar://problem/34219966>
Reviewed by Simon Fraser.
Source/WebCore:
Optimization reveled bugs in debug indicator painting.
Test: compositing/debug-borders-dynamic.html
- platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
(WebCore::GraphicsLayerCA::updateDebugIndicators):
(WebCore::GraphicsLayerCA::updateDebugBorder): Deleted.
- Rename to indicate this is not just about debug borders.
- Trigger display so repaint counters get painted. This helper is only called when the indicators change.
- platform/graphics/ca/GraphicsLayerCA.h:
- rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::cacheAcceleratedCompositingFlags):
Ensure we do compositing update on debug border change even when there is no layout.
LayoutTests:
- compositing/debug-borders-dynamic-expected.html: Added.
- compositing/debug-borders-dynamic.html: Added.
- 10:38 AM Changeset in webkit [226520] by
-
- 8 edits1 copy1 add in trunk/Source/WebCore
[RenderTreeBuilder] Move RenderInline addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181336
<rdar://problem/36324693>
Reviewed by Antti Koivisto.
This is about moving the code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).
No change in functionality.
- Sources.txt:
- WebCore.xcodeproj/project.pbxproj:
- rendering/RenderInline.cpp:
(WebCore::RenderInline::addChild):
(WebCore::RenderInline::addChildIgnoringContinuation):
(WebCore::RenderInline::childBecameNonInline):
(WebCore::nextContinuation): Deleted.
(WebCore::RenderInline::continuationBefore): Deleted.
(WebCore::newChildIsInline): Deleted.
(WebCore::RenderInline::cloneAsContinuation const): Deleted.
(WebCore::RenderInline::splitInlines): Deleted.
(WebCore::RenderInline::splitFlow): Deleted.
(WebCore::canUseAsParentForContinuation): Deleted.
(WebCore::RenderInline::addChildToContinuation): Deleted.
- rendering/RenderInline.h:
- rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::insertChildToRenderInline):
(WebCore::RenderTreeBuilder::insertChildToRenderInlineIgnoringContinuation):
(WebCore::RenderTreeBuilder::splitFlow):
- rendering/updating/RenderTreeBuilder.h:
(WebCore::RenderTreeBuilder::inlineBuilder):
- rendering/updating/RenderTreeBuilderInline.cpp: Added.
(WebCore::canUseAsParentForContinuation):
(WebCore::nextContinuation):
(WebCore::continuationBefore):
(WebCore::cloneAsContinuation):
(WebCore::newChildIsInline):
(WebCore::inFlowPositionedInlineAncestor):
(WebCore::RenderTreeBuilder::Inline::Inline):
(WebCore::RenderTreeBuilder::Inline::insertChild):
(WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
(WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
(WebCore::RenderTreeBuilder::Inline::splitFlow):
(WebCore::RenderTreeBuilder::Inline::splitInlines):
- rendering/updating/RenderTreeBuilderInline.h: Added.
- 10:37 AM Changeset in webkit [226519] by
-
- 2 edits in trunk/Source/WebKit
WebProcessPool::terminateServiceWorkerProcess should protect itself in debug builds
https://bugs.webkit.org/show_bug.cgi?id=181384
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Chris Dumez.
- UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::terminateServiceWorkerProcess):
- 10:33 AM Changeset in webkit [226518] by
-
- 3 edits11 adds in trunk/LayoutTests
[EME] Add layout test for InitData and InitDataType in CENC encrypted event
https://bugs.webkit.org/show_bug.cgi?id=180430
Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-01-08
Reviewed by Xabier Rodriguez-Calvar.
- TestExpectations:
- media/content/encrypted/VideoClearKeyCenc.mp4: Added.
This is a simple encrypted video file used for regular playback.
It has been encrypted with BENTO4. https://www.bento4.com/
- media/content/encrypted/segments/VideoClearKeyCenc-seg-0.mp4: Added.
This is a simple encrypted video fragment used in MSE playback.
It has been fragmented and encrypted with BENTO4. https://www.bento4.com/
- media/encrypted-media/clearKey/clearKey-encrypted-cenc-event-expected.txt: Added.
- media/encrypted-media/clearKey/clearKey-encrypted-cenc-event-mse-expected.txt: Added.
- media/encrypted-media/clearKey/clearKey-encrypted-cenc-event-mse.html: Added.
This is a test with MSE.
- media/encrypted-media/clearKey/clearKey-encrypted-cenc-event.html: Added.
This is a test with a regular playback.
- media/encrypted-media/medias-enc.js: Added.
This JavaScrit file lists the encrypted media wich will be used in encrypted-media tests.
It gives all necessary informations about the encrypted media: path of the file or
the path of the segments in MSE case, mimeType, initDataType and the encryption keys.
- media/media-source/media-source-loader-simple.js: Added.
This JavaScript file provides a simple MSE implementation, reads the segments of the media and appends them
in the appropriate SourceBuffer.
- platform/wpe/TestExpectations:
- 9:42 AM Changeset in webkit [226517] by
-
- 2 edits in trunk/Source/WebInspectorUI
Web Inspector: Find next / previous within a resource content view does not have bouncy highlight when editor scrolls
https://bugs.webkit.org/show_bug.cgi?id=181279
<rdar://problem/36291097>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-08
Reviewed by Brian Burg.
- UserInterface/Views/TextEditor.js:
(WI.TextEditor.prototype._revealSearchResult):
Reposition the bouncy highlight on scroll based on the CodeMirror
line/ch position of the search result.
(WI.TextEditor.prototype._removeBouncyHighlightElementIfNeeded):
Track the bouncy highlight scroll handler in a member variable so that
we always remember to remove it and don't leak scroll handlers.
- 9:40 AM Changeset in webkit [226516] by
-
- 13 edits2 adds in trunk/Source/WebCore
[RenderTreeBuilder] Move RenderBlock addChild logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=181319
<rdar://problem/36313464>
Reviewed by Antti Koivisto.
This is about moving the code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).
No change in functionality.
- Sources.txt:
- WebCore.xcodeproj/project.pbxproj:
- rendering/RenderBlock.cpp:
(WebCore::RenderBlock::addChild):
(WebCore::RenderBlock::addChildIgnoringContinuation):
(WebCore::RenderBlock::childBecameNonInline):
(WebCore::RenderBlock::continuationBefore): Deleted.
(WebCore::RenderBlock::addChildToContinuation): Deleted.
(WebCore::getInlineRun): Deleted.
(WebCore::RenderBlock::makeChildrenNonInline): Deleted.
- rendering/RenderBlock.h:
- rendering/RenderBox.cpp:
(WebCore::markBoxForRelayoutAfterSplit): Deleted.
(WebCore::RenderBox::splitAnonymousBoxesAroundChild): Deleted.
- rendering/RenderBox.h:
- rendering/RenderRubyBase.cpp:
(WebCore::RenderRubyBase::moveChildren):
(WebCore::RenderRubyBase::moveBlockChildren):
- rendering/RenderTable.cpp:
(WebCore::RenderTable::addChild):
- rendering/RenderTableRow.cpp:
(WebCore::RenderTableRow::addChild):
- rendering/RenderTableSection.cpp:
(WebCore::RenderTableSection::addChild):
- rendering/updating/RenderTreeBuilder.cpp:
(WebCore::markBoxForRelayoutAfterSplit):
(WebCore::getInlineRun):
(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::insertChildToRenderBlock):
(WebCore::RenderTreeBuilder::insertChildToRenderBlockIgnoringContinuation):
(WebCore::RenderTreeBuilder::makeChildrenNonInline):
(WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
- rendering/updating/RenderTreeBuilder.h:
(WebCore::RenderTreeBuilder::blockBuilder):
- rendering/updating/RenderTreeBuilderBlock.cpp: Added.
(WebCore::continuationBefore):
(WebCore::RenderTreeBuilder::Block::Block):
(WebCore::RenderTreeBuilder::Block::insertChild):
(WebCore::RenderTreeBuilder::Block::insertChildToContinuation):
(WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
- rendering/updating/RenderTreeBuilderBlock.h: Added.
- 9:02 AM Changeset in webkit [226515] by
-
- 2 edits in trunk/Source/WebCore
Standard controls sometimes say video is in pip when it isnt.
https://bugs.webkit.org/show_bug.cgi?id=181095
rdar://problem/36182687
Patch by Jeremy Jones <jeremyj@apple.com> on 2018-01-08
Reviewed by Eric Carlson.
- html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::exitFullscreen):
- 8:46 AM Changeset in webkit [226514] by
-
- 2 edits in trunk/Source/WebCore
REGRESSION: [iOS] ASSERTION FAILED: !node.isConnected() in WebCore::notifyNodeInsertedIntoDocument
https://bugs.webkit.org/show_bug.cgi?id=181091
Reviewed by Darin Adler.
Move the work previously performed in insertedIntoAncestor() into didFinishInsertingNode().
- html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::prepareForLoad):
- 8:14 AM Changeset in webkit [226513] by
-
- 2 edits in trunk/Source/WebKit
Unreviewed build fix after r226211.
Patch by Frederic Wang <fwang@igalia.com> on 2018-01-08
- UIProcess/API/Cocoa/WKPreferencesPrivate.h: Use WK_IOS_TBA for iOS.
- 7:55 AM Changeset in webkit [226512] by
-
- 11 edits in trunk/LayoutTests
Update imagebitmap tests.
https://bugs.webkit.org/show_bug.cgi?id=181379
Unreviewed test gardening.
LayoutTests/imported/w3c:
- web-platform-tests/2dcontext/imagebitmap/common.js:
- web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt:
- web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html:
- web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
- web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args.html:
LayoutTests:
- platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt:
- platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
- platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt:
- platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
- 7:00 AM Changeset in webkit [226511] by
-
- 7 edits in trunk/Source/WebCore
[Cairo] Use isolated fill and stroke source containers
https://bugs.webkit.org/show_bug.cgi?id=181386
Reviewed by Carlos Garcia Campos.
Generate fill and stroke source objects upon invocation of various Cairo
operations, initializing necessary data from the GraphicsContextState
object.
Cairo::FillSource and Cairo::StrokeSource structs are introduced, both
being default-constructible as well as providing a constructor that
accepts a GraphicsContextState object from which the appropriate
resources are created.
The FillSource and StrokeSource objects are then passed to
PlatformContextCairo's prepareForFilling() and prepareForStroking()
methods. Here the helper prepareCairoContextSource() function is now
invoked with cairo_pattern_t objects as pattern or gradient sources, or
the source color if neither cairo_pattern_t object is specified.
The FillSource and StrokeSource constructors mimic the previous behavior
of prepareCairoContextSource(). In case the source is a Pattern object,
a cairo_pattern_t object is created from that. In case of FillSource,
we also retrieve pattern size, transform and repetition information. In
case the source os a Gradient object, we create a 'base' cairo_pattern_t
object for a completely opaque alpha channel. Additionally, if the alpha
value on the state is not 1, we create an alpha-adjusted cairo_pattern_t
that is potentially used for any filling or stroking operation that has
to preserve transparency. If neither Pattern or Gradient objects are set
on the GraphicsContextState, we default to the current fill or stroke
color.
Overall, there's no change in behavior, this is simply a refactoring
that enables us to construct Cairo objects for filling and stroking
sources at the time of Cairo operation dispatch, instead of pulling down
GraphicsContextState deeper into the Cairo-specific code.
No new tests -- no change in functionality.
- platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::drawPathShadow):
(WebCore::Cairo::fillCurrentCairoPath):
(WebCore::Cairo::FillSource::FillSource):
(WebCore::Cairo::StrokeSource::StrokeSource):
(WebCore::Cairo::fillRect):
(WebCore::Cairo::fillRectWithRoundedHole):
(WebCore::Cairo::fillPath):
(WebCore::Cairo::strokeRect):
(WebCore::Cairo::strokePath):
(WebCore::Cairo::drawGlyphs):
- platform/graphics/cairo/CairoOperations.h:
- platform/graphics/cairo/FontCairo.cpp:
(WebCore::FontCascade::drawGlyphs):
- platform/graphics/cairo/GraphicsContextCairo.cpp:
(WebCore::GraphicsContext::fillPath):
(WebCore::GraphicsContext::strokePath):
(WebCore::GraphicsContext::fillRect):
(WebCore::GraphicsContext::strokeRect):
(WebCore::GraphicsContext::fillRectWithRoundedHole):
- platform/graphics/cairo/PlatformContextCairo.cpp:
(WebCore::prepareCairoContextSource):
(WebCore::PlatformContextCairo::prepareForFilling):
(WebCore::PlatformContextCairo::prepareForStroking):
(WebCore::PlatformContextCairo::clipForPatternFilling):
- platform/graphics/cairo/PlatformContextCairo.h:
- 6:43 AM Changeset in webkit [226510] by
-
- 21 edits6 adds in trunk
navigator.onLine does not work inside service workers
https://bugs.webkit.org/show_bug.cgi?id=181079
<rdar://problem/36178606>
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
Reviewed by Darin Adler.
Source/WebCore:
Test: http/wpt/service-workers/online.https.html
Added support for onLine by reusing a similar implementation as regular workers.
Added ServiceWorkerInternals as an interface for an object exposed as self.internals in WTR.
This object has currently one method to trigger change in the online/offline status.
This allows writing a test for the onLine feature.
Note that self.internals is inserted asynchronously after the script was evaluated.
When writing a worker script using self.internals, one must make sure to use self.internals when initialized.
online-worker.js for instance makes use of self.internals in a postMessage callback.
- CMakeLists.txt:
- DerivedSources.make:
- WebCore.xcodeproj/project.pbxproj:
- bindings/js/WorkerScriptController.h:
- dom/ScriptExecutionContext.h:
- testing/ServiceWorkerInternals.cpp: Added.
(WebCore::ServiceWorkerInternals::ServiceWorkerInternals):
(WebCore::ServiceWorkerInternals::setOnline):
- testing/ServiceWorkerInternals.h: Added.
- testing/ServiceWorkerInternals.idl: Added.
- testing/js/WebCoreTestSupport.cpp:
(WebCoreTestSupport::setupNewlyCreateServiceWorker):
- testing/js/WebCoreTestSupport.h:
- workers/service/context/SWContextManager.cpp:
(WebCore::SWContextManager::registerServiceWorkerThreadForInstall):
(WebCore::SWContextManager::startedServiceWorker):
- workers/service/context/SWContextManager.h:
(WebCore::SWContextManager::setServiceWorkerCreationCallback):
(WebCore::SWContextManager::workerByID):
- workers/service/context/ServiceWorkerThread.cpp:
(WebCore::ServiceWorkerThread::ServiceWorkerThread):
- workers/service/context/ServiceWorkerThreadProxy.cpp:
(WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy):
(WebCore::ServiceWorkerThreadProxy::~ServiceWorkerThreadProxy):
(WebCore::ServiceWorkerThreadProxy::networkStateChanged):
(WebCore::ServiceWorkerThreadProxy::notifyNetworkStateChange):
- workers/service/context/ServiceWorkerThreadProxy.h:
Source/WebKit:
Added support for a callback called for each service worker proxy creation.
Callback is used by WTR to inject a self.internals object used for testing.
- WebProcess/InjectedBundle/API/c/WKBundle.cpp:
(WKBundleSetServiceWorkerProxyCreationCallback):
- WebProcess/InjectedBundle/API/c/WKBundle.h:
- WebProcess/InjectedBundle/InjectedBundle.cpp:
(WebKit::InjectedBundle::setServiceWorkerProxyCreationCallback):
- WebProcess/InjectedBundle/InjectedBundle.h:
Tools:
- WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::initialize): Setting service worker creation callback to inject ServiceWorkerInternals object.
LayoutTests:
- http/wpt/service-workers/online-worker.js: Added.
(async.waitForOnlineEvent):
(async.doTest):
- http/wpt/service-workers/online.https-expected.txt: Added.
- http/wpt/service-workers/online.https.html: Added.
- 6:38 AM Changeset in webkit [226509] by
-
- 5 edits in trunk/Source/WebCore
[Cairo] Contain shadow blur requirement state in a separate object
https://bugs.webkit.org/show_bug.cgi?id=181380
Reviewed by Carlos Garcia Campos.
Instead of picking up the necessary state parameters from a
GraphicsContextState object, store the necessary parameters in a helper
ShadowBlurUsage struct. Mimicking the mustUseShadowBlur() function that
is being removed, values of the shadow color, shadow blur, and shadow
transform ignorance are stored there. Additionally, the required()
method accepts a PlatformContextCairo object through which it can
retrieve the current CTM and determine whether it's an identity, finally
deciding whether shadow blur can or cannot be ignored.
Goal of this change is to limit usage of GraphicsContextState directly
in operations implemented inside the Cairo namespace. Instead, the
state parameters should be passed directly, or an equivalent but limited
state object should be constructed for invocation of such operations.
This is likely only an intermediate solution. It's possible it will be
replaced by a more complete shadow state struct that would be used for
any operation that is required to draw shadows, if necessary.
No new tests -- no change in functionality.
- platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::drawGlyphsShadow):
(WebCore::Cairo::ShadowBlurUsage::ShadowBlurUsage):
(WebCore::Cairo::ShadowBlurUsage::required const):
(WebCore::Cairo::fillRectWithRoundedHole):
(WebCore::Cairo::drawGlyphs):
(WebCore::Cairo::mustUseShadowBlur): Deleted.
- platform/graphics/cairo/CairoOperations.h:
- platform/graphics/cairo/FontCairo.cpp:
(WebCore::FontCascade::drawGlyphs):
- platform/graphics/cairo/GraphicsContextCairo.cpp:
(WebCore::GraphicsContext::fillRectWithRoundedHole):
- 5:53 AM Changeset in webkit [226508] by
-
- 13 edits2 deletes in trunk/Source/WebCore
[GStreamer][Soup] Remove dead getCreateOrReadBuffer code path
https://bugs.webkit.org/show_bug.cgi?id=181376
Reviewed by Carlos Garcia Campos.
This code path is no longer used now that the GStreamer HTTP
source element uses data coming directly from the network process.
- SourcesGTK.txt:
- SourcesWPE.txt:
- loader/MediaResourceLoader.cpp:
(WebCore::MediaResource::getOrCreateReadBuffer): Deleted.
- loader/MediaResourceLoader.h:
- loader/SubresourceLoader.h:
- loader/cache/CachedRawResource.h:
- loader/cache/CachedRawResourceClient.h:
(WebCore::CachedRawResourceClient::finishedTimingForWorkerLoad):
(WebCore::CachedRawResourceClient::getOrCreateReadBuffer): Deleted.
- loader/cache/CachedResource.h:
(WebCore::CachedResource::getOrCreateReadBuffer): Deleted.
- loader/soup/CachedRawResourceSoup.cpp: Removed.
- loader/soup/SubresourceLoaderSoup.cpp: Removed.
- platform/graphics/PlatformMediaResourceLoader.h:
(WebCore::PlatformMediaResourceClient::loadFinished):
(WebCore::PlatformMediaResourceClient::getOrCreateReadBuffer): Deleted.
- platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(CachedResourceStreamingClient::getOrCreateReadBuffer): Deleted.
- platform/network/ResourceHandleClient.h:
(WebCore::ResourceHandleClient::getOrCreateReadBuffer): Deleted.
- platform/network/soup/ResourceHandleSoup.cpp:
(WebCore::ResourceHandle::ensureReadBuffer):
- 4:32 AM Changeset in webkit [226507] by
-
- 2 edits in trunk/LayoutTests
imported/w3c/web-platform-tests/service-workers/service-worker/interfaces-sw.https.html is slow in Debug
https://bugs.webkit.org/show_bug.cgi?id=181382
Unreviewed.
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-08
- 3:33 AM Changeset in webkit [226506] by
-
- 4 edits in trunk/Source/ThirdParty/libwebrtc
libwebrtc: Fix 'ld: warning: cannot export hidden symbol' messages
<https://webkit.org/b/181378>
Reviewed by Youenn Fablet.
- Configurations/libwebrtc.iOS.exp:
- Configurations/libwebrtc.iOSsim.exp:
- Configurations/libwebrtc.mac.exp:
- Remove 117 symbols that are not currently exported. These warnings only appear in Release and Production builds.
- 1:38 AM Changeset in webkit [226505] by
-
- 2 edits in trunk/LayoutTests
Unreviewed GTK gardening. Rebaseline test again after r226500.
- platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
- 1:34 AM Changeset in webkit [226504] by
-
- 3 edits2 adds in trunk/Source/WebCore
[GStreamer] use FastMalloc-based GstAllocator
https://bugs.webkit.org/show_bug.cgi?id=165793
Reviewed by Philippe Normand.
Add GstAllocatorFastMalloc, a GstAllocator implementation using fast malloc. It's only used when fast malloc is
enabled and can be disabled using an environment variable for debugging purposes.
- platform/GStreamer.cmake:
- platform/graphics/gstreamer/GStreamerUtilities.cpp:
(WebCore::initializeGStreamer):
- platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp: Added.
(gstMemoryFastMallocNew):
(gstAllocatorFastMallocAlloc):
(gstAllocatorFastMallocFree):
(gstAllocatorFastMallocMemMap):
(gstAllocatorFastMallocMemUnmap):
(gstAllocatorFastMallocMemCopy):
(gstAllocatorFastMallocMemShare):
(gstAllocatorFastMallocMemIsSpan):
(gst_allocator_fast_malloc_class_init):
(gst_allocator_fast_malloc_init):
- platform/graphics/gstreamer/GstAllocatorFastMalloc.h: Added.
- 1:22 AM Changeset in webkit [226503] by
-
- 2 edits in trunk/Source/WebKitLegacy/mac
Build fix #2: Enable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
<https://webkit.org/b/181256>
<rdar://problem/36281730>
- Plugins/WebNetscapePluginEventHandlerCocoa.mm:
(WebNetscapePluginEventHandlerCocoa::handleTSMEvent):
- Use reinterpret_cast<NPNSString*>(const_cast<CFMutableStringRef>()) to avoid warnings from casting CFStringRef to NPNSString*. Note that CFMutableStringRef is the same as CFStringRef without the const modifier, hence its use in the const_cast<> above.
- 1:16 AM Changeset in webkit [226502] by
-
- 3 edits in trunk/LayoutTests
Unreviewed GTK gardening. Partially revert r224460.
Two tests were incorrectly rebaselined in r224460.
- platform/gtk/fast/forms/auto-fill-button/input-strong-confirmation-password-auto-fill-button-expected.txt:
- platform/gtk/fast/forms/auto-fill-button/input-strong-password-auto-fill-button-expected.txt:
- 1:08 AM Changeset in webkit [226501] by
-
- 2 edits in trunk/Source/WebKitLegacy/mac
Build fix: Enable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
<https://webkit.org/b/181256>
<rdar://problem/36281730>
- Carbon/HIWebView.mm:
(StartUpdateObserver): Include TypeCastsCF.h from WTF, and use
checked_cf_cast<CFRunLoopRef>() to fix warning.
Jan 7, 2018:
- 11:23 PM Changeset in webkit [226500] by
-
- 9 edits in trunk
Implement createImageBitmap(ImageBitmap)
https://bugs.webkit.org/show_bug.cgi?id=181287
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
- web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt: rebaseline.
Source/WebCore:
Tests: imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args.html
- html/ImageBitmap.cpp:
(WebCore::ImageBitmap::createPromise):
LayoutTests:
- platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt: rebaseline.
- platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt: rebaseline.
- platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt: rebaseline.
- platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt: rebaseline.
- 10:00 PM Changeset in webkit [226499] by
-
- 28 edits1 move in trunk/Source
Enable -Wcast-qual for WebInspectorUI, WebKitLegacy, WebKit projects
<https://webkit.org/b/181256>
<rdar://problem/36281730>
Reviewed by Darin Adler.
Source/WebInspectorUI:
- Configurations/Base.xcconfig:
(WARNING_CFLAGS): Add -Wcast-qual.
Source/WebKit:
- Configurations/Base.xcconfig:
(WARNING_CFLAGS): Add -Wcast-qual.
- NetworkProcess/cache/NetworkCacheCodersCocoa.cpp:
(WTF::Persistence::encodeCertificateChain): Include
TypeCastsCF.h from WTF, and use
checked_cf_cast<SecCertificateRef>() to fix warning.
- Platform/cocoa/WKCrashReporter.mm:
(WebKit::setCrashReportApplicationSpecificInformation):
- Move
oldMessagecheck above nullptr check to fix a leak when passing in nullptr after previously setting the crash string. - Change C-style cast to const_cast<char*>() to fix warning.
- PluginProcess/mac/PluginProcessShim.mm:
(WebKit::shim_shmat): Change C-style cast to
const_cast<void*>() to fix warning.
- Shared/Authentication/mac/AuthenticationManager.mac.mm:
(WebKit::leafCertificate): Include TypeCastsCF.h from
WTF, and use checked_cf_cast<SecCertificateRef>() to fix
warning.
- Shared/cf/ArgumentCodersCF.cpp:
(IPC::encode): Use static_cast<>(const_cast<void*>() to
fix warnings since the CFTypeID has already been
checked.
- Shared/mac/WebCoreArgumentCodersMac.mm:
(IPC::decodeNSError): Use an
autovariable to hold the
CFMutableDictionaryRef, then WTFMove() to assign it back to
userInfo.
- UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::takeWindowSnapshot): Include TypeCastsCF.h from
WTF, and use checked_cf_cast<CGImageRef>() to fix
warning.
Source/WebKitLegacy:
- PlatformMac.cmake:
- WebKitLegacy.xcodeproj/project.pbxproj:
- Rename WebNSDataExtras.m to WebNSDataExtras.mm and change file type to Objective-C++.
Source/WebKitLegacy/mac:
- Carbon/CarbonUtils.m:
(PoolCleaner):
- Use #pragmas to ignore -Wcast-qual warnings when using a C-style cast from CFTypeRef to CFRunloopRef.
- Carbon/CarbonWindowFrame.m:
(-[CarbonWindowFrame title]):
- Use #pragmas to ignore -Wcast-qual warnings when using a C-style cast from CFStringRef to NSString *.
- Carbon/HIViewAdapter.m:
(+[HIViewAdapter getHIViewForNSView:]):
- Use #pragmas to ignore -Wcast-qual warnings when using a C-style cast from CFTypeRef to HIViewRef.
- Configurations/Base.xcconfig:
(WARNING_CFLAGS): Add -Wcast-qual.
- Misc/WebElementDictionary.mm:
(-[WebElementDictionary objectForKey:]):
- Use static_cast<SEL>(const_cast<void*>()) to fix warning.
- Misc/WebNSDataExtras.mm: Renamed from Source/WebKitLegacy/mac/Misc/WebNSDataExtras.m.
(-[NSString _web_capitalizeRFC822HeaderFieldName]):
(-[NSData _webkit_guessedMIMETypeForXML]):
(-[NSData _webkit_guessedMIMEType]):
(-[NSData _web_isCaseInsensitiveEqualToCString:]):
(_findEOL):
(-[NSData _webkit_parseRFC822HeaderFields]):
(-[NSData _web_startsWithBlankLine]):
(-[NSData _web_locationAfterFirstBlankLine]):
- Rename WebNSDataExtras.m to WebNSDataExtras.mm and change file
type to Objective-C++. This fixes the warnings about
discarding the
constmodifier when casing from CFStringRef to NSString * because in older clang versions, -Wcast-qual was completely broken when compiling C++ and Objective-C++ source files. In newer clang versions, discarding theconstmodifier for toll-free bridged types is ignored when compiling Objective-C++ source. - Update copyright and license header.
- Use reinterpret_cast<> and static_cast<> to fix warnings unrelated to (NSString *) C-style casts.
- Replace use of MIN() macro with std::min<> template functions.
- Fix location of
*for local variables modified above. - Plugins/Hosted/NetscapePluginHostManager.mm:
(WebKit::NetscapePluginHostManager::spawnPluginHost):
(WebKit::NetscapePluginHostManager::initializeVendorPort):
(WebKit::NetscapePluginHostManager::instantiatePlugin):
- Use static_cast<uint8_t*>(const_cast<void*>()) to fix warnings.
- Plugins/Hosted/NetscapePluginHostProxy.mm:
(WebKit::NetscapePluginHostProxy::NetscapePluginHostProxy):
- Use reinterpret_cast<mig_subsystem_t>(const_cast<struct WKWebKitPluginClient_subsystem*>()) to fix warning.
- Plugins/Hosted/ProxyInstance.mm:
(WebKit::ProxyInstance::invoke):
- Use static_cast<char*>(const_cast<void*>()) to fix warning when using -[NSData bytes].
(WebKit::ProxyInstance::fieldValue const):
- Use reinterpret_cast<char*>(const_cast<unsigned char*>()) to fix warning when using CFDataGetBytePtr().
- Plugins/Hosted/WebTextInputWindowController.m:
(-[WebTextInputPanel _interpretKeyEvent:string:]):
- Use #pragma to ignore -Wcast-qual warning since there is not a good way to avoid this warning in Objective-C.
- Plugins/WebNetscapePluginStream.mm:
(WebNetscapePluginStream::deliverData):
- Use const_cast<void*>() to fix warning when using -[NSData bytes].
- Plugins/WebNetscapePluginView.mm:
(-[WebNetscapePluginView _createPlugin]):
- Change C-style cast to const_cast<char*>() to fix warning.
- WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::wrapCryptoKey const):
(WebChromeClient::unwrapCryptoKey const):
- Change C-style cast to static_cast<uint8_t*>(const_cast<void*>() to fix warning.
- WebView/WebPDFView.mm:
(_applicationInfoForMIMEType):
- Change local variable type from 'NSURL *' to 'CFURLRef' to fix warning. Cast back to 'NSURL *' when calling -[NSURL path].
- 9:33 PM Changeset in webkit [226498] by
-
- 4 edits in tags/Safari-605.1.19.1
Cherry-pick r226359. rdar://problem/36146670
- 9:32 PM Changeset in webkit [226497] by
-
- 7 edits in tags/Safari-605.1.19.1/Source
Versioning.
- 9:24 PM Changeset in webkit [226496] by
-
- 1 copy in tags/Safari-605.1.19.1
New tag.
- 5:22 PM Changeset in webkit [226495] by
-
- 5 edits in trunk
Reduce the precision of "high" resolution time to 1ms
https://bugs.webkit.org/show_bug.cgi?id=180910
<rdar://problem/36085943>
Reviewed by Saam Barati.
Source/WebCore:
Reduced the high prevision time's resolution to 1ms, the same precision as Date.now().
Also fixed the bug in fillRTCStats that we weren't reducing the time resolution in RTCStats dictionaries.
- Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
(WebCore::fillRTCStats):
- page/Performance.cpp:
(WebCore::Performance::reduceTimeResolution):
LayoutTests:
Add a flaky test expectation to imported/w3c/web-platform-tests/workers/worker-performance.worker.html
due to a test bug. The test fix is tracked in https://github.com/w3c/web-platform-tests/pull/8711
- 2:50 PM Changeset in webkit [226494] by
-
- 2 edits in trunk/Source/WebKit
[cmake] Unset CMAKE_REQUIRED_LIBRARIES after check_function_exists test
https://bugs.webkit.org/show_bug.cgi?id=181371
Reviewed by Michael Catanzaro.
This variable is used by check_function_exists internally, its value
should be never used for anything else.
- CMakeLists.txt:
- 2:22 PM Changeset in webkit [226493] by
-
- 2 edits in trunk/Tools
Add total exits and total compilations sorting mode to the "full" command in display-profiler-output
https://bugs.webkit.org/show_bug.cgi?id=181372
Reviewed by Filip Pizlo.
Adding these sorting modes makes it easier to analyze functions
that recompile a lot and exit a lot.
- Scripts/display-profiler-output:
Jan 6, 2018:
- 10:31 PM Changeset in webkit [226492] by
-
- 6 edits2 adds in trunk
Possible crash computing event regions
https://bugs.webkit.org/show_bug.cgi?id=181368
rdar://problem/34847081
Reviewed by Zalan Bujtas.
Source/WebCore:
Don't trigger layout in Element::absoluteEventHandlerBounds(), since this can run arbirary script
which might delete elements or re-enter Document::absoluteRegionForEventTargets().
It's OK to not trigger layout, because if layout is dirty, the next layout will update event regions again.
Add a LayoutDisallowedScope to check that Document::absoluteRegionForEventTargets() doesn't
trigger layout, and move the check for LayoutDisallowedScope::isLayoutAllowed() from Document::updateLayout()
to LayoutContext::layout(), since some layouts don't happen via the former (e.g. the one being removed here).
The test checks that the assertion does not fire. I was not able to get a reliable test for any crash.
Test: fast/events/event-handler-regions-layout.html
- dom/Document.cpp:
(WebCore::Document::updateLayout):
(WebCore::Document::absoluteRegionForEventTargets):
- dom/Element.cpp:
(WebCore::Element::absoluteEventHandlerBounds):
- page/LayoutContext.cpp:
(WebCore::LayoutContext::layout):
- rendering/LayoutDisallowedScope.h: Move the #ifdefs around to avoid defining the enum twice.
(WebCore::LayoutDisallowedScope::LayoutDisallowedScope):
(WebCore::LayoutDisallowedScope::isLayoutAllowed):
LayoutTests:
- fast/events/event-handler-regions-layout-expected.txt: Added.
- fast/events/event-handler-regions-layout.html: Added.
- 9:48 PM Changeset in webkit [226491] by
-
- 5 edits2 adds in trunk
Crash under RenderLayer::scrollTo() with marquee
https://bugs.webkit.org/show_bug.cgi?id=181349
rdar://problem/36190168
Reviewed by Zalan Bujtas.
Source/WebCore:
Don't call updateWidgetPositions() synchonously during RenderLayer scrolling, because it
can run arbitrary script which may trigger destruction of this RenderLayer.
Instead, queue up updateWidgetPositions() on a zero-delay timer.
Under some circumstances this may allow a paint to occur before the widgets have been
updated (which could be fixed with a more invasive change), but in practice I saw no
painting issues with plug-ins or iframes inside overflow scroll, in WebKit or LegacyWebKit.
Test: fast/scrolling/marquee-scroll-crash.html
- page/FrameView.cpp:
(WebCore::FrameView::FrameView):
(WebCore::FrameView::updateWidgetPositions):
(WebCore::FrameView::scheduleUpdateWidgetPositions):
(WebCore::FrameView::updateWidgetPositionsTimerFired):
- page/FrameView.h:
- rendering/RenderLayer.cpp:
(WebCore::RenderLayer::scrollTo):
LayoutTests:
- fast/scrolling/marquee-scroll-crash-expected.txt: Added.
- fast/scrolling/marquee-scroll-crash.html: Added.
- 9:18 PM Changeset in webkit [226490] by
-
- 4 edits4 adds in trunk
Accurately clip copyTexImage2D and copyTexSubImage2D
https://bugs.webkit.org/show_bug.cgi?id=181356
<rdar://problem/35083877>
Reviewed by Eric Carlson.
Source/WebCore:
The code to make sure copyTexSubImage2D and copyTexImage2D will not try to read
out of bounds had a bad bug introduced here:
https://bugs.webkit.org/show_bug.cgi?id=51421
With appropriate parameters, it would produce a rectangle with
negative dimensions. Most GL drivers just ignored this, but some
are not happy.
Test: fast/canvas/webgl/copy-tex-image-and-sub-image-2d-bad-input.html
- html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::clip2D): Reimplement this in a more sane manner, and use
checked arithmetic while here.
- html/canvas/WebGLRenderingContextBase.h:
(WebCore::clip1D): Deleted.
(WebCore::clip2D): Deleted.
LayoutTests:
- fast/canvas/webgl/copy-tex-image-and-sub-image-2d-bad-input-expected.txt: Added.
- fast/canvas/webgl/copy-tex-image-and-sub-image-2d-bad-input.html: Added.
- 4:15 PM Changeset in webkit [226489] by
-
- 9 edits1 add in trunk
Object.getOwnPropertyNames includes "arguments" and "caller" for bound functions
https://bugs.webkit.org/show_bug.cgi?id=181321
Reviewed by Saam Barati.
JSTests:
- stress/bound-function-does-not-have-caller-and-arguments.js: Added.
(shouldBe):
(testFunction):
- test262.yaml:
Source/JavaScriptCore:
According to ECMA262 16.2[1], functions created using the bind method must not have
"caller" and "arguments" own properties.
[1]: https://tc39.github.io/ecma262/#sec-forbidden-extensions
- runtime/JSBoundFunction.cpp:
(JSC::JSBoundFunction::finishCreation):
LayoutTests:
- inspector/model/remote-object-get-properties-expected.txt:
- inspector/runtime/getProperties-expected.txt:
- js/script-tests/strict-throw-type-error.js:
- js/strict-throw-type-error-expected.txt:
- 1:01 PM Changeset in webkit [226488] by
-
- 3 edits in trunk/Source/WebCore
Use WeakPtr for RenderTreePosition::m_nextSibling
https://bugs.webkit.org/show_bug.cgi?id=181363
Reviewed by Zalan Bujtas.
For safety. In most cases it is null and won't cause us to instantiate WeakReferences for
many new objects.
- rendering/updating/RenderTreePosition.cpp:
(WebCore::RenderTreePosition::computeNextSibling):
- rendering/updating/RenderTreePosition.h:
(WebCore::RenderTreePosition::RenderTreePosition):
(WebCore::RenderTreePosition::nextSibling const):
- 8:52 AM Changeset in webkit [226487] by
-
- 5 edits2 moves2 adds in trunk/Source/WebKit
REGRESSION (r226218): iOS-only assets are installed on macOS
https://bugs.webkit.org/show_bug.cgi?id=181362
Reviewed by Anders Carlsson.
- Configurations/WebKit.xcconfig: Exclude everything under Resources/ios when not targeting iOS.
- Resources/ios: Added.
- Resources/ios/iOS.xcassets: Moved from Source/WebKit/WebKit.xcassets.
- Resources/ios/iOS.xcassets/LockMini.imageset/NavigationBarLockMini@2x.pdf: Set the svn:mime-type property.
- Resources/ios/iOS.xcassets/LockMini.imageset/NavigationBarLockMini@3x.pdf: Ditto.
- Resources/mac: Added.
- Resources/mac/mediaIcon.pdf: Moved here…
- Resources/mediaIcon.pdf: …from here.
- WebKit.xcassets: Moved under Resources/ios.
- WebKit.xcodeproj/project.pbxproj: Created an ios group under the Resources group, and cleaned up the mac group. Removed the Recovered References group.
- 12:56 AM Changeset in webkit [226486] by
-
- 2 edits in trunk/Tools
Unreviewed, remove my Cisco email from contributors.json
- Scripts/webkitpy/common/config/contributors.json:
Jan 5, 2018:
- 11:01 PM Changeset in webkit [226485] by
-
- 14 edits in trunk
WebAssembly: poison JS object's secrets
https://bugs.webkit.org/show_bug.cgi?id=181339
<rdar://problem/36325001>
Reviewed by Mark Lam.
Source/JavaScriptCore:
Separating WebAssembly's JS objects from their non-JS
implementation means that all interesting information lives
outside of the JS object itself. This patch poisons each JS
object's pointer to non-JS implementation using the poisoning
mechanism and a unique key per JS object type origin.
- runtime/JSCPoison.h:
- wasm/js/JSToWasm.cpp:
(JSC::Wasm::createJSToWasmWrapper): JS -> wasm stores the JS
object in a stack slot when fast TLS is disabled. This requires
that we unpoison the Wasm::Instance.
- wasm/js/JSWebAssemblyCodeBlock.h:
- wasm/js/JSWebAssemblyInstance.h:
(JSC::JSWebAssemblyInstance::offsetOfPoisonedInstance): renamed to
be explicit that the pointer is poisoned.
- wasm/js/JSWebAssemblyMemory.h:
- wasm/js/JSWebAssemblyModule.h:
- wasm/js/JSWebAssemblyTable.h:
Source/WTF:
swapping a poisoned pointer with a non-poisoned one (as is done in
JSWebAssembyMemory::adopt) was missing.
- wtf/Poisoned.h:
(WTF::PoisonedImpl::swap):
(WTF::ConstExprPoisonedPtrTraits::swap):
Tools:
Update tests for swap(Poisoned<k, T>, T*)
- TestWebKitAPI/Tests/WTF/ConstExprPoisoned.cpp:
(TestWebKitAPI::TEST):
- TestWebKitAPI/Tests/WTF/Poisoned.cpp:
(TestWebKitAPI::TEST):
- TestWebKitAPI/Tests/WTF/PoisonedRef.cpp:
(TestWebKitAPI::TEST):
- 7:48 PM Changeset in webkit [226484] by
-
- 2 edits in trunk/Tools
REGRESSION(r226396) DataInteractionTests: ContentEditableToContentEditable and ContentEditableToTextarea are failing
https://bugs.webkit.org/show_bug.cgi?id=181359
Reviewed by Tim Horton.
Ensure that these tests still pass using older SDKs.
- TestWebKitAPI/Tests/ios/DataInteractionTests.mm:
(TestWebKitAPI::TEST):
- 7:19 PM Changeset in webkit [226483] by
-
- 22 edits in trunk/Source
Re-enable -Wcast-qual in WebCore for Apple ports
<https://webkit.org/b/177895>
<rdar://problem/34960830>
Reviewed by Joseph Pecoraro.
Source/WebCore:
- Configurations/Base.xcconfig:
(WARNING_CFLAGS): Remove FIXME and add -Wcast-qual back to
arguments.
- crypto/mac/SerializedCryptoKeyWrapMac.mm:
(WebCore::createAndStoreMasterKey):
- Use checked_cf_cast<SecACLRef>().
- editing/cocoa/DataDetection.mm:
(WebCore::detectItemAtPositionWithRange):
- Manually cast CFTypeRef to DDResultRef until DDResultGetTypeID() is available as SPI.
- platform/gamepad/mac/HIDGamepad.cpp:
(WebCore::HIDGamepad::initElementsFromArray):
- Use checked_cf_cast<IOHIDElementRef>().
- platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
(WebCore::MediaSampleAVFObjC::createImageSample):
(WebCore::CMSampleBufferIsRandomAccess):
(WebCore::CMSampleBufferIsNonDisplaying):
(WebCore::MediaSampleAVFObjC::createNonDisplayingCopy const):
- Use checked_cf_cast<CFMutableDictionaryRef>() and checked_cf_cast<CFDictionaryRef>().
- platform/graphics/cocoa/IOSurface.h:
(WebCore::IOSurface::asLayerContents):
- Use reinterpret_cast<id>() to cast from IOSurfaceRef to id.
- platform/graphics/cocoa/WebCoreDecompressionSession.mm:
(WebCore::WebCoreDecompressionSession::getFirstVideoFrame):
(WebCore::WebCoreDecompressionSession::automaticDequeue):
(WebCore::WebCoreDecompressionSession::imageForTime):
(WebCore::WebCoreDecompressionSession::getDecodeTime):
(WebCore::WebCoreDecompressionSession::getPresentationTime):
(WebCore::WebCoreDecompressionSession::getDuration):
- Use checked_cf_cast<CMSampleBufferRef>().
- platform/graphics/Font.h:
(WebCore::Font::m_kernedCFStringAttributes):
(WebCore::Font::m_nonKernedCFStringAttributes):
- Change type from RetainPtr<CFDictionaryRef> to RetainPtr<CFMutableDictionaryRef> since that's what they are.
- platform/graphics/mac/SimpleFontDataCoreText.cpp:
(WebCore::Font::getCFStringAttributes const):
- Replace local
mutableAttributesvariable withattributesDictionary.get()since it returns the correct type now.
- platform/ios/wak/WAKView.mm:
(-[WAKView _initWithViewRef:]):
(_WAKCopyWrapper):
- platform/ios/wak/WKView.mm:
(_WKViewClearSuperview):
(WKViewFirstChild):
(WKViewNextSibling):
- Use static_cast<WKViewRef>(const_cast<void*>()) to convert const void* variable to WKViewRef.
- platform/mac/PasteboardMac.mm:
(WebCore::flipImageSpec):
(WebCore::setDragImageImpl):
- Use const_cast<> to remove 'const' modifier from unsigned char pointers. This regressed while -Wcast-qual was disabled for WebCore.
- platform/mac/SSLKeyGeneratorMac.mm:
(WebCore::signedPublicKeyAndChallengeString):
- Use checked_cf_cast<SecACLRef>().
- platform/mediastream/mac/RealtimeIncomingVideoSourceCocoa.cpp:
(WebCore::RealtimeIncomingVideoSourceCocoa::OnFrame):
- Use checked_cf_cast<CFMutableDictionaryRef>().
- platform/network/cf/SocketStreamHandleImplCFNet.cpp:
(WebCore::copyCONNECTProxyResponse):
- Use checked_cf_cast<CFHTTPMessageRef>().
- platform/network/cocoa/ResourceResponseCocoa.mm:
(WebCore::ResourceResponse::platformCertificateInfo const):
- Use checked_cf_cast<SecTrustRef>().
- platform/network/mac/CertificateInfoMac.mm:
(WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate const):
(WebCore::CertificateInfo::dump const):
- Use checked_cf_cast<SecCertificateRef>().
- testing/cocoa/WebArchiveDumpSupport.mm:
(WebCoreTestSupport::createCFURLResponseFromResponseData):
- Use checked_cf_cast<>() for CFMutable* types.
Source/WTF:
- wtf/RetainPtr.h:
(WTF::RetainPtr::fromStorageTypeHelper const): Add const_cast<>
operator here since some CFTypes are not defined as const
pointers, which triggers a warning in C++ source with
-Wcast-qual when casting from CFTypeRef back to the original
type. Note that we use const_cast<CF_BRIDGED_TYPE(id) void*>()
here (and in TypeCastsCF.h below) since this is what CFTypeRef
is defined as in CFBase.h, but without the 'const' modifier.
(WTF::RetainPtr::fromStorageType const): Ditto.
- wtf/cf/TypeCastsCF.h: Use #pragma once.
(WTF_DECLARE_CF_TYPE_TRAIT): Rename from DECLARE_CF_TYPE_TRAIT.
Don't #undef it so that it can be used in other source files.
(WTF_DECLARE_CF_MUTABLE_TYPE_TRAIT): Add new macro that is used
for declaring CFMutable types. The CFTypeID for CF_Foo_ and
CFMutable_Foo_ are the same, so we have to use a different macro
to declare type traits for those types.
(WTF::dynamic_cf_cast): Add assertion to catch issues in Debug
builds.
(WTF::checked_cf_cast): Inline code from WTF::dynamic_cf_cast
and change behavior to be more consistent between Debug and
Release builds, as well as other "checked" functions.
Previously this function would return nullptr in Release builds
if nullptr or the wrong type of object was passed in, but crash
in both cases on Debug builds. The new behavior always returns
nullptr if nullptr was passed in (but never crashes), and always
crashes if the wrong type of object is passed in.
- 6:16 PM Changeset in webkit [226482] by
-
- 17 edits in trunk/Source
Storage Access API: Refactor to make naming accurate and explicit, simplify access table, and prepare for access removal for page
https://bugs.webkit.org/show_bug.cgi?id=181357
<rdar://problem/36331031>
Reviewed by Alex Christensen.
Source/WebCore:
No new tests. The only changed functionality that isn't covered
by existing tests is cross-origin iframes in the same partition
should be handled as already having access. This cannot be
tested in layout tests since they don't support subdomains.
This change does the following:
- Changes function and message names to reflect how this feature was eventually implemented, i.e. access per frame.
- Makes it explicit that the UI process is only involved in granting storage access and not removing storage access. The latter is done directly by the web process.
- Simplifies the network process' entry map since only needs to be able to give access to one domain in one frame at a time. Access goes away on frame navigation so there can only be one domain at a time per frame. Also, the map now uses pageIDs as main keys to prepare for efficient access removal for all frames under a page.
- Fixes a bug in so that a cross-origin iframe with the same partition as the top frame correctly is handled as already having access.
- platform/network/NetworkStorageSession.h:
- platform/network/cf/NetworkStorageSessionCFNet.cpp:
(WebCore::NetworkStorageSession::cookieStoragePartition const):
The only change here is the changed named of the call to
NetworkStorageSession::hasStorageAccessForFrame().
(WebCore::NetworkStorageSession::hasStorageAccessForFrame const):
(WebCore::NetworkStorageSession::grantStorageAccessForFrame):
(WebCore::NetworkStorageSession::removeStorageAccessForFrame):
(WebCore::NetworkStorageSession::isStorageAccessGranted const): Deleted.
(WebCore::NetworkStorageSession::setStorageAccessGranted): Deleted.
(WebCore::NetworkStorageSession::removeStorageAccess): Deleted.
Source/WebKit:
This change does the following:
- Changes function and message names to reflect how this feature was eventually implemented, i.e. access per frame.
- Makes it explicit that the UI process is only involved in granting storage access and not removing storage access. The latter is done directly by the web process.
- Simplifies the network process' entry map since only needs to be able to give access to one domain in one frame at a time. Access goes away on frame navigation so there can only be one domain at a time per frame. Also, the map now uses pageIDs as main keys to prepare for efficient access removal for all frames under a page.
- Fixes a bug in so that a cross-origin iframe with the same partition as the top frame correctly is handled as already having access.
- NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::removeStorageAccessForFrame):
(WebKit::NetworkConnectionToWebProcess::removeStorageAccess): Deleted.
- NetworkProcess/NetworkConnectionToWebProcess.h:
- NetworkProcess/NetworkConnectionToWebProcess.messages.in:
- NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::hasStorageAccessForFrame):
(WebKit::NetworkProcess::grantStorageAccessForFrame):
(WebKit::NetworkProcess::hasStorageAccessForPrevalentDomains): Deleted.
(WebKit::NetworkProcess::updateStorageAccessForPrevalentDomains): Deleted.
- NetworkProcess/NetworkProcess.h:
- NetworkProcess/NetworkProcess.messages.in:
- UIProcess/Network/NetworkProcessProxy.cpp:
(WebKit::NetworkProcessProxy::hasStorageAccessForFrame):
(WebKit::NetworkProcessProxy::grantStorageAccessForFrame):
(WebKit::NetworkProcessProxy::hasStorageAccessForPrevalentDomains): Deleted.
(WebKit::NetworkProcessProxy::updateStorageAccessForPrevalentDomains): Deleted.
- UIProcess/Network/NetworkProcessProxy.h:
- UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore):
(WebKit::WebResourceLoadStatisticsStore::hasStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccess):
- UIProcess/WebResourceLoadStatisticsStore.h:
- UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::hasStorageAccessForFrameHandler):
(WebKit::WebsiteDataStore::grantStorageAccessForFrameHandler):
(WebKit::WebsiteDataStore::enableResourceLoadStatisticsAndSetTestingCallback):
(WebKit::WebsiteDataStore::hasStorageAccessForPrevalentDomainsHandler): Deleted.
(WebKit::WebsiteDataStore::updateStorageAccessForPrevalentDomainsHandler): Deleted.
- UIProcess/WebsiteData/WebsiteDataStore.h:
- WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::detachedFromParent2):
(WebKit::WebFrameLoaderClient::dispatchWillChangeDocument):
- 5:56 PM Changeset in webkit [226481] by
-
- 28 edits in trunk
Implement Cache API partitioning based on ClientOrigin
https://bugs.webkit.org/show_bug.cgi?id=181240
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-05
Reviewed by Alex Christensen.
Source/WebCore:
Covered by updated tests.
Previously, cache storage was partitioned according the origin of the client, represented as a String.
We now partition according both client and top origins, represented as a ClientOrigin
Minor refactoring to use more makePendingActivity.
Added support for IPC serialization of ClientOrigin.
Added SecurityOriginData::toString which is used by WebKit2 Cache Storage implementation.
- Modules/cache/CacheStorageConnection.cpp:
(WebCore::CacheStorageConnection::open):
(WebCore::CacheStorageConnection::retrieveCaches):
- Modules/cache/CacheStorageConnection.h:
(WebCore::CacheStorageConnection::clearMemoryRepresentation):
(WebCore::CacheStorageConnection::doOpen):
(WebCore::CacheStorageConnection::doRetrieveCaches):
- Modules/cache/DOMCacheStorage.cpp:
(WebCore::DOMCacheStorage::origin const):
(WebCore::DOMCacheStorage::retrieveCaches):
(WebCore::DOMCacheStorage::open):
(WebCore::DOMCacheStorage::remove):
- Modules/cache/DOMCacheStorage.h:
- Modules/cache/WorkerCacheStorageConnection.cpp:
(WebCore::WorkerCacheStorageConnection::doOpen):
(WebCore::WorkerCacheStorageConnection::doRetrieveCaches):
- Modules/cache/WorkerCacheStorageConnection.h:
- page/ClientOrigin.h:
(WebCore::ClientOrigin::isolatedCopy const):
(WebCore::ClientOrigin::encode const):
(WebCore::ClientOrigin::decode):
- page/SecurityOriginData.cpp:
(WebCore::SecurityOriginData::toString const):
(WebCore::SecurityOriginData::debugString const): Deleted.
- page/SecurityOriginData.h:
(WebCore::SecurityOriginData::debugString const):
- testing/Internals.cpp:
(WebCore::Internals::clearCacheStorageMemoryRepresentation):
Source/WebKit:
open and retrieveCaches now take a ClientOrigin instead of a String.
Updated cache filesystem path computation to take both client origin and top origin.
When clearing an origin, caches whose client origin or top origin matches the origin are cleared.
Caches are added to the web site data of their client origin with their corresponding cache size.
Caches are added to the web site data of their top origin with a size equal to 0.
Updated memory representation dumping used for test to include both top and client origins.
- NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::deleteWebsiteDataForOrigins):
- NetworkProcess/cache/CacheStorageEngine.cpp:
(WebKit::CacheStorage::Engine::cachesRootPath):
(WebKit::CacheStorage::Engine::open):
(WebKit::CacheStorage::Engine::remove):
(WebKit::CacheStorage::Engine::retrieveCaches):
(WebKit::CacheStorage::Engine::readCachesFromDisk):
(WebKit::CacheStorage::Engine::removeCaches):
(WebKit::CacheStorage::Engine::fetchEntries):
(WebKit::CacheStorage::Engine::clearCachesForOrigin):
(WebKit::CacheStorage::Engine::clearMemoryRepresentation):
(WebKit::CacheStorage::Engine::representation):
- NetworkProcess/cache/CacheStorageEngine.h:
- NetworkProcess/cache/CacheStorageEngineCache.cpp:
(WebKit::CacheStorage::Cache::Cache):
- NetworkProcess/cache/CacheStorageEngineCaches.cpp:
(WebKit::CacheStorage::Caches::retrieveOriginFromDirectory):
(WebKit::CacheStorage::Caches::Caches):
(WebKit::CacheStorage::Caches::storeOrigin):
(WebKit::CacheStorage::Caches::readOrigin):
(WebKit::CacheStorage::Caches::open):
- NetworkProcess/cache/CacheStorageEngineCaches.h:
(WebKit::CacheStorage::Caches::create):
(WebKit::CacheStorage::Caches::origin const):
- NetworkProcess/cache/CacheStorageEngineConnection.cpp:
(WebKit::CacheStorageEngineConnection::open):
(WebKit::CacheStorageEngineConnection::caches):
(WebKit::CacheStorageEngineConnection::clearMemoryRepresentation):
- NetworkProcess/cache/CacheStorageEngineConnection.h:
- NetworkProcess/cache/CacheStorageEngineConnection.messages.in:
- WebProcess/Cache/WebCacheStorageConnection.cpp:
(WebKit::WebCacheStorageConnection::doOpen):
(WebKit::WebCacheStorageConnection::doRetrieveCaches):
(WebKit::WebCacheStorageConnection::clearMemoryRepresentation):
- WebProcess/Cache/WebCacheStorageConnection.h:
LayoutTests:
Beefing up test to ensure that client and top origins are taken into consideration.
- http/tests/cache-storage/cache-origins.https-expected.txt:
- http/tests/cache-storage/cache-origins.https.html:
- http/tests/cache-storage/cache-clearing-origin.https-expected.txt:
- http/tests/cache-storage/cache-clearing-origin.https.html:
- 5:53 PM Changeset in webkit [226480] by
-
- 11 edits in trunk/Source/WebKit
Show Keyboard when re-launching WKWebView with a previously focused element
https://bugs.webkit.org/show_bug.cgi?id=181353
Reviewed by Tim Horton.
When relaunching an app with a WKWebView, restore the keyboard if there was a previously
focused element that was being assisted. The element was already being tracked, we just
needed to not bail on showing the keyboard for instances where it was a state change that
caused the element to be refocused.
- UIProcess/PageClient.h:
- UIProcess/WebPageProxy.h:
- UIProcess/WebPageProxy.messages.in:
- UIProcess/ios/PageClientImplIOS.h:
- UIProcess/ios/PageClientImplIOS.mm:
(WebKit::PageClientImpl::startAssistingNode):
- UIProcess/ios/WKContentView.h:
- UIProcess/ios/WKContentViewInteraction.h:
- UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _startAssistingNode:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):
(-[WKContentView _startAssistingNode:userIsInteracting:blurPreviousNode:userObject:]): Deleted.
- UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::startAutoscrollAtPosition):
(WebKit::WebPageProxy::startAssistingNode):
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::setActivityState):
(WebKit::WebPage::elementDidFocus):
- WebProcess/WebPage/WebPage.h:
- 5:49 PM Changeset in webkit [226479] by
-
- 2 edits in trunk/Tools
Rebase API test after r226469
https://bugs.webkit.org/show_bug.cgi?id=181308
- TestWebKitAPI/Tests/WebKitCocoa/LoadInvalidURLRequest.mm:
(-[LoadInvalidURLNavigationActionDelegate webView:didFailProvisionalNavigation:withError:]):
A URL with < or > in it is now recognized as invalid by WebKit. This is intentional, and matches our behavior before enabling the new URLParser.
- 5:29 PM Changeset in webkit [226478] by
-
- 1 edit3 adds in trunk/Source/WebInspectorUI
Web Inspector: Add another Protocol Version
https://bugs.webkit.org/show_bug.cgi?id=181354
<rdar://problem/35432817>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-05
Reviewed by Matt Baker.
- UserInterface/Protocol/Legacy/11.3/InspectorBackendCommands.js: Added.
- Versions/Inspector-iOS-11.3.json: Added.
- 5:27 PM Changeset in webkit [226477] by
-
- 2 edits in trunk/JSTests
Unreviewed, attempt to fix test262 after r226386.
- test262.yaml:
- 5:27 PM Changeset in webkit [226476] by
-
- 2 edits in trunk/LayoutTests
Mark fast/workers/worker-terminate.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=181098
Unreviewed test gardening.
- platform/mac/TestExpectations:
- 5:19 PM Changeset in webkit [226475] by
-
- 4 edits in trunk/Source/ThirdParty/libwebrtc
Close WebRTC sockets when marked as defunct
https://bugs.webkit.org/show_bug.cgi?id=177324
rdar://problem/35244931
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-05
Reviewed by Eric Carlson.
In case selected sockets return an error when trying to accept an incoming socket,
check whether the socket is defunct or not.
If so, close it properly.
- Source/webrtc/base/asynctcpsocket.cc:
- Source/webrtc/base/physicalsocketserver.cc:
- Source/webrtc/base/socket.h:
- 4:37 PM Changeset in webkit [226474] by
-
- 10 edits in trunk/Source/JavaScriptCore
Add ability to disable indexed property masking for testing
https://bugs.webkit.org/show_bug.cgi?id=181350
Reviewed by Keith Miller.
Made the masking of indexed properties runtime controllable via a new JSC::Option
named disableSpectreMitigations. This is done to test the efficacy of that mitigation.
The new option has a generic name as it will probably be used to disable future mitigations.
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::SpeculativeJIT):
(JSC::DFG::SpeculativeJIT::loadFromIntTypedArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::LowerDFGToB3):
(JSC::FTL::DFG::LowerDFGToB3::maskedIndex):
(JSC::FTL::DFG::LowerDFGToB3::pointerIntoTypedArray):
- jit/JIT.cpp:
(JSC::JIT::JIT):
- jit/JIT.h:
- jit/JITPropertyAccess.cpp:
(JSC::JIT::emitDoubleLoad):
(JSC::JIT::emitContiguousLoad):
(JSC::JIT::emitArrayStorageLoad):
- runtime/Options.h:
- wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::emitCheckAndPreparePointer):
- 4:27 PM Changeset in webkit [226473] by
-
- 2 edits in trunk/Source/JavaScriptCore
Allow JSC Config Files to set Restricted Options
https://bugs.webkit.org/show_bug.cgi?id=181352
Reviewed by Mark Lam.
- runtime/ConfigFile.cpp:
(JSC::ConfigFile::parse):
- 4:08 PM Changeset in webkit [226472] by
-
- 4 edits in trunk
Restrict navigation-time WKWebsiteDataStore swapping to main frame navigations
https://bugs.webkit.org/show_bug.cgi?id=181217
Reviewed by Tim Horton.
Source/WebKit:
If we swap during an iframe navigation, then we get a page in a strange state.
The intent of the main frame navigation WKWebsiteDataStore swap is that
that is a time when we can change storages without a page in an inconsistent state.
- UIProcess/Cocoa/NavigationState.mm:
(WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction):
Tools:
- TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm:
(-[WebsitePoliciesWebsiteDataStoreDelegate _webView:decidePolicyForNavigationAction:decisionHandler:]):
(TEST):
- 4:05 PM Changeset in webkit [226471] by
-
- 6 edits1 add in trunk
Add WKBundleFrameCreateFrameHandle
https://bugs.webkit.org/show_bug.cgi?id=181232
<rdar://problem/35926696>
Reviewed by Tim Horton.
Source/WebKit:
InjectedBundle clients wanting to sent a _WKFrameHandle cannot without this function.
Before, they would just send the WKBundleFrameRef which would be changed into a WKFrameRef
in the UIProcess by WebProcessProxy::transformHandlesToObjects, but there is no ObjC equivalent
of WKFrameRef, so we were just getting a WKObject when we wanted a _WKFrameHandle.
We can't change WebProcessProxy::transformHandlesToObjects without being incompatible with the
existing C API, so let's add a way for clients to say "I want a _WKFrameHandle".
- WebProcess/InjectedBundle/API/c/WKBundlePage.cpp:
(WKBundleFrameCreateFrameHandle):
- WebProcess/InjectedBundle/API/c/WKBundlePage.h:
Tools:
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/WebKitCocoa/FrameHandleSerialization.mm: Added.
(mouseDidMoveOverElement):
(-[FrameHandleSerialization webProcessPlugIn:didCreateBrowserContextController:]):
- TestWebKitAPI/Tests/WebKitCocoa/UIDelegate.mm:
(-[MouseMoveOverElementDelegate _webView:mouseDidMoveOverElement:withFlags:userInfo:]):
(TEST):
- 3:48 PM Changeset in webkit [226470] by
-
- 18 edits in trunk/Source
[Attachment Support] Add a way to write blob data to a file URL from the UI process
https://bugs.webkit.org/show_bug.cgi?id=181236
Reviewed by Brady Eidson.
Source/WebCore:
Add support for writing a blob to a designated file path. See comments below for more detail. No new tests, as
there change in behavior yet. See part 2: https://bugs.webkit.org/show_bug.cgi?id=181199.
- page/DragController.cpp:
(WebCore::DragController::dragAttachmentElement):
- platform/PromisedBlobInfo.h:
Remove PromisedBlobData entirely. This was added with the premise of having the web process deliver blob data to
the UI process. However, the new approach I'm taking just has the UI process tell the network process to write
a blob to a given location, so a data structure to deliver blob data over IPC is no longer necessary.
(WebCore::PromisedBlobData::hasData const): Deleted.
(WebCore::PromisedBlobData::hasFile const): Deleted.
(WebCore::PromisedBlobData::operator bool const): Deleted.
(WebCore::PromisedBlobData::fulfills const): Deleted.
- platform/network/BlobRegistryImpl.cpp:
(WebCore::BlobRegistryImpl::populateBlobsForFileWriting):
Introduce a new helper to build a list of blob data for file writing.
(WebCore::writeFilePathsOrDataBuffersToFile):
Introduce a new static helper to write blob data (a list of file paths and data buffers) to a given file handle.
Automatically closes the given file handle upon exit.
(WebCore::BlobRegistryImpl::writeBlobsToTemporaryFiles):
(WebCore::BlobRegistryImpl::writeBlobToFilePath):
Pull out common logic in writeBlobsToTemporaryFiles and writeBlobToFilePath into helper methods (see above), and
refactor both methods to use the helpers.
- platform/network/BlobRegistryImpl.h:
Source/WebKit:
Add support for writing a blob to a designated file path. In WebKit, this is mainly plumbing writeBlobToFilePath
through WebPageProxy to the network process.
- NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:
(WebKit::NetworkBlobRegistry::writeBlobToFilePath):
Call out to the BlobRegistryImpl to write blobs to the file path. Additionally grant sandbox extensions for any
file-backed blob parts corresponding to the given blob URL.
(WebKit::NetworkBlobRegistry::filesInBlob):
Introduce a version of filesInBlob that doesn't check against the NetworkConnectionToWebProcess. This is used
when the UI process is the driver for writing a blob.
- NetworkProcess/FileAPI/NetworkBlobRegistry.h:
- NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::writeBlobToFilePath):
Temporarily grant sandbox access to the given file path.
- NetworkProcess/NetworkProcess.h:
- NetworkProcess/NetworkProcess.messages.in:
- Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<PromisedBlobInfo>::encode):
(IPC::ArgumentCoder<PromisedBlobInfo>::decode):
(IPC::ArgumentCoder<PromisedBlobData>::encode): Deleted.
(IPC::ArgumentCoder<PromisedBlobData>::decode): Deleted.
Remove PromisedBlobData (see WebCore/ChangeLog for more information).
- Shared/WebCoreArgumentCoders.h:
- UIProcess/Network/NetworkProcessProxy.cpp:
(WebKit::NetworkProcessProxy::didClose):
If the network process is terminated, flush any pending callbacks in m_writeBlobToFilePathCallbackMap, passing
in a failure result (success := false) and clearing the callback map.
(WebKit::NetworkProcessProxy::writeBlobToFilePath):
(WebKit::NetworkProcessProxy::didWriteBlobToFilePath):
- UIProcess/Network/NetworkProcessProxy.h:
- UIProcess/Network/NetworkProcessProxy.messages.in:
- UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::writeBlobToFilePath):
- UIProcess/WebPageProxy.h:
- 3:38 PM Changeset in webkit [226469] by
-
- 9 edits in trunk
Forbid < and > in URL hosts
https://bugs.webkit.org/show_bug.cgi?id=181308
<rdar://problem/36012757>
Reviewed by Tim Horton.
LayoutTests/imported/w3c:
- web-platform-tests/url/a-element-expected.txt:
- web-platform-tests/url/a-element-origin-expected.txt:
- web-platform-tests/url/a-element-origin-xhtml-expected.txt:
- web-platform-tests/url/a-element-xhtml-expected.txt:
- web-platform-tests/url/url-constructor-expected.txt:
- web-platform-tests/url/url-origin-expected.txt:
Source/WebCore:
https://url.spec.whatwg.org/#forbidden-host-code-point does not include these characters yet, but I think it should.
Firefox fails to parse URLs with < or > in the host. Chrome percent encodes them. Safari needs to do something.
The web platform tests are unclear on this case, and they will need to be updated with the specification.
They do show a change in behavior, though.
- platform/URLParser.cpp:
Add < and > to the list of forbidden host code points.
- 3:34 PM Changeset in webkit [226468] by
-
- 10 edits2 adds in trunk/Source/WebCore
[MediaStream] Add Mac screen capture source
https://bugs.webkit.org/show_bug.cgi?id=181333
<rdar://problem/36323219>
Reviewed by Dean Jackson.
Source/WebCore:
- SourcesCocoa.txt: Add ScreenDisplayCaptureSourceMac.mm.
- WebCore.xcodeproj/project.pbxproj: Ditto.
- platform/cocoa/CoreVideoSoftLink.cpp: Declare new constants used.
- platform/cocoa/CoreVideoSoftLink.h:
- platform/mediastream/mac/DisplayCaptureManagerCocoa.cpp:
(WebCore::displayReconfigurationCallBack): Call refreshCaptureDevices.
(WebCore::DisplayCaptureManagerCocoa::~DisplayCaptureManagerCocoa): Unregister for display
reconfiguration callbacks.
(WebCore::DisplayCaptureManagerCocoa::captureDevices): Register for display reconfigrations.
(WebCore::DisplayCaptureManagerCocoa::refreshCaptureDevices): Use CGActiveDisplayList to
get list of active screens.
(WebCore::DisplayCaptureManagerCocoa::screenCaptureDeviceWithPersistentID): Validate screen
ID, return CaptureDevice.
- platform/mediastream/mac/DisplayCaptureManagerCocoa.h:
- platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
(WebCore::VideoCaptureSourceFactoryMac::createVideoCaptureSource): Deal with screen capture
on macOS.
Implement Mac screen capture with CGDisplayStream.
- platform/mediastream/mac/ScreenDisplayCaptureSourceMac.h: Added.
(WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::~DisplaySurface):
(WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::operator=):
(WebCore::ScreenDisplayCaptureSourceMac::DisplaySurface::ioSurface const):
- platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm: Added.
(WebCore::roundUpToMacroblockMultiple):
(WebCore::ScreenDisplayCaptureSourceMac::updateDisplayID):
(WebCore::ScreenDisplayCaptureSourceMac::create):
(WebCore::ScreenDisplayCaptureSourceMac::ScreenDisplayCaptureSourceMac):
(WebCore::ScreenDisplayCaptureSourceMac::~ScreenDisplayCaptureSourceMac):
(WebCore::ScreenDisplayCaptureSourceMac::createDisplayStream):
(WebCore::ScreenDisplayCaptureSourceMac::startProducingData):
(WebCore::ScreenDisplayCaptureSourceMac::stopProducingData):
(WebCore::ScreenDisplayCaptureSourceMac::sampleBufferFromPixelBuffer):
(WebCore::ScreenDisplayCaptureSourceMac::pixelBufferFromIOSurface):
(WebCore::ScreenDisplayCaptureSourceMac::generateFrame):
(WebCore::ScreenDisplayCaptureSourceMac::startDisplayStream):
(WebCore::ScreenDisplayCaptureSourceMac::applySize):
(WebCore::ScreenDisplayCaptureSourceMac::applyFrameRate):
(WebCore::ScreenDisplayCaptureSourceMac::commitConfiguration):
(WebCore::ScreenDisplayCaptureSourceMac::displayWasReconfigured):
(WebCore::ScreenDisplayCaptureSourceMac::displayReconfigurationCallBack):
(WebCore::ScreenDisplayCaptureSourceMac::frameAvailable):
Source/WebCore/PAL:
- pal/spi/cg/CoreGraphicsSPI.h: Declare some CGDisplayMode SPI.
- 3:27 PM Changeset in webkit [226467] by
-
- 3 edits in trunk/Source/WebKit
Add injected bundle equivalents of DOMHTMLDocument (DOMHTMLDocumentExtensions)
https://bugs.webkit.org/show_bug.cgi?id=181345
Reviewed by Tim Horton.
- WebProcess/InjectedBundle/API/mac/WKDOMDocument.h: Declared new methods.
- WebProcess/InjectedBundle/API/mac/WKDOMDocument.mm:
(-[WKDOMDocument createDocumentFragmentWithMarkupString:baseURL:]): Added. Calls WebCore’s
createFragmentFromMarkup.
(-[WKDOMDocument createDocumentFragmentWithText:]): Added. Calls WebCore’s
createFragmentFromText.
- 3:13 PM Changeset in webkit [226466] by
-
- 2 edits in trunk/Source/WebCore
[curl] Can't load file:// URL with a URL fragment identifier
https://bugs.webkit.org/show_bug.cgi?id=181170
Reviewed by Alex Christensen.
No new tests. No change in behavior.
- platform/network/curl/CurlRequest.cpp:
(WebCore::CurlRequest::invokeDidReceiveResponseForFile):
- 2:52 PM Changeset in webkit [226465] by
-
- 2 edits3 adds in trunk/Source/WebKit
[Curl] Add implementation stubs for Network Cache
https://bugs.webkit.org/show_bug.cgi?id=181343
Reviewed by Alex Christensen.
- NetworkProcess/cache/NetworkCacheCodersCurl.cpp: Added.
(WTF::Persistence::Coder<WebCore::CertificateInfo>::encode):
(WTF::Persistence::Coder<WebCore::CertificateInfo>::decode):
- NetworkProcess/cache/NetworkCacheDataCurl.cpp: Added.
(WebKit::NetworkCache::Data::Data):
(WebKit::NetworkCache::Data::empty):
(WebKit::NetworkCache::Data::data const):
(WebKit::NetworkCache::Data::isNull const):
(WebKit::NetworkCache::Data::apply const):
(WebKit::NetworkCache::Data::subrange const):
(WebKit::NetworkCache::concatenate):
(WebKit::NetworkCache::Data::adoptMap):
- NetworkProcess/cache/NetworkCacheIOChannelCurl.cpp: Added.
(WebKit::NetworkCache::IOChannel::IOChannel):
(WebKit::NetworkCache::IOChannel::~IOChannel):
(WebKit::NetworkCache::IOChannel::open):
(WebKit::NetworkCache::IOChannel::read):
(WebKit::NetworkCache::IOChannel::write):
- PlatformWin.cmake:
- 2:42 PM Changeset in webkit [226464] by
-
- 3 edits in trunk/Source/WebKit
[Curl] Update method declarations in WebKit
https://bugs.webkit.org/show_bug.cgi?id=181342
Reviewed by Alex Christensen.
- NetworkProcess/Downloads/curl/DownloadCurl.cpp:
(WebKit::Download::resume):
- NetworkProcess/curl/RemoteNetworkingContextCurl.cpp:
(WebKit::RemoteNetworkingContext::ensurePrivateBrowsingSession): Deleted.
(WebKit::RemoteNetworkingContext::blockedError const): Deleted.
- 2:42 PM Changeset in webkit [226463] by
-
- 2 edits in trunk/Source/WebCore
TextCodec uses std::array but does not include it
https://bugs.webkit.org/show_bug.cgi?id=181340
Reviewed by Alex Christensen.
No new tests. No change in behavior.
- platform/text/TextCodec.h:
- 2:34 PM Changeset in webkit [226462] by
-
- 2 edits in trunk/LayoutTests
Mark mathml/opentype/horizontal-munderover.html as failure on Windows.
https://bugs.webkit.org/show_bug.cgi?id=181346
Unreviewed test gardening.
- platform/win/TestExpectations:
- 2:02 PM Changeset in webkit [226461] by
-
- 24 edits in trunk/Source
TypedArrays and Wasm should use index masking.
https://bugs.webkit.org/show_bug.cgi?id=181313
Reviewed by Michael Saboff.
Source/JavaScriptCore:
We should have index masking for our TypedArray code in the
DFG/FTL and for Wasm when doing bounds checking. Index masking for
Wasm is added to the WasmBoundsCheckValue. Since we don't CSE any
WasmBoundsCheckValues we don't need to worry about combining a
bounds check for a load and a store. I went with fusing the
pointer masking in the WasmBoundsCheckValue since it should reduce
additional compiler overhead.
- b3/B3LowerToAir.cpp:
- b3/B3Validate.cpp:
- b3/B3WasmBoundsCheckValue.cpp:
(JSC::B3::WasmBoundsCheckValue::WasmBoundsCheckValue):
(JSC::B3::WasmBoundsCheckValue::dumpMeta const):
- b3/B3WasmBoundsCheckValue.h:
(JSC::B3::WasmBoundsCheckValue::pinnedIndexingMask const):
- b3/air/AirCustom.h:
(JSC::B3::Air::WasmBoundsCheckCustom::generate):
- b3/testb3.cpp:
(JSC::B3::testWasmBoundsCheck):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::emitAllocateRawObject):
(JSC::DFG::SpeculativeJIT::loadFromIntTypedArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray):
(JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithSize):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileAtomicsReadModifyWrite):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::pointerIntoTypedArray):
- jit/JITPropertyAccess.cpp:
(JSC::JIT::emitIntTypedArrayGetByVal):
- runtime/Butterfly.h:
(JSC::Butterfly::computeIndexingMask const):
(JSC::Butterfly::computeIndexingMaskForVectorLength): Deleted.
- runtime/JSArrayBufferView.cpp:
(JSC::JSArrayBufferView::JSArrayBufferView):
- wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::B3IRGenerator::emitCheckAndPreparePointer):
(JSC::Wasm::B3IRGenerator::load):
(JSC::Wasm::B3IRGenerator::store):
(JSC::Wasm::B3IRGenerator::addCallIndirect):
- wasm/WasmBinding.cpp:
(JSC::Wasm::wasmToWasm):
- wasm/WasmMemory.cpp:
(JSC::Wasm::Memory::Memory):
(JSC::Wasm::Memory::grow):
- wasm/WasmMemory.h:
(JSC::Wasm::Memory::offsetOfIndexingMask):
- wasm/WasmMemoryInformation.cpp:
(JSC::Wasm::PinnedRegisterInfo::get):
(JSC::Wasm::PinnedRegisterInfo::PinnedRegisterInfo):
- wasm/WasmMemoryInformation.h:
(JSC::Wasm::PinnedRegisterInfo::toSave const):
- wasm/js/JSToWasm.cpp:
(JSC::Wasm::createJSToWasmWrapper):
Source/WTF:
- wtf/MathExtras.h:
(WTF::computeIndexingMask):
- 1:50 PM Changeset in webkit [226460] by
-
- 3 edits in trunk/Source/WebKit
WebFullScreenManager should compile when ENABLE(VIDEO) is off
https://bugs.webkit.org/show_bug.cgi?id=181338
Reviewed by Alex Christensen.
- WebProcess/FullScreen/WebFullScreenManager.cpp:
(WebKit::WebFullScreenManager::didEnterFullScreen):
(WebKit::WebFullScreenManager::willExitFullScreen):
- WebProcess/FullScreen/WebFullScreenManager.h:
- 1:44 PM Changeset in webkit [226459] by
-
- 5 edits in tags/Safari-605.1.19/Source/WebKit
Cherry-pick r226458. rdar://problem/36311296
- 1:28 PM Changeset in webkit [226458] by
-
- 5 edits in trunk/Source/WebKit
[Apple Pay] Disable Apple Pay on platforms that don't have PassKit.framework
https://bugs.webkit.org/show_bug.cgi?id=181335
<rdar://problem/36311296>
Reviewed by Brady Eidson.
When Safari is running in the macOS Base System, PassKit.framework is not available.
If we fail to dlopen PassKit, we should disable Apple Pay.
- UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetApplePayEnabled):
- UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _initializeWithConfiguration:]):
- UIProcess/ApplePay/WebPaymentCoordinatorProxy.h:
- UIProcess/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.mm:
(WebKit::WebPaymentCoordinatorProxy::availablePaymentNetworks):
(WebKit::WebPaymentCoordinatorProxy::platformSupportsPayments):
- 12:10 PM Changeset in webkit [226457] by
-
- 3 edits in trunk/Source/WebCore
SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded() should do nothing if the property is not animating
https://bugs.webkit.org/show_bug.cgi?id=181316
<rdar://problem/36147545>
Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-01-05
Reviewed by Simon Fraser.
This is a speculative change to fix a crash which appeared after r226065.
The crash is very intermittent and sometimes very hard to reproduce. The
basic code analysis did not show how this crash can even happen.
- svg/SVGAnimatedTypeAnimator.h:
(WebCore::SVGAnimatedTypeAnimator::resetFromBaseValues): For SVG property
with two values, e.g. <SVGAngleValue, SVGMarkerOrientType>, we need to
detach the wrappers of the animated property if the animated values are
going to change. This is similar to what we did in resetFromBaseValue().
- svg/properties/SVGAnimatedListPropertyTearOff.h:
(WebCore::SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded):
- 11:51 AM Changeset in webkit [226456] by
-
- 3 edits1 delete in trunk/LayoutTests
Skip LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/claim-shared-worker-fetch.https.html
https://bugs.webkit.org/show_bug.cgi?id=181329
Unreviewed.
LayoutTests/imported/w3c:
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-05
- web-platform-tests/service-workers/service-worker/claim-shared-worker-fetch.https-expected.txt: Removed.
LayoutTests:
SharedWorker is not supported.
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-05
- 11:34 AM Changeset in webkit [226455] by
-
- 2 edits in trunk/LayoutTests
Marked fast/mediastream/MediaStream-MediaElement-setObject-null.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=181069
Unreviewed test gardening.
- platform/mac-wk2/TestExpectations:
- 11:30 AM WebKitGTK/2.18.x edited by
- (diff)
- 11:09 AM Changeset in webkit [226454] by
-
- 3 edits in trunk/Source/WebKit
Fixed the build following AppKit API deprecations in a recent SDKs
- UIProcess/mac/WKFullScreenWindowController.mm:
(-[WKFullScreenWindowController enterFullScreen:]): Suppressed deprecation warnings.
(-[WKFullScreenWindowController finishedEnterFullScreenAnimation:]): Ditto.
(-[WKFullScreenWindowController exitFullScreen]): Ditto.
(-[WKFullScreenWindowController finishedExitFullScreenAnimation:]): Ditto.
(-[WKFullScreenWindowController completeFinishExitFullScreenAnimationAfterRepaint]): Ditto.
(-[WKFullScreenWindowController _startEnterFullScreenAnimationWithDuration:]): Ditto.
(-[WKFullScreenWindowController _startExitFullScreenAnimationWithDuration:]): Ditto.
- UIProcess/mac/WKPrintingView.mm:
(-[WKPrintingView _setAutodisplay:]): Ditto.
- 11:01 AM Changeset in webkit [226453] by
-
- 27 edits in trunk
Unreviewed, rolling out r226401.
This caused timeouts on multiple platforms.
Reverted changeset:
"Implement Cache API partitioning based on ClientOrigin"
https://bugs.webkit.org/show_bug.cgi?id=181240
https://trac.webkit.org/changeset/226401
- 10:43 AM Changeset in webkit [226452] by
-
- 7 edits in trunk/Source
Fixed the build following AppKit API deprecations in a recent SDKs
Source/WebCore:
- platform/mac/PasteboardMac.mm:
(WebCore::setDragImageImpl): Suppressed deprecation warnings.
- platform/mac/WidgetMac.mm:
(WebCore::Widget::paint): Ditto.
Source/WebKitLegacy/mac:
- WebView/WebFullScreenController.mm:
(-[WebFullScreenController enterFullScreen:]): Suppressed deprecation warnings.
(-[WebFullScreenController exitFullScreen]): Ditto.
(-[WebFullScreenController _startEnterFullScreenAnimationWithDuration:]): Ditto.
(-[WebFullScreenController _startExitFullScreenAnimationWithDuration:]): Ditto.
- WebView/WebHTMLView.mm:
(-[WebHTMLView drawRect:]): Ditto.
(-[WebHTMLView _endPrintModeAndRestoreWindowAutodisplay]): Ditto.
(-[WebHTMLView knowsPageRange:]): Ditto.
- WebView/WebView.mm:
(LayerFlushController::flushLayers): Ditto.
- 10:14 AM Changeset in webkit [226451] by
-
- 6 edits8 adds in trunk
ServiceWorkers: Enable UserTiming / ResourceTiming
https://bugs.webkit.org/show_bug.cgi?id=181297
<rdar://problem/36307306>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-05
Reviewed by Youenn Fablet.
Source/WebCore:
Tests: http/tests/workers/service/service-worker-resource-timing.https.html
http/tests/workers/service/service-worker-user-timing.https.html
- loader/ResourceTiming.cpp:
(WebCore::ResourceTiming::ResourceTiming):
We used to clear extra NetworkLoadMetrics data early on. However,
for Workers we want to pass the complete NetworkLoadMetrics to
the Worker so that a Worker inspector has access to it.
- page/PerformanceResourceTiming.cpp:
(WebCore::PerformanceResourceTiming::PerformanceResourceTiming):
Instead move the clearing of extra data to here, when the NetworkLoadMetrics
have finally settled into being used only for a performance entry.
Source/WebKit:
- WebProcess/Storage/WebSWContextManagerConnection.cpp:
(WebKit::WebSWContextManagerConnection::updatePreferencesStore):
Enable Resource Timing / User Timing for the ServiceWorker process.
LayoutTests:
- http/tests/workers/service/resources/data1.txt: Added.
- http/tests/workers/service/resources/data2.txt: Added.
Resources to load from a service-worker.
- http/tests/workers/service/resources/service-worker-resource-timing.js: Added.
- http/tests/workers/service/service-worker-resource-timing.https-expected.txt: Added.
- http/tests/workers/service/service-worker-resource-timing.https.html: Added.
Test that a ServiceWorker can produce resource entries for a few
different kinds of loads (CacheStorage load, and a fetch).
- http/tests/workers/service/resources/service-worker-user-timing.js: Added.
- http/tests/workers/service/service-worker-user-timing.https-expected.txt: Added.
- http/tests/workers/service/service-worker-user-timing.https.html: Added.
Test that a ServiceWorker can produce a mark/measure entries.
- 9:59 AM Changeset in webkit [226450] by
-
- 2 edits in trunk/Tools
iOS: Build fix after r226432.
Unreviewed. Stop duplicating speakAs symbols for iOS.
- DumpRenderTree/AccessibilityUIElement.cpp:
(AccessibilityUIElement::speakAs):
- 9:10 AM Changeset in webkit [226449] by
-
- 3 edits in trunk/LayoutTests/imported/w3c
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event.https.html should not expect Upgrade-Insecure Requests header
https://bugs.webkit.org/show_bug.cgi?id=181286
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-05
Reviewed by Alex Christensen.
Test previously expected upgrade-insecure-requests header to be inserted in a HTTP request.
Given the request URL is HTTPS, there is no need for that header.
- web-platform-tests/service-workers/service-worker/fetch-event.https-expected.txt:
- web-platform-tests/service-workers/service-worker/fetch-event.https.html:
- 7:34 AM Changeset in webkit [226448] by
-
- 2 edits in trunk/Tools
Unreviewed, added myself as WebKit reviewer
- Scripts/webkitpy/common/config/contributors.json:
- 6:39 AM Changeset in webkit [226447] by
-
- 3 edits in trunk/LayoutTests
[WPE][GTK] Unreviewed gardening
Unskip svg/hittest/svg-shapes-non-scale-stroke.html, passing after
r226443.
- platform/gtk/TestExpectations:
- platform/wpe/TestExpectations:
- 6:01 AM Changeset in webkit [226446] by
-
- 2 edits in trunk/Source/WebCore
[EME][GStreamer] Fix wrong ifdef
https://bugs.webkit.org/show_bug.cgi?id=181289
Reviewed by Alex Christensen.
- platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::handleMessage): Remove the
ENCRYPTED_MEDIA ifdef from the VIDEO_TRACK ifdef block. Both have
nothing to do together.
- 5:50 AM Changeset in webkit [226445] by
-
- 2 edits in trunk/LayoutTests
[WPE] Unreviewed gardening
- platform/wpe/TestExpectations: Unskip two tests passing after r226404.
- 3:45 AM Changeset in webkit [226444] by
-
- 21 edits in trunk/LayoutTests
[WPE] Rebaseline test expectations after r226404
Unreviewed gardening.
- platform/wpe/css1/font_properties/font_size-expected.txt:
- platform/wpe/css1/text_properties/letter_spacing-expected.txt:
- platform/wpe/css1/text_properties/line_height-expected.txt:
- platform/wpe/css1/text_properties/text_indent-expected.txt:
- platform/wpe/css1/text_properties/word_spacing-expected.txt:
- platform/wpe/css1/units/length_units-expected.txt:
- platform/wpe/css2.1/t040302-c61-ex-len-00-b-a-expected.txt:
- platform/wpe/css2.1/t040302-c61-rel-len-00-b-ag-expected.txt:
- platform/wpe/css2.1/t1008-c44-ln-box-02-d-ag-expected.txt:
- platform/wpe/css2.1/t100801-c544-valgn-01-d-ag-expected.txt:
- platform/wpe/css2.1/t100801-c544-valgn-03-d-agi-expected.txt:
- platform/wpe/css2.1/t100801-c548-ln-ht-02-b-ag-expected.txt:
- platform/wpe/css2.1/t1507-c526-font-sz-02-b-a-expected.txt:
- platform/wpe/css2.1/t1601-c547-indent-00-b-a-expected.txt:
- platform/wpe/css2.1/t1604-c542-letter-sp-00-b-a-expected.txt:
- platform/wpe/svg/W3C-SVG-1.1-SE/coords-units-03-b-expected.txt:
- platform/wpe/svg/W3C-SVG-1.1/coords-units-03-b-expected.txt:
- platform/wpe/svg/custom/alignment-baseline-modes-expected.txt:
- platform/wpe/svg/custom/dominant-baseline-modes-expected.txt:
- platform/wpe/tables/mozilla/bugs/bug55527-expected.txt:
- 3:41 AM Changeset in webkit [226443] by
-
- 3 edits2 adds in trunk
[Cairo] Canvas: Path::clear should clear its transform
https://bugs.webkit.org/show_bug.cgi?id=181320
Patch by Fujii Hironori <Fujii Hironori> on 2018-01-05
Reviewed by Carlos Garcia Campos.
Source/WebCore:
Path of Cairo port has its cairo context. Path::clear() didn't
clear the transform matrix of the context.
Test: fast/canvas/reset-scaling-by-height-change.html
- platform/graphics/cairo/PathCairo.cpp:
(WebCore::Path::clear): Reset the transform matrix of Path.
LayoutTests:
- fast/canvas/reset-scaling-by-height-change-expected.txt: Added.
- fast/canvas/reset-scaling-by-height-change.html: Added.
- 3:11 AM Changeset in webkit [226442] by
-
- 2 edits in trunk
REGRESSION(r226306)[Win][CMake] Unnecessary recompilations triggered by unconditionally copied header files of DerivedSources
https://bugs.webkit.org/show_bug.cgi?id=181324
Patch by Fujii Hironori <Fujii Hironori> on 2018-01-05
Reviewed by Konstantin Tokarev.
r226306 changed to use cmake -E copy to copy header files of
DerivedSources. This command copies files unconditionally, then
introduced unnecessary recompilations.
- Source/cmake/WebKitMacros.cmake: Use copy_if_different instead of copy.
- 2:10 AM Changeset in webkit [226441] by
-
- 2 edits in trunk/Tools
WPE: Build fix after r226432.
Unreviewed. Rename ::speak() to ::speakAs().
- WebKitTestRunner/InjectedBundle/wpe/AccessibilityUIElementWPE.cpp:
(WTR::AccessibilityUIElement::speakAs):
(WTR::AccessibilityUIElement::speak): Deleted.
- 12:26 AM Changeset in webkit [226440] by
-
- 19 edits in trunk/Source/JavaScriptCore
Unreviewed, rolling out r226434.
https://bugs.webkit.org/show_bug.cgi?id=181322
32bit JSC failure in x86 (Requested by yusukesuzuki on
#webkit).
Reverted changeset:
"[DFG] Unify ToNumber implementation in 32bit and 64bit by
changing 32bit Int32Tag and LowestTag"
https://bugs.webkit.org/show_bug.cgi?id=181134
https://trac.webkit.org/changeset/226434
Jan 4, 2018:
- 10:40 PM Changeset in webkit [226439] by
-
- 38 edits in trunk/Source
Web Inspector: replace HTMLCanvasElement with CanvasRenderingContext for instrumentation logic
https://bugs.webkit.org/show_bug.cgi?id=180770
Reviewed by Joseph Pecoraro.
Source/JavaScriptCore:
- inspector/protocol/Canvas.json:
Source/WebCore:
No change in functionality.
- html/HTMLCanvasElement.h:
- html/HTMLCanvasElement.cpp:
(WebCore::HTMLCanvasElement::createContext2d):
(WebCore::HTMLCanvasElement::createContextWebGL):
(WebCore::HTMLCanvasElement::createContextWebGPU):
(WebCore::HTMLCanvasElement::createContextBitmapRenderer):
(WebCore::HTMLCanvasElement::reset):
(WebCore::HTMLCanvasElement::paint):
(WebCore::HTMLCanvasElement::setImageBuffer const):
(WebCore::HTMLCanvasElement::addObserver): Deleted.
(WebCore::HTMLCanvasElement::removeObserver): Deleted.
(WebCore::HTMLCanvasElement::cssCanvasClients): Deleted.
(WebCore::HTMLCanvasElement::notifyObserversCanvasChanged): Deleted.
- html/OffscreenCanvas.h:
- html/canvas/CanvasRenderingContext.h:
- html/canvas/CanvasRenderingContext.cpp:
- html/canvas/CanvasRenderingContext2D.h:
- html/canvas/CanvasRenderingContext2D.cpp:
(WebCore::CanvasRenderingContext2D::create):
- html/canvas/CanvasRenderingContext2DBase.h:
- html/canvas/ImageBitmapRenderingContext.h:
- html/canvas/ImageBitmapRenderingContext.cpp:
(WebCore::ImageBitmapRenderingContext::create):
- html/canvas/WebGL2RenderingContext.h:
- html/canvas/WebGL2RenderingContext.cpp:
(WebCore::WebGL2RenderingContext::create):
- html/canvas/WebGLRenderingContext.h:
- html/canvas/WebGLRenderingContext.cpp:
(WebCore::WebGLRenderingContext::create):
- html/canvas/WebGLRenderingContextBase.h:
- html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::create):
- html/canvas/WebGPURenderingContext.cpp:
(WebCore::WebGPURenderingContext::create):
Instead of adding didCreateCanvasRenderingContext calls at the construction sites of each
context, we can make the constructors private and force the usage of staticcreatefunctions.
This way, we have access to the fully constructed object and have a guaranteed path for creation.
- html/CanvasBase.h:
- html/CanvasBase.cpp:
(WebCore::CanvasBase::~CanvasBase):
(WebCore::CanvasBase::renderingContext const):
(WebCore::CanvasBase::addObserver):
(WebCore::CanvasBase::removeObserver):
(WebCore::CanvasBase::notifyObserversCanvasChanged):
(WebCore::CanvasBase::notifyObserversCanvasResized):
(WebCore::CanvasBase::notifyObserversCanvasDestroyed):
(WebCore::CanvasBase::cssCanvasClients const):
- Modules/mediastream/CanvasCaptureMediaStreamTrack.h:
- Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
(WebCore::CanvasCaptureMediaStreamTrack::Source::canvasDestroyed):
(WebCore::CanvasCaptureMediaStreamTrack::Source::canvasResized):
(WebCore::CanvasCaptureMediaStreamTrack::Source::canvasChanged):
- css/CSSCanvasValue.h:
Move the CanvasObserver class to CanvasBase so that it can also be used for OffscreenCanvas.
- inspector/InspectorInstrumentation.h:
(WebCore::InspectorInstrumentation::didChangeCSSCanvasClientNodes):
(WebCore::InspectorInstrumentation::didCreateCanvasRenderingContext):
(WebCore::InspectorInstrumentation::didChangeCanvasMemory):
(WebCore::InspectorInstrumentation::recordCanvasAction):
(WebCore::InspectorInstrumentation::didFinishRecordingCanvasFrame):
(WebCore::InspectorInstrumentation::didEnableExtension):
(WebCore::InspectorInstrumentation::didCreateProgram):
(WebCore::InspectorInstrumentation::willDeleteProgram):
(WebCore::InspectorInstrumentation::isShaderProgramDisabled):
(WebCore::InspectorInstrumentation::consoleStartRecordingCanvas):
(WebCore::InspectorInstrumentation::didCreateCSSCanvas): Deleted.
- inspector/InspectorInstrumentation.cpp:
(WebCore::InspectorInstrumentation::consoleStartRecordingCanvasImpl):
(WebCore::InspectorInstrumentation::didChangeCSSCanvasClientNodesImpl):
(WebCore::InspectorInstrumentation::didCreateCanvasRenderingContextImpl):
(WebCore::InspectorInstrumentation::didChangeCanvasMemoryImpl):
(WebCore::InspectorInstrumentation::didFinishRecordingCanvasFrameImpl):
(WebCore::InspectorInstrumentation::didEnableExtensionImpl):
(WebCore::InspectorInstrumentation::didCreateProgramImpl):
(WebCore::InspectorInstrumentation::didCreateCSSCanvasImpl): Deleted.
- inspector/agents/InspectorCanvasAgent.h:
- inspector/agents/InspectorCanvasAgent.cpp:
(WebCore::InspectorCanvasAgent::enable):
(WebCore::InspectorCanvasAgent::requestNode):
(WebCore::InspectorCanvasAgent::requestContent):
(WebCore::InspectorCanvasAgent::requestCSSCanvasClientNodes):
(WebCore::contextAsScriptValue):
(WebCore::InspectorCanvasAgent::resolveCanvasContext):
(WebCore::InspectorCanvasAgent::startRecording):
(WebCore::InspectorCanvasAgent::stopRecording):
(WebCore::InspectorCanvasAgent::updateShader):
(WebCore::InspectorCanvasAgent::frameNavigated):
(WebCore::InspectorCanvasAgent::didChangeCSSCanvasClientNodes):
(WebCore::InspectorCanvasAgent::didCreateCanvasRenderingContext):
(WebCore::InspectorCanvasAgent::didChangeCanvasMemory):
(WebCore::InspectorCanvasAgent::recordCanvasAction):
(WebCore::InspectorCanvasAgent::canvasDestroyed):
(WebCore::InspectorCanvasAgent::didFinishRecordingCanvasFrame):
(WebCore::InspectorCanvasAgent::consoleStartRecordingCanvas):
(WebCore::InspectorCanvasAgent::didEnableExtension):
(WebCore::InspectorCanvasAgent::didCreateProgram):
(WebCore::InspectorCanvasAgent::canvasRecordingTimerFired):
(WebCore::InspectorCanvasAgent::clearCanvasData):
(WebCore::InspectorCanvasAgent::unbindCanvas):
(WebCore::InspectorCanvasAgent::findInspectorCanvas):
(WebCore::InspectorCanvasAgent::unbindProgram):
(WebCore::InspectorCanvasAgent::didCreateCSSCanvas): Deleted.
- inspector/InspectorCanvas.h:
- inspector/InspectorCanvas.cpp:
(WebCore::InspectorCanvas::create):
(WebCore::InspectorCanvas::InspectorCanvas):
(WebCore::InspectorCanvas::canvasElement):
(WebCore::InspectorCanvas::resetRecordingData):
(WebCore::InspectorCanvas::recordAction):
(WebCore::InspectorCanvas::buildObjectForCanvas):
(WebCore::InspectorCanvas::getCanvasContentAsDataURL):
(WebCore::InspectorCanvas::buildInitialState):
(WebCore::InspectorCanvas::~InspectorCanvas): Deleted.
- inspector/InspectorShaderProgram.h:
- inspector/InspectorShaderProgram.cpp:
(WebCore::InspectorShaderProgram::context const):
- page/PageConsoleClient.cpp:
(WebCore::PageConsoleClient::record):
(WebCore::PageConsoleClient::recordEnd):
- dom/Document.h:
- dom/Document.cpp:
(WebCore::Document::getCSSCanvasElement):
(WebCore::Document::nameForCSSCanvasElement const):
We have no reason to save the CSS canvas name for each InspectorCanvas object, so instead we
can just query for the name based on the CanvasRenderingContext's HTMLCanvasElement (assuming
it is not an OffscreenCanvas) when we need it.
Source/WebInspectorUI:
- UserInterface/Models/Canvas.js:
(WI.Canvas.fromPayload):
(WI.Canvas.prototype.get contextType):
(WI.Canvas.prototype.saveIdentityToCookie):
(WI.Canvas.prototype.get frame): Deleted.
- 10:34 PM Changeset in webkit [226438] by
-
- 2 edits in trunk/Source/WebKit
Unreviewed GTK+ build fix.
- UIProcess/API/glib/WebKitUserMediaPermissionRequest.cpp:
(webkit_user_media_permission_is_for_audio_device):
Call UserMediaPermissionRequestProxy::requiresAudioCapture().
(webkit_user_media_permission_is_for_video_device):
Call UserMediaPermissionRequestProxy::requiresVideoCapture().
- 9:39 PM Changeset in webkit [226437] by
-
- 5 edits in trunk/Source/JavaScriptCore
Unreviewed, rolling out r226405.
https://bugs.webkit.org/show_bug.cgi?id=181318
Speculative rollout due to Octane/SplayLatency,Octane/Splay
regressions (Requested by yusukesuzuki on #webkit).
Reverted changeset:
"[JSC] Create parallel SlotVisitors apriori"
https://bugs.webkit.org/show_bug.cgi?id=180907
https://trac.webkit.org/changeset/226405
- 9:12 PM Changeset in webkit [226436] by
-
- 10 edits in trunk/Source/JavaScriptCore
Do value profiling in to_this
https://bugs.webkit.org/show_bug.cgi?id=181299
Reviewed by Filip Pizlo.
This patch adds value profiling to to_this. We use the result of the value
profiling only for strict mode code when we don't predict that the input is
of a specific type. This helps when the input is SpecCellOther. Such cells
might implement a custom ToThis, which can produce an arbitrary result. Before
this patch, in prediction propagation, we were saying that a ToThis with a
SpecCellOther input also produced SpecCellOther. However, this is incorrect,
given that the input may implement ToThis that produces an arbitrary result.
This is seen inside Speedometer. This patch fixes an OSR exit loop in Speedometer.
Interestingly, this patch only does value profiling on the slow path. The fast
path of to_this in the LLInt/baseline just perform a structure check. If it
passes, the result is the same as the input. Therefore, doing value profiling
from the fast path wouldn't actually produce new information for the ValueProfile.
- bytecode/BytecodeDumper.cpp:
(JSC::BytecodeDumper<Block>::dumpBytecode):
- bytecode/BytecodeList.json:
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finishCreation):
- bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitToThis):
- bytecompiler/BytecodeGenerator.h:
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
- dfg/DFGNode.h:
(JSC::DFG::Node::hasHeapPrediction):
- dfg/DFGPredictionPropagationPhase.cpp:
- runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
- 8:34 PM Changeset in webkit [226435] by
-
- 6 edits7 adds in trunk
REGRESSION (r225709): Web Inspector: CSS Source maps not loading
https://bugs.webkit.org/show_bug.cgi?id=181314
<rdar://problem/36177620>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-04
Reviewed by Brian Burg.
Source/WebInspectorUI:
- UserInterface/Controllers/SourceMapManager.js:
(WI.SourceMapManager.prototype._loadAndParseSourceMap):
- UserInterface/Models/SourceMapResource.js:
(WI.SourceMapResource.prototype.requestContentFromBackend):
Correct this so that we only fall back to a reasonable frame id
if we couldn't determine a frame id from earlier. Previously this
was incorrectly clearing the frame id if we had gotten it earlier.
- UserInterface/Test.html:
- UserInterface/Test/Test.js:
(WI.loaded):
Add SourceMap related files for tests.
LayoutTests:
- http/tests/inspector/network/resources/script-with-sourcemap.js: Added.
- http/tests/inspector/network/resources/script-with-sourcemap.js.map: Added.
- http/tests/inspector/network/resources/stylesheet-with-sourcemap.css: Added.
- http/tests/inspector/network/resources/stylesheet-with-sourcemap.css.map: Added.
- http/tests/inspector/network/resources/stylesheet-with-sourcemap.scss: Added.
Add a real script minified with a source map.
Add a real scss stylesheet compiled to css with a source map.
- http/tests/inspector/network/source-map-loads-expected.txt: Added.
- http/tests/inspector/network/source-map-loads.html: Added.
Test that we load source maps for resources with sourceMappingURL directives.
- 8:15 PM Changeset in webkit [226434] by
-
- 19 edits in trunk/Source/JavaScriptCore
[DFG] Unify ToNumber implementation in 32bit and 64bit by changing 32bit Int32Tag and LowestTag
https://bugs.webkit.org/show_bug.cgi?id=181134
Reviewed by Mark Lam.
We would like to unify DFG ToNumber implementation in 32bit and 64bit. One problem is that
branchIfNumber signature is different between 32bit and 64bit. 32bit implementation requires
an additional scratch register. We do not want to allocate an unnecessary register in 64bit
implementation.
This patch removes the additional register in branchIfNumber/branchIfNotNumber in both 32bit
and 64bit implementation. To achieve this goal, we change Int32Tag and LowestTag order. By
setting Int32Tag as LowestTag, we can query whether the given tag is a number by checking
<= LowestTag(Int32Tag).
We also change the order of UndefinedTag, NullTag, and BooleanTag to keep
(UndefinedTag | 1) == NullTag.
We also clean up speculateMisc implementation by adding branchIfMisc/branchIfNotMisc.
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileValueToInt32):
(JSC::DFG::SpeculativeJIT::compileDoubleRep):
(JSC::DFG::SpeculativeJIT::speculateNumber):
(JSC::DFG::SpeculativeJIT::speculateMisc):
(JSC::DFG::SpeculativeJIT::compileNormalizeMapKey):
(JSC::DFG::SpeculativeJIT::compileToNumber):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNullOrUndefined):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNullOrUndefined):
(JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
(JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::branchIfNotType):
(JSC::AssemblyHelpers::jitAssertIsJSNumber):
(JSC::AssemblyHelpers::emitConvertValueToBoolean):
- jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::branchIfMisc):
(JSC::AssemblyHelpers::branchIfNotMisc):
(JSC::AssemblyHelpers::branchIfNumber):
(JSC::AssemblyHelpers::branchIfNotNumber):
(JSC::AssemblyHelpers::branchIfNotDoubleKnownNotInt32):
(JSC::AssemblyHelpers::emitTypeOf):
- jit/JITAddGenerator.cpp:
(JSC::JITAddGenerator::generateFastPath):
- jit/JITArithmetic32_64.cpp:
(JSC::JIT::emitBinaryDoubleOp):
- jit/JITDivGenerator.cpp:
(JSC::JITDivGenerator::loadOperand):
- jit/JITMulGenerator.cpp:
(JSC::JITMulGenerator::generateInline):
(JSC::JITMulGenerator::generateFastPath):
- jit/JITNegGenerator.cpp:
(JSC::JITNegGenerator::generateInline):
(JSC::JITNegGenerator::generateFastPath):
- jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_is_number):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_to_number):
(JSC::JIT::emit_op_profile_type):
- jit/JITRightShiftGenerator.cpp:
(JSC::JITRightShiftGenerator::generateFastPath):
- jit/JITSubGenerator.cpp:
(JSC::JITSubGenerator::generateInline):
(JSC::JITSubGenerator::generateFastPath):
- llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
- llint/LowLevelInterpreter.asm:
- llint/LowLevelInterpreter32_64.asm:
- runtime/JSCJSValue.h:
- 6:17 PM Changeset in webkit [226433] by
-
- 2 edits in trunk/Source/WebKit
[Curl] Fix compilation error in WebFrameNetworkingContext
https://bugs.webkit.org/show_bug.cgi?id=181312
Reviewed by Alex Christensen.
- WebProcess/WebCoreSupport/curl/WebFrameNetworkingContext.cpp:
(WebKit::WebFrameNetworkingContext::ensureWebsiteDataStoreSession):
- 4:32 PM Changeset in webkit [226432] by
-
- 42 edits in trunk
AX: Implement updated CSS3 Speech for 'speak' and 'speak-as' properties
https://bugs.webkit.org/show_bug.cgi?id=180361
Reviewed by Zalan Bujtas.
Source/WebCore:
Change speak -> speakAs, and allow a combination of properties.
Tests: Updated accessibility/mac/css-speech-speak.html
- accessibility/AccessibilityObject.h:
(WebCore::AccessibilityObject::speakAsProperty const):
(WebCore::AccessibilityObject::speakProperty const): Deleted.
- accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::speakAsProperty const):
(WebCore::AccessibilityRenderObject::speakProperty const): Deleted.
- accessibility/AccessibilityRenderObject.h:
- accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper accessibilitySpeechHint]):
- accessibility/mac/WebAccessibilityObjectWrapperBase.h:
- accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
(-[WebAccessibilityObjectWrapperBase baseAccessibilitySpeechHint]):
- accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
- css/CSSComputedStyleDeclaration.cpp:
(WebCore::speakAsToCSSValue):
(WebCore::ComputedStyleExtractor::propertyValue):
- css/CSSPrimitiveValueMappings.h:
(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::operator ESpeakAs const):
(WebCore::CSSPrimitiveValue::operator ESpeak const): Deleted.
- css/CSSProperties.json:
- css/StyleBuilderConverter.h:
(WebCore::StyleBuilderConverter::convertSpeakAs):
- css/parser/CSSParserFastPaths.cpp:
(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
(WebCore::CSSParserFastPaths::isKeywordPropertyID):
- css/parser/CSSPropertyParser.cpp:
(WebCore::consumeSpeakAs):
(WebCore::CSSPropertyParser::parseSingleValue):
- rendering/style/RenderStyle.h:
(WebCore::RenderStyle::speakAs const):
(WebCore::RenderStyle::setSpeakAs):
(WebCore::RenderStyle::initialSpeakAs):
(WebCore::RenderStyle::speak const): Deleted.
(WebCore::RenderStyle::setSpeak): Deleted.
(WebCore::RenderStyle::initialSpeak): Deleted.
- rendering/style/RenderStyleConstants.h:
(WebCore::operator| ):
(WebCore::operator|= ):
- rendering/style/StyleRareInheritedData.cpp:
(WebCore::StyleRareInheritedData::StyleRareInheritedData):
(WebCore::StyleRareInheritedData::operator== const):
- rendering/style/StyleRareInheritedData.h:
Tools:
- DumpRenderTree/AccessibilityUIElement.cpp:
(speakAsCallback):
(AccessibilityUIElement::speakAs):
(AccessibilityUIElement::getJSClass):
(speakCallback): Deleted.
(AccessibilityUIElement::speak): Deleted.
- DumpRenderTree/AccessibilityUIElement.h:
- DumpRenderTree/ios/AccessibilityUIElementIOS.mm:
(AccessibilityUIElement::speakAs):
- DumpRenderTree/mac/AccessibilityUIElementMac.mm:
(AccessibilityUIElement::speakAs):
(AccessibilityUIElement::speak): Deleted.
- WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
- WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
- WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:
(WTR::AccessibilityUIElement::speakAs):
(WTR::AccessibilityUIElement::speak): Deleted.
- WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:
(WTR::AccessibilityUIElement::speakAs):
(WTR::AccessibilityUIElement::speak): Deleted.
LayoutTests:
- accessibility/mac/css-speech-speak-expected.txt:
- accessibility/mac/css-speech-speak.html:
- fast/css/getComputedStyle/computed-style-expected.txt:
- fast/css/getComputedStyle/computed-style-without-renderer-expected.txt:
- platform/ios/fast/css/getComputedStyle/computed-style-expected.txt:
- platform/ios/fast/css/getComputedStyle/computed-style-without-renderer-expected.txt:
- platform/mac-sierra/fast/css/getComputedStyle/computed-style-expected.txt:
- platform/mac-sierra/fast/css/getComputedStyle/computed-style-without-renderer-expected.txt:
- platform/mac-sierra/svg/css/getComputedStyle-basic-expected.txt:
- platform/mac/fast/css/getComputedStyle/computed-style-expected.txt:
- platform/mac/fast/css/getComputedStyle/computed-style-without-renderer-expected.txt:
- platform/mac/svg/css/getComputedStyle-basic-expected.txt:
- svg/css/getComputedStyle-basic-expected.txt:
- 4:18 PM Changeset in webkit [226431] by
-
- 2 edits in tags/Safari-605.1.19/Source/WebCore
Cherry-pick r226418. rdar://problem/36302506
- 4:18 PM Changeset in webkit [226430] by
-
- 12 edits4 deletes in tags/Safari-605.1.19
Cherry-pick r226409. rdar://problem/36290463
- 4:18 PM Changeset in webkit [226429] by
-
- 19 edits in tags/Safari-605.1.19
Cherry-pick r226389. rdar://problem/36289544
- 4:17 PM Changeset in webkit [226428] by
-
- 3 edits in trunk/Source/JavaScriptCore
Add assembler support for x86 lfence and sfence
https://bugs.webkit.org/show_bug.cgi?id=181311
<rdar://problem/36301780>
Reviewed by Michael Saboff.
Useful for testing performance of serializing instructions (hint:
it's not good).
- assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::lfence):
(JSC::MacroAssemblerX86Common::sfence):
- assembler/X86Assembler.h:
(JSC::X86Assembler::lfence):
(JSC::X86Assembler::sfence):
- 4:16 PM Changeset in webkit [226427] by
-
- 2 edits in trunk/Tools
REGRESSION (r226395): test-webkitperl test expectations incorrect
https://bugs.webkit.org/show_bug.cgi?id=181307
<rdar://problem/36306558>
Rubber-stamped by Aakash Jain.
r226395 added two lines towards the beginning of
Scripts/webkitperl/prepare-ChangeLog_unittest/resources/perl_unittests.pl, the line
numbers in the test expectations need to update.
- Scripts/webkitperl/prepare-ChangeLog_unittest/resources/perl_unittests-expected.txt:
- 4:01 PM Changeset in webkit [226426] by
-
- 2 edits in trunk/Source/JavaScriptCore
Add a new pattern matching rule to Graph::methodOfGettingAValueProfileFor for SetLocal(@nodeWithHeapPrediction)
https://bugs.webkit.org/show_bug.cgi?id=181296
Reviewed by Filip Pizlo.
Inside Speedometer's Ember test, there is a recompile loop like:
a: GetByVal(..., semanticOriginX)
b: SetLocal(Cell:@a, semanticOriginX)
where the cell check always fails. For reasons I didn't investigate, the
baseline JIT's value profiling doesn't accurately capture the GetByVal's
result.
However, when compiling this cell speculation check in the DFG, we get a null
MethodOfGettingAValueProfile inside Graph::methodOfGettingAValueProfileFor for
this IR pattern because both @a and @b have the same semantic origin. We
should not follow the same semantic origin heuristic when dealing with
SetLocal since SetLocal(@nodeWithHeapPrediction) is such a common IR pattern.
For patterns like this, we introduce a new heuristic: @NodeThatDoesNotProduceAValue(@nodeWithHeapPrediction).
For this IR pattern, we will update the value profile for the semantic origin
for @nodeWithHeapPrediction. So, for the Speedometer example above, we
will correctly update the GetByVal's value profile, which will prevent
an OSR exit loop.
- dfg/DFGGraph.cpp:
(JSC::DFG::Graph::methodOfGettingAValueProfileFor):
- 4:00 PM Changeset in webkit [226425] by
-
- 16 edits2 adds in trunk
Web Inspector: Capture Element Screenshot looks fuzzy
https://bugs.webkit.org/show_bug.cgi?id=175734
<rdar://problem/33803377>
Reviewed by Joseph Pecoraro and Simon Fraser.
Source/WebCore:
Screenshots taken by Web Inspector were being downscaled from the
internal size to the logical size, causing them to be blurry when
later upscaled to the internal size.
Replace ScaleBehavior { Scaled, Unscaled } with PreserveResolution { No, Yes }.
This is a lot less confusing to read both inside ImageBuffer and at its use sites.
Remove unused CoordinateSystem argument for ImageBuffer::toDataURL,
and replace it with PreserveResolution. Plumb PreserveResolution into toCFData
so that PreserveResolution::Yes will preserve the internal size of
the image buffer, just as it does in other methods that take PreserveResolution.
At the use site in InspectorPageAgent, always request PreserveResolution::Yes snapshots
when taking an element screenshot. For now, keep using downscaled (smaller)
snapshots when capturing canvas previews, as the previews are not full-size.
Test: inspector/page/hidpi-snapshot-size.html
- html/HTMLCanvasElement.cpp:
(WebCore::HTMLCanvasElement::makePresentationCopy):
(WebCore::HTMLCanvasElement::copiedImage const):
- html/canvas/CanvasRenderingContext2DBase.cpp:
(WebCore::CanvasRenderingContext2DBase::createPattern):
- inspector/agents/InspectorPageAgent.cpp:
(WebCore::InspectorPageAgent::snapshotNode):
(WebCore::InspectorPageAgent::snapshotRect):
- page/TextIndicator.cpp:
(WebCore::takeSnapshot):
- platform/DragImage.cpp:
(WebCore::createDragImageFromSnapshot):
- platform/graphics/BitmapImage.cpp:
(WebCore::BitmapImage::drawPattern):
- platform/graphics/ImageBuffer.h:
- platform/graphics/cairo/ImageBufferCairo.cpp:
(WebCore::ImageBuffer::sinkIntoImage):
(WebCore::ImageBuffer::copyImage const):
(WebCore::ImageBuffer::toDataURL const):
- platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::createBitmapImageAfterScalingIfNeeded):
(WebCore::ImageBuffer::copyImage const):
(WebCore::ImageBuffer::sinkIntoImage):
(WebCore::ImageBuffer::toDataURL const):
(WebCore::ImageBuffer::toData const):
(WebCore::ImageBuffer::toCFData const):
- platform/graphics/gtk/ImageBufferGtk.cpp:
(WebCore::ImageBuffer::toDataURL const):
- platform/graphics/win/ImageBufferDirect2D.cpp:
(WebCore::ImageBuffer::copyImage const):
(WebCore::ImageBuffer::sinkIntoImage):
(WebCore::ImageBuffer::toDataURL const):
- svg/graphics/SVGImage.cpp:
(WebCore::SVGImage::drawPatternForContainer):
Source/WebInspectorUI:
Spruce up these functions a bit. They now optionally return a promise
if no callback is supplied. They now can take either a WI.DOMNode or a node id.
- UserInterface/Controllers/DOMTreeManager.js:
(WI.DOMTreeManager.prototype.querySelector):
(WI.DOMTreeManager.prototype.querySelectorAll):
LayoutTests:
- inspector/page/hidpi-snapshot-size-expected.txt: Added.
- inspector/page/hidpi-snapshot-size.html: Added.
- 2:54 PM Changeset in webkit [226424] by
-
- 12 edits in trunk
WKWebView loses minimum layout size overrides that happen while the process is terminated
https://bugs.webkit.org/show_bug.cgi?id=181306
<rdar://problem/34398288>
Reviewed by Dan Bernstein.
Source/WebKit:
- Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):
- Shared/WebPageCreationParameters.h:
- UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _didRelaunchProcess]): Deleted.
- UIProcess/API/Cocoa/WKWebViewPrivate.h:
- UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::creationParameters):
- UIProcess/WebPageProxy.h:
- UIProcess/ios/PageClientImplIOS.mm:
(WebKit::PageClientImpl::didRelaunchProcess):
- UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::setViewportConfigurationMinimumLayoutSize):
(WebKit::WebPageProxy::setForceAlwaysUserScalable):
(WebKit::WebPageProxy::setMaximumUnobscuredSize):
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::WebPage):
Pass the current viewport minimum layout size and maximum unobscured size
in the WebPageCreationParameters instead of re-sending them in _didRelaunchProcess.
The previous approach was problematic when _dispatchSetMinimumLayoutSize:
was changed to not re-send identical updates, because if the client calls
_overrideLayoutParametersWithMinimumLayoutSize before the Web Content process
is re-launched (after terminating), we would cache the size, attempt to send it,
fail silently (because the process is not launched), and then in _didRelaunchProcess
we would choose not to re-send (after the process is successfully relaunched)
because we think we already sent the new value.
Add isValid() checks to our message sends. Ideally send() would assert
if the process is not alive to avoid problems like this, but it doesn't (yet).
Get rid of WKWebView's _didRelaunchProcess, because it does nothing now.
Tools:
- TestWebKitAPI/Tests/WebKitCocoa/AnimatedResize.mm:
(TEST):
Add a test that calling _overrideLayoutParametersWithMinimumLayoutSize
while the process is terminated results in the page getting the correct
minimum layout size.
- 2:33 PM Changeset in webkit [226423] by
-
- 3 edits in trunk/Source/WebKit
NetworkProcess cache files use functions from unistd.h without explicitly including it
https://bugs.webkit.org/show_bug.cgi?id=181261
Patch by Stephan Szabo <stephan.szabo@sony.com> on 2018-01-04
Reviewed by Alex Christensen.
- NetworkProcess/cache/NetworkCacheBlobStorage.cpp:
- NetworkProcess/cache/NetworkCacheData.cpp:
- 1:53 PM Changeset in webkit [226422] by
-
- 3 edits in tags/Safari-605.1.19/Source/JavaScriptCore
Cherry-pick r226416. rdar://problem/36275933
- 1:53 PM Changeset in webkit [226421] by
-
- 2 edits in tags/Safari-605.1.19/Source/WebCore/PAL
Cherry-pick r226388. rdar://problem/36273774
- 1:53 PM Changeset in webkit [226420] by
-
- 2 edits in tags/Safari-605.1.19/Source/JavaScriptCore
Cherry-pick r226367. rdar://problem/36166729
- 1:47 PM Changeset in webkit [226419] by
-
- 2 edits in trunk/Source/WebKit
Add commas
https://bugs.webkit.org/show_bug.cgi?id=181295
<rdar://problem/35802295>
Reviewed by Brent Fulgham.
Fix a problem introduced in r226226 where the emitted JSON didn't
include some required commas.
- NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::logCookieInformation const):
- 1:31 PM Changeset in webkit [226418] by
-
- 2 edits in trunk/Source/WebCore
Storage Access API: Turn feature on by default in Settings.yaml
https://bugs.webkit.org/show_bug.cgi?id=181298
<rdar://problem/36302506>
Reviewed by Brent Fulgham.
No new tests. This is just a feature settings change.
- page/Settings.yaml:
- 1:29 PM Changeset in webkit [226417] by
-
- 3 edits2 adds in trunk
Web Inspector: add RemoteObject.fetchProperties and some basic tests for RemoteObject API
https://bugs.webkit.org/show_bug.cgi?id=180945
Reviewed by Joseph Pecoraro.
Source/WebInspectorUI:
Add a new method, fetchProperties, which async fetches an arbitrary list of properties
from a RemoteObject. This is intended for writing tests and other quick evaluations,
so it has some behaviors that are suitable in these situations:
- If the evaluation throws an exception, the result will reject with that exception.
- If there is a protocol error for some reason, the result will reject with an exception.
- Non-string and non-number keys cause an exception, as this is probably not intended.
- Does not accept a callback, returns a promise only. New code should use async.
For full fidelity introspection of property descriptors, clients should use the existing
getOwnPropertyDescriptor[s] class of methods.
- UserInterface/Protocol/RemoteObject.js:
(WI.RemoteObject.prototype.async.fetchProperties): Added.
- Validate specified keys and remove duplicates.
- Request properties one-by-one to avoid fetching all descriptors and dealing with previews.
- Unwrap returned primitive values to avoid unnecessary munging in tests.
(WI.RemoteObject.prototype.getProperty):
- Rework this to return a promise if no callback was supplied.
- Introduce stricter property type checking to avoid unintended mistakes.
(WI.RemoteObject.prototype.callFunction):
- Rework this to return a promise if no callback was supplied.
- Turn thrown exceptions and protocol errors into rejected promises.
LayoutTests:
Add new test coverage for existing RemoteObject.prototype.getProperty.
Add new test coverage for new method RemoteObject.prototype.fetchProperties.
I didn't add test coverage for callFunction, as I had to stop somewhere.
- inspector/model/remote-object-api-expected.txt: Added.
- inspector/model/remote-object-api.html: Added.
- 12:58 PM Changeset in webkit [226416] by
-
- 3 edits in trunk/Source/JavaScriptCore
Array Storage operations sometimes did not update the indexing mask correctly.
https://bugs.webkit.org/show_bug.cgi?id=181301
Reviewed by Mark Lam.
I will add tests in a follow up patch. See: https://bugs.webkit.org/show_bug.cgi?id=181303
- runtime/JSArray.cpp:
(JSC::JSArray::shiftCountWithArrayStorage):
- runtime/JSObject.cpp:
(JSC::JSObject::increaseVectorLength):
- 12:56 PM Changeset in webkit [226415] by
-
- 6 edits in trunk/Source/WebInspectorUI
Web Inspector: ⌘G / ⇧⌘G text search does not working after closing find banner
https://bugs.webkit.org/show_bug.cgi?id=181280
<rdar://problem/36291175>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-04
Reviewed by Matt Baker.
- UserInterface/Views/ContentBrowser.js:
(WI.ContentBrowser.prototype._findBannerDidHide):
When the find banner is hidden trigger a new ContentView method,
searchHidden instead of the destructive searchCleared. This allows
most content views (text editors, DOM tree, Network Headers view)
to keep their populated search results.
- UserInterface/Views/ContentView.js:
(WI.ContentView.prototype.searchHidden):
- UserInterface/Views/LogContentView.js:
(WI.LogContentView.prototype.searchHidden):
By default searchHidden does nothing. The Console's LogContentView
treats the find banner differently and clears its search results.
- UserInterface/Views/TextEditor.js:
(WI.TextEditor.prototype.searchCleared):
Modernize some code while working in this area.
- UserInterface/Views/Main.css:
(.bouncy-highlight):
Ensure black text on yellow background in the bouncy highlight. In the
DOM Tree it could have been white if the find banner was closed.
- 12:38 PM Changeset in webkit [226414] by
-
- 3 edits in trunk/LayoutTests
Web Inspector: add TestPage.debug() to inspect evaluations being sent to Inspector page
https://bugs.webkit.org/show_bug.cgi?id=181005
Rubber-stamped by Joseph Pecoraro.
When TestPage.debug() is called, dump out all code that is sent to be evaluated in
the inspector page. This is useful for debugging initialization and InspectorTest.awaitEvent.
- http/tests/inspector/resources/inspector-test.js:
(runTest):
(TestPage.debug):
(TestPage.evaluateInWebInspector):
(TestPage.dispatchEventToFrontend):
- http/tests/inspector/network/har/har-page-expected.txt:
Rebaseline, as this depends on the size of inspector-test.js. Removing this
fragile test expectation behavior is tracked by https://bugs.webkit.org/show_bug.cgi?id=181300.
- 12:14 PM Changeset in webkit [226413] by
-
- 3 edits2 adds in trunk
WebContent process crashes while loading https://www.classicspecs.com
https://bugs.webkit.org/show_bug.cgi?id=181290
<rdar://problem/36225906>
Reviewed by Simon Fraser.
Source/WebCore:
Floats can overhang multiple blocks (they are called intruding floats).
Each block keeps track of such intruding floats. When an overhanging float box is destroyed,
we need to deregister it from all those blocks. We do it by walking up the ancestor block chain
and check if the parent (grandparent etc) block still contains this float. Once we find the topmost block,
we start deregistering it by traversing back on the descendant blocks.
Normally we do it in RenderElement::takeChildInternal right before the box is getting detached.
However in certain cases (like when the float's parent happens to be an anonymous wrapper)
by the time we get to ::takeChildInternal the subtree is already detached and we can't access all the
ancestors.
This patch ensure that the floating box is still attached during de-registration.
Test: fast/block/float/crash-when-intruding-float-has-anonymous-parent-and-detach.html
- rendering/RenderObject.cpp:
(WebCore::RenderObject::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
LayoutTests:
- fast/block/float/crash-when-intruding-float-has-anonymous-parent-and-detach-expected.txt: Added.
- fast/block/float/crash-when-intruding-float-has-anonymous-parent-and-detach.html: Added.
- 12:12 PM Changeset in webkit [226412] by
-
- 33 edits3 copies5 adds in trunk
[MediaStream] Add Mock screen capture source
https://bugs.webkit.org/show_bug.cgi?id=181291
<rdar://problem/36298164>
Reviewed by Dean Jackson.
Source/WebCore:
Tests: http/tests/media/media-stream/get-display-media-prompt.html
GetDisplayMediaTest.BasicPrompt
GetDisplayMediaTest.Constraints
- Modules/mediastream/MediaDevices.cpp:
(WebCore::MediaDevices::MediaDevices): Add static_assert to ensure MediaDevices::DisplayCaptureSurfaceType
and RealtimeMediaSourceSettings::DisplaySurfaceType values are equivalent.
(WebCore::MediaDevices::getSupportedConstraints): Remove bogus code.
- Modules/mediastream/MediaDevices.h: Add DisplayCaptureSurfaceType.
- Modules/mediastream/MediaDevices.idl: Ditto.
- Modules/mediastream/MediaStreamTrack.cpp:
(WebCore::MediaStreamTrack::getSettings const): Add a FIXME.
- Modules/mediastream/MediaStreamTrack.h: Add displaySurface and logicalSurface.
- Modules/mediastream/MediaTrackSupportedConstraints.h: Remove displaySurface and logicalSurface.
- Modules/mediastream/MediaTrackSupportedConstraints.idl:
- SourcesCocoa.txt: Add DisplayCaptureManagerCocoa.cpp and DisplayCaptureSourceCocoa.cpp.
- WebCore.xcodeproj/project.pbxproj: Ditto.
- platform/mediastream/CaptureDevice.h:
(WebCore::CaptureDevice::encode const): Add.
(WebCore::CaptureDevice::decode):
- platform/mediastream/RealtimeMediaSourceCenter.cpp:
(WebCore::RealtimeMediaSourceCenter::getMediaStreamDevices): Include display capture "devices".
(WebCore::RealtimeMediaSourceCenter::validateRequestConstraints): Deal with display capture devices.
(WebCore::RealtimeMediaSourceCenter::captureDeviceWithPersistentID): Ditto.
- platform/mediastream/RealtimeMediaSourceCenter.h:
- platform/mediastream/RealtimeMediaSourceSettings.h:
(WebCore::RealtimeMediaSourceSettings::displaySurface const): Return a DisplaySurfaceType.
(WebCore::RealtimeMediaSourceSettings::setDisplaySurface): Take a DisplaySurfaceType.
- platform/mediastream/mac/DisplayCaptureManagerCocoa.cpp:
(WebCore::DisplayCaptureManagerCocoa::singleton):
(WebCore::DisplayCaptureManagerCocoa::~DisplayCaptureManagerCocoa):
(WebCore::DisplayCaptureManagerCocoa::captureDevices):
(WebCore::DisplayCaptureManagerCocoa::screenCaptureDeviceWithPersistentID):
(WebCore::DisplayCaptureManagerCocoa::captureDeviceWithPersistentID):
- platform/mediastream/mac/DisplayCaptureManagerCocoa.h:
- platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp: Added.
(WebCore::DisplayCaptureSourceCocoa::DisplayCaptureSourceCocoa):
(WebCore::DisplayCaptureSourceCocoa::~DisplayCaptureSourceCocoa):
(WebCore::DisplayCaptureSourceCocoa::capabilities const):
(WebCore::DisplayCaptureSourceCocoa::settings const):
(WebCore::DisplayCaptureSourceCocoa::settingsDidChange):
(WebCore::DisplayCaptureSourceCocoa::startProducingData):
(WebCore::DisplayCaptureSourceCocoa::stopProducingData):
(WebCore::DisplayCaptureSourceCocoa::elapsedTime):
(WebCore::DisplayCaptureSourceCocoa::applyFrameRate):
(WebCore::DisplayCaptureSourceCocoa::emitFrame):
- platform/mediastream/mac/DisplayCaptureSourceCocoa.h:
- platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
(WebCore::RealtimeMediaSourceCenterMac::displayCaptureDeviceManager): New.
- platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
- platform/mock/MockRealtimeMediaSource.cpp:
(WebCore::deviceMap): Add screen capture "devices".
(WebCore::MockRealtimeMediaSource::displayDevices): New.
- platform/mock/MockRealtimeMediaSource.h:
- platform/mock/MockRealtimeMediaSourceCenter.cpp: Clean up includes.
- platform/mock/MockRealtimeMediaSourceCenter.h:
- platform/mock/MockRealtimeVideoSource.cpp:
(WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource): Mock two screen devices.
(WebCore::MockRealtimeVideoSource::updateSettings): Deal with mock screens.
(WebCore::MockRealtimeVideoSource::initializeCapabilities): Ditto.
(WebCore::MockRealtimeVideoSource::initializeSupportedConstraints): Ditto.
(WebCore::MockRealtimeVideoSource::drawText): Ditto.
(WebCore::MockRealtimeVideoSource::generateFrame): Ditto.
- platform/mock/MockRealtimeVideoSource.h:
(WebCore::MockRealtimeVideoSource::mockCamera const):
(WebCore::MockRealtimeVideoSource::mockScreen const):
Source/WebKit:
- Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<MediaConstraints>::decode):
(IPC::ArgumentCoder<CaptureDevice>::encode): Deleted, moved to CaptureDevice.h
(IPC::ArgumentCoder<CaptureDevice>::decode): Ditto.
- Shared/WebCoreArgumentCoders.h:
- UIProcess/API/Cocoa/WKWebViewPrivate.h: Add _WKCaptureDeviceDisplay.
- UIProcess/Cocoa/UIDelegate.mm:
(WebKit::requestUserMediaAuthorizationForDevices): Deal with display capture.
(WebKit::UIDelegate::UIClient::decidePolicyForUserMediaPermissionRequest): Ditto.
- UIProcess/UserMediaPermissionRequestManagerProxy.cpp:
(WebKit::UserMediaPermissionRequestManagerProxy::userMediaAccessWasDenied): requiresAudio -> requiresAudioCapture.
(WebKit::UserMediaPermissionRequestManagerProxy::searchForGrantedRequest const): Never reuse
a previously granted display capture request.
- UIProcess/UserMediaPermissionRequestProxy.cpp:
(WebKit::UserMediaPermissionRequestProxy::allow): Search the eligible devices instead of asking
the source center to find devices.
- UIProcess/UserMediaPermissionRequestProxy.h:
(WebKit::UserMediaPermissionRequestProxy::requiresAudioCapture const): Renamed.
(WebKit::UserMediaPermissionRequestProxy::requiresVideoCapture const): Ditto.
(WebKit::UserMediaPermissionRequestProxy::requiresDisplayCapture const): New.
(WebKit::UserMediaPermissionRequestProxy::requiresAudio const): Deleted.
(WebKit::UserMediaPermissionRequestProxy::requiresVideo const): Deleted.
Tools:
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: Add new test.
- TestWebKitAPI/Tests/WebKitCocoa/GetDisplayMedia.mm:
- TestWebKitAPI/Tests/WebKit/getDisplayMedia.html:
LayoutTests:
- http/tests/media/media-stream/get-display-media-prompt-expected.txt: Added.
- http/tests/media/media-stream/get-display-media-prompt.html: Added.
- 10:58 AM Changeset in webkit [226411] by
-
- 2 edits in trunk/Tools
<rdar://problem/36300930> Change proxy server setting on master config to reach s3 servers
- 10:49 AM Changeset in webkit [226410] by
-
- 6 edits in trunk
FetchResponse should set its internal response text encoding name
https://bugs.webkit.org/show_bug.cgi?id=181284
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-04
Reviewed by Alex Christensen.
LayoutTests/imported/w3c:
- web-platform-tests/service-workers/service-worker/fetch-event.https-expected.txt:
Source/WebCore:
Covered by rebased test.
- Modules/fetch/FetchResponse.cpp:
(WebCore::FetchResponse::create): Set response text encoding based on content type charset.
Source/WebKit:
- WebProcess/Storage/ServiceWorkerClientFetch.cpp:
(WebKit::ServiceWorkerClientFetch::didReceiveResponse): Set default encoding to UTF-8.
- 9:56 AM Changeset in webkit [226409] by
-
- 12 edits4 deletes in trunk
Storage Access API: Remove JavaScript confirm() prompt from Document::requestStorageAccess()
https://bugs.webkit.org/show_bug.cgi?id=181276
<rdar://problem/36290463>
Reviewed by Alex Christensen.
Source/WebCore:
No new tests. Existing test expectations updated.
- dom/Document.cpp:
(WebCore::Document::requestStorageAccess):
LayoutTests:
Two test cases are deleted since the user has no way
to deny access through a prompt anymore. The rest
are updated to not expect a "CONFIRM:..." text output.
- http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt: Removed.
- http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html: Removed.
- http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt: Removed.
- http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html: Removed.
- http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access-expected.txt:
- http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt:
- http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-expected.txt:
- http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt:
- http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt:
- http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt:
- http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-recent-user-interaction-expected.txt:
- http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-without-user-interaction-expected.txt:
- platform/mac-wk2/TestExpectations:
Removed entries for the deleted test cases.
- 7:57 AM Changeset in webkit [226408] by
-
- 13 edits3 adds in trunk
[DFG] Define defs for MapSet/SetAdd to participate in CSE
https://bugs.webkit.org/show_bug.cgi?id=179911
Reviewed by Saam Barati.
JSTests:
In addition to these tests, map-set-cse.js and set-add-cse.js work.
- stress/map-set-change-get.js: Added.
(shouldBe):
(test):
- stress/map-set-create-bucket.js: Added.
(shouldBe):
(test):
- stress/set-add-create-bucket.js: Added.
(shouldBe):
Source/JavaScriptCore:
With this patch, our MapSet and SetAdd DFG nodes participate in CSE.
To handle a bit tricky DFG Map operation nodes, MapSet and SetAdd
produce added bucket as its result. Subsequent GetMapBucket will
be removed by CSE.
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGNodeType.h:
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGPredictionPropagationPhase.cpp:
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileSetAdd):
(JSC::DFG::SpeculativeJIT::compileMapSet):
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileSetAdd):
(JSC::FTL::DFG::LowerDFGToB3::compileMapSet):
- jit/JITOperations.h:
- runtime/HashMapImpl.h:
(JSC::HashMapImpl::addNormalized):
(JSC::HashMapImpl::addNormalizedInternal):
- 7:54 AM Changeset in webkit [226407] by
-
- 6 edits4 deletes in trunk/Source/JavaScriptCore
[JSC] Remove LocalScope
https://bugs.webkit.org/show_bug.cgi?id=181206
Reviewed by Geoffrey Garen.
The last user of HandleStack and LocalScope is JSON. But MarkedArgumentBuffer is enough for their use.
This patch changes JSON parsing and stringifying to using MarkedArgumentBuffer. And remove HandleStack
and LocalScope.
We make Stringifier and Walker WTF_FORBID_HEAP_ALLOCATION to place them on the stack. So they can hold
JSObject* directly in their fields.
- JavaScriptCore.xcodeproj/project.pbxproj:
- Sources.txt:
- heap/HandleStack.cpp: Removed.
- heap/HandleStack.h: Removed.
- heap/Heap.cpp:
(JSC::Heap::addCoreConstraints):
- heap/Heap.h:
(JSC::Heap::handleSet):
(JSC::Heap::handleStack): Deleted.
- heap/Local.h: Removed.
- heap/LocalScope.h: Removed.
- runtime/JSONObject.cpp:
(JSC::Stringifier::Holder::object const):
(JSC::gap):
(JSC::Stringifier::Stringifier):
(JSC::Stringifier::stringify):
(JSC::Stringifier::appendStringifiedValue):
(JSC::Stringifier::Holder::Holder):
(JSC::Stringifier::Holder::appendNextProperty):
(JSC::Walker::Walker):
(JSC::Walker::callReviver):
(JSC::Walker::walk):
(JSC::JSONProtoFuncParse):
(JSC::JSONProtoFuncStringify):
(JSC::JSONParse):
(JSC::JSONStringify):
- 7:51 AM Changeset in webkit [226406] by
-
- 2 edits in trunk/Source/JavaScriptCore
[FTL] Optimize ObjectAllocationSinking mergePointerSets by using removeIf
https://bugs.webkit.org/show_bug.cgi?id=180238
Reviewed by Saam Barati.
We can optimize ObjectAllocationSinking a bit by using removeIf.
- dfg/DFGObjectAllocationSinkingPhase.cpp:
- 7:42 AM Changeset in webkit [226405] by
-
- 5 edits in trunk/Source/JavaScriptCore
[JSC] Create parallel SlotVisitors apriori
https://bugs.webkit.org/show_bug.cgi?id=180907
Reviewed by Saam Barati.
The number of SlotVisitors are capped with the number of HeapHelperPool's threads + 2.
If we create these SlotVisitors apriori, we do not need to create SlotVisitors dynamically.
Then we do not need to grab locks while iterating all the SlotVisitors.
In addition, we do not need to consider the case that the number of SlotVisitors increases
after setting up VisitCounters in MarkingConstraintSolver since the number of SlotVisitors
does not increase any more.
- heap/Heap.cpp:
(JSC::Heap::Heap):
(JSC::Heap::runBeginPhase):
- heap/Heap.h:
- heap/HeapInlines.h:
(JSC::Heap::forEachSlotVisitor):
(JSC::Heap::numberOfSlotVisitors): Deleted.
- heap/MarkingConstraintSolver.cpp:
(JSC::MarkingConstraintSolver::didVisitSomething const):
- 2:04 AM Changeset in webkit [226404] by
-
- 107 edits1 add in trunk
[GTK] Issues with Ahem's ex / x-height
https://bugs.webkit.org/show_bug.cgi?id=180581
Reviewed by Michael Catanzaro.
Source/WebCore:
Get the x-height value from the TT_OS2 table if available.
Fixes: fast/text/break-word-pre-wrap.html
imported/w3c/web-platform-tests/css/css-shapes-1/shape-outside/values/shape-outside-shape-arguments-000.html
- platform/graphics/freetype/SimpleFontDataFreeType.cpp:
(WebCore::Font::platformInit):
LayoutTests:
Unskip two tests that are now passing and rebaseline others.
- platform/gtk/TestExpectations:
- platform/gtk/css1/font_properties/font_size-expected.png:
- platform/gtk/css1/font_properties/font_size-expected.txt:
- platform/gtk/css1/text_properties/letter_spacing-expected.png:
- platform/gtk/css1/text_properties/letter_spacing-expected.txt:
- platform/gtk/css1/text_properties/line_height-expected.png:
- platform/gtk/css1/text_properties/line_height-expected.txt:
- platform/gtk/css1/text_properties/text_indent-expected.png:
- platform/gtk/css1/text_properties/text_indent-expected.txt:
- platform/gtk/css1/text_properties/word_spacing-expected.png:
- platform/gtk/css1/text_properties/word_spacing-expected.txt:
- platform/gtk/css1/units/length_units-expected.png:
- platform/gtk/css1/units/length_units-expected.txt:
- platform/gtk/css2.1/t040302-c61-ex-len-00-b-a-expected.png:
- platform/gtk/css2.1/t040302-c61-ex-len-00-b-a-expected.txt:
- platform/gtk/css2.1/t040302-c61-rel-len-00-b-ag-expected.png:
- platform/gtk/css2.1/t040302-c61-rel-len-00-b-ag-expected.txt:
- platform/gtk/css2.1/t1008-c44-ln-box-02-d-ag-expected.png:
- platform/gtk/css2.1/t1008-c44-ln-box-02-d-ag-expected.txt:
- platform/gtk/css2.1/t100801-c544-valgn-01-d-ag-expected.png:
- platform/gtk/css2.1/t100801-c544-valgn-01-d-ag-expected.txt:
- platform/gtk/css2.1/t100801-c544-valgn-03-d-agi-expected.png:
- platform/gtk/css2.1/t100801-c544-valgn-03-d-agi-expected.txt:
- platform/gtk/css2.1/t100801-c548-ln-ht-02-b-ag-expected.png:
- platform/gtk/css2.1/t100801-c548-ln-ht-02-b-ag-expected.txt:
- platform/gtk/css2.1/t1507-c526-font-sz-02-b-a-expected.png:
- platform/gtk/css2.1/t1507-c526-font-sz-02-b-a-expected.txt:
- platform/gtk/css2.1/t1601-c547-indent-00-b-a-expected.png:
- platform/gtk/css2.1/t1601-c547-indent-00-b-a-expected.txt:
- platform/gtk/css2.1/t1604-c542-letter-sp-00-b-a-expected.png:
- platform/gtk/css2.1/t1604-c542-letter-sp-00-b-a-expected.txt:
- platform/gtk/editing/selection/caret-ltr-2-expected.png:
- platform/gtk/editing/selection/caret-ltr-2-expected.txt:
- platform/gtk/editing/selection/caret-ltr-2-left-expected.png:
- platform/gtk/editing/selection/caret-ltr-2-left-expected.txt:
- platform/gtk/editing/selection/caret-ltr-expected.png:
- platform/gtk/editing/selection/caret-ltr-expected.txt:
- platform/gtk/editing/selection/caret-ltr-right-expected.png:
- platform/gtk/editing/selection/caret-ltr-right-expected.txt:
- platform/gtk/editing/selection/caret-rtl-2-expected.png:
- platform/gtk/editing/selection/caret-rtl-2-expected.txt:
- platform/gtk/editing/selection/caret-rtl-2-left-expected.png:
- platform/gtk/editing/selection/caret-rtl-2-left-expected.txt:
- platform/gtk/editing/selection/caret-rtl-expected.png:
- platform/gtk/editing/selection/caret-rtl-expected.txt:
- platform/gtk/editing/selection/caret-rtl-right-expected.png:
- platform/gtk/editing/selection/caret-rtl-right-expected.txt:
- platform/gtk/editing/selection/select-across-readonly-input-1-expected.png:
- platform/gtk/editing/selection/select-across-readonly-input-1-expected.txt:
- platform/gtk/editing/selection/select-across-readonly-input-2-expected.png:
- platform/gtk/editing/selection/select-across-readonly-input-2-expected.txt:
- platform/gtk/editing/selection/select-across-readonly-input-3-expected.png:
- platform/gtk/editing/selection/select-across-readonly-input-3-expected.txt:
- platform/gtk/editing/selection/select-across-readonly-input-4-expected.png:
- platform/gtk/editing/selection/select-across-readonly-input-4-expected.txt:
- platform/gtk/editing/selection/select-across-readonly-input-5-expected.png:
- platform/gtk/editing/selection/select-across-readonly-input-5-expected.txt:
- platform/gtk/editing/selection/vertical-lr-ltr-extend-line-backward-br-expected.png:
- platform/gtk/editing/selection/vertical-lr-ltr-extend-line-backward-br-expected.txt:
- platform/gtk/editing/selection/vertical-lr-ltr-extend-line-forward-br-expected.png:
- platform/gtk/editing/selection/vertical-lr-ltr-extend-line-forward-br-expected.txt:
- platform/gtk/editing/selection/vertical-rl-ltr-extend-line-backward-br-expected.png:
- platform/gtk/editing/selection/vertical-rl-ltr-extend-line-backward-br-expected.txt:
- platform/gtk/editing/selection/vertical-rl-ltr-extend-line-backward-p-expected.png:
- platform/gtk/editing/selection/vertical-rl-ltr-extend-line-backward-p-expected.txt:
- platform/gtk/editing/selection/vertical-rl-ltr-extend-line-forward-br-expected.png:
- platform/gtk/editing/selection/vertical-rl-ltr-extend-line-forward-br-expected.txt:
- platform/gtk/editing/selection/vertical-rl-ltr-extend-line-forward-p-expected.png:
- platform/gtk/editing/selection/vertical-rl-ltr-extend-line-forward-p-expected.txt:
- platform/gtk/editing/selection/vertical-rl-rtl-extend-line-backward-br-expected.png:
- platform/gtk/editing/selection/vertical-rl-rtl-extend-line-backward-br-expected.txt:
- platform/gtk/editing/selection/vertical-rl-rtl-extend-line-backward-p-expected.png:
- platform/gtk/editing/selection/vertical-rl-rtl-extend-line-backward-p-expected.txt:
- platform/gtk/editing/selection/vertical-rl-rtl-extend-line-forward-br-expected.png:
- platform/gtk/editing/selection/vertical-rl-rtl-extend-line-forward-br-expected.txt:
- platform/gtk/editing/selection/vertical-rl-rtl-extend-line-forward-p-expected.png:
- platform/gtk/editing/selection/vertical-rl-rtl-extend-line-forward-p-expected.txt:
- platform/gtk/fast/css/bidi-override-in-anonymous-block-expected.png:
- platform/gtk/fast/css/bidi-override-in-anonymous-block-expected.txt:
- platform/gtk/fast/css/ex-after-font-variant-expected.png:
- platform/gtk/fast/css/ex-after-font-variant-expected.txt:
- platform/gtk/fast/forms/auto-fill-button/input-strong-confirmation-password-auto-fill-button-expected.txt:
- platform/gtk/fast/forms/auto-fill-button/input-strong-password-auto-fill-button-expected.txt:
- platform/gtk/fast/forms/minWidthPercent-expected.png:
- platform/gtk/fast/forms/minWidthPercent-expected.txt:
- platform/gtk/fast/lists/008-expected.png:
- platform/gtk/fast/lists/008-expected.txt:
- platform/gtk/fast/lists/008-vertical-expected.png:
- platform/gtk/fast/lists/008-vertical-expected.txt:
- platform/gtk/fast/overflow/overflow-rtl-expected.png:
- platform/gtk/fast/overflow/overflow-rtl-expected.txt:
- platform/gtk/fast/overflow/overflow-rtl-vertical-expected.png:
- platform/gtk/fast/overflow/overflow-rtl-vertical-expected.txt:
- platform/gtk/fast/text/vertical-rl-rtl-linebreak-expected.png:
- platform/gtk/fast/text/vertical-rl-rtl-linebreak-expected.txt:
- platform/gtk/svg/W3C-SVG-1.1-SE/coords-units-03-b-expected.png:
- platform/gtk/svg/W3C-SVG-1.1-SE/coords-units-03-b-expected.txt:
- platform/gtk/svg/W3C-SVG-1.1/coords-units-03-b-expected.png:
- platform/gtk/svg/W3C-SVG-1.1/coords-units-03-b-expected.txt: Added.
- platform/gtk/svg/custom/alignment-baseline-modes-expected.png:
- platform/gtk/svg/custom/alignment-baseline-modes-expected.txt:
- platform/gtk/svg/custom/dominant-baseline-modes-expected.png:
- platform/gtk/svg/custom/dominant-baseline-modes-expected.txt:
- platform/gtk/tables/mozilla/bugs/bug55527-expected.png:
- platform/gtk/tables/mozilla/bugs/bug55527-expected.txt:
- 1:48 AM Changeset in webkit [226403] by
-
- 1 edit2 adds in trunk/LayoutTests
Add a test to ensure <mo> paints its leading and trailing space as specified in its attributes.
https://bugs.webkit.org/show_bug.cgi?id=170272
Patch by Minsheng Liu <lambda@liu.ms> on 2018-01-04
Reviewed by Frédéric Wang.
A reference test is added to ensure <mo> paints its leading and trailing space as specified in its attributes.
The bug itself is fixed as a part of 179682.
https://bugs.webkit.org/show_bug.cgi?id=179682
- mathml/presentation/mo-paint-lspace-rspace-expected.html: Added.
- mathml/presentation/mo-paint-lspace-rspace.html: Added.
- 1:41 AM Changeset in webkit [226402] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed, GTK build fix attempt after r226357
- platform/graphics/gstreamer/GStreamerUtilities.h: The
GST_BUFFER_DTS_OR_PTS macro was added in GStreamer 1.8 but old
versions of Debian might not have this release yet.
- 12:49 AM Changeset in webkit [226401] by
-
- 27 edits in trunk
Implement Cache API partitioning based on ClientOrigin
https://bugs.webkit.org/show_bug.cgi?id=181240
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-04
Reviewed by Alex Christensen.
Source/WebCore:
Covered by updated tests.
Previously, cache storage was partitioned according the origin of the client, represented as a String.
We now partition according both client and top origins, represented as a ClientOrigin
Minor refactoring to use more makePendingActivity.
Added support for IPC serialization of ClientOrigin.
Added SecurityOriginData::toString which is used by WebKit2 Cache Storage implementation.
- Modules/cache/CacheStorageConnection.cpp:
(WebCore::CacheStorageConnection::open):
(WebCore::CacheStorageConnection::retrieveCaches):
- Modules/cache/CacheStorageConnection.h:
(WebCore::CacheStorageConnection::clearMemoryRepresentation):
(WebCore::CacheStorageConnection::doOpen):
(WebCore::CacheStorageConnection::doRetrieveCaches):
- Modules/cache/DOMCacheStorage.cpp:
(WebCore::DOMCacheStorage::origin const):
(WebCore::DOMCacheStorage::retrieveCaches):
(WebCore::DOMCacheStorage::open):
(WebCore::DOMCacheStorage::remove):
- Modules/cache/DOMCacheStorage.h:
- Modules/cache/WorkerCacheStorageConnection.cpp:
(WebCore::WorkerCacheStorageConnection::doOpen):
(WebCore::WorkerCacheStorageConnection::doRetrieveCaches):
- Modules/cache/WorkerCacheStorageConnection.h:
- page/ClientOrigin.h:
(WebCore::ClientOrigin::isolatedCopy const):
(WebCore::ClientOrigin::encode const):
(WebCore::ClientOrigin::decode):
- page/SecurityOriginData.cpp:
(WebCore::SecurityOriginData::toString const):
(WebCore::SecurityOriginData::debugString const): Deleted.
- page/SecurityOriginData.h:
(WebCore::SecurityOriginData::debugString const):
- testing/Internals.cpp:
(WebCore::Internals::clearCacheStorageMemoryRepresentation):
Source/WebKit:
open and retrieveCaches now take a ClientOrigin instead of a String.
Updated cache filesystem path computation to take both client origin and top origin.
When clearing an origin, caches whose client origin or top origin matches the origin are cleared.
Caches are added to the web site data of their client origin with their corresponding cache size.
Caches are added to the web site data of their top origin with a size equal to 0.
Updated memory representation dumping used for test to include both top and client origins.
- NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::deleteWebsiteDataForOrigins):
- NetworkProcess/cache/CacheStorageEngine.cpp:
(WebKit::CacheStorage::Engine::cachesRootPath):
(WebKit::CacheStorage::Engine::open):
(WebKit::CacheStorage::Engine::remove):
(WebKit::CacheStorage::Engine::retrieveCaches):
(WebKit::CacheStorage::Engine::readCachesFromDisk):
(WebKit::CacheStorage::Engine::removeCaches):
(WebKit::CacheStorage::Engine::fetchEntries):
(WebKit::CacheStorage::Engine::clearCachesForOrigin):
(WebKit::CacheStorage::Engine::clearMemoryRepresentation):
(WebKit::CacheStorage::Engine::representation):
- NetworkProcess/cache/CacheStorageEngine.h:
- NetworkProcess/cache/CacheStorageEngineCache.cpp:
(WebKit::CacheStorage::Cache::Cache):
- NetworkProcess/cache/CacheStorageEngineCaches.cpp:
(WebKit::CacheStorage::Caches::retrieveOriginFromDirectory):
(WebKit::CacheStorage::Caches::Caches):
(WebKit::CacheStorage::Caches::storeOrigin):
(WebKit::CacheStorage::Caches::readOrigin):
(WebKit::CacheStorage::Caches::open):
- NetworkProcess/cache/CacheStorageEngineCaches.h:
(WebKit::CacheStorage::Caches::create):
(WebKit::CacheStorage::Caches::origin const):
- NetworkProcess/cache/CacheStorageEngineConnection.cpp:
(WebKit::CacheStorageEngineConnection::open):
(WebKit::CacheStorageEngineConnection::caches):
(WebKit::CacheStorageEngineConnection::clearMemoryRepresentation):
- NetworkProcess/cache/CacheStorageEngineConnection.h:
- NetworkProcess/cache/CacheStorageEngineConnection.messages.in:
- WebProcess/Cache/WebCacheStorageConnection.cpp:
(WebKit::WebCacheStorageConnection::doOpen):
(WebKit::WebCacheStorageConnection::doRetrieveCaches):
(WebKit::WebCacheStorageConnection::clearMemoryRepresentation):
- WebProcess/Cache/WebCacheStorageConnection.h:
LayoutTests:
Beefing up test to ensure that client and top origins are taken into consideration.
- http/tests/cache-storage/cache-origins.https-expected.txt:
- http/tests/cache-storage/cache-origins.https.html:
- http/tests/cache-storage/cache-clearing-origin.https-expected.txt:
- http/tests/cache-storage/cache-clearing-origin.https.html:
- 12:39 AM Changeset in webkit [226400] by
-
- 9 edits in trunk
Service Worker should expose redirect mode for navigation loads as manual
https://bugs.webkit.org/show_bug.cgi?id=181067
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-04
Reviewed by Alex Christensen.
LayoutTests/imported/w3c:
Updating test to match the latest fetch spec.
- web-platform-tests/service-workers/service-worker/navigation-redirect-to-http.https-expected.txt:
- web-platform-tests/service-workers/service-worker/request-end-to-end.https-expected.txt:
- web-platform-tests/service-workers/service-worker/request-end-to-end.https.html:
Source/WebCore:
Covered by rebased tests.
- loader/CrossOriginAccessControl.cpp: Removing ContentType header only if affecting CORS checks.
This allows extending header filtering in service worker to all modes, including Navigate.
- workers/service/context/ServiceWorkerFetch.cpp:
(WebCore::ServiceWorkerFetch::dispatchFetchEvent): Ideally, document loading code should set redirect to manual.
Since it is not the case yet and that would require changes to various places, manual is set before exposing the corresponding fetch event.
Source/WebKit:
- WebProcess/Storage/ServiceWorkerClientFetch.cpp:
(WebKit::ServiceWorkerClientFetch::didReceiveResponse):
- 12:26 AM Changeset in webkit [226399] by
-
- 4 edits in trunk/Source/WebCore
ServiceWorkerThreadProxy::postTaskForModeToWorkerGlobalScope should be a no-op if worker is being terminated
https://bugs.webkit.org/show_bug.cgi?id=181245
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-04
Reviewed by Alex Christensen.
Stop appending tasks to a terminating worker and returning false in that case.
This mirrors what is done for regular workers.
- workers/service/context/SWContextManager.cpp:
(WebCore::SWContextManager::terminateWorker):
- workers/service/context/ServiceWorkerThreadProxy.cpp:
(WebCore::ServiceWorkerThreadProxy::postTaskForModeToWorkerGlobalScope):
- workers/service/context/ServiceWorkerThreadProxy.h:
- 12:26 AM Changeset in webkit [226398] by
-
- 6 edits in trunk/Source/WebCore
Cancel pending script loads when service worker is being terminated
https://bugs.webkit.org/show_bug.cgi?id=181250
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-04
Reviewed by Alex Christensen.
Covered by service worker tests no longer crashing in ASAN builds.
- workers/WorkerScriptLoader.cpp:
(WebCore::WorkerScriptLoader::notifyFinished): Clearing loader when finished.
(WebCore::WorkerScriptLoader::cancel): Implementing cancel of a script loader by cancelling the underlying threadable loader.
- workers/WorkerScriptLoader.h:
- workers/service/ServiceWorkerContainer.cpp: Canceling loads of all pending jobs.
(WebCore::ServiceWorkerContainer::stop):
- workers/service/ServiceWorkerJob.cpp:
(WebCore::ServiceWorkerJob::cancelPendingLoad):
- workers/service/ServiceWorkerJob.h:
- 12:24 AM Changeset in webkit [226397] by
-
- 8 edits in trunk
Implement https://fetch.spec.whatwg.org/#main-fetch default referrer policy setting
https://bugs.webkit.org/show_bug.cgi?id=181239
Patch by Youenn Fablet <youenn@apple.com> on 2018-01-04
Reviewed by Alex Christensen.
LayoutTests/imported/w3c:
Updated test to output more tests for better error reporting.
Also updated to relax the settings so that HTTP loads are done even though the page is HTTPS.
Updated referrer computation since it should be done based on the fetch context and not its parent context.
- web-platform-tests/service-workers/service-worker/fetch-event-referrer-policy.https-expected.txt:
- web-platform-tests/service-workers/service-worker/fetch-event-referrer-policy.https.html:
Source/WebCore:
Covered by updated and rebased test.
Setting the request referrer policy to the Document referrer policy if no one is set.
If Document has no referrer policy, use no-referrer-when-downgrade as per the spec.
- loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::updateHTTPRequestHeaders):
(WebCore::CachedResourceLoader::requestResource):
- loader/cache/CachedResourceLoader.h:
- loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::updateReferrerPolicy):
(WebCore::CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders):
- loader/cache/CachedResourceRequest.h:
