Diff
Modified: trunk/Source/WTF/ChangeLog (289530 => 289531)
--- trunk/Source/WTF/ChangeLog 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WTF/ChangeLog 2022-02-10 14:46:18 UTC (rev 289531)
@@ -1,3 +1,35 @@
+2022-02-10 Gavin Phillips <[email protected]>
+
+ Introduce SignedPtrTraits which enables Ref pointers to be protected with PtrTags.
+ https://bugs.webkit.org/show_bug.cgi?id=235588
+ rdar://88023849
+
+ Reviewed by Mark Lam.
+
+ Create and adopt SignedPtrTraits which can be used to apply and verify PtrTag signatures
+ to pointers stored in and tracked by WTF:Ref.
+
+ * WTF.xcodeproj/project.pbxproj:
+ * wtf/CMakeLists.txt:
+ * wtf/SignedPtr.h: Added.
+ (WTF::SignedPtr::SignedPtr):
+ (WTF::SignedPtr::get const):
+ (WTF::SignedPtr::set):
+ (WTF::SignedPtr::clear):
+ (WTF::SignedPtr::operator-> const):
+ (WTF::SignedPtr::operator* const):
+ (WTF::SignedPtr::operator! const):
+ (WTF::SignedPtr::operator UnspecifiedBoolType const):
+ (WTF::SignedPtr::operator bool const):
+ (WTF::SignedPtr::operator=):
+ (WTF::SignedPtr::exchange):
+ (WTF::SignedPtr::swap):
+ (WTF::SignedPtrTraits::exchange):
+ (WTF::SignedPtrTraits::swap):
+ (WTF::SignedPtrTraits::unwrap):
+ (WTF::SignedPtrTraits::hashTableDeletedValue):
+ (WTF::SignedPtrTraits::isHashTableDeletedValue):
+
2022-02-09 Chris Dumez <[email protected]>
[WK2] Turn on Shared Workers by default
Modified: trunk/Source/WTF/WTF.xcodeproj/project.pbxproj (289530 => 289531)
--- trunk/Source/WTF/WTF.xcodeproj/project.pbxproj 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WTF/WTF.xcodeproj/project.pbxproj 2022-02-10 14:46:18 UTC (rev 289531)
@@ -524,6 +524,7 @@
83ABB3C020B3823200BA3306 /* WeakObjCPtr.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WeakObjCPtr.h; sourceTree = "<group>"; };
83F2BADE1CF9524E003E99C3 /* Function.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Function.h; sourceTree = "<group>"; };
83FBA93119DF459700F30ADB /* TypeCasts.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = TypeCasts.h; sourceTree = "<group>"; };
+ 862A8D32278DE74A0014120C /* SignedPtr.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SignedPtr.h; sourceTree = "<group>"; };
86F46F5F1A2840EE00CCBF22 /* RefCounter.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RefCounter.h; sourceTree = "<group>"; };
93156C8D262C982200EAE27B /* SortedArrayMap.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = SortedArrayMap.h; sourceTree = "<group>"; };
93241657243BC2E50032FAAE /* VectorCocoa.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = VectorCocoa.h; sourceTree = "<group>"; };
@@ -1317,6 +1318,7 @@
A8A47308151A825B004123FF /* SHA1.cpp */,
A8A47309151A825B004123FF /* SHA1.h */,
0FEB3DCE1BB5D684009D7AAD /* SharedTask.h */,
+ 862A8D32278DE74A0014120C /* SignedPtr.h */,
A8A4730A151A825B004123FF /* SimpleStats.h */,
795212021F42588800BD6421 /* SingleRootGraph.h */,
A8A4730B151A825B004123FF /* SinglyLinkedList.h */,
Modified: trunk/Source/WTF/wtf/CMakeLists.txt (289530 => 289531)
--- trunk/Source/WTF/wtf/CMakeLists.txt 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WTF/wtf/CMakeLists.txt 2022-02-10 14:46:18 UTC (rev 289531)
@@ -243,6 +243,7 @@
SentinelLinkedList.h
SetForScope.h
SharedTask.h
+ SignedPtr.h
SimpleStats.h
SingleRootGraph.h
SinglyLinkedList.h
Added: trunk/Source/WTF/wtf/SignedPtr.h (0 => 289531)
--- trunk/Source/WTF/wtf/SignedPtr.h (rev 0)
+++ trunk/Source/WTF/wtf/SignedPtr.h 2022-02-10 14:46:18 UTC (rev 289531)
@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) 2022 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include <cstdint>
+#include <utility>
+#include <wtf/PtrTag.h>
+#include <wtf/StdLibExtras.h>
+
+namespace WTF {
+
+template<typename T, const uintptr_t Tag>
+class SignedPtr {
+public:
+ WTF_MAKE_FAST_ALLOCATED;
+public:
+ constexpr SignedPtr()
+ : m_value(nullptr)
+ {
+ }
+
+ constexpr SignedPtr(std::nullptr_t)
+ : m_value(nullptr)
+ {
+ }
+
+ SignedPtr(T* value)
+ {
+ set(value);
+ }
+
+ T* get() const
+ {
+#if CPU(ARM64E)
+ if (!m_value)
+ return nullptr;
+ return ptrauth_auth_data(m_value, ptrauth_key_process_dependent_data, Tag);
+#else
+ return m_value;
+#endif
+ }
+
+ void set(T* passedValue)
+ {
+#if CPU(ARM64E)
+ if (!passedValue)
+ return;
+ m_value = ptrauth_sign_unauthenticated(passedValue, ptrauth_key_process_dependent_data, Tag);
+#else
+ m_value = passedValue;
+#endif
+ }
+
+ void clear()
+ {
+ set(nullptr);
+ }
+
+ T* operator->() const { return get(); }
+
+ template <typename U = T>
+ typename std::enable_if<!std::is_void_v<U>, U&>::type operator*() const { return *get(); }
+
+ bool operator!() const { return !m_value; }
+
+ // This conversion operator allows implicit conversion to bool but not to other integer types.
+ typedef T* (SignedPtr::*UnspecifiedBoolType);
+ operator UnspecifiedBoolType() const { return get() ? &SignedPtr::m_value : nullptr; }
+ explicit operator bool() const { return get(); }
+
+ SignedPtr& operator=(T* value)
+ {
+ set(value);
+ return *this;
+ }
+
+ template<class U>
+ T* exchange(U&& newValue)
+ {
+ T* oldValue = get();
+ set(std::forward<U>(newValue));
+ return oldValue;
+ }
+
+ void swap(std::nullptr_t) { clear(); }
+
+ void swap(SignedPtr& other)
+ {
+ T* t1 = get();
+ T* t2 = other.get();
+ set(t2);
+ other.set(t1);
+ }
+
+private:
+ T* m_value;
+};
+
+template <typename T, uintptr_t Tag>
+struct IsSmartPtr<SignedPtr<T, Tag>> {
+ static constexpr bool value = true;
+};
+
+template<typename T, uintptr_t Tag>
+struct SignedPtrTraits {
+ template<typename U, uintptr_t V> using RebindTraits = SignedPtrTraits<U, V>;
+
+ using StorageType = SignedPtr<T, Tag>;
+
+ template<class U> static ALWAYS_INLINE T* exchange(StorageType& ptr, U&& newValue) { return ptr.exchange(newValue); }
+ template<typename Other> static ALWAYS_INLINE void swap(StorageType& a, Other& b) { a.swap(b); }
+
+ static ALWAYS_INLINE T* unwrap(const StorageType& ptr) { return ptr.get(); }
+
+ static StorageType hashTableDeletedValue() { return bitwise_cast<StorageType>(static_cast<uintptr_t>(-1)); }
+ static ALWAYS_INLINE bool isHashTableDeletedValue(const StorageType& ptr) { return ptr == hashTableDeletedValue(); }
+};
+
+} // namespace WTF
+
+using WTF::SignedPtrTraits;
+
Modified: trunk/Source/WebCore/ChangeLog (289530 => 289531)
--- trunk/Source/WebCore/ChangeLog 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/ChangeLog 2022-02-10 14:46:18 UTC (rev 289531)
@@ -1,3 +1,71 @@
+2022-02-10 Gavin Phillips <[email protected]>
+
+ Introduce SignedPtrTraits which enables Ref pointers to be protected with PtrTags.
+ https://bugs.webkit.org/show_bug.cgi?id=235588
+ rdar://88023849
+
+ Reviewed by Mark Lam.
+
+ Create and adopt SignedPtrTraits which can be used to apply and verify PtrTag signatures
+ to pointers stored in and tracked by WTF:Ref.
+
+ * bindings/js/JSDOMWrapper.h:
+ (WebCore::JSDOMWrapper::wrapped const):
+ (WebCore::JSDOMWrapper::offsetOfWrapped):
+ (WebCore::JSDOMWrapper::hasCustomPtrTraits):
+ * bindings/scripts/CodeGeneratorJS.pm:
+ (GetParentClassName):
+ (GetImplClassPtrTag):
+ (GenerateHeader):
+ (GetTaggedWrapperForInterface):
+ * bindings/scripts/IDLAttributes.json:
+ * bindings/scripts/test/BindingTestGlobalConstructors.idl:
+ * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
+ (WebCore::jsTestGlobalObject_TestTaggedWrapperConstructorGetter):
+ (WebCore::JSC_DEFINE_CUSTOM_GETTER):
+ * bindings/scripts/test/JS/JSTestTaggedWrapper.cpp: Added.
+ (WebCore::JSTestTaggedWrapperDOMConstructor::prototypeForStructure):
+ (WebCore::JSTestTaggedWrapperDOMConstructor::initializeProperties):
+ (WebCore::JSTestTaggedWrapperPrototype::finishCreation):
+ (WebCore::JSTestTaggedWrapper::JSTestTaggedWrapper):
+ (WebCore::JSTestTaggedWrapper::finishCreation):
+ (WebCore::JSTestTaggedWrapper::createPrototype):
+ (WebCore::JSTestTaggedWrapper::prototype):
+ (WebCore::JSTestTaggedWrapper::getConstructor):
+ (WebCore::JSTestTaggedWrapper::destroy):
+ (WebCore::JSC_DEFINE_CUSTOM_GETTER):
+ (WebCore::JSTestTaggedWrapper::subspaceForImpl):
+ (WebCore::JSTestTaggedWrapper::analyzeHeap):
+ (WebCore::JSTestTaggedWrapperOwner::isReachableFromOpaqueRoots):
+ (WebCore::JSTestTaggedWrapperOwner::finalize):
+ (WebCore::toJSNewlyCreated):
+ (WebCore::toJS):
+ (WebCore::JSTestTaggedWrapper::toWrapped):
+ * bindings/scripts/test/JS/JSTestTaggedWrapper.h: Added.
+ (WebCore::JSTestTaggedWrapper::create):
+ (WebCore::JSTestTaggedWrapper::createStructure):
+ (WebCore::JSTestTaggedWrapper::subspaceFor):
+ (WebCore::wrapperOwner):
+ (WebCore::wrapperKey):
+ (WebCore::toJS):
+ (WebCore::toJSNewlyCreated):
+ * bindings/scripts/test/SupplementalDependencies.dep:
+ * bindings/scripts/test/TestTaggedWrapper.idl: Added.
+ * css/DOMMatrixReadOnly.idl:
+ * dom/DOMPointReadOnly.idl:
+ * dom/DOMQuad.idl:
+ * dom/DOMRectReadOnly.idl:
+ * domjit/JSDocumentDOMJIT.cpp:
+ (WebCore::compileDocumentDocumentElementAttribute):
+ (WebCore::compileDocumentBodyAttribute):
+ * domjit/JSNodeDOMJIT.cpp:
+ (WebCore::createCallDOMGetterForOffsetAccess):
+ (WebCore::compileNodeOwnerDocumentAttribute):
+ * html/TimeRanges.idl:
+ * html/canvas/OffscreenCanvasRenderingContext2D.idl:
+ * html/canvas/PaintRenderingContext2D.idl:
+ * svg/SVGMatrix.idl:
+
2022-02-10 Alan Bujtas <[email protected]>
[LFC][IFC] Add InInlineDirection postfix to margin/border/paddingLeft(Right)
Modified: trunk/Source/WebCore/bindings/js/JSDOMWrapper.h (289530 => 289531)
--- trunk/Source/WebCore/bindings/js/JSDOMWrapper.h 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/bindings/js/JSDOMWrapper.h 2022-02-10 14:46:18 UTC (rev 289531)
@@ -24,6 +24,7 @@
#include "JSDOMGlobalObject.h"
#include "NodeConstants.h"
#include <_javascript_Core/JSDestructibleObject.h>
+#include <wtf/SignedPtr.h>
namespace WebCore {
@@ -68,14 +69,16 @@
WEBCORE_EXPORT JSDOMObject(JSC::Structure*, JSC::JSGlobalObject&);
};
-template<typename ImplementationClass> class JSDOMWrapper : public JSDOMObject {
+template<typename ImplementationClass, typename PtrTraits = RawPtrTraits<ImplementationClass>>
+class JSDOMWrapper : public JSDOMObject {
public:
- typedef JSDOMObject Base;
- typedef ImplementationClass DOMWrapped;
+ using Base = JSDOMObject;
+ using DOMWrapped = ImplementationClass;
+
+ ImplementationClass& wrapped() const { return m_wrapped; }
+ static ptrdiff_t offsetOfWrapped() { return OBJECT_OFFSETOF(JSDOMWrapper, m_wrapped); }
+ constexpr static bool hasCustomPtrTraits() { return !std::is_same_v<PtrTraits, RawPtrTraits<ImplementationClass>>; };
- ImplementationClass& wrapped() const { return m_wrapped; }
- static ptrdiff_t offsetOfWrapped() { return OBJECT_OFFSETOF(JSDOMWrapper<ImplementationClass>, m_wrapped); }
-
protected:
JSDOMWrapper(JSC::Structure* structure, JSC::JSGlobalObject& globalObject, Ref<ImplementationClass>&& impl)
: Base(structure, globalObject)
@@ -82,7 +85,7 @@
, m_wrapped(WTFMove(impl)) { }
private:
- Ref<ImplementationClass> m_wrapped;
+ Ref<ImplementationClass, PtrTraits> m_wrapped;
};
template<typename ImplementationClass> struct JSDOMWrapperConverterTraits;
Modified: trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm (289530 => 289531)
--- trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm 2022-02-10 14:46:18 UTC (rev 289531)
@@ -510,8 +510,9 @@
return $interface->extendedAttributes->{JSLegacyParent} if $interface->extendedAttributes->{JSLegacyParent};
return "JSDOMObject" unless NeedsImplementationClass($interface);
- return "JSDOMWrapper<" . GetImplClassName($interface) . ">" unless $interface->parentType;
- return "JS" . $interface->parentType->name;
+ return "JS" . $interface->parentType->name if $interface->parentType;
+ return "JSDOMWrapper<" . GetImplClassName($interface) . ", SignedPtrTraits<" . GetImplClassName($interface) . ", " . GetImplClassPtrTag($interface) . ">>" if HasTaggedWrapperForInterface($interface);
+ return "JSDOMWrapper<" . GetImplClassName($interface) . ">";
}
sub GetCallbackClassName
@@ -2228,6 +2229,13 @@
return $interface->type->name;
}
+sub GetImplClassPtrTag
+{
+ my $interface = shift;
+
+ return $interface->type->name . "PtrTag";
+}
+
sub IsClassNameWordBoundary
{
my ($name, $i) = @_;
@@ -2875,8 +2883,12 @@
my $exportMacro = GetExportMacroForJSClass($interface);
- # Class declaration
- push(@headerContent, "class $exportMacro$className : public $parentClassName {\n");
+ # Tag & Class declaration
+ assert("Interface " . GetImplClassName($interface) . " marked as TaggedWrapper but extends another interface.") if HasTaggedWrapperForInterface($interface) and $interface->parentType;
+ if (HasTaggedWrapperForInterface($interface)) {
+ push(@headerContent, "WTF_DECLARE_PTRTAG(" . GetImplClassPtrTag($interface) . ")\n");
+ }
+ push(@headerContent, "class $exportMacro$className : public " . $parentClassName . " {\n");
# Static create methods
push(@headerContent, "public:\n");
@@ -3930,6 +3942,12 @@
return $interface->extendedAttributes->{SkipVTableValidation};
}
+sub HasTaggedWrapperForInterface
+{
+ my $interface = shift;
+ return $interface->extendedAttributes->{TaggedWrapper};
+}
+
# URL becomes url, but SetURL becomes setURL.
sub ToMethodName
{
Modified: trunk/Source/WebCore/bindings/scripts/IDLAttributes.json (289530 => 289531)
--- trunk/Source/WebCore/bindings/scripts/IDLAttributes.json 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/bindings/scripts/IDLAttributes.json 2022-02-10 14:46:18 UTC (rev 289531)
@@ -489,6 +489,9 @@
"SuppressToJSObject": {
"contextsAllowed": ["interface"]
},
+ "TaggedWrapper": {
+ "contextsAllowed": ["interface"]
+ },
"Transferable": {
"contextsAllowed": ["interface"],
"standard": {
Modified: trunk/Source/WebCore/bindings/scripts/test/BindingTestGlobalConstructors.idl (289530 => 289531)
--- trunk/Source/WebCore/bindings/scripts/test/BindingTestGlobalConstructors.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/bindings/scripts/test/BindingTestGlobalConstructors.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -62,5 +62,6 @@
attribute TestStringifierOperationNamedToStringConstructor TestStringifierOperationNamedToString;
attribute TestStringifierReadOnlyAttributeConstructor TestStringifierReadOnlyAttribute;
attribute TestStringifierReadWriteAttributeConstructor TestStringifierReadWriteAttribute;
+ attribute TestTaggedWrapperConstructor TestTaggedWrapper;
attribute TestTypedefsConstructor TestTypedefs;
};
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp (289530 => 289531)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp 2022-02-10 14:46:18 UTC (rev 289531)
@@ -98,6 +98,7 @@
#include "JSTestStringifierOperationNamedToString.h"
#include "JSTestStringifierReadOnlyAttribute.h"
#include "JSTestStringifierReadWriteAttribute.h"
+#include "JSTestTaggedWrapper.h"
#include "JSTestTypedefs.h"
#include "RuntimeEnabledFeatures.h"
#include "ScriptExecutionContext.h"
@@ -237,6 +238,7 @@
static JSC_DECLARE_CUSTOM_GETTER(jsTestGlobalObject_TestStringifierOperationNamedToStringConstructor);
static JSC_DECLARE_CUSTOM_GETTER(jsTestGlobalObject_TestStringifierReadOnlyAttributeConstructor);
static JSC_DECLARE_CUSTOM_GETTER(jsTestGlobalObject_TestStringifierReadWriteAttributeConstructor);
+static JSC_DECLARE_CUSTOM_GETTER(jsTestGlobalObject_TestTaggedWrapperConstructor);
static JSC_DECLARE_CUSTOM_GETTER(jsTestGlobalObject_TestTypedefsConstructor);
using JSTestGlobalObjectDOMConstructor = JSDOMConstructorNotConstructable<JSTestGlobalObject>;
@@ -285,7 +287,7 @@
{ -1, -1 },
{ -1, -1 },
{ -1, -1 },
- { 67, -1 },
+ { 68, -1 },
{ 13, 261 },
{ -1, -1 },
{ -1, -1 },
@@ -404,8 +406,8 @@
{ -1, -1 },
{ 65, -1 },
{ -1, -1 },
+ { 66, -1 },
{ -1, -1 },
- { -1, -1 },
{ 27, -1 },
{ 32, -1 },
{ -1, -1 },
@@ -511,7 +513,7 @@
{ 51, -1 },
{ 56, -1 },
{ 62, -1 },
- { 66, -1 },
+ { 67, -1 },
};
@@ -599,11 +601,12 @@
{ "TestStringifierOperationNamedToString", static_cast<unsigned>(JSC::PropertyAttribute::DontEnum), NoIntrinsic, { (intptr_t)static_cast<PropertySlot::GetValueFunc>(jsTestGlobalObject_TestStringifierOperationNamedToStringConstructor), (intptr_t) static_cast<PutPropertySlot::PutValueFunc>(0) } },
{ "TestStringifierReadOnlyAttribute", static_cast<unsigned>(JSC::PropertyAttribute::DontEnum), NoIntrinsic, { (intptr_t)static_cast<PropertySlot::GetValueFunc>(jsTestGlobalObject_TestStringifierReadOnlyAttributeConstructor), (intptr_t) static_cast<PutPropertySlot::PutValueFunc>(0) } },
{ "TestStringifierReadWriteAttribute", static_cast<unsigned>(JSC::PropertyAttribute::DontEnum), NoIntrinsic, { (intptr_t)static_cast<PropertySlot::GetValueFunc>(jsTestGlobalObject_TestStringifierReadWriteAttributeConstructor), (intptr_t) static_cast<PutPropertySlot::PutValueFunc>(0) } },
+ { "TestTaggedWrapper", static_cast<unsigned>(JSC::PropertyAttribute::DontEnum), NoIntrinsic, { (intptr_t)static_cast<PropertySlot::GetValueFunc>(jsTestGlobalObject_TestTaggedWrapperConstructor), (intptr_t) static_cast<PutPropertySlot::PutValueFunc>(0) } },
{ "TestTypedefs", static_cast<unsigned>(JSC::PropertyAttribute::DontEnum), NoIntrinsic, { (intptr_t)static_cast<PropertySlot::GetValueFunc>(jsTestGlobalObject_TestTypedefsConstructor), (intptr_t) static_cast<PutPropertySlot::PutValueFunc>(0) } },
{ "regularOperation", static_cast<unsigned>(JSC::PropertyAttribute::Function), NoIntrinsic, { (intptr_t)static_cast<RawNativeFunction>(jsTestGlobalObjectInstanceFunction_regularOperation), (intptr_t) (1) } },
};
-static const HashTable JSTestGlobalObjectTable = { 68, 255, true, JSTestGlobalObject::info(), JSTestGlobalObjectTableValues, JSTestGlobalObjectTableIndex };
+static const HashTable JSTestGlobalObjectTable = { 69, 255, true, JSTestGlobalObject::info(), JSTestGlobalObjectTableValues, JSTestGlobalObjectTableIndex };
/* Hash table for constructor */
static const HashTableValue JSTestGlobalObjectConstructorTableValues[] =
@@ -1568,6 +1571,17 @@
return IDLAttribute<JSTestGlobalObject>::get<jsTestGlobalObject_TestStringifierReadWriteAttributeConstructorGetter>(*lexicalGlobalObject, thisValue, attributeName);
}
+static inline JSValue jsTestGlobalObject_TestTaggedWrapperConstructorGetter(JSGlobalObject& lexicalGlobalObject, JSTestGlobalObject& thisObject)
+{
+ UNUSED_PARAM(lexicalGlobalObject);
+ return JSTestTaggedWrapper::getConstructor(JSC::getVM(&lexicalGlobalObject), &thisObject);
+}
+
+JSC_DEFINE_CUSTOM_GETTER(jsTestGlobalObject_TestTaggedWrapperConstructor, (JSGlobalObject* lexicalGlobalObject, EncodedJSValue thisValue, PropertyName attributeName))
+{
+ return IDLAttribute<JSTestGlobalObject>::get<jsTestGlobalObject_TestTaggedWrapperConstructorGetter>(*lexicalGlobalObject, thisValue, attributeName);
+}
+
static inline JSValue jsTestGlobalObject_TestTypedefsConstructorGetter(JSGlobalObject& lexicalGlobalObject, JSTestGlobalObject& thisObject)
{
UNUSED_PARAM(lexicalGlobalObject);
Added: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestTaggedWrapper.cpp (0 => 289531)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestTaggedWrapper.cpp (rev 0)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestTaggedWrapper.cpp 2022-02-10 14:46:18 UTC (rev 289531)
@@ -0,0 +1,255 @@
+/*
+ This file is part of the WebKit open source project.
+ This file has been generated by generate-bindings.pl. DO NOT MODIFY!
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public
+ License as published by the Free Software Foundation; either
+ version 2 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public License
+ along with this library; see the file COPYING.LIB. If not, write to
+ the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+*/
+
+#include "config.h"
+#include "JSTestTaggedWrapper.h"
+
+#include "ActiveDOMObject.h"
+#include "DOMIsoSubspaces.h"
+#include "JSDOMBinding.h"
+#include "JSDOMConstructorNotConstructable.h"
+#include "JSDOMExceptionHandling.h"
+#include "JSDOMGlobalObjectInlines.h"
+#include "JSDOMWrapperCache.h"
+#include "ScriptExecutionContext.h"
+#include "WebCoreJSClientData.h"
+#include <_javascript_Core/FunctionPrototype.h>
+#include <_javascript_Core/HeapAnalyzer.h>
+#include <_javascript_Core/JSCInlines.h>
+#include <_javascript_Core/JSDestructibleObjectHeapCellType.h>
+#include <_javascript_Core/SlotVisitorMacros.h>
+#include <_javascript_Core/SubspaceInlines.h>
+#include <wtf/GetPtr.h>
+#include <wtf/PointerPreparations.h>
+#include <wtf/URL.h>
+
+
+namespace WebCore {
+using namespace JSC;
+
+// Attributes
+
+static JSC_DECLARE_CUSTOM_GETTER(jsTestTaggedWrapperConstructor);
+
+class JSTestTaggedWrapperPrototype final : public JSC::JSNonFinalObject {
+public:
+ using Base = JSC::JSNonFinalObject;
+ static JSTestTaggedWrapperPrototype* create(JSC::VM& vm, JSDOMGlobalObject* globalObject, JSC::Structure* structure)
+ {
+ JSTestTaggedWrapperPrototype* ptr = new (NotNull, JSC::allocateCell<JSTestTaggedWrapperPrototype>(vm)) JSTestTaggedWrapperPrototype(vm, globalObject, structure);
+ ptr->finishCreation(vm);
+ return ptr;
+ }
+
+ DECLARE_INFO;
+ template<typename CellType, JSC::SubspaceAccess>
+ static JSC::IsoSubspace* subspaceFor(JSC::VM& vm)
+ {
+ STATIC_ASSERT_ISO_SUBSPACE_SHARABLE(JSTestTaggedWrapperPrototype, Base);
+ return &vm.plainObjectSpace();
+ }
+ static JSC::Structure* createStructure(JSC::VM& vm, JSC::JSGlobalObject* globalObject, JSC::JSValue prototype)
+ {
+ return JSC::Structure::create(vm, globalObject, prototype, JSC::TypeInfo(JSC::ObjectType, StructureFlags), info());
+ }
+
+private:
+ JSTestTaggedWrapperPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure)
+ : JSC::JSNonFinalObject(vm, structure)
+ {
+ }
+
+ void finishCreation(JSC::VM&);
+};
+STATIC_ASSERT_ISO_SUBSPACE_SHARABLE(JSTestTaggedWrapperPrototype, JSTestTaggedWrapperPrototype::Base);
+
+using JSTestTaggedWrapperDOMConstructor = JSDOMConstructorNotConstructable<JSTestTaggedWrapper>;
+
+template<> const ClassInfo JSTestTaggedWrapperDOMConstructor::s_info = { "TestTaggedWrapper", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSTestTaggedWrapperDOMConstructor) };
+
+template<> JSValue JSTestTaggedWrapperDOMConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject)
+{
+ UNUSED_PARAM(vm);
+ return globalObject.functionPrototype();
+}
+
+template<> void JSTestTaggedWrapperDOMConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject)
+{
+ putDirect(vm, vm.propertyNames->length, jsNumber(0), JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum);
+ JSString* nameString = jsNontrivialString(vm, "TestTaggedWrapper"_s);
+ m_originalName.set(vm, this, nameString);
+ putDirect(vm, vm.propertyNames->name, nameString, JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum);
+ putDirect(vm, vm.propertyNames->prototype, JSTestTaggedWrapper::prototype(vm, globalObject), JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum | JSC::PropertyAttribute::DontDelete);
+}
+
+/* Hash table for prototype */
+
+static const HashTableValue JSTestTaggedWrapperPrototypeTableValues[] =
+{
+ { "constructor", static_cast<unsigned>(JSC::PropertyAttribute::DontEnum), NoIntrinsic, { (intptr_t)static_cast<PropertySlot::GetValueFunc>(jsTestTaggedWrapperConstructor), (intptr_t) static_cast<PutPropertySlot::PutValueFunc>(0) } },
+};
+
+const ClassInfo JSTestTaggedWrapperPrototype::s_info = { "TestTaggedWrapper", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSTestTaggedWrapperPrototype) };
+
+void JSTestTaggedWrapperPrototype::finishCreation(VM& vm)
+{
+ Base::finishCreation(vm);
+ reifyStaticProperties(vm, JSTestTaggedWrapper::info(), JSTestTaggedWrapperPrototypeTableValues, *this);
+ JSC_TO_STRING_TAG_WITHOUT_TRANSITION();
+}
+
+const ClassInfo JSTestTaggedWrapper::s_info = { "TestTaggedWrapper", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSTestTaggedWrapper) };
+
+JSTestTaggedWrapper::JSTestTaggedWrapper(Structure* structure, JSDOMGlobalObject& globalObject, Ref<TestTaggedWrapper>&& impl)
+ : JSDOMWrapper<TestTaggedWrapper, SignedPtrTraits<TestTaggedWrapper, TestTaggedWrapperPtrTag>>(structure, globalObject, WTFMove(impl))
+{
+}
+
+void JSTestTaggedWrapper::finishCreation(VM& vm)
+{
+ Base::finishCreation(vm);
+ ASSERT(inherits(vm, info()));
+
+ static_assert(!std::is_base_of<ActiveDOMObject, TestTaggedWrapper>::value, "Interface is not marked as [ActiveDOMObject] even though implementation class subclasses ActiveDOMObject.");
+
+}
+
+JSObject* JSTestTaggedWrapper::createPrototype(VM& vm, JSDOMGlobalObject& globalObject)
+{
+ return JSTestTaggedWrapperPrototype::create(vm, &globalObject, JSTestTaggedWrapperPrototype::createStructure(vm, &globalObject, globalObject.objectPrototype()));
+}
+
+JSObject* JSTestTaggedWrapper::prototype(VM& vm, JSDOMGlobalObject& globalObject)
+{
+ return getDOMPrototype<JSTestTaggedWrapper>(vm, globalObject);
+}
+
+JSValue JSTestTaggedWrapper::getConstructor(VM& vm, const JSGlobalObject* globalObject)
+{
+ return getDOMConstructor<JSTestTaggedWrapperDOMConstructor, DOMConstructorID::TestTaggedWrapper>(vm, *jsCast<const JSDOMGlobalObject*>(globalObject));
+}
+
+void JSTestTaggedWrapper::destroy(JSC::JSCell* cell)
+{
+ JSTestTaggedWrapper* thisObject = static_cast<JSTestTaggedWrapper*>(cell);
+ thisObject->JSTestTaggedWrapper::~JSTestTaggedWrapper();
+}
+
+JSC_DEFINE_CUSTOM_GETTER(jsTestTaggedWrapperConstructor, (JSGlobalObject* lexicalGlobalObject, EncodedJSValue thisValue, PropertyName))
+{
+ VM& vm = JSC::getVM(lexicalGlobalObject);
+ auto throwScope = DECLARE_THROW_SCOPE(vm);
+ auto* prototype = jsDynamicCast<JSTestTaggedWrapperPrototype*>(vm, JSValue::decode(thisValue));
+ if (UNLIKELY(!prototype))
+ return throwVMTypeError(lexicalGlobalObject, throwScope);
+ return JSValue::encode(JSTestTaggedWrapper::getConstructor(JSC::getVM(lexicalGlobalObject), prototype->globalObject()));
+}
+
+JSC::IsoSubspace* JSTestTaggedWrapper::subspaceForImpl(JSC::VM& vm)
+{
+ auto& clientData = *static_cast<JSVMClientData*>(vm.clientData);
+ auto& spaces = clientData.subspaces();
+ if (auto* space = spaces.m_subspaceForTestTaggedWrapper.get())
+ return space;
+ static_assert(std::is_base_of_v<JSC::JSDestructibleObject, JSTestTaggedWrapper> || !JSTestTaggedWrapper::needsDestruction);
+ if constexpr (std::is_base_of_v<JSC::JSDestructibleObject, JSTestTaggedWrapper>)
+ spaces.m_subspaceForTestTaggedWrapper = makeUnique<IsoSubspace> ISO_SUBSPACE_INIT(vm.heap, vm.destructibleObjectHeapCellType(), JSTestTaggedWrapper);
+ else
+ spaces.m_subspaceForTestTaggedWrapper = makeUnique<IsoSubspace> ISO_SUBSPACE_INIT(vm.heap, vm.cellHeapCellType(), JSTestTaggedWrapper);
+ auto* space = spaces.m_subspaceForTestTaggedWrapper.get();
+IGNORE_WARNINGS_BEGIN("unreachable-code")
+IGNORE_WARNINGS_BEGIN("tautological-compare")
+ void (*myVisitOutputConstraint)(JSC::JSCell*, JSC::SlotVisitor&) = JSTestTaggedWrapper::visitOutputConstraints;
+ void (*jsCellVisitOutputConstraint)(JSC::JSCell*, JSC::SlotVisitor&) = JSC::JSCell::visitOutputConstraints;
+ if (myVisitOutputConstraint != jsCellVisitOutputConstraint)
+ clientData.outputConstraintSpaces().append(space);
+IGNORE_WARNINGS_END
+IGNORE_WARNINGS_END
+ return space;
+}
+
+void JSTestTaggedWrapper::analyzeHeap(JSCell* cell, HeapAnalyzer& analyzer)
+{
+ auto* thisObject = jsCast<JSTestTaggedWrapper*>(cell);
+ analyzer.setWrappedObjectForCell(cell, &thisObject->wrapped());
+ if (thisObject->scriptExecutionContext())
+ analyzer.setLabelForCell(cell, "url " + thisObject->scriptExecutionContext()->url().string());
+ Base::analyzeHeap(cell, analyzer);
+}
+
+bool JSTestTaggedWrapperOwner::isReachableFromOpaqueRoots(JSC::Handle<JSC::Unknown> handle, void*, AbstractSlotVisitor& visitor, const char** reason)
+{
+ UNUSED_PARAM(handle);
+ UNUSED_PARAM(visitor);
+ UNUSED_PARAM(reason);
+ return false;
+}
+
+void JSTestTaggedWrapperOwner::finalize(JSC::Handle<JSC::Unknown> handle, void* context)
+{
+ auto* jsTestTaggedWrapper = static_cast<JSTestTaggedWrapper*>(handle.slot()->asCell());
+ auto& world = *static_cast<DOMWrapperWorld*>(context);
+ uncacheWrapper(world, &jsTestTaggedWrapper->wrapped(), jsTestTaggedWrapper);
+}
+
+#if ENABLE(BINDING_INTEGRITY)
+#if PLATFORM(WIN)
+#pragma warning(disable: 4483)
+extern "C" { extern void (*const __identifier("??_7TestTaggedWrapper@WebCore@@6B@")[])(); }
+#else
+extern "C" { extern void* _ZTVN7WebCore17TestTaggedWrapperE[]; }
+#endif
+#endif
+
+JSC::JSValue toJSNewlyCreated(JSC::JSGlobalObject*, JSDOMGlobalObject* globalObject, Ref<TestTaggedWrapper>&& impl)
+{
+
+ if constexpr (std::is_polymorphic_v<TestTaggedWrapper>) {
+#if ENABLE(BINDING_INTEGRITY)
+ const void* actualVTablePointer = getVTablePointer(impl.ptr());
+#if PLATFORM(WIN)
+ void* expectedVTablePointer = __identifier("??_7TestTaggedWrapper@WebCore@@6B@");
+#else
+ void* expectedVTablePointer = &_ZTVN7WebCore17TestTaggedWrapperE[2];
+#endif
+
+ // If you hit this assertion you either have a use after free bug, or
+ // TestTaggedWrapper has subclasses. If TestTaggedWrapper has subclasses that get passed
+ // to toJS() we currently require TestTaggedWrapper you to opt out of binding hardening
+ // by adding the SkipVTableValidation attribute to the interface IDL definition
+ RELEASE_ASSERT(actualVTablePointer == expectedVTablePointer);
+#endif
+ }
+ return createWrapper<TestTaggedWrapper>(globalObject, WTFMove(impl));
+}
+
+JSC::JSValue toJS(JSC::JSGlobalObject* lexicalGlobalObject, JSDOMGlobalObject* globalObject, TestTaggedWrapper& impl)
+{
+ return wrap(lexicalGlobalObject, globalObject, impl);
+}
+
+TestTaggedWrapper* JSTestTaggedWrapper::toWrapped(JSC::VM& vm, JSC::JSValue value)
+{
+ if (auto* wrapper = jsDynamicCast<JSTestTaggedWrapper*>(vm, value))
+ return &wrapper->wrapped();
+ return nullptr;
+}
+
+}
Added: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestTaggedWrapper.h (0 => 289531)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestTaggedWrapper.h (rev 0)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestTaggedWrapper.h 2022-02-10 14:46:18 UTC (rev 289531)
@@ -0,0 +1,94 @@
+/*
+ This file is part of the WebKit open source project.
+ This file has been generated by generate-bindings.pl. DO NOT MODIFY!
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public
+ License as published by the Free Software Foundation; either
+ version 2 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public License
+ along with this library; see the file COPYING.LIB. If not, write to
+ the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+*/
+
+#pragma once
+
+#include "JSDOMWrapper.h"
+#include "TestTaggedWrapper.h"
+#include <wtf/NeverDestroyed.h>
+
+namespace WebCore {
+
+WTF_DECLARE_PTRTAG(TestTaggedWrapperPtrTag)
+class JSTestTaggedWrapper : public JSDOMWrapper<TestTaggedWrapper, SignedPtrTraits<TestTaggedWrapper, TestTaggedWrapperPtrTag>> {
+public:
+ using Base = JSDOMWrapper<TestTaggedWrapper, SignedPtrTraits<TestTaggedWrapper, TestTaggedWrapperPtrTag>>;
+ static JSTestTaggedWrapper* create(JSC::Structure* structure, JSDOMGlobalObject* globalObject, Ref<TestTaggedWrapper>&& impl)
+ {
+ JSTestTaggedWrapper* ptr = new (NotNull, JSC::allocateCell<JSTestTaggedWrapper>(globalObject->vm())) JSTestTaggedWrapper(structure, *globalObject, WTFMove(impl));
+ ptr->finishCreation(globalObject->vm());
+ return ptr;
+ }
+
+ static JSC::JSObject* createPrototype(JSC::VM&, JSDOMGlobalObject&);
+ static JSC::JSObject* prototype(JSC::VM&, JSDOMGlobalObject&);
+ static TestTaggedWrapper* toWrapped(JSC::VM&, JSC::JSValue);
+ static void destroy(JSC::JSCell*);
+
+ DECLARE_INFO;
+
+ static JSC::Structure* createStructure(JSC::VM& vm, JSC::JSGlobalObject* globalObject, JSC::JSValue prototype)
+ {
+ return JSC::Structure::create(vm, globalObject, prototype, JSC::TypeInfo(JSC::ObjectType, StructureFlags), info(), JSC::NonArray);
+ }
+
+ static JSC::JSValue getConstructor(JSC::VM&, const JSC::JSGlobalObject*);
+ template<typename, JSC::SubspaceAccess mode> static JSC::IsoSubspace* subspaceFor(JSC::VM& vm)
+ {
+ if constexpr (mode == JSC::SubspaceAccess::Concurrently)
+ return nullptr;
+ return subspaceForImpl(vm);
+ }
+ static JSC::IsoSubspace* subspaceForImpl(JSC::VM& vm);
+ static void analyzeHeap(JSCell*, JSC::HeapAnalyzer&);
+protected:
+ JSTestTaggedWrapper(JSC::Structure*, JSDOMGlobalObject&, Ref<TestTaggedWrapper>&&);
+
+ void finishCreation(JSC::VM&);
+};
+
+class JSTestTaggedWrapperOwner final : public JSC::WeakHandleOwner {
+public:
+ bool isReachableFromOpaqueRoots(JSC::Handle<JSC::Unknown>, void* context, JSC::AbstractSlotVisitor&, const char**) final;
+ void finalize(JSC::Handle<JSC::Unknown>, void* context) final;
+};
+
+inline JSC::WeakHandleOwner* wrapperOwner(DOMWrapperWorld&, TestTaggedWrapper*)
+{
+ static NeverDestroyed<JSTestTaggedWrapperOwner> owner;
+ return &owner.get();
+}
+
+inline void* wrapperKey(TestTaggedWrapper* wrappableObject)
+{
+ return wrappableObject;
+}
+
+JSC::JSValue toJS(JSC::JSGlobalObject*, JSDOMGlobalObject*, TestTaggedWrapper&);
+inline JSC::JSValue toJS(JSC::JSGlobalObject* lexicalGlobalObject, JSDOMGlobalObject* globalObject, TestTaggedWrapper* impl) { return impl ? toJS(lexicalGlobalObject, globalObject, *impl) : JSC::jsNull(); }
+JSC::JSValue toJSNewlyCreated(JSC::JSGlobalObject*, JSDOMGlobalObject*, Ref<TestTaggedWrapper>&&);
+inline JSC::JSValue toJSNewlyCreated(JSC::JSGlobalObject* lexicalGlobalObject, JSDOMGlobalObject* globalObject, RefPtr<TestTaggedWrapper>&& impl) { return impl ? toJSNewlyCreated(lexicalGlobalObject, globalObject, impl.releaseNonNull()) : JSC::jsNull(); }
+
+template<> struct JSDOMWrapperConverterTraits<TestTaggedWrapper> {
+ using WrapperClass = JSTestTaggedWrapper;
+ using ToWrappedReturnType = TestTaggedWrapper*;
+};
+
+} // namespace WebCore
Modified: trunk/Source/WebCore/bindings/scripts/test/SupplementalDependencies.dep (289530 => 289531)
--- trunk/Source/WebCore/bindings/scripts/test/SupplementalDependencies.dep 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/bindings/scripts/test/SupplementalDependencies.dep 2022-02-10 14:46:18 UTC (rev 289531)
@@ -112,6 +112,7 @@
JSTestStringifierOperationNamedToString.h:
JSTestStringifierReadOnlyAttribute.h:
JSTestStringifierReadWriteAttribute.h:
+JSTestTaggedWrapper.h:
JSTestTypedefs.h:
JSTestVoidCallbackFunction.h:
JSWorkerGlobalScope.h: WorkerGlobalScopeConstructors.idl
Added: trunk/Source/WebCore/bindings/scripts/test/TestTaggedWrapper.idl (0 => 289531)
--- trunk/Source/WebCore/bindings/scripts/test/TestTaggedWrapper.idl (rev 0)
+++ trunk/Source/WebCore/bindings/scripts/test/TestTaggedWrapper.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary form, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Apple Inc. ("Apple") nor the names of
+ * its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+[
+ Exposed=TestGlobalObject,
+ TaggedWrapper
+] interface TestTaggedWrapper {
+
+};
Modified: trunk/Source/WebCore/css/DOMMatrixReadOnly.idl (289530 => 289531)
--- trunk/Source/WebCore/css/DOMMatrixReadOnly.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/css/DOMMatrixReadOnly.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -26,6 +26,7 @@
[
ExportMacro=WEBCORE_EXPORT,
Exposed=(Window,Worker),
+ TaggedWrapper,
] interface DOMMatrixReadOnly {
[CallWith=CurrentScriptExecutionContext] constructor(optional (DOMString or sequence<unrestricted double>) init);
Modified: trunk/Source/WebCore/dom/DOMPointReadOnly.idl (289530 => 289531)
--- trunk/Source/WebCore/dom/DOMPointReadOnly.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/dom/DOMPointReadOnly.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -32,6 +32,7 @@
[
ExportMacro=WEBCORE_EXPORT,
Exposed=(Window,Worker),
+ TaggedWrapper,
] interface DOMPointReadOnly {
constructor(DOMPointInit point);
constructor(optional unrestricted double x = 0, optional unrestricted double y = 0, optional unrestricted double z = 0, optional unrestricted double w = 1);
Modified: trunk/Source/WebCore/dom/DOMQuad.idl (289530 => 289531)
--- trunk/Source/WebCore/dom/DOMQuad.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/dom/DOMQuad.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -27,7 +27,8 @@
[
Exposed=(Window,Worker),
- JSCustomMarkFunction
+ JSCustomMarkFunction,
+ TaggedWrapper,
] interface DOMQuad {
constructor(optional DOMPointInit p1, optional DOMPointInit p2, optional DOMPointInit p3, optional DOMPointInit p4);
Modified: trunk/Source/WebCore/dom/DOMRectReadOnly.idl (289530 => 289531)
--- trunk/Source/WebCore/dom/DOMRectReadOnly.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/dom/DOMRectReadOnly.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -29,6 +29,7 @@
ExportMacro=WEBCORE_EXPORT,
Exposed=(Window,Worker),
GenerateIsReachable=Impl,
+ TaggedWrapper,
] interface DOMRectReadOnly {
constructor(optional unrestricted double x = 0, optional unrestricted double y = 0, optional unrestricted double width = 0, optional unrestricted double height = 0);
Modified: trunk/Source/WebCore/domjit/JSDocumentDOMJIT.cpp (289530 => 289531)
--- trunk/Source/WebCore/domjit/JSDocumentDOMJIT.cpp 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/domjit/JSDocumentDOMJIT.cpp 2022-02-10 14:46:18 UTC (rev 289531)
@@ -60,6 +60,8 @@
GPRReg scratch = params.gpScratch(0);
jit.loadPtr(CCallHelpers::Address(document, JSDocument::offsetOfWrapped()), scratch);
+ static_assert(!JSDocument::hasCustomPtrTraits(), "Optimized JSDocument wrapper access should not be using RawPtrTraits");
+
DOMJIT::loadDocumentElement(jit, scratch, scratch);
auto nullCase = jit.branchTestPtr(CCallHelpers::Zero, scratch);
DOMJIT::toWrapper<Element>(jit, params, scratch, globalObject, result, DOMJIT::operationToJSElement, globalObjectValue);
@@ -94,6 +96,8 @@
GPRReg scratch2 = params.gpScratch(1);
jit.loadPtr(CCallHelpers::Address(document, JSDocument::offsetOfWrapped()), scratch1);
+ static_assert(!JSDocument::hasCustomPtrTraits(), "Optimized JSDocument wrapper access should not be using RawPtrTraits");
+
DOMJIT::loadDocumentElement(jit, scratch1, scratch1);
CCallHelpers::JumpList nullCases;
Modified: trunk/Source/WebCore/domjit/JSNodeDOMJIT.cpp (289530 => 289531)
--- trunk/Source/WebCore/domjit/JSNodeDOMJIT.cpp 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/domjit/JSNodeDOMJIT.cpp 2022-02-10 14:46:18 UTC (rev 289531)
@@ -62,6 +62,7 @@
CCallHelpers::JumpList nullCases;
// Load a wrapped object. "node" should be already type checked by CheckDOM.
jit.loadPtr(CCallHelpers::Address(node, JSNode::offsetOfWrapped()), scratch);
+ static_assert(!JSNode::hasCustomPtrTraits(), "Optimized JSNode wrapper access should not be using RawPtrTraits");
if (isContainerGuardRequirement == IsContainerGuardRequirement::Required)
nullCases.append(jit.branchTest32(CCallHelpers::Zero, CCallHelpers::Address(scratch, Node::nodeFlagsMemoryOffset()), CCallHelpers::TrustedImm32(Node::flagIsContainer())));
@@ -144,6 +145,8 @@
GPRReg document = params.gpScratch(1);
jit.loadPtr(CCallHelpers::Address(node, JSNode::offsetOfWrapped()), wrapped);
+ static_assert(!JSNode::hasCustomPtrTraits(), "Optimized JSNode wrapper access should not be using RawPtrTraits");
+
DOMJIT::loadDocument(jit, wrapped, document);
RELEASE_ASSERT(!CAST_OFFSET(EventTarget*, Node*));
RELEASE_ASSERT(!CAST_OFFSET(Node*, Document*));
Modified: trunk/Source/WebCore/html/TimeRanges.idl (289530 => 289531)
--- trunk/Source/WebCore/html/TimeRanges.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/html/TimeRanges.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -26,7 +26,8 @@
[
Conditional=VIDEO,
ExportMacro=WEBCORE_EXPORT,
- Exposed=Window
+ Exposed=Window,
+ TaggedWrapper
] interface TimeRanges {
readonly attribute unsigned long length;
unrestricted double start(unsigned long index);
Modified: trunk/Source/WebCore/html/canvas/OffscreenCanvasRenderingContext2D.idl (289530 => 289531)
--- trunk/Source/WebCore/html/canvas/OffscreenCanvasRenderingContext2D.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/html/canvas/OffscreenCanvasRenderingContext2D.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -32,6 +32,7 @@
Exposed=(Window,Worker),
JSGenerateToJSObject,
JSCustomMarkFunction,
+ TaggedWrapper,
// CallTracer=InspectorCanvasCallTracer, // FIXME: OffscreenCanvas.
] interface OffscreenCanvasRenderingContext2D {
readonly attribute OffscreenCanvas canvas;
Modified: trunk/Source/WebCore/html/canvas/PaintRenderingContext2D.idl (289530 => 289531)
--- trunk/Source/WebCore/html/canvas/PaintRenderingContext2D.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/html/canvas/PaintRenderingContext2D.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -29,7 +29,8 @@
Conditional=CSS_PAINTING_API,
JSGenerateToJSObject,
JSCustomMarkFunction,
- Exposed=PaintWorklet
+ Exposed=PaintWorklet,
+ TaggedWrapper,
] interface PaintRenderingContext2D {
};
Modified: trunk/Source/WebCore/svg/SVGMatrix.idl (289530 => 289531)
--- trunk/Source/WebCore/svg/SVGMatrix.idl 2022-02-10 14:23:15 UTC (rev 289530)
+++ trunk/Source/WebCore/svg/SVGMatrix.idl 2022-02-10 14:46:18 UTC (rev 289531)
@@ -23,7 +23,8 @@
// FIXME: This should be removed and made an alias to DOMRect.
[
SkipVTableValidation,
- Exposed=Window
+ Exposed=Window,
+ TaggedWrapper,
] interface SVGMatrix {
// FIXME: these attributes should all be floats but since we implement
// AffineTransform with doubles setting these as doubles makes more sense.
