Timeline



May 18, 2019: Yesterday

5:42 PM Changeset in webkit [245500] by jiewen_tan@apple.com
  • 19 edits in trunk

[WebAuthN] Allow authenticators that support both CTAP and U2F to try U2F if CTAP fails in authenticatorGetAssertion
https://bugs.webkit.org/show_bug.cgi?id=197974
<rdar://problem/50879746>

Reviewed by Brent Fulgham.

Source/WebKit:

Authenticators that support both CTAP and U2F protocols can be used in a U2F enabled browser to create a credential in
U2F format. When such authenticator is used to login in WebKit, it will be treated as a CTAP authenticator. Since the
previous credential is in U2F format, the authenticator will not consider that as a valid credential when CTAP requests
come along for that U2F credential. Therefore the previous created U2F credential will not be asked at all, and users
will not be able to login. This situation is not well documented in the CTAP/WebAuthN spec yet.

To workaround the above issue, an authenticator that supports both protocols will be downgraded to a U2F authenticator
to ask a potential U2F credential once a valid error is returned regarding to the first CTAP request.

  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreSetWebAuthenticationMockConfiguration):

  • UIProcess/WebAuthentication/Authenticator.h:
  • UIProcess/WebAuthentication/AuthenticatorManager.cpp:

(WebKit::AuthenticatorManager::downgrade):

  • UIProcess/WebAuthentication/AuthenticatorManager.h:
  • UIProcess/WebAuthentication/Mock/MockHidConnection.cpp:

(WebKit::MockHidConnection::parseRequest):
(WebKit::MockHidConnection::feedReports):

  • UIProcess/WebAuthentication/Mock/MockWebAuthenticationConfiguration.h:
  • UIProcess/WebAuthentication/fido/CtapHidAuthenticator.cpp:

(WebKit::CtapHidAuthenticator::makeCredential):
(WebKit::CtapHidAuthenticator::getAssertion):
(WebKit::CtapHidAuthenticator::continueGetAssertionAfterResponseReceived):
(WebKit::CtapHidAuthenticator::tryDowngrade):
(WebKit::CtapHidAuthenticator::continueGetAssertionAfterResponseReceived const): Deleted.

  • UIProcess/WebAuthentication/fido/CtapHidAuthenticator.h:

Tools:

Add a canDowngrade option for mock hid devices to simulate the situation.

  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setWebAuthenticationMockConfiguration):

LayoutTests:

  • http/wpt/webauthn/public-key-credential-get-failure-hid-silent.https-expected.txt:
  • http/wpt/webauthn/public-key-credential-get-failure-hid-silent.https.html:
  • http/wpt/webauthn/public-key-credential-get-failure-hid.https-expected.txt:
  • http/wpt/webauthn/public-key-credential-get-failure-hid.https.html:
  • http/wpt/webauthn/public-key-credential-get-success-u2f.https-expected.txt:
  • http/wpt/webauthn/public-key-credential-get-success-u2f.https.html:
  • http/wpt/webauthn/resources/util.js:
12:12 AM Changeset in webkit [245499] by tzagallo@apple.com
  • 7 edits in trunk

Add extra information to dumpJITMemory
https://bugs.webkit.org/show_bug.cgi?id=197998

Reviewed by Saam Barati.

Source/JavaScriptCore:

Add ktrace events around the memory dump and mach_absolute_time to link the
events with the entries in the dump. Additionally, add a background queue
to flush on a configurable interval, since the atexit callback does not work
in every situation.

  • jit/ExecutableAllocator.cpp:

(JSC::dumpJITMemory):

  • runtime/Options.h:

Source/WTF:

Add a new trace point code for JSC::dumpJITMemory

  • wtf/SystemTracing.h:

Tools:

Add description for the new dumpJITMemory trace point code.

  • Tracing/SystemTracePoints.plist:

May 17, 2019:

10:27 PM Changeset in webkit [245498] by Devin Rousso
  • 12 edits
    1 copy in trunk/Source/WebInspectorUI

Web Inspector: Timelines: CPU/memory timeline bars sometimes don't draw correctly and jump around on scrolling
https://bugs.webkit.org/show_bug.cgi?id=197440
<rdar://problem/46886315>

Reviewed by Joseph Pecoraro.

When drawing the Memory/CPU graphs, we need to know about the record immediately before/after
what's overlapping the visible range so that the graph correctly slopes off the screen.

  • UserInterface/Models/Timeline.js:

(WI.Timeline.prototype.recordsInTimeRange):
(WI.Timeline.prototype.recordsOverlappingTimeRange): Deleted.
Merge recordsOverlappingTimeRange into recordsInTimeRange by accepting an options object
that determines whether to include the record before/after the first/last record that are
at all overlapping the range.

  • UserInterface/Models/CPUTimelineRecord.js:

(WI.CPUTimelineRecord):
(WI.CPUTimelineRecord.get samplingRatePerSecond): Added.
(WI.CPUTimelineRecord.prototype.adjustStartTimeToLastRecord): Added.

  • UserInterface/Models/MemoryTimelineRecord.js:

(WI.MemoryTimelineRecord):
(WI.MemoryTimelineRecord.get samplingRatePerSecond): Added.
(WI.MemoryTimelineRecord.prototype.adjustStartTimeToLastRecord): Added.
Adjust the startTime of the record by the sampling rate (which is 500ms).

  • UserInterface/Models/CPUTimeline.js: Added.

(WI.CPUTimeline.prototype.addRecord):

  • UserInterface/Models/MemoryTimeline.js:

(WI.MemoryTimeline.prototype.addRecord): Added.
Adjust the startTime of the new record to be equal to the endTime of the last record.

  • UserInterface/Views/TimelineOverview.js:

(WI.TimelineOverview.prototype._recordSelected):

  • UserInterface/Views/CPUTimelineView.js:

(WI.CPUTimelineView.prototype.layout):
(WI.CPUTimelineView.prototype._computeStatisticsData):
(WI.CPUTimelineView.prototype._attemptSelectIndicatatorTimelineRecord):

  • UserInterface/Views/CPUTimelineOverviewGraph.js:

(WI.CPUTimelineOverviewGraph.prototype.layout):
(WI.CPUTimelineOverviewGraph.prototype._handleChartClick):
(WI.CPUTimelineOverviewGraph.prototype.get samplingRatePerSecond): Deleted.
(WI.CPUTimelineOverviewGraph.prototype.layout.yScaleForRecord): Deleted.

  • UserInterface/Views/MemoryTimelineView.js:

(WI.MemoryTimelineView.prototype.layout):

  • UserInterface/Views/MemoryTimelineOverviewGraph.js:

(WI.MemoryTimelineOverviewGraph.prototype.layout):

  • UserInterface/Main.html:
  • UserInterface/Test.html:
10:10 PM Changeset in webkit [245497] by Devin Rousso
  • 6 edits in trunk/Source/WebInspectorUI

Web Inspector: Audit: make it easier to jump to any returned DOM node in the Elements tab
https://bugs.webkit.org/show_bug.cgi?id=197470
<rdar://problem/50466774>

Reviewed by Joseph Pecoraro.

Right now, the only way to jump to the Elements tab for any DOM nodes returned by an audit
is to context menu and "Reveal in DOM Tree". Providing a more visible/discoverable way to
jump to the Elements tab will help developers diagnose issues easier.

  • UserInterface/Views/AuditTestCaseContentView.js:

(WI.AuditTestCaseContentView.prototype.layout):

  • UserInterface/Views/AuditTestCaseContentView.css:

(.content-view.audit-test-case > section table):

  • UserInterface/Views/DOMTreeElement.js:

(WI.DOMTreeElement):
(WI.DOMTreeElement.prototype.set showGoToArrow): Added.
(WI.DOMTreeElement.prototype._buildTagDOM):
(WI.DOMTreeElement.prototype._nodeTitleInfo):
Provide a way to insert a go-to arrow right after the:

  • open tag, if the close tag is rendered on a separate line
  • close tag, if the close tag is rendered on the same line
  • UserInterface/Views/DOMTreeOutline.js:

(WI.DOMTreeOutline):
Allow DOMTreeOutline to be non-selectable.

  • UserInterface/Views/DOMTreeOutline.css:

(.tree-outline.dom:not(.non-selectable):focus li:matches(.selected, .hovered) .selection-area): Added.
(.tree-outline.dom:not(.non-selectable) li.hovered:not(.selected) .selection-area): Added.
(.tree-outline.dom li .html-tag ~ .go-to-arrow): Added.
(.tree-outline.dom li:not(.hovered) .html-tag ~ .go-to-arrow): Added.
(.tree-outline.dom:focus li:matches(.selected, .hovered) .selection-area): Deleted.
(.tree-outline.dom li.hovered:not(.selected) .selection-area): Deleted.
Ensure that hovering a non-selectable node doesn't change the background color.

9:58 PM Changeset in webkit [245496] by justin_michaud@apple.com
  • 20 edits
    4 adds in trunk

[WASM-References] Add support for Anyref in parameters and return types, Ref.null and Ref.is_null for Anyref values.
https://bugs.webkit.org/show_bug.cgi?id=197969

JSTests:

Reviewed by Keith Miller.

Support the anyref type in Builder.js, plus add some extra error logging.
Add new folder for wasm references tests.

  • wasm.yaml:
  • wasm/Builder.js:

(const._isValidValue):

  • wasm/references/anyref_modules.js: Added.

(Call.3.RefIsNull.End.End.WebAssembly.js.ident):
(Call.3.RefIsNull.End.End.WebAssembly.js.make_null):
(Call.3.RefIsNull.End.End.WebAssembly):
(undefined):

  • wasm/references/is_null.js: Added.
  • wasm/references/is_null_error.js: Added.
  • wasm/spec-harness/index.js:
  • wasm/wasm.json:

Source/JavaScriptCore:

Reviewed by Keith Miller.

Add a new runtime option for wasm references.
Add support for Anyref as a value type.
Add support for Anyref in parameters and return types of Wasm functions. JSValues are marshalled into/out of wasm Anyrefs

as a black box, except null which becomes a Nullref value. Nullref is not expressible in the bytecode or in the js API.

Add Ref.null and Ref.is_null for Anyref values. Support for these functions with funcrefs is out of scope.

  • runtime/Options.h:
  • wasm/WasmAirIRGenerator.cpp:

(JSC::Wasm::AirIRGenerator::tmpForType):
(JSC::Wasm::AirIRGenerator::AirIRGenerator):
(JSC::Wasm::AirIRGenerator::addConstant):
(JSC::Wasm::AirIRGenerator::addRefIsNull):
(JSC::Wasm::AirIRGenerator::addReturn):

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::addRefIsNull):

  • wasm/WasmCallingConvention.h:

(JSC::Wasm::CallingConventionAir::marshallArgument const):
(JSC::Wasm::CallingConventionAir::setupCall const):

  • wasm/WasmFormat.h:

(JSC::Wasm::isValueType):

  • wasm/WasmFunctionParser.h:

(JSC::Wasm::FunctionParser<Context>::FunctionParser):
(JSC::Wasm::FunctionParser<Context>::parseExpression):
(JSC::Wasm::FunctionParser<Context>::parseUnreachableExpression):

  • wasm/WasmValidate.cpp:

(JSC::Wasm::Validate::addRefIsNull):

  • wasm/generateWasmOpsHeader.py:

(bitSet):

  • wasm/js/JSToWasm.cpp:

(JSC::Wasm::createJSToWasmWrapper):

  • wasm/js/WasmToJS.cpp:

(JSC::Wasm::wasmToJS):

  • wasm/js/WebAssemblyFunction.cpp:

(JSC::callWebAssemblyFunction):
(JSC::WebAssemblyFunction::jsCallEntrypointSlow):

  • wasm/wasm.json:

Tools:

Run wasm tests additionally with wasmBBQUsesAir=0.

Reviewed by Keith Miller.

  • Scripts/run-jsc-stress-tests:
9:44 PM Changeset in webkit [245495] by Devin Rousso
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: Elements: context menu items in DOM tree should work when not clicking directly on the node representation
https://bugs.webkit.org/show_bug.cgi?id=197541

Reviewed by Timothy Hatcher.

  • UserInterface/Views/DOMTreeElement.js:

(WI.DOMTreeElement.prototype.populateDOMNodeContextMenu): Added.
(WI.DOMTreeElement.prototype._populateTagContextMenu): Deleted.
(WI.DOMTreeElement.prototype._populateTextContextMenu): Deleted.
(WI.DOMTreeElement.prototype._populateNodeContextMenu): Deleted.

  • UserInterface/Views/DOMTreeOutline.js:

(WI.DOMTreeOutline.prototype.populateContextMenu):

  • UserInterface/Views/ContextMenuUtilities.js:

(WI.appendContextMenuItemsForDOMNode):

9:29 PM Changeset in webkit [245494] by commit-queue@webkit.org
  • 12 edits in trunk

Implement CSS display: flow-root (modern clearfix)
https://bugs.webkit.org/show_bug.cgi?id=165603

Patch by Joonghun Park <pjh0718@gmail.com> on 2019-05-17
Reviewed by Zalan Bujtas.

This change follows https://drafts.csswg.org/css-display-3/#valdef-display-flow-root as below.

'display: flow-root' generates a block container box, and lays out its contents using flow layout.
It always establishes a new block formatting context for its contents.

Source/WebCore:

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):

  • css/CSSValueKeywords.in:
  • css/StyleResolver.cpp:

(WebCore::equivalentBlockDisplay):

  • css/parser/CSSParserFastPaths.cpp:

(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::createsNewFormattingContext const):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::createFor):

  • rendering/style/RenderStyleConstants.h:

Source/WebInspectorUI:

  • UserInterface/External/CodeMirror/css.js:

LayoutTests:

8:49 PM Changeset in webkit [245493] by Alan Coon
  • 7 edits in branches/safari-608.1.24-branch/Source

Versioning.

7:38 PM Changeset in webkit [245492] by don.olmstead@sony.com
  • 34 edits
    2 adds
    1 delete in trunk

[CMake] Use builtin FindICU
https://bugs.webkit.org/show_bug.cgi?id=197934

Reviewed by Michael Catanzaro.

.:

Update CMake minimum required to 3.7. 3.7 has a FindICU module so the WebKit one
is removed. For non-Apple ports this just requires adding individual components of
ICU to find_package(ICU). For Apple ports the module does not work so the targets
created in FindICU are mirrored in target/icu.cmake.

  • CMakeLists.txt:
  • Source/cmake/FindICU.cmake: Removed.
  • Source/cmake/OptionsAppleWin.cmake:
  • Source/cmake/OptionsGTK.cmake:
  • Source/cmake/OptionsJSCOnly.cmake:
  • Source/cmake/OptionsMac.cmake:
  • Source/cmake/OptionsPlayStation.cmake:
  • Source/cmake/OptionsWPE.cmake:
  • Source/cmake/OptionsWin.cmake:
  • Source/cmake/OptionsWinCairo.cmake:
  • Source/cmake/target/icu.cmake: Added.

Source/JavaScriptCore:

Remove uses of ICU_INCLUDE_DIRS and ICU_LIBRARIES.

  • CMakeLists.txt:
  • PlatformWin.cmake:

Source/WebCore:

Remove uses of ICU_INCLUDE_DIRS and ICU_LIBRARIES.

  • CMakeLists.txt:
  • PlatformPlayStation.cmake:
  • PlatformWPE.cmake:

Source/WebCore/PAL:

Remove uses of ICU_INCLUDE_DIRS and ICU_LIBRARIES.

  • pal/CMakeLists.txt:

Source/WebDriver:

Remove uses of ICU_INCLUDE_DIRS and ICU_LIBRARIES.

  • PlatformWPE.cmake:

Source/WebKit:

Remove uses of ICU_INCLUDE_DIRS and ICU_LIBRARIES.

  • CMakeLists.txt:

Source/WebKitLegacy:

Remove uses of ICU_INCLUDE_DIRS and ICU_LIBRARIES.

  • CMakeLists.txt:
  • PlatformWin.cmake:

Source/WTF:

Remove uses of ICU_INCLUDE_DIRS and ICU_LIBRARIES. Use ICU:: targets which end
up propagating to all consumers of WTF.

  • wtf/CMakeLists.txt:
  • wtf/PlatformPlayStation.cmake:

Tools:

Remove uses of ICU_INCLUDE_DIRS and ICU_LIBRARIES.

  • TestWebKitAPI/PlatformMac.cmake:
  • TestWebKitAPI/PlatformPlayStation.cmake:
  • TestWebKitAPI/PlatformWin.cmake:
  • WebKitTestRunner/CMakeLists.txt:
7:12 PM Changeset in webkit [245491] by commit-queue@webkit.org
  • 6 edits in trunk

Enable legacy EME for iOS WKWebView
https://bugs.webkit.org/show_bug.cgi?id=197964
<rdar://problem/50625666>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-17
Reviewed by Wenson Hsieh.

Source/WebCore:

This was attempted unsuccessfully in r230169.
Verified manually that it works as desired.

  • page/RuntimeEnabledFeatures.h:

Source/WebKit:

  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/WKWebViewConfiguration.mm:

(TEST):

6:32 PM Changeset in webkit [245490] by simon.fraser@apple.com
  • 6 edits
    2 adds in trunk

REGRESSION (r245170): gmail.com inbox table header flickers
https://bugs.webkit.org/show_bug.cgi?id=198005
<rdar://problem/50907718>

Reviewed by Antti Koivisto.

Source/WebCore:

When a layer started as painting into shared backing, but then became independently
composited (e.g. by having to clip composited children), it wouldn't have the "overlap"
indirect compositing reason. This allowed requiresOwnBackingStore() to say that it
could paint into some ancestor, but this breaks overlap. So in this code path,
put IndirectCompositingReason::Overlap back on the layer which restores the previous
behavior.

Make some logging changes to help diagnose things like this.

Test: compositing/shared-backing/overlap-after-end-sharing.html

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects const):
(WebCore::outputPaintOrderTreeLegend):
(WebCore::outputPaintOrderTreeRecursive):

  • rendering/RenderLayer.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::computeCompositingRequirements):
(WebCore::RenderLayerCompositor::updateBacking):
(WebCore::RenderLayerCompositor::requiresOwnBackingStore const):
(WebCore::RenderLayerCompositor::reasonsForCompositing const):
(WebCore::RenderLayerCompositor::requiresCompositingForIndirectReason const):

  • rendering/RenderLayerCompositor.h:

LayoutTests:

  • compositing/shared-backing/overlap-after-end-sharing-expected.html: Added.
  • compositing/shared-backing/overlap-after-end-sharing.html: Added.
4:45 PM Changeset in webkit [245489] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-build] Add clickable url in UI for uploaded S3 archive
https://bugs.webkit.org/show_bug.cgi?id=197996

Reviewed by Jonathan Bedard.

  • BuildSlaveSupport/ews-build/steps.py:
4:44 PM Changeset in webkit [245488] by sihui_liu@apple.com
  • 2 edits in trunk/Source/WebCore

ASSERTION FAILED: !m_backingStore in WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore(uint64_t)
https://bugs.webkit.org/show_bug.cgi?id=197741
<rdar://problem/50625006>

Reviewed by Youenn Fablet.

If an open request is made before a delete request, open task should be performed before delete task on the
database thread. After r242911, open request needs to wait decision of StorageQuotaManager before posting task
to database thread, while delete request needs not. This makes deletion happen before open.

We need to make sure tasks are in correct order by not starting next open or delete request when database is in
the middle of open or deletion.

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation):
(WebCore::IDBServer::UniqueIDBDatabase::handleDatabaseOperations):

4:41 PM Changeset in webkit [245487] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-app] Status bubble should not turn orange when any build step has warnings
https://bugs.webkit.org/show_bug.cgi?id=198000

Reviewed by Jonathan Bedard.

  • BuildSlaveSupport/ews-app/ews/views/statusbubble.py:

(StatusBubble._does_build_contains_any_failed_step):

4:11 PM Changeset in webkit [245486] by Ross Kirsling
  • 2 edits in trunk/Source/WebInspectorUI

REGRESSION(r244350): Web Inspector: Storage tab data grids aren't editable.
https://bugs.webkit.org/show_bug.cgi?id=198003

Reviewed by Devin Rousso.

  • UserInterface/Views/DOMStorageContentView.js:

(WI.DOMStorageContentView):
Fix typo.

4:09 PM Changeset in webkit [245485] by Alan Coon
  • 1 copy in tags/Safari-608.1.24.5

Tag Safari-608.1.24.5.

4:07 PM Changeset in webkit [245484] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Dark Mode: Fix colors in network table waterfall container
https://bugs.webkit.org/show_bug.cgi?id=197955

Patch by Jamal Nasser <jamaln@mail.com> on 2019-05-17
Reviewed by Devin Rousso.

  • UserInterface/Views/NetworkTableContentView.css:

(.network-table :not(.header) .cell.waterfall .waterfall-container > .dom-event):
(.network-table :not(.header) .cell.waterfall .waterfall-container > .dom-activity):
(.network-table :not(.header) .cell.waterfall .waterfall-container > .area.dom-fullscreen):

3:05 PM Changeset in webkit [245483] by graouts@webkit.org
  • 11 edits
    7 adds in trunk

Add a website policy to disable the legacy -webkit-overflow-scrolling:touch behavior
https://bugs.webkit.org/show_bug.cgi?id=197943
<rdar://problem/49078202>

Reviewed by Brent Fulgham.

Source/WebCore:

Tests: fast/scrolling/ipad/overflow-scrolling-touch-enabled-stacking-modern-compatibility-mode.html

platform/ipad/fast/css/webkit-overflow-scrolling-parsing-modern-compatibility-mode.html

  • css/parser/CSSParserContext.cpp:

(WebCore::CSSParserContext::CSSParserContext):

  • loader/DocumentLoader.h:

(WebCore::DocumentLoader::legacyOverflowScrollingTouchPolicy const):
(WebCore::DocumentLoader::setLegacyOverflowScrollingTouchPolicy):

Source/WebKit:

  • Shared/WebsiteLegacyOverflowScrollingTouchPolicy.h: Added.
  • Shared/WebsitePoliciesData.cpp:

(WebKit::WebsitePoliciesData::encode const):
(WebKit::WebsitePoliciesData::decode):
(WebKit::WebsitePoliciesData::applyToDocumentLoader):

  • Shared/WebsitePoliciesData.h:
  • UIProcess/API/APIWebsitePolicies.cpp:

(API::WebsitePolicies::copy const):
(API::WebsitePolicies::data):

  • UIProcess/API/APIWebsitePolicies.h:
  • WebKit.xcodeproj/project.pbxproj:

LayoutTests:

  • fast/scrolling/ipad/overflow-scrolling-touch-enabled-stacking-modern-compatibility-mode-expected.html: Added.
  • fast/scrolling/ipad/overflow-scrolling-touch-enabled-stacking-modern-compatibility-mode.html: Added.
  • platform/ipad/fast/css/webkit-overflow-scrolling-parsing-modern-compatibility-mode-expected.txt: Added.
  • platform/ipad/fast/css/webkit-overflow-scrolling-parsing-modern-compatibility-mode.html: Added.
  • platform/ios/TestExpectations: Skip the new tests since they depend on code in WebKitAdditions.
2:55 PM Changeset in webkit [245482] by Ryan Haddad
  • 1 edit in trunk/LayoutTests/platform/mac/TestExpectations

Unreviewed test gardening for macOS.

  • platform/mac/TestExpectations: Land test expectations for rdar://problem/46000736.
2:50 PM Changeset in webkit [245481] by achristensen@apple.com
  • 22 edits
    6 adds in trunk

Add SPI to set a list of hosts to which to send custom header fields cross-origin
https://bugs.webkit.org/show_bug.cgi?id=197397

Reviewed by Geoff Garen.

Source/WebCore:

In r223001 I added the ability to send custom headers, but with a restriction that they will not be sent except to the origin of the main document.
We need the ability to specify what origins to send these headers to even if they are not first party requests.
We get this information in a list of strings which are the hosts to send the headers to. Some of the strings have an asterisk at the beginning,
indicating that the headers are to be sent to all subdomains.

I repurposed some ObjC SPI that was never adopted, but I keep testing the C API that was to verify no regression.
I also added some new API tests for the new behavior.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • loader/CustomHeaderFields.cpp: Added.

(WebCore::CustomHeaderFields::thirdPartyDomainsMatch const):

  • loader/CustomHeaderFields.h: Added.

(WebCore::CustomHeaderFields::encode const):
(WebCore::CustomHeaderFields::decode):

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::setCustomHeaderFields): Deleted.

  • loader/DocumentLoader.h:

(WebCore::DocumentLoader::setCustomHeaderFields):
(WebCore::DocumentLoader::customHeaderFields const):
(WebCore::DocumentLoader::customHeaderFields): Deleted.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestResource):

Source/WebKit:

  • Shared/API/APIObject.h:
  • Shared/Cocoa/APIObject.mm:

(API::Object::newObject):

  • Shared/WebsitePoliciesData.cpp:

(WebKit::WebsitePoliciesData::decode):

  • Shared/WebsitePoliciesData.h:
  • SourcesCocoa.txt:
  • UIProcess/API/APICustomHeaderFields.h: Added.
  • UIProcess/API/APIWebsitePolicies.cpp:

(API::WebsitePolicies::WebsitePolicies):
(API::WebsitePolicies::copy const):
(API::WebsitePolicies::data):

  • UIProcess/API/APIWebsitePolicies.h:
  • UIProcess/API/C/WKWebsitePolicies.cpp:

(WKWebsitePoliciesCopyCustomHeaderFields):
(WKWebsitePoliciesSetCustomHeaderFields):

  • UIProcess/API/Cocoa/WKWebpagePreferences.mm:

(-[WKWebpagePreferences _customHeaderFields]):
(-[WKWebpagePreferences _setCustomHeaderFields:]):

  • UIProcess/API/Cocoa/WKWebpagePreferencesPrivate.h:
  • UIProcess/API/Cocoa/_WKCustomHeaderFields.h: Added.
  • UIProcess/API/Cocoa/_WKCustomHeaderFields.mm: Added.

(-[_WKCustomHeaderFields init]):
(-[_WKCustomHeaderFields dealloc]):
(-[_WKCustomHeaderFields fields]):
(-[_WKCustomHeaderFields setFields:]):
(-[_WKCustomHeaderFields thirdPartyDomains]):
(-[_WKCustomHeaderFields setThirdPartyDomains:]):
(-[_WKCustomHeaderFields _apiObject]):

  • UIProcess/API/Cocoa/_WKCustomHeaderFieldsInternal.h: Added.
  • UIProcess/API/Cocoa/_WKWebsitePolicies.h:
  • UIProcess/API/Cocoa/_WKWebsitePolicies.mm:

(-[_WKWebsitePolicies customHeaderFields]): Deleted.
(-[_WKWebsitePolicies setCustomHeaderFields:]): Deleted.

  • UIProcess/Cocoa/WebViewImpl.h:
  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::takeFocus):
(WebKit::WebViewImpl::accessibilityAttributeValue):

  • WebKit.xcodeproj/project.pbxproj:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm:

(TEST):
(expectLegacyHeaders):
(expectHeaders):
(-[CustomHeaderFieldsDelegate webView:decidePolicyForNavigationAction:preferences:decisionHandler:]):
(-[CustomHeaderFieldsDelegate webView:startURLSchemeTask:]):
(-[CustomHeaderFieldsDelegate _webView:decidePolicyForNavigationAction:decisionHandler:]): Deleted.

2:37 PM Changeset in webkit [245480] by beidson@apple.com
  • 5 edits in trunk/Source/WebKit

Avoid races in taking networking assertions for downloads by having both Networking and UIProcess do it.
<rdar://problem/50564630> and https://bugs.webkit.org/show_bug.cgi?id=197995

Reviewed by Chris Dumez.

There's a fairly indeterminant time gap between when the UIProcess decides a load becomes a download
and when the NetworkProcess Download object is created, and therefore the download assertion to be taken.

The time gap can be long enough for the Networking process to suspend before the download actually starts.

There's the reverse race when the UIProcess tells a download to stop, as well.

By having both the UIProcess and NetworkProcess take an assertion on behalf of the NetworkProcess we
avoid the race.

  • NetworkProcess/Downloads/DownloadMap.cpp:

(WebKit::DownloadMap::add):
(WebKit::DownloadMap::remove):

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::convertToDownload):

  • UIProcess/Downloads/DownloadProxyMap.cpp:

(WebKit::DownloadProxyMap::createDownloadProxy):
(WebKit::DownloadProxyMap::downloadFinished):
(WebKit::DownloadProxyMap::invalidate):

  • UIProcess/Downloads/DownloadProxyMap.h:
2:31 PM Changeset in webkit [245479] by kocsen_chung@apple.com
  • 7 edits in branches/safari-607-branch/Source

Versioning.

2:29 PM Changeset in webkit [245478] by youenn@apple.com
  • 2 edits in trunk/Source/WebCore

Make AVVideoCaptureSource more robust to configuration failures
https://bugs.webkit.org/show_bug.cgi?id=197997
rdar://problem/50875662

Reviewed by Eric Carlson.

Covered by manual testing.

  • platform/mediastream/mac/AVVideoCaptureSource.mm:

(WebCore::AVVideoCaptureSource::setSessionSizeAndFrameRate):
Make sure to commit configuration once calling beginConfiguration.
In case of error in setting frame rate, log the error but continue capturing.

2:23 PM Changeset in webkit [245477] by kocsen_chung@apple.com
  • 1 copy in tags/Safari-607.3.2

Tag Safari-607.3.2.

1:36 PM Changeset in webkit [245476] by krollin@apple.com
  • 2 edits in trunk/Tools

Unreviewed build fix.

Teach generate-xcfilelists about iphonesimulator.

  • Scripts/webkitpy/generate_xcfilelists_lib/generators.py:

(JavaScriptCoreGenerator):
(WebCoreGenerator):
(WebKitGenerator):

1:34 PM Changeset in webkit [245475] by commit-queue@webkit.org
  • 15 edits
    35 adds in trunk

Implement imagesrcset and imagesizes attributes on link rel=preload
https://bugs.webkit.org/show_bug.cgi?id=192950

Patch by Rob Buis <rbuis@igalia.com> on 2019-05-17
Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Import relevant tests for this feature.

  • web-platform-tests/preload/dynamic-adding-preload-imagesrcset-expected.txt: Added.
  • web-platform-tests/preload/dynamic-adding-preload-imagesrcset.html: Added.
  • web-platform-tests/preload/link-header-preload-delay-onload-expected.txt: Added.
  • web-platform-tests/preload/link-header-preload-delay-onload.html: Added.
  • web-platform-tests/preload/link-header-preload-delay-onload.html.headers: Added.
  • web-platform-tests/preload/link-header-preload-expected.txt: Added.
  • web-platform-tests/preload/link-header-preload-imagesrcset-expected.txt: Added.
  • web-platform-tests/preload/link-header-preload-imagesrcset.html: Added.
  • web-platform-tests/preload/link-header-preload-imagesrcset.html.headers: Added.
  • web-platform-tests/preload/link-header-preload-nonce-expected.txt: Added.
  • web-platform-tests/preload/link-header-preload-nonce.html: Added.
  • web-platform-tests/preload/link-header-preload-nonce.html.headers: Added.
  • web-platform-tests/preload/link-header-preload.html: Added.
  • web-platform-tests/preload/link-header-preload.html.headers: Added.
  • web-platform-tests/preload/onload-event-expected.txt: Added.
  • web-platform-tests/preload/onload-event.html: Added.
  • web-platform-tests/preload/preload-csp.sub-expected.txt:
  • web-platform-tests/preload/preload-csp.sub.html:
  • web-platform-tests/preload/preload-default-csp.sub-expected.txt:
  • web-platform-tests/preload/preload-default-csp.sub.html:
  • web-platform-tests/preload/preload-with-type-expected.txt: Added.
  • web-platform-tests/preload/preload-with-type.html: Added.
  • web-platform-tests/preload/resources/A4.ogv: Added.
  • web-platform-tests/preload/resources/A4.ogv.sub.headers: Added.
  • web-platform-tests/preload/resources/cross-origin-module.py: Added.

(main):

  • web-platform-tests/preload/resources/dummy-preloads-subresource.css: Added.
  • web-platform-tests/preload/resources/dummy-preloads-subresource.css.sub.headers: Added.
  • web-platform-tests/preload/resources/empty.html: Added.
  • web-platform-tests/preload/resources/empty.html.sub.headers: Added.
  • web-platform-tests/preload/resources/foo.vtt.sub.headers: Added.
  • web-platform-tests/preload/resources/module1.js: Added.
  • web-platform-tests/preload/resources/module2.js: Added.
  • web-platform-tests/preload/resources/preload_helper.js:

(verifyNumberOfResourceTimingEntries):
(numberOfResourceTimingEntries):
(verifyLoadedAndNoDoubleDownload):

  • web-platform-tests/preload/single-download-preload-expected.txt:
  • web-platform-tests/preload/single-download-preload.html:

Source/WebCore:

Implement imagesrcset and imagesizes attributes for both Link header
and link element.

Tests: imported/w3c/web-platform-tests/preload/dynamic-adding-preload-imagesrcset.html

imported/w3c/web-platform-tests/preload/link-header-preload-delay-onload.html
imported/w3c/web-platform-tests/preload/link-header-preload-imagesrcset.html
imported/w3c/web-platform-tests/preload/link-header-preload-nonce.html
imported/w3c/web-platform-tests/preload/link-header-preload.html
imported/w3c/web-platform-tests/preload/onload-event.html
imported/w3c/web-platform-tests/preload/preload-with-type.html

  • html/HTMLAttributeNames.in:
  • html/HTMLLinkElement.cpp:

(WebCore::HTMLLinkElement::process):

  • html/HTMLLinkElement.idl:
  • loader/LinkHeader.cpp:

(WebCore::paramterNameFromString):
(WebCore::LinkHeader::setValue):
(WebCore::LinkHeader::LinkHeader):

  • loader/LinkHeader.h:

(WebCore::LinkHeader::imageSrcSet const):
(WebCore::LinkHeader::imageSizes const):
(WebCore::LinkHeader::isViewportDependent const):

  • loader/LinkLoader.cpp:

(WebCore::LinkLoader::loadLinksFromHeader):
(WebCore::LinkLoader::preloadIfNeeded):
(WebCore::LinkLoader::loadLink):

  • loader/LinkLoader.h:

LayoutTests:

Write special expectation for link-header-preload-imagesrcset.html because test runner
uses different dimensions on iOS.

  • platform/ios-simulator-12-wk2/imported/w3c/web-platform-tests/preload/dynamic-adding-preload-imagesrcset-expected.txt: Added.
  • platform/ios-simulator-12-wk2/imported/w3c/web-platform-tests/preload/link-header-preload-imagesrcset-expected.txt: Added.
12:29 PM Changeset in webkit [245474] by krollin@apple.com
  • 9 edits in trunk

Re-enable generate-xcfilelists
https://bugs.webkit.org/show_bug.cgi?id=197933
<rdar://problem/50831677>

Reviewed by Jonathan Bedard.

The following two tasks have been completed, and we can re-enable
generate-xcfilelists:

Bug 197619 <rdar://problem/50507392> Temporarily disable generate-xcfilelists (197619)
Bug 197622 <rdar://problem/50508222> Rewrite generate-xcfilelists in Python (197622)

Source/JavaScriptCore:

  • Scripts/check-xcfilelists.sh:

Source/WebCore:

No new tests -- no change in user-visible functionality.

  • Scripts/check-xcfilelists.sh:

Source/WebKit:

  • Scripts/check-xcfilelists.sh:

Tools:

  • DumpRenderTree/Scripts/check-xcfilelists.sh:
  • WebKitTestRunner/Scripts/check-xcfilelists.sh:
12:05 PM Changeset in webkit [245473] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

media/controls-after-reload.html failing on iOS after unskip

Unreviewed test gardening.

  • platform/ios/TestExpectations: Skipping in iOS
11:56 AM Changeset in webkit [245472] by wenson_hsieh@apple.com
  • 2 edits in trunk/Source/WebCore

Fix a typo in some user agent string logic
https://bugs.webkit.org/show_bug.cgi?id=197992
<rdar://problem/50895962>

Reviewed by Brent Fulgham.

Adjust the major version number for the desktop user agent string.

  • platform/ios/UserAgentIOS.mm:

(WebCore::standardUserAgentWithApplicationName):

11:28 AM Changeset in webkit [245471] by simon.fraser@apple.com
  • 3 edits
    2 adds in trunk

REGRESSION (r245170): gmail.com header flickers when hovering over the animating buttons
https://bugs.webkit.org/show_bug.cgi?id=197975
<rdar://problem/50865946>

Reviewed by Antti Koivisto.

Source/WebCore:

When computeCompositingRequirements() determined that a layer could paint into shared backing, it
pushed an overlap container. If that layer then converted to normal composting, we'd push a second
overlap container, which left the overlap map in a bad state for the rest of the compositing
traversal, causing layers to not get composited when necessary.

Test: compositing/shared-backing/overlap-after-shared-to-composited.html

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::computeCompositingRequirements):

LayoutTests:

  • compositing/shared-backing/overlap-after-shared-to-composited-expected.html: Added.
  • compositing/shared-backing/overlap-after-shared-to-composited.html: Added.
10:30 AM Changeset in webkit [245470] by commit-queue@webkit.org
  • 22 edits
    6 deletes in trunk

Unreviewed, rolling out r245401.
https://bugs.webkit.org/show_bug.cgi?id=197990

Causing internal build failures (Requested by ShawnRoberts on
#webkit).

Reverted changeset:

"Add SPI to set a list of hosts to which to send custom header
fields cross-origin"
https://bugs.webkit.org/show_bug.cgi?id=197397
https://trac.webkit.org/changeset/245401

10:26 AM Changeset in webkit [245469] by Said Abou-Hallawa
  • 4 edits
    2 adds in trunk

SVGElement should detach itself from all its properties before it is deleted
https://bugs.webkit.org/show_bug.cgi?id=197954

Reviewed by Simon Fraser.

Source/WebCore:

Before deleting the SVGElement node, SVGElement::detachAllProperties()
needs to be called. This will make the properties be detached objects
which means no change will be committed unless these properties are
attached to another owner.

Test: svg/dom/svg-properties-detach-change.html

  • dom/Node.cpp:

(WebCore::Node::removedLastRef):

  • svg/SVGElement.h:

(WebCore::SVGElement::detachAllProperties):

LayoutTests:

  • svg/dom/svg-properties-detach-change-expected.txt: Added.
  • svg/dom/svg-properties-detach-change.html : Added.
10:22 AM Changeset in webkit [245468] by commit-queue@webkit.org
  • 12 edits in trunk

Unreviewed, rolling out r245418.
https://bugs.webkit.org/show_bug.cgi?id=197989

New API test causing crashes on Mojave testers (Requested by
ShawnRoberts on #webkit).

Reverted changeset:

"Add a unit test for client certificate authentication"
https://bugs.webkit.org/show_bug.cgi?id=197800
https://trac.webkit.org/changeset/245418

9:39 AM Changeset in webkit [245467] by eric.carlson@apple.com
  • 9 edits
    2 adds in trunk

Allow sequential playback of media files when initial playback started with a user gesture
https://bugs.webkit.org/show_bug.cgi?id=197959
<rdar://problem/50655207>

Reviewed by Youenn Fablet.

Source/WebCore:

Test: media/playlist-inherits-user-gesture.html

  • dom/Document.cpp:

(WebCore::Document::processingUserGestureForMedia const): Return true if it is within
one second of the last HTMLMediaElement 'ended' event.

  • dom/Document.h:

(WebCore::Document::mediaFinishedPlaying):

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::parseAttribute): removeBehaviorsRestrictionsAfterFirstUserGesture ->
removeBehaviorRestrictionsAfterFirstUserGesture.
(WebCore::HTMLMediaElement::load): Ditto. Don't call removeBehaviorsRestrictionsAfterFirstUserGesture,
it will be done in prepareForLoad.
(WebCore::HTMLMediaElement::prepareForLoad): removeBehaviorsRestrictionsAfterFirstUserGesture ->
removeBehaviorRestrictionsAfterFirstUserGesture.
(WebCore::HTMLMediaElement::audioTrackEnabledChanged): Ditto.
(WebCore::HTMLMediaElement::play): Ditto.
(WebCore::HTMLMediaElement::pause): Ditto.
(WebCore::HTMLMediaElement::setVolume): Ditto.
(WebCore::HTMLMediaElement::setMuted): Ditto.
(WebCore::HTMLMediaElement::webkitShowPlaybackTargetPicker): Ditto.
(WebCore::HTMLMediaElement::dispatchEvent): Call document().mediaFinishedPlaying()
when dispatching the 'ended' event.
(WebCore::HTMLMediaElement::removeBehaviorRestrictionsAfterFirstUserGesture): Rename. Set
m_removedBehaviorRestrictionsAfterFirstUserGesture.
(WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Deleted.

  • html/HTMLMediaElement.h:
  • html/HTMLVideoElement.cpp:

(WebCore:HTMLVideoElement::nativeImageForCurrentTime): Convert to runtime logging.
(WebCore:HTMLVideoElement::webkitEnterFullscreen): Ditto.
(WebCore:HTMLVideoElement::webkitSetPresentationMode): Ditto.
(WebCore:HTMLVideoElement::fullscreenModeChanged): Ditto.

  • html/MediaElementSession.cpp:

(WebCore::MediaElementSession::removeBehaviorRestriction): Update log message.

LayoutTests:

  • media/media-fullscreen.js: Insert a pause between tests to clear the user gesture

used in the first test.

  • media/playlist-inherits-user-gesture-expected.txt: Added.
  • media/playlist-inherits-user-gesture.html: Added.
9:27 AM Changeset in webkit [245466] by Truitt Savell
  • 2 edits in trunk/LayoutTests

Unmark several skipped tests in wk2
https://bugs.webkit.org/show_bug.cgi?id=197987

Unreviewed test gardening

  • platform/wk2/TestExpectations:
9:14 AM Changeset in webkit [245465] by Antti Koivisto
  • 6 edits
    2 copies in trunk

[iOS] Respect scrolling="no" on composited frames
https://bugs.webkit.org/show_bug.cgi?id=197972
<rdar://problem/50252398>

Reviewed by Simon Fraser.

Source/WebKit:

  • UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.h:
  • UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::commitStateAfterChildren):

Disallow scrolling based on canHaveScrollbars, similar to main frame.

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::repositionScrollingLayers):
(WebKit::ScrollingTreeScrollingNodeDelegateIOS::scrollView const):

Factor into a function.

LayoutTests:

  • fast/scrolling/ios/body-overflow-hidden-frame-expected.html:
  • fast/scrolling/ios/body-overflow-hidden-frame.html:

Also fix overflow:hidden test so that the frame content forces composition.

  • fast/scrolling/ios/frame-scrolling-no-expected.html: Added.
  • fast/scrolling/ios/frame-scrolling-no.html: Added.
9:03 AM Changeset in webkit [245464] by bfulgham@apple.com
  • 2 edits in trunk/Source/WebCore

Hardening: Prevent FrameLoader crash due to SetForScope
https://bugs.webkit.org/show_bug.cgi?id=197458
<rdar://problem/50368338>

Reviewed by Chris Dumez.

Since SetForScope takes action during a function returns, it might cause
a crash if its scope is broader than the value it is resetting.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadDifferentDocumentItem):

8:20 AM Changeset in webkit [245463] by kocsen_chung@apple.com
  • 3 edits in branches/safari-607-branch/Source/WebCore

Apply patch. rdar://problem/50352476

8:07 AM Changeset in webkit [245462] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit

Unreviewed. Fix variations shown in GTK emoji chooser after r245460.

We are tno showing the variations in the sub-popover because of a missing parameter in
webkitEmojiChooserAddEmoji() call.

  • UIProcess/API/gtk/WebKitEmojiChooser.cpp:

(webkitEmojiChooserShowVariations): Pass prepend parameter to webkitEmojiChooserAddEmoji().

7:32 AM Changeset in webkit [245461] by aakash_jain@apple.com
  • 3 edits in trunk/Tools

[ews-build] Add build step to Transfer archive to S3
https://bugs.webkit.org/show_bug.cgi?id=197922

Reviewed by Jonathan Bedard.

  • BuildSlaveSupport/ews-build/steps.py:

(TransferToS3):
(TransferToS3.finished): Invoke triggers after transfer is successful.
(TransferToS3.getResultSummary): Create more readable failure string.
(UploadBuiltProduct.finished): Deleted. Moved the trigger invocation after TransferToS3.

  • BuildSlaveSupport/ews-build/steps_unittest.py: Added unit-tests.
5:39 AM Changeset in webkit [245460] by Carlos Garcia Campos
  • 27 edits
    2 adds in trunk

[GTK] Need WebKitContextMenuItemType to open emoji picker
https://bugs.webkit.org/show_bug.cgi?id=176760

Reviewed by Michael Catanzaro.

Source/WebCore:

Add a new context menu item to insert an emoji.

  • loader/EmptyClients.cpp: Empty implementation of ContextMenuClient::insertEmoji().
  • page/ContextMenuClient.h: Add insertEmoji for GTK port.
  • page/ContextMenuController.cpp:

(WebCore::ContextMenuController::contextMenuItemSelected): Handle insert emoji action.
(WebCore::ContextMenuController::populate): Add insert emoji item after select all.
(WebCore::ContextMenuController::checkOrEnableIfNeeded const): Handle insert emoji action.

  • platform/ContextMenuItem.h: Add insert emoji action.
  • platform/LocalizedStrings.h:
  • platform/gtk/LocalizedStringsGtk.cpp:

(WebCore::contextMenuItemTagInsertEmoji):

Source/WebCore/platform/gtk/po:

  • POTFILES.in: Add WebKitEmojiChooser.cpp.

Source/WebKit:

Add a default implementation to show the emoji chooser when requested by the application, either using the
context menu or keyboard shortcuts. GtkEmojiChooser is private in GTK, so we include our own copy, adapted to
the WebKit coding style. The emoji chooser is always shown by default when using GTK >= 3.24 for any editable
content. I'm going to add public API in a follow up patch to be able to use your own chooser, or even prevent
the default chooser from being shown, similar to what we do for other UI elements like file chooser, color
chooser, print dialog, etc.

  • Shared/API/glib/WebKitContextMenuActions.cpp:

(webkitContextMenuActionGetActionTag): Handle insert emoji action.
(webkitContextMenuActionGetForContextMenuItem): Ditto.
(webkitContextMenuActionGetLabel): Ditto.

  • SourcesGTK.txt:
  • UIProcess/API/gtk/WebKitContextMenuActions.h:
  • UIProcess/API/gtk/WebKitEmojiChooser.cpp: Added.

(webkitEmojiChooserAddEmoji):
(webkitEmojiChooserAddRecentItem):
(emojiActivated):
(emojiDataHasVariations):
(webkitEmojiChooserShowVariations):
(emojiLongPressed):
(emojiPressed):
(emojiPopupMenu):
(verticalAdjustmentChanged):
(webkitEmojiChooserSetupSectionBox):
(scrollToSection):
(webkitEmojiChooserSetupSectionButton):
(webkitEmojiChooserSetupRecent):
(webkitEmojiChooserEnsureEmptyResult):
(webkitEmojiChooserSearchChanged):
(webkitEmojiChooserSetupFilters):
(webkitEmojiChooserInitializeEmojiMaxWidth):
(webkitEmojiChooserConstructed):
(webkitEmojiChooserShow):
(webkit_emoji_chooser_class_init):
(webkitEmojiChooserNew):

  • UIProcess/API/gtk/WebKitEmojiChooser.h: Added.
  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(_WebKitWebViewBasePrivate::_WebKitWebViewBasePrivate): Add a timer to release the emoji chooser if not used
after 2 minutes.
(_WebKitWebViewBasePrivate::releaseEmojiChooserTimerFired): Destroy the emoji chooser.
(emojiChooserEmojiPicked): Complete the operation using the given emoji text.
(emojiChooserClosed): Complete the operation if needed using an empty string.
(webkitWebViewBaseShowEmojiChooser): Create the emoji chooser if needed and show it.

  • UIProcess/API/gtk/WebKitWebViewBasePrivate.h:
  • UIProcess/WebPageProxy.h: Add showEmojiPicker().
  • UIProcess/WebPageProxy.messages.in: Add ShowEmojiPicker message.
  • UIProcess/gtk/KeyBindingTranslator.cpp:

(WebKit::insertEmojiCallback): Add GtkInsertEmoji command.
(WebKit::KeyBindingTranslator::KeyBindingTranslator): Connect to insert-emoji signal.

  • UIProcess/gtk/WebPageProxyGtk.cpp:

(WebKit::WebPageProxy::showEmojiPicker): Call webkitWebViewBaseShowEmojiChooser().

  • WebProcess/WebCoreSupport/WebContextMenuClient.h: Override insertEmoji() for GTK port.
  • WebProcess/WebCoreSupport/WebEditorClient.h: Add insertEmoji() for GTK port.
  • WebProcess/WebCoreSupport/gtk/WebContextMenuClientGtk.cpp:

(WebKit::WebContextMenuClient::insertEmoji): Call WebPage::showEmojiPicker().

  • WebProcess/WebCoreSupport/gtk/WebEditorClientGtk.cpp:

(WebKit::WebEditorClient::handleGtkEditorCommand): Call WebPage::showEmojiPicker() if command is GtkInsertEmoji.
(WebKit::WebEditorClient::executePendingEditorCommands): Handle Gtk specific commands.
(WebKit::WebEditorClient::handleKeyboardEvent): Use a reference instead of a pointer for Frame.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/gtk/WebPageGtk.cpp:

(WebKit::WebPage::showEmojiPicker): Send ShowEmojiPicker message to the UI process.

Tools:

Update context menu test to check insert emoji action is included in default context menu for editable content.

  • TestWebKitAPI/Tests/WebKitGtk/TestContextMenu.cpp:
4:53 AM Changeset in webkit [245459] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.24.2

WebKitGTK 2.24.2

4:53 AM Changeset in webkit [245458] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.24.2 release

.:

  • Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

  • gtk/NEWS: Add release notes for 2.24.2.
4:25 AM Changeset in webkit [245457] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r245393 - [FreeType] Some character sequences with a variation selector are not rendered
https://bugs.webkit.org/show_bug.cgi?id=197838

Reviewed by Michael Catanzaro.

We get the invalid glyph instead. See http://mts.io/2015/04/21/unicode-symbol-render-text-emoji/. In the table at
the end the Emoji and Text columns are not correctly rendered. It happens also when copying an emoji from
GtkEmojiChooser and pasting in WebKit text field, because GTK appends U+FE0F to all emojis to force the emoji
style. We need to take into account the variation selector when checking if a font can render a combining
sequence, using FT_Face_GetCharVariantIndex to get the right glyph in case of variation character present.

  • platform/graphics/Font.cpp:

(WebCore::Font::platformSupportsCodePoint const): Add optional variation parameter.
(WebCore::Font::canRenderCombiningCharacterSequence const): Take into account variation selector characters

  • platform/graphics/Font.h:
  • platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:

(WebCore::FontCascade::fontForCombiningCharacterSequence const): Check variation selectors 0xFE0E and 0xFE0F to
decide whether to use the emoji or text style.

  • platform/graphics/cocoa/FontCocoa.mm:

(WebCore::Font::platformSupportsCodePoint const): Return false when a variation character is passed so that
characters are checked individually.

  • platform/graphics/freetype/SimpleFontDataFreeType.cpp:

(WebCore::Font::platformSupportsCodePoint const): Use FT_Face_GetCharVariantIndex when a variation character is
passed.

  • platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:

(WebCore::harfBuzzFontFunctions): Do not return true when FT_Face_GetCharVariantIndex returns 0.

4:25 AM Changeset in webkit [245456] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r243052 - Fix WPE and GTK Debug builds after r243049
https://bugs.webkit.org/show_bug.cgi?id=195860

Unreviewed, build fix after r243049.

  • runtime/StringPrototype.cpp:

(JSC::normalizationAffects8Bit):

4:25 AM Changeset in webkit [245455] by Carlos Garcia Campos
  • 13 edits in releases/WebKitGTK/webkit-2.24/Source

Merge r243049 - Improve normalization code, including moving from unorm.h to unorm2.h
https://bugs.webkit.org/show_bug.cgi?id=195330

Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

  • runtime/JSString.h: Move StringViewWithUnderlyingString to StringView.h.
  • runtime/StringPrototype.cpp: Include unorm2.h instead of unorm.h.

(JSC::normalizer): Added. Function to create normalizer object given
enumeration value indicating which is selected. Simplified because we
know the function will not fail and so we don't need error handling code.
(JSC::normalize): Changed this function to take a JSString* so we can
optimize the case where no normalization is needed. Added an early exit
if the string is stored as 8-bit and another if the string is already
normalized, using unorm2_isNormalized. Changed error handling to only
check cases that can actually fail in practice. Also did other small
optimizations like passing VM rather than ExecState.
(JSC::stringProtoFuncNormalize): Used smaller enumeration names that are
identical to the names used in the API and normalization parlance rather
than longer ones that expand the acronyms. Updated to pass JSString* to
the normalize function, so we can optimize 8-bit and already-normalized
cases, rather than callling the expensive String::upconvertedCharacters
function. Use throwVMRangeError.

Source/WebCore:

  • editing/TextIterator.cpp: Include unorm2.h.

(WebCore::normalizeCharacters): Rewrote to use unorm2_normalize rather than
unorm_normalize, but left the logic otherwise the same.

  • platform/graphics/SurrogatePairAwareTextIterator.cpp: Include unorm2.h.

(WebCore::SurrogatePairAwareTextIterator::normalizeVoicingMarks):
Use unorm2_composePair instead of unorm_normalize.

  • platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:

(characterSequenceIsEmoji): Changed to use existing SurrogatePairAwareTextIterator.
(FontCascade::fontForCombiningCharacterSequence): Use normalizedNFC instead of
calling unorm2_normalize directly.

  • WebCore/platform/graphics/freetype/SimpleFontDataFreeType.cpp:

Removed unneeded include of <unicode/normlzr.h>.

  • platform/text/TextEncoding.cpp:

(WebCore::TextEncoding::encode const): Use normalizedNFC instead of the
code that was here. The normalizedNFC function is better in multiple ways,
but primarily it handles 8-bit strings and other already-normalized
strings much more efficiently.

Source/WTF:

  • wtf/URLHelpers.cpp: Removed unneeded include of unorm.h since the

normalization code is now in StringView.cpp.
(WTF::URLHelpers::escapeUnsafeCharacters): Renamed from
createStringWithEscapedUnsafeCharacters since it now only creates
a new string if one is needed. Use unsigned for string lengths, since
that's what WTF::String uses, not size_t. Added a first loop so that
we can return the string unmodified if no lookalike characters are
found. Removed unnecessary round trip from UTF-16 and then back in
the case where the character is not a lookalike.
(WTF::URLHelpers::toNormalizationFormC): Deleted. Moved this logic
into the WTF::normalizedNFC function in StringView.cpp.
(WTF::URLHelpers::userVisibleURL): Call escapeUnsafeCharacters and
normalizedNFC. The normalizedNFC function is better in multiple ways,
but primarily it handles 8-bit strings and other already-normalized
strings much more efficiently.

  • wtf/text/StringView.cpp:

(WTF::normalizedNFC): Added. This has two overloads. One is for when
we already have a String, and want to re-use it if no normalization
is needed, and another is when we only have a StringView, and may need
to allocate a String to hold the result. Includes a fast special case
for 8-bit and already-normalized strings, and uses the same strategy
that JSC::normalize was already using: calls unorm2_normalize twice,
first just to determine the length.

  • wtf/text/StringView.h: Added normalizedNFC, which can be called with

either a StringView or a String. Also moved StringViewWithUnderlyingString
here from JSString.h, here for use as the return value of normalizedNFC;
it is used for a similar purpose in the JavaScriptCore rope implementation.
Also removed an inaccurate comment.

4:25 AM Changeset in webkit [245454] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r245361 - Do not create a shape object outside of the layout context
https://bugs.webkit.org/show_bug.cgi?id=197926
<rdar://problem/50627858>

Reviewed by Simon Fraser.

Source/WebCore:

ShapeOutside objects are used to compute line constrains during layout (in a strict sense, they are part of the layout context and should only be mutated during layout).
If we don't create one during layout, we probably don't need to know its geometry during paint (or any other non-layout activity) either.

Test: fast/block/float/float-with-shape-outside-crash.html

  • rendering/FloatingObjects.cpp:

(WebCore::ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatLeft>::updateOffsetIfNeeded):
(WebCore::ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatRight>::updateOffsetIfNeeded):

  • rendering/shapes/ShapeOutsideInfo.cpp:

(WebCore::ShapeOutsideInfo::computeDeltasForContainingBlockLine):

LayoutTests:

  • fast/block/float/float-with-shape-outside-crash-expected.txt: Added.
  • fast/block/float/float-with-shape-outside-crash.html: Added.
4:25 AM Changeset in webkit [245453] by Carlos Garcia Campos
  • 3 edits
    3 adds in releases/WebKitGTK/webkit-2.24

Merge r245300 - Do not try to issue repaint while the render tree is being destroyed.
https://bugs.webkit.org/show_bug.cgi?id=197461
<rdar://problem/50368992>

Reviewed by Simon Fraser.

Source/WebCore:

Test: http/tests/svg/crash-on-reload-with-filter.html

We don't need to compute repaint rects when the render tree is getting torn down. We'll issue a full repaint at some point.
Also during full render tree destruction the inline tree state is undefined. We should avoid accessing it.

  • rendering/svg/RenderSVGResourceContainer.cpp:

(WebCore::RenderSVGResourceContainer::markAllClientLayersForInvalidation):

LayoutTests:

  • http/tests/svg/crash-on-reload-with-filter-expected.txt: Added.
  • http/tests/svg/crash-on-reload-with-filter.html: Added.
  • http/tests/svg/resources/finishTest.html: Added.
4:25 AM Changeset in webkit [245452] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r245284 - Protect current WebFrame during form submission
https://bugs.webkit.org/show_bug.cgi?id=197459
<rdar://problem/50368618>

Reviewed by Alex Christensen.

The 'continueWillSubmitForm' method calls a completion handler that
might affect the state of the current frame. Ensure the frame is valid
for the scope of the function.

  • WebProcess/WebPage/WebFrame.cpp:

(WebKit::WebFrame::continueWillSubmitForm):

4:25 AM Changeset in webkit [245451] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r245196 - Streamline test-and-clear operation for ContextMenu
https://bugs.webkit.org/show_bug.cgi?id=197795
<rdar://problem/50473746>

Reviewed by Wenson Hsieh.

Rather than performing a check when entering the function, doing work,
then clearing the member variable, perform the check and clear in
a single operation. Only perform the selection if the menu exists.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::didSelectItemFromActiveContextMenu):

4:25 AM Changeset in webkit [245450] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Tools

Merge r245182 - [WPE] Forward libepoxy cflags
https://bugs.webkit.org/show_bug.cgi?id=197784

Reviewed by Žan Doberšek.

  • wpe/backends/CMakeLists.txt: This is required to keep

-DMESA_EGL_NO_X11_HEADERS in the build, if we don't do this, EGL ends
up trying to include X11 headers even when they're not present in the
environment.

4:25 AM Changeset in webkit [245449] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r245142 - Correct delayed load event handling
https://bugs.webkit.org/show_bug.cgi?id=197679
<rdar://problem/50423334>

Reviewed by Alex Christensen.

We need to properly account for the fact that JavaScript might run
while performing loads.

  • dom/Document.cpp:

(WebCore::Document::loadEventDelayTimerFired):

4:24 AM Changeset in webkit [245448] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r245056 - Correct delayed load event handling
https://bugs.webkit.org/show_bug.cgi?id=197679
<rdar://problem/50423334>

Reviewed by Alex Christensen.

We need to properly account for the fact that JavaScript might run
while performing loads.

  • dom/Document.cpp:

(WebCore::Document::loadEventDelayTimerFired):

4:24 AM Changeset in webkit [245447] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r245051 - [JSC] DFG_ASSERT failed in lowInt52
https://bugs.webkit.org/show_bug.cgi?id=197569

Reviewed by Saam Barati.

JSTests:

  • stress/getstack-int52.js: Added.

(opt):
(main):

Source/JavaScriptCore:

GetStack with FlushedInt52 should load the flushed value in Int52 form and put the result in m_int52Values / m_strictInt52Values. Previously,
we load it in JSValue / Int32 form and lowInt52 fails to get appropriate one since GetStack does not put the result in m_int52Values / m_strictInt52Values.

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetStack):

4:24 AM Changeset in webkit [245446] by Carlos Garcia Campos
  • 8 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r244996 - [JSC] We should check OOM for description string of Symbol
https://bugs.webkit.org/show_bug.cgi?id=197634

Reviewed by Keith Miller.

JSTests:

  • stress/check-symbol-description-oom.js: Added.

(shouldThrow):

Source/JavaScriptCore:

When resoling JSString for description of Symbol, we should check OOM error.
We also change JSValueMakeSymbol(..., nullptr) to returning a symbol value
without description, (1) to simplify the code and (2) give a way for JSC API
to create a symbol value without description.

  • API/JSValueRef.cpp:

(JSValueMakeSymbol):

  • API/tests/testapi.cpp:

(TestAPI::symbolsTypeof):
(TestAPI::symbolsDescription):
(testCAPIViaCpp):

  • dfg/DFGOperations.cpp:
  • runtime/Symbol.cpp:

(JSC::Symbol::createWithDescription):

  • runtime/Symbol.h:
  • runtime/SymbolConstructor.cpp:

(JSC::callSymbol):

4:24 AM Changeset in webkit [245445] by Carlos Garcia Campos
  • 15 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r244950 - TypedArrays should not store properties that are canonical numeric indices
https://bugs.webkit.org/show_bug.cgi?id=197228
<rdar://problem/49557381>

Reviewed by Saam Barati.

JSTests:

  • stress/array-species-config-array-constructor.js:

(test):

  • stress/put-direct-index-broken-2.js:
  • stress/typed-array-canonical-numeric-index-string.js: Added.

(makeTest.assert):
(makeTest):
(const.testInvalidIndices.makeTest.set assert):
(const.testInvalidIndices.makeTest):
(const.makeTestValidIndex.configurable.set assert):
(const.makeTestValidIndex.configurable):

  • stress/typedarray-access-monomorphic-neutered.js:

(checkNoException):
(testNoException):
(testFTLNoException):

  • stress/typedarray-access-neutered.js:

(testNoException):

  • stress/typedarray-getownproperty-not-configurable.js:

(foo):

  • test262/expectations.yaml:

Source/JavaScriptCore:

According to the spec[1]:

  • TypedArrays should not perform an ordinary GetOwnProperty/SetOwnProperty if the index is a

CanonicalNumericIndexString, but invalid according to IntegerIndexedElementGet and similar
functions. I.e., there are a few properties that should not be set in a TypedArray, like NaN,
Infinity and -0.

  • On DefineOwnProperty, the out-of-bounds check should be performed before validating the property

descriptor.

  • On GetOwnProperty, the returned descriptor for numeric properties should have writable set to true.

[1]: https://www.ecma-international.org/ecma-262/9.0/index.html#sec-integer-indexed-exotic-objects-defineownproperty-p-desc

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlot):
(JSC::JSGenericTypedArrayView<Adaptor>::put):
(JSC::JSGenericTypedArrayView<Adaptor>::defineOwnProperty):
(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlotByIndex):
(JSC::JSGenericTypedArrayView<Adaptor>::putByIndex):

  • runtime/PropertyName.h:

(JSC::isCanonicalNumericIndexString):

LayoutTests:

  • fast/canvas/canvas-ImageData-behaviour-expected.txt:
  • fast/canvas/canvas-ImageData-behaviour.js:
3:54 AM WebKitGTK/2.24.x edited by Carlos Garcia Campos
(diff)
3:15 AM Changeset in webkit [245444] by Carlos Garcia Campos
  • 31 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r244892 - Setting a frame's src to a javascript URL should not run it synchronously
https://bugs.webkit.org/show_bug.cgi?id=197466

Reviewed by Darin Adler.

Source/WebCore:

When an iframe's src attribute is set to a javascript URL, whether when parsing
or later on via JS, we now execute the URL's JavaScript asynchronously. We used
to execute it synchronously, which was a source of bugs and also did not match
other browsers.

I have verified that our new behavior is aligned with both Firefox and Chrome.

Note that for backward-compatibility and interoperability with Blink
(https://bugs.chromium.org/p/chromium/issues/detail?id=923585), the
"javascript:" URL will still run synchronously. We should consider dropping
this quirk at some point.

Test: fast/dom/frame-src-javascript-url-async.html

  • loader/NavigationScheduler.cpp:

(WebCore::ScheduledLocationChange::ScheduledLocationChange):
(WebCore::ScheduledLocationChange::~ScheduledLocationChange):
(WebCore::NavigationScheduler::scheduleLocationChange):

  • loader/NavigationScheduler.h:

(WebCore::NavigationScheduler::scheduleLocationChange):

  • loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::requestFrame):

LayoutTests:

  • fast/dom/frame-src-javascript-url-async-expected.txt: Added.
  • fast/dom/frame-src-javascript-url-async.html: Added.

Add layout test coverage for the fact that the javascript URL is executed asynchronously
whether set during parsing or later via JS. Also makes sure that executing the javascript
URL asynchronously does not replace the frame's window. This test passes in both Chrome
and Firefox.

  • imported/blink/fast/frames/navigation-in-pagehide.html:

Re-sync this test from the Blink repository.

  • fast/dom/Element/id-in-frameset-expected.txt:
  • fast/dom/Element/id-in-frameset.html:
  • fast/dom/insertedIntoDocument-iframe-expected.txt:
  • fast/dom/javascript-url-exception-isolation-expected.txt:
  • fast/dom/javascript-url-exception-isolation.html:
  • fast/dom/no-assert-for-malformed-js-url-attribute-expected.txt:
  • fast/dom/resources/javascript-url-crash-function-iframe.html:
  • fast/frames/adopt-from-created-document.html:
  • fast/frames/out-of-document-iframe-has-child-frame.html:
  • fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html:
  • fast/loader/javascript-url-iframe-remove-on-navigate.html:
  • fast/loader/unload-mutation-crash.html:
  • fast/parser/resources/set-parent-to-javascript-url.html:
  • fast/parser/xml-error-adopted.xml:
  • http/tests/navigation/lockedhistory-iframe-expected.txt:
  • http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe-expected.txt:
  • http/tests/security/contentSecurityPolicy/javascript-url-allowed-expected.txt:
  • http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star-expected.txt:
  • http/tests/security/contentSecurityPolicy/javascript-url-blocked-expected.txt:
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html:
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html:
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html:
  • imported/blink/loader/iframe-sync-loads-expected.txt:
  • js/dom/call-base-resolution.html:
  • platform/wk2/http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe-expected.txt:

Update / Rebaseline existing tests to reflect behavior change. I ran those tests in Firefox and Chrome to confirm that our behavior
is indeed aligned.

3:14 AM Changeset in webkit [245443] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r244314 - SafeToExecute for GetByOffset/GetGetterByOffset/PutByOffset is using the wrong child for the base
https://bugs.webkit.org/show_bug.cgi?id=196945
<rdar://problem/49802750>

Reviewed by Filip Pizlo.

JSTests:

  • stress/get-by-offset-should-use-correct-child.js: Added.

(foo.bar):
(foo):

Source/JavaScriptCore:

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

3:14 AM Changeset in webkit [245442] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/LayoutTests

Merge r241931 - Fix the test failure following r241918
(https://bugs.webkit.org/show_bug.cgi?id=194906)

For some reason strict cookies are sent via HTTP in WK1 and not in WK2. Will investigate in <https://bugs.webkit.org/show_bug.cgi?id=194933>.
This sub-test failure occurs with and without the patch. As the primary purpose of this test
was to ensure correctness for Same Site lax cookies, I've amended the test and test result
for now.

  • http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt:
  • http/tests/cookies/same-site/user-load-cross-site-redirect.php:
3:14 AM WebKitGTK/2.24.x edited by Carlos Garcia Campos
(diff)
3:14 AM Changeset in webkit [245441] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r241918 - Same Site Lax cookies are not sent with cross-site redirect from client-initiated load
https://bugs.webkit.org/show_bug.cgi?id=194906
<rdar://problem/44305947>

Reviewed by Brent Fulgham.

Source/WebCore:

Ensure that a request for a top-level navigation is annotated as such regardless of whether
the request has a computed Same Site policy.

"New loads" initiated by a the client (Safari) either by API or a human either explicitly
typing a URL in the address bar or Command + clicking a hyperlink to open it in a new window/tab
are always considered Same Site. This is by definition from the spec. [1] as we aren't navigating
from an existing page. (Command + click should be thought of as a convenience to the user from
having to copy the hyperlink's URL, create a new window, and paste the URL into the address bar).
Currently the frame loader marks a request as a top-level navigation if and only if the request
does not have a pre-computed Same Site policy. However, "New loads" have a pre-computed Same Site
policy. So, these loads would never be marked as a top-level navigation by the frame loading code.
Therefore, if the "new load" turned out to be a cross-site redirect then WebKit would incorrectly
tell the networking stack that the load was a cross-site, non-top-level navigation, and per the
Same Site spec [2], the networking stack would not send Same Site Lax cookies. Instead,
WebKit should unconditionally ensure that requests are marked as a top-level navigation, if applicable.

[1] See Note for (1) in <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.2>
[2] <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.3.7.1>

Test: http/tests/cookies/same-site/user-load-cross-site-redirect.php

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::addExtraFieldsToRequest): Unconditionally update the request's top-
level navigation bit.

  • platform/network/ResourceRequestBase.cpp:

(WebCore::ResourceRequestBase::setAsIsolatedCopy): Unconditionally copy a request's top-
level navigation bit.

LayoutTests:

Add a test that is representative of a user loading a cross-site page that redirects
to a page that expects Same Site Lax cookies.

  • http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt: Added.
  • http/tests/cookies/same-site/user-load-cross-site-redirect.php: Added.
3:14 AM Changeset in webkit [245440] by Carlos Garcia Campos
  • 18 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243841 - -apple-trailing-word is needed for browser detection
https://bugs.webkit.org/show_bug.cgi?id=196575

Unreviewed.

PerformanceTests:

  • MotionMark/resources/debug-runner/motionmark.css:

(#intro .start-benchmark p):

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

This is an unreviewed partial revert of r243819. Turns out there are some websites
which use this property to do browser detection. So, we need to continue to parse
the property, but we don't need the property to do anything.

Test: fast/text/trailing-word-detection.html

  • Configurations/FeatureDefines.xcconfig:
  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::operator TrailingWord const):

  • css/CSSProperties.json:
  • css/CSSValueKeywords.in:
  • css/parser/CSSParserFastPaths.cpp:

(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
(WebCore::CSSParserFastPaths::isKeywordPropertyID):

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::trailingWord const):
(WebCore::RenderStyle::setTrailingWord):
(WebCore::RenderStyle::initialTrailingWord):

  • rendering/style/RenderStyleConstants.h:

Source/WebCore/PAL:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

  • Configurations/FeatureDefines.xcconfig:

Tools:

  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

LayoutTests:

  • fast/text/trailing-word-detection-expected.txt: Added.
  • fast/text/trailing-word-detection.html: Added.
  • platform/gtk/TestExpectations:
  • platform/win/TestExpectations:
3:14 AM Changeset in webkit [245439] by Carlos Garcia Campos
  • 27 edits
    4 deletes in releases/WebKitGTK/webkit-2.24

Merge r243819 - Remove support for -apple-trailing-word
https://bugs.webkit.org/show_bug.cgi?id=196525

Reviewed by Zalan Bujtas.

This CSS property is nonstandard and not used.

.:

  • Source/cmake/WebKitFeatures.cmake:

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

  • Configurations/FeatureDefines.xcconfig:
  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::operator TrailingWord const): Deleted.

  • css/CSSProperties.json:
  • css/CSSValueKeywords.in:
  • css/parser/CSSParserFastPaths.cpp:

(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
(WebCore::CSSParserFastPaths::isKeywordPropertyID):

  • rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::canUseForStyle):

  • rendering/SimpleLineLayoutCoverage.cpp:

(WebCore::SimpleLineLayout::printReason):

  • rendering/SimpleLineLayoutCoverage.h:
  • rendering/line/BreakingContext.h:

(WebCore::BreakingContext::BreakingContext):
(WebCore::BreakingContext::lineBreak):
(WebCore::BreakingContext::clearLineBreakIfFitsOnLine):
(WebCore::BreakingContext::commitLineBreakClear):
(WebCore::BreakingContext::commitLineBreakAtCurrentWidth):
(WebCore::BreakingContext::handleBR):
(WebCore::BreakingContext::handleFloat):
(WebCore::BreakingContext::handleText):
(WebCore::BreakingContext::handleEndOfLine):
(WebCore::BreakingContext::InlineIteratorHistory::InlineIteratorHistory): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::push): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::update): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::renderer const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::offset const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::nextBreakablePosition const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::atTextParagraphSeparator const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::previousInSameNode const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::get const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::current const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::historyLength const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::moveTo): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::increment): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::clear): Deleted.
(WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord): Deleted.

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::trailingWord const): Deleted.
(WebCore::RenderStyle::setTrailingWord): Deleted.
(WebCore::RenderStyle::initialTrailingWord): Deleted.

  • rendering/style/RenderStyleConstants.h:
  • rendering/style/StyleRareInheritedData.cpp:

(WebCore::StyleRareInheritedData::StyleRareInheritedData):
(WebCore::StyleRareInheritedData::operator== const):

  • rendering/style/StyleRareInheritedData.h:

Source/WebCore/PAL:

  • Configurations/FeatureDefines.xcconfig:

Source/WebInspectorUI:

  • UserInterface/Models/CSSKeywordCompletions.js:

Source/WebKit:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

  • Configurations/FeatureDefines.xcconfig:

Tools:

  • Scripts/webkitperl/FeatureList.pm:
  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

LayoutTests:

  • fast/text/trailing-word-expected.html: Removed.
  • fast/text/trailing-word.html: Removed.
  • platform/gtk/TestExpectations:
  • platform/mac/fast/text/trailing-word-parse-expected.txt: Removed.
  • platform/mac/fast/text/trailing-word-parse.html: Removed.
  • platform/win/TestExpectations:
3:14 AM Changeset in webkit [245438] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243786 - REGRESSION (r238266): Exchange 2013 Outlook Web Access displays partially blank page when creating new e-mail
https://bugs.webkit.org/show_bug.cgi?id=196522
Source/WebCore:

rdar://problem/49472941

Reviewed by Zalan Bujtas.

In this content a layer is composited to clip descendants, and has negative z-order children,
so we compute that it "paints into ancestor", and has a foreground layer. This combination doesn't
make sense, and when the layer becomes scrollable, we end up with bad paint phases on layers, and
fail to paint the contents.

Fix by ensuring that a layer has its own backing store if it requires a foreground layer
by virtue of having negative z-order children.

Test: compositing/backing/foreground-layer-no-paints-into-ancestor.html

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::requiresOwnBackingStore const):

LayoutTests:

Reviewed by Zalan Bujtas.

  • compositing/backing/foreground-layer-no-paints-into-ancestor-expected.html: Added.
  • compositing/backing/foreground-layer-no-paints-into-ancestor.html: Added.
3:14 AM Changeset in webkit [245437] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243605 - [SimpleLineLayout] Disable SLL when text-underline-position is not auto.
https://bugs.webkit.org/show_bug.cgi?id=196338
<rdar://problem/47975167>

Reviewed by Daniel Bates.

Source/WebCore:

Disable simple line layout unconditionally on non-auto text-underline-position content. We don't support it yet.

Test: fast/text/simple-line-layout-with-text-underline-position.html

  • rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::canUseForStyle):

LayoutTests:

  • fast/text/simple-line-layout-with-text-underline-position-expected.html: Added.
  • fast/text/simple-line-layout-with-text-underline-position.html: Added.
3:14 AM Changeset in webkit [245436] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r242838 - REGRESSION (iOS 12.2): Webpage using CoffeeScript crashes
https://bugs.webkit.org/show_bug.cgi?id=195613

Reviewed by Mark Lam.

JSTests:

New regression test.

  • stress/regexp-backref-inbounds.js: Added.

(testRegExp):

Source/JavaScriptCore:

The bug here is in Yarr JIT backreference matching code. We are incorrectly
using a checkedOffset / inputPosition correction when checking for the available
length left in a string. It is improper to do these corrections as a backreference's
match length is based on what was matched in the referenced capture group and not
part of the checkedOffset and inputPosition computed when we compiled the RegExp.
In some cases, the resulting incorrect calculation would allow us to go past
the subject string's length. Removed these adjustments.

After writing tests for the first bug, found another bug where the non-greedy
backreference backtracking code didn't do an "are we at the end of the input?" check.
This caused an infinite loop as we'd jump from the backtracking code back to
try matching one more backreference, fail and then backtrack.

  • yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::generateBackReference):
(JSC::Yarr::YarrGenerator::backtrackBackReference):

3:13 AM Changeset in webkit [245435] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r242749 - [macOS] Dispatching reentrant "contextmenu" events may cause crashes
https://bugs.webkit.org/show_bug.cgi?id=195571
<rdar://problem/48086046>

Reviewed by Andy Estes.

Source/WebCore:

Make ContextMenuController::handleContextMenuEvent robust against reentrancy by guarding it with a boolean flag.
As demonstrated in the test case, it is currently possible to force WebKit into a bad state by dispatching a
synthetic "contextmenu" event from within the scope of one of the "before(copy|cut|paste)" events triggered as
a result of handling a context menu event.

Test: fast/events/contextmenu-reentrancy-crash.html

  • page/ContextMenuController.cpp:

(WebCore::ContextMenuController::handleContextMenuEvent):

  • page/ContextMenuController.h:

LayoutTests:

Add a test to verify that triggering reentrant "contextmenu" events from script does not cause a crash.

  • fast/events/contextmenu-reentrancy-crash-expected.txt: Added.
  • fast/events/contextmenu-reentrancy-crash.html: Added.
2:57 AM WebKitGTK/2.24.x edited by Carlos Garcia Campos
(diff)

May 16, 2019:

11:06 PM Changeset in webkit [245434] by kocsen_chung@apple.com
  • 7 edits in branches/safari-608.1.24-branch/Source

Versioning.

9:30 PM Changeset in webkit [245433] by aakash_jain@apple.com
  • 3 edits in trunk/Tools

[ews-build] Download archives from S3
https://bugs.webkit.org/show_bug.cgi?id=197949

Reviewed by Jonathan Bedard.

  • BuildSlaveSupport/ews-build/steps.py:

(DownloadBuiltProduct): Updated to use S3 URL.
(DownloadBuiltProduct.getResultSummary): Method to display custom failure string.

  • BuildSlaveSupport/ews-build/steps_unittest.py: Updated unit-tests.
7:21 PM Changeset in webkit [245432] by keith_miller@apple.com
  • 15 edits in trunk/Source

Wasm should cage the memory base pointers in structs
https://bugs.webkit.org/show_bug.cgi?id=197620

Reviewed by Saam Barati.

Source/bmalloc:

Fix signature to take Gigacage::Kind, which matches GIGACAGE_ENABLED build.

  • bmalloc/Gigacage.h:

(Gigacage::isEnabled):

Source/JavaScriptCore:

Currently, we use cageConditionally; this only matters for API
users since the web content process cannot disable primitive
gigacage. This patch also adds a set helper for union/intersection
of RegisterSets.

  • assembler/CPU.h:

(JSC::isARM64E):

  • jit/RegisterSet.h:

(JSC::RegisterSet::set):

  • wasm/WasmAirIRGenerator.cpp:

(JSC::Wasm::AirIRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::AirIRGenerator::addCallIndirect):

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::B3IRGenerator::addCallIndirect):

  • wasm/WasmBinding.cpp:

(JSC::Wasm::wasmToWasm):

  • wasm/WasmInstance.h:

(JSC::Wasm::Instance::cachedMemory const):
(JSC::Wasm::Instance::updateCachedMemory):

  • wasm/WasmMemory.cpp:

(JSC::Wasm::Memory::grow):

  • wasm/WasmMemory.h:

(JSC::Wasm::Memory::memory const):

  • wasm/js/JSToWasm.cpp:

(JSC::Wasm::createJSToWasmWrapper):

  • wasm/js/WebAssemblyFunction.cpp:

(JSC::WebAssemblyFunction::jsCallEntrypointSlow):

Source/WTF:

Rename reauthenticate to recage.

  • wtf/CagedPtr.h:

(WTF::CagedPtr::recage):
(WTF::CagedPtr::reauthenticate): Deleted.

6:49 PM Changeset in webkit [245431] by kocsen_chung@apple.com
  • 1 copy in tags/Safari-608.1.24.4

Tag Safari-608.1.24.4.

6:17 PM Changeset in webkit [245430] by ddkilzer@apple.com
  • 4 edits in trunk

REGRESSION (r15133): Fix leak of JSStringRef in minidom
<https://webkit.org/b/197968>
<rdar://problem/50872430>

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

  • API/tests/minidom.c:

(print): Call JSStringRelease() to fix the leak.

Tools:

  • TestWebKitAPI/Tests/WebKitObjC/UserContentTest.mm:

(expectScriptValueIsString): Drive-by fix to use adopt() instead
of JSRetainPtr<JSStringRef> string(Adopt, JSValueToStringCopy(...)).

5:07 PM Changeset in webkit [245429] by commit-queue@webkit.org
  • 5 edits in trunk

AX: Unship some ARIA string reflectors that are to-be-replaced by element reflection
https://bugs.webkit.org/show_bug.cgi?id=197764
<rdar://problem/50649689>

Patch by Greg Doolittle <gr3g@apple.com> on 2019-05-16
Reviewed by Chris Fleizach.

Specifically these:

  • ariaActiveDescendant
  • ariaControls
  • ariaDescribedBy
  • ariaDetails
  • ariaErrorMessage
  • ariaFlowTo
  • ariaLabelledBy
  • ariaOwns

Source/WebCore:

Test: LayoutTests/accessibility/ARIA-reflections.html (updated)

  • accessibility/AriaAttributes.idl:

LayoutTests:

  • accessibility/ARIA-reflection-expected.txt: Updated.
  • accessibility/ARIA-reflection.html: Updated.
5:01 PM Changeset in webkit [245428] by kocsen_chung@apple.com
  • 1 copy in tags/Safari-607.3.1.2.1

Tag Safari-607.3.1.2.1.

4:33 PM Changeset in webkit [245427] by wilander@apple.com
  • 5 edits in trunk

Storage Access API: Call completion handlers in NetworkConnectionToWebProcess::hasStorageAccess() and NetworkConnectionToWebProcess::requestStorageAccess() when feature is off
https://bugs.webkit.org/show_bug.cgi?id=197967
<rdar://problem/50753129>

Reviewed by Brent Fulgham.

Source/WebKit:

NetworkConnectionToWebProcess::hasStorageAccess() and NetworkConnectionToWebProcess::requestStorageAccess()
should call their completion handlers when there is no Resource Load Statistics object, i.e. when Resource
Load Statistics is off. This happens for ephemeral sessions which made code for federated login providers
hang, waiting for the result to document.hasStorageAccess().

The existing layout test case was augmented to use an ephemeral session.

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::hasStorageAccess):
(WebKit::NetworkConnectionToWebProcess::requestStorageAccess):

LayoutTests:

  • http/tests/storageAccess/has-storage-access-true-if-feature-off.html:
  • platform/mac-wk2/TestExpectations:

Test case marked as [ Pass ].

4:27 PM Changeset in webkit [245426] by kocsen_chung@apple.com
  • 2 edits in branches/safari-608.1.24-branch/Source/WebCore

Revert r245147. rdar://problem/50621407

4:27 PM Changeset in webkit [245425] by kocsen_chung@apple.com
  • 36 edits
    42 deletes in branches/safari-608.1.24-branch

Revert r245170. rdar://problem/50445998

4:27 PM Changeset in webkit [245424] by kocsen_chung@apple.com
  • 3 edits
    2 deletes in branches/safari-608.1.24-branch

Revert r245175. rdar://problem/50584991

4:27 PM Changeset in webkit [245423] by kocsen_chung@apple.com
  • 3 edits
    2 deletes in branches/safari-608.1.24-branch

Revert r245181. rdar://problem/50670806

4:27 PM Changeset in webkit [245422] by kocsen_chung@apple.com
  • 6 edits
    14 deletes in branches/safari-608.1.24-branch

Revert r245205. rdar://problem/50652127

4:27 PM Changeset in webkit [245421] by kocsen_chung@apple.com
  • 4 edits in branches/safari-608.1.24-branch/Source/WebCore

Revert r245218. rdar://problem/50705506

4:27 PM Changeset in webkit [245420] by kocsen_chung@apple.com
  • 3 edits
    2 deletes in branches/safari-608.1.24-branch

Revert r245220. rdar://problem/50686229

4:24 PM Changeset in webkit [245419] by ddkilzer@apple.com
  • 2 edits in trunk/Tools

REGRESSION (r84160): Leak of OpaqueJSString under WTR::JSTestRunner::pathToLocalResource (32 bytes) in com.apple.WebKit.WebContent running layout tests
<https://webkit.org/b/197965>

Reviewed by Joseph Pecoraro.

  • WebKitTestRunner/InjectedBundle/mac/TestRunnerMac.mm:

(WTR::TestRunner::pathToLocalResource): Don't call
JSStringRetain() here because the JSRetainPtr<JSStringRef>
return type will increment the retain count for us.

4:08 PM Changeset in webkit [245418] by commit-queue@webkit.org
  • 12 edits in trunk

Add a unit test for client certificate authentication
https://bugs.webkit.org/show_bug.cgi?id=197800

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-16
Reviewed by Youenn Fablet.

Source/WebKit:

  • Shared/cf/ArgumentCodersCF.cpp:

Move SPI declarations to SecuritySPI.h.

Source/WTF:

  • wtf/spi/cocoa/SecuritySPI.h:

Move declarations from ArgumentCodersCF.cpp so they can be shared.

Tools:

Make better abstractions for reading and writing from/to TCPServer.
Add a unit test that causes a client certificate authentication challenge to happen.

  • TestWebKitAPI/TCPServer.cpp:

(TestWebKitAPI::TCPServer::TCPServer):
(TestWebKitAPI::TCPServer::read):
(TestWebKitAPI::TCPServer::write):
(TestWebKitAPI::TCPServer::respondWithChallengeThenOK):
(TestWebKitAPI::TCPServer::respondWithOK):

  • TestWebKitAPI/TCPServer.h:
  • TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:

(credentialWithIdentity):
(-[ChallengeDelegate webView:didReceiveAuthenticationChallenge:completionHandler:]):
(TEST):
(-[ClientCertificateDelegate webView:didFinishNavigation:]):
(-[ClientCertificateDelegate webView:didReceiveAuthenticationChallenge:completionHandler:]):
(-[ClientCertificateDelegate challengeCount]):
(TestWebKitAPI::TEST):
(respondWithChallengeThenOK): Deleted.
(credentialWithIdentityAndKeychainPath): Deleted.

  • TestWebKitAPI/Tests/WebKitCocoa/PDFLinkReferrer.mm:

(TEST):

  • TestWebKitAPI/Tests/WebKitCocoa/Proxy.mm:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WebKitCocoa/WKNavigationResponse.mm:

(TEST):
(readRequest): Deleted.
(writeResponse): Deleted.

  • TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm:

(TestWebKitAPI::TEST):
(TestWebKitAPI::respondWithChallengeThenOK): Deleted.

4:03 PM Changeset in webkit [245417] by kocsen_chung@apple.com
  • 2 edits in branches/safari-607.3.1.2-branch/Source/JavaScriptCore/bytecompiler

Apply patch. rdar://problem/50754976

4:03 PM Changeset in webkit [245416] by kocsen_chung@apple.com
  • 4 edits
    1 add in branches/safari-607.3.1.2-branch

Cherry-pick r245047. rdar://problem/50754976

JSC: A bug in BytecodeGenerator::emitEqualityOpImpl
https://bugs.webkit.org/show_bug.cgi?id=197479

Reviewed by Saam Barati.

JSTests:

  • stress/do-not-perform-bytecode-peephole-optimization-in-jump-target.js: Added. (shouldBe):

Source/JavaScriptCore:

Our peephole optimization in BytecodeGenerator is (1) rewinding the previous instruction and (2) emit optimized instruction instead.
If we have jump target between the previous instruction and the subsequent instruction, this peephole optimization breaks the jump target.
To prevent it, we had a mechanism disabling peephole optimization, setting m_lastOpcodeID = op_end and checking m_lastOpcodeID when performing
peephole optimization. However, BytecodeGenerator::emitEqualityOpImpl checks m_lastInstruction->is<OpTypeof> instead of m_lastOpcodeID == op_typeof,
and miss op_end case.

This patch makes the following changes.

  1. Add canDoPeepholeOptimization method to clarify the intent of m_lastInstruction = op_end.
  2. Check canDoPeepholeOptimization status before performing peephole optimization in emitJumpIfTrue, emitJumpIfFalse, and emitEqualityOpImpl.
  3. Add ASSERT(canDoPeepholeOptimization()) in fuseCompareAndJump and fuseTestAndJmp to ensure that peephole optimization is allowed.
  • bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitEqualityOpImpl):
  • bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::canDoPeepholeOptimization const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:03 PM Changeset in webkit [245415] by kocsen_chung@apple.com
  • 8 edits
    1 add in branches/safari-607.3.1.2-branch

Cherry-pick r244996. rdar://problem/50754980

[JSC] We should check OOM for description string of Symbol
https://bugs.webkit.org/show_bug.cgi?id=197634

Reviewed by Keith Miller.

JSTests:

  • stress/check-symbol-description-oom.js: Added. (shouldThrow):

Source/JavaScriptCore:

When resoling JSString for description of Symbol, we should check OOM error.
We also change JSValueMakeSymbol(..., nullptr) to returning a symbol value
without description, (1) to simplify the code and (2) give a way for JSC API
to create a symbol value without description.

  • API/JSValueRef.cpp: (JSValueMakeSymbol):
  • API/tests/testapi.cpp: (TestAPI::symbolsTypeof): (TestAPI::symbolsDescription): (testCAPIViaCpp):
  • dfg/DFGOperations.cpp:
  • runtime/Symbol.cpp: (JSC::Symbol::createWithDescription):
  • runtime/Symbol.h:
  • runtime/SymbolConstructor.cpp: (JSC::callSymbol):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:03 PM Changeset in webkit [245414] by kocsen_chung@apple.com
  • 7 edits
    2 adds in branches/safari-607.3.1.2-branch

Cherry-pick r243948. rdar://problem/50754972

SIGSEGV in JSC::BytecodeGenerator::addStringConstant
https://bugs.webkit.org/show_bug.cgi?id=196486

Reviewed by Saam Barati.

JSTests:

  • stress/arrow-function-and-use-strict-directive.js: Added.
  • stress/arrow-function-syntax.js: Added. Checking EOF token handling. (checkSyntax): (checkSyntaxError): Currently not using it. But it is useful for testing more things related to arrow function syntax.

Source/JavaScriptCore:

When parsing a FunctionExpression / FunctionDeclaration etc., we use SyntaxChecker for the body of the function because we do not have any interest on the nodes of the body at that time.
The nodes will be parsed with the ASTBuilder when the function itself is parsed for code generation. This works well previously because all the function ends with "}" previously.
SyntaxChecker lexes this "}" token, and parser restores the context back to ASTBuilder and continues parsing.

But now, we have ArrowFunctionExpression without braces arrow => expr. Let's consider the following code.

arrow => expr
"string!"

We parse arrow function's body with SyntaxChecker. At that time, we lex "string!" token under the SyntaxChecker context. But this means that we may not build string content for this token
since SyntaxChecker may not have interest on string content itself in certain case. After the parser is back to ASTBuilder, we parse "string!" as ExpressionStatement with string constant,
generate StringNode with non-built identifier (nullptr), and we accidentally create StringNode with nullptr.

This patch fixes this problem. The root cause of this problem is that the last token lexed in the previous context is used. We add lexCurrentTokenAgainUnderCurrentContext which will re-lex
the current token under the current context (may be ASTBuilder). This should be done only when the caller's context is different from SyntaxChecker, which avoids unnecessary lexing.
We leverage existing SavePoint mechanism to implement lexCurrentTokenAgainUnderCurrentContext cleanly.

And we also fix the bug in the existing SavePoint mechanism, which is shown in the attached test script. When we save LexerState, we do not save line terminator status. This patch also introduces
lexWithoutClearingLineTerminator, which lex the token without clearing line terminator status.

  • parser/ASTBuilder.h: (JSC::ASTBuilder::createString):
  • parser/Lexer.cpp: (JSC::Lexer<T>::parseMultilineComment): (JSC::Lexer<T>::lexWithoutClearingLineTerminator): EOF token also should record offset information. This offset information is correctly handled in Lexer::setOffset too. (JSC::Lexer<T>::lex): Deleted.
  • parser/Lexer.h: (JSC::Lexer::hasLineTerminatorBeforeToken const): (JSC::Lexer::setHasLineTerminatorBeforeToken): (JSC::Lexer<T>::lex): (JSC::Lexer::prevTerminator const): Deleted. (JSC::Lexer::setTerminator): Deleted.
  • parser/Parser.cpp: (JSC::Parser<LexerType>::allowAutomaticSemicolon): (JSC::Parser<LexerType>::parseSingleFunction): (JSC::Parser<LexerType>::parseStatementListItem): (JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement): (JSC::Parser<LexerType>::parseFunctionInfo): (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseExportDeclaration): (JSC::Parser<LexerType>::parseAssignmentExpression): (JSC::Parser<LexerType>::parseYieldExpression): (JSC::Parser<LexerType>::parseProperty): (JSC::Parser<LexerType>::parsePrimaryExpression): (JSC::Parser<LexerType>::parseMemberExpression):
  • parser/Parser.h: (JSC::Parser::nextWithoutClearingLineTerminator): (JSC::Parser::lexCurrentTokenAgainUnderCurrentContext): (JSC::Parser::internalSaveLexerState): (JSC::Parser::restoreLexerState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243948 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:00 PM Changeset in webkit [245413] by kocsen_chung@apple.com
  • 7 edits in branches/safari-607.3.1.2-branch/Source

Versioning.

3:48 PM Changeset in webkit [245412] by kocsen_chung@apple.com
  • 7 edits
    2 deletes in branches/safari-607.2.1.2-branch

Revert "Cherry-pick r243948. rdar://problem/50754972"

3:47 PM Changeset in webkit [245411] by kocsen_chung@apple.com
  • 8 edits
    1 delete in branches/safari-607.2.1.2-branch

Revert "Cherry-pick r244996. rdar://problem/50754980"

3:47 PM Changeset in webkit [245410] by kocsen_chung@apple.com
  • 4 edits
    1 delete in branches/safari-607.2.1.2-branch

Revert "Cherry-pick r245047. rdar://problem/50754976"

3:47 PM Changeset in webkit [245409] by kocsen_chung@apple.com
  • 2 edits in branches/safari-607.2.1.2-branch/Source/JavaScriptCore/bytecompiler

Revert "Apply patch. rdar://problem/50754976"

3:33 PM WebKitGTK/2.24.x edited by mcatanzaro@igalia.com
More backports (diff)
3:25 PM Changeset in webkit [245408] by kocsen_chung@apple.com
  • 1 copy in branches/safari-607.3.1.2-branch

New branch.

2:50 PM Changeset in webkit [245407] by youenn@apple.com
  • 2 edits in trunk/Source/WebCore

CoreAudioCaptureSource should be marked as an audio capture track
https://bugs.webkit.org/show_bug.cgi?id=197953
<rdar://problem/50552007>

Reviewed by Eric Carlson.

Manually tested.

  • platform/mediastream/mac/CoreAudioCaptureSource.h:

Mark it as microphone so that it can get muted properly.

1:08 PM Changeset in webkit [245406] by Ross Kirsling
  • 33 edits
    1 add in trunk

[JSC] Invalid AssignmentTargetType should be an early error.
https://bugs.webkit.org/show_bug.cgi?id=197603

Reviewed by Keith Miller.

JSTests:

  • test262/expectations.yaml:

Update expectations to reflect new SyntaxErrors.
(Ideally, these should all be viewed as passing in the near future.)

  • stress/async-await-basic.js:
  • stress/big-int-literals.js:

Update tests to reflect new SyntaxErrors.

  • ChakraCore.yaml:
  • ChakraCore/test/EH/try6.baseline-jsc:
  • ChakraCore/test/Error/variousErrors3.baseline-jsc: Added.

Update baselines to reflect new SyntaxErrors.

Source/JavaScriptCore:

Since ES6, expressions like 0++, ++0, 0 = 0, and 0 += 0 are all specified as early errors:

https://tc39.github.io/ecma262/#sec-update-expressions-static-semantics-early-errors
https://tc39.github.io/ecma262/#sec-assignment-operators-static-semantics-early-errors

We currently throw late ReferenceErrors for these -- let's turn them into early SyntaxErrors.
(This is based on the expectation that https://github.com/tc39/ecma262/pull/1527 will be accepted;
if that doesn't come to pass, we can subsequently introduce early ReferenceError and revise these.)

  • bytecompiler/NodesCodegen.cpp:

(JSC::PostfixNode::emitBytecode): Add an assert for "function call LHS" case.
(JSC::PrefixNode::emitBytecode): Add an assert for "function call LHS" case.

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::isLocation): Added.
(JSC::ASTBuilder::isAssignmentLocation): Fix misleading parameter name.
(JSC::ASTBuilder::isFunctionCall): Added.
(JSC::ASTBuilder::makeAssignNode): Add an assert for "function call LHS" case.

  • parser/SyntaxChecker.h:

(JSC::SyntaxChecker::isLocation): Added.
(JSC::SyntaxChecker::isAssignmentLocation): Fix incorrect definition and align with ASTBuilder.
(JSC::SyntaxChecker::isFunctionCall): Added.

  • parser/Nodes.h:

(JSC::ExpressionNode::isFunctionCall const): Added.
Ensure that the parser can check whether an expression node is a function call.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::isSimpleAssignmentTarget): Added.
(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::Parser<LexerType>::parseUnaryExpression): See below.

  • parser/Parser.h:

Throw SyntaxError whenever an assignment or update expression's target is invalid.
Unfortunately, it seems that web compatibility obliges us to exempt the "function call LHS" case in sloppy mode.
(https://github.com/tc39/ecma262/issues/257#issuecomment-195106880)

Additional cleanup items:

  • Make use of semanticFailIfTrue for isMetaProperty checks, as it's equivalent.
  • Rename requiresLExpr to hasPrefixUpdateOp since it's now confusing, and get rid of modifiesExpr since it refers to the exact same condition.
  • Stop setting lastOperator near the end -- one case was incorrect and regardless neither is used.

LayoutTests:

  • fast/events/window-onerror4-expected.txt:
  • ietestcenter/Javascript/11.13.1-1-1-expected.txt:
  • ietestcenter/Javascript/11.13.1-1-2-expected.txt:
  • ietestcenter/Javascript/11.13.1-1-3-expected.txt:
  • ietestcenter/Javascript/11.13.1-1-4-expected.txt:
  • js/basic-strict-mode-expected.txt:
  • js/dom/assign-expected.txt:
  • js/dom/line-column-numbers-expected.txt:
  • js/dom/line-column-numbers.html:
  • js/dom/postfix-syntax-expected.txt:
  • js/dom/prefix-syntax-expected.txt:
  • js/dom/script-tests/line-column-numbers.js:
  • js/function-toString-parentheses-expected.txt:
  • js/parser-syntax-check-expected.txt:
  • js/parser-xml-close-comment-expected.txt:
  • js/script-tests/function-toString-parentheses.js:
  • js/script-tests/parser-syntax-check.js:

Update tests & expectations to reflect new SyntaxErrors.

  • js/script-tests/toString-prefix-postfix-preserve-parens.js:
  • js/toString-prefix-postfix-preserve-parens-expected.txt:

None of the prefix/postfix tests make sense here now that they're all SyntaxErrors;
remove them and just leave the typeof tests.

12:51 PM Changeset in webkit [245405] by Shawn Roberts
  • 2 edits in branches/safari-607-branch/LayoutTests

quicklook/numbers.html is an ImageOnlyFailure
https://bugs.webkit.org/show_bug.cgi?id=191711

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations: Updating expectations for branch
12:33 PM Changeset in webkit [245404] by kocsen_chung@apple.com
  • 2 edits in branches/safari-607.2.1.2-branch/Source/JavaScriptCore/bytecompiler

Apply patch. rdar://problem/50754976

12:22 PM Changeset in webkit [245403] by kocsen_chung@apple.com
  • 2 edits in branches/safari-607-branch/Source/JavaScriptCore/bytecompiler

Apply patch. rdar://problem/50753944

11:31 AM Changeset in webkit [245402] by youenn@apple.com
  • 2 edits in trunk/LayoutTests

Layout Test http/wpt/cache-storage/cache-quota-add.any.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=197952
<rdar://problem/50859168>

Unreviewed.

  • platform/ios-simulator-wk2/TestExpectations:

Mark test as slow as per flakiness dashboard.

11:08 AM Changeset in webkit [245401] by commit-queue@webkit.org
  • 22 edits
    6 adds in trunk

Add SPI to set a list of hosts to which to send custom header fields cross-origin
https://bugs.webkit.org/show_bug.cgi?id=197397

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-16
Reviewed by Geoff Garen.

Source/WebCore:

In r223001 I added the ability to send custom headers, but with a restriction that they will not be sent except to the origin of the main document.
We need the ability to specify what origins to send these headers to even if they are not first party requests.
We get this information in a list of strings which are the hosts to send the headers to. Some of the strings have an asterisk at the beginning,
indicating that the headers are to be sent to all subdomains.

I repurposed some ObjC SPI that was never adopted, but I keep testing the C API that was to verify no regression.
I also added some new API tests for the new behavior.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • loader/CustomHeaderFields.cpp: Added.

(WebCore::CustomHeaderFields::thirdPartyDomainsMatch const):

  • loader/CustomHeaderFields.h: Added.

(WebCore::CustomHeaderFields::encode const):
(WebCore::CustomHeaderFields::decode):

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::setCustomHeaderFields): Deleted.

  • loader/DocumentLoader.h:

(WebCore::DocumentLoader::setCustomHeaderFields):
(WebCore::DocumentLoader::customHeaderFields const):
(WebCore::DocumentLoader::customHeaderFields): Deleted.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestResource):

Source/WebKit:

  • Shared/API/APIObject.h:
  • Shared/Cocoa/APIObject.mm:

(API::Object::newObject):

  • Shared/WebsitePoliciesData.cpp:

(WebKit::WebsitePoliciesData::decode):

  • Shared/WebsitePoliciesData.h:
  • SourcesCocoa.txt:
  • UIProcess/API/APICustomHeaderFields.h: Added.
  • UIProcess/API/APIWebsitePolicies.cpp:

(API::WebsitePolicies::WebsitePolicies):
(API::WebsitePolicies::copy const):
(API::WebsitePolicies::data):

  • UIProcess/API/APIWebsitePolicies.h:
  • UIProcess/API/C/WKWebsitePolicies.cpp:

(WKWebsitePoliciesCopyCustomHeaderFields):
(WKWebsitePoliciesSetCustomHeaderFields):

  • UIProcess/API/Cocoa/WKWebpagePreferences.mm:

(-[WKWebpagePreferences _customHeaderFields]):
(-[WKWebpagePreferences _setCustomHeaderFields:]):

  • UIProcess/API/Cocoa/WKWebpagePreferencesPrivate.h:
  • UIProcess/API/Cocoa/_WKCustomHeaderFields.h: Added.
  • UIProcess/API/Cocoa/_WKCustomHeaderFields.mm: Added.

(-[_WKCustomHeaderFields init]):
(-[_WKCustomHeaderFields dealloc]):
(-[_WKCustomHeaderFields fields]):
(-[_WKCustomHeaderFields setFields:]):
(-[_WKCustomHeaderFields thirdPartyDomains]):
(-[_WKCustomHeaderFields setThirdPartyDomains:]):
(-[_WKCustomHeaderFields _apiObject]):

  • UIProcess/API/Cocoa/_WKCustomHeaderFieldsInternal.h: Added.
  • UIProcess/API/Cocoa/_WKWebsitePolicies.h:
  • UIProcess/API/Cocoa/_WKWebsitePolicies.mm:

(-[_WKWebsitePolicies customHeaderFields]): Deleted.
(-[_WKWebsitePolicies setCustomHeaderFields:]): Deleted.

  • UIProcess/Cocoa/WebViewImpl.h:
  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::takeFocus):
(WebKit::WebViewImpl::accessibilityAttributeValue):

  • WebKit.xcodeproj/project.pbxproj:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm:

(TEST):
(expectLegacyHeaders):
(expectHeaders):
(-[CustomHeaderFieldsDelegate webView:decidePolicyForNavigationAction:preferences:decisionHandler:]):
(-[CustomHeaderFieldsDelegate webView:startURLSchemeTask:]):
(-[CustomHeaderFieldsDelegate _webView:decidePolicyForNavigationAction:decisionHandler:]): Deleted.

10:31 AM Changeset in webkit [245400] by dbates@webkit.org
  • 1 edit in trunk/LayoutTests/ChangeLog

[iOS] Unable to commit search on MSN.com, qq.com, or sina.com.cn using enter key (hardware or software keyboard)
https://bugs.webkit.org/show_bug.cgi?id=197632
<rdar://problem/47902054>

Add missing file that was inadvertently omitted from the patch.

  • fast/events/ios/resources/submit-form-target-blank-using-return-key.html: Added.
10:27 AM Changeset in webkit [245399] by dbates@webkit.org
  • 1 edit
    1 add in trunk/LayoutTests

[iOS] Select all with existing range selection replaces range instead of selecting all text
https://bugs.webkit.org/show_bug.cgi?id=197950
<rdar://problem/50245131>

Add missing file that was inadvertently omitted from the patch.

  • fast/events/ios/resources/submit-form-target-blank-using-return-key.html: Added.
10:21 AM WebKitGTK/2.24.x edited by Adrian Perez de Castro
(diff)
10:02 AM Changeset in webkit [245398] by kocsen_chung@apple.com
  • 2 edits in branches/safari-608.1.24-branch/Source/WebKit/WebProcess

Partially Revert r245334. rdar://problem/50234105

Build fix.

8:36 AM Changeset in webkit [245397] by kocsen_chung@apple.com
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r244632. rdar://problem/50344384

Do not restart WebRTC stats timer if backend is stopped
https://bugs.webkit.org/show_bug.cgi?id=197257
<rdar://problem/50095879>

Reviewed by Eric Carlson.

We used to stop and reschedule the stat gathering timer in case the
gathering delay is changing. Timer should not be rescheduled if the backend is stopped.

  • Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp: (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244632 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6:54 AM Changeset in webkit [245396] by ajuma@chromium.org
  • 3 edits
    2 adds in trunk

[IntersectionObserver] Regression: No initial observation when nothing else triggers rendering
https://bugs.webkit.org/show_bug.cgi?id=197891

Reviewed by Simon Fraser.

Source/WebCore:

Schedule a rendering update whenever a new IntersectionObserver target is added.

Test: intersection-observer/initial-observation.html

  • page/IntersectionObserver.cpp:

(WebCore::IntersectionObserver::observe):

LayoutTests:

Add a test where other timers that can schedule rendering updates are disabled,
in order to verify that IntersectionObserver is scheduling rendering updates
itself.

  • intersection-observer/initial-observation.html: Added.
6:38 AM Changeset in webkit [245395] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WTF

Fix memcpy() call for big endian
https://bugs.webkit.org/show_bug.cgi?id=197945

Patch by Eike Rathke <erack@redhat.com> on 2019-05-16
Reviewed by Michael Catanzaro.

  • wtf/Packed.h:

(WTF::alignof):

4:48 AM Changeset in webkit [245394] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[WPE] Rendering on a HiDPI display looks scaled up instead of rendered at 2x
https://bugs.webkit.org/show_bug.cgi?id=185764

Patch by Ryan Walklin <ryan@testtoast.com> on 2019-05-16
Reviewed by Carlos Garcia Campos.

Add a function to the wpe_view_backend_client struct which accepts a device scale factor
configured through wpe_view_backend_dispatch_set_device_scale_factor() and calls
setIntrinsicDeviceScaleFactor for the the current View.Page object. The
function definition has been added in libwpe 1.3.

  • UIProcess/API/wpe/WPEView.cpp:

(WKWPE::m_backend): Add set_device_scale_factor implementation declared by libwpe.

2:31 AM Changeset in webkit [245393] by Carlos Garcia Campos
  • 7 edits in trunk/Source/WebCore

[FreeType] Some character sequences with a variation selector are not rendered
https://bugs.webkit.org/show_bug.cgi?id=197838

Reviewed by Michael Catanzaro.

We get the invalid glyph instead. See http://mts.io/2015/04/21/unicode-symbol-render-text-emoji/. In the table at
the end the Emoji and Text columns are not correctly rendered. It happens also when copying an emoji from
GtkEmojiChooser and pasting in WebKit text field, because GTK appends U+FE0F to all emojis to force the emoji
style. We need to take into account the variation selector when checking if a font can render a combining
sequence, using FT_Face_GetCharVariantIndex to get the right glyph in case of variation character present.

  • platform/graphics/Font.cpp:

(WebCore::Font::platformSupportsCodePoint const): Add optional variation parameter.
(WebCore::Font::canRenderCombiningCharacterSequence const): Take into account variation selector characters

  • platform/graphics/Font.h:
  • platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:

(WebCore::FontCascade::fontForCombiningCharacterSequence const): Check variation selectors 0xFE0E and 0xFE0F to
decide whether to use the emoji or text style.

  • platform/graphics/cocoa/FontCocoa.mm:

(WebCore::Font::platformSupportsCodePoint const): Return false when a variation character is passed so that
characters are checked individually.

  • platform/graphics/freetype/SimpleFontDataFreeType.cpp:

(WebCore::Font::platformSupportsCodePoint const): Use FT_Face_GetCharVariantIndex when a variation character is
passed.

  • platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:

(WebCore::harfBuzzFontFunctions): Do not return true when FT_Face_GetCharVariantIndex returns 0.

2:22 AM Changeset in webkit [245392] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Updated screenHasInvertedColors to use AppKit when available
https://bugs.webkit.org/show_bug.cgi?id=197935
<rdar://problem/50834405>

Patch by Greg Hughes <ghughes@apple.com> on 2019-05-16
Reviewed by Chris Fleizach.

  • platform/mac/PlatformScreenMac.mm:

(WebCore::collectScreenProperties):
(WebCore::screenHasInvertedColors):

May 15, 2019:

11:02 PM Changeset in webkit [245391] by kocsen_chung@apple.com
  • 3 edits
    2 adds in branches/safari-608.1.24-branch

Cherry-pick r245220. rdar://problem/50686229

When the set of backing-sharing layers changes, we need to issue a repaint
https://bugs.webkit.org/show_bug.cgi?id=197825

Reviewed by Zalan Bujtas.

Source/WebCore:

If the set of layers painting into a shared backing store changes, we need
to repaint that backing store. This happens when scrolling as shared layers
enter the visible area.

Test: compositing/shared-backing/overflow-scroll/repaint-shared-on-scroll.html

  • rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::setBackingSharingLayers):

LayoutTests:

  • compositing/shared-backing/overflow-scroll/repaint-shared-on-scroll-expected.html: Added.
  • compositing/shared-backing/overflow-scroll/repaint-shared-on-scroll.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245220 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:01 PM Changeset in webkit [245390] by kocsen_chung@apple.com
  • 4 edits in branches/safari-608.1.24-branch/Source/WebCore

Cherry-pick r245218. rdar://problem/50705506

Refactor composited backing-sharing code
https://bugs.webkit.org/show_bug.cgi?id=197824

Reviewed by Zalan Bujtas.

Clean up the backing-sharing code to share more code, and make it easier to understand.

Moves more logic into member functions on BackingSharingState, which are named to make
their functions clearer: startBackingSharingSequence/endBackingSharingSequence.

computeCompositingRequirements() and traverseUnchangedSubtree() now just call
updateBeforeDescendantTraversal/updateAfterDescendantTraversal.

No behavior change.

  • rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::willBeDestroyed): (WebCore::RenderLayerBacking::setBackingSharingLayers): Remove the early return, since we need to call setBackingProviderLayer() on the sharing layers in both code paths. (WebCore::RenderLayerBacking::removeBackingSharingLayer): (WebCore::RenderLayerBacking::clearBackingSharingLayers):
  • rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::BackingSharingState::backingProviderCandidate const): (WebCore::RenderLayerCompositor::BackingSharingState::appendSharingLayer): (WebCore::RenderLayerCompositor::BackingSharingState::startBackingSharingSequence): (WebCore::RenderLayerCompositor::BackingSharingState::endBackingSharingSequence): (WebCore::RenderLayerCompositor::BackingSharingState::updateBeforeDescendantTraversal): (WebCore::RenderLayerCompositor::BackingSharingState::updateAfterDescendantTraversal): (WebCore::RenderLayerCompositor::computeCompositingRequirements): (WebCore::RenderLayerCompositor::traverseUnchangedSubtree): (WebCore::RenderLayerCompositor::BackingSharingState::resetBackingProviderCandidate): Deleted.
  • rendering/RenderLayerCompositor.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245218 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:01 PM Changeset in webkit [245389] by kocsen_chung@apple.com
  • 6 edits
    14 adds in branches/safari-608.1.24-branch

Cherry-pick r245205. rdar://problem/50652127

Backing-sharing layers with transforms render incorrectly
https://bugs.webkit.org/show_bug.cgi?id=197692
<rdar://problem/50652127>

Reviewed by Antti Koivisto.
Source/WebCore:

Layers that paint into shared backing need to enter the RenderLayer painting code
in a way that paints the filters, transforms, opacity and blending.

RenderLayerBacking::paintIntoLayer() normally enters at paintLayerContents(), because
the effects are rendered via the GraphicsLayer, but shared layers will paint effects.
Note that if the backing-provider has effects, it will be the stacking context
for the shared layers, so it's correct that sharing layers are impacted by effects
on the backing-provider.

In addition, we have to ensure that we don't over-eagerly make layers shared.
Consider:

<div class="clipping">

<div class="sharing">

<div class="inner">
</div>

</div>

</div>

Here "clipping" is the provider layer, "sharing" paints into shared backing, but
we don't want to also mark "inner" as sharing, since "sharing" will just paint it.
This is akin to avoiding unnecessary compositing of z-order descendants when they can just
paint.

To do this we need to ensure that sharing layers are treated like compositing layers
in the overlap map, i.e. when a layer is sharing, we call overlapMap.pushCompositingContainer(),
and later overlapMap.popCompositingContainer().

Tests: compositing/shared-backing/nested-shared-layers-with-opacity.html

compositing/shared-backing/shared-layer-has-blending.html
compositing/shared-backing/shared-layer-has-filter.html
compositing/shared-backing/shared-layer-has-opacity.html
compositing/shared-backing/shared-layer-has-reflection.html
compositing/shared-backing/shared-layer-has-transform.html
compositing/shared-backing/shared-layer-isolates-blending.html
compositing/shared-backing/shared-transformed-layer-bounds.html
compositing/shared-backing/sharing-layer-becomes-non-scrollable.html
compositing/shared-backing/sharing-layer-has-effect.html

  • rendering/RenderLayer.cpp: (WebCore::RenderLayer::paintLayer): (WebCore::RenderLayer::paintLayerWithEffects):
  • rendering/RenderLayer.h:
  • rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::paintIntoLayer):
  • rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::CompositingState::stateForPaintOrderChildren const): (WebCore::backingProviderLayerCanIncludeLayer): (WebCore::RenderLayerCompositor::computeCompositingRequirements): (WebCore::RenderLayerCompositor::traverseUnchangedSubtree):

LayoutTests:

Ref tests for effects on sharing layers. The references make "clipping" be stacking context via z-index,
which eliminates sharing.

  • compositing/shared-backing/nested-shared-layers-with-opacity-expected.html: Added.
  • compositing/shared-backing/nested-shared-layers-with-opacity.html: Added.
  • compositing/shared-backing/shared-layer-has-blending-expected.html: Added.
  • compositing/shared-backing/shared-layer-has-blending.html: Added.
  • compositing/shared-backing/shared-layer-has-filter-expected.html: Added.
  • compositing/shared-backing/shared-layer-has-filter.html: Added.
  • compositing/shared-backing/shared-layer-has-opacity-expected.html: Added.
  • compositing/shared-backing/shared-layer-has-opacity.html: Added.
  • compositing/shared-backing/shared-layer-has-reflection-expected.html: Added.
  • compositing/shared-backing/shared-layer-has-reflection.html: Added.
  • compositing/shared-backing/shared-layer-has-transform-expected.html: Added.
  • compositing/shared-backing/shared-layer-has-transform.html: Added.
  • compositing/shared-backing/shared-layer-isolates-blending-expected.html: Added.
  • compositing/shared-backing/shared-layer-isolates-blending.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245205 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:01 PM Changeset in webkit [245388] by kocsen_chung@apple.com
  • 3 edits
    2 adds in branches/safari-608.1.24-branch

Cherry-pick r245181. rdar://problem/50670806

ASSERT(isSelfPaintingLayer()
hasSelfPaintingLayerDescendant()) on nytimes.com after r245170

https://bugs.webkit.org/show_bug.cgi?id=197776

Reviewed by Zalan Bujtas.

Source/WebCore:

Only try to paint into shared backing for layers that are able to be composited. This
avoids trying to do sharing for non-self-painting layers, which doesn't make sense.

Test: compositing/shared-backing/overflow-scroll/non-self-painting-layer-should-not-share.html

  • rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::computeCompositingRequirements):

LayoutTests:

  • compositing/shared-backing/overflow-scroll/non-self-painting-layer-should-not-share-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/non-self-painting-layer-should-not-share.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245181 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:01 PM Changeset in webkit [245387] by kocsen_chung@apple.com
  • 36 edits
    7 copies
    35 adds in branches/safari-608.1.24-branch

Cherry-pick r245170. rdar://problem/50445998

Implement backing-sharing in compositing layers, allowing overlap layers to paint into the backing store of another layer
https://bugs.webkit.org/show_bug.cgi?id=197561
<rdar://problem/50445998>

Reviewed by Antti Koivisto.
Source/WebCore:

This change introduces the concept of layers that share backing store for compositing. A layer
which is sharing its backing store first paints itself, and then some set of layers which come
later in paint order in the same stacking context. This reduces the composited layer count in
some overflow scrolling scenarios, thereby also simplifying the scrolling tree.

A backing-shared layer stores a vector of "sharing" RenderLayer* in its RenderLayerBacking. At
paint time, the owning layer is painted, then the sharing layers, setting the owning layer as the
painting root so that positioning and clipping just work.

Sharing layer relationships are constructed in RenderLayerCompositor::computeCompositingRequirements().
We track the last layer which was composited in paint order as a shared candidate. If a later layer
would composite for overlap (and no other reasons), then we allow it to share with the candidate
if the candidate is in its ancestor containing block chain. Sharing is currently limited to layers
in the same stacking context.

isComposited() returns false for sharing layers, but they are like composited layers in that
they behave as painting boundaries, so RenderLayer::paintLayer() needs to stop at them,
and repaints in shared layers have to be directed to their shared layer, hence
changes to RenderLayer::clippingRootForPainting() and RenderLayer::enclosingCompositingLayerForRepaint().

The clipping boundary logic in RenderLayer::backgroundClipRect() needed to be generalized so that
all calls to RenderLayer::parentClipRects() check for crossing painting boundaries and use
TemporaryClipRects in that case.

Tests: compositing/shared-backing/overflow-scroll/absolute-in-stacking-relative-in-scroller.html

compositing/shared-backing/overflow-scroll/composited-absolute-in-absolute-in-relative-in-scroller.html
compositing/shared-backing/overflow-scroll/nested-absolute-with-clipping-in-stacking-overflow.html
compositing/shared-backing/overflow-scroll/previous-sibling-prevents-inclusiveness.html
compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-clipping.html
compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-relative-clipping.html
compositing/shared-backing/overflow-scroll/relative-in-div-in-overflow-scroll.html
compositing/shared-backing/overflow-scroll/scrolled-contents-has-painted-content.html
compositing/shared-backing/overflow-scroll/scrolled-contents-unconstrained-clip.html
compositing/shared-backing/overflow-scroll/shared-layer-clipping.html
compositing/shared-backing/overflow-scroll/shared-layer-composited-bounds.html
compositing/shared-backing/overflow-scroll/shared-layer-nested-relative-stacking.html
compositing/shared-backing/overflow-scroll/shared-layer-repaint.html
compositing/shared-backing/partial-compositing-update.html
compositing/shared-backing/partial-compositing-update2.html
compositing/shared-backing/remove-sharing-layer.html
compositing/shared-backing/sharing-cached-clip-rects.html

  • rendering/RenderLayer.cpp: (WebCore::RenderLayer::~RenderLayer): (WebCore::RenderLayer::ancestorLayerIsInContainingBlockChain const): (WebCore::RenderLayer::setBackingProviderLayer): (WebCore::RenderLayer::disconnectFromBackingProviderLayer): (WebCore::RenderLayer::enclosingCompositingLayerForRepaint const): (WebCore::RenderLayer::clippingRootForPainting const): (WebCore::RenderLayer::clipToRect): (WebCore::RenderLayer::paintLayer): (WebCore::RenderLayer::updateClipRects): (WebCore::RenderLayer::clipCrossesPaintingBoundary const): (WebCore::RenderLayer::calculateClipRects const): (WebCore::outputPaintOrderTreeLegend): (WebCore::outputPaintOrderTreeRecursive): (WebCore::inContainingBlockChain): Deleted.
  • rendering/RenderLayer.h:
  • rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::willBeDestroyed): (WebCore::clearBackingSharingLayerProviders): (WebCore::RenderLayerBacking::setBackingSharingLayers): (WebCore::RenderLayerBacking::removeBackingSharingLayer): (WebCore::RenderLayerBacking::clearBackingSharingLayers): (WebCore::RenderLayerBacking::updateCompositedBounds): (WebCore::RenderLayerBacking::updateDrawsContent): (WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const): (WebCore::RenderLayerBacking::paintIntoLayer): (WebCore::RenderLayerBacking::paintContents):
  • rendering/RenderLayerBacking.h:
  • rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::CompositingState::stateForPaintOrderChildren const): (WebCore::RenderLayerCompositor::CompositingState::propagateStateFromChildren): (WebCore::RenderLayerCompositor::CompositingState::propagateStateFromChildrenForUnchangedSubtree): (WebCore::RenderLayerCompositor::BackingSharingState::resetBackingProviderCandidate): (WebCore::RenderLayerCompositor::updateCompositingLayers): (WebCore::backingProviderLayerCanIncludeLayer): (WebCore::RenderLayerCompositor::computeCompositingRequirements): (WebCore::RenderLayerCompositor::traverseUnchangedSubtree): (WebCore::RenderLayerCompositor::updateBacking): (WebCore::RenderLayerCompositor::layerWillBeRemoved): (WebCore::RenderLayerCompositor::requiresCompositingForIndirectReason const):
  • rendering/RenderLayerCompositor.h:
  • rendering/RenderTreeAsText.cpp:

LayoutTests:

New tests for backing sharing, and new baselines of tests whose behavior is changed.

Scrolling tree tests that would be invalidate by sharing are changed to defeat sharing by adding
compositing layers early in stacking order.

  • TestExpectations:
  • compositing/geometry/limit-layer-bounds-clipping-ancestor-expected.txt:
  • compositing/layer-creation/overflow-scroll-overlap-expected.txt:
  • compositing/layer-creation/overflow-scroll-overlap.html:
  • compositing/overflow/scrolling-content-clip-to-viewport.html:
  • compositing/rtl/rtl-scrolling-with-transformed-descendants-expected.txt:
  • compositing/shared-backing/overflow-scroll/absolute-in-stacking-relative-in-scroller-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
  • compositing/shared-backing/overflow-scroll/absolute-in-stacking-relative-in-scroller.html: Added.
  • compositing/shared-backing/overflow-scroll/composited-absolute-in-absolute-in-relative-in-scroller-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/composited-absolute-in-absolute-in-relative-in-scroller.html: Added.
  • compositing/shared-backing/overflow-scroll/nested-absolute-with-clipping-in-stacking-overflow-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/nested-absolute-with-clipping-in-stacking-overflow.html: Copied from LayoutTests/scrollingcoordinator/scrolling-tree/nested-absolute-in-sc-overflow.html.
  • compositing/shared-backing/overflow-scroll/previous-sibling-prevents-inclusiveness-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/previous-sibling-prevents-inclusiveness.html: Added.
  • compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-clipping-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-clipping.html: Added.
  • compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-relative-clipping-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-relative-clipping.html: Added.
  • compositing/shared-backing/overflow-scroll/relative-in-div-in-overflow-scroll-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
  • compositing/shared-backing/overflow-scroll/relative-in-div-in-overflow-scroll.html: Added.
  • compositing/shared-backing/overflow-scroll/scrolled-contents-has-painted-content-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
  • compositing/shared-backing/overflow-scroll/scrolled-contents-has-painted-content.html: Added.
  • compositing/shared-backing/overflow-scroll/scrolled-contents-unconstrained-clip-expected.html: Added.
  • compositing/shared-backing/overflow-scroll/scrolled-contents-unconstrained-clip.html: Added.
  • compositing/shared-backing/overflow-scroll/shared-layer-clipping-expected.html: Added.
  • compositing/shared-backing/overflow-scroll/shared-layer-clipping.html: Added.
  • compositing/shared-backing/overflow-scroll/shared-layer-composited-bounds-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/shared-layer-composited-bounds.html: Added.
  • compositing/shared-backing/overflow-scroll/shared-layer-nested-relative-stacking-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/shared-layer-nested-relative-stacking.html: Added.
  • compositing/shared-backing/overflow-scroll/shared-layer-repaint-expected.txt: Added.
  • compositing/shared-backing/overflow-scroll/shared-layer-repaint.html: Added.
  • compositing/shared-backing/partial-compositing-update-expected.txt: Added.
  • compositing/shared-backing/partial-compositing-update.html: Added.
  • compositing/shared-backing/partial-compositing-update2-expected.txt: Added.
  • compositing/shared-backing/partial-compositing-update2.html: Added.
  • compositing/shared-backing/remove-sharing-layer-expected.txt: Added.
  • compositing/shared-backing/remove-sharing-layer.html: Added.
  • compositing/shared-backing/sharing-cached-clip-rects-expected.txt: Added.
  • compositing/shared-backing/sharing-cached-clip-rects.html: Added.
  • platform/ios-wk2/TestExpectations:
  • platform/ios-wk2/compositing/shared-backing/overflow-scroll/absolute-in-stacking-relative-in-scroller-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
  • platform/ios-wk2/compositing/shared-backing/overflow-scroll/composited-absolute-in-absolute-in-relative-in-scroller-expected.txt: Added.
  • platform/ios-wk2/compositing/shared-backing/overflow-scroll/nested-absolute-with-clipping-in-stacking-overflow-expected.txt: Added.
  • platform/ios-wk2/compositing/shared-backing/overflow-scroll/previous-sibling-prevents-inclusiveness-expected.txt: Added.
  • platform/ios-wk2/compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-clipping-expected.txt: Added.
  • platform/ios-wk2/compositing/shared-backing/overflow-scroll/relative-in-clipping-in-scroller-in-relative-clipping-expected.txt: Added.
  • platform/ios-wk2/compositing/shared-backing/overflow-scroll/relative-in-div-in-overflow-scroll-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
  • platform/ios-wk2/compositing/shared-backing/overflow-scroll/scrolled-contents-has-painted-content-expected.txt: Copied from LayoutTests/platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt.
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/nested-absolute-in-absolute-overflow-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/nested-absolute-in-relative-in-overflow-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/nested-absolute-in-sc-overflow-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/positioned-nodes-complex-expected.txt:
  • platform/ios/compositing/geometry/limit-layer-bounds-clipping-ancestor-expected.txt:
  • platform/ios/compositing/overflow/clipping-behaviour-change-is-not-propagated-to-descendants-expected.txt:
  • platform/ios/compositing/overflow/clipping-behaviour-change-is-not-propagated-to-descendants2-expected.txt:
  • platform/ios/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt:
  • platform/mac-wk1/compositing/overflow/scrolling-content-clip-to-viewport-expected.txt:
  • platform/mac-wk2/TestExpectations:
  • platform/mac/compositing/overflow/clipping-behaviour-change-is-not-propagated-to-descendants-expected.txt:
  • platform/mac/compositing/overflow/clipping-behaviour-change-is-not-propagated-to-descendants2-expected.txt:
  • scrollingcoordinator/scrolling-tree/nested-absolute-in-absolute-overflow-expected.txt:
  • scrollingcoordinator/scrolling-tree/nested-absolute-in-absolute-overflow.html:
  • scrollingcoordinator/scrolling-tree/nested-absolute-in-relative-in-overflow-expected.txt:
  • scrollingcoordinator/scrolling-tree/nested-absolute-in-relative-in-overflow.html:
  • scrollingcoordinator/scrolling-tree/nested-absolute-in-sc-overflow-expected.txt:
  • scrollingcoordinator/scrolling-tree/nested-absolute-in-sc-overflow.html:
  • scrollingcoordinator/scrolling-tree/positioned-nodes-complex-expected.txt:
  • scrollingcoordinator/scrolling-tree/positioned-nodes-complex.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245170 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245386] by kocsen_chung@apple.com
  • 3 edits in branches/safari-608.1.24-branch/Source/WebCore

Cherry-pick r245368. rdar://problem/49833954

REGRESSION (r245072): Missing code in Document::styleColorOptions to propagate StyleColor::Options::UseInactiveAppearance
https://bugs.webkit.org/show_bug.cgi?id=197930
rdar://problem/49833954

Reviewed by Wenson Hsieh and Megan Gardner.

Add some code that was missing from Document in my original patch for r245072.

  • dom/Document.cpp: (WebCore::Document::useSystemAppearance const): Drive-by fix code style. (WebCore::Document::useInactiveAppearance const): Added. (WebCore::Document::styleColorOptions const): Add StyleColor::Options::UseInactiveAppearance.
  • dom/Document.h: Added useInactiveAppearance().

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245368 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245385] by kocsen_chung@apple.com
  • 2 edits in branches/safari-608.1.24-branch/Source/WebKit

Cherry-pick r245360. rdar://problem/50823976

Revise sandbox to allow IOKit properties needed by Metal and LaunchServices
https://bugs.webkit.org/show_bug.cgi?id=197924
<rdar://problem/50823976>

Reviewed by Per Arne Vollan.

Update sandbox to allow access to some IOKit properties to avoid sandbox violations that could
lower performance or increase launch times:

  • WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245360 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245384] by kocsen_chung@apple.com
  • 10 edits in branches/safari-608.1.24-branch/Source/WebKit

Cherry-pick r245334. rdar://problem/50234105

[WK2][iOS] UIProcess may get killed because it is taking too long to release its background task after expiration
https://bugs.webkit.org/show_bug.cgi?id=197893
<rdar://problem/50234105>

Reviewed by Alex Christensen.

The UIProcess may get killed because it is taking too long to release its background task after its expiration handler
was called. The reason is that the background task's expiration handler was sequentially sending a ProcessWillSuspendImminently
synchronous IPC to each of its child processes and only then ends the background task. By the time we receive the response from
all child processes, it may be too late and we get killed.

To address the issue, we now:

  1. Send the ProcessWillSuspendImminently asynchronously so that all processes can do their processing in parallel
  2. After 2 seconds, the UIProcess releases the background task (We get killed after ~5 seconds)

Also, to make sure that the UIProcess supends promptly, we now make sure we never start a new background task *after*
the app has been backgrounded. The intention of our background task is too finish critical work (like releasing locked
files) after the app gets backgrounded, not to start new work and delay process suspension.

  • NetworkProcess/NetworkProcess.cpp: (WebKit::NetworkProcess::processWillSuspendImminently):
  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/NetworkProcess.messages.in:
  • UIProcess/Network/NetworkProcessProxy.cpp: (WebKit::NetworkProcessProxy::sendProcessWillSuspendImminently):
  • UIProcess/WebProcessProxy.cpp: (WebKit::WebProcessProxy::sendProcessWillSuspendImminently):
  • UIProcess/ios/ProcessAssertionIOS.mm: (-[WKProcessAssertionBackgroundTaskManager init]): (-[WKProcessAssertionBackgroundTaskManager _scheduleReleaseTask]): (-[WKProcessAssertionBackgroundTaskManager _cancelPendingReleaseTask]): (-[WKProcessAssertionBackgroundTaskManager _updateBackgroundTask]):
  • WebProcess/WebProcess.cpp: (WebKit::WebProcess::didReceiveSyncMessage): (WebKit::WebProcess::processWillSuspendImminently):
  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245334 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245383] by kocsen_chung@apple.com
  • 4 edits in branches/safari-608.1.24-branch

Cherry-pick r245322. rdar://problem/50107679

Allow NSFileCoordinator to be called from WebContent process
https://bugs.webkit.org/show_bug.cgi?id=197895
<rdar://problem/50107679>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-15
Reviewed by Brent Fulgham.

Source/WebKit:

  • WebProcess/com.apple.WebProcess.sb.in: Expand sandbox to allow use of com.apple.FileCoordination mach service like we do on iOS.

Tools:

Add a unit test that verifies calling the block succeeds.

  • TestWebKitAPI/Tests/WebKitCocoa/AdditionalReadAccessAllowedURLsPlugin.mm: (-[AdditionalReadAccessAllowedURLsPlugIn webProcessPlugIn:didCreateBrowserContextController:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245322 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245382] by kocsen_chung@apple.com
  • 16 edits in branches/safari-608.1.24-branch/Source

Cherry-pick r245320. rdar://problem/48737122

Web Automation: elements larger than the viewport have incorrect in-view center point
https://bugs.webkit.org/show_bug.cgi?id=195696
<rdar://problem/48737122>

Reviewed by Simon Fraser.

Original patch by Brian Burg <Brian Burg>.

Source/WebCore:

Some conversion methods do not exist for FloatRect/FloatPoint. Fill them in as needed,
and export some symbols used by WebDriver code to compute an element's in-view center point
in various coordinate systems.

  • dom/TreeScope.h:
  • dom/TreeScope.cpp: (WebCore::TreeScope::elementsFromPoint): Added.
  • page/FrameView.h:
  • page/FrameView.cpp: (WebCore::FrameView::absoluteToLayoutViewportPoint const): Added. (WebCore::FrameView::layoutViewportToAbsoluteRect const): Added. (WebCore::FrameView::absoluteToLayoutViewportRect const): Added.
  • platform/ScrollView.h:
  • platform/ScrollView.cpp: (WebCore::ScrollView::viewToContents const): Added. (WebCore::ScrollView::contentsToView const): Added. (WebCore::ScrollView::contentsToRootView const): Added.
  • platform/Widget.h:
  • platform/Widget.cpp: (WebCore::Widget::convertToRootView const): Added. (WebCore::Widget::convertFromRootView const): Added. (WebCore::Widget::convertToContainingView const): Added. (WebCore::Widget::convertFromContainingView const): Added.

Source/WebKit:

This seems to be an omission in the specification. While it does mention that the in-view
center point (IVCP) must be within the viewport, the algorithm never intersects the element
bounding box with the viewport rect.

  • WebProcess/Automation/WebAutomationSessionProxy.cpp: (WebKit::WebAutomationSessionProxy::computeElementLayout): This code is incorrect. For CoordinateSystem::LayoutViewport, coordinates should be in root view coordinates so that it can be later converted to screen and synthesized as a HID event in screen coordinates. Intersect the element rect and the viewport rect before finding the center point of the part of the element that's visible in the viewport.

(WebKit::convertRectFromFrameClientToRootView): Added.
(WebKit::convertPointFromFrameClientToRootView): Added.
Added helpers to properly account for scroll contents position on iOS.

  • UIProcess/Automation/WebAutomationSession.cpp: (WebKit::WebAutomationSession::viewportInViewCenterPointOfElement): Now that we determine whether the element is inside the viewport much earlier, if the element has no inViewCenterPoint, we can return a TargetOutOfBounds instead of a more "generic" ElementNotInteractable.

(WebKit::WebAutomationSession::simulateMouseInteraction):
Rename locationInView -> locationInViewport.

(WebKit::WebAutomationSession::simulateTouchInteraction):
This code is incorrect. The unobscuredContentRect is in screen coordinates, but
we are trying to see if (x, y) is outside the size of the viewport assumed to be at (0, 0).
Grab the visual viewport rect and see if the location exceeds the viewport size.

  • UIProcess/Automation/ios/WebAutomationSessionIOS.mm: (WebKit::operator<<): Add logging helper for TouchInteraction enum.

(WebKit::WebAutomationSession::platformSimulateTouchInteraction):
Move local variable.

  • UIProcess/Automation/SimulatedInputDispatcher.cpp: (WebKit::SimulatedInputDispatcher::transitionInputSourceToState): Fix a typo in logging.
  • UIProcess/Automation/Automation.json: Simplify enum name.
  • Platform/Logging.h: Add logging channel to dump fully resolved interaction details.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245320 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245381] by kocsen_chung@apple.com
  • 3 edits
    2 adds in branches/safari-608.1.24-branch

Cherry-pick r245317. rdar://problem/50291989

Missing cursor/caret showing in search field on google.com
https://bugs.webkit.org/show_bug.cgi?id=197862
<rdar://problem/50291989>

Reviewed by Simon Fraser.

Source/WebCore:

In this bug, the search field is inside of a fixed position container, which is inside of an empty "overflow:
hidden" form element (the new layout test demonstrates a simple version of this). The layer of the fixed
position container's renderer has an overflow clipping layer of itself, and its clipping rect is non-empty, so
the heuristic initially identifies the layer as not fully clipped. However, as the heuristic ascends the
RenderLayer tree, it then finds the layer for the "overflow: hidden" form element's renderer; this layer is
completely clipped, which causes the heuristic to incorrectly believe that the editable element is completely
clipped.

To fix the bug, this patch reworks the clipping portion of the heuristic, such that we no longer need to ascend
the layer tree. Instead of computing the clip rect relative to the nearest ancestor that has an overflow clip
and then walking up the layer tree repeating this process, simply compute the clip rect relative to RenderView's
layer, and then walk up to the parent frame and repeat if necessary.

Test: editing/selection/ios/do-not-hide-selection-in-visible-field.html

  • rendering/RenderLayer.cpp: (WebCore::RenderLayer::isTransparentOrFullyClippedRespectingParentFrames const):

LayoutTests:

Add a new layout test that represents a reduced test case version of google.com's search field.

  • editing/selection/ios/do-not-hide-selection-in-visible-field.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245317 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245380] by kocsen_chung@apple.com
  • 3 edits
    2 adds in branches/safari-608.1.24-branch

Cherry-pick r245286. rdar://problem/50187657

[Pointer Events] The pointerenter and pointerleave events target the wrong element on iOS
https://bugs.webkit.org/show_bug.cgi?id=197881
<rdar://problem/50187657>

Patch by Antoine Quint <Antoine Quint> on 2019-05-14
Reviewed by Dean Jackson.

Source/WebCore:

Test: pointerevents/ios/enter-leave-target.html

The "pointerenter" and "pointerleave" should target the element on which the event listener was added and not
the element that would otherwise hit test. This matches the behavior of "mouseenter" and "mouseleave" on macOS.

  • page/PointerCaptureController.cpp: (WebCore::PointerCaptureController::dispatchEventForTouchAtIndex):

LayoutTests:

Add a test where we tap an element that is the child of another element where the parent is the element with the "pointerenter"
and "pointerleave" events registered. The test shows that we correctly set the target to the parent element and not the child.

  • pointerevents/ios/enter-leave-target-expected.txt: Added.
  • pointerevents/ios/enter-leave-target.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245286 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245379] by kocsen_chung@apple.com
  • 3 edits
    2 adds in branches/safari-608.1.24-branch

Cherry-pick r245175. rdar://problem/50584991

Event region generation needs to know about backing-sharing
https://bugs.webkit.org/show_bug.cgi?id=197694
<rdar://problem/50584991>

Reviewed by Simon Fraser.

Source/WebCore:

Test: pointerevents/ios/touch-action-region-backing-sharing.html

  • rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::updateEventRegion):

Gather event region from backing sharing layers too.

LayoutTests:

  • platform/ios-wk2/TestExpectations:
  • pointerevents/ios/touch-action-region-backing-sharing-expected.txt: Added.
  • pointerevents/ios/touch-action-region-backing-sharing.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245175 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245378] by kocsen_chung@apple.com
  • 3 edits in branches/safari-608.1.24-branch/Source/JavaScriptCore

Cherry-pick r245168. rdar://problem/50629257

Fix crashes related to pointer authentication for primitive gigacage
https://bugs.webkit.org/show_bug.cgi?id=197763
<rdar://problem/50629257>

Reviewed by Saam Barati.

This fixes two bugs related to PAC for caging. The first is that
we didn't clear the high bits of the size register going into the
patchpoint to tag the new buffer for NewArrayBuffer. The second is
that the GC needs to strip all stack pointers when considering
them as a conservative root.

  • ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
  • heap/ConservativeRoots.cpp: (JSC::ConservativeRoots::genericAddPointer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245168 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245377] by kocsen_chung@apple.com
  • 4 edits in branches/safari-608.1.24-branch

Cherry-pick r245156. rdar://problem/50590818

Refine AudioSession route sharing policy
https://bugs.webkit.org/show_bug.cgi?id=197742
<rdar://problem/50590818>

Reviewed by Darin Adler.

Source/WebCore:

No new tests, updated AVAudioSessionRouteSharingPolicy API test.

  • platform/audio/cocoa/MediaSessionManagerCocoa.mm: (MediaSessionManagerCocoa::updateSessionState):

Tools:

  • TestWebKitAPI/Tests/WebKitLegacy/ios/AudioSessionCategoryIOS.mm: (TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245156 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:43 PM Changeset in webkit [245376] by kocsen_chung@apple.com
  • 2 edits in branches/safari-608.1.24-branch/Source/WebCore

Cherry-pick r245147. rdar://problem/50621407

fast/hidpi/video-controls-in-hidpi.html sometimes asserts in WK1
https://bugs.webkit.org/show_bug.cgi?id=197695

Reviewed by Zalan Bujtas.

With the backing-sharing changes that landed in r245058, some WebKit1 tests with media controls asserted in
RenderLayerBacking::computeParentGraphicsLayerRect() because a layer would have a m_ancestorClippingLayer,
but backgroundClipRect() would return an infinite rect.

This happened when a layer tree change caused the layer's compositing ancestor to no longer isolate
composited blending (which affects the behavior of RenderLayerCompositor:clippedByAncestor()), but we failed
to mark its composited children as needing the configuration update which would eliminate their m_ancestorClippingLayers.

The fix is to call setChildrenNeedCompositingGeometryUpdate() when isolatesCompositedBlending changes. We don't haev
setChildrenNeedCompositingConfigurationUpdate(), but setChildrenNeedCompositingGeometryUpdate() has the desired side-effect.

I was unable to make a standalone test case for this, but the code is exercised by media control tests.

  • rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::computeCompositingRequirements):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245147 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:41 PM Changeset in webkit [245375] by simon.fraser@apple.com
  • 2 edits in trunk/Source/WebCore

Avoid a recursive descendants layer walk sometimes
https://bugs.webkit.org/show_bug.cgi?id=197939

Reviewed by Zalan Bujtas.

If a layer got composited post-descendants because it needs to clip, for example, we'd do a recursive
descendant tree walk to add layers to the overlap map. However, all the descendants would already
have contributed to the overlap map if some non-root ancestor was already composited. So we can
skip the addDescendantsToOverlapMapRecursive() if we know, before descendants, whether there's
a non-root composited ancestor.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::CompositingState::hasNonRootCompositedAncestor const):
(WebCore::RenderLayerCompositor::computeCompositingRequirements):

10:09 PM Changeset in webkit [245374] by kocsen_chung@apple.com
  • 7 edits in branches/safari-608.1.24-branch/Source

Versioning.

9:07 PM Changeset in webkit [245373] by simon.fraser@apple.com
  • 4 edits in trunk/Source/WebCore

Clean up code related to compositing overlap map maintenance
https://bugs.webkit.org/show_bug.cgi?id=197936

Reviewed by Zalan Bujtas.

Clarify the logic around updating the overlap map:

When a layer becomes composited, or paints into a non-root composited layer, we add it to the overlap map
after traversing descendants (since it only affets layers later in traversal).

If a layer became composited after traversing descendants, we need to go back and add all the descendants
to the overlap map with a recursive traversal.

We can do all this near the end of computeCompositingRequirements/traverseUnchangedSubtree because
we only check overlap when we enter this function on later layers.

Add a CompositingOverlap log channel and use it to log the state of the overlap map.

  • platform/Logging.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::computeCompositingRequirements):
(WebCore::RenderLayerCompositor::traverseUnchangedSubtree):
(WebCore::RenderLayerCompositor::addToOverlapMap const):
(WebCore::RenderLayerCompositor::addDescendantsToOverlapMapRecursive const):
(WebCore::RenderLayerCompositor::updateOverlapMap const):
(WebCore::RenderLayerCompositor::addToOverlapMap): Deleted.
(WebCore::RenderLayerCompositor::addToOverlapMapRecursive): Deleted.

  • rendering/RenderLayerCompositor.h:
8:56 PM Changeset in webkit [245372] by mitz@apple.com
  • 9 copies
    1 add in releases/Apple/Safari Technology Preview 82

Added a tag for Safari Technology Preview release 82.

7:51 PM Changeset in webkit [245371] by simon.fraser@apple.com
  • 4 edits in trunk/Source/WebCore

Clean up RenderLayerCompositor::computeCompositingRequirements() and traverseUnchangedSubtree()
https://bugs.webkit.org/show_bug.cgi?id=197931

Reviewed by Zalan Bujtas.

These functions have grown and become hard to maintain, so try to undo some technical debt.

Rename "childState" to "currentState" since it's the state we pass to children, but also
is state we change when the current layer becomes composited.

Separate the layerWillComposite() lambda from layerWillCompositePostDescendants().

Group the chunks of code at end of the functions into:

  • updating bits on RenderLayer
  • updating compositingState with changes from children and our state
  • doing post-traversal work on overlapMap and backingSharingState

Code shared between the two functions is pushed into CompositingState::updateWithDescendantStateAndLayer().

This moves code around but should not cause any behavior change.

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateConfiguration):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::OverlapExtent::knownToBeHaveExtentUncertainty const):
(WebCore::RenderLayerCompositor::CompositingState::updateWithDescendantStateAndLayer):
(WebCore::RenderLayerCompositor::computeCompositingRequirements):
(WebCore::RenderLayerCompositor::traverseUnchangedSubtree):
(WebCore::RenderLayerCompositor::clipsCompositingDescendants):
(WebCore::RenderLayerCompositor::CompositingState::propagateStateFromChildren): Deleted.
(WebCore::RenderLayerCompositor::CompositingState::propagateStateFromChildrenForUnchangedSubtree): Deleted.
(WebCore::RenderLayerCompositor::clipsCompositingDescendants const): Deleted.

  • rendering/RenderLayerCompositor.h:
7:51 PM Changeset in webkit [245370] by simon.fraser@apple.com
  • 3 edits in trunk/Source/WebCore

Make LayerOverlapMap able to output to a TextStream
https://bugs.webkit.org/show_bug.cgi?id=197923

Reviewed by Zalan Bujtas.

Make it possible output LayerOverlapMap to a TextStream for logging.

  • rendering/LayerOverlapMap.cpp:

(WebCore::OverlapMapContainer::rectList const):
(WebCore::operator<<):

  • rendering/LayerOverlapMap.h:

(WebCore::LayerOverlapMap::overlapStack const):

6:30 PM Changeset in webkit [245369] by Ross Kirsling
  • 3 edits in trunk/Source/WTF

[PlayStation] WTFCrash should preserve register state.
https://bugs.webkit.org/show_bug.cgi?id=197932

Reviewed by Don Olmstead.

  • wtf/Assertions.cpp:
  • wtf/Assertions.h:

Let r196397 apply to PlayStation port as well.

4:50 PM Changeset in webkit [245368] by timothy@apple.com
  • 3 edits in trunk/Source/WebCore

REGRESSION (r245072): Missing code in Document::styleColorOptions to propagate StyleColor::Options::UseInactiveAppearance
https://bugs.webkit.org/show_bug.cgi?id=197930
rdar://problem/49833954

Reviewed by Wenson Hsieh and Megan Gardner.

Add some code that was missing from Document in my original patch for r245072.

  • dom/Document.cpp:

(WebCore::Document::useSystemAppearance const): Drive-by fix code style.
(WebCore::Document::useInactiveAppearance const): Added.
(WebCore::Document::styleColorOptions const): Add StyleColor::Options::UseInactiveAppearance.

  • dom/Document.h: Added useInactiveAppearance().
4:31 PM Changeset in webkit [245367] by Alan Coon
  • 1 copy in tags/Safari-608.1.24.3

Tag Safari-608.1.24.3.

3:42 PM Changeset in webkit [245366] by Devin Rousso
  • 13 edits
    2 adds in trunk

Web Inspector: user gesture toggle should also force user interaction flag
https://bugs.webkit.org/show_bug.cgi?id=197269

Reviewed by Joseph Pecoraro.

Source/WebCore:

Test: inspector/runtime/evaluate-userGestureEmulation-userIsInteracting.html

  • inspector/agents/page/PageRuntimeAgent.cpp:

(WebCore::PageRuntimeAgent::evaluate):

  • page/ChromeClient.h:

(WebCore::ChromeClient::userIsInteracting const): Added.
(WebCore::ChromeClient::setUserIsInteracting): Added.

  • testing/Internals.idl:
  • testing/Internals.h:
  • testing/Internals.cpp:

(WebCore::Internals::userIsInteracting): Added.

Source/WebKit:

  • WebProcess/WebCoreSupport/WebChromeClient.h:
  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::userIsInteracting const): Added.
(WebKit::WebChromeClient::setUserIsInteracting): Added.

  • WebProcess/WebPage/WebPage.h:

(WebKit::WebPage::userIsInteracting const): Added.
(WebKit::WebPage::setUserIsInteracting): Added.

LayoutTests:

  • inspector/runtime/evaluate-userGestureEmulation-userIsInteracting.html: Added.
  • inspector/runtime/evaluate-userGestureEmulation-userIsInteracting-expected.txt: Added.

Only enable the above test on WK2, as the user interaction state is only supported by WK2.

3:41 PM Changeset in webkit [245365] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

Replace double-quotes with single quotes in steps.py
https://bugs.webkit.org/show_bug.cgi?id=197921

Reviewed by Jonathan Bedard.

  • BuildSlaveSupport/ews-build/steps.py:
3:39 PM Changeset in webkit [245364] by krollin@apple.com
  • 8 edits
    9 adds in trunk

Rewrite generate-xcfilelists in Python
https://bugs.webkit.org/show_bug.cgi?id=197622
<rdar://problem/50508222>

Reviewed by Jonathan Bedard, Alex Christensen.

For a number of reasons, rewrite generate-xcfilelists in Python:

  • The previous bash script was large and unmaintainable.
  • We have more internal expertise with Python than with bash.
  • The bash script used temporary files in /tmp that got stranded and were owned by root, making them awkward to clear out. <rdar://problem/49490262>
  • We needed to complete support for engineers that built with Xcode rather than the command line.
  • There are some bugs leading to mildly corrupted .xcfilelist files. It's not apparent the source of the bugs, but one general reason might be due to approaches born of using bash. Rewriting in Python may clear these up.
  • Scripts/generate-xcfilelists:
  • Scripts/webkitpy/common/attribute_saver.py: Added.

(AttributeSaver):
(AttributeSaver.init):
(AttributeSaver.enter):
(AttributeSaver.exit):

  • Scripts/webkitpy/common/attribute_saver_unittest.py: Added.

(AttributeSaverTest):
(AttributeSaverTest.SimpleTestClass):
(AttributeSaverTest.SimpleTestClass.init):
(AttributeSaverTest.test_class):
(AttributeSaverTest.test_normal_default):
(AttributeSaverTest.test_normal_value):
(AttributeSaverTest.test_normal_value_on_exception):
(AttributeSaverTest.test_normal_value_on_normal_exit):
(AttributeSaverTest.test_normal_value_with_finally_on_exception):
(AttributeSaverTest.test_normal_value_with_finally_on_normal_exit):
(AttributeSaverTest.test_normal_value_with_else_on_exception):
(AttributeSaverTest.test_normal_value_with_else_on_normal_exit):

  • Scripts/webkitpy/generate_xcfilelists_lib/init.py: Added.
  • Scripts/webkitpy/generate_xcfilelists_lib/application.py: Added.

(Application):
(Application.init):
(Application.run):
(Application._initialize):
(Application._initialize.collect_attributes):
(Application._create_parser):
(_validate_args):
(_cmd_generate):
(_cmd_check):
(_cmd_subgenerate):
(_cmd_help):
(_do_generate):
(_do_merge):
(_report_results):
(_report_merge_results):
(_report_remediation_steps):
(_report_remediation_steps.add_to_message):
(_any_have_errors):
(_any_have_actions):
(_log_progress):
(_log_results):
(get_generate_xcfilelists_script_path):
(_get_root_dir):
(get_opensource_dir):
(get_build_scripts_dir):
(get_extract_dependencies_from_makefile_script):
(get_xcode_built_products_dir):
(_getenv):

  • Scripts/webkitpy/generate_xcfilelists_lib/generators.py: Added.

(BaseGenerator):
(BaseGenerator.init):
(BaseGenerator.str):
(BaseGenerator.generate):
(BaseGenerator._sublaunch_under_xcode):
(BaseGenerator.subgenerate):
(BaseGenerator.merge):
(BaseGenerator.pickle_to_file):
(BaseGenerator.has_action):
(BaseGenerator.has_error):
(BaseGenerator.is_valid):
(BaseGenerator.report_error):
(BaseGenerator._generate_derived):
(BaseGenerator._merge_derived):
(BaseGenerator._generate_unified):
(BaseGenerator._merge_unified):
(BaseGenerator._replace):
(BaseGenerator._unexpand):
(BaseGenerator._find_added_lines):
(BaseGenerator._merge_added_lines):
(BaseGenerator._get_file_lines):
(BaseGenerator._getenv):
(BaseGenerator._get_project_file_path):
(BaseGenerator._get_project_dir):
(BaseGenerator._get_project_file_name):
(BaseGenerator._get_project_name):
(BaseGenerator._get_sym_root):
(BaseGenerator._get_obj_root):
(BaseGenerator._get_shared_precomps_dir):
(BaseGenerator._get_build_dirs):
(BaseGenerator._get_build_dirs.define_xcode_build_dirs):
(BaseGenerator._get_build_dirs.define_xcode_build_dirs.read_xcode_user_default):
(BaseGenerator._get_build_dirs.define_command_line_build_dirs):
(BaseGenerator._get_derived_sources_dir):
(BaseGenerator._get_xcfilelist_dir):
(BaseGenerator._get_input_derived_xcfilelist_project_path):
(BaseGenerator._get_output_derived_xcfilelist_project_path):
(BaseGenerator._get_input_unified_xcfilelist_project_path):
(BaseGenerator._get_output_unified_xcfilelist_project_path):
(BaseGenerator._get_generate_derived_sources_script):
(BaseGenerator._get_generate_unified_sources_script):
(JavaScriptCoreGenerator):
(JavaScriptCoreGenerator._get_project_file_path):
(JavaScriptCoreGenerator._get_generate_derived_sources_script):
(JavaScriptCoreGenerator._get_generate_unified_sources_script):
(WebCoreGenerator):
(WebCoreGenerator._get_project_file_path):
(WebCoreGenerator._get_generate_derived_sources_script):
(WebCoreGenerator._get_generate_unified_sources_script):
(WebKitGenerator):
(WebKitGenerator._get_project_file_path):
(WebKitGenerator._get_derived_sources_dir):
(WebKitGenerator._get_generate_derived_sources_script):
(WebKitGenerator._get_generate_unified_sources_script):
(DumpRenderTreeGenerator):
(DumpRenderTreeGenerator._get_project_file_path):
(DumpRenderTreeGenerator._get_generate_derived_sources_script):
(WebKitTestRunnerGenerator):
(WebKitTestRunnerGenerator._get_project_file_path):
(WebKitTestRunnerGenerator._get_generate_derived_sources_script):

  • Scripts/webkitpy/generate_xcfilelists_lib/util.py: Added.

(debug_log):
(LogEntryHelper):
(LogEntryHelper.init):
(LogEntryHelper.log_entry):
(LogEntryHelper.log_result):
(LogEntryHelper.log_exception):
(LogEntryHelper._print):
(LogEntryExit):
(LogEntryExit._show_debug_logging):
(LogEntryExitClass):
(LogEntryExitClass._show_debug_logging):
(LogEntryExitGlobal):
(LogEntryExitGlobal._show_debug_logging):
(subprocess_run):
(is_running_under_xcode):
(CheckValidItemAction):
(CheckValidItemAction.init):
(CheckValidItemAction.call):
(CheckValidItemAction.validate_item):
(CheckCommandAction):
(CheckCommandAction.call):
(InvalidCommandError):
(InvalidArgumentError):
(InvalidConfigurationError):
(CalledProcessError):
(CalledProcessError.str):

  • Scripts/webkitpy/xcode/init.py:

(xcode_hash_for_path):
(xcode_hash_for_path.convert_to_string):

  • Scripts/webkitpy/xcode/sdk.py: Added.

(SDK):
(SDK.init):
(SDK.repr):
(SDK.as_xcode_specification):
(SDK.get_preferred_sdk_for_platform):
(SDK._parse_sdk):

  • Scripts/webkitpy/xcode/sdk_unittest.py: Added.

(SDKTest):

3:37 PM Changeset in webkit [245363] by Devin Rousso
  • 3 edits in trunk/LayoutTests

REGRESSION (r240644): Layout Test inspector/page/overrideSetting-ICECandidateFilteringEnabled.html is a flaky timeout
https://bugs.webkit.org/show_bug.cgi?id=194437
<rdar://problem/48008005>

Reviewed by Joseph Pecoraro.

  • inspector/page/overrideSetting-ICECandidateFilteringEnabled.html:
  • inspector/page/overrideSetting-ICECandidateFilteringEnabled-expected.txt:
3:36 PM Changeset in webkit [245362] by Devin Rousso
  • 2 edits
    5 deletes in trunk/LayoutTests

REGRESSION (r242741) [Mac WK1 Debug] Layout Test inspector/timeline/exception-in-injected-script-while-recording.html is a flaky crash
https://bugs.webkit.org/show_bug.cgi?id=197442
<rdar://problem/50354090>

Reviewed by Joseph Pecoraro.

Ever since r198774, we don't allow a timeline recording to be active at the same time as the
debugger being paused. As such, these tests are unnecessary.

  • inspector/timeline/debugger-paused-while-recording.html: Removed.
  • inspector/timeline/debugger-paused-while-recording-expected.txt: Removed.
  • inspector/timeline/exception-in-injected-script-while-recording.html: Removed.
  • inspector/timeline/exception-in-injected-script-while-recording-expected.txt: Removed.
  • inspector/timeline/resources/timeline-helper.js: Removed.
  • TestExpectations:
3:34 PM Changeset in webkit [245361] by Alan Bujtas
  • 4 edits
    2 adds in trunk

Do not create a shape object outside of the layout context
https://bugs.webkit.org/show_bug.cgi?id=197926
<rdar://problem/50627858>

Reviewed by Simon Fraser.

Source/WebCore:

ShapeOutside objects are used to compute line constrains during layout (in a strict sense, they are part of the layout context and should only be mutated during layout).
If we don't create one during layout, we probably don't need to know its geometry during paint (or any other non-layout activity) either.

Test: fast/block/float/float-with-shape-outside-crash.html

  • rendering/FloatingObjects.cpp:

(WebCore::ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatLeft>::updateOffsetIfNeeded):
(WebCore::ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatRight>::updateOffsetIfNeeded):

  • rendering/shapes/ShapeOutsideInfo.cpp:

(WebCore::ShapeOutsideInfo::computeDeltasForContainingBlockLine):

LayoutTests:

  • fast/block/float/float-with-shape-outside-crash-expected.txt: Added.
  • fast/block/float/float-with-shape-outside-crash.html: Added.
3:27 PM Changeset in webkit [245360] by bfulgham@apple.com
  • 2 edits in trunk/Source/WebKit

Revise sandbox to allow IOKit properties needed by Metal and LaunchServices
https://bugs.webkit.org/show_bug.cgi?id=197924
<rdar://problem/50823976>

Reviewed by Per Arne Vollan.

Update sandbox to allow access to some IOKit properties to avoid sandbox violations that could
lower performance or increase launch times:

  • WebProcess/com.apple.WebProcess.sb.in:
3:21 PM Changeset in webkit [245359] by aakash_jain@apple.com
  • 2 edits
    1 move
    1 add in trunk/Tools

[ews-build] Enabling uploading EWS archives to S3
https://bugs.webkit.org/show_bug.cgi?id=197914

Reviewed by Jonathan Bedard.

  • BuildSlaveSupport/Shared: Added.
  • BuildSlaveSupport/Shared/transfer-archive-to-s3: Moved from Tools/BuildSlaveSupport/build.webkit.org-config/transfer-archive-to-s3.

(archiveExists): Replace tab with space.
(main): Added main method.

  • BuildSlaveSupport/build.webkit.org-config/steps.py:

(TransferToS3): Updated path to the script.

  • BuildSlaveSupport/build.webkit.org-config/transfer-archive-to-s3: Moved to Shared folder.
3:15 PM Changeset in webkit [245358] by Alan Coon
  • 44 edits
    2 moves
    9 deletes in branches/safari-608.1.24-branch

Revert r245025. rdar://problem/50753129

2:45 PM Changeset in webkit [245357] by Alan Coon
  • 7 edits in branches/safari-607-branch/Source/WebCore

Apply patch. rdar://problem/50352476

2:45 PM Changeset in webkit [245356] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Apply patch. rdar://problem/50753918

2:45 PM Changeset in webkit [245355] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r245196. rdar://problem/50753938

Streamline test-and-clear operation for ContextMenu
https://bugs.webkit.org/show_bug.cgi?id=197795
<rdar://problem/50473746>

Reviewed by Wenson Hsieh.

Rather than performing a check when entering the function, doing work,
then clearing the member variable, perform the check and clear in
a single operation. Only perform the selection if the menu exists.

  • WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::didSelectItemFromActiveContextMenu):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245196 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:45 PM Changeset in webkit [245354] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r245190. rdar://problem/50753948

Gracefully handle inaccessible font face data
https://bugs.webkit.org/show_bug.cgi?id=197762
<rdar://problem/50433861>

Reviewed by Per Arne Vollan.

Make sure CSS Font Face handling gracefully recovers from
missing font data.

Test: fast/text/missing-font-crash.html

  • css/CSSFontFace.cpp: (WebCore::CSSFontFace::fontLoadEventOccurred): (WebCore::CSSFontFace::timeoutFired): (WebCore::CSSFontFace::fontLoaded): (WebCore::CSSFontFace::font):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245190 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [245353] by Alan Coon
  • 4 edits
    2 adds in branches/safari-607-branch

Cherry-pick r245158. rdar://problem/50753914

Do not mix inline and block level boxes.
https://bugs.webkit.org/show_bug.cgi?id=197462
<rdar://problem/50369362>

Reviewed by Antti Koivisto.

Source/WebCore:

This patch tightens the remove-anonymous-wrappers logic by checking if the removal would
produce an inline-block sibling mix.
When a block level box is removed from the tree, we check if after the removal the anonymous sibling block
boxes are still needed or whether we can removed them as well (and have only inline level child boxes).
In addition to checking if the container is anonymous and is part of a continuation, we also need to check
if collapsing it (and by that moving its children one level up) would cause a inline-block box mix.

Test: fast/ruby/continuation-and-column-spanner-crash.html

  • rendering/updating/RenderTreeBuilder.cpp: (WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded):
  • rendering/updating/RenderTreeBuilderContinuation.cpp: (WebCore::RenderTreeBuilder::Continuation::cleanupOnDestroy):

LayoutTests:

  • fast/ruby/continuation-and-column-spanner-crash-expected.txt: Added.
  • fast/ruby/continuation-and-column-spanner-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245158 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [245352] by Alan Coon
  • 4 edits
    1 add in branches/safari-607-branch

Cherry-pick r245047. rdar://problem/50753944

JSC: A bug in BytecodeGenerator::emitEqualityOpImpl
https://bugs.webkit.org/show_bug.cgi?id=197479

Reviewed by Saam Barati.

JSTests:

  • stress/do-not-perform-bytecode-peephole-optimization-in-jump-target.js: Added. (shouldBe):

Source/JavaScriptCore:

Our peephole optimization in BytecodeGenerator is (1) rewinding the previous instruction and (2) emit optimized instruction instead.
If we have jump target between the previous instruction and the subsequent instruction, this peephole optimization breaks the jump target.
To prevent it, we had a mechanism disabling peephole optimization, setting m_lastOpcodeID = op_end and checking m_lastOpcodeID when performing
peephole optimization. However, BytecodeGenerator::emitEqualityOpImpl checks m_lastInstruction->is<OpTypeof> instead of m_lastOpcodeID == op_typeof,
and miss op_end case.

This patch makes the following changes.

  1. Add canDoPeepholeOptimization method to clarify the intent of m_lastInstruction = op_end.
  2. Check canDoPeepholeOptimization status before performing peephole optimization in emitJumpIfTrue, emitJumpIfFalse, and emitEqualityOpImpl.
  3. Add ASSERT(canDoPeepholeOptimization()) in fuseCompareAndJump and fuseTestAndJmp to ensure that peephole optimization is allowed.
  • bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitEqualityOpImpl):
  • bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::canDoPeepholeOptimization const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [245351] by Alan Coon
  • 8 edits
    1 add in branches/safari-607-branch

Cherry-pick r244996. rdar://problem/50754981

[JSC] We should check OOM for description string of Symbol
https://bugs.webkit.org/show_bug.cgi?id=197634

Reviewed by Keith Miller.

JSTests:

  • stress/check-symbol-description-oom.js: Added. (shouldThrow):

Source/JavaScriptCore:

When resoling JSString for description of Symbol, we should check OOM error.
We also change JSValueMakeSymbol(..., nullptr) to returning a symbol value
without description, (1) to simplify the code and (2) give a way for JSC API
to create a symbol value without description.

  • API/JSValueRef.cpp: (JSValueMakeSymbol):
  • API/tests/testapi.cpp: (TestAPI::symbolsTypeof): (TestAPI::symbolsDescription): (testCAPIViaCpp):
  • dfg/DFGOperations.cpp:
  • runtime/Symbol.cpp: (JSC::Symbol::createWithDescription):
  • runtime/Symbol.h:
  • runtime/SymbolConstructor.cpp: (JSC::callSymbol):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [245350] by Alan Coon
  • 3 edits
    1 add in branches/safari-607-branch

Cherry-pick r244865. rdar://problem/50753937

Baseline JIT should do argument value profiling after checking for stack overflow
https://bugs.webkit.org/show_bug.cgi?id=197052
<rdar://problem/50009602>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/check-stack-overflow-before-value-profiling-arguments.js: Added.

Source/JavaScriptCore:

Otherwise, we may do value profiling without running a write barrier, which
is against the rules of how we do value profiling.

  • jit/JIT.cpp: (JSC::JIT::compileWithoutLinking):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244865 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [245349] by Alan Coon
  • 3 edits
    1 add in branches/safari-607-branch

Cherry-pick r244314. rdar://problem/50753930

SafeToExecute for GetByOffset/GetGetterByOffset/PutByOffset is using the wrong child for the base
https://bugs.webkit.org/show_bug.cgi?id=196945
<rdar://problem/49802750>

Reviewed by Filip Pizlo.

JSTests:

  • stress/get-by-offset-should-use-correct-child.js: Added. (foo.bar): (foo):

Source/JavaScriptCore:

  • dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244314 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [245348] by Alan Coon
  • 7 edits
    2 adds in branches/safari-607-branch

Cherry-pick r243948. rdar://problem/50753934

SIGSEGV in JSC::BytecodeGenerator::addStringConstant
https://bugs.webkit.org/show_bug.cgi?id=196486

Reviewed by Saam Barati.

JSTests:

  • stress/arrow-function-and-use-strict-directive.js: Added.
  • stress/arrow-function-syntax.js: Added. Checking EOF token handling. (checkSyntax): (checkSyntaxError): Currently not using it. But it is useful for testing more things related to arrow function syntax.

Source/JavaScriptCore:

When parsing a FunctionExpression / FunctionDeclaration etc., we use SyntaxChecker for the body of the function because we do not have any interest on the nodes of the body at that time.
The nodes will be parsed with the ASTBuilder when the function itself is parsed for code generation. This works well previously because all the function ends with "}" previously.
SyntaxChecker lexes this "}" token, and parser restores the context back to ASTBuilder and continues parsing.

But now, we have ArrowFunctionExpression without braces arrow => expr. Let's consider the following code.

arrow => expr
"string!"

We parse arrow function's body with SyntaxChecker. At that time, we lex "string!" token under the SyntaxChecker context. But this means that we may not build string content for this token
since SyntaxChecker may not have interest on string content itself in certain case. After the parser is back to ASTBuilder, we parse "string!" as ExpressionStatement with string constant,
generate StringNode with non-built identifier (nullptr), and we accidentally create StringNode with nullptr.

This patch fixes this problem. The root cause of this problem is that the last token lexed in the previous context is used. We add lexCurrentTokenAgainUnderCurrentContext which will re-lex
the current token under the current context (may be ASTBuilder). This should be done only when the caller's context is different from SyntaxChecker, which avoids unnecessary lexing.
We leverage existing SavePoint mechanism to implement lexCurrentTokenAgainUnderCurrentContext cleanly.

And we also fix the bug in the existing SavePoint mechanism, which is shown in the attached test script. When we save LexerState, we do not save line terminator status. This patch also introduces
lexWithoutClearingLineTerminator, which lex the token without clearing line terminator status.

  • parser/ASTBuilder.h: (JSC::ASTBuilder::createString):
  • parser/Lexer.cpp: (JSC::Lexer<T>::parseMultilineComment): (JSC::Lexer<T>::lexWithoutClearingLineTerminator): EOF token also should record offset information. This offset information is correctly handled in Lexer::setOffset too. (JSC::Lexer<T>::lex): Deleted.
  • parser/Lexer.h: (JSC::Lexer::hasLineTerminatorBeforeToken const): (JSC::Lexer::setHasLineTerminatorBeforeToken): (JSC::Lexer<T>::lex): (JSC::Lexer::prevTerminator const): Deleted. (JSC::Lexer::setTerminator): Deleted.
  • parser/Parser.cpp: (JSC::Parser<LexerType>::allowAutomaticSemicolon): (JSC::Parser<LexerType>::parseSingleFunction): (JSC::Parser<LexerType>::parseStatementListItem): (JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement): (JSC::Parser<LexerType>::parseFunctionInfo): (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseExportDeclaration): (JSC::Parser<LexerType>::parseAssignmentExpression): (JSC::Parser<LexerType>::parseYieldExpression): (JSC::Parser<LexerType>::parseProperty): (JSC::Parser<LexerType>::parsePrimaryExpression): (JSC::Parser<LexerType>::parseMemberExpression):
  • parser/Parser.h: (JSC::Parser::nextWithoutClearingLineTerminator): (JSC::Parser::lexCurrentTokenAgainUnderCurrentContext): (JSC::Parser::internalSaveLexerState): (JSC::Parser::restoreLexerState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243948 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [245347] by Alan Coon
  • 9 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r243820. rdar://problem/50753921

Crash in HTMLCanvasElement::createContext2d after the element got adopted to a new document
https://bugs.webkit.org/show_bug.cgi?id=196527

Reviewed by Antti Koivisto.

We need to update CanvasBase::m_scriptExecutionContext when HTMLCanvasElement moves from
one document to another. Fixed the bug by making CanvasBase::scriptExecutionContext make
a virtual function call instead of directly storing a raw pointer. In HTMLCanvasElement,
we use Node::scriptExecutionContext(). Use ContextDestructionObserver in CustomPaintCanvas
and OffscreenCanvas instead of a raw pointer.

Unfortunately, no new tests since there is no reproducible test case.

  • html/CanvasBase.cpp: (WebCore::CanvasBase::CanvasBase):
  • html/CanvasBase.h: (WebCore::CanvasBase::scriptExecutionContext const):
  • html/CustomPaintCanvas.cpp: (WebCore::CustomPaintCanvas::CustomPaintCanvas):
  • html/CustomPaintCanvas.h:
  • html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::HTMLCanvasElement):
  • html/HTMLCanvasElement.h:
  • html/OffscreenCanvas.cpp: (WebCore::OffscreenCanvas::OffscreenCanvas):
  • html/OffscreenCanvas.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243820 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [245346] by Alan Coon
  • 17 edits
    14 adds in branches/safari-607-branch

Cherry-pick r239742. rdar://problem/50753925

Prevent cross-site top-level navigations from third-party iframes
https://bugs.webkit.org/show_bug.cgi?id=193076
<rdar://problem/36074736>

Reviewed by Alex Christensen.

Source/WebCore:

Prevent cross-site top-level navigations from third-party iframes if the following conditions are met:

  1. Its tries to navigate the top-level page cross-site (different eTDL+1)
  2. The user has never interacted with the third-party iframe or any of its subframes

This experiment's intent is to block suspicious main-frame navigations by third-party content. The feature
is behind a runtime experimental feature flag, on by default.

Tests: http/tests/security/allow-top-level-navigations-by-third-party-iframes-to-same-origin.html

http/tests/security/allow-top-level-navigations-by-third-party-iframes-with-previous-user-activation.html
http/tests/security/allow-top-level-navigations-by-third-party-iframes-with-user-activation.html
http/tests/security/block-top-level-navigations-by-third-party-iframes.html

  • dom/Document.cpp: (WebCore::printNavigationErrorMessage): (WebCore::Document::canNavigate): (WebCore::Document::canNavigateInternal): (WebCore::Document::isNavigationBlockedByThirdPartyIFrameRedirectBlocking):
  • dom/Document.h:
  • dom/UserGestureIndicator.cpp:
  • page/DOMWindow.cpp: (WebCore::DOMWindow::setLocation):
  • page/DOMWindow.h:
  • page/Frame.h:
  • page/Location.cpp: (WebCore::Location::replace): (WebCore::Location::setLocation):
  • page/Settings.yaml:

Source/WebKit:

Add experimental feature flag, on by default.

  • Shared/WebPreferences.yaml:

LayoutTests:

Add layout test coverage.

  • http/tests/security/allow-top-level-navigations-by-third-party-iframes-to-same-origin-expected.txt: Added.
  • http/tests/security/allow-top-level-navigations-by-third-party-iframes-to-same-origin.html: Added.
  • http/tests/security/allow-top-level-navigations-by-third-party-iframes-with-previous-user-activation-expected.txt: Added.
  • http/tests/security/allow-top-level-navigations-by-third-party-iframes-with-previous-user-activation.html: Added.
  • http/tests/security/allow-top-level-navigations-by-third-party-iframes-with-user-activation-expected.txt: Added.
  • http/tests/security/allow-top-level-navigations-by-third-party-iframes-with-user-activation.html: Added.
  • http/tests/security/block-top-level-navigations-by-third-party-iframes-expected.txt: Added.
  • http/tests/security/block-top-level-navigations-by-third-party-iframes.html: Added.
  • http/tests/security/resources/navigate-top-level-frame-to-failure-page.html: Added.
  • http/tests/security/resources/navigate-top-level-frame-to-success-page-same-origin.html: Added.
  • http/tests/security/resources/navigate-top-level-frame-to-success-page-with-previous-user-gesture.html: Added.
  • http/tests/security/resources/navigate-top-level-frame-to-success-page-with-user-gesture.html: Added.
  • http/tests/security/resources/should-have-loaded.html: Added.
  • http/tests/security/resources/should-not-have-loaded.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239742 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:30 PM Changeset in webkit [245345] by Alan Coon
  • 36 edits
    42 deletes in branches/safari-608.1.24-branch

Revert "Cherry-pick r245170. rdar://problem/50445998"

This reverts commit c519a101be16106d965ff772d80fdaae5ab0fa35.

2:28 PM Changeset in webkit [245344] by youenn@apple.com
  • 3 edits in trunk/Source/WebCore

Mark beacon and ping loads as low priority
https://bugs.webkit.org/show_bug.cgi?id=197919
<rdar://problem/50818286>

Reviewed by Alex Christensen.

No JS observable change of behavior.

  • Modules/beacon/NavigatorBeacon.cpp:

(WebCore::NavigatorBeacon::sendBeacon):

  • loader/PingLoader.cpp:

(WebCore::PingLoader::sendPing):

2:14 PM Changeset in webkit [245343] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Unreviewed, fix assertion introduced in r245339.

  • UIProcess/WebProcessCache.cpp:

(WebKit::WebProcessCache::CachedProcess::CachedProcess):

1:52 PM Changeset in webkit [245342] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebKit/UIProcess/WebPageProxy.cpp

Apply patch. rdar://problem/50753940

1:30 PM Changeset in webkit [245341] by sbarati@apple.com
  • 3 edits
    2 adds in trunk

Bound liveness of SetArgumentMaybe nodes when maximal flush insertion phase is enabled
https://bugs.webkit.org/show_bug.cgi?id=197855
<rdar://problem/50236506>

Reviewed by Michael Saboff.

JSTests:

  • stress/set-argument-maybe-maximal-flush-should-not-extend-liveness-2.js: Added.

(f0):
(bar):
(foo):

  • stress/set-argument-maybe-maximal-flush-should-not-extend-liveness.js: Added.

(f1):
(f2):
(foo):

Source/JavaScriptCore:

Maximal flush insertion phase assumes it can extend the live range of
variables. However, this is not true with SetArgumentMaybe nodes, because
they are not guaranteed to demarcate the birth of a variable in the way
that SetArgumentDefinitely does. This caused things to break in SSA conversion
when we wanted to use the result of a SetArgumentMaybe node. To obviate this,
when we're done inlining something with SetArgumentMaybes, we SetLocal(undefined)
to the same set of locals. This caps the live range of the SetArgumentMaybe
and makes it so that extending the live range of the SetLocal is valid.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleVarargsInlining):

12:56 PM Changeset in webkit [245340] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

Layout tests http/wpt/webauthn/public-key-credential-create-success-hid.https.html
http/wpt/webauthn/public-key-credential-get-success-hid.https.html are flaky crashes
https://bugs.webkit.org/show_bug.cgi?id=197917

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations: Skipping tests on Debug
12:50 PM Changeset in webkit [245339] by sihui_liu@apple.com
  • 4 edits in trunk/Source/WebKit

Add assertions to help diagnose crash at WebProcessProxy::processPool()
https://bugs.webkit.org/show_bug.cgi?id=197856
<rdar://problem/49341366>

Reviewed by Chris Dumez.

  • UIProcess/WebProcessCache.cpp:

(WebKit::WebProcessCache::CachedProcess::CachedProcess):

  • UIProcess/WebProcessLifetimeObserver.cpp:

(WebKit::WebProcessLifetimeObserver::addWebPage):
(WebKit::WebProcessLifetimeObserver::removeWebPage):

  • UIProcess/WebProcessLifetimeObserver.h:

(WebKit::WebProcessLifetimeObserver::hasProcess const):

12:24 PM Changeset in webkit [245338] by wenson_hsieh@apple.com
  • 4 edits in trunk

inputmode="numeric" should show a number pad with digits 0-9, instead of the numeric keyplane
https://bugs.webkit.org/show_bug.cgi?id=197916
<rdar://problem/50815427>

Reviewed by Timothy Hatcher.

Source/WebKit:

Use UIKeyboardTypeNumberPad instead of UIKeyboardTypeNumbersAndPunctuation when presenting a keyboard for a
field with inputmode="numeric". While the WhatWG specification merely requires the UA to display a keyboard
"capable of numeric input", it suggests that the keyboard should be "useful for PIN entry", which loosely
implies a number pad.

This is also generally in line with feedback from web developers.

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView textInputTraits]):

Tools:

Re-enable this previously flaky test, and rebaseline the result to to expect UIKeyboardTypeNumberPad for
inputmode="numeric".

  • TestWebKitAPI/Tests/ios/KeyboardInputTestsIOS.mm:

(TestWebKitAPI::TEST):

12:06 PM Changeset in webkit [245337] by don.olmstead@sony.com
  • 4 edits
    2 moves
    1 add in trunk/Source/WebKit

Add USE(LIBWPE) for AcceleratedSurface
https://bugs.webkit.org/show_bug.cgi?id=197918

Reviewed by Michael Catanzaro.

Renamed AcceleratedSurfaceWPE to AcceleratedSurfaceLibWPE since it just uses the
libwpe APIs.

  • PlatformWPE.cmake:
  • SourcesWPE.txt:
  • WebProcess/WebPage/AcceleratedSurface.cpp:

(WebKit::AcceleratedSurface::create):

  • WebProcess/WebPage/libwpe/AcceleratedSurfaceLibWPE.cpp: Renamed from Source/WebKit/WebProcess/WebPage/wpe/AcceleratedSurfaceWPE.cpp.

(WebKit::AcceleratedSurfaceLibWPE::create):
(WebKit::AcceleratedSurfaceLibWPE::AcceleratedSurfaceLibWPE):
(WebKit::AcceleratedSurfaceLibWPE::~AcceleratedSurfaceLibWPE):
(WebKit::AcceleratedSurfaceLibWPE::initialize):
(WebKit::AcceleratedSurfaceLibWPE::finalize):
(WebKit::AcceleratedSurfaceLibWPE::window const):
(WebKit::AcceleratedSurfaceLibWPE::surfaceID const):
(WebKit::AcceleratedSurfaceLibWPE::clientResize):
(WebKit::AcceleratedSurfaceLibWPE::willRenderFrame):
(WebKit::AcceleratedSurfaceLibWPE::didRenderFrame):

  • WebProcess/WebPage/libwpe/AcceleratedSurfaceLibWPE.h: Renamed from Source/WebKit/WebProcess/WebPage/wpe/AcceleratedSurfaceWPE.h.
11:53 AM Changeset in webkit [245336] by simon.fraser@apple.com
  • 7 edits in trunk/Source

Make LOG_WITH_STREAM more efficient
https://bugs.webkit.org/show_bug.cgi?id=197905

Reviewed by Alex Christensen.
Source/WebCore:

No longer need to conditionalize ClipRects logging on the channel being enabled
since LOG_WITH_STREAM fix the performance problem.

Convert some RenderLayerCompositor logging to use LOG_WITH_STREAM.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects const):
(WebCore::clipRectsLogEnabled): Deleted.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::computeCompositingRequirements):
(WebCore::RenderLayerCompositor::traverseUnchangedSubtree):

Source/WebCore/PAL:

Make the LOG_WITH_STREAM macro check that the log channel is enabled before
building the stream.

  • pal/LogMacros.h:

Source/WTF:

Add a streamable Repeat() class that can be used to output a series of characters.
This is useful for indenting output.

  • wtf/text/TextStream.h:

(WTF::TextStream::repeat::repeat):
(WTF::TextStream::operator<<):

11:44 AM Changeset in webkit [245335] by youenn@apple.com
  • 18 edits
    2 adds in trunk

getUserMedia sandbox extensions should not be revoked when a getUserMedia allowed request is being processed
https://bugs.webkit.org/show_bug.cgi?id=197851

Reviewed by Alex Christensen.

Source/WebCore:

Add a completion handler to create a new capture stream.
This is used by WK2 layer to acknowledge the pending capture request is completed.
Just after the completion handler, make sure to update the document media state.
This is done to ensure that, should capture failing, the UIProcess
knows about it and can manage proper sandbox extension revocation.

Test: fast/mediastream/gum-stop-track.html

  • Modules/mediastream/UserMediaRequest.cpp:

(WebCore::UserMediaRequest::allow):
(WebCore::UserMediaRequest::PendingActivationMediaStream::PendingActivationMediaStream):
(WebCore::UserMediaRequest::PendingActivationMediaStream::~PendingActivationMediaStream):

  • Modules/mediastream/UserMediaRequest.h:

(WebCore::UserMediaRequest::PendingActivationMediaStream::create):

  • platform/mock/MockRealtimeMediaSourceCenter.cpp:

(WebCore::MockRealtimeMediaSourceCenter::mockRealtimeMediaSourceCenterEnabled):

  • platform/mock/MockRealtimeMediaSourceCenter.h:

Source/WebKit:

Before the patch, stopping capture in a document and quickly triggering a new capture
might fail as the UIProcess would grant access and revoke sandbox access based on the fact
the page is no longer capturing.
To fix that issue, keep a state in the UIProcess to not revoke sandbox extensions in case of
capture being started.
Add an IPC message back to tell UIProcess when an allowed capture is finished.
Just after doing that, make sure the document is updating the media state to UIProcess, which will trigger proper sandbox extension handling.

This should also trigger the case of an allowed getUserMedia call that fails to start for some reason.
In that case, the patch will automatically trigger a document media state refresh which will trigger a sandbox revokation.

Covered by added test that exercise a newly added debug assertion.
This assertion ensures that we revoke extensions while a document is not capturing.

  • UIProcess/UserMediaPermissionRequestManagerProxy.cpp:

(WebKit::UserMediaPermissionRequestManagerProxy::~UserMediaPermissionRequestManagerProxy):
(WebKit::UserMediaPermissionRequestManagerProxy::grantAccess):
(WebKit::UserMediaPermissionRequestManagerProxy::captureStateChanged):

  • UIProcess/UserMediaPermissionRequestManagerProxy.h:
  • UIProcess/UserMediaProcessManager.cpp:

(WebKit::UserMediaProcessManager::willCreateMediaStream):
(WebKit::UserMediaProcessManager::revokeSandboxExtensionsIfNeeded):

  • UIProcess/UserMediaProcessManager.h:
  • UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::isCapturingAudio const):
(WebKit::WebPageProxy::isCapturingVideo const):

  • WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp:

(WebKit::UserMediaPermissionRequestManager::userMediaAccessWasGranted):

  • WebProcess/MediaStream/UserMediaPermissionRequestManager.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::userMediaAccessWasGranted):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:
  • WebProcess/WebProcess.cpp:

(WebKit::checkDocumentsCaptureStateConsistency):
(WebKit::WebProcess::revokeUserMediaDeviceSandboxExtensions):

LayoutTests:

  • fast/mediastream/gum-stop-track-expected.txt: Added.
  • fast/mediastream/gum-stop-track.html: Added.
11:29 AM Changeset in webkit [245334] by Chris Dumez
  • 10 edits in trunk/Source/WebKit

[WK2][iOS] UIProcess may get killed because it is taking too long to release its background task after expiration
https://bugs.webkit.org/show_bug.cgi?id=197893
<rdar://problem/50234105>

Reviewed by Alex Christensen.

The UIProcess may get killed because it is taking too long to release its background task after its expiration handler
was called. The reason is that the background task's expiration handler was sequentially sending a ProcessWillSuspendImminently
synchronous IPC to each of its child processes and only then ends the background task. By the time we receive the response from
all child processes, it may be too late and we get killed.

To address the issue, we now:

  1. Send the ProcessWillSuspendImminently asynchronously so that all processes can do their processing in parallel
  2. After 2 seconds, the UIProcess releases the background task (We get killed after ~5 seconds)

Also, to make sure that the UIProcess supends promptly, we now make sure we never start a new background task *after*
the app has been backgrounded. The intention of our background task is too finish critical work (like releasing locked
files) after the app gets backgrounded, not to start new work and delay process suspension.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::processWillSuspendImminently):

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/NetworkProcess.messages.in:
  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::sendProcessWillSuspendImminently):

  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::sendProcessWillSuspendImminently):

  • UIProcess/ios/ProcessAssertionIOS.mm:

(-[WKProcessAssertionBackgroundTaskManager init]):
(-[WKProcessAssertionBackgroundTaskManager _scheduleReleaseTask]):
(-[WKProcessAssertionBackgroundTaskManager _cancelPendingReleaseTask]):
(-[WKProcessAssertionBackgroundTaskManager _updateBackgroundTask]):

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::didReceiveSyncMessage):
(WebKit::WebProcess::processWillSuspendImminently):

  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in:
11:20 AM Changeset in webkit [245333] by Alan Coon
  • 4 edits
    1 add in branches/safari-607.2.1.2-branch

Cherry-pick r245047. rdar://problem/50754976

JSC: A bug in BytecodeGenerator::emitEqualityOpImpl
https://bugs.webkit.org/show_bug.cgi?id=197479

Reviewed by Saam Barati.

JSTests:

  • stress/do-not-perform-bytecode-peephole-optimization-in-jump-target.js: Added. (shouldBe):

Source/JavaScriptCore:

Our peephole optimization in BytecodeGenerator is (1) rewinding the previous instruction and (2) emit optimized instruction instead.
If we have jump target between the previous instruction and the subsequent instruction, this peephole optimization breaks the jump target.
To prevent it, we had a mechanism disabling peephole optimization, setting m_lastOpcodeID = op_end and checking m_lastOpcodeID when performing
peephole optimization. However, BytecodeGenerator::emitEqualityOpImpl checks m_lastInstruction->is<OpTypeof> instead of m_lastOpcodeID == op_typeof,
and miss op_end case.

This patch makes the following changes.

  1. Add canDoPeepholeOptimization method to clarify the intent of m_lastInstruction = op_end.
  2. Check canDoPeepholeOptimization status before performing peephole optimization in emitJumpIfTrue, emitJumpIfFalse, and emitEqualityOpImpl.
  3. Add ASSERT(canDoPeepholeOptimization()) in fuseCompareAndJump and fuseTestAndJmp to ensure that peephole optimization is allowed.
  • bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitEqualityOpImpl):
  • bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::canDoPeepholeOptimization const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245047 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:20 AM Changeset in webkit [245332] by Alan Coon
  • 8 edits
    1 add in branches/safari-607.2.1.2-branch

Cherry-pick r244996. rdar://problem/50754980

[JSC] We should check OOM for description string of Symbol
https://bugs.webkit.org/show_bug.cgi?id=197634

Reviewed by Keith Miller.

JSTests:

  • stress/check-symbol-description-oom.js: Added. (shouldThrow):

Source/JavaScriptCore:

When resoling JSString for description of Symbol, we should check OOM error.
We also change JSValueMakeSymbol(..., nullptr) to returning a symbol value
without description, (1) to simplify the code and (2) give a way for JSC API
to create a symbol value without description.

  • API/JSValueRef.cpp: (JSValueMakeSymbol):
  • API/tests/testapi.cpp: (TestAPI::symbolsTypeof): (TestAPI::symbolsDescription): (testCAPIViaCpp):
  • dfg/DFGOperations.cpp:
  • runtime/Symbol.cpp: (JSC::Symbol::createWithDescription):
  • runtime/Symbol.h:
  • runtime/SymbolConstructor.cpp: (JSC::callSymbol):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:20 AM Changeset in webkit [245331] by Alan Coon
  • 7 edits
    2 adds in branches/safari-607.2.1.2-branch

Cherry-pick r243948. rdar://problem/50754972

SIGSEGV in JSC::BytecodeGenerator::addStringConstant
https://bugs.webkit.org/show_bug.cgi?id=196486

Reviewed by Saam Barati.

JSTests:

  • stress/arrow-function-and-use-strict-directive.js: Added.
  • stress/arrow-function-syntax.js: Added. Checking EOF token handling. (checkSyntax): (checkSyntaxError): Currently not using it. But it is useful for testing more things related to arrow function syntax.

Source/JavaScriptCore:

When parsing a FunctionExpression / FunctionDeclaration etc., we use SyntaxChecker for the body of the function because we do not have any interest on the nodes of the body at that time.
The nodes will be parsed with the ASTBuilder when the function itself is parsed for code generation. This works well previously because all the function ends with "}" previously.
SyntaxChecker lexes this "}" token, and parser restores the context back to ASTBuilder and continues parsing.

But now, we have ArrowFunctionExpression without braces arrow => expr. Let's consider the following code.

arrow => expr
"string!"

We parse arrow function's body with SyntaxChecker. At that time, we lex "string!" token under the SyntaxChecker context. But this means that we may not build string content for this token
since SyntaxChecker may not have interest on string content itself in certain case. After the parser is back to ASTBuilder, we parse "string!" as ExpressionStatement with string constant,
generate StringNode with non-built identifier (nullptr), and we accidentally create StringNode with nullptr.

This patch fixes this problem. The root cause of this problem is that the last token lexed in the previous context is used. We add lexCurrentTokenAgainUnderCurrentContext which will re-lex
the current token under the current context (may be ASTBuilder). This should be done only when the caller's context is different from SyntaxChecker, which avoids unnecessary lexing.
We leverage existing SavePoint mechanism to implement lexCurrentTokenAgainUnderCurrentContext cleanly.

And we also fix the bug in the existing SavePoint mechanism, which is shown in the attached test script. When we save LexerState, we do not save line terminator status. This patch also introduces
lexWithoutClearingLineTerminator, which lex the token without clearing line terminator status.

  • parser/ASTBuilder.h: (JSC::ASTBuilder::createString):
  • parser/Lexer.cpp: (JSC::Lexer<T>::parseMultilineComment): (JSC::Lexer<T>::lexWithoutClearingLineTerminator): EOF token also should record offset information. This offset information is correctly handled in Lexer::setOffset too. (JSC::Lexer<T>::lex): Deleted.
  • parser/Lexer.h: (JSC::Lexer::hasLineTerminatorBeforeToken const): (JSC::Lexer::setHasLineTerminatorBeforeToken): (JSC::Lexer<T>::lex): (JSC::Lexer::prevTerminator const): Deleted. (JSC::Lexer::setTerminator): Deleted.
  • parser/Parser.cpp: (JSC::Parser<LexerType>::allowAutomaticSemicolon): (JSC::Parser<LexerType>::parseSingleFunction): (JSC::Parser<LexerType>::parseStatementListItem): (JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement): (JSC::Parser<LexerType>::parseFunctionInfo): (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseExportDeclaration): (JSC::Parser<LexerType>::parseAssignmentExpression): (JSC::Parser<LexerType>::parseYieldExpression): (JSC::Parser<LexerType>::parseProperty): (JSC::Parser<LexerType>::parsePrimaryExpression): (JSC::Parser<LexerType>::parseMemberExpression):
  • parser/Parser.h: (JSC::Parser::nextWithoutClearingLineTerminator): (JSC::Parser::lexCurrentTokenAgainUnderCurrentContext): (JSC::Parser::internalSaveLexerState): (JSC::Parser::restoreLexerState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243948 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:07 AM Changeset in webkit [245330] by Alan Coon
  • 7 edits in branches/safari-607.2.1.2-branch/Source

Versioning.

11:01 AM Changeset in webkit [245329] by jiewen_tan@apple.com
  • 2 edits in trunk/Source/WebKit

[WebAuthN] Make WebAuthN default on
https://bugs.webkit.org/show_bug.cgi?id=197805
<rdar://problem/50683699>

Reviewed by Darin Adler.

  • Shared/WebPreferences.yaml:
10:40 AM Changeset in webkit [245328] by youenn@apple.com
  • 9 edits
    1 add in trunk

Reuse existing WebPageProxy quota handler for NetworkProcessProxy quota requests
https://bugs.webkit.org/show_bug.cgi?id=197463
<rdar://problem/47403621>

Reviewed by Alex Christensen.

Source/WebKit:

Add a getter to know whether websitedatastore client implements the quota delegate.
If not, find the most visible page that is the same origin as the quota request
and reuse the existing exceededDatabasQuota delegate.
This approach allows to call the delegate even if the quota request comes from a service worker.
If no such page is found, the quota will not be increased.

Refactoring to make sure we are calling the delegate once a previous call to that delegate is completed.
Covered by API test.

  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm:
  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::requestStorageSpace):

  • UIProcess/WebPageProxy.cpp:

(WebKit::StorageRequests::add):
(WebKit::StorageRequests::processNext):
(WebKit::StorageRequests::areBeingProcessed const):
(WebKit::StorageRequests::setAreBeingProcessed):
(WebKit::StorageRequests::StorageRequests):
(WebKit::StorageRequests::~StorageRequests):
(WebKit::StorageRequests::singleton):
(WebKit::WebPageProxy::forMostVisibleWebPageIfAny):
(WebKit::WebPageProxy::didChangeMainDocument):
(WebKit::WebPageProxy::exceededDatabaseQuota):
(WebKit::WebPageProxy::requestStorageSpace):
(WebKit::WebPageProxy::makeStorageSpaceRequest):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::forWebPages):

  • UIProcess/WebProcessProxy.h:
  • UIProcess/WebsiteData/WebsiteDataStoreClient.h:

(WebKit::WebsiteDataStoreClient::implementsRequestStorageSpaceHandler const):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/StorageQuota.mm: Added.

(-[QuotaDelegate init]):
(-[QuotaDelegate _webView:decideDatabaseQuotaForSecurityOrigin:currentQuota:currentOriginUsage:currentDatabaseUsage:expectedUsage:decisionHandler:]):
(-[QuotaDelegate quotaDelegateCalled]):
(-[QuotaDelegate grantQuota]):
(-[StorageSchemes webView:startURLSchemeTask:]):
(-[StorageSchemes webView:stopURLSchemeTask:]):
(-[QuotaMessageHandler userContentController:didReceiveScriptMessage:]):
(doTest):

9:35 AM Changeset in webkit [245327] by youenn@apple.com
  • 6 edits in trunk

Constant crashes under WebPage::isThrottleable() after r245299
https://bugs.webkit.org/show_bug.cgi?id=197902
<rdar://problem/50793796>

Reviewed by Alex Christensen.

Source/WebKit:

Update throttle state after a run loop iteration when page state changes to make sure the pageMap does not have null pages.
Add appNapEnabled preference that is used by added API test.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updateThrottleState):

  • UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences _setAppNapEnabled:]):
(-[WKPreferences _appNapEnabled]):

  • UIProcess/API/Cocoa/WKPreferencesPrivate.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm:
8:59 AM Changeset in webkit [245326] by simon.fraser@apple.com
  • 5 edits
    2 adds in trunk/Source/WebCore

Move RenderLayerCompositor's OverlapMap to its own file
https://bugs.webkit.org/show_bug.cgi?id=197915

Reviewed by Alex Christensen.

Move OverlapMap to its own file.
Make use of RectList, which was in the file but unused!
Allocate OverlapMapContainer on the heap both to avoid header pollution of internals,
and because they will get bigger in future.

No behavior change.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • rendering/LayerOverlapMap.cpp: Added.

(WebCore::RectList::append):
(WebCore::RectList::intersects const):
(WebCore::OverlapMapContainer::add):
(WebCore::OverlapMapContainer::overlapsLayers const):
(WebCore::OverlapMapContainer::unite):
(WebCore::LayerOverlapMap::LayerOverlapMap):
(WebCore::LayerOverlapMap::add):
(WebCore::LayerOverlapMap::overlapsLayers const):
(WebCore::LayerOverlapMap::pushCompositingContainer):
(WebCore::LayerOverlapMap::popCompositingContainer):

  • rendering/LayerOverlapMap.h: Added.

(WebCore::LayerOverlapMap::isEmpty const):
(WebCore::LayerOverlapMap::geometryMap const):
(WebCore::LayerOverlapMap::geometryMap):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::updateCompositingLayers):
(WebCore::RenderLayerCompositor::computeCompositingRequirements):
(WebCore::RenderLayerCompositor::traverseUnchangedSubtree):
(WebCore::RenderLayerCompositor::computeExtent const):
(WebCore::RenderLayerCompositor::addToOverlapMap):
(WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
(WebCore::OverlapMapContainer::add): Deleted.
(WebCore::OverlapMapContainer::overlapsLayers const): Deleted.
(WebCore::OverlapMapContainer::unite): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::OverlapMap): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::add): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::overlapsLayers const): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::isEmpty const): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::pushCompositingContainer): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::popCompositingContainer): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::geometryMap const): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::geometryMap): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::RectList::append): Deleted.
(WebCore::RenderLayerCompositor::OverlapMap::RectList::intersects const): Deleted.

  • rendering/RenderLayerCompositor.h:
8:13 AM Changeset in webkit [245325] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WTF

compilation failure with clang 9
https://bugs.webkit.org/show_bug.cgi?id=197911

Patch by Víctor Manuel Jáquez Leal <vjaquez@igalia.com> on 2019-05-15
Reviewed by Alex Christensen.

Use std namespace for nullptr_t in tagArrayPtr templates.

  • wtf/PtrTag.h:

(WTF::tagArrayPtr):

8:03 AM Changeset in webkit [245324] by commit-queue@webkit.org
  • 3 edits in trunk/Tools

[GTK][jhbuild] misc cleanups and bumps
https://bugs.webkit.org/show_bug.cgi?id=197913

Patch by Philippe Normand <pnormand@igalia.com> on 2019-05-15
Reviewed by Xabier Rodriguez-Calvar.

  • gstreamer/jhbuild.modules: Bump to libva 2.4.1 and switch to Meson.
  • gtk/jhbuild.modules: Bump to Brotli 1.0.5 and Wayland 1.16.
8:00 AM Changeset in webkit [245323] by Chris Dumez
  • 2 edits in trunk/Tools

Flaky API Test: TestWebKitAPI.ProcessSwap.NumberOfCachedProcesses
https://bugs.webkit.org/show_bug.cgi?id=195102
<rdar://problem/48456786>

Reviewed by Alex Christensen.

Try to wait longer for the number of processes to reach the expected number
and before failing.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
7:55 AM Changeset in webkit [245322] by commit-queue@webkit.org
  • 4 edits in trunk

Allow NSFileCoordinator to be called from WebContent process
https://bugs.webkit.org/show_bug.cgi?id=197895
<rdar://problem/50107679>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-05-15
Reviewed by Brent Fulgham.

Source/WebKit:

  • WebProcess/com.apple.WebProcess.sb.in:

Expand sandbox to allow use of com.apple.FileCoordination mach service like we do on iOS.

Tools:

Add a unit test that verifies calling the block succeeds.

  • TestWebKitAPI/Tests/WebKitCocoa/AdditionalReadAccessAllowedURLsPlugin.mm:

(-[AdditionalReadAccessAllowedURLsPlugIn webProcessPlugIn:didCreateBrowserContextController:]):

3:22 AM Changeset in webkit [245321] by Fujii Hironori
  • 3 edits in trunk/LayoutTests

Unreviewed test gardening for WinCairo

  • platform/wincairo-wk1/TestExpectations: Moved accessibility

expectations to this file.

  • platform/wincairo/TestExpectations: Skip accessibility because

WinCairo WK2 doesn't support it yet. Skip
http/tests/resourceLoadStatistics for WK2 because all tests are
timing out.

1:37 AM Changeset in webkit [245320] by Devin Rousso
  • 16 edits in trunk/Source

Web Automation: elements larger than the viewport have incorrect in-view center point
https://bugs.webkit.org/show_bug.cgi?id=195696
<rdar://problem/48737122>

Reviewed by Simon Fraser.

Original patch by Brian Burg <Brian Burg>.

Source/WebCore:

Some conversion methods do not exist for FloatRect/FloatPoint. Fill them in as needed,
and export some symbols used by WebDriver code to compute an element's in-view center point
in various coordinate systems.

  • dom/TreeScope.h:
  • dom/TreeScope.cpp:

(WebCore::TreeScope::elementsFromPoint): Added.

  • page/FrameView.h:
  • page/FrameView.cpp:

(WebCore::FrameView::absoluteToLayoutViewportPoint const): Added.
(WebCore::FrameView::layoutViewportToAbsoluteRect const): Added.
(WebCore::FrameView::absoluteToLayoutViewportRect const): Added.

  • platform/ScrollView.h:
  • platform/ScrollView.cpp:

(WebCore::ScrollView::viewToContents const): Added.
(WebCore::ScrollView::contentsToView const): Added.
(WebCore::ScrollView::contentsToRootView const): Added.

  • platform/Widget.h:
  • platform/Widget.cpp:

(WebCore::Widget::convertToRootView const): Added.
(WebCore::Widget::convertFromRootView const): Added.
(WebCore::Widget::convertToContainingView const): Added.
(WebCore::Widget::convertFromContainingView const): Added.

Source/WebKit:

This seems to be an omission in the specification. While it does mention that the in-view
center point (IVCP) must be within the viewport, the algorithm never intersects the element
bounding box with the viewport rect.

  • WebProcess/Automation/WebAutomationSessionProxy.cpp:

(WebKit::WebAutomationSessionProxy::computeElementLayout):
This code is incorrect. For CoordinateSystem::LayoutViewport, coordinates should be in
root view coordinates so that it can be later converted to screen and synthesized as a HID
event in screen coordinates. Intersect the element rect and the viewport rect before finding
the center point of the part of the element that's visible in the viewport.

(WebKit::convertRectFromFrameClientToRootView): Added.
(WebKit::convertPointFromFrameClientToRootView): Added.
Added helpers to properly account for scroll contents position on iOS.

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::viewportInViewCenterPointOfElement):
Now that we determine whether the element is inside the viewport much earlier, if the
element has no inViewCenterPoint, we can return a TargetOutOfBounds instead of a more
"generic" ElementNotInteractable.

(WebKit::WebAutomationSession::simulateMouseInteraction):
Rename locationInView -> locationInViewport.

(WebKit::WebAutomationSession::simulateTouchInteraction):
This code is incorrect. The unobscuredContentRect is in screen coordinates, but
we are trying to see if (x, y) is outside the size of the viewport assumed to be at (0, 0).
Grab the visual viewport rect and see if the location exceeds the viewport size.

  • UIProcess/Automation/ios/WebAutomationSessionIOS.mm:

(WebKit::operator<<):
Add logging helper for TouchInteraction enum.

(WebKit::WebAutomationSession::platformSimulateTouchInteraction):
Move local variable.

  • UIProcess/Automation/SimulatedInputDispatcher.cpp:

(WebKit::SimulatedInputDispatcher::transitionInputSourceToState):
Fix a typo in logging.

  • UIProcess/Automation/Automation.json:

Simplify enum name.

  • Platform/Logging.h:

Add logging channel to dump fully resolved interaction details.

Note: See TracTimeline for information about the timeline view.