Timeline



Feb 23, 2018:

10:36 PM Changeset in webkit [228972] by Chris Dumez
  • 6 edits in trunk/Source/WebCore

Crash under SchemeRegistry::shouldTreatURLSchemeAsLocal(WTF::String const&)
https://bugs.webkit.org/show_bug.cgi?id=183066
<rdar://problem/37804111>

Reviewed by Ryosuke Niwa.

SecurityOrigin objects are constructed on various threads. However, someone added a
shouldTreatAsPotentiallyTrustworthy() call to the SecurityOrigin constructor which
was not thread safe. This is because this function relies on SchemeRegistry::shouldTreatURLSchemeAsSecure()
and SchemeRegistry::shouldTreatURLSchemeAsLocal() which were relying on global static HashMaps without
locks.

Update SecurityOrigin to initialize m_isPotentiallyTrustworthy lazily, to avoid paying
initialization cost in the constructor. This is only queries by SecurityContext::isSecureContext().

Make SchemeRegistry::shouldTreatURLSchemeAsLocal() and SchemeRegistry::shouldTreatURLSchemeAsSecure()
thread-safe, since they are needed to initialize SecurityOrigin::m_isPotentiallyTrustworthy from
various threads.

SchemeRegistry::shouldTreatURLSchemeAsSecure() is only called from SecurityOrigin (which requires
thread-safety), and getUserMedia() which is not hot code so the extra locking there should not
be an issue.

SchemeRegistry::shouldTreatURLSchemeAsLocal() is called from SecurityOrigin (which requires thread-
safety). It is also called from isQuickLookPreviewURL(), MHTMLArchive::create(), Page::userStyleSheetLocationChanged(),
isRemoteWebArchive() and HTMLPlugInImageElement. All these are not hot code so I do not think
we need a fast path.

  • page/SecurityOrigin.cpp:

(WebCore::isLoopbackIPAddress):
(WebCore::shouldTreatAsPotentiallyTrustworthy):
(WebCore::SecurityOrigin::isPotentiallyTrustworthy const):
(WebCore::SecurityOrigin::isLocalHostOrLoopbackIPAddress):

  • page/SecurityOrigin.h:
  • platform/SchemeRegistry.cpp:

(WebCore::localURLSchemesLock):
(WebCore::localURLSchemes):
(WebCore::secureSchemesLock):
(WebCore::secureSchemes):
(WebCore::SchemeRegistry::registerURLSchemeAsLocal):
(WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
(WebCore::SchemeRegistry::registerURLSchemeAsSecure):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsSecure):

  • platform/SchemeRegistry.h:
6:01 PM Changeset in webkit [228971] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[Curl] Cookie Database files are wrongfully getting deleted when the database is opened
https://bugs.webkit.org/show_bug.cgi?id=183051

Patch by Christopher Reid <chris.reid@sony.com> on 2018-02-23
Reviewed by Per Arne Vollan.

The file stat logic was backwards causing a wrongful detection of database corruption.
Fixed the logic and abstracted these calls to use FileSystem.

  • platform/network/curl/CookieJarDB.cpp:
5:20 PM Changeset in webkit [228970] by jmarcell@apple.com
  • 7 edits in branches/safari-605-branch/Source

Versioning.

5:18 PM Changeset in webkit [228969] by jmarcell@apple.com
  • 1 copy in tags/Safari-605.1.31

Tag Safari-605.1.31.

4:48 PM Changeset in webkit [228968] by sbarati@apple.com
  • 20 edits
    1 add in trunk

Make Number.isInteger an intrinsic
https://bugs.webkit.org/show_bug.cgi?id=183088

Reviewed by JF Bastien.

JSTests:

  • stress/number-is-integer-intrinsic.js: Added.

Source/JavaScriptCore:

When profiling the ML subtest in ARES, I noticed it was spending some
time in Number.isInteger. This patch makes that operation an intrinsic
in the DFG/FTL. It might be a speedup by 1% or so on that subtest, but
it's likely not an aggregate speedup on ARES. However, it is definitely
faster than calling into a builtin function, so we might as well have
it as an intrinsic.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsicCall):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileNumberIsInteger):
(JSC::FTL::DFG::LowerDFGToB3::unboxDouble):

  • runtime/Intrinsic.cpp:

(JSC::intrinsicName):

  • runtime/Intrinsic.h:
  • runtime/NumberConstructor.cpp:

(JSC::NumberConstructor::finishCreation):
(JSC::numberConstructorFuncIsInteger):

  • runtime/NumberConstructor.h:

(JSC::NumberConstructor::isIntegerImpl):

3:26 PM Changeset in webkit [228967] by wilander@apple.com
  • 7 edits in trunk/Source

Introduce ITP debug logging as an opt-in developer feature
https://bugs.webkit.org/show_bug.cgi?id=183065
<rdar://problem/37803761>

Reviewed by Brent Fulgham.

Source/WebKit:

  • Platform/Logging.h:

Added a dedicated channel for Resource Load Statistics debug logging
since this will be part of a developer-facing feature and should not
be mixed with general Resource Load Statistics logging.

  • UIProcess/Cocoa/WebResourceLoadStatisticsStoreCocoa.mm:

(WebKit::WebResourceLoadStatisticsStore::registerUserDefaultsIfNeeded):

Now picks up the user default setting for
ResourceLoadStatisticsDebugLoggingEnabled.

  • UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::removeDataRecords):

Now logs for which domains it purges website data if
ResourceLoadStatisticsDebugLoggingEnabled is set.

(WebKit::WebResourceLoadStatisticsStore::updateCookiePartitioning):

Now logs for which domains it partitions and blocks cookies
in third-party contexts if ResourceLoadStatisticsDebugLoggingEnabled
is set.

  • UIProcess/WebResourceLoadStatisticsStore.h:

Source/WTF:

  • wtf/Assertions.h:

Introduces RELEASE_LOG_INFO() and RELEASE_LOG_INFO_IF().

3:16 PM Changeset in webkit [228966] by gskachkov@gmail.com
  • 9 edits
    1 add in trunk

WebAssembly: cache memory address / size on instance
https://bugs.webkit.org/show_bug.cgi?id=177305

Reviewed by JF Bastien.

JSTests:

  • wasm/function-tests/memory-reuse.js: Added.

(createWasmInstance):
(doCheckTrap):
(doMemoryGrow):
(doCheck):
(checkWasmInstancesWithSharedMemory):

Source/JavaScriptCore:

Cache memory address/size in wasm:Instance to avoid load wasm:Memory
object during access to memory and memory size property in JiT

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::B3IRGenerator::addCurrentMemory):
(JSC::Wasm::B3IRGenerator::addCallIndirect):

  • wasm/WasmBinding.cpp:

(JSC::Wasm::wasmToWasm):

  • wasm/WasmInstance.h:

(JSC::Wasm::Instance::cachedMemory const):
(JSC::Wasm::Instance::cachedMemorySize const):
(JSC::Wasm::Instance::createWeakPtr):
(JSC::Wasm::Instance::setMemory):
(JSC::Wasm::Instance::updateCachedMemory):
(JSC::Wasm::Instance::offsetOfCachedMemory):
(JSC::Wasm::Instance::offsetOfCachedMemorySize):
(JSC::Wasm::Instance::offsetOfCachedIndexingMask):
(JSC::Wasm::Instance::allocationSize):

  • wasm/WasmMemory.cpp:

(JSC::Wasm::Memory::grow):
(JSC::Wasm::Memory::registerInstance):

  • wasm/WasmMemory.h:

(JSC::Wasm::Memory::indexingMask):

  • wasm/js/JSToWasm.cpp:

(JSC::Wasm::createJSToWasmWrapper):

  • wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::evaluate):

2:23 PM Changeset in webkit [228965] by jmarcell@apple.com
  • 7 edits in tags/Safari-606.1.6.1/Source

Versioning.

2:19 PM Changeset in webkit [228964] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit

[macOS] Correct sandbox violation during media playback
https://bugs.webkit.org/show_bug.cgi?id=183092
<rdar://problem/37718495>

Reviewed by Eric Carlson.

  • WebProcess/com.apple.WebProcess.sb.in:
1:40 PM Changeset in webkit [228963] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch/Source

Apply patch. rdar://problem/37836719

1:39 PM Changeset in webkit [228962] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r228930. rdar://problem/37836719

1:39 PM Changeset in webkit [228961] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch/Source

Cherry-pick r228919. rdar://problem/37836719

12:30 PM Changeset in webkit [228960] by jmarcell@apple.com
  • 5 edits
    2 adds in branches/safari-605-branch

Cherry-pick r228947. rdar://problem/37833040

12:30 PM Changeset in webkit [228959] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r228937. rdar://problem/37833035

12:30 PM Changeset in webkit [228958] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228934. rdar://problem/37816677

12:30 PM Changeset in webkit [228957] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228931. rdar://problem/37816658

12:30 PM Changeset in webkit [228956] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228928. rdar://problem/37816673

12:06 PM WebKitGTK/2.20.x edited by Michael Catanzaro
Review Safari backports through r228941 (diff)
12:02 PM Changeset in webkit [228955] by jmarcell@apple.com
  • 1 copy in tags/Safari-606.1.6.1

New tag.

11:33 AM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
10:39 AM Changeset in webkit [228954] by Alan Bujtas
  • 15 edits in trunk/Source/WebCore

[RenderTreeBuilder] Make RenderTreeBuilder::* classes WTF_MAKE_FAST_ALLOCATED
https://bugs.webkit.org/show_bug.cgi?id=183084
<rdar://problem/37828706>

Reviewed by Antti Koivisto.

  • rendering/updating/RenderTreeBuilderBlock.h:
  • rendering/updating/RenderTreeBuilderBlockFlow.h:
  • rendering/updating/RenderTreeBuilderContinuation.h:
  • rendering/updating/RenderTreeBuilderFirstLetter.h:
  • rendering/updating/RenderTreeBuilderFormControls.h:
  • rendering/updating/RenderTreeBuilderFullScreen.h:
  • rendering/updating/RenderTreeBuilderInline.h:
  • rendering/updating/RenderTreeBuilderList.h:
  • rendering/updating/RenderTreeBuilderMathML.h:
  • rendering/updating/RenderTreeBuilderMultiColumn.h:
  • rendering/updating/RenderTreeBuilderRuby.h:
  • rendering/updating/RenderTreeBuilderSVG.h:
  • rendering/updating/RenderTreeBuilderTable.h:
  • rendering/updating/RenderTreeUpdaterGeneratedContent.h:
10:37 AM Changeset in webkit [228953] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WTF

warning: unused variable 'InitialBufferSize' in Assertions.cpp
https://bugs.webkit.org/show_bug.cgi?id=183076

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-23
Reviewed by Yusuke Suzuki.

  • wtf/Assertions.cpp: Moved the definition of InitialBufferSize to inside #if.
10:35 AM Changeset in webkit [228952] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

ArgumentsEliminationPhase has a branch on GetByOffset that should be an assert
https://bugs.webkit.org/show_bug.cgi?id=182982

Reviewed by Yusuke Suzuki.

I don't know why this check was not always an assert. When we see
a GetByOffset on an eliminated allocation, that allocation *must*
be a PhantomClonedArguments. If it weren't, the GetByOffset would
have escaped it. Because this transformation happens by visiting
blocks in pre-order, and by visiting nodes in a block starting from
index zero to index block->size() - 1, we're guaranteed that eliminated
allocations get transformed before users of it, since we visit nodes
in dominator order.

  • dfg/DFGArgumentsEliminationPhase.cpp:
10:32 AM Changeset in webkit [228951] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[MSVC] Unknown a type definition error in WebResourceLoadStatisticsStore on wincairo webkit
https://bugs.webkit.org/show_bug.cgi?id=182873

Patch by Yousuke Kimoto <yousuke.kimoto@sony.com> on 2018-02-23
Reviewed by Yusuke Suzuki.

  • UIProcess/WebResourceLoadStatisticsStore.h:
9:54 AM Changeset in webkit [228950] by Yusuke Suzuki
  • 32 edits
    2 adds in trunk

[JSC] Implement $vm.ftlTrue function for FTL testing
https://bugs.webkit.org/show_bug.cgi?id=183071

Reviewed by Mark Lam.

JSTests:

  • stress/dead-fiat-value-to-int52-then-exit-not-double.js:

(foo):

  • stress/dead-fiat-value-to-int52-then-exit-not-int52.js:

(foo):

  • stress/dead-fiat-value-to-int52.js:

(foo):

  • stress/dead-osr-entry-value.js:

(foo):

  • stress/fiat-value-to-int52-then-exit-not-double.js:

(foo):

  • stress/fiat-value-to-int52-then-exit-not-int52.js:

(foo):

  • stress/fiat-value-to-int52-then-fail-to-fold.js:

(foo):

  • stress/fiat-value-to-int52-then-fold.js:

(foo):

  • stress/fiat-value-to-int52.js:

(foo):

  • stress/fold-based-on-int32-proof-mul-branch.js:

(foo):

  • stress/fold-profiled-call-to-call.js:

(foo):

  • stress/fold-to-double-constant-then-exit.js:

(foo):

  • stress/fold-to-int52-constant-then-exit.js:

(foo):

  • stress/fold-to-primitive-in-cfa.js:

(foo):

  • stress/fold-to-primitive-to-identity-in-cfa.js:

(foo):

  • stress/has-indexed-property-array-storage-ftl.js: Added.

(shouldBe):
(test1):
(test2):

  • stress/has-indexed-property-slow-put-array-storage-ftl.js: Added.

(shouldBe):
(test1):
(test2):

  • stress/int52-ai-add-then-filter-int32.js:

(foo):

  • stress/int52-ai-mul-and-clean-neg-zero-then-filter-int32.js:

(foo):

  • stress/int52-ai-mul-then-filter-int32.js:

(foo):

  • stress/int52-ai-neg-then-filter-int32.js:

(foo):

  • stress/int52-ai-sub-then-filter-int32.js:

(foo):

  • stress/licm-pre-header-cannot-exit-nested.js:

(foo):

  • stress/licm-pre-header-cannot-exit.js:

(foo):

  • stress/sparse-array-entry-update-144067.js:

(useMemoryToTriggerGCs):

  • stress/test-spec-misc.js:

(foo):

  • stress/tricky-array-bounds-checks.js:

(foo):

Source/JavaScriptCore:

Add $vm.ftlTrue, which becomes true if the caller is compiled in FTL.
This is useful for testing whether the caller function is compiled in FTL.

We also remove duplicate DFGTrue function in jsc.cpp. We have $vm.dfgTrue.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsicCall):

  • jsc.cpp:

(GlobalObject::finishCreation):
(functionFalse1):
(functionFalse2): Deleted.

  • runtime/Intrinsic.cpp:

(JSC::intrinsicName):

  • runtime/Intrinsic.h:
  • tools/JSDollarVM.cpp:

(JSC::functionFTLTrue):
(JSC::JSDollarVM::finishCreation):

8:16 AM Changeset in webkit [228949] by Alan Bujtas
  • 9 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderFullScreen::createPlaceholder to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=183027
<rdar://problem/37773058>

Reviewed by Antti Koivisto.

No change in functionality.

  • dom/Document.cpp:

(WebCore::Document::setFullScreenRenderer):

  • dom/Document.h:
  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreenPlaceholder::RenderFullScreenPlaceholder):
(WebCore::RenderFullScreenPlaceholder::isRenderFullScreenPlaceholder const):
(WebCore::RenderFullScreen::wrapNewRenderer):
(WebCore::RenderFullScreen::wrapExistingRenderer):
(): Deleted.
(WebCore::RenderFullScreen::createPlaceholder): Deleted.

  • rendering/RenderFullScreen.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::createPlaceholderForFullScreen):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderFullScreen.cpp:

(WebCore::RenderTreeBuilder::FullScreen::createPlaceholder):

  • rendering/updating/RenderTreeBuilderFullScreen.h:
6:52 AM Changeset in webkit [228948] by Alan Bujtas
  • 4 edits in trunk/Source/WebCore

[RenderTreeBuilder] Add WARN_UNUSED_RETURN to detach()
https://bugs.webkit.org/show_bug.cgi?id=183073
<rdar://problem/37814585>

Reviewed by Antti Koivisto.

So that we don't destroy a renderer accidentally.

  • rendering/updating/RenderTreeBuilderBlock.h:
  • rendering/updating/RenderTreeBuilderRuby.h:
  • rendering/updating/RenderTreeBuilderSVG.h:
5:53 AM Changeset in webkit [228947] by graouts@webkit.org
  • 5 edits
    2 adds in trunk

REGRESSION (r228445): A big pause button shows over YouTube videos if you tap "Tap To Unmute" on iOS
https://bugs.webkit.org/show_bug.cgi?id=183074
<rdar://problem/37747028>

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/modern-media-controls/start-support/start-support-disable-controls-and-re-enable-post-play.html

In the fix for webkit.org/b/182668, we made it so that when the "controls" attribute is absent from a media
element we stop listening to the bulk of media events and prevent controls from updating any DOM properties
so as to minimize the amount of CPU usage by the Web process.

An unfortunate side effect was that, if the media controls were disabled at the time the video starts playing,
the StartSupport class would thus not catch the "play" event and would not be able to set the "hasPlayed"
property to "true" on the MediaController, which would then prevent the _shouldShowStartButton() from returning
"false". As a result, if the "controls" attribute was turned back on after the media started playing, they
would default to showing the start button, which would be then in the play state, ie. showing the pause icon.

We now set the "hasPlayed" property in the "play" event handler on MediaController, which is always registered
regardless of the "controls" attribute setting. We also ensure we invalidate the "showStartButton" property on
the media controls when StartSupport is enabled, which is the case when the "controls" attribute is toggled back
to "true" from a previous "false" value.

  • Modules/modern-media-controls/media/media-controller.js:

(MediaController.prototype.handleEvent):

  • Modules/modern-media-controls/media/start-support.js:

(StartSupport):
(StartSupport.prototype.enable):
(StartSupport.prototype.handleEvent):
(StartSupport.prototype._updateShowsStartButton):

LayoutTests:

Add a new test that set controls on the video, then immediately removes them, plays the video and turns the controls
back on as soon as the video starts to check that the "showsStartButton" property is false on the media controls.
Prior to this patch this test would fail.

  • media/modern-media-controls/start-support/start-support-disable-controls-and-re-enable-post-play-expected.txt: Added.
  • media/modern-media-controls/start-support/start-support-disable-controls-and-re-enable-post-play.html: Added.
  • platform/ios/TestExpectations:
4:53 AM Changeset in webkit [228946] by Carlos Garcia Campos
  • 8 edits in trunk/Source

[GStreamer][MiniBrowser] Honor GStreamer command line parameters in MiniBrowser
https://bugs.webkit.org/show_bug.cgi?id=173655
<rdar://problem/37706341>

Reviewed by Philippe Normand.

Source/WebCore:

Do not assume gst is only used in the WebProcess, the MIMETypeRegistry also uses gst to get the list of
supported media types. Move the code to extract gst options from the process command line to a helper function
and use it in the UI process to pass the options to the WebProcess, but also in the current process when gst is
initialized without providing options.

Fixes several unit tests that use MIMETypeRegistry in the UI process.

  • platform/graphics/gstreamer/GStreamerUtilities.cpp:

(WebCore::extractGStreamerOptionsFromCommandLine): Helper to get the gst options from the current process
command line.
(WebCore::initializeGStreamer): Ensure this is called once. Get the gst options from the given vector or extract
it from the command line if not provided.

  • platform/graphics/gstreamer/GStreamerUtilities.h:
  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::initializeGStreamerAndRegisterWebKitElements): Bring back the gst
initialization here.

Source/WebKit:

Actually pass the gst command line options to the WebProcess. The options in /proc/self/cmdline are separated by
null characters, so we are effectively passing always the first option only, which is the program name. Then, in
the web process we always ignore the first option and providing WebProcess unconditionally, so we were doing
nothing.

  • UIProcess/gtk/WebProcessPoolGtk.cpp:

(WebKit::WebProcessPool::platformInitializeWebProcess): Use WebCore::extractGStreamerOptionsFromCommandLine()

  • UIProcess/wpe/WebProcessPoolWPE.cpp:

(WebKit::WebProcessPool::platformInitializeWebProcess): Ditto.

  • WebProcess/soup/WebProcessSoup.cpp:

(WebKit::WebProcess::platformInitializeWebProcess): Move the vector.

2:06 AM Changeset in webkit [228945] by Philippe Normand
  • 2 edits in trunk/Source/WebCore

[GStreamer] HTTP totalBytes query returns 0 after seeking (sometimes)
https://bugs.webkit.org/show_bug.cgi?id=183002

Reviewed by Xabier Rodriguez-Calvar.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webkit_web_src_init): Initialize member variables. Also no need
to set the appsrc size at that point.
(webKitWebSrcStop): There is no need to reset the size when
seeking. Size should in most cases represent the Content-Length
response attribute, even when seeking.
(webKitWebSrcStart): No need to reset the size attribute.
(webKitWebSrcQueryWithParent): Let appsrc handle DURATION queries.
(CachedResourceStreamingClient::responseReceived): Emit duration notification one time only.

1:57 AM Changeset in webkit [228944] by Philippe Normand
  • 3 edits in trunk/Source/WebCore

[GStreamer] media/video-src-blob-using-open-panel.html crashes in Debug
https://bugs.webkit.org/show_bug.cgi?id=183005

Reviewed by Xabier Rodriguez-Calvar.

Test: media/video-src-blob-using-open-panel.html

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::convertToInternalProtocol): Also convert blob URIs
because they're handled by our httpsrc element.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webKitWebSrcGetProtocols): Prefix blob URIs too, for consistency purpose.

Feb 22, 2018:

10:41 PM Changeset in webkit [228943] by Yusuke Suzuki
  • 4 edits
    2 adds in trunk

[FTL] Support HasIndexedProperty for ArrayStorage and SlowPutArrayStorage
https://bugs.webkit.org/show_bug.cgi?id=182792

Reviewed by Mark Lam.

JSTests:

  • stress/has-indexed-property-array-storage.js: Added.

(shouldBe):
(test1):
(test2):

  • stress/has-indexed-property-slow-put-array-storage.js: Added.

(shouldBe):
(test1):
(test2):

Source/JavaScriptCore:

This patch adds HasIndexedProperty for ArrayStorage and SlowPutArrayStorage in FTL.
HasIndexedProperty with ArrayStorage frequently causes FTL compilation failures
in web-tooling-benchmarks.

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileHasIndexedProperty):

8:18 PM Changeset in webkit [228942] by Yusuke Suzuki
  • 76 edits in trunk

Remove currentTime() / currentTimeMS()
https://bugs.webkit.org/show_bug.cgi?id=183052

Reviewed by Mark Lam.

Source/WebCore:

  • Modules/geolocation/Geolocation.cpp:

(WebCore::Geolocation::haveSuitableCachedPosition):

  • dom/DOMTimeStamp.h:

(WebCore::convertSecondsToDOMTimeStamp):

  • fileapi/File.cpp:

(WebCore::File::File):
(WebCore::File::lastModified const):

  • history/HistoryItem.cpp:

(WebCore::generateSequenceNumber):

  • html/BaseDateAndTimeInputType.cpp:

(WebCore::BaseDateAndTimeInputType::defaultValueForStepUp const):

  • html/DateTimeInputType.cpp:

(WebCore::DateTimeInputType::defaultValueForStepUp const):

  • html/MonthInputType.cpp:

(WebCore::MonthInputType::defaultValueForStepUp const):

  • html/TimeInputType.cpp:

(WebCore::TimeInputType::defaultValueForStepUp const):

  • inspector/agents/InspectorNetworkAgent.cpp:

(WebCore::InspectorNetworkAgent::willSendRequest):
(WebCore::InspectorNetworkAgent::willSendWebSocketHandshakeRequest):

  • loader/EmptyFrameLoaderClient.h:
  • loader/FormSubmission.cpp:

(WebCore::generateFormDataIdentifier):

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::clientRedirected):

  • loader/FrameLoader.h:
  • loader/FrameLoaderClient.h:
  • loader/NavigationScheduler.cpp:
  • page/History.cpp:

(WebCore::History::stateObjectAdded):

  • page/History.h:
  • page/PageOverlay.cpp:

(WebCore::PageOverlay::startFadeAnimation):
(WebCore::PageOverlay::fadeAnimationTimerFired):

  • page/PageOverlay.h:
  • platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::GraphicsContext::drawNativeImage):

  • platform/ios/LegacyTileLayerPool.h:
  • platform/ios/LegacyTileLayerPool.mm:

(WebCore::LegacyTileLayerPool::LegacyTileLayerPool):
(WebCore::LegacyTileLayerPool::addLayer):
(WebCore::LegacyTileLayerPool::decayedCapacity const):
(WebCore::LegacyTileLayerPool::prune):

  • platform/ios/SystemMemoryIOS.cpp:

(WebCore::systemMemoryLevel):

  • platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp:
  • platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:

Source/WebKit:

  • NetworkProcess/cache/CacheStorageEngineCache.cpp:
  • PluginProcess/WebProcessConnection.cpp:
  • Shared/WebProcessCreationParameters.h:
  • Shared/linux/WebMemorySamplerLinux.cpp:

(WebKit::WebMemorySampler::sampleWebKit const):

  • Shared/mac/WebMemorySampler.mac.mm:

(WebKit::WebMemorySampler::sampleWebKit const):

  • UIProcess/API/C/WKContext.cpp:

(WKContextSetPlugInAutoStartOriginsFilteringOutEntriesAddedAfterTime):

  • UIProcess/API/glib/IconDatabase.cpp:

(WebKit::IconDatabase::setIconDataForIconURL):
(WebKit::IconDatabase::synchronousLoadDecisionForIconURL):
(WebKit::IconDatabase::performURLImport):

  • UIProcess/DrawingAreaProxyImpl.cpp:
  • UIProcess/Plugins/PlugInAutoStartProvider.cpp:

(WebKit::expirationTimeFromNow):
(WebKit::PlugInAutoStartProvider::addAutoStartOriginHash):
(WebKit::PlugInAutoStartProvider::autoStartOriginsTableCopy const):
(WebKit::PlugInAutoStartProvider::setAutoStartOriginsTable):
(WebKit::PlugInAutoStartProvider::setAutoStartOriginsFilteringOutEntriesAddedAfterTime):
(WebKit::PlugInAutoStartProvider::setAutoStartOriginsTableWithItemsPassingTest):
(WebKit::PlugInAutoStartProvider::didReceiveUserInteraction):

  • UIProcess/Plugins/PlugInAutoStartProvider.h:
  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::processDidFinishLaunching):
(WebKit::WebProcessPool::startMemorySampler):
(WebKit::WebProcessPool::setPlugInAutoStartOriginsFilteringOutEntriesAddedAfterTime):

  • UIProcess/WebProcessPool.h:
  • WebProcess/InjectedBundle/API/APIInjectedBundlePageLoaderClient.h:

(API::InjectedBundle::PageLoaderClient::willPerformClientRedirectForFrame):

  • WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp:

(WebKit::InjectedBundlePageLoaderClient::willPerformClientRedirectForFrame):

  • WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h:
  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchWillPerformClientRedirect):

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
  • WebProcess/WebProcess.cpp:

(WebKit::m_webSQLiteDatabaseTracker):
(WebKit::WebProcess::isPlugInAutoStartOriginHash):
(WebKit::WebProcess::plugInDidStartFromOrigin):
(WebKit::WebProcess::didAddPlugInAutoStartOriginHash):
(WebKit::WebProcess::resetPlugInAutoStartOriginDefaultHashes):
(WebKit::WebProcess::resetPlugInAutoStartOriginHashes):
(WebKit::WebProcess::plugInDidReceiveUserInteraction):

  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in:
  • WebProcess/cocoa/WebProcessCocoa.mm:
  • WebProcess/wpe/WebProcessMainWPE.cpp:

Source/WebKitLegacy/mac:

  • WebCoreSupport/WebFrameLoaderClient.h:
  • WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::dispatchWillPerformClientRedirect):

Source/WebKitLegacy/win:

  • WebCoreSupport/WebFrameLoaderClient.cpp:

(WebFrameLoaderClient::dispatchWillPerformClientRedirect):

  • WebCoreSupport/WebFrameLoaderClient.h:
  • WebDownload.h:
  • WebDownloadCFNet.cpp:

(WebDownload::didStart):
(WebDownload::didReceiveData):
(WebDownload::didFinish):

Source/WTF:

This patch removes WTF::currentTime() and WTF::currentTimeMS().
We have fancy WallTime APIs. It has strong types like WallTime and Seconds,
and this reduces the chance of bugs mixing doubles which represent milliseconds
and seconds.

  • wtf/Condition.h:
  • wtf/CurrentTime.cpp:

(WTF::currentTime):
(WTF::WallTime::now):

  • wtf/CurrentTime.h:

(WTF::currentTimeMS): Deleted.

  • wtf/DateMath.h:

(WTF::jsCurrentTime):

  • wtf/ParkingLot.cpp:

(WTF::ParkingLot::parkConditionallyImpl):

  • wtf/ThreadingPrimitives.h:
  • wtf/ThreadingPthreads.cpp:

(WTF::ThreadCondition::timedWait):

  • wtf/ThreadingWin.cpp:

(WTF::ThreadCondition::timedWait):
(WTF::absoluteTimeToWaitTimeoutInterval):

  • wtf/WallTime.cpp:

(WTF::WallTime::now): Deleted.

  • wtf/WallTime.h:

Tools:

  • DumpRenderTree/TestRunner.cpp:

(preciseTimeCallback):

  • DumpRenderTree/mac/TestRunnerMac.mm:

(TestRunner::setMockGeolocationPosition):

  • TestWebKitAPI/Tests/WTF/Condition.cpp:
  • TestWebKitAPI/Tests/WTF/ThreadGroup.cpp:
  • TestWebKitAPI/Tests/WTF/WorkQueue.cpp:
  • WebKitTestRunner/GeolocationProviderMock.cpp:

(WTR::GeolocationProviderMock::setPosition):

  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::preciseTime):

5:20 PM Changeset in webkit [228941] by jmarcell@apple.com
  • 7 edits in branches/safari-605-branch/Source

Versioning.

4:17 PM Changeset in webkit [228940] by pvollan@apple.com
  • 3 edits in trunk/Source/WebCore

The WebContent process should not use NSScreen in the screenDepth implementation.
https://bugs.webkit.org/show_bug.cgi?id=183048

Reviewed by Brent Fulgham.

NSScreen method calls should be done in the UIProcess, since these calls will communicate with
the WindowServer. The screen depth property can be retrieved in the UIProcess, and sent to the
WebContent process, where it is cached. Whenever screen properties change, the UIProcess will
send the new screen properties to the WebProcess.

No new tests, covered by existing tests.

  • platform/ScreenProperties.h:

(WebCore::ScreenProperties::encode const):
(WebCore::ScreenProperties::decode):

  • platform/mac/PlatformScreenMac.mm:

(WebCore::getScreenProperties):
(WebCore::screenDepth):
(WebCore::screenDepthPerComponent):
(WebCore::screenRect):
(WebCore::screenAvailableRect):

4:10 PM Changeset in webkit [228939] by jmarcell@apple.com
  • 1 copy in tags/Safari-605.1.30

Tag Safari-605.1.30.

3:35 PM WebKitGTK/StableRelease edited by Adrian Perez de Castro
(diff)
3:19 PM Changeset in webkit [228938] by Alan Bujtas
  • 36 edits in trunk/Source/WebCore

[RenderTreeBuilder] Rename insertChild() -> attach(), takeChild() -> detach() and removeAndDestroy() -> destroy()
https://bugs.webkit.org/show_bug.cgi?id=183061
<rdar://problem/37800269>

Reviewed by Ryosuke Niwa.

...and moveChildTo() -> move() (moveChildrenTo() -> moveChildren()),
removeFromParentAndDestroyCleaningUpAnonymousWrappers() -> destroyAndCleanUpAnonymousWrappers()

No change in functionality.

  • dom/Document.cpp:

(WebCore::Document::destroyRenderTree):
(WebCore::Document::setFullScreenRenderer):

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::styleDidChange):

  • rendering/RenderButton.cpp:

(WebCore::RenderButton::setText):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::didAttachChild):
(WebCore::RenderElement::didInsertChild): Deleted.

  • rendering/RenderElement.h:
  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreen::wrapNewRenderer):
(WebCore::RenderFullScreen::wrapExistingRenderer):
(WebCore::RenderFullScreen::unwrapRenderer):
(WebCore::RenderFullScreen::createPlaceholder):

  • rendering/RenderMenuList.cpp:

(RenderMenuList::didAttachChild):
(RenderMenuList::setText):
(RenderMenuList::didInsertChild): Deleted.

  • rendering/RenderMenuList.h:
  • rendering/RenderQuote.cpp:

(WebCore::RenderQuote::updateTextRenderer):

  • rendering/RenderTextFragment.cpp:

(WebCore::RenderTextFragment::setText):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::destroy):
(WebCore::RenderTreeBuilder::attach):
(WebCore::RenderTreeBuilder::attachIgnoringContinuation):
(WebCore::RenderTreeBuilder::detach):
(WebCore::RenderTreeBuilder::attachToRenderElement):
(WebCore::RenderTreeBuilder::attachToRenderElementInternal):
(WebCore::RenderTreeBuilder::move):
(WebCore::RenderTreeBuilder::moveAllChildren):
(WebCore::RenderTreeBuilder::moveChildren):
(WebCore::RenderTreeBuilder::moveAllChildrenIncludingFloats):
(WebCore::RenderTreeBuilder::makeChildrenNonInline):
(WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
(WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):
(WebCore::RenderTreeBuilder::destroyAndCleanUpAnonymousWrappers):
(WebCore::RenderTreeBuilder::detachFromRenderGrid):
(WebCore::RenderTreeBuilder::detachFromRenderElement):
(WebCore::RenderTreeBuilder::attachToRenderGrid):
(WebCore::RenderTreeBuilder::removeAndDestroy): Deleted.
(WebCore::RenderTreeBuilder::insertChild): Deleted.
(WebCore::RenderTreeBuilder::insertChildIgnoringContinuation): Deleted.
(WebCore::RenderTreeBuilder::takeChild): Deleted.
(WebCore::RenderTreeBuilder::insertChildToRenderElement): Deleted.
(WebCore::RenderTreeBuilder::insertChildToRenderElementInternal): Deleted.
(WebCore::RenderTreeBuilder::moveChildTo): Deleted.
(WebCore::RenderTreeBuilder::moveAllChildrenTo): Deleted.
(WebCore::RenderTreeBuilder::moveChildrenTo): Deleted.
(WebCore::RenderTreeBuilder::moveAllChildrenIncludingFloatsTo): Deleted.
(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers): Deleted.
(WebCore::RenderTreeBuilder::takeChildFromRenderGrid): Deleted.
(WebCore::RenderTreeBuilder::takeChildFromRenderElement): Deleted.
(WebCore::RenderTreeBuilder::insertChildToRenderGrid): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::attach):
(WebCore::RenderTreeBuilder::Block::insertChildToContinuation):
(WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):
(WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):
(WebCore::RenderTreeBuilder::Block::detach):
(WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):
(WebCore::RenderTreeBuilder::Block::insertChild): Deleted.
(WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation): Deleted.
(WebCore::RenderTreeBuilder::Block::takeChild): Deleted.

  • rendering/updating/RenderTreeBuilderBlock.h:
  • rendering/updating/RenderTreeBuilderBlockFlow.cpp:

(WebCore::RenderTreeBuilder::BlockFlow::attach):
(WebCore::RenderTreeBuilder::BlockFlow::moveAllChildrenIncludingFloats):
(WebCore::RenderTreeBuilder::BlockFlow::insertChild): Deleted.
(WebCore::RenderTreeBuilder::BlockFlow::moveAllChildrenIncludingFloatsTo): Deleted.

  • rendering/updating/RenderTreeBuilderBlockFlow.h:
  • rendering/updating/RenderTreeBuilderContinuation.cpp:

(WebCore::RenderTreeBuilder::Continuation::cleanupOnDestroy):

  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::cleanupOnDestroy):
(WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

  • rendering/updating/RenderTreeBuilderFormControls.cpp:

(WebCore::RenderTreeBuilder::FormControls::attach):
(WebCore::RenderTreeBuilder::FormControls::detach):
(WebCore::RenderTreeBuilder::FormControls::findOrCreateParentForChild):
(WebCore::RenderTreeBuilder::FormControls::insertChild): Deleted.
(WebCore::RenderTreeBuilder::FormControls::takeChild): Deleted.

  • rendering/updating/RenderTreeBuilderFormControls.h:
  • rendering/updating/RenderTreeBuilderFullScreen.cpp:

(WebCore::RenderTreeBuilder::FullScreen::cleanupOnDestroy):

  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::RenderTreeBuilder::Inline::attach):
(WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
(WebCore::RenderTreeBuilder::Inline::attachIgnoringContinuation):
(WebCore::RenderTreeBuilder::Inline::splitFlow):
(WebCore::RenderTreeBuilder::Inline::splitInlines):
(WebCore::RenderTreeBuilder::Inline::childBecameNonInline):
(WebCore::RenderTreeBuilder::Inline::insertChild): Deleted.
(WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation): Deleted.

  • rendering/updating/RenderTreeBuilderInline.h:
  • rendering/updating/RenderTreeBuilderList.cpp:

(WebCore::RenderTreeBuilder::List::updateItemMarker):

  • rendering/updating/RenderTreeBuilderMathML.cpp:

(WebCore::RenderTreeBuilder::MathML::makeFences):
(WebCore::RenderTreeBuilder::MathML::attach):
(WebCore::RenderTreeBuilder::MathML::insertChild): Deleted.

  • rendering/updating/RenderTreeBuilderMathML.h:
  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):
(WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
(WebCore::RenderTreeBuilder::Ruby::attach):
(WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):
(WebCore::RenderTreeBuilder::Ruby::rubyBaseSafe):
(WebCore::RenderTreeBuilder::Ruby::detach):
(WebCore::RenderTreeBuilder::Ruby::insertChild): Deleted.
(WebCore::RenderTreeBuilder::Ruby::takeChild): Deleted.

  • rendering/updating/RenderTreeBuilderRuby.h:
  • rendering/updating/RenderTreeBuilderSVG.cpp:

(WebCore::RenderTreeBuilder::SVG::attach):
(WebCore::RenderTreeBuilder::SVG::detach):
(WebCore::RenderTreeBuilder::SVG::insertChild): Deleted.
(WebCore::RenderTreeBuilder::SVG::takeChild): Deleted.

  • rendering/updating/RenderTreeBuilderSVG.h:
  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::findOrCreateParentForChild):
(WebCore::RenderTreeBuilder::Table::attach):
(WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):
(WebCore::RenderTreeBuilder::Table::insertChild): Deleted.

  • rendering/updating/RenderTreeBuilderTable.h:
  • rendering/updating/RenderTreeUpdater.cpp:

(WebCore::RenderTreeUpdater::createRenderer):
(WebCore::RenderTreeUpdater::createTextRenderer):
(WebCore::RenderTreeUpdater::tearDownRenderers):
(WebCore::RenderTreeUpdater::tearDownTextRenderer):
(WebCore::RenderTreeUpdater::tearDownLeftoverPaginationRenderersIfNeeded):

  • rendering/updating/RenderTreeUpdaterGeneratedContent.cpp:

(WebCore::createContentRenderers):

2:58 PM Changeset in webkit [228937] by Matt Baker
  • 2 edits in trunk/Source/WebKit

Web Inspector: REGRESSION (r228349): ImageBitmap builtin is now runtime guarded
https://bugs.webkit.org/show_bug.cgi?id=183056
<rdar://problem/37799067>

Reviewed by Joseph Pecoraro.

  • WebProcess/WebPage/WebInspectorUI.cpp:

(WebKit::WebInspectorUI::WebInspectorUI):

2:53 PM Changeset in webkit [228936] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

Caches::initialize should call all pending initialization callbacks in case of error
https://bugs.webkit.org/show_bug.cgi?id=183062

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-22
Reviewed by Chris Dumez.

  • NetworkProcess/cache/CacheStorageEngineCaches.cpp:

(WebKit::CacheStorage::Caches::initialize):
(WebKit::CacheStorage::Caches::initializeSize):

2:50 PM Changeset in webkit [228935] by commit-queue@webkit.org
  • 6 edits in trunk

CacheStorage::Engine::Caches::writeRecord is not always calling the completion handler
https://bugs.webkit.org/show_bug.cgi?id=183055

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-22
Reviewed by Chris Dumez.

Source/WebKit:

Add a completion handler to Storage::store.
Use it instead in Caches::writeRecord.
This ensures that the Cache add/put promise will be called once all write operations have been done.

  • NetworkProcess/cache/CacheStorageEngineCaches.cpp:

(WebKit::CacheStorage::Caches::writeRecord):

  • NetworkProcess/cache/NetworkCacheStorage.cpp:

(WebKit::NetworkCache::Storage::WriteOperation::WriteOperation):
(WebKit::NetworkCache::Storage::finishWriteOperation):
(WebKit::NetworkCache::Storage::store):

  • NetworkProcess/cache/NetworkCacheStorage.h:

(WebKit::NetworkCache::Storage::store):

LayoutTests:

  • http/tests/cache-storage/resources/cache-persistency-iframe.html:
2:36 PM Changeset in webkit [228934] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

ResourceRequestBase::isolatedCopy() fails to isolate copy the cachePartition
https://bugs.webkit.org/show_bug.cgi?id=183059
<rdar://problem/37800202>

Reviewed by Youenn Fablet.

Update ResourceRequestBase::setAsIsolatedCopy() to call isolatedCopy() on the cachePartition as well,
given that it is a String and it would not be safe to send it to another thread otherwise.

  • platform/network/ResourceRequestBase.cpp:

(WebCore::ResourceRequestBase::setAsIsolatedCopy):

2:09 PM WebKitGTK/Debugging edited by cturner@igalia.com
It's not CPPFLAGS, it's CXXFLAGS (diff)
2:05 PM Changeset in webkit [228933] by rniwa@webkit.org
  • 5 edits in trunk/Source/WebKit

Add an entitlement check for service worker on iOS
https://bugs.webkit.org/show_bug.cgi?id=182865

Reviewed by Dan Bernstein.

Addressed Dan's comment by using xpc_connection_copy_entitlement_value instead of obtaining the audit token first.

  • Shared/mac/SandboxUtilities.h:
  • Shared/mac/SandboxUtilities.mm:

(WebKit::connectedProcessHasEntitlement):

  • StorageProcess/ios/StorageProcessIOS.mm:

(WebKit::StorageProcess::parentProcessHasServiceWorkerEntitlement const):

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::parentProcessHasServiceWorkerEntitlement const):

1:53 PM Changeset in webkit [228932] by mark.lam@apple.com
  • 10 edits in trunk/Source/JavaScriptCore

Refactor MacroAssembler code to improve reuse and extensibility.
https://bugs.webkit.org/show_bug.cgi?id=183054
<rdar://problem/37797337>

Reviewed by Saam Barati.

  • assembler/ARM64Assembler.h:
  • assembler/MacroAssembler.cpp:
  • assembler/MacroAssembler.h:
  • assembler/MacroAssemblerARM.h:
  • assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::canCompact):
(JSC::MacroAssemblerARM64::computeJumpType):
(JSC::MacroAssemblerARM64::jumpSizeDelta):
(JSC::MacroAssemblerARM64::link):
(JSC::MacroAssemblerARM64::load64):
(JSC::MacroAssemblerARM64::load64WithAddressOffsetPatch):
(JSC::MacroAssemblerARM64::load32):
(JSC::MacroAssemblerARM64::load32WithAddressOffsetPatch):
(JSC::MacroAssemblerARM64::load16):
(JSC::MacroAssemblerARM64::load16SignedExtendTo32):
(JSC::MacroAssemblerARM64::load8):
(JSC::MacroAssemblerARM64::load8SignedExtendTo32):
(JSC::MacroAssemblerARM64::store64):
(JSC::MacroAssemblerARM64::store64WithAddressOffsetPatch):
(JSC::MacroAssemblerARM64::store32):
(JSC::MacroAssemblerARM64::store32WithAddressOffsetPatch):
(JSC::MacroAssemblerARM64::store16):
(JSC::MacroAssemblerARM64::store8):
(JSC::MacroAssemblerARM64::getEffectiveAddress):
(JSC::MacroAssemblerARM64::branchDoubleNonZero):
(JSC::MacroAssemblerARM64::branchDoubleZeroOrNaN):
(JSC::MacroAssemblerARM64::branchTruncateDoubleToInt32):
(JSC::MacroAssemblerARM64::loadDouble):
(JSC::MacroAssemblerARM64::loadFloat):
(JSC::MacroAssemblerARM64::moveConditionallyAfterFloatingPointCompare):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyAfterFloatingPointCompare):
(JSC::MacroAssemblerARM64::storeDouble):
(JSC::MacroAssemblerARM64::storeFloat):
(JSC::MacroAssemblerARM64::call):
(JSC::MacroAssemblerARM64::jump):
(JSC::MacroAssemblerARM64::tailRecursiveCall):
(JSC::MacroAssemblerARM64::setCarry):
(JSC::MacroAssemblerARM64::reemitInitialMoveWithPatch):
(JSC::MacroAssemblerARM64::isBreakpoint):
(JSC::MacroAssemblerARM64::invert):
(JSC::MacroAssemblerARM64::readCallTarget):
(JSC::MacroAssemblerARM64::replaceWithVMHalt):
(JSC::MacroAssemblerARM64::replaceWithJump):
(JSC::MacroAssemblerARM64::maxJumpReplacementSize):
(JSC::MacroAssemblerARM64::patchableJumpSize):
(JSC::MacroAssemblerARM64::repatchCall):
(JSC::MacroAssemblerARM64::makeBranch):
(JSC::MacroAssemblerARM64::makeCompareAndBranch):
(JSC::MacroAssemblerARM64::makeTestBitAndBranch):
(JSC::MacroAssemblerARM64::ARM64Condition):
(JSC::MacroAssemblerARM64::moveWithFixedWidth):
(JSC::MacroAssemblerARM64::load):
(JSC::MacroAssemblerARM64::store):
(JSC::MacroAssemblerARM64::tryLoadWithOffset):
(JSC::MacroAssemblerARM64::tryLoadSignedWithOffset):
(JSC::MacroAssemblerARM64::tryStoreWithOffset):
(JSC::MacroAssemblerARM64::jumpAfterFloatingPointCompare):
(JSC::MacroAssemblerARM64::linkCall):

  • assembler/MacroAssemblerARMv7.h:
  • assembler/MacroAssemblerMIPS.h:
  • assembler/MacroAssemblerX86Common.h:
  • assembler/ProbeStack.h:
  • Removed a forward declaration of an obsolete class.
1:40 PM Changeset in webkit [228931] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

ServiceWorkerContainer::startScriptFetchForJob() fails to isolate copy the registrationKey before passing it to the main thread
https://bugs.webkit.org/show_bug.cgi?id=183050
<rdar://problem/37796881>

Reviewed by Youenn Fablet.

Create an isolated copy of the registrationKey before passing it to the main thread in ServiceWorkerContainer's
startScriptFetchForJob() / jobFinishedLoadingScript() / jobFailedLoadingScript().

  • workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::startScriptFetchForJob):
(WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
(WebCore::ServiceWorkerContainer::jobFailedLoadingScript):

12:42 PM Changeset in webkit [228930] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

Fetch event release assert should take into account the fetch mode
https://bugs.webkit.org/show_bug.cgi?id=183047

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-22
Reviewed by Chris Dumez.

In case of navigation tasks, we should use the request URL and not the origin of the loading client.

  • WebProcess/Storage/WebSWContextManagerConnection.cpp:

(WebKit::isValidFetch):
(WebKit::WebSWContextManagerConnection::startFetch):

11:50 AM Changeset in webkit [228929] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit

[WinCairo] Fix compile errors in WebPageWin.cpp and WebProcessWin.cpp due to WebCore forwarding header paths
https://bugs.webkit.org/show_bug.cgi?id=182969

Patch by Yousuke Kimoto <yousuke.kimoto@sony.com> on 2018-02-22
Reviewed by Konstantin Tokarev.

  • WebProcess/WebPage/win/WebPageWin.cpp:
  • WebProcess/win/WebProcessWin.cpp:
11:46 AM Changeset in webkit [228928] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

ServiceWorkerContainer::scheduleJob() fails to isolate copy the jobData before passing it to the main thread
https://bugs.webkit.org/show_bug.cgi?id=183046
<rdar://problem/37793395>

Reviewed by Youenn Fablet.

Make sure we isolate copy the jobData before passing it to the main thread in ServiceWorkerContainer::scheduleJob().
The jobData contains Strings / URLs so it is not safe to have non-isolated copies of it on various threads.

  • workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::scheduleJob):

11:41 AM Changeset in webkit [228927] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

[Curl] Fix warning on clang.
https://bugs.webkit.org/show_bug.cgi?id=182986

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-02-22
Reviewed by Konstantin Tokarev.

No new tests because there's no behaviro changes.

  • platform/network/curl/CurlResourceHandleDelegate.cpp:

(WebCore::CurlResourceHandleDelegate::curlDidSendData):
(WebCore::CurlResourceHandleDelegate::curlDidReceiveBuffer):
(WebCore::CurlResourceHandleDelegate::curlDidFailWithError):

  • platform/network/curl/CurlResourceHandleDelegate.h:
10:54 AM Changeset in webkit [228926] by Yusuke Suzuki
  • 26 edits in trunk

Remove sleep(double) and sleepMS(double) interfaces
https://bugs.webkit.org/show_bug.cgi?id=183038

Reviewed by Mark Lam.

Source/JavaScriptCore:

  • bytecode/SuperSampler.cpp:

(JSC::initializeSuperSampler):

Source/WebKit:

  • PluginProcess/WebProcessConnection.cpp:

(WebKit::WebProcessConnection::createPluginAsynchronously):

  • UIProcess/linux/MemoryPressureMonitor.cpp:

(WebKit::pollIntervalForUsedMemoryPercentage):
(WebKit::MemoryPressureMonitor::MemoryPressureMonitor):

  • WebProcess/wpe/WebProcessMainWPE.cpp:

Source/WTF:

This patch removes sleep(double) and sleepMS(double) interfaces.
We can just use sleep(Seconds) instead.

  • benchmarks/LockFairnessTest.cpp:
  • benchmarks/LockSpeedTest.cpp:
  • wtf/CurrentTime.cpp:

(WTF::sleep):

  • wtf/CurrentTime.h:

(WTF::sleepMS): Deleted.

  • wtf/DebugUtilities.h:
  • wtf/Seconds.cpp:

(WTF::sleep): Deleted.

  • wtf/Seconds.h:
  • wtf/StackShotProfiler.h:

Tools:

  • DumpRenderTree/TestNetscapePlugIn/PluginTest.cpp:

(PluginTest::indicateTestFailure):

  • DumpRenderTree/TestNetscapePlugIn/Tests/EvaluateJSWithinNPP_New.cpp:

(EvaluteJSWithinNPP_New::NPP_New):

  • DumpRenderTree/TestNetscapePlugIn/Tests/InvokeDestroysPluginWithinNPP_New.cpp:

(InvokeDestroysPluginWithinNPP_New::NPP_New):

  • DumpRenderTree/TestNetscapePlugIn/Tests/SlowNPPNew.cpp:
  • TestWebKitAPI/Tests/WTF/Signals.cpp:

(TEST):

  • TestWebKitAPI/Tests/WTF/ThreadGroup.cpp:

(TestWebKitAPI::testThreadGroup):

  • TestWebKitAPI/Tests/WTF/WorkQueue.cpp:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WebKitCocoa/PictureInPictureDelegate.mm:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/ios/DataInteractionTests.mm:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/jsconly/PlatformUtilitiesJSCOnly.cpp:

(TestWebKitAPI::Util::sleep):

10:51 AM Changeset in webkit [228925] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

Add release logging for CacheStorage::Engine disk related functions
https://bugs.webkit.org/show_bug.cgi?id=183042

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-22
Reviewed by Chris Dumez.

  • NetworkProcess/cache/CacheStorageEngine.cpp:

(WebKit::CacheStorage::Engine::writeFile):
(WebKit::CacheStorage::Engine::readFile):

10:48 AM Changeset in webkit [228924] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

WorkerCacheStorageConnection::doRemove can assert in case two frames try to delete the same cache at the same time
https://bugs.webkit.org/show_bug.cgi?id=183041

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-22
Reviewed by Chris Dumez.

  • Modules/cache/WorkerCacheStorageConnection.cpp:

(WebCore::WorkerCacheStorageConnection::doRemove): Update the assertion to accept the
case of an already deleted cache, i.e. returned identifer is 0.

10:32 AM Changeset in webkit [228923] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

Remove some code leftovers in LibWebRTCMediaEndpoint and RealtimeOutgoingVideoSource classes
https://bugs.webkit.org/show_bug.cgi?id=183031

Patch by Alejandro G. Castro <alex@igalia.com> on 2018-02-22
Reviewed by Youenn Fablet.

This include and namespace are not required in the file.

Just removing unused code, no tests required.

  • Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
10:29 AM Changeset in webkit [228922] by Chris Dumez
  • 4 edits
    2 adds in trunk

Document.open() cancels existing provisional load but not navigation policy check
https://bugs.webkit.org/show_bug.cgi?id=183012
<rdar://problem/37755831>

Reviewed by Alex Christensen.

Source/WebCore:

Test: fast/dom/Document/open-with-pending-load-async-policy.html

  • dom/Document.cpp:

(WebCore::Document::open):
The existing code was calling FrameLoader::stopAllLoaders() when the loader's state
is FrameStateProvisional. The issue is that the FrameLoader's state only gets set
to FrameStateProvisional after the policy decision for the navigation is made.
This means that we fail to cancel a pending load if is still in the policy decision
stage, which can happen when the policy decision is made asynchronously. We now
also cancel such pending navigation policy checks as well.

  • loader/PolicyChecker.cpp:

(WebCore::PolicyChecker::checkNavigationPolicy):
Make sure the m_delegateIsDecidingNavigationPolicy flag gets reset inside the
lambda. Otherwise, it gets reset too early when the policy decision is made
asynchronously.

LayoutTests:

Add layout test coverage.

  • fast/dom/Document/open-with-pending-load-async-policy-expected.txt: Added.
  • fast/dom/Document/open-with-pending-load-async-policy.html: Added.
10:22 AM Changeset in webkit [228921] by Matt Lewis
  • 3 edits in trunk/LayoutTests

Updated expectations for http/tests/appcache/404-resource-with-slow-main-resource.php.
https://bugs.webkit.org/show_bug.cgi?id=153503

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
  • platform/mac/TestExpectations:
10:01 AM Changeset in webkit [228920] by Matt Lewis
  • 4 edits in trunk/Source/WebKit

Unreviewed, rolling out r228902.

This broke internal builds.

Reverted changeset:

"[Cocoa] Web Automation: provide a way to ask clients the type
of a JavaScript dialog"
https://bugs.webkit.org/show_bug.cgi?id=182660
https://trac.webkit.org/changeset/228902

8:55 AM Changeset in webkit [228919] by Chris Dumez
  • 6 edits in trunk/Source

Add release asserts for service worker fetch and postMessage events
https://bugs.webkit.org/show_bug.cgi?id=183025
rdar://problem/37765052

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-22
Reviewed by Daniel Bates.

Source/WebCore:

Add release assertion so that a service worker will only dispatch a message event
for clients and service workers with the same origin.
No change of behavior.

  • platform/network/ResourceRequestBase.h:
  • workers/service/context/ServiceWorkerThread.cpp:

(WebCore::ServiceWorkerThread::postMessageToServiceWorker):

  • workers/service/context/ServiceWorkerThreadProxy.h:

Source/WebKit:

Add assertion to protect interception of a fetch load by a service worker with
a different origin from the page.

  • WebProcess/Storage/WebSWContextManagerConnection.cpp:

(WebKit::WebSWContextManagerConnection::startFetch):

8:43 AM Changeset in webkit [228918] by pvollan@apple.com
  • 2 edits in trunk/LayoutTests

Mark http/tests/preload/onerror_event.html as a flaky crash on Windows.
https://bugs.webkit.org/show_bug.cgi?id=179297

Unreviewed test gardening.

  • platform/win/TestExpectations:
7:33 AM Changeset in webkit [228917] by magomez@igalia.com
  • 2 edits in trunk/Source/WebCore

including both gl3.h and gl2.h when USE_OPENGL_ES is enabled
https://bugs.webkit.org/show_bug.cgi?id=183008

Reviewed by Michael Catanzaro.

Don't include GLES3 headers as we stick to GLES2 API resources.

No new tests, no behavior change.

  • platform/graphics/GLContext.cpp:
7:02 AM WebKitGTK/Gardening/Calendar edited by magomez@igalia.com
(diff)
6:57 AM Changeset in webkit [228916] by magomez@igalia.com
  • 2 edits in trunk/LayoutTests

Unreviewed GTK+ gardening after r228915.

  • platform/gtk/TestExpectations:
2:47 AM WebKitGtkLayoutTests edited by cturner@igalia.com
--verbose is not a valid option anymore (diff)
1:31 AM Changeset in webkit [228915] by Ms2ger@igalia.com
  • 9 edits in trunk/Source

[GTK][WPE] Fix some build errors in service workers code
https://bugs.webkit.org/show_bug.cgi?id=182966

Reviewed by Žan Doberšek.

Source/WebCore:

No new tests: no change in behavior.

  • workers/service/ServiceWorkerProvider.h: add missing forward declaration.

Source/WebKit:

  • CMakeLists.txt: add missing files.
  • StorageProcess/ServiceWorker/WebSWServerConnection.cpp: add missing includes.
  • UIProcess/ServiceWorkerProcessProxy.cpp: use #include rather than #import in C++; add missing ifdef.
  • UIProcess/ServiceWorkerProcessProxy.h: add missing ifdef.
  • WebProcess/Storage/WebSWClientConnection.cpp: add missing includes.
  • WebProcess/Storage/WebSWContextManagerConnection.cpp: add missing includes.

(WebKit::WebSWContextManagerConnection::WebSWContextManagerConnection):

call the function that exists outside cocoa.

Feb 21, 2018:

10:17 PM Changeset in webkit [228914] by Alan Bujtas
  • 4 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderObject::insertedInto() mutation logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=183022
<rdar://problem/37764326>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::insertedIntoTree):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChildToRenderElementInternal):
(WebCore::RenderTreeBuilder::moveChildrenTo):
(WebCore::RenderTreeBuilder::multiColumnDescendantInserted): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
8:58 PM Changeset in webkit [228913] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228895. rdar://problem/37767705

7:49 PM Changeset in webkit [228912] by timothy_horton@apple.com
  • 5 edits
    2 deletes in trunk/Source/WebCore

Include all Cocoa sources in all Cocoa platform builds
https://bugs.webkit.org/show_bug.cgi?id=183026
<rdar://problem/37513101>

Reviewed by Dan Bernstein.

Similar to r228571, don't have separate Sources files for iOS and Mac.
All sources now have #ifdefs that ensure that only the right ones
build on the right platforms. This makes it much easier to reason
about what builds where by just looking at the sources.

  • SourcesCocoa.txt:
  • SourcesIOS.txt: Removed.
  • SourcesMac.txt: Removed.
  • WebCore.xcodeproj/project.pbxproj:
  • editing/WebContentReader.h:
  • platform/mediastream/mac/ScreenDisplayCaptureSourceMac.h:
4:37 PM Changeset in webkit [228911] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228903. rdar://problem/37765339

4:37 PM Changeset in webkit [228910] by jmarcell@apple.com
  • 11 edits
    1 add in branches/safari-605-branch

Cherry-pick r228860. rdar://problem/37751729

4:28 PM Changeset in webkit [228909] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebCore

Make SubstituteResource take a ResourceResponse r-value
https://bugs.webkit.org/show_bug.cgi?id=183020

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-21
Reviewed by Alex Christensen.

No change of behavior.
Make SubstituteResource take a ResourceResponse r-value.
Update ArchiveResource accordingly.
Take benefit of that in ApplicationCacheResource to set the response source to ApplicationCache
before passing it to SubstituteResource constructor.

  • loader/SubstituteResource.h:

(WebCore::SubstituteResource::SubstituteResource):
(WebCore::SubstituteResource::resourceResponse): Deleted.

  • loader/appcache/ApplicationCacheResource.cpp:

(WebCore::ApplicationCacheResource::create):
(WebCore::ApplicationCacheResource::ApplicationCacheResource):

  • loader/appcache/ApplicationCacheResource.h:

(WebCore::ApplicationCacheResource::create): Deleted.

  • loader/archive/ArchiveResource.cpp:

(WebCore::ArchiveResource::ArchiveResource):

4:20 PM Changeset in webkit [228908] by Alan Bujtas
  • 59 edits in trunk/Source/WebCore

[RenderTreeBuilder] ::willBeRemoved() does not need RenderTreeBuilder anymore.
https://bugs.webkit.org/show_bug.cgi?id=183019
<rdar://problem/37761421>

Reviewed by Antti Koivisto.

All the willBeDestroyed() mutations have been moved over to RenderTreeBuilder.

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::willBeDestroyed):

  • rendering/RenderBlock.h:
  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::willBeDestroyed):

  • rendering/RenderBlockFlow.h:
  • rendering/RenderBox.cpp:

(WebCore::RenderBox::willBeDestroyed):

  • rendering/RenderBox.h:
  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::willBeDestroyed):

  • rendering/RenderBoxModelObject.h:
  • rendering/RenderCounter.cpp:

(WebCore::RenderCounter::willBeDestroyed):

  • rendering/RenderCounter.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::willBeDestroyed):

  • rendering/RenderElement.h:
  • rendering/RenderEmbeddedObject.cpp:

(WebCore::RenderEmbeddedObject::willBeDestroyed):

  • rendering/RenderEmbeddedObject.h:
  • rendering/RenderFragmentedFlow.cpp:

(WebCore::RenderFragmentedFlow::willBeDestroyed):

  • rendering/RenderFragmentedFlow.h:
  • rendering/RenderImage.cpp:

(WebCore::RenderImage::willBeDestroyed):

  • rendering/RenderImage.h:
  • rendering/RenderInline.cpp:

(WebCore::RenderInline::willBeDestroyed):

  • rendering/RenderInline.h:
  • rendering/RenderLayerModelObject.cpp:

(WebCore::RenderLayerModelObject::willBeDestroyed):

  • rendering/RenderLayerModelObject.h:
  • rendering/RenderListBox.cpp:

(WebCore::RenderListBox::willBeDestroyed):

  • rendering/RenderListBox.h:
  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::willBeDestroyed):

  • rendering/RenderListMarker.h:
  • rendering/RenderMenuList.cpp:

(WebCore::RenderMenuList::willBeDestroyed):

  • rendering/RenderMenuList.h:
  • rendering/RenderObject.cpp:

(WebCore::RenderObject::willBeDestroyed):
(WebCore::RenderObject::destroy):

  • rendering/RenderObject.h:
  • rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::willBeDestroyed):

  • rendering/RenderReplaced.h:
  • rendering/RenderSearchField.cpp:

(WebCore::RenderSearchField::willBeDestroyed):

  • rendering/RenderSearchField.h:
  • rendering/RenderSnapshottedPlugIn.cpp:

(WebCore::RenderSnapshottedPlugIn::willBeDestroyed):

  • rendering/RenderSnapshottedPlugIn.h:
  • rendering/RenderText.cpp:

(WebCore::RenderText::willBeDestroyed):

  • rendering/RenderText.h:
  • rendering/RenderTextControlMultiLine.cpp:

(WebCore::RenderTextControlMultiLine::willBeDestroyed):

  • rendering/RenderTextControlMultiLine.h:
  • rendering/RenderVideo.cpp:

(WebCore::RenderVideo::willBeDestroyed):

  • rendering/RenderVideo.h:
  • rendering/RenderWidget.cpp:

(WebCore::RenderWidget::willBeDestroyed):

  • rendering/RenderWidget.h:
  • rendering/svg/RenderSVGBlock.cpp:

(WebCore::RenderSVGBlock::willBeDestroyed):

  • rendering/svg/RenderSVGBlock.h:
  • rendering/svg/RenderSVGImage.cpp:

(WebCore::RenderSVGImage::willBeDestroyed):

  • rendering/svg/RenderSVGImage.h:
  • rendering/svg/RenderSVGInline.cpp:

(WebCore::RenderSVGInline::willBeDestroyed):

  • rendering/svg/RenderSVGInline.h:
  • rendering/svg/RenderSVGModelObject.cpp:

(WebCore::RenderSVGModelObject::willBeDestroyed):

  • rendering/svg/RenderSVGModelObject.h:
  • rendering/svg/RenderSVGResourceContainer.cpp:

(WebCore::RenderSVGResourceContainer::willBeDestroyed):

  • rendering/svg/RenderSVGResourceContainer.h:
  • rendering/svg/RenderSVGRoot.cpp:

(WebCore::RenderSVGRoot::willBeDestroyed):

  • rendering/svg/RenderSVGRoot.h:
  • rendering/svg/RenderSVGText.cpp:

(WebCore::RenderSVGText::willBeDestroyed):

  • rendering/svg/RenderSVGText.h:
4:19 PM Changeset in webkit [228907] by pvollan@apple.com
  • 9 edits
    1 add in trunk/Source

The WebContent process should not use NSScreen in the screenAvailableRect/screenRect implementations.
https://bugs.webkit.org/show_bug.cgi?id=182855

Reviewed by Brent Fulgham.

On macOS, the functions screenAvailableRect and screenRect is implemented using NSScreen, which is communicating
with the WindowServer. To avoid this WindowServer communication from the WebContent process when calling
screenAvailableRect and screenRect, it is possible to let the UIProcess send a message to the WebContent
process whenever there is a change in the display properties, and have the WebContent process cache these
display properties. This message should also be sent to a newly started WebContent process.

Source/WebCore:

No new tests, covered by existing tests.

  • WebCore.xcodeproj/project.pbxproj:
  • platform/PlatformScreen.h:
  • platform/mac/PlatformScreenMac.mm:

(WebCore::getScreenProperties):
(WebCore::screenProperties):
(WebCore::setScreenProperties):
(WebCore::screenRect):
(WebCore::screenAvailableRect):

  • platform/ScreenProperties.h: Added.

(WebCore::ScreenProperties::encode const):
(WebCore::ScreenProperties::decode):

Source/WebKit:

  • UIProcess/WebProcessPool.cpp:

(WebKit::displayReconfigurationCallBack):
(WebKit::registerDisplayConfigurationCallback):
(WebKit::WebProcessPool::initializeNewWebProcess):
(WebKit::WebProcessPool::warmInitialProcess):

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::setScreenProperties):

  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in:
4:17 PM Changeset in webkit [228906] by wilander@apple.com
  • 2 edits in trunk/LayoutTests

Add delay to make cookie purge catch up when running http/tests/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-deletion.html
https://bugs.webkit.org/show_bug.cgi?id=183024
<rdar://problem/37765207>

Unreviewed test gardening.

  • http/tests/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-deletion.html:

Added a setTimeout() delay.

4:10 PM Changeset in webkit [228905] by commit-queue@webkit.org
  • 11 edits in trunk/Source

[Curl] Curl Cookie Database File should be configurable using NetworkProcessCreationParameters
https://bugs.webkit.org/show_bug.cgi?id=182751

Patch by Christopher Reid <chris.reid@sony.com> on 2018-02-21
Reviewed by Youenn Fablet.

Source/WebCore:

No change in behavior.

Adding support to set a custom CookieJar Database.
Took CookieJarDB::open() out of its constructor because both the Network and Web process
were trying to open the journal files but one process was failing due to a lack of permission.
Now the database file is lazily opened and only the Network process will try to open the database.
Some cleanup was done to CookieJarDB too.

  • platform/network/NetworkStorageSession.h:
  • platform/network/curl/CookieJarDB.cpp:
  • platform/network/curl/CookieJarDB.h:
  • platform/network/curl/NetworkStorageSessionCurl.cpp:

Source/WebKit:

Adding a cookiePersistentStorageFile parameter to Curl's NetworkProcessCreationParameters.
This parameter is based on Soup's cookiePersistentStoragePath.
This parameter is not used yet, it is added to prepare for WinCairo WebKit support.

  • NetworkProcess/NetworkProcessCreationParameters.cpp:
  • NetworkProcess/NetworkProcessCreationParameters.h:
  • NetworkProcess/curl/NetworkProcessCurl.cpp:
  • WebProcess/Cookies/WebCookieManager.h:
  • WebProcess/Cookies/curl/WebCookieManagerCurl.cpp:
4:07 PM Changeset in webkit [228904] by jmarcell@apple.com
  • 3 edits in tags/Safari-606.1.6/Source/WebCore

Cherry-pick r228903. rdar://problem/37754154

3:56 PM Changeset in webkit [228903] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

Regression(r228708): Crash under WebCore::MediaResource::responseReceived(WebCore::CachedResource&, WebCore::ResourceResponse const&)
https://bugs.webkit.org/show_bug.cgi?id=183018
<rdar://problem/37754154>

Reviewed by Eric Carlson.

The fix at r228708 was trying to address the fact that avplayer sometimes
deallocates WebCoreNSURLSessionDataTask objects on a non-main thread, which
was not safe because its _resource data member needs to be deallocated on
the main thread.

The issue is that r228708 caused _resource to outlive its WebCoreNSURLSessionDataTask.
This is an issue because _resource has a client data member (of type WebCoreNSURLSessionDataTaskClient)
which has a raw pointer to the WebCoreNSURLSessionDataTask. This means that the main thread could
call methods like responseReceived() on the resource, which would call responseReceived() on the
client, which would try to call [WebCoreNSURLSessionDataTask receivedResponse:] with an invalid
m_task pointer.

To address the issue, I introduced a clearTask() method on WebCoreNSURLSessionDataTaskClient, which
gets called from a non-main thread to clear the client's m_task pointer when the task is destroyed
on a non-main thread. So that this is safe, every time the client tries to use m_task, we now
acquire a lock for thread-safety and do a null-check on m_task.

No new tests, no known reproduction case.

  • platform/graphics/PlatformMediaResourceLoader.h:

(WebCore::PlatformMediaResource::client):

  • platform/network/cocoa/WebCoreNSURLSession.mm:

(WebCore::WebCoreNSURLSessionDataTaskClient::clearTask):
(WebCore::WebCoreNSURLSessionDataTaskClient::dataSent):
(WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
(WebCore::WebCoreNSURLSessionDataTaskClient::shouldCacheResponse):
(WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived):
(WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived):
(WebCore::WebCoreNSURLSessionDataTaskClient::accessControlCheckFailed):
(WebCore::WebCoreNSURLSessionDataTaskClient::loadFailed):
(WebCore::WebCoreNSURLSessionDataTaskClient::loadFinished):
(-[WebCoreNSURLSessionDataTask dealloc]):

3:31 PM Changeset in webkit [228902] by BJ Burg
  • 4 edits in trunk/Source/WebKit

[Cocoa] Web Automation: provide a way to ask clients the type of a JavaScript dialog
https://bugs.webkit.org/show_bug.cgi?id=182660
<rdar://problem/37408183>

Reviewed by Tim Horton and Carlos Garcia Campos.

Add another delegate method to ask what type of dialog is being shown.
This is used to implement §18.4 Step 5, where sending text to a dialog
without a prompt will return several different kinds of errors.

No new tests, covered by web platform tests once Safari side has landed.

  • UIProcess/API/Cocoa/_WKAutomationSessionDelegate.h: Update FIXME radar numbers.
  • UIProcess/Cocoa/AutomationSessionClient.h:
  • UIProcess/Cocoa/AutomationSessionClient.mm:

(WebKit::AutomationSessionClient::AutomationSessionClient):
(WebKit::toImpl):
(WebKit::AutomationSessionClient::typeOfCurrentJavaScriptDialogOnPage):
If there is no current dialog to be checked, the client can return the 'None'
type. This gets converted into a std::nullopt and causes a command error later.

2:37 PM Changeset in webkit [228901] by commit-queue@webkit.org
  • 17 edits
    3 adds
    2 deletes in trunk

Move AppCache loading to the NetworkProcess
https://bugs.webkit.org/show_bug.cgi?id=178540
<rdar://problem/37119346>

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-21
Reviewed by Alex Christensen.

Source/WebCore:

Covered by existing tests.

Use ApplicationResourceLoader for cache entry loading.
Remove all ResourceHandle use from ApplicationCacheGroup.
Renamed m_loader in m_manifestLoader and added a new m_entryLoader to load cache entries.

Updated ApplicationCacheResourceLoader to handle different types of CachedResource.
This allows in particular to handle redirections based on the resource type and create the ApplicationCacheResource with the right type.
Use Include as credentials mode as per specification.

Add a new ApplicationCache ResourceResonse::Source.
This allows fixing an assertion and should allow better inspector support if needs be.

  • inspector/agents/InspectorNetworkAgent.cpp:

(WebCore::responseSource):

  • loader/ResourceLoader.cpp:

(WebCore::logResourceResponseSource):

  • loader/SubstituteResource.h:

(WebCore::SubstituteResource::resourceResponse):

  • loader/appcache/ApplicationCacheGroup.cpp:

(WebCore::ApplicationCacheGroup::stopLoading):
(WebCore::ApplicationCacheGroup::update):
(WebCore::ApplicationCacheGroup::didFinishLoading):
(WebCore::ApplicationCacheGroup::didFinishLoadingEntry):
(WebCore::ApplicationCacheGroup::didFail):
(WebCore::ApplicationCacheGroup::didFailLoadingEntry):
(WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
(WebCore::ApplicationCacheGroup::startLoadingEntry):

  • loader/appcache/ApplicationCacheGroup.h:
  • loader/appcache/ApplicationCacheResource.cpp:

(WebCore::ApplicationCacheResource::ApplicationCacheResource):

  • loader/appcache/ApplicationCacheResourceLoader.cpp:

(WebCore::ApplicationCacheResourceLoader::create):
(WebCore::ApplicationCacheResourceLoader::ApplicationCacheResourceLoader):
(WebCore::ApplicationCacheResourceLoader::responseReceived):
(WebCore::ApplicationCacheResourceLoader::redirectReceived):

  • loader/appcache/ApplicationCacheResourceLoader.h:
  • platform/network/ResourceResponseBase.h:
  • platform/network/cocoa/ResourceResponseCocoa.mm:

(WebCore::ResourceResponse::platformCertificateInfo const):

  • testing/Internals.cpp:

(WebCore::responseSourceToString):

LayoutTests:

There is no guarantee that aborting in an event handler will be executed before some loads finish,
as the events are fired asynchronously.
Making tests less flaky by waiting some time before fnishing some loads.

  • http/tests/appcache/abort-cache-onchecking.html:
  • http/tests/appcache/resource-redirect-2-expected.txt:
  • http/tests/appcache/resources/abort-cache-onchecking-resource-404.manifest:
  • http/tests/appcache/resources/abort-cache-onchecking.manifest: Removed.
  • http/tests/appcache/resources/abort-cache-onchecking.manifest.php: Added.
  • http/tests/appcache/resources/abort-cache-ondownloading.manifest:
  • http/tests/appcache/resources/abort-cache-ondownloading.text: Removed.
  • http/tests/appcache/resources/abort-cache-ondownloading.text.php: Added.
  • http/tests/appcache/resources/not-exist.vob.php: Added.
2:34 PM Changeset in webkit [228900] by don.olmstead@sony.com
  • 3 edits in trunk

[CMake] Expose HAVE macros globally
https://bugs.webkit.org/show_bug.cgi?id=183011

Reviewed by Michael Catanzaro.

  • Source/cmake/OptionsCommon.cmake:
  • Source/cmake/WebKitFeatures.cmake:
2:27 PM Changeset in webkit [228899] by Alan Bujtas
  • 7 edits
    2 adds in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderBoxModelObject::willBeRemoved() mutation logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=183014
<rdar://problem/37757428>

Reviewed by Antti Koivisto.

No change in functionality.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::~RenderBoxModelObject):
(WebCore::RenderBoxModelObject::willBeDestroyed):
(WebCore::RenderBoxModelObject::continuationChainNode const):
(): Deleted.
(WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations): Deleted.

  • rendering/RenderBoxModelObject.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::RenderTreeBuilder):
(WebCore::RenderTreeBuilder::removeAndDestroy):

  • rendering/updating/RenderTreeBuilder.h:

(WebCore::RenderTreeBuilder::continuationBuilder):

  • rendering/updating/RenderTreeBuilderContinuation.cpp: Added.

(WebCore::RenderTreeBuilder::Continuation::Continuation):
(WebCore::RenderTreeBuilder::Continuation::cleanupOnDestroy):

  • rendering/updating/RenderTreeBuilderContinuation.h: Added.
2:02 PM Changeset in webkit [228898] by don.olmstead@sony.com
  • 6 edits in trunk/Source/JavaScriptCore

[CMake] Split declaration of JSC headers into public and private
https://bugs.webkit.org/show_bug.cgi?id=182980

Reviewed by Michael Catanzaro.

  • CMakeLists.txt:
  • PlatformGTK.cmake:
  • PlatformMac.cmake:
  • PlatformWPE.cmake:
  • PlatformWin.cmake:
2:01 PM Changeset in webkit [228897] by mitz@apple.com
  • 9 copies
    1 add in releases/Apple/Safari Technology Preview 50

Added a tag for Safari Technology Preview release 50.

1:55 PM Changeset in webkit [228896] by jmarcell@apple.com
  • 1 copy in tags/Safari-606.1.6

Tag Safari-606.1.6.

1:51 PM Changeset in webkit [228895] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

ServiceWorkerJob::m_lastResponse is unneeded
https://bugs.webkit.org/show_bug.cgi?id=183013

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-21
Reviewed by Chris Dumez.

Remove this field since not used anywhere.

  • workers/service/ServiceWorkerJob.cpp:

(WebCore::ServiceWorkerJob::didReceiveResponse):

  • workers/service/ServiceWorkerJob.h:
1:51 PM Changeset in webkit [228894] by jmarcell@apple.com
  • 7 edits in trunk/Source

Versioning.

1:41 PM Changeset in webkit [228893] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebKit

[WinCairo] Fix compile errors of WebProcess and NetworkProcess due to no implementation for windows
https://bugs.webkit.org/show_bug.cgi?id=182870

Patch by Yousuke Kimoto <yousuke.kimoto@sony.com> on 2018-02-21
Reviewed by Youenn Fablet.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::createNetworkConnectionToWebProcess):

  • WebProcess/Plugins/PluginProcessConnectionManager.cpp:

(WebKit::PluginProcessConnectionManager::getPluginProcessConnection):

  • WebProcess/WebPage/WebInspector.cpp:

(WebKit::WebInspector::openFrontendConnection):

  • WebProcess/WebPage/WebInspectorUI.cpp:

(WebKit::WebInspectorUI::establishConnection):

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::ensureNetworkProcessConnection):

12:21 PM Changeset in webkit [228892] by commit-queue@webkit.org
  • 12 edits
    2 adds in trunk

Use ResourceLoader to load appcache manifest
https://bugs.webkit.org/show_bug.cgi?id=182861

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-21
Reviewed by Alex Christensen.

Source/WebCore:

Covered by updated tests.

Add ApplicationCacheResourceLoader to load an ApplicationCacheResource from a ResourceLoader.
Make use of it to load the app cache manifest.
Future work should load entries using the same loader.

Remove manifest handle.
Ensure that DocumentLoader does not register the manifest resource loader as its lifetime
is handled by its ApplicationCacheGroup.

Add a ResourceLoader option to bypass the application cache.
Use it for manifest loading.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::addSubresourceLoader):

  • loader/ResourceLoaderOptions.h:
  • loader/appcache/ApplicationCacheGroup.cpp:

(WebCore::ApplicationCacheGroup::stopLoading):
(WebCore::ApplicationCacheGroup::update):
(WebCore::ApplicationCacheGroup::createRequest):
(WebCore::ApplicationCacheGroup::didReceiveResponseAsync):
(WebCore::ApplicationCacheGroup::didReceiveData):
(WebCore::ApplicationCacheGroup::didFinishLoading):
(WebCore::ApplicationCacheGroup::didFail):
(WebCore::ApplicationCacheGroup::didFinishLoadingManifest):
(WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):

  • loader/appcache/ApplicationCacheGroup.h:
  • loader/appcache/ApplicationCacheHost.cpp:

(WebCore::ApplicationCacheHost::maybeLoadResource):
(WebCore::ApplicationCacheHost::maybeLoadFallbackForRedirect):
(WebCore::ApplicationCacheHost::maybeLoadFallbackForResponse):
(WebCore::ApplicationCacheHost::maybeLoadFallbackForError):

  • loader/appcache/ApplicationCacheResourceLoader.cpp: Added.
  • loader/appcache/ApplicationCacheResourceLoader.h: Added.

LayoutTests:

  • http/tests/appcache/fail-on-update-2-expected.txt:
  • http/tests/appcache/manifest-redirect-2-expected.txt:
  • http/tests/appcache/offline-access-expected.txt:
12:01 PM Changeset in webkit [228891] by don.olmstead@sony.com
  • 17 edits in trunk

[CMake][Win] Use cmakeconfig.h rather than config.h and Platform.h
https://bugs.webkit.org/show_bug.cgi?id=182883

Reviewed by Per Arne Vollan.

.:

  • Source/cmake/OptionsAppleWin.cmake:
  • Source/cmake/OptionsWin.cmake:
  • Source/cmake/OptionsWinCairo.cmake:

Source/WebCore:

No new tests. No change in behavior.

  • WebCorePrefix.h:
  • config.h:
  • testing/js/WebCoreTestSupportPrefix.h:

Source/WebKit:

  • config.h:

Source/WebKitLegacy/win:

  • WebKitPrefix.h:

Source/WTF:

  • wtf/Platform.h:

Tools:

  • DumpRenderTree/config.h:
  • TestWebKitAPI/config.h:
11:55 AM Changeset in webkit [228890] by Michael Catanzaro
  • 2 edits in trunk/Tools

[GTK] Unsafe g_setenv use in MiniBrowser main
https://bugs.webkit.org/show_bug.cgi?id=182978

Reviewed by Carlos Garcia Campos.

setenv (and g_setenv) will randomly crash if called too late.

  • MiniBrowser/gtk/main.c:

(main):

11:50 AM Changeset in webkit [228889] by Alan Bujtas
  • 4 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderView::willBeRemoved() mutation logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=183009

Reviewed by Antti Koivisto.

No change in functionality.

  • dom/Document.cpp:

(WebCore::Document::destroyRenderTree):

  • rendering/RenderView.cpp:

(WebCore::RenderView::~RenderView):
(WebCore::RenderView::willBeDestroyed): Deleted.

  • rendering/RenderView.h:
11:43 AM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
11:42 AM Changeset in webkit [228888] by Michael Catanzaro
  • 6 edits
    1 delete in trunk

[GTK] USE_UPOWER causes crashes inside a chroot or on systems with broken dbus/upower
https://bugs.webkit.org/show_bug.cgi?id=181825

Reviewed by Carlos Garcia Campos.

.:

Get rid of the upower-glib dependency. We will use upower's D-Bus API instead.

  • Source/cmake/FindUPowerGLib.cmake: Removed.
  • Source/cmake/OptionsGTK.cmake:

Source/WebCore:

We could fix this crash, but that would not be good enough, because upower-glib is a
synchronous API that wraps D-Bus calls. That's not acceptable for use in the web process.
Rewrite LowPowerModeNotifierGLib to use upower's D-Bus API directly, instead.

Note that this also enables LowPowerModeNotifier for WPE, since the USE(UPOWER) build
flag is no longer needed.

  • platform/LowPowerModeNotifier.cpp:
  • platform/LowPowerModeNotifier.h:
  • platform/glib/LowPowerModeNotifierGLib.cpp:

(WebCore::LowPowerModeNotifier::LowPowerModeNotifier):
(WebCore::LowPowerModeNotifier::updateWarningLevel):
(WebCore::LowPowerModeNotifier::warningLevelChanged):
(WebCore::LowPowerModeNotifier::gPropertiesChangedCallback):
(WebCore::LowPowerModeNotifier::~LowPowerModeNotifier):
(WebCore::LowPowerModeNotifier::updateState): Deleted.
(WebCore::LowPowerModeNotifier::warningLevelCallback): Deleted.

11:41 AM Changeset in webkit [228887] by BJ Burg
  • 2 edits in trunk/Source/WebKit

Web Automation: failed provisional loads cause "Navigate To" command to hang
https://bugs.webkit.org/show_bug.cgi?id=183007
<rdar://problem/37751819>

Reviewed by Andy Estes.

This hang was revealed by WPT test current_url.py::get_current_url_file_protocol. Now the
test simply fails because Safari chooses a policy of 'Ignore' for externally-opened files.
I filed an upstream issue with the test here: https://github.com/w3c/webdriver/issues/1232

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didFailProvisionalLoadForFrame):
Notify the session that the load failed in the frame, just like we do
for non-provisional failed loads and successful loads.

11:36 AM Changeset in webkit [228886] by Chris Dumez
  • 8 edits in trunk

VTTCue constructor should use 'double' type for startTime / endTime
https://bugs.webkit.org/show_bug.cgi?id=182988

Reviewed by Eric Carlson.

Source/WebCore:

VTTCue constructor should use 'double' type for startTime / endTime, not
'unrestricted double':

Otherwise, we end up potentially returning NaN for TextTrackCue.startTime / endTime,
even though those correctly use type 'double':

The new behavior is consistent with Firefox and Chrome.

No new tests, updated existing test.

  • bindings/js/JSDOMConvertNumbers.h:

(WebCore::JSConverter<IDLDouble>::convert):
Add assertion to make sure our implementation never tries to return NaN
for an IDL attribute of type 'double'. This would be invalid as per Web
IDL spec and would crash if the NaN being returned was impure as JSValue
could not store it as a double.

  • html/track/VTTCue.idl:

Update constructor parameters to use 'double' type instead of 'unrestricted
double', as per:

LayoutTests:

Update existing test to reflect behavior change.

  • media/track/track-add-remove-cue-expected.txt:
  • media/track/track-add-remove-cue.html:
11:27 AM Changeset in webkit [228885] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

webkitpy NetworkTransaction should retry on URLError
https://bugs.webkit.org/show_bug.cgi?id=182987

Reviewed by Alexey Proskuryakov.

  • Scripts/webkitpy/common/net/networktransaction.py:

(NetworkTransaction.run): Retry on urllib2.URLError.

10:45 AM Changeset in webkit [228884] by Alan Bujtas
  • 6 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderTextFragment::willBeRemoved() mutation logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182946
<rdar://problem/37690039>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderTextFragment.cpp:

(WebCore::RenderTextFragment::willBeDestroyed):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):

  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::cleanupOnRemoval):

  • rendering/updating/RenderTreeBuilderFirstLetter.h:
10:26 AM Changeset in webkit [228883] by commit-queue@webkit.org
  • 9 edits in trunk/LayoutTests

Test gardening.
https://bugs.webkit.org/show_bug.cgi?id=183006

Unreviewed test gardening.

Patch by Ms2ger <Ms2ger@gmail.com> on 2018-02-21

  • TestExpectations: add ietestcenter/css3/valuesandunits/units-000.htm.
  • platform/gtk/TestExpectations: remove ietestcenter/css3/valuesandunits/units-000.htm.
  • platform/gtk/js/dom/dom-static-property-for-in-iteration-expected.txt: update for r228827.
  • platform/ios/TestExpectations: remove ietestcenter/css3/valuesandunits/units-000.htm.
  • platform/mac/TestExpectations: remove ietestcenter/css3/valuesandunits/units-000.htm.
  • platform/win/TestExpectations: remove ietestcenter/css3/valuesandunits/units-000.htm.
  • platform/wpe/TestExpectations: remove ietestcenter/css3/valuesandunits/units-000.htm.
  • platform/wpe/js/dom/dom-static-property-for-in-iteration-expected.txt: update for r228827.
10:19 AM Changeset in webkit [228882] by Ms2ger@igalia.com
  • 2 edits in trunk/Source/WebCore

[GCrypt] Remove unsound assertion from CryptoKeyRSA::exportData().
https://bugs.webkit.org/show_bug.cgi?id=183001

Reviewed by Philippe Normand.

This function is called from structured cloning, in particular when storing
a key in IndexedDB. This would trip the assertion if the key in question is
non-exportable.

The assertion was copied from the macOS implementation in r172389; it was
subsequently removed there in r172898 to handle this case.

Test: crypto/subtle/rsa-indexeddb-non-exportable.html

  • crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:

(WebCore::CryptoKeyRSA::exportData const): remove assertion.

10:16 AM Changeset in webkit [228881] by Ms2ger@igalia.com
  • 3 edits in trunk/Tools

[WTR][WPE] Correct the process names in TestController.
https://bugs.webkit.org/show_bug.cgi?id=178700

Reviewed by Michael Catanzaro.

Similar to r228731 for GTK.

  • Scripts/webkitpy/port/wpe.py:

(WPEPort._get_crash_log): removed the code to convert WebProcess name.

  • WebKitTestRunner/TestController.cpp: return the correct process names for WPE.

(WTR::TestController::webProcessName):
(WTR::TestController::networkProcessName):
(WTR::TestController::databaseProcessName):

10:12 AM Changeset in webkit [228880] by cturner@igalia.com
  • 2 edits in trunk/LayoutTests

Update test expectations
https://bugs.webkit.org/show_bug.cgi?id=182973

Unreviewed gardening.

  • platform/gtk/TestExpectations:
9:57 AM Changeset in webkit [228879] by Ms2ger@igalia.com
  • 2 edits in trunk/Tools

[ATK] Remove attributeSet variable from AccessibilityUIElement::attributedStringForRange().
https://bugs.webkit.org/show_bug.cgi?id=183000

Reviewed by Joanmarie Diggs.

It is never initialized, but is passed to atk_attribute_set_free.
This caused a crash in accessibility/content-editable-as-textarea.html on the debug bots.

  • WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:

(WTR::AccessibilityUIElement::attributedStringForRange):

9:54 AM Changeset in webkit [228878] by cturner@igalia.com
  • 1 edit
    6 adds in trunk/LayoutTests

Rebaseline web animations tests after r228717
https://bugs.webkit.org/show_bug.cgi?id=182970

Reviewed by Antoine Quint.

  • platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt: Added.
  • platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt: Added.
  • platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt: Added.
9:53 AM WebKitGTK/Gardening/Calendar edited by Ms2ger@igalia.com
(diff)
9:34 AM Changeset in webkit [228877] by mmaxfield@apple.com
  • 9 edits
    3 adds in trunk

[Cocoa] Make system-ui obey the user-installed-font policy
https://bugs.webkit.org/show_bug.cgi?id=182860
<rdar://problem/36158249>

Reviewed by Antti Koivisto.

Source/WebCore:

We have a completely different codepath for system-ui which makes it follow the system's
font cascade list. This codepath (along with all the other relevant places which create
system fonts) needs to obey the AllowUserInstalledFonts enum. This patch is fairly
mechanical; we simply are hooking up the flag across SystemFontDatabase.

There are a few places which creates system fonts which this patch doesn't touch. This is
not a problem because all the remaining places either:
1) Simply pull out some attributes of the font (name, weight, size, etc.) and then throw
away the font object itself, or
2) Use the font in an environment where script cannot access the characters rendered (such
as DragImages or the fullscreen placeholder view or the inside of the attachment element).

Test: fast/text/user-installed-fonts/system-ui.html

  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::FontDatabase::collectionForFamily):
(WebCore::FontDatabase::fontForPostScriptName):
(WebCore::fontWithFamily):
(WebCore::installedFontMandatoryAttributes):
(WebCore::createSpecificFontForInstalledFonts):

  • platform/graphics/cocoa/FontCacheCoreText.h:
  • platform/graphics/cocoa/FontDescriptionCocoa.cpp:

(WebCore::SystemFontDatabase::CoreTextCascadeListParameters::operator== const):
(WebCore::SystemFontDatabase::CoreTextCascadeListParameters::hash const):
(WebCore::SystemFontDatabase::systemFontCascadeList):
(WebCore::SystemFontDatabase::removeCascadeList):
(WebCore::SystemFontDatabase::computeCascadeList):
(WebCore::systemFontParameters):
(WebCore::systemFontCascadeList):
(WebCore::FontCascadeDescription::effectiveFamilyCount const):
(WebCore::FontCascadeDescription::effectiveFamilyAt const):

  • platform/graphics/ios/FontCacheIOS.mm:

(WebCore::platformFontWithFamilySpecialCase):

  • platform/graphics/mac/FontCacheMac.mm:

(WebCore::platformFontWithFamilySpecialCase):

Tools:

Create a font, FakeHelvetica-ArmenianCharacter.ttf, which supports a particular Armenian
character which isn't isn't supported by any other font on the system.

  • WebKitTestRunner/FakeHelvetica-ArmenianCharacter.ttf:
  • WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:

LayoutTests:

FakeHelvetica-ArmenianCharacter.ttf is a font which supports a particular Armenian character which
isn't supported by any other font on the system. Installing this font will cause it to be added to
the 'system-ui' font cascade list. When we disable user-installed-fonts, this font should not be
used to render the character.

  • fast/text/user-installed-fonts/system-ui-expected-mismatch.html:
  • fast/text/user-installed-fonts/system-ui.html:
9:08 AM Changeset in webkit [228876] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Unreviewed attempt to fix build after r228867.

  • Modules/webvr/VRStageParameters.cpp:
9:00 AM Changeset in webkit [228875] by Philippe Normand
  • 2 edits in trunk/Source/WebCore

[GStreamer] Rewrite purgeInvalid*Tracks methods
https://bugs.webkit.org/show_bug.cgi?id=183004

Reviewed by Carlos Garcia Campos.

Removing items from a hashmap while iterating is bad.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidAudioTracks):
Safely remove items from the hashmap using removeIf().
(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidVideoTracks): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidTextTracks): Ditto.

9:00 AM Changeset in webkit [228874] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Unreviewed attempt to fix build after r228867.

  • Modules/webvr/VRStageParameters.cpp:
8:35 AM Changeset in webkit [228873] by jmarcell@apple.com
  • 7 edits in branches/safari-605-branch

Cherry-pick r228851. rdar://problem/37734494

8:18 AM Changeset in webkit [228872] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Tools

Cherry-pick r228859. rdar://problem/37734496

8:18 AM Changeset in webkit [228871] by jmarcell@apple.com
  • 23 edits
    2 adds in branches/safari-605-branch

Cherry-pick r228857. rdar://problem/37734496

5:26 AM Changeset in webkit [228870] by Philippe Normand
  • 3 edits in trunk/Source/WebCore

[GStreamer] Crash in Debug build when purging invalid tracks
https://bugs.webkit.org/show_bug.cgi?id=182997

Reviewed by Xabier Rodriguez-Calvar.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidAudioTracks): Clear the hashmap when there is no valid track left.
(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidVideoTracks): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidTextTracks): Ditto.

  • platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:

(WebCore::TrackPrivateBaseGStreamer::getLanguageCode): Demote debugging, this appears too much at least with playbin2.
(WebCore::TrackPrivateBaseGStreamer::getTag): Ditto.

5:25 AM Changeset in webkit [228869] by Philippe Normand
  • 2 edits in trunk/Source/WebCore

[GStreamer] We need to adopt GstGlDisplays after GStreamer 1.13.1
https://bugs.webkit.org/show_bug.cgi?id=182996

Reviewed by Xabier Rodriguez-Calvar.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext):
Adopt references when running with GStreamer 1.13.1 to avoid
memory leaks.

5:22 AM WebKitGTK/2.20.x edited by Philippe Normand
(diff)
3:50 AM WebKitGTK/2.20.x edited by Philippe Normand
(diff)
3:42 AM Changeset in webkit [228868] by Philippe Normand
  • 2 edits in trunk/Source/WebCore

[GTK] Layout test media/track/track-in-band-duplicate-tracks-when-source-changes.html failing since r228617
https://bugs.webkit.org/show_bug.cgi?id=160131
<rdar://problem/35873985>

Reviewed by Michael Catanzaro.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfText): We
can't assume the pad has a sticky event here like implemented in
InbandTextTrackPrivateGStreamer because it might be emitted after
the track was created. So fallback to a dummy stream ID like in
the Audio and Video tracks.

2:47 AM Changeset in webkit [228867] by svillar@igalia.com
  • 8 edits in trunk/Source/WebCore

[WebVR][OpenVR] Retrieve stage parameters
https://bugs.webkit.org/show_bug.cgi?id=182976

Reviewed by Žan Doberšek.

Use OpenVR to retrieve stage parameters, i.e., play area size and
the transformation from sitting to standing position. It includes
the same fallback used by Firefox to provide sensible values in case
we cannot get the required information from the VR SDK (it's quite
common not to have defined a play area).

  • Modules/webvr/VRDisplay.cpp:

(WebCore::VRDisplay::stageParameters const):

  • Modules/webvr/VRDisplay.h:
  • Modules/webvr/VRStageParameters.cpp:

(WebCore::VRStageParameters::VRStageParameters):
(WebCore::VRStageParameters::sittingToStandingTransform const):
(WebCore::VRStageParameters::sizeX const):
(WebCore::VRStageParameters::sizeZ const):

  • Modules/webvr/VRStageParameters.h:

(WebCore::VRStageParameters::create):

  • platform/vr/VRPlatformDisplay.h:
  • platform/vr/openvr/VRPlatformDisplayOpenVR.cpp:

(WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):
(WebCore::VRPlatformDisplayOpenVR::updateStageParameters):

  • platform/vr/openvr/VRPlatformDisplayOpenVR.h:
1:34 AM Changeset in webkit [228866] by Philippe Normand
  • 2 edits in trunk/Source/WebCore

[GStreamer] Create a Wayland GL display instead of EGL
https://bugs.webkit.org/show_bug.cgi?id=182968

Reviewed by Xabier Rodriguez-Calvar.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext):
Add logging and instantiate a GstDisplayWayland display instead of
an EGL display when running under a Wayland compositor.

12:34 AM Changeset in webkit [228865] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.19.91

WebKitGTK+ 2.19.91

12:33 AM Changeset in webkit [228864] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.19.91 release.

.:

  • Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

  • gtk/NEWS: Add release notes for 2.19.91.
12:33 AM Changeset in webkit [228863] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebKit

Unreviewed. Fix distcheck.

Remove symbols found in version script but not in library.

  • webkitglib-symbols.map:
12:25 AM Changeset in webkit [228862] by Alan Bujtas
  • 8 edits
    2 adds in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderFullScreen::willBeRemoved() mutation logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182947
<rdar://problem/37690848>

Reviewed by Antti Koivisto.

No change in functionality.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreen::willBeDestroyed):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):

  • rendering/updating/RenderTreeBuilder.h:

(WebCore::RenderTreeBuilder::fullScreenBuilder):

  • rendering/updating/RenderTreeBuilderFullScreen.cpp: Added.

(WebCore::RenderTreeBuilder::FullScreen::FullScreen):
(WebCore::RenderTreeBuilder::FullScreen::cleanupOnRemoval):

  • rendering/updating/RenderTreeBuilderFullScreen.h: Added.
  • rendering/updating/RenderTreeBuilderMathML.cpp:

Feb 20, 2018:

11:25 PM WebDriverStatus edited by Carlos Garcia Campos
(diff)
11:15 PM WebKitGTK/2.20.x edited by Carlos Garcia Campos
(diff)
11:13 PM Changeset in webkit [228861] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.20/LayoutTests

Unreviewed GTK gardening.

  • platform/gtk/TestExpectations:
  • platform/gtk/js/dom/dom-static-property-for-in-iteration-expected.txt:
10:56 PM Changeset in webkit [228860] by sbarati@apple.com
  • 11 edits
    1 add in trunk

DFG::VarargsForwardingPhase should eliminate getting argument length
https://bugs.webkit.org/show_bug.cgi?id=182959

Reviewed by Keith Miller.

JSTests:

  • microbenchmarks/forward-arguments-dont-escape-on-arguments-length.js: Added.

Source/JavaScriptCore:

This patch teaches the DFG VarargsForwardingPhase to not treat
length accesses on Cloned/Direct Arguments objects as escapes.
It teaches this phase to materialize the length in the same
way the ArgumentsEliminationPhase does.

This is around a 0.5-1% speedup on ARES6 on my iMac. It speeds
up the ML subtest by 2-4%.

This patch also extends compileGetArgumentCountIncludingThis to take
a parameter that is the inline call frame to load from (in the case
where the inline call frame is a varargs frame). This allows the
the emitCodeToGetArgumentsArrayLength helper function to just emit
a GetArgumentCountIncludingThis node instead of a GetLocal. If we
emitted a GetLocal, we'd need to rerun CPS rethreading.

  • dfg/DFGArgumentsEliminationPhase.cpp:
  • dfg/DFGArgumentsUtilities.cpp:

(JSC::DFG::emitCodeToGetArgumentsArrayLength):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::getArgumentCount):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGNode.h:

(JSC::DFG::Node::argumentsInlineCallFrame):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetArgumentCountIncludingThis):

  • dfg/DFGVarargsForwardingPhase.cpp:
  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetArgumentCountIncludingThis):

9:48 PM Changeset in webkit [228859] by timothy_horton@apple.com
  • 2 edits in trunk/Tools

Try to fix the 32-bit build after r228857

  • WebKitTestRunner/mac/UIScriptControllerMac.mm:

(WTR::UIScriptController::firstResponderSuppressionForWebView):

8:39 PM Changeset in webkit [228858] by Alan Bujtas
  • 3 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderListItem::willBeRemoved() mutation logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182943
<rdar://problem/37689029>

Reviewed by Antti Koivisto.

We don't need to destroy the marker in RenderListItem::willBeRemoved(), because it gets deleted
in RenderTreeBuilder::removeAndDestroy() together with RenderListItem (as long as the marker is
the RenderListItem's descendent).

Covered by existing tests.

  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::~RenderListItem):
(WebCore::RenderListItem::willBeDestroyed): Deleted.

  • rendering/RenderListItem.h:
8:17 PM Changeset in webkit [228857] by n_wang@apple.com
  • 23 edits
    2 adds in trunk

AX: Keyboard focus not following VoiceOver cursor into web content or within web content.
https://bugs.webkit.org/show_bug.cgi?id=182752
<rdar://problem/37518233>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Call the assistive technology specific method for becoming first responder.

Test: accessibility/mac/accessibility-make-first-responder.html

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):

  • page/ChromeClient.h:

Source/WebKit:

  • UIProcess/PageClient.h:
  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/ios/PageClientImplIOS.h:
  • UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::assistiveTechnologyMakeFirstResponder):

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::assistiveTechnologyMakeFirstResponder):

  • UIProcess/mac/PageClientImplMac.h:
  • UIProcess/mac/PageClientImplMac.mm:

(WebKit::PageClientImpl::assistiveTechnologyMakeFirstResponder):

  • UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::assistiveTechnologyMakeFirstResponder):

  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::assistiveTechnologyMakeFirstResponder):

  • WebProcess/WebCoreSupport/WebChromeClient.h:

Tools:

  • DumpRenderTree/mac/UIScriptControllerMac.mm:

(WTR::UIScriptController::firstResponderSuppressionForWebView):
(WTR::UIScriptController::makeWindowContentViewFirstResponder):
(WTR::UIScriptController::isWindowContentViewFirstResponder const):

  • TestRunnerShared/UIScriptContext/Bindings/UIScriptController.idl:
  • TestRunnerShared/UIScriptContext/UIScriptController.cpp:

(WTR::UIScriptController::firstResponderSuppressionForWebView):
(WTR::UIScriptController::makeWindowContentViewFirstResponder):
(WTR::UIScriptController::isWindowContentViewFirstResponder const):

  • TestRunnerShared/UIScriptContext/UIScriptController.h:
  • WebKitTestRunner/mac/UIScriptControllerMac.mm:

(WTR::UIScriptController::firstResponderSuppressionForWebView):
(WTR::UIScriptController::makeWindowContentViewFirstResponder):
(WTR::UIScriptController::isWindowContentViewFirstResponder const):

LayoutTests:

  • accessibility/mac/accessibility-make-first-responder-expected.txt: Added.
  • accessibility/mac/accessibility-make-first-responder.html: Added.
  • platform/mac-wk1/TestExpectations:
8:13 PM Changeset in webkit [228856] by BJ Burg
  • 9 edits in trunk/Source

Web Automation: combine session commands to resize and move top-level browsing contexts
https://bugs.webkit.org/show_bug.cgi?id=182749
<rdar://problem/37515170>

Reviewed by Andy Estes.

Source/WebDriver:

The new command can take either size or origin. Just have one session command for use by endpoints.

  • Session.cpp:

(WebDriver::Session::setWindowRect):
(WebDriver::Session::moveToplevelBrowsingContextWindow): Deleted.
(WebDriver::Session::resizeToplevelBrowsingContextWindow): Deleted.

  • Session.h:

Source/WebKit:

Since moving and resizing the window are both accomplished by setting the window frame,
and the W3C WebDriver specification has a Get/Set Window Rect command, it's time to
deduplicate these two methods which basically do the same thing.

Adopt modern JSON::Value getters that return std::optional<float>. I have been trying
to move the protocol over to this style wholesale, but it is probably easier to do
this conversion in smaller pieces. And so, I have started to do so.

This change is covered by existing WebDriver tests.

  • UIProcess/Automation/Automation.json: Add new command.
  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::setWindowFrameOfBrowsingContext): Added.
(WebKit::WebAutomationSession::resizeWindowOfBrowsingContext): Deleted.
(WebKit::WebAutomationSession::moveWindowOfBrowsingContext): Deleted.

  • UIProcess/Automation/WebAutomationSession.h:

Source/WTF:

  • wtf/JSONValues.h: add a getDouble() implementation that returns a std::optional<T>

rather than using an out-parameter. I'd like to move more code to this style.

7:27 PM Changeset in webkit [228855] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[GTK] jhbuild: Remove gtk-doc
https://bugs.webkit.org/show_bug.cgi?id=182956

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-20
Reviewed by Michael Catanzaro.

jhbuild doesn't need to build gtk-doc because major LTS Linux
distributions have gtk-doc v1.25, and
Tools/gtk/install-dependencies installs gtk-doc.

  • gtk/jhbuild.modules: Removed gtk-doc.
6:17 PM Changeset in webkit [228854] by BJ Burg
  • 3 edits in trunk/Source/WebKit

ASSERT under WebAutomationSession::setProcessPool() when running W3C test suite a second time
https://bugs.webkit.org/show_bug.cgi?id=182991
<rdar://problem/37620578>

Reviewed by Timothy Hatcher.

Sometimes when running more than one session end-to-end with the same browser instance,
UIProcess would crash under addMessageReceiver because another WebAutomationSession was still
registered. This is hard to reproduce, but upon code inspection, the receiver management code
is somewhat problematic because it only runs when the WebAutomationSession destructor runs.
In some cases the client could retain two sessions and cause the first one to never remove itself
as the message receiver.

Instead of unregistering the session as a message receiver underneath the session's destructor,
do this whenever a new session supplants an old session since there is only one active session at a time.

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::~WebAutomationSession):

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::setAutomationSession):

5:32 PM Changeset in webkit [228853] by timothy_horton@apple.com
  • 32 edits
    4 adds in trunk

Introduce HAVE(IOSURFACE_ACCELERATOR)
https://bugs.webkit.org/show_bug.cgi?id=182955
<rdar://problem/37699510>

Reviewed by Sam Weinig.

Source/WebCore:

No new tests, no change in behavior.

Introduce HAVE(IOSURFACE_ACCELERATOR) and guard all uses of
IOSurfaceAccelerator behind it.

Rename USE(IOSURFACE) to HAVE(IOSURFACE) for accuracy.

  • page/cocoa/MemoryReleaseCocoa.mm:
  • platform/graphics/ca/TileController.cpp:
  • platform/graphics/cg/IOSurfacePool.cpp:
  • platform/graphics/cg/IOSurfacePool.h:
  • platform/graphics/cg/ImageBufferCG.cpp:
  • platform/graphics/cocoa/IOSurface.h:
  • platform/graphics/cocoa/IOSurface.mm:
  • platform/graphics/cocoa/IOSurfacePoolCocoa.mm:
  • platform/graphics/cv/VideoTextureCopierCV.cpp:
  • platform/graphics/cv/VideoTextureCopierCV.h:

Source/WebCore/PAL:

  • pal/spi/cg/CoreGraphicsSPI.h:
  • pal/spi/cocoa/IOSurfaceSPI.h:
  • pal/spi/cocoa/QuartzCoreSPI.h:

Source/WebKit:

  • Shared/RemoteLayerTree/RemoteLayerBackingStore.h:
  • Shared/RemoteLayerTree/RemoteLayerBackingStore.mm:
  • Shared/cg/ShareableBitmapCG.cpp:
  • UIProcess/API/Cocoa/WKWebView.mm:
  • UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.mm:
  • UIProcess/RemoteLayerTree/RemoteLayerTreeHost.mm:
  • UIProcess/mac/ViewSnapshotStore.h:
  • UIProcess/mac/ViewSnapshotStore.mm:

Source/WTF:

  • wtf/Platform.h:

Tools:

  • DumpRenderTree/ios/PixelDumpSupportIOS.mm:

(createBitmapContextFromWebView):

  • WebKitTestRunner/ios/PlatformWebViewIOS.mm:

(WTR::PlatformWebView::windowSnapshotImage):

WebKitLibraries:

  • WebKitPrivateFrameworkStubs/iOS/10/IOSurface.framework/IOSurface.tbd:
  • WebKitPrivateFrameworkStubs/iOS/10/IOSurfaceAccelerator.framework/IOSurfaceAccelerator.tbd: Added.
  • WebKitPrivateFrameworkStubs/iOS/11/IOSurfaceAccelerator.framework/IOSurfaceAccelerator.tbd: Added.

Switch IOSurfaceAccelerator symbols over to the still-private IOSurfaceAccelerator framework.

5:08 PM Changeset in webkit [228852] by Chris Dumez
  • 17 edits in trunk

Provisional load may get committed before receiving the decidePolicyForNavigationResponse response
https://bugs.webkit.org/show_bug.cgi?id=182720
<rdar://problem/37515204>

Reviewed by Alex Christensen.

Source/WebCore:

Wait for the policy response from the client after receiving a resource response,
before sending the NetworkResourceLoader::ContinueDidReceiveResponse IPC back to
the NetworkProcess. Otherwise, the network process may start sending us data and
we may end up committing the provisional load before receiving the policy decision
fron the client.

Change is covered by new API test.

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::responseReceived):

  • loader/NetscapePlugInStreamLoader.cpp:

(WebCore::NetscapePlugInStreamLoader::didReceiveResponse):

  • loader/NetscapePlugInStreamLoader.h:
  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::deliverResponseAndData):
(WebCore::ResourceLoader::loadDataURL):
(WebCore::ResourceLoader::didReceiveResponse):
(WebCore::ResourceLoader::didReceiveResponseAsync):

  • loader/ResourceLoader.h:
  • loader/SubresourceLoader.cpp:

(WebCore::SubresourceLoader::didReceiveResponse):
(WebCore::SubresourceLoader::didReceiveResponsePolicy):
(WebCore::SubresourceLoader::willCancel):

  • loader/SubresourceLoader.h:
  • loader/ios/PreviewLoader.mm:

(-[WebPreviewLoader _sendDidReceiveResponseIfNecessary]):

Source/WebKit:

  • WebProcess/Network/WebResourceLoader.cpp:

(WebKit::WebResourceLoader::didReceiveResponse):

  • WebProcess/Storage/ServiceWorkerClientFetch.cpp:

(WebKit::ServiceWorkerClientFetch::didReceiveResponse):

  • WebProcess/WebPage/WebURLSchemeTaskProxy.cpp:

(WebKit::WebURLSchemeTaskProxy::didReceiveResponse):

Source/WTF:

Add convenience CompletionHandlerCallingScope class which calls its CompletionHandler
when destroyed, and provides a release() methods to manually call the completionHandler.

  • wtf/CompletionHandler.h:

(WTF::CompletionHandlerCallingScope::CompletionHandlerCallingScope):
(WTF::CompletionHandlerCallingScope::~CompletionHandlerCallingScope):
(WTF::CompletionHandlerCallingScope::CompletionHandler<void):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/AsyncPolicyForNavigationResponse.mm:

(-[TestAsyncNavigationDelegate webView:decidePolicyForNavigationResponse:decisionHandler:]):
(TestWebKitAPI::TEST):

4:51 PM Changeset in webkit [228851] by Chris Dumez
  • 7 edits in trunk

Crash under JSC::JSCell::toNumber(JSC::ExecState*)
https://bugs.webkit.org/show_bug.cgi?id=182984
<rdar://problem/37694346>

Reviewed by Mark Lam.

Source/WebCore:

The issue was caused by DOMMatrix attributes potentially returning "impure"
NaN values. We would call JSC::jsNumber(double) to construct the JSValue
but this is only safe for pure NaN values. Make sure we purify the double
returned by the implementation for IDL attributes of type 'unrestricted double'
before calling JSC::jsNumber(double).

No new tests, extended existing test.

  • bindings/js/JSDOMConvertNumbers.h:

(WebCore::JSConverter<IDLUnrestrictedDouble>::convert):

  • testing/TypeConversions.h:

(WebCore::TypeConversions::testImpureNaNUnrestrictedDouble const):
(WebCore::TypeConversions::testImpureNaN2UnrestrictedDouble const):
(WebCore::TypeConversions::testQuietNaNUnrestrictedDouble const):

  • testing/TypeConversions.idl:

LayoutTests:

Add layout test coverage.

  • js/dom/webidl-type-mapping-expected.txt:
  • js/dom/webidl-type-mapping.html:
4:35 PM Changeset in webkit [228850] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark two imported/w3c/web-platform-tests/2dcontext/imagebitmap tests as flaky on iOS.
https://bugs.webkit.org/show_bug.cgi?id=182833

Unreviewed test gardening.

  • platform/ios/TestExpectations:
4:20 PM WebKitGTK/Gardening/Calendar edited by cturner@igalia.com
(diff)
3:34 PM Changeset in webkit [228849] by timothy_horton@apple.com
  • 6 edits in trunk/Source/WebCore

Make more use of USE(OPENGL_ES) where it makes sense
https://bugs.webkit.org/show_bug.cgi?id=182957
<rdar://problem/37699443>

Reviewed by Dan Bernstein.

No new tests, no behavior change.

Make use of USE(OPENGL_ES) for CoreVideo functions that differ based
on GL availability. Also adjust GraphicsContext3D in the same way.

  • platform/cocoa/CoreVideoSoftLink.cpp:
  • platform/cocoa/CoreVideoSoftLink.h:
  • platform/graphics/GraphicsContext3D.h:
  • platform/graphics/cv/TextureCacheCV.mm:

(WebCore::TextureCacheCV::create):
(WebCore::TextureCacheCV::textureFromImage):

  • platform/graphics/cv/VideoTextureCopierCV.cpp:

(WebCore::enumToStringMap):
(WebCore::VideoTextureCopierCV::initializeContextObjects):
(WebCore::VideoTextureCopierCV::initializeUVContextObjects):
(WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
(WebCore::VideoTextureCopierCV::copyVideoTextureToPlatformTexture):

3:31 PM Changeset in webkit [228848] by jmarcell@apple.com
  • 9 edits
    2 copies in branches/safari-605-branch

Cherry-pick r228714. rdar://problem/37714031

3:31 PM Changeset in webkit [228847] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch

Cherry-pick r228601. rdar://problem/37697671

3:11 PM Changeset in webkit [228846] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WTF

Always inline soft linking functions to work around a clang bug
https://bugs.webkit.org/show_bug.cgi?id=182985
<rdar://problem/37587017>

Reviewed by Dan Bernstein.

  • wtf/cocoa/SoftLinking.h:

In some cases, clang will emit a weak extern symbol for a re-declared
symbol that has availability attributes on it. To avoid this, always
inline to avoid emitting a second symbol.

3:02 PM Changeset in webkit [228845] by Matt Lewis
  • 2 edits in trunk/Source/WebKit

Unreviewed, rolling out r228829.

This caused a consistent failure in the API test
WebKit.InteractionDeadlockAfterCrash on iOS Simulator

Reverted changeset:

"Switch to UIWKTextInteractionAssistant for non-editable text"
https://bugs.webkit.org/show_bug.cgi?id=182834
https://trac.webkit.org/changeset/228829

2:30 PM Changeset in webkit [228844] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch

Cherry-pick r228825. rdar://problem/37714030

2:30 PM Changeset in webkit [228843] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228824. rdar://problem/37714015

2:30 PM Changeset in webkit [228842] by jmarcell@apple.com
  • 8 edits
    1 add in branches/safari-605-branch

Cherry-pick r228725. rdar://problem/37714027

2:30 PM Changeset in webkit [228841] by jmarcell@apple.com
  • 8 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r228720. rdar://problem/37714022

2:30 PM Changeset in webkit [228840] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228716. rdar://problem/37714038

2:30 PM Changeset in webkit [228839] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r228713. rdar://problem/37714036

2:30 PM Changeset in webkit [228838] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228708. rdar://problem/37714034

2:30 PM Changeset in webkit [228837] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r228693. rdar://problem/37697679

2:30 PM Changeset in webkit [228836] by jmarcell@apple.com
  • 8 edits in branches/safari-605-branch

Cherry-pick r228594. rdar://problem/37697671

2:29 PM Changeset in webkit [228835] by jmarcell@apple.com
  • 14 edits
    1 copy in branches/safari-605-branch

Cherry-pick r228589. rdar://problem/37697687

2:29 PM Changeset in webkit [228834] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r228586. rdar://problem/37697673

2:29 PM Changeset in webkit [228833] by jmarcell@apple.com
  • 2 edits
    2 adds in branches/safari-605-branch

Cherry-pick r228585. rdar://problem/37697677

2:29 PM Changeset in webkit [228832] by jmarcell@apple.com
  • 3 edits
    3 adds in branches/safari-605-branch

Cherry-pick r228574. rdar://problem/37697675

2:29 PM Changeset in webkit [228831] by jmarcell@apple.com
  • 10 edits
    1 add in branches/safari-605-branch

Cherry-pick r228565. rdar://problem/37697682

1:45 PM Changeset in webkit [228830] by Manuel Rego Casasnovas
  • 6 edits in trunk/LayoutTests

Skip tests that need ENABLE_LINK_PREFETCH
https://bugs.webkit.org/show_bug.cgi?id=182981

Unreviewed gardening.

These tests were marked in the different TestExpectations fails of each port,
when actually none of them were testing this code as ENABLE_LINK_PREFETCH is disabled by default
(even in development builds).

The patch just moves the flagged tests from the port specific TestExpectations files
to the generic TestExpectations file skipping them.

  • TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/ios/TestExpectations:
  • platform/mac/TestExpectations:
  • platform/win/TestExpectations:
12:12 PM Changeset in webkit [228829] by Megan Gardner
  • 2 edits in trunk/Source/WebKit

Switch to UIWKTextInteractionAssistant for non-editable text
https://bugs.webkit.org/show_bug.cgi?id=182834

Reviewed by Wenson Hsieh and Tim Horton.

Switching to only using the UIWKTextInteractionAssistant. Only character granularity is now supported.
Also keep the from regressing gating the keyboard bring up on user interaction. The presents of a
textInteractionAssistant can no longer be used as proxy for the presence of the keyboard.

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView useSelectionAssistantWithGranularity:]):
(-[WKContentView _startAssistingNode:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):

11:27 AM Changeset in webkit [228828] by wilander@apple.com
  • 6 edits in trunk

Make WebResourceLoadStatisticsStore::processStatisticsAndDataRecords() call WebProcessProxy::notifyPageStatisticsAndDataRecordsProcessed() in a proper callback
https://bugs.webkit.org/show_bug.cgi?id=182719
<rdar://problem/37517370>

Reviewed by Brent Fulgham.

Source/WebKit:

This will allow the page notification, statistics pruning, and persistence write
to be done at the right time and hopefully stabilize the layout tests including:
http/tests/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-deletion.html

  • UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::removeDataRecords):

Now takes a callback parameter.

(WebKit::WebResourceLoadStatisticsStore::processStatisticsAndDataRecords):

  • UIProcess/WebResourceLoadStatisticsStore.h:

Now calls WebProcessProxy::notifyPageStatisticsAndDataRecordsProcessed()
in a callback provided to WebResourceLoadStatisticsStore::removeDataRecords().

LayoutTests:

  • platform/mac-wk2/TestExpectations:

Marked http/tests/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-deletion.html
as [ Pass ].

  • platform/wk2/TestExpectations:

Marked http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html
as [ Pass ]. This should have been done already in r227223:
https://bugs.webkit.org/show_bug.cgi?id=181822

11:11 AM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
11:02 AM Changeset in webkit [228827] by n_wang@apple.com
  • 17 edits
    2 adds in trunk

AX: AOM: Dispatch accessibleclick event
https://bugs.webkit.org/show_bug.cgi?id=180898
<rdar://problem/36086710>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Accessibility events.
Spec: https://wicg.github.io/aom/spec/phase2.html

This patch allows developers to register event handlers on Elements
for custom accessibility events.

Accessibility events go through a capturing and bubbling phase just
like DOM events, but in the accessibility tree.

Implemented "accessibleclick" event.

Test: accessibility/mac/AOM-events.html

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::press):
(WebCore::AccessibilityObject::dispatchAccessibilityEvent):

  • accessibility/AccessibilityObject.h:
  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityPerformAction:]):

  • dom/Element.idl:
  • dom/EventDispatcher.cpp:

(WebCore::dispatchEventWithType):
(WebCore::EventDispatcher::dispatchEvent):

  • dom/EventDispatcher.h:
  • dom/EventNames.h:
  • dom/EventPath.cpp:

(WebCore::EventPath::EventPath):

  • dom/EventPath.h:

Tools:

  • WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:

(WTR::AccessibilityUIElement::syncPress):

  • WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
  • WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::syncPress):

LayoutTests:

  • accessibility/mac/AOM-events-expected.txt: Added.
  • accessibility/mac/AOM-events.html: Added.
  • js/dom/dom-static-property-for-in-iteration-expected.txt:
  • platform/mac-wk1/TestExpectations:
10:46 AM Changeset in webkit [228826] by Adrian Perez de Castro
  • 2 edits in trunk

[GTK][CMake] Support building with Enchant 2.x
https://bugs.webkit.org/show_bug.cgi?id=182933

Reviewed by Michael Catanzaro.

  • Source/cmake/FindEnchant.cmake: Check for both the "enchant" and "enchant-2"

pkg-config components, picking the first available for which the headers and
library are usable.

10:32 AM Changeset in webkit [228825] by Wenson Hsieh
  • 5 edits in trunk

[iOS 11.3 Beta] Can't copy a URL from Safari and paste it into the Gmail app
https://bugs.webkit.org/show_bug.cgi?id=182952
<rdar://problem/37636190>

Reviewed by Tim Horton.

Source/WebCore:

After r220865 refactored the iOS copy codepaths to use NSItemProviders, we stopped writing the URL as plain text
to the pasteboard. However, this means clients that only check for "text/plain" (or one of its aliases) on the
pasteboard won't read any data on paste.

To fix this, we restore the pre-iOS 11.3 behavior of writing both the URL and plain text to the pasteboard.
Since we're using item providers, we also ensure that the NSURL is at a higher fidelity than the string to make
it clear that the data should be consumed as a URL.

This patch also rebaselines an existing drag and drop test to cover this change, and adds a new API test,
ActionSheetTests.CopyLinkWritesURLAndPlainText, which simulates copying a link using the share sheet and pasting
into a DataTransfer-dumping test harness.

  • platform/ios/PlatformPasteboardIOS.mm:

(WebCore::PlatformPasteboard::write):

Tools:

Adds a new iOS copy/paste test that copies an anchor element via action sheet, and checks that upon pasting,
both "text/plain" and "text/uri-list" are provided. Additionally tweaks an existing iOS drag and drop test to
check for the same behavior.

  • TestWebKitAPI/Tests/ios/ActionSheetTests.mm:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/ios/DataInteractionTests.mm:

(TestWebKitAPI::TEST):

10:29 AM Changeset in webkit [228824] by eric.carlson@apple.com
  • 2 edits in trunk/Source/WebCore

[iOS] Returning from Auto-PiP causes Safari to be unresponsive
https://bugs.webkit.org/show_bug.cgi?id=182977
<rdar://problem/37685981>

Reviewed by Jer Noble.

Remove the error handling added in r228115, it breaks auto-pip.

  • platform/ios/VideoFullscreenInterfaceAVKit.mm:

(VideoFullscreenInterfaceAVKit::applicationDidBecomeActive):
(VideoFullscreenInterfaceAVKit::enterFullscreenStandard):
(VideoFullscreenInterfaceAVKit::exitFullscreen):
(VideoFullscreenInterfaceAVKit::cleanupFullscreen):
(VideoFullscreenInterfaceAVKit::didStartPictureInPicture):
(VideoFullscreenInterfaceAVKit::prepareForPictureInPictureStopWithCompletionHandler):
(VideoFullscreenInterfaceAVKit::exitFullscreenHandler):
(VideoFullscreenInterfaceAVKit::enterFullscreenHandler):

10:14 AM Changeset in webkit [228823] by jer.noble@apple.com
  • 3 edits in trunk/Source/WebCore

[EME] Adopt new AVContentKeySession success delegate callback
https://bugs.webkit.org/show_bug.cgi?id=182974
<rdar://problem/36079035>

Reviewed by Eric Carlson.

Store the updateLicenseCallback if the new protocol method is present and supported.

  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:

(-[WebCoreFPSContentKeySessionDelegate contentKeySession:contentKeyRequestDidSucceed:]):
(WebCore::CDMInstanceFairPlayStreamingAVFObjC::updateLicense):
(WebCore::CDMInstanceFairPlayStreamingAVFObjC::didFailToProvideRequest):
(WebCore::CDMInstanceFairPlayStreamingAVFObjC::requestDidSucceed):

9:52 AM Changeset in webkit [228822] by dino@apple.com
  • 3 edits
    2 adds in trunk

Handle all writing-modes in downcast
https://bugs.webkit.org/show_bug.cgi?id=182949
<rdar://problem/37710687>

Reviewed by Myles Maxfield.

Source/WebCore:

It appears we forgot to handle the deprecated "lr"
writing-mode value.

Test: fast/writing-mode/svg-writing-modes.html

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::operator WritingMode const):

LayoutTests:

Test all the deprecated SVG writing modes.

  • fast/writing-mode/svg-writing-modes-expected.html: Added.
  • fast/writing-mode/svg-writing-modes.html: Added.
9:03 AM Changeset in webkit [228821] by zandobersek@gmail.com
  • 10 edits in trunk/Source

[Cairo] Drop target GraphicsContext usage in Cairo operations
https://bugs.webkit.org/show_bug.cgi?id=182964

Reviewed by Carlos Garcia Campos.

The GraphicsContext parameters in various Cairo operations are not used
anymore, so they can be removed. Callsites are updated to reflect this.

Source/WebCore:

  • platform/graphics/cairo/CairoOperations.cpp:

(WebCore::Cairo::drawShadowLayerBuffer):
(WebCore::Cairo::fillShadowBuffer):
(WebCore::Cairo::drawPathShadow):
(WebCore::Cairo::drawGlyphsShadow):
(WebCore::Cairo::fillRect):
(WebCore::Cairo::fillRoundedRect):
(WebCore::Cairo::fillRectWithRoundedHole):
(WebCore::Cairo::fillPath):
(WebCore::Cairo::strokeRect):
(WebCore::Cairo::strokePath):
(WebCore::Cairo::drawGlyphs):
(WebCore::Cairo::drawNativeImage):
(WebCore::Cairo::drawSurface):

  • platform/graphics/cairo/CairoOperations.h:
  • platform/graphics/cairo/FontCairo.cpp:

(WebCore::FontCascade::drawGlyphs):

  • platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::drawNativeImage):
(WebCore::GraphicsContext::fillPath):
(WebCore::GraphicsContext::strokePath):
(WebCore::GraphicsContext::fillRect):
(WebCore::GraphicsContext::strokeRect):
(WebCore::GraphicsContext::platformFillRoundedRect):
(WebCore::GraphicsContext::fillRectWithRoundedHole):

  • platform/graphics/cairo/GraphicsContextImplCairo.cpp:

(WebCore::GraphicsContextImplCairo::fillRect):
(WebCore::GraphicsContextImplCairo::fillRoundedRect):
(WebCore::GraphicsContextImplCairo::fillRectWithRoundedHole):
(WebCore::GraphicsContextImplCairo::fillPath):
(WebCore::GraphicsContextImplCairo::strokeRect):
(WebCore::GraphicsContextImplCairo::strokePath):
(WebCore::GraphicsContextImplCairo::drawGlyphs):
(WebCore::GraphicsContextImplCairo::drawNativeImage):

  • platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:

(WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::paintCurrentFrame):

Source/WebKit:

  • Shared/cairo/ShareableBitmapCairo.cpp:

(WebKit::ShareableBitmap::paint):

  • WebProcess/WebCoreSupport/gtk/WebDragClientGtk.cpp:

(WebKit::convertCairoSurfaceToShareableBitmap):

8:37 AM Changeset in webkit [228820] by Jon Davis
  • 2 edits in trunk/Websites/webkit.org

Add widescreen layout class for the Downloads page
https://bugs.webkit.org/show_bug.cgi?id=182948

Reviewed by Alexey Proskuryakov.

  • wp-content/themes/webkit/downloads.php: Added .widescreen for full-width layout.
7:52 AM Changeset in webkit [228819] by svillar@igalia.com
  • 10 edits
    1 delete in trunk/Source/WebCore

[WebVR][OpenVR] Retrieve eye parameters and field of view
https://bugs.webkit.org/show_bug.cgi?id=182962

Reviewed by Žan Doberšek.

Get the required data from OpenVR to fill in the VREyeParameters and
the VRFieldOfView objects.

  • Modules/webvr/VRDisplay.cpp: Create some attributes in the

body of the constructor instead in the member initialization list to
avoid calling getDisplayInfo() multiple times.
(WebCore::VRDisplay::VRDisplay):
(WebCore::VRDisplay::capabilities const):
(WebCore::VRDisplay::getEyeParameters const):

  • Modules/webvr/VRDisplay.h:
  • Modules/webvr/VREyeParameters.cpp:

(WebCore::VREyeParameters::VREyeParameters): Added new attributes to
the constructor.
(WebCore::VREyeParameters::offset const): Return a Ref instead of
a raw pointer.
(WebCore::VREyeParameters::renderWidth const):
(WebCore::VREyeParameters::renderHeight const):

  • Modules/webvr/VREyeParameters.h:

(WebCore::VREyeParameters::create):

  • Modules/webvr/VRFieldOfView.cpp: Removed. All the impletementation

fits perfectly in the header file.

  • Modules/webvr/VRFieldOfView.h:

(WebCore::VRFieldOfView::create):
(WebCore::VRFieldOfView::upDegrees const):
(WebCore::VRFieldOfView::rightDegrees const):
(WebCore::VRFieldOfView::downDegrees const):
(WebCore::VRFieldOfView::leftDegrees const):
(WebCore::VRFieldOfView::VRFieldOfView):

  • Sources.txt:
  • platform/vr/VRPlatformDisplay.h: Added some more data to the

VRPlatformDisplayInfo struct.

  • platform/vr/openvr/VRPlatformDisplayOpenVR.cpp:

(WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):
(WebCore::VRPlatformDisplayOpenVR::computeFieldOfView): Computes the
up/down/left/right FOV angles in degrees from the raw project
values returned by OpenVR.
(WebCore::VRPlatformDisplayOpenVR::updateEyeParameters): Fills in
the eye parameter info.
(WebCore::VRPlatformDisplayOpenVR::~VRPlatformDisplayOpenVR):

  • platform/vr/openvr/VRPlatformDisplayOpenVR.h:
7:22 AM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
6:19 AM WebKitGTK/2.20.x edited by Carlos Garcia Campos
(diff)
6:16 AM Changeset in webkit [228818] by Philippe Normand
  • 14 edits in trunk

[GStreamer][MiniBrowser] Honor GStreamer command line parameters in MiniBrowser
https://bugs.webkit.org/show_bug.cgi?id=173655

Reviewed by Xabier Rodriguez-Calvar.

The FIXME in GStreamerUtilities.cpp asks to pass the command line
parameters to the GStreamer initialization function.

Based on initial patch by: Vanessa Chipirrás Navalón <vchipirras@igalia.com>

Source/WebCore:

  • Modules/webaudio/AudioContext.cpp:

(WebCore::AudioContext::constructCommon): Removes the call to the method
that GStreamer initializes. It is no longer necessary.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::initializeGStreamerAndRegisterWebKitElements): Ditto

  • platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

(WebCore::initializeGStreamerAndRegisterWebKitMSEElement): Ditto

  • platform/graphics/gstreamer/GStreamerUtilities.cpp:

(WebCore::initializeGStreamer): Receive the GStreamer options and initialize GStreamer.

  • platform/graphics/gstreamer/GStreamerUtilities.h: Add vector which contains

GStreamer options as the input parameter of the initializeGStreamer() method.

Source/WebKit:

  • Shared/WebProcessCreationParameters.cpp:

(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):

  • Shared/WebProcessCreationParameters.h: Define the vector which contains the GStreamer options.
  • UIProcess/gtk/WebProcessPoolGtk.cpp:

(WebKit::WebProcessPool::platformInitializeWebProcess): Read from cmdline file
the GStreamer options written by console.

  • WebProcess/soup/WebProcessSoup.cpp:

(WebKit::WebProcess::platformInitializeWebProcess): Call initializeGStreamer() method passing
the vector which contains the options.

Tools:

  • MiniBrowser/gtk/main.c:

(main): Add the group containing the Gstreamer options that the console displays.

6:11 AM Changeset in webkit [228817] by Manuel Rego Casasnovas
  • 5 edits in trunk/LayoutTests

[css3-text] Skip tests that need ENABLE_CSS3_TEXT
https://bugs.webkit.org/show_bug.cgi?id=182963

Unreviewed gardening.

These tests were marked in the different TestExpectations fails of each port,
when actually none of them were testing this code as ENABLE_CSS3_TEXT is disabled by default
(even in development builds).

The patch just moves the flagged tests from the port specific TestExpectations files
to the generic TestExpectations file skipping them.

It also removes editing/pasteboard/insert-text-decoration.html from the skipping list
as it should be passing for Mac an iOs too.

  • TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/ios/TestExpectations:
  • platform/mac/TestExpectations:
6:09 AM WebKitGTK/2.20.x edited by Carlos Garcia Campos
(diff)
5:49 AM Changeset in webkit [228816] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228716 - Crash under MIMETypeRegistry::isSupportedJavaScriptMIMEType()
https://bugs.webkit.org/show_bug.cgi?id=182927
<rdar://problem/37675748>

Reviewed by Antti Koivisto.

Make it safe to call MIMETypeRegistry::isSupportedJavaScriptMIMEType() from the non-main thread.
It is currently being called from a background thread in the following places:

  • ServiceWorkerJob::didReceiveResponse()
  • WorkerGlobalScope::importScripts()

These call sites on non-main threads were added recently with the support for service workers.

No new tests, already covered by existing tests that flakily experience service worker
process crashes.

  • platform/MIMETypeRegistry.cpp:

(WebCore::MIMETypeRegistry::isSupportedJavaScriptMIMEType):

5:48 AM Changeset in webkit [228815] by Carlos Garcia Campos
  • 3 edits
    3 adds in releases/WebKitGTK/webkit-2.20

Merge r228715 - SIGFPE @ int WebCore::SVGToOTFFontConverter::scaleUnitsPerEm<int> const + 45
https://bugs.webkit.org/show_bug.cgi?id=182944
<rdar://problem/35369984>

Reviewed by Myles Maxfield.

Source/WebCore:

Avoid a divide-by-zero.

Test: svg/text/font-bad-unitsperem.html

  • svg/SVGFontFaceElement.cpp:

(WebCore::SVGFontFaceElement::unitsPerEm const):

LayoutTests:

Add a test with a 0 unitsperem SVG font.

  • svg/text/font-bad-unitsperem-expected.txt: Added.
  • svg/text/font-bad-unitsperem.html: Added.
  • svg/text/resources/font-bad-unitsperem.svg: Added.
5:48 AM Changeset in webkit [228814] by Carlos Garcia Campos
  • 9 edits
    2 copies in releases/WebKitGTK/webkit-2.20

Merge r228714 - REGRESSION (r219342): Touch event coordinates and elementFromPoint coordinates differ
https://bugs.webkit.org/show_bug.cgi?id=182910
<rdar://problem/37533950>

Reviewed by Simon Fraser.

Source/WebCore:

We reverted other changes to the definition of client coordinates
in r219829 due to compatibility concerns. However, we failed to revert
r219342 on trunk, leaving elementFromPoint() using coordinates relative
to the layout viewport.

Add a currently off-by-default setting to switch on layout-viewport-relative
client coordinates and guard the elementFromPoint changes behind it.
A future patch should roll r219829 back in also behind this setting, so
that everything remains consistent regardless of which coordinate space we choose.

  • dom/TreeScope.cpp:

(WebCore::absolutePointIfNotClipped):

  • page/Settings.yaml:
  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::hitTest):

LayoutTests:

  • fast/dom/elementFromPoint-scaled-scrolled.html:

Revert changes to this test made in r219342.

  • fast/dom/elementFromPoint-scaled-scrolled-layout-viewport.html:
  • fast/dom/elementFromPoint-scaled-scrolled-layout-viewport-expected.txt:

Add a test that is equivalent to elementFromPoint-scaled-scrolled.html after r219342,
which turns on the new setting. This test is disabled on iOS (like it was
in r219342) because it needs window.scrollTo.

  • platform/ios-wk2/fast/dom/elementFromPoint-relative-to-viewport-expected.txt:

This now passes.

  • platform/ios/TestExpectations:

Re-mark-failing a test that was un-marked-failing by r219342.

5:48 AM Changeset in webkit [228813] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebKit

Merge r228713 - Null pointer dereference in WebPageProxy::urlSchemeHandlerForScheme()
https://bugs.webkit.org/show_bug.cgi?id=182905
<rdar://problem/37676775>

Reviewed by Alex Christensen.

Return nullptr when querying for the scheme handler of the null string.

Before a navigation is performed WebKit checks if the destination URL is associated with an app
unless the embedding client overrides the WKNavigationDelegate delegate callback -webView:decidePolicyForNavigationAction:decisionHandler.
If the URL is not associated with an app then WebKit may fall back to checking if the embedding
client registered a scheme handler for it. Currently we assume that the scheme is a non-null
string when checking the scheme handler registry. However the scheme can be a null string if
it is part of a malformed URL. And this leads to bad news bears when we try to use it to look
for a scheme handler. Instead check that the scheme is a non-null string before checking to see
if it is in the scheme handler registry.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::urlSchemeHandlerForScheme):

5:48 AM Changeset in webkit [228812] by Carlos Garcia Campos
  • 15 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228704 - [RenderTreeBuilder] Rename RenderTreeBuilder::removeAndDestroyChild() -> removeAndDestroy()
https://bugs.webkit.org/show_bug.cgi?id=182934
<rdar://problem/37678241>

Reviewed by Antti Koivisto.

No change in functionality.

  • dom/Document.cpp:

(WebCore::Document::setFullScreenRenderer):

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):

  • rendering/RenderButton.cpp:

(WebCore::RenderButton::setText):

  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreen::willBeDestroyed):
(WebCore::RenderFullScreen::unwrapRenderer):

  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::willBeDestroyed):

  • rendering/RenderTextFragment.cpp:

(WebCore::RenderTextFragment::willBeDestroyed):
(WebCore::RenderTextFragment::setText):

  • rendering/RenderView.cpp:

(WebCore::RenderView::willBeDestroyed):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::removeAndDestroy):
(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
(WebCore::RenderTreeBuilder::removeAndDestroyChild): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::takeChild):

  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

  • rendering/updating/RenderTreeBuilderList.cpp:

(WebCore::RenderTreeBuilder::List::updateItemMarker):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
(WebCore::RenderTreeBuilder::Ruby::takeChild):

5:48 AM Changeset in webkit [228811] by Carlos Garcia Campos
  • 14 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228701 - [RenderTreeBuilder] Remove redundant RenderObject::removeFromParentAndDestroy
https://bugs.webkit.org/show_bug.cgi?id=182926
<rdar://problem/37674997>

Reviewed by Antti Koivisto.

Call RenderTreeBuilder::removeAndDestroyChild() directly instead.

No change in functionality.

  • dom/Document.cpp:

(WebCore::Document::setFullScreenRenderer):

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):

  • rendering/RenderButton.cpp:

(WebCore::RenderButton::setText):

  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreen::willBeDestroyed):
(WebCore::RenderFullScreen::unwrapRenderer):

  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::willBeDestroyed):

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::removeFromParentAndDestroy): Deleted.

  • rendering/RenderObject.h:
  • rendering/RenderTextFragment.cpp:

(WebCore::RenderTextFragment::willBeDestroyed):
(WebCore::RenderTextFragment::setText):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::takeChild):

  • rendering/updating/RenderTreeBuilderList.cpp:

(WebCore::RenderTreeBuilder::List::updateItemMarker):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
(WebCore::RenderTreeBuilder::Ruby::takeChild):

5:48 AM Changeset in webkit [228810] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228693 - GetArrayMask should support constant folding
https://bugs.webkit.org/show_bug.cgi?id=182907

Reviewed by Saam Barati.

Implement constant folding for GetArrayMask. This revealed a bug in tryGetFoldableView, where it was
ignoring the result of a jsDynamicCast<>(). This wasn't a bug before because it would have been
impossible for that function to get called with a non-null value if the value was not an array view,
due to type filtering in CheckArray, the fact that CheckArray had to dominate GetArrayLength, and
the fact that the other tryGetFoldableView overload made sure that the array mode was some typed
array.

This isn't a measurable progression, but it does save a register in the codegen for typed array
accesses. Hopefully these improvements add up.

  • assembler/AssemblerBuffer.h:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::tryGetFoldableView):

5:48 AM Changeset in webkit [228809] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228683 - [RenderTreeBuilder] Move RenderElement::removeAndDestroyChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182915
<rdar://problem/37658123>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::removeAndDestroyChild): Deleted.

  • rendering/RenderElement.h:

(WebCore::RenderElement::isChildAllowed const):

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::removeFromParentAndDestroy):

  • rendering/RenderView.cpp:

(WebCore::RenderView::willBeDestroyed):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::removeAndDestroyChild):
(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

5:48 AM Changeset in webkit [228808] by Carlos Garcia Campos
  • 8 edits
    4 adds in releases/WebKitGTK/webkit-2.20

Merge r228661 - [css-grid] Apply automatic minimum size clamping to spanning items too
https://bugs.webkit.org/show_bug.cgi?id=182684

Reviewed by Javier Fernandez.

LayoutTests/imported/w3c:

Update WPT tests related to this change.

  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-022-expected.txt:
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-022.html:
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-023-expected.txt:
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-023.html:
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-024-expected.txt: Added.
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-024.html: Added.
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-025-expected.txt: Added.
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-025.html: Added.
  • web-platform-tests/css/css-grid/grid-items/w3c-import.log:

Source/WebCore:

In r225776 we added the conditions from the spec to apply
the automatic minimum size clamping when required
but only to non-spanning items.
See: https://drafts.csswg.org/css-grid/#min-size-auto

This patch moves the code from GridTrackSizingAlgorithm::sizeTrackToFitNonSpanningItem()
to GridTrackSizingAlgorithmStrategy::minSizeForChild()
that way the clamping is applied for both spanning and non-spanning items.

This somehow reverts r225776, as it was adding some duplicated code.
All the checks to know if we should use that part of the spec
were already present in GridTrackSizingAlgorithmStrategy::minSizeForChild().

Apart from using the previous code, there's a new loop to verify
that the max track sizing function is fixed for all the tracks of the item.

Tests: imported/w3c/web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-024.html

imported/w3c/web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-025.html

  • rendering/GridTrackSizingAlgorithm.cpp:

(WebCore::GridTrackSizingAlgorithm::sizeTrackToFitNonSpanningItem):
(WebCore::GridTrackSizingAlgorithmStrategy::minSizeForChild const):

5:47 AM Changeset in webkit [228807] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228641 - [GTK][GStreamer] Replaying a webm video twice causes the video to stop getting rendered
https://bugs.webkit.org/show_bug.cgi?id=176789

Reviewed by Xabier Rodriguez-Calvar.

Ensure the wrapped GstGLContext is set when the pipeline goes from
READY to PAUSED state. This is a workaround for
https://bugzilla.gnome.org/show_bug.cgi?id=757933.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer): Add debug statement.
(WebCore::MediaPlayerPrivateGStreamer::readyTimerFired): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
Ensure the wrapped GstGLContext is set when the pipeline goes from
READY to PAUSED state.
(WebCore::MediaPlayerPrivateGStreamer::didEnd): Add debug statement.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

Change the requestGLContext to be a method instead of a static
function. Being a static function was a requirement for the now-removed OpenWebRTC player.
(WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage): Add
debug statement, fix requestGLContext usage.
(WebCore::MediaPlayerPrivateGStreamerBase::requestGLContext): Refactor as method.
(WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer): Fix requestGLContext usage.
(WebCore::MediaPlayerPrivateGStreamerBase::createVideoSinkGL): Remove fixed FIXME.
(WebCore::MediaPlayerPrivateGStreamerBase::ensureGLVideoSinkContext):
Set display and app wrapped contexts on the video sink.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
5:47 AM Changeset in webkit [228806] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228639 - [GStreamer] Crash in WebCore::MediaPlayerRequestInstallMissingPluginsCallback::complete
https://bugs.webkit.org/show_bug.cgi?id=166733

Reviewed by Philippe Normand.

There are a couple of issues to tackle here.

First is handling getting more than one missing plugin
installation request at the same time. For this we add the request
to a Vector and handle them there.

Second is that if the player is dead and we still get the result,
bad things happen. For that we "weaked" the pointer capture by the
lambda.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
Handle Vector of callbacks.
(WebCore::MediaPlayerPrivateGStreamer::handleMessage): Weak
private player pointer and put the callback in the Vector.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

Callback becomes Vector.

  • platform/graphics/gstreamer/MediaPlayerRequestInstallMissingPluginsCallback.h:

(WebCore::MediaPlayerRequestInstallMissingPluginsCallback::create):
(WebCore::MediaPlayerRequestInstallMissingPluginsCallback::complete):
(WebCore::MediaPlayerRequestInstallMissingPluginsCallback::MediaPlayerRequestInstallMissingPluginsCallback):
Callback function is refactored into a "using" type and added self
as parameter to the function.

5:47 AM Changeset in webkit [228805] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.20

Merge r228609 - REGRESSION(r219298): RELEASE_ASSERT(!m_owningPointerForClose) fails in WebCore::IDBServer::UniqueIDBDatabase::scheduleShutdownForClose
https://bugs.webkit.org/show_bug.cgi?id=174354
<rdar://problem/33294987>

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-19
Reviewed by Michael Catanzaro.

Source/WebCore:

UniqueIDBDatabase::invokeOperationAndTransactionTimer was called
even after m_owningPointerForClose was set in
UniqueIDBDatabase::didDeleteBackingStore.

No new tests (Covered by existing tests).

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
Do not start deleting the UniqueIDBDatabase. Just call invokeOperationAndTransactionTimer.
(WebCore::IDBServer::UniqueIDBDatabase::invokeOperationAndTransactionTimer):
Assert m_owningPointerForClose is null.

LayoutTests:

  • platform/gtk/TestExpectations:

Unmarked imported/w3c/IndexedDB-private-browsing/idbfactory_open.html.

  • platform/ios-wk2/TestExpectations:

Unmarked imported/w3c/IndexedDB-private-browsing/idbfactory_open12.html.

  • platform/mac/TestExpectations: Ditto.
  • platform/wpe/TestExpectations: Unmarked

imported/w3c/IndexedDB-private-browsing/idbfactory_open.html and
imported/w3c/IndexedDB-private-browsing/idbfactory_open12.html.

5:47 AM Changeset in webkit [228804] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20

Merge r228608 - [GTK][WPE] Fullscreen video is broken

5:47 AM Changeset in webkit [228803] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.20

Merge r228606 - [RenderTreeBuilder] REGRESSION(r228238) Detach renderer before destroying its subtree.
https://bugs.webkit.org/show_bug.cgi?id=182908
<rdar://problem/37619394>

Reviewed by Antti Koivisto.

Source/WebCore:

Prior to r228238 we first detached the to-be-destroyed renderer and then
started nuking its descendants. r228238 changed the order and now the descendants are
destroyed while they are still attached to the tree. Apparently some of the takeChild()
normalization logic gets triggered now that the renderers still have access to their previous/next
siblings. This is unexpected and it shouldn't matter whether the subtree is still attached.
Let's revert it to the original order for now (see webkit.org/b/182909).

Test: fast/block/crash-when-subtree-is-still-attached.html

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::removeAndDestroyChild):

LayoutTests:

  • fast/block/crash-when-subtree-is-still-attached-expected.txt: Added.
  • fast/block/crash-when-subtree-is-still-attached.html: Added.
4:53 AM Changeset in webkit [228802] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228603 - [GStreamer] Push smaller buffers from HTTP source
https://bugs.webkit.org/show_bug.cgi?id=182829

Reviewed by Philippe Normand.

Split the received buffer into smaller buffers of a size consistent
with the basesrc (4KiB). It is important not to push large buffers
into the appsrc (where large is relative to the appsrc's configured
byte size). If large buffers are pushed, then when they are internally
dequeued by the appsrc, the buffering percentage can dramatically
plummet due to a large amount of bytes being removed after a push. This
can in turn trick the media player into thinking it needs to buffer,
and then issuing a spurious set of playing->paused then
paused->playing transitions, which by the time the buffering logic
completes, data are already available.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(CachedResourceStreamingClient::dataReceived):

4:53 AM Changeset in webkit [228801] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228595 - [RenderTreeBuilder] Cleanup RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182899
<rdar://problem/37627888>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::styleDidChange):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):
(WebCore::RenderTreeBuilder::moveChildTo):
(WebCore::RenderTreeBuilder::moveAllChildrenTo):
(WebCore::RenderTreeBuilder::moveChildrenTo):
(WebCore::RenderTreeBuilder::moveAllChildrenIncludingFloatsTo):
(WebCore::RenderTreeBuilder::makeChildrenNonInline):
(WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
(WebCore::RenderTreeBuilder::takeChildFromRenderMenuList): Deleted.
(WebCore::RenderTreeBuilder::takeChildFromRenderButton): Deleted.

  • rendering/updating/RenderTreeBuilder.h:

(WebCore::RenderTreeBuilder::current):

  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):

  • rendering/updating/RenderTreeBuilderBlockFlow.cpp:

(WebCore::RenderTreeBuilder::BlockFlow::moveAllChildrenIncludingFloatsTo):

  • rendering/updating/RenderTreeBuilderFormControls.cpp:

(WebCore::RenderTreeBuilder::FormControls::takeChild):

  • rendering/updating/RenderTreeBuilderFormControls.h:
  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
(WebCore::RenderTreeBuilder::Ruby::takeChild):

  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):

4:52 AM Changeset in webkit [228800] by Carlos Garcia Campos
  • 14 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228593 - [RenderTreeBuilder] Move RenderBoxModelObject::moveChild*() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182896
<rdar://problem/37623051>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderBlock.h:

(WebCore::RenderBlock::moveAllChildrenIncludingFloatsTo): Deleted.

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::styleDidChange):
(WebCore::RenderBlockFlow::moveAllChildrenIncludingFloatsTo): Deleted.

  • rendering/RenderBlockFlow.h:
  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::moveChildTo): Deleted.
(WebCore::RenderBoxModelObject::moveChildrenTo): Deleted.
(WebCore::RenderBoxModelObject::moveAllChildrenToInternal): Deleted.

  • rendering/RenderBoxModelObject.h:

(WebCore::RenderBoxModelObject::moveChildTo): Deleted.
(WebCore::RenderBoxModelObject::moveAllChildrenTo): Deleted.
(WebCore::RenderBoxModelObject::moveChildrenTo): Deleted.

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::moveChildTo):
(WebCore::RenderTreeBuilder::moveAllChildrenTo):
(WebCore::RenderTreeBuilder::moveChildrenTo):
(WebCore::RenderTreeBuilder::moveAllChildrenIncludingFloatsTo):
(WebCore::RenderTreeBuilder::makeChildrenNonInline):
(WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::moveAllChildrenToInternal):
(WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):
(WebCore::RenderTreeBuilder::Block::takeChild):
(WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):

  • rendering/updating/RenderTreeBuilderBlockFlow.cpp:

(WebCore::RenderTreeBuilder::BlockFlow::moveAllChildrenIncludingFloatsTo):

  • rendering/updating/RenderTreeBuilderBlockFlow.h:
  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
(WebCore::RenderTreeBuilder::Ruby::takeChild):

  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):

4:52 AM Changeset in webkit [228799] by Carlos Garcia Campos
  • 10 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228588 - [RenderTreeBuilder] Move RenderElement::insertChildInternal() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182885
<rdar://problem/37617371>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::insertChildInternal): Deleted.

  • rendering/RenderObject.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChildToRenderElement):

4:52 AM Changeset in webkit [228798] by Carlos Garcia Campos
  • 2 edits
    2 adds in releases/WebKitGTK/webkit-2.20

Merge r228585 - Assert in mixed blend animation
https://bugs.webkit.org/show_bug.cgi?id=182887
<rdar://problem/37598140>

Reviewed by Zalan Bujtas.

Test: fast/css/calc-mixed-blend-crash.html

  • platform/CalculationValue.cpp:

(WebCore::CalcExpressionBlendLength::CalcExpressionBlendLength):

Fix mismatch between the type test and the value used.

4:52 AM Changeset in webkit [228797] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228578 - [RenderTreeBuilder] Move RenderBlock/RenderInline::addChildIgnoringContinuation() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182876
<rdar://problem/37607604>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::addChildIgnoringContinuation): Deleted.

  • rendering/RenderBlock.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::addChildIgnoringContinuation): Deleted.

  • rendering/RenderElement.h:
  • rendering/RenderInline.cpp:

(WebCore::RenderInline::addChildIgnoringContinuation): Deleted.

  • rendering/RenderInline.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChildIgnoringContinuation):
(WebCore::RenderTreeBuilder::insertChildToRenderBlockIgnoringContinuation): Deleted.
(WebCore::RenderTreeBuilder::insertChildToRenderInlineIgnoringContinuation): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::insertChildToContinuation):

  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
(WebCore::RenderTreeBuilder::Inline::splitInlines):

4:46 AM Changeset in webkit [228796] by magomez@igalia.com
  • 2 edits in trunk/Source/WebCore

[GTK] whatsapp web blurry in some parts, sharp on others
https://bugs.webkit.org/show_bug.cgi?id=182673

Reviewed by Carlos Garcia Campos.

CoordinatedGraphicsLayer::createBackingStore() uses the scale factor returned by effectiveContentsScale(),
which is always 1 if selfOrAncestorHaveNonAffineTransforms() returns true. But this fuction always returns
true if the layer has an AnimatedPropertyTransform animation, which means that layers with those animations
won't use the appropriate scale factor, causing blurry renderings.

This patch removes the animations check, so animated layers properly use the required scale factor.

No new tests, no behavior change.

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::selfOrAncestorHaveNonAffineTransforms):

4:12 AM Changeset in webkit [228795] by Carlos Garcia Campos
  • 3 edits
    3 adds in releases/WebKitGTK/webkit-2.20

Merge r228574 - Crash under WebCore::EventTarget::fireEventListeners
https://bugs.webkit.org/show_bug.cgi?id=182880
<rdar://problem/20788804>

Reviewed by Youenn Fablet.

Source/WebCore:

Make sure the 'ended' event does not get dispatched on a
AudioScheduledSourceNode after ActiveDOMObjects have been stopped.

Test: webaudio/audiobuffersource-ended-detached-frame.html

  • Modules/webaudio/AudioScheduledSourceNode.cpp:

(WebCore::AudioScheduledSourceNode::finish):

LayoutTests:

Add layout test coverage.

  • webaudio/audiobuffersource-ended-detached-frame-expected.txt: Added.
  • webaudio/audiobuffersource-ended-detached-frame.html: Added.
  • webaudio/resources/audiobuffersource-ended-detached-frame-iframe.html: Added.
4:12 AM Changeset in webkit [228794] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228566 - [RenderTreeBuilder] Move RenderElement::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182878
<rdar://problem/37608349>

Reviewed by Antti Koivisto.

This patch removes the last addChild() related mutation logic from the renderers.

No change in functionality.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::didInsertChild):
(WebCore::RenderElement::addChild): Deleted.

  • rendering/RenderElement.h:

(WebCore::RenderElement::isChildAllowed const):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild):
(WebCore::RenderTreeBuilder::insertChildToRenderElement):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):

  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):

  • rendering/updating/RenderTreeBuilderSVG.cpp:

(WebCore::RenderTreeBuilder::SVG::insertChild):

  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::insertChild):

4:12 AM Changeset in webkit [228793] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20

Merge r228561 - fast/frames/sandboxed-iframe-navigation-top-denied.html is crashing in Inspector::createScriptCallStackForConsole::Exec for GTK
https://bugs.webkit.org/show_bug.cgi?id=172952

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-16
Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

Null dereference of VM::topCallFrame happens in
Inspector::createScriptCallStackForConsole if the ExecState has no
call frames.

  • inspector/ScriptCallStackFactory.cpp:

(Inspector::createScriptCallStack): Do null check of topCallFrame.
(Inspector::createScriptCallStackForConsole): Ditto.

LayoutTests:

  • platform/gtk/TestExpectations: Unmarked fast/frames/sandboxed-iframe-navigation-top-denied.html.
4:12 AM Changeset in webkit [228792] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20

Merge r228560 - IndexedDB: Several test crash in when destroying a IDBKeyData
https://bugs.webkit.org/show_bug.cgi?id=167576

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-16
Reviewed by Michael Catanzaro.

Source/WebCore:

IDBKeyDataHashTraits::constructDeletedValue is using operator= to
assign deletedValue. But, the value is destructed just before
calling constructDeletedValue. You can't use operator= for a
destructed value.

No new tests (Covered by existing tests).

  • Modules/indexeddb/IDBKeyData.h:

(WebCore::IDBKeyDataHashTraits::constructDeletedValue):
Construct null value before assigning deletedValue.

LayoutTests:

  • platform/gtk/TestExpectations: Unmarked

imported/w3c/IndexedDB-private-browsing/idbcursor_iterating.html,
imported/w3c/IndexedDB-private-browsing/idbcursor_iterating_index.html
and storage/indexeddb/modern/index-3-private.html.

  • platform/wpe/TestExpectations: Unmarked

imported/w3c/IndexedDB-private-browsing/idbcursor_iterating.html and
imported/w3c/IndexedDB-private-browsing/idbcursor_iterating_index.html.

3:56 AM Changeset in webkit [228791] by Carlos Garcia Campos
  • 13 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228559 - [RenderTreeBuilder] Move RenderBlock/RenderBlockFlow::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182862
<rdar://problem/37595464>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::addChild): Deleted.

  • rendering/RenderBlock.h:
  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::addChild): Deleted.

  • rendering/RenderBlockFlow.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild):
(WebCore::RenderTreeBuilder::insertChildToRenderBlock): Deleted.
(WebCore::RenderTreeBuilder::insertChildToRenderBlockFlow): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlockFlow.cpp:

(WebCore::RenderTreeBuilder::BlockFlow::insertChild):

  • rendering/updating/RenderTreeBuilderFormControls.cpp:

(WebCore::RenderTreeBuilder::FormControls::findOrCreateParentForChild):

  • rendering/updating/RenderTreeBuilderMathML.cpp:

(WebCore::RenderTreeBuilder::MathML::makeFences):
(WebCore::RenderTreeBuilder::MathML::insertChild):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::insertChild):
(WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):
(WebCore::RenderTreeBuilder::Ruby::rubyBaseSafe):

  • rendering/updating/RenderTreeBuilderSVG.cpp:

(WebCore::RenderTreeBuilder::SVG::insertChild):

3:56 AM Changeset in webkit [228790] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228553 - HarfBuzzFace should operate with a FontPlatformData reference
https://bugs.webkit.org/show_bug.cgi?id=182863

Reviewed by Carlos Garcia Campos.

Instead of keeping a never-null pointer to FontPlatformData,
HarfBuzzFace should operate with a FontPlatformData reference.

  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::FontPlatformData::harfBuzzFace const):

  • platform/graphics/harfbuzz/HarfBuzzFace.cpp:

(WebCore::HarfBuzzFace::HarfBuzzFace):

  • platform/graphics/harfbuzz/HarfBuzzFace.h:
  • platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:

(WebCore::HarfBuzzFace::createFace):
(WebCore::HarfBuzzFace::createFont):

3:39 AM Changeset in webkit [228789] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228604 - Offlineasm/MIPS: immediates need to be within 16-bit signed values
https://bugs.webkit.org/show_bug.cgi?id=182890

Patch by Dominik Inführ <dominik.infuehr@gmail.com> on 2018-02-18
Reviewed by Michael Catanzaro.

In Sequence.getModifiedListMIPS(), we allow immediate values within
the range -0xffff..0xffff for immediates (addresses and other
immediates), but then in Immediate.mipsOperand() and
Address.mipsOperand() we raise if immediate values are not within
-0x7fff..0x7fff. This is inconsistent, and broke compilation on mips
since r228552 made the VM structure bigger meaning we address values
with bigger offsets in llint. This change restricts the allowed range,
so that a separate load of the value is done for values outside of
that range.

  • offlineasm/mips.rb:
3:39 AM Changeset in webkit [228788] by Carlos Garcia Campos
  • 21 edits
    1 copy
    1 add in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228552 - Objects that contain dangerous things should be allocated far away from objects that can do OOB
https://bugs.webkit.org/show_bug.cgi?id=182843

Reviewed by Saam Barati.

To complete our object distancing plan, we need to put objects that can contain unpoisoned data
far away from objects that cannot. Objects referenceable from JSValues cannot contain
unpoisoned data, but auxiliary data can. This further divides auxiliary data that is meant for
storing mostly JSValues from data that is meant for storing anything.

This is achieved by having three SecurityKinds that are used for MarkedBlock selection and
zeroing sort of the same way SecurityOriginToken already was.

This change shouldn't make anything slower. If anything, it will be a small speed-up because it
removes some cases of MarkedBlock zeroing since we don't need to zero blocks used for two of
the SecurityKinds.

  • Sources.txt:
  • bytecode/ObjectAllocationProfileInlines.h:

(JSC::ObjectAllocationProfile::initializeProfile):

  • heap/BlockDirectory.cpp:

(JSC::BlockDirectory::addBlock):

  • heap/BlockDirectory.h:
  • heap/CellAttributes.cpp:

(JSC::CellAttributes::dump const):

  • heap/CellAttributes.h:

(JSC::CellAttributes::CellAttributes):

  • heap/LocalAllocator.cpp:

(JSC::LocalAllocator::allocateSlowCase):
(JSC::LocalAllocator::tryAllocateWithoutCollecting):

  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::Handle::didAddToDirectory):
(JSC::MarkedBlock::Handle::associateWithOrigin): Deleted.

  • heap/MarkedBlock.h:
  • heap/SecurityKind.cpp: Added.

(WTF::printInternal):

  • heap/SecurityKind.h: Added.
  • runtime/JSCellInlines.h:

(JSC::JSCell::subspaceFor):

  • runtime/JSDestructibleObjectHeapCellType.cpp:

(JSC::JSDestructibleObjectHeapCellType::JSDestructibleObjectHeapCellType):

  • runtime/JSObject.h:

(JSC::JSObject::subspaceFor):

  • runtime/JSSegmentedVariableObjectHeapCellType.cpp:

(JSC::JSSegmentedVariableObjectHeapCellType::JSSegmentedVariableObjectHeapCellType):

  • runtime/JSStringHeapCellType.cpp:

(JSC::JSStringHeapCellType::JSStringHeapCellType):

  • runtime/Symbol.h:

(JSC::Symbol::subspaceFor):

  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:
  • wasm/js/JSWebAssemblyCodeBlockHeapCellType.cpp:

(JSC::JSWebAssemblyCodeBlockHeapCellType::JSWebAssemblyCodeBlockHeapCellType):

3:39 AM Changeset in webkit [228787] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228550 - [RenderTreeBuilder] parent.Render*::addChild() cleanup
https://bugs.webkit.org/show_bug.cgi?id=182842
<rdar://problem/37585524>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):

  • rendering/updating/RenderTreeBuilderFormControls.cpp:

(WebCore::RenderTreeBuilder::FormControls::createInnerRendererIfNeeded):

  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):

  • rendering/updating/RenderTreeBuilderMathML.cpp:

(WebCore::RenderTreeBuilder::MathML::makeFences):
(WebCore::RenderTreeBuilder::MathML::insertChild):

  • rendering/updating/RenderTreeBuilderSVG.cpp:

(WebCore::RenderTreeBuilder::SVG::insertChild):

  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::insertChild):

3:39 AM Changeset in webkit [228786] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228547 - [RenderTreeBuilder] Move RenderMenuList::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182840
<rdar://problem/37583638>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderMenuList.cpp:

(RenderMenuList::didInsertChild):
(RenderMenuList::addChild): Deleted.

  • rendering/RenderMenuList.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild):

  • rendering/updating/RenderTreeBuilderFormControls.cpp:

(WebCore::RenderTreeBuilder::FormControls::findOrCreateParentForChild):
(WebCore::RenderTreeBuilder::FormControls::insertChild):
(WebCore::RenderTreeBuilder::FormControls::createInnerRendererIfNeeded): Deleted.

  • rendering/updating/RenderTreeBuilderFormControls.h:
3:39 AM Changeset in webkit [228785] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228542 - [RenderTreeBuilder] Move RenderTableRow::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182838
<rdar://problem/37580762>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderTableRow.cpp:

(WebCore::RenderTableRow::didInsertTableCell):
(WebCore::RenderTableRow::addChild): Deleted.

  • rendering/RenderTableRow.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild):
(WebCore::RenderTreeBuilder::insertChildToRenderTableRow): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::insertChild):

3:14 AM Changeset in webkit [228784] by Carlos Garcia Campos
  • 27 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228533 - [JSC] Remove monotonicallyIncreasingTime and currentTime
https://bugs.webkit.org/show_bug.cgi?id=182793

Reviewed by Saam Barati.

We would like to drop monotonicallyIncreasingTime and currentTime from our tree by
replacing them with MonotonicTime and WallTime, which are well-typed alternatives,
compared to double.
This patch removes monotonicallyIncreasingTime and currentTime in JSC.

  • b3/testb3.cpp:

(JSC::B3::testComplex):

  • dfg/DFGPhase.h:

(JSC::DFG::runAndLog):

  • dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThread):
(JSC::DFG::Plan::compileInThreadImpl):

  • dfg/DFGPlan.h:
  • dynbench.cpp:

(JSC::benchmarkImpl):

  • heap/BlockDirectory.cpp:

(JSC::BlockDirectory::isPagedOut):

  • heap/BlockDirectory.h:
  • heap/FullGCActivityCallback.cpp:

(JSC::FullGCActivityCallback::doCollection):

  • heap/Heap.cpp:

(JSC::Heap::isPagedOut):
(JSC::Heap::sweepSynchronously):

  • heap/Heap.h:
  • heap/MarkedSpace.cpp:

(JSC::MarkedSpace::isPagedOut):

  • heap/MarkedSpace.h:
  • inspector/agents/InspectorConsoleAgent.cpp:

(Inspector::InspectorConsoleAgent::startTiming):
(Inspector::InspectorConsoleAgent::stopTiming):

  • inspector/agents/InspectorConsoleAgent.h:
  • inspector/agents/InspectorRuntimeAgent.cpp:

(Inspector::InspectorRuntimeAgent::getRuntimeTypesForVariablesAtOffsets):

  • jit/JIT.cpp:

(JSC::JIT::compileWithoutLinking):
(JSC::JIT::compileTimeStats):

  • jit/JIT.h:
  • jsc.cpp:

(StopWatch::start):
(StopWatch::stop):
(StopWatch::getElapsedMS):
(functionPreciseTime):
(runJSC):

  • profiler/ProfilerDatabase.cpp:

(JSC::Profiler::Database::logEvent):

  • profiler/ProfilerEvent.cpp:

(JSC::Profiler::Event::toJS const):

  • profiler/ProfilerEvent.h:

(JSC::Profiler::Event::Event):
(JSC::Profiler::Event::time const):

  • runtime/CodeCache.cpp:

(JSC::CodeCacheMap::pruneSlowCase):

  • runtime/CodeCache.h:

(JSC::CodeCacheMap::CodeCacheMap):
(JSC::CodeCacheMap::prune):

  • runtime/DateConstructor.cpp:

(JSC::callDate):

  • runtime/TypeProfilerLog.cpp:

(JSC::TypeProfilerLog::processLogEntries):

  • testRegExp.cpp:

(StopWatch::start):
(StopWatch::stop):
(StopWatch::getElapsedMS):

3:14 AM Changeset in webkit [228783] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228530 - [RenderTreeBuilder] Move RenderTableSection::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182835
<rdar://problem/37579191>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderTableSection.cpp:

(WebCore::RenderTableSection::willInsertTableRow):
(WebCore::RenderTableSection::addChild): Deleted.

  • rendering/RenderTableSection.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild): Leftover from r228529.
(WebCore::RenderTreeBuilder::insertChildToRenderTable): Deleted. Leftover from r228529.
(WebCore::RenderTreeBuilder::insertChildToRenderTableSection): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::insertChild):

3:14 AM Changeset in webkit [228782] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228529 - [RenderTreeBuilder] Move RenderTable::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182832
<rdar://problem/37576362>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderTable.cpp:

(WebCore::RenderTable::willInsertTableColumn):
(WebCore::RenderTable::willInsertTableSection):
(WebCore::RenderTable::addChild): Deleted.

  • rendering/RenderTable.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild):

  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::insertChild):

3:14 AM Changeset in webkit [228781] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228525 - HarfBuzzFace: rework cache entry reference holding
https://bugs.webkit.org/show_bug.cgi?id=182828

Reviewed by Michael Catanzaro.

Move the FaceCacheEntry and HarfBuzzFaceCache types into the
HarfBuzzFace class as CacheEntry and Cache, respectively. The Cache
singleton is also moved there.

In the HarfBuzzFace constructor, we now don't increase the CacheEntry
reference, but instead just keep a reference to that object through
a RefPtr<CacheEntry> object. We don't need to retrieve the hb_face_t
object and the glyph cache HashMap in the constructor anymore, we just
retrieve them when necessary through that CacheEntry reference.

In the destructor, that RefPtr<CacheEntry> object is nulled out before
the object in Cache is removed if that's where the final reference is
kept.

  • platform/graphics/harfbuzz/HarfBuzzFace.cpp:

(WebCore::HarfBuzzFace::CacheEntry::CacheEntry):
(WebCore::HarfBuzzFace::CacheEntry::~CacheEntry):
(WebCore::HarfBuzzFace::cache):
(WebCore::HarfBuzzFace::HarfBuzzFace):
(WebCore::HarfBuzzFace::~HarfBuzzFace):
(WebCore::HarfBuzzFace::setScriptForVerticalGlyphSubstitution):
(WebCore::FaceCacheEntry::create): Deleted.
(WebCore::FaceCacheEntry::~FaceCacheEntry): Deleted.
(WebCore::FaceCacheEntry::face): Deleted.
(WebCore::FaceCacheEntry::glyphCache): Deleted.
(WebCore::FaceCacheEntry::FaceCacheEntry): Deleted.
(WebCore::harfBuzzFaceCache): Deleted.

  • platform/graphics/harfbuzz/HarfBuzzFace.h:

(WebCore::HarfBuzzFace::CacheEntry::create):
(WebCore::HarfBuzzFace::CacheEntry::face):
(WebCore::HarfBuzzFace::CacheEntry::glyphCache):

  • platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:

(WebCore::harfBuzzGetGlyph):
(WebCore::HarfBuzzFace::createFont):

3:14 AM Changeset in webkit [228780] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228524 - FontPlatformData::harfBuzzFace() should return a reference
https://bugs.webkit.org/show_bug.cgi?id=182825

Reviewed by Carlos Garcia Campos.

Have FontPlatformData::harfBuzzFace() return a reference instead of a
pointer, given that the returned HarfBuzzFace object cannot be null.

Call-sites of FontPlatformData::harfBuzzFace() are adjusted.
OpenTypeMathData constructors are also changed to not rely on
preprocessor to correctly position the closing brace.

  • platform/graphics/FontPlatformData.h:
  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::FontPlatformData::harfBuzzFace const):

  • platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:

(WebCore::ComplexTextController::collectComplexTextRunsForCharacters):

  • platform/graphics/opentype/OpenTypeMathData.cpp:

(WebCore::OpenTypeMathData::OpenTypeMathData):

3:13 AM Changeset in webkit [228779] by Carlos Garcia Campos
  • 21 edits in releases/WebKitGTK/webkit-2.20

Merge r228521 - WebCore headers should not be included relatively within dependent projects
https://bugs.webkit.org/show_bug.cgi?id=182805

Reviewed by Chris Dumez.

Source/WebKit:

  • NetworkProcess/capture/NetworkCaptureManager.cpp:
  • NetworkProcess/webrtc/NetworkRTCMonitor.h:
  • Shared/gtk/WebEventFactory.cpp:
  • UIProcess/API/gtk/PageClientImpl.cpp:
  • UIProcess/API/gtk/WebKitWebViewBase.cpp:
  • UIProcess/gtk/WebPageProxyGtk.cpp:
  • WebProcess/Plugins/Netscape/x11/NetscapePluginX11.cpp:
  • WebProcess/WebCoreSupport/gtk/WebEditorClientGtk.cpp:
  • WebProcess/WebCoreSupport/wpe/WebEditorClientWPE.cpp:
  • WebProcess/WebPage/gtk/WebPageGtk.cpp:
  • WebProcess/WebPage/wpe/WebPageWPE.cpp:

Source/WebKitLegacy/win:

  • FullscreenVideoController.h:

Tools:

  • TestWebKitAPI/win/TestWebCoreStubs.cpp:
  • WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:
  • WebKitTestRunner/InjectedBundle/wpe/AccessibilityControllerWPE.cpp:
  • WebKitTestRunner/InjectedBundle/wpe/AccessibilityUIElementWPE.cpp:
  • WebKitTestRunner/gtk/EventSenderProxyGtk.cpp:
  • WebKitTestRunner/wpe/EventSenderProxyWPE.cpp:
3:13 AM Changeset in webkit [228778] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228520 - [RenderTreeBuilder] Move RenderInline/RenderGrid::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182819
<rdar://problem/37558187>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::addChild): Deleted.

  • rendering/RenderGrid.h:
  • rendering/RenderInline.cpp:

(WebCore::RenderInline::addChild): Deleted.

  • rendering/RenderInline.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild):
(WebCore::RenderTreeBuilder::takeChild): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild):

  • rendering/updating/RenderTreeBuilderSVG.cpp:

(WebCore::RenderTreeBuilder::SVG::insertChild):

3:13 AM Changeset in webkit [228777] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228509 - Clean up HarfBuzzFaceCairo
https://bugs.webkit.org/show_bug.cgi?id=182824

Reviewed by Carlos Garcia Campos.

Clean up Cairo-specific bits of HarfBuzzFace implementation.

HarfBuzzFontData is simplified, removing the constructor and turning the
cairo_scaled_font_t member into a RefPtr<>, tying the Cairo object's
lifetime to the lifetime of the HarfBuzzFontData instance.

HarfBuzz font callbacks have the HarfBuzzFontData casting cleaned up,
casting the user data pointer straight into a HarfBuzzFontData reference
that's then used in the functions. HarfBuzzFontData member access is
also adjusted.

HarfBuzzFace::createFace() now references the cairo_scaled_font_t object
that is then set as the user data pointer, with the destroy callback
that dereferences that object also specified. With hb_face_t being a
reference-counted object itself, this ensures the cairo_scaled_font_t
object doesn't get destroyed while hb_face_t is still alive.

In HarfBuzzFace::createFont(), the hb_font_t creation is cleaned up,
with a C++ lambda used as the destroy callback.

  • platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:

(WebCore::harfBuzzGetGlyph):
(WebCore::harfBuzzGetGlyphHorizontalAdvance):
(WebCore::harfBuzzGetGlyphExtents):
(WebCore::harfBuzzCairoGetTable):
(WebCore::HarfBuzzFace::createFace):
(WebCore::HarfBuzzFace::createFont):
(WebCore::HarfBuzzFontData::HarfBuzzFontData): Deleted.
(WebCore::destroyHarfBuzzFontData): Deleted.

2:52 AM Changeset in webkit [228776] by zandobersek@gmail.com
  • 7 edits in trunk/Source/WebCore

[Cairo] Leverage ShadowBlur without using scratch buffer, target GraphicsContext
https://bugs.webkit.org/show_bug.cgi?id=182958

Reviewed by Carlos Garcia Campos.

To allow ShadowBlur usage in different threads, avoid the ShadowBlur
class using the scratch buffer internally. The current implementation of
that scratch buffer is not thread-safe and its usage in such conditions
can lead to crashes.

Instead, the new methods use a temporary ImageBuffer object for drawing.
This does negate the efficiency of possibly reusing the scratch buffer,
but at this point that is not yet the priority. This only affects ports
using Cairo for drawing.

The added methods don't require a target GraphicsContext object to be
passed in, instead they accept buffer draw callbacks that are invoked
with the temporary ImageBuffer object containing the rasterized shadow,
as well as position and size parameters. The CTM and clip bounds values
also have to be passed in manually. In CairoOperations.cpp, the provided
callbacks invoke commands that are equivalent in effect to those that
would otherwise be invoked on the target GraphicsContext object in the
ShadowBlur class.

For now, this approach has to avoid the tiling-based drawing of the
rectangular shadows in drawRectShadow() and inset shadows in
drawInsetShadow(), and instead stick to the non-tiling fallback. While
only affecting Cairo-using ports, with some refactoring it should be
possible to again leverage the tiling-based approach as well.

The beginShadowLayer() and endShadowLayer() functions, which are only
used in CairoOperations.cpp, are replaced with the drawShadowLayer()
method. This one accepts an additional callback that allows the caller
to explicitly draw the shadow shape using the provided shadowing
GraphicsContext object. As with the other two new methods, a temporary
ImageBuffer object is used, and the buffer draw callback is invoked to
allow caller to properly handle the shadowing output.

In CairoOperations.cpp, the new ShadowBlur methods are exercised, with
direct Cairo operation invocation replacing the GraphicsContext calls
otherwise done through ShadowBlur. ShadowState object now also has to
track the global alpha and the global composite operator values so that
it can properly rasterize the resulting shadow into the final image.

No new tests -- no change in behavior.

  • platform/graphics/ShadowBlur.cpp:

(WebCore::ShadowBlur::adjustBlurRadius):
(WebCore::ShadowBlur::calculateLayerBoundingRect):
(WebCore::ShadowBlur::drawRectShadow):
(WebCore::ShadowBlur::drawInsetShadow):
(WebCore::ShadowBlur::drawShadowLayer):
(WebCore::ShadowBlur::beginShadowLayer): Deleted.
(WebCore::ShadowBlur::endShadowLayer): Deleted.

  • platform/graphics/ShadowBlur.h:
  • platform/graphics/cairo/CairoOperations.cpp:

(WebCore::Cairo::drawShadowLayerBuffer):
(WebCore::Cairo::fillShadowBuffer):
(WebCore::Cairo::drawPathShadow):
(WebCore::Cairo::drawGlyphsShadow):
(WebCore::Cairo::ShadowState::ShadowState):
(WebCore::Cairo::fillRect):
(WebCore::Cairo::fillRoundedRect):
(WebCore::Cairo::fillRectWithRoundedHole):
(WebCore::Cairo::drawSurface):

  • platform/graphics/cairo/CairoOperations.h:

Default-initialize FillSource::fillRule to RULE_NONZERO.

  • platform/graphics/cairo/PlatformContextCairo.h:

Drop the ShadowBlur.h include, it's moved to CairoOperations.cpp.

  • rendering/RenderThemeGtk.cpp:

Explicitly include the FloatRoundedRect.h header now that it's not
included through the ShadowBlur.h header via PlatformContextCairo.h.

2:41 AM Changeset in webkit [228775] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228508 - [GStreamer] WebVTT caps changed in GStreamer 1.14
https://bugs.webkit.org/show_bug.cgi?id=182690

Reviewed by Xabier Rodriguez-Calvar.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Use
text/vtt caps only for GStreamer versions inferior or equal to
1.12. In 1.13 (current git master) the VTT caps format changed to
application/x-subtitle-vtt.

2:41 AM Changeset in webkit [228774] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228507 - HarfBuzzFace should not be ref-counted
https://bugs.webkit.org/show_bug.cgi?id=182823

Reviewed by Carlos Garcia Campos.

The HarfBuzzFace objects shouldn't be copied along in FontPlatformData
copy assignment operator, which made it a requirement for that class to
be ref-counted. Cairo-based HarfBuzzFace implementation uses the
cairo_scaled_font_t object from FontPlatformData internally, but upon
FontPlatformData cloning that scaled font object could change, meaning
HarfBuzzFace object that's shared with another FontPlatformData object
would end up using a different cairo_scaled_font_t object from the one
that's been regenerated in the newly-cloned FontPlatformData object.

Instead of ref-counting the HarfBuzzFace objects, they should be handled
in FontPlatformData through std::unique_ptr<>. In the FontPlatformData
copy assignment operator, the copy target's m_harfBuzzFace object is
nulled out, allowing the next harfBuzzFace() call to construct an
object that properly leverages the cairo_scaled_font_t object that could
have changed during cloning.

  • platform/graphics/FontPlatformData.h:
  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::FontPlatformData::operator=):
(WebCore::FontPlatformData::harfBuzzFace const):

  • platform/graphics/harfbuzz/HarfBuzzFace.h:

(WebCore::HarfBuzzFace::create): Deleted.

2:40 AM Changeset in webkit [228773] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228503 - [RenderTreeBuilder] Move RenderMathMLFenced::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182817
<rdar://problem/37556761>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/mathml/RenderMathMLFenced.cpp:

(WebCore::RenderMathMLFenced::addChild): Deleted.

  • rendering/mathml/RenderMathMLFenced.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild):
(WebCore::RenderTreeBuilder::insertChildToRenderMathMLFenced): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderMathML.cpp:

(WebCore::RenderTreeBuilder::MathML::insertChild):

2:40 AM Changeset in webkit [228772] by Carlos Garcia Campos
  • 55 edits
    1 add in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228500 - We should be able to jsDynamicCast from JSType when possible
https://bugs.webkit.org/show_bug.cgi?id=182804

Reviewed by Filip Pizlo and Mark Lam.

This patch beefs up jsDynamicCast in some of the cases where we
can use the JSType to quickly determine if a cell is a subclass of
the desired type. Since all JSCells have a range of JSTypes they support,
if there is a range exclusive to a class and all subclasses we can use
that range to quickly determine if the cast should be successful.

Additionally, the JSValue versions of jsCast and jsDynamicCast now
call the JSCell version after checking the value is a cell.

Finally, the casting functions have been moved to a new header,
JSCast.h

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/CallVariant.h:
  • bytecode/CodeBlock.h:
  • bytecode/ExecutableToCodeBlockEdge.h:
  • bytecode/TrackedReferences.h:
  • bytecode/UnlinkedCodeBlock.h:
  • bytecode/UnlinkedFunctionExecutable.h:
  • dfg/DFGAbstractValue.h:
  • dfg/DFGCommonData.h:
  • dfg/DFGFrozenValue.h:
  • dfg/DFGStructureAbstractValue.h:
  • heap/CellContainerInlines.h:
  • heap/ConservativeRoots.cpp:
  • heap/GCLogging.cpp:
  • heap/HeapInlines.h:
  • heap/HeapSnapshotBuilder.cpp:
  • heap/MarkedBlock.cpp:
  • heap/MarkedBlockInlines.h:
  • heap/SubspaceInlines.h:
  • heap/WeakInlines.h:
  • jit/JITOpcodes.cpp:
  • jit/JITOpcodes32_64.cpp:
  • llint/LLIntOffsetsExtractor.cpp:
  • runtime/ArrayBufferNeuteringWatchpoint.h:
  • runtime/BigIntPrototype.cpp:
  • runtime/ClassInfo.h:
  • runtime/CustomGetterSetter.h:
  • runtime/FunctionRareData.h:
  • runtime/GetterSetter.h:
  • runtime/InferredType.h:
  • runtime/InferredTypeTable.h:
  • runtime/InferredValue.h:
  • runtime/InternalFunction.cpp:

(JSC::InternalFunction::finishCreation):

  • runtime/JSAPIValueWrapper.h:
  • runtime/JSArray.h:

(JSC::JSArray::finishCreation):

  • runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::finishCreation):

  • runtime/JSCast.h: Added.

(JSC::jsCast):
(JSC::JSCastingHelpers::jsDynamicCastGenericImpl):
(JSC::JSCastingHelpers::jsDynamicCastJSTypeImpl):
(JSC::JSCastingHelpers::JSDynamicCastTraits::cast):
(JSC::jsDynamicCast):

  • runtime/JSCell.cpp:
  • runtime/JSCell.h:

(JSC::jsCast): Deleted.
(JSC::jsDynamicCast): Deleted.

  • runtime/JSCellInlines.h:
  • runtime/JSFunction.cpp:

(JSC::JSFunction::finishCreation):

  • runtime/JSJob.h:
  • runtime/JSObject.h:

(JSC::JSObject::finishCreation):

  • runtime/JSPromiseDeferred.h:
  • runtime/JSPropertyNameEnumerator.h:
  • runtime/NativeStdFunctionCell.h:
  • runtime/ScopedArgumentsTable.h:
  • runtime/SparseArrayValueMap.h:
  • runtime/Structure.h:
  • runtime/StructureChain.h:
  • runtime/StructureRareData.h:
  • tools/CellProfile.h:
  • wasm/js/JSWebAssemblyCodeBlock.h:
2:18 AM Changeset in webkit [228771] by svillar@igalia.com
  • 2 edits in trunk/Source/WebCore

[WebVR] Use RuntimeEnabledFeatures to enable/disable WebVR
https://bugs.webkit.org/show_bug.cgi?id=182961

Reviewed by Xabier Rodriguez-Calvar.

The shared feature was properly added to RuntimeEnabledFeatures some
time ago but the code was instead using a private method in
NavigatorWebVR to temporarily disable it. WebVR is enabled in
WebPreferences.yaml for GTK+ & WPE as default experimental feature.

  • Modules/webvr/NavigatorWebVR.cpp:

(WebCore::NavigatorWebVR::getVRDisplays):
(WebCore::NavigatorWebVR::vrEnabled): Deleted.

2:11 AM Changeset in webkit [228770] by Carlos Garcia Campos
  • 13 edits in releases/WebKitGTK/webkit-2.20

Merge r228497 - Do sibling invalidation on mutation
https://bugs.webkit.org/show_bug.cgi?id=182809

Reviewed by Zalan Bujtas.

Source/WebCore:

We used to invalidate siblings for sibling combinators and nth-pseudo classes during style resolution tree walk.
This would consider any element with invalid style a reason to invalidate siblings too. However we now do
accurate invalidation on class and attribute changes and this approach ends up invalidating too much.

This patch sibling style invalidation to mutation time and removes invalidation code from style resolution tree walk.

  • dom/Element.cpp:

(WebCore::invalidateSiblingsIfNeeded):

Helper to invalidate siblings.

(WebCore::Element::invalidateStyle):
(WebCore::Element::invalidateStyleAndLayerComposition):
(WebCore::Element::invalidateStyleForSubtree):
(WebCore::Element::invalidateStyleAndRenderersForSubtree):

Invalidate siblings if needed based on affectsNextSibling/affectedByPreviousSibling bits.

(WebCore::Element::invalidateStyleInternal):
(WebCore::Element::invalidateStyleForSubtreeInternal):

Add "internal" versions that don't invalidate siblings. These are used by StyleInvalidator for accurate invalidation.

  • dom/Element.h:
  • style/StyleInvalidator.cpp:

(WebCore::Style::Invalidator::invalidateIfNeeded):
(WebCore::Style::Invalidator::invalidateStyle):

Use internal invalidation functions.

  • style/StyleTreeResolver.cpp:

(WebCore::Style::resetStyleForNonRenderedDescendants):
(WebCore::Style::TreeResolver::resolveComposedTree):

Remove sibling invalidation.

  • style/StyleTreeResolver.h:

LayoutTests:

Sibling invalidation now happens on mutation. Update the tests.

  • fast/css/indirect-adjacent-style-invalidation-1-expected.txt:
  • fast/css/indirect-adjacent-style-invalidation-1.html:
  • fast/css/indirect-adjacent-style-invalidation-2-expected.txt:
  • fast/css/indirect-adjacent-style-invalidation-2.html:
  • fast/css/indirect-adjacent-style-invalidation-3-expected.txt:
  • fast/css/indirect-adjacent-style-invalidation-3.html:
2:11 AM Changeset in webkit [228769] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228492 - [RenderTreeBuilder] Move RenderSVG*::addChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182811
<rdar://problem/37549714>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/svg/RenderSVGContainer.cpp:

(WebCore::RenderSVGContainer::addChild): Deleted.

  • rendering/svg/RenderSVGContainer.h:
  • rendering/svg/RenderSVGInline.cpp:

(WebCore::RenderSVGInline::addChild): Deleted.

  • rendering/svg/RenderSVGInline.h:
  • rendering/svg/RenderSVGRoot.cpp:

(WebCore::RenderSVGRoot::addChild): Deleted.

  • rendering/svg/RenderSVGRoot.h:
  • rendering/svg/RenderSVGText.cpp:

(WebCore::RenderSVGText::addChild): Deleted.

  • rendering/svg/RenderSVGText.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::insertChild):
(WebCore::RenderTreeBuilder::insertChildToSVGContainer): Deleted.
(WebCore::RenderTreeBuilder::insertChildToSVGInline): Deleted.
(WebCore::RenderTreeBuilder::insertChildToSVGRoot): Deleted.
(WebCore::RenderTreeBuilder::insertChildToSVGText): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
2:11 AM Changeset in webkit [228768] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228491 - Crash: triggerOMGTierUpThunkGenerator() doesn't align the stack pointer before calling C++ code
https://bugs.webkit.org/show_bug.cgi?id=182808

Reviewed by Keith Miller.

Set up a proper frame with a prologue and epilogue to align the stack pointer for the rest of the
thunk.

  • wasm/WasmThunks.cpp:

(JSC::Wasm::triggerOMGTierUpThunkGenerator):

2:11 AM Changeset in webkit [228767] by Carlos Garcia Campos
  • 4 edits
    1 add in releases/WebKitGTK/webkit-2.20

Merge r228488 - Setting a VMTrap shouldn't look at topCallFrame since that may imply we're in C code and holding the malloc lock
https://bugs.webkit.org/show_bug.cgi?id=182801

Reviewed by Keith Miller.

JSTests:

  • stress/watchdog-dont-malloc-when-in-c-code.js: Added.

Source/JavaScriptCore:

VMTraps would sometimes install traps when it paused the JS thread when it
was in C code. This is wrong, as installing traps mallocs, and the JS thread
may have been holding the malloc lock while in C code. This could lead to a
deadlock when C code was holding the malloc lock.

This patch makes it so that we only install traps when we've proven the PC
is in JIT or LLInt code. If we're in JIT/LLInt code, we are guaranteed that
we're not holding the malloc lock.

  • jsc.cpp:

(GlobalObject::finishCreation):
(functionMallocInALoop):

  • runtime/VMTraps.cpp:

(JSC::VMTraps::tryInstallTrapBreakpoints):

2:11 AM Changeset in webkit [228766] by Carlos Garcia Campos
  • 24 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228483 - WebCore headers should not include config.h or PlatformExportMacros.h
https://bugs.webkit.org/show_bug.cgi?id=182799

Reviewed by Darin Adler.

No new tests. No change in behavior.

  • Modules/speech/SpeechSynthesis.h:
  • bindings/js/JSDOMGlobalObject.h:
  • contentextensions/ContentExtensionError.h:
  • contentextensions/DFA.h:
  • dom/ContextDestructionObserver.h:
  • dom/DeviceOrientationClient.h:
  • dom/DeviceOrientationData.h:
  • editing/cocoa/HTMLConverter.h:
  • loader/FrameLoaderStateMachine.h:
  • loader/cache/CachedResourceHandle.h:
  • page/FrameDestructionObserver.h:
  • page/RuntimeEnabledFeatures.h:
  • platform/URL.h:
  • platform/audio/AudioHardwareListener.h:
  • platform/audio/AudioSession.h:
  • platform/graphics/Color.h:
  • platform/graphics/IntSize.h:
  • platform/graphics/transforms/AffineTransform.h:
  • platform/graphics/win/LocalWindowsContext.h:
  • platform/network/CacheValidation.h:
  • platform/network/CredentialBase.h:
  • platform/network/ResourceHandleClient.h:
  • platform/network/cf/CertificateInfo.h:
1:33 AM Changeset in webkit [228765] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.20/Source

Merge r228481 - REGRESSION(225695) : com.apple.WebKit.WebContent at com.apple.JavaScriptCore: JSC::RegExp::match + 630 :: stack overflow
https://bugs.webkit.org/show_bug.cgi?id=182705

Reviewed by Mark Lam.

Source/JavaScriptCore:

Moved the pattern context buffer used by YARR JIT'ed code from a stack local to a lazily allocated
buffer on the VM. Exposed when the buffer is needed to reduce likelihood that we'd allocated it.
Guarded use of the buffer with a lock since the DFG compiler may call into YARR JIT'ed code on a
compilation thread.

  • runtime/RegExpInlines.h:

(JSC::RegExp::matchInline):

  • runtime/VM.cpp:

(JSC::VM::~VM):
(JSC::VM::acquireRegExpPatternContexBuffer):
(JSC::VM::releaseRegExpPatternContexBuffer):

  • runtime/VM.h:
  • yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::generate):
(JSC::Yarr::YarrGenerator::backtrack):
(JSC::Yarr::YarrGenerator::opCompileParenthesesSubpattern):
(JSC::Yarr::YarrGenerator::generateEnter):
(JSC::Yarr::YarrGenerator::generateReturn):
(JSC::Yarr::YarrGenerator::YarrGenerator):
(JSC::Yarr::YarrGenerator::compile):

  • yarr/YarrJIT.h:

(JSC::Yarr::YarrCodeBlock::usesPatternContextBuffer):
(JSC::Yarr::YarrCodeBlock::setUsesPaternContextBuffer):

Source/WTF:

Moved the setting of ENABLE_YARR_JIT_ALL_PARENS_EXPRESSIONS to Platform.h since more than just the YARR
code needs to know if that feature is enabled.

  • wtf/Platform.h:
1:33 AM Changeset in webkit [228764] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228476 - CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot + 618
https://bugs.webkit.org/show_bug.cgi?id=182798
<rdar://problem/23337253>

Reviewed by Eric Carlson.

Speculative fix for a crash in HTMLPlugInImageElement::didAddUserAgentShadowRoot.
The guess is that the m_swapRendererTimer is set, and the display state changes to
something that does not require a shadow root, but before the timer fires.
Fix this by ensuring that the timer is reset on every display state change.

  • html/HTMLPlugInElement.cpp:

(WebCore::HTMLPlugInElement::setDisplayState): Guard for sets that wouldn't
actually change value, and make sure we always reset the timer.

1:33 AM Changeset in webkit [228763] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228466 - Confirm proper thread in UserGestureIndicator constructor
https://bugs.webkit.org/show_bug.cgi?id=175980

Reviewed by Daniel Bates.

Document is a main-thread object. If we enter the UserGestureIndicator constructor
on a non-main thread, we should ASSERT, not return silently.

  • dom/UserGestureIndicator.cpp:

(WebCore::UserGestureIndicator::UserGestureIndicator):

1:33 AM Changeset in webkit [228762] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228465 - [RenderTreeBuilder] Remove redundant RenderTreeBuilder methods
https://bugs.webkit.org/show_bug.cgi?id=182770
<rdar://problem/37525627>

Reviewed by Daniel Bates.

No change in functionality.

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::dropAnonymousBoxChild): Deleted.
(WebCore::RenderTreeBuilder::moveRubyChildren): Deleted.
(WebCore::RenderTreeBuilder::resolveMovedChildForMultiColumnFlow): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlockFlow.cpp:

(WebCore::RenderTreeBuilder::BlockFlow::insertChild):

  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::RenderTreeBuilder::Inline::insertChild):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::takeChild):

1:07 AM Changeset in webkit [228761] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228464 - [RenderTreeBuilder] Move RenderElement::takeChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182762
<rdar://problem/37523756>

Reviewed by Daniel Bates.

This patch removes the remaining takeChild() related mutation logic from the renderers.

No change in functionality.

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::moveChildTo):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::takeChild): Deleted.
(WebCore::RenderElement::takeChildInternal): Deleted.

  • rendering/RenderElement.h:
  • rendering/RenderObject.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):
(WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):
(WebCore::RenderTreeBuilder::takeChildFromRenderElement):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):
(WebCore::RenderTreeBuilder::Block::takeChild):
(WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):

  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::RenderTreeBuilder::Inline::splitFlow):
(WebCore::RenderTreeBuilder::Inline::splitInlines):
(WebCore::RenderTreeBuilder::Inline::childBecameNonInline):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::takeChild):

  • rendering/updating/RenderTreeBuilderSVG.cpp:

(WebCore::RenderTreeBuilder::SVG::takeChild): Leftover from the previous patch.

1:07 AM Changeset in webkit [228760] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.20

Merge r228454 - putDirectIndexSlowOrBeyondVectorLength needs to convert to dictionary indexing mode always if attributes are present
https://bugs.webkit.org/show_bug.cgi?id=182755
<rdar://problem/37080864>

Reviewed by Keith Miller.

JSTests:

  • stress/always-enter-dictionary-indexing-mode-with-getter.js: Added.

(test1.o.get 10005):
(test1):
(test2.o.get 1000):
(test2):

Source/JavaScriptCore:

putDirectIndexSlowOrBeyondVectorLength with non-zero attributes only converted
the object in question to a dictionary indexing mode when the index is less than
the vector length. This makes no sense. If we're defining a getter, setter, or read
only property, we must always enter the dictionary indexing mode irrespective
of the index in relation to the vector length.

  • runtime/JSObject.cpp:

(JSC::JSObject::putDirectIndexSlowOrBeyondVectorLength):

1:07 AM Changeset in webkit [228759] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228441 - [RenderTreeBuilder] Move RenderBlock::takeChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182746
<rdar://problem/37512871>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::takeChild): Deleted.

  • rendering/RenderBlock.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):
(WebCore::RenderTreeBuilder::takeChildFromRenderMenuList):
(WebCore::RenderTreeBuilder::takeChildFromRenderButton):
(WebCore::RenderTreeBuilder::takeChildFromRenderGrid):
(WebCore::RenderTreeBuilder::takeChildFromRenderBlock): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::takeChild):

12:51 AM Changeset in webkit [228758] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228436 - [YarrJIT][ARM] We need to save r8 as it is the initial start register
https://bugs.webkit.org/show_bug.cgi?id=182157

Reviewed by Saam Barati.

Register r8 is the initial start register since r224172, so we need to
save it. We still need to save r6 as well even though it is not the
initial start register any more, since it is used by the
MacroAssembler which we use (we get crashes in some situations if we
don't save r6). This issue was discovered because
stress/regress-174044.js crashes on a raspberry pi 2 when compiled in
-O2.

  • yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::generateEnter):
(JSC::Yarr::YarrGenerator::generateReturn):

12:51 AM Changeset in webkit [228757] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.20

Merge r228435 - Crash when breakpoint hit in unload handler
https://bugs.webkit.org/show_bug.cgi?id=169855
<rdar://problem/28683567>

Source/WebCore:

Reviewed by Daniel Bates.

Test: inspector/debugger/reload-paused.html

CachedRawResource::updateBuffer may generate unload event in client notify callback. If Inspector was
paused, this even would spawn a nested runloop. CachedRawResource::finishLoading would get called in
the nested loop, confusing the DocumentLoader state machine and resulting in crashes later.

  • loader/cache/CachedRawResource.cpp:

(WebCore::CachedRawResource::updateBuffer):

  • Set a bit when entering the client callback.
  • Ensure we don't re-enter updateBuffer.
  • If finishLoading got delayed during client callback, do it at the end.

(WebCore::CachedRawResource::finishLoading):

If we are in updateBuffer client callback, save the buffer and bail out.

  • loader/cache/CachedRawResource.h:

LayoutTests:

Reviewed by Daniel Bates and Joseph Pecoraro.

  • inspector/debugger/reload-paused-expected.txt: Added.
  • inspector/debugger/reload-paused.html: Added.
12:51 AM Changeset in webkit [228756] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228432 - [RenderTreeBuilder] Move RenderBlockFlow::takeChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182739
<rdar://problem/37506542>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::takeChild): Deleted.

  • rendering/RenderBlockFlow.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):
(WebCore::RenderTreeBuilder::multiColumnRelativeWillBeRemoved): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::takeChild):

  • rendering/updating/RenderTreeBuilderBlock.h:
12:51 AM Changeset in webkit [228755] by Carlos Garcia Campos
  • 12 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228429 - [RenderTreeBuilder] Move RenderSVG*::takeChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182736
<rdar://problem/37503107>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/svg/RenderSVGContainer.cpp:

(WebCore::RenderSVGContainer::takeChild): Deleted.

  • rendering/svg/RenderSVGContainer.h:
  • rendering/svg/RenderSVGInline.cpp:

(WebCore::RenderSVGInline::takeChild): Deleted.

  • rendering/svg/RenderSVGInline.h:
  • rendering/svg/RenderSVGRoot.cpp:

(WebCore::RenderSVGRoot::takeChild): Deleted.

  • rendering/svg/RenderSVGRoot.h:
  • rendering/svg/RenderSVGText.cpp:

(WebCore::RenderSVGText::takeChild): Deleted.

  • rendering/svg/RenderSVGText.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):

  • rendering/updating/RenderTreeBuilderSVG.cpp:

(WebCore::RenderTreeBuilder::SVG::takeChild):

  • rendering/updating/RenderTreeBuilderSVG.h:
12:51 AM Changeset in webkit [228754] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228428 - [RenderTreeBuilder] Move RenderGrid::takeChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182734
<rdar://problem/37500876>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::takeChild): Deleted.

  • rendering/RenderGrid.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChildFromRenderGrid):

  • rendering/updating/RenderTreeBuilder.h:
12:51 AM Changeset in webkit [228753] by Carlos Garcia Campos
  • 31 edits
    13 deletes in releases/WebKitGTK/webkit-2.20

Merge r228427 - AX: Remove AccessibleNode class
https://bugs.webkit.org/show_bug.cgi?id=182724
<rdar://problem/37486024>

Reviewed by Chris Fleizach.

Source/WebCore:

Removed all the AccessibleNode related code since AOM has
an alternate direction now.

No new tests. Made sure existing tests don't break.

  • CMakeLists.txt:
  • DerivedSources.make:
  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::findModalNodes):
(WebCore::nodeHasRole):
(WebCore::AXObjectCache::handleLiveRegionCreated):
(WebCore::AXObjectCache::handleMenuItemSelected):
(WebCore::AXObjectCache::handleModalChange):
(WebCore::isNodeAriaVisible):

  • accessibility/AccessibilityARIAGrid.cpp:

(WebCore::AccessibilityARIAGrid::isMultiSelectable const):

  • accessibility/AccessibilityARIAGridCell.cpp:

(WebCore::AccessibilityARIAGridCell::readOnlyValue const):

  • accessibility/AccessibilityAllInOne.cpp:
  • accessibility/AccessibilityImageMapLink.cpp:

(WebCore::AccessibilityImageMapLink::roleValue const):
(WebCore::AccessibilityImageMapLink::accessibilityDescription const):

  • accessibility/AccessibilityListBoxOption.cpp:

(WebCore::AccessibilityListBoxOption::isEnabled const):
(WebCore::AccessibilityListBoxOption::stringValue const):

  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::isEnabled const):
(WebCore::AccessibilityNodeObject::isPressed const):
(WebCore::AccessibilityNodeObject::isChecked const):
(WebCore::AccessibilityNodeObject::isMultiSelectable const):
(WebCore::AccessibilityNodeObject::isRequired const):
(WebCore::AccessibilityNodeObject::headingLevel const):
(WebCore::AccessibilityNodeObject::valueDescription const):
(WebCore::AccessibilityNodeObject::valueForRange const):
(WebCore::AccessibilityNodeObject::maxValueForRange const):
(WebCore::AccessibilityNodeObject::minValueForRange const):
(WebCore::AccessibilityNodeObject::ariaAccessibilityDescription const):
(WebCore::siblingWithAriaRole):
(WebCore::AccessibilityNodeObject::textForLabelElement const):
(WebCore::AccessibilityNodeObject::alternativeText const):
(WebCore::AccessibilityNodeObject::alternativeTextForWebArea const):
(WebCore::AccessibilityNodeObject::hierarchicalLevel const):
(WebCore::shouldUseAccessibilityObjectInnerText):
(WebCore::AccessibilityNodeObject::stringValue const):
(WebCore::accessibleNameForNode):
(WebCore::AccessibilityNodeObject::determineAriaRoleAttribute const):

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::readOnlyValue const):
(WebCore::AccessibilityObject::supportsAutoComplete const):
(WebCore::AccessibilityObject::autoCompleteValue const):
(WebCore::AccessibilityObject::ariaIsMultiline const):
(WebCore::AccessibilityObject::invalidStatus const):
(WebCore::AccessibilityObject::supportsCurrent const):
(WebCore::AccessibilityObject::currentState const):
(WebCore::AccessibilityObject::roleDescription const):
(WebCore::AccessibilityObject::keyShortcutsValue const):
(WebCore::AccessibilityObject::placeholderValue const):
(WebCore::AccessibilityObject::supportsARIAAttributes const):
(WebCore::AccessibilityObject::sortDirection const):
(WebCore::AccessibilityObject::supportsHasPopup const):
(WebCore::AccessibilityObject::hasPopupValue const):
(WebCore::AccessibilityObject::supportsSetSize const):
(WebCore::AccessibilityObject::supportsPosInSet const):
(WebCore::AccessibilityObject::setSize const):
(WebCore::AccessibilityObject::posInSet const):
(WebCore::AccessibilityObject::supportsPressed const):
(WebCore::AccessibilityObject::supportsExpanded const):
(WebCore::AccessibilityObject::isExpanded const):
(WebCore::AccessibilityObject::checkboxOrRadioValue const):
(WebCore::AccessibilityObject::pressedIsPresent const):
(WebCore::AccessibilityObject::isAXHidden const):
(WebCore::AccessibilityObject::ariaActiveDescendantReferencingElements const):
(WebCore::AccessibilityObject::ariaDetailsElements const):
(WebCore::AccessibilityObject::ariaDetailsReferencingElements const):
(WebCore::AccessibilityObject::ariaErrorMessageElements const):
(WebCore::AccessibilityObject::ariaErrorMessageReferencingElements const):
(WebCore::AccessibilityObject::setIsIgnoredFromParentDataForChild):
(WebCore::AccessibilityObject::hasProperty const): Deleted.
(WebCore::AccessibilityObject::stringValueForProperty const): Deleted.
(WebCore::AccessibilityObject::boolValueForProperty const): Deleted.
(WebCore::AccessibilityObject::intValueForProperty const): Deleted.
(WebCore::AccessibilityObject::unsignedValueForProperty const): Deleted.
(WebCore::AccessibilityObject::doubleValueForProperty const): Deleted.
(WebCore::AccessibilityObject::elementValueForProperty const): Deleted.
(WebCore::AccessibilityObject::elementsFromProperty const): Deleted.
(WebCore::AccessibilityObject::elementsReferencedByProperty const): Deleted.

  • accessibility/AccessibilityObject.h:
  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::stringValue const):
(WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
(WebCore::AccessibilityRenderObject::defaultObjectInclusion const):
(WebCore::AccessibilityRenderObject::isSelected const):
(WebCore::AccessibilityRenderObject::activeDescendant const):
(WebCore::AccessibilityRenderObject::determineAccessibilityRole):
(WebCore::AccessibilityRenderObject::orientation const):
(WebCore::AccessibilityRenderObject::canSetExpandedAttribute const):
(WebCore::AccessibilityRenderObject::liveRegionStatus const):
(WebCore::AccessibilityRenderObject::liveRegionRelevant const):
(WebCore::AccessibilityRenderObject::liveRegionAtomic const):
(WebCore::AccessibilityRenderObject::isBusy const):

  • accessibility/AccessibilityTable.cpp:

(WebCore::AccessibilityTable::isDataTable const):
(WebCore::AccessibilityTable::axColumnCount const):
(WebCore::AccessibilityTable::axRowCount const):

  • accessibility/AccessibilityTableCell.cpp:

(WebCore::AccessibilityTableCell::axColumnIndex const):
(WebCore::AccessibilityTableCell::axRowIndex const):
(WebCore::AccessibilityTableCell::axColumnSpan const):
(WebCore::AccessibilityTableCell::axRowSpan const):

  • accessibility/AccessibilityTableRow.cpp:

(WebCore::AccessibilityTableRow::axColumnIndex const):
(WebCore::AccessibilityTableRow::axRowIndex const):

  • accessibility/AccessibleNode.cpp: Removed.
  • accessibility/AccessibleNode.h: Removed.
  • accessibility/AccessibleNode.idl: Removed.
  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

  • bindings/js/WebCoreBuiltinNames.h:
  • dom/Element.cpp:

(WebCore::Element::canContainRangeEndPoint const):
(WebCore::Element::accessibleNode): Deleted.
(WebCore::Element::existingAccessibleNode const): Deleted.

  • dom/Element.h:
  • dom/Element.idl:
  • dom/ElementRareData.cpp:
  • dom/ElementRareData.h:

(WebCore::ElementRareData::accessibleNode const): Deleted.
(WebCore::ElementRareData::setAccessibleNode): Deleted.

  • editing/TextIterator.cpp:

(WebCore::isRendererReplacedElement):

  • rendering/RenderMenuList.cpp:

(RenderMenuList::itemAccessibilityText const):

LayoutTests:

  • accessibility/accessibility-object-model-expected.txt: Removed.
  • accessibility/accessibility-object-model.html: Removed.
  • accessibility/mac/AOM-bool-properties-expected.txt: Removed.
  • accessibility/mac/AOM-bool-properties.html: Removed.
  • accessibility/mac/AOM-number-properties-expected.txt: Removed.
  • accessibility/mac/AOM-number-properties.html: Removed.
  • accessibility/mac/AOM-relation-property-expected.txt: Removed.
  • accessibility/mac/AOM-relation-property.html: Removed.
  • accessibility/mac/AOM-string-properties-expected.txt: Removed.
  • accessibility/mac/AOM-string-properties.html: Removed.
  • platform/mac-wk1/TestExpectations:
  • platform/win/TestExpectations:
12:50 AM Changeset in webkit [228752] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228423 - [RenderTreeBuilder] Move RenderButton::takeChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182732
<rdar://problem/37500564>

Reviewed by Antti Koivisto.

No change of functionality.

  • rendering/RenderButton.cpp:

(WebCore::RenderButton::setInnerRenderer):
(WebCore::RenderButton::takeChild): Deleted.

  • rendering/RenderButton.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChildFromRenderButton):

  • rendering/updating/RenderTreeBuilder.h:
12:42 AM Changeset in webkit [228751] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[Win] Fix MSVC's treating attribute((warn_unused_result))
https://bugs.webkit.org/show_bug.cgi?id=182479

Patch by Yousuke Kimoto <yousuke.kimoto@sony.com> on 2018-02-20
Reviewed by Darin Adler.

Since MSVC doesn't understand "attribute", "_Check_return_" is used instead.
If clang and VisualStudio 2017 are used, a macro with "attriute" will be chosen.

  • UIProcess/API/cpp/WKRetainPtr.h:
12:22 AM Changeset in webkit [228750] by Carlos Garcia Campos
  • 21 edits
    6 moves
    4 deletes in releases/WebKitGTK/webkit-2.20

Merge r228422 - [JSC] cache TaggedTemplate arrays by callsite rather than by contents
https://bugs.webkit.org/show_bug.cgi?id=182717

Reviewed by Yusuke Suzuki.

https://github.com/tc39/ecma262/pull/890 imposes a change to template
literals, to allow template callsite arrays to be collected when the
code containing the tagged template call is collected. This spec change
has received concensus and been ratified.

This change eliminates the eternal map associating template contents
with arrays.

JSTests:

  • stress/tagged-template-object-collect.js: Renamed from JSTests/stress/tagged-template-registry-key-collect.js.
  • stress/tagged-template-object.js: Renamed from JSTests/stress/tagged-template-registry-key.js.
  • stress/tagged-templates-identity.js:
  • stress/template-string-tags-eval.js:
  • test262.yaml:

Source/JavaScriptCore:

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::setConstantRegisters):

  • bytecode/DirectEvalCodeCache.cpp:

(JSC::DirectEvalCodeCache::setSlow):

  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::allowDirectEvalCache const):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addTemplateObjectConstant):
(JSC::BytecodeGenerator::emitGetTemplateObject):
(JSC::BytecodeGenerator::addTemplateRegistryKeyConstant): Deleted.

  • bytecompiler/BytecodeGenerator.h:
  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseInner):
(JSC::Parser<LexerType>::parseMemberExpression):

  • parser/Parser.h:
  • parser/ParserModes.h:
  • runtime/EvalExecutable.h:

(JSC::EvalExecutable::allowDirectEvalCache const):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::JSGlobalObject):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::templateRegistry): Deleted.

  • runtime/JSTemplateObjectDescriptor.cpp: Renamed from Source/JavaScriptCore/runtime/TemplateRegistry.cpp.

(JSC::JSTemplateObjectDescriptor::JSTemplateObjectDescriptor):
(JSC::JSTemplateObjectDescriptor::create):
(JSC::JSTemplateObjectDescriptor::destroy):
(JSC::JSTemplateObjectDescriptor::createTemplateObject):

  • runtime/JSTemplateObjectDescriptor.h: Renamed from Source/JavaScriptCore/runtime/JSTemplateRegistryKey.h.

(JSC::isTemplateObjectDescriptor):

  • runtime/JSTemplateRegistryKey.cpp: Removed.
  • runtime/TemplateObjectDescriptor.cpp: Renamed from Source/JavaScriptCore/runtime/TemplateRegistryKey.cpp.

(JSC::TemplateObjectDescriptor::~TemplateObjectDescriptor):

  • runtime/TemplateObjectDescriptor.h: Renamed from Source/JavaScriptCore/runtime/TemplateRegistryKey.h.

(JSC::TemplateObjectDescriptor::operator== const):
(JSC::TemplateObjectDescriptor::operator!= const):
(JSC::TemplateObjectDescriptor::Hasher::hash):
(JSC::TemplateObjectDescriptor::Hasher::equal):
(JSC::TemplateObjectDescriptor::create):
(JSC::TemplateObjectDescriptor::TemplateObjectDescriptor):
(JSC::TemplateObjectDescriptor::calculateHash):

  • runtime/TemplateRegistry.h: Removed.
  • runtime/TemplateRegistryKeyTable.cpp: Removed.
  • runtime/TemplateRegistryKeyTable.h: Removed.
  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:

(JSC::VM::templateRegistryKeyTable): Deleted.

  • runtime/VMEntryScope.cpp:
  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::setConstantRegisters):

  • bytecode/DirectEvalCodeCache.cpp:

(JSC::DirectEvalCodeCache::setSlow):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::allowDirectEvalCache const):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addTemplateObjectConstant):
(JSC::BytecodeGenerator::emitGetTemplateObject):
(JSC::BytecodeGenerator::addTemplateRegistryKeyConstant): Deleted.

  • bytecompiler/BytecodeGenerator.h:
  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseInner):
(JSC::Parser<LexerType>::parseMemberExpression):

  • parser/Parser.h:
  • parser/ParserModes.h:
  • runtime/EvalExecutable.h:

(JSC::EvalExecutable::allowDirectEvalCache const):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::JSGlobalObject):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::templateRegistry): Deleted.

  • runtime/JSTemplateObjectDescriptor.cpp: Renamed from Source/JavaScriptCore/runtime/TemplateRegistry.cpp.

(JSC::JSTemplateObjectDescriptor::JSTemplateObjectDescriptor):
(JSC::JSTemplateObjectDescriptor::create):
(JSC::JSTemplateObjectDescriptor::destroy):
(JSC::JSTemplateObjectDescriptor::createTemplateObject):

  • runtime/JSTemplateObjectDescriptor.h: Renamed from Source/JavaScriptCore/runtime/JSTemplateRegistryKey.h.

(JSC::isTemplateObjectDescriptor):

  • runtime/JSTemplateRegistryKey.cpp: Removed.
  • runtime/TemplateObjectDescriptor.cpp: Renamed from Source/JavaScriptCore/runtime/TemplateRegistryKey.cpp.

(JSC::TemplateObjectDescriptor::~TemplateObjectDescriptor):

  • runtime/TemplateObjectDescriptor.h: Renamed from Source/JavaScriptCore/runtime/TemplateRegistryKey.h.

(JSC::TemplateObjectDescriptor::operator== const):
(JSC::TemplateObjectDescriptor::operator!= const):
(JSC::TemplateObjectDescriptor::Hasher::hash):
(JSC::TemplateObjectDescriptor::Hasher::equal):
(JSC::TemplateObjectDescriptor::create):
(JSC::TemplateObjectDescriptor::TemplateObjectDescriptor):
(JSC::TemplateObjectDescriptor::calculateHash):

  • runtime/TemplateRegistry.h: Removed.
  • runtime/TemplateRegistryKeyTable.cpp: Removed.
  • runtime/TemplateRegistryKeyTable.h: Removed.
  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:

(JSC::VM::templateRegistryKeyTable): Deleted.

  • runtime/VMEntryScope.cpp:
  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::setConstantRegisters):

  • bytecode/DirectEvalCodeCache.cpp:

(JSC::DirectEvalCodeCache::setSlow):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::allowDirectEvalCache const):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addTemplateObjectConstant):
(JSC::BytecodeGenerator::emitGetTemplateObject):
(JSC::BytecodeGenerator::addTemplateRegistryKeyConstant): Deleted.

  • bytecompiler/BytecodeGenerator.h:
  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseInner):
(JSC::Parser<LexerType>::parseMemberExpression):

  • parser/Parser.h:
  • parser/ParserModes.h:
  • runtime/EvalExecutable.h:

(JSC::EvalExecutable::allowDirectEvalCache const):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::JSGlobalObject):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::templateRegistry): Deleted.

  • runtime/JSTemplateObjectDescriptor.cpp: Renamed from Source/JavaScriptCore/runtime/TemplateRegistry.cpp.

(JSC::JSTemplateObjectDescriptor::JSTemplateObjectDescriptor):
(JSC::JSTemplateObjectDescriptor::create):
(JSC::JSTemplateObjectDescriptor::destroy):
(JSC::JSTemplateObjectDescriptor::createTemplateObject):

  • runtime/JSTemplateObjectDescriptor.h: Renamed from Source/JavaScriptCore/runtime/JSTemplateRegistryKey.h.

(JSC::isTemplateObjectDescriptor):

  • runtime/JSTemplateRegistryKey.cpp: Removed.
  • runtime/TemplateObjectDescriptor.cpp: Renamed from Source/JavaScriptCore/runtime/TemplateRegistryKey.cpp.

(JSC::TemplateObjectDescriptor::~TemplateObjectDescriptor):

  • runtime/TemplateObjectDescriptor.h: Renamed from Source/JavaScriptCore/runtime/TemplateRegistryKey.h.

(JSC::TemplateObjectDescriptor::operator== const):
(JSC::TemplateObjectDescriptor::operator!= const):
(JSC::TemplateObjectDescriptor::Hasher::hash):
(JSC::TemplateObjectDescriptor::Hasher::equal):
(JSC::TemplateObjectDescriptor::create):
(JSC::TemplateObjectDescriptor::TemplateObjectDescriptor):
(JSC::TemplateObjectDescriptor::calculateHash):

  • runtime/TemplateRegistry.h: Removed.
  • runtime/TemplateRegistryKeyTable.cpp: Removed.
  • runtime/TemplateRegistryKeyTable.h: Removed.
  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:

(JSC::VM::templateRegistryKeyTable): Deleted.

  • runtime/VMEntryScope.cpp:
12:22 AM Changeset in webkit [228749] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.20

Merge r228421 - Support GetArrayLength on ArrayStorage in the FTL
https://bugs.webkit.org/show_bug.cgi?id=182625

Reviewed by Saam Barati.

JSTests:

  • stress/array-storage-length.js: Added.

(shouldBe):
(testInBound):
(testUncountable):
(testSlowPutInBound):
(testSlowPutUncountable):

  • stress/undecided-length.js: Added.

(shouldBe):
(test2):

Source/JavaScriptCore:

This patch adds GetArrayLength and CheckArray + ArrayStorage & SlowPutArrayStorage support for FTL.
The implementation is trivial; just porting one in DFG to FTL.

This fixes several FTL compilation failures in web-tooling-benchmarks while we still need to support
ArrayPush, ArrayPop, Arrayify, and PutByVal.

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::checkArray):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength):
(JSC::FTL::DFG::LowerDFGToB3::isArrayTypeForArrayify):
(JSC::FTL::DFG::LowerDFGToB3::isArrayTypeForCheckArray):

12:22 AM Changeset in webkit [228748] by Carlos Garcia Campos
  • 24 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228420 - Lock down JSFunction
https://bugs.webkit.org/show_bug.cgi?id=182652

Reviewed by Saam Barati.

This poisons pointers in JSFunction and puts all of the types in the JSFunction hierarchy in
isospaces.

This is so neutral on JetStream: 0.01% slower with p = 0.969211.

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileNewFunctionCommon):
(JSC::DFG::SpeculativeJIT::compileNewFunction):
(JSC::DFG::SpeculativeJIT::compileCreateThis):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::TrustedImmPtr::TrustedImmPtr):
(JSC::DFG::SpeculativeJIT::TrustedImmPtr::weakPointer):
(JSC::DFG::SpeculativeJIT::TrustedImmPtr::weakPoisonedPointer):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetExecutable):
(JSC::FTL::DFG::LowerDFGToB3::compileNewFunction):
(JSC::FTL::DFG::LowerDFGToB3::weakPointer):
(JSC::FTL::DFG::LowerDFGToB3::weakPoisonedPointer):

  • ftl/FTLOutput.h:

(JSC::FTL::Output::weakPointer):
(JSC::FTL::Output::weakPoisonedPointer):

  • heap/MarkedSpace.cpp:
  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_create_this):

  • jit/ThunkGenerators.cpp:

(JSC::virtualThunkFor):
(JSC::nativeForGenerator):
(JSC::boundThisNoArgsFunctionCallGenerator):

  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter64.asm:
  • runtime/JSAsyncFunction.h:

(JSC::JSAsyncFunction::subspaceFor):

  • runtime/JSAsyncGeneratorFunction.h:

(JSC::JSAsyncGeneratorFunction::subspaceFor):

  • runtime/JSBoundFunction.h:

(JSC::JSBoundFunction::subspaceFor):

  • runtime/JSCPoison.h:
  • runtime/JSCustomGetterSetterFunction.h:

(JSC::JSCustomGetterSetterFunction::subspaceFor):

  • runtime/JSFunction.h:

(JSC::JSFunction::subspaceFor):

  • runtime/JSGeneratorFunction.h:

(JSC::JSGeneratorFunction::subspaceFor):

  • runtime/JSNativeStdFunction.h:

(JSC::JSNativeStdFunction::subspaceFor):

  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:
  • wasm/js/WebAssemblyFunction.h:
  • wasm/js/WebAssemblyWrapperFunction.h:

Feb 19, 2018:

11:45 PM Changeset in webkit [228747] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228418 - [Gstreamer][MSE] Add string representation for GStreamerMediaSample
https://bugs.webkit.org/show_bug.cgi?id=180262

Reviewed by Xabier Rodriguez-Calvar.

  • platform/graphics/gstreamer/mse/GStreamerMediaSample.cpp:

(WebCore::GStreamerMediaSample::offsetTimestampsBy):

  • platform/graphics/gstreamer/mse/GStreamerMediaSample.h:
11:45 PM Changeset in webkit [228746] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228607 - Fix build error after r228417 without ACCESSIBILITY
https://bugs.webkit.org/show_bug.cgi?id=182914

Patch by Yoshiaki Jitsukawa <Yoshiaki.Jitsukawa@sony.com> on 2018-02-18
Reviewed by Chris Fleizach.

An inline empty version of AXObjectCache::deferFocusdUIElementChangeIfNeeded()
needs to be defined if not HAVE(ACCESSIBILITY).

  • accessibility/AXObjectCache.h:

(WebCore::AXObjectCache::deferFocusedUIElementChangeIfNeeded):

11:45 PM Changeset in webkit [228745] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.20

Merge r228417 - AX: defer focusedUIElement notifications
https://bugs.webkit.org/show_bug.cgi?id=182643
<rdar://problem/37394310>

Reviewed by Zalan Bujtas.

Source/WebCore:

Deferring focus changes for accessibility has a number of benefits.

1) Reduces the chance of calling into layout during layout.
2) Coalesces multiple focus notifications that would be needlessly sent.
3) Improves performance by not calling out to the accessibility notification machinery during layout.

In this patch, I also started making more AXObjectCache calls private. This will reduce the chance that clients
will call into AXObjectCache during unexpected times.

  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::deferFocusedUIElementChangeIfNeeded):
(WebCore::conditionallyAddNodeToFilterList):
(WebCore::filterVectorPairForRemoval):
(WebCore::filterMapForRemoval):
(WebCore::filterListForRemoval):
(WebCore::AXObjectCache::prepareForDocumentDestruction):
(WebCore::AXObjectCache::performDeferredCacheUpdate):

  • accessibility/AXObjectCache.h:
  • dom/Document.cpp:

(WebCore::Document::setFocusedElement):

LayoutTests:

  • accessibility/mac/aria-menu-item-selected-notification.html:

Rewrite test to accomodate that focus changes happen asynchronously.

  • accessibility/mac/selection-notification-focus-change-expected.txt:
  • platform/mac-wk2/accessibility/mac/selection-notification-focus-change-expected.txt:

The order of notifications is different now that focus changes happen later.

11:45 PM Changeset in webkit [228744] by Carlos Garcia Campos
  • 20 edits
    6 adds in releases/WebKitGTK/webkit-2.20

Merge r228416 - Resource Load Statistics: Classify resources as prevalent based on redirects to other prevalent resources
https://bugs.webkit.org/show_bug.cgi?id=182664
<rdar://problem/37372572>

Reviewed by Brent Fulgham.

Source/WebCore:

Tests: http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-subresource-redirect-collusion.html

http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-redirect-collusion.html
http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-unique-redirects-to.html

  • loader/ResourceLoadObserver.cpp:

(WebCore::ResourceLoadObserver::logFrameNavigation):

We now collect statistics on top frame navigational redirects too, both to and from.

(WebCore::ResourceLoadObserver::logSubresourceLoading):

We now collect statistics on redirects from in addition to the existing redirects to.

  • loader/ResourceLoadStatistics.cpp:

(WebCore::ResourceLoadStatistics::encode const):
(WebCore::ResourceLoadStatistics::decode):
(WebCore::ResourceLoadStatistics::toString const):
(WebCore::ResourceLoadStatistics::merge):

  • loader/ResourceLoadStatistics.h:

Three new fields:

  • topFrameUniqueRedirectsTo
  • topFrameUniqueRedirectsFrom
  • subresourceUniqueRedirectsFrom

Source/WebKit:

  • Platform/classifier/ResourceLoadStatisticsClassifier.cpp:

(WebKit::ResourceLoadStatisticsClassifier::hasPrevalentResourceCharacteristics):

Unique top frame redirects now counts toward classification as prevalent.

  • Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<ResourceLoadStatistics>::encode):
(IPC::ArgumentCoder<ResourceLoadStatistics>::decode):

  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreSetStatisticsSubresourceUniqueRedirectFrom):
(WKWebsiteDataStoreSetStatisticsTopFrameUniqueRedirectTo):
(WKWebsiteDataStoreSetStatisticsTopFrameUniqueRedirectFrom):

Test infrastructure.

  • UIProcess/API/C/WKWebsiteDataStoreRef.h:
  • UIProcess/WebResourceLoadStatisticsStore.cpp:

Bumped the statistics model to 11 because of the added fields.

(WebKit::WebResourceLoadStatisticsStore::recursivelyGetAllDomainsThatHaveRedirectedToThisDomain):

This function back traces redirect chains to classify domains
that have redirected to a newly classified prevalent resource.

(WebKit::WebResourceLoadStatisticsStore::processStatisticsAndDataRecords):

Now uses the new convenience function WebResourceLoadStatisticsStore::setPrevalentResource().

(WebKit::WebResourceLoadStatisticsStore::setPrevalentResource):

New convenience function to make sure we always call
WebResourceLoadStatisticsStore::recursivelyGetAllDomainsThatHaveRedirectedToThisDomain()
and capture redirect chains backward.

(WebKit::WebResourceLoadStatisticsStore::setSubframeUnderTopFrameOrigin):
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUnderTopFrameOrigin):
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUniqueRedirectTo):
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUniqueRedirectFrom):
(WebKit::WebResourceLoadStatisticsStore::setTopFrameUniqueRedirectTo):
(WebKit::WebResourceLoadStatisticsStore::setTopFrameUniqueRedirectFrom):

Test infrastructure.

  • UIProcess/WebResourceLoadStatisticsStore.h:

Tools:

  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setStatisticsSubresourceUniqueRedirectFrom):
(WTR::TestRunner::setStatisticsTopFrameUniqueRedirectTo):
(WTR::TestRunner::setStatisticsTopFrameUniqueRedirectFrom):

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::setStatisticsSubresourceUniqueRedirectFrom):
(WTR::TestController::setStatisticsTopFrameUniqueRedirectTo):
(WTR::TestController::setStatisticsTopFrameUniqueRedirectFrom):

  • WebKitTestRunner/TestController.h:
  • WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

LayoutTests:

  • http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-subresource-redirect-collusion-expected.txt: Added.
  • http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-subresource-redirect-collusion.html: Added.
  • http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-redirect-collusion-expected.txt: Added.
  • http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-redirect-collusion.html: Added.
  • http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-unique-redirects-to-expected.txt: Added.
  • http/tests/resourceLoadStatistics/classify-as-prevalent-based-on-top-frame-unique-redirects-to.html: Added.
  • platform/wk2/TestExpectations:

New tests added as [ Pass ].

11:45 PM Changeset in webkit [228743] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228414 - [RenderTreeBuilder] Move RenderMenuList::takeChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182715
<rdar://problem/37477050>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderMenuList.cpp:

(RenderMenuList::takeChild): Deleted.

  • rendering/RenderMenuList.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):
(WebCore::RenderTreeBuilder::takeChildFromRenderMenuList):

  • rendering/updating/RenderTreeBuilder.h:
11:35 PM Changeset in webkit [228742] by Carlos Garcia Campos
  • 10 edits
    1 add in releases/WebKitGTK/webkit-2.20

Merge r228565 - Fix bugs from r228411
https://bugs.webkit.org/show_bug.cgi?id=182851
<rdar://problem/37577732>

Reviewed by JF Bastien.

JSTests:

  • stress/constant-folding-phase-insert-check-handle-varargs.js: Added.

Source/JavaScriptCore:

There was a bug from r228411 where inside the constant folding phase,
we used an insertCheck method that didn't handle varargs. This would
lead to a crash. When thinking about the fix for that function, I realized
a made a couple of mistakes in r228411. One is probably a security bug, and
the other is a performance bug because it'll prevent CSE for certain flavors
of GetByVal nodes. Both blunders are similar in nature.

In r228411, I added code in LICM that inserted a CheckVarargs node with children
of another varargs node. However, to construct this new node's children,
I just copied the AdjacencyList. This does a shallow copy. What we needed
was a deep copy. We needed to create a new vararg AdjacencyList that points
to edges that are deep copies of the original varargs children. This patch
fixes this goof in LICM.

r228411 made it so that PureValue over a varargs node would just compare actual
AdjacencyLists structs. So, if you had two GetByVals that had equal santized
children, their actual AdjacencyList structs are *not* bitwise equal, since they'll
have different firstChild values. Instead, we need to do a deep compare of their
adjacency lists. This patch teaches PureValue how to do that.

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

  • dfg/DFGGraph.h:

(JSC::DFG::Graph::copyVarargChildren):

  • dfg/DFGInsertionSet.h:

(JSC::DFG::InsertionSet::insertCheck):

  • dfg/DFGLICMPhase.cpp:

(JSC::DFG::LICMPhase::attemptHoist):

  • dfg/DFGPureValue.cpp:

(JSC::DFG::PureValue::dump const):

  • dfg/DFGPureValue.h:

(JSC::DFG::PureValue::PureValue):
(JSC::DFG::PureValue::op const):
(JSC::DFG::PureValue::hash const):
(JSC::DFG::PureValue::operator== const):
(JSC::DFG::PureValue::isVarargs const):
(JSC::DFG::PureValue::children const): Deleted.

  • dfg/DFGStrengthReductionPhase.cpp:

(JSC::DFG::StrengthReductionPhase::handleNode):
(JSC::DFG::StrengthReductionPhase::convertToIdentityOverChild):

11:34 PM Changeset in webkit [228741] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228438 - Follup fix to r228411 for 32-bit builds. I missed a place where we used non vararg getter for child2().

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

11:34 PM Changeset in webkit [228740] by Carlos Garcia Campos
  • 44 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228411 - Add a GetIndexMask node and make it an input to GetByVal for array and typed array accesses in DFG SSA
https://bugs.webkit.org/show_bug.cgi?id=182633
<rdar://problem/37441037>

Reviewed by Keith Miller.

This patch introduces a GetIndexMask node to DFG SSA. This is an input to
GetByVal for the GetByVal variants that do conservative index masking.
The reason I'm adding this node is I realized there were loads of
the butterfly index mask inside loops that B3 couldn't reason about
because B3 can't arbitrarily hoist loads out of loops if those loops
have side exits (because the side exit might be protecting the safety of the
load). However, for these loops I analyzed, the DFG would be able to hoist
these loads out of loops because it knows about JS semantics to correctly
reason about the safety of hoisting the load.

This is a 1% speedup on JetStream on Mac and iOS in my testing.

This patch also adds some infrastructure for eliminating and doing CSE on
varargs nodes. Because this patch makes GetByVal a varargs node, I ran into
issues we never had before. We never had a varargs node that could be CSEd or be
hoisted out of a loop until I made GetByVal varargs. To make it all work,
I added a CheckVarargs node. This is just like Check, but it's varargs.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGAdjacencyList.h:

(JSC::DFG::AdjacencyList::AdjacencyList):

  • dfg/DFGArgumentsEliminationPhase.cpp:
  • dfg/DFGBackwardsPropagationPhase.cpp:

(JSC::DFG::BackwardsPropagationPhase::propagate):

  • dfg/DFGBasicBlock.cpp:

(JSC::DFG::BasicBlock::replaceTerminal):

  • dfg/DFGBasicBlock.h:

(JSC::DFG::BasicBlock::findTerminal const):

  • dfg/DFGBasicBlockInlines.h:

(JSC::DFG::BasicBlock::replaceTerminal):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCFGSimplificationPhase.cpp:

(JSC::DFG::CFGSimplificationPhase::mergeBlocks):

  • dfg/DFGCPSRethreadingPhase.cpp:

(JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):

  • dfg/DFGCSEPhase.cpp:
  • dfg/DFGCleanUpPhase.cpp:

(JSC::DFG::CleanUpPhase::run):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):
(JSC::DFG::ConstantFoldingPhase::fixUpsilons):

  • dfg/DFGDCEPhase.cpp:

(JSC::DFG::DCEPhase::run):
(JSC::DFG::DCEPhase::fixupBlock):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::fixupChecksInBlock):

  • dfg/DFGHeapLocation.cpp:

(WTF::printInternal):

  • dfg/DFGHeapLocation.h:
  • dfg/DFGIntegerCheckCombiningPhase.cpp:

(JSC::DFG::IntegerCheckCombiningPhase::handleBlock):

  • dfg/DFGIntegerRangeOptimizationPhase.cpp:
  • dfg/DFGLICMPhase.cpp:

(JSC::DFG::LICMPhase::attemptHoist):

  • dfg/DFGMayExit.cpp:
  • dfg/DFGNode.cpp:

(JSC::DFG::Node::remove):
(JSC::DFG::Node::convertToIdentityOn):

  • dfg/DFGNode.h:

(JSC::DFG::Node::replaceWith):

  • dfg/DFGNodeType.h:
  • dfg/DFGObjectAllocationSinkingPhase.cpp:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGPureValue.cpp:

(JSC::DFG::PureValue::dump const):

  • dfg/DFGPureValue.h:

(JSC::DFG::PureValue::PureValue):

  • dfg/DFGPutStackSinkingPhase.cpp:
  • dfg/DFGSSAConversionPhase.cpp:

(JSC::DFG::SSAConversionPhase::run):

  • dfg/DFGSSALoweringPhase.cpp:

(JSC::DFG::SSALoweringPhase::handleNode):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::SpeculativeJIT):
(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
(JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray):
(JSC::DFG::SpeculativeJIT::compileGetByValForObjectWithString):
(JSC::DFG::SpeculativeJIT::compileGetByValForObjectWithSymbol):
(JSC::DFG::SpeculativeJIT::compileGetByValOnDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetByValOnScopedArguments):

  • dfg/DFGSpeculativeJIT.h:
  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGStoreBarrierClusteringPhase.cpp:
  • dfg/DFGValidate.cpp:
  • dfg/DFGVarargsForwardingPhase.cpp:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayMask):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharAt):
(JSC::FTL::DFG::LowerDFGToB3::maskedIndex):
(JSC::FTL::DFG::LowerDFGToB3::pointerIntoTypedArray):

11:34 PM Changeset in webkit [228739] by Carlos Garcia Campos
  • 10 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228402 - Miscellaneous refactoring of offlineasm.
https://bugs.webkit.org/show_bug.cgi?id=182702
<rdar://problem/37467887>

Reviewed by Filip Pizlo.

  1. Refactor out the emission of $asm.comment, $asm.codeOrigin, $asm.annotation, and $asm.debugAnnotation into a recordMetaData method. This standardizes how we emit this metadata and makes all backends do it the same way.
  1. Add the ability to include custom offlineasm scripts from WebKitAdditions in the future.
  • offlineasm/arm.rb:
  • offlineasm/arm64.rb:
  • offlineasm/ast.rb:
  • offlineasm/backends.rb:
  • offlineasm/cloop.rb:
  • offlineasm/config.rb:
  • offlineasm/mips.rb:
  • offlineasm/risc.rb:
  • offlineasm/x86.rb:
11:34 PM Changeset in webkit [228738] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.20

Merge r228401 - DFG::emitCodeToGetArgumentsArrayLength needs to handle NewArrayBuffer/PhantomNewArrayBuffer
https://bugs.webkit.org/show_bug.cgi?id=182706
<rdar://problem/36833681>

Reviewed by Filip Pizlo.

JSTests:

  • stress/get-array-length-phantom-new-array-buffer.js: Added.

(effects):
(foo):

Source/JavaScriptCore:

When we added support for PhantomNewArrayBuffer, we forgot to update
the emitCodeToGetArgumentsArrayLength function to handle PhantomNewArrayBuffer.
This patch adds that support. It's trivial to generate the length for
a PhantomNewArrayBuffer node since it's a constant buffer, with a constant
length.

  • dfg/DFGArgumentsUtilities.cpp:

(JSC::DFG::emitCodeToGetArgumentsArrayLength):

11:26 PM Changeset in webkit [228737] by Carlos Garcia Campos
  • 16 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228400 - [RenderTreeBuilder] Introduce RenderTreebuilder::takeChild
https://bugs.webkit.org/show_bug.cgi?id=182707
<rdar://problem/37473433>

Reviewed by Antti Koivisto.

All takeChild calls should go through RenderTreeBuilder::takeChild from now on.
This patch also moves the Ruby related takeChild calls to RenderTreeBuilder.

No change in functionality.

  • rendering/RenderButton.cpp:

(WebCore::RenderButton::takeChild):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::removeAndDestroyChild):

  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreen::wrapExistingRenderer):
(WebCore::RenderFullScreen::unwrapRenderer):

  • rendering/RenderMenuList.cpp:

(RenderMenuList::takeChild):

  • rendering/RenderRuby.cpp:

(WebCore::RenderRubyAsInline::takeChild): Deleted.
(WebCore::RenderRubyAsBlock::takeChild): Deleted.

  • rendering/RenderRuby.h:
  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::takeChild): Deleted.

  • rendering/RenderRubyRun.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChild):
(WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsInline): Deleted.
(WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsBlock): Deleted.
(WebCore::RenderTreeBuilder::takeChildFromRenderRubyRun): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::updateStyle):

  • rendering/updating/RenderTreeBuilderList.cpp:

(WebCore::RenderTreeBuilder::List::updateItemMarker):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::takeChild):

  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):

11:26 PM Changeset in webkit [228736] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source

Merge r228397 - Add more support for pointer preparations.
https://bugs.webkit.org/show_bug.cgi?id=182703
<rdar://problem/37469451>

Reviewed by Saam Barati.

Source/JavaScriptCore:

  • llint/LLIntData.h:

(JSC::LLInt::getCodePtr):

  • llint/LLIntPCRanges.h:

(JSC::LLInt::isLLIntPC):

  • runtime/Options.cpp:

(JSC::recomputeDependentOptions):

Source/WTF:

  • wtf/PointerPreparations.h:
11:26 PM Changeset in webkit [228735] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228391 - [RenderTreeBuilder] Move RenderBlock::dropAnonymousBoxChild to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182704
<rdar://problem/37469469>

Reviewed by Antti Koivisto.

All the callsites are now in RenderTreeBuilder.

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::dropAnonymousBoxChild): Deleted.

  • rendering/RenderBlock.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded):
(WebCore::RenderTreeBuilder::dropAnonymousBoxChild):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::takeChild):
(WebCore::RenderTreeBuilder::Block::dropAnonymousBoxChild):

  • rendering/updating/RenderTreeBuilderBlock.h:
11:26 PM Changeset in webkit [228734] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228388 - Fix missing exception check in RegExpObject::matchGlobal().
https://bugs.webkit.org/show_bug.cgi?id=182701
<rdar://problem/37465865>

Reviewed by Michael Saboff.

This issue was discovered when running JSC tests on an asm LLInt build with
JSC_useJIT=false.

  • runtime/RegExpObject.cpp:

(JSC::RegExpObject::matchGlobal):

11:26 PM Changeset in webkit [228733] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228387 - [RenderTreeBuilder] Remove redundant RenderTreeBuilder instance
https://bugs.webkit.org/show_bug.cgi?id=182700
<rdar://problem/37463958>

Reviewed by Antti Koivisto.

  • rendering/RenderView.cpp:

(WebCore::RenderView::willBeDestroyed):

11:26 PM Changeset in webkit [228732] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore/platform/gtk/po

Merge r228378 - [l10n] Updated Polish translation of WebKitGTK+ for 2.20
https://bugs.webkit.org/show_bug.cgi?id=182693

Patch by Piotr Drąg <piotrdrag@gmail.com> on 2018-02-12
Rubber-stamped by Michael Catanzaro.

  • pl.po:
11:08 PM Changeset in webkit [228731] by commit-queue@webkit.org
  • 3 edits in trunk/Tools

[WTR][GTK] crash log backtrace doesn't show symbol names for DatabaseProcess and NetworkProcess
https://bugs.webkit.org/show_bug.cgi?id=182953

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-19
Reviewed by Carlos Garcia Campos.

  • Scripts/webkitpy/port/gtk.py:

(GtkPort._get_crash_log): Removed the code to convert WebProcess name.

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::webProcessName): Return the correct program name for GTK+ port.
(WTR::TestController::networkProcessName): Ditto.
(WTR::TestController::databaseProcessName): Ditto.

10:57 PM Changeset in webkit [228730] by Carlos Garcia Campos
  • 166 edits
    1 add in releases/WebKitGTK/webkit-2.20/Source/WebKit

Merge r228373 - [GTK] Unify builds for platform-specific files in WebKit layer
https://bugs.webkit.org/show_bug.cgi?id=182450

Reviewed by Carlos Garcia Campos.

Add most GTK-specific sources to unified build. API files are exempted, except for the DOM
API. Files shared with PluginProcessGTK2 are also exempted. Finally, files with name
conflicts in headers, which appears difficult to fix, are also exempted.

  • CMakeLists.txt:
  • NetworkProcess/CustomProtocols/soup/LegacyCustomProtocolManagerSoup.cpp:
  • NetworkProcess/soup/NetworkDataTaskSoup.cpp:
  • NetworkProcess/soup/NetworkProcessSoup.cpp:
  • NetworkProcess/soup/NetworkSessionSoup.cpp:
  • NetworkProcess/soup/RemoteNetworkingContextSoup.cpp:
  • Platform/classifier/ResourceLoadStatisticsClassifier.cpp:
  • PlatformGTK.cmake:
  • PluginProcess/unix/PluginControllerProxyUnix.cpp:
  • Shared/CoordinatedGraphics/CoordinatedBackingStore.cpp:
  • Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:
  • Shared/CoordinatedGraphics/SimpleViewportController.cpp:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
  • Shared/Plugins/Netscape/unix/NetscapePluginModuleUnix.cpp:
  • Shared/Plugins/unix/PluginSearchPath.cpp:
  • Shared/cairo/ShareableBitmapCairo.cpp:
  • Shared/glib/WebContextMenuItemGlib.cpp:
  • Shared/glib/WebErrorsGlib.cpp:
  • Shared/gtk/ArgumentCodersGtk.cpp:
  • Shared/gtk/NativeWebKeyboardEventGtk.cpp:
  • Shared/gtk/ProcessExecutablePathGtk.cpp:
  • Shared/gtk/WebErrorsGtk.cpp:
  • Shared/gtk/WebEventFactory.cpp:
  • Shared/linux/WebMemorySamplerLinux.cpp:
  • Shared/soup/WebCoreArgumentCodersSoup.cpp:
  • Shared/soup/WebErrorsSoup.cpp:
  • SourcesGTK.txt: Added.
  • UIProcess/AcceleratedDrawingAreaProxy.cpp:
  • UIProcess/Automation/cairo/WebAutomationSessionCairo.cpp:
  • UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp:
  • UIProcess/BackingStore.cpp:
  • UIProcess/DrawingAreaProxyImpl.cpp:
  • UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:
  • UIProcess/Plugins/unix/PluginInfoStoreUnix.cpp:
  • UIProcess/Plugins/unix/PluginProcessProxyUnix.cpp:
  • UIProcess/WebResourceLoadStatisticsStore.cpp:
  • UIProcess/WebResourceLoadStatisticsTelemetry.cpp:
  • UIProcess/WebStorage/StorageManager.cpp:
  • UIProcess/cairo/BackingStoreCairo.cpp:
  • UIProcess/gtk/AcceleratedBackingStore.cpp:
  • UIProcess/gtk/DragAndDropHandler.cpp:
  • UIProcess/gtk/GestureController.cpp:
  • UIProcess/gtk/HardwareAccelerationManager.cpp:
  • UIProcess/gtk/InputMethodFilter.cpp:
  • UIProcess/gtk/TextCheckerGtk.cpp:
  • UIProcess/gtk/WaylandCompositor.cpp:
  • UIProcess/gtk/WebColorPickerGtk.cpp:
  • UIProcess/gtk/WebContextMenuProxyGtk.cpp:
  • UIProcess/gtk/WebPasteboardProxyGtk.cpp:
  • UIProcess/gtk/WebPopupMenuProxyGtk.cpp:
  • WebProcess/Cookies/soup/WebCookieManagerSoup.cpp:
  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMAttr.cpp:

(webkit_dom_attr_dom_event_target_init):
(webkit_dom_attr_set_property):
(webkit_dom_attr_get_property):
(webkit_dom_attr_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMCDATASection.cpp:

(webkit_dom_cdata_section_dom_event_target_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMCSSRule.cpp:

(webkit_dom_css_rule_set_property):
(webkit_dom_css_rule_get_property):
(webkit_dom_css_rule_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMCSSRuleList.cpp:

(webkit_dom_css_rule_list_get_property):
(webkit_dom_css_rule_list_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMCSSStyleDeclaration.cpp:

(webkit_dom_css_style_declaration_set_property):
(webkit_dom_css_style_declaration_get_property):
(webkit_dom_css_style_declaration_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMCSSStyleSheet.cpp:

(webkit_dom_css_style_sheet_get_property):
(webkit_dom_css_style_sheet_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMCSSValue.cpp:

(webkit_dom_css_value_set_property):
(webkit_dom_css_value_get_property):
(webkit_dom_css_value_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMCharacterData.cpp:

(webkit_dom_character_data_dom_event_target_init):
(webkit_dom_character_data_set_property):
(webkit_dom_character_data_get_property):
(webkit_dom_character_data_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMClientRect.cpp:

(webkit_dom_client_rect_get_property):
(webkit_dom_client_rect_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMClientRectList.cpp:

(webkit_dom_client_rect_list_get_property):
(webkit_dom_client_rect_list_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMComment.cpp:

(webkit_dom_comment_dom_event_target_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDOMSelection.cpp:

(webkit_dom_dom_selection_get_property):
(webkit_dom_dom_selection_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDOMTokenList.cpp:

(webkit_dom_dom_token_list_set_property):
(webkit_dom_dom_token_list_get_property):
(webkit_dom_dom_token_list_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDOMWindow.cpp:

(webkit_dom_dom_window_dom_event_target_init):
(webkit_dom_dom_window_set_property):
(webkit_dom_dom_window_get_property):
(webkit_dom_dom_window_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDocument.cpp:

(webkit_dom_document_dom_event_target_init):
(webkit_dom_document_set_property):
(webkit_dom_document_get_property):
(webkit_dom_document_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDocumentFragment.cpp:

(webkit_dom_document_fragment_dom_event_target_init):
(webkit_dom_document_fragment_get_property):
(webkit_dom_document_fragment_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDocumentType.cpp:

(webkit_dom_document_type_dom_event_target_init):
(webkit_dom_document_type_get_property):
(webkit_dom_document_type_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMElement.cpp:

(webkit_dom_element_dom_event_target_init):
(webkit_dom_element_set_property):
(webkit_dom_element_get_property):
(webkit_dom_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMEvent.cpp:

(webkit_dom_event_set_property):
(webkit_dom_event_get_property):
(webkit_dom_event_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMFile.cpp:

(webkit_dom_file_get_property):
(webkit_dom_file_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMFileList.cpp:

(webkit_dom_file_list_get_property):
(webkit_dom_file_list_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLAnchorElement.cpp:

(webkit_dom_html_anchor_element_dom_event_target_init):
(webkit_dom_html_anchor_element_set_property):
(webkit_dom_html_anchor_element_get_property):
(webkit_dom_html_anchor_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLAppletElement.cpp:

(webkit_dom_html_applet_element_dom_event_target_init):
(webkit_dom_html_applet_element_set_property):
(webkit_dom_html_applet_element_get_property):
(webkit_dom_html_applet_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLAreaElement.cpp:

(webkit_dom_html_area_element_dom_event_target_init):
(webkit_dom_html_area_element_set_property):
(webkit_dom_html_area_element_get_property):
(webkit_dom_html_area_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLBRElement.cpp:

(webkit_dom_html_br_element_dom_event_target_init):
(webkit_dom_html_br_element_set_property):
(webkit_dom_html_br_element_get_property):
(webkit_dom_html_br_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLBaseElement.cpp:

(webkit_dom_html_base_element_dom_event_target_init):
(webkit_dom_html_base_element_set_property):
(webkit_dom_html_base_element_get_property):
(webkit_dom_html_base_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLBodyElement.cpp:

(webkit_dom_html_body_element_dom_event_target_init):
(webkit_dom_html_body_element_set_property):
(webkit_dom_html_body_element_get_property):
(webkit_dom_html_body_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLButtonElement.cpp:

(webkit_dom_html_button_element_dom_event_target_init):
(webkit_dom_html_button_element_set_property):
(webkit_dom_html_button_element_get_property):
(webkit_dom_html_button_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLCanvasElement.cpp:

(webkit_dom_html_canvas_element_dom_event_target_init):
(webkit_dom_html_canvas_element_set_property):
(webkit_dom_html_canvas_element_get_property):
(webkit_dom_html_canvas_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLCollection.cpp:

(webkit_dom_html_collection_get_property):
(webkit_dom_html_collection_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLDListElement.cpp:

(webkit_dom_html_d_list_element_dom_event_target_init):
(webkit_dom_html_d_list_element_set_property):
(webkit_dom_html_d_list_element_get_property):
(webkit_dom_html_d_list_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLDirectoryElement.cpp:

(webkit_dom_html_directory_element_dom_event_target_init):
(webkit_dom_html_directory_element_set_property):
(webkit_dom_html_directory_element_get_property):
(webkit_dom_html_directory_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLDivElement.cpp:

(webkit_dom_html_div_element_dom_event_target_init):
(webkit_dom_html_div_element_set_property):
(webkit_dom_html_div_element_get_property):
(webkit_dom_html_div_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLDocument.cpp:

(webkit_dom_html_document_dom_event_target_init):
(webkit_dom_html_document_set_property):
(webkit_dom_html_document_get_property):
(webkit_dom_html_document_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLElement.cpp:

(webkit_dom_html_element_dom_event_target_init):
(webkit_dom_html_element_set_property):
(webkit_dom_html_element_get_property):
(webkit_dom_html_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLEmbedElement.cpp:

(webkit_dom_html_embed_element_dom_event_target_init):
(webkit_dom_html_embed_element_set_property):
(webkit_dom_html_embed_element_get_property):
(webkit_dom_html_embed_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLFieldSetElement.cpp:

(webkit_dom_html_field_set_element_dom_event_target_init):
(webkit_dom_html_field_set_element_get_property):
(webkit_dom_html_field_set_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLFontElement.cpp:

(webkit_dom_html_font_element_dom_event_target_init):
(webkit_dom_html_font_element_set_property):
(webkit_dom_html_font_element_get_property):
(webkit_dom_html_font_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLFormElement.cpp:

(webkit_dom_html_form_element_dom_event_target_init):
(webkit_dom_html_form_element_set_property):
(webkit_dom_html_form_element_get_property):
(webkit_dom_html_form_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLFrameElement.cpp:

(webkit_dom_html_frame_element_dom_event_target_init):
(webkit_dom_html_frame_element_set_property):
(webkit_dom_html_frame_element_get_property):
(webkit_dom_html_frame_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLFrameSetElement.cpp:

(webkit_dom_html_frame_set_element_dom_event_target_init):
(webkit_dom_html_frame_set_element_set_property):
(webkit_dom_html_frame_set_element_get_property):
(webkit_dom_html_frame_set_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLHRElement.cpp:

(webkit_dom_html_hr_element_dom_event_target_init):
(webkit_dom_html_hr_element_set_property):
(webkit_dom_html_hr_element_get_property):
(webkit_dom_html_hr_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLHeadElement.cpp:

(webkit_dom_html_head_element_dom_event_target_init):
(webkit_dom_html_head_element_set_property):
(webkit_dom_html_head_element_get_property):
(webkit_dom_html_head_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLHeadingElement.cpp:

(webkit_dom_html_heading_element_dom_event_target_init):
(webkit_dom_html_heading_element_set_property):
(webkit_dom_html_heading_element_get_property):
(webkit_dom_html_heading_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLHtmlElement.cpp:

(webkit_dom_html_html_element_dom_event_target_init):
(webkit_dom_html_html_element_set_property):
(webkit_dom_html_html_element_get_property):
(webkit_dom_html_html_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLIFrameElement.cpp:

(webkit_dom_html_iframe_element_dom_event_target_init):
(webkit_dom_html_iframe_element_set_property):
(webkit_dom_html_iframe_element_get_property):
(webkit_dom_html_iframe_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLImageElement.cpp:

(webkit_dom_html_image_element_dom_event_target_init):
(webkit_dom_html_image_element_set_property):
(webkit_dom_html_image_element_get_property):
(webkit_dom_html_image_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLInputElement.cpp:

(webkit_dom_html_input_element_dom_event_target_init):
(webkit_dom_html_input_element_set_property):
(webkit_dom_html_input_element_get_property):
(webkit_dom_html_input_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLLIElement.cpp:

(webkit_dom_html_li_element_dom_event_target_init):
(webkit_dom_html_li_element_set_property):
(webkit_dom_html_li_element_get_property):
(webkit_dom_html_li_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLLabelElement.cpp:

(webkit_dom_html_label_element_dom_event_target_init):
(webkit_dom_html_label_element_set_property):
(webkit_dom_html_label_element_get_property):
(webkit_dom_html_label_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLLegendElement.cpp:

(webkit_dom_html_legend_element_dom_event_target_init):
(webkit_dom_html_legend_element_set_property):
(webkit_dom_html_legend_element_get_property):
(webkit_dom_html_legend_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLLinkElement.cpp:

(webkit_dom_html_link_element_dom_event_target_init):
(webkit_dom_html_link_element_set_property):
(webkit_dom_html_link_element_get_property):
(webkit_dom_html_link_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLMapElement.cpp:

(webkit_dom_html_map_element_dom_event_target_init):
(webkit_dom_html_map_element_set_property):
(webkit_dom_html_map_element_get_property):
(webkit_dom_html_map_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLMarqueeElement.cpp:

(webkit_dom_html_marquee_element_dom_event_target_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLMenuElement.cpp:

(webkit_dom_html_menu_element_dom_event_target_init):
(webkit_dom_html_menu_element_set_property):
(webkit_dom_html_menu_element_get_property):
(webkit_dom_html_menu_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLMetaElement.cpp:

(webkit_dom_html_meta_element_dom_event_target_init):
(webkit_dom_html_meta_element_set_property):
(webkit_dom_html_meta_element_get_property):
(webkit_dom_html_meta_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLModElement.cpp:

(webkit_dom_html_mod_element_dom_event_target_init):
(webkit_dom_html_mod_element_set_property):
(webkit_dom_html_mod_element_get_property):
(webkit_dom_html_mod_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLOListElement.cpp:

(webkit_dom_html_o_list_element_dom_event_target_init):
(webkit_dom_html_o_list_element_set_property):
(webkit_dom_html_o_list_element_get_property):
(webkit_dom_html_o_list_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLObjectElement.cpp:

(webkit_dom_html_object_element_dom_event_target_init):
(webkit_dom_html_object_element_set_property):
(webkit_dom_html_object_element_get_property):
(webkit_dom_html_object_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLOptGroupElement.cpp:

(webkit_dom_html_opt_group_element_dom_event_target_init):
(webkit_dom_html_opt_group_element_set_property):
(webkit_dom_html_opt_group_element_get_property):
(webkit_dom_html_opt_group_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLOptionElement.cpp:

(webkit_dom_html_option_element_dom_event_target_init):
(webkit_dom_html_option_element_set_property):
(webkit_dom_html_option_element_get_property):
(webkit_dom_html_option_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLOptionsCollection.cpp:

(webkit_dom_html_options_collection_set_property):
(webkit_dom_html_options_collection_get_property):
(webkit_dom_html_options_collection_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLParagraphElement.cpp:

(webkit_dom_html_paragraph_element_dom_event_target_init):
(webkit_dom_html_paragraph_element_set_property):
(webkit_dom_html_paragraph_element_get_property):
(webkit_dom_html_paragraph_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLParamElement.cpp:

(webkit_dom_html_param_element_dom_event_target_init):
(webkit_dom_html_param_element_set_property):
(webkit_dom_html_param_element_get_property):
(webkit_dom_html_param_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLPreElement.cpp:

(webkit_dom_html_pre_element_dom_event_target_init):
(webkit_dom_html_pre_element_set_property):
(webkit_dom_html_pre_element_get_property):
(webkit_dom_html_pre_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLQuoteElement.cpp:

(webkit_dom_html_quote_element_dom_event_target_init):
(webkit_dom_html_quote_element_set_property):
(webkit_dom_html_quote_element_get_property):
(webkit_dom_html_quote_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLScriptElement.cpp:

(webkit_dom_html_script_element_dom_event_target_init):
(webkit_dom_html_script_element_set_property):
(webkit_dom_html_script_element_get_property):
(webkit_dom_html_script_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLSelectElement.cpp:

(webkit_dom_html_select_element_dom_event_target_init):
(webkit_dom_html_select_element_set_property):
(webkit_dom_html_select_element_get_property):
(webkit_dom_html_select_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLStyleElement.cpp:

(webkit_dom_html_style_element_dom_event_target_init):
(webkit_dom_html_style_element_set_property):
(webkit_dom_html_style_element_get_property):
(webkit_dom_html_style_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLTableCaptionElement.cpp:

(webkit_dom_html_table_caption_element_dom_event_target_init):
(webkit_dom_html_table_caption_element_set_property):
(webkit_dom_html_table_caption_element_get_property):
(webkit_dom_html_table_caption_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLTableCellElement.cpp:

(webkit_dom_html_table_cell_element_dom_event_target_init):
(webkit_dom_html_table_cell_element_set_property):
(webkit_dom_html_table_cell_element_get_property):
(webkit_dom_html_table_cell_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLTableColElement.cpp:

(webkit_dom_html_table_col_element_dom_event_target_init):
(webkit_dom_html_table_col_element_set_property):
(webkit_dom_html_table_col_element_get_property):
(webkit_dom_html_table_col_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLTableElement.cpp:

(webkit_dom_html_table_element_dom_event_target_init):
(webkit_dom_html_table_element_set_property):
(webkit_dom_html_table_element_get_property):
(webkit_dom_html_table_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLTableRowElement.cpp:

(webkit_dom_html_table_row_element_dom_event_target_init):
(webkit_dom_html_table_row_element_set_property):
(webkit_dom_html_table_row_element_get_property):
(webkit_dom_html_table_row_element_class_init):
(webkit_dom_html_table_row_element_insert_cell):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLTableSectionElement.cpp:

(webkit_dom_html_table_section_element_dom_event_target_init):
(webkit_dom_html_table_section_element_set_property):
(webkit_dom_html_table_section_element_get_property):
(webkit_dom_html_table_section_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLTextAreaElement.cpp:

(webkit_dom_html_text_area_element_dom_event_target_init):
(webkit_dom_html_text_area_element_set_property):
(webkit_dom_html_text_area_element_get_property):
(webkit_dom_html_text_area_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLTitleElement.cpp:

(webkit_dom_html_title_element_dom_event_target_init):
(webkit_dom_html_title_element_set_property):
(webkit_dom_html_title_element_get_property):
(webkit_dom_html_title_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLUListElement.cpp:

(webkit_dom_html_u_list_element_dom_event_target_init):
(webkit_dom_html_u_list_element_set_property):
(webkit_dom_html_u_list_element_get_property):
(webkit_dom_html_u_list_element_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMKeyboardEvent.cpp:

(webkit_dom_keyboard_event_get_property):
(webkit_dom_keyboard_event_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMMediaList.cpp:

(webkit_dom_media_list_set_property):
(webkit_dom_media_list_get_property):
(webkit_dom_media_list_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMMouseEvent.cpp:

(webkit_dom_mouse_event_get_property):
(webkit_dom_mouse_event_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMNamedNodeMap.cpp:

(webkit_dom_named_node_map_get_property):
(webkit_dom_named_node_map_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMNode.cpp:

(webkit_dom_node_dom_event_target_init):
(webkit_dom_node_set_property):
(webkit_dom_node_get_property):
(webkit_dom_node_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMNodeIterator.cpp:

(webkit_dom_node_iterator_get_property):
(webkit_dom_node_iterator_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMNodeList.cpp:

(webkit_dom_node_list_get_property):
(webkit_dom_node_list_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMObject.cpp:

(webkitDOMObjectSetProperty):
(webkit_dom_object_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMProcessingInstruction.cpp:

(webkit_dom_processing_instruction_dom_event_target_init):
(webkit_dom_processing_instruction_get_property):
(webkit_dom_processing_instruction_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMRange.cpp:

(webkit_dom_range_get_property):
(webkit_dom_range_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMStyleSheet.cpp:

(webkit_dom_style_sheet_set_property):
(webkit_dom_style_sheet_get_property):
(webkit_dom_style_sheet_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMStyleSheetList.cpp:

(webkit_dom_style_sheet_list_get_property):
(webkit_dom_style_sheet_list_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMText.cpp:

(webkit_dom_text_dom_event_target_init):
(webkit_dom_text_get_property):
(webkit_dom_text_class_init):
(webkit_dom_event_target_init): Deleted.

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMTreeWalker.cpp:

(webkit_dom_tree_walker_get_property):
(webkit_dom_tree_walker_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMUIEvent.cpp:

(webkit_dom_ui_event_get_property):
(webkit_dom_ui_event_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMWheelEvent.cpp:

(webkit_dom_wheel_event_get_property):
(webkit_dom_wheel_event_class_init):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMXPathResult.cpp:

(webkit_dom_xpath_result_get_property):
(webkit_dom_xpath_result_class_init):

  • WebProcess/InjectedBundle/glib/InjectedBundleGlib.cpp:
  • WebProcess/MediaCache/WebMediaKeyStorageManager.cpp:
  • WebProcess/Plugins/Netscape/unix/NetscapePluginUnix.cpp:
  • WebProcess/Plugins/Netscape/x11/NetscapePluginX11.cpp:
  • WebProcess/WebCoreSupport/curl/WebFrameNetworkingContext.cpp:
  • WebProcess/WebCoreSupport/gtk/WebContextMenuClientGtk.cpp:
  • WebProcess/WebCoreSupport/gtk/WebDragClientGtk.cpp:
  • WebProcess/WebCoreSupport/gtk/WebEditorClientGtk.cpp:
  • WebProcess/WebCoreSupport/gtk/WebPopupMenuGtk.cpp:
  • WebProcess/WebPage/AcceleratedDrawingArea.cpp:
  • WebProcess/WebPage/AcceleratedSurface.cpp:
  • WebProcess/WebPage/CoordinatedGraphics/CompositingCoordinator.cpp:
  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp:
  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:
  • WebProcess/WebPage/DrawingAreaImpl.cpp:
  • WebProcess/WebPage/gtk/AcceleratedSurfaceWayland.cpp:
  • WebProcess/WebPage/gtk/AcceleratedSurfaceX11.cpp:
  • WebProcess/WebPage/gtk/WebPageGtk.cpp:
  • WebProcess/gtk/WaylandCompositorDisplay.cpp:
  • WebProcess/gtk/WebProcessMainGtk.cpp:
10:09 PM Changeset in webkit [228729] by Antti Koivisto
  • 4 edits in trunk/Source/WebCore

Use selector filter when invalidating descendants
https://bugs.webkit.org/show_bug.cgi?id=182839
<rdar://problem/37581072>

Reviewed by Zalan Bujtas.

We can make descendant invalidation faster by enabling filtering.

  • css/SelectorFilter.cpp:

(WebCore::SelectorFilter::initializeParentStack):

Traverse and reverse the ancestor chain, and push it.

(WebCore::SelectorFilter::pushParent):
(WebCore::SelectorFilter::pushParentInitializingIfNeeded):

Add a version of pushParent that can initialize the stack.

(WebCore::SelectorFilter::popParent):
(WebCore::SelectorFilter::popParentsUntil):

Pop until a given parent element.

(WebCore::SelectorFilter::pushParentStackFrame): Deleted.
(WebCore::SelectorFilter::popParentStackFrame): Deleted.

These were the same as push/popParent.

  • css/SelectorFilter.h:

(WebCore::SelectorFilter::popParent): Deleted.

  • style/StyleInvalidator.cpp:

(WebCore::Style::Invalidator::invalidateStyleForDescendants):

Use pushParentInitializingIfNeeded.

(WebCore::Style::Invalidator::invalidateStyleWithMatchElement):

Use selector filter when doing descendant tree invalidation.
Make sure to pop it until the parent when reusing.

9:01 PM Changeset in webkit [228728] by Yusuke Suzuki
  • 4 edits
    4 adds in trunk

[FTL] Support ArrayPush for ArrayStorage
https://bugs.webkit.org/show_bug.cgi?id=182782

Reviewed by Saam Barati.

JSTests:

Existing array-push-multiple-storage.js covers ArrayPush(ArrayStorage) multiple arguments case.

  • stress/array-push-array-storage-beyond-int32.js: Added.

(shouldBe):
(test):

  • stress/array-push-array-storage.js: Added.

(shouldBe):
(test):

  • stress/array-push-multiple-array-storage-beyond-int32.js: Added.

(shouldBe):
(test):

  • stress/array-push-multiple-storage-continuous.js: Added.

(shouldBe):
(test):

Source/JavaScriptCore:

This patch adds support for ArrayPush(ArrayStorage). We just port ArrayPush(ArrayStorage) in DFG to FTL.

  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileArrayPush):

8:33 PM Changeset in webkit [228727] by Yusuke Suzuki
  • 5 edits
    1 add in trunk

[FTL] Support ArrayPop for ArrayStorage
https://bugs.webkit.org/show_bug.cgi?id=182783

Reviewed by Saam Barati.

JSTests:

  • stress/array-pop-array-storage.js: Added.

(shouldBe):
(test):

Source/JavaScriptCore:

This patch adds ArrayPop(ArrayStorage) support to FTL. We port the implementation in DFG to FTL.

  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileArrayPop):

8:00 PM Changeset in webkit [228726] by Yusuke Suzuki
  • 6 edits
    5 adds in trunk

[FTL] Add Arrayify for ArrayStorage and SlowPutArrayStorage
https://bugs.webkit.org/show_bug.cgi?id=182731

Reviewed by Saam Barati.

JSTests:

  • stress/arrayify-array-storage-array.js: Added.

(shouldBe):
(testArrayStorage):

  • stress/arrayify-array-storage-non-array.js: Added.

(shouldBe):
(testArrayStorage):

  • stress/arrayify-array-storage.js: Added.

(shouldBe):
(testArrayStorage):

  • stress/arrayify-slow-put-array-storage-pass-array-storage.js: Added.

(shouldBe):
(testArrayStorage):

  • stress/arrayify-slow-put-array-storage.js: Added.

(shouldBe):
(testArrayStorage):

Source/JavaScriptCore:

This patch adds support for Arrayify(ArrayStorage/SlowPutArrayStorage) to FTL.
Due to ArrayifyToStructure and CheckArray changes, necessary changes for
supporting Arrayify in FTL are already done. Just allowing it in FTLCapabilities.cpp
is enough.

We fix FTL's CheckArray logic. Previously, CheckArray(SlowPutArrayStorage) does not pass
ArrayStorage in FTL. But now it passes this as DFG does. Moreover, we fix DFG's CheckArray
where CheckArray(ArrayStorage+NonArray) can pass ArrayStorage+Array.

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::silentFill):
(JSC::DFG::SpeculativeJIT::jumpSlowForUnwantedArrayMode):

  • dfg/DFGSpeculativeJIT.h:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::isArrayTypeForArrayify):

7:51 PM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
7:45 PM Changeset in webkit [228725] by sbarati@apple.com
  • 8 edits
    1 add in trunk

Don't use JSFunction's allocation profile when getting the prototype can be effectful
https://bugs.webkit.org/show_bug.cgi?id=182942
<rdar://problem/37584764>

Reviewed by Mark Lam.

JSTests:

  • stress/get-prototype-create-this-effectful.js: Added.

Source/JavaScriptCore:

Prior to this patch, the create_this implementation assumed that anything
that is a JSFunction can use the object allocation profile and go down the
fast path to allocate the |this| object. Implied by this approach is that
accessing the 'prototype' property of the incoming function is not an
effectful operation. This is inherent to the ObjectAllocationProfile
data structure: it caches the prototype field. However, getting the
'prototype' property might be an effectful operation, e.g, it could
be a getter. Many variants of functions in JS have the 'prototype' property
as non-configurable. However, some functions, like bound functions, do not
have the 'prototype' field with these attributes.

This patch adds the notion of 'canUseAllocationProfile' to JSFunction
and threads it through so that we only go down the fast path and use
the allocation profile when the prototype property is non-configurable.

  • bytecompiler/NodesCodegen.cpp:

(JSC::ClassExprNode::emitBytecode):

  • dfg/DFGOperations.cpp:
  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/JSFunction.cpp:

(JSC::JSFunction::prototypeForConstruction):
(JSC::JSFunction::allocateAndInitializeRareData):
(JSC::JSFunction::initializeRareData):
(JSC::JSFunction::getOwnPropertySlot):
(JSC::JSFunction::canUseAllocationProfileNonInline):

  • runtime/JSFunction.h:

(JSC::JSFunction::ensureRareDataAndAllocationProfile):

  • runtime/JSFunctionInlines.h:

(JSC::JSFunction::canUseAllocationProfile):

7:21 PM Changeset in webkit [228724] by commit-queue@webkit.org
  • 5 edits in trunk

null m_lastNodeInserted dereference at ReplaceSelectionCommand::InsertedNodes::lastLeafInserted
https://bugs.webkit.org/show_bug.cgi?id=161947

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-19
Reviewed by Ryosuke Niwa.

Source/WebCore:

InsertedNodes happened to be empty if the inserted nodes were
removed. Add more checks if InsertedNodes is empty.

No new tests (Covered by existing tests).

  • editing/ReplaceSelectionCommand.cpp:

(WebCore::ReplaceSelectionCommand::doApply): Return early if InsertedNodes becomes empty.

  • editing/ReplaceSelectionCommand.h:

(WebCore::ReplaceSelectionCommand::InsertedNodes::isEmpty): New method.
(WebCore::ReplaceSelectionCommand::InsertedNodes::lastLeafInserted const):
Assert m_lastNodeInserted is not null.
(WebCore::ReplaceSelectionCommand::InsertedNodes::pastLastLeaf const): Ditto.

LayoutTests:

  • platform/gtk/TestExpectations:

Unmarked editing/execCommand/crash-replacing-list-by-list.html and editing/inserting/insert-table-in-paragraph-crash.html.

6:12 PM Changeset in webkit [228723] by beidson@apple.com
  • 6 edits in trunk/Source/WebKit

Add WebProcessPool option for process swapping on navigation.
https://bugs.webkit.org/show_bug.cgi?id=182945

Reviewed by Alex Christensen.

Just the most basic groundwork for testing a new WK2 feature.

  • UIProcess/API/APIProcessPoolConfiguration.h:
  • UIProcess/API/C/WKContextConfigurationRef.cpp:

(WKContextConfigurationProcessSwapsOnNavigation):
(WKContextConfigurationSetProcessSwapsOnNavigation):

  • UIProcess/API/C/WKContextConfigurationRef.h:
  • UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
  • UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:

(-[_WKProcessPoolConfiguration setProcessSwapsOnNavigation:]):
(-[_WKProcessPoolConfiguration processSwapsOnNavigation]):

6:04 PM Changeset in webkit [228722] by Matt Baker
  • 7 edits in trunk/Source/WebInspectorUI

Web Inspector: Canvas tab: hide navigation sidebar when viewing the overview
https://bugs.webkit.org/show_bug.cgi?id=182597
<rdar://problem/37341564>

Reviewed by Devin Rousso.

Support showing/hiding the navigation sidebar panel based on the current
represented object. Individual TabContentViews can opt-in to this behavior,
by overriding TabContentView.prototype.managesNavigationSidebarPanel.

  • UserInterface/Views/CanvasSidebarPanel.js:

(WI.CanvasSidebarPanel.prototype.canShowRepresentedObject):

  • UserInterface/Views/CanvasTabContentView.js:

(WI.CanvasTabContentView.prototype.get managesNavigationSidebarPanel):
Hide the Canvas navigation sidebar when viewing the overview.

  • UserInterface/Views/ContentBrowserTabContentView.js:

(WI.ContentBrowserTabContentView):
(WI.ContentBrowserTabContentView.prototype.showNavigationSidebarPanel):
(WI.ContentBrowserTabContentView.prototype._navigationSidebarCollapsedStateDidChange):
(WI.ContentBrowserTabContentView.prototype._contentBrowserCurrentRepresentedObjectsDidChange):

  • UserInterface/Views/NavigationSidebarPanel.js:

(WI.NavigationSidebarPanel.prototype.canShowRepresentedObject):
Provide default implementation that just defers to the TabContentView.
This exists so that a NavigationSidebarPanel that implements canShowRepresentedObject
will have a meaningful default to fall back on.

  • UserInterface/Views/TabBrowser.js:

(WI.TabBrowser.prototype._sidebarCollapsedStateDidChange):
(WI.TabBrowser.prototype._showNavigationSidebarPanelForTabContentView):

  • UserInterface/Views/TabContentView.js:

(WI.TabContentView.prototype.get managesNavigationSidebarPanel):

6:02 PM Changeset in webkit [228721] by commit-queue@webkit.org
  • 43 edits
    1 add
    1 delete in trunk/Source/WebCore

Add SVGPropertyTraits::fromString() to all the SVG animated types
https://bugs.webkit.org/show_bug.cgi?id=182901

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-02-19
Reviewed by Dean Jackson.

This is a work toward https://bugs.webkit.org/show_bug.cgi?id=168586. The
goal is is to templatize the SVGAnimatedType class and to use SVGPropertyTraits
methods inside the template functions.

  • WebCore.xcodeproj/project.pbxproj: Move the enum and the SVGPropertyTraits

from SVGMarkerElement.h to SVGMarkerTypes.h.

  • svg/SVGAngle.h:

(WebCore::SVGAngle::SVGAngle): Delete unused constructor and create() method.

  • svg/SVGAngleValue.h:
  • svg/SVGAnimateMotionElement.cpp:

(WebCore::parsePoint): Deleted. Move this function to SVGParserUtilities.cpp

  • svg/SVGAnimatedAngle.cpp:

(WebCore::SVGAnimatedAngleAnimator::constructFromString): Use SVGPropertyTraits::fromString().

  • svg/SVGAnimatedBoolean.cpp:

(WebCore::SVGAnimatedBooleanAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedColor.cpp:

(WebCore::SVGAnimatedColorAnimator::constructFromString): Ditto.
(WebCore::SVGAnimatedColorAnimator::addAnimatedTypes): Use const.
(WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue): Ditto.

  • svg/SVGAnimatedEnumeration.cpp:

(WebCore::SVGAnimatedEnumerationAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedInteger.cpp:

(WebCore::SVGAnimatedIntegerAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedIntegerOptionalInteger.cpp:

(WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedLength.cpp:
  • svg/SVGAnimatedLengthList.cpp:

(WebCore::SVGAnimatedLengthListAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedNumber.cpp:

(WebCore::SVGAnimatedNumberAnimator::constructFromString): Ditto
(WebCore::parseNumberFromString):

  • svg/SVGAnimatedNumberList.cpp:

(WebCore::SVGAnimatedNumberListAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedNumberOptionalNumber.cpp:

(WebCore::SVGAnimatedNumberOptionalNumberAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedPath.cpp:

(WebCore::SVGAnimatedPathAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedPointList.cpp:

(WebCore::SVGAnimatedPointListAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedPreserveAspectRatio.cpp:

(WebCore::SVGAnimatedPreserveAspectRatioAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedRect.cpp:

(WebCore::SVGAnimatedRectAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedString.cpp:

(WebCore::SVGAnimatedStringAnimator::constructFromString): Ditto.

  • svg/SVGAnimatedTransformList.cpp:

(WebCore::SVGAnimatedTransformListAnimator::constructFromString): Ditto.

  • svg/SVGLength.h:

(WebCore::SVGLength::SVGLength): Delete unused constructor and create() method.

  • svg/SVGLengthListValues.h:

(WebCore::SVGPropertyTraits<SVGLengthListValues>::fromString): New SVGPropertyTraits method.
(WebCore::SVGPropertyTraits<SVGLengthListValues>::parse): Ditto.

  • svg/SVGMarkerElement.h:

(WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::highestEnumValue): Deleted.
(WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::toString): Deleted.
(WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::fromString): Deleted.
(WebCore::SVGIDLEnumLimits<SVGMarkerOrientType>::highestExposedEnumValue): Deleted.
(WebCore::SVGPropertyTraits<SVGMarkerOrientType>::highestEnumValue): Deleted.
(WebCore::SVGPropertyTraits<SVGMarkerOrientType>::fromString): Deleted.

  • svg/SVGMarkerTypes.h: Added.

(WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::highestEnumValue):
(WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::toString):
(WebCore::SVGPropertyTraits<SVGMarkerUnitsType>::fromString):
(WebCore::SVGPropertyTraits<SVGMarkerOrientType>::highestEnumValue):
(WebCore::SVGPropertyTraits<SVGMarkerOrientType>::fromString):
(WebCore::SVGIDLEnumLimits<SVGMarkerOrientType>::highestExposedEnumValue):

  • svg/SVGMatrix.h: Delete unused constructor and create method.
  • svg/SVGNumber.h:

(WebCore::SVGNumber::SVGNumber): Ditto.

  • svg/SVGNumberListValues.h:

(WebCore::SVGPropertyTraits<SVGNumberListValues>::fromString): New SVGPropertyTraits method.

  • svg/SVGParserUtilities.cpp:

(WebCore::parsePoint): This is moved from SVGAnimateMotionElement.cpp

  • svg/SVGParserUtilities.h:
  • svg/SVGPathByteStream.h:

(WebCore::SVGPathByteStream::SVGPathByteStream):
(WebCore::SVGPathByteStream::operator=): Add copy and move assignment operators.
(WebCore::SVGPathByteStream::copy const): Use the copy assignment.
(WebCore::SVGPathByteStream::isEmpty const): Use Data.isEmpty().
(WebCore::SVGPropertyTraits<SVGPathByteStream>::initialValue): New SVGPropertyTraits method.
(WebCore::SVGPropertyTraits<SVGPathByteStream>::fromString): Ditto.

  • svg/SVGPathUtilities.cpp:

(WebCore::addToSVGPathByteStream): Answer Simon's questions which were added in r190844.

  • svg/SVGPoint.h:

(WebCore::SVGPoint::SVGPoint): Delete unused constructor and create method.

  • svg/SVGPointListValues.h:

(WebCore::SVGPropertyTraits<SVGPointListValues>::fromString): New SVGPropertyTraits method.

  • svg/SVGPolyElement.cpp:

(WebCore::SVGPolyElement::parseAttribute): Use the move assignment operator.

  • svg/SVGPreserveAspectRatio.h:

(WebCore::SVGPreserveAspectRatio::SVGPreserveAspectRatio): Delete unused constructor and create method.

  • svg/SVGPreserveAspectRatioValue.cpp:

(WebCore::SVGPreserveAspectRatioValue::SVGPreserveAspectRatioValue): Add new constructor.

  • svg/SVGPreserveAspectRatioValue.h:

(WebCore::SVGPropertyTraits<SVGPreserveAspectRatioValue>::fromString): New SVGPropertyTraits method.
(WebCore::SVGPropertyTraits<SVGPreserveAspectRatioValue>::toString): Ditto.

  • svg/SVGRect.h:

(WebCore::SVGRect::SVGRect): Delete unused constructor and create method.

  • svg/SVGRectTraits.h: Removed.
  • svg/SVGTransform.h:

(WebCore::SVGTransform::SVGTransform): Delete unused constructor and create method.

  • svg/SVGTransformListValues.h:

(WebCore::SVGPropertyTraits<SVGTransformListValues>::fromString): New SVGPropertyTraits method.

  • svg/properties/SVGPropertyTearOff.h: Delete unused create method.
  • svg/properties/SVGPropertyTraits.h: New SVGPropertyTraits methods.

(WebCore::SVGPropertyTraits<bool>::fromString):
(WebCore::SVGPropertyTraits<Color>::initialValue):
(WebCore::SVGPropertyTraits<Color>::fromString):
(WebCore::SVGPropertyTraits<Color>::parse):
(WebCore::SVGPropertyTraits<Color>::toString):
(WebCore::SVGPropertyTraits<int>::fromString):
(WebCore::SVGPropertyTraits<float>::fromString):
(WebCore::SVGPropertyTraits<float>::parse):
(WebCore::SVGPropertyTraits<FloatPoint>::initialValue):
(WebCore::SVGPropertyTraits<FloatPoint>::fromString):
(WebCore::SVGPropertyTraits<FloatPoint>::parse):
(WebCore::SVGPropertyTraits<FloatPoint>::toString):
(WebCore::SVGPropertyTraits<FloatRect>::initialValue):
(WebCore::SVGPropertyTraits<FloatRect>::fromString):
(WebCore::SVGPropertyTraits<FloatRect>::parse):
(WebCore::SVGPropertyTraits<FloatRect>::toString):
(WebCore::SVGPropertyTraits<String>::fromString):
(WebCore::SVGPropertyTraits<String>::parse):
(WebCore::SVGPropertyTraits<String>::toString):

6:00 PM Changeset in webkit [228720] by sbarati@apple.com
  • 8 edits in trunk/Source/JavaScriptCore

Don't mark an array profile out of bounds for the cases where the DFG will convert the access to SaneChain
https://bugs.webkit.org/show_bug.cgi?id=182912
<rdar://problem/37685083>

Reviewed by Keith Miller.

In the baseline JIT and LLInt, when we loading a hole from an original array,
with the array prototype chain being normal, we end up marking the ArrayProfile
for that GetByVal as out of bounds. However, the DFG knows exactly how to
optimize this case by returning undefined when loading from a hole. Currently,
it only does this for Contiguous arrays (and sometimes Double arrays).
This patch just makes sure to not mark the ArrayProfile as out of bounds
in this scenario for Contiguous arrays, since the DFG will always optimize
this case.

However, we should extend this by profiling when a GetByVal loads a hole. By
doing so, we can optimize this for Int32, ArrayStorage, and maybe even Double
arrays. That work will happen in:
https://bugs.webkit.org/show_bug.cgi?id=182940

This patch is a 30-50% speedup on JetStream's hash-map test. This patch
speeds up JetStream by 1% when testing on my iMac.

  • dfg/DFGArrayMode.cpp:

(JSC::DFG::ArrayMode::refine const):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • jit/JITOperations.cpp:

(JSC::getByVal):
(JSC::canAccessArgumentIndexQuickly): Deleted.

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::getByVal):
(JSC::LLInt::LLINT_SLOW_PATH_DECL):

  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
  • runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::canAccessArgumentIndexQuickly):

5:26 PM Changeset in webkit [228719] by Ryan Haddad
  • 3 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r228541. rdar://problem/36837397

4:37 PM Changeset in webkit [228718] by graouts@webkit.org
  • 14 edits
    6 adds in trunk

[Modern Media Controls] Implement a compact set of media controls
https://bugs.webkit.org/show_bug.cgi?id=182937
<rdar://problem/37682257>

Reviewed by Eric Carlson.

Source/WebCore:

We add a new type of media controls used when we need stripped down and compact controls. The new
CompactMediaControls only show a play/pause button and an invalid placard and disregard all media
events that are not relevant to the display of these controls.

To distinguish cases where we need to show compact media controls, we expose a new property on
MediaControlsHost called "compactMode".

Tests: media/modern-media-controls/compact-media-controls/compact-media-controls-constructor.html

media/modern-media-controls/compact-media-controls/compact-media-controls-layout.html

  • Modules/mediacontrols/MediaControlsHost.cpp:

(WebCore::MediaControlsHost::base64StringForIconNameAndType const):
(WebCore::MediaControlsHost::compactMode const):

  • Modules/mediacontrols/MediaControlsHost.h:

(WebCore::MediaControlsHost::setSimulateCompactMode):

  • Modules/mediacontrols/MediaControlsHost.idl:
  • Modules/modern-media-controls/controls/compact-media-controls.js: Added.

(CompactMediaControls.prototype.get scaleFactor):
(CompactMediaControls.prototype.set scaleFactor):
(CompactMediaControls.prototype.get shouldCenterControlsVertically):
(CompactMediaControls.prototype.set shouldCenterControlsVertically):
(CompactMediaControls.prototype.get placard):
(CompactMediaControls.prototype.set placard):
(CompactMediaControls.prototype.layout):
(CompactMediaControls.prototype.commitProperty):

  • Modules/modern-media-controls/controls/icon-service.js:

(const.iconService.new.IconService.prototype._fileNameAndPlatformForIconAndLayoutTraits):
(const.iconService.new.IconService):

  • Modules/modern-media-controls/controls/inline-media-controls.js:
  • Modules/modern-media-controls/controls/layout-item.js:
  • Modules/modern-media-controls/js-files:
  • Modules/modern-media-controls/main.js:
  • Modules/modern-media-controls/media/media-controller.js:

(MediaController.prototype.get layoutTraits):
(MediaController.prototype._supportingObjectClasses): Compute the set of MediaControllerSupport classes based
on the layout traits such that in compact mode we only return PlacardSupport and PlaybackSupport.
(MediaController.prototype._updateControlsIfNeeded):
(MediaController.prototype._controlsClassForLayoutTraits):
(MediaController.prototype._shouldControlsBeAvailable):

  • Modules/modern-media-controls/media/placard-support.js:

(PlacardSupport.prototype.get mediaEvents): Only track the "error" event in compact mode since this is the only
relevant placard.

  • Modules/modern-media-controls/media/playback-support.js:

(PlaybackSupport.prototype.syncControl): Only show or hide the play/pause button based on the playback state
when in compact mode.
(PlaybackSupport):

  • WebCore.xcodeproj/project.pbxproj:

LayoutTests:

Add new tests that cover the basic properties and layout under different situations of the new CompactMediaControls.

  • media/modern-media-controls/compact-media-controls/compact-media-controls-constructor-expected.txt: Added.
  • media/modern-media-controls/compact-media-controls/compact-media-controls-constructor.html: Added.
  • media/modern-media-controls/compact-media-controls/compact-media-controls-layout-expected.txt: Added.
  • media/modern-media-controls/compact-media-controls/compact-media-controls-layout.html: Added.
4:36 PM Changeset in webkit [228717] by graouts@webkit.org
  • 14 edits
    6 adds in trunk

[Web Animations] Make KeyframeEffect target nullable and read-write
https://bugs.webkit.org/show_bug.cgi?id=182741

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Update test expectations with progressions resulting from handling null values for a keyframe effect's target
as well as making the KeyframeEffect target a read-write property.

  • web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:
  • web-platform-tests/web-animations/interfaces/KeyframeEffect/idlharness-expected.txt:
  • web-platform-tests/web-animations/interfaces/KeyframeEffect/processing-a-keyframes-argument-001-expected.txt:
  • web-platform-tests/web-animations/interfaces/KeyframeEffect/target-expected.txt:

Source/WebCore:

We used to completely disregard null targets, for instance not parsing keyframes, but targets
can be null and are also supposed to be read-write for KeyframeEffect. We now update the IDL
for KeyframeEffect to mark the target property as read-write and update the implementation
to correctly handle null targets.

This revealed a few issues in our implementation by allowing more WPT tests to run. So we also
ensure that:

  • we don't crash when parsing font-related properties by calling update() on the generated

RenderStyle's FontCascade when parsing keyframes.

  • CSS properties are provided as camel-case and not as hyphenated form
  • values provided in keyframes dictionaries are only read for valid properties
  • styles for effect targets are invalidated as soon as the timing model for that animation

is changed

  • animation/KeyframeEffect.idl:
  • animation/KeyframeEffectReadOnly.cpp:

(WebCore::invalidateElement): Add a new utility method to invalidate a given element since
we may want to invalidate not only the current target (m_target) but also a previous target.
(WebCore::IDLAttributeNameToAnimationPropertyName): Move this function below CSSPropertyIDToIDLAttributeName
so that it can call that function. We also check that we reject CSS properties that are not provided in
camel-case form (eg. "font-size" vs. "fontSize").
(WebCore::processIterableKeyframes): Only read the JS values if we know that the provided JS property name
maps to a valid CSS property.
(WebCore::KeyframeEffectReadOnly::processKeyframes): Allow keyframes to be processed even if the effect's
target is null.
(WebCore::KeyframeEffectReadOnly::setTarget): Notify the animation that the effect target has changed and
invalidate the style of the new target and the old targets, if any. We also update the blending keyframes
since this task may not have been completed in a previous call to processKeyframes() due to the target being
null at that time.
(WebCore::KeyframeEffectReadOnly::invalidate): Use the invalidateElement() utility.

  • animation/KeyframeEffectReadOnly.h:
  • animation/WebAnimation.cpp:

(WebCore::WebAnimation::effectTargetDidChange): This method is called in KeyframeEffectReadOnly::setTarget()
to inform the animation of the previous effect target and the new one upon a target change. This allows us to
forward this information onto the timeline so that we correctly add or remove the targets from the list of
animated elements.

  • animation/WebAnimation.h:

LayoutTests:

Add some platform-specific results for Sierra where we don't support the "font-variation-settings" property.

  • platform/mac-sierra/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt: Added.
  • platform/mac-sierra/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt: Added.
  • platform/mac-sierra/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt: Added.
4:20 PM Changeset in webkit [228716] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Crash under MIMETypeRegistry::isSupportedJavaScriptMIMEType()
https://bugs.webkit.org/show_bug.cgi?id=182927
<rdar://problem/37675748>

Reviewed by Antti Koivisto.

Make it safe to call MIMETypeRegistry::isSupportedJavaScriptMIMEType() from the non-main thread.
It is currently being called from a background thread in the following places:

  • ServiceWorkerJob::didReceiveResponse()
  • WorkerGlobalScope::importScripts()

These call sites on non-main threads were added recently with the support for service workers.

No new tests, already covered by existing tests that flakily experience service worker
process crashes.

  • platform/MIMETypeRegistry.cpp:

(WebCore::MIMETypeRegistry::isSupportedJavaScriptMIMEType):

4:04 PM Changeset in webkit [228715] by dino@apple.com
  • 3 edits
    3 adds in trunk

SIGFPE @ int WebCore::SVGToOTFFontConverter::scaleUnitsPerEm<int> const + 45
https://bugs.webkit.org/show_bug.cgi?id=182944
<rdar://problem/35369984>

Reviewed by Myles Maxfield.

Source/WebCore:

Avoid a divide-by-zero.

Test: svg/text/font-bad-unitsperem.html

  • svg/SVGFontFaceElement.cpp:

(WebCore::SVGFontFaceElement::unitsPerEm const):

LayoutTests:

Add a test with a 0 unitsperem SVG font.

  • svg/text/font-bad-unitsperem-expected.txt: Added.
  • svg/text/font-bad-unitsperem.html: Added.
  • svg/text/resources/font-bad-unitsperem.svg: Added.
3:30 PM Changeset in webkit [228714] by timothy_horton@apple.com
  • 9 edits
    2 copies in trunk

REGRESSION (r219342): Touch event coordinates and elementFromPoint coordinates differ
https://bugs.webkit.org/show_bug.cgi?id=182910
<rdar://problem/37533950>

Reviewed by Simon Fraser.

Source/WebCore:

We reverted other changes to the definition of client coordinates
in r219829 due to compatibility concerns. However, we failed to revert
r219342 on trunk, leaving elementFromPoint() using coordinates relative
to the layout viewport.

Add a currently off-by-default setting to switch on layout-viewport-relative
client coordinates and guard the elementFromPoint changes behind it.
A future patch should roll r219829 back in also behind this setting, so
that everything remains consistent regardless of which coordinate space we choose.

  • dom/TreeScope.cpp:

(WebCore::absolutePointIfNotClipped):

  • page/Settings.yaml:
  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::hitTest):

LayoutTests:

  • fast/dom/elementFromPoint-scaled-scrolled.html:

Revert changes to this test made in r219342.

  • fast/dom/elementFromPoint-scaled-scrolled-layout-viewport.html:
  • fast/dom/elementFromPoint-scaled-scrolled-layout-viewport-expected.txt:

Add a test that is equivalent to elementFromPoint-scaled-scrolled.html after r219342,
which turns on the new setting. This test is disabled on iOS (like it was
in r219342) because it needs window.scrollTo.

  • platform/ios-wk2/fast/dom/elementFromPoint-relative-to-viewport-expected.txt:

This now passes.

  • platform/ios/TestExpectations:

Re-mark-failing a test that was un-marked-failing by r219342.

2:50 PM Changeset in webkit [228713] by dbates@webkit.org
  • 2 edits in trunk/Source/WebKit

Null pointer dereference in WebPageProxy::urlSchemeHandlerForScheme()
https://bugs.webkit.org/show_bug.cgi?id=182905
<rdar://problem/37676775>

Reviewed by Alex Christensen.

Return nullptr when querying for the scheme handler of the null string.

Before a navigation is performed WebKit checks if the destination URL is associated with an app
unless the embedding client overrides the WKNavigationDelegate delegate callback -webView:decidePolicyForNavigationAction:decisionHandler.
If the URL is not associated with an app then WebKit may fall back to checking if the embedding
client registered a scheme handler for it. Currently we assume that the scheme is a non-null
string when checking the scheme handler registry. However the scheme can be a null string if
it is part of a malformed URL. And this leads to bad news bears when we try to use it to look
for a scheme handler. Instead check that the scheme is a non-null string before checking to see
if it is in the scheme handler registry.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::urlSchemeHandlerForScheme):

2:29 PM Changeset in webkit [228712] by eric.carlson@apple.com
  • 4 edits in trunk/Source

[Extra zoom mode] Don't allow PiP media playback
https://bugs.webkit.org/show_bug.cgi?id=182930
<rdar://problem/37676259>

Reviewed by Andy Estes.

Source/WebCore:

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): Don't call setPIPModeEnabled:
if it isn't implemented.
(WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode): Ditto.

Source/WebKit:

  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]): Don't enable PiP mode. Require user interaction for
all media types.

2:20 PM Changeset in webkit [228711] by Ryan Haddad
  • 4 edits in trunk

Unreviewed, rolling out r228696.

The API test added with this change is timing out on macOS.

Reverted changeset:

"Null pointer dereference in
WebPageProxy::urlSchemeHandlerForScheme()"
https://bugs.webkit.org/show_bug.cgi?id=182905
https://trac.webkit.org/changeset/228696

2:01 PM Changeset in webkit [228710] by graouts@webkit.org
  • 3 edits in trunk/Source/WebCore

[Web Animations] Decouple parsing JS keyframes and computing blending keyframes
https://bugs.webkit.org/show_bug.cgi?id=182939
<rdar://problem/37678364>

Reviewed by Dean Jackson.

Move all the code used to create the KeyframeList into a dedicated updateBlendingKeyframes() method.

No new tests since this code change has no user-visible impact.

  • animation/KeyframeEffectReadOnly.cpp:

(WebCore::KeyframeEffectReadOnly::processKeyframes):
(WebCore::KeyframeEffectReadOnly::updateBlendingKeyframes):

  • animation/KeyframeEffectReadOnly.h:
1:22 PM Changeset in webkit [228709] by jer.noble@apple.com
  • 18 edits in trunk/Source/WebCore

[EME] Add mechanism for MediaKeySession to react to HDCP changes
https://bugs.webkit.org/show_bug.cgi?id=182935

Reviewed by Eric Carlson.

Add a client callback interface to CDMInterface to allow subclasses to communicate up to
MediaKeySEssion. Add a virtual method to CDMInterface to allow it to be notified of HDCP
status changes. Override this method in CDMInstanceFairPlayStreamingAVFObjC. Hook up the
outputObscuredDueToInsufficientExternalProtectionChanged() methods in both
MediaPlayerPrivateAVFoundationObjC and MediaPlayerPrivateMediaSourceAVFObjC to this new
CDMInstance method. Add an Internals method to simulate an HDCP error for testing purposes.

  • Modules/encryptedmedia/MediaKeySession.cpp:

(WebCore::MediaKeySession::MediaKeySession):
(WebCore::MediaKeySession::~MediaKeySession):
(WebCore::MediaKeySession::updateKeyStatuses):

  • Modules/encryptedmedia/MediaKeySession.h:
  • platform/encryptedmedia/CDMInstance.h:

(WebCore::CDMInstance::setHDCPStatus):
(WebCore::CDMInstance::setClient):
(WebCore::CDMInstance::clearClient):

  • platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::beginSimulatedHDCPError):
(WebCore::MediaPlayer::endSimulatedHDCPError):

  • platform/graphics/MediaPlayer.h:
  • platform/graphics/MediaPlayerPrivate.h:

(WebCore::MediaPlayerPrivateInterface::beginSimulatedHDCPError):
(WebCore::MediaPlayerPrivateInterface::endSimulatedHDCPError):

  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:

(WebCore::CDMInstanceFairPlayStreamingAVFObjC::setClient):
(WebCore::CDMInstanceFairPlayStreamingAVFObjC::clearClient):
(WebCore::CDMInstanceFairPlayStreamingAVFObjC::sessionIdentifierChanged):
(WebCore::CDMInstanceFairPlayStreamingAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::outputObscuredDueToInsufficientExternalProtectionChanged):
(WebCore::playerKVOProperties):
(-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):

  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:

(-[WebAVSampleBufferErrorListener observeValueForKeyPath:ofObject:change:context:]):
(WebCore::SourceBufferPrivateAVFObjC::outputObscuredDueToInsufficientExternalProtectionChanged):

  • testing/Internals.cpp:

(WebCore::Internals::beginSimulatedHDCPError):
(WebCore::Internals::endSimulatedHDCPError):

  • testing/Internals.h:
  • testing/Internals.idl:
1:03 PM Changeset in webkit [228708] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::TimerBase::~TimerBase
https://bugs.webkit.org/show_bug.cgi?id=182931
<rdar://problem/37602962>

Reviewed by Antti Koivisto.

Make sure PlatformMediaResource is ThreadSafeRefCounted since it is being
used from several threads in WebCoreNSURLSession. Also make sure it is
always destroyed on the main thread since it ends up destroying a
CachedRawResource object.

No new tests, no known reproduction case.

  • platform/graphics/PlatformMediaResourceLoader.h:
  • platform/network/cocoa/WebCoreNSURLSession.mm:

(-[WebCoreNSURLSessionDataTask dealloc]):

12:56 PM Changeset in webkit [228707] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKitLegacy/mac

Cherry-pick r228580. rdar://problem/37675341

12:56 PM Changeset in webkit [228706] by jmarcell@apple.com
  • 10 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r228564. rdar://problem/37675352

12:16 PM Changeset in webkit [228705] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebCore

Apply patch. rdar://problem/37590759

Disable release assertions in updateStyleIfNeeded and updateLayout

11:55 AM Changeset in webkit [228704] by Alan Bujtas
  • 15 edits in trunk/Source/WebCore

[RenderTreeBuilder] Rename RenderTreeBuilder::removeAndDestroyChild() -> removeAndDestroy()
https://bugs.webkit.org/show_bug.cgi?id=182934
<rdar://problem/37678241>

Reviewed by Antti Koivisto.

No change in functionality.

  • dom/Document.cpp:

(WebCore::Document::setFullScreenRenderer):

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):

  • rendering/RenderButton.cpp:

(WebCore::RenderButton::setText):

  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreen::willBeDestroyed):
(WebCore::RenderFullScreen::unwrapRenderer):

  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::willBeDestroyed):

  • rendering/RenderTextFragment.cpp:

(WebCore::RenderTextFragment::willBeDestroyed):
(WebCore::RenderTextFragment::setText):

  • rendering/RenderView.cpp:

(WebCore::RenderView::willBeDestroyed):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::removeAndDestroy):
(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):
(WebCore::RenderTreeBuilder::removeAndDestroyChild): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::takeChild):

  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

  • rendering/updating/RenderTreeBuilderList.cpp:

(WebCore::RenderTreeBuilder::List::updateItemMarker):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
(WebCore::RenderTreeBuilder::Ruby::takeChild):

11:10 AM Changeset in webkit [228703] by dbates@webkit.org
  • 17 edits
    3 copies
    3 adds
    3 deletes in trunk

Do not block authentication challenge to navigated resources
https://bugs.webkit.org/show_bug.cgi?id=182807
<rdar://problem/37481619>

Reviewed by Brent Fulgham.

Source/WebCore:

Blocking the main resource from asking for credentials depending on how it was
navigated to could be confusing to a person and breaks web compatibility. Restore
the behavior before r224134.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::receivedFirstData):

  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::init):
(WebCore::ResourceLoader::willSendRequestInternal):
(WebCore::ResourceLoader::didBlockAuthenticationChallenge):
(WebCore::ResourceLoader::isAllowedToAskUserForCredentials const):
(WebCore::ResourceLoader::isMixedContent const): Deleted.

  • loader/ResourceLoader.h:

(WebCore::ResourceLoader::wasAuthenticationChallengeBlocked const):
(WebCore::ResourceLoader::wasInsecureRequestSeen const): Deleted.

LayoutTests:

Update tests based on the new behavior.

  • http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt:
  • http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https.html:
  • http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https-expected.txt: Removed.
  • http/tests/security/mixedContent/insecure-download-redirects-to-basic-auth-secure-download.https.html: Removed.
  • http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials-expected.txt:
  • http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.html:
  • http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-expected.txt:
  • http/tests/security/mixedContent/resources/frame-with-insecure-image-redirects-to-basic-auth-secure-image.html:
  • http/tests/security/mixedContent/resources/subresource/protected-pdf.php: Removed.
  • http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt:
  • http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt:
  • http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt:
  • http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html:
  • http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt:
  • http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https.html:
  • platform/wk2/http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt: Copied from LayoutTests/http/tests/security/mixedContent/insecure-basic-auth-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt.
  • platform/wk2/http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials-expected.txt: Added.
  • platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-insecure-page.https-expected.txt: Added.
  • platform/wk2/http/tests/security/mixedContent/secure-page-navigates-to-basic-auth-secure-page-via-insecure-redirect.https-expected.txt: Added.
  • platform/wk2/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt: Copied from LayoutTests/http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt.
  • platform/wk2/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt: Copied from LayoutTests/http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image-allowCrossOriginSubresourcesToAskForCredentials.https-expected.txt.
11:06 AM Changeset in webkit [228702] by graouts@webkit.org
  • 7 edits in trunk

[Web Animations] Store all parsed keyframe input information in a single structure
https://bugs.webkit.org/show_bug.cgi?id=182903

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Update test expectations with progressions resulting from returning the style values as provided
by the keyframe input when calling getKeyframes().

  • web-platform-tests/web-animations/interfaces/Animatable/animate-expected.txt:
  • web-platform-tests/web-animations/interfaces/KeyframeEffect/constructor-expected.txt:
  • web-platform-tests/web-animations/interfaces/KeyframeEffect/setKeyframes-expected.txt:

Source/WebCore:

When parsing keyframe input provided through the JS API, we used to create several data structures.
During parsing we would create a Vector<ProcessedKeyframe> where we would store the validated values
for "offset", "easing" and "composite" as well as CSS properties and CSS values as strings.

Then we would create a KeyframeList, a class that pre-dates the work on Web Animations and is used
for hardware animations, with RenderStyle objects that are used for CSS property blending at runtime.
Once the KeyframeList was created, the Vector<ProcessedKeyframe> was discarded.

Since KeyframeList did not know about nullable offsets, timing functions and composite operations, and
because we do not with to modify a legacy class that we will eventually remove once all the Web Animations
work is complete, we also stored the parsed offsets as m_offsets, the timing functions as m_timingFunctions
and the composite operations as m_compositeOperations.

In this patch we rename the ProcessedKeyframe structure used temporarily during parsing to ParsedKeyframe and
store both the input and processed data related to a given keyframe in that single structure which we keep
around as m_parsedKeyframes when we finished processing the keyframes input. This update ParsedKeyframe structure
allows to keep around the original nullable offsets, the original CSS properties and CSS values as strings as
a HashMap<CSSPropertyID, String>, as well as the CSS properties and CSS values as CSSValue objects using a
MutableStyleProperties object.

This has the benefit of reducing the number of members, but also pave the way for supporting read-write targets
where we will be able to decouple parsing keyframes and creating a KeyframeList, which requires a valid target
to create RenderStyle objects used for blending, since the original parsing-time information is now stored.

Finally, this allowed getKeyframes() to be more compliant by returning the CSS values as originally provided in
the keyframe input with shorthand properties when provided, rather than the long-hands we used to read back
through RenderStyle objects.

The generated KeyframeList is now stored as m_blendingKeyframes and is only used for the purpose of interfacing
with hardware animations and CSS property blending.

While ProcessedKeyframe was copyable due to holding only simple types, ParsedKeyframe is not since it uses a Ref
to hold the MutableStyleProperties. This uncovered some cases where we copied ProcessedKeyframe objects, we now
ensure that the ParsedKeyframe objects are moved instead, which was the correct thing to do all along.

  • animation/KeyframeEffectReadOnly.cpp:

(WebCore::computeMissingKeyframeOffsets): While we used to store std::optional<double> for the computed offset,
we now store a simple double, which makes more sense since the computed offset is eventually a fully resolved
value after calling computeMissingKeyframeOffsets(). So we now compute the final computed offset without resorting
to intermediate nullable computed offsets.
(WebCore::processIterableKeyframes):
(WebCore::processPropertyIndexedKeyframes):
(WebCore::KeyframeEffectReadOnly::KeyframeEffectReadOnly):
(WebCore::KeyframeEffectReadOnly::copyPropertiesFromSource):
(WebCore::KeyframeEffectReadOnly::getKeyframes):
(WebCore::KeyframeEffectReadOnly::processKeyframes):
(WebCore::KeyframeEffectReadOnly::computeStackingContextImpact):
(WebCore::KeyframeEffectReadOnly::shouldRunAccelerated):
(WebCore::KeyframeEffectReadOnly::getAnimatedStyle):
(WebCore::KeyframeEffectReadOnly::setAnimatedPropertiesInStyle):
(WebCore::KeyframeEffectReadOnly::startOrStopAccelerated):

  • animation/KeyframeEffectReadOnly.h:

(WebCore::KeyframeEffectReadOnly::ParsedKeyframe::ParsedKeyframe):

11:03 AM Changeset in webkit [228701] by Alan Bujtas
  • 14 edits in trunk/Source/WebCore

[RenderTreeBuilder] Remove redundant RenderObject::removeFromParentAndDestroy
https://bugs.webkit.org/show_bug.cgi?id=182926
<rdar://problem/37674997>

Reviewed by Antti Koivisto.

Call RenderTreeBuilder::removeAndDestroyChild() directly instead.

No change in functionality.

  • dom/Document.cpp:

(WebCore::Document::setFullScreenRenderer):

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):

  • rendering/RenderButton.cpp:

(WebCore::RenderButton::setText):

  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreen::willBeDestroyed):
(WebCore::RenderFullScreen::unwrapRenderer):

  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::willBeDestroyed):

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::removeFromParentAndDestroy): Deleted.

  • rendering/RenderObject.h:
  • rendering/RenderTextFragment.cpp:

(WebCore::RenderTextFragment::willBeDestroyed):
(WebCore::RenderTextFragment::setText):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::takeChild):

  • rendering/updating/RenderTreeBuilderList.cpp:

(WebCore::RenderTreeBuilder::List::updateItemMarker):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
(WebCore::RenderTreeBuilder::Ruby::takeChild):

10:55 AM Changeset in webkit [228700] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark media/track/track-css-matching-default.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=182932

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
10:49 AM Changeset in webkit [228699] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skip editing/pasteboard/data-transfer-set-data-sanitizes-html-when-copying-in-null-origin.html on iOS Release.
https://bugs.webkit.org/show_bug.cgi?id=182850

Unreviewed test gardening.

  • platform/ios/TestExpectations:
10:49 AM Changeset in webkit [228698] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark http/tests/cache-storage/cache-representation.https.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=182928

Unreviewed test gardening.

10:47 AM Changeset in webkit [228697] by timothy_horton@apple.com
  • 6 edits in trunk/Source/WebCore

Increase text autosizing constants for extra zoom mode
https://bugs.webkit.org/show_bug.cgi?id=182919
<rdar://problem/37671259>

Reviewed by Wenson Hsieh.

  • page/Settings.yaml:
  • page/SettingsBase.cpp:

(WebCore::SettingsBase::defaultMinimumZoomFontSize):
(WebCore::SettingsBase::defaultOneLineTextMultiplierCoefficient):
(WebCore::SettingsBase::defaultMultiLineTextMultiplierCoefficient):
(WebCore::SettingsBase::defaultMaxTextAutosizingScaleIncrease):

  • page/SettingsBase.h:
  • rendering/RenderBlockFlow.cpp:

(WebCore::oneLineTextMultiplier):
(WebCore::textMultiplier):
(WebCore::RenderBlockFlow::adjustComputedFontSizes):

  • rendering/TextAutoSizing.cpp:

(WebCore::TextAutoSizingValue::adjustTextNodeSizes):
Make autosizing constants settings, and change their default values.

10:34 AM Changeset in webkit [228696] by dbates@webkit.org
  • 3 edits in trunk

Null pointer dereference in WebPageProxy::urlSchemeHandlerForScheme()
https://bugs.webkit.org/show_bug.cgi?id=182905

Reviewed by Alex Christensen.

Return nullptr when querying for the scheme handler of the null string.

Before a navigation is performed WebKit checks if the destination URL is associated with an app
unless the embedding client overrides the WKNavigationDelegate delegate callback -webView:decidePolicyForNavigationAction:decisionHandler.
If the URL is not associated with an app then WebKit may fall back to checking if the embedding
client registered a scheme handler for it. Currently we assume that the scheme is a non-null
string when checking the scheme handler registry. However the scheme can be a null string if
it is part of a malformed URL. And this leads to bad news bears when we try to use it to look
for a scheme handler. Instead check that the scheme is a non-null string before checking to see
if it is in the scheme handler registry.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::urlSchemeHandlerForScheme):

10:18 AM Changeset in webkit [228695] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark inspector/console/messageRepeatCountUpdated.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=152452

Unreviewed test gardening.

  • platform/mac/TestExpectations:
9:42 AM Changeset in webkit [228694] by graouts@webkit.org
  • 6 edits in trunk

[Web Animations] Accept null composite modes in keyframes
https://bugs.webkit.org/show_bug.cgi?id=182902

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Update test expectations with progressions.

  • web-platform-tests/web-animations/interfaces/KeyframeEffect/constructor-expected.txt:

Source/WebCore:

The Web Animations spec used to specify that that composite modes should be non-null and instead not be
provided when specifying keyframes, but now null values are accepted. We update the IDL input types used
when parsing keyframes to allow for null values.

We had already updated the getKeyframes() output in webkit.org/b/182600.

  • animation/KeyframeEffectReadOnly.cpp:

(WebCore::processIterableKeyframes):
(WebCore::processKeyframeLikeObject):
(WebCore::processPropertyIndexedKeyframes):

  • animation/KeyframeEffectReadOnly.h:
  • animation/KeyframeEffectReadOnly.idl:
9:39 AM Changeset in webkit [228693] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

GetArrayMask should support constant folding
https://bugs.webkit.org/show_bug.cgi?id=182907

Reviewed by Saam Barati.

Implement constant folding for GetArrayMask. This revealed a bug in tryGetFoldableView, where it was
ignoring the result of a jsDynamicCast<>(). This wasn't a bug before because it would have been
impossible for that function to get called with a non-null value if the value was not an array view,
due to type filtering in CheckArray, the fact that CheckArray had to dominate GetArrayLength, and
the fact that the other tryGetFoldableView overload made sure that the array mode was some typed
array.

This isn't a measurable progression, but it does save a register in the codegen for typed array
accesses. Hopefully these improvements add up.

  • assembler/AssemblerBuffer.h:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::tryGetFoldableView):

8:57 AM Changeset in webkit [228692] by fred.wang@free.fr
  • 1 edit
    2 adds in trunk/LayoutTests

IFrame is resized incorrectly on orientation change
https://bugs.webkit.org/show_bug.cgi?id=155198

Patch by Frederic Wang <fwang@igalia.com> on 2018-02-19
Reviewed by Antonio Gomes.

Add a non-regression test to verify that iframes are properly resized after orientation
changes. This bug happened in iOS 10.0 but not in trunk.

  • fast/events/ios/rotation/resize-iframe-after-orientation-change-expected.txt: Added.
  • fast/events/ios/rotation/resize-iframe-after-orientation-change.html: Added.
8:46 AM Changeset in webkit [228691] by Ms2ger@igalia.com
  • 9 edits in trunk/Source

Explicitly qualify some method calls on this in lamdas in Service Worker code.
https://bugs.webkit.org/show_bug.cgi?id=182875

Reviewed by Chris Dumez.

This is necessary for the code to build with GCC 5. Other code already
appears to have been adapted similarly.

Source/WebCore:

No change in functionality.

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::redirectReceived):
(WebCore::DocumentLoader::startLoadingMainResource):

  • workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::ready):
(WebCore::ServiceWorkerContainer::getRegistration):
(WebCore::ServiceWorkerContainer::getRegistrations):
(WebCore::ServiceWorkerContainer::didFinishGetRegistrationsRequest):

  • workers/service/ServiceWorkerGlobalScope.cpp:

(WebCore::ServiceWorkerGlobalScope::updateExtendedEventsSet):

  • workers/service/server/SWServer.cpp:

(WebCore::SWServer::claim):
(WebCore::SWServer::Connection::resolveRegistrationReadyRequests):

  • workers/service/server/SWServerRegistration.cpp:

(WebCore::SWServerRegistration::updateRegistrationState):
(WebCore::SWServerRegistration::setUpdateViaCache):
(WebCore::SWServerRegistration::setLastUpdateTime):
(WebCore::SWServerRegistration::fireUpdateFoundEvent):

  • workers/service/server/SWServerWorker.cpp:

(WebCore::SWServerWorker::setState):

Source/WebKit:

  • StorageProcess/ServiceWorker/WebSWServerConnection.cpp:

(WebKit::WebSWServerConnection::startFetch):

8:16 AM Changeset in webkit [228690] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228368 - [GTK] Scrolling sometimes jumps around
https://bugs.webkit.org/show_bug.cgi?id=178519

Patch by Gustavo Noronha Silva <gustavo.noronha@collabora.co.uk> on 2018-02-11
Reviewed by Michael Catanzaro.

  • platform/gtk/ScrollAnimatorGtk.cpp:

(WebCore::ScrollAnimatorGtk::computeVelocity): use -1 as the multiplier for the accumulated deltas,
since all we need is to make them negative. Multiplying by -1000 leads to very high velocities being
returned, causing the viewport to scroll to the end of the page.

8:16 AM Changeset in webkit [228689] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228365 - [RenderTreeBuilder] Move RenderBlock::takeChild mutation to a RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182662
<rdar://problem/37408571>

Reviewed by Simon Fraser.

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::takeChild):
(WebCore::canDropAnonymousBlock): Deleted.
(WebCore::canMergeContiguousAnonymousBlocks): Deleted.

  • rendering/RenderBlock.h:

(WebCore::RenderBlock::moveAllChildrenIncludingFloatsTo):

  • rendering/RenderBlockFlow.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takenChildFromRenderBlock):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::canDropAnonymousBlock):
(WebCore::canMergeContiguousAnonymousBlocks):
(WebCore::RenderTreeBuilder::Block::takeChild):

  • rendering/updating/RenderTreeBuilderBlock.h:
8:16 AM Changeset in webkit [228688] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228345 - [RenderTreeBuilder] Move RenderRubyRun::takeChild mutation to a RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182655
<rdar://problem/37406801>

Reviewed by Simon Fraser.

No change in functionality.

  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::takeChild):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChildFromRenderRubyRun):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::takeChild):

  • rendering/updating/RenderTreeBuilderRuby.h:
8:15 AM Changeset in webkit [228687] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228339 - [RenderTreeBuilder] Move RenderRubyAsInline/AsBlock::takeChild mutation to a RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182651
<rdar://problem/37405042>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderRuby.cpp:

(WebCore::RenderRubyAsInline::takeChild):
(WebCore::RenderRubyAsBlock::takeChild):
(WebCore::isAnonymousRubyInlineBlock): Deleted.
(WebCore::isRubyChildForNormalRemoval): Deleted.
(WebCore::findRubyRunParent): Deleted.

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsInline):
(WebCore::RenderTreeBuilder::takeChildFromRenderRubyAsBlock):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::findRubyRunParent):
(WebCore::RenderTreeBuilder::Ruby::takeChild):

  • rendering/updating/RenderTreeBuilderRuby.h:
8:06 AM Changeset in webkit [228686] by Carlos Garcia Campos
  • 75 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228337 - [RenderTreeBuilder] Introduce RenderTreeBuilder to willBeDestoryed/removeFromParentAndDestroy
https://bugs.webkit.org/show_bug.cgi?id=182635
<rdar://problem/37377489>

Reviewed by Antti Koivisto.

This patch helps finding callsites where we don't have a RenderTreeBuilder instance.

No change in functionality.

  • dom/Document.cpp:

(WebCore::Document::setFullScreenRenderer):

  • dom/Document.h:
  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::willBeDestroyed):
(WebCore::RenderBlock::takeChild):

  • rendering/RenderBlock.h:
  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::willBeDestroyed):

  • rendering/RenderBlockFlow.h:
  • rendering/RenderBox.cpp:

(WebCore::RenderBox::willBeDestroyed):

  • rendering/RenderBox.h:
  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::willBeDestroyed):
(WebCore::RenderBoxModelObject::removeAndDestroyAllContinuations):

  • rendering/RenderBoxModelObject.h:
  • rendering/RenderButton.cpp:

(WebCore::RenderButton::setText):

  • rendering/RenderCounter.cpp:

(WebCore::RenderCounter::willBeDestroyed):

  • rendering/RenderCounter.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::willBeDestroyed):

  • rendering/RenderElement.h:
  • rendering/RenderEmbeddedObject.cpp:

(WebCore::RenderEmbeddedObject::willBeDestroyed):

  • rendering/RenderEmbeddedObject.h:
  • rendering/RenderFragmentedFlow.cpp:

(WebCore::RenderFragmentedFlow::willBeDestroyed):

  • rendering/RenderFragmentedFlow.h:
  • rendering/RenderFullScreen.cpp:

(WebCore::RenderFullScreen::willBeDestroyed):
(WebCore::RenderFullScreen::wrapNewRenderer):
(WebCore::RenderFullScreen::wrapExistingRenderer):
(WebCore::RenderFullScreen::unwrapRenderer):

  • rendering/RenderFullScreen.h:
  • rendering/RenderImage.cpp:

(WebCore::RenderImage::willBeDestroyed):

  • rendering/RenderImage.h:
  • rendering/RenderInline.cpp:

(WebCore::RenderInline::willBeDestroyed):

  • rendering/RenderInline.h:
  • rendering/RenderLayerModelObject.cpp:

(WebCore::RenderLayerModelObject::willBeDestroyed):

  • rendering/RenderLayerModelObject.h:
  • rendering/RenderListBox.cpp:

(WebCore::RenderListBox::willBeDestroyed):

  • rendering/RenderListBox.h:
  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::willBeDestroyed):

  • rendering/RenderListItem.h:
  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::willBeDestroyed):

  • rendering/RenderListMarker.h:
  • rendering/RenderMenuList.cpp:

(WebCore::RenderMenuList::willBeDestroyed):

  • rendering/RenderMenuList.h:
  • rendering/RenderMultiColumnFlow.cpp:

(WebCore::RenderMultiColumnFlow::handleSpannerRemoval):

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::removeFromParentAndDestroy):
(WebCore::RenderObject::willBeDestroyed):
(WebCore::RenderObject::destroy):

  • rendering/RenderObject.h:
  • rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::willBeDestroyed):

  • rendering/RenderReplaced.h:
  • rendering/RenderRuby.cpp:

(WebCore::RenderRubyAsInline::takeChild):
(WebCore::RenderRubyAsBlock::takeChild):

  • rendering/RenderSearchField.cpp:

(WebCore::RenderSearchField::willBeDestroyed):

  • rendering/RenderSearchField.h:
  • rendering/RenderSnapshottedPlugIn.cpp:

(WebCore::RenderSnapshottedPlugIn::willBeDestroyed):

  • rendering/RenderSnapshottedPlugIn.h:
  • rendering/RenderText.cpp:

(WebCore::RenderText::willBeDestroyed):

  • rendering/RenderText.h:
  • rendering/RenderTextControlMultiLine.cpp:

(WebCore::RenderTextControlMultiLine::willBeDestroyed):

  • rendering/RenderTextControlMultiLine.h:
  • rendering/RenderTextFragment.cpp:

(WebCore::RenderTextFragment::willBeDestroyed):
(WebCore::RenderTextFragment::setText):

  • rendering/RenderTextFragment.h:
  • rendering/RenderVideo.cpp:

(WebCore::RenderVideo::willBeDestroyed):

  • rendering/RenderVideo.h:
  • rendering/RenderView.cpp:

(WebCore::RenderView::willBeDestroyed):

  • rendering/RenderView.h:
  • rendering/RenderWidget.cpp:

(WebCore::RenderWidget::willBeDestroyed):

  • rendering/RenderWidget.h:
  • rendering/svg/RenderSVGBlock.cpp:

(WebCore::RenderSVGBlock::willBeDestroyed):

  • rendering/svg/RenderSVGBlock.h:
  • rendering/svg/RenderSVGImage.cpp:

(WebCore::RenderSVGImage::willBeDestroyed):

  • rendering/svg/RenderSVGImage.h:
  • rendering/svg/RenderSVGInline.cpp:

(WebCore::RenderSVGInline::willBeDestroyed):

  • rendering/svg/RenderSVGInline.h:
  • rendering/svg/RenderSVGModelObject.cpp:

(WebCore::RenderSVGModelObject::willBeDestroyed):

  • rendering/svg/RenderSVGModelObject.h:
  • rendering/svg/RenderSVGResourceContainer.cpp:

(WebCore::RenderSVGResourceContainer::willBeDestroyed):

  • rendering/svg/RenderSVGResourceContainer.h:
  • rendering/svg/RenderSVGRoot.cpp:

(WebCore::RenderSVGRoot::willBeDestroyed):

  • rendering/svg/RenderSVGRoot.h:
  • rendering/svg/RenderSVGText.cpp:

(WebCore::RenderSVGText::willBeDestroyed):

  • rendering/svg/RenderSVGText.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

  • rendering/updating/RenderTreeBuilderList.cpp:

(WebCore::RenderTreeBuilder::List::updateItemMarker):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):

7:51 AM Changeset in webkit [228685] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228327 - [RenderTreeBuilder] Move multicolumn descendant/sibling removal logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182628
<rdar://problem/37369528>

Reviewed by Antti Koivisto.

No change in functionality

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::takeChild):

  • rendering/RenderFragmentedFlow.h:
  • rendering/RenderMultiColumnFlow.cpp:

(WebCore::RenderMultiColumnFlow::handleSpannerRemoval): Deleted.
(WebCore::RenderMultiColumnFlow::fragmentedFlowRelativeWillBeRemoved): Deleted.

  • rendering/RenderMultiColumnFlow.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::multiColumnRelativeWillBeRemoved):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::handleSpannerRemoval):
(WebCore::RenderTreeBuilder::MultiColumn::multiColumnRelativeWillBeRemoved):

  • rendering/updating/RenderTreeBuilderMultiColumn.h:
7:51 AM Changeset in webkit [228684] by Carlos Garcia Campos
  • 3 edits
    3 adds in releases/WebKitGTK/webkit-2.20

Merge r228321 - [GStreamer][WebAudio] Winamp2-js woes
https://bugs.webkit.org/show_bug.cgi?id=182612

Reviewed by Xabier Rodriguez Calvar and Carlos Alberto Lopez Perez.

Source/WebCore:

Test: webaudio/silence-after-playback.html

  • platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:

(WebCore::copyGStreamerBuffersToAudioChannel): Clear the bus if
the adapter can't provide enough data. This prevents a nasty noise
after playing songs in Winamp.
(WebCore::AudioSourceProviderGStreamer::setClient): No need to set
the client more than once, this fixes runtime warnings.

LayoutTests:

  • webaudio/silence-after-playback-expected.wav: Added.
  • webaudio/silence-after-playback.html: Added.
7:16 AM Changeset in webkit [228683] by Alan Bujtas
  • 8 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderElement::removeAndDestroyChild() to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182915
<rdar://problem/37658123>

Reviewed by Antti Koivisto.

No change in functionality.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::removeAndDestroyChild): Deleted.

  • rendering/RenderElement.h:

(WebCore::RenderElement::isChildAllowed const):

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::removeFromParentAndDestroy):

  • rendering/RenderView.cpp:

(WebCore::RenderView::willBeDestroyed):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::removeAndDestroyChild):
(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

7:16 AM Changeset in webkit [228682] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228320 - [RenderTreeBuilder] Move multicolumn spanner mutation logic to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182627
<rdar://problem/37367284>

Reviewed by Antti Koivisto.

Move spanner triggered mutation logic to RenderTreeBuilder.

No change in functionality.

  • rendering/RenderFragmentedFlow.h:
  • rendering/RenderMultiColumnFlow.cpp:

(WebCore::RenderMultiColumnFlow::isColumnSpanningDescendant const):
(WebCore::findSetRendering): Deleted.
(WebCore::isValidColumnSpanner): Deleted.
(WebCore::spannerPlacehoderCandidate): Deleted.
(WebCore::RenderMultiColumnFlow::processPossibleSpannerDescendant): Deleted.
(WebCore::RenderMultiColumnFlow::fragmentedFlowDescendantInserted): Deleted.

  • rendering/RenderMultiColumnFlow.h:
  • rendering/RenderObject.cpp:

(WebCore::RenderObject::insertedIntoTree):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::multiColumnDescendantInserted):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::findSetRendering):
(WebCore::spannerPlacehoderCandidate):
(WebCore::isValidColumnSpanner):
(WebCore::RenderTreeBuilder::MultiColumn::multiColumnDescendantInserted):
(WebCore::RenderTreeBuilder::MultiColumn::processPossibleSpannerDescendant):

  • rendering/updating/RenderTreeBuilderMultiColumn.h:
7:16 AM Changeset in webkit [228681] by Carlos Garcia Campos
  • 27 edits
    1 add in releases/WebKitGTK/webkit-2.20

Merge r228319 - [css-align] Implement the new behavior of 'legacy' for justify-items
https://bugs.webkit.org/show_bug.cgi?id=172712

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Rebaselined Default Alignment related tests because of the new 'legacy' value.

  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-004-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-004.html:
  • web-platform-tests/css/css-align/default-alignment/parse-justify-items-002-expected.txt:
  • web-platform-tests/css/css-align/default-alignment/parse-justify-items-002.html:
  • web-platform-tests/css/css-align/default-alignment/parse-justify-items-004-expected.txt:
  • web-platform-tests/css/css-align/default-alignment/place-items-shorthand-004-expected.txt:
  • web-platform-tests/css/css-align/default-alignment/place-items-shorthand-004.html:

Source/WebCore:

The syntax of the 'justify-items' property accepts a new 'legacy' value,
replacing the 'auto' value which is now parsed as invalid.

https://github.com/w3c/csswg-drafts/issues/1318

This change affects also to the 'place-items' shorthand, which doesn't
accept 'auto' and, for the time being, neither 'legacy'.

Since the new value 'legacy' is also the default value, I don't expect
this change to break content of sites currently using the 'justify-items'
property.

No new tests, rebaselined existing test.

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::valueForItemPositionWithOverflowAlignment):
(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::operator ItemPosition const):

  • css/CSSProperties.json:
  • css/StyleResolver.cpp:

(WebCore::StyleResolver::adjustRenderStyle):

  • css/parser/CSSPropertyParser.cpp:

(WebCore::isAuto):
(WebCore::isNormalOrStretch):
(WebCore::consumeSelfPositionOverflowPosition):
(WebCore::consumeJustifyItems):
(WebCore::consumeSimplifiedDefaultPosition):
(WebCore::consumeSimplifiedSelfPosition):
(WebCore::CSSPropertyParser::consumePlaceItemsShorthand):
(WebCore::CSSPropertyParser::consumePlaceSelfShorthand):

  • rendering/RenderFlexibleBox.cpp:

(WebCore::alignmentOffset):

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::columnAxisPositionForChild const):
(WebCore::RenderGrid::rowAxisPositionForChild const):

  • rendering/style/RenderStyle.cpp:

(WebCore::resolvedSelfAlignment):
(WebCore::RenderStyle::resolvedJustifyItems const):

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::initialJustifyItems):

  • rendering/style/RenderStyleConstants.h:
  • rendering/style/StyleRareNonInheritedData.cpp:

(WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):

LayoutTests:

Rebaselined Default Alignment related tests because of the new 'legacy' value.

  • css3/parse-alignment-of-root-elements.html:
  • css3/parse-place-items.html:
  • fast/css/parse-justify-items.html:
7:16 AM Changeset in webkit [228680] by Carlos Garcia Campos
  • 10 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228316 - [EME][GStreamer] Add support for encrypted caps in GStreamerUtilities
https://bugs.webkit.org/show_bug.cgi?id=181990

Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-02-09
Reviewed by Xabier Rodriguez-Calvar.

Add the support of encrypted caps in GStreamerUtilities.
Refactor the manner that the caps are handled, such as how to extract the resolution
from the video caps or how to check if the caps are encrypted.

The attachTrack function in PlaybackPipeline doesn't need the "structure" parameter,
it is already included in the "caps" parameter.

Replace the "mediaType" parameter by the "caps" parameter in reattachTrack function,
it allows to use the new functions that handle the caps in GStreamerUtilities.

Tests:

media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html

  • platform/graphics/gstreamer/GStreamerUtilities.cpp:

(WebCore::getVideoSizeAndFormatFromCaps): Add the support of video encrypted caps.
(WebCore::getVideoResolutionFromCaps):
(WebCore::capsMediaType):
(WebCore::doCapsHaveType):
(WebCore::areEncryptedCaps): Add a new functions in order to handle the caps properly.

  • platform/graphics/gstreamer/GStreamerUtilities.h:
  • platform/graphics/gstreamer/mse/AppendPipeline.cpp:

(WebCore::AppendPipeline::parseDemuxerSrcPadCaps):

  • platform/graphics/gstreamer/mse/GStreamerMediaDescription.cpp:

(WebCore::GStreamerMediaDescription::codec const):
(WebCore::GStreamerMediaDescription::isVideo const):
(WebCore::GStreamerMediaDescription::isAudio const):

  • platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

(WebCore::MediaPlayerPrivateGStreamerMSE::trackDetected):

  • platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:

(WebCore::PlaybackPipeline::attachTrack):
(WebCore::PlaybackPipeline::reattachTrack):

  • platform/graphics/gstreamer/mse/PlaybackPipeline.h:
  • platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:

(webKitMediaSrcUpdatePresentationSize): Refactor some parts by using the new added functions.

7:16 AM Changeset in webkit [228679] by Carlos Garcia Campos
  • 4 edits
    1 add in releases/WebKitGTK/webkit-2.20

Merge r228315 - [GStreamer] Layout test fast/replaced/border-radius-clip.html crashes with GStreamer-CRITICAL : gst_segment_to_stream_time: assertion 'segment->format == format' failed in gst_segment_to_stream_time()
https://bugs.webkit.org/show_bug.cgi?id=176802

Source/WebCore:

Reviewed by Xabier Rodriguez Calvar.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::load): Prevent the player from loading animated gifs.

Tools:

Reviewed by Xabier Rodriguez-Calvar.

  • gstreamer/jhbuild.modules:
  • gstreamer/patches/gst-plugins-good-0001-gstgdkpixbufdec-stop-pretending-to-decode-gifs.patch: Added.
6:26 AM WebKitGTK/2.20.x edited by Michael Catanzaro
Review safari-605-branch backports through r228599. One more. (diff)
6:23 AM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
6:19 AM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
6:16 AM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
6:09 AM WebKitGTK/2.20.x edited by Michael Catanzaro
(diff)
5:59 AM Changeset in webkit [228678] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228453 - REGRESSION(r228313): Membuster | macOS | All Devices | 1.5 MB
https://bugs.webkit.org/show_bug.cgi?id=182744
<rdar://problem/37463770>

Reviewed by Zalan Bujtas.

We need to respect low memory notifications explicitly now that the compiled selectors are not part of RuleData.

  • css/StyleRule.cpp:

(WebCore::StyleRule::StyleRule):

  • css/StyleRule.h:

Switch to std::unique_ptr<[]> from Vector to avoid unnecessary bloat.

  • css/StyleSheetContents.cpp:

(WebCore::traverseRulesInVector):
(WebCore::StyleSheetContents::traverseRules const):

Add a rule traversal function, similar to the existing traverseSubresources.

(WebCore::StyleSheetContents::traverseSubresources const):

Use traverseRules to implement traverseSubresources.

(WebCore::traverseSubresourcesInRules): Deleted.

  • css/StyleSheetContents.h:
  • page/MemoryRelease.cpp:

(WebCore::releaseCriticalMemory):

  • style/StyleScope.cpp:

(WebCore::Style::Scope::releaseMemory):

Release memory for compiled selectors on memory notification.

  • style/StyleScope.h:
5:59 AM Changeset in webkit [228677] by Carlos Garcia Campos
  • 13 edits
    1 add in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228313 - Move compiled selectors to StyleRule
https://bugs.webkit.org/show_bug.cgi?id=182602

Reviewed by Zalan Bujtas.

Currently they are owned by RuleData. Several RuleData objects can refer to the same StyleRule, requiring recompilation.
Compiled selectors are context-independent so they can be shared between all clients.

  • WebCore.xcodeproj/project.pbxproj:
  • css/CSSSelectorList.cpp:

(WebCore::CSSSelectorList::listSize const):

Compute the number of complex selectors on the list.

  • css/CSSSelectorList.h:
  • css/DocumentRuleSets.cpp:

(WebCore::makeRuleSet):
(WebCore::DocumentRuleSets::classInvalidationRuleSets const):

Pass around list index along with the selector index (compiled selectors are found by list index).

  • css/ElementRuleCollector.cpp:

(WebCore::ElementRuleCollector::ruleMatches):

  • css/RuleSet.cpp:

(WebCore::RuleData::RuleData):

  • css/RuleSet.h:

(WebCore::RuleData::compilationStatus const): Deleted.
(WebCore::RuleData::compiledSelectorCodeRef const): Deleted.
(WebCore::RuleData::setCompiledSelector const): Deleted.
(WebCore::RuleData::~RuleData): Deleted.
(WebCore::RuleData::compiledSelectorUsed const): Deleted.

  • css/StyleRule.cpp:

(WebCore::StyleRule::StyleRule):

  • css/StyleRule.h:

Add CompiledSelector member.

  • cssjit/CompiledSelector.h: Added.

Move to a header of its own to keeps dependencies simple.

(WebCore::SelectorCompilationStatus::SelectorCompilationStatus):
(WebCore::SelectorCompilationStatus::operator Status const):

  • cssjit/SelectorCompiler.h:

(): Deleted.
(WebCore::SelectorCompilationStatus::SelectorCompilationStatus): Deleted.
(WebCore::SelectorCompilationStatus::operator Status const): Deleted.

5:59 AM Changeset in webkit [228676] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.20

Merge r228312 - [Web Animations] Always expose "composite" in output of getKeyframes()
https://bugs.webkit.org/show_bug.cgi?id=182600

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Update expected results to account for a number of progressions.

  • web-platform-tests/web-animations/interfaces/Animatable/animate-expected.txt:
  • web-platform-tests/web-animations/interfaces/KeyframeEffect/composite-expected.txt:
  • web-platform-tests/web-animations/interfaces/KeyframeEffect/setKeyframes-expected.txt:

Source/WebCore:

The Web Animations spec has changed and whereas the output of getKeyframes() would not feature the "composite" property
for "null" values, it now lists "composite" in all cases.

To support this, we needed to fix an issue in the code generator such that a "null" default value for an optional enum
type was supported.

  • animation/KeyframeEffect.cpp:

(WebCore::KeyframeEffect::getKeyframes):

  • animation/KeyframeEffect.h:
  • animation/KeyframeEffect.idl:
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateDefaultValue):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::convertDictionary<TestObj::Dictionary>):
(WebCore::convertDictionaryToJS):

  • bindings/scripts/test/TestObj.idl:
5:59 AM Changeset in webkit [228675] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.20

Merge r228304 - TestController should not exercise cocoa-specific resource load statistics APIs
https://bugs.webkit.org/show_bug.cgi?id=182355

Reviewed by Alex Christensen.

Source/WebKit:

Remove the Cocoa testing SPI, since it's redundant with the C API. Also, add a couple
missing cookie partitioning callbacks to the C API.

  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreStatisticsUpdateCookiePartitioning):
(WKWebsiteDataStoreSetStatisticsShouldPartitionCookiesForHost):

  • UIProcess/API/C/WKWebsiteDataStoreRef.h:
  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _resourceLoadStatisticsSetLastSeen:forHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetIsPrevalentResource:forHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsIsPrevalentResource:completionHandler:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsIsRegisteredAsSubFrameUnder:topFrameHost:completionHandler:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsIsRegisteredAsRedirectingTo:hostRedirectedTo:completionHandler:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetHadUserInteraction:forHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetHasHadNonRecentUserInteractionForHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsHadUserInteraction:completionHandler:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetIsGrandfathered:forHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsIsGrandfathered:completionHandler:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetSubframeUnderTopFrameOrigin:forHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetSubresourceUnderTopFrameOrigin:forHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetSubresourceUniqueRedirectTo:forHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetTimeToLiveUserInteraction:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetTimeToLiveCookiePartitionFree:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetMinimumTimeBetweenDataRecordsRemoval:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetGrandfatheringTime:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetMaxStatisticsEntries:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetPruneEntriesDownTo:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsProcessStatisticsAndDataRecords]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsUpdateCookiePartitioning]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsUpdateCookiePartitioning:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetShouldPartitionCookies:forHost:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetShouldPartitionCookies:forHost:completionHandler:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSubmitTelemetry]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetNotifyPagesWhenDataRecordsWereScanned:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetShouldClassifyResourcesBeforeDataRecordsRemoval:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetNotifyPagesWhenTelemetryWasCaptured:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsClearInMemoryAndPersistentStore]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsClearInMemoryAndPersistentStore:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsClearInMemoryAndPersistentStoreModifiedSinceHours:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsClearInMemoryAndPersistentStoreModifiedSinceHours:completionHandler:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsResetToConsistentState]): Deleted.

  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:

Tools:

Remove unnecessary use of platform-specific APIs in the TestController, since there are
cross-platform APIs to do the same thing.

Also, ensure callbacks execute before returning from TestController's functions, since
otherwise the tests are guaranteed to be flaky at best, and also since there's nothing to
prevent the TestController from being destroyed before the callbacks execute.

  • WebKitTestRunner/TestController.cpp:

(WTR::resourceStatisticsVoidResultCallback):
(WTR::resourceStatisticsBooleanResultCallback):
(WTR::TestController::isStatisticsPrevalentResource):
(WTR::TestController::isStatisticsRegisteredAsSubFrameUnder):
(WTR::TestController::isStatisticsRegisteredAsRedirectingTo):
(WTR::TestController::isStatisticsHasHadUserInteraction):
(WTR::TestController::isStatisticsGrandfathered):
(WTR::TestController::statisticsUpdateCookiePartitioning):
(WTR::TestController::statisticsSetShouldPartitionCookiesForHost):
(WTR::TestController::statisticsClearInMemoryAndPersistentStore):
(WTR::TestController::statisticsClearInMemoryAndPersistentStoreModifiedSinceHours):
(WTR::TestController::statisticsClearThroughWebsiteDataRemoval):
(WTR::resourceStatisticsCallback): Deleted.
(WTR::TestController::statisticsClearThroughWebsiteDataRemovalCallback): Deleted.

  • WebKitTestRunner/TestController.h:
  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::toNSString): Deleted.
(WTR::TestController::setStatisticsLastSeen): Deleted.
(WTR::TestController::setStatisticsPrevalentResource): Deleted.
(WTR::TestController::isStatisticsPrevalentResource): Deleted.
(WTR::TestController::isStatisticsRegisteredAsSubFrameUnder): Deleted.
(WTR::TestController::isStatisticsRegisteredAsRedirectingTo): Deleted.
(WTR::TestController::setStatisticsHasHadUserInteraction): Deleted.
(WTR::TestController::setStatisticsHasHadNonRecentUserInteraction): Deleted.
(WTR::TestController::isStatisticsHasHadUserInteraction): Deleted.
(WTR::TestController::setStatisticsGrandfathered): Deleted.
(WTR::TestController::isStatisticsGrandfathered): Deleted.
(WTR::TestController::setStatisticsSubframeUnderTopFrameOrigin): Deleted.
(WTR::TestController::setStatisticsSubresourceUnderTopFrameOrigin): Deleted.
(WTR::TestController::setStatisticsSubresourceUniqueRedirectTo): Deleted.
(WTR::TestController::setStatisticsTimeToLiveUserInteraction): Deleted.
(WTR::TestController::setStatisticsTimeToLiveCookiePartitionFree): Deleted.
(WTR::TestController::statisticsProcessStatisticsAndDataRecords): Deleted.
(WTR::TestController::statisticsUpdateCookiePartitioning): Deleted.
(WTR::TestController::statisticsSetShouldPartitionCookiesForHost): Deleted.
(WTR::TestController::statisticsSubmitTelemetry): Deleted.
(WTR::TestController::setStatisticsNotifyPagesWhenDataRecordsWereScanned): Deleted.
(WTR::TestController::setStatisticsShouldClassifyResourcesBeforeDataRecordsRemoval): Deleted.
(WTR::TestController::setStatisticsNotifyPagesWhenTelemetryWasCaptured): Deleted.
(WTR::TestController::setStatisticsMinimumTimeBetweenDataRecordsRemoval): Deleted.
(WTR::TestController::setStatisticsGrandfatheringTime): Deleted.
(WTR::TestController::setStatisticsMaxStatisticsEntries): Deleted.
(WTR::TestController::setStatisticsPruneEntriesDownTo): Deleted.
(WTR::TestController::statisticsClearInMemoryAndPersistentStore): Deleted.
(WTR::TestController::statisticsClearInMemoryAndPersistentStoreModifiedSinceHours): Deleted.
(WTR::TestController::statisticsClearThroughWebsiteDataRemoval): Deleted.
(WTR::TestController::statisticsResetToConsistentState): Deleted.

5:59 AM Changeset in webkit [228674] by Carlos Garcia Campos
  • 4 edits
    15 deletes in releases/WebKitGTK/webkit-2.20/Source

Merge r228302 - Remove JavaScriptCore/ForwardingHeaders directory
https://bugs.webkit.org/show_bug.cgi?id=182594

Reviewed by Mark Lam.

Source/JavaScriptCore:

  • CMakeLists.txt:
  • ForwardingHeaders/JavaScriptCore/APICast.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSBase.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSCTestRunnerUtils.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSContextRef.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSObjectRef.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSObjectRefPrivate.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSRetainPtr.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSStringRef.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSStringRefCF.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSTypedArray.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JSValueRef.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JavaScript.h: Removed.
  • ForwardingHeaders/JavaScriptCore/JavaScriptCore.h: Removed.
  • ForwardingHeaders/JavaScriptCore/OpaqueJSString.h: Removed.
  • ForwardingHeaders/JavaScriptCore/WebKitAvailability.h: Removed.

Source/WebKit:

  • PlatformGTK.cmake:
5:17 AM Changeset in webkit [228673] by Carlos Garcia Campos
  • 4 edits
    1 add in releases/WebKitGTK/webkit-2.20

Merge r228430 - REGRESSION (r228299): Broke reader mode in Safari
https://bugs.webkit.org/show_bug.cgi?id=182697
<rdar://problem/37399012>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Rework the fix for r228299 to be more targeted. I moved the policy check
cencelation from FrameLoader::stopLoading() to NavigationScheduler::schedule()
when a pending load is cancelled by another load. I have verified that the
sites fixed by r228299 still work with this more limited change. However,
reader mode is now working again.

The issue seems to be that we tell CFNetwork to continue with the load after
receiving the response, even if the client has not responded to the
decidePolicyForNavigationResponse delegate yet. As a result, CFNetwork sends
us the resource data and we may commit the provisional load before receiving
the policy response from the client. When the provisional load is committed,
we call FrameLoader::stopLoading() which after r228299 cancelled pending
policy checks. Because we did not wait for the policy check response to
commit the load, we would cancel it which would make the load fail.

The real fix here would be to make not tell CFNetwork to continue until after
we've received the policy delegate response. However, this is a larger and
riskier change at this point. I will follow-up on this issue.

Covered by new API test.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::stopLoading):

  • loader/NavigationScheduler.cpp:

(WebCore::NavigationScheduler::schedule):

Tools:

Add API test coverage for responding asynchronously to the decidePolicyForNavigationResponse
delegate.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKitCocoa/AsyncPolicyForNavigationResponse.mm: Added.

(-[TestAsyncNavigationDelegate webView:didFinishNavigation:]):
(-[TestAsyncNavigationDelegate webView:didFailNavigation:withError:]):
(-[TestAsyncNavigationDelegate webView:didFailProvisionalNavigation:withError:]):
(-[TestAsyncNavigationDelegate webView:decidePolicyForNavigationAction:decisionHandler:]):
(-[TestAsyncNavigationDelegate webView:decidePolicyForNavigationResponse:decisionHandler:]):
(TestWebKitAPI::TEST):

5:17 AM Changeset in webkit [228672] by Carlos Garcia Campos
  • 3 edits
    4 adds in releases/WebKitGTK/webkit-2.20

Merge r228299 - Form submission after navigation fails when decidePolicyForNavigationAction is async
https://bugs.webkit.org/show_bug.cgi?id=182412
<rdar://problem/35181099>

Reviewed by Alex Christensen.

Source/WebCore:

When the form is submitted and schedules the load in an iframe that is already loading,
FrameLoader::stopLoading() is called as expected. However, because policy checks can
now be asynchronous, stopLoading() also needs to stop pending policy checks. Otherwise,
continueLoadAfterNavigationPolicy() gets called for a cancelled load and we're in trouble
because the FrameLoader was reused for another load since then.

Test: http/tests/navigation/sync-form-submit-iframe.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::stopLoading):

LayoutTests:

Import layout test coverage from Alex's earlier patch.

  • http/tests/navigation/resources/a.html: Added.
  • http/tests/navigation/resources/b.html: Added.
  • http/tests/navigation/sync-form-submit-iframe-expected.txt: Added.
  • http/tests/navigation/sync-form-submit-iframe.html: Added.
5:17 AM Changeset in webkit [228671] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20

Merge r228293 - Unreviewed, switch -pthread to -lpthread per recommendation from Adrian
https://bugs.webkit.org/show_bug.cgi?id=182400
<rdar://problem/37252242>

This is tested and works fine.

  • Source/cmake/WebKitCompilerFlags.cmake:
5:17 AM Changeset in webkit [228670] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228289 - [RenderTreeBuilder] Do not use RenderTreeBuilder::current() in RenderRubyRun::takeChild
https://bugs.webkit.org/show_bug.cgi?id=182607
<rdar://problem/37355944>

Reviewed by Sam Weinig.

No change in functionality.

  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::takeChild):

5:17 AM Changeset in webkit [228669] by Carlos Garcia Campos
  • 10 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228285 - Use invalidation rulesets for attribute selectors
https://bugs.webkit.org/show_bug.cgi?id=182569

Reviewed by Zalan Bujtas.

Attribute change style invalidation should use invalidation rulesets, similarly how class change invalidation already does.
We'll invalidate fewer unnecessary elements immediately and enable more significant future gains.

  • css/DocumentRuleSets.cpp:

(WebCore::DocumentRuleSets::collectFeatures const):
(WebCore::DocumentRuleSets::classInvalidationRuleSets const):
(WebCore::DocumentRuleSets::attributeInvalidationRuleSets const):

Make and cache invalidation RuleSets for an attribute.

(WebCore::DocumentRuleSets::ancestorAttributeRulesForHTML const): Deleted.

  • css/DocumentRuleSets.h:
  • css/RuleFeature.cpp:

(WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):

Collect attribute selectors along with match elements.

(WebCore::RuleFeatureSet::collectFeatures):
(WebCore::RuleFeatureSet::add):
(WebCore::RuleFeatureSet::registerContentAttribute):

Separate hash to deal with invalidation of content:attr(foo) special case.

(WebCore::RuleFeatureSet::clear):
(WebCore::RuleFeatureSet::shrinkToFit):
(WebCore::makeAttributeSelectorKey): Deleted.

  • css/RuleFeature.h:

(WebCore::RuleFeature::RuleFeature):

  • css/StyleBuilderCustom.h:

(WebCore::StyleBuilderCustom::applyValueContent):
(WebCore::StyleBuilderCustom::applyValueAlt):

Use registerContentAttribute()

  • html/HTMLEmbedElement.cpp:

(WebCore::hasTypeOrSrc):
(WebCore::HTMLEmbedElement::parseAttribute):

Invalidate style if both type and src attributes go missing as this changes result of rendererIsNeeded().
This was previously relying on any attribute change invalidating style.

(WebCore::HTMLEmbedElement::rendererIsNeeded):

  • style/AttributeChangeInvalidation.cpp:

(WebCore::Style::AttributeChangeInvalidation::invalidateStyle):

Collect the invalidation rulesets for this attribute change.
Also check if any attribute selector actually changes state, unlike with classes attribute changes may
often not lead to a selector becoming non-matching.

(WebCore::Style::AttributeChangeInvalidation::invalidateStyleWithRuleSets):
(WebCore::Style::AttributeChangeInvalidation::invalidateDescendants): Deleted.

  • style/AttributeChangeInvalidation.h:

(WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):
(WebCore::Style::AttributeChangeInvalidation::~AttributeChangeInvalidation):

  • style/ClassChangeInvalidation.cpp:

(WebCore::Style::ClassChangeInvalidation::computeInvalidation):

Should not bail on shadow tree invalidation as we may also need to invalidate siblings.

5:17 AM Changeset in webkit [228668] by Carlos Garcia Campos
  • 12 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228284 - [RenderTreeBuilder] Introduce RenderTreeBuilder to moveChild(ren)To() functions
https://bugs.webkit.org/show_bug.cgi?id=182596
<rdar://problem/37340553>

Reviewed by Sam Weinig.

This is in preparation for moving mutation code out of moveChildTo/moveChildrenTo.

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::dropAnonymousBoxChild):
(WebCore::RenderBlock::takeChild):

  • rendering/RenderBlock.h:

(WebCore::RenderBlock::moveAllChildrenIncludingFloatsTo):

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::styleDidChange):
(WebCore::RenderBlockFlow::moveAllChildrenIncludingFloatsTo):

  • rendering/RenderBlockFlow.h:
  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::moveChildTo):
(WebCore::RenderBoxModelObject::moveChildrenTo):

  • rendering/RenderBoxModelObject.h:

(WebCore::RenderBoxModelObject::moveChildTo):
(WebCore::RenderBoxModelObject::moveAllChildrenTo):
(WebCore::RenderBoxModelObject::moveChildrenTo):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::styleDidChange):
(WebCore::RenderElement::removeAnonymousWrappersForInlinesIfNecessary): Deleted.

  • rendering/RenderElement.h:
  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::takeChild):

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::makeChildrenNonInline):
(WebCore::RenderTreeBuilder::splitAnonymousBoxesAroundChild):
(WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded):
(WebCore::RenderTreeBuilder::childFlowStateChangesAndNoLongerAffectsParentBlock):
(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::createFragmentedFlow):
(WebCore::RenderTreeBuilder::MultiColumn::destroyFragmentedFlow):

  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
(WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):

  • rendering/updating/RenderTreeBuilderTable.cpp:

(WebCore::RenderTreeBuilder::Table::collapseAndDestroyAnonymousSiblingRows):

5:17 AM Changeset in webkit [228667] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228281 - [GStreamer] WebKit improperly handles missing GStreamer elements
https://bugs.webkit.org/show_bug.cgi?id=171205

Reviewed by Michael Catanzaro.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Add a
test checking the videoflip element was correctly created. It
might not be available on some exotic distros such as Gentoo.

5:17 AM Changeset in webkit [228666] by Carlos Garcia Campos
  • 15 edits in releases/WebKitGTK/webkit-2.20

Merge r228279 - AX: Defer attribute computation until needed.
https://bugs.webkit.org/show_bug.cgi?id=182386
<rdar://problem/37115277>

Reviewed by Zalan Bujtas.

Source/WebCore:

Accessibility is doing too much work when handling attribute changes. Here's how we can improve this:

1) Defer attribute changes while the tree is dirty (and coalesce them).
2) Don't create AXObjects when an attribute changes unnecessarily. If no client has requested an ax object, it's likely no work needs to be done

(with the exception of a few attributes like aria-modal)

3) Stop calculating the entire accessible ARIA label when trying to decide if an element should be ignored. That's generally wasteful and the

consequence of including more AX elements in the tree is very minimal.

  • accessibility/AXObjectCache.cpp:

(WebCore::rendererNeedsDeferredUpdate):
(WebCore::nodeAndRendererAreValid):
(WebCore::AXObjectCache::remove):
(WebCore::AXObjectCache::handleAriaExpandedChange):
(WebCore::AXObjectCache::handleAriaRoleChanged):
(WebCore::AXObjectCache::deferAttributeChangeIfNeeded):
(WebCore::AXObjectCache::shouldProcessAttributeChange):
(WebCore::AXObjectCache::handleAttributeChange):
(WebCore::AXObjectCache::prepareForDocumentDestruction):
(WebCore::AXObjectCache::performDeferredCacheUpdate):
(WebCore::AXObjectCache::deferRecomputeIsIgnoredIfNeeded):
(WebCore::AXObjectCache::deferRecomputeIsIgnored):
(WebCore::AXObjectCache::deferTextChangedIfNeeded):
(WebCore::AXObjectCache::deferSelectedChildrenChangedIfNeeded):
(WebCore::AXObjectCache::handleAttributeChanged): Deleted.

  • accessibility/AXObjectCache.h:

(WebCore::AXObjectCache::deferAttributeChangeIfNeeded):
(WebCore::AXObjectCache::handleAttributeChanged): Deleted.

  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::hasAttributesRequiredForInclusion const):

  • accessibility/AccessibleNode.cpp:

(WebCore::AccessibleNode::notifyAttributeChanged):

  • dom/Element.cpp:

(WebCore::Element::attributeChanged):

LayoutTests:

Update tests to reflect new world of delayed attribute handling for accessibility.

  • accessibility/canvas-fallback-content.html:

Make test async so attributes can be checked after deferred handling.

  • accessibility/mac/aria-expanded-notifications.html:

Access elements through AX tree so attribute changes generate notifications.

  • accessibility/mac/aria-listbox-selectedchildren-change.html:

Make test async so attributes can be checked after deferred handling.

  • accessibility/mac/aria-menu-item-selected-notification.html:

Access menu item through AX tree so attribute changes generate notifications.

  • accessibility/mac/aria-modal-auto-focus.html:

Access buttons after delay so attributes have time to be deferred.

  • accessibility/mac/element-busy-changed.html:

Process second attribute change after delay so we generate two notifications.

  • accessibility/mac/expanded-notification.html:

Set attributes after a delay so they generate individual notifications.

  • accessibility/notification-listeners.html:

Access elements through AX tree so attribute changes generate notifications.

5:17 AM Changeset in webkit [228665] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228274 - [RenderTreeBuilder] Move RenderElement::removeAnonymousWrappersForInlinesIfNecessary to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182582
<rdar://problem/37327890>

Reviewed by Antti Koivisto.

Tree mutation -> RenderTreeBuilder.

No change in functionality

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::styleDidChange):
(WebCore::RenderElement::removeAnonymousWrappersForInlinesIfNecessary): Deleted.

  • rendering/RenderElement.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::removeAnonymousWrappersForInlinesIfNecessary):
(WebCore::RenderTreeBuilder::childFlowStateChangesAndNoLongerAffectsParentBlock):
(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

  • rendering/updating/RenderTreeBuilder.h:
5:16 AM Changeset in webkit [228664] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebKit

Merge r228272 - [GTK] WaylandCompositor misusing eglGetProcAddress
https://bugs.webkit.org/show_bug.cgi?id=182490

Reviewed by Michael Catanzaro.

Check that the appropriate extensions are available before calling eglGetProcAddress, as even
getting a non null value from it, the functionality can be disabled at runtime.

  • UIProcess/gtk/WaylandCompositor.cpp:

(WebKit::WaylandCompositor::initializeEGL):

5:16 AM Changeset in webkit [228663] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20

Merge r228271 - [GStreamer] LayoutTest webaudio/silent-audio-interrupted-in-background.html makes its subsequent test flaky crash
https://bugs.webkit.org/show_bug.cgi?id=173916

Reviewed by Xabier Rodriguez Calvar.

Source/WebCore:

This patch fixes two crashes and a runtime warning:

  • The provider client configuration should be done from the main

thread but the no-more-pads signal of deinterleave was fired from
a non-main thread.

  • The deinterleave pad-removed signal can be fired for a not fully

configured pipeline if the audio context is interrupted. So the
peer quark of the removed pad needs to be checked, it might be a
null pointer.

  • The provider connects to the deinterleave signals only when a

client is provided, so the signal disconnection needs to check
that to avoid runtime warnings.

  • platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:

(WebCore::AudioSourceProviderGStreamer::AudioSourceProviderGStreamer):
Create a main thread notifier.
(WebCore::AudioSourceProviderGStreamer::~AudioSourceProviderGStreamer):
Invalidate notifier and check a client was set before
disconnecting from deinterleave signals.
(WebCore::AudioSourceProviderGStreamer::handleRemovedDeinterleavePad):
Check validity of the pad peer.
(WebCore::AudioSourceProviderGStreamer::deinterleavePadsConfigured):
Set client from main thread.

  • platform/audio/gstreamer/AudioSourceProviderGStreamer.h:

LayoutTests:

  • platform/gtk/TestExpectations: Unskip fixed test.
5:16 AM Changeset in webkit [228662] by svillar@igalia.com
  • 11 edits
    10 adds in trunk/Source/WebCore

[WebVR][OpenVR] Implement getVRDisplays()
https://bugs.webkit.org/show_bug.cgi?id=182692

Reviewed by Žan Doberšek.

This provides an implementation of Navigator's getVRDisplays()
method using OpenVR as backend. It queues several promises in
a queue and resolves them all just once. The information retrieved
is very minimal for the time being, but this change lays the ground
for all the changes that are about to land.

The VR code uses a VRManager which is the interface with the
platform code and the responsible for instantiating the right
platform code. This platform code is currently being implemented
using OpenVR but could we also ported in the future to OpenXR or any
other VR SDK.

  • CMakeLists.txt:
  • Modules/webvr/NavigatorWebVR.cpp:

(WebCore::NavigatorWebVR::getVRDisplays):
(WebCore::NavigatorWebVR::vrEnabled):

  • Modules/webvr/NavigatorWebVR.h:
  • Modules/webvr/VRDisplay.cpp:

(WebCore::VRDisplay::create):
(WebCore::VRDisplay::VRDisplay):
(WebCore::VRDisplay::isConnected const):
(WebCore::VRDisplay::displayName const):

  • Modules/webvr/VRDisplay.h:
  • Modules/webvr/VRDisplayCapabilities.cpp:

(WebCore::VRDisplayCapabilities::VRDisplayCapabilities):
(WebCore::VRDisplayCapabilities::hasPosition const):
(WebCore::VRDisplayCapabilities::hasOrientation const):
(WebCore::VRDisplayCapabilities::hasExternalDisplay const):
(WebCore::VRDisplayCapabilities::canPresent const):
(WebCore::VRDisplayCapabilities::maxLayer const):

  • Modules/webvr/VRDisplayCapabilities.h:

(WebCore::VRDisplayCapabilities::create):

  • Sources.txt:
  • platform/vr/VRManager.cpp: Added. This is the main interface used by bindings code to

access VR devices data provided by platform code.
(WebCore::VRManager::singleton):
(WebCore::VRManager::VRManager):
(WebCore::VRManager::~VRManager):
(WebCore::VRManager::refreshVRDevices):

  • platform/vr/VRManager.h: Added.
  • platform/vr/VRPlatformDisplay.h: Added. Abstraction of a VR display system. To be

implemented by backends like OpenVR, OpenXR...

  • platform/vr/VRPlatformManager.h: Added. Abstraction of the platform specific class which

retrieves data from VR devices. To be implemented by backends like OpenVR, OpenXR...

  • platform/vr/openvr/VRPlatformDisplayOpenVR.cpp: Added.

(WebCore::VRPlatformDisplayOpenVR::VRPlatformDisplayOpenVR):

  • platform/vr/openvr/VRPlatformDisplayOpenVR.h: Added.
  • platform/vr/openvr/VRPlatformManagerOpenVR.cpp: Added.

(WebCore::VRPlatformManagerOpenVR::create):
(WebCore::VRPlatformManagerOpenVR::VRPlatformManagerOpenVR):
(WebCore::VRPlatformManagerOpenVR::~VRPlatformManagerOpenVR):
(WebCore::VRPlatformManagerOpenVR::initOpenVR):

  • platform/vr/openvr/VRPlatformManagerOpenVR.h: Added.
  • WebCore.xcodeproj/project.pbxproj:
4:40 AM WebKitGTK/Gardening/Calendar edited by Claudio Saavedra
(diff)
4:10 AM Changeset in webkit [228661] by Manuel Rego Casasnovas
  • 8 edits
    4 adds in trunk

[css-grid] Apply automatic minimum size clamping to spanning items too
https://bugs.webkit.org/show_bug.cgi?id=182684

Reviewed by Javier Fernandez.

LayoutTests/imported/w3c:

Update WPT tests related to this change.

  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-022-expected.txt:
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-022.html:
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-023-expected.txt:
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-023.html:
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-024-expected.txt: Added.
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-024.html: Added.
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-025-expected.txt: Added.
  • web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-025.html: Added.
  • web-platform-tests/css/css-grid/grid-items/w3c-import.log:

Source/WebCore:

In r225776 we added the conditions from the spec to apply
the automatic minimum size clamping when required
but only to non-spanning items.
See: https://drafts.csswg.org/css-grid/#min-size-auto

This patch moves the code from GridTrackSizingAlgorithm::sizeTrackToFitNonSpanningItem()
to GridTrackSizingAlgorithmStrategy::minSizeForChild()
that way the clamping is applied for both spanning and non-spanning items.

This somehow reverts r225776, as it was adding some duplicated code.
All the checks to know if we should use that part of the spec
were already present in GridTrackSizingAlgorithmStrategy::minSizeForChild().

Apart from using the previous code, there's a new loop to verify
that the max track sizing function is fixed for all the tracks of the item.

Tests: imported/w3c/web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-024.html

imported/w3c/web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-025.html

  • rendering/GridTrackSizingAlgorithm.cpp:

(WebCore::GridTrackSizingAlgorithm::sizeTrackToFitNonSpanningItem):
(WebCore::GridTrackSizingAlgorithmStrategy::minSizeForChild const):

4:08 AM Changeset in webkit [228660] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228265 - [GStreamer][WebAudio] No need for version check in each loop iteration
https://bugs.webkit.org/show_bug.cgi?id=182577

Reviewed by Xabier Rodriguez Calvar.

  • platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:

(webkit_web_audio_src_init): Detect version once only, when creating the element.
(webKitWebAudioSrcLoop): Use boolean variable instead of checking the version every time.

4:08 AM Changeset in webkit [228659] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228258 - ASSERTION FAILED: vm->currentThreadIsHoldingAPILock() seen with http/tests/paymentrequest/payment-request-show-method.https.html
https://bugs.webkit.org/show_bug.cgi?id=182591

Reviewed by Youenn Fablet.

Fixes assertion failures in http/tests/paymentrequest/payment-request-show-method.https.html.

DOMPromise::whenSettled() calls the JSC API without first aquiring the API lock, and
r228195 added a call to whenSettled() where the lock is not guaranteed to be already
acquired.

Fix this by creating a JSLockHolder in DOMPromise::whenSettled().

  • bindings/js/JSDOMPromise.cpp:

(WebCore::DOMPromise::whenSettled):

4:08 AM Changeset in webkit [228658] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebKit

Merge r228257 - REGRESSION(r227758): Webpage fails to load due to crash in com.apple.WebKit: WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse + 267
https://bugs.webkit.org/show_bug.cgi?id=182532
<rdar://problem/36414017>

Patch by Antti Koivisto <Antti Koivisto> and Youenn Fablet <youenn@apple.com> on 2018-02-07
Reviewed by Chris Dumez.

No test case, don't know how to make one. The repro involves multipart HTTP streaming and details are hazy.
We were calling a function that was WTFMoved away just a few lines above.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):

4:08 AM Changeset in webkit [228657] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228249 - Remove unused CSSParserContext in CSSParser::parseInlineStyleDeclaration
https://bugs.webkit.org/show_bug.cgi?id=182587

Reviewed by Simon Fraser.

Removed the code. There is no need to create an unused CSSParserContext in CSSParser.

  • css/parser/CSSParser.cpp:

(WebCore::CSSParser::parseInlineStyleDeclaration):

  • css/parser/CSSParser.h:
  • css/parser/CSSParserImpl.cpp:

(WebCore::CSSParserImpl::parseInlineStyleDeclaration):

  • css/parser/CSSParserImpl.h:
4:08 AM Changeset in webkit [228656] by Carlos Garcia Campos
  • 3 edits
    3 adds in releases/WebKitGTK/webkit-2.20

Merge r228241 - ASSERTION FAILED: m_timeOrigin in Performance::Performance()
https://bugs.webkit.org/show_bug.cgi?id=182558
<rdar://problem/37297551>

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-07
Reviewed by Chris Dumez.

Source/WebCore:

Test: http/wpt/fetch/cors-preflight-star.any.serviceworker.html

  • loader/CrossOriginPreflightChecker.cpp:

(WebCore::CrossOriginPreflightChecker::startPreflight):

LayoutTests:

Make use of WPT cors-preflight-star.any.js test in service worker.
This test should be removed once WPT will run any.js tests in service workers as well as workers and window.

  • http/wpt/service-workers/cors-preflight-star.any.js: Added.
  • http/wpt/service-workers/cors-preflight-star.any.serviceworker-expected.txt: Added.
  • http/wpt/service-workers/cors-preflight-star.any.serviceworker.html: Added.
4:08 AM Changeset in webkit [228655] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228238 - [RenderTreeBuilder] Remove RenderElement::destroyLeftoverChildren.
https://bugs.webkit.org/show_bug.cgi?id=182518
<rdar://problem/37256035>

Reviewed by Antti Koivisto.

Remove leftover children before we call takeChild() on the parent (as opposed to when
we finally call destroy() on the parent).
This patch also explicitly destroys the top level pagination renderers.

Covered by existing tests.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::removeAndDestroyChild):
(WebCore::RenderElement::destroyLeftoverChildren): Deleted.

  • rendering/RenderElement.h:
  • rendering/RenderObject.cpp:

(WebCore::RenderObject::destroy):

  • rendering/updating/RenderTreeUpdater.cpp:

(WebCore::RenderTreeUpdater::tearDownRenderers):
(WebCore::RenderTreeUpdater::tearDownLeftoverPaginationRenderersIfNeeded):

  • rendering/updating/RenderTreeUpdater.h:
3:50 AM Changeset in webkit [228654] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Source/WebInspectorUI

Merge r228232 - Web Inspector: Styles: completion popover doesn't hide when switching panels
https://bugs.webkit.org/show_bug.cgi?id=182464
<rdar://problem/37202763>

Reviewed by Timothy Hatcher.

Hide completion popover by triggering blur event on the focused text field.
Removing text fields from the DOM tree would hide the completion popovers as well,
but switching sidebar panels doesn't remove them from the DOM.

  • UserInterface/Views/SpreadsheetCSSStyleDeclarationEditor.js:

(WI.SpreadsheetCSSStyleDeclarationEditor.prototype.hidden):

  • UserInterface/Views/SpreadsheetCSSStyleDeclarationSection.js:

(WI.SpreadsheetCSSStyleDeclarationSection.prototype.hidden):

  • UserInterface/Views/SpreadsheetRulesStyleDetailsPanel.js:

(WI.SpreadsheetRulesStyleDetailsPanel.prototype.hidden):

  • UserInterface/Views/SpreadsheetStyleProperty.js:

(WI.SpreadsheetStyleProperty.prototype.hidden):

3:50 AM Changeset in webkit [228653] by Carlos Garcia Campos
  • 12 edits in releases/WebKitGTK/webkit-2.20

Merge r228230 - IndexedDB in service workers is using a memory backed store
https://bugs.webkit.org/show_bug.cgi?id=182574
<rdar://problem/37316205>

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Rebaseline WPT test that is now passing.

  • web-platform-tests/service-workers/service-worker/indexeddb.https-expected.txt:

Source/WebKit:

Make sure we pass a proper WebDatabaseProvider to the ServiceWorkerProcess via
PageConfiguration. Otherwise, we end up using the default EmptyDatabaseProvider
which uses an InProcessIDBServer and a memory-backed store for IndexedDB.

  • UIProcess/ServiceWorkerProcessProxy.cpp:

(WebKit::ServiceWorkerProcessProxy::start):

  • UIProcess/WebProcessPool.h:
  • WebProcess/Storage/WebSWContextManagerConnection.cpp:

(WebKit::WebSWContextManagerConnection::WebSWContextManagerConnection):
(WebKit::WebSWContextManagerConnection::installServiceWorker):

  • WebProcess/Storage/WebSWContextManagerConnection.h:
  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::establishWorkerContextConnectionToStorageProcess):

  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in:

LayoutTests:

Unskip test that no longer times out.

3:50 AM Changeset in webkit [228652] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebKit

Merge r228227 - [GTK] Typo in a translatable string
https://bugs.webkit.org/show_bug.cgi?id=182570

Unreviewed. Fix a typo.

  • UIProcess/API/glib/WebKitWebsiteDataManager.cpp:

(webkit_website_data_manager_class_init):

3:50 AM Changeset in webkit [228651] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Tools

Merge r228225 - [GTK] Enable WebKit.GeolocationTransitionTo{High,Low}Accuracy tests
https://bugs.webkit.org/show_bug.cgi?id=125068

Unreviewed test gardening.

They do not appear to have failed since we started running them again in r226944.

  • TestWebKitAPI/glib/TestExpectations.json:
3:41 AM Changeset in webkit [228650] by Carlos Garcia Campos
  • 13 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228224 - [RenderTreeBuilder] Move RenderBlock::removeLeftoverAnonymousBlock to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182510
<rdar://problem/37250037>

Reviewed by Antti Koivisto.

Do not reinvent subtree reparenting.

Covered by existing tests.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::removeLeftoverAnonymousBlock): Deleted.

  • rendering/RenderBlock.h:
  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::moveAllChildrenToInternal):

  • rendering/RenderBoxModelObject.h:
  • rendering/RenderButton.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::detachRendererInternal):
(WebCore::RenderElement::attachRendererInternal):
(WebCore::RenderElement::insertChildInternal):
(WebCore::RenderElement::takeChildInternal):

  • rendering/RenderElement.h:
  • rendering/RenderRuby.h:
  • rendering/RenderRubyRun.h:
  • rendering/RenderTextControl.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::insertChildIgnoringContinuation):
(WebCore::RenderTreeBuilder::Block::childBecameNonInline):
(WebCore::RenderTreeBuilder::Block::removeLeftoverAnonymousBlock):

  • rendering/updating/RenderTreeBuilderBlock.h:
3:31 AM Changeset in webkit [228649] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Tools

Merge r228223 - [GTK] Enable WebKit.InjectedBundleFrameHitTest test
https://bugs.webkit.org/show_bug.cgi?id=120303

Unreviewed test gardening.

It does not appear to have failed since we started running it again in r226944.

  • TestWebKitAPI/glib/TestExpectations.json:
3:30 AM Changeset in webkit [228648] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Tools

Merge r228222 - [GTK] Enable WebKit.ForceRepaint test
https://bugs.webkit.org/show_bug.cgi?id=105532

Unreviewed test gardening.

It does not appear to have failed since we started running it again in r226944.

  • TestWebKitAPI/glib/TestExpectations.json:
3:30 AM Changeset in webkit [228647] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Tools

Merge r228220 - [GTK] Enable WebKit.NewFirstVisuallyNonEmptyLayoutFrames test
https://bugs.webkit.org/show_bug.cgi?id=85037

Unreviewed test gardening.

It does not appear to have failed since we started running it again in r226944.

  • TestWebKitAPI/glib/TestExpectations.json:
3:28 AM Changeset in webkit [228646] by Carlos Garcia Campos
  • 479 edits
    215 deletes in releases/WebKitGTK/webkit-2.20

Merge r228218 - Remove WebCore/ForwardingHeaders directory
https://bugs.webkit.org/show_bug.cgi?id=182347

Reviewed by Keith Miller.

Source/ThirdParty:

  • gtest/CMakeLists.txt:
  • gtest/include/gtest/internal/gtest-port.h:

Source/WebCore:

No new tests. No change in behavior.

  • CMakeLists.txt:
  • ForwardingHeaders/bindings/ScriptFunctionCall.h: Removed.
  • ForwardingHeaders/bindings/ScriptObject.h: Removed.
  • ForwardingHeaders/bindings/ScriptValue.h: Removed.
  • ForwardingHeaders/builtins/BuiltinNames.h: Removed.
  • ForwardingHeaders/builtins/BuiltinUtils.h: Removed.
  • ForwardingHeaders/builtins/JSCBuiltins.h: Removed.
  • ForwardingHeaders/bytecode/CodeBlock.h: Removed.
  • ForwardingHeaders/bytecode/SpeculatedType.h: Removed.
  • ForwardingHeaders/bytecode/UnlinkedFunctionExecutable.h: Removed.
  • ForwardingHeaders/debugger/Debugger.h: Removed.
  • ForwardingHeaders/domjit/DOMJITAbstractHeap.h: Removed.
  • ForwardingHeaders/domjit/DOMJITEffect.h: Removed.
  • ForwardingHeaders/domjit/DOMJITGetterSetter.h: Removed.
  • ForwardingHeaders/domjit/DOMJITHeapRange.h: Removed.
  • ForwardingHeaders/domjit/DOMJITSignature.h: Removed.
  • ForwardingHeaders/heap/BlockDirectoryInlines.h: Removed.
  • ForwardingHeaders/heap/DeleteAllCodeEffort.h: Removed.
  • ForwardingHeaders/heap/FastMallocAlignedMemoryAllocator.h: Removed.
  • ForwardingHeaders/heap/GCActivityCallback.h: Removed.
  • ForwardingHeaders/heap/GCFinalizationCallback.h: Removed.
  • ForwardingHeaders/heap/HandleTypes.h: Removed.
  • ForwardingHeaders/heap/Heap.h: Removed.
  • ForwardingHeaders/heap/HeapInlines.h: Removed.
  • ForwardingHeaders/heap/HeapObserver.h: Removed.
  • ForwardingHeaders/heap/IncrementalSweeper.h: Removed.
  • ForwardingHeaders/heap/LockDuringMarking.h: Removed.
  • ForwardingHeaders/heap/MachineStackMarker.h: Removed.
  • ForwardingHeaders/heap/MarkedBlockInlines.h: Removed.
  • ForwardingHeaders/heap/MarkingConstraint.h: Removed.
  • ForwardingHeaders/heap/RunningScope.h: Removed.
  • ForwardingHeaders/heap/SimpleMarkingConstraint.h: Removed.
  • ForwardingHeaders/heap/SlotVisitor.h: Removed.
  • ForwardingHeaders/heap/SlotVisitorInlines.h: Removed.
  • ForwardingHeaders/heap/Strong.h: Removed.
  • ForwardingHeaders/heap/StrongInlines.h: Removed.
  • ForwardingHeaders/heap/SubspaceInlines.h: Removed.
  • ForwardingHeaders/heap/ThreadLocalCache.h: Removed.
  • ForwardingHeaders/heap/Weak.h: Removed.
  • ForwardingHeaders/heap/WeakInlines.h: Removed.
  • ForwardingHeaders/inspector/ConsoleMessage.h: Removed.
  • ForwardingHeaders/inspector/ContentSearchUtilities.h: Removed.
  • ForwardingHeaders/inspector/IdentifiersFactory.h: Removed.
  • ForwardingHeaders/inspector/InjectedScript.h: Removed.
  • ForwardingHeaders/inspector/InjectedScriptBase.h: Removed.
  • ForwardingHeaders/inspector/InjectedScriptHost.h: Removed.
  • ForwardingHeaders/inspector/InjectedScriptManager.h: Removed.
  • ForwardingHeaders/inspector/InjectedScriptModule.h: Removed.
  • ForwardingHeaders/inspector/InspectorAgentBase.h: Removed.
  • ForwardingHeaders/inspector/InspectorAgentRegistry.h: Removed.
  • ForwardingHeaders/inspector/InspectorBackendDispatcher.h: Removed.
  • ForwardingHeaders/inspector/InspectorBackendDispatchers.h: Removed.
  • ForwardingHeaders/inspector/InspectorEnvironment.h: Removed.
  • ForwardingHeaders/inspector/InspectorFrontendChannel.h: Removed.
  • ForwardingHeaders/inspector/InspectorFrontendDispatchers.h: Removed.
  • ForwardingHeaders/inspector/InspectorFrontendRouter.h: Removed.
  • ForwardingHeaders/inspector/InspectorProtocolObjects.h: Removed.
  • ForwardingHeaders/inspector/InspectorProtocolTypes.h: Removed.
  • ForwardingHeaders/inspector/PerGlobalObjectWrapperWorld.h: Removed.
  • ForwardingHeaders/inspector/ScriptArguments.h: Removed.
  • ForwardingHeaders/inspector/ScriptBreakpoint.h: Removed.
  • ForwardingHeaders/inspector/ScriptCallFrame.h: Removed.
  • ForwardingHeaders/inspector/ScriptCallStack.h: Removed.
  • ForwardingHeaders/inspector/ScriptCallStackFactory.h: Removed.
  • ForwardingHeaders/inspector/ScriptDebugListener.h: Removed.
  • ForwardingHeaders/inspector/ScriptDebugServer.h: Removed.
  • ForwardingHeaders/inspector/agents/InspectorAgent.h: Removed.
  • ForwardingHeaders/inspector/agents/InspectorConsoleAgent.h: Removed.
  • ForwardingHeaders/inspector/agents/InspectorDebuggerAgent.h: Removed.
  • ForwardingHeaders/inspector/agents/InspectorHeapAgent.h: Removed.
  • ForwardingHeaders/inspector/agents/InspectorRuntimeAgent.h: Removed.
  • ForwardingHeaders/inspector/agents/InspectorScriptProfilerAgent.h: Removed.
  • ForwardingHeaders/interpreter/CallFrame.h: Removed.
  • ForwardingHeaders/interpreter/FrameTracers.h: Removed.
  • ForwardingHeaders/interpreter/ShadowChicken.h: Removed.
  • ForwardingHeaders/interpreter/StackVisitor.h: Removed.
  • ForwardingHeaders/jit/JITCode.h: Removed.
  • ForwardingHeaders/jit/JITMathICForwards.h: Removed.
  • ForwardingHeaders/jit/Snippet.h: Removed.
  • ForwardingHeaders/jit/SnippetParams.h: Removed.
  • ForwardingHeaders/jit/SpillRegistersMode.h: Removed.
  • ForwardingHeaders/masm/X86Assembler.h: Removed.
  • ForwardingHeaders/parser/ParserError.h: Removed.
  • ForwardingHeaders/parser/SourceCode.h: Removed.
  • ForwardingHeaders/parser/SourceProvider.h: Removed.
  • ForwardingHeaders/parser/SourceProviderCache.h: Removed.
  • ForwardingHeaders/profiler/ProfilerDatabase.h: Removed.
  • ForwardingHeaders/runtime/ArgList.h: Removed.
  • ForwardingHeaders/runtime/ArrayBuffer.h: Removed.
  • ForwardingHeaders/runtime/ArrayBufferView.h: Removed.
  • ForwardingHeaders/runtime/ArrayPrototype.h: Removed.
  • ForwardingHeaders/runtime/AuxiliaryBarrierInlines.h: Removed.
  • ForwardingHeaders/runtime/BooleanObject.h: Removed.
  • ForwardingHeaders/runtime/CallData.h: Removed.
  • ForwardingHeaders/runtime/CatchScope.h: Removed.
  • ForwardingHeaders/runtime/CommonIdentifiers.h: Removed.
  • ForwardingHeaders/runtime/Completion.h: Removed.
  • ForwardingHeaders/runtime/ConfigFile.h: Removed.
  • ForwardingHeaders/runtime/ConsoleClient.h: Removed.
  • ForwardingHeaders/runtime/ConsoleTypes.h: Removed.
  • ForwardingHeaders/runtime/ConstructAbility.h: Removed.
  • ForwardingHeaders/runtime/ConstructData.h: Removed.
  • ForwardingHeaders/runtime/DataView.h: Removed.
  • ForwardingHeaders/runtime/DateInstance.h: Removed.
  • ForwardingHeaders/runtime/Error.h: Removed.
  • ForwardingHeaders/runtime/ErrorHandlingScope.h: Removed.
  • ForwardingHeaders/runtime/ErrorInstance.h: Removed.
  • ForwardingHeaders/runtime/ErrorPrototype.h: Removed.
  • ForwardingHeaders/runtime/Exception.h: Removed.
  • ForwardingHeaders/runtime/ExceptionHelpers.h: Removed.
  • ForwardingHeaders/runtime/Float32Array.h: Removed.
  • ForwardingHeaders/runtime/Float64Array.h: Removed.
  • ForwardingHeaders/runtime/FunctionConstructor.h: Removed.
  • ForwardingHeaders/runtime/FunctionExecutable.h: Removed.
  • ForwardingHeaders/runtime/FunctionPrototype.h: Removed.
  • ForwardingHeaders/runtime/HashMapImpl.h: Removed.
  • ForwardingHeaders/runtime/Identifier.h: Removed.
  • ForwardingHeaders/runtime/IdentifierInlines.h: Removed.
  • ForwardingHeaders/runtime/InitializeThreading.h: Removed.
  • ForwardingHeaders/runtime/Int16Array.h: Removed.
  • ForwardingHeaders/runtime/Int32Array.h: Removed.
  • ForwardingHeaders/runtime/Int8Array.h: Removed.
  • ForwardingHeaders/runtime/InternalFunction.h: Removed.
  • ForwardingHeaders/runtime/Intrinsic.h: Removed.
  • ForwardingHeaders/runtime/IterationKind.h: Removed.
  • ForwardingHeaders/runtime/IteratorOperations.h: Removed.
  • ForwardingHeaders/runtime/IteratorPrototype.h: Removed.
  • ForwardingHeaders/runtime/JSAPIValueWrapper.h: Removed.
  • ForwardingHeaders/runtime/JSArray.h: Removed.
  • ForwardingHeaders/runtime/JSArrayBuffer.h: Removed.
  • ForwardingHeaders/runtime/JSArrayBufferView.h: Removed.
  • ForwardingHeaders/runtime/JSCInlines.h: Removed.
  • ForwardingHeaders/runtime/JSCJSValue.h: Removed.
  • ForwardingHeaders/runtime/JSCJSValueInlines.h: Removed.
  • ForwardingHeaders/runtime/JSCallee.h: Removed.
  • ForwardingHeaders/runtime/JSCell.h: Removed.
  • ForwardingHeaders/runtime/JSCellInlines.h: Removed.
  • ForwardingHeaders/runtime/JSDataView.h: Removed.
  • ForwardingHeaders/runtime/JSDestructibleObject.h: Removed.
  • ForwardingHeaders/runtime/JSDestructibleObjectHeapCellType.h: Removed.
  • ForwardingHeaders/runtime/JSExportMacros.h: Removed.
  • ForwardingHeaders/runtime/JSFunction.h: Removed.
  • ForwardingHeaders/runtime/JSGlobalObject.h: Removed.
  • ForwardingHeaders/runtime/JSGlobalObjectInlines.h: Removed.
  • ForwardingHeaders/runtime/JSInternalPromise.h: Removed.
  • ForwardingHeaders/runtime/JSInternalPromiseDeferred.h: Removed.
  • ForwardingHeaders/runtime/JSLock.h: Removed.
  • ForwardingHeaders/runtime/JSMap.h: Removed.
  • ForwardingHeaders/runtime/JSMapIterator.h: Removed.
  • ForwardingHeaders/runtime/JSModuleLoader.h: Removed.
  • ForwardingHeaders/runtime/JSModuleRecord.h: Removed.
  • ForwardingHeaders/runtime/JSNativeStdFunction.h: Removed.
  • ForwardingHeaders/runtime/JSONObject.h: Removed.
  • ForwardingHeaders/runtime/JSObject.h: Removed.
  • ForwardingHeaders/runtime/JSObjectInlines.h: Removed.
  • ForwardingHeaders/runtime/JSPromise.h: Removed.
  • ForwardingHeaders/runtime/JSPromiseConstructor.h: Removed.
  • ForwardingHeaders/runtime/JSPromiseDeferred.h: Removed.
  • ForwardingHeaders/runtime/JSProxy.h: Removed.
  • ForwardingHeaders/runtime/JSRunLoopTimer.h: Removed.
  • ForwardingHeaders/runtime/JSScriptFetchParameters.h: Removed.
  • ForwardingHeaders/runtime/JSScriptFetcher.h: Removed.
  • ForwardingHeaders/runtime/JSSegmentedVariableObjectHeapCellType.h: Removed.
  • ForwardingHeaders/runtime/JSSet.h: Removed.
  • ForwardingHeaders/runtime/JSSetIterator.h: Removed.
  • ForwardingHeaders/runtime/JSSourceCode.h: Removed.
  • ForwardingHeaders/runtime/JSString.h: Removed.
  • ForwardingHeaders/runtime/JSTypedArrays.h: Removed.
  • ForwardingHeaders/runtime/JSWithScope.h: Removed.
  • ForwardingHeaders/runtime/Lookup.h: Removed.
  • ForwardingHeaders/runtime/MapBase.h: Removed.
  • ForwardingHeaders/runtime/MapData.h: Removed.
  • ForwardingHeaders/runtime/MapDataInlines.h: Removed.
  • ForwardingHeaders/runtime/MatchResult.h: Removed.
  • ForwardingHeaders/runtime/Microtask.h: Removed.
  • ForwardingHeaders/runtime/ObjectConstructor.h: Removed.
  • ForwardingHeaders/runtime/ObjectPrototype.h: Removed.
  • ForwardingHeaders/runtime/Operations.h: Removed.
  • ForwardingHeaders/runtime/PrivateName.h: Removed.
  • ForwardingHeaders/runtime/PromiseDeferredTimer.h: Removed.
  • ForwardingHeaders/runtime/PropertyNameArray.h: Removed.
  • ForwardingHeaders/runtime/Protect.h: Removed.
  • ForwardingHeaders/runtime/RegExp.h: Removed.
  • ForwardingHeaders/runtime/RegExpObject.h: Removed.
  • ForwardingHeaders/runtime/RuntimeFlags.h: Removed.
  • ForwardingHeaders/runtime/SamplingProfiler.h: Removed.
  • ForwardingHeaders/runtime/ScriptFetchParameters.h: Removed.
  • ForwardingHeaders/runtime/ScriptFetcher.h: Removed.
  • ForwardingHeaders/runtime/StringObject.h: Removed.
  • ForwardingHeaders/runtime/StringPrototype.h: Removed.
  • ForwardingHeaders/runtime/Structure.h: Removed.
  • ForwardingHeaders/runtime/StructureChain.h: Removed.
  • ForwardingHeaders/runtime/StructureInlines.h: Removed.
  • ForwardingHeaders/runtime/Symbol.h: Removed.
  • ForwardingHeaders/runtime/SymbolTable.h: Removed.
  • ForwardingHeaders/runtime/ThrowScope.h: Removed.
  • ForwardingHeaders/runtime/TypedArrayController.h: Removed.
  • ForwardingHeaders/runtime/TypedArrayInlines.h: Removed.
  • ForwardingHeaders/runtime/TypedArrays.h: Removed.
  • ForwardingHeaders/runtime/Uint16Array.h: Removed.
  • ForwardingHeaders/runtime/Uint32Array.h: Removed.
  • ForwardingHeaders/runtime/Uint8Array.h: Removed.
  • ForwardingHeaders/runtime/Uint8ClampedArray.h: Removed.
  • ForwardingHeaders/runtime/VM.h: Removed.
  • ForwardingHeaders/runtime/VMEntryScope.h: Removed.
  • ForwardingHeaders/runtime/Watchdog.h: Removed.
  • ForwardingHeaders/runtime/WeakGCMap.h: Removed.
  • ForwardingHeaders/runtime/WeakGCMapInlines.h: Removed.
  • ForwardingHeaders/runtime/WriteBarrier.h: Removed.
  • ForwardingHeaders/wasm/WasmModule.h: Removed.
  • ForwardingHeaders/wasm/js/JSWebAssemblyModule.h: Removed.
  • ForwardingHeaders/yarr/RegularExpression.h: Removed.
  • ForwardingHeaders/yarr/Yarr.h: Removed.
  • ForwardingHeaders/yarr/YarrInterpreter.h: Removed.
  • ForwardingHeaders/yarr/YarrJIT.h: Removed.
  • ForwardingHeaders/yarr/YarrPattern.h: Removed.
  • Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
  • Modules/encryptedmedia/MediaKeyMessageEvent.h:
  • Modules/encryptedmedia/MediaKeyMessageEventInit.h:
  • Modules/encryptedmedia/MediaKeyStatusMap.h:
  • Modules/encryptedmedia/legacy/LegacyCDM.h:
  • Modules/encryptedmedia/legacy/LegacyCDMSessionClearKey.cpp:
  • Modules/encryptedmedia/legacy/WebKitMediaKeyMessageEvent.cpp:
  • Modules/encryptedmedia/legacy/WebKitMediaKeyNeededEvent.cpp:
  • Modules/encryptedmedia/legacy/WebKitMediaKeySession.h:
  • Modules/encryptedmedia/legacy/WebKitMediaKeys.h:
  • Modules/fetch/FetchBody.cpp:
  • Modules/fetch/FetchRequestInit.h:
  • Modules/fetch/FetchResponse.h:
  • Modules/indexeddb/IDBCursor.cpp:
  • Modules/indexeddb/IDBCursor.h:
  • Modules/indexeddb/IDBCursorWithValue.cpp:
  • Modules/indexeddb/IDBDatabase.cpp:
  • Modules/indexeddb/IDBIndex.cpp:
  • Modules/indexeddb/IDBKey.cpp:
  • Modules/indexeddb/IDBKeyRange.cpp:
  • Modules/indexeddb/IDBObjectStore.cpp:
  • Modules/indexeddb/IDBRequest.cpp:
  • Modules/indexeddb/IDBRequest.h:
  • Modules/indexeddb/client/TransactionOperation.cpp:
  • Modules/indexeddb/server/MemoryObjectStore.cpp:
  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:
  • Modules/mediacontrols/MediaControlsHost.cpp:
  • Modules/mediasource/SourceBuffer.cpp:
  • Modules/mediastream/RTCDataChannel.cpp:
  • Modules/plugins/QuickTimePluginReplacement.mm:
  • Modules/webaudio/AsyncAudioDecoder.cpp:
  • Modules/webaudio/AudioBuffer.cpp:
  • Modules/webaudio/AudioBuffer.h:
  • Modules/webaudio/AudioContext.cpp:
  • Modules/webaudio/AudioContext.h:
  • Modules/webaudio/AudioParam.h:
  • Modules/webaudio/AudioParamTimeline.h:
  • Modules/webaudio/PeriodicWave.h:
  • Modules/webaudio/RealtimeAnalyser.cpp:
  • Modules/webaudio/RealtimeAnalyser.h:
  • Modules/webaudio/ScriptProcessorNode.cpp:
  • Modules/webaudio/WaveShaperProcessor.h:
  • Modules/webauthn/AuthenticatorResponse.h:
  • Modules/webauthn/PublicKeyCredential.h:
  • Modules/websockets/WebSocket.cpp:
  • Modules/websockets/WebSocketChannel.cpp:
  • Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
  • Modules/webvr/VREyeParameters.h:
  • Modules/webvr/VRFrameData.h:
  • Modules/webvr/VRPose.h:
  • Modules/webvr/VRStageParameters.h:
  • PlatformWin.cmake:
  • bindings/IDLTypes.h:
  • bindings/js/BufferSource.h:
  • bindings/js/CachedScriptFetcher.h:
  • bindings/js/CachedScriptSourceProvider.h:
  • bindings/js/CallTracerTypes.h:
  • bindings/js/CommonVM.cpp:
  • bindings/js/DOMGCOutputConstraint.cpp:
  • bindings/js/DOMGCOutputConstraint.h:
  • bindings/js/GCController.cpp:
  • bindings/js/GCController.h:
  • bindings/js/IDBBindingUtilities.cpp:
  • bindings/js/JSCallbackData.cpp:
  • bindings/js/JSCallbackData.h:
  • bindings/js/JSCustomElementInterface.cpp:
  • bindings/js/JSCustomElementInterface.h:
  • bindings/js/JSCustomEventCustom.cpp:
  • bindings/js/JSCustomXPathNSResolver.cpp:
  • bindings/js/JSCustomXPathNSResolver.h:
  • bindings/js/JSDOMBinding.h:
  • bindings/js/JSDOMBuiltinConstructorBase.cpp:
  • bindings/js/JSDOMConstructorBase.cpp:
  • bindings/js/JSDOMConvertBase.h:
  • bindings/js/JSDOMConvertBufferSource.h:
  • bindings/js/JSDOMConvertDate.cpp:
  • bindings/js/JSDOMConvertInterface.h:
  • bindings/js/JSDOMConvertJSON.h:
  • bindings/js/JSDOMConvertNumbers.cpp:
  • bindings/js/JSDOMConvertNumbers.h:
  • bindings/js/JSDOMConvertObject.h:
  • bindings/js/JSDOMConvertRecord.h:
  • bindings/js/JSDOMConvertSequences.h:
  • bindings/js/JSDOMConvertStrings.cpp:
  • bindings/js/JSDOMConvertUnion.h:
  • bindings/js/JSDOMExceptionHandling.cpp:
  • bindings/js/JSDOMExceptionHandling.h:
  • bindings/js/JSDOMGlobalObject.cpp:
  • bindings/js/JSDOMGlobalObject.h:
  • bindings/js/JSDOMGlobalObjectTask.cpp:
  • bindings/js/JSDOMGuardedObject.h:
  • bindings/js/JSDOMIterator.cpp:
  • bindings/js/JSDOMIterator.h:
  • bindings/js/JSDOMMapLike.cpp:
  • bindings/js/JSDOMMapLike.h:
  • bindings/js/JSDOMPromise.cpp:
  • bindings/js/JSDOMPromise.h:
  • bindings/js/JSDOMPromiseDeferred.cpp:
  • bindings/js/JSDOMPromiseDeferred.h:
  • bindings/js/JSDOMWindowBase.cpp:
  • bindings/js/JSDOMWindowCustom.cpp:
  • bindings/js/JSDOMWindowProxy.cpp:
  • bindings/js/JSDOMWindowProxy.h:
  • bindings/js/JSDOMWrapper.cpp:
  • bindings/js/JSDOMWrapper.h:
  • bindings/js/JSDOMWrapperCache.cpp:
  • bindings/js/JSDOMWrapperCache.h:
  • bindings/js/JSDynamicDowncast.h:
  • bindings/js/JSErrorHandler.cpp:
  • bindings/js/JSEventCustom.cpp:
  • bindings/js/JSEventListener.cpp:
  • bindings/js/JSEventListener.h:
  • bindings/js/JSHTMLElementCustom.cpp:
  • bindings/js/JSHistoryCustom.cpp:
  • bindings/js/JSIDBCursorWithValueCustom.cpp:
  • bindings/js/JSIDBIndexCustom.cpp:
  • bindings/js/JSImageDataCustom.cpp:
  • bindings/js/JSLazyEventListener.cpp:
  • bindings/js/JSLocationCustom.cpp:
  • bindings/js/JSMainThreadExecState.h:
  • bindings/js/JSMainThreadExecStateInstrumentation.h:
  • bindings/js/JSMessageChannelCustom.cpp:
  • bindings/js/JSMessageEventCustom.cpp:
  • bindings/js/JSNodeIteratorCustom.cpp:
  • bindings/js/JSPopStateEventCustom.cpp:
  • bindings/js/JSReadableStreamPrivateConstructors.cpp:
  • bindings/js/JSTreeWalkerCustom.cpp:
  • bindings/js/JSWebGL2RenderingContextCustom.cpp:
  • bindings/js/JSWorkerGlobalScopeBase.cpp:
  • bindings/js/ReadableStreamDefaultController.cpp:
  • bindings/js/ReadableStreamDefaultController.h:
  • bindings/js/ScheduledAction.cpp:
  • bindings/js/ScheduledAction.h:
  • bindings/js/ScriptCachedFrameData.cpp:
  • bindings/js/ScriptCachedFrameData.h:
  • bindings/js/ScriptController.cpp:
  • bindings/js/ScriptController.h:
  • bindings/js/ScriptControllerMac.mm:
  • bindings/js/ScriptModuleLoader.cpp:
  • bindings/js/ScriptModuleLoader.h:
  • bindings/js/ScriptSourceCode.h:
  • bindings/js/ScriptState.cpp:
  • bindings/js/ScriptWrappable.h:
  • bindings/js/ScriptWrappableInlines.h:
  • bindings/js/SerializedScriptValue.cpp:
  • bindings/js/SerializedScriptValue.h:
  • bindings/js/StructuredClone.cpp:
  • bindings/js/WebCoreBuiltinNames.h:
  • bindings/js/WebCoreJSClientData.cpp:
  • bindings/js/WebCoreTypedArrayController.cpp:
  • bindings/js/WebCoreTypedArrayController.h:
  • bindings/js/WorkerScriptController.cpp:
  • bindings/js/WorkerScriptController.h:
  • bridge/NP_jsobject.cpp:
  • bridge/c/CRuntimeObject.cpp:
  • bridge/c/c_class.cpp:
  • bridge/c/c_instance.cpp:
  • bridge/c/c_runtime.cpp:
  • bridge/c/c_utility.cpp:
  • bridge/c/c_utility.h:
  • bridge/jsc/BridgeJSC.cpp:
  • bridge/jsc/BridgeJSC.h:
  • bridge/npruntime.cpp:
  • bridge/objc/ObjCRuntimeObject.mm:
  • bridge/objc/WebScriptObject.mm:
  • bridge/objc/WebScriptObjectPrivate.h:
  • bridge/objc/objc_instance.mm:
  • bridge/objc/objc_runtime.h:
  • bridge/objc/objc_runtime.mm:
  • bridge/objc/objc_utility.h:
  • bridge/objc/objc_utility.mm:
  • bridge/runtime_array.cpp:
  • bridge/runtime_array.h:
  • bridge/runtime_method.cpp:
  • bridge/runtime_method.h:
  • bridge/runtime_object.cpp:
  • bridge/runtime_object.h:
  • bridge/runtime_root.cpp:
  • bridge/runtime_root.h:
  • crypto/SubtleCrypto.cpp:
  • crypto/SubtleCrypto.h:
  • crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
  • crypto/keys/CryptoRsaKeyAlgorithm.h:
  • crypto/mac/CryptoKeyRSAMac.cpp:
  • crypto/parameters/CryptoAlgorithmEcdsaParams.h:
  • crypto/parameters/CryptoAlgorithmHkdfParams.h:
  • crypto/parameters/CryptoAlgorithmHmacKeyParams.h:
  • crypto/parameters/CryptoAlgorithmPbkdf2Params.h:
  • crypto/parameters/CryptoAlgorithmRsaHashedImportParams.h:
  • crypto/parameters/CryptoAlgorithmRsaHashedKeyGenParams.h:
  • crypto/parameters/CryptoAlgorithmRsaKeyGenParams.h:
  • css/CSSFontFaceSource.h:
  • css/DOMMatrixReadOnly.cpp:
  • css/DOMMatrixReadOnly.h:
  • css/FontFace.cpp:
  • dom/CustomElementReactionQueue.cpp:
  • dom/CustomElementRegistry.cpp:
  • dom/CustomEvent.cpp:
  • dom/CustomEvent.h:
  • dom/Document.cpp:
  • dom/Document.h:
  • dom/ErrorEvent.cpp:
  • dom/ErrorEvent.h:
  • dom/LoadableScript.h:
  • dom/MessageEvent.cpp:
  • dom/MessageEvent.h:
  • dom/ModuleFetchParameters.h:
  • dom/PopStateEvent.cpp:
  • dom/PopStateEvent.h:
  • dom/PromiseRejectionEvent.cpp:
  • dom/PromiseRejectionEvent.h:
  • dom/RejectedPromiseTracker.cpp:
  • dom/RejectedPromiseTracker.h:
  • dom/ScriptExecutionContext.cpp:
  • dom/ScriptExecutionContext.h:
  • dom/TextEncoder.cpp:
  • dom/TextEncoder.h:
  • domjit/DOMJITHelpers.h:
  • domjit/DOMJITIDLTypeFilter.h:
  • domjit/JSDocumentDOMJIT.cpp:
  • domjit/JSNodeDOMJIT.cpp:
  • fileapi/BlobBuilder.cpp:
  • fileapi/FileReader.cpp:
  • fileapi/FileReaderLoader.cpp:
  • fileapi/FileReaderSync.cpp:
  • html/BaseTextInputType.cpp:
  • html/EmailInputType.cpp:
  • html/HTMLAllCollection.cpp:
  • html/HTMLCanvasElement.cpp:
  • html/HTMLImageLoader.cpp:
  • html/HTMLMediaElement.cpp:
  • html/HTMLPlugInImageElement.cpp:
  • html/ImageData.cpp:
  • html/ImageData.h:
  • html/MediaEncryptedEventInit.h:
  • html/WebKitMediaKeyError.h:
  • html/canvas/WebGLAny.h:
  • html/canvas/WebGLRenderingContext.cpp:
  • html/canvas/WebGLRenderingContextBase.cpp:
  • html/canvas/WebGLRenderingContextBase.h:
  • html/canvas/WebGPUBuffer.cpp:
  • html/canvas/WebGPURenderingContext.cpp:
  • html/canvas/WebGPURenderingContext.h:
  • html/track/DataCue.cpp:
  • html/track/DataCue.h:
  • inspector/CommandLineAPIHost.cpp:
  • inspector/CommandLineAPIHost.h:
  • inspector/CommandLineAPIModule.cpp:
  • inspector/CommandLineAPIModule.h:
  • inspector/InspectorCanvas.cpp:
  • inspector/InspectorCanvas.h:
  • inspector/InspectorClient.cpp:
  • inspector/InspectorController.cpp:
  • inspector/InspectorController.h:
  • inspector/InspectorDatabaseResource.h:
  • inspector/InspectorFrontendClientLocal.cpp:
  • inspector/InspectorFrontendHost.cpp:
  • inspector/InspectorInstrumentation.cpp:
  • inspector/InspectorInstrumentation.h:
  • inspector/InspectorOverlay.cpp:
  • inspector/InspectorOverlay.h:
  • inspector/InspectorShaderProgram.cpp:
  • inspector/InspectorShaderProgram.h:
  • inspector/InspectorStyleSheet.cpp:
  • inspector/InspectorStyleSheet.h:
  • inspector/InspectorWebAgentBase.h:
  • inspector/InstrumentingAgents.h:
  • inspector/PageScriptDebugServer.cpp:
  • inspector/PageScriptDebugServer.h:
  • inspector/TimelineRecordFactory.cpp:
  • inspector/WebInjectedScriptHost.h:
  • inspector/WebInjectedScriptManager.h:
  • inspector/WorkerInspectorController.cpp:
  • inspector/WorkerInspectorController.h:
  • inspector/WorkerScriptDebugServer.cpp:
  • inspector/WorkerScriptDebugServer.h:
  • inspector/WorkerToPageFrontendChannel.h:
  • inspector/agents/InspectorApplicationCacheAgent.h:
  • inspector/agents/InspectorCSSAgent.cpp:
  • inspector/agents/InspectorCSSAgent.h:
  • inspector/agents/InspectorCanvasAgent.cpp:
  • inspector/agents/InspectorCanvasAgent.h:
  • inspector/agents/InspectorDOMAgent.cpp:
  • inspector/agents/InspectorDOMAgent.h:
  • inspector/agents/InspectorDOMDebuggerAgent.cpp:
  • inspector/agents/InspectorDOMDebuggerAgent.h:
  • inspector/agents/InspectorDOMStorageAgent.cpp:
  • inspector/agents/InspectorDOMStorageAgent.h:
  • inspector/agents/InspectorDatabaseAgent.cpp:
  • inspector/agents/InspectorDatabaseAgent.h:
  • inspector/agents/InspectorIndexedDBAgent.cpp:
  • inspector/agents/InspectorIndexedDBAgent.h:
  • inspector/agents/InspectorLayerTreeAgent.cpp:
  • inspector/agents/InspectorLayerTreeAgent.h:
  • inspector/agents/InspectorMemoryAgent.cpp:
  • inspector/agents/InspectorMemoryAgent.h:
  • inspector/agents/InspectorNetworkAgent.cpp:
  • inspector/agents/InspectorNetworkAgent.h:
  • inspector/agents/InspectorPageAgent.cpp:
  • inspector/agents/InspectorPageAgent.h:
  • inspector/agents/InspectorTimelineAgent.cpp:
  • inspector/agents/InspectorTimelineAgent.h:
  • inspector/agents/InspectorWorkerAgent.h:
  • inspector/agents/WebConsoleAgent.cpp:
  • inspector/agents/WebConsoleAgent.h:
  • inspector/agents/WebDebuggerAgent.h:
  • inspector/agents/WebHeapAgent.h:
  • inspector/agents/page/PageDebuggerAgent.cpp:
  • inspector/agents/page/PageRuntimeAgent.cpp:
  • inspector/agents/page/PageRuntimeAgent.h:
  • inspector/agents/worker/ServiceWorkerAgent.h:
  • inspector/agents/worker/WorkerDebuggerAgent.cpp:
  • inspector/agents/worker/WorkerRuntimeAgent.cpp:
  • inspector/agents/worker/WorkerRuntimeAgent.h:
  • loader/EmptyClients.cpp:
  • page/CaptionUserPreferences.cpp:
  • page/Chrome.cpp:
  • page/ChromeClient.h:
  • page/Crypto.cpp:
  • page/DOMWindow.cpp:
  • page/DOMWindow.h:
  • page/Frame.cpp:
  • page/OriginThreadLocalCache.h:
  • page/PageConsoleClient.cpp:
  • page/PageConsoleClient.h:
  • page/PageDebuggable.cpp:
  • page/PageGroup.cpp:
  • page/SettingsBase.h:
  • page/UserContentController.cpp:
  • page/cocoa/ResourceUsageThreadCocoa.mm:
  • page/csp/ContentSecurityPolicy.cpp:
  • page/ios/FrameIOS.mm:
  • page/linux/ResourceUsageOverlayLinux.cpp:
  • page/linux/ResourceUsageThreadLinux.cpp:
  • platform/MediaSample.h:
  • platform/SerializedPlatformRepresentation.h:
  • platform/SharedBuffer.h:
  • platform/audio/mac/CARingBuffer.h:
  • platform/cocoa/SharedBufferCocoa.mm:
  • platform/graphics/ImageBuffer.h:
  • platform/graphics/LegacyCDMSession.h:
  • platform/graphics/MediaPlayer.h:
  • platform/graphics/avfoundation/CDMFairPlayStreaming.cpp:
  • platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.mm:
  • platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
  • platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
  • platform/graphics/avfoundation/MediaSampleAVFObjC.h:
  • platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
  • platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
  • platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
  • platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
  • platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
  • platform/graphics/cairo/ImageBufferCairo.cpp:
  • platform/graphics/cg/ImageBufferDataCG.cpp:
  • platform/graphics/cg/ImageBufferDataCG.h:
  • platform/graphics/cocoa/GPUDeviceMetal.mm:
  • platform/graphics/filters/FEBlend.cpp:
  • platform/graphics/filters/FEColorMatrix.cpp:
  • platform/graphics/filters/FEComponentTransfer.cpp:
  • platform/graphics/filters/FEComposite.cpp:
  • platform/graphics/filters/FEConvolveMatrix.cpp:
  • platform/graphics/filters/FEDisplacementMap.cpp:
  • platform/graphics/filters/FEDropShadow.cpp:
  • platform/graphics/filters/FEGaussianBlur.cpp:
  • platform/graphics/filters/FELighting.h:
  • platform/graphics/filters/FEMorphology.cpp:
  • platform/graphics/filters/FETurbulence.cpp:
  • platform/graphics/filters/FilterEffect.cpp:
  • platform/graphics/filters/FilterEffect.h:
  • platform/graphics/gpu/GPUBuffer.h:
  • platform/graphics/gpu/GPUDevice.h:
  • platform/graphics/iso/ISOBox.cpp:
  • platform/graphics/iso/ISOOriginalFormatBox.cpp:
  • platform/graphics/iso/ISOProtectionSchemeInfoBox.cpp:
  • platform/graphics/iso/ISOSchemeInformationBox.cpp:
  • platform/graphics/iso/ISOSchemeTypeBox.cpp:
  • platform/graphics/iso/ISOTrackEncryptionBox.cpp:
  • platform/graphics/iso/ISOVTTCue.cpp:
  • platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
  • platform/graphics/win/ImageBufferDataDirect2D.cpp:
  • platform/graphics/win/ImageBufferDataDirect2D.h:
  • platform/ios/wak/WebCoreThread.mm:
  • platform/mac/SerializedPlatformRepresentationMac.mm:
  • platform/mac/StringUtilities.mm:
  • platform/mock/mediasource/MockBox.cpp:
  • platform/mock/mediasource/MockSourceBufferPrivate.cpp:
  • svg/graphics/SVGImage.cpp:
  • testing/GCObservation.cpp:
  • testing/GCObservation.h:
  • testing/Internals.cpp:
  • testing/Internals.h:
  • testing/LegacyMockCDM.cpp:
  • testing/MockCDMFactory.cpp:
  • testing/js/WebCoreTestSupport.cpp:
  • workers/Worker.cpp:
  • workers/Worker.h:
  • workers/WorkerConsoleClient.cpp:
  • workers/WorkerConsoleClient.h:
  • workers/WorkerGlobalScope.cpp:
  • workers/WorkerGlobalScope.h:
  • workers/WorkerGlobalScopeProxy.h:
  • workers/WorkerInspectorProxy.cpp:
  • workers/WorkerMessagingProxy.cpp:
  • workers/WorkerThread.h:
  • workers/service/ExtendableEvent.cpp:
  • workers/service/ServiceWorker.cpp:
  • workers/service/ServiceWorker.h:
  • workers/service/ServiceWorkerClient.h:
  • workers/service/context/ServiceWorkerInspectorProxy.cpp:
  • workers/service/context/ServiceWorkerThread.cpp:
  • xml/XMLHttpRequest.cpp:

Source/WebKit:

  • Platform/mac/StringUtilities.mm:
  • Shared/Cocoa/WebKit2InitializeCocoa.mm:
  • Shared/WebKit2Initialize.cpp:
  • Shared/linux/WebMemorySamplerLinux.cpp:
  • Shared/mac/WebMemorySampler.mac.mm:
  • UIProcess/WebProcessPool.cpp:
  • WebProcess/InjectedBundle/API/APIInjectedBundlePageUIClient.h:
  • WebProcess/InjectedBundle/API/glib/WebKitConsoleMessagePrivate.h:
  • WebProcess/Plugins/Netscape/NPRuntimeObjectMap.h:
  • WebProcess/Plugins/Netscape/NetscapePlugin.cpp:
  • WebProcess/Plugins/PluginProcessConnection.cpp:
  • WebProcess/Plugins/PluginView.cpp:
  • WebProcess/WebPage/WebInspector.h:
  • WebProcess/WebPage/WebPage.cpp:
  • WebProcess/cocoa/WebProcessCocoa.mm:

Source/WebKitLegacy/ios:

  • Misc/WebUIKitSupport.mm:

Source/WebKitLegacy/mac:

  • Carbon/CarbonWindowAdapter.mm:
  • DOM/WebDOMOperations.mm:
  • History/WebBackForwardList.mm:
  • History/WebHistoryItem.mm:
  • Misc/WebCache.mm:
  • Misc/WebElementDictionary.mm:
  • Misc/WebIconDatabase.mm:
  • Misc/WebStringTruncator.mm:
  • Plugins/Hosted/NetscapePluginInstanceProxy.mm:
  • Plugins/Hosted/ProxyInstance.mm:
  • Plugins/Hosted/ProxyRuntimeObject.mm:
  • Plugins/Hosted/WebHostedNetscapePluginView.mm:
  • Plugins/WebBaseNetscapePluginView.mm:
  • Plugins/WebBasePluginPackage.mm:
  • Plugins/WebNetscapePluginStream.mm:
  • Plugins/WebNetscapePluginView.mm:
  • Plugins/WebPluginController.mm:
  • WebCoreSupport/WebEditorClient.mm:
  • WebCoreSupport/WebFrameLoaderClient.mm:
  • WebCoreSupport/WebInspectorClient.h:
  • WebCoreSupport/WebInspectorClient.mm:
  • WebView/WebDataSource.mm:
  • WebView/WebFrame.mm:
  • WebView/WebHTMLRepresentation.mm:
  • WebView/WebHTMLView.mm:
  • WebView/WebPreferences.mm:
  • WebView/WebScriptDebugDelegate.mm:
  • WebView/WebScriptDebugger.h:
  • WebView/WebTextIterator.mm:
  • WebView/WebView.mm:
  • WebView/WebViewData.mm:

Source/WebKitLegacy/win:

  • Plugins/PluginView.cpp:
  • Plugins/PluginViewWin.cpp:
  • WebCoreSupport/WebInspectorClient.cpp:
  • WebCoreSupport/WebInspectorClient.h:
  • WebFrame.cpp:
  • WebJavaScriptCollector.cpp:
  • WebView.cpp:

Tools:

  • WebKitTestRunner/TestController.cpp:
3:24 AM Changeset in webkit [228645] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.20

Merge r228214 - Web Inspector: Rename String.prototype.trimEnd to avoid conflicts with native trimEnd
https://bugs.webkit.org/show_bug.cgi?id=182545

Reviewed by Brian Burg.

Source/WebInspectorUI:

Rename:

  • trimEnd to truncateEnd
  • trimMiddle to truncateMiddle
  • UserInterface/Base/Utilities.js:

(String.prototype.trimMiddle): Deleted.
(String.prototype.trimEnd): Deleted.
(String.prototype.truncateMiddle): Added.
(String.prototype.truncateEnd): Added.
Use strict mode. Scrict mode allows this to be a primitive (a string, in our case).
In non-strict mode, this is always an object. Without the strict mode,
"a".truncateEnd(42) !== "a", because truncateEnd returns a string object.

  • UserInterface/Views/DOMTreeElement.js:

(WI.DOMTreeElement.prototype._buildAttributeDOM):

  • UserInterface/Views/DOMTreeElementPathComponent.js:

(WI.DOMTreeElementPathComponent):

  • UserInterface/Views/SearchResultTreeElement.js:

Remove an obvious comment.

(WI.SearchResultTreeElement.truncateAndHighlightTitle):

  • UserInterface/Views/SpreadsheetStyleProperty.js:

(WI.SpreadsheetStyleProperty.prototype._renderValue):

LayoutTests:

  • inspector/unit-tests/string-utilities-expected.txt:
  • inspector/unit-tests/string-utilities.html:
3:02 AM Changeset in webkit [228644] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.20

Merge r228213 - Rendering SVG images with same size as WebGL texture doesn't work correctly
https://bugs.webkit.org/show_bug.cgi?id=182367

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-02-06
Reviewed by Dean Jackson.

Source/WebCore:

If am image buffer is created for a webgl texture and then it is reused
for another texture, it has to be cleared before drawing.

Test: webgl/webgl-texture-image-buffer-reuse.html

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::LRUImageBufferCache::imageBuffer):

LayoutTests:

  • webgl/webgl-texture-image-buffer-reuse-expected.html: Added.
  • webgl/webgl-texture-image-buffer-reuse.html: Added.
3:02 AM Changeset in webkit [228643] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228248 - Add missing #if ENABLE(VIDEO_TRACK) after r228201.
https://bugs.webkit.org/show_bug.cgi?id=182585

Reviewed by Chris Dumez.

  • loader/LinkPreloadResourceClients.h:
3:02 AM Changeset in webkit [228642] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228201 - Use downcast in createLinkPreloadResourceClient
https://bugs.webkit.org/show_bug.cgi?id=182488

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-06
Reviewed by Antti Koivisto.

No observable change of behavior.
Add a new link preloader client for text track.

  • loader/LinkLoader.cpp:

(WebCore::createLinkPreloadResourceClient):

  • loader/LinkPreloadResourceClients.h:
2:49 AM Changeset in webkit [228641] by Philippe Normand
  • 4 edits in trunk/Source/WebCore

[GTK][GStreamer] Replaying a webm video twice causes the video to stop getting rendered
https://bugs.webkit.org/show_bug.cgi?id=176789

Reviewed by Xabier Rodriguez-Calvar.

Ensure the wrapped GstGLContext is set when the pipeline goes from
READY to PAUSED state. This is a workaround for
https://bugzilla.gnome.org/show_bug.cgi?id=757933.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer): Add debug statement.
(WebCore::MediaPlayerPrivateGStreamer::readyTimerFired): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
Ensure the wrapped GstGLContext is set when the pipeline goes from
READY to PAUSED state.
(WebCore::MediaPlayerPrivateGStreamer::didEnd): Add debug statement.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

Change the requestGLContext to be a method instead of a static
function. Being a static function was a requirement for the now-removed OpenWebRTC player.
(WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage): Add
debug statement, fix requestGLContext usage.
(WebCore::MediaPlayerPrivateGStreamerBase::requestGLContext): Refactor as method.
(WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer): Fix requestGLContext usage.
(WebCore::MediaPlayerPrivateGStreamerBase::createVideoSinkGL): Remove fixed FIXME.
(WebCore::MediaPlayerPrivateGStreamerBase::ensureGLVideoSinkContext):
Set display and app wrapped contexts on the video sink.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
2:49 AM Changeset in webkit [228640] by Carlos Garcia Campos
  • 30 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228196 - Web Inspector: protocol generator should automatically deduce the correct include style to use
https://bugs.webkit.org/show_bug.cgi?id=182505

Reviewed by Timothy Hatcher.

Currently the generated imports use a mix of system header imports (powered by forwarding headers)
and framework-style includes. Since forwarding headers are going away, this patch stops
using system header includes for headers that are JavaScriptCore private headers. Instead,
use either a relative include or a framework include.

  • inspector/scripts/codegen/generate_cpp_alternate_backend_dispatcher_header.py:

(CppAlternateBackendDispatcherHeaderGenerator.generate_output):
(CppAlternateBackendDispatcherHeaderGenerator):
(CppAlternateBackendDispatcherHeaderGenerator._generate_secondary_header_includes):

  • inspector/scripts/codegen/generate_cpp_backend_dispatcher_header.py:

(CppBackendDispatcherHeaderGenerator.generate_output):
(CppBackendDispatcherHeaderGenerator._generate_secondary_header_includes):

  • inspector/scripts/codegen/generate_cpp_backend_dispatcher_implementation.py:

(CppBackendDispatcherImplementationGenerator.generate_output):
(CppBackendDispatcherImplementationGenerator._generate_secondary_header_includes):

  • inspector/scripts/codegen/generate_cpp_frontend_dispatcher_header.py:

(CppFrontendDispatcherHeaderGenerator.generate_output):
(CppFrontendDispatcherHeaderGenerator._generate_secondary_header_includes):

  • inspector/scripts/codegen/generate_cpp_frontend_dispatcher_implementation.py:

(CppFrontendDispatcherImplementationGenerator.generate_output):
(CppFrontendDispatcherImplementationGenerator._generate_secondary_header_includes):

  • inspector/scripts/codegen/generate_cpp_protocol_types_header.py:

(CppProtocolTypesHeaderGenerator.generate_output):
(CppProtocolTypesHeaderGenerator._generate_secondary_header_includes):

  • inspector/scripts/codegen/generate_cpp_protocol_types_implementation.py:

(CppProtocolTypesImplementationGenerator.generate_output):
(CppProtocolTypesImplementationGenerator._generate_secondary_header_includes):

  • inspector/scripts/codegen/generate_objc_backend_dispatcher_header.py:

(ObjCBackendDispatcherHeaderGenerator):
Convert existing header lists to the new entries format, which includes the
allowable target frameworks and the relative path to the header.

  • inspector/scripts/codegen/generator.py:

(Generator.generate_includes_from_entries):
Copied from the same in the builtins code generator. It still works great.

  • inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result:
  • inspector/scripts/tests/generic/expected/commands-with-async-attribute.json-result:
  • inspector/scripts/tests/generic/expected/commands-with-optional-call-return-parameters.json-result:
  • inspector/scripts/tests/generic/expected/definitions-with-mac-platform.json-result:
  • inspector/scripts/tests/generic/expected/domain-availability.json-result:
  • inspector/scripts/tests/generic/expected/domains-with-varying-command-sizes.json-result:
  • inspector/scripts/tests/generic/expected/enum-values.json-result:
  • inspector/scripts/tests/generic/expected/events-with-optional-parameters.json-result:
  • inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result:
  • inspector/scripts/tests/generic/expected/same-type-id-different-domain.json-result:
  • inspector/scripts/tests/generic/expected/shadowed-optional-type-setters.json-result:
  • inspector/scripts/tests/generic/expected/type-declaration-aliased-primitive-type.json-result:
  • inspector/scripts/tests/generic/expected/type-declaration-array-type.json-result:
  • inspector/scripts/tests/generic/expected/type-declaration-enum-type.json-result:
  • inspector/scripts/tests/generic/expected/type-declaration-object-type.json-result:
  • inspector/scripts/tests/generic/expected/type-requiring-runtime-casts.json-result:
  • inspector/scripts/tests/generic/expected/type-with-open-parameters.json-result:
  • inspector/scripts/tests/generic/expected/worker-supported-domains.json-result:
  • inspector/scripts/tests/ios/expected/definitions-with-mac-platform.json-result:
  • inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result:

Rebaseline.

2:47 AM Changeset in webkit [228639] by calvaris@igalia.com
  • 4 edits in trunk/Source/WebCore

[GStreamer] Crash in WebCore::MediaPlayerRequestInstallMissingPluginsCallback::complete
https://bugs.webkit.org/show_bug.cgi?id=166733

Reviewed by Philippe Normand.

There are a couple of issues to tackle here.

First is handling getting more than one missing plugin
installation request at the same time. For this we add the request
to a Vector and handle them there.

Second is that if the player is dead and we still get the result,
bad things happen. For that we "weaked" the pointer capture by the
lambda.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
Handle Vector of callbacks.
(WebCore::MediaPlayerPrivateGStreamer::handleMessage): Weak
private player pointer and put the callback in the Vector.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

Callback becomes Vector.

  • platform/graphics/gstreamer/MediaPlayerRequestInstallMissingPluginsCallback.h:

(WebCore::MediaPlayerRequestInstallMissingPluginsCallback::create):
(WebCore::MediaPlayerRequestInstallMissingPluginsCallback::complete):
(WebCore::MediaPlayerRequestInstallMissingPluginsCallback::MediaPlayerRequestInstallMissingPluginsCallback):
Callback function is refactored into a "using" type and added self
as parameter to the function.

2:47 AM Changeset in webkit [228638] by Carlos Garcia Campos
  • 7 edits
    1 add in releases/WebKitGTK/webkit-2.20

Merge r228193 - put_to_scope/get_from_scope should not cache lexical scopes when expecting a global object
https://bugs.webkit.org/show_bug.cgi?id=182549
<rdar://problem/36189995>

Reviewed by Saam Barati.

JSTests:

  • stress/var-injection-cache-invalidation.js: Added.

(allocateLotsOfThings):
(test):

Source/JavaScriptCore:

Previously, the llint/baseline caching for put_to_scope and
get_from_scope would cache lexical environments when the
varInjectionWatchpoint had been fired for global properties. Code
in the DFG does not follow this same assumption so we could
potentially return the wrong result. Additionally, the baseline
would write barrier the global object rather than the lexical
enviroment object. This patch makes it so that we do not cache
anything other than the global object for when the resolve type is
GlobalPropertyWithVarInjectionChecks or GlobalProperty.

  • assembler/MacroAssembler.cpp:

(JSC::MacroAssembler::jitAssert):

  • assembler/MacroAssembler.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emit_op_put_to_scope):

  • runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::tryCachePutToScopeGlobal):
(JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal):

  • runtime/Options.h:
2:46 AM Changeset in webkit [228637] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228189 - [WebIDL] Support optional Promise arguments
https://bugs.webkit.org/show_bug.cgi?id=182399
<rdar://problem/36754552>

Reviewed by Sam Weinig and Chris Dumez.

Previously, declaring a Promise argument as optional would result in a native type of
std::optional<RefPtr<DOMPromise>>. This is wasteful, since RefPtr can represent an optional
argument by storing nullptr. Further, PassArgumentExpression() assumed Promises were never
optional and tried to pass the argument as a Ref by calling RefPtr::releaseNonNull().

This patch removes the std::optional wrapper around optional Promises and simply passes the
promise as a RefPtr to native code.

  • bindings/scripts/CodeGeneratorJS.pm:

(PassArgumentExpression):
(GenerateParametersCheck):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjPrototypeFunctionMethodWithOptionalPromiseBody):
(WebCore::jsTestObjPrototypeFunctionMethodWithOptionalPromise):

  • bindings/scripts/test/TestObj.idl:
2:14 AM Changeset in webkit [228636] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WTF

Merge r228154 - [GTK] fast/events/message-channel-gc-4.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=182104

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-06
Reviewed by Carlos Garcia Campos.

Revert r228001 because RunLoop::current isn't called in GC thread
anymore since r228152.

  • wtf/RunLoop.cpp:

(WTF::RunLoop::current): Removed a template argument
CanBeGCThread::True of ThreadSpecific.

2:13 AM Changeset in webkit [228635] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebKit

Merge r228152 - Avoid unnecessarily constructing RunLoops for GC AutomaticThreads in Connection::sendMessage() after r228001
https://bugs.webkit.org/show_bug.cgi?id=182494
<rdar://problem/37147632>

Reviewed by Ryosuke Niwa.

Somebody fixed a GC crash in r228001 by allowing RunLoop::current() to be called from a
GC thread. However, this is still unnecessarily inefficient. Calling RunLoop::current()
will construct RunLoops for background GC threads (WTF::AutomaticThreads). This patches
updates the IPC code to call isMainThread() instead of RunLoop::isMain() in
Connection::sendMessage(). This should mean the same thing since this code runs in
WebKit2 and should be more efficient as it ends up simply calling pthread_main_np(),
without constructing a RunLoop.

  • Platform/IPC/Connection.cpp:

(IPC::Connection::sendMessage):

2:12 AM Changeset in webkit [228634] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.20/Source

Merge r228151 - Release assertion in inlineVideoFrame
https://bugs.webkit.org/show_bug.cgi?id=182513
<rdar://problem/37159363>

Reviewed by Zalan Bujtas.

Source/WebCore:

The bug was caused by the fact it's not always safe to invoke updateLayout even when isSafeToUpdateStyleOrLayout
on a document of a flattened frame on iOS. isSafeToUpdateStyleOrLayout returns true when the frame view is in
the frame-flattening mode to avoid hitting a release asssertion in updateLayout of the frame. However, it's still
not safe to invoke updateLayout on a parent frame in this case.

As a result, inlineVideoFrame (in Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.mm) invokes updateLayout
even when the top-level document is not safe to update when the video element is in a frame-flattened document.

Fixed this bug by explicitly checking that we still have a live render tree and document hasn't been stopped.
Also replaced other uses of isSafeToUpdateStyleOrLayout by more explicit checks.

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::updateBackingStore): Made the early exit condition added in r227006 more explicit.
Namely, InspectorDOMAgent::pseudoElementCreated is invoked during style recalc.

  • dom/Document.cpp:

(WebCore::isSafeToUpdateStyleOrLayout): Made this local to the file.
(WebCore::Document::updateStyleIfNeeded):
(WebCore::Document::updateLayout):

  • dom/Document.h:
  • html/MediaElementSession.cpp:

(WebCore::isMainContentForPurposesOfAutoplay): Made the early exit condition added in r227529 more explicit. Don't
update the layout when the render tree had been destroyed or the active DOM objects had been stopped.

Source/WebKit:

Fixed the bug. Don't try to update the layout when there is no live render tree or active DOM objects
had been stopped: i.e. during a document destruction.

  • WebProcess/cocoa/VideoFullscreenManager.mm:

(WebKit::inlineVideoFrame):

1:59 AM Changeset in webkit [228633] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228370 - [MIPS] JSC needs to be built with -latomic
https://bugs.webkit.org/show_bug.cgi?id=182610

Reviewed by Žan Doberšek.

Since r228149, on MIPS we need to link with -latomic, because
atomic_fetch_add_8 is not available as a compiler intrinsic.

  • CMakeLists.txt:
1:59 AM Changeset in webkit [228632] by Carlos Garcia Campos
  • 28 edits
    4 copies
    1 add in releases/WebKitGTK/webkit-2.20/Source

Merge r228149 - Global objects should be able to use TLCs to allocate from different blocks from each other
https://bugs.webkit.org/show_bug.cgi?id=182227

Source/JavaScriptCore:

Reviewed by JF Bastien.

This uses TLCs to create at least minimumDistanceBetweenCellsFromDifferenOrigins bytes of
distance between objects from different origins, using the following combination of things. For
short lets refer to that constant as K.

  • Since r227721, LargeAllocation puts K bytes padding at the end of each allocation.
  • Since r227718, MarkedBlock puts at least K bytes in its footer.
  • Since r227617, global objects can have their own TLCs, which make them allocate from a different set of blocks than other global objects. The TLC of a global object comes into effect when you enter the VM via that global object.
  • With this change, TLCs and blocks both have security origins. A TLC will only use blocks that share the same security origin or empty blocks (in which case we zero the block and change its security origin).

WebCore determines the TLC-GlobalObject mapping. By default, global objects would simply use
the VM's default TLC. WebCore makes it so that DOM windows (but not worker global objects) get
a TLC based on their document's SecurityOrigin.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • heap/BlockDirectory.cpp:

(JSC::BlockDirectory::findBlockForAllocation):
(JSC::BlockDirectory::prepareForAllocation):

  • heap/BlockDirectory.h:
  • heap/LocalAllocator.cpp:

(JSC::LocalAllocator::LocalAllocator):
(JSC::LocalAllocator::reset):
(JSC::LocalAllocator::~LocalAllocator):
(JSC::LocalAllocator::allocateSlowCase):
(JSC::LocalAllocator::tryAllocateWithoutCollecting):

  • heap/LocalAllocator.h:

(JSC::LocalAllocator::tlc const):

  • heap/MarkStackMergingConstraint.cpp:
  • heap/MarkStackMergingConstraint.h:
  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::Handle::associateWithOrigin):

  • heap/MarkedBlock.h:

(JSC::MarkedBlock::Handle::securityOriginToken const):

  • heap/SecurityOriginToken.cpp: Added.

(JSC::uniqueSecurityOriginToken):

  • heap/SecurityOriginToken.h: Added.
  • heap/ThreadLocalCache.cpp:

(JSC::ThreadLocalCache::create):
(JSC::ThreadLocalCache::ThreadLocalCache):
(JSC::ThreadLocalCache::allocateData):
(JSC::ThreadLocalCache::installSlow):

  • heap/ThreadLocalCache.h:

(JSC::ThreadLocalCache::securityOriginToken const):

  • heap/ThreadLocalCacheInlines.h:

(JSC::ThreadLocalCache::install):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::JSGlobalObject):
(JSC::JSGlobalObject::createThreadLocalCache):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::threadLocalCache):
(JSC::JSGlobalObject::threadLocalCache const): Deleted.

  • runtime/VMEntryScope.cpp:

(JSC::VMEntryScope::VMEntryScope):
(JSC::VMEntryScope::~VMEntryScope):

  • runtime/VMEntryScope.h:

Source/WebCore:

Reviewed by Daniel Bates and Chris Dumez.

No new tests because no change in behavior.

Adopt JSC TLC API to put distance between objects from different security origins. WebCore has
a subclass of ThreadLocalCache that supports hash-consing based on the relevant origin data
using the existing SecurityOriginHash. It's Document's job to initiate this, but all of the
logic is in WebCore::OriginThreadLocalCache.

Workers don't opt into this. They just get the VM's default TLC all the time.

  • ForwardingHeaders/heap/ThreadLocalCache.h: Added.
  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSDOMGlobalObject::JSDOMGlobalObject):

  • bindings/js/JSDOMGlobalObject.h:
  • bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::JSDOMWindowBase):

  • dom/Document.cpp:

(WebCore::Document::initSecurityContext):
(WebCore::Document::threadLocalCache):

  • dom/Document.h:
  • page/OriginThreadLocalCache.cpp: Added.

(WebCore::threadLocalCacheMap):
(WebCore::OriginThreadLocalCache::create):
(WebCore::OriginThreadLocalCache::~OriginThreadLocalCache):
(WebCore::OriginThreadLocalCache::OriginThreadLocalCache):

  • page/OriginThreadLocalCache.h: Added.
  • page/SecurityOrigin.cpp:

(WebCore::SecurityOrigin::passesFileCheck const):
(WebCore::SecurityOrigin::setEnforcesFilePathSeparation):
(WebCore::SecurityOrigin::toString const):
(WebCore::SecurityOrigin::enforceFilePathSeparation): Deleted.

  • page/SecurityOrigin.h:

(WebCore::SecurityOrigin::enforcesFilePathSeparation const):

1:39 AM Changeset in webkit [228631] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20

Merge r228144 - Unreviewed, fix build using the new ENABLE_ADDRESS_SANITIZER option
https://bugs.webkit.org/show_bug.cgi?id=182400
<rdar://problem/37252242>

I failed to properly test a last-minute change.

  • Source/cmake/WebKitCompilerFlags.cmake:
1:39 AM Changeset in webkit [228630] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebKit

Merge r228137 - WebsiteDataStore::resolveDirectoriesIfNecessary() should not overwrite its resolved serviceWorkerRegistrationDirectory if already set
https://bugs.webkit.org/show_bug.cgi?id=182514

Patch by Youenn Fablet <youenn@apple.com> on 2018-02-05
Reviewed by Chris Dumez.

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::resolveDirectoriesIfNecessary):

1:39 AM Changeset in webkit [228629] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WTF

Merge r228136 - [cmake] Fix build with ICU configured without collation support
https://bugs.webkit.org/show_bug.cgi?id=182498

Reviewed by Alex Christensen.

WebKit has CollatorDefault.cpp providing necessary stubs when
UCONFIG_NO_COLLATION is defined, however it is not included in cmake
file list.

  • wtf/CMakeLists.txt:
1:36 AM Changeset in webkit [228628] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.20

Merge r228134 - [CMake] Add ENABLE_ADDRESS_SANITIZER to make it easier to build with asan support
https://bugs.webkit.org/show_bug.cgi?id=182400

Reviewed by Konstantin Tokarev.

  • Source/cmake/OptionsGTK.cmake:
  • Source/cmake/WebKitCompilerFlags.cmake:
1:35 AM Changeset in webkit [228627] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.20/Tools

Merge r228133 - REGRESSION (r217572): run-webkit-tests exits without emitting newline character
https://bugs.webkit.org/show_bug.cgi?id=182360

Rubber-stamped by Aakash Jain.

Fixes an annoyance where run-webkit-tests always exits without printing a newline character.
In the terminal this looks like:

$ Tools/Scripts/run-webkit-tests
Expected to fail, but passed: (7)
...
Stopping WebSocket server ...$

This bug was caused by code added in r217572 to stop all run-webkit-tests started servers (e.g. an HTTP
server) from an at-exit handler. When run-webkit-tests runs successfully (i.e. without error or
control-C interruption) we would stop all such servers twice: once as part of ending the test
run and once from the at-exit handler. The latter never prints a trailing newline character hence
the state of the terminal (as depicted above). Instead LayoutTestRunner.stop_servers() should only
stop servers that it started in LayoutTestRunner.start_servers().

  • Scripts/webkitpy/layout_tests/controllers/layout_test_runner.py:

(LayoutTestRunner.init):
(LayoutTestRunner.start_servers):
(LayoutTestRunner.stop_servers):
Only start servers that run-webkit-tests has not already started and only stop servers that
run-webkit-tests started.

  • Scripts/webkitpy/layout_tests/controllers/layout_test_runner_unittest.py:

(LayoutTestRunnerTests.test_servers_started.is_websocket_server_running):
(LayoutTestRunnerTests.test_servers_started):
(LayoutTestRunnerTests.test_servers_started.is_websocket_servers_running): Deleted.
Update due to rename below.

  • Scripts/webkitpy/layout_tests/servers/websocket_server.py:

(is_web_socket_server_running): Added.
(PyWebSocket.is_running): Deleted.

  • Scripts/webkitpy/port/base.py:

(Port.is_http_server_running): Check if we already started the server ourself.
(Port.is_websocket_server_running): Formerly named is_websocket_servers_running. Modified
to check if we already started the server ourself. Take a similar approach as the other
Port.is_*_running methods and only check if an existing WebSocket server is running on the
non-secure server port. This is a simple heuristic and should be sufficient in practice.
(Port.is_wpt_server_running): Check if we already started the server ourself.
(Port.is_websocket_servers_running): Deleted; renamed to is_websocket_server_running().

1:35 AM Changeset in webkit [228626] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.20/Tools

Merge r228131 - prepare-ChangeLog gets confused about Python docstrings that contain the word "class" or "def"
https://bugs.webkit.org/show_bug.cgi?id=182405

Reviewed by David Kilzer.

String literal statements, including docstrings, do not demarcate a new scope in Python.
So, do not treat them like they do when building up the list of modified functions.

  • Scripts/prepare-ChangeLog:

(get_function_line_ranges_for_python):

  • Scripts/webkitperl/prepare-ChangeLog_unittest/resources/python_unittests-expected.txt:

The expected ending line number for the last "pass" statement inside the scope of Class5 changed
from 97 to 98 because empty lines do not effect scope. This is consistent with the parsing
of the second "pass" statement in the scope of class Class5. A "pass" is a null operation that
is used as a syntactic placeholder when a statement is required. Ideally we would make
the parsing code smarter so as to avoid emitting ranges for "pass" statements that serve
not syntactic purpose.

  • Scripts/webkitperl/prepare-ChangeLog_unittest/resources/python_unittests.py:

(Class5):
(Class6):
(Class6.init):
(Class7):
(Class7.init):
(Class8):
(Class8.init):
Add some more tests.

1:32 AM Changeset in webkit [228625] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.20/Source/WebKit

Merge r228125 - Add DoNotProcessIncomingMessagesWhenWaitingForSyncReply to GetPlugins and RootViewToScreen
https://bugs.webkit.org/show_bug.cgi?id=182458

Reviewed by Chris Dumez.

Added DoNotProcessIncomingMessagesWhenWaitingForSyncReply to GetPlugins and RootViewToScreen
which are found to get sent from WebContent process while ScriptDisallowedScope is present
by a work-in-progress patch on webkit.org/b/182449.

  • WebProcess/Plugins/WebPluginInfoProvider.cpp:

(WebKit::WebPluginInfoProvider::populatePluginCache):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::rootViewToScreen):

1:32 AM Changeset in webkit [228624] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228124 - Abstract heap generator should include JavaScriptCore headers directly
https://bugs.webkit.org/show_bug.cgi?id=182501

Reviewed by Alex Christensen.

No new tests. No change in behavior.

  • domjit/generate-abstract-heap.rb:
1:29 AM Changeset in webkit [228623] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/LayoutTests

Merge r228112 - Unreviewed GTK+ gardening.

  • platform/gtk/TestExpectations: Re-skip the modern media controls tests

on the GTK+ port after they were unskipped in r228097. They're timing
out in large enough numbers to cause early exits. They should be
examined in more detail and unskipped once fixed.

1:28 AM Changeset in webkit [228622] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228110 - Make ASSERT_WITH_SECURITY_IMPLICATION in CachedResourceClientWalker::next a release assert
https://bugs.webkit.org/show_bug.cgi?id=182492

Reviewed by Youenn Fablet.

  • loader/cache/CachedResourceClientWalker.h:

(WebCore::CachedResourceClientWalker::next):

1:28 AM Changeset in webkit [228621] by Carlos Garcia Campos
  • 28 edits in releases/WebKitGTK/webkit-2.20

Merge r228109 - Storage Access API: Add testRunner.getAllStorageAccessEntries() to make testing easier and more explicit
https://bugs.webkit.org/show_bug.cgi?id=181601
<rdar://problem/36475837>

Reviewed by Alex Christensen.

Source/WebCore:

No new tests. Existing test updated.

http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html
was found to be flaky. With the testRunner.hasStorageAccessEntry() getter
it's possible to check access even if a frame doesn't respond timely to
postMessage after detach and attach.

  • platform/network/NetworkStorageSession.h:
  • platform/network/cf/NetworkStorageSessionCFNet.cpp:

(WebCore::NetworkStorageSession::getAllStorageAccessEntries const):

Source/WebKit:

http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html
was found to be flaky. With the testRunner.hasStorageAccessEntry() getter
it's possible to check access even if a frame doesn't respond timely to
postMessage after detach and attach.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::getAllStorageAccessEntries):

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/NetworkProcess.messages.in:
  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _getAllStorageAccessEntries:]):

  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::getAllStorageAccessEntries):
(WebKit::NetworkProcessProxy::allStorageAccessEntriesResult):

  • UIProcess/Network/NetworkProcessProxy.h:
  • UIProcess/Network/NetworkProcessProxy.messages.in:
  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::getAllStorageAccessEntries):

  • UIProcess/WebsiteData/WebsiteDataStore.h:

Tools:

http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html
was found to be flaky. With the testRunner.hasStorageAccessEntry() getter
it's possible to check access even if a frame doesn't respond timely to
postMessage after detach and attach.

  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
  • WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::didReceiveMessageToPage):

  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setStorageAccessAPIEnabled):

Just moved for source file grouping.

(WTR::TestRunner::getAllStorageAccessEntries):
(WTR::TestRunner::callDidReceiveAllStorageAccessEntriesCallback):

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::getAllStorageAccessEntries):

Note that this is just stubbed out, i.e. not implemented.

  • WebKitTestRunner/TestController.h:
  • WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):
(WTR::TestInvocation::didReceiveAllStorageAccessEntries):

  • WebKitTestRunner/TestInvocation.h:
  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::getAllStorageAccessEntries):

This is the Cocoa-specific version of this test infrastructure.

LayoutTests:

http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html
was found to be flaky. With the testRunner.hasStorageAccessEntry() getter
it's possible to check access even if a frame doesn't respond timely to
postMessage after detach and attach.

  • http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access-expected.txt:
  • http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html:
  • platform/mac-wk2/TestExpectations:

http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html
no longer marked as flaky. Note that the wrong test was marked flaky. It should have been
http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html.

1:12 AM Changeset in webkit [228620] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.20/Source/bmalloc

Merge r228108 - Gigacage: enable only for WebContent process and token executables
https://bugs.webkit.org/show_bug.cgi?id=182457
<rdar://problem/35875011>

Reviewed by Keith Miller.

Gigacage is a solid security improvement, but it's probably best
to roll it out incrementally to the most valuable targets first
and progressively try out more and more over time rather than
outright enabling it everywhere. We've gotten some reports that it
has some side-effects that weren't expected, so for now let's
enable it for the WebContent process, JSC, and other executables
we know, and then later we'll enable more gigacage uses.

For now I've chosen the following bundles:

  • com.apple.WebKit.WebContent.Development
  • com.apple.WebKit.WebContent
  • com.apple.WebProcess

And the following processes:

  • jsc
  • wasm
  • anything starting with "test", to match the JSC tests

I tried a different approach first, where I add a function to turn
gigacage on or off and crash if gigacage is initialized without
having been told what to do. Doing this in ChildProcess and a
bunch of the process initialization methods isn't sufficient. I
got MiniBrowser working, but some other builds use static globals
which themselves use hash and string which are allocate with
bmalloc and therefore which initialize gigacage before main is
called and before the process gets a chance to opt in our out. It
gets tricky with API calls too, because we have to do the right
thing in any entry an API user could plausibly use, even the
private ones, so I endend up having to initialize gigacage in e.g.
WebPreferencesExperimentalFeatures.cpp.erb.

Another approach could be to create a free-for-all gigacage
entitlement, and opt-in the processes we want..

As a follow-up we can also check that gigacage allocation always
succeeds if it was allowed for that process. With my change I
expect it to always succeed.

  • CMakeLists.txt:
  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/BPlatform.h:
  • bmalloc/Gigacage.cpp:

(Gigacage::shouldBeEnabled):

  • bmalloc/ProcessCheck.h: Added.

(bmalloc::gigacageEnabledForProcess):

  • bmalloc/ProcessCheck.mm: Added.

(bmalloc::gigacageEnabledForProcess):

1:12 AM Changeset in webkit [228619] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.20/Source/bmalloc

Merge r228107 - Multiple bmalloc scavenger threads is unexpected
https://bugs.webkit.org/show_bug.cgi?id=182474
<rdar://problem/37175526>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-02-05
Reviewed by Filip Pizlo.

  • bmalloc/Heap.cpp:

(bmalloc::Heap::Heap):

  • bmalloc/IsoDirectoryInlines.h:

(bmalloc::passedNumPages>::takeFirstEligible):
(bmalloc::passedNumPages>::didBecome):

  • bmalloc/bmalloc.cpp:

(bmalloc::api::scavenge):
(bmalloc::api::setScavengerThreadQOSClass):
Switch to SafePerProcess for Scavenger to ensure one instance
for the entire process.

  • bmalloc/PerProcess.h:

(bmalloc::PerProcess::get):
(bmalloc::PerProcess::getFastCase):
(bmalloc::PerProcess::getSlowCase):
(bmalloc::SafePerProcess::get):
(bmalloc::SafePerProcess::getFastCase):
(bmalloc::SafePerProcess::getSlowCase):
Duplicate the class with a version that can ensure
single instances by requiring exporting symbols that
can be created with macros.

  • bmalloc/Scavenger.cpp:
  • bmalloc/Scavenger.h:

Export symbols to ensure all images get the same instance.

1:08 AM Changeset in webkit [228618] by Claudio Saavedra
  • 2 edits in trunk/LayoutTests

[GTK] Update test expectations

Unreviewed gardening.

  • platform/gtk/TestExpectations: inspector/heap/getPreview.html is

passing again after r228600.

12:58 AM Changeset in webkit [228617] by Philippe Normand
  • 19 edits in trunk

[GStreamer] Playbin3 support
https://bugs.webkit.org/show_bug.cgi?id=182530

Reviewed by Xabier Rodriguez-Calvar.

.:

  • Source/cmake/GStreamerDefinitions.cmake: New

USE(GSTREAMER_PLAYBIN3) feature. This should be enabled only for
very recent versions of GStreamer (1.14 at least) and is optional, for now.

Source/WebCore:

This patch introduces opt-in support for the playbin3 GStreamer
element. This new playback element is still considered
experimental but it can still be very useful for media assets
containing multiple tracks of the same type. In such scenario
audio/video decoders would be created only for the selected tracks
whereas playbin2 creates decoder for each track.

  • platform/graphics/gstreamer/AudioTrackPrivateGStreamer.cpp: Take

a weak pointer of the media player instead of playbin and call the
player when enabling tracks. Also use the GstStream API instead of
inspecting the pad when playbin3 is used.
(WebCore::AudioTrackPrivateGStreamer::AudioTrackPrivateGStreamer):
(WebCore::AudioTrackPrivateGStreamer::disconnect):
(WebCore::AudioTrackPrivateGStreamer::markAsActive):
(WebCore::AudioTrackPrivateGStreamer::setEnabled):

  • platform/graphics/gstreamer/AudioTrackPrivateGStreamer.h:
  • platform/graphics/gstreamer/GRefPtrGStreamer.cpp: GstStream and

GstStreamCollection smart pointer support.
(WTF::adoptGRef):
(WTF::refGPtr<GstStream>):
(WTF::derefGPtr<GstStream>):
(WTF::refGPtr<GstStreamCollection>):
(WTF::derefGPtr<GstStreamCollection>):

  • platform/graphics/gstreamer/GRefPtrGStreamer.h:
  • platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.cpp:

Use the GstStream API instead of inspecting the pad when playbin3
is used.
(WebCore::InbandTextTrackPrivateGStreamer::InbandTextTrackPrivateGStreamer):
(WebCore::InbandTextTrackPrivateGStreamer::disconnect):

  • platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:

(WebCore::InbandTextTrackPrivateGStreamer::create):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
m_{audio,video,text}Tracks are now hashmaps, which is a bit more
convenient to use than Vectors.
(WebCore::MediaPlayerPrivateGStreamer::updateTracks): Update our
tracks implementations depending on the streams stored in the
collection.
(WebCore::MediaPlayerPrivateGStreamer::enableTrack): Activate the
given track. This method is called by the TrackPrivate
implementations.
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo):
Refactored legacy (playbin2) support for track hashmap storage.
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfText): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::newTextSample): Use track hashmap storage.
(WebCore::MediaPlayerPrivateGStreamer::handleMessage): React on
playbin3 GstStream messages, store the collection provided and
activate the given selected streams accordingly.
(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidAudioTracks): Invalidate tracks no longer needed.
(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidVideoTracks): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::purgeInvalidTextTracks): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::sourceSetupCallback):
Refactoring, use source-setup signal instead of the source
property which is not supported in playbin3.
(WebCore::MediaPlayerPrivateGStreamer::uriDecodeBinElementAddedCallback):
Promoted logging messages, GST_TRACE should be used for very
frequent and less interesting messages.
(WebCore::MediaPlayerPrivateGStreamer::downloadBufferFileCreatedCallback): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::sourceSetup): Called by the source-setup signal handler.
(WebCore::MediaPlayerPrivateGStreamer::setDownloadBuffering): Debugging message added.
(WebCore::MediaPlayerPrivateGStreamer::setPreload): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Create a
playbin3 element if USE(GSTREAMER_PLAYBIN3) was enabled and
connect to playbin2 signals otherwise.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

(WebCore::MediaPlayerPrivateGStreamer::createWeakPtr): Promoted to public.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

New StreamCollectionChanged notification type, used the sub-class.

  • platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:

(WebCore::TrackPrivateBaseGStreamer::TrackPrivateBaseGStreamer): Support for GstStream API.
(WebCore::TrackPrivateBaseGStreamer::disconnect): Clear GstStream too.
(WebCore::TrackPrivateBaseGStreamer::tagsChanged): Get tags from GstStream.
(WebCore::TrackPrivateBaseGStreamer::notifyTrackOfActiveChanged): No need to check m_pad twice.
(WebCore::TrackPrivateBaseGStreamer::notifyTrackOfTagsChanged): Ditto.

  • platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
  • platform/graphics/gstreamer/VideoTrackPrivateGStreamer.cpp: Take

a weak pointer of the media player instead of playbin and call the
player when enabling tracks. Also use the GstStream API instead of
inspecting the pad when playbin3 is used.
(WebCore::VideoTrackPrivateGStreamer::VideoTrackPrivateGStreamer):
(WebCore::VideoTrackPrivateGStreamer::disconnect):
(WebCore::VideoTrackPrivateGStreamer::markAsActive):
(WebCore::VideoTrackPrivateGStreamer::setSelected):

  • platform/graphics/gstreamer/VideoTrackPrivateGStreamer.h:
  • platform/graphics/gstreamer/mse/AppendPipeline.cpp: Pass player pointer to track constructor.

(WebCore::AppendPipeline::connectDemuxerSrcPadToAppsink):

  • platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp: Source-setup signal handler.

(WebCore::MediaPlayerPrivateGStreamerMSE::sourceSetup):

  • platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
12:51 AM Changeset in webkit [228616] by Carlos Garcia Campos
  • 19 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228105 - JavaScriptCore files should not be included relatively
https://bugs.webkit.org/show_bug.cgi?id=182452

Reviewed by Keith Miller.

  • API/JSCallbackConstructor.h:
  • CMakeLists.txt:
  • disassembler/ARM64Disassembler.cpp:
  • disassembler/ARMv7Disassembler.cpp:
  • heap/LockDuringMarking.h:
  • inspector/InjectedScriptBase.h:
  • inspector/InjectedScriptHost.h:
  • inspector/JavaScriptCallFrame.h:
  • inspector/ScriptArguments.h:
  • inspector/ScriptDebugListener.h:
  • inspector/ScriptDebugServer.h:
  • inspector/agents/InspectorAgent.h:
  • inspector/agents/InspectorConsoleAgent.h:
  • inspector/agents/InspectorDebuggerAgent.h:
  • inspector/agents/InspectorHeapAgent.h:
  • inspector/agents/InspectorRuntimeAgent.h:
  • inspector/agents/InspectorScriptProfilerAgent.h:
  • runtime/RegExp.h:
12:51 AM Changeset in webkit [228615] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/JavaScriptCore

Merge r228102 - Unreviewed, rolling out r228012.
https://bugs.webkit.org/show_bug.cgi?id=182493

"It regressed ARES-6 by 2-4%" (Requested by saamyjoon on

Reverted changeset:

"[JSC] Clean up ArraySpeciesCreate"
https://bugs.webkit.org/show_bug.cgi?id=182434
https://trac.webkit.org/changeset/228012

12:51 AM Changeset in webkit [228614] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.20

Merge r228101 - Layout Test imported/w3c/web-platform-tests/service-workers/service-worker/register-same-scope-different-script-url.https.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=181166
<rdar://problem/37169508>

Reviewed by Youenn Fablet.

Source/WebCore:

I found out that this test was flakily timing out because our jobQueues would sometimes get stuck
when their current job's connection or service worker (when scheduled by a service worker) would
go away before the job is complete.

This patch makes our job queues operation more robust by:

  1. Cancelling all jobs from a given connection when a SWServerConnection goes away
  2. Cancelling all jobs from a given service worker when a service worker gets terminated

We also make sure service workers created by a job get properly terminated when a job
is canceled to avoid leaving service workers in limbo.

No new tests, unskipped existing flaky test.

  • workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::addRegistration):
(WebCore::ServiceWorkerContainer::removeRegistration):
(WebCore::ServiceWorkerContainer::updateRegistration):

  • workers/service/ServiceWorkerJobData.cpp:

(WebCore::ServiceWorkerJobData::ServiceWorkerJobData):
(WebCore::ServiceWorkerJobData::isolatedCopy const):

  • workers/service/ServiceWorkerJobData.h:

(WebCore::ServiceWorkerJobData::encode const):
(WebCore::ServiceWorkerJobData::decode):

  • workers/service/server/SWServer.cpp:

(WebCore::SWServer::startScriptFetch):
(WebCore::SWServer::scriptContextFailedToStart):
(WebCore::SWServer::scriptContextStarted):
(WebCore::SWServer::terminatePreinstallationWorker):
(WebCore::SWServer::installContextData):
(WebCore::SWServer::workerContextTerminated):
(WebCore::SWServer::unregisterConnection):

  • workers/service/server/SWServer.h:
  • workers/service/server/SWServerJobQueue.cpp:

(WebCore::SWServerJobQueue::removeAllJobsMatching):
(WebCore::SWServerJobQueue::cancelJobsFromConnection):
(WebCore::SWServerJobQueue::cancelJobsFromServiceWorker):

  • workers/service/server/SWServerJobQueue.h:
  • workers/service/server/SWServerRegistration.cpp:

(WebCore::SWServerRegistration::setPreInstallationWorker):

LayoutTests:

Unskip test that is no longer flaky.

  • platform/mac-wk2/TestExpectations:
12:28 AM Changeset in webkit [228613] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.20

Merge r228100 - Disallow evaluating JavaScript from NPP_Destroy() in WebKit
https://bugs.webkit.org/show_bug.cgi?id=181889
<rdar://problem/36674701>

Reviewed by Brent Fulgham.

Source/WebKit:

Make the behavior of WebKit match the behavior of WebKitLegacy on Mac.

  • Shared/Plugins/NPObjectMessageReceiver.cpp:

(WebKit::NPObjectMessageReceiver::hasMethod):
(WebKit::NPObjectMessageReceiver::invoke):
(WebKit::NPObjectMessageReceiver::invokeDefault):
(WebKit::NPObjectMessageReceiver::hasProperty):
(WebKit::NPObjectMessageReceiver::getProperty):
(WebKit::NPObjectMessageReceiver::setProperty):
(WebKit::NPObjectMessageReceiver::removeProperty):
(WebKit::NPObjectMessageReceiver::enumerate):
(WebKit::NPObjectMessageReceiver::construct):
Bail out if the plugin is executing NPP_Destroy().

  • WebProcess/Plugins/Plugin.cpp:

(WebKit::Plugin::destroyPlugin):

  • WebProcess/Plugins/Plugin.h:

(WebKit::Plugin::isBeingDestroyed const):
Move bookkeeping of whether the plugin is being destroyed from PluginView
to here. This makes it straightforward for NPObjectMessageReceiver to query
this information.

  • WebProcess/Plugins/PluginView.cpp:

(WebKit::PluginView::~PluginView):
(WebKit::PluginView::destroyPluginAndReset):
(WebKit::PluginView::recreateAndInitialize):
(WebKit::PluginView::protectPluginFromDestruction):
(WebKit::PluginView::unprotectPluginFromDestruction):
Move bookkeeping of whether the plugin is being destroyed from here
to Plugin.

  • WebProcess/Plugins/PluginView.h:

(WebKit::PluginView::isBeingDestroyed const): Turn around and ask the plugin if it
is being destroyed, if we have one.

LayoutTests:

Consolidate all the plugin tests that evaluate JavaScript from NPP_Destroy()
and mark them as Wont Fix. In a subsequent change we will look to replace
these tests with tests that ensure that we do not evaluate JavaScript from
NPP_Destroy().

  • platform/mac/TestExpectations:
  • platform/wk2/TestExpectations:
12:25 AM Changeset in webkit [228612] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.20

Merge r228096 - Crash on sfgate.com because mismatching link preload types
https://bugs.webkit.org/show_bug.cgi?id=182483
<rdar://problem/37065331>

Reviewed by Daniel Bates.

Source/WebCore:

Preloading the same URL with different 'as' types causes some confusion.

Test: http/tests/preload/link-preload-type-mismatch.html

  • loader/LinkLoader.cpp:

(WebCore::createLinkPreloadResourceClient):

Ensure we use the actual resource type when creating the client.

(WebCore::LinkLoader::preloadIfNeeded):

Don't construct client if the types don't match. This can happen if there is an existing
preload for the same resource with different type.

LayoutTests:

  • http/tests/preload/link-preload-type-mismatch-expected.txt: Added.
  • http/tests/preload/link-preload-type-mismatch.html: Added.
12:23 AM Changeset in webkit [228611] by Carlos Garcia Campos
  • 30 edits
    34 adds
    1 delete in releases/WebKitGTK/webkit-2.20

Merge r228095 - [css-grid] Rename gutter properties to remove "grid-" prefix
https://bugs.webkit.org/show_bug.cgi?id=180290

Reviewed by Javier Fernandez.

LayoutTests/imported/w3c:

Imported WPT tests from css/css-align/gaps/.
And also update the tests on css/css-grid/alignment/ gutter tests.

  • web-platform-tests/css/css-align/gaps/column-gap-animation-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/column-gap-animation-001.html: Added.
  • web-platform-tests/css/css-align/gaps/column-gap-animation-002-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/column-gap-animation-002.html: Added.
  • web-platform-tests/css/css-align/gaps/column-gap-animation-003-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/column-gap-animation-003.html: Added.
  • web-platform-tests/css/css-align/gaps/column-gap-parsing-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/column-gap-parsing-001.html: Added.
  • web-platform-tests/css/css-align/gaps/gap-animation-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/gap-animation-001.html: Added.
  • web-platform-tests/css/css-align/gaps/gap-animation-002-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/gap-animation-002.html: Added.
  • web-platform-tests/css/css-align/gaps/gap-animation-003-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/gap-animation-003.html: Added.
  • web-platform-tests/css/css-align/gaps/gap-animation-004-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/gap-animation-004.html: Added.
  • web-platform-tests/css/css-align/gaps/gap-parsing-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/gap-parsing-001.html: Added.
  • web-platform-tests/css/css-align/gaps/grid-column-gap-parsing-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/grid-column-gap-parsing-001.html: Added.
  • web-platform-tests/css/css-align/gaps/grid-gap-parsing-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/grid-gap-parsing-001.html: Added.
  • web-platform-tests/css/css-align/gaps/grid-row-gap-parsing-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/grid-row-gap-parsing-001.html: Added.
  • web-platform-tests/css/css-align/gaps/row-gap-animation-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/row-gap-animation-001.html: Added.
  • web-platform-tests/css/css-align/gaps/row-gap-animation-002-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/row-gap-animation-002.html: Added.
  • web-platform-tests/css/css-align/gaps/row-gap-animation-003-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/row-gap-animation-003.html: Added.
  • web-platform-tests/css/css-align/gaps/row-gap-parsing-001-expected.txt: Added.
  • web-platform-tests/css/css-align/gaps/row-gap-parsing-001.html: Added.
  • web-platform-tests/css/css-align/gaps/w3c-import.log: Added.
  • web-platform-tests/css/css-grid/alignment/grid-gutters-001-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-002-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-003-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-004-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-005-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-006-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-007-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-008-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-009-expected.html:
  • web-platform-tests/css/css-grid/alignment/grid-gutters-010-expected.html:

Source/WebCore:

This patch applies the resoultion of the CSS WG to unprefix
the CSS Grid Layout gutter properties:
https://github.com/w3c/csswg-drafts/issues/1696

column-gap already existed before, as it's part of Multicol.
The patch adds the new properties row-gap and gap, and keep the legacy ones
as aliases:

  • grid-column-gap => column-gap
  • grid-row-gap => row-gap
  • grid-gap => gap

As column-gap was already animatable, this change takes advantage
to make animatable row-gap too.

Tests: imported/w3c/web-platform-tests/css/css-align/gaps/

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):

  • css/CSSProperties.json:
  • css/StyleProperties.cpp:
  • css/parser/CSSParserFastPaths.cpp:

(WebCore::isSimpleLengthPropertyID):

  • css/parser/CSSPropertyParser.cpp:

(WebCore::CSSPropertyParser::parseSingleValue):
(WebCore::CSSPropertyParser::parseShorthand):

  • page/animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::availableSpaceForGutters const):
(WebCore::RenderGrid::gridGap const):

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::gridAutoRows const):
(WebCore::RenderStyle::columnGap const):
(WebCore::RenderStyle::rowGap const):
(WebCore::RenderStyle::setGridItemRowEnd):
(WebCore::RenderStyle::setColumnGap):
(WebCore::RenderStyle::setRowGap):
(WebCore::RenderStyle::initialRowGap):

  • rendering/style/StyleGridData.cpp:

(WebCore::StyleGridData::StyleGridData):

  • rendering/style/StyleGridData.h:

(WebCore::StyleGridData::operator== const):

  • rendering/style/StyleMultiColData.cpp:

(WebCore::StyleMultiColData::StyleMultiColData):
(WebCore::StyleMultiColData::operator== const):

  • rendering/style/StyleMultiColData.h:
  • rendering/style/StyleRareNonInheritedData.cpp:

(WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
(WebCore::StyleRareNonInheritedData::operator== const):

  • rendering/style/StyleRareNonInheritedData.h:

LayoutTests:

so removing them from TestExpectations.

  • fast/css-grid-layout/grid-gutters-get-set.html: Removed. This is now covered by WPT tests.
  • fast/css-grid-layout/grid-shorthand-get-set-expected.txt: Update results for gutter properties

as default value is now "normal".

  • fast/css-grid-layout/grid-shorthand-get-set.html: Update checks for gutter properties

as default value is now "normal".

12:23 AM Changeset in webkit [228610] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.20/Source/WebCore

Merge r228091 - Unreviewed, rolling out r228085.

Pixel data stride is imposed by OpenGL and shouldn't be
adjusted for Cairo

Reverted changeset:

"[Cairo] Correctly calculate stride in
GraphicsContext3D::paintToCanvas()"
https://bugs.webkit.org/show_bug.cgi?id=182466
https://trac.webkit.org/changeset/228085

12:07 AM Changeset in webkit [228609] by commit-queue@webkit.org
  • 7 edits in trunk

REGRESSION(r219298): RELEASE_ASSERT(!m_owningPointerForClose) fails in WebCore::IDBServer::UniqueIDBDatabase::scheduleShutdownForClose
https://bugs.webkit.org/show_bug.cgi?id=174354
<rdar://problem/33294987>

Patch by Fujii Hironori <Fujii Hironori> on 2018-02-19
Reviewed by Michael Catanzaro.

Source/WebCore:

UniqueIDBDatabase::invokeOperationAndTransactionTimer was called
even after m_owningPointerForClose was set in
UniqueIDBDatabase::didDeleteBackingStore.

No new tests (Covered by existing tests).

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
Do not start deleting the UniqueIDBDatabase. Just call invokeOperationAndTransactionTimer.
(WebCore::IDBServer::UniqueIDBDatabase::invokeOperationAndTransactionTimer):
Assert m_owningPointerForClose is null.

LayoutTests:

  • platform/gtk/TestExpectations:

Unmarked imported/w3c/IndexedDB-private-browsing/idbfactory_open.html.

  • platform/ios-wk2/TestExpectations:

Unmarked imported/w3c/IndexedDB-private-browsing/idbfactory_open12.html.

  • platform/mac/TestExpectations: Ditto.
  • platform/wpe/TestExpectations: Unmarked

imported/w3c/IndexedDB-private-browsing/idbfactory_open.html and
imported/w3c/IndexedDB-private-browsing/idbfactory_open12.html.

Note: See TracTimeline for information about the timeline view.