Timeline



Apr 8, 2019:

11:23 PM Changeset in webkit [244068] by Simon Fraser
  • 3 edits in trunk/Source/WebCore

Remove some iOS #ifdefs around sticky-related code
https://bugs.webkit.org/show_bug.cgi?id=196726

Reviewed by Zalan Bujtas.

Now that async overflow scrolling can be enabled on macOS, RenderLayerCompositor::isAsyncScrollableStickyLayer()
should not have iOS-only code.

The answer to the FIXME in RenderLayerCompositor::computeStickyViewportConstraints is obvious: composited
overflow:scroll can be the container for sticky. The assertion can be removed.

  • rendering/RenderLayer.cpp: Fix spacing in some logging.

(WebCore::outputPaintOrderTreeRecursive):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::isAsyncScrollableStickyLayer const):
(WebCore::RenderLayerCompositor::computeStickyViewportConstraints const):

9:31 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
9:30 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
9:18 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
9:18 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
8:23 PM Changeset in webkit [244067] by ysuzuki@apple.com
  • 12 edits
    2 adds in trunk

[JSC] DFG should respect node's strict flag
https://bugs.webkit.org/show_bug.cgi?id=196617

Reviewed by Saam Barati.

JSTests:

  • stress/put-by-val-direct-should-respect-strict-mode-of-inlining-codeblock.js: Added.

(shouldEqual):
(makeUnwriteableUnconfigurableObject):
(runTest):

  • stress/put-dynamic-var-strict-and-sloppy.js: Added.

(shouldBe):
(shouldThrow):
(with.result):
(with.putValueStrict):
(with.putValueSloppy):

Source/JavaScriptCore:

We accidentally use codeBlock->isStrictMode() directly in DFG and FTL. But this is wrong since this CodeBlock is the top level DFG/FTL CodeBlock,
and this code does not respect the isStrictMode flag for the inlined CodeBlocks. In this patch, we start using isStrictModeFor(CodeOrigin) consistently
in DFG and FTL to get the right isStrictMode flag for the DFG node.
And we also split compilePutDynamicVar into compilePutDynamicVarStrict and compilePutDynamicVarNonStrict since (1) it is cleaner than accessing inlined
callframe in the operation function, and (2) it is aligned to the other functions like operationPutByValDirectNonStrict etc.
This bug is discovered by RandomizingFuzzerAgent by expanding the DFG coverage.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupToThis):

  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileDoublePutByVal):
(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
(JSC::DFG::SpeculativeJIT::compilePutDynamicVar):
(JSC::DFG::SpeculativeJIT::compileToThis):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):
(JSC::FTL::DFG::LowerDFGToB3::compilePutDynamicVar):

6:54 PM Changeset in webkit [244066] by Fujii Hironori
  • 2 edits in trunk/Tools

AX: Support API: accessibilityReplaceRange:withText
https://bugs.webkit.org/show_bug.cgi?id=196636

Unreviewed build fix for Windows port.

  • WebKitTestRunner/InjectedBundle/win/AccessibilityUIElementWin.cpp:

(WTR::AccessibilityUIElement::replaceTextInRange): Added.

6:38 PM Changeset in webkit [244065] by don.olmstead@sony.com
  • 25 edits in trunk

[CMake][WinCairo] Separate copied headers into different directories
https://bugs.webkit.org/show_bug.cgi?id=196655

Reviewed by Michael Catanzaro.

.:

Add variables for the paths to copied framework headers. This is done to be
explicit rather than relying on ${FORWARDING_HEADERS_DIR}.

Currently all ports but WinCairo will default to ${FORWARDING_HEADERS_DIR}.
WinCairo overrides them to provide a directory structure that looks more
like what happens in an XCode build. This is meant as an intermediate step
towards making all CMake ports behave like this.

  • Source/cmake/OptionsWinCairo.cmake:
  • Source/cmake/WebKitFS.cmake:
  • Source/cmake/WebKitMacros.cmake:

Source/JavaScriptCore:

  • CMakeLists.txt:
  • shell/PlatformWin.cmake:

Source/WebCore:

  • CMakeLists.txt:
  • PlatformWin.cmake:

Source/WebCore/PAL:

  • pal/CMakeLists.txt:

Source/WebKit:

  • CMakeLists.txt:
  • PlatformWin.cmake:

Source/WebKitLegacy:

  • CMakeLists.txt:
  • PlatformWin.cmake:

Source/WTF:

  • wtf/CMakeLists.txt:

Tools:

  • DumpRenderTree/CMakeLists.txt:
  • MiniBrowser/win/CMakeLists.txt:
  • TestWebKitAPI/CMakeLists.txt:
  • TestWebKitAPI/PlatformWin.cmake:
6:32 PM Changeset in webkit [244064] by Jonathan Bedard
  • 2 edits
    1 add in trunk/Tools

Log stack-trace for run-webkit-tests when interrupted
https://bugs.webkit.org/show_bug.cgi?id=176393
<rdar://problem/34262310>

Reviewed by Lucas Forschler.

  • Scripts/webkitpy/common/interrupt_debugging.py: Added.

(log_stack_trace): Given a Python frame object, log a stack trace to the provided file.
(StackTraceFileContext): Context which allows stack-traces to be printed to stderr or to a file.
(log_stack_trace_on_term): Attach a listener to SIGTERM so that a stack-trace can be logged when a program is terminated.
(log_stack_trace_on_ctrl_c): Attach a listener to SIGINT so that a stack-trace can be logged when a program is CTRL+Ced.

  • Scripts/webkitpy/layout_tests/run_webkit_tests.py:

(main): Set handlers to log stack trace on interruption.

6:31 PM Changeset in webkit [244063] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Elements tab: Classes toggle should use accent color on hover
https://bugs.webkit.org/show_bug.cgi?id=196266

Reviewed by Devin Rousso.

  • UserInterface/Views/GeneralStyleDetailsSidebarPanel.css:

(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle::before):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle:matches(.selected, :hover)):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle:matches(.selected, :hover)::before):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle:not(.selected):hover::before):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle.selected:active::before):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle.selected): Deleted.
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle:not(.selected):hover): Deleted.

6:26 PM Changeset in webkit [244062] by Fujii Hironori
  • 2 edits in trunk/Tools

AX: Support API: accessibilityReplaceRange:withText
https://bugs.webkit.org/show_bug.cgi?id=196636

Unreviewed build fix for Windows port.

  • DumpRenderTree/AccessibilityUIElement.cpp:

(AccessibilityUIElement::replaceTextInRange): Changed the return value type from void to bool.

5:58 PM Changeset in webkit [244061] by Chris Fleizach
  • 11 edits
    4 adds in trunk

AX: Automatically compute accessibility labels for Apple Pay buttons
https://bugs.webkit.org/show_bug.cgi?id=196661

Reviewed by Joanmarie Diggs.

Source/WebCore:

Detect Apple Pay buttons and return a standard role and label for them based on their type.

Test: accessibility/mac/apple-pay-labels.html

accessibility/mac/apple-pay-session-v4.html

  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::isControl const):

  • accessibility/AccessibilityNodeObject.h:
  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::applePayButtonDescription const):
(WebCore::AccessibilityRenderObject::titleElementText const):
(WebCore::AccessibilityRenderObject::determineAccessibilityRole):
(WebCore::AccessibilityRenderObject::isApplePayButton const):
(WebCore::AccessibilityRenderObject::applePayButtonType const):

  • accessibility/AccessibilityRenderObject.h:
  • en.lproj/Localizable.strings:
  • platform/LocalizedStrings.cpp:

(WebCore::AXApplePayPlainLabel):
(WebCore::AXApplePayBuyLabel):
(WebCore::AXApplePaySetupLabel):
(WebCore::AXApplePayDonateLabel):
(WebCore::AXApplePayCheckOutLabel):
(WebCore::AXApplePayBookLabel):
(WebCore::AXApplePaySubscribeLabel):

  • platform/LocalizedStrings.h:

LayoutTests:

  • accessibility/mac/apple-pay-labels-expected.txt: Added.
  • accessibility/mac/apple-pay-labels.html: Added.
  • accessibility/mac/apple-pay-session-v4-expected.txt: Added.
  • accessibility/mac/apple-pay-session-v4.html: Added.
5:42 PM Changeset in webkit [244060] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-build] Scripts using Buildbot API have CORS error
https://bugs.webkit.org/show_bug.cgi?id=196709

Reviewed by Alexey Proskuryakov.

  • BuildSlaveSupport/ews-build/master.cfg: Set allowed_origins appropriately.
5:39 PM Changeset in webkit [244059] by Chris Fleizach
  • 14 edits
    2 adds in trunk

AX: Support API: accessibilityReplaceRange:withText
https://bugs.webkit.org/show_bug.cgi?id=196636

Reviewed by Daniel Bates.

Source/WebCore:

Support this platform API on mac to provide a way to replace a range of editable text.

Test: accessibility/mac/replace-text-with-range.html

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::replaceTextInRange):

  • accessibility/AccessibilityObject.h:
  • accessibility/mac/AccessibilityObjectBase.mm:

(WebCore::PlainTextRange::PlainTextRange):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityReplaceRange:withText:]):

Tools:

  • DumpRenderTree/AccessibilityUIElement.cpp:

(replaceTextInRangeCallback):
(AccessibilityUIElement::replaceTextInRange):
(AccessibilityUIElement::getJSClass):

  • DumpRenderTree/AccessibilityUIElement.h:
  • DumpRenderTree/ios/AccessibilityUIElementIOS.mm:

(AccessibilityUIElement::replaceTextInRange):

  • DumpRenderTree/mac/AccessibilityUIElementMac.mm:

(AccessibilityUIElement::replaceTextInRange):

  • WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
  • WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
  • WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::replaceTextInRange):

  • WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::replaceTextInRange):

5:00 PM Changeset in webkit [244058] by ysuzuki@apple.com
  • 3 edits
    1 add in trunk

[JSC] isRope jump in StringSlice should not jump over register allocations
https://bugs.webkit.org/show_bug.cgi?id=196716

Reviewed by Saam Barati.

JSTests:

  • stress/is-rope-check-in-string-slice-should-not-jump-over-register-allocations.js: Added.

(foo.bar):
(foo):

Source/JavaScriptCore:

Jumping over the register allocation code in DFG (like the following) is wrong.

auto jump = m_jit.branchXXX();
{

GPRTemporary reg(this);
GPRReg regGPR = reg.gpr();
...

}
jump.link(&m_jit);

When GPRTemporary::gpr allocates a new register, it can flush the previous register value into the stack and make the register usable.
Jumping over this register allocation code skips the flushing code, and makes the DFG's stack and register content tracking inconsistent:
DFG thinks that the content is flushed and stored in particular stack slot even while this flushing code is skipped.
In this patch, we perform register allocations before jumping to the slow path based on isRope condition in StringSlice.

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileStringSlice):

4:33 PM Changeset in webkit [244057] by ysuzuki@apple.com
  • 3 edits
    1 add in trunk

[JSC] to_index_string should not assume incoming value is Uint32
https://bugs.webkit.org/show_bug.cgi?id=196713

Reviewed by Saam Barati.

JSTests:

  • stress/to-index-string-should-not-assume-incoming-value-is-uint32.js: Added.

(foo):

Source/JavaScriptCore:

The slow path of to_index_string assumes that incoming value is Uint32. But we should not have
this assumption since DFG may decide we should have it double format. This patch removes this
assumption, and instead, we should assume that incoming value is AnyInt and the range of this
is within Uint32.

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

3:49 PM Changeset in webkit [244056] by wenson_hsieh@apple.com
  • 14 edits in trunk

[iOS] Do not allow starting selection drags when selection views are not visible
https://bugs.webkit.org/show_bug.cgi?id=196686
<rdar://problem/49399192>

Reviewed by Tim Horton.

Source/WebCore:

See WebKit ChangeLog for more details.

Tests: DragAndDropTests.CanDragImageWhenNotFirstResponder

DragAndDropTests.DoNotPerformSelectionDragWhenNotFirstResponder

  • page/DragController.cpp:

(WebCore::DragController::draggableElement const):

Make this respect the case where m_dragSourceAction does not include DragSourceActionSelection. All the other
drag source types are currently consulted in this method, with the exception of DragSourceActionSelection.

Source/WebKit:

Currently, on iOS, it's possible to start dragging selected text in a web view even if the selection itself is
not visible. This can happen if the user selects some text, focuses a native text field, and then long presses
the previously selected text. This is because the text is still selected in the document since we don't clear
the selection when resigning first responder on iOS, despite the fact that the native selection view is no
longer present.

To fix this, we add plumbing to specify the set of allowed drag source actions when requesting drag start; this
set of allowed drag source actions only includes DragSourceActionSelection if the selection view can be visible
(i.e. the content view is first responder, and isn't suppressing text interactions). We then update WebPage's
allowed drag source actions with this given set of actions, while sending "dragstart" to the page.

  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView hasSelectablePositionAtPoint:]):
(-[WKContentView textInteractionGesture:shouldBeginAtPoint:]):

Only bail out of text selection in text that is already selected if the web view allows dragging text selections
(i.e. the web view is first responder, and is not suppressing text interactions).

(-[WKContentView _allowedDragSourceActions]):
(-[WKContentView _dragInteraction:itemsForAddingToSession:withTouchAtPoint:completion:]):
(-[WKContentView _dragInteraction:prepareForSession:completion:]):

Pass the set of allowed drag source actions when requesting a drag start or adding items to an existing session.

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::requestDragStart):
(WebKit::WebPageProxy::requestAdditionalItemsForDragSession):

Plumb the allowed drag source actions from the UI process (WKContentView) over to the web process (WebPage).

  • WebProcess/WebCoreSupport/WebDragClient.cpp:

(WebKit::WebDragClient::dragSourceActionMaskForPoint):

Instead of always returning Any, consult WebPage's allowed drag source actions.

  • WebProcess/WebPage/WebPage.h:

(WebKit::WebPage::allowedDragSourceActions const):

  • WebProcess/WebPage/WebPage.messages.in:
  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::requestDragStart):
(WebKit::WebPage::requestAdditionalItemsForDragSession):

Set WebPage's allowed drag source actions to the given set of actions when sending a drag start to the page.

Tools:

Adjust some existing API tests to make the web view become first responder before trying to begin dragging, and
also add some new API tests to cover scenarios where the web view is not first responder.

  • TestWebKitAPI/Tests/ios/DragAndDropTestsIOS.mm:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/cocoa/DragAndDropSimulator.h:

Add a switch to optionally make the web view first responder when starting the simulated drag.

  • TestWebKitAPI/ios/DragAndDropSimulatorIOS.mm:

(-[DragAndDropSimulator initWithWebView:]):
(-[DragAndDropSimulator runFrom:to:additionalItemRequestLocations:]):

3:45 PM Changeset in webkit [244055] by Alan Coon
  • 7 edits in tags/Safari-608.1.15.1/Source

Versioning.

3:29 PM Changeset in webkit [244054] by youenn@apple.com
  • 7 edits
    1 copy in trunk

Add a test to check for the service worker process name
https://bugs.webkit.org/show_bug.cgi?id=196621

Reviewed by Chris Dumez.

Source/WebCore:

Add a service worker internal API to get process name.
Covered by updated test.

  • WebCore.xcodeproj/project.pbxproj:
  • testing/ServiceWorkerInternals.cpp:

(WebCore::ServiceWorkerInternals::processName const):

  • testing/ServiceWorkerInternals.h:
  • testing/ServiceWorkerInternals.idl:
  • testing/ServiceWorkerInternals.mm: Added.

LayoutTests:

  • http/wpt/service-workers/online-worker.js:

(async.doTest):

3:26 PM Changeset in webkit [244053] by Alan Coon
  • 7 edits in branches/safari-607-branch/Source

Versioning.

3:26 PM Changeset in webkit [244052] by ysuzuki@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed, speculative fix for build failure in old macOS after r243887
https://bugs.webkit.org/show_bug.cgi?id=196475

  • dom/NodeList.h:
3:25 PM Changeset in webkit [244051] by Alan Coon
  • 1 copy in tags/Safari-608.1.15.1

New tag.

3:11 PM Changeset in webkit [244050] by Justin Fan
  • 19 edits in trunk

[Web GPU] Fix Web GPU experimental feature on iOS
https://bugs.webkit.org/show_bug.cgi?id=196632

Reviewed by Myles C. Maxfield.

Source/JavaScriptCore:

Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Source/ThirdParty/libwebrtc:

Add conditionals for iOS 11.

  • Configurations/WebKitTargetConditionals.xcconfig:

Source/WebCore:

Add feature conditionals for iOS 11.
Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Source/WebCore/PAL:

Add feature conditionals for iOS 11.
Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Source/WebKit:

Add feature conditionals for iOS 11.
Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Source/WebKitLegacy/mac:

Add feature conditionals for iOS 11.
Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Tools:

Properly make Web GPU available on iOS 11+.

  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
3:01 PM Changeset in webkit [244049] by ysuzuki@apple.com
  • 1 edit
    1 add in trunk/JSTests

[JSC] Add more tests for r243966
https://bugs.webkit.org/show_bug.cgi?id=196711

Reviewed by Saam Barati.

Adding one more test for r243966 fix. The added test will not crash after r243966.

  • stress/stress-cleared-calllinkinfo.js: Added.

(runNearStackLimit.t):
(runNearStackLimit):
(repeat):
(cls):
(let.item.of.array.runNearStackLimit):

2:42 PM Changeset in webkit [244048] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

Fix selector name after r243834
https://bugs.webkit.org/show_bug.cgi?id=196549

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSessionCocoa::NetworkSessionCocoa):
I forgot the colon in the setter's name.

2:41 PM Changeset in webkit [244047] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

fast/parser/xml-error-adopted.xml is a flaky timeout
https://bugs.webkit.org/show_bug.cgi?id=186581

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations:
2:31 PM Changeset in webkit [244046] by timothy@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed build fix for iOSMac after r243893.
https://bugs.webkit.org/show_bug.cgi?id=196707

  • dom/Element.cpp:

(WebCore::parentCrossingFrameBoundaries): Remove ENABLE(POINTER_EVENTS) since computedTouchActions()
no longer uses parentCrossingFrameBoundaries().

2:29 PM Changeset in webkit [244045] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

Fixed a typo on a test expectation
https://bugs.webkit.org/show_bug.cgi?id=187391

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations: Updating test expectations
1:57 PM Changeset in webkit [244044] by Ross Kirsling
  • 2 edits in trunk/Source/JavaScriptCore

-f[no-]var-tracking-assignments is GCC-only
https://bugs.webkit.org/show_bug.cgi?id=196699

Reviewed by Don Olmstead.

  • CMakeLists.txt:

Just remove the build flag altogether -- it supposedly doesn't solve the problem it was meant to
and said problem evidently no longer occurs as of GCC 9.

1:51 PM Changeset in webkit [244043] by youenn@apple.com
  • 5 edits in trunk/Source/WebCore

Lazily construct Navigator serviceWorker
https://bugs.webkit.org/show_bug.cgi?id=196692

Reviewed by Chris Dumez.

Make NavigatorBase a ContextDestructionObserver.
This allows to get the navigator script execution context.
Use it when creating the navigator ServiceWorkerContainer object.
For GC, introduce serviceWorkerIfAny which returns the container if created.
No JS observable change of behavior.
Covered by existing tests.

  • bindings/js/JSNavigatorCustom.cpp:

(WebCore::JSNavigator::visitAdditionalChildren):

  • bindings/js/JSWorkerNavigatorCustom.cpp:

(WebCore::JSWorkerNavigator::visitAdditionalChildren):

  • page/NavigatorBase.cpp:

(WebCore::NavigatorBase::NavigatorBase):
(WebCore::NavigatorBase::serviceWorkerIfAny):
(WebCore::NavigatorBase::serviceWorker):

  • page/NavigatorBase.h:
1:50 PM Changeset in webkit [244042] by Antti Koivisto
  • 3 edits in trunk/Source/WebKit

Compute touch actions for touch point from remote layer tree regions
https://bugs.webkit.org/show_bug.cgi?id=196701

Reviewed by Simon Fraser.

Add a function for finding the right layer and getting the touch actions in UI process side.

The code is not used yet.

  • UIProcess/RemoteLayerTree/ios/RemoteLayerTreeViews.h:
  • UIProcess/RemoteLayerTree/ios/RemoteLayerTreeViews.mm:

(WebKit::touchActionsForPoint):

Use the same code as overlap hit testing for collecting the candidate layers for the touch point,
taking event regions into account.
Return the touch actions from the deepest event sensitive layer hit.

(-[UIView _web_findDescendantViewAtPoint:withEvent:]):

Modernize.

1:48 PM Changeset in webkit [244041] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

inspector/canvas/css-canvas-clients.html is a constant timeout/failure
https://bugs.webkit.org/show_bug.cgi?id=174272

Unreviewed test gardening.

  • platform/mac/TestExpectations: Updating test expectations to skip test
1:46 PM Changeset in webkit [244040] by sbarati@apple.com
  • 4 edits
    1 add in trunk

WebAssembly.RuntimeError missing exception check
https://bugs.webkit.org/show_bug.cgi?id=196700
<rdar://problem/49693932>

Reviewed by Yusuke Suzuki.

JSTests:

  • wasm/js-api/runtime-error-should-exception-check.js: Added.

Source/JavaScriptCore:

  • wasm/js/JSWebAssemblyRuntimeError.h:
  • wasm/js/WebAssemblyRuntimeErrorConstructor.cpp:

(JSC::constructJSWebAssemblyRuntimeError):

1:46 PM Changeset in webkit [244039] by Devin Rousso
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Audit: default audits aren't added when an existing audit is present
https://bugs.webkit.org/show_bug.cgi?id=196663
<rdar://problem/49660757>

Reviewed by Timothy Hatcher.

Rather than have a button that allows the user to re-add the default audits, prevent them
from being deletable in the first place. "Deleting" a default audit will instead mark it as
disabled (and beep if it is already disabled).

  • UserInterface/Controllers/AuditManager.js:

(WI.AuditManager.prototype.loadStoredTests):
(WI.AuditManager.prototype.removeTest):
(WI.AuditManager.prototype._addDefaultTests): Added.
(WI.AuditManager.prototype.addDefaultTestsIfNeeded): Deleted.

  • UserInterface/Views/AuditNavigationSidebarPanel.js:

(WI.AuditNavigationSidebarPanel.prototype._addTest):
(WI.AuditNavigationSidebarPanel.prototype._updateStartStopButtonNavigationItemState):
(WI.AuditNavigationSidebarPanel.prototype._updateNoAuditsPlaceholder):
(WI.AuditNavigationSidebarPanel.prototype._handleAuditTestRemoved):

  • UserInterface/Views/AuditNavigationSidebarPanel.css:

(.sidebar > .panel.navigation.audit.has-results > .content > .message-text-view.no-enabled-audits): Added.
(.sidebar > .panel.navigation.audit.has-results:not(.has-tests) > .content > .message-text-view): Deleted.
(.sidebar > .panel.navigation.audit.has-results:not(.has-tests) > .content > .message-text-view > .message): Deleted.
(.sidebar > .panel.navigation.audit.has-results:not(.has-tests) > .content > .message-text-view > button): Deleted.

  • Localizations/en.lproj/localizedStrings.js:
1:43 PM Changeset in webkit [244038] by ysuzuki@apple.com
  • 10 edits
    2 adds in trunk

Unreviewed, rolling in r243948 with test fix
https://bugs.webkit.org/show_bug.cgi?id=196486

JSTests:

  • stress/arrow-function-and-use-strict-directive.js: Added.
  • stress/arrow-function-syntax.js: Added.

(checkSyntax):
(checkSyntaxError):

Source/JavaScriptCore:

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createString):

  • parser/Lexer.cpp:

(JSC::Lexer<T>::parseMultilineComment):
(JSC::Lexer<T>::lexWithoutClearingLineTerminator):
(JSC::Lexer<T>::lex): Deleted.

  • parser/Lexer.h:

(JSC::Lexer::hasLineTerminatorBeforeToken const):
(JSC::Lexer::setHasLineTerminatorBeforeToken):
(JSC::Lexer<T>::lex):
(JSC::Lexer::prevTerminator const): Deleted.
(JSC::Lexer::setTerminator): Deleted.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::allowAutomaticSemicolon):
(JSC::Parser<LexerType>::parseSingleFunction):
(JSC::Parser<LexerType>::parseStatementListItem):
(JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::Parser<LexerType>::parseClass):
(JSC::Parser<LexerType>::parseExportDeclaration):
(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::Parser<LexerType>::parseYieldExpression):
(JSC::Parser<LexerType>::parseProperty):
(JSC::Parser<LexerType>::parsePrimaryExpression):
(JSC::Parser<LexerType>::parseMemberExpression):

  • parser/Parser.h:

(JSC::Parser::nextWithoutClearingLineTerminator):
(JSC::Parser::lexCurrentTokenAgainUnderCurrentContext):
(JSC::Parser::internalSaveLexerState):
(JSC::Parser::restoreLexerState):

LayoutTests:

The test relied on the wrong EOF token's offset. This patch also fixes the test.

  • inspector/runtime/parse-expected.txt:
  • inspector/runtime/parse.html:
1:32 PM Changeset in webkit [244037] by Antti Koivisto
  • 6 edits
    2 adds in trunk

Update touch-action region on property changes
https://bugs.webkit.org/show_bug.cgi?id=196608

Reviewed by Simon Fraser.

Source/WebCore:

Test: pointerevents/ios/touch-action-region-dynamic.html

  • rendering/EventRegion.cpp:

(WebCore::EventRegion::touchActionsForPoint const):

Correctly return 'auto' when nothing is found from the regions (this code is not used yet).

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::styleWillChange):

React to 'touch-action' property changes, similarly to 'pointer-events'.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::invalidateEventRegion):

Test if need to invalidate.

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::setContentsNeedDisplay):
(WebCore::RenderLayerBacking::setContentsNeedDisplayInRect):

Call invalidateEventRegion explicitly instead of relying on compositing update. This ensures
that we update the top level event region correctly when we have touch-actions.

LayoutTests:

  • pointerevents/ios/touch-action-region-dynamic-expected.txt: Added.
  • pointerevents/ios/touch-action-region-dynamic.html: Added.
1:31 PM Changeset in webkit [244036] by jfernandez@igalia.com
  • 20 edits
    6 adds in trunk

Implement white-space:break-spaces value
https://bugs.webkit.org/show_bug.cgi?id=177327

Reviewed by Myles Maxfield and Zalan Bujtas.

LayoutTests/imported/w3c:

Imoprted a few aditional tests from the CSS Text WPT suite that are relevant for this change.

  • web-platform-tests/css/css-text/overflow-wrap/overflow-wrap-break-word-008-expected.html: Added.
  • web-platform-tests/css/css-text/overflow-wrap/overflow-wrap-break-word-008.html: Added.
  • web-platform-tests/css/css-text/overflow-wrap/w3c-import.log:
  • web-platform-tests/css/css-text/parsing/white-space-valid-expected.txt:
  • web-platform-tests/css/css-text/white-space/break-spaces-003-expected.html: Added.
  • web-platform-tests/css/css-text/white-space/break-spaces-003.html: Added.
  • web-platform-tests/css/css-text/white-space/break-spaces-009-expected.html: Added.
  • web-platform-tests/css/css-text/white-space/break-spaces-009.html: Added.
  • web-platform-tests/css/css-text/white-space/w3c-import.log:

Source/WebCore:

Finally the CSS WG decided [1] to move back the 'break-spaces' value to
the 'white-space' property. This makes the parsing logic easier than
the previous approach of using the 'overflow-wrap' property.

This new value prevents the white-space sequence to collapse and gives
breaking opportunities after every preserved white-space.

https://drafts.csswg.org/css-text-3/#valdef-white-space-break-spaces

Additionally, unlike 'pre-wrap', non-collapsible spaces or tabs at the
end of a line cannot be hung or visually collapsed, since we want them
to be preserved and broken.

[1] https://github.com/w3c/csswg-drafts/pull/2841

Tests: imported/w3c/web-platform-tests/css/css-text/overflow-wrap/overflow-wrap-break-word-008.html

imported/w3c/web-platform-tests/css/css-text/white-space/break-spaces-003.html
imported/w3c/web-platform-tests/css/css-text/white-space/break-spaces-009.html

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): New mapping for CSSVaueBreakSpaces.
(WebCore::CSSPrimitiveValue::operator WhiteSpace const): New value BreakSpaces for the Whitespace enum.

  • css/CSSProperties.json: new 'break-spaces' value for the 'white-space' property.
  • css/CSSValueKeywords.in: new break-spaces keyword
  • css/parser/CSSParserFastPaths.cpp:

(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):

  • rendering/SimpleLineLayout.cpp: The SimpleLineLayut codepath must handle properly the new behavior of preserved whitespaces.

(WebCore::SimpleLineLayout::LineState::hasTrailingWhitespace const): Require that m_trailingWhitespaceWidth being greater than zero.
(WebCore::SimpleLineLayout::LineState::hasWhitespaceFragments const): New function to detect former whitespae fragments that could be breaking opportunities.
(WebCore::SimpleLineLayout::removeTrailingWhitespace): The 'break-spaces' feature forbids to remove any trailing whitespace.
(WebCore::SimpleLineLayout::firstFragment): We have now leading whitespace sequences comming from the previous line.
(WebCore::SimpleLineLayout::createLineRuns): We should revert some breaking opportunities if others were formerly found in the line.

  • rendering/SimpleLineLayoutTextFragmentIterator.cpp:

(WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style): New style fields to determine whether the break-space feature is being used. Also split out the break-all and breal-all values.

  • rendering/SimpleLineLayoutTextFragmentIterator.h:
  • rendering/line/BreakingContext.h: Different codepath but similar changes to properly handle the new behavior of preserved whitespace.

(WebCore::BreakingContext::BreakingContext): New class field to determine whether there are some whitespace that may prevent the word ot be broken.
(WebCore::BreakingContext::handleText): New line-breaking logic to implement the break-spaces behavior.
(WebCore::BreakingContext::trailingSpacesHang): Cases where the preserved breakspaces should hand or overflow.

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::collapseWhiteSpace): With break-spaces collapsing whitespaces is not allowed.
(WebCore::RenderStyle::breakOnlyAfterWhiteSpace const): Add the WhiteSpace::BreakSpaces to this group.

  • rendering/style/RenderStyleConstants.h: A new constan added.

LayoutTests:

Removed many failure expectations of tests that pass now thanks to this change.

The overflow-wrap-break-word-003.html tests fails in mac and iOS platforms due to an issue related to
how we compute widths using 'ch' units and 'monospace' fonts. I filed bug #196169 to report the specific
case of this test (break-word+pre-wrap) but the root cause it's probably the bug #196353.

I have submitted a PR [1] to the Web Platform Tests to change several tests that failed only if the
monospace font is used, but pass with the Ahem font. Additionally, I've requested another PR [2] to
add new layout tests, with the same case than overflow-wrap-break-word-003.html but using the Ahem
font.

[1] https://github.com/web-platform-tests/wpt/pull/16137
[2] https://github.com/web-platform-tests/wpt/pull/16124

  • TestExpectations: Removed many Failure entries on tests that pass now thanks to this change.
  • platform/mac/TestExpectations: Added one Failure entry and filed the corresponding bug report.
1:24 PM Changeset in webkit [244035] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit

Make HSTS list handling more robust against unexpected content
https://bugs.webkit.org/show_bug.cgi?id=196552
<rdar://problem/43403817>

Reviewed by Chris Dumez.

Crash logs indicate we sometimes encounter null key values during processing.
This patch adds some debug assertions to catch this in test environments, and
allows the code to skip the bad entries if encountered.

It also avoids calling CFDictionaryApplyFunction when the HSTS policies returned
by _CFNetworkCopyHSTSPolicies is nullptr, which is a possible return value.

  • NetworkProcess/cocoa/NetworkProcessCocoa.mm:

(WebKit::filterPreloadHSTSEntry):
(WebKit::NetworkProcess::getHostNamesWithHSTSCache):

1:22 PM Changeset in webkit [244034] by youenn@apple.com
  • 3 edits in trunk/Source/WebCore

LibWebRTCMediaEndpoint does not need to hop to the signaling thread to gather stats
https://bugs.webkit.org/show_bug.cgi?id=196697
<rdar://problem/47477113>

Reviewed by Eric Carlson.

It is not thread safe to use m_backend in another thread than the main thread.
It is not useful anymore to hop to the signaling thread to gather stats.
No change of behavior.

  • Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:

(WebCore::LibWebRTCMediaEndpoint::getStats):
(WebCore::LibWebRTCMediaEndpoint::gatherStatsForLogging):

12:31 PM Changeset in webkit [244033] by Brian Burg
  • 7 edits in trunk/Source/WebKit

Web Automation: clean up some WebAutomationSession methods to use modern async IPC
https://bugs.webkit.org/show_bug.cgi?id=196168

Reviewed by Devin Rousso.

Modern WebKit IPC is capable of providing completion handlers and can track callback IDs.
So, most messages between WebAutomationSession and its proxy can use this facility and stop
keeping track of callback IDs manually. This makes most code easier to read on both the
sender and receiver side.

There are two cases that could not be converted:

  • For evaluateJavaScript, we cannot use async IPC because WebAutomationSession expects to

be able to cancel all pending replies when a page navigates away, the web process crashes,
or when handling an alert.

  • For takeScreenshot, there is not currently support in the modern async IPC code paths for

sending the result back. ShareableBitmap and friends lack a modern decoder implementation.

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::resolveChildFrameHandle):
(WebKit::WebAutomationSession::resolveParentFrameHandle):
(WebKit::WebAutomationSession::computeElementLayout):
(WebKit::WebAutomationSession::selectOptionElement):
(WebKit::WebAutomationSession::getAllCookies):
(WebKit::WebAutomationSession::deleteSingleCookie):
(WebKit::WebAutomationSession::viewportInViewCenterPointOfElement):
(WebKit::WebAutomationSession::didResolveChildFrame): Deleted.
(WebKit::WebAutomationSession::didResolveParentFrame): Deleted.
(WebKit::WebAutomationSession::didComputeElementLayout): Deleted.
(WebKit::WebAutomationSession::didSelectOptionElement): Deleted.
(WebKit::WebAutomationSession::didGetCookiesForFrame): Deleted.
(WebKit::WebAutomationSession::didDeleteCookie): Deleted.

  • UIProcess/Automation/WebAutomationSession.h:
  • UIProcess/Automation/WebAutomationSession.messages.in:
  • WebProcess/Automation/WebAutomationSessionProxy.cpp:

(WebKit::WebAutomationSessionProxy::resolveChildFrameWithOrdinal):
(WebKit::WebAutomationSessionProxy::resolveChildFrameWithNodeHandle):
(WebKit::WebAutomationSessionProxy::resolveChildFrameWithName):
(WebKit::WebAutomationSessionProxy::resolveParentFrame):
(WebKit::WebAutomationSessionProxy::computeElementLayout):
(WebKit::WebAutomationSessionProxy::selectOptionElement):
(WebKit::WebAutomationSessionProxy::getCookiesForFrame):
(WebKit::WebAutomationSessionProxy::deleteCookie):

  • WebProcess/Automation/WebAutomationSessionProxy.h:
  • WebProcess/Automation/WebAutomationSessionProxy.messages.in:
11:50 AM Changeset in webkit [244032] by graouts@webkit.org
  • 2 edits in trunk/Source/WebCore

[ Mac WK2 iOS Debug ] REGRESSION(r233667) Layout Test imported/w3c/web-platform-tests/web-animations/interfaces/DocumentTimeline/constructor.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=195233
<rdar://problem/48527231>

Reviewed by Dean Jackson.

We need to create the "main" document timeline (document.timeline) if it doesn't already exist and use its current time as a basis for any other DocumentTimeline instance.

  • animation/DocumentTimeline.cpp:

(WebCore::DocumentTimeline::currentTime):

11:49 AM Changeset in webkit [244031] by graouts@webkit.org
  • 5 edits
    2 adds in trunk

[Web Animations] JS wrapper may be deleted while animation is yet to dispatch its finish event
https://bugs.webkit.org/show_bug.cgi?id=196118
<rdar://problem/46614137>

Reviewed by Chris Dumez.

Source/WebCore:

Test: webanimations/js-wrapper-kept-alive.html

We need to teach WebAnimation to keep its JS wrapper alive if it's relevant or could become relevant again by virtue of having a timeline.
We also need to ensure that the new implementation of hasPendingActivity() does not interfere with the ability of pages to enter the page
cache when running animations.

  • animation/WebAnimation.cpp:

(WebCore::WebAnimation::canSuspendForDocumentSuspension const):
(WebCore::WebAnimation::stop):
(WebCore::WebAnimation::hasPendingActivity const):

  • animation/WebAnimation.h:

LayoutTests:

Add a test that starts a short animation, sets a custom property on it, registers a "finish" event listener on it and deletes
the sole reference to it in the JS world before triggering garbage collection. Prior to this fix, this test would time out
because the JS wrapper would be garbage-collected prior to the animation completing and thus the event listener would not
be called. To complete successfully, this test checks that it receives the event and its target is the same animation object
that was originally created by checking the custom property is still set.

We also make sure that a test, which was found to have regressed with a previous version of this patch, uses the animation
engine that it is expected to be testing.

  • legacy-animation-engine/animations/resume-after-page-cache.html:
  • webanimations/js-wrapper-kept-alive-expected.txt: Added.
  • webanimations/js-wrapper-kept-alive.html: Added.
11:45 AM Changeset in webkit [244030] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

REGRESSION(236463) DownloadManager can call a null CompletionHandler
https://bugs.webkit.org/show_bug.cgi?id=196414
<rdar://problem/48389434>

Reviewed by Geoff Garen.

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::convertToDownload):
DownloadManager::continueDecidePendingDownloadDestination is being called when there is no completion handler.
r236463 introduced an unchecked code path that can allow this to happen.

11:09 AM Changeset in webkit [244029] by commit-queue@webkit.org
  • 4 edits
    3 adds in trunk

AX: <svg> elements with labels and no accessible contents are exposed as empty AXGroups
https://bugs.webkit.org/show_bug.cgi?id=156774

Patch by Eric Liang <ericliang@apple.com> on 2019-04-08
Reviewed by Chris Fleizach.

Source/WebCore:

Labelled SVGs without accessible descendants are exposed as AXImage rather than groups.

Unlabelled equivalents are not exposed. Otherwise, SVGs with accessible descendants are exposed as AXGroup.
Also added back functionalities from last patch of determining whether a SVG element should be ignored.

Test: accessibility/svg-shape-labelled.html

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::updateRoleAfterChildrenCreation):

  • accessibility/AccessibilitySVGElement.cpp:

(WebCore::AccessibilitySVGElement::computeAccessibilityIsIgnored const):

LayoutTests:

Added tests that verify svgs shapes that are labelled are exposed as images.

  • accessibility/resources/apple-logo.svg: Added.
  • accessibility/svg-shape-labelled-expected.txt: Added.
  • accessibility/svg-shape-labelled.html: Added.
11:01 AM Changeset in webkit [244028] by Ryan Haddad
  • 7 edits
    2 deletes in trunk

Unreviewed, rolling out r243948.

Caused inspector/runtime/parse.html to fail

Reverted changeset:

"SIGSEGV in JSC::BytecodeGenerator::addStringConstant"
https://bugs.webkit.org/show_bug.cgi?id=196486
https://trac.webkit.org/changeset/243948

10:29 AM Changeset in webkit [244027] by youenn@apple.com
  • 5 edits in trunk/Source/WebCore

Make sure UniqueIDBDatabaseConnection unregisters itself even if its database is gone
https://bugs.webkit.org/show_bug.cgi?id=196651

Reviewed by Brady Eidson.

In UniqueIDBDatabase methods, many operations are refing the transaction
so that it stays alive until a quota check decision is made.
This extends the lifetime of the transaction which may be lasting
longer than its database that may be cleared without waiting for the quota check decisions.

We therefore need to make sure that the transaction is cleaning itself correctly at destruction time.

Make sure that the transaction is unregistering itself from its IDBServer.
To do so, the transaction keeps a weak ref to the IDBServer.

This is timing sensitive hence difficult to test.

  • Modules/indexeddb/server/IDBServer.h:
  • Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:

(WebCore::IDBServer::UniqueIDBDatabaseConnection::didAbortTransaction):
Like done below for UniqueIDBDatabaseConnection::didCommitTransaction,
add a check to ensure that either the database is we are in an error case.

  • Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:

(WebCore::IDBServer::UniqueIDBDatabaseTransaction::UniqueIDBDatabaseTransaction):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::~UniqueIDBDatabaseTransaction):

  • Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:
10:29 AM Changeset in webkit [244026] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

Layout tests imported/w3c/IndexedDB-private-browsing/idbobjectstore_createIndex7-event_order.html
imported/w3c/IndexedDB-private-browsing/idbobjectstore_createIndex6-event_order.html are flaky failures
https://bugs.webkit.org/show_bug.cgi?id=195961

Unreviewed test gardening

  • platform/mac-wk2/TestExpectations: Updating test expectations for Debug flaky failure
10:27 AM Changeset in webkit [244025] by chris.reid@sony.com
  • 2 edits in trunk/Source/WebCore

Undefined Behavior: m_experimentalImageMenuEnabled isn't initialized in HTMLImageElement when SERVICE_CONTROLS is disabled
https://bugs.webkit.org/show_bug.cgi?id=196664

Reviewed by Ross Kirsling.

No observable change in behavior.

Initialize m_experimentalImageMenuEnabled regardless of ENABLE(SERVICE_CONTROLS)

  • html/HTMLImageElement.cpp:
10:09 AM Changeset in webkit [244024] by bshafiei@apple.com
  • 3 edits
    1 add in tags/Safari-608.1.15

Cherry-pick r243967. rdar://problem/49589308

REGRESSION (r243642): Crash in reddit.com page
https://bugs.webkit.org/show_bug.cgi?id=196684

Reviewed by Geoffrey Garen.

JSTests:

New regression test.

  • stress/regexp-nongreedy-charclass-backtracks.js: Added.

Source/JavaScriptCore:

In r243642, the code that saves and restores the count for non-greedy character classes
was inadvertently put inside an if statement. This code should be generated for all
non-greedy character classes.

  • yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy): (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243967 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:09 AM Changeset in webkit [244023] by bshafiei@apple.com
  • 5 edits in tags/Safari-608.1.15

Cherry-pick r243839. rdar://problem/49589308

REGRESSION (r243642): com.apple.JavaScriptCore crash in JSC::RegExpObject::execInline
https://bugs.webkit.org/show_bug.cgi?id=196477

Reviewed by Keith Miller.

Source/JavaScriptCore:

The problem here is that when we advance the index by 2 for a character class that only
has non-BMP characters, we might go past the end of the string. This can happen for
greedy counted character classes that are part of a alternative where there is one
character to match after the greedy non-BMP character class.

The "do we have string left to match" check at the top of the JIT loop for the counted
character class checks to see if index is not equal to the string length. For non-BMP
character classes, we need to check to see if there are at least 2 characters left.
Therefore we now temporarily add 1 to the current index before comparing. This checks
to see if there are iat least 2 characters left to match, instead of 1.

  • yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::generateCharacterClassGreedy): (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):

LayoutTests:

Updated the test with a couple more test cases to test a few variants of this bug.
Also added a couple of non-greedy counted non-BMP character class tests that don't have
the bug just to be sure.

  • js/regexp-unicode-expected.txt:
  • js/script-tests/regexp-unicode.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243839 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:09 AM Changeset in webkit [244022] by bshafiei@apple.com
  • 9 edits in tags/Safari-608.1.15/Source/JavaScriptCore

Cherry-pick r243642. rdar://problem/49589308

[YARR] Precompute BMP / non-BMP status when constructing character classes
https://bugs.webkit.org/show_bug.cgi?id=196296

Reviewed by Keith Miller.

Changed CharacterClass::m_hasNonBMPCharacters into a character width bit field which
indicateis if the class includes characters from either BMP, non-BMP or both ranges.
This allows the recognizing code to eliminate checks for the width of a matched
characters when the class has only one width. The character width is needed to
determine if we advance 1 or 2 character. Also, the pre-computed width of character
classes that contains either all BMP or all non-BMP characters allows the parser to
use fixed widths for terms using those character classes. Changed both the code gen
scripts and Yarr compiler to compute this bit field during the construction of
character classes.

For JIT'ed code of character classes that contain either all BMP or all non-BMP
characters, we can eliminate the generic check we were doing do compute how much
to advance after sucessfully matching a character in the class.

Generic isBMP check BMP only non-BMP only
-------------- -------------- --------------
inc %r9d inc %r9d add $0x2, %r9d
cmp $0x10000, %eax
jl isBMP
cmp %edx, %esi
jz atEndOfString
inc %r9d
inc %esi

isBMP:

For character classes that contained non-BMP characters, we were always generating
the code in the left column. The middle column is the code we generate for character
classes that contain only BMP characters. The right column is the code we now
generate if the character class has only non-BMP characters. In the fix width cases,
we can eliminate both the isBMP check as well as the atEndOfString check. The
atEndOfstring check is eliminated since we know how many characters this character
class requires and that check can be factored out to the beginning of the current
alternative. For character classes that contain both BMP and non-BMP characters,
we still generate the generic left column.

This change is a ~8% perf progression on UniPoker and a ~2% improvement on RexBench
as a whole.

  • runtime/RegExp.cpp: (JSC::RegExp::matchCompareWithInterpreter):
  • runtime/RegExpInlines.h: (JSC::RegExp::matchInline):
  • yarr/YarrInterpreter.cpp: (JSC::Yarr::Interpreter::checkCharacterClassDontAdvanceInputForNonBMP): (JSC::Yarr::Interpreter::matchCharacterClass):
  • yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::optimizeAlternative): (JSC::Yarr::YarrGenerator::matchCharacterClass): (JSC::Yarr::YarrGenerator::advanceIndexAfterCharacterClassTermMatch): (JSC::Yarr::YarrGenerator::tryReadUnicodeCharImpl): (JSC::Yarr::YarrGenerator::generateCharacterClassOnce): (JSC::Yarr::YarrGenerator::generateCharacterClassFixed): (JSC::Yarr::YarrGenerator::generateCharacterClassGreedy): (JSC::Yarr::YarrGenerator::backtrackCharacterClassGreedy): (JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy): (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy): (JSC::Yarr::YarrGenerator::generateEnter): (JSC::Yarr::YarrGenerator::YarrGenerator): (JSC::Yarr::YarrGenerator::compile):
  • yarr/YarrPattern.cpp: (JSC::Yarr::CharacterClassConstructor::CharacterClassConstructor): (JSC::Yarr::CharacterClassConstructor::reset): (JSC::Yarr::CharacterClassConstructor::charClass): (JSC::Yarr::CharacterClassConstructor::addSorted): (JSC::Yarr::CharacterClassConstructor::addSortedRange): (JSC::Yarr::CharacterClassConstructor::hasNonBMPCharacters): (JSC::Yarr::CharacterClassConstructor::characterWidths): (JSC::Yarr::PatternTerm::dump): (JSC::Yarr::anycharCreate):
  • yarr/YarrPattern.h: (JSC::Yarr::operator|): (JSC::Yarr::operator&): (JSC::Yarr::operator|=): (JSC::Yarr::CharacterClass::CharacterClass): (JSC::Yarr::CharacterClass::hasNonBMPCharacters): (JSC::Yarr::CharacterClass::hasOneCharacterSize): (JSC::Yarr::CharacterClass::hasOnlyNonBMPCharacters): (JSC::Yarr::PatternTerm::invert const): (JSC::Yarr::PatternTerm::invert): Deleted.
  • yarr/create_regex_tables:
  • yarr/generateYarrUnicodePropertyTables.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243642 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9:32 AM Changeset in webkit [244021] by aakash_jain@apple.com
  • 3 edits in trunk/Tools

[ews-build] Do not upload archive when Compile Fails
https://bugs.webkit.org/show_bug.cgi?id=196674

Reviewed by Alexey Proskuryakov.

  • BuildSlaveSupport/ews-build/factories.py:

(BuildFactory.init): Remove steps which require dynamic decision about whether to run or not.

  • BuildSlaveSupport/ews-build/steps.py:

(CompileWebKit.evaluateCommand): Dynamically decide which steps to run based on compile status.
(CompileWebKitToT.evaluateCommand): Explicitly override Compile.evaluateCommand so that it
doesn't inherit CompileWebKit.evaluateCommand which dynamically adds more steps.

8:51 AM Changeset in webkit [244020] by Ryan Haddad
  • 7 edits in trunk

Unreviewed, rolling out r243943.

Caused test262 failures.

Reverted changeset:

"[JSC] Filter DontEnum properties in
ProxyObject::getOwnPropertyNames()"
https://bugs.webkit.org/show_bug.cgi?id=176810
https://trac.webkit.org/changeset/243943

7:45 AM Changeset in webkit [244019] by Claudio Saavedra
  • 11 edits in trunk/Source/JavaScriptCore

[JSC] Partially fix the build with unified builds disabled
https://bugs.webkit.org/show_bug.cgi?id=196647

Reviewed by Konstantin Tokarev.

If you disable unified builds you find all kind of build
errors. This partially tries to fix them but there's a lot
more.

  • API/JSBaseInternal.h:
  • b3/air/AirAllocateRegistersAndStackAndGenerateCode.cpp:
  • b3/air/AirHandleCalleeSaves.h:
  • bytecode/ExecutableToCodeBlockEdge.cpp:
  • bytecode/ExitFlag.h:
  • bytecode/ICStatusUtils.h:
  • bytecode/UnlinkedMetadataTable.h:
  • dfg/DFGPureValue.h:
  • heap/IsoAlignedMemoryAllocator.cpp:
  • heap/IsoAlignedMemoryAllocator.h:
5:41 AM WebKitGTK/2.24.x edited by Carlos Garcia Campos
(diff)
5:40 AM Changeset in webkit [244018] by Carlos Garcia Campos
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243828 - Documents can be destroyed before their CSSFontFaceSet is destroyed
https://bugs.webkit.org/show_bug.cgi?id=195830

Reviewed by Darin Adler.

Source/WebCore:

CSSFontFaceSet has a raw pointer to its owning document. JS can keep the CSSFontFaceSet alive (by using FontFaceSet)
and can destroy the document at any time. When the document is destroyed, the link between the two objects needs to
be severed.

Test: fast/text/font-face-set-destroy-document.html

  • css/CSSFontFace.cpp:

(WebCore::CSSFontFace::CSSFontFace):

  • css/CSSFontFace.h:
  • css/CSSFontFaceSet.cpp:

(WebCore::CSSFontFaceSet::CSSFontFaceSet):
(WebCore::CSSFontFaceSet::ensureLocalFontFacesForFamilyRegistered):

  • css/CSSFontFaceSet.h:
  • css/CSSFontSelector.cpp:

(WebCore::CSSFontSelector::CSSFontSelector):
(WebCore::CSSFontSelector::addFontFaceRule):

  • css/CSSFontSelector.h:
  • css/FontFace.cpp:

(WebCore::FontFace::FontFace):

LayoutTests:

  • fast/text/font-face-set-destroy-document-expected.html: Added.
  • fast/text/font-face-set-destroy-document.html: Added.
5:39 AM Changeset in webkit [244017] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243820 - Crash in HTMLCanvasElement::createContext2d after the element got adopted to a new document
https://bugs.webkit.org/show_bug.cgi?id=196527

Reviewed by Antti Koivisto.

We need to update CanvasBase::m_scriptExecutionContext when HTMLCanvasElement moves from
one document to another. Fixed the bug by making CanvasBase::scriptExecutionContext make
a virtual function call instead of directly storing a raw pointer. In HTMLCanvasElement,
we use Node::scriptExecutionContext(). Use ContextDestructionObserver in CustomPaintCanvas
and OffscreenCanvas instead of a raw pointer.

Unfortunately, no new tests since there is no reproducible test case.

  • html/CanvasBase.cpp:

(WebCore::CanvasBase::CanvasBase):

  • html/CanvasBase.h:

(WebCore::CanvasBase::scriptExecutionContext const):

  • html/CustomPaintCanvas.cpp:

(WebCore::CustomPaintCanvas::CustomPaintCanvas):

  • html/CustomPaintCanvas.h:
  • html/HTMLCanvasElement.cpp:

(WebCore::HTMLCanvasElement::HTMLCanvasElement):

  • html/HTMLCanvasElement.h:
  • html/OffscreenCanvas.cpp:

(WebCore::OffscreenCanvas::OffscreenCanvas):

  • html/OffscreenCanvas.h:
5:39 AM Changeset in webkit [244016] by Carlos Garcia Campos
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.24

BackwardsGraph needs to consider back edges as the backward's root successor
https://bugs.webkit.org/show_bug.cgi?id=195991

Reviewed by Filip Pizlo.

JSTests:

  • stress/map-b3-licm-infinite-loop.js: Added.

Source/JavaScriptCore:

  • b3/testb3.cpp:

(JSC::B3::testInfiniteLoopDoesntCauseBadHoisting):
(JSC::B3::run):

Source/WTF:

Previously, our backwards graph analysis was slightly wrong. The idea of
backwards graph is that the root of the graph has edges to terminals in
the original graph. And then the original directed edges in the graph are flipped.

However, we weren't considering loops as a form of terminality. For example,
we wouldn't consider an infinite loop as a terminal. So there were no edges
from the root to a node in the infinite loop. This lead us to make mistakes
when we used backwards dominators to compute control flow equivalence.

This is better understood in an example:

`
preheader:
while (1) {

if (!isCell(v))

continue;

load structure ID
if (cond)

continue;

return

}
`

In the previous version of this algorithm, the only edge from the backwards
root would be to the block containing the return. This would lead us to
believe that the loading of the structureID backwards dominates the preheader,
leading us to believe it's control flow equivalent to preheader. This is
obviously wrong, since we can loop forever if "v" isn't a cell.

The solution here is to treat any backedge in the graph as a "terminal" node.
Since a backedge implies the existence of a loop.

In the above example, the backwards root now has an edge to both blocks with
"continue". This prevents us from falsely claiming that the return is control
flow equivalent with the preheader.

This patch uses DFS spanning trees to compute back edges. An edge
u->v is a back edge when u is a descendent of v in the DFS spanning
tree of the Graph.

  • WTF.xcodeproj/project.pbxproj:
  • wtf/BackwardsGraph.h:

(WTF::BackwardsGraph::BackwardsGraph):

  • wtf/SpanningTree.h: Added.

(SpanningTree::SpanningTree):
(SpanningTree::isDescendent):

5:39 AM Changeset in webkit [244015] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243506 - vertexAttribPointer must restrict offset parameter
https://bugs.webkit.org/show_bug.cgi?id=196261
<rdar://problem/48458086>

Reviewed by Antoine Quint.

Source/WebCore:

This WebGL function should fail if the offset parameter is
not within [0, max 32-bit int].

Test: fast/canvas/webgl/vertexAttribPointer-with-bad-offset.html

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::vertexAttribPointer):

LayoutTests:

Add a test where the offset parameter is out of bounds.

  • fast/canvas/webgl/vertexAttribPointer-with-bad-offset-expected.txt: Added.
  • fast/canvas/webgl/vertexAttribPointer-with-bad-offset.html: Added.
5:39 AM Changeset in webkit [244014] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243341 - Inband Text Track cues interspersed with Data cues can display out of order.
https://bugs.webkit.org/show_bug.cgi?id=196095

Reviewed by Eric Carlson.

The compareCueIntervalForDisplay() comparator depends on a virtual function, isPositionedAbove(TextTrackCue* other),
but this comparison returns inconsistent results for cueA->isPositionedAbove(cueB) and cueB->isPositionedAbove(cueA)
if the two cues are different subclasses of TextTrackCue.

The underlying algorithm should be fixed in a future patch, but for now, remove all non-displaying cues from the array
of activeCues before sorting, rather than after when iterating over the sorted list of activeCues.

  • html/shadow/MediaControlElements.cpp:

(WebCore::MediaControlTextTrackContainerElement::updateDisplay):

5:39 AM Changeset in webkit [244013] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243331 - Do not insert the first-letter anonymous container until after we've constructed the first-letter renderer.
https://bugs.webkit.org/show_bug.cgi?id=195919
<rdar://problem/48573434>

Reviewed by Brent Fulgham.

Source/WebCore:

When the container is injected too early, we might end up removing it as part of the collapsing logic
while the text renderer is being removed (replaced with the first letter + remaining text).

Test: fast/css/first-letter-and-float-crash.html

  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

LayoutTests:

  • fast/css/first-letter-and-float-crash-expected.txt: Added.
  • fast/css/first-letter-and-float-crash.html: Added.
  • platform/mac/TestExpectations:
5:39 AM Changeset in webkit [244012] by Carlos Garcia Campos
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243233 - appendChild should throw when inserting an ancestor of a template into its content adopted to another document
https://bugs.webkit.org/show_bug.cgi?id=195984

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaselined the test that is not fully passing.

  • web-platform-tests/html/semantics/scripting-1/the-template-element/template-element/template-content-hierarcy-expected.txt:

Source/WebCore:

The WPT test caught a bug that appendChild and other DOM insertion functions were incorrectly assuming that
any node that's in a HTML template element has the current document's template document as its owner.
The assumption is wrong when the template element's content DocumentFragment is adopted to another document.

Fixed the bug by always checking the ancestor host elements in checkAcceptChild. Also

Test: fast/dom/insert-template-parent-into-adopted-content.html

  • dom/ContainerNode.cpp:

(WebCore::isInTemplateContent): Deleted. This code is simply wrong.
(WebCore::containsConsideringHostElements): Deleted. Call sites are updated to use containsIncludingHostElements.
(WebCore::containsIncludingHostElements): Moved from Node.cpp and optimized this code a bit. It's more efficient
to get the parent node and check for ShadowRoot and DocumentFragment only when the parent is null than to check
for those two node types before getting the parent node.
(WebCore::checkAcceptChild): Merged two code paths to call containsIncludingHostElements. The early return for
a pseudo element is there only to prevent tree corruption in release build even in the presence of a major bug
so it shouldn't be an spec compliance issue.

  • dom/Node.cpp:

(WebCore::Node::containsIncludingHostElements const): Deleted.

  • dom/Node.h:

LayoutTests:

Added a regression test.

  • fast/dom/insert-template-parent-into-adopted-content-expected.txt: Added.
  • fast/dom/insert-template-parent-into-adopted-content.html: Added.
5:39 AM Changeset in webkit [244011] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243291 - Fix possible memory leak when dismissing a color picker
https://bugs.webkit.org/show_bug.cgi?id=196026
<rdar://problem/48778568>

Reviewed by Wenson Hsieh.

Fix a problem with WebPageProxy::endColorPicker where an early return could leave a color picker
with a +1 reference count after dismissing it.

  • UIProcess/WebColorPicker.cpp:

(WebKit::WebColorPicker::endPicker):

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::endColorPicker):
(WebKit::WebPageProxy::didEndColorPicker):

5:39 AM Changeset in webkit [244010] by Carlos Garcia Campos
  • 8 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r243280 - Cap length of an array with spread to MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH.
https://bugs.webkit.org/show_bug.cgi?id=196055
<rdar://problem/49067448>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/new_array_with_spread-should-cap-array-size-to-MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH.js: Added.

Source/JavaScriptCore:

We are doing this because:

  1. We expect the array to be densely packed.
  2. SpeculativeJIT::compileAllocateNewArrayWithSize() (and the FTL equivalent) expects the array length to be less than MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH if we don't want to use an ArrayStorage shape.
  3. There's no reason why an array with spread needs to be that large anyway. MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH is plenty.

In this patch, we also add a debug assert in compileAllocateNewArrayWithSize() and
emitAllocateButterfly() to check for overflows.

  • assembler/AbortReason.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCreateRest):
(JSC::DFG::SpeculativeJIT::compileNewArrayWithSpread):
(JSC::DFG::SpeculativeJIT::emitAllocateButterfly):
(JSC::DFG::SpeculativeJIT::compileAllocateNewArrayWithSize):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayWithSpread):

  • runtime/ArrayConventions.h:
  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

5:39 AM Changeset in webkit [244009] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/LayoutTests

Merge r243182 - Rebaseline the test after r243175. It got somehow landed with failing expectations.

  • fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt:
5:39 AM Changeset in webkit [244008] by Carlos Garcia Campos
  • 3 edits
    18 adds in releases/WebKitGTK/webkit-2.24

Merge r243175 - Reparenting during a mutation event inside appendChild could result in a circular DOM tree
https://bugs.webkit.org/show_bug.cgi?id=192825

Reviewed by Zalan Bujtas.

Source/WebCore:

The bug was caused by appendChildWithoutPreInsertionValidityCheck, insertBefore and replaceChild
checking the circular dependency against newChild instead of targets even though when newChild
is a document fragment, appendChildWithoutPreInsertionValidityCheck inserts the children of
the document fragment. Fixed the bug by checking the circular dependency against each target child.

Also fixed the bug that checkAcceptChildGuaranteedNodeTypes was not considering shadow inclusive
ancestors or template host elements.

Tests: fast/dom/append-child-with-mutation-event-removal-and-circular-insertion.html

fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion.html

  • dom/ContainerNode.cpp:

(WebCore::checkAcceptChildGuaranteedNodeTypes):
(WebCore::ContainerNode::insertBefore):
(WebCore::ContainerNode::replaceChild):
(WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck):

LayoutTests:

Added regression tests.

  • fast/dom/append-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-insertion.html: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion.html: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion.html: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
5:39 AM Changeset in webkit [244007] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r243069 - Structure::flattenDictionary() should clear unused property slots.
https://bugs.webkit.org/show_bug.cgi?id=195871
<rdar://problem/48959497>

Reviewed by Michael Saboff.

JSTests:

  • stress/structure-flattenDictionary-should-clear-unused-property-slots.js: Added.

Source/JavaScriptCore:

It currently attempts to do this but fails because it's actually clearing up the
preCapacity region instead. The fix is simply to account for the preCapacity
when computing the start address of the property slots.

  • runtime/Structure.cpp:

(JSC::Structure::flattenDictionaryStructure):

5:39 AM Changeset in webkit [244006] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r242964 - Storing a Node in Ref/RefPtr inside its destructor results in double delete
https://bugs.webkit.org/show_bug.cgi?id=195661

Reviewed by Brent Fulgham.

Set Node::m_refCount to 1 before calling its virtual destructor.

This is a security mitigation to prevent any code which ends up storing the node to Ref / RefPtr
inside the destructor, which is a programming error caught by debug assertions, from triggering
a double-delete on the same Node.

Such a code would hit the debug assertions in Node::deref() because m_inRemovedLastRefFunction
had been set to true by then.

  • dom/Document.cpp:

(WebCore::Document::removedLastRef):

  • dom/Document.h:

(WebCore::Document::decrementReferencingNodeCount):

  • dom/Node.cpp:

(WebCore::Node::~Node):
(WebCore::Node::removedLastRef):

5:38 AM Changeset in webkit [244005] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r242943 - Cleanup inline boxes when list marker gets blockified
https://bugs.webkit.org/show_bug.cgi?id=195746
<rdar://problem/48049175>

Reviewed by Antti Koivisto.

Source/WebCore:

Normally when an element gets blockified (inline -> block) we destroy its renderer and construct a new one (RenderInline -> RenderBlock).
During this process the associated inline boxtree gets destroyed as well. Since RenderListMarker is just a generic RenderBox, the blockifying
change does not require a new renderer.
This patch takes care of destroying the inline boxtree when the marker gains block display type.

Test: fast/block/float/list-marker-is-float-crash.html

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::styleDidChange):

LayoutTests:

  • fast/block/float/list-marker-is-float-crash-expected.txt: Added.
  • fast/block/float/list-marker-is-float-crash.html: Added.
5:38 AM Changeset in webkit [244004] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r242921 - [WeakPtr] RenderListMarker::m_listItem should be a WeakPtr
https://bugs.webkit.org/show_bug.cgi?id=195704
<rdar://problem/48486278>

Reviewed by Simon Fraser.

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::RenderListMarker):
(WebCore::RenderListMarker::paint):
(WebCore::RenderListMarker::layout):
(WebCore::RenderListMarker::updateContent):
(WebCore::RenderListMarker::computePreferredLogicalWidths):
(WebCore::RenderListMarker::lineHeight const):
(WebCore::RenderListMarker::baselinePosition const):
(WebCore::RenderListMarker::suffix const):
(WebCore::RenderListMarker::isInside const):
(WebCore::RenderListMarker::getRelativeMarkerRect):

  • rendering/RenderListMarker.h:
5:38 AM Changeset in webkit [244003] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r242919 - Use RenderBox::previousSiblingBox/nextSiblingBox in RenderMultiColumnFlow
https://bugs.webkit.org/show_bug.cgi?id=195701
<rdar://problem/48448658>

Reviewed by Simon Fraser.

Source/WebCore:

It's safer to use existing RenderBox functions to get sibling boxes.

Test: fast/ruby/crash-when-paginated-ruby.html

  • rendering/RenderMultiColumnFlow.cpp:

(WebCore::RenderMultiColumnFlow::nextColumnSetOrSpannerSiblingOf):
(WebCore::RenderMultiColumnFlow::previousColumnSetOrSpannerSiblingOf):

LayoutTests:

  • fast/ruby/crash-when-paginated-ruby-expected.txt: Added.
  • fast/ruby/crash-when-paginated-ruby.html: Added.
5:38 AM Changeset in webkit [244002] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r242917 - Fix an edge case where HTMLFormElement::removeFormElement is invoked twice with the same element
https://bugs.webkit.org/show_bug.cgi?id=195663
<rdar://problem/48576391>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Currently, it's possible for HTMLFormControlElement's destructor to be reentrant. This may happen if the form
control element is ref'd while carrying out its destructor's logic. This may happen in two places in
HTMLFormControlElement (didChangeForm and resetDefaultButton), both of which actually don't require ensuring a
protected reference to the form control element since they should never result in any script execution.

To fix the bug, convert these strong references into raw pointers, and add ScriptDisallowedScope to ensure that
we don't change these codepaths in the future, such that they trigger arbitrary script execution.

Test: fast/forms/remove-associated-element-after-gc.html

  • html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::didChangeForm):

  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::resetDefaultButton):

LayoutTests:

Add a layout test to exercise the scenario described in the WebCore ChangeLog.

  • fast/forms/remove-associated-element-after-gc-expected.txt: Added.
  • fast/forms/remove-associated-element-after-gc.html: Added.
5:38 AM Changeset in webkit [244001] by Carlos Garcia Campos
  • 5 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r243989 - [CMake] Detect SSE2 at compile time
https://bugs.webkit.org/show_bug.cgi?id=196488

Patch by Xan Lopez <xan@igalia.com> on 2019-04-08
Reviewed by Carlos Garcia Campos.

.:

  • CMakeLists.txt: Use FindSSE2.cmake to detect SSE2 support.
  • Source/cmake/FindSSE2.cmake: Added.

Source/JavaScriptCore:

  • assembler/MacroAssemblerX86Common.cpp: Remove unnecessary (and

incorrect) static_assert.

5:32 AM Changeset in webkit [244000] by guijemont@igalia.com
  • 6 edits in trunk

Enable DFG on MIPS
https://bugs.webkit.org/show_bug.cgi?id=196689

Reviewed by Žan Doberšek.

Since the bytecode change, we enabled the baseline JIT on mips in
r240432, but DFG is still missing. With this change, all tests are
passing on a ci20 board.

Source/JavaScriptCore:

  • jit/RegisterSet.cpp:

(JSC::RegisterSet::calleeSaveRegisters):
Added s0, which is used in llint.

Source/WTF:

  • wtf/Platform.h: Enable DFG on MIPS by default.

Tools:

  • Scripts/run-jsc-stress-tests: Enable DFG tests on MIPS.
5:14 AM Changeset in webkit [243999] by commit-queue@webkit.org
  • 3 edits in trunk/Tools

[Flatpak] Second run update-webkitwpe-flatpak fails
https://bugs.webkit.org/show_bug.cgi?id=192702

Patch by Philippe Normand <pnormand@igalia.com> on 2019-04-08
Reviewed by Carlos Garcia Campos.

  • flatpak/flatpakutils.py:

(FlatpakObject.flatpak): Fix typo.
(FlatpakPackage.install): When installing, also update to the configured remote commit.

  • flatpak/org.webkit.WebKit.yaml: Update GNOME 3.28 SDK/runtime hashes.
3:44 AM Changeset in webkit [243998] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243866 - [GTK][WPE] Use a timer to request the creation of pending tiles
https://bugs.webkit.org/show_bug.cgi?id=196594

Reviewed by Žan Doberšek.

Use a timer to request pending tile creation, as calls to notifyFlushRequired() are discarded
while inside a layer flush.

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::CoordinatedGraphicsLayer):
(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):
(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
(WebCore::CoordinatedGraphicsLayer::requestPendingTileCreationTimerFired):

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
3:44 AM Changeset in webkit [243997] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24

Merge r243289 - [GLIB] User data not correctly passed to callback of functions and constructors with no parameters
https://bugs.webkit.org/show_bug.cgi?id=196073

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-03-21
Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

This is because GClosure always expects a first parameter as instance. In case of functions or constructors with
no parameters we insert a fake instance which is just a null pointer that is ignored by the callback. But
if the function/constructor has user data the callback will expect one parameter for the user data. In that case
we can simply swap instance/user data so that the fake instance will be the second argument and user data the
first one.

  • API/glib/JSCClass.cpp:

(jscClassCreateConstructor): Use g_cclosure_new_swap() if parameters is empty and user data was provided.

  • API/glib/JSCValue.cpp:

(jscValueFunctionCreate): Ditto.

Tools:

Add test cases to check functions and constructors with no arguments but receiving user data.

  • TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:

(checkUserData):
(testJSCFunction):
(fooCreateWithUserData):
(testJSCClass):

3:44 AM Changeset in webkit [243996] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24

Merge r243283 - [GLib] Returning G_TYPE_OBJECT from a method does not work
https://bugs.webkit.org/show_bug.cgi?id=195574

Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

Add more documentation to clarify the ownership of wrapped objects when created and when returned by functions.

  • API/glib/JSCCallbackFunction.cpp:

(JSC::JSCCallbackFunction::construct): Also allow to return boxed types from a constructor.

  • API/glib/JSCClass.cpp:
  • API/glib/JSCValue.cpp:

Tools:

Add new test cases to check the behavior of constructors and functions returning GObject and boxed types.

  • TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:

(getGFile):
(getParent):
(createGString):
(getGString):
(getGStringCopyWillRaise):
(getGStringCopy):
(getGStringStr):
(getGStringLen):
(freeGString):
(testJSCClass):

3:44 AM Changeset in webkit [243995] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r243200 - [GLIB] Optimize jsc_value_object_define_property_data|accessor
https://bugs.webkit.org/show_bug.cgi?id=195679

Reviewed by Saam Barati.

Use direct C++ call instead of using the JSC GLib API to create the descriptor object and invoke Object.defineProperty().

  • API/glib/JSCValue.cpp:

(jsc_value_object_define_property_data):
(jsc_value_object_define_property_accessor):

3:44 AM Changeset in webkit [243994] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Merge r243971 - [GTK][WPE] outlook.live.com displays old-fashioned UI
https://bugs.webkit.org/show_bug.cgi?id=196642

Reviewed by Carlos Garcia Campos.

Source/WebCore:

The new good looking UI is shown as long as pretend we're a Mac in the UA.

  • platform/UserAgentQuirks.cpp:

(WebCore::urlRequiresChromeBrowser):

Tools:

  • TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:

(TestWebKitAPI::TEST): New Mac platform quirk test.

3:23 AM Changeset in webkit [243993] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Merge r243608 - [WPE][GTK] webkit_web_resource_get_data_finish can return NULL without setting error
https://bugs.webkit.org/show_bug.cgi?id=186276

Reviewed by Carlos Garcia Campos.

Source/WebKit:

Currently it's possible for webkit_web_resource_get_data_finish() to return NULL without
setting the error parameter. This is illegal because it is an API guarantee (and a GObject
convention) that if an error parameter exists, it should be set whenever a function call
returns NULL. Epiphany correctly dereferences the error in this case without checking if it
is NULL, because it knows it does not have to, and crashes. Fix this. We'll return a byte
array of length 1 containing a NUL character. This isn't great, but there's not really any
better solution without deprecating the API or returning an error code to indicate an empty
resource, and it at least fixes the Epiphany crash.

This does not fix bug #186276, in which this function incorrectly returns no data when it
ought to. But that is a different bug. Now, at least we won't crash when no data is
available.

  • UIProcess/API/glib/WebKitWebResource.cpp:

(resourceDataCallback):

Tools:

  • TestWebKitAPI/Tests/WebKitGLib/TestResources.cpp:

(webViewLoadChanged):
(testWebResourceGetDataError):
(testWebResourceGetDataEmpty):
(beforeAll):
(webViewloadChanged): Deleted.

3:23 AM Changeset in webkit [243992] by Carlos Garcia Campos
  • 10 edits
    2 deletes in releases/WebKitGTK/webkit-2.24

Merge r243804 - Get rid of HTMLInputElement::setEditingValue
https://bugs.webkit.org/show_bug.cgi?id=196402

Reviewed by Darin Adler.

Source/WebCore:

HTMLInputElement::setEditingValue is only used for Epiphany password autofill. We did it
this way because that's what Chrome uses for autofill, but Apple uses
HTMLInputElement::setValueForUser. Let's switch to that instead, then we can get rid of
setEditingValue.

This fixes logging into ting.com after username and password are autofilled by Epiphany.
Before this change, the login would fail unless you first manually edit either the username
or the password field.

  • html/HTMLInputElement.cpp:

(WebCore::HTMLInputElement::setEditingValue): Deleted.

  • html/HTMLInputElement.h:
  • testing/Internals.cpp:

(WebCore::Internals::setEditingValue): Deleted.

  • testing/Internals.h:
  • testing/Internals.idl:

Source/WebKit:

  • WebProcess/InjectedBundle/API/glib/DOM/WebKitDOMElement.cpp:

(webkit_dom_element_html_input_element_set_editing_value):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLInputElement.cpp:

(webkit_dom_html_input_element_set_editing_value):

LayoutTests:

  • fast/forms/editing-value-expected.txt: Removed.
  • fast/forms/editing-value-null-renderer-expected.txt: Removed.
  • fast/forms/editing-value-null-renderer.html: Removed.
  • fast/forms/editing-value.html: Removed.
3:23 AM Changeset in webkit [243991] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243860 - [ATK] Don't touch accessibility tree in WebFrameLoaderClient::dispatchDidClearWindowObjectInWorld
https://bugs.webkit.org/show_bug.cgi?id=193914

Reviewed by Michael Catanzaro.

Move it to dispatchDidFinishDocumentLoad, since we know we have the document at that point and we can create the
root accessibility object wrapper.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDidFinishDocumentLoad):
(WebKit::WebFrameLoaderClient::dispatchDidClearWindowObjectInWorld):

3:23 AM Changeset in webkit [243990] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.24

Merge r243602 - [FreeType] Incorrect application of glyph positioning in the Y direction
https://bugs.webkit.org/show_bug.cgi?id=161493

Reviewed by Michael Catanzaro.

Source/WebCore:

Use the first glyph origin as the initial advance of every complex text run.

  • platform/graphics/cairo/FontCairo.cpp:

(WebCore::FontCascade::drawGlyphs): Update the yOffset using the height advance.

  • platform/graphics/cairo/GraphicsContextImplCairo.cpp:

(WebCore::GraphicsContextImplCairo::drawGlyphs): Ditto.

  • platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:

(WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Set the initial advance.

LayoutTests:

Rebaseline fast/text/international/hebrew-vowels.html.

  • platform/gtk/fast/text/international/hebrew-vowels-expected.png:
  • platform/gtk/fast/text/international/hebrew-vowels-expected.txt:
3:23 AM WebKitGTK/2.24.x edited by Carlos Garcia Campos
(diff)
3:16 AM Changeset in webkit [243989] by commit-queue@webkit.org
  • 5 edits
    1 add in trunk

[CMake] Detect SSE2 at compile time
https://bugs.webkit.org/show_bug.cgi?id=196488

Patch by Xan Lopez <xan@igalia.com> on 2019-04-08
Reviewed by Carlos Garcia Campos.

.:

  • CMakeLists.txt: Use FindSSE2.cmake to detect SSE2 support.
  • Source/cmake/FindSSE2.cmake: Added.

Source/JavaScriptCore:

  • assembler/MacroAssemblerX86Common.cpp: Remove unnecessary (and

incorrect) static_assert.

3:15 AM Changeset in webkit [243988] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243505 - Assertion failure !isInAcceleratedCompositingMode() in DrawingAreaProxyCoordinatedGraphics::incorporateUpdate when forceCompositingMode is turned on
https://bugs.webkit.org/show_bug.cgi?id=195879

Patch by Tomoki Imai <Tomoki Imai> on 2019-03-26
Reviewed by Carlos Garcia Campos.

The root cause is that DrawingAreaProxyCoordinatedGraphics::isInAcceleratedCompositingMode checks both of alwaysUseCompositing() and !m_layerTreeContext.isEmpty().
alwaysUseCompositing() refers preferences, which is written by the application (UIProcess).
On the other hand, m_layerTreeContext is changed when it receives enterAcceleratedCompositingMode/exitAcceleratedCompositingMode from WebProcess.

It results when we set forceCompositingMode and acceleratedCompositingEnabled to true, WebProcess and UIProcess is out of sync until WebProcess sends enterAcceleratedCompositingMode message.
In such situation, WebProcess sends incorporateUpdate to UIProcess because WebProcess is in non-AC mode, but isInAcceleratedCompositingMode becomes true in UIProcess side.

  • UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp:

(WebKit::DrawingAreaProxyCoordinatedGraphics::~DrawingAreaProxyCoordinatedGraphics): Should call exitAcceleratedCompositingMode even when alwaysUseCompositing is true.
(WebKit::DrawingAreaProxyCoordinatedGraphics::enterAcceleratedCompositingMode): enterAcceleratedCompositingMode should check enterAcceleratedCompositingMode is not called twice.

  • UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.h: Remove alwaysUseCompositing from isInAcceleratedCompositingMode
3:15 AM Changeset in webkit [243987] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243796 - [CoordinatedGraphics] Hidden pages are not suspended after a web view resize
https://bugs.webkit.org/show_bug.cgi?id=196487

Reviewed by Žan Doberšek.

When resizing the window, the hidden tabs are updated too, to avoid flickering or getting the old size when
switching tabs. For that we need to resume painting but we are not suspending it again after the update.

  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:

(WebKit::DrawingAreaCoordinatedGraphics::updateBackingStoreState): Suspend the painting again after a
synchronous update if needed.

3:15 AM Changeset in webkit [243986] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243475 - [Coordinated Graphics][WinCairo] ASSERTION FAILED: state.id == m_nicosia.state.id
https://bugs.webkit.org/show_bug.cgi?id=196190

Reviewed by Žan Doberšek.

This assertion assumes the pre-committed and the committed scenes
are identical. But, the pre-committed scene is updated in the main
thread. Removed the false assertion.

  • Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:

(WebKit::CoordinatedGraphicsScene::purgeGLResources): Remove the
assertion. Removed layers of committed scene, not pre-committed
scene.

3:15 AM Changeset in webkit [243985] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242771 - [CoordinatedGraphics] ASSERTION FAILED: !m_state.isSuspended
https://bugs.webkit.org/show_bug.cgi?id=195550

Reviewed by Carlos Garcia Campos.

CompositingRunLoop::suspend() locks a mutex and stops the update
timer. But, the timer can be fired after the lock was acquired and
before the timer is stopped.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:

(WebKit::CompositingRunLoop::updateTimerFired): Removed the
assertion. Return early if m_state.isSuspended.

3:15 AM Changeset in webkit [243984] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242597 - REGRESSION(r242364): [WPE] Do not stop the compositing run loop update timer on suspend
https://bugs.webkit.org/show_bug.cgi?id=195410

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-03-07
Reviewed by Žan Doberšek.

Calling CompositingRunLoop::stopUpdates() on suspend is leaving the threaded compositor in an inconsistent
state, failing to resume and stopping the updates forever. This is causing timeouts in WPE layout tests. Instead
of calling stopUpdates(), a new suspend() is called, that stops the update timer, without changing the current
updae tha compositing state. A new method resume() is also added to schedule an update if needed.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:

(WebKit::CompositingRunLoop::suspend): Set state as suspended and stop the update timer.
(WebKit::CompositingRunLoop::resume): Set state as not suspended and start the update timer if it was scheduled
while suspended.
(WebKit::CompositingRunLoop::scheduleUpdate): Do not start the update timer when suspended.
(WebKit::CompositingRunLoop::compositionCompleted): Ditto.
(WebKit::CompositingRunLoop::updateCompleted): Ditto.
(WebKit::CompositingRunLoop::updateTimerFired): Add an assert to ensure the update timer is not fired while suspended.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::suspend): Call CompositingRunLoop::suspend() instead of stopUpdates().
(WebKit::ThreadedCompositor::resume): Call CompositingRunLoop::resume().

3:15 AM Changeset in webkit [243983] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242364 - [CoordinatedGraphics] The compositing loop is still running even after exiting AC mode
https://bugs.webkit.org/show_bug.cgi?id=195270

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-03-04
Reviewed by Don Olmstead.

Suspend the threaded compositor when the painting is paused or layer flush disabled, and resume it again when
painting is resumed and layer flush enabled.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::suspend): Increment the suspend counter and mark the scene as inactive if it was suspended.
(WebKit::ThreadedCompositor::resume): Decrement the suspend counter and mark the scene as active if it's now resumed.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:

(WebKit::DrawingAreaCoordinatedGraphics::forceRepaint): Return early if layer tree state is frozen.
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaintAsync): Ditto.

  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:

(WebKit::LayerTreeHost::setLayerFlushSchedulingEnabled): Call ThreadedCompositor::suspend()/resume().
(WebKit::LayerTreeHost::pauseRendering): Call ThreadedCompositor::suspend.
(WebKit::LayerTreeHost::resumeRendering): Call ThreadedCompositor::resume().

3:15 AM Changeset in webkit [243982] by Carlos Garcia Campos
  • 15 edits
    2 moves
    3 adds
    6 deletes in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242346 - [CoordinatedGraphics] Unify DrawingArea classes
https://bugs.webkit.org/show_bug.cgi?id=195167

Reviewed by Žan Doberšek.

Add DrawingAreaProxyCoordinatedGraphics and DrawingAreaCoordinatedGraphics.

  • PlatformGTK.cmake:
  • PlatformWPE.cmake:
  • PlatformWin.cmake:
  • Shared/DrawingAreaInfo.h:
  • SourcesGTK.txt:
  • SourcesWPE.txt:
  • UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::createDrawingAreaProxy):
(WebKit::PageClientImpl::viewSize):

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseRealize):
(webkitWebViewBaseUnrealize):
(webkitWebViewBaseDraw):
(webkitWebViewBaseSizeAllocate):
(webkitWebViewBaseDidRelaunchWebProcess):
(webkitWebViewBasePageClosed):

  • UIProcess/API/wpe/PageClientImpl.cpp:

(WebKit::PageClientImpl::createDrawingAreaProxy):

  • UIProcess/AcceleratedDrawingAreaProxy.cpp: Removed.
  • UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp: Added.

(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingAreaProxyCoordinatedGraphics):
(WebKit::DrawingAreaProxyCoordinatedGraphics::~DrawingAreaProxyCoordinatedGraphics):
(WebKit::DrawingAreaProxyCoordinatedGraphics::paint):
(WebKit::DrawingAreaProxyCoordinatedGraphics::sizeDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::deviceScaleFactorDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::waitForBackingStoreUpdateOnNextPaint):
(WebKit::DrawingAreaProxyCoordinatedGraphics::setBackingStoreIsDiscardable):
(WebKit::DrawingAreaProxyCoordinatedGraphics::update):
(WebKit::DrawingAreaProxyCoordinatedGraphics::didUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::enterAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::exitAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::updateAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::incorporateUpdate):
(WebKit::DrawingAreaProxyCoordinatedGraphics::alwaysUseCompositing const):
(WebKit::DrawingAreaProxyCoordinatedGraphics::backingStoreStateDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::sendUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::waitForAndDispatchDidUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::discardBackingStoreSoon):
(WebKit::DrawingAreaProxyCoordinatedGraphics::discardBackingStore):
(WebKit::DrawingAreaProxyCoordinatedGraphics::setNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaProxyCoordinatedGraphics::destroyNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::DrawingMonitor):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::~DrawingMonitor):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::webViewDrawCallback):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::start):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::stop):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::didDraw):
(WebKit::DrawingAreaProxyCoordinatedGraphics::dispatchAfterEnsuringDrawing):

  • UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.h: Renamed from Source/WebKit/UIProcess/AcceleratedDrawingAreaProxy.h.
  • UIProcess/DrawingAreaProxyImpl.cpp: Removed.
  • UIProcess/DrawingAreaProxyImpl.h: Removed.
  • UIProcess/gtk/AcceleratedBackingStoreX11.cpp:

(WebKit::AcceleratedBackingStoreX11::update):

  • UIProcess/win/PageClientImpl.cpp:

(WebKit::PageClientImpl::createDrawingAreaProxy):

  • UIProcess/win/WebView.cpp:

(WebKit::WebView::paint):

  • WebProcess/WebPage/AcceleratedDrawingArea.cpp: Removed.
  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp: Added.

(WebKit::DrawingAreaCoordinatedGraphics::DrawingAreaCoordinatedGraphics):
(WebKit::DrawingAreaCoordinatedGraphics::~DrawingAreaCoordinatedGraphics):
(WebKit::DrawingAreaCoordinatedGraphics::setNeedsDisplay):
(WebKit::DrawingAreaCoordinatedGraphics::setNeedsDisplayInRect):
(WebKit::DrawingAreaCoordinatedGraphics::scroll):
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaint):
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaintAsync):
(WebKit::DrawingAreaCoordinatedGraphics::setLayerTreeStateIsFrozen):
(WebKit::DrawingAreaCoordinatedGraphics::updatePreferences):
(WebKit::DrawingAreaCoordinatedGraphics::mainFrameContentSizeChanged):
(WebKit::DrawingAreaCoordinatedGraphics::deviceOrPageScaleFactorChanged):
(WebKit::DrawingAreaCoordinatedGraphics::didChangeViewportAttributes):
(WebKit::DrawingAreaCoordinatedGraphics::graphicsLayerFactory):
(WebKit::DrawingAreaCoordinatedGraphics::setRootCompositingLayer):
(WebKit::DrawingAreaCoordinatedGraphics::scheduleCompositingLayerFlush):
(WebKit::DrawingAreaCoordinatedGraphics::layerHostDidFlushLayers):
(WebKit::DrawingAreaCoordinatedGraphics::createDisplayRefreshMonitor):
(WebKit::DrawingAreaCoordinatedGraphics::setNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaCoordinatedGraphics::destroyNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaCoordinatedGraphics::activityStateDidChange):
(WebKit::DrawingAreaCoordinatedGraphics::attachViewOverlayGraphicsLayer):
(WebKit::DrawingAreaCoordinatedGraphics::updateBackingStoreState):
(WebKit::DrawingAreaCoordinatedGraphics::didUpdate):
(WebKit::DrawingAreaCoordinatedGraphics::sendDidUpdateBackingStoreState):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingModeSoon):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingModeNow):
(WebKit::DrawingAreaCoordinatedGraphics::discardPreviousLayerTreeHost):
(WebKit::DrawingAreaCoordinatedGraphics::suspendPainting):
(WebKit::DrawingAreaCoordinatedGraphics::resumePainting):
(WebKit::DrawingAreaCoordinatedGraphics::enterAcceleratedCompositingMode):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingMode):
(WebKit::DrawingAreaCoordinatedGraphics::scheduleDisplay):
(WebKit::DrawingAreaCoordinatedGraphics::displayTimerFired):
(WebKit::DrawingAreaCoordinatedGraphics::display):
(WebKit::shouldPaintBoundsRect):

  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.h: Renamed from Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.h.
  • WebProcess/WebPage/DrawingArea.cpp:

(WebKit::DrawingArea::create):

  • WebProcess/WebPage/DrawingArea.h:

(WebKit::DrawingArea::layerFlushThrottlingIsActive const):

  • WebProcess/WebPage/DrawingAreaImpl.cpp: Removed.
  • WebProcess/WebPage/DrawingAreaImpl.h: Removed.
3:14 AM Changeset in webkit [243981] by Carlos Garcia Campos
  • 43 edits in releases/WebKitGTK/webkit-2.24

Merge r242205 - [CoordinatedGraphics] Remove COORDINATED_GRAPHICS_THREADED option
https://bugs.webkit.org/show_bug.cgi?id=195159

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-02-28
Reviewed by Don Olmstead.

.:

  • Source/cmake/OptionsGTK.cmake:
  • Source/cmake/OptionsPlayStation.cmake:
  • Source/cmake/OptionsWPE.cmake:

Source/WebCore:

Use COORDINATED_GRAPHICS instead.

  • platform/graphics/GraphicsContext3D.h:
  • platform/graphics/PlatformLayer.h:
  • platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::ImageBufferData::ImageBufferData):
(WebCore::ImageBufferData::~ImageBufferData):

  • platform/graphics/cairo/ImageBufferDataCairo.h:
  • platform/graphics/nicosia/NicosiaPaintingEngineThreaded.cpp:
  • platform/graphics/nicosia/NicosiaPaintingEngineThreaded.h:
  • platform/graphics/nicosia/texmap/NicosiaGC3DLayer.cpp:

(Nicosia::GC3DLayer::swapBuffersIfNeeded):

  • platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:

(WebCore::GraphicsContext3D::reshapeFBOs):

  • platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:

(WebCore::GraphicsContext3D::prepareTexture):

  • platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:

(WebCore::GraphicsContext3D::reshapeFBOs):

  • platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp:

(WebCore::GraphicsContext3D::GraphicsContext3D):
(WebCore::GraphicsContext3D::~GraphicsContext3D):

  • platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp:

(WebCore::TextureMapperGC3DPlatformLayer::TextureMapperGC3DPlatformLayer):
(WebCore::TextureMapperGC3DPlatformLayer::~TextureMapperGC3DPlatformLayer):

  • platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
  • platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
  • platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
  • platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
  • platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
  • platform/graphics/texmap/TextureMapperPlatformLayerProxyProvider.h:
  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::setContentsNeedsDisplay):
(WebCore::CoordinatedGraphicsLayer::setContentsToPlatformLayer):
(WebCore::CoordinatedGraphicsLayer::updatePlatformLayer):

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::paintsIntoWindow const):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::shouldCompositeOverflowControls const):

Source/WebKit:

Use COORDINATED_GRAPHICS instead.

  • Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:

(WebKit::CoordinatedGraphicsScene::onNewBufferAvailable):

  • Shared/CoordinatedGraphics/CoordinatedGraphicsScene.h:
  • Shared/CoordinatedGraphics/SimpleViewportController.cpp:
  • Shared/CoordinatedGraphics/SimpleViewportController.h:
  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:
  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.cpp:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.h:
  • WebProcess/WebPage/AcceleratedDrawingArea.cpp:

(WebKit::AcceleratedDrawingArea::mainFrameContentSizeChanged):
(WebKit::AcceleratedDrawingArea::enterAcceleratedCompositingMode):

  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:
  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h:
  • WebProcess/WebPage/DrawingAreaImpl.cpp:

(WebKit::DrawingAreaImpl::updatePreferences):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::sendViewportAttributesChanged):
(WebKit::WebPage::viewportPropertiesDidChange):

  • WebProcess/gtk/WebProcessMainGtk.cpp:
3:14 AM Changeset in webkit [243980] by Carlos Garcia Campos
  • 8 edits
    1 move
    1 add
    5 deletes in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242199 - [CoordinatedGraphics] Unify all LayerTreeHost classes
https://bugs.webkit.org/show_bug.cgi?id=195094

Reviewed by Žan Doberšek.

There's no reason to have 3 classes, since currently LayerTreeHost is only used by coordinated graphics based
ports.

  • PlatformWin.cmake:
  • SourcesGTK.txt:
  • SourcesWPE.txt:
  • WebProcess/WebPage/AcceleratedDrawingArea.cpp:

(WebKit::AcceleratedDrawingArea::enterAcceleratedCompositingMode):
(WebKit::AcceleratedDrawingArea::exitAcceleratedCompositingModeNow):

  • WebProcess/WebPage/AcceleratedDrawingArea.h:
  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp: Removed.
  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.h: Removed.
  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp: Renamed from Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp.

(WebKit::LayerTreeHost::LayerTreeHost):
(WebKit::LayerTreeHost::~LayerTreeHost):
(WebKit::LayerTreeHost::setLayerFlushSchedulingEnabled):
(WebKit::LayerTreeHost::scheduleLayerFlush):
(WebKit::LayerTreeHost::cancelPendingLayerFlush):
(WebKit::LayerTreeHost::layerFlushTimerFired):
(WebKit::LayerTreeHost::setRootCompositingLayer):
(WebKit::LayerTreeHost::setViewOverlayRootLayer):
(WebKit::LayerTreeHost::invalidate):
(WebKit::LayerTreeHost::scrollNonCompositedContents):
(WebKit::LayerTreeHost::forceRepaint):
(WebKit::LayerTreeHost::forceRepaintAsync):
(WebKit::LayerTreeHost::sizeDidChange):
(WebKit::LayerTreeHost::pauseRendering):
(WebKit::LayerTreeHost::resumeRendering):
(WebKit::LayerTreeHost::graphicsLayerFactory):
(WebKit::LayerTreeHost::contentsSizeChanged):
(WebKit::LayerTreeHost::didChangeViewportAttributes):
(WebKit::LayerTreeHost::didChangeViewport):
(WebKit::LayerTreeHost::setIsDiscardable):
(WebKit::LayerTreeHost::setNativeSurfaceHandleForCompositing):
(WebKit::LayerTreeHost::deviceOrPageScaleFactorChanged):
(WebKit::LayerTreeHost::createDisplayRefreshMonitor):
(WebKit::LayerTreeHost::didFlushRootLayer):
(WebKit::LayerTreeHost::commitSceneState):
(WebKit::LayerTreeHost::frameComplete):
(WebKit::LayerTreeHost::nativeSurfaceHandleForCompositing):
(WebKit::LayerTreeHost::didDestroyGLContext):
(WebKit::LayerTreeHost::willRenderFrame):
(WebKit::LayerTreeHost::didRenderFrame):
(WebKit::LayerTreeHost::requestDisplayRefreshMonitorUpdate):
(WebKit::LayerTreeHost::handleDisplayRefreshMonitorUpdate):
(WebKit::LayerTreeHost::renderNextFrame):

  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h: Renamed from Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h.
  • WebProcess/WebPage/DrawingAreaImpl.cpp:

(WebKit::DrawingAreaImpl::setNeedsDisplay):
(WebKit::DrawingAreaImpl::setNeedsDisplayInRect):

  • WebProcess/WebPage/LayerTreeHost.cpp: Removed.
  • WebProcess/WebPage/LayerTreeHost.h: Removed.
  • WebPage/win/LayerTreeHost.h: Added.
3:14 AM Changeset in webkit [243979] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242266 - [ThreadedCompositor] Simply the compositing run loop worker thread
https://bugs.webkit.org/show_bug.cgi?id=195208

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-03-01
Reviewed by Don Olmstead.

We can remove the WorkQueuePool, since we never really supported more than one thread, and now that single
process model non longer exists it doesn't even make sense. We can simply use a RunLoop instead of a WorkQueue
so that the implementation is not specific to the generic WorkQueue implementation.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:

(WebKit::createRunLoop): Helper function to create the RunLoop in a worker thread before m_updateTimer is initialized.
(WebKit::CompositingRunLoop::CompositingRunLoop): Use createRunLoop().
(WebKit::CompositingRunLoop::~CompositingRunLoop): Stop the worker thread run loop in the next main run loop iteration.
(WebKit::CompositingRunLoop::performTask): Use m_runLoop.
(WebKit::CompositingRunLoop::performTaskSync): Ditto.
(WebKit::WorkQueuePool::singleton): Deleted.
(WebKit::WorkQueuePool::dispatch): Deleted.
(WebKit::WorkQueuePool::runLoop): Deleted.
(WebKit::WorkQueuePool::invalidate): Deleted.
(WebKit::WorkQueuePool::WorkQueuePool): Deleted.
(WebKit::WorkQueuePool::getOrCreateWorkQueueForContext): Deleted.
(): Deleted.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
3:14 AM Changeset in webkit [243978] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243537 - [GStreamer] Remove the HLS queue buffering query hack
https://bugs.webkit.org/show_bug.cgi?id=196244

Reviewed by Xabier Rodriguez-Calvar.

Because the http src element now provides network statistics to
the player we can now compute an estimation of the data loading in
case the buffering query isn't handled by any element of the
pipeline.

No new tests, existing HLS tests cover this change.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
(WebCore::findHLSQueue): Deleted.
(WebCore::isHLSProgressing): Deleted.

3:14 AM Changeset in webkit [243977] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243197 - [GStreamer] Switch back to webkitwebsrc for adaptive streaming fragments downloading
https://bugs.webkit.org/show_bug.cgi?id=195948

Reviewed by Xabier Rodriguez-Calvar.

The webkitwebsrc element now behaves much better when used through
GStreamer's adaptivedemux, so use it for all WebKit media
downloads. The MediaPlayer needed by the webkitwebsrc element now
travels through GstContext messages and queries so that it can be
shared by multiple elements, typically the first webkitwebsrc
element downloads the HLS manifest and then adaptivedemux, through
uridownloader, will create new webkitwebsrc elements for fragments
downloading. Those new elements will query the first webkitwebsrc
element for its context.

The previous hack used to check SecurityOrigins can
also be cleaned-up. The origins are now cached upon reception of
the HTTP headers message from webkitwebsrc.

No new tests, existing http/tests/media/hls tests cover this change.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::setPlaybinURL):
(WebCore::MediaPlayerPrivateGStreamer::loadFull):
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
(WebCore::MediaPlayerPrivateGStreamer::wouldTaintOrigin const):
(WebCore::convertToInternalProtocol): Deleted.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage):

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webkit_web_src_class_init):
(webKitWebSrcSetContext):
(webKitWebSrcStart):
(webKitWebSrcGetProtocols):
(webKitWebSrcSetUri):
(CachedResourceStreamingClient::responseReceived):
(convertPlaybinURI): Deleted.
(webKitSrcWouldTaintOrigin): Deleted.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:
3:14 AM Changeset in webkit [243976] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243140 - REGRESSION(r243058): [GStreamer] 3 tests now timing out
https://bugs.webkit.org/show_bug.cgi?id=195888

Reviewed by Xabier Rodriguez-Calvar.

A breaking change was introduced in r243058. Now on-disk-buffering
is disabled when the reported Content-Length is 0 or not present
at all. This broke the progress event logic in didLoadProgress()
because leading to progress events not being fired as expected.

The proposed solution is to make webkitwebsrc notify the player
every time the network process receives data from the network. So
the player can now easily determine if the load progressed by
checking the reported statistics.

No new tests, existing media tests cover this change.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(CachedResourceStreamingClient::dataReceived):

3:14 AM Changeset in webkit [243975] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.24

Merge r243058 - [GStreamer] Rewrite HTTP source element using pushsrc base class
https://bugs.webkit.org/show_bug.cgi?id=195631

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

If we want to use webkitwebsrc in adaptivedemux (HLS, DASH, etc)
we need a source element that behaves like souphttpsrc, which is
implemented using pushsrc. This rewrite might also fix some seek
issues.

No new tests, existing http/tests/media tests cover this patch.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::handleMessage):

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webkit_web_src_class_init):
(webkitWebSrcReset):
(webkit_web_src_init):
(webKitWebSrcCreate):
(webKitWebSrcStart):
(webKitWebSrcCloseSession):
(webKitWebSrcStop):
(webKitWebSrcGetSize):
(webKitWebSrcIsSeekable):
(webKitWebSrcDoSeek):
(webKitWebSrcQuery):
(webKitWebSrcUnLock):
(webKitWebSrcUnLockStop):
(webKitWebSrcChangeState):
(CachedResourceStreamingClient::checkUpdateBlocksize):
(CachedResourceStreamingClient::responseReceived):
(CachedResourceStreamingClient::dataReceived):
(CachedResourceStreamingClient::accessControlCheckFailed):
(CachedResourceStreamingClient::loadFailed):
(CachedResourceStreamingClient::loadFinished):

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:

LayoutTests:

  • platform/gtk/TestExpectations:
  • platform/gtk/http/tests/media/hls/video-controls-live-stream-expected.txt:

Update expectations, though it's not really related with this
patch.

3:14 AM Changeset in webkit [243974] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241444 - Stop using setDefersLoading from WebCore
https://bugs.webkit.org/show_bug.cgi?id=194315

Reviewed by Jer Noble.

That is what CompletionHandlers are for.

  • loader/MediaResourceLoader.cpp:

(WebCore::MediaResource::responseReceived):
(WebCore::MediaResource::setDefersLoading): Deleted.

  • loader/MediaResourceLoader.h:
  • platform/graphics/PlatformMediaResourceLoader.h:

(WebCore::PlatformMediaResourceClient::responseReceived):
(WebCore::PlatformMediaResource::stop):
(WebCore::PlatformMediaResource::setDefersLoading): Deleted.

  • platform/network/cocoa/WebCoreNSURLSession.mm:

(WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:completionHandler:]):
(-[WebCoreNSURLSessionDataTask _setDefersLoading:]): Deleted.
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:]): Deleted.

3:14 AM Changeset in webkit [243973] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24

Merge r243434 - [GTK][WPE] Do not allow changes in active URI before provisional load starts for non-API requests
https://bugs.webkit.org/show_bug.cgi?id=194208

Reviewed by Michael Catanzaro.

  • UIProcess/API/glib/WebKitWebView.cpp:

(webkitWebViewWillStartLoad): Block updates of active URL.
(webkitWebViewLoadChanged): Unblock updates of active URL on WEBKIT_LOAD_STARTED.

3:13 AM Changeset in webkit [243972] by Carlos Garcia Campos
  • 12 edits in releases/WebKitGTK/webkit-2.24

Merge r242788 - [WPE][GTK] Load events may occur in unexpected order when JS redirects page before subresource load finishes
https://bugs.webkit.org/show_bug.cgi?id=194131

Source/WebKit:

Reviewed by Michael Catanzaro.

Ensure we emit the load-failed and load-changed with finished event when there's still an ongoing load when a
new provisional load strarts. Previous load fails with cancelled error.

  • UIProcess/API/glib/WebKitWebView.cpp:

(webkitWebViewWillStartLoad): Call webkitWebViewLoadFailed() if current page load state is not finished.

  • UIProcess/API/glib/WebKitWebViewPrivate.h:
  • UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::didStartProvisionalLoadForMainFrame): Call webkitWebViewWillStartLoad().

  • UIProcess/API/wpe/APIViewClient.h:

(API::ViewClient::willStartLoad): Add willStartLoad() to API::ViewClient

  • UIProcess/API/wpe/PageClientImpl.cpp:

(WebKit::PageClientImpl::didStartProvisionalLoadForMainFrame): Call WPEView::willStartLoad().

  • UIProcess/API/wpe/PageClientImpl.h:
  • UIProcess/API/wpe/WPEView.cpp:

(WKWPE::View::willStartLoad): Call API::ViewClient::willStartLoad().

  • UIProcess/API/wpe/WPEView.h:
  • UIProcess/PageLoadState.h:

(WebKit::PageLoadState::isProvisional const):
(WebKit::PageLoadState::isCommitted const):
(WebKit::PageLoadState::isFinished const):

Tools:

Patch by Michael Catanzaro <Michael Catanzaro> on 2019-03-12
Reviewed by Michael Catanzaro.

  • TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp:

(uriChanged):
(testUnfinishedSubresourceLoad):
(serverCallback):
(beforeAll):

2:09 AM Changeset in webkit [243971] by svillar@igalia.com
  • 4 edits in trunk

[GTK][WPE] outlook.live.com displays old-fashioned UI
https://bugs.webkit.org/show_bug.cgi?id=196642

Reviewed by Carlos Garcia Campos.

Source/WebCore:

The new good looking UI is shown as long as pretend we're a Mac in the UA.

  • platform/UserAgentQuirks.cpp:

(WebCore::urlRequiresChromeBrowser):

Tools:

  • TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:

(TestWebKitAPI::TEST): New Mac platform quirk test.

1:11 AM Changeset in webkit [243970] by Carlos Garcia Campos
  • 18 edits
    2 moves in trunk/Source/WebCore

[ATK] Cleanup accessible wrapper base class
https://bugs.webkit.org/show_bug.cgi?id=196601

Reviewed by Mario Sanchez Prada.

Cleanups:

  • Rename WebKitAccessibleWrapperAtk cpp and header as WebKitAccessible for consistency with the class name.
  • Use WEBKIT_DEFINE_TYPE instead of custom type registration. This ensures that all CStrings used in private struct are no longer leaked.
  • Move core object pointer to the private struct.
  • Remove confusing core() function and simply get the core object from the private struct.
  • Use nullptr instead of 0 and other coding style issues.
  • Rename cacheAndReturnAtkProperty as webkitAccessibleCacheAndReturnAtkProperty and use WebKitAccessible as instance parameter.
  • Make webkitAccessibleGetAccessibilityObject() return a reference, since we use a fallback object on detach it never returns nullptr.
  • Move objectFocusedAndCaretOffsetUnignored() to WebKitAccessibleUtil.
  • SourcesGTK.txt:
  • accessibility/atk/AXObjectCacheAtk.cpp:
  • accessibility/atk/WebKitAccessible.cpp: Renamed from Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.cpp.

(webkitAccessibleGetName):
(webkitAccessibleGetDescription):
(setAtkRelationSetFromCoreObject):
(isRootObject):
(webkitAccessibleGetParent):
(webkitAccessibleGetNChildren):
(webkitAccessibleRefChild):
(webkitAccessibleGetIndexInParent):
(webkitAccessibleGetAttributes):
(atkRole):
(webkitAccessibleGetRole):
(webkitAccessibleRefStateSet):
(webkitAccessibleRefRelationSet):
(webkitAccessibleInit):
(webkitAccessibleGetObjectLocale):
(webkit_accessible_class_init):
(interfaceMaskFromObject):
(uniqueAccessibilityTypeName):
(accessibilityTypeFromObject):
(webkitAccessibleNew):
(webkitAccessibleGetAccessibilityObject):
(webkitAccessibleDetach):
(webkitAccessibleIsDetached):
(webkitAccessibleCacheAndReturnAtkProperty):

  • accessibility/atk/WebKitAccessible.h: Renamed from Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.h.
  • accessibility/atk/WebKitAccessibleHyperlink.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceAction.cpp:

(core):
(webkitAccessibleActionGetKeybinding):
(webkitAccessibleActionGetName):

  • accessibility/atk/WebKitAccessibleInterfaceComponent.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceDocument.cpp:

(core):
(documentAttributeValue):

  • accessibility/atk/WebKitAccessibleInterfaceEditableText.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceHypertext.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceImage.cpp:

(core):
(webkitAccessibleImageGetImageDescription):

  • accessibility/atk/WebKitAccessibleInterfaceSelection.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceTable.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceTableCell.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceText.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceValue.cpp:

(core):

  • accessibility/atk/WebKitAccessibleUtil.cpp:

(objectFocusedAndCaretOffsetUnignored):

  • accessibility/atk/WebKitAccessibleUtil.h:
  • editing/atk/FrameSelectionAtk.cpp:

Apr 7, 2019:

7:58 PM Changeset in webkit [243969] by commit-queue@webkit.org
  • 5 edits in trunk

Unreviewed, rolling out r243956.
https://bugs.webkit.org/show_bug.cgi?id=196688

Broke API Test SafeBrowsing.WKWebViewGoBackIFrame (Requested
by aakashjain on #webkit).

Reverted changeset:

"Clicking "Go Back" from a safe browsing warning from an
iframe should navigate the WKWebView back to the previous
page"
https://bugs.webkit.org/show_bug.cgi?id=196665
https://trac.webkit.org/changeset/243956

4:31 PM Changeset in webkit [243968] by ggaren@apple.com
  • 2 edits in trunk/Source/WebKit

Remove stray byte added by r241131
https://bugs.webkit.org/show_bug.cgi?id=196682

Reviewed by Alexey Proskuryakov.

Sublime Text thinks WKWebView.mm is binary instead of text.

According to online documentation and bisecting, this is because r241131
introduced a stray byte (probably a null byte?) into the file.

I fixed this with Cmd-C Cmd-V.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

4:24 PM Changeset in webkit [243967] by msaboff@apple.com
  • 3 edits
    1 add in trunk

REGRESSION (r243642): Crash in reddit.com page
https://bugs.webkit.org/show_bug.cgi?id=196684

Reviewed by Geoffrey Garen.

JSTests:

New regression test.

  • stress/regexp-nongreedy-charclass-backtracks.js: Added.

Source/JavaScriptCore:

In r243642, the code that saves and restores the count for non-greedy character classes
was inadvertently put inside an if statement. This code should be generated for all
non-greedy character classes.

  • yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy):
(JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):

12:25 PM Changeset in webkit [243966] by ysuzuki@apple.com
  • 4 edits
    1 add in trunk

[JSC] CallLinkInfo should clear Callee or CodeBlock even if it is unlinked by jettison
https://bugs.webkit.org/show_bug.cgi?id=196683

Reviewed by Saam Barati.

JSTests:

  • stress/clear-callee-or-codeblock-in-calllinkinfo-even-cleared-by-jettison.js: Added.

(foo):

Source/JavaScriptCore:

In r243626, we stop repatching CallLinkInfo when the CallLinkInfo is held by jettisoned CodeBlock.
But we still need to clear the Callee or CodeBlock since they are now dead. Otherwise, CodeBlock's
visitWeak eventually accesses this dead cells and crashes because the owner CodeBlock of CallLinkInfo
can be still live.

We also move all repatching operations from CallLinkInfo.cpp to Repatch.cpp for consistency because the
other repatching operations in CallLinkInfo are implemented in Repatch.cpp side.

  • bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::setCallee):
(JSC::CallLinkInfo::clearCallee):

  • jit/Repatch.cpp:

(JSC::linkFor):
(JSC::revertCall):

Apr 6, 2019:

8:55 PM Changeset in webkit [243965] by rniwa@webkit.org
  • 5 edits in trunk

Added tests for WeakHashSet::computesEmpty and WeakHashSet::computeSize
https://bugs.webkit.org/show_bug.cgi?id=196669

Reviewed by Geoffrey Garen.

Source/WTF:

Removed the superflous type names from forward declarations, and made WeakHashSet::add
take a const object to match other container types in WTF.

  • wtf/WeakHashSet.h:

(WTF::WeakHashSet::add):

  • wtf/WeakPtr.h:

Tools:

Added three new unit tests for WeakHashSet.

  • TestWebKitAPI/Tests/WTF/WeakPtr.cpp:

(WTF_WeakPtr.WeakHashSetConstObjects):
(WTF_WeakPtr.WeakHashSetComputesEmpty):
(WTF_WeakPtr.WeakHashSetComputeSize):

7:54 PM Changeset in webkit [243964] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

REGRESSION(r237196): Web Inspector: Computed panel shouldn't update when it isn't visible
https://bugs.webkit.org/show_bug.cgi?id=196667
<rdar://problem/49664912>

Reviewed by Timothy Hatcher.

Explicitly define hidden and shown methods instead of relying on SidebarPanel's visible getter.

  • UserInterface/Views/GeneralStyleDetailsSidebarPanel.js:

(WI.GeneralStyleDetailsSidebarPanel.prototype.visibilityDidChange): Deleted.
(WI.GeneralStyleDetailsSidebarPanel.prototype.hidden): Added.
(WI.GeneralStyleDetailsSidebarPanel.prototype.shown): Added.

7:25 PM Changeset in webkit [243963] by wenson_hsieh@apple.com
  • 8 edits in trunk

Hide next and previous form control buttons when WKWebView is editable
https://bugs.webkit.org/show_bug.cgi?id=196672
<rdar://problem/35625321>

Reviewed by Tim Horton.

Source/WebKit:

Adopt new UIKit SPI to hide or show next and previous controls in the form accessory view when changing
editability.

Test: KeyboardInputTests.FormNavigationAssistantBarButtonItems

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setEditable:]):

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _updateAccessory]):
(-[WKContentView _didChangeWebViewEditability]):

Tools:

Add a new API test.

  • TestWebKitAPI/Tests/ios/KeyboardInputTestsIOS.mm:

(-[TestWKWebView lastTrailingBarButtonGroup]):
(TestWebKitAPI::TEST):

  • TestWebKitAPI/ios/UIKitSPI.h:
9:48 AM Changeset in webkit [243962] by Antti Koivisto
  • 30 edits
    1 move
    1 add
    1 delete in trunk

Combine event and touch action regions into a single class
https://bugs.webkit.org/show_bug.cgi?id=196644
<rdar://problem/49643614>

Reviewed by Darin Adler.

Source/WebCore:

This patch replaces the existing TouchActionRegion class with the more general EventRegion class.
It collects both the overall event region and the touch action regions. This avoids duplication
and simplifies the code.

The patch also adds serialization support for EventRegion, so touch-action regions gets passed
to the UI process too.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • platform/graphics/GraphicsLayer.cpp:

(WebCore::GraphicsLayer::setEventRegion):
(WebCore::GraphicsLayer::dumpProperties const):
(WebCore::GraphicsLayer::setTouchActionRegion): Deleted.

  • platform/graphics/GraphicsLayer.h:

(WebCore::GraphicsLayer::eventRegion const):
(WebCore::GraphicsLayer::touchActionRegion const): Deleted.

  • platform/graphics/Region.cpp:

(WebCore::operator<<):

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::setEventRegion):
(WebCore::GraphicsLayerCA::setTouchActionRegion): Deleted.

  • platform/graphics/ca/GraphicsLayerCA.h:
  • platform/graphics/ca/PlatformCALayer.h:
  • platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
  • rendering/EventRegion.cpp: Copied from Source/WebCore/rendering/TouchActionRegion.cpp.

(WebCore::EventRegion::operator== const):
(WebCore::EventRegion::unite):
(WebCore::EventRegion::translate):
(WebCore::EventRegion::uniteTouchActions):
(WebCore::EventRegion::touchActionsForPoint const):
(WebCore::operator<<):
(WebCore::TouchActionRegion::unite): Deleted.
(WebCore::TouchActionRegion::actionsForPoint const): Deleted.
(WebCore::TouchActionRegion::translate): Deleted.

  • rendering/EventRegion.h: Copied from Source/WebCore/rendering/TouchActionRegion.h.

(WebCore::EventRegion::isEmpty const):
(WebCore::EventRegion::contains const):
(WebCore::EventRegion::hasTouchActions const):
(WebCore::EventRegion::encode const):
(WebCore::EventRegion::decode):
(WebCore::TouchActionRegion::isEmpty const): Deleted.
(WebCore::TouchActionRegion::operator== const): Deleted.

  • rendering/InlineTextBox.cpp:

(WebCore::InlineTextBox::paint):

  • rendering/PaintInfo.h:
  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::paintObject):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::collectEventRegionForFragments):

  • rendering/RenderLayer.h:
  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateEventRegion):

  • rendering/RenderLayerModelObject.cpp:
  • rendering/SimpleLineLayoutFunctions.cpp:

(WebCore::SimpleLineLayout::paintFlow):

  • rendering/TouchActionRegion.cpp: Removed.
  • rendering/TouchActionRegion.h: Removed.

Source/WebKit:

  • Shared/RemoteLayerTree/RemoteLayerTreeTransaction.h:
  • Shared/RemoteLayerTree/RemoteLayerTreeTransaction.mm:

(WebKit::RemoteLayerTreeTransaction::LayerProperties::decode):

  • UIProcess/RemoteLayerTree/RemoteLayerTreeNode.h:

(WebKit::RemoteLayerTreeNode::eventRegion const):

  • UIProcess/RemoteLayerTree/RemoteLayerTreeNode.mm:

(WebKit::RemoteLayerTreeNode::setEventRegion):

  • WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.cpp:

(WebKit::PlatformCALayerRemote::setEventRegion):

  • WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.h:

LayoutTests:

  • pointerevents/ios/touch-action-region-basic-expected.txt:
  • pointerevents/ios/touch-action-region-layers-expected.txt:
  • pointerevents/ios/touch-action-region-pan-x-y-expected.txt:

Apr 5, 2019:

8:41 PM Changeset in webkit [243961] by commit-queue@webkit.org
  • 13 edits
    2 adds in trunk

We should pass minimumEffectiveDeviceWidth to web process on new page creation.
https://bugs.webkit.org/show_bug.cgi?id=196077
<rdar://problem/49108202>

Patch by Yongjun Zhang <yongjun_zhang@apple.com> on 2019-04-05
Reviewed by Chris Dumez.

Source/WebCore:

If the page doesn't specify it requires to use the device width in viewport tag, we should try to scale down
the page to fit the window width.

Test: fast/viewport/ios/shrink-to-fit-for-page-without-viewport-meta.html

  • page/ViewportConfiguration.cpp:

(WebCore::ViewportConfiguration::updateDefaultConfiguration): Also update the minimum layout size

when the default configuration is changed.

(WebCore::ViewportConfiguration::nativeWebpageParametersWithShrinkToFit): Make sure we fit the content

to window width.

Source/WebKit:

When a new web view is created, it is possible we don't have the web content process till a load
is requested. This patch stashes minimumEffectiveDeviceWidth in WebPageProxy.cpp and passes that
value down to web process via WebPageCreationParameters when a new process is created, just like
we did for other values like viewportConfigurationLayoutSizeScaleFactor or viewportConfigurationViewLayoutSize.

  • Shared/WebPageCreationParameters.cpp:

(WebKit::WebPageCreationParameters::encode const): Encode viewportConfigurationMinimumEffectiveDeviceWidth value.
(WebKit::WebPageCreationParameters::decode): Decode viewportConfigurationMinimumEffectiveDeviceWidth value.

  • Shared/WebPageCreationParameters.h:
  • UIProcess/API/Cocoa/WKWebView.mm: Now that we stash the minimumEffectiveDeviceWidth value in WebPageProxy, we

don't need the iVar in WKWebView any more.

(-[WKWebView _dispatchSetViewLayoutSize:]): Use _page->minimumEffectiveDeviceWidth().
(-[WKWebView _setViewScale:]): Ditto.
(-[WKWebView _setMinimumEffectiveDeviceWidth:]): Ditto.
(-[WKWebView _minimumEffectiveDeviceWidth]): Ditto.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::creationParameters): Also add viewportConfigurationMinimumEffectiveDeviceWidth to

web process creation parameter.

  • UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::minimumEffectiveDeviceWidth const): Returns m_viewportConfigurationMinimumEffectiveDeviceWidth.

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::setViewportConfigurationViewLayoutSize): Pass parameters.viewportConfigurationMinimumEffectiveDeviceWidth

to web process.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::WebPage): Take viewportConfigurationMinimumEffectiveDeviceWidth value from the parameter and

set that to viewport configuration.

Tools:

Add an API test to verify the minimumEffectDeviceWidth is passed to web content process
on new web view.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

LayoutTests:

Add a layout test to verify the page shrinks to fit the window width when ignoreMetaViewport
flag is turned on.

  • fast/viewport/ios/shrink-to-fit-for-page-without-viewport-meta-expected.txt: Added.
  • fast/viewport/ios/shrink-to-fit-for-page-without-viewport-meta.html: Added.
7:05 PM Changeset in webkit [243960] by sbarati@apple.com
  • 2 edits in trunk/Tools

Make compare-results understand MotionMark
https://bugs.webkit.org/show_bug.cgi?id=196666

Reviewed by Yusuke Suzuki.

  • Scripts/compare-results:

(PLT5Results):
(detectMotionMark):
(detectMotionMark1_1):
(motionMarkResults):
(motionMark1_1Results):
(detectBenchmark):
(biggerIsBetter):
(main):

6:57 PM Changeset in webkit [243959] by ysuzuki@apple.com
  • 9 edits
    1 add in trunk

[JSC] OSRExit recovery for SpeculativeAdd does not consier "A = A + A" pattern
https://bugs.webkit.org/show_bug.cgi?id=196582

Reviewed by Saam Barati.

JSTests:

  • stress/add-overflow-check-with-three-same-registers.js: Added.

(foo):
(Number.prototype.valueOf):
(runWithNumber):

Source/JavaScriptCore:

In DFG, our ArithAdd with overflow is executed speculatively, and we recover the value when overflow flag is set.
The recovery is subtracting the operand from the destination to get the original two operands. Our recovery code
handles A + B = A, A + B = B cases. But it misses A + A = A case (here, A and B are GPRReg). Our recovery code
attempts to produce the original operand by performing A - A, and it always produces zero accidentally.

This patch adds the recovery code for A + A = A case. Because we know that this ArithAdd overflows, and operands were
same values, we can calculate the original operand from the destination value by ((int32_t)value >> 1) ^ 0x80000000.

We also found that FTL recovery code is dead. We remove them in this patch.

  • dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::executeOSRExit):
(JSC::DFG::OSRExit::compileExit):

  • dfg/DFGOSRExit.h:

(JSC::DFG::SpeculationRecovery::SpeculationRecovery):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileArithAdd):

  • ftl/FTLExitValue.cpp:

(JSC::FTL::ExitValue::dataFormat const):
(JSC::FTL::ExitValue::dumpInContext const):

  • ftl/FTLExitValue.h:

(JSC::FTL::ExitValue::isArgument const):
(JSC::FTL::ExitValue::hasIndexInStackmapLocations const):
(JSC::FTL::ExitValue::adjustStackmapLocationsIndexByOffset):
(JSC::FTL::ExitValue::recovery): Deleted.
(JSC::FTL::ExitValue::isRecovery const): Deleted.
(JSC::FTL::ExitValue::leftRecoveryArgument const): Deleted.
(JSC::FTL::ExitValue::rightRecoveryArgument const): Deleted.
(JSC::FTL::ExitValue::recoveryFormat const): Deleted.
(JSC::FTL::ExitValue::recoveryOpcode const): Deleted.

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::preparePatchpointForExceptions):
(JSC::FTL::DFG::LowerDFGToB3::appendOSRExit):
(JSC::FTL::DFG::LowerDFGToB3::exitValueForNode):
(JSC::FTL::DFG::LowerDFGToB3::addAvailableRecovery): Deleted.

  • ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileRecovery):

6:08 PM Changeset in webkit [243958] by jer.noble@apple.com
  • 12 edits
    2 adds in trunk

[Cocoa] Deactivate the audio session before the WebProcess suspends.
https://bugs.webkit.org/show_bug.cgi?id=196658

Reviewed by Eric Carlson.

Source/WebCore:

Test: platform/mac/media/audio-session-deactivated-when-suspended.html

Deactivate the audio session when we are notified that the session will suspend.

Drive-by fix: don't try to begin playback when the process is suspended.

  • platform/audio/PlatformMediaSessionManager.cpp:

(WebCore::PlatformMediaSessionManager::sessionWillBeginPlayback):
(WebCore::PlatformMediaSessionManager::processWillSuspend):
(WebCore::PlatformMediaSessionManager::processDidResume):

  • platform/audio/PlatformMediaSessionManager.h:

(WebCore::PlatformMediaSessionManager::processIsSuspended const):

  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setShouldDeactivateAudioSession):

  • testing/InternalSettings.h:
  • testing/InternalSettings.idl:
  • testing/Internals.cpp:

(WebCore::Internals::processWillSuspend):
(WebCore::Internals::processDidResume):

  • testing/Internals.h:
  • testing/Internals.idl:

Source/WebKit:

Notify the PlatformMediaSessionManager when the process suspends or resumes.

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::actualPrepareToSuspend):
(WebKit::WebProcess::cancelPrepareToSuspend):
(WebKit::WebProcess::processDidResume):

LayoutTests:

  • platform/mac/media/audio-session-deactivated-when-suspended-expected.txt: Added.
  • platform/mac/media/audio-session-deactivated-when-suspended.html: Added.
6:02 PM Changeset in webkit [243957] by sihui_liu@apple.com
  • 5 edits in trunk/Source

[iOS] Web process gets suspended while holding locked database files
https://bugs.webkit.org/show_bug.cgi?id=196519
<rdar://problem/49531797>

Reviewed by Chris Dumez.

Source/WebCore:

Don't use DatabaseTracker singleton before it is initialized.

  • Modules/webdatabase/DatabaseTracker.cpp:

(WebCore::DatabaseTracker::isInitialized):

  • Modules/webdatabase/DatabaseTracker.h:

Source/WebKit:

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::actualPrepareToSuspend):

5:10 PM Changeset in webkit [243956] by achristensen@apple.com
  • 5 edits in trunk

Clicking "Go Back" from a safe browsing warning from an iframe should navigate the WKWebView back to the previous page
https://bugs.webkit.org/show_bug.cgi?id=196665
<rdar://45115669>

Reviewed by Geoff Garen.

Source/WebKit:

It is insufficient to just not navigate the subframe. We must leave the page that contained it.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _showSafeBrowsingWarning:completionHandler:]):

  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::showSafeBrowsingWarning):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm:

(goBack):
(+[SimpleLookupContext sharedLookupContext]):
(-[SimpleLookupContext lookUpURL:completionHandler:]):
(TEST):
(+[Simple3LookupContext sharedLookupContext]): Deleted.
(-[Simple3LookupContext lookUpURL:completionHandler:]): Deleted.

5:05 PM Changeset in webkit [243955] by Ryan Haddad
  • 3 edits
    1 delete in trunk

Unreviewed, rolling out r243665.

Caused iOS JSC tests to exit with an exception.

Reverted changeset:

"Assertion failed in JSC::createError"
https://bugs.webkit.org/show_bug.cgi?id=196305
https://trac.webkit.org/changeset/243665

5:03 PM Changeset in webkit [243954] by rniwa@webkit.org
  • 22 edits in trunk/Source

Make WeakPtr<Element> possible and deploy it in form associated elements code
https://bugs.webkit.org/show_bug.cgi?id=196626

Reviewed by Antti Koivisto.

Source/WebCore:

Make Element inherit from CanMakeWeakPtr and deploy WeakPtr<*Element> in FormAssociatedElement and HTMLFormElement.

No new tests sine there should be no behavioral change.

  • dom/Element.h:
  • html/FormAssociatedElement.cpp:

(WebCore::FormAssociatedElement::FormAssociatedElement):
(WebCore::FormAssociatedElement::insertedIntoAncestor):
(WebCore::FormAssociatedElement::setForm):
(WebCore::FormAssociatedElement::resetFormOwner):
(WebCore::FormAssociatedElement::formAttributeChanged):

  • html/FormAssociatedElement.h:

(WebCore::FormAssociatedElement::form const):

  • html/HTMLElement.cpp:

(WebCore::HTMLElement::asFormNamedItem):
(WebCore::HTMLElement::asFormAssociatedElement):

  • html/HTMLElement.h:

(WebCore::HTMLElement::asFormNamedItem): Deleted.

  • html/HTMLFormControlElement.h:
  • html/HTMLFormControlsCollection.cpp:

(WebCore::HTMLFormControlsCollection::formImageElements const): Inlined into updateNamedElementCache.
(WebCore::HTMLFormControlsCollection::updateNamedElementCache const):

  • html/HTMLFormControlsCollection.h:
  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::registerInvalidAssociatedFormControl):
(WebCore::HTMLFormElement::removeInvalidAssociatedFormControlIfNeeded):
(WebCore::HTMLFormElement::registerImgElement):
(WebCore::HTMLFormElement::defaultButton const):
(WebCore::HTMLFormElement::resetDefaultButton):
(WebCore::HTMLFormElement::matchesValidPseudoClass const):
(WebCore::HTMLFormElement::matchesInvalidPseudoClass const):

  • html/HTMLFormElement.h:
  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::HTMLImageElement):
(WebCore::HTMLImageElement::insertedIntoAncestor):

  • html/HTMLImageElement.h:
  • html/HTMLInputElement.h:
  • html/HTMLMediaElement.h:
  • html/HTMLObjectElement.h:
  • html/HTMLPictureElement.h:
  • html/HTMLSlotElement.h:
  • svg/SVGElement.h:

Source/WTF:

Make it possible to call WeakHashSet::remove and WeakHashSet::contains with
a subclass type U of a type T used to define WeakReference<T>.

Also added computesEmpty, which is slightly more efficient than computeSize
when m_set is either empty or when there are non-released weak references in the set.

  • wtf/WeakHashSet.h:

(WTF::WeakHashSet::remove):
(WTF::WeakHashSet::contains const):
(WTF::WeakHashSet::computesEmpty const): Added.

  • wtf/WeakPtr.h: Added an explicit forward declaration of WeakHashSet to avoid

build failures in GTK+ and WPE ports.

4:39 PM Changeset in webkit [243953] by Devin Rousso
  • 17 edits in trunk

Web Inspector: TestSuite test cases should have their own timeout to ensure tests fail with output instead of timeout by test runner
https://bugs.webkit.org/show_bug.cgi?id=162814
<rdar://problem/28574102>

Reviewed by Brian Burg.

Source/WebInspectorUI:

A 10s timer is started for every test case added to an async suite. The timer is cleared
when the test finishes, but if the timer fires, the test is forcibly ended with an error.

This timer can be configured by setting a timeout value when adding the test case. Values
are expected to be in milliseconds. The value -1 will prevent a timer from being set.

This change also relaxes the expectation that any individual test case failure will stop the
rest of the suite from running. Since timers are set per test case, it is possible to
recover from a "bad" test case to still run the remaining test cases.

NOTE: there may be unexpected behaviour if a test times out, as the timer doesn't actually
stop the execution of the test, so it may still run and log information, which may appear
"out of nowhere" in the middle of other tests.

  • UserInterface/Test/TestSuite.js:

(TestSuite.prototype.get passCount):
(AsyncTestSuite.prototype.runTestCases):
(SyncTestSuite.prototype.runTestCases):

LayoutTests:

  • inspector/unit-tests/async-test-suite.html:
  • inspector/unit-tests/async-test-suite-expected.txt:
  • inspector/unit-tests/sync-test-suite.html:
  • inspector/unit-tests/sync-test-suite-expected.txt:
  • http/tests/inspector/network/set-resource-caching-disabled-disk-cache-expected.txt:
  • inspector/canvas/recording-2d.html:
  • inspector/canvas/recording-webgl-snapshots.html:
  • inspector/canvas/recording-webgl.html:
  • inspector/canvas/resources/shaderProgram-utilities.js:

(TestPage.registerInitializer.whenProgramAdded): Added.
(TestPage.registerInitializer.whenProgramRemoved): Added.
(TestPage.registerInitializer.window.initializeTestSuite):
(TestPage.registerInitializer.window.addSimpleTestCase):
(TestPage.registerInitializer.window.addParentCanvasRemovedTestCase):
(TestPage.registerInitializer.awaitProgramAdded): Added.
(TestPage.registerInitializer.awaitProgramRemoved): Added.

  • inspector/console/command-line-api-expected.txt:
  • inspector/console/heap-snapshot.html:
  • inspector/debugger/async-stack-trace-truncate-expected.txt:
  • inspector/debugger/pause-for-internal-scripts-expected.txt:
  • inspector/formatting/resources/utilities.js:

(TestPage.registerInitializer.window.addFormattingTests):

4:25 PM Changeset in webkit [243952] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-build] Add configuration and architecture for windows builders
https://bugs.webkit.org/show_bug.cgi?id=196660

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-build/config.json:
4:06 PM Changeset in webkit [243951] by achristensen@apple.com
  • 5 edits in trunk/Source/WebKit

Undeprecate WKNavigationData
https://bugs.webkit.org/show_bug.cgi?id=196559
<rdar://44927425>

Reviewed by Geoff Garen.

  • UIProcess/API/Cocoa/WKNavigationData.h:

It is used to communicate information from FrameLoaderClient::updateGlobalHistory() to the application.
This use in WKBrowsingContextHistoryDelegate is definitely still deprecated, but its use in
WKHistoryDelegatePrivate does not have an adequate replacement yet, so it must remain undeprecated SPI.

3:08 PM Changeset in webkit [243950] by Alan Coon
  • 9 edits in tags/Safari-608.1.15/Source/JavaScriptCore

Revert r243642. rdar://problem/49654398

3:08 PM Changeset in webkit [243949] by Alan Coon
  • 5 edits in tags/Safari-608.1.15

Revert r243839. rdar://problem/49654398

2:58 PM Changeset in webkit [243948] by ysuzuki@apple.com
  • 7 edits
    2 adds in trunk

SIGSEGV in JSC::BytecodeGenerator::addStringConstant
https://bugs.webkit.org/show_bug.cgi?id=196486

Reviewed by Saam Barati.

JSTests:

  • stress/arrow-function-and-use-strict-directive.js: Added.
  • stress/arrow-function-syntax.js: Added. Checking EOF token handling.

(checkSyntax):
(checkSyntaxError): Currently not using it. But it is useful for testing more things related to arrow function syntax.

Source/JavaScriptCore:

When parsing a FunctionExpression / FunctionDeclaration etc., we use SyntaxChecker for the body of the function because we do not have any interest on the nodes of the body at that time.
The nodes will be parsed with the ASTBuilder when the function itself is parsed for code generation. This works well previously because all the function ends with "}" previously.
SyntaxChecker lexes this "}" token, and parser restores the context back to ASTBuilder and continues parsing.

But now, we have ArrowFunctionExpression without braces arrow => expr. Let's consider the following code.

arrow => expr
"string!"

We parse arrow function's body with SyntaxChecker. At that time, we lex "string!" token under the SyntaxChecker context. But this means that we may not build string content for this token
since SyntaxChecker may not have interest on string content itself in certain case. After the parser is back to ASTBuilder, we parse "string!" as ExpressionStatement with string constant,
generate StringNode with non-built identifier (nullptr), and we accidentally create StringNode with nullptr.

This patch fixes this problem. The root cause of this problem is that the last token lexed in the previous context is used. We add lexCurrentTokenAgainUnderCurrentContext which will re-lex
the current token under the current context (may be ASTBuilder). This should be done only when the caller's context is different from SyntaxChecker, which avoids unnecessary lexing.
We leverage existing SavePoint mechanism to implement lexCurrentTokenAgainUnderCurrentContext cleanly.

And we also fix the bug in the existing SavePoint mechanism, which is shown in the attached test script. When we save LexerState, we do not save line terminator status. This patch also introduces
lexWithoutClearingLineTerminator, which lex the token without clearing line terminator status.

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createString):

  • parser/Lexer.cpp:

(JSC::Lexer<T>::parseMultilineComment):
(JSC::Lexer<T>::lexWithoutClearingLineTerminator): EOF token also should record offset information. This offset information is correctly handled in Lexer::setOffset too.
(JSC::Lexer<T>::lex): Deleted.

  • parser/Lexer.h:

(JSC::Lexer::hasLineTerminatorBeforeToken const):
(JSC::Lexer::setHasLineTerminatorBeforeToken):
(JSC::Lexer<T>::lex):
(JSC::Lexer::prevTerminator const): Deleted.
(JSC::Lexer::setTerminator): Deleted.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::allowAutomaticSemicolon):
(JSC::Parser<LexerType>::parseSingleFunction):
(JSC::Parser<LexerType>::parseStatementListItem):
(JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::Parser<LexerType>::parseClass):
(JSC::Parser<LexerType>::parseExportDeclaration):
(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::Parser<LexerType>::parseYieldExpression):
(JSC::Parser<LexerType>::parseProperty):
(JSC::Parser<LexerType>::parsePrimaryExpression):
(JSC::Parser<LexerType>::parseMemberExpression):

  • parser/Parser.h:

(JSC::Parser::nextWithoutClearingLineTerminator):
(JSC::Parser::lexCurrentTokenAgainUnderCurrentContext):
(JSC::Parser::internalSaveLexerState):
(JSC::Parser::restoreLexerState):

2:52 PM Changeset in webkit [243947] by achristensen@apple.com
  • 4 edits
    1 add in /

REGRESSION(AppleWebKit/605.1.15): WebDownloadDelegate delegate methods called on non-main thread
https://bugs.webkit.org/show_bug.cgi?id=190918
<rdar://problem/45603890>

Reviewed by Darin Adler.

Source/WebKitLegacy/mac:

Since we not doing networking on the main thread but WebView is to be used on the main thread,
we need to hop delegate calls to the main thread similarly to how we do it in the non-download
delegate calls in WebCoreResourceHandleAsOperationQueueDelegate.

  • Misc/WebDownload.mm:

(-[WebDownloadInternal downloadDidBegin:]):
(-[WebDownloadInternal download:willSendRequest:redirectResponse:]):
(-[WebDownloadInternal download:didReceiveAuthenticationChallenge:]):
(-[WebDownloadInternal download:didReceiveResponse:]):
(-[WebDownloadInternal download:didReceiveDataOfLength:]):
(-[WebDownloadInternal download:shouldDecodeSourceDataOfMIMEType:]):
(-[WebDownloadInternal download:decideDestinationWithSuggestedFilename:]):
(-[WebDownloadInternal download:didCreateDestination:]):
(-[WebDownloadInternal downloadDidFinish:]):
(-[WebDownloadInternal download:didFailWithError:]):

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKitLegacy/mac/DownloadThread.mm: Added.

(-[DownloadThreadChecker webView:decidePolicyForMIMEType:request:frame:decisionListener:]):
(-[DownloadThreadChecker downloadDidBegin:]):
(-[DownloadThreadChecker download:shouldDecodeSourceDataOfMIMEType:]):
(-[DownloadThreadChecker download:decideDestinationWithSuggestedFilename:]):
(-[DownloadThreadChecker download:didCreateDestination:]):
(-[DownloadThreadChecker downloadDidFinish:]):
(TestWebKitAPI::TEST):

2:50 PM Changeset in webkit [243946] by achristensen@apple.com
  • 2 edits in /

Flaky API Test TestWebKitAPI.WebKit.PerformedActionForURL
https://bugs.webkit.org/show_bug.cgi?id=196151

Reviewed by Chris Dumez.

  • TestWebKitAPI/Tests/WebKitCocoa/ContentRuleListNotification.mm:

(TEST):
We were assuming that messages were received in a certain order.
Actually wait for all messages to be received before checking results.

2:49 PM Changeset in webkit [243945] by Ryan Haddad
  • 3 edits in trunk/LayoutTests

[Mac WK2 iOS Sim] Layout Test imported/w3c/web-platform-tests/webrtc/RTCRtpReceiver-getSynchronizationSources.https.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=196633

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations: Mark test as flaky.
  • platform/mac-wk2/TestExpectations: Ditto.
2:36 PM Changeset in webkit [243944] by eric.carlson@apple.com
  • 4 edits in trunk/Source

Remove AUDIO_TOOLBOX_AUDIO_SESSION
https://bugs.webkit.org/show_bug.cgi?id=196653
<rdar://problem/49652098>

Reviewed by Jer Noble.

Source/WebKitLegacy/mac:

  • WebView/WebPreferences.mm:

(-[WebPreferences setAudioSessionCategoryOverride:]):

Source/WTF:

  • wtf/Platform.h:
2:28 PM Changeset in webkit [243943] by caitp@igalia.com
  • 7 edits in trunk

[JSC] Filter DontEnum properties in ProxyObject::getOwnPropertyNames()
https://bugs.webkit.org/show_bug.cgi?id=176810

Reviewed by Saam Barati.

JSTests:

Add tests for the DontEnum filtering, and variations of other tests
take the DontEnum-filtering path.

  • stress/proxy-own-keys.js:

(i.catch):
(set assert):
(set add):
(let.set new):
(get let):

Source/JavaScriptCore:

This adds conditional logic following the invariant checks, to perform
filtering in common uses of getOwnPropertyNames.

While this would ideally only be done in JSPropertyNameEnumerator, adding
the filtering to ProxyObject::performGetOwnPropertyNames maintains the
invariant that the EnumerationMode is properly followed.

  • runtime/PropertyNameArray.h:

(JSC::PropertyNameArray::reset):

  • runtime/ProxyObject.cpp:

(JSC::ProxyObject::performGetOwnPropertyNames):

Source/WebCore:

Previously, there was a comment here indicating uncertainty of whether it
was necessary to filter DontEnum properties explicitly or not. It turns
out that it was necessary in the case of JSC ProxyObjects.

This patch adds DontEnum filtering for ProxyObjects, however we continue
to explicitly filter them in JSDOMConvertRecord, which needs to use the
property descriptor after filtering. This change prevents observably
fetching the property descriptor twice per property.

  • bindings/js/JSDOMConvertRecord.h:
2:13 PM Changeset in webkit [243942] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

editing/execCommand/print.html is crashing on iOS Debug
https://bugs.webkit.org/show_bug.cgi?id=196654

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations: Skipping test on iOS Debug while waiting for a fix
11:32 AM Changeset in webkit [243941] by Michael Catanzaro
  • 21 edits in trunk/Source

Unreviewed manual rollout of r243929
https://bugs.webkit.org/show_bug.cgi?id=196626

Source/WebCore:

  • dom/Element.h:
  • html/FormAssociatedElement.cpp:

(WebCore::FormAssociatedElement::FormAssociatedElement):
(WebCore::FormAssociatedElement::insertedIntoAncestor):
(WebCore::FormAssociatedElement::setForm):
(WebCore::FormAssociatedElement::resetFormOwner):
(WebCore::FormAssociatedElement::formAttributeChanged):

  • html/FormAssociatedElement.h:

(WebCore::FormAssociatedElement::form const):

  • html/HTMLElement.cpp:

(WebCore::HTMLElement::asFormNamedItem): Deleted.
(WebCore::HTMLElement::asFormAssociatedElement): Deleted.

  • html/HTMLElement.h:

(WebCore::HTMLElement::asFormNamedItem):

  • html/HTMLFormControlElement.h:
  • html/HTMLFormControlsCollection.cpp:

(WebCore:: const):
(WebCore::HTMLFormControlsCollection::updateNamedElementCache const):

  • html/HTMLFormControlsCollection.h:
  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::registerInvalidAssociatedFormControl):
(WebCore::HTMLFormElement::removeInvalidAssociatedFormControlIfNeeded):
(WebCore::HTMLFormElement::registerImgElement):
(WebCore::HTMLFormElement::defaultButton const):
(WebCore::HTMLFormElement::resetDefaultButton):
(WebCore::HTMLFormElement::matchesValidPseudoClass const):
(WebCore::HTMLFormElement::matchesInvalidPseudoClass const):

  • html/HTMLFormElement.h:
  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::HTMLImageElement):
(WebCore::HTMLImageElement::insertedIntoAncestor):

  • html/HTMLImageElement.h:
  • html/HTMLInputElement.h:
  • html/HTMLMediaElement.h:
  • html/HTMLObjectElement.h:
  • html/HTMLPictureElement.h:
  • html/HTMLSlotElement.h:
  • svg/SVGElement.h:

Source/WTF:

  • wtf/WeakHashSet.h:

(WTF::WeakHashSet::remove):
(WTF::WeakHashSet::contains const):
(WTF::WeakHashSet::computesEmpty const): Deleted.

11:21 AM Changeset in webkit [243940] by eric.carlson@apple.com
  • 3 edits in trunk/Source/WebKitLegacy/mac

Stop including <AudioToolbox/AudioSession.h>
https://bugs.webkit.org/show_bug.cgi?id=196648
<rdar://problem/39665771>

Reviewed by Jer Noble.

  • WebView/WebPreferencesPrivate.h:
11:06 AM Changeset in webkit [243939] by sihui_liu@apple.com
  • 9 edits in trunk/Source

[iOS] Web process gets suspended while holding locked database files
https://bugs.webkit.org/show_bug.cgi?id=196519
<rdar://problem/49531797>

Reviewed by Chris Dumez.

Source/WebCore:

We should close all databases and make sure not open new databases when web process is ready to suspend.

  • platform/sql/SQLiteDatabase.cpp:

(WebCore::SQLiteDatabase::setIsDatabaseOpeningForbidden):
(WebCore::SQLiteDatabase::open):

  • platform/sql/SQLiteDatabase.h:
  • platform/sql/SQLiteDatabaseTracker.cpp:

(WebCore::SQLiteDatabaseTracker::setClient):
(WebCore::SQLiteDatabaseTracker::incrementTransactionInProgressCount):
(WebCore::SQLiteDatabaseTracker::decrementTransactionInProgressCount):
(WebCore::SQLiteDatabaseTracker::hasTransactionInProgress):

Source/WebKit:

  • Shared/WebSQLiteDatabaseTracker.cpp:

(WebKit::WebSQLiteDatabaseTracker::~WebSQLiteDatabaseTracker):

  • Shared/WebSQLiteDatabaseTracker.h:
  • WebProcess/WebProcess.cpp:

(WebKit::m_webSQLiteDatabaseTracker):
(WebKit::WebProcess::actualPrepareToSuspend):
(WebKit::WebProcess::processWillSuspendImminently):
(WebKit::WebProcess::cancelPrepareToSuspend):
(WebKit::WebProcess::processDidResume):

  • WebProcess/WebProcess.h:
11:01 AM Changeset in webkit [243938] by Kocsen Chung
  • 7 edits in tags/Safari-608.1.13.3.1/Source

Versioning.

10:22 AM Changeset in webkit [243937] by Kocsen Chung
  • 1 copy in tags/Safari-608.1.13.3.1

New tag.

10:14 AM Changeset in webkit [243936] by Jonathan Bedard
  • 2 edits in trunk/Tools

webkitpy: Don't run subsequent rounds if interrupted
https://bugs.webkit.org/show_bug.cgi?id=196646

Reviewed by Aakash Jain.

  • Scripts/webkitpy/layout_tests/controllers/manager.py:

(Manager.run): Bail out if interrupted.

9:30 AM Changeset in webkit [243935] by sihui_liu@apple.com
  • 2 edits in trunk/Tools

Test sessionStorage in PSON private browsing mode
https://bugs.webkit.org/show_bug.cgi?id=196561

Reviewed by Alex Christensen.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
8:35 AM Changeset in webkit [243934] by commit-queue@webkit.org
  • 28 edits
    1 delete in trunk

Unreviewed, rolling out r243833.
https://bugs.webkit.org/show_bug.cgi?id=196645

This change breaks build of WPE and GTK ports (Requested by
annulen on #webkit).

Reverted changeset:

"[CMake][WTF] Mirror XCode header directories"
https://bugs.webkit.org/show_bug.cgi?id=191662
https://trac.webkit.org/changeset/243833

6:45 AM Changeset in webkit [243933] by caitp@igalia.com
  • 8 edits in trunk

JSTests:
[JSC] throw if 'ownKeys' Proxy trap result contains duplicate keys
https://bugs.webkit.org/show_bug.cgi?id=185211

Reviewed by Saam Barati.

This is for the normative spec change in https://github.com/tc39/ecma262/pull/833

This changes several assertions to expect a TypeError to be thrown (in some cases,
changing thee expected message).

  • es6/Proxy_ownKeys_duplicates.js:

(handler):
(shouldThrow):
(test):

  • stress/Object_static_methods_Object.getOwnPropertyDescriptors-proxy.js:

(shouldThrow):

  • stress/proxy-own-keys.js:

(i.catch):
(assert):

LayoutTests/imported/w3c:
[JSC] throw if 'ownKeys' Proxy trap result contains duplicate keys
https://bugs.webkit.org/show_bug.cgi?id=185211

Reviewed by Saam Barati.

This is for the normative spec change in https://github.com/tc39/ecma262/pull/833

Change some test expectations which were previously expected to fail.

  • web-platform-tests/fetch/api/headers/headers-record-expected.txt:

Source/JavaScriptCore:
[JSC] throw if ownKeys Proxy trap result contains duplicate keys
https://bugs.webkit.org/show_bug.cgi?id=185211

Reviewed by Saam Barati.

Implements the normative spec change in https://github.com/tc39/ecma262/pull/833

This involves tracking duplicate keys returned from the ownKeys trap in yet
another HashTable, and may incur a minor performance penalty in some cases. This
is not expected to significantly affect web performance.

  • runtime/ProxyObject.cpp:

(JSC::ProxyObject::performGetOwnPropertyNames):

5:42 AM Changeset in webkit [243932] by ddkilzer@apple.com
  • 2 edits in trunk/Source/WebKit

REGRESSION(r240685): Remove duplicate Headers entry for _WKInspectorWindow.h in Xcode project
<https://bugs.webkit.org/show_bug.cgi?id=193951>
<rdar://problem/47621366>

Fixes the following build warnings:

Warning: Multiple build commands for output file WebKit2_WebKit.roots/BuildRecords/WebKit2_installhdrs/Root/System/Library/Frameworks/WebKit.framework/PrivateHeaders/_WKInspectorWindow.h
Warning: Multiple build commands for output file WebKit2_WebKit.roots/BuildRecords/WebKit2_installapi/Root/System/Library/Frameworks/WebKit.framework/PrivateHeaders/_WKInspectorWindow.h
Warning: Multiple build commands for output file WebKit2_WebKit.roots/BuildRecords/WebKit2_install/Root/System/Library/Frameworks/WebKit.framework/PrivateHeaders/_WKInspectorWindow.h

  • WebKit.xcodeproj/project.pbxproj: Remove duplicate entry for

_WKInspectorWindow.h. In r240685, a second Headers entry was
added, but the first one was never removed.

5:25 AM Changeset in webkit [243931] by ddkilzer@apple.com
  • 14 edits in trunk/Source/WebCore

REGRESSION(r243887): Try to fix Windows builds by including <wtf/IsoMalloc.h>

Caused by:

[WebCore] Put most of derived classes of ScriptWrappable into IsoHeap
https://bugs.webkit.org/show_bug.cgi?id=196475

  • css/CSSComputedStyleDeclaration.h:
  • dom/DOMRectReadOnly.h:
  • dom/LiveNodeList.h:
  • dom/NodeIterator.h:
  • dom/TreeWalker.h:
  • fileapi/Blob.h:
  • fileapi/File.h:
  • fileapi/FileList.h:
  • html/CachedHTMLCollection.h:
  • html/HTMLFormElement.h:
  • html/HTMLNameCollection.h:
  • html/canvas/GPUBasedCanvasRenderingContext.h:
  • page/RemoteDOMWindow.h:
4:30 AM Changeset in webkit [243930] by Diego Pino Garcia
  • 2 edits in trunk/LayoutTests

[WPE] Unreviewed gardening, update unexpected passes

  • platform/wpe/TestExpectations:
1:22 AM Changeset in webkit [243929] by rniwa@webkit.org
  • 21 edits in trunk/Source

Make WeakPtr<Element> possible and deploy it in form associated elements code
https://bugs.webkit.org/show_bug.cgi?id=196626

Reviewed by Antti Koivisto.

Source/WebCore:

Make Element inherit from CanMakeWeakPtr and deploy WeakPtr<*Element> in FormAssociatedElement and HTMLFormElement.

No new tests sine there should be no behavioral change.

  • dom/Element.h:
  • html/FormAssociatedElement.cpp:

(WebCore::FormAssociatedElement::FormAssociatedElement):
(WebCore::FormAssociatedElement::insertedIntoAncestor):
(WebCore::FormAssociatedElement::setForm):
(WebCore::FormAssociatedElement::resetFormOwner):
(WebCore::FormAssociatedElement::formAttributeChanged):

  • html/FormAssociatedElement.h:

(WebCore::FormAssociatedElement::form const):

  • html/HTMLElement.cpp:

(WebCore::HTMLElement::asFormNamedItem):
(WebCore::HTMLElement::asFormAssociatedElement):

  • html/HTMLElement.h:

(WebCore::HTMLElement::asFormNamedItem): Deleted.

  • html/HTMLFormControlElement.h:
  • html/HTMLFormControlsCollection.cpp:

(WebCore::HTMLFormControlsCollection::formImageElements const): Inlined into updateNamedElementCache.
(WebCore::HTMLFormControlsCollection::updateNamedElementCache const):

  • html/HTMLFormControlsCollection.h:
  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::registerInvalidAssociatedFormControl):
(WebCore::HTMLFormElement::removeInvalidAssociatedFormControlIfNeeded):
(WebCore::HTMLFormElement::registerImgElement):
(WebCore::HTMLFormElement::defaultButton const):
(WebCore::HTMLFormElement::resetDefaultButton):
(WebCore::HTMLFormElement::matchesValidPseudoClass const):
(WebCore::HTMLFormElement::matchesInvalidPseudoClass const):

  • html/HTMLFormElement.h:
  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::HTMLImageElement):
(WebCore::HTMLImageElement::insertedIntoAncestor):

  • html/HTMLImageElement.h:
  • html/HTMLInputElement.h:
  • html/HTMLMediaElement.h:
  • html/HTMLObjectElement.h:
  • html/HTMLPictureElement.h:
  • html/HTMLSlotElement.h:
  • svg/SVGElement.h:

Source/WTF:

Make it possible to call WeakHashSet::remove and WeakHashSet::contains with
a subclass type U of a type T used to define WeakReference<T>.

Also added computesEmpty, which is slightly more efficient than computeSize
when m_set is either empty or when there are non-released weak references in the set.

  • wtf/WeakHashSet.h:

(WTF::WeakHashSet::remove):
(WTF::WeakHashSet::contains const):
(WTF::WeakHashSet::computesEmpty const): Added.

12:35 AM Changeset in webkit [243928] by Carlos Garcia Campos
  • 15 edits in trunk/Source

[ATK] Use a smart pointer for AccessibilityObject wrapper and remove GTK specific code
https://bugs.webkit.org/show_bug.cgi?id=196593
<rdar://problem/49599153>

Reviewed by Michael Catanzaro.

Source/WebCore:

We have specific code for GTK to get/set the wrapper only because we don't use smart pointers. Also use
WebKitAccessible as AccessibilityObjectWrapper instead of generic AtkObject, to enforce wrappers to be
WebKitAccessible instances. This requires a few casts to AtkObject.

  • accessibility/AccessibilityObject.h:

(WebCore::AccessibilityObject::setWrapper):

  • accessibility/AccessibilityObjectInterface.h:
  • accessibility/atk/AXObjectCacheAtk.cpp:

(WebCore::AXObjectCache::detachWrapper):
(WebCore::AXObjectCache::attachWrapper):
(WebCore::notifyChildrenSelectionChange):
(WebCore::AXObjectCache::postPlatformNotification):
(WebCore::AXObjectCache::nodeTextChangePlatformNotification):
(WebCore::AXObjectCache::frameLoadingEventPlatformNotification):
(WebCore::AXObjectCache::platformHandleFocusedUIElementChanged):

  • accessibility/atk/AccessibilityObjectAtk.cpp:
  • accessibility/atk/WebKitAccessibleInterfaceComponent.cpp:

(webkitAccessibleComponentRefAccessibleAtPoint):

  • accessibility/atk/WebKitAccessibleInterfaceHypertext.cpp:

(webkitAccessibleHypertextGetLink):
(webkitAccessibleHypertextGetNLinks):

  • accessibility/atk/WebKitAccessibleInterfaceSelection.cpp:

(webkitAccessibleSelectionRefSelection):

  • accessibility/atk/WebKitAccessibleInterfaceTable.cpp:

(webkitAccessibleTableRefAt):
(webkitAccessibleTableGetColumnHeader):
(webkitAccessibleTableGetRowHeader):
(webkitAccessibleTableGetCaption):

  • accessibility/atk/WebKitAccessibleInterfaceTableCell.cpp:

(convertToGPtrArray):
(webkitAccessibleTableCellGetTable):

  • accessibility/atk/WebKitAccessibleInterfaceText.cpp:

(accessibilityObjectLength):

  • accessibility/atk/WebKitAccessibleWrapperAtk.cpp:

(setAtkRelationSetFromCoreObject):
(atkParentOfRootObject):
(webkitAccessibleGetParent):
(webkitAccessibleRefChild):
(isTextWithCaret):

  • editing/atk/FrameSelectionAtk.cpp:

(WebCore::emitTextSelectionChange):
(WebCore::maybeEmitTextFocusChange):

Source/WebKit:

  • WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.cpp:

(accessibilityRootObjectWrapper): Cast wrapper() as AtkObject.

Apr 4, 2019:

11:42 PM Changeset in webkit [243927] by Simon Fraser
  • 7 edits
    2 adds in trunk

Simple iframe scrolling test fails to get a composited scrolling frame in WebKitTestRunnerApp
https://bugs.webkit.org/show_bug.cgi?id=196635

Reviewed by Antti Koivisto.
Source/WebKit:

Remove WKBundleSetAsyncFrameScrollingEnabled().

  • WebProcess/InjectedBundle/API/c/WKBundle.cpp:

(WKBundleSetAsyncFrameScrollingEnabled): Deleted.

  • WebProcess/InjectedBundle/API/c/WKBundlePrivate.h:

Tools:

InjectedBundle::beginTesting() calling WKBundleSetAsyncFrameScrollingEnabled() makes it impossible
for a test to enable async frame scrolling via:

<!-- webkit-test-runner [ internal:AsyncFrameScrollingEnabled=true ] -->

so remove it and have TestController::resetPreferencesToConsistentValues() set the default value.

Test: scrollingcoordinator/ios/programmatic-frame-scroll.html

  • WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::beginTesting):

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetPreferencesToConsistentValues):

LayoutTests:

  • scrollingcoordinator/ios/programmatic-frame-scroll-expected.html: Added.
  • scrollingcoordinator/ios/programmatic-frame-scroll.html: Added.
10:18 PM Changeset in webkit [243926] by Simon Fraser
  • 19 edits
    4 adds in trunk

[iOS WK2] REGRESSION (r242687): Programmatic scroll of overflow scroll results in bad rendering
https://bugs.webkit.org/show_bug.cgi?id=195584

Reviewed by Zalan Bujtas.

Source/WebCore:

Push data to the scrolling tree about whether an overflow:scroll scroll was programmatic, by having
RenderLayer::scrollToOffset() call into AsyncScrollingCoordinator::requestScrollPositionUpdate(),
just as we do for frames.

AsyncScrollingCoordinator::requestScrollPositionUpdate() is generalized to take any ScrollableArea.

Fix an assumption in the ScrollingTree that we only care about programmatic scrolls on the root node.
ScrollingTree::commitTreeState() no longer sets isHandlingProgrammaticScroll; instead,
callers of ScrollingTreeScrollingNode::scrollTo() pass a ScrollType. Commit functions pass
ScrollType::Programmatic when handling RequestedScrollPosition changes as necessary.

Programmatic scrolls need to get to the scrolling tree in the UI process so that we update
the tree's notion of scroll position, and trigger actual UIScrollView scrolls (layers may have
already been put in the right locations, but the UI process needs to know that a scroll happened).
However, we need to prevent notifications from programmatic scrolls getting back to the
web process, because this causes jumpiness. This is done via an early return in
RemoteScrollingCoordinatorProxy::scrollingTreeNodeDidScroll().

Tests: scrollingcoordinator/ios/programmatic-overflow-scroll.html

scrollingcoordinator/ios/programmatic-page-scroll.html

  • page/scrolling/AsyncScrollingCoordinator.cpp:

(WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate):

  • page/scrolling/AsyncScrollingCoordinator.h:
  • page/scrolling/ScrollingCoordinator.h:

(WebCore::ScrollingCoordinator::requestScrollPositionUpdate):

  • page/scrolling/ScrollingTree.cpp:

(WebCore::ScrollingTree::commitTreeState):
(WebCore::ScrollingTree::isHandlingProgrammaticScroll): Deleted.

  • page/scrolling/ScrollingTree.h:

(WebCore::ScrollingTree::isHandlingProgrammaticScroll const):
(WebCore::ScrollingTree::setIsHandlingProgrammaticScroll):

  • page/scrolling/ScrollingTreeScrollingNode.cpp:

(WebCore::ScrollingTreeScrollingNode::scrollBy):
(WebCore::ScrollingTreeScrollingNode::scrollTo):

  • page/scrolling/ScrollingTreeScrollingNode.h:
  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

(WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateAfterChildren):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::scrollToOffset):
(WebCore::RenderLayer::scrollingNodeID const):

  • rendering/RenderLayer.h:
  • rendering/RenderMarquee.cpp:

(WebCore::RenderMarquee::timerFired):

Source/WebKit:

Push data to the scrolling tree about whether an overflow:scroll scroll was programmatic, by having
RenderLayer::scrollToOffset() call into AsyncScrollingCoordinator::requestScrollPositionUpdate(),
just as we do for frames.

AsyncScrollingCoordinator::requestScrollPositionUpdate() is generalized to take any ScrollableArea.

Fix an assumption in the ScrollingTree that we only care about programmatic scrolls on the root node.
ScrollingTree::commitTreeState() no longer sets isHandlingProgrammaticScroll; instead,
callers of ScrollingTreeScrollingNode::scrollTo() pass a ScrollType. Commit functions pass
ScrollType::Programmatic when handling RequestedScrollPosition changes as necessary.

Programmatic scrolls need to get to the scrolling tree in the UI process so that we update
the tree's notion of scroll position, and trigger actual UIScrollView scrolls (layers may have
already been put in the right locations, but the UI process needs to know that a scroll happened).
However, we need to prevent notifications from programmatic scrolls getting back to the
web process, because this causes jumpiness. This is done via an early return in
RemoteScrollingCoordinatorProxy::scrollingTreeNodeDidScroll().

  • UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.cpp:

(WebKit::RemoteScrollingCoordinatorProxy::scrollingTreeNodeDidScroll):

  • UIProcess/RemoteLayerTree/ios/ScrollingTreeFrameScrollingNodeRemoteIOS.mm:

(WebKit::ScrollingTreeFrameScrollingNodeRemoteIOS::commitStateAfterChildren): Subframe nodes have
a delegate, and that will take care of the requestedScrollPosition update.

  • UIProcess/RemoteLayerTree/ios/ScrollingTreeOverflowScrollingNodeIOS.h:
  • UIProcess/RemoteLayerTree/ios/ScrollingTreeOverflowScrollingNodeIOS.mm:

(WebKit::ScrollingTreeOverflowScrollingNodeIOS::commitStateAfterChildren):

  • UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::commitStateAfterChildren):

LayoutTests:

Testing of programmatic scrolls in frames is prevented by webkit.org/b/196635.

  • scrollingcoordinator/ios/programmatic-overflow-scroll-expected.html: Added.
  • scrollingcoordinator/ios/programmatic-overflow-scroll.html: Added.
  • scrollingcoordinator/ios/programmatic-page-scroll-expected.html: Added.
  • scrollingcoordinator/ios/programmatic-page-scroll.html: Added.
9:17 PM Changeset in webkit [243925] by ysuzuki@apple.com
  • 8 edits
    2 copies
    1 add in trunk

[JSC] makeBoundFunction should not assume incoming "length" value is Int32 because it performs some calculation in bytecode
https://bugs.webkit.org/show_bug.cgi?id=196631

Reviewed by Saam Barati.

JSTests:

  • stress/make-bound-function-should-not-assume-int32-length.js: Added.

(assert):
(test):
(foo):

Source/JavaScriptCore:

makeBoundFunction assumes that "length" argument is always Int32. But this should not be done since this "length" value is calculated in builtin JS code.
DFG may store this value in Double format so that we should not rely on that this value is Int32. This patch fixes makeBoundFunction function to perform
toInt32 operation. We also insert a missing exception check for JSString::value(ExecState*) in makeBoundFunction.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • interpreter/CallFrameInlines.h:
  • runtime/DoublePredictionFuzzerAgent.cpp: Copied from Source/JavaScriptCore/interpreter/CallFrameInlines.h.

(JSC::DoublePredictionFuzzerAgent::DoublePredictionFuzzerAgent):
(JSC::DoublePredictionFuzzerAgent::getPrediction):

  • runtime/DoublePredictionFuzzerAgent.h: Copied from Source/JavaScriptCore/interpreter/CallFrameInlines.h.
  • runtime/JSGlobalObject.cpp:

(JSC::makeBoundFunction):

  • runtime/Options.h:
  • runtime/VM.cpp:

(JSC::VM::VM):

6:45 PM Changeset in webkit [243924] by ysuzuki@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed, speculative fix for build failure
https://bugs.webkit.org/show_bug.cgi?id=196475

  • Modules/webgpu/WHLSL/Metal/WHLSLNativeFunctionWriter.h:
6:09 PM Changeset in webkit [243923] by rniwa@webkit.org
  • 2 edits in trunk/Source/WebCore

Element::isFocusable() debug asserts too frequently
https://bugs.webkit.org/show_bug.cgi?id=196634

Reviewed by Geoffrey Garen.

Remove the debug assertion for now.

  • dom/Element.cpp:

(WebCore::Element::isFocusable const):

5:49 PM Changeset in webkit [243922] by ap@apple.com
  • 2 edits in trunk/Tools

Use a correct LC_RPATH when building with ASan
https://bugs.webkit.org/show_bug.cgi?id=196576

Reviewed by David Kilzer.

  • asan/asan.xcconfig: As a temporary hack, just force LC_RPATH on all binaries,

so that ../Frameworks is checked. This is simpler and more reliable than updating
each SPC service xcconfig.

5:31 PM Changeset in webkit [243921] by aakash_jain@apple.com
  • 6 edits in trunk/Websites/bugs.webkit.org

Add another status-bubble iframe to display results from new EWS
https://bugs.webkit.org/show_bug.cgi?id=196308

Reviewed by Lucas Forschler.

  • js/status-bubble.js:

(handleStatusBubbleMessage): Added URL for new EWS.
(handleStatusBubbleLoadNewEWS): Method to post message to new EWS.

  • code-review.js: Added another iframe to display results from new EWS.
  • template/en/default/attachment/edit.html.tmpl: Ditto.
  • template/en/default/attachment/list.html.tmpl: Ditto.
  • template/en/default/attachment/reviewform.html.tmpl: Ditto.
5:28 PM Changeset in webkit [243920] by sbarati@apple.com
  • 2 edits in trunk/JSTests

Unreviewed. Make the test from r243906 catch the thrown exceptions.

  • stress/inferred-types-regex-matches-array.js:
5:11 PM Changeset in webkit [243919] by Simon Fraser
  • 14 edits in trunk/Source

Have ScrollableArea store a ScrollType for the current scroll
https://bugs.webkit.org/show_bug.cgi?id=196627

Reviewed by Zalan Bujtas.

Source/WebCore:

RenderLayer had isInUserScroll() which is the opposite of ScrollableArea::inProgrammaticScroll(),
so just have ScrollableArea store a ScrollType.

RenderLayer's scrolling bottleneck, scrollToOffset(), now takes a ScrollType, and pushes
it onto the base class.

AsyncScrollingCoordinator::requestScrollPositionUpdate() can use the incoming scrollType (currently
incorrect for iOS WK2 overflow) rather than deducing a user scroll from ScrollingLayerPositionAction.

No behavior change.

  • page/FrameView.cpp:

(WebCore::FrameView::setFrameRect):
(WebCore::FrameView::topContentInsetDidChange):
(WebCore::FrameView::updateLayoutViewport):
(WebCore::FrameView::setScrollPosition):
(WebCore::FrameView::shouldUpdateCompositingLayersAfterScrolling const):
(WebCore::FrameView::setWasScrolledByUser):

  • page/FrameViewLayoutContext.cpp:

(WebCore::LayoutScope::LayoutScope):
(WebCore::LayoutScope::~LayoutScope):

  • page/ios/FrameIOS.mm:

(WebCore::Frame::overflowScrollPositionChangedForNode):

  • page/scrolling/AsyncScrollingCoordinator.cpp:

(WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate):
(WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
(WebCore::AsyncScrollingCoordinator::reconcileScrollingState):

  • platform/ScrollView.cpp:

(WebCore::ScrollView::setScrollPosition):

  • platform/ScrollableArea.cpp:

(WebCore::ScrollableArea::ScrollableArea):

  • platform/ScrollableArea.h:

(WebCore::ScrollableArea::currentScrollType const):
(WebCore::ScrollableArea::setCurrentScrollType):
(WebCore::ScrollableArea::setIsUserScroll): Deleted.
(WebCore::ScrollableArea::inProgrammaticScroll const): Deleted.
(WebCore::ScrollableArea::setInProgrammaticScroll): Deleted.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::RenderLayer):
(WebCore::RenderLayer::scrollToXPosition):
(WebCore::RenderLayer::scrollToYPosition):
(WebCore::RenderLayer::scrollToOffset):
(WebCore::RenderLayer::scrollTo):

  • rendering/RenderLayer.h:
  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateScrollOffset):

  • rendering/RenderMarquee.cpp:

(WebCore::RenderMarquee::start):

Source/WebKitLegacy/mac:

Send the programmatic scroll type.

  • DOM/DOMHTML.mm:

(-[DOMHTMLElement setScrollXOffset:scrollYOffset:adjustForIOSCaret:]):

5:08 PM Changeset in webkit [243918] by rmorisset@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

B3ReduceStrength should know that Mul distributes over Add and Sub
https://bugs.webkit.org/show_bug.cgi?id=196325
<rdar://problem/49441650>

Reviewed by Saam Barati.

Fix some obviously wrong code that was due to an accidental copy-paste.
It made the entire optimization dead code that never ran.

  • b3/B3ReduceStrength.cpp:
4:14 PM Changeset in webkit [243917] by Shawn Roberts
  • 5 edits
    2 deletes in trunk

Unreviewed, rolling out r243868.

Causing timeouts failures on several queues

Reverted changeset:

"[Web Animations] JS wrapper may be deleted while animation is
yet to dispatch its finish event"
https://bugs.webkit.org/show_bug.cgi?id=196118
https://trac.webkit.org/changeset/243868

3:51 PM Changeset in webkit [243916] by Ryan Haddad
  • 3 edits in trunk/Source/WebKit

Unreviewed, rolling out r243888.

Introduced layout test crashes.

Reverted changeset:

"[macOS][iOS] Add filter to syscall sandbox rule"
https://bugs.webkit.org/show_bug.cgi?id=196613
https://trac.webkit.org/changeset/243888

3:47 PM Changeset in webkit [243915] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

Disable Flaky API Test TestWebKitAPI.WebKit.FocusTextInputContext
https://bugs.webkit.org/show_bug.cgi?id=196629

Reviewed by Lucas Forschler.

  • TestWebKitAPI/Tests/WebKitCocoa/RequestTextInputContext.mm:
3:44 PM Changeset in webkit [243914] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-app] while waiting in queue status-bubble for testers queues should display build information from builder queue
https://bugs.webkit.org/show_bug.cgi?id=196618

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-app/ews/views/statusbubble.py:

(StatusBubble): Added QUEUE_TRIGGERS.
(StatusBubble._build_bubble): Get the build from builder if tester has not started the build yet.
(StatusBubble._get_parent_queue): Get the name of the parent (builder) queue.
(StatusBubble.get_latest_build_for_queue): If the queue doesn't have any build yet, return build information from
its parent(builder).

3:42 PM Changeset in webkit [243913] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-app] Status-bubble steps are sometimes displayed in reverse order
https://bugs.webkit.org/show_bug.cgi?id=196625

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-app/ews/views/statusbubble.py:

(StatusBubble._steps_messages): Explicitly specify order_by('uid').

3:11 PM Changeset in webkit [243912] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

Disable Flaky API Test TestWebKitAPI.KeyboardInputTests.KeyboardTypeForInput
https://bugs.webkit.org/show_bug.cgi?id=196630

Reviewed by Wenson Hsieh.

  • TestWebKitAPI/Tests/ios/KeyboardInputTestsIOS.mm:
3:07 PM Changeset in webkit [243911] by youenn@apple.com
  • 21 edits in trunk

Pass storage quota parameters from UIProcess to NetworkProcess as part of WebsiteDataStore parameters
https://bugs.webkit.org/show_bug.cgi?id=196543

Reviewed by Alex Christensen.

Source/WebCore:

Add a default routine to compute a third party quota from a per origin quota.
No change of behavior.

  • storage/StorageQuotaManager.h:

(WebCore::StorageQuotaManager::defaultThirdPartyQuotaFromPerOriginQuota):
(WebCore::StorageQuotaManager::defaultThirdPartyQuota):

Source/WebKit:

Renamed methods used to set cache storage quota to be storage generic
since they will apply to all storage.

Pass quota parameters as part of WebsiteDataStoreParameters from UIProcess
to NetworkProcess (start-up time and new WebsiteDataStore time).

Compute on UIProcess the quota for third party origins using the default rule of dividing by 10.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::initializeNetworkProcess):
(WebKit::NetworkProcess::addWebsiteDataStore):
(WebKit::NetworkProcess::initializeStorageQuota):
(WebKit::NetworkProcess::setCacheStorageParameters):

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/NetworkProcess.messages.in:
  • Shared/WebsiteDataStoreParameters.cpp:

(WebKit::WebsiteDataStoreParameters::encode const):
(WebKit::WebsiteDataStoreParameters::decode):

  • Shared/WebsiteDataStoreParameters.h:
  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreSetPerOriginStorageQuota):
(WKWebsiteDataStoreSetCacheStoragePerOriginQuota): Deleted.

  • UIProcess/API/C/WKWebsiteDataStoreRef.h:
  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _perOriginStorageQuota]):
(-[WKWebsiteDataStore _setPerOriginStorageQuota:]):
(-[WKWebsiteDataStore _cacheStoragePerOriginQuota]): Deleted.
(-[WKWebsiteDataStore _setCacheStoragePerOriginQuota:]): Deleted.

  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::retrieveCacheStorageParameters):

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::parameters):

  • UIProcess/WebsiteData/WebsiteDataStore.h:

(WebKit::WebsiteDataStore::perOriginStorageQuota const):
(WebKit::WebsiteDataStore::setPerOriginStorageQuota):
(WebKit::WebsiteDataStore::cacheStoragePerOriginQuota const): Deleted.
(WebKit::WebsiteDataStore::setCacheStoragePerOriginQuota): Deleted.

  • UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp:

(WebKit::WebsiteDataStoreConfiguration::copy):

  • UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h:

(WebKit::WebsiteDataStoreConfiguration::perOriginStorageQuota):
(WebKit::WebsiteDataStoreConfiguration::setPerOriginStorageQuota):
(WebKit::WebsiteDataStoreConfiguration::cacheStoragePerOriginQuota): Deleted.
(WebKit::WebsiteDataStoreConfiguration::setCacheStoragePerOriginQuota): Deleted.

Tools:

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::generatePageConfiguration):

2:59 PM Changeset in webkit [243910] by commit-queue@webkit.org
  • 31 edits
    3 deletes in trunk

Unreviewed, rolling out r243807 and r243824.
https://bugs.webkit.org/show_bug.cgi?id=196611

Test added is a flaky timeout on iOS Simulator, 3 tests
unskipped are flaky failures (Requested by ShawnRoberts on
#webkit).

Reverted changesets:

"Blob type cannot be stored correctly in IDB when
IDBObjectStore has autoIncrement and keyPath options"
https://bugs.webkit.org/show_bug.cgi?id=196128
https://trac.webkit.org/changeset/243807

"Follow up fix for r243807: Use MarkedArgumentBuffer instead
of Vector for JSValue"
https://bugs.webkit.org/show_bug.cgi?id=196547
https://trac.webkit.org/changeset/243824

2:56 PM Changeset in webkit [243909] by wenson_hsieh@apple.com
  • 4 edits in trunk/Source/WebKit

Changing default website policies shouldn't change default website policies in subsequent navigations
https://bugs.webkit.org/show_bug.cgi?id=196562
<rdar://problem/49573377>

Reviewed by Tim Horton.

Currently, changing the default WKWebpagePreferences object when deciding navigation policy causes the set of
default policies to change in subsequent navigations. Among other things, this prevents clients from passing
a modified version of the default website policies into the decision handler without impacting future
navigations. To fix this, teach API::WebsitePolicies to make a copy of itself, and then use this to pass a copy
of the default website policies to the navigation delegate when deciding navigation policies.

Test: DoNotAllowChangingDefaultWebpagePreferencesInDelegateMethod

  • UIProcess/API/APIWebsitePolicies.cpp:

(API::WebsitePolicies::copy const):

Add a helper method to copy a set of website policies.

  • UIProcess/API/APIWebsitePolicies.h:
  • UIProcess/Cocoa/NavigationState.mm:

(WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction):

2:47 PM Changeset in webkit [243908] by Simon Fraser
  • 2 edits in trunk/Source/WebCore

Fix rare crash under collectRelatedCoordinatedScrollingNodes()
https://bugs.webkit.org/show_bug.cgi?id=196610
rdar://problem/49595426

Reviewed by Zalan Bujtas.

hasCompositedScrollableOverflow() doesn't check whether a layer is composited (it has
to report the right status before layers have been created), so collectRelatedCoordinatedScrollingNodes()
needs to check whether there's backing.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::collectRelatedCoordinatedScrollingNodes):

2:39 PM Changeset in webkit [243907] by sbarati@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

Unreviewed, build fix for CLoop after r243886

  • interpreter/Interpreter.cpp:

(JSC::UnwindFunctor::copyCalleeSavesToEntryFrameCalleeSavesBuffer const):

  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::calleeSaveRegistersForUnwinding):

  • interpreter/StackVisitor.h:
2:13 PM Changeset in webkit [243906] by sbarati@apple.com
  • 1 edit
    1 add in trunk/JSTests

createRegExpMatchesArray does not respect inferred types
https://bugs.webkit.org/show_bug.cgi?id=193287

Reviewed by Yusuke Suzuki.

This checks in the test case for 193287. This issue was discovered by
Samuel Groß of Google Project Zero.

  • stress/inferred-types-regex-matches-array.js: Added.
2:10 PM Changeset in webkit [243905] by Simon Fraser
  • 8 edits in trunk/Source/WebCore

Move "inProgrammaticScroll" down to ScrollableArea
https://bugs.webkit.org/show_bug.cgi?id=196614

Reviewed by Zalan Bujtas.

A future patch will need to update "inProgrammaticScroll" on RenderLayers, so push
inProgrammaticScroll() down to ScrollableArea.

ScrollableArea already has "isScrolledProgrammatically", which I rename to "scrollShouldClearLatchedState"
to reduce confusion. It might be possible to remove this in future with some refactoring.

Sadly we can no longer use SetForScope<> in FrameView after this change so add some manual save/restore code.

  • dom/Element.cpp:

(WebCore::Element::setScrollLeft):
(WebCore::Element::setScrollTop):

  • page/EventHandler.cpp:

(WebCore::EventHandler::completeWidgetWheelEvent):
(WebCore::EventHandler::handleWheelEvent):

  • page/FrameView.cpp:

(WebCore::FrameView::setFrameRect):
(WebCore::FrameView::topContentInsetDidChange):
(WebCore::FrameView::updateLayoutViewport):
(WebCore::FrameView::setScrollPosition):
(WebCore::FrameView::setWasScrolledByUser):

  • page/FrameView.h:
  • platform/ScrollView.h:

(WebCore::ScrollView::inProgrammaticScroll const): Deleted.

  • platform/ScrollableArea.cpp:

(WebCore::ScrollableArea::ScrollableArea):

  • platform/ScrollableArea.h:

(WebCore::ScrollableArea::inProgrammaticScroll const):
(WebCore::ScrollableArea::setInProgrammaticScroll):
(WebCore::ScrollableArea::scrollShouldClearLatchedState const):
(WebCore::ScrollableArea::setScrollShouldClearLatchedState):
(WebCore::ScrollableArea::isScrolledProgrammatically const): Deleted.
(WebCore::ScrollableArea::setScrolledProgrammatically): Deleted.

1:54 PM Changeset in webkit [243904] by commit-queue@webkit.org
  • 3 edits in trunk/Source/JavaScriptCore

Unreviewed, rolling out r243898.
https://bugs.webkit.org/show_bug.cgi?id=196624

#if !ENABLE(C_LOOP) && NUMBER_OF_CALLEE_SAVES_REGISTERS > 0
does not work well (Requested by yusukesuzuki on #webkit).

Reverted changeset:

"Unreviewed, build fix for CLoop and Windows after r243886"
https://bugs.webkit.org/show_bug.cgi?id=196387
https://trac.webkit.org/changeset/243898

1:53 PM Changeset in webkit [243903] by sihui_liu@apple.com
  • 2 edits in trunk/Source/WebCore

Leak of UniqueIDBDatabase in network process running layout tests
https://bugs.webkit.org/show_bug.cgi?id=196565
<rdar://problem/49346139>

Reviewed by Geoffrey Garen.

UniqueIDBDatabase will null itself after it receives confirmation about connecton close from its clients, but it
is possible that the web process to network process connection closes before servers gets the
confirmDidCloseFromServer. Therefore, we should let UniqueIDBDatabase forget connection when it receives a
conenctionClosedFromClient.

No new test because this bug is caused by race between network receiving conenctionClosedFromClient and
receiving confirmDidCloseFromServer. This is testable by running some existing layout tests in a row with leak
option.

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::connectionClosedFromClient):
(WebCore::IDBServer::UniqueIDBDatabase::confirmDidCloseFromServer):

1:51 PM Changeset in webkit [243902] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit

Unreviewed, fix -Wreturn-type warning

  • Shared/WebsiteData/WebsiteData.cpp:

(WebKit::WebsiteData::ownerProcess):

1:47 PM Changeset in webkit [243901] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Unreviewed, fix iOS build with recent SDKs.

  • platform/gamepad/cocoa/GameControllerGamepad.mm:

(WebCore::GameControllerGamepad::GameControllerGamepad):

1:44 PM Changeset in webkit [243900] by pvollan@apple.com
  • 2 edits in trunk/Source/WebKit

[macOS] Fix sandbox violations
https://bugs.webkit.org/show_bug.cgi?id=196616
<rdar://problem/49498040>

Reviewed by Brent Fulgham.

Fix some observed sandbox violations in the WebContent process on macOS.

  • WebProcess/com.apple.WebProcess.sb.in:
1:44 PM Changeset in webkit [243899] by eric.carlson@apple.com
  • 20 edits
    2 adds in trunk

[MediaStream] Host should be able to mute screen capture and camera/microphone independently
https://bugs.webkit.org/show_bug.cgi?id=196555
<rdar://problem/47303865>

Reviewed by Youenn Fablet.

Source/WebCore:

Test: fast/mediastream/media-stream-page-muted.html

  • Modules/mediastream/MediaStream.cpp:

(WebCore::MediaStream::MediaStream): Call setCaptureTracksMuted to pass page muted
state to tracks.
(WebCore::MediaStream::startProducingData): Ditto.
(WebCore::MediaStream::setCaptureTracksMuted): New.

  • Modules/mediastream/MediaStream.h:
  • Modules/mediastream/MediaStreamTrack.cpp:

(WebCore::MediaStreamTrack::MediaStreamTrack): Call setMuted with page muted state.
(WebCore::MediaStreamTrack::setMuted): Set muted according to page state and source type.
(WebCore::MediaStreamTrack::pageMutedStateDidChange): Call setMuted.
(WebCore::MediaStreamTrack::mediaState const): Update for new page state.

  • Modules/mediastream/MediaStreamTrack.h:
  • page/MediaProducer.h: Split capture muted state into two: camera/microphone and screen.
  • page/Page.h:

(WebCore::Page::isMediaCaptureMuted const): Update for state changes.

  • platform/mediastream/MediaStreamPrivate.cpp:

(WebCore::MediaStreamPrivate::setCaptureTracksMuted): Deleted.
(WebCore::MediaStreamPrivate::hasCaptureVideoSource const): Deleted.

  • platform/mediastream/MediaStreamPrivate.h:
  • platform/mediastream/RealtimeMediaSource.cpp:

(WebCore::RealtimeMediaSource::setMuted): Log state.
(WebCore::RealtimeMediaSource::notifyMutedChange): Call notifyMutedObservers on the
next runloop so events aren't dispatched synchronously.

  • testing/Internals.cpp:

(WebCore::Internals::setPageMuted): Add new state.

Source/WebKit:

  • UIProcess/API/C/WKPagePrivate.h: Add kWKMediaScreenCaptureMuted.
  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setPageMuted:]):
(-[WKWebView _setMediaCaptureMuted:]): Deleted, it was unused.
(-[WKWebView _muteMediaCapture]): Deleted, it was unused.

  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
  • UIProcess/UserMediaPermissionRequestManagerProxy.cpp:

(WebKit::UserMediaPermissionRequestManagerProxy::processUserMediaPermissionValidRequest): Fix
a log comment typo.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::setMediaStreamCaptureMuted): Use the new flag.
(WebKit::WebPageProxy::activateMediaStreamCaptureInPage): Ditto.
(WebKit::WebPageProxy::setMuted): Ditto.

  • UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::isMediaStreamCaptureMuted const): Ditto.

LayoutTests:

  • fast/mediastream/media-stream-page-muted-expected.txt: Added.
  • fast/mediastream/media-stream-page-muted.html: Added.
  • fast/mediastream/media-stream-track-interrupted.html: Read page muted state before

interrupting capture track because the page state now changes immediately.

  • fast/mediastream/media-stream-track-muted.html: Ditto, for muting.
1:41 PM Changeset in webkit [243898] by ysuzuki@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Unreviewed, build fix for CLoop and Windows after r243886
https://bugs.webkit.org/show_bug.cgi?id=196387

RegisterAtOffsetList does not exist if ENABLE(ASSEMBLER) is false.

  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::calleeSaveRegistersForUnwinding):

  • interpreter/StackVisitor.h:
1:38 PM Changeset in webkit [243897] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-app] Status bubble should not display skipped buildbot steps
https://bugs.webkit.org/show_bug.cgi?id=196584

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-app/ews/views/statusbubble.py:
1:34 PM Changeset in webkit [243896] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-app] configure localhost as BUILDBOT_SERVER_HOST in testing mode
https://bugs.webkit.org/show_bug.cgi?id=196620

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-app/ews/config.py:
1:34 PM Changeset in webkit [243895] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Unreviewed, update r243884 to use macros in Compiler.h instead.

  • platform/ios/LegacyTileGrid.mm:

(WebCore::LegacyTileGrid::dropDistantTiles):

1:31 PM Changeset in webkit [243894] by Chris Fleizach
  • 2 edits in trunk/Source/WebCore

AX: Crash under WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored()
https://bugs.webkit.org/show_bug.cgi?id=196600
<rdar://problem/49572996>

Reviewed by Joanmarie Diggs.

Audit AX code to not dereference renderer before checking if it's null.
Not clear how to reproduce at this time.

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::webAreaIsPresentational):
(WebCore::AccessibilityRenderObject::layoutCount const):
(WebCore::AccessibilityRenderObject::widget const):

1:28 PM Changeset in webkit [243893] by Antti Koivisto
  • 19 edits
    8 adds in trunk

Compute accurate regions for touch-action
https://bugs.webkit.org/show_bug.cgi?id=196536
<rdar://problem/49516022>

Reviewed by Simon Fraser.

Source/WebCore:

Tests: pointerevents/ios/touch-action-region-basic.html

pointerevents/ios/touch-action-region-layers.html
pointerevents/ios/touch-action-region-pan-x-y.html

  • Use style system to compute effective touch-action without additional tree walks.
  • Compute touch-action region in a fake paint, at the same time with the event region.

This patch doesn't yet use the computed region for anything except test output.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • css/StyleResolver.cpp:

(WebCore::computeEffectiveTouchActions):
(WebCore::StyleResolver::adjustRenderStyle):

Update RenderStyle::effectiveTouchAction.

  • dom/Element.cpp:

(WebCore::Element::computedTouchActions const):

Just get it from the style.

  • platform/graphics/GraphicsLayer.cpp:

(WebCore::GraphicsLayer::setEventRegion):
(WebCore::GraphicsLayer::setTouchActionRegion):
(WebCore::GraphicsLayer::dumpProperties const):

  • platform/graphics/GraphicsLayer.h:

(WebCore::GraphicsLayer::touchActionRegion const):

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::setTouchActionRegion):

  • platform/graphics/ca/GraphicsLayerCA.h:
  • rendering/PaintInfo.h:
  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::paintObject):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::collectEventRegionForFragments):

  • rendering/RenderLayer.h:
  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateConfiguration):

Need to do this for the top compositing layer too.

(WebCore::RenderLayerBacking::updateEventRegion):

Compute touch-action region too.
As a basic optimization avoid doing any extra work if there are no elements with non-default touch-action property.

  • rendering/TouchActionRegion.cpp: Added.

(WebCore::toIndex):
(WebCore::toTouchAction):
(WebCore::toString):
(WebCore::TouchActionRegion::unite):
(WebCore::TouchActionRegion::actionsForPoint const):
(WebCore::TouchActionRegion::translate):
(WebCore::operator<<):

  • rendering/TouchActionRegion.h: Added.

Class for collecting and maintaining touch-action region.

(WebCore::TouchActionRegion::isEmpty const):
(WebCore::TouchActionRegion::operator== const):

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::effectiveTouchActions const):
(WebCore::RenderStyle::setEffectiveTouchActions):

Implement as inherited property for efficiency (touch-action itself is non-inherited).

  • rendering/style/StyleRareInheritedData.cpp:

(WebCore::StyleRareInheritedData::StyleRareInheritedData):
(WebCore::StyleRareInheritedData::operator== const):

  • rendering/style/StyleRareInheritedData.h:

LayoutTests:

  • pointerevents/ios/touch-action-region-basic-expected.txt: Added.
  • pointerevents/ios/touch-action-region-basic.html: Added.
  • pointerevents/ios/touch-action-region-layers-expected.txt: Added.
  • pointerevents/ios/touch-action-region-layers.html: Added.
  • pointerevents/ios/touch-action-region-pan-x-y-expected.txt: Added.
  • pointerevents/ios/touch-action-region-pan-x-y.html: Added.
1:24 PM Changeset in webkit [243892] by Alan Coon
  • 7 edits in tags/Safari-608.1.15/Source

Versioning.

1:20 PM Changeset in webkit [243891] by Alan Coon
  • 1 copy in tags/Safari-608.1.15

Tag Safari-608.1.15.

1:08 PM Changeset in webkit [243890] by ysuzuki@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed, fix linking error because the build of RTCIceTransport.cpp is handled in Xcode project side accidentally
https://bugs.webkit.org/show_bug.cgi?id=196475

We did not have RTCIceTransport.cpp in Sources.txt.

  • WebCore.xcodeproj/project.pbxproj:
1:08 PM Changeset in webkit [243889] by Alan Coon
  • 7 edits in trunk/Source

Versioning.

12:13 PM Changeset in webkit [243888] by pvollan@apple.com
  • 3 edits in trunk/Source/WebKit

[macOS][iOS] Add filter to syscall sandbox rule
https://bugs.webkit.org/show_bug.cgi?id=196613
<rdar://problem/49531420>

Reviewed by Brent Fulgham.

This will restrict the existing sandbox rule for the syscall.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
  • WebProcess/com.apple.WebProcess.sb.in:
12:07 PM Changeset in webkit [243887] by ysuzuki@apple.com
  • 355 edits
    3 copies
    5 adds in trunk/Source

[WebCore] Put most of derived classes of ScriptWrappable into IsoHeap
https://bugs.webkit.org/show_bug.cgi?id=196475

Reviewed by Saam Barati.

Source/bmalloc:

Add MAKE_BISO_MALLOCED_IMPL_TEMPLATE, which can be used for explicit specialization for template classes.

  • bmalloc/IsoHeap.h:
  • bmalloc/IsoHeapInlines.h:

Source/WebCore:

This patch puts most of derived classes of ScriptWrappable into IsoHeap. We do not include derived classes of Event simply
because Internal repository code also inherits it. After watching the result of this patch, we will try Event and its derived
classes into IsoHeap too.

This patch makes the following things IsoHeap-allocated. These classes are listed by using lldb python script.

  1. DOM collections (HTMLCollection etc.)
  2. WebAudio nodes
  3. IDB classes
  4. FileSystem API classes
  5. Canvas contexts
  6. WebRTC classses
  7. XMLHttpRequest related classes
  8. WebSocket related classes
  9. Worker and Worklet related classes
  10. Other misc classes
  • Modules/applepay/ApplePaySession.cpp:
  • Modules/applepay/ApplePaySession.h:
  • Modules/encryptedmedia/MediaKeySession.cpp:
  • Modules/encryptedmedia/MediaKeySession.h:
  • Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
  • Modules/encryptedmedia/legacy/WebKitMediaKeySession.h:
  • Modules/entriesapi/DOMFileSystem.cpp:
  • Modules/entriesapi/DOMFileSystem.h:

(WebCore::DOMFileSystem::createEntryForFile): Deleted.
(WebCore::DOMFileSystem::name const): Deleted.

  • Modules/entriesapi/FileSystemDirectoryEntry.h:
  • Modules/entriesapi/FileSystemDirectoryReader.cpp:
  • Modules/entriesapi/FileSystemDirectoryReader.h:
  • Modules/entriesapi/FileSystemEntry.cpp:
  • Modules/entriesapi/FileSystemEntry.h:
  • Modules/entriesapi/FileSystemFileEntry.h:
  • Modules/geolocation/Geolocation.cpp:
  • Modules/geolocation/Geolocation.h:

(WebCore::Geolocation::document const): Deleted.
(WebCore::Geolocation::frame const): Deleted.
(WebCore::Geolocation::resetIsAllowed): Deleted.
(WebCore::Geolocation::isAllowed const): Deleted.
(WebCore::Geolocation::isDenied const): Deleted.
(WebCore::Geolocation::hasListeners const): Deleted.

  • Modules/indexeddb/IDBCursor.cpp:
  • Modules/indexeddb/IDBCursor.h:
  • Modules/indexeddb/IDBCursorWithValue.cpp:
  • Modules/indexeddb/IDBCursorWithValue.h:
  • Modules/indexeddb/IDBDatabase.cpp:
  • Modules/indexeddb/IDBDatabase.h:

(WebCore::IDBDatabase::info const): Deleted.
(WebCore::IDBDatabase::databaseConnectionIdentifier const): Deleted.
(WebCore::IDBDatabase::connectionProxy): Deleted.
(WebCore::IDBDatabase::isClosingOrClosed const): Deleted.

  • Modules/indexeddb/IDBKeyRange.cpp:
  • Modules/indexeddb/IDBKeyRange.h:

(WebCore::IDBKeyRange::lower const): Deleted.
(WebCore::IDBKeyRange::upper const): Deleted.
(WebCore::IDBKeyRange::lowerOpen const): Deleted.
(WebCore::IDBKeyRange::upperOpen const): Deleted.

  • Modules/indexeddb/IDBOpenDBRequest.cpp:
  • Modules/indexeddb/IDBOpenDBRequest.h:
  • Modules/indexeddb/IDBRequest.cpp:
  • Modules/indexeddb/IDBRequest.h:
  • Modules/indexeddb/IDBTransaction.cpp:
  • Modules/indexeddb/IDBTransaction.h:

(WebCore::IDBTransaction::mode const): Deleted.
(WebCore::IDBTransaction::info const): Deleted.
(WebCore::IDBTransaction::database): Deleted.
(WebCore::IDBTransaction::database const): Deleted.
(WebCore::IDBTransaction::originalDatabaseInfo const): Deleted.
(WebCore::IDBTransaction::isVersionChange const): Deleted.
(WebCore::IDBTransaction::isReadOnly const): Deleted.
(WebCore::IDBTransaction::isFinished const): Deleted.

  • Modules/mediarecorder/MediaRecorder.cpp:
  • Modules/mediarecorder/MediaRecorder.h:
  • Modules/mediasession/MediaRemoteControls.cpp:
  • Modules/mediasession/MediaRemoteControls.h:

(WebCore::MediaRemoteControls::create): Deleted.
(WebCore::MediaRemoteControls::previousTrackEnabled const): Deleted.
(WebCore::MediaRemoteControls::nextTrackEnabled const): Deleted.

  • Modules/mediasource/MediaSource.cpp:
  • Modules/mediasource/MediaSource.h:
  • Modules/mediasource/SourceBuffer.cpp:
  • Modules/mediasource/SourceBuffer.h:
  • Modules/mediasource/SourceBufferList.cpp:
  • Modules/mediasource/SourceBufferList.h:
  • Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
  • Modules/mediastream/CanvasCaptureMediaStreamTrack.h:
  • Modules/mediastream/MediaDeviceInfo.cpp:
  • Modules/mediastream/MediaDeviceInfo.h:

(WebCore::MediaDeviceInfo::label const): Deleted.
(WebCore::MediaDeviceInfo::deviceId const): Deleted.
(WebCore::MediaDeviceInfo::groupId const): Deleted.
(WebCore::MediaDeviceInfo::kind const): Deleted.

  • Modules/mediastream/MediaDevices.cpp:
  • Modules/mediastream/MediaDevices.h:
  • Modules/mediastream/MediaStream.cpp:
  • Modules/mediastream/MediaStream.h:
  • Modules/mediastream/MediaStreamTrack.cpp:
  • Modules/mediastream/MediaStreamTrack.h:
  • Modules/mediastream/RTCDTMFSender.cpp:
  • Modules/mediastream/RTCDTMFSender.h:
  • Modules/mediastream/RTCDataChannel.cpp:
  • Modules/mediastream/RTCDataChannel.h:
  • Modules/mediastream/RTCIceCandidate.cpp:
  • Modules/mediastream/RTCIceCandidate.h:

(WebCore::RTCIceCandidate::candidate const): Deleted.
(WebCore::RTCIceCandidate::sdpMid const): Deleted.
(WebCore::RTCIceCandidate::sdpMLineIndex const): Deleted.
(WebCore::RTCIceCandidate::setCandidate): Deleted.

  • Modules/mediastream/RTCIceTransport.cpp:
  • Modules/mediastream/RTCIceTransport.h:

(WebCore::RTCIceTransport::create): Deleted.
(WebCore::RTCIceTransport::state const): Deleted.
(WebCore::RTCIceTransport::setState): Deleted.
(WebCore::RTCIceTransport::gatheringState const): Deleted.
(WebCore::RTCIceTransport::setGatheringState): Deleted.
(WebCore::RTCIceTransport::RTCIceTransport): Deleted.

  • Modules/mediastream/RTCPeerConnection.cpp:
  • Modules/mediastream/RTCPeerConnection.h:
  • Modules/mediastream/RTCRtpReceiver.cpp:
  • Modules/mediastream/RTCRtpReceiver.h:

(WebCore::RTCRtpReceiver::create): Deleted.
(WebCore::RTCRtpReceiver::setBackend): Deleted.
(WebCore::RTCRtpReceiver::getParameters): Deleted.
(WebCore::RTCRtpReceiver::getContributingSources const): Deleted.
(WebCore::RTCRtpReceiver::getSynchronizationSources const): Deleted.
(WebCore::RTCRtpReceiver::track): Deleted.
(WebCore::RTCRtpReceiver::backend): Deleted.

  • Modules/mediastream/RTCRtpSender.cpp:
  • Modules/mediastream/RTCRtpSender.h:

(WebCore::RTCRtpSender::track): Deleted.
(WebCore::RTCRtpSender::trackId const): Deleted.
(WebCore::RTCRtpSender::trackKind const): Deleted.
(WebCore::RTCRtpSender::mediaStreamIds const): Deleted.
(WebCore::RTCRtpSender::setMediaStreamIds): Deleted.
(WebCore::RTCRtpSender::isStopped const): Deleted.
(WebCore::RTCRtpSender::backend): Deleted.

  • Modules/mediastream/RTCRtpTransceiver.cpp:
  • Modules/mediastream/RTCRtpTransceiver.h:

(WebCore::RTCRtpTransceiver::create): Deleted.
(WebCore::RTCRtpTransceiver::sender): Deleted.
(WebCore::RTCRtpTransceiver::receiver): Deleted.
(WebCore::RTCRtpTransceiver::iceTransport): Deleted.
(WebCore::RTCRtpTransceiver::backend): Deleted.

  • Modules/mediastream/RTCSessionDescription.cpp:
  • Modules/mediastream/RTCSessionDescription.h:

(WebCore::RTCSessionDescription::type const): Deleted.
(WebCore::RTCSessionDescription::sdp const): Deleted.
(WebCore::RTCSessionDescription::setSdp): Deleted.

  • Modules/notifications/Notification.cpp:
  • Modules/notifications/Notification.h:
  • Modules/paymentrequest/PaymentRequest.cpp:
  • Modules/paymentrequest/PaymentRequest.h:
  • Modules/paymentrequest/PaymentResponse.cpp:
  • Modules/paymentrequest/PaymentResponse.h:
  • Modules/speech/SpeechSynthesisUtterance.cpp:
  • Modules/speech/SpeechSynthesisUtterance.h:
  • Modules/webaudio/AnalyserNode.cpp:
  • Modules/webaudio/AnalyserNode.h:
  • Modules/webaudio/AudioBasicInspectorNode.cpp:
  • Modules/webaudio/AudioBasicInspectorNode.h:
  • Modules/webaudio/AudioBasicProcessorNode.cpp:
  • Modules/webaudio/AudioBasicProcessorNode.h:
  • Modules/webaudio/AudioBufferSourceNode.cpp:
  • Modules/webaudio/AudioBufferSourceNode.h:
  • Modules/webaudio/AudioContext.cpp:
  • Modules/webaudio/AudioContext.h:
  • Modules/webaudio/AudioDestinationNode.cpp:
  • Modules/webaudio/AudioDestinationNode.h:
  • Modules/webaudio/AudioNode.cpp:
  • Modules/webaudio/AudioNode.h:
  • Modules/webaudio/AudioScheduledSourceNode.cpp:
  • Modules/webaudio/AudioScheduledSourceNode.h:
  • Modules/webaudio/BiquadFilterNode.cpp:
  • Modules/webaudio/BiquadFilterNode.h:
  • Modules/webaudio/ChannelMergerNode.cpp:
  • Modules/webaudio/ChannelMergerNode.h:
  • Modules/webaudio/ChannelSplitterNode.cpp:
  • Modules/webaudio/ChannelSplitterNode.h:
  • Modules/webaudio/ConvolverNode.cpp:
  • Modules/webaudio/ConvolverNode.h:
  • Modules/webaudio/DefaultAudioDestinationNode.cpp:
  • Modules/webaudio/DefaultAudioDestinationNode.h:
  • Modules/webaudio/DelayNode.cpp:
  • Modules/webaudio/DelayNode.h:
  • Modules/webaudio/DynamicsCompressorNode.cpp:
  • Modules/webaudio/DynamicsCompressorNode.h:
  • Modules/webaudio/GainNode.cpp:
  • Modules/webaudio/GainNode.h:
  • Modules/webaudio/MediaElementAudioSourceNode.cpp:
  • Modules/webaudio/MediaElementAudioSourceNode.h:
  • Modules/webaudio/MediaStreamAudioDestinationNode.cpp:
  • Modules/webaudio/MediaStreamAudioDestinationNode.h:
  • Modules/webaudio/MediaStreamAudioSourceNode.cpp:
  • Modules/webaudio/MediaStreamAudioSourceNode.h:
  • Modules/webaudio/OfflineAudioContext.cpp:
  • Modules/webaudio/OfflineAudioContext.h:
  • Modules/webaudio/OfflineAudioDestinationNode.cpp:
  • Modules/webaudio/OfflineAudioDestinationNode.h:
  • Modules/webaudio/OscillatorNode.cpp:
  • Modules/webaudio/OscillatorNode.h:
  • Modules/webaudio/PannerNode.cpp:
  • Modules/webaudio/PannerNode.h:
  • Modules/webaudio/ScriptProcessorNode.cpp:
  • Modules/webaudio/ScriptProcessorNode.h:
  • Modules/webaudio/WaveShaperNode.cpp:
  • Modules/webaudio/WaveShaperNode.h:
  • Modules/webgpu/GPUCanvasContext.cpp:
  • Modules/webgpu/GPUCanvasContext.h:
  • Modules/websockets/WebSocket.cpp:
  • Modules/websockets/WebSocket.h:
  • Modules/webvr/VRDisplay.cpp:
  • Modules/webvr/VRDisplay.h:

(WebCore::VRDisplay::isPresenting const): Deleted.
(WebCore::VRDisplay::displayName const): Deleted.
(WebCore::VRDisplay::displayId const): Deleted.
(WebCore::VRDisplay::depthNear const): Deleted.
(WebCore::VRDisplay::setDepthNear): Deleted.
(WebCore::VRDisplay::depthFar const): Deleted.
(WebCore::VRDisplay::setDepthFar): Deleted.
(WebCore::VRDisplay::document): Deleted.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • animation/CSSAnimation.cpp:
  • animation/CSSAnimation.h:
  • animation/CSSTransition.cpp:
  • animation/CSSTransition.h:
  • animation/DeclarativeAnimation.cpp:
  • animation/DeclarativeAnimation.h:
  • animation/WebAnimation.cpp:
  • animation/WebAnimation.h:
  • bindings/js/ScriptWrappable.h:
  • css/CSSComputedStyleDeclaration.cpp:
  • css/CSSComputedStyleDeclaration.h:
  • css/CSSStyleDeclaration.cpp:

(): Deleted.

  • css/CSSStyleDeclaration.h:
  • css/DOMMatrix.h:
  • css/DOMMatrixReadOnly.cpp:
  • css/DOMMatrixReadOnly.h:
  • css/FontFaceSet.cpp:
  • css/FontFaceSet.h:
  • css/PropertySetCSSStyleDeclaration.cpp:
  • css/PropertySetCSSStyleDeclaration.h:
  • css/WebKitCSSMatrix.cpp:
  • css/WebKitCSSMatrix.h:
  • css/typedom/TypedOMCSSImageValue.cpp: Added.
  • css/typedom/TypedOMCSSImageValue.h:
  • css/typedom/TypedOMCSSNumericValue.cpp: Added.
  • css/typedom/TypedOMCSSNumericValue.h:
  • css/typedom/TypedOMCSSStyleValue.cpp: Added.
  • css/typedom/TypedOMCSSStyleValue.h:
  • css/typedom/TypedOMCSSUnitValue.cpp: Added.
  • css/typedom/TypedOMCSSUnitValue.h:
  • css/typedom/TypedOMCSSUnparsedValue.cpp: Added.
  • css/typedom/TypedOMCSSUnparsedValue.h:
  • dom/AbortController.cpp:
  • dom/AbortController.h:
  • dom/AbortSignal.cpp:
  • dom/AbortSignal.h:
  • dom/AllDescendantsCollection.cpp: Copied from Source/WebCore/xml/XMLHttpRequestEventTarget.h.
  • dom/AllDescendantsCollection.h:
  • dom/ChildNodeList.cpp:
  • dom/ChildNodeList.h:
  • dom/ClassCollection.cpp:
  • dom/ClassCollection.h:
  • dom/DOMImplementation.cpp:
  • dom/DOMImplementation.h:

(WebCore::DOMImplementation::ref): Deleted.
(WebCore::DOMImplementation::deref): Deleted.
(WebCore::DOMImplementation::document): Deleted.
(WebCore::DOMImplementation::hasFeature): Deleted.

  • dom/DOMPoint.h:
  • dom/DOMPointReadOnly.cpp:
  • dom/DOMPointReadOnly.h:
  • dom/DOMQuad.cpp:
  • dom/DOMQuad.h:
  • dom/DOMRect.h:
  • dom/DOMRectReadOnly.cpp: Copied from Source/WebCore/dom/DOMPointReadOnly.cpp.
  • dom/DOMRectReadOnly.h:
  • dom/DataTransferItemList.cpp:
  • dom/DataTransferItemList.h:

(WebCore::DataTransferItemList::ref): Deleted.
(WebCore::DataTransferItemList::deref): Deleted.
(WebCore::DataTransferItemList::dataTransfer): Deleted.
(WebCore::DataTransferItemList::hasItems const): Deleted.
(WebCore::DataTransferItemList::items const): Deleted.

  • dom/DatasetDOMStringMap.cpp:
  • dom/DatasetDOMStringMap.h:
  • dom/DocumentParser.h:
  • dom/EventTarget.cpp:
  • dom/EventTarget.h:
  • dom/LiveNodeList.cpp:
  • dom/LiveNodeList.h:
  • dom/MessageChannel.cpp:
  • dom/MessagePort.cpp:
  • dom/MessagePort.h:
  • dom/NameNodeList.cpp:
  • dom/NameNodeList.h:
  • dom/NamedNodeMap.cpp:
  • dom/NamedNodeMap.h:

(WebCore::NamedNodeMap::NamedNodeMap): Deleted.
(WebCore::NamedNodeMap::element): Deleted.

  • dom/NodeIterator.cpp:
  • dom/NodeIterator.h:

(WebCore::NodeIterator::detach): Deleted.
(WebCore::NodeIterator::referenceNode const): Deleted.
(WebCore::NodeIterator::pointerBeforeReferenceNode const): Deleted.

  • dom/NodeList.cpp: Copied from Source/WebCore/xml/XMLHttpRequestEventTarget.h.
  • dom/NodeList.h:
  • dom/NodeRareData.cpp:
  • dom/ScriptExecutionContext.cpp:
  • dom/SimulatedClick.cpp:
  • dom/StaticNodeList.cpp:
  • dom/StaticNodeList.h:
  • dom/TagCollection.cpp:
  • dom/TagCollection.h:
  • dom/TreeWalker.cpp:
  • dom/TreeWalker.h:

(WebCore::TreeWalker::create): Deleted.
(WebCore::TreeWalker::currentNode): Deleted.
(WebCore::TreeWalker::currentNode const): Deleted.

  • fileapi/Blob.cpp:
  • fileapi/Blob.h:
  • fileapi/File.cpp:
  • fileapi/File.h:
  • fileapi/FileList.cpp:
  • fileapi/FileList.h:

(WebCore::FileList::create): Deleted.
(WebCore::FileList::length const): Deleted.
(WebCore::FileList::isEmpty const): Deleted.
(WebCore::FileList::files const): Deleted.
(WebCore::FileList::file const): Deleted.
(WebCore::FileList::FileList): Deleted.
(WebCore::FileList::append): Deleted.
(WebCore::FileList::clear): Deleted.

  • fileapi/FileReader.cpp:
  • fileapi/FileReader.h:
  • html/CachedHTMLCollection.h:
  • html/GenericCachedHTMLCollection.cpp:
  • html/GenericCachedHTMLCollection.h:
  • html/HTMLAllCollection.cpp:
  • html/HTMLAllCollection.h:
  • html/HTMLCollection.cpp:
  • html/HTMLCollection.h:
  • html/HTMLFormControlsCollection.cpp:
  • html/HTMLFormControlsCollection.h:
  • html/HTMLNameCollection.cpp:
  • html/HTMLNameCollection.h:
  • html/HTMLOptionsCollection.cpp:
  • html/HTMLOptionsCollection.h:
  • html/HTMLTableRowsCollection.cpp:
  • html/HTMLTableRowsCollection.h:
  • html/ImageBitmap.cpp:
  • html/ImageBitmap.h:

(WebCore::ImageBitmap::isDetached const): Deleted.
(WebCore::ImageBitmap::buffer): Deleted.
(WebCore::ImageBitmap::originClean const): Deleted.

  • html/LabelsNodeList.cpp:
  • html/LabelsNodeList.h:
  • html/MediaController.cpp:
  • html/MediaController.h:
  • html/OffscreenCanvas.cpp:
  • html/OffscreenCanvas.h:
  • html/RadioNodeList.cpp:
  • html/RadioNodeList.h:
  • html/canvas/CanvasRenderingContext.cpp:
  • html/canvas/CanvasRenderingContext.h:
  • html/canvas/CanvasRenderingContext2D.cpp:
  • html/canvas/CanvasRenderingContext2D.h:
  • html/canvas/CanvasRenderingContext2DBase.cpp:
  • html/canvas/CanvasRenderingContext2DBase.h:
  • html/canvas/GPUBasedCanvasRenderingContext.h:
  • html/canvas/ImageBitmapRenderingContext.cpp:
  • html/canvas/ImageBitmapRenderingContext.h:
  • html/canvas/OffscreenCanvasRenderingContext2D.cpp:
  • html/canvas/OffscreenCanvasRenderingContext2D.h:
  • html/canvas/PaintRenderingContext2D.cpp:
  • html/canvas/PaintRenderingContext2D.h:
  • html/canvas/PlaceholderRenderingContext.cpp:
  • html/canvas/PlaceholderRenderingContext.h:
  • html/canvas/WebGL2RenderingContext.cpp:
  • html/canvas/WebGL2RenderingContext.h:
  • html/canvas/WebGLRenderingContext.cpp:
  • html/canvas/WebGLRenderingContext.h:
  • html/canvas/WebGLRenderingContextBase.cpp:
  • html/canvas/WebGLRenderingContextBase.h:
  • html/track/AudioTrackList.h:
  • html/track/DataCue.cpp:
  • html/track/DataCue.h:
  • html/track/InbandDataTextTrack.cpp:
  • html/track/InbandDataTextTrack.h:
  • html/track/InbandGenericTextTrack.cpp:
  • html/track/InbandGenericTextTrack.h:
  • html/track/InbandTextTrack.cpp:
  • html/track/InbandTextTrack.h:
  • html/track/InbandWebVTTTextTrack.cpp:
  • html/track/InbandWebVTTTextTrack.h:
  • html/track/LoadableTextTrack.cpp:
  • html/track/LoadableTextTrack.h:
  • html/track/TextTrack.cpp:
  • html/track/TextTrack.h:
  • html/track/TextTrackCue.cpp:
  • html/track/TextTrackCue.h:
  • html/track/TextTrackCueGeneric.cpp:
  • html/track/TextTrackCueGeneric.h:
  • html/track/TextTrackList.cpp:
  • html/track/TextTrackList.h:
  • html/track/TrackListBase.cpp:
  • html/track/TrackListBase.h:
  • html/track/VTTCue.cpp:
  • html/track/VTTCue.h:
  • html/track/VideoTrackList.h:
  • loader/appcache/DOMApplicationCache.cpp:
  • loader/appcache/DOMApplicationCache.h:
  • page/AbstractDOMWindow.cpp:
  • page/AbstractDOMWindow.h:
  • page/BarProp.cpp:
  • page/BarProp.h:

(WebCore::BarProp::create): Deleted.

  • page/DOMWindow.cpp:
  • page/DOMWindow.h:
  • page/EventSource.cpp:
  • page/EventSource.h:
  • page/History.cpp:
  • page/History.h:
  • page/Location.cpp:
  • page/Location.h:

(WebCore::Location::create): Deleted.
(WebCore::Location::toString const): Deleted.

  • page/Navigator.cpp:
  • page/Navigator.h:
  • page/Performance.cpp:
  • page/Performance.h:
  • page/RemoteDOMWindow.cpp:
  • page/RemoteDOMWindow.h:
  • page/Screen.cpp:
  • page/Screen.h:
  • page/VisualViewport.cpp:
  • page/VisualViewport.h:
  • plugins/DOMMimeTypeArray.cpp:
  • plugins/DOMMimeTypeArray.h:

(WebCore::DOMMimeTypeArray::create): Deleted.

  • plugins/DOMPlugin.cpp:
  • plugins/DOMPlugin.h:

(WebCore::DOMPlugin::create): Deleted.

  • plugins/DOMPluginArray.cpp:
  • plugins/DOMPluginArray.h:

(WebCore::DOMPluginArray::create): Deleted.

  • storage/Storage.cpp:
  • storage/Storage.h:

(WebCore::Storage::area const): Deleted.

  • workers/AbstractWorker.cpp:
  • workers/AbstractWorker.h:
  • workers/DedicatedWorkerGlobalScope.cpp:
  • workers/DedicatedWorkerGlobalScope.h:
  • workers/Worker.cpp:
  • workers/Worker.h:
  • workers/WorkerGlobalScope.cpp:
  • workers/WorkerGlobalScope.h:
  • workers/service/ServiceWorker.cpp:
  • workers/service/ServiceWorker.h:
  • workers/service/ServiceWorkerContainer.cpp:
  • workers/service/ServiceWorkerContainer.h:
  • workers/service/ServiceWorkerGlobalScope.cpp:
  • workers/service/ServiceWorkerGlobalScope.h:
  • workers/service/ServiceWorkerRegistration.cpp:
  • workers/service/ServiceWorkerRegistration.h:
  • worklets/PaintWorkletGlobalScope.cpp:
  • worklets/PaintWorkletGlobalScope.h:
  • worklets/Worklet.cpp:
  • worklets/Worklet.h:
  • worklets/WorkletGlobalScope.cpp:
  • worklets/WorkletGlobalScope.h:
  • xml/XMLHttpRequest.cpp:
  • xml/XMLHttpRequest.h:
  • xml/XMLHttpRequestEventTarget.h:
  • xml/XMLHttpRequestUpload.cpp:
  • xml/XMLHttpRequestUpload.h:
  • xml/XPathParser.cpp:

Source/WTF:

  • wtf/ForbidHeapAllocation.h:
  • wtf/IsoMalloc.h:
  • wtf/IsoMallocInlines.h:
11:54 AM Changeset in webkit [243886] by sbarati@apple.com
  • 32 edits
    4 copies in trunk

Teach Call ICs how to call Wasm
https://bugs.webkit.org/show_bug.cgi?id=196387

Reviewed by Filip Pizlo.

JSTests:

  • wasm/function-tests/stack-trace.js:

Source/JavaScriptCore:

This patch teaches JS to call Wasm without going through the native thunk.
Currently, we emit a JIT "JS" callee stub which marshals arguments from
JS to Wasm. Like the native version of this, this thunk is responsible
for saving and restoring the VM's current Wasm context. Instead of emitting
an exception handler, we also teach the unwinder how to read the previous
wasm context to restore it as it unwindws past this frame.

This patch is straight forward, and leaves some areas for perf improvement:

  • We can teach the DFG/FTL to directly use the Wasm calling convention when it knows it's calling a single Wasm function. This way we don't shuffle registers to the stack and then back into registers.
  • We bail out to the slow path for mismatched arity. I opened a bug to fix optimize arity check failures: https://bugs.webkit.org/show_bug.cgi?id=196564
  • We bail out to the slow path Double JSValues flowing into i32 arguments. We should teach this thunk how to do that conversion directly.

This patch also refactors the code to explicitly have a single pinned size register.
We used pretend in some places that we could have more than one pinned size register.
However, there was other code that just asserted the size was one. This patch just rips
out this code since we never moved to having more than one pinned size register. Doing
this refactoring cleans up the various places where we set up the size register.

This patch is a 50-60% progression on JetStream 2's richards-wasm.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • assembler/MacroAssemblerCodeRef.h:

(JSC::MacroAssemblerCodeRef::operator=):
(JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):

  • interpreter/Interpreter.cpp:

(JSC::UnwindFunctor::operator() const):
(JSC::UnwindFunctor::copyCalleeSavesToEntryFrameCalleeSavesBuffer const):

  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::calleeSaveRegistersForUnwinding):
(JSC::StackVisitor::Frame::calleeSaveRegisters): Deleted.

  • interpreter/StackVisitor.h:
  • jit/JITOperations.cpp:
  • jit/RegisterSet.cpp:

(JSC::RegisterSet::runtimeTagRegisters):
(JSC::RegisterSet::specialRegisters):
(JSC::RegisterSet::runtimeRegisters): Deleted.

  • jit/RegisterSet.h:
  • jit/Repatch.cpp:

(JSC::linkPolymorphicCall):

  • runtime/JSFunction.cpp:

(JSC::getCalculatedDisplayName):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::jsToWasmICCalleeStructure const):

  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:
  • wasm/WasmAirIRGenerator.cpp:

(JSC::Wasm::AirIRGenerator::AirIRGenerator):
(JSC::Wasm::AirIRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::AirIRGenerator::addCallIndirect):

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::B3IRGenerator::addCallIndirect):

  • wasm/WasmBinding.cpp:

(JSC::Wasm::wasmToWasm):

  • wasm/WasmContext.h:

(JSC::Wasm::Context::pointerToInstance):

  • wasm/WasmContextInlines.h:

(JSC::Wasm::Context::store):

  • wasm/WasmMemoryInformation.cpp:

(JSC::Wasm::getPinnedRegisters):
(JSC::Wasm::PinnedRegisterInfo::get):
(JSC::Wasm::PinnedRegisterInfo::PinnedRegisterInfo):

  • wasm/WasmMemoryInformation.h:

(JSC::Wasm::PinnedRegisterInfo::toSave const):

  • wasm/WasmOMGPlan.cpp:

(JSC::Wasm::OMGPlan::work):

  • wasm/js/JSToWasm.cpp:

(JSC::Wasm::createJSToWasmWrapper):

  • wasm/js/JSToWasmICCallee.cpp: Added.

(JSC::JSToWasmICCallee::create):
(JSC::JSToWasmICCallee::createStructure):
(JSC::JSToWasmICCallee::visitChildren):

  • wasm/js/JSToWasmICCallee.h: Added.

(JSC::JSToWasmICCallee::function):
(JSC::JSToWasmICCallee::JSToWasmICCallee):

  • wasm/js/WebAssemblyFunction.cpp:

(JSC::WebAssemblyFunction::useTagRegisters const):
(JSC::WebAssemblyFunction::calleeSaves const):
(JSC::WebAssemblyFunction::usedCalleeSaveRegisters const):
(JSC::WebAssemblyFunction::previousInstanceOffset const):
(JSC::WebAssemblyFunction::previousInstance):
(JSC::WebAssemblyFunction::jsCallEntrypointSlow):
(JSC::WebAssemblyFunction::visitChildren):
(JSC::WebAssemblyFunction::destroy):

  • wasm/js/WebAssemblyFunction.h:
  • wasm/js/WebAssemblyFunctionHeapCellType.cpp: Added.

(JSC::WebAssemblyFunctionDestroyFunc::operator() const):
(JSC::WebAssemblyFunctionHeapCellType::WebAssemblyFunctionHeapCellType):
(JSC::WebAssemblyFunctionHeapCellType::~WebAssemblyFunctionHeapCellType):
(JSC::WebAssemblyFunctionHeapCellType::finishSweep):
(JSC::WebAssemblyFunctionHeapCellType::destroy):

  • wasm/js/WebAssemblyFunctionHeapCellType.h: Added.
  • wasm/js/WebAssemblyPrototype.h:
11:53 AM Changeset in webkit [243885] by ysuzuki@apple.com
  • 6 edits in trunk/Source/JavaScriptCore

[JSC] Pass CodeOrigin to FuzzerAgent
https://bugs.webkit.org/show_bug.cgi?id=196590

Reviewed by Saam Barati.

Pass CodeOrigin instead of bytecodeIndex. CodeOrigin includes richer information (InlineCallFrame*).
We also mask prediction with SpecBytecodeTop in DFGByteCodeParser. The fuzzer can produce any SpeculatedTypes,
but DFGByteCodeParser should only see predictions that can be actually produced from the bytecode execution.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):

  • runtime/FuzzerAgent.cpp:

(JSC::FuzzerAgent::getPrediction):

  • runtime/FuzzerAgent.h:
  • runtime/RandomizingFuzzerAgent.cpp:

(JSC::RandomizingFuzzerAgent::getPrediction):

  • runtime/RandomizingFuzzerAgent.h:
11:52 AM EarlyWarningSystem edited by aakash_jain@apple.com
(diff)
11:45 AM Changeset in webkit [243884] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Unreviewed, fix iOS build with recent SDKs.

std::ptr_fun() is deprecated.

  • platform/ios/LegacyTileGrid.mm:

(WebCore::LegacyTileGrid::dropDistantTiles):

11:40 AM EarlyWarningSystem created by aakash_jain@apple.com
11:00 AM WebKitGTK/2.24.x edited by Michael Catanzaro
Reviewed safari-607-branch commits through r243778 (diff)
10:55 AM Changeset in webkit [243883] by Manuel Rego Casasnovas
  • 2 edits in trunk/LayoutTests

[css-grid] Scroll reset position when updating inner html on content
https://bugs.webkit.org/show_bug.cgi?id=191506

Unreviewed gardening.

The problem described in this bug was fixed in r243687 (webkit.org/b/191506).
This test was still marked as Failure but it has been passing since then.

as it's passing now.

10:50 AM Changeset in webkit [243882] by Kocsen Chung
  • 3 edits in branches/safari-607-branch/Tools

Cherry-pick r243842. rdar://problem/34841155

run-webkit-tests: Upload test results (new results database)
https://bugs.webkit.org/show_bug.cgi?id=196577
<rdar://problem/34841155>

Reviewed by Lucas Forschler.

  • Scripts/webkitpy/layout_tests/controllers/manager.py: (Manager.run): Upload results after each device shard, since the configuration will be different for each device. (Manager._results_to_upload_json_trie): Convert a TestRunResults object to a trie to be uploaded to a results database.
  • Scripts/webkitpy/layout_tests/run_webkit_tests.py: (parse_args): Add new 'Upload Options' and prepare 'Results JSON Options' for deprecation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243842 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:49 AM Changeset in webkit [243881] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

scrollingcoordinator/ios/ui-scroll-fixed.html is a flakky failure
https://bugs.webkit.org/show_bug.cgi?id=196612

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations: Changing expectations for flaky image failure
10:44 AM Changeset in webkit [243880] by youenn@apple.com
  • 2 edits in trunk/Source/WebKit

Service Worker Process does not have the right domain name
https://bugs.webkit.org/show_bug.cgi?id=196585

Reviewed by Chris Dumez.

  • Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.mm:

(WebKit::XPCServiceInitializerDelegate::getExtraInitializationData):
Updated extraInitializationData to go from "security-origin" to "registrable-domain".

10:39 AM Changeset in webkit [243879] by pvollan@apple.com
  • 1 edit
    1 add in trunk/Tools

[Win] DumpRenderTreeWatchDog.py is not checked into source
https://bugs.webkit.org/show_bug.cgi?id=196567
<rdar://problem/49525901>

Reviewed by Lucas Forschler.

This script is used on Win EWS bots to terminate hanging DRT processes.

  • EWSTools/dumprendertreewatchdog.py: Added.
10:39 AM Changeset in webkit [243878] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

[macOS WK1] Layout Test webanimations/accelerated-transition-interrupted-on-composited-element.html is a flaky image failure
https://bugs.webkit.org/show_bug.cgi?id=189678
<rdar://problem/44621674>

Patch by Antoine Quint <Antoine Quint> on 2019-04-04
Reviewed by Dean Jackson.

We make the test sturdier by waiting for two rAFs instead of just one to wait until animations have been updated (one rAF)
and accelerated animations have been committed (two rAFs).

We also use the "transitioncancel" event to determine the transition has been interrupted rather than using a rAF callback.

  • webanimations/accelerated-transition-interrupted-on-composited-element.html:
10:36 AM Changeset in webkit [243877] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Temporarily disable delayed WebProcess launch on iOS to address PLT regression
https://bugs.webkit.org/show_bug.cgi?id=196604
<rdar://problem/49074131>

Reviewed by Geoffrey Garen.

Temporarily disable delayed WebProcess launch on iOS to address PLT regression. This
is while I figure out how to enable this on iOS without regressed PLT.

  • UIProcess/WebProcessPool.h:
10:36 AM Changeset in webkit [243876] by Ryan Haddad
  • 2 edits in branches/safari-607-branch/LayoutTests

Cherry-pick r243768. rdar://problem/49539493

[Mojave] Layout test fast/text/complex-initial-advance.html is failing
https://bugs.webkit.org/show_bug.cgi?id=196512

Unreviewed test gardening.

  • platform/mac/TestExpectations: Mark test as failing.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@243768 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:21 AM Changeset in webkit [243875] by Caio Lima
  • 10 edits
    1 add in trunk

[JSC] We should consider moving UnlinkedFunctionExecutable::m_parentScopeTDZVariables to RareData
https://bugs.webkit.org/show_bug.cgi?id=194944

Reviewed by Keith Miller.

JSTests:

  • stress/verify-bytecode-generator-cached-variables-under-tdz.js: Added.

Source/JavaScriptCore:

Based on profile data collected on JetStream2, Speedometer 2 and
other benchmarks, it is very rare having non-empty
UnlinkedFunctionExecutable::m_parentScopeTDZVariables.

  • Data collected from Speedometer2

Total number of UnlinkedFunctionExecutable: 39463
Total number of non-empty parentScopeTDZVars: 428 (~1%)

  • Data collected from JetStream2

Total number of UnlinkedFunctionExecutable: 83715
Total number of non-empty parentScopeTDZVars: 5285 (~6%)

We also collected numbers on 6 of top 10 Alexia sites.

  • Data collected from youtube.com

Total number of UnlinkedFunctionExecutable: 29599
Total number of non-empty parentScopeTDZVars: 97 (~0.3%)

  • Data collected from twitter.com

Total number of UnlinkedFunctionExecutable: 23774
Total number of non-empty parentScopeTDZVars: 172 (~0.7%)

  • Data collected from google.com

Total number of UnlinkedFunctionExecutable: 33209
Total number of non-empty parentScopeTDZVars: 174 (~0.5%)

  • Data collected from amazon.com:

Total number of UnlinkedFunctionExecutable: 15182
Total number of non-empty parentScopeTDZVars: 166 (~1%)

  • Data collected from facebook.com:

Total number of UnlinkedFunctionExecutable: 54443
Total number of non-empty parentScopeTDZVars: 269 (~0.4%)

  • Data collected from netflix.com:

Total number of UnlinkedFunctionExecutable: 39266
Total number of non-empty parentScopeTDZVars: 97 (~0.2%)

Considering such numbers, this patch is moving m_parentScopeTDZVariables
to RareData. This decreases sizeof(UnlinkedFunctionExecutable) by
16 bytes. With this change, now UnlinkedFunctionExecutable constructors
receives an Optional<VariableEnvironmentMap::Handle> and only stores
it when value != WTF::nullopt. We also changed
UnlinkedFunctionExecutable::parentScopeTDZVariables() and it returns
VariableEnvironment() whenever the Executable doesn't have RareData,
or VariableEnvironmentMap::Handle is unitialized. This is required
because RareData is instantiated when any of its field is stored and
we can have an unitialized Handle even on cases when parentScopeTDZVariables
is WTF::nullopt.

Results on memory usage on JetStrem2 is neutral.

Mean of memory peak on ToT: 4258633728 bytes (confidence interval: 249720072.95)
Mean of memory peak on Changes: 4367325184 bytes (confidence interval: 321285583.61)

  • builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::createExecutable):

  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

  • bytecode/UnlinkedFunctionExecutable.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::getVariablesUnderTDZ):

BytecodeGenerator::getVariablesUnderTDZ now also caches if m_cachedVariablesUnderTDZ
is empty, so we can properly return WTF::nullopt without the
reconstruction of a VariableEnvironment to check if it is empty.

  • bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::makeFunction):

  • parser/VariableEnvironment.h:

(JSC::VariableEnvironment::isEmpty const):

  • runtime/CachedTypes.cpp:

(JSC::CachedCompactVariableMapHandle::decode const):

It returns an unitialized Handle when there is no
CompactVariableEnvironment. This can happen when RareData is ensured
because of another field.

(JSC::CachedFunctionExecutableRareData::encode):
(JSC::CachedFunctionExecutableRareData::decode const):
(JSC::CachedFunctionExecutable::encode):
(JSC::CachedFunctionExecutable::decode const):
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

  • runtime/CodeCache.cpp:

Instead of creating a dummyVariablesUnderTDZ, we simply pass
WTF::nullopt.

(JSC::CodeCache::getUnlinkedGlobalFunctionExecutable):

10:16 AM Changeset in webkit [243874] by Ryan Haddad
  • 3 edits in branches/safari-607-branch/LayoutTests

Cherry-pick r241307. rdar://problem/49610758

AX: Fix flaky accessibility/loading-iframe-sends-notification.html
https://bugs.webkit.org/show_bug.cgi?id=194546

Reviewed by Zalan Bujtas.

This test was relying on timing between load events being sent and accessibility events being sent.
We don't need to do that, we can more directly test this interplay.

  • accessibility/loading-iframe-sends-notification-expected.txt:
  • accessibility/loading-iframe-sends-notification.html:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@241307 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:08 AM WebKitGTK/2.24.x edited by Michael Catanzaro
Propose merges (diff)
9:52 AM Changeset in webkit [243873] by youenn@apple.com
  • 2 edits in trunk/Source/ThirdParty/libwebrtc

Log the error if VideoProcessing library cannot be dlopen
https://bugs.webkit.org/show_bug.cgi?id=196609

Reviewed by Eric Carlson.

  • Source/webrtc/sdk/WebKit/VideoProcessingSoftLink.cpp:

(webrtc::initVideoProcessingVPModuleInitialize):

9:51 AM Changeset in webkit [243872] by Diego Pino Garcia
  • 2 edits in trunk/LayoutTests

[WPE] Unreviewed gardening

Remove tests that are expected to fail but pass.

  • platform/wpe/TestExpectations:
9:38 AM Changeset in webkit [243871] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

REGRESSION (r236501?): Layout Test compositing/geometry/limit-layer-bounds-opacity-transition.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=190210
<rdar://problem/45045989>

Unreviewed.

The flakiness dashboard shows that this test hasn't been flaky for a few weeks, reverting the flaky expectation.

Patch by Antoine Quint <Antoine Quint> on 2019-04-04

  • platform/mac/TestExpectations:
8:44 AM Changeset in webkit [243870] by Chris Dumez
  • 2 edits in trunk/Tools

Unreviewed, roll out r243858 which made tests time out.

Disable new API tests on Windows instead.

  • TestWebKitAPI/Tests/WebKit/ReloadPageAfterCrash.cpp:

(TestWebKitAPI::TEST):

8:41 AM Changeset in webkit [243869] by Tadeu Zagallo
  • 4 edits
    2 adds in trunk

Cache bytecode for jsc.cpp helpers and fix CachedStringImpl
https://bugs.webkit.org/show_bug.cgi?id=196409

Reviewed by Saam Barati.

JSTests:

  • stress/bytecode-cache-cached-string-impl.js: Added.

(f):
(g):

  • stress/bytecode-cache-run-string.js: Added.

Source/JavaScriptCore:

Some of the helpers in jsc.cpp, such as functionRunString, were stll using
using makeSource instead of jscSource, which does not use the ShellSourceProvider
and therefore does not write the bytecode cache to disk.

Changing that revealed a bug in bytecode cache. The Encoder keeps a mapping
of pointers to offsets of already cached objects, in order to avoid caching
the same object twice. Similarly, the Decoder keeps a mapping from offsets
to pointers, in order to avoid creating multiple objects in memory for the
same cached object. The following was happening:
1) A StringImpl* S was cached as CachedPtr<CachedStringImpl> at offset O. We add
an entry in the Encoder mapping that S has already been encoded at O.
2) We cache StringImpl* S again, but now as CachedPtr<CachedUniquedStringImpl>.
We find an entry in the Encoder mapping for S, and return the offset O. However,
the object cached at O is a CachedPtr<CachedStringImpl> (i.e. not Uniqued).

3) When decoding, there are 2 possibilities:
3.1) We find S for the first time through a CachedPtr<CachedStringImpl>. In
this case, everything works as expected since we add an entry in the decoder
mapping from the offset O to the decoded StringImpl* S. The next time we find
S through the uniqued version, we'll return the already decoded S.
3.2) We find S through a CachedPtr<CachedUniquedStringImpl>. Now we have a
problem, since the CachedPtr has the offset of a CachedStringImpl (not uniqued),
which has a different shape and we crash.

We fix this by making CachedStringImpl and CachedUniquedStringImpl share the
same implementation. Since it doesn't matter whether a string is uniqued for
encoding, and we always decode strings as uniqued either way, they can be used
interchangeably.

  • jsc.cpp:

(functionRunString):
(functionLoadString):
(functionDollarAgentStart):
(functionCheckModuleSyntax):
(runInteractive):

  • runtime/CachedTypes.cpp:

(JSC::CachedUniquedStringImplBase::decode const):
(JSC::CachedFunctionExecutable::rareData const):
(JSC::CachedCodeBlock::rareData const):
(JSC::CachedFunctionExecutable::encode):
(JSC::CachedCodeBlock<CodeBlockType>::encode):
(JSC::CachedUniquedStringImpl::encode): Deleted.
(JSC::CachedUniquedStringImpl::decode const): Deleted.
(JSC::CachedStringImpl::encode): Deleted.
(JSC::CachedStringImpl::decode const): Deleted.

7:16 AM Changeset in webkit [243868] by commit-queue@webkit.org
  • 5 edits
    2 adds in trunk

[Web Animations] JS wrapper may be deleted while animation is yet to dispatch its finish event
https://bugs.webkit.org/show_bug.cgi?id=196118
<rdar://problem/46614137>

Patch by Antoine Quint <Antoine Quint> on 2019-04-04
Reviewed by Ryosuke Niwa.

Source/WebCore:

Test: webanimations/js-wrapper-kept-alive.html

We need to teach WebAnimation to keep its JS wrapper alive if it's relevant or could become relevant again by virtue of having a timeline.

  • animation/WebAnimation.cpp:

(WebCore::WebAnimation::stop): Drive-by fix for the missing superclass method call.
(WebCore::WebAnimation::hasPendingActivity const):

  • animation/WebAnimation.h:

LayoutTests:

Add a test that starts a short animation, sets a custom property on it, registers a "finish" event listener on it and deletes
the sole reference to it in the JS world before triggering garbage collection. Prior to this fix, this test would time out
because the JS wrapper would be garbage-collected prior to the animation completing and thus the event listener would not
be called. To complete successfully, this test checks that it receives the event and its target is the same animation object
that was originally created by checking the custom property is still set.

  • legacy-animation-engine/animations/resume-after-page-cache.html:
  • webanimations/js-wrapper-kept-alive-expected.txt: Added.
  • webanimations/js-wrapper-kept-alive.html: Added.
7:15 AM Changeset in webkit [243867] by Tadeu Zagallo
  • 2 edits in trunk/Source/JavaScriptCore

UnlinkedCodeBlock constructor from cache should initialize m_didOptimize
https://bugs.webkit.org/show_bug.cgi?id=196396

Reviewed by Saam Barati.

The UnlinkedCodeBlock constructor in CachedTypes was missing the initialization
for m_didOptimize, which leads to crashes in CodeBlock::thresholdForJIT.

  • runtime/CachedTypes.cpp:

(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):

5:51 AM Changeset in webkit [243866] by magomez@igalia.com
  • 3 edits in trunk/Source/WebCore

[GTK][WPE] Use a timer to request the creation of pending tiles
https://bugs.webkit.org/show_bug.cgi?id=196594

Reviewed by Žan Doberšek.

Use a timer to request pending tile creation, as calls to notifyFlushRequired() are discarded
while inside a layer flush.

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::CoordinatedGraphicsLayer):
(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):
(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
(WebCore::CoordinatedGraphicsLayer::requestPendingTileCreationTimerFired):

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
1:53 AM Changeset in webkit [243865] by magomez@igalia.com
  • 6 edits in trunk/Source/WebKit

[CoordGraphics] Revalidate need for 'coordinated update completion' in ThreadedCompositor
https://bugs.webkit.org/show_bug.cgi?id=188839

Reviewed by Žan Doberšek.

Even if a platform layer has changed, don't wait for a main thread callback to finish the
CompositingRunLoop update. It can be finished as soon as we receive the frameComplete signal.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:

(WebKit::CompositingRunLoop::scheduleUpdate):
(WebKit::CompositingRunLoop::stopUpdates):
(WebKit::CompositingRunLoop::updateCompleted):
(WebKit::CompositingRunLoop::updateTimerFired):
(WebKit::CompositingRunLoop::compositionCompleted): Deleted.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::renderLayerTree):
(WebKit::ThreadedCompositor::sceneUpdateFinished):
(WebKit::ThreadedCompositor::displayRefreshMonitor):
(WebKit::ThreadedCompositor::handleDisplayRefreshMonitorUpdate): Deleted.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:

(WebKit::LayerTreeHost::handleDisplayRefreshMonitorUpdate):

Note: See TracTimeline for information about the timeline view.